search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bumping version for 1.8.10 release (note new convention for numbering)
[moodle.git] / user / edit.php
blob57d8655fd33a1032d5770c3a98ac1d0f75b92dff
1 <?php // $Id$
2
3 require_once('../config.php');
4 require_once($CFG->libdir.'/gdlib.php');
5 require_once($CFG->dirroot.'/user/edit_form.php');
6 require_once($CFG->dirroot.'/user/editlib.php');
7 require_once($CFG->dirroot.'/user/profile/lib.php');
8
9 httpsrequired();
10
11 $userid = optional_param('id', $USER->id, PARAM_INT); // user id
12 $course = optional_param('course', SITEID, PARAM_INT); // course id (defaults to Site)
13 $cancelemailchange = optional_param('cancelemailchange', false, PARAM_INT); // course id (defaults to Site)
14
15 if (!$course = get_record('course', 'id', $course)) {
16 error('Course ID was incorrect');
17 }
18
19 if ($course->id != SITEID) {
20 require_login($course);
21 } else if (!isloggedin()) {
22 if (empty($SESSION->wantsurl)) {
23 $SESSION->wantsurl = $CFG->httpswwwroot.'/user/edit.php';
24 }
25 redirect($CFG->httpswwwroot.'/login/index.php');
26 }
27
28 if (isguest()) { //TODO: add proper capability to edit own profile
29 print_error('guestnoeditprofile');
30 }
31
32 if (!$user = get_record('user', 'id', $userid)) {
33 error('User ID was incorrect');
34 }
35
36 // Guest can not be edited
37 if (isguestuser($user)) {
38 print_error('guestnoeditprofile');
39 }
40
41 // User interests separated by commas
42 if (!empty($CFG->usetags)) {
43 require_once($CFG->dirroot.'/tag/lib.php');
44 $user->interests = tag_get_tags_csv('user', $user->id, TAG_RETURN_TEXT);
45 }
46
47 // remote users cannot be edited
48 if (is_mnet_remote_user($user)) {
49 redirect($CFG->wwwroot . "/user/view.php?course={$course->id}");
50 }
51
52 $systemcontext = get_context_instance(CONTEXT_SYSTEM);
53 $personalcontext = get_context_instance(CONTEXT_USER, $user->id);
54
55 // check access control
56 if ($user->id != $USER->id) {
57 // teachers, parents, etc.
58 $personalcontext = get_context_instance(CONTEXT_USER, $user->id);
59 require_capability('moodle/user:editprofile', $personalcontext);
60 // no editing of guest user account
61 if (isguestuser($user->id)) {
62 print_error('guestnoeditprofileother');
63 }
64 // no editing of primary admin!
65 $mainadmin = get_admin();
66 if ($user->id == $mainadmin->id) {
67 print_error('adminprimarynoedit');
68 }
69 }
70
71 if ($user->deleted) {
72 print_header();
73 print_heading(get_string('userdeleted'));
74 print_footer($course);
75 die;
76 }
77
78 // Process email change cancellation
79 if ($cancelemailchange) {
80 cancel_email_update($user->id);
81 }
82
83 //load user preferences
84 useredit_load_preferences($user);
85
86 //Load custom profile fields data
87 profile_load_data($user);
88
89 //create form
90 $userform = new user_edit_form();
91 $userform->set_data($user);
92
93 $email_changed = false;
94
95 if ($usernew = $userform->get_data()) {
96 add_to_log($course->id, 'user', 'update', "view.php?id=$user->id&course=$course->id", '');
97
98 $email_changed_html = '';
99
100 if ($CFG->emailchangeconfirmation) {
101 // Handle change of email carefully for non-trusted users
102 if ($user->email != $usernew->email && !has_capability('moodle/user:update', $systemcontext)) {
103 $a = new stdClass();
104 $a->newemail = $usernew->preference_newemail = $usernew->email;
105 $usernew->preference_newemailkey = random_string(20);
106 $usernew->preference_newemailattemptsleft = 3;
107 $a->oldemail = $usernew->email = $user->email;
108
109 $email_changed_html = print_box(get_string('auth_changingemailaddress', 'auth', $a), 'generalbox', 'notice', true);
110 $email_changed_html .= print_continue("$CFG->wwwroot/user/view.php?id=$user->id&amp;course=$course->id", true);
111 $email_changed = true;
112 }
113 }
114
115 $authplugin = get_auth_plugin($user->auth);
116
117 $usernew->timemodified = time();
118
119 if (!update_record('user', $usernew)) {
120 error('Error updating user record');
121 }
122
123 // pass a true $userold here
124 if (! $authplugin->user_update($user, $userform->get_data(false))) {
125 // auth update failed, rollback for moodle
126 update_record('user', addslashes_object($user));
127 error('Failed to update user data on external auth: '.$user->auth.
128 '. See the server logs for more details.');
129 }
130
131 //update preferences
132 useredit_update_user_preference($usernew);
133
134 //update user picture
135 if (!empty($CFG->gdversion) and empty($CFG->disableuserimages)) {
136 useredit_update_picture($usernew, $userform);
137 }
138
139 // update mail bounces
140 useredit_update_bounces($user, $usernew);
141
142 /// update forum track preference
143 useredit_update_trackforums($user, $usernew);
144
145 // save custom profile fields data
146 profile_save_data($usernew);
147
148 // If email was changed, send confirmation email now
149 if ($email_changed && $CFG->emailchangeconfirmation) {
150 $temp_user = fullclone($user);
151 $temp_user->email = $usernew->preference_newemail;
152 $temp_user->emailstop = NULL;
153
154 $a = new stdClass();
155 $a->url = $CFG->wwwroot . '/user/emailupdate.php?key=' . $usernew->preference_newemailkey . '&id=' . $user->id;
156 $a->site = $SITE->fullname;
157 $a->fullname = fullname($user, true);
158
159 $emailupdatemessage = get_string('auth_emailupdatemessage', 'auth', $a);
160 $emailupdatetitle = get_string('auth_emailupdatetitle', 'auth', $a);
161
162 if(!$mail_results = email_to_user($temp_user, get_admin(), $emailupdatetitle, $emailupdatemessage)) {
163 die("could not send email!");
164 }
165 }
166
167 if ($USER->id == $user->id) {
168 // Override old $USER session variable if needed
169 $usernew = (array)get_record('user', 'id', $user->id); // reload from db
170 foreach ($usernew as $variable => $value) {
171 $USER->$variable = $value;
172 }
173 }
174
175 if (!$email_changed || !$CFG->emailchangeconfirmation) {
176 redirect("$CFG->wwwroot/user/view.php?id=$user->id&course=$course->id");
177 }
178 }
179
180
181 /// Display page header
182 $streditmyprofile = get_string('editmyprofile');
183 $strparticipants = get_string('participants');
184 $userfullname = fullname($user, true);
185 if ($course->id != SITEID) {
186 print_header("$course->shortname: $streditmyprofile", "$course->fullname: $streditmyprofile",
187 "<a href=\"$CFG->wwwroot/course/view.php?id=$course->id\">$course->shortname</a>
188 -> <a href=\"index.php?id=$course->id\">$strparticipants</a>
189 -> <a href=\"view.php?id=$user->id&amp;course=$course->id\">$userfullname</a>
190 -> $streditmyprofile", "");
191 } else {
192 print_header("$course->shortname: $streditmyprofile", $course->fullname,
193 "<a href=\"view.php?id=$user->id&amp;course=$course->id\">$userfullname</a>
194 -> $streditmyprofile", "");
195 }
196 /// Print tabs at the top
197 $showroles = 1;
198 $currenttab = 'editprofile';
199 require('tabs.php');
200
201 if ($email_changed) {
202 echo $email_changed_html;
203 } else {
204 /// Finally display THE form
205 $userform->display();
206 }
207
208 /// and proper footer
209 print_footer($course);
210
211 ?>
Read-only mirror of the Moodle CVS