user/editlib.php

   1 <?php
   2 // This file is part of Moodle - http://moodle.org/
   3 //
   4 // Moodle is free software: you can redistribute it and/or modify
   5 // it under the terms of the GNU General Public License as published by
   6 // the Free Software Foundation, either version 3 of the License, or
   7 // (at your option) any later version.
   8 //
   9 // Moodle is distributed in the hope that it will be useful,
  10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 // GNU General Public License for more details.
  13 //
  14 // You should have received a copy of the GNU General Public License
  15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 /**
  18  * This file contains function used when editing a users profile and preferences.
  19  *
  20  * @copyright 1999 Martin Dougiamas  http://dougiamas.com
  21  * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  22  * @package core_user
  23  */
  24
  25 require_once($CFG->dirroot . '/user/lib.php');
  26
  27 /**
  28  * Cancels the requirement for a user to update their email address.
  29  *
  30  * @param int $userid
  31  */
  32 function cancel_email_update($userid) {
  33     unset_user_preference('newemail', $userid);
  34     unset_user_preference('newemailkey', $userid);
  35     unset_user_preference('newemailattemptsleft', $userid);
  36 }
  37
  38 /**
  39  * Performs the common access checks and page setup for all
  40  * user preference pages.
  41  *
  42  * @param int $userid The user id to edit taken from the page params.
  43  * @param int $courseid The optional course id if we came from a course context.
  44  * @return array containing the user and course records.
  45  */
  46 function useredit_setup_preference_page($userid, $courseid) {
  47     global $PAGE, $SESSION, $DB, $CFG, $OUTPUT, $USER;
  48
  49     // Guest can not edit.
  50     if (isguestuser()) {
  51         throw new \moodle_exception('guestnoeditprofile');
  52     }
  53
  54     if (!$course = $DB->get_record('course', array('id' => $courseid))) {
  55         throw new \moodle_exception('invalidcourseid');
  56     }
  57
  58     if ($course->id != SITEID) {
  59         require_login($course);
  60     } else if (!isloggedin()) {
  61         if (empty($SESSION->wantsurl)) {
  62             $SESSION->wantsurl = $CFG->wwwroot.'/user/preferences.php';
  63         }
  64         redirect(get_login_url());
  65     } else {
  66         $PAGE->set_context(context_system::instance());
  67     }
  68
  69     // The user profile we are editing.
  70     if (!$user = $DB->get_record('user', array('id' => $userid))) {
  71         throw new \moodle_exception('invaliduserid');
  72     }
  73
  74     // Guest can not be edited.
  75     if (isguestuser($user)) {
  76         throw new \moodle_exception('guestnoeditprofile');
  77     }
  78
  79     // Remote users cannot be edited.
  80     if (is_mnet_remote_user($user)) {
  81         if (user_not_fully_set_up($user, false)) {
  82             $hostwwwroot = $DB->get_field('mnet_host', 'wwwroot', array('id' => $user->mnethostid));
  83             throw new \moodle_exception('usernotfullysetup', 'mnet', '', $hostwwwroot);
  84         }
  85         redirect($CFG->wwwroot . "/user/view.php?course={$course->id}");
  86     }
  87
  88     $systemcontext   = context_system::instance();
  89     $personalcontext = context_user::instance($user->id);
  90
  91     // Check access control.
  92     if ($user->id == $USER->id) {
  93         // Editing own profile - require_login() MUST NOT be used here, it would result in infinite loop!
  94         if (!has_capability('moodle/user:editownprofile', $systemcontext)) {
  95             throw new \moodle_exception('cannotedityourprofile');
  96         }
  97
  98     } else {
  99         // Teachers, parents, etc.
 100         require_capability('moodle/user:editprofile', $personalcontext);
 101
 102         // No editing of primary admin!
 103         if (is_siteadmin($user) and !is_siteadmin($USER)) {  // Only admins may edit other admins.
 104             throw new \moodle_exception('useradmineditadmin');
 105         }
 106     }
 107
 108     if ($user->deleted) {
 109         echo $OUTPUT->header();
 110         echo $OUTPUT->heading(get_string('userdeleted'));
 111         echo $OUTPUT->footer();
 112         die;
 113     }
 114
 115     $PAGE->set_pagelayout('admin');
 116     $PAGE->add_body_class('limitedwidth');
 117     $PAGE->set_context($personalcontext);
 118     if ($USER->id != $user->id) {
 119         $PAGE->navigation->extend_for_user($user);
 120     } else {
 121         if ($node = $PAGE->navigation->find('myprofile', navigation_node::TYPE_ROOTNODE)) {
 122             $node->force_open();
 123         }
 124     }
 125
 126     return array($user, $course);
 127 }
 128
 129 /**
 130  * Loads the given users preferences into the given user object.
 131  *
 132  * @param stdClass $user The user object, modified by reference.
 133  * @param bool $reload
 134  */
 135 function useredit_load_preferences(&$user, $reload=true) {
 136     global $USER;
 137
 138     if (!empty($user->id)) {
 139         if ($reload and $USER->id == $user->id) {
 140             // Reload preferences in case it was changed in other session.
 141             unset($USER->preference);
 142         }
 143
 144         if ($preferences = get_user_preferences(null, null, $user->id)) {
 145             foreach ($preferences as $name => $value) {
 146                 $user->{'preference_'.$name} = $value;
 147             }
 148         }
 149     }
 150 }
 151
 152 /**
 153  * Updates the user preferences for the given user
 154  *
 155  * Only preference that can be updated directly will be updated here. This method is called from various WS
 156  * updating users and should be used when updating user details. Plugins may list preferences that can
 157  * be updated by defining 'user_preferences' callback, {@see core_user::fill_preferences_cache()}
 158  *
 159  * Some parts of code may use user preference table to store internal data, in these cases it is acceptable
 160  * to call set_user_preference()
 161  *
 162  * @param stdClass|array $usernew object or array that has user preferences as attributes with keys starting with preference_
 163  */
 164 function useredit_update_user_preference($usernew) {
 165     global $USER;
 166     $ua = (array)$usernew;
 167     if (is_object($usernew) && isset($usernew->id) && isset($usernew->deleted) && isset($usernew->confirmed)) {
 168         // This is already a full user object, maybe not completely full but these fields are enough.
 169         $user = $usernew;
 170     } else if (empty($ua['id']) || $ua['id'] == $USER->id) {
 171         // We are updating current user.
 172         $user = $USER;
 173     } else {
 174         // Retrieve user object.
 175         $user = core_user::get_user($ua['id'], '*', MUST_EXIST);
 176     }
 177
 178     foreach ($ua as $key => $value) {
 179         if (strpos($key, 'preference_') === 0) {
 180             $name = substr($key, strlen('preference_'));
 181             if (core_user::can_edit_preference($name, $user)) {
 182                 $value = core_user::clean_preference($value, $name);
 183                 set_user_preference($name, $value, $user->id);
 184             }
 185         }
 186     }
 187 }
 188
 189 /**
 190  * @deprecated since Moodle 3.2
 191  * @see core_user::update_picture()
 192  */
 193 function useredit_update_picture() {
 194     throw new coding_exception('useredit_update_picture() can not be used anymore. Please use ' .
 195         'core_user::update_picture() instead.');
 196 }
 197
 198 /**
 199  * Updates the user email bounce + send counts when the user is edited.
 200  *
 201  * @param stdClass $user The current user object.
 202  * @param stdClass $usernew The updated user object.
 203  */
 204 function useredit_update_bounces($user, $usernew) {
 205     if (!isset($usernew->email)) {
 206         // Locked field.
 207         return;
 208     }
 209     if (!isset($user->email) || $user->email !== $usernew->email) {
 210         set_bounce_count($usernew, true);
 211         set_send_count($usernew, true);
 212     }
 213 }
 214
 215 /**
 216  * Updates the forums a user is tracking when the user is edited.
 217  *
 218  * @param stdClass $user The original user object.
 219  * @param stdClass $usernew The updated user object.
 220  */
 221 function useredit_update_trackforums($user, $usernew) {
 222     global $CFG;
 223     if (!isset($usernew->trackforums)) {
 224         // Locked field.
 225         return;
 226     }
 227     if ((!isset($user->trackforums) || ($usernew->trackforums != $user->trackforums)) and !$usernew->trackforums) {
 228         require_once($CFG->dirroot.'/mod/forum/lib.php');
 229         forum_tp_delete_read_records($usernew->id);
 230     }
 231 }
 232
 233 /**
 234  * Updates a users interests.
 235  *
 236  * @param stdClass $user
 237  * @param array $interests
 238  */
 239 function useredit_update_interests($user, $interests) {
 240     core_tag_tag::set_item_tags('core', 'user', $user->id,
 241             context_user::instance($user->id), $interests);
 242 }
 243
 244 /**
 245  * Powerful function that is used by edit and editadvanced to add common form elements/rules/etc.
 246  *
 247  * @param MoodleQuickForm $mform
 248  * @param array $editoroptions
 249  * @param array $filemanageroptions
 250  * @param stdClass $user
 251  */
 252 function useredit_shared_definition(&$mform, $editoroptions, $filemanageroptions, $user) {
 253     global $CFG, $USER, $DB;
 254
 255     if ($user->id > 0) {
 256         useredit_load_preferences($user, false);
 257     }
 258
 259     $strrequired = get_string('required');
 260     $stringman = get_string_manager();
 261
 262     // Add the necessary names.
 263     foreach (useredit_get_required_name_fields() as $fullname) {
 264         $purpose = user_edit_map_field_purpose($user->id, $fullname);
 265         $mform->addElement('text', $fullname,  get_string($fullname),  'maxlength="100" size="30"' . $purpose);
 266         if ($stringman->string_exists('missing'.$fullname, 'core')) {
 267             $strmissingfield = get_string('missing'.$fullname, 'core');
 268         } else {
 269             $strmissingfield = $strrequired;
 270         }
 271         $mform->addRule($fullname, $strmissingfield, 'required', null, 'client');
 272         $mform->setType($fullname, PARAM_NOTAGS);
 273     }
 274
 275     $enabledusernamefields = useredit_get_enabled_name_fields();
 276     // Add the enabled additional name fields.
 277     foreach ($enabledusernamefields as $addname) {
 278         $purpose = user_edit_map_field_purpose($user->id, $addname);
 279         $mform->addElement('text', $addname,  get_string($addname), 'maxlength="100" size="30"' . $purpose);
 280         $mform->setType($addname, PARAM_NOTAGS);
 281     }
 282
 283     // Do not show email field if change confirmation is pending.
 284     if ($user->id > 0 and !empty($CFG->emailchangeconfirmation) and !empty($user->preference_newemail)) {
 285         $notice = get_string('emailchangepending', 'auth', $user);
 286         $notice .= '<br /><a href="edit.php?cancelemailchange=1&amp;id='.$user->id.'">'
 287                 . get_string('emailchangecancel', 'auth') . '</a>';
 288         $mform->addElement('static', 'emailpending', get_string('email'), $notice);
 289     } else {
 290         $purpose = user_edit_map_field_purpose($user->id, 'email');
 291         $mform->addElement('text', 'email', get_string('email'), 'maxlength="100" size="30"' . $purpose);
 292         $mform->addRule('email', $strrequired, 'required', null, 'client');
 293         $mform->setType('email', PARAM_RAW_TRIMMED);
 294     }
 295
 296     $choices = array();
 297     $choices['0'] = get_string('emaildisplayno');
 298     $choices['1'] = get_string('emaildisplayyes');
 299     $choices['2'] = get_string('emaildisplaycourse');
 300     $mform->addElement('select', 'maildisplay', get_string('emaildisplay'), $choices);
 301     $mform->setDefault('maildisplay', core_user::get_property_default('maildisplay'));
 302     $mform->addHelpButton('maildisplay', 'emaildisplay');
 303
 304     if (get_config('tool_moodlenet', 'enablemoodlenet')) {
 305         $mform->addElement('text', 'moodlenetprofile', get_string('moodlenetprofile', 'user'), 'maxlength="255" size="30"');
 306         $mform->setType('moodlenetprofile', PARAM_NOTAGS);
 307         $mform->addHelpButton('moodlenetprofile', 'moodlenetprofile', 'user');
 308     }
 309
 310     $mform->addElement('text', 'city', get_string('city'), 'maxlength="120" size="21"');
 311     $mform->setType('city', PARAM_TEXT);
 312     if (!empty($CFG->defaultcity)) {
 313         $mform->setDefault('city', $CFG->defaultcity);
 314     }
 315
 316     $purpose = user_edit_map_field_purpose($user->id, 'country');
 317     $choices = get_string_manager()->get_list_of_countries();
 318     $choices = array('' => get_string('selectacountry') . '...') + $choices;
 319     $mform->addElement('select', 'country', get_string('selectacountry'), $choices, $purpose);
 320     if (!empty($CFG->country)) {
 321         $mform->setDefault('country', core_user::get_property_default('country'));
 322     }
 323
 324     if (isset($CFG->forcetimezone) and $CFG->forcetimezone != 99) {
 325         $choices = core_date::get_list_of_timezones($CFG->forcetimezone);
 326         $mform->addElement('static', 'forcedtimezone', get_string('timezone'), $choices[$CFG->forcetimezone]);
 327         $mform->addElement('hidden', 'timezone');
 328         $mform->setType('timezone', core_user::get_property_type('timezone'));
 329     } else {
 330         $choices = core_date::get_list_of_timezones($user->timezone, true);
 331         $mform->addElement('select', 'timezone', get_string('timezone'), $choices);
 332     }
 333
 334     if ($user->id < 0) {
 335         $purpose = user_edit_map_field_purpose($user->id, 'lang');
 336         $translations = get_string_manager()->get_list_of_translations();
 337         $mform->addElement('select', 'lang', get_string('preferredlanguage'), $translations, $purpose);
 338         $lang = empty($user->lang) ? $CFG->lang : $user->lang;
 339         $mform->setDefault('lang', $lang);
 340     }
 341
 342     if (!empty($CFG->allowuserthemes)) {
 343         $choices = array();
 344         $choices[''] = get_string('default');
 345         $themes = get_list_of_themes();
 346         foreach ($themes as $key => $theme) {
 347             if (empty($theme->hidefromselector)) {
 348                 $choices[$key] = get_string('pluginname', 'theme_'.$theme->name);
 349             }
 350         }
 351         $mform->addElement('select', 'theme', get_string('preferredtheme'), $choices);
 352     }
 353
 354     $mform->addElement('editor', 'description_editor', get_string('userdescription'), null, $editoroptions);
 355     $mform->setType('description_editor', PARAM_RAW);
 356     $mform->addHelpButton('description_editor', 'userdescription');
 357
 358     if (empty($USER->newadminuser)) {
 359         $mform->addElement('header', 'moodle_picture', get_string('pictureofuser'));
 360         $mform->setExpanded('moodle_picture', true);
 361
 362         if (!empty($CFG->enablegravatar)) {
 363             $mform->addElement('html', html_writer::tag('p', get_string('gravatarenabled')));
 364         }
 365
 366         $mform->addElement('static', 'currentpicture', get_string('currentpicture'));
 367
 368         $mform->addElement('checkbox', 'deletepicture', get_string('deletepicture'));
 369         $mform->setDefault('deletepicture', 0);
 370
 371         $mform->addElement('filemanager', 'imagefile', get_string('newpicture'), '', $filemanageroptions);
 372         $mform->addHelpButton('imagefile', 'newpicture');
 373
 374         $mform->addElement('text', 'imagealt', get_string('imagealt'), 'maxlength="100" size="30"');
 375         $mform->setType('imagealt', PARAM_TEXT);
 376
 377     }
 378
 379     // Display user name fields that are not currenlty enabled here if there are any.
 380     $disabledusernamefields = useredit_get_disabled_name_fields($enabledusernamefields);
 381     if (count($disabledusernamefields) > 0) {
 382         $mform->addElement('header', 'moodle_additional_names', get_string('additionalnames'));
 383         foreach ($disabledusernamefields as $allname) {
 384             $purpose = user_edit_map_field_purpose($user->id, $allname);
 385             $mform->addElement('text', $allname, get_string($allname), 'maxlength="100" size="30"' . $purpose);
 386             $mform->setType($allname, PARAM_NOTAGS);
 387         }
 388     }
 389
 390     if (core_tag_tag::is_enabled('core', 'user') and empty($USER->newadminuser)) {
 391         $mform->addElement('header', 'moodle_interests', get_string('interests'));
 392         $mform->addElement('tags', 'interests', get_string('interestslist'),
 393             array('itemtype' => 'user', 'component' => 'core'));
 394         $mform->addHelpButton('interests', 'interestslist');
 395     }
 396
 397     // Moodle optional fields.
 398     $mform->addElement('header', 'moodle_optional', get_string('optional', 'form'));
 399
 400     $mform->addElement('text', 'idnumber', get_string('idnumber'), 'maxlength="255" size="25"');
 401     $mform->setType('idnumber', core_user::get_property_type('idnumber'));
 402
 403     $mform->addElement('text', 'institution', get_string('institution'), 'maxlength="255" size="25"');
 404     $mform->setType('institution', core_user::get_property_type('institution'));
 405
 406     $mform->addElement('text', 'department', get_string('department'), 'maxlength="255" size="25"');
 407     $mform->setType('department', core_user::get_property_type('department'));
 408
 409     $mform->addElement('text', 'phone1', get_string('phone1'), 'maxlength="20" size="25"');
 410     $mform->setType('phone1', core_user::get_property_type('phone1'));
 411     $mform->setForceLtr('phone1');
 412
 413     $mform->addElement('text', 'phone2', get_string('phone2'), 'maxlength="20" size="25"');
 414     $mform->setType('phone2', core_user::get_property_type('phone2'));
 415     $mform->setForceLtr('phone2');
 416
 417     $mform->addElement('text', 'address', get_string('address'), 'maxlength="255" size="25"');
 418     $mform->setType('address', core_user::get_property_type('address'));
 419 }
 420
 421 /**
 422  * Return required user name fields for forms.
 423  *
 424  * @return array required user name fields in order according to settings.
 425  */
 426 function useredit_get_required_name_fields() {
 427     global $CFG;
 428
 429     // Get the name display format.
 430     $nameformat = $CFG->fullnamedisplay;
 431
 432     // Names that are required fields on user forms.
 433     $necessarynames = array('firstname', 'lastname');
 434     $languageformat = get_string('fullnamedisplay');
 435
 436     // Check that the language string and the $nameformat contain the necessary names.
 437     foreach ($necessarynames as $necessaryname) {
 438         $pattern = "/$necessaryname\b/";
 439         if (!preg_match($pattern, $languageformat)) {
 440             // If the language string has been altered then fall back on the below order.
 441             $languageformat = 'firstname lastname';
 442         }
 443         if (!preg_match($pattern, $nameformat)) {
 444             // If the nameformat doesn't contain the necessary name fields then use the languageformat.
 445             $nameformat = $languageformat;
 446         }
 447     }
 448
 449     // Order all of the name fields in the postion they are written in the fullnamedisplay setting.
 450     $necessarynames = order_in_string($necessarynames, $nameformat);
 451     return $necessarynames;
 452 }
 453
 454 /**
 455  * Gets enabled (from fullnameformate setting) user name fields in appropriate order.
 456  *
 457  * @return array Enabled user name fields.
 458  */
 459 function useredit_get_enabled_name_fields() {
 460     global $CFG;
 461
 462     // Get all of the other name fields which are not ranked as necessary.
 463     $additionalusernamefields = array_diff(\core_user\fields::get_name_fields(), array('firstname', 'lastname'));
 464     // Find out which additional name fields are actually being used from the fullnamedisplay setting.
 465     $enabledadditionalusernames = array();
 466     foreach ($additionalusernamefields as $enabledname) {
 467         if (strpos($CFG->fullnamedisplay, $enabledname) !== false) {
 468             $enabledadditionalusernames[] = $enabledname;
 469         }
 470     }
 471
 472     // Order all of the name fields in the postion they are written in the fullnamedisplay setting.
 473     $enabledadditionalusernames = order_in_string($enabledadditionalusernames, $CFG->fullnamedisplay);
 474     return $enabledadditionalusernames;
 475 }
 476
 477 /**
 478  * Gets user name fields not enabled from the setting fullnamedisplay.
 479  *
 480  * @param array $enabledadditionalusernames Current enabled additional user name fields.
 481  * @return array Disabled user name fields.
 482  */
 483 function useredit_get_disabled_name_fields($enabledadditionalusernames = null) {
 484     // If we don't have enabled additional user name information then go and fetch it (try to avoid).
 485     if (!isset($enabledadditionalusernames)) {
 486         $enabledadditionalusernames = useredit_get_enabled_name_fields();
 487     }
 488
 489     // These are the additional fields that are not currently enabled.
 490     $nonusednamefields = array_diff(\core_user\fields::get_name_fields(),
 491             array_merge(array('firstname', 'lastname'), $enabledadditionalusernames));
 492
 493     // It may not be significant anywhere, but for compatibility, this used to return an array
 494     // with keys and values the same.
 495     $result = [];
 496     foreach ($nonusednamefields as $field) {
 497         $result[$field] = $field;
 498     }
 499     return $result;
 500 }