2 // This file is part of Moodle - http://moodle.org/
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
21 * @copyright 2013 Rajesh Taneja <rajesh@moodle.com>
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
25 defined('MOODLE_INTERNAL') ||
die();
28 * User class to access user details.
30 * @todo move api's from user/lib.php and deprecate old ones.
32 * @copyright 2013 Rajesh Taneja <rajesh@moodle.com>
33 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
39 const NOREPLY_USER
= -10;
44 const SUPPORT_USER
= -20;
47 * Hide email address from everyone.
49 const MAILDISPLAY_HIDE
= 0;
52 * Display email address to everyone.
54 const MAILDISPLAY_EVERYONE
= 1;
57 * Display email address to course members only.
59 const MAILDISPLAY_COURSE_MEMBERS_ONLY
= 2;
62 * List of fields that can be synched/locked during authentication.
64 const AUTHSYNCFIELDS
= [
84 /** @var int Indicates that user profile view should be prevented */
85 const VIEWPROFILE_PREVENT
= -1;
86 /** @var int Indicates that user profile view should not be prevented */
87 const VIEWPROFILE_DO_NOT_PREVENT
= 0;
88 /** @var int Indicates that user profile view should be allowed even if Moodle would prevent it */
89 const VIEWPROFILE_FORCE_ALLOW
= 1;
91 /** @var stdClass keep record of noreply user */
92 public static $noreplyuser = false;
94 /** @var stdClass keep record of support user */
95 public static $supportuser = false;
97 /** @var array store user fields properties cache. */
98 protected static $propertiescache = null;
100 /** @var array store user preferences cache. */
101 protected static $preferencescache = null;
104 * Return user object from db or create noreply or support user,
105 * if userid matches corse_user::NOREPLY_USER or corse_user::SUPPORT_USER
106 * respectively. If userid is not found, then return false.
108 * @param int $userid user id
109 * @param string $fields A comma separated list of user fields to be returned, support and noreply user
110 * will not be filtered by this.
111 * @param int $strictness IGNORE_MISSING means compatible mode, false returned if user not found, debug message if more found;
112 * IGNORE_MULTIPLE means return first user, ignore multiple user records found(not recommended);
113 * MUST_EXIST means throw an exception if no user record or multiple records found.
114 * @return stdClass|bool user record if found, else false.
115 * @throws dml_exception if user record not found and respective $strictness is set.
117 public static function get_user($userid, $fields = '*', $strictness = IGNORE_MISSING
) {
120 // If noreply user then create fake record and return.
122 case self
::NOREPLY_USER
:
123 return self
::get_noreply_user();
125 case self
::SUPPORT_USER
:
126 return self
::get_support_user();
129 return $DB->get_record('user', array('id' => $userid), $fields, $strictness);
134 * Return user object from db based on their email.
136 * @param string $email The email of the user searched.
137 * @param string $fields A comma separated list of user fields to be returned, support and noreply user.
138 * @param int $mnethostid The id of the remote host.
139 * @param int $strictness IGNORE_MISSING means compatible mode, false returned if user not found, debug message if more found;
140 * IGNORE_MULTIPLE means return first user, ignore multiple user records found(not recommended);
141 * MUST_EXIST means throw an exception if no user record or multiple records found.
142 * @return stdClass|bool user record if found, else false.
143 * @throws dml_exception if user record not found and respective $strictness is set.
145 public static function get_user_by_email($email, $fields = '*', $mnethostid = null, $strictness = IGNORE_MISSING
) {
148 // Because we use the username as the search criteria, we must also restrict our search based on mnet host.
149 if (empty($mnethostid)) {
150 // If empty, we restrict to local users.
151 $mnethostid = $CFG->mnet_localhost_id
;
154 return $DB->get_record('user', array('email' => $email, 'mnethostid' => $mnethostid), $fields, $strictness);
158 * Return user object from db based on their username.
160 * @param string $username The username of the user searched.
161 * @param string $fields A comma separated list of user fields to be returned, support and noreply user.
162 * @param int $mnethostid The id of the remote host.
163 * @param int $strictness IGNORE_MISSING means compatible mode, false returned if user not found, debug message if more found;
164 * IGNORE_MULTIPLE means return first user, ignore multiple user records found(not recommended);
165 * MUST_EXIST means throw an exception if no user record or multiple records found.
166 * @return stdClass|bool user record if found, else false.
167 * @throws dml_exception if user record not found and respective $strictness is set.
169 public static function get_user_by_username($username, $fields = '*', $mnethostid = null, $strictness = IGNORE_MISSING
) {
172 // Because we use the username as the search criteria, we must also restrict our search based on mnet host.
173 if (empty($mnethostid)) {
174 // If empty, we restrict to local users.
175 $mnethostid = $CFG->mnet_localhost_id
;
178 return $DB->get_record('user', array('username' => $username, 'mnethostid' => $mnethostid), $fields, $strictness);
182 * Searches for users by name, possibly within a specified context, with current user's access.
184 * Deciding which users to search is complicated because it relies on user permissions;
185 * ideally, we shouldn't show names if you aren't allowed to see their profile. The permissions
186 * for seeing profile are really complicated.
188 * Even if search is restricted to a course, it's possible that other people might have
189 * been able to contribute within the course (e.g. they were enrolled before and not now;
190 * or people with system-level roles) so if the user has permission we do want to include
191 * everyone. However, if there are multiple results then we prioritise the ones who are
192 * enrolled in the course.
194 * If you have moodle/user:viewdetails at system level, you can search everyone.
195 * Otherwise we check which courses you *do* have that permission and search everyone who is
196 * enrolled on those courses.
198 * Normally you can only search the user's name. If you have the moodle/site:viewuseridentity
199 * capability then we also let you search the fields which are listed as identity fields in
200 * the 'showuseridentity' config option. For example, this might include the user's ID number
203 * The $max parameter controls the maximum number of users returned. If users are restricted
204 * from view for some reason, multiple runs of the main query might be made; the $querylimit
205 * parameter allows this to be restricted. Both parameters can be zero to remove limits.
207 * The returned user objects include id, username, all fields required for user pictures, and
208 * user identity fields.
210 * @param string $query Search query text
211 * @param \context_course|null $coursecontext Course context or null if system-wide
212 * @param int $max Max number of users to return, default 30 (zero = no limit)
213 * @param int $querylimit Max number of database queries, default 5 (zero = no limit)
214 * @return array Array of user objects with limited fields
216 public static function search($query, \context_course
$coursecontext = null,
217 $max = 30, $querylimit = 5) {
219 require_once($CFG->dirroot
. '/user/lib.php');
221 // Allow limits to be turned off.
226 $querylimit = PHP_INT_MAX
;
229 // Check permission to view profiles at each context.
230 $systemcontext = \context_system
::instance();
231 $viewsystem = has_capability('moodle/user:viewdetails', $systemcontext);
233 $userquery = 'SELECT id FROM {user}';
237 list($userquery, $userparams) = self
::get_enrolled_sql_on_courses_with_capability(
238 'moodle/user:viewdetails');
240 // No permissions anywhere, return nothing.
245 // Start building the WHERE clause based on name.
246 list ($where, $whereparams) = users_search_sql($query, 'u');
248 // We allow users to search with extra identity fields (as well as name) but only if they
249 // have the permission to display those identity fields.
253 // TODO Does not support custom user profile fields (MDL-70456).
254 $userfieldsapi = \core_user\fields
::for_identity(null, false)->with_userpic()->with_name()
255 ->including('username', 'deleted');
256 $selectfields = $userfieldsapi->get_sql('u', false, '', '', false)->selects
;
257 $extra = $userfieldsapi->get_required_fields([\core_user\fields
::PURPOSE_IDENTITY
]);
260 foreach ($extra as $fieldname) {
264 $extrasql .= $DB->sql_like('u.' . $fieldname, ':extra' . $index, false);
265 $extraparams['extra' . $index] = $query . '%';
269 $usingshowidentity = false;
270 // Only do this code if there actually are some identity fields being searched.
272 $identitysystem = has_capability('moodle/site:viewuseridentity', $systemcontext);
273 if ($identitysystem) {
274 // They have permission everywhere so just add the extra query to the normal query.
275 $where .= ' OR ' . $extrasql;
276 $whereparams = array_merge($whereparams, $extraparams);
278 // Get all courses where user can view full user identity.
279 list($sql, $params) = self
::get_enrolled_sql_on_courses_with_capability(
280 'moodle/site:viewuseridentity');
282 // Join that with the user query to get an extra field indicating if we can.
284 SELECT innerusers.id, COUNT(identityusers.id) AS showidentity
285 FROM ($userquery) innerusers
286 LEFT JOIN ($sql) identityusers ON identityusers.id = innerusers.id
287 GROUP BY innerusers.id";
288 $userparams = array_merge($userparams, $params);
289 $usingshowidentity = true;
291 // Query on the extra fields only in those places.
292 $where .= ' OR (users.showidentity > 0 AND (' . $extrasql . '))';
293 $whereparams = array_merge($whereparams, $extraparams);
298 // Default order is just name order. But if searching within a course then we show users
299 // within the course first.
300 list ($order, $orderparams) = users_order_by_sql('u', $query, $systemcontext);
301 if ($coursecontext) {
302 list ($sql, $params) = get_enrolled_sql($coursecontext);
303 $mainfield = 'innerusers2.id';
304 if ($usingshowidentity) {
305 $mainfield .= ', innerusers2.showidentity';
308 SELECT $mainfield, COUNT(courseusers.id) AS incourse
309 FROM ($userquery) innerusers2
310 LEFT JOIN ($sql) courseusers ON courseusers.id = innerusers2.id
311 GROUP BY $mainfield";
312 $userparams = array_merge($userparams, $params);
314 $order = 'incourse DESC, ' . $order;
317 // Get result (first 30 rows only) from database. Take a couple spare in case we have to
322 $readcount = $max +
2;
323 for ($i = 0; $i < $querylimit; $i++
) {
324 $rawresult = $DB->get_records_sql("
326 FROM ($userquery) users
327 JOIN {user} u ON u.id = users.id
329 ORDER BY $order", array_merge($userparams, $whereparams, $orderparams),
331 foreach ($rawresult as $user) {
333 if ($user->username
=== 'guest') {
336 // Check user can really view profile (there are per-user cases where this could
337 // be different for some reason, this is the same check used by the profile view pages
338 // to double-check that it is OK).
339 if (!user_can_view_profile($user)) {
350 // All necessary results obtained.
353 if (count($rawresult) < $readcount) {
354 // No more results from database.
364 * Gets an SQL query that lists all enrolled user ids on any course where the current
365 * user has the specified capability. Helper function used for searching users.
367 * @param string $capability Required capability
368 * @return array Array containing SQL and params, or two nulls if there are no courses
370 protected static function get_enrolled_sql_on_courses_with_capability($capability) {
371 // Get all courses where user have the capability.
372 $courses = get_user_capability_course($capability, null, true,
373 implode(',', array_values(context_helper
::get_preload_record_columns('ctx'))));
378 // Loop around all courses getting the SQL for enrolled users. Note: This query could
379 // probably be more efficient (without the union) if get_enrolled_sql had a way to
380 // pass an array of courseids, but it doesn't.
383 foreach ($courses as $course) {
384 // Get SQL to list user ids enrolled in this course.
385 \context_helper
::preload_from_record($course);
386 list ($sql, $params) = get_enrolled_sql(\context_course
::instance($course->id
));
388 // Combine to a big union query.
390 $unionsql .= ' UNION ';
393 $unionparams = array_merge($unionparams, $params);
396 return [$unionsql, $unionparams];
400 * Helper function to return dummy noreply user record.
404 protected static function get_dummy_user_record() {
407 $dummyuser = new stdClass();
408 $dummyuser->id
= self
::NOREPLY_USER
;
409 $dummyuser->email
= $CFG->noreplyaddress
;
410 $dummyuser->firstname
= get_string('noreplyname');
411 $dummyuser->username
= 'noreply';
412 $dummyuser->lastname
= '';
413 $dummyuser->confirmed
= 1;
414 $dummyuser->suspended
= 0;
415 $dummyuser->deleted
= 0;
416 $dummyuser->picture
= 0;
417 $dummyuser->auth
= 'manual';
418 $dummyuser->firstnamephonetic
= '';
419 $dummyuser->lastnamephonetic
= '';
420 $dummyuser->middlename
= '';
421 $dummyuser->alternatename
= '';
422 $dummyuser->imagealt
= '';
427 * Return noreply user record, this is currently used in messaging
428 * system only for sending messages from noreply email.
429 * It will return record of $CFG->noreplyuserid if set else return dummy
430 * user object with hard-coded $user->emailstop = 1 so noreply can be sent to user.
432 * @return stdClass user record.
434 public static function get_noreply_user() {
437 if (!empty(self
::$noreplyuser)) {
438 return self
::$noreplyuser;
441 // If noreply user is set then use it, else create one.
442 if (!empty($CFG->noreplyuserid
)) {
443 self
::$noreplyuser = self
::get_user($CFG->noreplyuserid
);
444 self
::$noreplyuser->emailstop
= 1; // Force msg stop for this user.
445 return self
::$noreplyuser;
447 // Do not cache the dummy user record to avoid language internationalization issues.
448 $noreplyuser = self
::get_dummy_user_record();
449 $noreplyuser->maildisplay
= '1'; // Show to all.
450 $noreplyuser->emailstop
= 1;
456 * Return support user record, this is currently used in messaging
457 * system only for sending messages to support email.
458 * $CFG->supportuserid is set then returns user record
459 * $CFG->supportemail is set then return dummy record with $CFG->supportemail
460 * else return admin user record with hard-coded $user->emailstop = 0, so user
461 * gets support message.
463 * @return stdClass user record.
465 public static function get_support_user() {
468 if (!empty(self
::$supportuser)) {
469 return self
::$supportuser;
472 // If custom support user is set then use it, else if supportemail is set then use it, else use noreply.
473 if (!empty($CFG->supportuserid
)) {
474 self
::$supportuser = self
::get_user($CFG->supportuserid
, '*', MUST_EXIST
);
475 } else if (empty(self
::$supportuser) && !empty($CFG->supportemail
)) {
476 // Try sending it to support email if support user is not set.
477 $supportuser = self
::get_dummy_user_record();
478 $supportuser->id
= self
::SUPPORT_USER
;
479 $supportuser->email
= $CFG->supportemail
;
480 if ($CFG->supportname
) {
481 $supportuser->firstname
= $CFG->supportname
;
483 $supportuser->username
= 'support';
484 $supportuser->maildisplay
= '1'; // Show to all.
485 // Unset emailstop to make sure support message is sent.
486 $supportuser->emailstop
= 0;
490 // Send support msg to admin user if nothing is set above.
491 if (empty(self
::$supportuser)) {
492 self
::$supportuser = get_admin();
495 // Unset emailstop to make sure support message is sent.
496 self
::$supportuser->emailstop
= 0;
497 return self
::$supportuser;
501 * Reset self::$noreplyuser and self::$supportuser.
502 * This is only used by phpunit, and there is no other use case for this function.
503 * Please don't use it outside phpunit.
505 public static function reset_internal_users() {
507 self
::$noreplyuser = false;
508 self
::$supportuser = false;
510 debugging('reset_internal_users() should not be used outside phpunit.', DEBUG_DEVELOPER
);
515 * Return true if user id is greater than 0 and alternatively check db.
517 * @param int $userid user id.
518 * @param bool $checkdb if true userid will be checked in db. By default it's false, and
519 * userid is compared with 0 for performance.
520 * @return bool true is real user else false.
522 public static function is_real_user($userid, $checkdb = false) {
529 return $DB->record_exists('user', array('id' => $userid));
536 * Determine whether the given user ID is that of the current user. Useful for components implementing permission callbacks
537 * for preferences consumed by {@see fill_preferences_cache}
539 * @param stdClass $user
542 public static function is_current_user(stdClass
$user): bool {
544 return $user->id
== $USER->id
;
548 * Check if the given user is an active user in the site.
550 * @param stdClass $user user object
551 * @param boolean $checksuspended whether to check if the user has the account suspended
552 * @param boolean $checknologin whether to check if the user uses the nologin auth method
553 * @throws moodle_exception
556 public static function require_active_user($user, $checksuspended = false, $checknologin = false) {
558 if (!self
::is_real_user($user->id
)) {
559 throw new moodle_exception('invaliduser', 'error');
562 if ($user->deleted
) {
563 throw new moodle_exception('userdeleted');
566 if (empty($user->confirmed
)) {
567 throw new moodle_exception('usernotconfirmed', 'moodle', '', $user->username
);
570 if (isguestuser($user)) {
571 throw new moodle_exception('guestsarenotallowed', 'error');
574 if ($checksuspended and $user->suspended
) {
575 throw new moodle_exception('suspended', 'auth');
578 if ($checknologin and $user->auth
== 'nologin') {
579 throw new moodle_exception('suspended', 'auth');
584 * Updates the provided users profile picture based upon the expected fields returned from the edit or edit_advanced forms.
586 * @param stdClass $usernew An object that contains some information about the user being updated
587 * @param array $filemanageroptions
588 * @return bool True if the user was updated, false if it stayed the same.
590 public static function update_picture(stdClass
$usernew, $filemanageroptions = array()) {
592 require_once("$CFG->libdir/gdlib.php");
594 $context = context_user
::instance($usernew->id
, MUST_EXIST
);
595 $user = core_user
::get_user($usernew->id
, 'id, picture', MUST_EXIST
);
597 $newpicture = $user->picture
;
598 // Get file_storage to process files.
599 $fs = get_file_storage();
600 if (!empty($usernew->deletepicture
)) {
601 // The user has chosen to delete the selected users picture.
602 $fs->delete_area_files($context->id
, 'user', 'icon'); // Drop all images in area.
606 // Save newly uploaded file, this will avoid context mismatch for newly created users.
607 if (!isset($usernew->imagefile
)) {
608 $usernew->imagefile
= 0;
610 file_save_draft_area_files($usernew->imagefile
, $context->id
, 'user', 'newicon', 0, $filemanageroptions);
611 if (($iconfiles = $fs->get_area_files($context->id
, 'user', 'newicon')) && count($iconfiles) == 2) {
612 // Get file which was uploaded in draft area.
613 foreach ($iconfiles as $file) {
614 if (!$file->is_directory()) {
618 // Copy file to temporary location and the send it for processing icon.
619 if ($iconfile = $file->copy_content_to_temp()) {
620 // There is a new image that has been uploaded.
621 // Process the new image and set the user to make use of it.
622 // NOTE: Uploaded images always take over Gravatar.
623 $newpicture = (int)process_new_icon($context, 'user', 'icon', 0, $iconfile);
624 // Delete temporary file.
626 // Remove uploaded file.
627 $fs->delete_area_files($context->id
, 'user', 'newicon');
629 // Something went wrong while creating temp file.
630 // Remove uploaded file.
631 $fs->delete_area_files($context->id
, 'user', 'newicon');
636 if ($newpicture != $user->picture
) {
637 $DB->set_field('user', 'picture', $newpicture, array('id' => $user->id
));
647 * Definition of user profile fields and the expected parameter type for data validation.
650 * 'property_name' => array( // The user property to be checked. Should match the field on the user table.
651 * 'null' => NULL_ALLOWED, // Defaults to NULL_NOT_ALLOWED. Takes NULL_NOT_ALLOWED or NULL_ALLOWED.
652 * 'type' => PARAM_TYPE, // Expected parameter type of the user field.
653 * 'choices' => array(1, 2..) // An array of accepted values of the user field.
654 * 'default' => $CFG->setting // An default value for the field.
658 * The fields choices and default are optional.
662 protected static function fill_properties_cache() {
663 global $CFG, $SESSION;
664 if (self
::$propertiescache !== null) {
668 // Array of user fields properties and expected parameters.
669 // Every new field on the user table should be added here otherwise it won't be validated.
671 $fields['id'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
);
672 $fields['auth'] = array('type' => PARAM_AUTH
, 'null' => NULL_NOT_ALLOWED
);
673 $fields['confirmed'] = array('type' => PARAM_BOOL
, 'null' => NULL_NOT_ALLOWED
);
674 $fields['policyagreed'] = array('type' => PARAM_BOOL
, 'null' => NULL_NOT_ALLOWED
);
675 $fields['deleted'] = array('type' => PARAM_BOOL
, 'null' => NULL_NOT_ALLOWED
);
676 $fields['suspended'] = array('type' => PARAM_BOOL
, 'null' => NULL_NOT_ALLOWED
);
677 $fields['mnethostid'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
);
678 $fields['username'] = array('type' => PARAM_USERNAME
, 'null' => NULL_NOT_ALLOWED
);
679 $fields['password'] = array('type' => PARAM_RAW
, 'null' => NULL_NOT_ALLOWED
);
680 $fields['idnumber'] = array('type' => PARAM_RAW
, 'null' => NULL_NOT_ALLOWED
);
681 $fields['firstname'] = array('type' => PARAM_NOTAGS
, 'null' => NULL_NOT_ALLOWED
);
682 $fields['lastname'] = array('type' => PARAM_NOTAGS
, 'null' => NULL_NOT_ALLOWED
);
683 $fields['surname'] = array('type' => PARAM_NOTAGS
, 'null' => NULL_NOT_ALLOWED
);
684 $fields['email'] = array('type' => PARAM_RAW_TRIMMED
, 'null' => NULL_NOT_ALLOWED
);
685 $fields['emailstop'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
, 'default' => 0);
686 $fields['phone1'] = array('type' => PARAM_NOTAGS
, 'null' => NULL_NOT_ALLOWED
);
687 $fields['phone2'] = array('type' => PARAM_NOTAGS
, 'null' => NULL_NOT_ALLOWED
);
688 $fields['institution'] = array('type' => PARAM_TEXT
, 'null' => NULL_NOT_ALLOWED
);
689 $fields['department'] = array('type' => PARAM_TEXT
, 'null' => NULL_NOT_ALLOWED
);
690 $fields['address'] = array('type' => PARAM_TEXT
, 'null' => NULL_NOT_ALLOWED
);
691 $fields['city'] = array('type' => PARAM_TEXT
, 'null' => NULL_NOT_ALLOWED
, 'default' => $CFG->defaultcity
);
692 $fields['country'] = array('type' => PARAM_ALPHA
, 'null' => NULL_NOT_ALLOWED
, 'default' => $CFG->country
,
693 'choices' => array_merge(array('' => ''), get_string_manager()->get_list_of_countries(true, true)));
694 $fields['lang'] = array('type' => PARAM_LANG
, 'null' => NULL_NOT_ALLOWED
,
695 'default' => (!empty($CFG->autolangusercreation
) && !empty($SESSION->lang
)) ?
$SESSION->lang
: $CFG->lang
,
696 'choices' => array_merge(array('' => ''), get_string_manager()->get_list_of_translations(false)));
697 $fields['calendartype'] = array('type' => PARAM_PLUGIN
, 'null' => NULL_NOT_ALLOWED
, 'default' => $CFG->calendartype
,
698 'choices' => array_merge(array('' => ''), \core_calendar\type_factory
::get_list_of_calendar_types()));
699 $fields['theme'] = array('type' => PARAM_THEME
, 'null' => NULL_NOT_ALLOWED
,
700 'default' => theme_config
::DEFAULT_THEME
, 'choices' => array_merge(array('' => ''), get_list_of_themes()));
701 $fields['timezone'] = array('type' => PARAM_TIMEZONE
, 'null' => NULL_NOT_ALLOWED
,
702 'default' => core_date
::get_server_timezone()); // Must not use choices here: timezones can come and go.
703 $fields['firstaccess'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
);
704 $fields['lastaccess'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
);
705 $fields['lastlogin'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
);
706 $fields['currentlogin'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
);
707 $fields['lastip'] = array('type' => PARAM_NOTAGS
, 'null' => NULL_NOT_ALLOWED
);
708 $fields['secret'] = array('type' => PARAM_ALPHANUM
, 'null' => NULL_NOT_ALLOWED
);
709 $fields['picture'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
);
710 $fields['description'] = array('type' => PARAM_RAW
, 'null' => NULL_ALLOWED
);
711 $fields['descriptionformat'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
);
712 $fields['mailformat'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
,
713 'default' => $CFG->defaultpreference_mailformat
);
714 $fields['maildigest'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
,
715 'default' => $CFG->defaultpreference_maildigest
);
716 $fields['maildisplay'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
,
717 'default' => $CFG->defaultpreference_maildisplay
);
718 $fields['autosubscribe'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
,
719 'default' => $CFG->defaultpreference_autosubscribe
);
720 $fields['trackforums'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
,
721 'default' => $CFG->defaultpreference_trackforums
);
722 $fields['timecreated'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
);
723 $fields['timemodified'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
);
724 $fields['trustbitmask'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
);
725 $fields['imagealt'] = array('type' => PARAM_TEXT
, 'null' => NULL_ALLOWED
);
726 $fields['lastnamephonetic'] = array('type' => PARAM_NOTAGS
, 'null' => NULL_ALLOWED
);
727 $fields['firstnamephonetic'] = array('type' => PARAM_NOTAGS
, 'null' => NULL_ALLOWED
);
728 $fields['middlename'] = array('type' => PARAM_NOTAGS
, 'null' => NULL_ALLOWED
);
729 $fields['alternatename'] = array('type' => PARAM_NOTAGS
, 'null' => NULL_ALLOWED
);
731 self
::$propertiescache = $fields;
735 * Get properties of a user field.
737 * @param string $property property name to be retrieved.
738 * @throws coding_exception if the requested property name is invalid.
739 * @return array the property definition.
741 public static function get_property_definition($property) {
743 self
::fill_properties_cache();
745 if (!array_key_exists($property, self
::$propertiescache)) {
746 throw new coding_exception('Invalid property requested.');
749 return self
::$propertiescache[$property];
753 * Validate user data.
755 * This method just validates each user field and return an array of errors. It doesn't clean the data,
756 * the methods clean() and clean_field() should be used for this purpose.
758 * @param stdClass|array $data user data object or array to be validated.
759 * @return array|true $errors array of errors found on the user object, true if the validation passed.
761 public static function validate($data) {
762 // Get all user profile fields definition.
763 self
::fill_properties_cache();
765 foreach ($data as $property => $value) {
767 if (isset(self
::$propertiescache[$property])) {
768 validate_param($value, self
::$propertiescache[$property]['type'], self
::$propertiescache[$property]['null']);
770 // Check that the value is part of a list of allowed values.
771 if (!empty(self
::$propertiescache[$property]['choices']) &&
772 !isset(self
::$propertiescache[$property]['choices'][$value])) {
773 throw new invalid_parameter_exception($value);
775 } catch (invalid_parameter_exception
$e) {
776 $errors[$property] = $e->getMessage();
780 return empty($errors) ?
true : $errors;
784 * Clean the properties cache.
786 * During unit tests we need to be able to reset all caches so that each new test starts in a known state.
787 * Intended for use only for testing, phpunit calls this before every test.
789 public static function reset_caches() {
790 self
::$propertiescache = null;
794 * Clean the user data.
796 * @param stdClass|array $user the user data to be validated against properties definition.
797 * @return stdClass $user the cleaned user data.
799 public static function clean_data($user) {
804 foreach ($user as $field => $value) {
805 // Get the property parameter type and do the cleaning.
807 $user->$field = core_user
::clean_field($value, $field);
808 } catch (coding_exception
$e) {
809 debugging("The property '$field' could not be cleaned.", DEBUG_DEVELOPER
);
817 * Clean a specific user field.
819 * @param string $data the user field data to be cleaned.
820 * @param string $field the user field name on the property definition cache.
821 * @return string the cleaned user data.
823 public static function clean_field($data, $field) {
824 if (empty($data) ||
empty($field)) {
829 $type = core_user
::get_property_type($field);
831 if (isset(self
::$propertiescache[$field]['choices'])) {
832 if (!array_key_exists($data, self
::$propertiescache[$field]['choices'])) {
833 if (isset(self
::$propertiescache[$field]['default'])) {
834 $data = self
::$propertiescache[$field]['default'];
842 $data = clean_param($data, $type);
844 } catch (coding_exception
$e) {
845 debugging("The property '$field' could not be cleaned.", DEBUG_DEVELOPER
);
852 * Get the parameter type of the property.
854 * @param string $property property name to be retrieved.
855 * @throws coding_exception if the requested property name is invalid.
856 * @return int the property parameter type.
858 public static function get_property_type($property) {
860 self
::fill_properties_cache();
862 if (!array_key_exists($property, self
::$propertiescache)) {
863 throw new coding_exception('Invalid property requested: ' . $property);
866 return self
::$propertiescache[$property]['type'];
870 * Discover if the property is NULL_ALLOWED or NULL_NOT_ALLOWED.
872 * @param string $property property name to be retrieved.
873 * @throws coding_exception if the requested property name is invalid.
874 * @return bool true if the property is NULL_ALLOWED, false otherwise.
876 public static function get_property_null($property) {
878 self
::fill_properties_cache();
880 if (!array_key_exists($property, self
::$propertiescache)) {
881 throw new coding_exception('Invalid property requested: ' . $property);
884 return self
::$propertiescache[$property]['null'];
888 * Get the choices of the property.
890 * This is a helper method to validate a value against a list of acceptable choices.
891 * For instance: country, language, themes and etc.
893 * @param string $property property name to be retrieved.
894 * @throws coding_exception if the requested property name is invalid or if it does not has a list of choices.
895 * @return array the property parameter type.
897 public static function get_property_choices($property) {
899 self
::fill_properties_cache();
901 if (!array_key_exists($property, self
::$propertiescache) && !array_key_exists('choices',
902 self
::$propertiescache[$property])) {
904 throw new coding_exception('Invalid property requested, or the property does not has a list of choices.');
907 return self
::$propertiescache[$property]['choices'];
911 * Get the property default.
913 * This method gets the default value of a field (if exists).
915 * @param string $property property name to be retrieved.
916 * @throws coding_exception if the requested property name is invalid or if it does not has a default value.
917 * @return string the property default value.
919 public static function get_property_default($property) {
921 self
::fill_properties_cache();
923 if (!array_key_exists($property, self
::$propertiescache) ||
!isset(self
::$propertiescache[$property]['default'])) {
924 throw new coding_exception('Invalid property requested, or the property does not has a default value.');
927 return self
::$propertiescache[$property]['default'];
931 * Definition of updateable user preferences and rules for data and access validation.
934 * 'preferencename' => array( // Either exact preference name or a regular expression.
935 * 'null' => NULL_ALLOWED, // Defaults to NULL_NOT_ALLOWED. Takes NULL_NOT_ALLOWED or NULL_ALLOWED.
936 * 'type' => PARAM_TYPE, // Expected parameter type of the user field - mandatory
937 * 'choices' => array(1, 2..) // An array of accepted values of the user field - optional
938 * 'default' => $CFG->setting // An default value for the field - optional
939 * 'isregex' => false/true // Whether the name of the preference is a regular expression (default false).
940 * 'permissioncallback' => callable // Function accepting arguments ($user, $preferencename) that checks if current user
941 * // is allowed to modify this preference for given user.
942 * // If not specified core_user::default_preference_permission_check() will be assumed.
943 * 'cleancallback' => callable // Custom callback for cleaning value if something more difficult than just type/choices is needed
944 * // accepts arguments ($value, $preferencename)
950 protected static function fill_preferences_cache() {
953 if (self
::$preferencescache !== null) {
957 // Array of user preferences and expected types/values.
958 // Every preference that can be updated directly by user should be added here.
959 $preferences = array();
960 $preferences['auth_forcepasswordchange'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
, 'choices' => array(0, 1),
961 'permissioncallback' => function($user, $preferencename) {
963 $systemcontext = context_system
::instance();
964 return ($USER->id
!= $user->id
&& (has_capability('moodle/user:update', $systemcontext) ||
965 ($user->timecreated
> time() - 10 && has_capability('moodle/user:create', $systemcontext))));
967 $preferences['forum_markasreadonnotification'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
, 'default' => 1,
968 'choices' => array(0, 1));
969 $preferences['htmleditor'] = array('type' => PARAM_NOTAGS
, 'null' => NULL_ALLOWED
,
970 'cleancallback' => function($value, $preferencename) {
971 if (empty($value) ||
!array_key_exists($value, core_component
::get_plugin_list('editor'))) {
976 $preferences['badgeprivacysetting'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
, 'default' => 1,
977 'choices' => array(0, 1), 'permissioncallback' => function($user, $preferencename) {
979 return !empty($CFG->enablebadges
) && self
::is_current_user($user);
981 $preferences['blogpagesize'] = array('type' => PARAM_INT
, 'null' => NULL_NOT_ALLOWED
, 'default' => 10,
982 'permissioncallback' => function($user, $preferencename) {
983 return self
::is_current_user($user) && has_capability('moodle/blog:view', context_system
::instance());
985 $preferences['filemanager_recentviewmode'] = [
987 'null' => NULL_NOT_ALLOWED
,
989 'choices' => [1, 2, 3],
990 'permissioncallback' => [static::class, 'is_current_user'],
992 $preferences['filepicker_recentrepository'] = [
994 'null' => NULL_NOT_ALLOWED
,
995 'permissioncallback' => [static::class, 'is_current_user'],
997 $preferences['filepicker_recentlicense'] = [
998 'type' => PARAM_SAFEDIR
,
999 'null' => NULL_NOT_ALLOWED
,
1000 'permissioncallback' => [static::class, 'is_current_user'],
1002 $preferences['filepicker_recentviewmode'] = [
1003 'type' => PARAM_INT
,
1004 'null' => NULL_NOT_ALLOWED
,
1006 'choices' => [1, 2, 3],
1007 'permissioncallback' => [static::class, 'is_current_user'],
1009 $preferences['userselector_optionscollapsed'] = [
1010 'type' => PARAM_BOOL
,
1011 'null' => NULL_NOT_ALLOWED
,
1013 'permissioncallback' => [static::class, 'is_current_user'],
1015 $preferences['userselector_autoselectunique'] = [
1016 'type' => PARAM_BOOL
,
1017 'null' => NULL_NOT_ALLOWED
,
1019 'permissioncallback' => [static::class, 'is_current_user'],
1021 $preferences['userselector_preserveselected'] = [
1022 'type' => PARAM_BOOL
,
1023 'null' => NULL_NOT_ALLOWED
,
1025 'permissioncallback' => [static::class, 'is_current_user'],
1027 $preferences['userselector_searchtype'] = [
1028 'type' => PARAM_INT
,
1029 'null' => NULL_NOT_ALLOWED
,
1030 'default' => USER_SEARCH_STARTS_WITH
,
1031 'permissioncallback' => [static::class, 'is_current_user'],
1033 $preferences['question_bank_advanced_search'] = [
1034 'type' => PARAM_BOOL
,
1035 'null' => NULL_NOT_ALLOWED
,
1037 'permissioncallback' => [static::class, 'is_current_user'],
1040 $choices = [HOMEPAGE_SITE
];
1041 if (!empty($CFG->enabledashboard
)) {
1042 $choices[] = HOMEPAGE_MY
;
1044 $choices[] = HOMEPAGE_MYCOURSES
;
1045 $preferences['user_home_page_preference'] = [
1046 'type' => PARAM_INT
,
1047 'null' => NULL_ALLOWED
,
1048 'default' => get_default_home_page(),
1049 'choices' => $choices,
1050 'permissioncallback' => function ($user, $preferencename) {
1052 return self
::is_current_user($user) &&
1053 (!empty($CFG->defaulthomepage
) && ($CFG->defaulthomepage
== HOMEPAGE_USER
));
1057 // Core components that may want to define their preferences.
1058 // List of core components implementing callback is hardcoded here for performance reasons.
1059 // TODO MDL-58184 cache list of core components implementing a function.
1060 $corecomponents = ['core_message', 'core_calendar', 'core_contentbank'];
1061 foreach ($corecomponents as $component) {
1062 if (($pluginpreferences = component_callback($component, 'user_preferences')) && is_array($pluginpreferences)) {
1063 $preferences +
= $pluginpreferences;
1067 // Plugins that may define their preferences.
1068 if ($pluginsfunction = get_plugins_with_function('user_preferences')) {
1069 foreach ($pluginsfunction as $plugintype => $plugins) {
1070 foreach ($plugins as $function) {
1071 if (($pluginpreferences = call_user_func($function)) && is_array($pluginpreferences)) {
1072 $preferences +
= $pluginpreferences;
1078 self
::$preferencescache = $preferences;
1082 * Retrieves the preference definition
1084 * @param string $preferencename
1087 protected static function get_preference_definition($preferencename) {
1088 self
::fill_preferences_cache();
1090 foreach (self
::$preferencescache as $key => $preference) {
1091 if (empty($preference['isregex'])) {
1092 if ($key === $preferencename) {
1096 if (preg_match($key, $preferencename)) {
1102 throw new coding_exception('Invalid preference requested.');
1106 * Default callback used for checking if current user is allowed to change permission of user $user
1108 * @param stdClass $user
1109 * @param string $preferencename
1112 protected static function default_preference_permission_check($user, $preferencename) {
1114 if (is_mnet_remote_user($user)) {
1115 // Can't edit MNET user.
1119 if (self
::is_current_user($user)) {
1120 // Editing own profile.
1121 $systemcontext = context_system
::instance();
1122 return has_capability('moodle/user:editownprofile', $systemcontext);
1124 // Teachers, parents, etc.
1125 $personalcontext = context_user
::instance($user->id
);
1126 if (!has_capability('moodle/user:editprofile', $personalcontext)) {
1129 if (is_siteadmin($user->id
) and !is_siteadmin($USER)) {
1130 // Only admins may edit other admins.
1138 * Can current user edit preference of this/another user
1140 * @param string $preferencename
1141 * @param stdClass $user
1144 public static function can_edit_preference($preferencename, $user) {
1145 if (!isloggedin() ||
isguestuser()) {
1146 // Guests can not edit anything.
1151 $definition = self
::get_preference_definition($preferencename);
1152 } catch (coding_exception
$e) {
1156 if ($user->deleted ||
!context_user
::instance($user->id
, IGNORE_MISSING
)) {
1161 if (isset($definition['permissioncallback'])) {
1162 $callback = $definition['permissioncallback'];
1163 if (is_callable($callback)) {
1164 return call_user_func_array($callback, [$user, $preferencename]);
1166 throw new coding_exception('Permission callback for preference ' . s($preferencename) . ' is not callable');
1170 return self
::default_preference_permission_check($user, $preferencename);
1175 * Clean value of a user preference
1177 * @param string $value the user preference value to be cleaned.
1178 * @param string $preferencename the user preference name
1179 * @return string the cleaned preference value
1181 public static function clean_preference($value, $preferencename) {
1183 $definition = self
::get_preference_definition($preferencename);
1185 if (isset($definition['type']) && $value !== null) {
1186 $value = clean_param($value, $definition['type']);
1189 if (isset($definition['cleancallback'])) {
1190 $callback = $definition['cleancallback'];
1191 if (is_callable($callback)) {
1192 return $callback($value, $preferencename);
1194 throw new coding_exception('Clean callback for preference ' . s($preferencename) . ' is not callable');
1196 } else if ($value === null && (!isset($definition['null']) ||
$definition['null'] == NULL_ALLOWED
)) {
1198 } else if (isset($definition['choices'])) {
1199 if (!in_array($value, $definition['choices'])) {
1200 if (isset($definition['default'])) {
1201 return $definition['default'];
1203 $first = reset($definition['choices']);
1210 if ($value === null) {
1211 return isset($definition['default']) ?
$definition['default'] : '';
1218 * Is the user expected to perform an action to start using Moodle properly?
1220 * This covers cases such as filling the profile, changing password or agreeing to the site policy.
1222 * @param stdClass $user User object, defaults to the current user.
1225 public static function awaiting_action(stdClass
$user = null): bool {
1228 if ($user === null) {
1232 if (user_not_fully_set_up($user)) {
1233 // Awaiting the user to fill all fields in the profile.
1237 if (get_user_preferences('auth_forcepasswordchange', false, $user)) {
1238 // Awaiting the user to change their password.
1242 if (empty($user->policyagreed
) && !is_siteadmin($user)) {
1243 $manager = new \core_privacy\local\sitepolicy\
manager();
1245 if ($manager->is_defined(isguestuser($user))) {
1254 * Get welcome message.
1256 * @return lang_string welcome message
1258 public static function welcome_message(): ?lang_string
{
1261 $isloggedinas = \core\session\manager
::is_loggedinas();
1262 if (!isloggedin() ||
isguestuser() ||
$isloggedinas) {
1265 if (empty($USER->core_welcome_message
)) {
1266 $USER->core_welcome_message
= true;
1267 $messagekey = 'welcomeback';
1268 if (empty(get_user_preferences('core_user_welcome', null))) {
1269 $messagekey = 'welcometosite';
1270 set_user_preference('core_user_welcome', time());
1274 'fullname' => fullname($USER),
1275 'alternativefullname' => fullname($USER, true),
1278 foreach (\core_user\fields
::get_name_fields() as $namefield) {
1279 $namefields[$namefield] = $USER->{$namefield};
1282 return new lang_string($messagekey, 'core', $namefields);
1288 * Return full name depending on context.
1289 * This function should be used for displaying purposes only as the details may not be the same as it is on database.
1291 * @param stdClass $user the person to get details of.
1292 * @param context|null $context The context will be used to determine the visibility of the user's full name.
1293 * @param array $options can include: override - if true, will not use forced firstname/lastname settings
1294 * @return string Full name of the user
1296 public static function get_fullname(stdClass
$user, context
$context = null, array $options = []): string {
1297 global $CFG, $SESSION;
1299 // Clone the user so that it does not mess up the original object.
1300 $user = clone($user);
1302 // Override options.
1303 $override = $options["override"] ??
false;
1305 if (!isset($user->firstname
) && !isset($user->lastname
)) {
1309 // Get all of the name fields.
1310 $allnames = \core_user\fields
::get_name_fields();
1311 if ($CFG->debugdeveloper
) {
1312 $missingfields = [];
1313 foreach ($allnames as $allname) {
1314 if (!property_exists($user, $allname)) {
1315 $missingfields[] = $allname;
1318 if (!empty($missingfields)) {
1319 debugging('The following name fields are missing from the user object: ' . implode(', ', $missingfields));
1324 if (!empty($CFG->forcefirstname
)) {
1325 $user->firstname
= $CFG->forcefirstname
;
1327 if (!empty($CFG->forcelastname
)) {
1328 $user->lastname
= $CFG->forcelastname
;
1332 if (!empty($SESSION->fullnamedisplay
)) {
1333 $CFG->fullnamedisplay
= $SESSION->fullnamedisplay
;
1337 // If the fullnamedisplay setting is available, set the template to that.
1338 if (isset($CFG->fullnamedisplay
)) {
1339 $template = $CFG->fullnamedisplay
;
1341 // If the template is empty, or set to language, return the language string.
1342 if ((empty($template) ||
$template == 'language') && !$override) {
1343 return get_string('fullnamedisplay', null, $user);
1346 // Check to see if we are displaying according to the alternative full name format.
1348 if (empty($CFG->alternativefullnameformat
) ||
$CFG->alternativefullnameformat
== 'language') {
1349 // Default to show just the user names according to the fullnamedisplay string.
1350 return get_string('fullnamedisplay', null, $user);
1352 // If the override is true, then change the template to use the complete name.
1353 $template = $CFG->alternativefullnameformat
;
1357 $requirednames = array();
1358 // With each name, see if it is in the display name template, and add it to the required names array if it is.
1359 foreach ($allnames as $allname) {
1360 if (strpos($template, $allname) !== false) {
1361 $requirednames[] = $allname;
1365 $displayname = $template;
1366 // Switch in the actual data into the template.
1367 foreach ($requirednames as $altname) {
1368 if (isset($user->$altname)) {
1369 // Using empty() on the below if statement causes breakages.
1370 if ((string)$user->$altname == '') {
1371 $displayname = str_replace($altname, 'EMPTY', $displayname);
1373 $displayname = str_replace($altname, $user->$altname, $displayname);
1376 $displayname = str_replace($altname, 'EMPTY', $displayname);
1379 // Tidy up any misc. characters (Not perfect, but gets most characters).
1380 // Don't remove the "u" at the end of the first expression unless you want garbled characters when combining hiragana or
1381 // katakana and parenthesis.
1382 $patterns = array();
1383 // This regular expression replacement is to fix problems such as 'James () Kirk' Where 'Tiberius' (middlename) has not been
1384 // filled in by a user.
1385 // The special characters are Japanese brackets that are common enough to make allowances for them (not covered by :punct:).
1386 $patterns[] = '/[[:punct:]「」]*EMPTY[[:punct:]「」]*/u';
1387 // This regular expression is to remove any double spaces in the display name.
1388 $patterns[] = '/\s{2,}/u';
1389 foreach ($patterns as $pattern) {
1390 $displayname = preg_replace($pattern, ' ', $displayname);
1393 // Trimming $displayname will help the next check to ensure that we don't have a display name with spaces.
1394 $displayname = trim($displayname);
1395 if (empty($displayname)) {
1396 // Going with just the first name if no alternate fields are filled out. May be changed later depending on what
1397 // people in general feel is a good setting to fall back on.
1398 $displayname = $user->firstname
;
1400 return $displayname;
1404 * Return profile url depending on context.
1406 * @param stdClass $user the person to get details of.
1407 * @param context|null $context The context will be used to determine the visibility of the user's profile url.
1408 * @return moodle_url Profile url of the user
1410 public static function get_profile_url(stdClass
$user, context
$context = null): moodle_url
{
1411 if (empty($user->id
)) {
1412 throw new coding_exception('User id is required when displaying profile url.');
1415 // Params to be passed to the user view page.
1416 $params = ['id' => $user->id
];
1418 // Get courseid from context if provided.
1419 if ($context && $coursecontext = $context->get_course_context(false)) {
1420 $params['courseid'] = $coursecontext->instanceid
;
1423 // If courseid is not set or is set to site id, then return profile page, otherwise return view page.
1424 if (!isset($params['courseid']) ||
$params['courseid'] == SITEID
) {
1425 return new moodle_url('/user/profile.php', $params);
1427 return new moodle_url('/user/view.php', $params);
1432 * Return user picture depending on context.
1433 * This function should be used for displaying purposes only as the details may not be the same as it is on database.
1435 * @param stdClass $user the person to get details of.
1436 * @param context|null $context The context will be used to determine the visibility of the user's picture.
1437 * @param array $options public properties of {@see user_picture} to be overridden
1438 * - courseid = $this->page->course->id (course id of user profile in link)
1439 * - size = 35 (size of image)
1440 * - link = true (make image clickable - the link leads to user profile)
1441 * - popup = false (open in popup)
1442 * - alttext = true (add image alt attribute)
1443 * - class = image class attribute (default 'userpicture')
1444 * - visibletoscreenreaders = true (whether to be visible to screen readers)
1445 * - includefullname = false (whether to include the user's full name together with the user picture)
1446 * - includetoken = false (whether to use a token for authentication. True for current user, int value for other user id)
1447 * @return user_picture User picture object
1449 public static function get_profile_picture(stdClass
$user, context
$context = null, array $options = []): user_picture
{
1450 // Create a new user picture object.
1451 $userpicture = new user_picture($user);
1453 // Override the user picture object with the options provided.
1454 foreach ($options as $key => $value) {
1455 if (property_exists($userpicture, $key)) {
1456 $userpicture->$key = $value;
1460 // Return the user picture.
1461 return $userpicture;
1465 * Get initials for users
1467 * @param stdClass $user
1470 public static function get_initials(stdClass
$user): string {
1471 // Get the available name fields.
1472 $namefields = \core_user\fields
::get_name_fields();
1473 // Build a dummy user to determine the name format.
1474 $dummyuser = array_combine($namefields, $namefields);
1475 // Determine the name format by using fullname() and passing the dummy user.
1476 $nameformat = fullname((object) $dummyuser);
1477 // Fetch all the available username fields.
1478 $availablefields = order_in_string($namefields, $nameformat);
1479 // We only want the first and last name fields.
1480 if (!empty($availablefields) && count($availablefields) >= 2) {
1481 $availablefields = [reset($availablefields), end($availablefields)];
1484 foreach ($availablefields as $userfieldname) {
1485 if (!empty($user->$userfieldname)) {
1486 $initials .= mb_substr($user->$userfieldname, 0, 1);