admin/user.php

   1 <?PHP // $Id$
   2
   3     require_once("../config.php");
   4
   5     $recordsperpage = 30;
   6
   7     optional_variable($newuser, "");
   8     optional_variable($delete, "");
   9     optional_variable($confirm, "");
  10     optional_variable($sort, "name");
  11     optional_variable($dir, "ASC");
  12     optional_variable($page, 0);
  13     optional_variable($search, "");
  14
  15     unset($user);
  16     unset($admin);
  17     unset($teacher);
  18
  19     if (! record_exists("user_admins")) {   // No admin user yet
  20
  21         $user->firstname = get_string("admin");
  22         $user->lastname  = get_string("user");
  23         $user->username  = "admin";
  24         $user->password  = md5("admin");
  25         $user->email     = "root@localhost";
  26         $user->confirmed = 1;
  27         $user->lang = $CFG->lang;
  28         $user->maildisplay = 1;
  29         $user->timemodified = time();
  30
  31         if (! $user->id = insert_record("user", $user)) {
  32             error("SERIOUS ERROR: Could not create admin user record !!!");
  33         }
  34
  35         $admin->userid = $user->id;
  36
  37         if (! insert_record("user_admins", $admin)) {
  38             error("Could not make user $user->id an admin !!!");
  39         }
  40
  41         if (! $user = get_record("user", "id", $user->id)) {     // Double check
  42             error("User ID was incorrect (can't find it)");
  43         }
  44
  45         if (! $site = get_site()) {
  46             error("Could not find site-level course");
  47         }
  48
  49         $teacher->userid = $user->id;
  50         $teacher->course = $site->id;
  51         $teacher->authority = 1;
  52         if (! insert_record("user_teachers", $teacher)) {
  53             error("Could not make user $id a teacher of site-level course !!!");
  54         }
  55
  56         $USER = $user;
  57         $USER->loggedin = true;
  58         $USER->site = $CFG->wwwroot;
  59         $USER->admin = true;
  60         $USER->teacher["$site->id"] = true;
  61         $USER->newadminuser = true;
  62
  63         redirect("$CFG->wwwroot/user/edit.php?id=$user->id&course=$site->id");
  64         exit;
  65
  66     } else {
  67         if (! $site = get_site()) {
  68             error("Could not find site-level course");
  69         }
  70     }
  71
  72     require_login();
  73
  74     if (!isadmin()) {
  75         error("You must be an administrator to edit users this way.");
  76     }
  77
  78     if ($newuser) {                 // Create a new user
  79         $user->firstname = "";
  80         $user->lastname  = "";
  81         $user->username  = "changeme";
  82         $user->password  = "";
  83         $user->email     = "";
  84         $user->lang      = $CFG->lang;
  85         $user->confirmed = 1;
  86         $user->timemodified = time();
  87
  88         if (! $user->id = insert_record("user", $user)) {
  89             if (!$user = get_record("user", "username", "changeme")) {   // half finished user from another time
  90                 error("Could not start a new user!");
  91             }
  92         }
  93
  94         redirect("$CFG->wwwroot/user/edit.php?id=$user->id&course=$site->id");
  95
  96     } else {                        // List all users for editing
  97
  98         $stredituser = get_string("edituser");
  99         $stradministration = get_string("administration");
 100         $strusers = get_string("users");
 101         $stredit   = get_string("edit");
 102         $strdelete = get_string("delete");
 103         $strdeletecheck = get_string("deletecheck");
 104         $strsearch = get_string("search");
 105         $strshowallusers = get_string("showallusers");
 106
 107         print_header("$site->shortname: $stredituser", $site->fullname,
 108                      "<a href=\"index.php\">$stradministration</a> -> <a href=\"users.php\">$strusers</a> -> $stredituser");
 109
 110         if ($delete) {              // Delete a selected user, after confirmation
 111             if (!$user = get_record("user", "id", "$delete")) {
 112                 error("No such user!");
 113             }
 114
 115             $primaryadmin = get_admin();
 116             if ($user->id == $primaryadmin->id) {
 117                 error("You are not allowed to delete the primary admin user!");
 118             }
 119
 120             if ($confirm != md5($delete)) {
 121                 $fullname = fullname($user, true);
 122                 notice_yesno(get_string("deletecheckfull", "", "'$fullname'"),
 123                      "user.php?delete=$delete&confirm=".md5($delete), "user.php");
 124
 125                 exit;
 126             } else if (!$user->deleted) {
 127                 unset($updateuser);
 128                 $updateuser->id = $user->id;
 129                 $updateuser->deleted = "1";
 130                 $updateuser->username = "$user->email.".time();  // Remember it just in case
 131                 $updateuser->email = "";               // Clear this field to free it up
 132                 $updateuser->timemodified = time();
 133                 if (update_record("user", $updateuser)) {
 134                     unenrol_student($user->id);  // From all courses
 135                     remove_teacher($user->id);   // From all courses
 136                     remove_admin($user->id);
 137                     notify(get_string("deletedactivity", "", fullname($user, true)) );
 138                 } else {
 139                     notify(get_string("deletednot", "", fullname($user, true)));
 140                 }
 141             }
 142         }
 143
 144         // Carry on with the user listing
 145
 146
 147         $columns = array("name", "email", "city", "country", "lastaccess");
 148
 149         foreach ($columns as $column) {
 150             $string[$column] = get_string("$column");
 151             $columnsort = "$column";
 152             if ($column == "lastaccess") {
 153                 $columndir = "DESC";
 154             } else {
 155                 $columndir = "ASC";
 156             }
 157             if ($columnsort == $sort) {
 158                $$column = $string[$column];
 159             } else {
 160                $$column = "<A HREF=\"user.php?sort=$columnsort&dir=$columndir&search=$search\">".$string[$column]."</A>";
 161             }
 162         }
 163
 164         if ($sort == "name") {
 165             $sort = "firstname";
 166         }
 167
 168         if (!$users = get_users_listing($sort, $dir, $page, $recordsperpage, $search)) {
 169             if (!$users = get_users_listing($sort, $dir, 0, $recordsperpage)) {
 170                 error("No users found!");
 171             } else {
 172                 notify(get_string("nousersmatching", "", $search));
 173                 $search = "";
 174             }
 175         }
 176
 177         $usercount = get_users(false);
 178
 179         if ($search) {
 180             $usersearchcount = get_users(false, $search);
 181             print_heading("$usersearchcount / $usercount ".get_string("users"));
 182             $usercount = $usersearchcount;
 183         } else {
 184             print_heading("$usercount ".get_string("users"));
 185         }
 186
 187         $a->start = $page;
 188         $a->end = $page + $recordsperpage;
 189         if ($a->end > $usercount) {
 190             $a->end = $usercount;
 191         }
 192         echo "<TABLE align=center cellpadding=10><TR>";
 193         echo "<TD>";
 194         if ($page) {
 195             $prevpage = $page - $recordsperpage;
 196             if ($prevpage < 0) {
 197                 $prevpage = 0;
 198             }
 199             $options["dir"] = $dir;
 200             $options["page"] = 0;
 201             $options["sort"] = $sort;
 202             $options["search"] = $search;
 203             print_single_button("user.php", $options, "  <<  ");
 204             echo "</TD><TD>";
 205             $options["page"] = $prevpage;
 206             print_single_button("user.php", $options, "  <  ");
 207         }
 208         echo "</TD><TD>";
 209         print_heading(get_string("displayingusers", "", $a));
 210         echo "</TD><TD>";
 211         $nextpage = $page + $recordsperpage;
 212         if ($nextpage < $usercount) {
 213             $options["dir"] = $dir;
 214             $options["page"] = $nextpage;
 215             $options["sort"] = $sort;
 216             $options["search"] = $search;
 217             print_single_button("user.php", $options, "  >  ");
 218             echo "</TD><TD>";
 219             $options["page"] = $usercount-$recordsperpage;
 220             print_single_button("user.php", $options, "  >>  ");
 221         }
 222         echo "</TD></TR></TABLE>";
 223
 224         flush();
 225
 226         $countries = get_list_of_countries();
 227
 228         foreach ($users as $key => $user) {
 229             if (!empty($user->country)) {
 230                 $users[$key]->country = $countries[$user->country];
 231             }
 232         }
 233         if ($sort == "country") {  // Need to resort by full country name, not code
 234             foreach ($users as $user) {
 235                 $susers[$user->id] = $user->country;
 236             }
 237             asort($susers);
 238             foreach ($susers as $key => $value) {
 239                 $nusers[] = $users[$key];
 240             }
 241             $users = $nusers;
 242         }
 243
 244         $table->head = array ($name, $email, $city, $country, $lastaccess, "", "");
 245         $table->align = array ("left", "left", "left", "left", "left", "center", "center");
 246         $table->width = "95%";
 247         foreach ($users as $user) {
 248             if ($user->id == $USER->id or $user->username == "changeme") {
 249                 $deletebutton = "";
 250             } else {
 251                 $deletebutton = "<a href=\"user.php?delete=$user->id\">$strdelete</a>";
 252             }
 253             if ($user->lastaccess) {
 254                 $strlastaccess = format_time(time() - $user->lastaccess);
 255             } else {
 256                 $strlastaccess = get_string("never");
 257             }
 258             $fullname = fullname($user, true);
 259             $table->data[] = array ("<a href=\"../user/view.php?id=$user->id&course=$site->id\">$fullname</a>",
 260                              "$user->email",
 261                              "$user->city",
 262                              "$user->country",
 263                              $strlastaccess,
 264                              "<a href=\"../user/edit.php?id=$user->id&course=$site->id\">$stredit</a>",
 265                              $deletebutton);
 266         }
 267
 268         echo "<table align=center cellpadding=10><tr><td>";
 269         echo "<form action=user.php method=post>";
 270         echo "<input type=text name=search value=\"$search\" size=20>";
 271         echo "<input type=submit value=\"$strsearch\">";
 272         if ($search) {
 273             echo "<input type=\"button\" onclick=\"document.location='user.php';\" value=\"$strshowallusers\">";
 274         }
 275         echo "</form>";
 276         echo "</td></tr></table>";
 277
 278         print_table($table);
 279
 280         if ($CFG->auth == "email" || $CFG->auth == "none" || $CFG->auth == "manual"){
 281             print_heading("<a href=\"user.php?newuser=true\">".get_string("addnewuser")."</a>");
 282         }
 283
 284         print_footer();
 285     }
 286
 287 ?>