search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
MDL-16553 Assignment, student view: whitespace fix
[moodle.git] / user / view.php
blob2d2e9de794f5e8e2b750cef95ee703b804b80b91
1 <?PHP // $Id$
2
3 // Display profile for a particular user
4
5 require_once("../config.php");
6 require_once($CFG->dirroot.'/user/profile/lib.php');
7 require_once($CFG->dirroot.'/tag/lib.php');
8
9 $id = optional_param('id', 0, PARAM_INT); // user id
10 $course = optional_param('course', SITEID, PARAM_INT); // course id (defaults to Site)
11 $enable = optional_param('enable', ''); // enable email
12 $disable = optional_param('disable', ''); // disable email
13
14 if (empty($id)) { // See your own profile by default
15 require_login();
16 $id = $USER->id;
17 }
18
19 if (! $user = get_record("user", "id", $id) ) {
20 error("No such user in this course");
21 }
22
23 if (! $course = get_record("course", "id", $course) ) {
24 error("No such course id");
25 }
26
27 /// Make sure the current user is allowed to see this user
28
29 if (empty($USER->id)) {
30 $currentuser = false;
31 } else {
32 $currentuser = ($user->id == $USER->id);
33 }
34
35 if ($course->id == SITEID) {
36 $coursecontext = get_context_instance(CONTEXT_SYSTEM); // SYSTEM context
37 } else {
38 $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id); // Course context
39 }
40 $usercontext = get_context_instance(CONTEXT_USER, $user->id); // User context
41 $systemcontext = get_context_instance(CONTEXT_SYSTEM); // SYSTEM context
42
43 if (!empty($CFG->forcelogin) || $course->id != SITEID) {
44 // do not force parents to enrol
45 if (!get_record('role_assignments', 'userid', $USER->id, 'contextid', $usercontext->id)) {
46 require_login($course->id);
47 }
48 }
49
50 if (!empty($CFG->forceloginforprofiles)) {
51 require_login();
52 if (isguest()) {
53 $loginurl ="$CFG->wwwroot/login/index.php";
54 if (!empty($CFG->loginhttps)) {
55 $loginurl = str_replace("http://", "https://", $loginurl);
56 }
57 redirect($loginurl);
58 }
59 }
60
61 $strpersonalprofile = get_string('personalprofile');
62 $strparticipants = get_string("participants");
63 $struser = get_string("user");
64
65 $fullname = fullname($user, has_capability('moodle/site:viewfullnames', $coursecontext));
66
67 $navlinks = array();
68 if (has_capability('moodle/course:viewparticipants', $coursecontext) || has_capability('moodle/site:viewparticipants', $systemcontext)) {
69 $navlinks[] = array('name' => $strparticipants, 'link' => "index.php?id=$course->id", 'type' => 'misc');
70 }
71
72 /// If the user being shown is not ourselves, then make sure we are allowed to see them!
73
74 if (!$currentuser) {
75 if ($course->id == SITEID) { // Reduce possibility of "browsing" userbase at site level
76 if ($CFG->forceloginforprofiles and !isteacherinanycourse()
77 and !isteacherinanycourse($user->id)
78 and !has_capability('moodle/user:viewdetails', $usercontext)) { // Teachers can browse and be browsed at site level. If not forceloginforprofiles, allow access (bug #4366)
79
80 $navlinks[] = array('name' => $struser, 'link' => null, 'type' => 'misc');
81 $navigation = build_navigation($navlinks);
82
83 print_header("$strpersonalprofile: ", "$strpersonalprofile: ", $navigation, "", "", true, "&nbsp;", navmenu($course));
84 print_heading(get_string('usernotavailable', 'error'));
85 print_footer($course);
86 exit;
87 }
88 } else { // Normal course
89 // check capabilities
90 if (!has_capability('moodle/user:viewdetails', $coursecontext) &&
91 !has_capability('moodle/user:viewdetails', $usercontext)) {
92 print_error('cannotviewprofile');
93 }
94
95 if (!has_capability('moodle/course:view', $coursecontext, $user->id, false)) {
96 if (has_capability('moodle/role:assign', $coursecontext)) {
97 $navlinks[] = array('name' => $fullname, 'link' => null, 'type' => 'misc');
98 $navigation = build_navigation($navlinks);
99 print_header("$strpersonalprofile: ", "$strpersonalprofile: ", $navigation, "", "", true, "&nbsp;", navmenu($course));
100 print_heading(get_string('notenrolled', '', $fullname));
101 } else {
102 $navlinks[] = array('name' => $struser, 'link' => null, 'type' => 'misc');
103 $navigation = build_navigation($navlinks);
104 print_header("$strpersonalprofile: ", "$strpersonalprofile: ", $navigation, "", "", true, "&nbsp;", navmenu($course));
105 print_heading(get_string('notenrolledprofile'));
106 }
107 print_continue($_SERVER['HTTP_REFERER']);
108 print_footer($course);
109 exit;
110 }
111 }
112
113
114 // If groups are in use, make sure we can see that group
115 if (groups_get_course_groupmode($course) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $coursecontext)) {
116 require_login();
117
118 ///this is changed because of mygroupid
119 $gtrue = (bool)groups_get_all_groups($course->id, $user->id);
120 if (!$gtrue) {
121 $navigation = build_navigation($navlinks);
122 print_header("$strpersonalprofile: ", "$strpersonalprofile: ", $navigation, "", "", true, "&nbsp;", navmenu($course));
123 print_error("groupnotamember", '', "../course/view.php?id=$course->id");
124 }
125 }
126 }
127
128
129 /// We've established they can see the user's name at least, so what about the rest?
130
131 $navlinks[] = array('name' => $fullname, 'link' => null, 'type' => 'misc');
132
133 $navigation = build_navigation($navlinks);
134
135 print_header("$course->fullname: $strpersonalprofile: $fullname", $course->fullname,
136 $navigation, "", "", true, "&nbsp;", navmenu($course));
137
138
139 if (($course->id != SITEID) and ! isguest() ) { // Need to have access to a course to see that info
140 if (!has_capability('moodle/course:view', $coursecontext, $user->id)) {
141 print_heading(get_string('notenrolled', '', $fullname));
142 print_footer($course);
143 die;
144 }
145 }
146
147 if ($user->deleted) {
148 print_heading(get_string('userdeleted'));
149 if (!has_capability('moodle/user:update', $coursecontext)) {
150 print_footer($course);
151 die;
152 }
153 }
154
155 /// OK, security out the way, now we are showing the user
156
157 add_to_log($course->id, "user", "view", "view.php?id=$user->id&course=$course->id", "$user->id");
158
159 if ($course->id != SITEID) {
160 $user->lastaccess = false;
161 if ($lastaccess = get_record('user_lastaccess', 'userid', $user->id, 'courseid', $course->id)) {
162 $user->lastaccess = $lastaccess->timeaccess;
163 }
164 }
165
166
167 /// Get the hidden field list
168 if (has_capability('moodle/user:viewhiddendetails', $coursecontext)) {
169 $hiddenfields = array();
170 } else {
171 $hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields));
172 }
173
174 /// Print tabs at top
175 /// This same call is made in:
176 /// /user/view.php
177 /// /user/edit.php
178 /// /course/user.php
179
180 $currenttab = 'profile';
181 $showroles = 1;
182 if (!$user->deleted) {
183 include('tabs.php');
184 }
185
186 if (is_mnet_remote_user($user)) {
187 $sql = "
188 SELECT DISTINCT
189 h.id,
190 h.name,
191 h.wwwroot,
192 a.name as application,
193 a.display_name
194 FROM
195 {$CFG->prefix}mnet_host h,
196 {$CFG->prefix}mnet_application a
197 WHERE
198 h.id = '{$user->mnethostid}' AND
199 h.applicationid = a.id
200 ORDER BY
201 a.display_name,
202 h.name";
203
204 $remotehost = get_record_sql($sql);
205
206 echo '<p class="errorboxcontent">'.get_string('remoteappuser', $remotehost->application)." <br />\n";
207 if ($USER->id == $user->id) {
208 if ($remotehost->application =='moodle') {
209 echo "Remote {$remotehost->display_name}: <a href=\"{$remotehost->wwwroot}/user/edit.php\">{$remotehost->name}</a> ".get_string('editremoteprofile')." </p>\n";
210 } else {
211 echo "Remote {$remotehost->display_name}: <a href=\"{$remotehost->wwwroot}/\">{$remotehost->name}</a> ".get_string('gotoyourserver')." </p>\n";
212 }
213 } else {
214 echo "Remote {$remotehost->display_name}: <a href=\"{$remotehost->wwwroot}/\">{$remotehost->name}</a></p>\n";
215 }
216 }
217
218 echo '<table width="80%" class="userinfobox" summary="">';
219 echo '<tr>';
220 echo '<td class="side">';
221 print_user_picture($user, $course->id, $user->picture, true, false, false);
222 echo '</td><td class="content">';
223
224 // Print the description
225
226 if ($user->description && !isset($hiddenfields['description'])) {
227 $has_courseid = ($course->id != SITEID);
228 if (!$has_courseid && !empty($CFG->profilesforenrolledusersonly) && !record_exists('role_assignments', 'userid', $id)) {
229 echo get_string('profilenotshown', 'moodle').'<hr />';
230 } else {
231 echo format_text($user->description, FORMAT_MOODLE)."<hr />";
232 }
233 }
234
235 // Print all the little details in a list
236
237 echo '<table class="list">';
238
239 if (! isset($hiddenfields['country']) && $user->country) {
240 $countries = get_list_of_countries();
241 print_row(get_string('country') . ':', $countries[$user->country]);
242 }
243
244 if (! isset($hiddenfields['city']) && $user->city) {
245 print_row(get_string('city') . ':', $user->city);
246 }
247
248 if (has_capability('moodle/user:viewhiddendetails', $coursecontext)) {
249 if ($user->address) {
250 print_row(get_string("address").":", "$user->address");
251 }
252 if ($user->phone1) {
253 print_row(get_string("phone").":", "$user->phone1");
254 }
255 if ($user->phone2) {
256 print_row(get_string("phone2").":", "$user->phone2");
257 }
258 }
259
260 if ($user->maildisplay == 1 or
261 ($user->maildisplay == 2 and ($course->id != SITEID) and !isguest()) or
262 has_capability('moodle/course:useremail', $coursecontext)) {
263
264 $emailswitch = '';
265
266 if (has_capability('moodle/course:useremail', $coursecontext) or $currentuser) { /// Can use the enable/disable email stuff
267 if (!empty($enable) and confirm_sesskey()) { /// Recieved a parameter to enable the email address
268 set_field('user', 'emailstop', 0, 'id', $user->id);
269 $user->emailstop = 0;
270 }
271 if (!empty($disable) and confirm_sesskey()) { /// Recieved a parameter to disable the email address
272 set_field('user', 'emailstop', 1, 'id', $user->id);
273 $user->emailstop = 1;
274 }
275 }
276
277 if (has_capability('moodle/course:useremail', $coursecontext)) { /// Can use the enable/disable email stuff
278 if ($user->emailstop) {
279 $switchparam = 'enable';
280 $switchtitle = get_string('emaildisable');
281 $switchclick = get_string('emailenableclick');
282 $switchpix = 'emailno.gif';
283 } else {
284 $switchparam = 'disable';
285 $switchtitle = get_string('emailenable');
286 $switchclick = get_string('emaildisableclick');
287 $switchpix = 'email.gif';
288 }
289 $emailswitch = "&nbsp;<a title=\"$switchclick\" ".
290 "href=\"view.php?id=$user->id&amp;course=$course->id&amp;$switchparam=1&amp;sesskey=".sesskey()."\">".
291 "<img src=\"$CFG->pixpath/t/$switchpix\" alt=\"$switchclick\" /></a>";
292
293 } else if ($currentuser) { /// Can only re-enable an email this way
294 if ($user->emailstop) { // Include link that tells how to re-enable their email
295 $switchparam = 'enable';
296 $switchtitle = get_string('emaildisable');
297 $switchclick = get_string('emailenableclick');
298
299 $emailswitch = "&nbsp;(<a title=\"$switchclick\" ".
300 "href=\"view.php?id=$user->id&amp;course=$course->id&amp;enable=1&amp;sesskey=".sesskey()."\">$switchtitle</a>)";
301 }
302 }
303
304 print_row(get_string("email").":", obfuscate_mailto($user->email, '', $user->emailstop)."$emailswitch");
305 }
306
307 if ($user->url && !isset($hiddenfields['webpage'])) {
308 $url = $user->url;
309 if (strpos($user->url, '://') === false) {
310 $url = 'http://'. $url;
311 }
312 print_row(get_string("webpage") .":", "<a href=\"$url\">$user->url</a>");
313 }
314
315 if ($user->icq && !isset($hiddenfields['icqnumber'])) {
316 print_row(get_string('icqnumber').':',"<a href=\"http://web.icq.com/wwp?uin=$user->icq\">$user->icq <img src=\"http://web.icq.com/whitepages/online?icq=$user->icq&amp;img=5\" alt=\"\" /></a>");
317 }
318
319 if ($user->skype && !isset($hiddenfields['skypeid'])) {
320 print_row(get_string('skypeid').':','<a href="callto:'.urlencode($user->skype).'">'.s($user->skype).
321 ' <img src="http://mystatus.skype.com/smallicon/'.urlencode($user->skype).'" alt="'.get_string('status').'" '.
322 ' /></a>');
323 }
324 if ($user->yahoo && !isset($hiddenfields['yahooid'])) {
325 print_row(get_string('yahooid').':', '<a href="http://edit.yahoo.com/config/send_webmesg?.target='.urlencode($user->yahoo).'&amp;.src=pg">'.s($user->yahoo)." <img src=\"http://opi.yahoo.com/online?u=".urlencode($user->yahoo)."&m=g&t=0\" alt=\"\"></a>");
326 }
327 if ($user->aim && !isset($hiddenfields['aimid'])) {
328 print_row(get_string('aimid').':', '<a href="aim:goim?screenname='.s($user->aim).'">'.s($user->aim).'</a>');
329 }
330 if ($user->msn && !isset($hiddenfields['msnid'])) {
331 print_row(get_string('msnid').':', s($user->msn));
332 }
333
334 /// Print the Custom User Fields
335 profile_display_fields($user->id);
336
337
338 if (!isset($hiddenfields['mycourses'])) {
339 if ($mycourses = get_my_courses($user->id, 'visible DESC,sortorder ASC', null, false, 21)) {
340 $shown=0;
341 $courselisting = '';
342 foreach ($mycourses as $mycourse) {
343 if ($mycourse->category) {
344 if ($mycourse->id != $course->id){
345 $class = '';
346 if ($mycourse->visible == 0) {
347 // get_my_courses will filter courses $USER cannot see
348 // if we get one with visible 0 it just means it's hidden
349 // ... but not from $USER
350 $class = 'class="dimmed"';
351 }
352 $courselisting .= "<a href=\"{$CFG->wwwroot}/user/view.php?id={$user->id}&amp;course={$mycourse->id}\" $class >"
353 . format_string($mycourse->fullname) . "</a>, ";
354 }
355 else {
356 $courselisting .= format_string($mycourse->fullname) . ", ";
357 }
358 }
359 $shown++;
360 if($shown==20) {
361 $courselisting.= "...";
362 break;
363 }
364 }
365 print_row(get_string('courses').':', rtrim($courselisting,', '));
366 }
367 }
368 if (!isset($hiddenfields['firstaccess'])) {
369 if ($user->firstaccess) {
370 $datestring = userdate($user->firstaccess)."&nbsp; (".format_time(time() - $user->firstaccess).")";
371 } else {
372 $datestring = get_string("never");
373 }
374 print_row(get_string("firstaccess").":", $datestring);
375 }
376 if (!isset($hiddenfields['lastaccess'])) {
377 if ($user->lastaccess) {
378 $datestring = userdate($user->lastaccess)."&nbsp; (".format_time(time() - $user->lastaccess).")";
379 } else {
380 $datestring = get_string("never");
381 }
382 print_row(get_string("lastaccess").":", $datestring);
383 }
384 /// printing roles
385
386 if ($rolestring = get_user_roles_in_context($id, $coursecontext)) {
387 print_row(get_string('roles').':', format_string($rolestring, false));
388 }
389
390 /// Printing groups
391 if (!isset($hiddenfields['groups'])) {
392 $isseparategroups = ($course->groupmode == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $coursecontext));
393 if (!$isseparategroups){
394 if ($usergroups = groups_get_all_groups($course->id, $user->id)){
395 $groupstr = '';
396 foreach ($usergroups as $group){
397 $groupstr .= ' <a href="'.$CFG->wwwroot.'/user/index.php?id='.$course->id.'&amp;group='.$group->id.'">'.format_string($group->name).'</a>,';
398 }
399 print_row(get_string("group").":", rtrim($groupstr, ', '));
400 }
401 }
402 }
403 /// End of printing groups
404
405 /// Printing Interests
406 if( !empty($CFG->usetags)) {
407 if ( $interests = tag_get_tags_csv('user', $user->id) ) {
408 print_row(get_string('interests') .": ", $interests);
409 }
410 }
411 /// End of Printing Interests
412
413 echo "</table>";
414
415 echo "</td></tr></table>";
416
417 $userauth = get_auth_plugin($user->auth);
418
419 $passwordchangeurl = false;
420 if ($currentuser and $userauth->can_change_password() and !isguestuser() and has_capability('moodle/user:changeownpassword', $systemcontext)) {
421 if (!$passwordchangeurl = $userauth->change_password_url()) {
422 if (empty($CFG->loginhttps)) {
423 $passwordchangeurl = "$CFG->wwwroot/login/change_password.php";
424 } else {
425 $passwordchangeurl = str_replace('http:', 'https:', $CFG->wwwroot.'/login/change_password.php');
426 }
427 }
428 }
429
430 // Print other functions
431 echo '<div class="buttons">';
432
433 if ($passwordchangeurl) {
434 $params = array('id'=>$course->id);
435
436 if (!empty($USER->realuser)) {
437 $passwordchangeurl = ''; // do not use actual change password url - might contain sensitive data
438 } else {
439 $parts = explode('?', $passwordchangeurl);
440 $passwordchangeurl = reset($parts);
441 $after = next($parts);
442 preg_match_all('/([^&=]+)=([^&=]+)/', $after, $matches);
443 if (count($matches)) {
444 foreach($matches[0] as $key=>$match) {
445 $params[$matches[1][$key]] = $matches[2][$key];
446 }
447 }
448 }
449 echo "<form action=\"$passwordchangeurl\" method=\"get\">";
450 echo "<div>";
451 foreach($params as $key=>$value) {
452 echo '<input type="hidden" name="'.$key.'" value="'.s($value).'" />';
453 }
454 if (!empty($USER->realuser)) {
455 // changing of password when "Logged in as" is not allowed
456 echo "<input type=\"submit\" value=\"".get_string("changepassword")."\" disabled=\"disabled\" />";
457 } else {
458 echo "<input type=\"submit\" value=\"".get_string("changepassword")."\" />";
459 }
460 echo "</div>";
461 echo "</form>";
462 }
463
464 if ($course->id != SITEID && empty($course->metacourse)) { // Mostly only useful at course level
465
466 $canunenrol = false;
467
468 if ($user->id == $USER->id) { // Myself
469 $canunenrol = has_capability('moodle/course:view', $coursecontext, NULL) && // Course participant
470 has_capability('moodle/role:unassignself', $coursecontext, NULL, false) && // Can unassign myself
471 get_user_roles($coursecontext, $user->id, false); // Must have role in course
472
473 } else if (has_capability('moodle/role:assign', $coursecontext, NULL)) { // I can assign roles
474 if ($roles = get_user_roles($coursecontext, $user->id, false)) {
475 $canunenrol = true;
476 foreach($roles as $role) {
477 if (!user_can_assign($coursecontext, $role->roleid)) {
478 $canunenrol = false; // I can not unassign all roles in this course :-(
479 break;
480 }
481 }
482 }
483 }
484
485 if ($canunenrol) {
486 echo '<form action="'.$CFG->wwwroot.'/course/unenrol.php" method="get">';
487 echo '<div>';
488 echo '<input type="hidden" name="id" value="'.$course->id.'" />';
489 echo '<input type="hidden" name="user" value="'.$user->id.'" />';
490 echo '<input type="submit" value="'.s(get_string('unenrolme', '', $course->shortname)).'" />';
491 echo '</div>';
492 echo '</form>';
493 }
494 }
495
496 if (!$user->deleted and $USER->id != $user->id && empty($USER->realuser) && has_capability('moodle/user:loginas', $coursecontext) &&
497 ! has_capability('moodle/site:doanything', $coursecontext, $user->id, false)) {
498 echo '<form action="'.$CFG->wwwroot.'/course/loginas.php" method="get">';
499 echo '<div>';
500 echo '<input type="hidden" name="id" value="'.$course->id.'" />';
501 echo '<input type="hidden" name="user" value="'.$user->id.'" />';
502 echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
503 echo '<input type="submit" value="'.get_string('loginas').'" />';
504 echo '</div>';
505 echo '</form>';
506 }
507
508 if (!$user->deleted and !empty($CFG->messaging) and !isguest() and has_capability('moodle/site:sendmessage', get_context_instance(CONTEXT_SYSTEM))) {
509 if (!empty($USER->id) and ($USER->id == $user->id)) {
510 if ($countmessages = count_records('message', 'useridto', $user->id)) {
511 $messagebuttonname = get_string("messages", "message")."($countmessages)";
512 } else {
513 $messagebuttonname = get_string("messages", "message");
514 }
515 echo "<form onclick=\"this.target='message'\" action=\"../message/index.php\" method=\"get\">";
516 echo "<div>";
517 echo "<input type=\"submit\" value=\"$messagebuttonname\" onclick=\"return openpopup('/message/index.php', 'message', 'menubar=0,location=0,scrollbars,status,resizable,width=400,height=500', 0);\" />";
518 echo "</div>";
519 echo "</form>";
520 } else {
521 echo "<form onclick=\"this.target='message$user->id'\" action=\"../message/discussion.php\" method=\"get\">";
522 echo "<div>";
523 echo "<input type=\"hidden\" name=\"id\" value=\"$user->id\" />";
524 echo "<input type=\"submit\" value=\"".get_string("sendmessage", "message")."\" onclick=\"return openpopup('/message/discussion.php?id=$user->id', 'message_$user->id', 'menubar=0,location=0,scrollbars,status,resizable,width=400,height=500', 0);\" />";
525 echo "</div>";
526 echo "</form>";
527 }
528 }
529 // Authorize.net: User Payments
530 if ($course->enrol == 'authorize' || (empty($course->enrol) && $CFG->enrol == 'authorize')) {
531 echo "<form action=\"../enrol/authorize/index.php\" method=\"get\">";
532 echo "<div>";
533 echo "<input type=\"hidden\" name=\"course\" value=\"$course->id\" />";
534 echo "<input type=\"hidden\" name=\"user\" value=\"$user->id\" />";
535 echo "<input type=\"submit\" value=\"".get_string('payments')."\" />";
536 echo "</div>";
537 echo "</form>";
538 }
539 echo "</div>\n";
540
541 if ($CFG->debugdisplay && debugging('', DEBUG_DEVELOPER) && $USER->id == $user->id) { // Show user object
542 echo '<hr />';
543 print_heading('DEBUG MODE: User session variables');
544 print_object($USER);
545 }
546
547 print_footer($course);
548
549 /// Functions ///////
550
551 function print_row($left, $right) {
552 echo "\n<tr><td class=\"label c0\">$left</td><td class=\"info c1\">$right</td></tr>\n";
553 }
554
555 ?>
Read-only mirror of the Moodle CVS