MDL-27040 get_users_by_capability generates u.id IN () when no uesrs have accessallgroups
[moodle.git] / user / profile.php
blob4919d230769d8e5080351e40e8ab706fe90fe36f
1 <?php
3 // This file is part of Moodle - http://moodle.org/
4 //
5 // Moodle is free software: you can redistribute it and/or modify
6 // it under the terms of the GNU General Public License as published by
7 // the Free Software Foundation, either version 3 of the License, or
8 // (at your option) any later version.
9 //
10 // Moodle is distributed in the hope that it will be useful,
11 // but WITHOUT ANY WARRANTY; without even the implied warranty of
12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 // GNU General Public License for more details.
15 // You should have received a copy of the GNU General Public License
16 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
18 /**
19 * Public Profile -- a user's public profile page
21 * - each user can currently have their own page (cloned from system and then customised)
22 * - users can add any blocks they want
23 * - the administrators can define a default site public profile for users who have
24 * not created their own public profile
26 * This script implements the user's view of the public profile, and allows editing
27 * of the public profile.
29 * @package moodlecore
30 * @subpackage my
31 * @copyright 2010 Remote-Learner.net
32 * @author Hubert Chathi <hubert@remote-learner.net>
33 * @author Olav Jordan <olav.jordan@remote-learner.net>
34 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
37 require_once(dirname(__FILE__) . '/../config.php');
38 require_once($CFG->dirroot . '/my/lib.php');
39 require_once($CFG->dirroot . '/tag/lib.php');
40 require_once($CFG->dirroot . '/user/profile/lib.php');
41 require_once($CFG->libdir.'/filelib.php');
43 $userid = optional_param('id', 0, PARAM_INT);
44 $edit = optional_param('edit', null, PARAM_BOOL); // Turn editing on and off
46 $PAGE->set_url('/user/profile.php', array('id'=>$userid));
48 if (!empty($CFG->forceloginforprofiles)) {
49 require_login();
50 if (isguestuser()) {
51 $SESSION->wantsurl = $PAGE->url->out(false);
52 redirect(get_login_url());
54 } else if (!empty($CFG->forcelogin)) {
55 require_login();
58 $userid = $userid ? $userid : $USER->id; // Owner of the page
59 $user = $DB->get_record('user', array('id' => $userid));
60 $currentuser = ($user->id == $USER->id);
61 $context = $usercontext = get_context_instance(CONTEXT_USER, $userid, MUST_EXIST);
63 if (!$currentuser &&
64 !empty($CFG->forceloginforprofiles) &&
65 !has_capability('moodle/user:viewdetails', $context) &&
66 !has_coursecontact_role($userid)) {
68 // Course managers can be browsed at site level. If not forceloginforprofiles, allow access (bug #4366)
69 $struser = get_string('user');
70 $PAGE->set_context(get_context_instance(CONTEXT_SYSTEM));
71 $PAGE->set_title("$SITE->shortname: $struser"); // Do not leak the name
72 $PAGE->set_heading("$SITE->shortname: $struser");
73 $PAGE->set_url('/user/profile.php', array('id'=>$userid));
74 $PAGE->navbar->add($struser);
75 echo $OUTPUT->header();
76 echo $OUTPUT->heading(get_string('usernotavailable', 'error'));
77 echo $OUTPUT->footer();
78 exit;
81 // Get the profile page. Should always return something unless the database is broken.
82 if (!$currentpage = my_get_page($userid, MY_PAGE_PUBLIC)) {
83 print_error('mymoodlesetup');
86 if (!$currentpage->userid) {
87 $context = get_context_instance(CONTEXT_SYSTEM); // A trick so that we even see non-sticky blocks
90 $PAGE->set_context($context);
91 $PAGE->set_pagelayout('mydashboard');
92 $PAGE->set_pagetype('user-profile');
94 // Set up block editing capabilities
95 if (isguestuser()) { // Guests can never edit their profile
96 $USER->editing = $edit = 0; // Just in case
97 $PAGE->set_blocks_editing_capability('moodle/my:configsyspages'); // unlikely :)
98 } else {
99 if ($currentuser) {
100 $PAGE->set_blocks_editing_capability('moodle/user:manageownblocks');
101 } else {
102 $PAGE->set_blocks_editing_capability('moodle/user:manageblocks');
106 if (has_capability('moodle/user:viewhiddendetails', $context)) {
107 $hiddenfields = array();
108 } else {
109 $hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields));
112 // Start setting up the page
113 $strpublicprofile = get_string('publicprofile');
115 $PAGE->blocks->add_region('content');
116 $PAGE->set_subpage($currentpage->id);
117 $PAGE->set_title(fullname($user).": $strpublicprofile");
118 $PAGE->set_heading(fullname($user).": $strpublicprofile");
120 if (!$currentuser) {
121 $PAGE->navigation->extend_for_user($user);
122 if ($node = $PAGE->settingsnav->get('userviewingsettings'.$user->id)) {
123 $node->forceopen = true;
125 } else if ($node = $PAGE->settingsnav->get('usercurrentsettings', navigation_node::TYPE_CONTAINER)) {
126 $node->forceopen = true;
128 if ($node = $PAGE->settingsnav->get('root')) {
129 $node->forceopen = false;
133 // Toggle the editing state and switches
134 if ($PAGE->user_allowed_editing()) {
135 if ($edit !== null) { // Editing state was specified
136 $USER->editing = $edit; // Change editing state
137 if (!$currentpage->userid && $edit) {
138 // If we are viewing a system page as ordinary user, and the user turns
139 // editing on, copy the system pages as new user pages, and get the
140 // new page record
141 if (!$currentpage = my_copy_page($USER->id, MY_PAGE_PUBLIC, 'user-profile')) {
142 print_error('mymoodlesetup');
144 $PAGE->set_context($usercontext);
145 $PAGE->set_subpage($currentpage->id);
147 } else { // Editing state is in session
148 if ($currentpage->userid) { // It's a page we can edit, so load from session
149 if (!empty($USER->editing)) {
150 $edit = 1;
151 } else {
152 $edit = 0;
154 } else { // It's a system page and they are not allowed to edit system pages
155 $USER->editing = $edit = 0; // Disable editing completely, just to be safe
159 // Add button for editing page
160 $params = array('edit' => !$edit);
162 if (!$currentpage->userid) {
163 // viewing a system page -- let the user customise it
164 $editstring = get_string('updatemymoodleon');
165 $params['edit'] = 1;
166 } else if (empty($edit)) {
167 $editstring = get_string('updatemymoodleon');
168 } else {
169 $editstring = get_string('updatemymoodleoff');
172 $url = new moodle_url("$CFG->wwwroot/user/profile.php", $params);
173 $button = $OUTPUT->single_button($url, $editstring);
174 $PAGE->set_button($button);
176 } else {
177 $USER->editing = $edit = 0;
180 // HACK WARNING! This loads up all this page's blocks in the system context
181 if ($currentpage->userid == 0) {
182 $CFG->blockmanagerclass = 'my_syspage_block_manager';
185 // TODO WORK OUT WHERE THE NAV BAR IS!
187 echo $OUTPUT->header();
188 echo '<div class="userprofile">';
191 // Print the standard content of this page, the basic profile info
193 echo $OUTPUT->heading(fullname($user));
195 if (is_mnet_remote_user($user)) {
196 $sql = "SELECT h.id, h.name, h.wwwroot,
197 a.name as application, a.display_name
198 FROM {mnet_host} h, {mnet_application} a
199 WHERE h.id = ? AND h.applicationid = a.id";
201 $remotehost = $DB->get_record_sql($sql, array($user->mnethostid));
202 $a = new stdclass();
203 $a->remotetype = $remotehost->display_name;
204 $a->remotename = $remotehost->name;
205 $a->remoteurl = $remotehost->wwwroot;
207 echo $OUTPUT->box(get_string('remoteuserinfo', 'mnet', $a), 'remoteuserinfo');
210 echo '<div class="userprofilebox clearfix"><div class="profilepicture">';
211 echo $OUTPUT->user_picture($user, array('size'=>100));
212 echo '</div>';
214 echo '<div class="descriptionbox"><div class="description">';
215 // Print the description
217 if ($user->description && !isset($hiddenfields['description'])) {
218 if (!empty($CFG->profilesforenrolledusersonly) && !$currentuser && !$DB->record_exists('role_assignments', array('userid'=>$user->id))) {
219 echo get_string('profilenotshown', 'moodle');
220 } else {
221 $user->description = file_rewrite_pluginfile_urls($user->description, 'pluginfile.php', $usercontext->id, 'user', 'profile', null);
222 $options = array('overflowdiv'=>true);
223 echo format_text($user->description, $user->descriptionformat, $options);
226 echo '</div>';
229 // Print all the little details in a list
231 echo '<table class="list" summary="">';
233 if (! isset($hiddenfields['country']) && $user->country) {
234 print_row(get_string('country') . ':', get_string($user->country, 'countries'));
237 if (! isset($hiddenfields['city']) && $user->city) {
238 print_row(get_string('city') . ':', $user->city);
241 if (has_capability('moodle/user:viewhiddendetails', $context)) {
242 if ($user->address) {
243 print_row(get_string("address").":", "$user->address");
245 if ($user->phone1) {
246 print_row(get_string("phone").":", "$user->phone1");
248 if ($user->phone2) {
249 print_row(get_string("phone2").":", "$user->phone2");
253 if ($currentuser
254 or $user->maildisplay == 1
255 or has_capability('moodle/course:useremail', $context)
256 or ($user->maildisplay == 2 and enrol_sharing_course($user, $USER))) {
258 print_row(get_string("email").":", obfuscate_mailto($user->email, ''));
261 if ($user->url && !isset($hiddenfields['webpage'])) {
262 $url = $user->url;
263 if (strpos($user->url, '://') === false) {
264 $url = 'http://'. $url;
266 print_row(get_string("webpage") .":", '<a href="'.s($url).'">'.s($user->url).'</a>');
269 if ($user->icq && !isset($hiddenfields['icqnumber'])) {
270 print_row(get_string('icqnumber').':',"<a href=\"http://web.icq.com/wwp?uin=".urlencode($user->icq)."\">".s($user->icq)." <img src=\"http://web.icq.com/whitepages/online?icq=".urlencode($user->icq)."&amp;img=5\" alt=\"\" /></a>");
273 if ($user->skype && !isset($hiddenfields['skypeid'])) {
274 print_row(get_string('skypeid').':','<a href="callto:'.urlencode($user->skype).'">'.s($user->skype).
275 ' <img src="http://mystatus.skype.com/smallicon/'.urlencode($user->skype).'" alt="'.get_string('status').'" '.
276 ' /></a>');
278 if ($user->yahoo && !isset($hiddenfields['yahooid'])) {
279 print_row(get_string('yahooid').':', '<a href="http://edit.yahoo.com/config/send_webmesg?.target='.urlencode($user->yahoo).'&amp;.src=pg">'.s($user->yahoo)." <img src=\"http://opi.yahoo.com/online?u=".urlencode($user->yahoo)."&m=g&t=0\" alt=\"\"></a>");
281 if ($user->aim && !isset($hiddenfields['aimid'])) {
282 print_row(get_string('aimid').':', '<a href="aim:goim?screenname='.urlencode($user->aim).'">'.s($user->aim).'</a>');
284 if ($user->msn && !isset($hiddenfields['msnid'])) {
285 print_row(get_string('msnid').':', s($user->msn));
288 /// Print the Custom User Fields
289 profile_display_fields($user->id);
292 if (!isset($hiddenfields['mycourses'])) {
293 if ($mycourses = enrol_get_users_courses($user->id, true, NULL, 'visible DESC,sortorder ASC')) {
294 $shown=0;
295 $courselisting = '';
296 foreach ($mycourses as $mycourse) {
297 if ($mycourse->category) {
298 $class = '';
299 if ($mycourse->visible == 0) {
300 $ccontext = get_context_instance(CONTEXT_COURSE, $mycourse->id);
301 if (!has_capability('moodle/course:viewhiddencourses', $ccontext)) {
302 continue;
304 $class = 'class="dimmed"';
306 $courselisting .= "<a href=\"{$CFG->wwwroot}/user/view.php?id={$user->id}&amp;course={$mycourse->id}\" $class >" . format_string($mycourse->fullname) . "</a>, ";
308 $shown++;
309 if($shown==20) {
310 $courselisting.= "...";
311 break;
314 print_row(get_string('courseprofiles').':', rtrim($courselisting,', '));
317 if (!isset($hiddenfields['firstaccess'])) {
318 if ($user->firstaccess) {
319 $datestring = userdate($user->firstaccess)."&nbsp; (".format_time(time() - $user->firstaccess).")";
320 } else {
321 $datestring = get_string("never");
323 print_row(get_string("firstaccess").":", $datestring);
325 if (!isset($hiddenfields['lastaccess'])) {
326 if ($user->lastaccess) {
327 $datestring = userdate($user->lastaccess)."&nbsp; (".format_time(time() - $user->lastaccess).")";
328 } else {
329 $datestring = get_string("never");
331 print_row(get_string("lastaccess").":", $datestring);
334 /// Printing tagged interests
335 if (!empty($CFG->usetags)) {
336 if ($interests = tag_get_tags_csv('user', $user->id) ) {
337 print_row(get_string('interests') .": ", $interests);
341 echo "</table></div></div>";
344 echo $OUTPUT->blocks_for_region('content');
346 // Print messaging link if allowed
347 if (isloggedin() && has_capability('moodle/site:sendmessage', $context)
348 && !empty($CFG->messaging) && !isguestuser() && !isguestuser($user) && ($USER->id != $user->id)) {
349 echo '<div class="messagebox">';
350 echo '<a href="'.$CFG->wwwroot.'/message/index.php?id='.$user->id.'">'.get_string('messageselectadd').'</a>';
351 echo '</div>';
354 if ($CFG->debugdisplay && debugging('', DEBUG_DEVELOPER) && $currentuser) { // Show user object
355 echo '<br /><br /><hr />';
356 echo $OUTPUT->heading('DEBUG MODE: User session variables');
357 print_object($USER);
360 echo '</div>'; // userprofile class
361 echo $OUTPUT->footer();
364 function print_row($left, $right) {
365 echo "\n<tr><td class=\"label c0\">$left</td><td class=\"info c1\">$right</td></tr>\n";