user/profile.php

   1 <?php
   2 // This file is part of Moodle - http://moodle.org/
   3 //
   4 // Moodle is free software: you can redistribute it and/or modify
   5 // it under the terms of the GNU General Public License as published by
   6 // the Free Software Foundation, either version 3 of the License, or
   7 // (at your option) any later version.
   8 //
   9 // Moodle is distributed in the hope that it will be useful,
  10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 // GNU General Public License for more details.
  13 //
  14 // You should have received a copy of the GNU General Public License
  15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 /**
  18  * Public Profile -- a user's public profile page
  19  *
  20  * - each user can currently have their own page (cloned from system and then customised)
  21  * - users can add any blocks they want
  22  * - the administrators can define a default site public profile for users who have
  23  *   not created their own public profile
  24  *
  25  * This script implements the user's view of the public profile, and allows editing
  26  * of the public profile.
  27  *
  28  * @package    core_user
  29  * @copyright  2010 Remote-Learner.net
  30  * @author     Hubert Chathi <hubert@remote-learner.net>
  31  * @author     Olav Jordan <olav.jordan@remote-learner.net>
  32  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  33  */
  34
  35 require_once(__DIR__ . '/../config.php');
  36 require_once($CFG->dirroot . '/my/lib.php');
  37 require_once($CFG->dirroot . '/user/profile/lib.php');
  38 require_once($CFG->dirroot . '/user/lib.php');
  39 require_once($CFG->libdir.'/filelib.php');
  40
  41 $userid         = optional_param('id', 0, PARAM_INT);
  42 $edit           = optional_param('edit', null, PARAM_BOOL);    // Turn editing on and off.
  43 $reset          = optional_param('reset', null, PARAM_BOOL);
  44
  45 $PAGE->set_url('/user/profile.php', array('id' => $userid));
  46
  47 if (!empty($CFG->forceloginforprofiles)) {
  48     require_login();
  49     if (isguestuser()) {
  50         $PAGE->set_context(context_system::instance());
  51         echo $OUTPUT->header();
  52         echo $OUTPUT->confirm(get_string('guestcantaccessprofiles', 'error'),
  53                               get_login_url(),
  54                               $CFG->wwwroot);
  55         echo $OUTPUT->footer();
  56         die;
  57     }
  58 } else if (!empty($CFG->forcelogin)) {
  59     require_login();
  60 }
  61
  62 $userid = $userid ? $userid : $USER->id;       // Owner of the page.
  63 if ((!$user = $DB->get_record('user', array('id' => $userid))) || ($user->deleted)) {
  64     $PAGE->set_context(context_system::instance());
  65     echo $OUTPUT->header();
  66     if (!$user) {
  67         echo $OUTPUT->notification(get_string('invaliduser', 'error'));
  68     } else {
  69         echo $OUTPUT->notification(get_string('userdeleted'));
  70     }
  71     echo $OUTPUT->footer();
  72     die;
  73 }
  74
  75 $currentuser = ($user->id == $USER->id);
  76 $context = $usercontext = context_user::instance($userid, MUST_EXIST);
  77
  78 if (!user_can_view_profile($user, null, $context)) {
  79
  80     // Course managers can be browsed at site level. If not forceloginforprofiles, allow access (bug #4366).
  81     $struser = get_string('user');
  82     $PAGE->set_context(context_system::instance());
  83     $PAGE->set_title("$SITE->shortname: $struser");  // Do not leak the name.
  84     $PAGE->set_heading($struser);
  85     $PAGE->set_pagelayout('mypublic');
  86     $PAGE->add_body_class('limitedwidth');
  87     $PAGE->set_url('/user/profile.php', array('id' => $userid));
  88     $PAGE->navbar->add($struser);
  89     echo $OUTPUT->header();
  90     echo $OUTPUT->notification(get_string('usernotavailable', 'error'));
  91     echo $OUTPUT->footer();
  92     exit;
  93 }
  94
  95 // Get the profile page.  Should always return something unless the database is broken.
  96 if (!$currentpage = my_get_page($userid, MY_PAGE_PUBLIC)) {
  97     throw new \moodle_exception('mymoodlesetup');
  98 }
  99
 100 $PAGE->set_context($context);
 101 $PAGE->set_pagelayout('mypublic');
 102 $PAGE->add_body_class('limitedwidth');
 103 $PAGE->set_pagetype('user-profile');
 104
 105 // Set up block editing capabilities.
 106 if (isguestuser()) {     // Guests can never edit their profile.
 107     $USER->editing = $edit = 0;  // Just in case.
 108     $PAGE->set_blocks_editing_capability('moodle/my:configsyspages');  // unlikely :).
 109 } else {
 110     if ($currentuser) {
 111         $PAGE->set_blocks_editing_capability('moodle/user:manageownblocks');
 112     } else {
 113         $PAGE->set_blocks_editing_capability('moodle/user:manageblocks');
 114     }
 115 }
 116
 117 // Start setting up the page.
 118 $strpublicprofile = get_string('publicprofile');
 119
 120 $PAGE->blocks->add_region('content');
 121 $PAGE->set_subpage($currentpage->id);
 122 $PAGE->set_title(fullname($user).": $strpublicprofile");
 123 $PAGE->set_heading(fullname($user));
 124
 125 if (!$currentuser) {
 126     $PAGE->navigation->extend_for_user($user);
 127     if ($node = $PAGE->settingsnav->get('userviewingsettings'.$user->id)) {
 128         $node->forceopen = true;
 129     }
 130 } else if ($node = $PAGE->settingsnav->get('dashboard', navigation_node::TYPE_CONTAINER)) {
 131     $node->forceopen = true;
 132 }
 133 if ($node = $PAGE->settingsnav->get('root')) {
 134     $node->forceopen = false;
 135 }
 136
 137
 138 // Toggle the editing state and switches.
 139 if ($PAGE->user_allowed_editing()) {
 140     if ($reset !== null) {
 141         if (!is_null($userid)) {
 142             if (!$currentpage = my_reset_page($userid, MY_PAGE_PUBLIC, 'user-profile')) {
 143                 throw new \moodle_exception('reseterror', 'my');
 144             }
 145             redirect(new moodle_url('/user/profile.php', array('id' => $userid)));
 146         }
 147     } else if ($edit !== null) {             // Editing state was specified.
 148         $USER->editing = $edit;       // Change editing state.
 149     } else {                          // Editing state is in session.
 150         if ($currentpage->userid) {   // It's a page we can edit, so load from session.
 151             if (!empty($USER->editing)) {
 152                 $edit = 1;
 153             } else {
 154                 $edit = 0;
 155             }
 156         } else {
 157             // For the page to display properly with the user context header the page blocks need to
 158             // be copied over to the user context.
 159             if (!$currentpage = my_copy_page($userid, MY_PAGE_PUBLIC, 'user-profile')) {
 160                 throw new \moodle_exception('mymoodlesetup');
 161             }
 162             $PAGE->set_context($usercontext);
 163             $PAGE->set_subpage($currentpage->id);
 164             // It's a system page and they are not allowed to edit system pages.
 165             $USER->editing = $edit = 0;          // Disable editing completely, just to be safe.
 166         }
 167     }
 168
 169     // Add button for editing page.
 170     $params = array('edit' => !$edit, 'id' => $userid);
 171
 172     $resetbutton = '';
 173     $resetstring = get_string('resetpage', 'my');
 174     $reseturl = new moodle_url("$CFG->wwwroot/user/profile.php", array('edit' => 1, 'reset' => 1, 'id' => $userid));
 175
 176     if (!$currentpage->userid) {
 177         // Viewing a system page -- let the user customise it.
 178         $editstring = get_string('updatemymoodleon');
 179         $params['edit'] = 1;
 180     } else if (empty($edit)) {
 181         $editstring = get_string('updatemymoodleon');
 182         $resetbutton = $OUTPUT->single_button($reseturl, $resetstring);
 183     } else {
 184         $editstring = get_string('updatemymoodleoff');
 185         $resetbutton = $OUTPUT->single_button($reseturl, $resetstring);
 186     }
 187
 188     $url = new moodle_url("$CFG->wwwroot/user/profile.php", $params);
 189     $button = '';
 190     if (!$PAGE->theme->haseditswitch) {
 191         $button = $OUTPUT->single_button($url, $editstring);
 192     }
 193     $PAGE->set_button($resetbutton . $button);
 194
 195 } else {
 196     $USER->editing = $edit = 0;
 197 }
 198
 199 // Trigger a user profile viewed event.
 200 profile_view($user, $usercontext);
 201
 202 // TODO WORK OUT WHERE THE NAV BAR IS!
 203 echo $OUTPUT->header();
 204 echo '<div class="userprofile">';
 205
 206 $hiddenfields = [];
 207 if (!has_capability('moodle/user:viewhiddendetails', $usercontext)) {
 208     $hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields));
 209 }
 210 if ($user->description && !isset($hiddenfields['description'])) {
 211     echo '<div class="description">';
 212     if (!empty($CFG->profilesforenrolledusersonly) && !$currentuser &&
 213         !$DB->record_exists('role_assignments', array('userid' => $user->id))) {
 214         echo get_string('profilenotshown', 'moodle');
 215     } else {
 216         $user->description = file_rewrite_pluginfile_urls($user->description, 'pluginfile.php', $usercontext->id, 'user',
 217                                                           'profile', null);
 218         echo format_text($user->description, $user->descriptionformat);
 219     }
 220     echo '</div>';
 221 }
 222
 223 echo $OUTPUT->custom_block_region('content');
 224
 225 // Render custom blocks.
 226 $renderer = $PAGE->get_renderer('core_user', 'myprofile');
 227 $tree = core_user\output\myprofile\manager::build_tree($user, $currentuser);
 228 echo $renderer->render($tree);
 229
 230 echo '</div>';  // Userprofile class.
 231
 232 echo $OUTPUT->footer();