| [ Index ] |
PHP Cross Reference of Moodle 1.9.3 [Build 15-Oct-2008] |
[Summary view] [Print] [Text view]
1 <?php // $Id: user.php,v 1.109.2.4 2008/07/10 08:36:02 skodak Exp $ 2 3 require_once ('../config.php'); 4 require_once($CFG->libdir.'/adminlib.php'); 5 require_once($CFG->dirroot.'/user/filters/lib.php'); 6 7 $delete = optional_param('delete', 0, PARAM_INT); 8 $confirm = optional_param('confirm', '', PARAM_ALPHANUM); //md5 confirmation hash 9 $confirmuser = optional_param('confirmuser', 0, PARAM_INT); 10 $sort = optional_param('sort', 'name', PARAM_ALPHA); 11 $dir = optional_param('dir', 'ASC', PARAM_ALPHA); 12 $page = optional_param('page', 0, PARAM_INT); 13 $perpage = optional_param('perpage', 30, PARAM_INT); // how many per page 14 $ru = optional_param('ru', '2', PARAM_INT); // show remote users 15 $lu = optional_param('lu', '2', PARAM_INT); // show local users 16 $acl = optional_param('acl', '0', PARAM_INT); // id of user to tweak mnet ACL (requires $access) 17 18 19 admin_externalpage_setup('editusers'); 20 21 $sitecontext = get_context_instance(CONTEXT_SYSTEM); 22 $site = get_site(); 23 24 if (!has_capability('moodle/user:update', $sitecontext) and !has_capability('moodle/user:delete', $sitecontext)) { 25 error('You do not have the required permission to edit/delete users.'); 26 } 27 28 $stredit = get_string('edit'); 29 $strdelete = get_string('delete'); 30 $strdeletecheck = get_string('deletecheck'); 31 $strshowallusers = get_string('showallusers'); 32 33 if (empty($CFG->loginhttps)) { 34 $securewwwroot = $CFG->wwwroot; 35 } else { 36 $securewwwroot = str_replace('http:','https:',$CFG->wwwroot); 37 } 38 39 admin_externalpage_print_header(); 40 41 if ($confirmuser and confirm_sesskey()) { 42 if (!$user = get_record('user', 'id', $confirmuser)) { 43 error("No such user!", '', true); 44 } 45 46 $auth = get_auth_plugin($user->auth); 47 48 $result = $auth->user_confirm(addslashes($user->username), addslashes($user->secret)); 49 50 if ($result == AUTH_CONFIRM_OK or $result == AUTH_CONFIRM_ALREADY) { 51 notify(get_string('userconfirmed', '', fullname($user, true)) ); 52 } else { 53 notify(get_string('usernotconfirmed', '', fullname($user, true))); 54 } 55 56 } else if ($delete and confirm_sesskey()) { // Delete a selected user, after confirmation 57 58 if (!has_capability('moodle/user:delete', $sitecontext)) { 59 error('You do not have the required permission to delete a user.'); 60 } 61 62 if (!$user = get_record('user', 'id', $delete)) { 63 error("No such user!", '', true); 64 } 65 66 if (is_primary_admin($user->id)) { 67 error("You are not allowed to delete the primary admin user!", '', true); 68 } 69 70 if ($confirm != md5($delete)) { 71 $fullname = fullname($user, true); 72 print_heading(get_string('deleteuser', 'admin')); 73 $optionsyes = array('delete'=>$delete, 'confirm'=>md5($delete), 'sesskey'=>sesskey()); 74 notice_yesno(get_string('deletecheckfull', '', "'$fullname'"), 'user.php', 'user.php', $optionsyes, NULL, 'post', 'get'); 75 admin_externalpage_print_footer(); 76 die; 77 } else if (data_submitted() and !$user->deleted) { 78 if (delete_user($user)) { 79 notify(get_string('deletedactivity', '', fullname($user, true)) ); 80 } else { 81 notify(get_string('deletednot', '', fullname($user, true))); 82 } 83 } 84 } else if ($acl and confirm_sesskey()) { 85 if (!has_capability('moodle/user:delete', $sitecontext)) { 86 // TODO: this should be under a separate capability 87 error('You are not permitted to modify the MNET access control list.'); 88 } 89 if (!$user = get_record('user', 'id', $acl)) { 90 error("No such user.", '', true); 91 } 92 if (!is_mnet_remote_user($user)) { 93 error('Users in the MNET access control list must be remote MNET users.'); 94 } 95 $accessctrl = strtolower(required_param('accessctrl', PARAM_ALPHA)); 96 if ($accessctrl != 'allow' and $accessctrl != 'deny') { 97 error('Invalid access parameter.'); 98 } 99 $aclrecord = get_record('mnet_sso_access_control', 'username', $user->username, 'mnet_host_id', $user->mnethostid); 100 if (empty($aclrecord)) { 101 $aclrecord = new object(); 102 $aclrecord->mnet_host_id = $user->mnethostid; 103 $aclrecord->username = $user->username; 104 $aclrecord->accessctrl = $accessctrl; 105 if (!insert_record('mnet_sso_access_control', $aclrecord)) { 106 error("Database error - Couldn't modify the MNET access control list.", '', true); 107 } 108 } else { 109 $aclrecord->accessctrl = $accessctrl; 110 if (!update_record('mnet_sso_access_control', $aclrecord)) { 111 error("Database error - Couldn't modify the MNET access control list.", '', true); 112 } 113 } 114 $mnethosts = get_records('mnet_host', '', '', 'id', 'id,wwwroot,name'); 115 notify("MNET access control list updated: username '$user->username' from host '" 116 . $mnethosts[$user->mnethostid]->name 117 . "' access now set to '$accessctrl'."); 118 } 119 120 // create the user filter form 121 $ufiltering = new user_filtering(); 122 123 // Carry on with the user listing 124 125 $columns = array("firstname", "lastname", "email", "city", "country", "lastaccess"); 126 127 foreach ($columns as $column) { 128 $string[$column] = get_string("$column"); 129 if ($sort != $column) { 130 $columnicon = ""; 131 if ($column == "lastaccess") { 132 $columndir = "DESC"; 133 } else { 134 $columndir = "ASC"; 135 } 136 } else { 137 $columndir = $dir == "ASC" ? "DESC":"ASC"; 138 if ($column == "lastaccess") { 139 $columnicon = $dir == "ASC" ? "up":"down"; 140 } else { 141 $columnicon = $dir == "ASC" ? "down":"up"; 142 } 143 $columnicon = " <img src=\"$CFG->pixpath/t/$columnicon.gif\" alt=\"\" />"; 144 145 } 146 $$column = "<a href=\"user.php?sort=$column&dir=$columndir\">".$string[$column]."</a>$columnicon"; 147 } 148 149 if ($sort == "name") { 150 $sort = "firstname"; 151 } 152 153 $extrasql = $ufiltering->get_sql_filter(); 154 $users = get_users_listing($sort, $dir, $page*$perpage, $perpage, '', '', '', $extrasql); 155 $usercount = get_users(false); 156 $usersearchcount = get_users(false, '', true, "", "", '', '', '', '', '*', $extrasql); 157 158 if ($extrasql !== '') { 159 print_heading("$usersearchcount / $usercount ".get_string('users')); 160 $usercount = $usersearchcount; 161 } else { 162 print_heading("$usercount ".get_string('users')); 163 } 164 165 $alphabet = explode(',', get_string('alphabet')); 166 $strall = get_string('all'); 167 168 print_paging_bar($usercount, $page, $perpage, 169 "user.php?sort=$sort&dir=$dir&perpage=$perpage&"); 170 171 flush(); 172 173 174 if (!$users) { 175 $match = array(); 176 print_heading(get_string('nousersfound')); 177 178 $table = NULL; 179 180 } else { 181 182 $countries = get_list_of_countries(); 183 if (empty($mnethosts)) { 184 $mnethosts = get_records('mnet_host', '', '', 'id', 'id,wwwroot,name'); 185 } 186 187 foreach ($users as $key => $user) { 188 if (!empty($user->country)) { 189 $users[$key]->country = $countries[$user->country]; 190 } 191 } 192 if ($sort == "country") { // Need to resort by full country name, not code 193 foreach ($users as $user) { 194 $susers[$user->id] = $user->country; 195 } 196 asort($susers); 197 foreach ($susers as $key => $value) { 198 $nusers[] = $users[$key]; 199 } 200 $users = $nusers; 201 } 202 203 $mainadmin = get_admin(); 204 205 $override = new object(); 206 $override->firstname = 'firstname'; 207 $override->lastname = 'lastname'; 208 $fullnamelanguage = get_string('fullnamedisplay', '', $override); 209 if (($CFG->fullnamedisplay == 'firstname lastname') or 210 ($CFG->fullnamedisplay == 'firstname') or 211 ($CFG->fullnamedisplay == 'language' and $fullnamelanguage == 'firstname lastname' )) { 212 $fullnamedisplay = "$firstname / $lastname"; 213 } else { // ($CFG->fullnamedisplay == 'language' and $fullnamelanguage == 'lastname firstname') 214 $fullnamedisplay = "$lastname / $firstname"; 215 } 216 $table->head = array ($fullnamedisplay, $email, $city, $country, $lastaccess, "", "", ""); 217 $table->align = array ("left", "left", "left", "left", "left", "center", "center", "center"); 218 $table->width = "95%"; 219 foreach ($users as $user) { 220 if ($user->username == 'guest') { 221 continue; // do not dispaly dummy new user and guest here 222 } 223 224 if ($user->id == $USER->id) { 225 $deletebutton = ""; 226 } else { 227 if (has_capability('moodle/user:delete', $sitecontext)) { 228 $deletebutton = "<a href=\"user.php?delete=$user->id&sesskey=$USER->sesskey\">$strdelete</a>"; 229 } else { 230 $deletebutton =""; 231 } 232 } 233 234 if (has_capability('moodle/user:update', $sitecontext) and ($user->id==$USER->id or $user->id != $mainadmin->id) and !is_mnet_remote_user($user)) { 235 $editbutton = "<a href=\"$securewwwroot/user/editadvanced.php?id=$user->id&course=$site->id\">$stredit</a>"; 236 if ($user->confirmed == 0) { 237 $confirmbutton = "<a href=\"user.php?confirmuser=$user->id&sesskey=$USER->sesskey\">" . get_string('confirm') . "</a>"; 238 } else { 239 $confirmbutton = ""; 240 } 241 } else { 242 $editbutton =""; 243 if ($user->confirmed == 0) { 244 $confirmbutton = "<span class=\"dimmed_text\">".get_string('confirm')."</span>"; 245 } else { 246 $confirmbutton = ""; 247 } 248 } 249 250 // for remote users, shuffle columns around and display MNET stuff 251 if (is_mnet_remote_user($user)) { 252 $accessctrl = 'allow'; 253 if ($acl = get_record('mnet_sso_access_control', 'username', $user->username, 'mnet_host_id', $user->mnethostid)) { 254 $accessctrl = $acl->accessctrl; 255 } 256 $changeaccessto = ($accessctrl == 'deny' ? 'allow' : 'deny'); 257 // delete button in confirm column - remote users should already be confirmed 258 // TODO: no delete for remote users, for now. new userid, delete flag, unique on username/host... 259 $confirmbutton = ""; 260 // ACL in delete column 261 $deletebutton = get_string($accessctrl, 'mnet'); 262 if (has_capability('moodle/user:delete', $sitecontext)) { 263 // TODO: this should be under a separate capability 264 $deletebutton .= " (<a href=\"?acl={$user->id}&accessctrl=$changeaccessto&sesskey={$USER->sesskey}\">" 265 . get_string($changeaccessto, 'mnet') . " access</a>)"; 266 } 267 // mnet info in edit column 268 if (isset($mnethosts[$user->mnethostid])) { 269 $editbutton = $mnethosts[$user->mnethostid]->name; 270 } 271 } 272 273 if ($user->lastaccess) { 274 $strlastaccess = format_time(time() - $user->lastaccess); 275 } else { 276 $strlastaccess = get_string('never'); 277 } 278 $fullname = fullname($user, true); 279 280 $table->data[] = array ("<a href=\"../user/view.php?id=$user->id&course=$site->id\">$fullname</a>", 281 "$user->email", 282 "$user->city", 283 "$user->country", 284 $strlastaccess, 285 $editbutton, 286 $deletebutton, 287 $confirmbutton); 288 } 289 } 290 291 // add filters 292 $ufiltering->display_add(); 293 $ufiltering->display_active(); 294 295 if (has_capability('moodle/user:create', $sitecontext)) { 296 print_heading('<a href="'.$securewwwroot.'/user/editadvanced.php?id=-1">'.get_string('addnewuser').'</a>'); 297 } 298 if (!empty($table)) { 299 print_table($table); 300 print_paging_bar($usercount, $page, $perpage, 301 "user.php?sort=$sort&dir=$dir&perpage=$perpage&"); 302 if (has_capability('moodle/user:create', $sitecontext)) { 303 print_heading('<a href="'.$securewwwroot.'/user/editadvanced.php?id=-1">'.get_string('addnewuser').'</a>'); 304 } 305 } 306 307 admin_externalpage_print_footer(); 308 309 310 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Jan 14 11:33:29 2009 | Cross-referenced by PHPXref 0.7 |