search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
MDL-10496:
[moodle-linuxchix.git] / user / view.php
blob86836ee4e3ed18a8a0655121b3e825e7f9250f26
1 <?PHP // $Id$
2
3 // Display profile for a particular user
4
5 require_once("../config.php");
6 require_once($CFG->dirroot.'/user/profile/lib.php');
7 $id = optional_param('id', 0, PARAM_INT); // user id
8 $course = optional_param('course', SITEID, PARAM_INT); // course id (defaults to Site)
9 $enable = optional_param('enable', ''); // enable email
10 $disable = optional_param('disable', ''); // disable email
11
12 if (empty($id)) { // See your own profile by default
13 require_login();
14 $id = $USER->id;
15 }
16
17 if (! $user = get_record("user", "id", $id) ) {
18 error("No such user in this course");
19 }
20
21 if (! $course = get_record("course", "id", $course) ) {
22 error("No such course id");
23 }
24
25 /// Make sure the current user is allowed to see this user
26
27 if (empty($USER->id)) {
28 $currentuser = false;
29 } else {
30 $currentuser = ($user->id == $USER->id);
31 }
32
33 if ($course->id == SITEID) {
34 $coursecontext = get_context_instance(CONTEXT_SYSTEM); // SYSTEM context
35 } else {
36 $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id); // Course context
37 }
38 $usercontext = get_context_instance(CONTEXT_USER, $user->id); // User context
39 $systemcontext = get_context_instance(CONTEXT_SYSTEM); // SYSTEM context
40
41 if (!empty($CFG->forcelogin) || $course->id != SITEID) {
42 // do not force parents to enrol
43 if (!get_record('role_assignments', 'userid', $USER->id, 'contextid', $usercontext->id)) {
44 require_login($course->id);
45 }
46 }
47
48 // make sure user can view this student's profile
49 if ($USER->id != $user->id
50 && !has_capability('moodle/user:viewdetails', $coursecontext)
51 && !has_capability('moodle/user:viewdetails', $usercontext)) {
52 error('You can not view the profile of this user');
53 }
54
55 if (!empty($CFG->forceloginforprofiles)) {
56 require_login();
57 if (isguest()) {
58 redirect("$CFG->wwwroot/login/index.php");
59 }
60 }
61
62 $strpersonalprofile = get_string('personalprofile');
63 $strparticipants = get_string("participants");
64 $struser = get_string("user");
65
66 $fullname = fullname($user, has_capability('moodle/site:viewfullnames', $coursecontext));
67
68 /// If the user being shown is not ourselves, then make sure we are allowed to see them!
69
70 if (!$currentuser) {
71 if ($course->id == SITEID) { // Reduce possibility of "browsing" userbase at site level
72 if ($CFG->forceloginforprofiles and !isteacherinanycourse() and !isteacherinanycourse($user->id) and !has_capability('moodle/user:viewdetails', $usercontext)) { // Teachers can browse and be browsed at site level. If not forceloginforprofiles, allow access (bug #4366)
73 print_header("$strpersonalprofile: ", "$strpersonalprofile: ",
74 "<a href=\"index.php?id=$course->id\">$strparticipants</a> -> $struser",
75 "", "", true, "&nbsp;", navmenu($course));
76 print_heading(get_string('usernotavailable', 'error'));
77 print_footer($course);
78 exit;
79 }
80 } else { // Normal course
81 if (!has_capability('moodle/course:view', $coursecontext, $user->id, false)) {
82 if (has_capability('moodle/course:view', $coursecontext)) {
83 print_header("$strpersonalprofile: ", "$strpersonalprofile: ",
84 "<a href=\"../course/view.php?id=$course->id\">$course->shortname</a> ->
85 <a href=\"index.php?id=$course->id\">$strparticipants</a> -> $fullname",
86 "", "", true, "&nbsp;", navmenu($course));
87 print_heading(get_string('notenrolled', '', $fullname));
88 } else {
89 print_header("$strpersonalprofile: ", "$strpersonalprofile: ",
90 "<a href=\"../course/view.php?id=$course->id\">$course->shortname</a> ->
91 <a href=\"index.php?id=$course->id\">$strparticipants</a> -> $struser",
92 "", "", true, "&nbsp;", navmenu($course));
93 print_heading(get_string('notenrolledprofile'));
94 }
95 print_continue($_SERVER['HTTP_REFERER']);
96 print_footer($course);
97 exit;
98 }
99 }
100
101
102 // If groups are in use, make sure we can see that group
103 if (groupmode($course) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $coursecontext)) {
104 require_login();
105
106 ///this is changed because of mygroupid
107 $gtrue = (bool)groups_get_groups_for_user($user->id, $course->id);
108 /*TODO: $gtrue = false;
109 if ($mygroups = mygroupid($course->id)){
110 foreach ($mygroups as $group){
111 if (ismember($group, $user->id)){
112 $gtrue = true;
113 }
114 }
115 }*/
116 if (!$gtrue) {
117 print_header("$strpersonalprofile: ", "$strpersonalprofile: ",
118 "<a href=\"../course/view.php?id=$course->id\">$course->shortname</a> ->
119 <a href=\"index.php?id=$course->id\">$strparticipants</a>",
120 "", "", true, "&nbsp;", navmenu($course));
121 error(get_string("groupnotamember"), "../course/view.php?id=$course->id");
122 }
123 }
124 }
125
126
127 /// We've established they can see the user's name at least, so what about the rest?
128
129 if ($course->id != SITEID) {
130 print_header("$strpersonalprofile: $fullname", "$strpersonalprofile: $fullname",
131 "<a href=\"../course/view.php?id=$course->id\">$course->shortname</a> ->
132 <a href=\"index.php?id=$course->id\">$strparticipants</a> -> $fullname",
133 "", "", true, "&nbsp;", navmenu($course));
134 } else {
135 print_header("$course->fullname: $strpersonalprofile: $fullname", $course->fullname,
136 "$fullname", "", "", true, "&nbsp;", navmenu($course));
137 }
138
139
140 if (($course->id != SITEID) and ! isguest() ) { // Need to have access to a course to see that info
141 if (!has_capability('moodle/course:view', $coursecontext, $user->id)) {
142 print_heading(get_string('notenrolled', '', $fullname));
143 print_footer($course);
144 die;
145 }
146 }
147
148 if ($user->deleted) {
149 print_heading(get_string('userdeleted'));
150 }
151
152 /// OK, security out the way, now we are showing the user
153
154 add_to_log($course->id, "user", "view", "view.php?id=$user->id&course=$course->id", "$user->id");
155
156 if ($course->id != SITEID) {
157 if ($lastaccess = get_record('user_lastaccess', 'userid', $user->id, 'courseid', $course->id)) {
158 $user->lastaccess = $lastaccess->timeaccess;
159 }
160 }
161
162
163 /// Get the hidden field list
164 if (has_capability('moodle/user:viewhiddendetails', $coursecontext)) {
165 $hiddenfields = array();
166 } else {
167 $hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields));
168 }
169
170 /// Print tabs at top
171 /// This same call is made in:
172 /// /user/view.php
173 /// /user/edit.php
174 /// /course/user.php
175
176 $currenttab = 'profile';
177 $showroles = 1;
178 include('tabs.php');
179
180 if (is_mnet_remote_user($user)) {
181 $sql = "
182 SELECT DISTINCT
183 h.id,
184 h.name,
185 a.name as application,
186 a.display_name
187 FROM
188 {$CFG->prefix}mnet_host h,
189 {$CFG->prefix}mnet_application a
190 WHERE
191 h.id = '{$user->mnethostid}' AND
192 h.applicationid = a.id
193 ORDER BY
194 a.display_name,
195 h.name";
196
197 $remotehost = get_record_sql($sql);
198
199 echo '<p class="errorboxcontent">'.get_string('remote'.$remotehost->application.'user')." <br />\n";
200 if ($remotehost->application =='moodle') {
201 echo "Remote {$remotehost->display_name}: <a href=\"{$remotehost->wwwroot}/user/edit.php\">{$remotehost->name}</a> ".get_string('editremoteprofile')." </p>\n";
202 } else {
203 echo "Remote {$remotehost->display_name}: <a href=\"{$remotehost->wwwroot}/\">{$remotehost->name}</a> ".get_string('gotoyourserver')." </p>\n";
204 }
205 }
206
207 echo '<table width="80%" class="userinfobox" summary="">';
208 echo '<tr>';
209 echo '<td class="side">';
210 print_user_picture($user->id, $course->id, $user->picture, true, false, false);
211 echo '</td><td class="content">';
212
213 // Print the description
214
215 if ($user->description && !isset($hiddenfields['description'])) {
216 echo format_text($user->description, FORMAT_MOODLE)."<hr />";
217 }
218
219 // Print all the little details in a list
220
221 echo '<table class="list">';
222
223 if (($user->city or $user->country) and (!isset($hiddenfields['city']) or !isset($hiddenfields['country']))) {
224 $location = '';
225 if ($user->city && !isset($hiddenfields['city'])) {
226 $location .= $user->city;
227 }
228 if (!empty($countries[$user->country]) && !isset($hiddenfields['country'])) {
229 if ($user->city && !isset($hiddenfields['country'])) {
230 $location .= ', ';
231 }
232 $countries = get_list_of_countries();
233 $location .= $countries[$user->country];
234 }
235 print_row(get_string("city").":", $location);
236 }
237
238 if (has_capability('moodle/user:viewhiddendetails', $coursecontext)) {
239 if ($user->address) {
240 print_row(get_string("address").":", "$user->address");
241 }
242 if ($user->phone1) {
243 print_row(get_string("phone").":", "$user->phone1");
244 }
245 if ($user->phone2) {
246 print_row(get_string("phone").":", "$user->phone2");
247 }
248 }
249
250 if ($user->maildisplay == 1 or
251 ($user->maildisplay == 2 and ($course->id != SITEID) and !isguest()) or
252 has_capability('moodle/course:useremail', $coursecontext)) {
253
254 $emailswitch = '';
255
256 if (has_capability('moodle/course:useremail', $coursecontext) or $currentuser) { /// Can use the enable/disable email stuff
257 if (!empty($enable)) { /// Recieved a parameter to enable the email address
258 set_field('user', 'emailstop', 0, 'id', $user->id);
259 $user->emailstop = 0;
260 }
261 if (!empty($disable)) { /// Recieved a parameter to disable the email address
262 set_field('user', 'emailstop', 1, 'id', $user->id);
263 $user->emailstop = 1;
264 }
265 }
266
267 if (has_capability('moodle/course:useremail', $coursecontext)) { /// Can use the enable/disable email stuff
268 if ($user->emailstop) {
269 $switchparam = 'enable';
270 $switchtitle = get_string('emaildisable');
271 $switchclick = get_string('emailenableclick');
272 $switchpix = 'emailno.gif';
273 } else {
274 $switchparam = 'disable';
275 $switchtitle = get_string('emailenable');
276 $switchclick = get_string('emaildisableclick');
277 $switchpix = 'email.gif';
278 }
279 $emailswitch = "&nbsp;<a title=\"$switchclick\" ".
280 "href=\"view.php?id=$user->id&amp;course=$course->id&amp;$switchparam=1\">".
281 "<img src=\"$CFG->pixpath/t/$switchpix\" alt=\"$switchclick\" /></a>";
282
283 } else if ($currentuser) { /// Can only re-enable an email this way
284 if ($user->emailstop) { // Include link that tells how to re-enable their email
285 $switchparam = 'enable';
286 $switchtitle = get_string('emaildisable');
287 $switchclick = get_string('emailenableclick');
288
289 $emailswitch = "&nbsp;(<a title=\"$switchclick\" ".
290 "href=\"view.php?id=$user->id&amp;course=$course->id&amp;enable=1\">$switchtitle</a>)";
291 }
292 }
293
294 print_row(get_string("email").":", obfuscate_mailto($user->email, '', $user->emailstop)."$emailswitch");
295 }
296
297 if ($user->url && !isset($hiddenfields['webpage'])) {
298 print_row(get_string("webpage").":", "<a href=\"$user->url\">$user->url</a>");
299 }
300
301 if ($user->icq && !isset($hiddenfields['icqnumber'])) {
302 print_row(get_string('icqnumber').':',"<a href=\"http://web.icq.com/wwp?uin=$user->icq\">$user->icq <img src=\"http://web.icq.com/whitepages/online?icq=$user->icq&amp;img=5\" alt=\"\" /></a>");
303 }
304
305 if ($user->skype && !isset($hiddenfields['skypeid'])) {
306 print_row(get_string('skypeid').':','<a href="callto:'.urlencode($user->skype).'">'.s($user->skype).
307 ' <img src="http://mystatus.skype.com/smallicon/'.urlencode($user->skype).'" alt="'.get_string('status').'" '.
308 ' /></a>');
309 }
310 if ($user->yahoo && !isset($hiddenfields['yahooid'])) {
311 print_row(get_string('yahooid').':', '<a href="http://edit.yahoo.com/config/send_webmesg?.target='.urlencode($user->yahoo).'&amp;.src=pg">'.s($user->yahoo)." <img src=\"http://opi.yahoo.com/online?u=".urlencode($user->yahoo)."&m=g&t=0\" alt=\"\"></a>");
312 }
313 if ($user->aim && !isset($hiddenfields['aimid'])) {
314 print_row(get_string('aimid').':', '<a href="aim:goim?screenname='.s($user->aim).'">'.s($user->aim).'</a>');
315 }
316 if ($user->msn && !isset($hiddenfields['msnid'])) {
317 print_row(get_string('msnid').':', s($user->msn));
318 }
319
320 /// Print the Custom User Fields
321 profile_display_fields($user->id);
322
323
324 if ($mycourses = get_my_courses($user->id,'visible DESC,sortorder ASC', null, false, 21)) {
325 $shown=0;
326 $courselisting = '';
327 foreach ($mycourses as $mycourse) {
328 if ($mycourse->visible and $mycourse->category) {
329 if ($mycourse->id != $course->id){
330 $courselisting .= "<a href=\"$CFG->wwwroot/user/view.php?id=$user->id&amp;course=$mycourse->id\">"
331 . format_string($mycourse->fullname) . "</a>, ";
332 }
333 else {
334 $courselisting .= format_string($mycourse->fullname) . ", ";
335 }
336 }
337 $shown++;
338 if($shown==20) {
339 $courselisting.= "...";
340 break;
341 }
342 }
343 print_row(get_string('courses').':', rtrim($courselisting,', '));
344 }
345
346 if (!isset($hiddenfields['lastaccess'])) {
347 if ($user->lastaccess) {
348 $datestring = userdate($user->lastaccess)."&nbsp; (".format_time(time() - $user->lastaccess).")";
349 } else {
350 $datestring = get_string("never");
351 }
352 print_row(get_string("lastaccess").":", $datestring);
353 }
354 /// printing roles
355
356 if ($rolestring = get_user_roles_in_context($id, $coursecontext->id)) {
357 print_row(get_string('roles').':', format_string($rolestring, false));
358 }
359
360 /// Printing groups
361 $isseparategroups = ($course->groupmode == SEPARATEGROUPS and $course->groupmodeforce and
362 !has_capability('moodle/site:accessallgroups', $coursecontext));
363 if (!$isseparategroups){
364 if ($usergroups = user_group($course->id, $user->id)){
365 $groupstr = '';
366 foreach ($usergroups as $group){
367 $groupstr .= ' <a href="'.$CFG->wwwroot.'/user/index.php?id='.$course->id.'&amp;group='.$group->id.'">'.$group->name.'</a>,';
368 }
369 print_row(get_string("group").":", rtrim($groupstr, ', '));
370 }
371 }
372 /// End of printing groups
373
374 echo "</table>";
375
376 echo "</td></tr></table>";
377
378 $userauth = get_auth_plugin($user->auth);
379
380 $passwordchangeurl = false;
381 if ($currentuser and $userauth->can_change_password() and !isguestuser() and has_capability('moodle/user:changeownpassword', $systemcontext)) {
382 if (!$passwordchangeurl = $userauth->change_password_url()) {
383 if (empty($CFG->loginhttps)) {
384 $passwordchangeurl = "$CFG->wwwroot/login/change_password.php";
385 } else {
386 $passwordchangeurl = str_replace('http:', 'https:', $CFG->wwwroot.'/login/change_password.php');
387 }
388 }
389 }
390
391 // Print other functions
392 echo '<div class="buttons">';
393
394 if ($passwordchangeurl) {
395 $params = array('id'=>$course->id);
396
397 if (!empty($USER->realuser)) {
398 $passwordchangeurl = ''; // do not use actual change password url - might contain sensitive data
399 } else {
400 $parts = explode('?', $passwordchangeurl);
401 $passwordchangeurl = reset($parts);
402 $after = next($parts);
403 preg_match_all('/([^&=]+)=([^&=]+)/', $after, $matches);
404 if (count($matches)) {
405 foreach($matches[0] as $key=>$match) {
406 $params[$matches[1][$key]] = $matches[2][$key];
407 }
408 }
409 }
410 echo "<form action=\"$passwordchangeurl\" method=\"get\">";
411 echo "<div>";
412 foreach($params as $key=>$value) {
413 echo '<input type="hidden" name="'.$key.'" value="'.s($value).'" />';
414 }
415 if (!empty($USER->realuser)) {
416 // changing of password when "Logged in as" is not allowed
417 echo "<input type=\"submit\" value=\"".get_string("changepassword")."\" disabled=\"disabled\" />";
418 } else {
419 echo "<input type=\"submit\" value=\"".get_string("changepassword")."\" />";
420 }
421 echo "</div>";
422 echo "</form>";
423 }
424
425 if ($course->id != SITEID && empty($course->metacourse)) { // Mostly only useful at course level
426
427 if (($user->id == $USER->id && // Myself
428 has_capability('moodle/course:view', $coursecontext, NULL) && // Course participant
429 has_capability('moodle/role:unassignself', $coursecontext, NULL, false)) // Can unassign myself
430 ||
431 (has_capability('moodle/role:assign', $coursecontext, NULL) && // I can assign roles
432 get_user_roles($coursecontext, $user->id)) ) { // This user has roles
433
434 echo '<form action="../course/unenrol.php" method="get">';
435 echo "<div>";
436 echo '<input type="hidden" name="id" value="'.$course->id.'" />';
437 echo '<input type="hidden" name="user" value="'.$user->id.'" />';
438 echo '<input type="submit" value="'.get_string('unenrolme', '', $course->shortname).'" />';
439 echo "</div>";
440 echo '</form>';
441 }
442 }
443
444 if ($USER->id != $user->id && empty($USER->realuser) && has_capability('moodle/user:loginas', $coursecontext) &&
445 ! has_capability('moodle/site:doanything', $coursecontext, $user->id, false)) {
446 echo '<form action="'.$CFG->wwwroot.'/course/loginas.php" method="get">';
447 echo "<div>";
448 echo '<input type="hidden" name="id" value="'.$course->id.'" />';
449 echo '<input type="hidden" name="user" value="'.$user->id.'" />';
450 echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
451 echo '<input type="submit" value="'.get_string('loginas').'" />';
452 echo "</div>";
453 echo '</form>';
454 }
455
456 if (!empty($CFG->messaging) and !isguest()) {
457 if (!empty($USER->id) and ($USER->id == $user->id)) {
458 if ($countmessages = count_records('message', 'useridto', $user->id)) {
459 $messagebuttonname = get_string("messages", "message")."($countmessages)";
460 } else {
461 $messagebuttonname = get_string("messages", "message");
462 }
463 echo "<form onclick=\"this.target='message'\" action=\"../message/index.php\" method=\"get\">";
464 echo "<div>";
465 echo "<input type=\"submit\" value=\"$messagebuttonname\" onclick=\"return openpopup('/message/index.php', 'message', 'menubar=0,location=0,scrollbars,status,resizable,width=400,height=500', 0);\" />";
466 echo "</div>";
467 echo "</form>";
468 } else {
469 echo "<form onclick=\"this.target='message$user->id'\" action=\"../message/discussion.php\" method=\"get\">";
470 echo "<div>";
471 echo "<input type=\"hidden\" name=\"id\" value=\"$user->id\" />";
472 echo "<input type=\"submit\" value=\"".get_string("sendmessage", "message")."\" onclick=\"return openpopup('/message/discussion.php?id=$user->id', 'message_$user->id', 'menubar=0,location=0,scrollbars,status,resizable,width=400,height=500', 0);\" />";
473 echo "</div>";
474 echo "</form>";
475 }
476 }
477 // Authorize.net: User Payments
478 if ($course->enrol == 'authorize' || (empty($course->enrol) && $CFG->enrol == 'authorize')) {
479 echo "<form action=\"../enrol/authorize/index.php\" method=\"get\">";
480 echo "<div>";
481 echo "<input type=\"hidden\" name=\"course\" value=\"$course->id\" />";
482 echo "<input type=\"hidden\" name=\"user\" value=\"$user->id\" />";
483 echo "<input type=\"submit\" value=\"".get_string('payments')."\" />";
484 echo "</div>";
485 echo "</form>";
486 }
487 echo "</div>\n";
488
489 if ($CFG->debugdisplay && debugging('', DEBUG_DEVELOPER) && $USER->id == $user->id) { // Show user object
490 echo '<hr />';
491 print_heading('DEBUG MODE: User session variables');
492 print_object($USER);
493 }
494
495 print_footer($course);
496
497 /// Functions ///////
498
499 function print_row($left, $right) {
500 echo "\n<tr><td class=\"label c0\">$left</td><td class=\"info c1\">$right</td></tr>\n";
501 }
502
503 ?>
Moodle Repo, with LinuxChix modifications