Merge commit 'catalyst/MOODLE_19_STABLE' into mdl19-linuxchix
[moodle-linuxchix.git] / admin / user.php
blob3a7b1f99f2b08fb908dcf975844639fe920fa855
1 <?php // $Id$
3 require_once('../config.php');
4 require_once($CFG->libdir.'/adminlib.php');
5 require_once($CFG->dirroot.'/user/filters/lib.php');
7 $delete = optional_param('delete', 0, PARAM_INT);
8 $confirm = optional_param('confirm', '', PARAM_ALPHANUM); //md5 confirmation hash
9 $confirmuser = optional_param('confirmuser', 0, PARAM_INT);
10 $sort = optional_param('sort', 'name', PARAM_ALPHA);
11 $dir = optional_param('dir', 'ASC', PARAM_ALPHA);
12 $page = optional_param('page', 0, PARAM_INT);
13 $perpage = optional_param('perpage', 30, PARAM_INT); // how many per page
14 $ru = optional_param('ru', '2', PARAM_INT); // show remote users
15 $lu = optional_param('lu', '2', PARAM_INT); // show local users
16 $acl = optional_param('acl', '0', PARAM_INT); // id of user to tweak mnet ACL (requires $access)
19 admin_externalpage_setup('editusers');
21 $sitecontext = get_context_instance(CONTEXT_SYSTEM);
22 $site = get_site();
24 if (!has_capability('moodle/user:update', $sitecontext) and !has_capability('moodle/user:delete', $sitecontext)) {
25 error('You do not have the required permission to edit/delete users.');
28 $stredit = get_string('edit');
29 $strdelete = get_string('delete');
30 $strdeletecheck = get_string('deletecheck');
31 $strshowallusers = get_string('showallusers');
33 if (empty($CFG->loginhttps)) {
34 $securewwwroot = $CFG->wwwroot;
35 } else {
36 $securewwwroot = str_replace('http:','https:',$CFG->wwwroot);
39 admin_externalpage_print_header();
41 if ($confirmuser and confirm_sesskey()) {
42 if (!$user = get_record('user', 'id', $confirmuser)) {
43 error("No such user!", '', true);
46 $auth = get_auth_plugin($user->auth);
48 $result = $auth->user_confirm(addslashes($user->username), addslashes($user->secret));
50 if ($result == AUTH_CONFIRM_OK or $result == AUTH_CONFIRM_ALREADY) {
51 notify(get_string('userconfirmed', '', fullname($user, true)) );
52 } else {
53 notify(get_string('usernotconfirmed', '', fullname($user, true)));
56 } else if ($delete and confirm_sesskey()) { // Delete a selected user, after confirmation
58 if (!has_capability('moodle/user:delete', $sitecontext)) {
59 error('You do not have the required permission to delete a user.');
62 if (!$user = get_record('user', 'id', $delete)) {
63 error("No such user!", '', true);
66 if (is_primary_admin($user->id)) {
67 error("You are not allowed to delete the primary admin user!", '', true);
70 if ($confirm != md5($delete)) {
71 $fullname = fullname($user, true);
72 print_heading(get_string('deleteuser', 'admin'));
73 $optionsyes = array('delete'=>$delete, 'confirm'=>md5($delete), 'sesskey'=>sesskey());
74 notice_yesno(get_string('deletecheckfull', '', "'$fullname'"), 'user.php', 'user.php', $optionsyes, NULL, 'post', 'get');
75 admin_externalpage_print_footer();
76 die;
77 } else if (data_submitted() and !$user->deleted) {
78 if (delete_user($user)) {
79 notify(get_string('deletedactivity', '', fullname($user, true)) );
80 } else {
81 notify(get_string('deletednot', '', fullname($user, true)));
84 } else if ($acl and confirm_sesskey()) {
85 if (!has_capability('moodle/user:delete', $sitecontext)) {
86 // TODO: this should be under a separate capability
87 error('You are not permitted to modify the MNET access control list.');
89 if (!$user = get_record('user', 'id', $acl)) {
90 error("No such user.", '', true);
92 if (!is_mnet_remote_user($user)) {
93 error('Users in the MNET access control list must be remote MNET users.');
95 $accessctrl = strtolower(required_param('accessctrl', PARAM_ALPHA));
96 if ($accessctrl != 'allow' and $accessctrl != 'deny') {
97 error('Invalid access parameter.');
99 $aclrecord = get_record('mnet_sso_access_control', 'username', $user->username, 'mnet_host_id', $user->mnethostid);
100 if (empty($aclrecord)) {
101 $aclrecord = new object();
102 $aclrecord->mnet_host_id = $user->mnethostid;
103 $aclrecord->username = $user->username;
104 $aclrecord->accessctrl = $accessctrl;
105 if (!insert_record('mnet_sso_access_control', $aclrecord)) {
106 error("Database error - Couldn't modify the MNET access control list.", '', true);
108 } else {
109 $aclrecord->accessctrl = $accessctrl;
110 if (!update_record('mnet_sso_access_control', $aclrecord)) {
111 error("Database error - Couldn't modify the MNET access control list.", '', true);
114 $mnethosts = get_records('mnet_host', '', '', 'id', 'id,wwwroot,name');
115 notify("MNET access control list updated: username '$user->username' from host '"
116 . $mnethosts[$user->mnethostid]->name
117 . "' access now set to '$accessctrl'.");
120 // create the user filter form
121 $ufiltering = new user_filtering();
123 // Carry on with the user listing
125 $columns = array("firstname", "lastname", "email", "city", "country", "lastaccess");
127 foreach ($columns as $column) {
128 $string[$column] = get_string("$column");
129 if ($sort != $column) {
130 $columnicon = "";
131 if ($column == "lastaccess") {
132 $columndir = "DESC";
133 } else {
134 $columndir = "ASC";
136 } else {
137 $columndir = $dir == "ASC" ? "DESC":"ASC";
138 if ($column == "lastaccess") {
139 $columnicon = $dir == "ASC" ? "up":"down";
140 } else {
141 $columnicon = $dir == "ASC" ? "down":"up";
143 $columnicon = " <img src=\"$CFG->pixpath/t/$columnicon.gif\" alt=\"\" />";
146 $$column = "<a href=\"user.php?sort=$column&amp;dir=$columndir\">".$string[$column]."</a>$columnicon";
149 if ($sort == "name") {
150 $sort = "firstname";
153 $extrasql = $ufiltering->get_sql_filter();
154 $users = get_users_listing($sort, $dir, $page*$perpage, $perpage, '', '', '', $extrasql);
155 $usercount = get_users(false);
156 $usersearchcount = get_users(false, '', true, "", "", '', '', '', '', '*', $extrasql);
158 if ($extrasql !== '') {
159 print_heading("$usersearchcount / $usercount ".get_string('users'));
160 $usercount = $usersearchcount;
161 } else {
162 print_heading("$usercount ".get_string('users'));
165 $alphabet = explode(',', get_string('alphabet'));
166 $strall = get_string('all');
168 print_paging_bar($usercount, $page, $perpage,
169 "user.php?sort=$sort&amp;dir=$dir&amp;perpage=$perpage&amp;");
171 flush();
174 if (!$users) {
175 $match = array();
176 print_heading(get_string('nousersfound'));
178 $table = NULL;
180 } else {
182 $countries = get_list_of_countries();
183 if (empty($mnethosts)) {
184 $mnethosts = get_records('mnet_host', '', '', 'id', 'id,wwwroot,name');
187 foreach ($users as $key => $user) {
188 if (!empty($user->country)) {
189 $users[$key]->country = $countries[$user->country];
192 if ($sort == "country") { // Need to resort by full country name, not code
193 foreach ($users as $user) {
194 $susers[$user->id] = $user->country;
196 asort($susers);
197 foreach ($susers as $key => $value) {
198 $nusers[] = $users[$key];
200 $users = $nusers;
203 $mainadmin = get_admin();
205 $override = new object();
206 $override->firstname = 'firstname';
207 $override->lastname = 'lastname';
208 $fullnamelanguage = get_string('fullnamedisplay', '', $override);
209 if (($CFG->fullnamedisplay == 'firstname lastname') or
210 ($CFG->fullnamedisplay == 'firstname') or
211 ($CFG->fullnamedisplay == 'language' and $fullnamelanguage == 'firstname lastname' )) {
212 $fullnamedisplay = "$firstname / $lastname";
213 } else { // ($CFG->fullnamedisplay == 'language' and $fullnamelanguage == 'lastname firstname')
214 $fullnamedisplay = "$lastname / $firstname";
216 $table->head = array ($fullnamedisplay, $email, $city, $country, $lastaccess, "", "", "");
217 $table->align = array ("left", "left", "left", "left", "left", "center", "center", "center");
218 $table->width = "95%";
219 foreach ($users as $user) {
220 if ($user->username == 'guest') {
221 continue; // do not dispaly dummy new user and guest here
224 if ($user->id == $USER->id) {
225 $deletebutton = "";
226 } else {
227 if (has_capability('moodle/user:delete', $sitecontext)) {
228 $deletebutton = "<a href=\"user.php?delete=$user->id&amp;sesskey=$USER->sesskey\">$strdelete</a>";
229 } else {
230 $deletebutton ="";
234 if (has_capability('moodle/user:update', $sitecontext) and ($user->id==$USER->id or $user->id != $mainadmin->id) and !is_mnet_remote_user($user)) {
235 $editbutton = "<a href=\"$securewwwroot/user/editadvanced.php?id=$user->id&amp;course=$site->id\">$stredit</a>";
236 if ($user->confirmed == 0) {
237 $confirmbutton = "<a href=\"user.php?confirmuser=$user->id&amp;sesskey=$USER->sesskey\">" . get_string('confirm') . "</a>";
238 } else {
239 $confirmbutton = "";
241 } else {
242 $editbutton ="";
243 if ($user->confirmed == 0) {
244 $confirmbutton = "<span class=\"dimmed_text\">".get_string('confirm')."</span>";
245 } else {
246 $confirmbutton = "";
250 // for remote users, shuffle columns around and display MNET stuff
251 if (is_mnet_remote_user($user)) {
252 $accessctrl = 'allow';
253 if ($acl = get_record('mnet_sso_access_control', 'username', $user->username, 'mnet_host_id', $user->mnethostid)) {
254 $accessctrl = $acl->accessctrl;
256 $changeaccessto = ($accessctrl == 'deny' ? 'allow' : 'deny');
257 // delete button in confirm column - remote users should already be confirmed
258 // TODO: no delete for remote users, for now. new userid, delete flag, unique on username/host...
259 $confirmbutton = "";
260 // ACL in delete column
261 $deletebutton = get_string($accessctrl, 'mnet');
262 if (has_capability('moodle/user:delete', $sitecontext)) {
263 // TODO: this should be under a separate capability
264 $deletebutton .= " (<a href=\"?acl={$user->id}&amp;accessctrl=$changeaccessto&amp;sesskey={$USER->sesskey}\">"
265 . get_string($changeaccessto, 'mnet') . " access</a>)";
267 // mnet info in edit column
268 if (isset($mnethosts[$user->mnethostid])) {
269 $editbutton = $mnethosts[$user->mnethostid]->name;
273 if ($user->lastaccess) {
274 $strlastaccess = format_time(time() - $user->lastaccess);
275 } else {
276 $strlastaccess = get_string('never');
278 $fullname = fullname($user, true);
280 $table->data[] = array ("<a href=\"../user/view.php?id=$user->id&amp;course=$site->id\">$fullname</a>",
281 "$user->email",
282 "$user->city",
283 "$user->country",
284 $strlastaccess,
285 $editbutton,
286 $deletebutton,
287 $confirmbutton);
291 // add filters
292 $ufiltering->display_add();
293 $ufiltering->display_active();
295 if (has_capability('moodle/user:create', $sitecontext)) {
296 print_heading('<a href="'.$securewwwroot.'/user/editadvanced.php?id=-1">'.get_string('addnewuser').'</a>');
298 if (!empty($table)) {
299 print_table($table);
300 print_paging_bar($usercount, $page, $perpage,
301 "user.php?sort=$sort&amp;dir=$dir&amp;perpage=$perpage&amp;");
302 if (has_capability('moodle/user:create', $sitecontext)) {
303 print_heading('<a href="'.$securewwwroot.'/user/editadvanced.php?id=-1">'.get_string('addnewuser').'</a>');
307 admin_externalpage_print_footer();