search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fixes bug MDL-9175 "Groups simpletest, fatal errors", also DONOTCOMMIT.
[moodle-pu.git] / user / view.php
blob71eb5204b7678f0090036764c400f51d8c59a0e9
1 <?PHP // $Id$
2
3 // Display profile for a particular user
4
5 require_once("../config.php");
6 $id = optional_param('id', 0, PARAM_INT); // user id
7 $course = optional_param('course', SITEID, PARAM_INT); // course id (defaults to Site)
8 $enable = optional_param('enable', ''); // enable email
9 $disable = optional_param('disable', ''); // disable email
10
11 if (empty($id)) { // See your own profile by default
12 require_login();
13 $id = $USER->id;
14 }
15
16 if (! $user = get_record("user", "id", $id) ) {
17 error("No such user in this course");
18 }
19
20 if (! $course = get_record("course", "id", $course) ) {
21 error("No such course id");
22 }
23
24 /// Make sure the current user is allowed to see this user
25
26 if (empty($USER->id)) {
27 $currentuser = false;
28 } else {
29 $currentuser = ($user->id == $USER->id);
30 }
31
32 if ($course->id == SITEID) {
33 $coursecontext = get_context_instance(CONTEXT_SYSTEM, SITEID); // SYSTEM context
34 } else {
35 $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id); // Course context
36 }
37 $usercontext = get_context_instance(CONTEXT_USER, $user->id); // User context
38
39 if (!empty($CFG->forcelogin) || $course->id != SITEID) {
40 // do not force parents to enrol
41 if (!get_record('role_assignments', 'userid', $USER->id, 'contextid', $usercontext->id)) {
42 require_login($course->id);
43 }
44 }
45
46 // make sure user can view this student's profile
47 if ($USER->id != $user->id
48 && !has_capability('moodle/user:viewdetails', $coursecontext)
49 && !has_capability('moodle/user:viewdetails', $usercontext)) {
50 error('You can not view the profile of this user');
51 }
52
53 if (!empty($CFG->forceloginforprofiles)) {
54 require_login();
55 if (isguest()) {
56 redirect("$CFG->wwwroot/login/index.php");
57 }
58 }
59
60 $strpersonalprofile = get_string('personalprofile');
61 $strparticipants = get_string("participants");
62 $struser = get_string("user");
63
64 $fullname = fullname($user, has_capability('moodle/site:viewfullnames', $coursecontext));
65
66 /// If the user being shown is not ourselves, then make sure we are allowed to see them!
67
68 if (!$currentuser) {
69 if ($course->id == SITEID) { // Reduce possibility of "browsing" userbase at site level
70 if ($CFG->forceloginforprofiles and !isteacherinanycourse() and !isteacherinanycourse($user->id) and !has_capability('moodle/user:viewdetails', $usercontext)) { // Teachers can browse and be browsed at site level. If not forceloginforprofiles, allow access (bug #4366)
71 print_header("$strpersonalprofile: ", "$strpersonalprofile: ",
72 "<a href=\"index.php?id=$course->id\">$strparticipants</a> -> $struser",
73 "", "", true, "&nbsp;", navmenu($course));
74 print_heading(get_string('usernotavailable', 'error'));
75 print_footer($course);
76 exit;
77 }
78 } else { // Normal course
79 if (!has_capability('moodle/course:view', $coursecontext, $user->id, false)) {
80 if (has_capability('moodle/course:view', $coursecontext)) {
81 print_header("$strpersonalprofile: ", "$strpersonalprofile: ",
82 "<a href=\"../course/view.php?id=$course->id\">$course->shortname</a> ->
83 <a href=\"index.php?id=$course->id\">$strparticipants</a> -> $fullname",
84 "", "", true, "&nbsp;", navmenu($course));
85 print_heading(get_string('notenrolled', '', $fullname));
86 } else {
87 print_header("$strpersonalprofile: ", "$strpersonalprofile: ",
88 "<a href=\"../course/view.php?id=$course->id\">$course->shortname</a> ->
89 <a href=\"index.php?id=$course->id\">$strparticipants</a> -> $struser",
90 "", "", true, "&nbsp;", navmenu($course));
91 print_heading(get_string('notenrolledprofile'));
92 }
93 print_continue($_SERVER['HTTP_REFERER']);
94 print_footer($course);
95 exit;
96 }
97 }
98
99
100 // If groups are in use, make sure we can see that group
101 if (groupmode($course) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $coursecontext)) {
102 require_login();
103
104 ///this is changed because of mygroupid
105 $gtrue = (bool)groups_get_groups_for_user($user->id, $course->id);
106 /*TODO: $gtrue = false;
107 if ($mygroups = mygroupid($course->id)){
108 foreach ($mygroups as $group){
109 if (ismember($group, $user->id)){
110 $gtrue = true;
111 }
112 }
113 }*/
114 if (!$gtrue) {
115 print_header("$strpersonalprofile: ", "$strpersonalprofile: ",
116 "<a href=\"../course/view.php?id=$course->id\">$course->shortname</a> ->
117 <a href=\"index.php?id=$course->id\">$strparticipants</a>",
118 "", "", true, "&nbsp;", navmenu($course));
119 error(get_string("groupnotamember"), "../course/view.php?id=$course->id");
120 }
121 }
122 }
123
124
125 /// We've established they can see the user's name at least, so what about the rest?
126
127 if ($course->id != SITEID) {
128 print_header("$strpersonalprofile: $fullname", "$strpersonalprofile: $fullname",
129 "<a href=\"../course/view.php?id=$course->id\">$course->shortname</a> ->
130 <a href=\"index.php?id=$course->id\">$strparticipants</a> -> $fullname",
131 "", "", true, "&nbsp;", navmenu($course));
132 } else {
133 print_header("$course->fullname: $strpersonalprofile: $fullname", $course->fullname,
134 "$fullname", "", "", true, "&nbsp;", navmenu($course));
135 }
136
137
138 if (($course->id != SITEID) and ! isguest() ) { // Need to have access to a course to see that info
139 if (!has_capability('moodle/course:view', $coursecontext, $user->id)) {
140 print_heading(get_string('notenrolled', '', $fullname));
141 print_footer($course);
142 die;
143 }
144 }
145
146 if ($user->deleted) {
147 print_heading(get_string('userdeleted'));
148 }
149
150 /// OK, security out the way, now we are showing the user
151
152 add_to_log($course->id, "user", "view", "view.php?id=$user->id&course=$course->id", "$user->id");
153
154 if ($course->id != SITEID) {
155 if ($lastaccess = get_record('user_lastaccess', 'userid', $user->id, 'courseid', $course->id)) {
156 $user->lastaccess = $lastaccess->timeaccess;
157 }
158 }
159
160
161 /// Get the hidden field list
162 if (has_capability('moodle/user:viewhiddendetails', $coursecontext)) {
163 $hiddenfields = array();
164 } else {
165 $hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields));
166 }
167
168 /// Print tabs at top
169 /// This same call is made in:
170 /// /user/view.php
171 /// /user/edit.php
172 /// /course/user.php
173
174 $currenttab = 'profile';
175 $showroles = 1;
176 include('tabs.php');
177
178 if (is_mnet_remote_user($user)) {
179 echo "<p class=\"errorboxcontent\">This profile is for a remote user from another Moodle system. <br />\n";
180 $remotehost = get_record('mnet_host', 'id', $user->mnethostid);
181 echo "Remote Moodle: <a href=\"{$remotehost->wwwroot}/user/edit.php\">{$remotehost->name}</a> (click here to edit your profile on the remote server) </p>\n";
182 }
183
184 echo '<table width="80%" class="userinfobox" summary="">';
185 echo '<tr>';
186 echo '<td class="side">';
187 print_user_picture($user->id, $course->id, $user->picture, true, false, false);
188 echo '</td><td class="content">';
189
190 // Print the description
191
192 if ($user->description && !isset($hiddenfields['description'])) {
193 echo format_text($user->description, FORMAT_MOODLE)."<hr />";
194 }
195
196 // Print all the little details in a list
197
198 echo '<table class="list">';
199
200 if (($user->city or $user->country) and (!isset($hiddenfields['city']) or !isset($hiddenfields['country']))) {
201 $location = '';
202 if ($user->city && !isset($hiddenfields['city'])) {
203 $location .= $user->city;
204 }
205 if (!empty($countries[$user->country]) && !isset($hiddenfields['country'])) {
206 if ($user->city && !isset($hiddenfields['country'])) {
207 $location .= ', ';
208 }
209 $countries = get_list_of_countries();
210 $location .= $countries[$user->country];
211 }
212 print_row(get_string("location").":", $location);
213 }
214
215 if (has_capability('moodle/user:viewhiddendetails', $coursecontext)) {
216 if ($user->address) {
217 print_row(get_string("address").":", "$user->address");
218 }
219 if ($user->phone1) {
220 print_row(get_string("phone").":", "$user->phone1");
221 }
222 if ($user->phone2) {
223 print_row(get_string("phone").":", "$user->phone2");
224 }
225 }
226
227 if ($user->maildisplay == 1 or
228 ($user->maildisplay == 2 and ($course->id != SITEID) and !isguest()) or
229 has_capability('moodle/course:useremail', $coursecontext)) {
230
231 $emailswitch = '';
232
233 if (has_capability('moodle/course:useremail', $coursecontext) or $currentuser) { /// Can use the enable/disable email stuff
234 if (!empty($enable)) { /// Recieved a parameter to enable the email address
235 set_field('user', 'emailstop', 0, 'id', $user->id);
236 $user->emailstop = 0;
237 }
238 if (!empty($disable)) { /// Recieved a parameter to disable the email address
239 set_field('user', 'emailstop', 1, 'id', $user->id);
240 $user->emailstop = 1;
241 }
242 }
243
244 if (has_capability('moodle/course:useremail', $coursecontext)) { /// Can use the enable/disable email stuff
245 if ($user->emailstop) {
246 $switchparam = 'enable';
247 $switchtitle = get_string('emaildisable');
248 $switchclick = get_string('emailenableclick');
249 $switchpix = 'emailno.gif';
250 } else {
251 $switchparam = 'disable';
252 $switchtitle = get_string('emailenable');
253 $switchclick = get_string('emaildisableclick');
254 $switchpix = 'email.gif';
255 }
256 $emailswitch = "&nbsp;<a title=\"$switchclick\" ".
257 "href=\"view.php?id=$user->id&amp;course=$course->id&amp;$switchparam=1\">".
258 "<img src=\"$CFG->pixpath/t/$switchpix\" alt=\"$switchclick\" /></a>";
259
260 } else if ($currentuser) { /// Can only re-enable an email this way
261 if ($user->emailstop) { // Include link that tells how to re-enable their email
262 $switchparam = 'enable';
263 $switchtitle = get_string('emaildisable');
264 $switchclick = get_string('emailenableclick');
265
266 $emailswitch = "&nbsp;(<a title=\"$switchclick\" ".
267 "href=\"view.php?id=$user->id&amp;course=$course->id&amp;enable=1\">$switchtitle</a>)";
268 }
269 }
270
271 print_row(get_string("email").":", obfuscate_mailto($user->email, '', $user->emailstop)."$emailswitch");
272 }
273
274 if ($user->url && !isset($hiddenfields['webpage'])) {
275 print_row(get_string("webpage").":", "<a href=\"$user->url\">$user->url</a>");
276 }
277
278 if ($user->icq && !isset($hiddenfields['icqnumber'])) {
279 print_row(get_string('icqnumber').':',"<a href=\"http://web.icq.com/wwp?uin=$user->icq\">$user->icq <img src=\"http://web.icq.com/whitepages/online?icq=$user->icq&amp;img=5\" alt=\"\" /></a>");
280 }
281
282 if ($user->skype && !isset($hiddenfields['skypeid'])) {
283 print_row(get_string('skypeid').':','<a href="callto:'.urlencode($user->skype).'">'.s($user->skype).
284 ' <img src="http://mystatus.skype.com/smallicon/'.urlencode($user->skype).'" alt="'.get_string('status').'" '.
285 ' /></a>');
286 }
287 if ($user->yahoo && !isset($hiddenfields['yahooid'])) {
288 print_row(get_string('yahooid').':', '<a href="http://edit.yahoo.com/config/send_webmesg?.target='.urlencode($user->yahoo).'&amp;.src=pg">'.s($user->yahoo)." <img src=\"http://opi.yahoo.com/online?u=".urlencode($user->yahoo)."&m=g&t=0\" alt=\"\"></a>");
289 }
290 if ($user->aim && !isset($hiddenfields['aimid'])) {
291 print_row(get_string('aimid').':', '<a href="aim:goim?screenname='.s($user->aim).'">'.s($user->aim).'</a>');
292 }
293 if ($user->msn && !isset($hiddenfields['msnid'])) {
294 print_row(get_string('msnid').':', s($user->msn));
295 }
296
297 if ($mycourses = get_my_courses($user->id,'visible DESC,sortorder ASC', '*', false, 21)) {
298 $shown=0;
299 $courselisting = '';
300 foreach ($mycourses as $mycourse) {
301 if ($mycourse->visible and $mycourse->category) {
302 if ($mycourse->id != $course->id){
303 $courselisting .= "<a href=\"$CFG->wwwroot/user/view.php?id=$user->id&amp;course=$mycourse->id\">"
304 . format_string($mycourse->fullname) . "</a>, ";
305 }
306 else {
307 $courselisting .= format_string($mycourse->fullname) . ", ";
308 }
309 }
310 $shown++;
311 if($shown==20) {
312 $courselisting.= "...";
313 break;
314 }
315 }
316 print_row(get_string('courses').':', rtrim($courselisting,', '));
317 }
318
319 if (!isset($hiddenfields['lastaccess'])) {
320 if ($user->lastaccess) {
321 $datestring = userdate($user->lastaccess)."&nbsp; (".format_time(time() - $user->lastaccess).")";
322 } else {
323 $datestring = get_string("never");
324 }
325 print_row(get_string("lastaccess").":", $datestring);
326 }
327 /// printing roles
328
329 if ($rolestring = get_user_roles_in_context($id, $coursecontext->id)) {
330 print_row(get_string('roles').':', $rolestring);
331 }
332
333 /// Printing groups
334 $isseparategroups = ($course->groupmode == SEPARATEGROUPS and $course->groupmodeforce and
335 !has_capability('moodle/site:accessallgroups', $coursecontext));
336 if (!$isseparategroups){
337 if ($usergroups = user_group($course->id, $user->id)){
338 $groupstr = '';
339 foreach ($usergroups as $group){
340 $groupstr .= ' <a href="'.$CFG->wwwroot.'/user/index.php?id='.$course->id.'&amp;group='.$group->id.'">'.$group->name.'</a>,';
341 }
342 print_row(get_string("group").":", rtrim($groupstr, ', '));
343 }
344 }
345 /// End of printing groups
346
347 echo "</table>";
348
349 echo "</td></tr></table>";
350
351 $userauth = get_auth_plugin($user->auth);
352
353 $passwordchangeurl = false;
354 if ($userauth->can_change_password()) {
355 if ($userauth->change_password_url()) {
356 $passwordchangeurl = $userauth->change_password_url();
357 } else {
358 if (empty($CFG->loginhttps)) {
359 $passwordchangeurl = "$CFG->wwwroot/login/change_password.php";
360 } else {
361 $passwordchangeurl = str_replace('http:', 'https:', $CFG->wwwroot.'/login/change_password.php');
362 }
363 }
364 }
365
366 // Print other functions
367 echo '<div class="buttons">';
368
369 if ($currentuser and $passwordchangeurl and !isguest()) { //TODO: add proper capability for password changing
370 echo "<form action=\"$passwordchangeurl\" method=\"get\">";
371 echo "<div>";
372 echo "<input type=\"hidden\" name=\"id\" value=\"$course->id\" />";
373 if (!empty($USER->realuser)) {
374 // changing of password when "Logged in as" is not allowed
375 echo "<input type=\"submit\" value=\"".get_string("changepassword")."\" disabled=\"disabled\" />";
376 } else {
377 echo "<input type=\"submit\" value=\"".get_string("changepassword")."\" />";
378 }
379 echo "</div>";
380 echo "</form>";
381 }
382
383 if ($course->id != SITEID && empty($course->metacourse)) { // Mostly only useful at course level
384
385 if (($user->id == $USER->id && // Myself
386 has_capability('moodle/course:view', $coursecontext, NULL) && // Course participant
387 has_capability('moodle/role:unassignself', $coursecontext, NULL, false)) // Can unassign myself
388 ||
389 (has_capability('moodle/role:assign', $coursecontext, NULL) && // I can assign roles
390 get_user_roles($coursecontext, $user->id)) ) { // This user has roles
391
392 echo '<form action="../course/unenrol.php" method="get">';
393 echo "<div>";
394 echo '<input type="hidden" name="id" value="'.$course->id.'" />';
395 echo '<input type="hidden" name="user" value="'.$user->id.'" />';
396 echo '<input type="submit" value="'.get_string('unenrolme', '', $course->shortname).'" />';
397 echo "</div>";
398 echo '</form>';
399 }
400 }
401
402 if ($USER->id != $user->id && empty($USER->realuser) && has_capability('moodle/user:loginas', $coursecontext) &&
403 ! has_capability('moodle/site:doanything', $coursecontext, $user->id, false)) {
404 echo '<form action="'.$CFG->wwwroot.'/course/loginas.php" method="get">';
405 echo "<div>";
406 echo '<input type="hidden" name="id" value="'.$course->id.'" />';
407 echo '<input type="hidden" name="user" value="'.$user->id.'" />';
408 echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
409 echo '<input type="submit" value="'.get_string('loginas').'" />';
410 echo "</div>";
411 echo '</form>';
412 }
413
414 if (!empty($CFG->messaging) and !isguest()) {
415 if (!empty($USER->id) and ($USER->id == $user->id)) {
416 if ($countmessages = count_records('message', 'useridto', $user->id)) {
417 $messagebuttonname = get_string("messages", "message")."($countmessages)";
418 } else {
419 $messagebuttonname = get_string("messages", "message");
420 }
421 echo "<form onclick=\"this.target='message'\" action=\"../message/index.php\" method=\"get\">";
422 echo "<div>";
423 echo "<input type=\"submit\" value=\"$messagebuttonname\" onclick=\"return openpopup('/message/index.php', 'message', 'menubar=0,location=0,scrollbars,status,resizable,width=400,height=500', 0);\" />";
424 echo "</div>";
425 echo "</form>";
426 } else {
427 echo "<form onclick=\"this.target='message$user->id'\" action=\"../message/discussion.php\" method=\"get\">";
428 echo "<div>";
429 echo "<input type=\"hidden\" name=\"id\" value=\"$user->id\" />";
430 echo "<input type=\"submit\" value=\"".get_string("sendmessage", "message")."\" onclick=\"return openpopup('/message/discussion.php?id=$user->id', 'message_$user->id', 'menubar=0,location=0,scrollbars,status,resizable,width=400,height=500', 0);\" />";
431 echo "</div>";
432 echo "</form>";
433 }
434 }
435 // Authorize.net: User Payments
436 if ($course->enrol == 'authorize' || (empty($course->enrol) && $CFG->enrol == 'authorize')) {
437 echo "<form action=\"../enrol/authorize/index.php\" method=\"get\">";
438 echo "<div>";
439 echo "<input type=\"hidden\" name=\"course\" value=\"$course->id\" />";
440 echo "<input type=\"hidden\" name=\"user\" value=\"$user->id\" />";
441 echo "<input type=\"submit\" value=\"".get_string('payments')."\" />";
442 echo "</div>";
443 echo "</form>";
444 }
445 echo "</div>\n";
446
447 if ($CFG->debugdisplay && debugging('', DEBUG_DEVELOPER) && $USER->id == $user->id) { // Show user object
448 echo '<hr />';
449 print_heading('DEBUG MODE: User session variables');
450 print_object($USER);
451 }
452
453 print_footer($course);
454
455 /// Functions ///////
456
457 function print_row($left, $right) {
458 echo "\n<tr><td class=\"label c0\">$left</td><td class=\"info c1\">$right</td></tr>\n";
459 }
460
461 ?>
Moodle proposed updates