search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
adding current groupid to grade_export class - soon to be used in plugins
[moodle-pu.git] / user / view.php
blob3eeffafde50f5242d0d48fc99da9a0d90aed18dc
1 <?PHP // $Id$
2
3 // Display profile for a particular user
4
5 require_once("../config.php");
6 require_once($CFG->dirroot.'/user/profile/lib.php');
7 require_once($CFG->dirroot.'/tag/lib.php');
8
9 $id = optional_param('id', 0, PARAM_INT); // user id
10 $course = optional_param('course', SITEID, PARAM_INT); // course id (defaults to Site)
11 $enable = optional_param('enable', ''); // enable email
12 $disable = optional_param('disable', ''); // disable email
13
14 if (empty($id)) { // See your own profile by default
15 require_login();
16 $id = $USER->id;
17 }
18
19 if (! $user = get_record("user", "id", $id) ) {
20 error("No such user in this course");
21 }
22
23 if (! $course = get_record("course", "id", $course) ) {
24 error("No such course id");
25 }
26
27 /// Make sure the current user is allowed to see this user
28
29 if (empty($USER->id)) {
30 $currentuser = false;
31 } else {
32 $currentuser = ($user->id == $USER->id);
33 }
34
35 if ($course->id == SITEID) {
36 $coursecontext = get_context_instance(CONTEXT_SYSTEM); // SYSTEM context
37 } else {
38 $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id); // Course context
39 }
40 $usercontext = get_context_instance(CONTEXT_USER, $user->id); // User context
41 $systemcontext = get_context_instance(CONTEXT_SYSTEM); // SYSTEM context
42
43 if (!empty($CFG->forcelogin) || $course->id != SITEID) {
44 // do not force parents to enrol
45 if (!get_record('role_assignments', 'userid', $USER->id, 'contextid', $usercontext->id)) {
46 require_login($course->id);
47 }
48 }
49
50 // make sure user can view this student's profile
51 if ($USER->id != $user->id
52 && !has_capability('moodle/user:viewdetails', $coursecontext)
53 && !has_capability('moodle/user:viewdetails', $usercontext)) {
54 print_error('cannotviewprofile');
55 }
56
57 if (!empty($CFG->forceloginforprofiles)) {
58 require_login();
59 if (isguest()) {
60 redirect("$CFG->wwwroot/login/index.php");
61 }
62 }
63
64 $strpersonalprofile = get_string('personalprofile');
65 $strparticipants = get_string("participants");
66 $struser = get_string("user");
67
68 $fullname = fullname($user, has_capability('moodle/site:viewfullnames', $coursecontext));
69
70 $navlinks = array();
71 $navlinks[] = array('name' => $strparticipants, 'link' => "index.php?id=$course->id", 'type' => 'misc');
72
73 /// If the user being shown is not ourselves, then make sure we are allowed to see them!
74
75 if (!$currentuser) {
76 if ($course->id == SITEID) { // Reduce possibility of "browsing" userbase at site level
77 if ($CFG->forceloginforprofiles and !isteacherinanycourse()
78 and !isteacherinanycourse($user->id)
79 and !has_capability('moodle/user:viewdetails', $usercontext)) { // Teachers can browse and be browsed at site level. If not forceloginforprofiles, allow access (bug #4366)
80
81 $navlinks[] = array('name' => $struser, 'link' => null, 'type' => 'misc');
82 $navigation = build_navigation($navlinks);
83
84 print_header("$strpersonalprofile: ", "$strpersonalprofile: ", $navigation, "", "", true, "&nbsp;", navmenu($course));
85 print_heading(get_string('usernotavailable', 'error'));
86 print_footer($course);
87 exit;
88 }
89 } else { // Normal course
90 if (!has_capability('moodle/course:view', $coursecontext, $user->id, false)) {
91 if (has_capability('moodle/course:view', $coursecontext)) {
92 $navlinks[] = array('name' => $fullname, 'link' => null, 'type' => 'misc');
93 $navigation = build_navigation($navlinks);
94 print_header("$strpersonalprofile: ", "$strpersonalprofile: ", $navigation, "", "", true, "&nbsp;", navmenu($course));
95 print_heading(get_string('notenrolled', '', $fullname));
96 } else {
97 $navlinks[] = array('name' => $struser, 'link' => null, 'type' => 'misc');
98 $navigation = build_navigation($navlinks);
99 print_header("$strpersonalprofile: ", "$strpersonalprofile: ", $navigation, "", "", true, "&nbsp;", navmenu($course));
100 print_heading(get_string('notenrolledprofile'));
101 }
102 print_continue($_SERVER['HTTP_REFERER']);
103 print_footer($course);
104 exit;
105 }
106 }
107
108
109 // If groups are in use, make sure we can see that group
110 if (groupmode($course) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $coursecontext)) {
111 require_login();
112
113 ///this is changed because of mygroupid
114 $gtrue = (bool)groups_get_all_groups($course->id, $user->id);
115 if (!$gtrue) {
116 $navigation = build_navigation($navlinks);
117 print_header("$strpersonalprofile: ", "$strpersonalprofile: ", $navigation, "", "", true, "&nbsp;", navmenu($course));
118 error(get_string("groupnotamember"), "../course/view.php?id=$course->id");
119 }
120 }
121 }
122
123
124 /// We've established they can see the user's name at least, so what about the rest?
125
126 $navlinks[] = array('name' => $fullname, 'link' => null, 'type' => 'misc');
127
128 $navigation = build_navigation($navlinks);
129
130 print_header("$course->fullname: $strpersonalprofile: $fullname", $course->fullname,
131 $navigation, "", "", true, "&nbsp;", navmenu($course));
132
133
134 if (($course->id != SITEID) and ! isguest() ) { // Need to have access to a course to see that info
135 if (!has_capability('moodle/course:view', $coursecontext, $user->id)) {
136 print_heading(get_string('notenrolled', '', $fullname));
137 print_footer($course);
138 die;
139 }
140 }
141
142 if ($user->deleted) {
143 print_heading(get_string('userdeleted'));
144 }
145
146 /// OK, security out the way, now we are showing the user
147
148 add_to_log($course->id, "user", "view", "view.php?id=$user->id&course=$course->id", "$user->id");
149
150 if ($course->id != SITEID) {
151 if ($lastaccess = get_record('user_lastaccess', 'userid', $user->id, 'courseid', $course->id)) {
152 $user->lastaccess = $lastaccess->timeaccess;
153 }
154 }
155
156
157 /// Get the hidden field list
158 if (has_capability('moodle/user:viewhiddendetails', $coursecontext)) {
159 $hiddenfields = array();
160 } else {
161 $hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields));
162 }
163
164 /// Print tabs at top
165 /// This same call is made in:
166 /// /user/view.php
167 /// /user/edit.php
168 /// /course/user.php
169
170 $currenttab = 'profile';
171 $showroles = 1;
172 include('tabs.php');
173
174 if (is_mnet_remote_user($user)) {
175 $sql = "
176 SELECT DISTINCT
177 h.id,
178 h.name,
179 h.wwwroot,
180 a.name as application,
181 a.display_name
182 FROM
183 {$CFG->prefix}mnet_host h,
184 {$CFG->prefix}mnet_application a
185 WHERE
186 h.id = '{$user->mnethostid}' AND
187 h.applicationid = a.id
188 ORDER BY
189 a.display_name,
190 h.name";
191
192 $remotehost = get_record_sql($sql);
193
194 echo '<p class="errorboxcontent">'.get_string('remote'.$remotehost->application.'user')." <br />\n";
195 if ($USER->id == $user->id) {
196 if ($remotehost->application =='moodle') {
197 echo "Remote {$remotehost->display_name}: <a href=\"{$remotehost->wwwroot}/user/edit.php\">{$remotehost->name}</a> ".get_string('editremoteprofile')." </p>\n";
198 } else {
199 echo "Remote {$remotehost->display_name}: <a href=\"{$remotehost->wwwroot}/\">{$remotehost->name}</a> ".get_string('gotoyourserver')." </p>\n";
200 }
201 } else {
202 echo "Remote {$remotehost->display_name}: <a href=\"{$remotehost->wwwroot}/\">{$remotehost->name}</a></p>\n";
203 }
204 }
205
206 echo '<table width="80%" class="userinfobox" summary="">';
207 echo '<tr>';
208 echo '<td class="side">';
209 print_user_picture($user->id, $course->id, $user->picture, true, false, false);
210 echo '</td><td class="content">';
211
212 // Print the description
213
214 if ($user->description && !isset($hiddenfields['description'])) {
215 echo format_text($user->description, FORMAT_MOODLE)."<hr />";
216 }
217
218 // Print all the little details in a list
219
220 echo '<table class="list">';
221
222 if (($user->city or $user->country) and (!isset($hiddenfields['city']) or !isset($hiddenfields['country']))) {
223 $location = '';
224 if ($user->city && !isset($hiddenfields['city'])) {
225 $location .= $user->city;
226 }
227 if (!empty($countries[$user->country]) && !isset($hiddenfields['country'])) {
228 if ($user->city && !isset($hiddenfields['country'])) {
229 $location .= ', ';
230 }
231 $countries = get_list_of_countries();
232 $location .= $countries[$user->country];
233 }
234 print_row(get_string("city").":", $location);
235 }
236
237 if (has_capability('moodle/user:viewhiddendetails', $coursecontext)) {
238 if ($user->address) {
239 print_row(get_string("address").":", "$user->address");
240 }
241 if ($user->phone1) {
242 print_row(get_string("phone").":", "$user->phone1");
243 }
244 if ($user->phone2) {
245 print_row(get_string("phone").":", "$user->phone2");
246 }
247 }
248
249 if ($user->maildisplay == 1 or
250 ($user->maildisplay == 2 and ($course->id != SITEID) and !isguest()) or
251 has_capability('moodle/course:useremail', $coursecontext)) {
252
253 $emailswitch = '';
254
255 if (has_capability('moodle/course:useremail', $coursecontext) or $currentuser) { /// Can use the enable/disable email stuff
256 if (!empty($enable)) { /// Recieved a parameter to enable the email address
257 set_field('user', 'emailstop', 0, 'id', $user->id);
258 $user->emailstop = 0;
259 }
260 if (!empty($disable)) { /// Recieved a parameter to disable the email address
261 set_field('user', 'emailstop', 1, 'id', $user->id);
262 $user->emailstop = 1;
263 }
264 }
265
266 if (has_capability('moodle/course:useremail', $coursecontext)) { /// Can use the enable/disable email stuff
267 if ($user->emailstop) {
268 $switchparam = 'enable';
269 $switchtitle = get_string('emaildisable');
270 $switchclick = get_string('emailenableclick');
271 $switchpix = 'emailno.gif';
272 } else {
273 $switchparam = 'disable';
274 $switchtitle = get_string('emailenable');
275 $switchclick = get_string('emaildisableclick');
276 $switchpix = 'email.gif';
277 }
278 $emailswitch = "&nbsp;<a title=\"$switchclick\" ".
279 "href=\"view.php?id=$user->id&amp;course=$course->id&amp;$switchparam=1\">".
280 "<img src=\"$CFG->pixpath/t/$switchpix\" alt=\"$switchclick\" /></a>";
281
282 } else if ($currentuser) { /// Can only re-enable an email this way
283 if ($user->emailstop) { // Include link that tells how to re-enable their email
284 $switchparam = 'enable';
285 $switchtitle = get_string('emaildisable');
286 $switchclick = get_string('emailenableclick');
287
288 $emailswitch = "&nbsp;(<a title=\"$switchclick\" ".
289 "href=\"view.php?id=$user->id&amp;course=$course->id&amp;enable=1\">$switchtitle</a>)";
290 }
291 }
292
293 print_row(get_string("email").":", obfuscate_mailto($user->email, '', $user->emailstop)."$emailswitch");
294 }
295
296 if ($user->url && !isset($hiddenfields['webpage'])) {
297 print_row(get_string("webpage").":", "<a href=\"$user->url\">$user->url</a>");
298 }
299
300 if ($user->icq && !isset($hiddenfields['icqnumber'])) {
301 print_row(get_string('icqnumber').':',"<a href=\"http://web.icq.com/wwp?uin=$user->icq\">$user->icq <img src=\"http://web.icq.com/whitepages/online?icq=$user->icq&amp;img=5\" alt=\"\" /></a>");
302 }
303
304 if ($user->skype && !isset($hiddenfields['skypeid'])) {
305 print_row(get_string('skypeid').':','<a href="callto:'.urlencode($user->skype).'">'.s($user->skype).
306 ' <img src="http://mystatus.skype.com/smallicon/'.urlencode($user->skype).'" alt="'.get_string('status').'" '.
307 ' /></a>');
308 }
309 if ($user->yahoo && !isset($hiddenfields['yahooid'])) {
310 print_row(get_string('yahooid').':', '<a href="http://edit.yahoo.com/config/send_webmesg?.target='.urlencode($user->yahoo).'&amp;.src=pg">'.s($user->yahoo)." <img src=\"http://opi.yahoo.com/online?u=".urlencode($user->yahoo)."&m=g&t=0\" alt=\"\"></a>");
311 }
312 if ($user->aim && !isset($hiddenfields['aimid'])) {
313 print_row(get_string('aimid').':', '<a href="aim:goim?screenname='.s($user->aim).'">'.s($user->aim).'</a>');
314 }
315 if ($user->msn && !isset($hiddenfields['msnid'])) {
316 print_row(get_string('msnid').':', s($user->msn));
317 }
318
319 /// Print the Custom User Fields
320 profile_display_fields($user->id);
321
322
323 if ($mycourses = get_my_courses($user->id, null, null, false, 21)) {
324 $shown=0;
325 $courselisting = '';
326 foreach ($mycourses as $mycourse) {
327 if ($mycourse->visible and $mycourse->category) {
328 if ($mycourse->id != $course->id){
329 $courselisting .= "<a href=\"$CFG->wwwroot/user/view.php?id=$user->id&amp;course=$mycourse->id\">"
330 . format_string($mycourse->fullname) . "</a>, ";
331 }
332 else {
333 $courselisting .= format_string($mycourse->fullname) . ", ";
334 }
335 }
336 $shown++;
337 if($shown==20) {
338 $courselisting.= "...";
339 break;
340 }
341 }
342 print_row(get_string('courses').':', rtrim($courselisting,', '));
343 }
344
345 if (!isset($hiddenfields['lastaccess'])) {
346 if ($user->lastaccess) {
347 $datestring = userdate($user->lastaccess)."&nbsp; (".format_time(time() - $user->lastaccess).")";
348 } else {
349 $datestring = get_string("never");
350 }
351 print_row(get_string("lastaccess").":", $datestring);
352 }
353 /// printing roles
354
355 if ($rolestring = get_user_roles_in_context($id, $coursecontext->id)) {
356 print_row(get_string('roles').':', format_string($rolestring, false));
357 }
358
359 /// Printing groups
360 $isseparategroups = ($course->groupmode == SEPARATEGROUPS and $course->groupmodeforce and
361 !has_capability('moodle/site:accessallgroups', $coursecontext));
362 if (!$isseparategroups){
363 if ($usergroups = groups_get_all_groups($course->id, $user->id)){
364 $groupstr = '';
365 foreach ($usergroups as $group){
366 $groupstr .= ' <a href="'.$CFG->wwwroot.'/user/index.php?id='.$course->id.'&amp;group='.$group->id.'">'.$group->name.'</a>,';
367 }
368 print_row(get_string("group").":", rtrim($groupstr, ', '));
369 }
370 }
371 /// End of printing groups
372
373 /// Printing Interests
374 if( !empty($CFG->usetags)) {
375 $interests = get_item_tags('user', $user->id);
376
377 $instereststr = tag_links_csv($interests);
378
379 if ($interests) {
380 print_row(get_string('interests').": ",rtrim($instereststr));
381 }
382 }
383 /// End of Printing Interests
384
385 echo "</table>";
386
387 echo "</td></tr></table>";
388
389 $userauth = get_auth_plugin($user->auth);
390
391 $passwordchangeurl = false;
392 if ($currentuser and $userauth->can_change_password() and !isguestuser() and has_capability('moodle/user:changeownpassword', $systemcontext)) {
393 if (!$passwordchangeurl = $userauth->change_password_url()) {
394 if (empty($CFG->loginhttps)) {
395 $passwordchangeurl = "$CFG->wwwroot/login/change_password.php";
396 } else {
397 $passwordchangeurl = str_replace('http:', 'https:', $CFG->wwwroot.'/login/change_password.php');
398 }
399 }
400 }
401
402 // Print other functions
403 echo '<div class="buttons">';
404
405 if ($passwordchangeurl) {
406 $params = array('id'=>$course->id);
407
408 if (!empty($USER->realuser)) {
409 $passwordchangeurl = ''; // do not use actual change password url - might contain sensitive data
410 } else {
411 $parts = explode('?', $passwordchangeurl);
412 $passwordchangeurl = reset($parts);
413 $after = next($parts);
414 preg_match_all('/([^&=]+)=([^&=]+)/', $after, $matches);
415 if (count($matches)) {
416 foreach($matches[0] as $key=>$match) {
417 $params[$matches[1][$key]] = $matches[2][$key];
418 }
419 }
420 }
421 echo "<form action=\"$passwordchangeurl\" method=\"get\">";
422 echo "<div>";
423 foreach($params as $key=>$value) {
424 echo '<input type="hidden" name="'.$key.'" value="'.s($value).'" />';
425 }
426 if (!empty($USER->realuser)) {
427 // changing of password when "Logged in as" is not allowed
428 echo "<input type=\"submit\" value=\"".get_string("changepassword")."\" disabled=\"disabled\" />";
429 } else {
430 echo "<input type=\"submit\" value=\"".get_string("changepassword")."\" />";
431 }
432 echo "</div>";
433 echo "</form>";
434 }
435
436 if ($course->id != SITEID && empty($course->metacourse)) { // Mostly only useful at course level
437
438 if (($user->id == $USER->id && // Myself
439 has_capability('moodle/course:view', $coursecontext, NULL) && // Course participant
440 has_capability('moodle/role:unassignself', $coursecontext, NULL, false)) // Can unassign myself
441 ||
442 (has_capability('moodle/role:assign', $coursecontext, NULL) && // I can assign roles
443 get_user_roles($coursecontext, $user->id)) ) { // This user has roles
444
445 echo '<form action="../course/unenrol.php" method="get">';
446 echo "<div>";
447 echo '<input type="hidden" name="id" value="'.$course->id.'" />';
448 echo '<input type="hidden" name="user" value="'.$user->id.'" />';
449 echo '<input type="submit" value="'.get_string('unenrolme', '', $course->shortname).'" />';
450 echo "</div>";
451 echo '</form>';
452 }
453 }
454
455 if ($USER->id != $user->id && empty($USER->realuser) && has_capability('moodle/user:loginas', $coursecontext) &&
456 ! has_capability('moodle/site:doanything', $coursecontext, $user->id, false)) {
457 echo '<form action="'.$CFG->wwwroot.'/course/loginas.php" method="get">';
458 echo "<div>";
459 echo '<input type="hidden" name="id" value="'.$course->id.'" />';
460 echo '<input type="hidden" name="user" value="'.$user->id.'" />';
461 echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
462 echo '<input type="submit" value="'.get_string('loginas').'" />';
463 echo "</div>";
464 echo '</form>';
465 }
466
467 if (!empty($CFG->messaging) and !isguest()) {
468 if (!empty($USER->id) and ($USER->id == $user->id)) {
469 if ($countmessages = count_records('message', 'useridto', $user->id)) {
470 $messagebuttonname = get_string("messages", "message")."($countmessages)";
471 } else {
472 $messagebuttonname = get_string("messages", "message");
473 }
474 echo "<form onclick=\"this.target='message'\" action=\"../message/index.php\" method=\"get\">";
475 echo "<div>";
476 echo "<input type=\"submit\" value=\"$messagebuttonname\" onclick=\"return openpopup('/message/index.php', 'message', 'menubar=0,location=0,scrollbars,status,resizable,width=400,height=500', 0);\" />";
477 echo "</div>";
478 echo "</form>";
479 } else {
480 echo "<form onclick=\"this.target='message$user->id'\" action=\"../message/discussion.php\" method=\"get\">";
481 echo "<div>";
482 echo "<input type=\"hidden\" name=\"id\" value=\"$user->id\" />";
483 echo "<input type=\"submit\" value=\"".get_string("sendmessage", "message")."\" onclick=\"return openpopup('/message/discussion.php?id=$user->id', 'message_$user->id', 'menubar=0,location=0,scrollbars,status,resizable,width=400,height=500', 0);\" />";
484 echo "</div>";
485 echo "</form>";
486 }
487 }
488 // Authorize.net: User Payments
489 if ($course->enrol == 'authorize' || (empty($course->enrol) && $CFG->enrol == 'authorize')) {
490 echo "<form action=\"../enrol/authorize/index.php\" method=\"get\">";
491 echo "<div>";
492 echo "<input type=\"hidden\" name=\"course\" value=\"$course->id\" />";
493 echo "<input type=\"hidden\" name=\"user\" value=\"$user->id\" />";
494 echo "<input type=\"submit\" value=\"".get_string('payments')."\" />";
495 echo "</div>";
496 echo "</form>";
497 }
498 echo "</div>\n";
499
500 if ($CFG->debugdisplay && debugging('', DEBUG_DEVELOPER) && $USER->id == $user->id) { // Show user object
501 echo '<hr />';
502 print_heading('DEBUG MODE: User session variables');
503 print_object($USER);
504 }
505
506 print_footer($course);
507
508 /// Functions ///////
509
510 function print_row($left, $right) {
511 echo "\n<tr><td class=\"label c0\">$left</td><td class=\"info c1\">$right</td></tr>\n";
512 }
513
514 ?>
Moodle proposed updates