Search moodle.org's
Developer Documentation

See Release Notes
Long Term Support Release

  • Bug fixes for general core bugs in 3.9.x will end* 10 May 2021 (12 months).
  • Bug fixes for security issues in 3.9.x will end* 8 May 2023 (36 months).
  • PHP version: minimum PHP 7.2.0 Note: minimum PHP version has increased since Moodle 3.8. PHP 7.3.x and 7.4.x are supported too.
/user/ -> editlib.php (source)

Differences Between: [Versions 39 and 310] [Versions 39 and 311] [Versions 39 and 400] [Versions 39 and 401] [Versions 39 and 402] [Versions 39 and 403]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * This file contains function used when editing a users profile and preferences.
  19   *
  20   * @copyright 1999 Martin Dougiamas  http://dougiamas.com
  21   * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  22   * @package core_user
  23   */
  24  
  25  require_once($CFG->dirroot . '/user/lib.php');
  26  
  27  /**
  28   * Cancels the requirement for a user to update their email address.
  29   *
  30   * @param int $userid
  31   */
  32  function cancel_email_update($userid) {
  33      unset_user_preference('newemail', $userid);
  34      unset_user_preference('newemailkey', $userid);
  35      unset_user_preference('newemailattemptsleft', $userid);
  36  }
  37  
  38  /**
  39   * Performs the common access checks and page setup for all
  40   * user preference pages.
  41   *
  42   * @param int $userid The user id to edit taken from the page params.
  43   * @param int $courseid The optional course id if we came from a course context.
  44   * @return array containing the user and course records.
  45   */
  46  function useredit_setup_preference_page($userid, $courseid) {
  47      global $PAGE, $SESSION, $DB, $CFG, $OUTPUT, $USER;
  48  
  49      // Guest can not edit.
  50      if (isguestuser()) {
  51          print_error('guestnoeditprofile');
  52      }
  53  
  54      if (!$course = $DB->get_record('course', array('id' => $courseid))) {
  55          print_error('invalidcourseid');
  56      }
  57  
  58      if ($course->id != SITEID) {
  59          require_login($course);
  60      } else if (!isloggedin()) {
  61          if (empty($SESSION->wantsurl)) {
  62              $SESSION->wantsurl = $CFG->wwwroot.'/user/preferences.php';
  63          }
  64          redirect(get_login_url());
  65      } else {
  66          $PAGE->set_context(context_system::instance());
  67      }
  68  
  69      // The user profile we are editing.
  70      if (!$user = $DB->get_record('user', array('id' => $userid))) {
  71          print_error('invaliduserid');
  72      }
  73  
  74      // Guest can not be edited.
  75      if (isguestuser($user)) {
  76          print_error('guestnoeditprofile');
  77      }
  78  
  79      // Remote users cannot be edited.
  80      if (is_mnet_remote_user($user)) {
  81          if (user_not_fully_set_up($user, false)) {
  82              $hostwwwroot = $DB->get_field('mnet_host', 'wwwroot', array('id' => $user->mnethostid));
  83              print_error('usernotfullysetup', 'mnet', '', $hostwwwroot);
  84          }
  85          redirect($CFG->wwwroot . "/user/view.php?course={$course->id}");
  86      }
  87  
  88      $systemcontext   = context_system::instance();
  89      $personalcontext = context_user::instance($user->id);
  90  
  91      // Check access control.
  92      if ($user->id == $USER->id) {
  93          // Editing own profile - require_login() MUST NOT be used here, it would result in infinite loop!
  94          if (!has_capability('moodle/user:editownprofile', $systemcontext)) {
  95              print_error('cannotedityourprofile');
  96          }
  97  
  98      } else {
  99          // Teachers, parents, etc.
 100          require_capability('moodle/user:editprofile', $personalcontext);
 101  
 102          // No editing of primary admin!
 103          if (is_siteadmin($user) and !is_siteadmin($USER)) {  // Only admins may edit other admins.
 104              print_error('useradmineditadmin');
 105          }
 106      }
 107  
 108      if ($user->deleted) {
 109          echo $OUTPUT->header();
 110          echo $OUTPUT->heading(get_string('userdeleted'));
 111          echo $OUTPUT->footer();
 112          die;
 113      }
 114  
 115      $PAGE->set_pagelayout('admin');
 116      $PAGE->set_context($personalcontext);
 117      if ($USER->id != $user->id) {
 118          $PAGE->navigation->extend_for_user($user);
 119      } else {
 120          if ($node = $PAGE->navigation->find('myprofile', navigation_node::TYPE_ROOTNODE)) {
 121              $node->force_open();
 122          }
 123      }
 124  
 125      return array($user, $course);
 126  }
 127  
 128  /**
 129   * Loads the given users preferences into the given user object.
 130   *
 131   * @param stdClass $user The user object, modified by reference.
 132   * @param bool $reload
 133   */
 134  function useredit_load_preferences(&$user, $reload=true) {
 135      global $USER;
 136  
 137      if (!empty($user->id)) {
 138          if ($reload and $USER->id == $user->id) {
 139              // Reload preferences in case it was changed in other session.
 140              unset($USER->preference);
 141          }
 142  
 143          if ($preferences = get_user_preferences(null, null, $user->id)) {
 144              foreach ($preferences as $name => $value) {
 145                  $user->{'preference_'.$name} = $value;
 146              }
 147          }
 148      }
 149  }
 150  
 151  /**
 152   * Updates the user preferences for the given user
 153   *
 154   * Only preference that can be updated directly will be updated here. This method is called from various WS
 155   * updating users and should be used when updating user details. Plugins may whitelist preferences that can
 156   * be updated by defining 'user_preferences' callback, {@see core_user::fill_preferences_cache()}
 157   *
 158   * Some parts of code may use user preference table to store internal data, in these cases it is acceptable
 159   * to call set_user_preference()
 160   *
 161   * @param stdClass|array $usernew object or array that has user preferences as attributes with keys starting with preference_
 162   */
 163  function useredit_update_user_preference($usernew) {
 164      global $USER;
 165      $ua = (array)$usernew;
 166      if (is_object($usernew) && isset($usernew->id) && isset($usernew->deleted) && isset($usernew->confirmed)) {
 167          // This is already a full user object, maybe not completely full but these fields are enough.
 168          $user = $usernew;
 169      } else if (empty($ua['id']) || $ua['id'] == $USER->id) {
 170          // We are updating current user.
 171          $user = $USER;
 172      } else {
 173          // Retrieve user object.
 174          $user = core_user::get_user($ua['id'], '*', MUST_EXIST);
 175      }
 176  
 177      foreach ($ua as $key => $value) {
 178          if (strpos($key, 'preference_') === 0) {
 179              $name = substr($key, strlen('preference_'));
 180              if (core_user::can_edit_preference($name, $user)) {
 181                  $value = core_user::clean_preference($value, $name);
 182                  set_user_preference($name, $value, $user->id);
 183              }
 184          }
 185      }
 186  }
 187  
 188  /**
 189   * @deprecated since Moodle 3.2
 190   * @see core_user::update_picture()
 191   */
 192  function useredit_update_picture() {
 193      throw new coding_exception('useredit_update_picture() can not be used anymore. Please use ' .
 194          'core_user::update_picture() instead.');
 195  }
 196  
 197  /**
 198   * Updates the user email bounce + send counts when the user is edited.
 199   *
 200   * @param stdClass $user The current user object.
 201   * @param stdClass $usernew The updated user object.
 202   */
 203  function useredit_update_bounces($user, $usernew) {
 204      if (!isset($usernew->email)) {
 205          // Locked field.
 206          return;
 207      }
 208      if (!isset($user->email) || $user->email !== $usernew->email) {
 209          set_bounce_count($usernew, true);
 210          set_send_count($usernew, true);
 211      }
 212  }
 213  
 214  /**
 215   * Updates the forums a user is tracking when the user is edited.
 216   *
 217   * @param stdClass $user The original user object.
 218   * @param stdClass $usernew The updated user object.
 219   */
 220  function useredit_update_trackforums($user, $usernew) {
 221      global $CFG;
 222      if (!isset($usernew->trackforums)) {
 223          // Locked field.
 224          return;
 225      }
 226      if ((!isset($user->trackforums) || ($usernew->trackforums != $user->trackforums)) and !$usernew->trackforums) {
 227          require_once($CFG->dirroot.'/mod/forum/lib.php');
 228          forum_tp_delete_read_records($usernew->id);
 229      }
 230  }
 231  
 232  /**
 233   * Updates a users interests.
 234   *
 235   * @param stdClass $user
 236   * @param array $interests
 237   */
 238  function useredit_update_interests($user, $interests) {
 239      core_tag_tag::set_item_tags('core', 'user', $user->id,
 240              context_user::instance($user->id), $interests);
 241  }
 242  
 243  /**
 244   * Powerful function that is used by edit and editadvanced to add common form elements/rules/etc.
 245   *
 246   * @param moodleform $mform
 247   * @param array $editoroptions
 248   * @param array $filemanageroptions
 249   * @param stdClass $user
 250   */
 251  function useredit_shared_definition(&$mform, $editoroptions, $filemanageroptions, $user) {
 252      global $CFG, $USER, $DB;
 253  
 254      if ($user->id > 0) {
 255          useredit_load_preferences($user, false);
 256      }
 257  
 258      $strrequired = get_string('required');
 259      $stringman = get_string_manager();
 260  
 261      // Add the necessary names.
 262      foreach (useredit_get_required_name_fields() as $fullname) {
 263          $purpose = user_edit_map_field_purpose($user->id, $fullname);
 264          $mform->addElement('text', $fullname,  get_string($fullname),  'maxlength="100" size="30"' . $purpose);
 265          if ($stringman->string_exists('missing'.$fullname, 'core')) {
 266              $strmissingfield = get_string('missing'.$fullname, 'core');
 267          } else {
 268              $strmissingfield = $strrequired;
 269          }
 270          $mform->addRule($fullname, $strmissingfield, 'required', null, 'client');
 271          $mform->setType($fullname, PARAM_NOTAGS);
 272      }
 273  
 274      $enabledusernamefields = useredit_get_enabled_name_fields();
 275      // Add the enabled additional name fields.
 276      foreach ($enabledusernamefields as $addname) {
 277          $purpose = user_edit_map_field_purpose($user->id, $addname);
 278          $mform->addElement('text', $addname,  get_string($addname), 'maxlength="100" size="30"' . $purpose);
 279          $mform->setType($addname, PARAM_NOTAGS);
 280      }
 281  
 282      // Do not show email field if change confirmation is pending.
 283      if ($user->id > 0 and !empty($CFG->emailchangeconfirmation) and !empty($user->preference_newemail)) {
 284          $notice = get_string('emailchangepending', 'auth', $user);
 285          $notice .= '<br /><a href="edit.php?cancelemailchange=1&amp;id='.$user->id.'">'
 286                  . get_string('emailchangecancel', 'auth') . '</a>';
 287          $mform->addElement('static', 'emailpending', get_string('email'), $notice);
 288      } else {
 289          $purpose = user_edit_map_field_purpose($user->id, 'email');
 290          $mform->addElement('text', 'email', get_string('email'), 'maxlength="100" size="30"' . $purpose);
 291          $mform->addRule('email', $strrequired, 'required', null, 'client');
 292          $mform->setType('email', PARAM_RAW_TRIMMED);
 293      }
 294  
 295      $choices = array();
 296      $choices['0'] = get_string('emaildisplayno');
 297      $choices['1'] = get_string('emaildisplayyes');
 298      $choices['2'] = get_string('emaildisplaycourse');
 299      $mform->addElement('select', 'maildisplay', get_string('emaildisplay'), $choices);
 300      $mform->setDefault('maildisplay', core_user::get_property_default('maildisplay'));
 301      $mform->addHelpButton('maildisplay', 'emaildisplay');
 302  
 303      $mform->addElement('text', 'moodlenetprofile', get_string('moodlenetprofile', 'user'));
 304      $mform->setType('moodlenetprofile', PARAM_NOTAGS);
 305      $mform->addHelpButton('moodlenetprofile', 'moodlenetprofile', 'user');
 306  
 307      $mform->addElement('text', 'city', get_string('city'), 'maxlength="120" size="21"');
 308      $mform->setType('city', PARAM_TEXT);
 309      if (!empty($CFG->defaultcity)) {
 310          $mform->setDefault('city', $CFG->defaultcity);
 311      }
 312  
 313      $purpose = user_edit_map_field_purpose($user->id, 'country');
 314      $choices = get_string_manager()->get_list_of_countries();
 315      $choices = array('' => get_string('selectacountry') . '...') + $choices;
 316      $mform->addElement('select', 'country', get_string('selectacountry'), $choices, $purpose);
 317      if (!empty($CFG->country)) {
 318          $mform->setDefault('country', core_user::get_property_default('country'));
 319      }
 320  
 321      if (isset($CFG->forcetimezone) and $CFG->forcetimezone != 99) {
 322          $choices = core_date::get_list_of_timezones($CFG->forcetimezone);
 323          $mform->addElement('static', 'forcedtimezone', get_string('timezone'), $choices[$CFG->forcetimezone]);
 324          $mform->addElement('hidden', 'timezone');
 325          $mform->setType('timezone', core_user::get_property_type('timezone'));
 326      } else {
 327          $choices = core_date::get_list_of_timezones($user->timezone, true);
 328          $mform->addElement('select', 'timezone', get_string('timezone'), $choices);
 329      }
 330  
 331      if ($user->id < 0) {
 332          $purpose = user_edit_map_field_purpose($user->id, 'lang');
 333          $translations = get_string_manager()->get_list_of_translations();
 334          $mform->addElement('select', 'lang', get_string('preferredlanguage'), $translations, $purpose);
 335          $lang = empty($user->lang) ? $CFG->lang : $user->lang;
 336          $mform->setDefault('lang', $lang);
 337      }
 338  
 339      if (!empty($CFG->allowuserthemes)) {
 340          $choices = array();
 341          $choices[''] = get_string('default');
 342          $themes = get_list_of_themes();
 343          foreach ($themes as $key => $theme) {
 344              if (empty($theme->hidefromselector)) {
 345                  $choices[$key] = get_string('pluginname', 'theme_'.$theme->name);
 346              }
 347          }
 348          $mform->addElement('select', 'theme', get_string('preferredtheme'), $choices);
 349      }
 350  
 351      $mform->addElement('editor', 'description_editor', get_string('userdescription'), null, $editoroptions);
 352      $mform->setType('description_editor', PARAM_RAW);
 353      $mform->addHelpButton('description_editor', 'userdescription');
 354  
 355      if (empty($USER->newadminuser)) {
 356          $mform->addElement('header', 'moodle_picture', get_string('pictureofuser'));
 357          $mform->setExpanded('moodle_picture', true);
 358  
 359          if (!empty($CFG->enablegravatar)) {
 360              $mform->addElement('html', html_writer::tag('p', get_string('gravatarenabled')));
 361          }
 362  
 363          $mform->addElement('static', 'currentpicture', get_string('currentpicture'));
 364  
 365          $mform->addElement('checkbox', 'deletepicture', get_string('deletepicture'));
 366          $mform->setDefault('deletepicture', 0);
 367  
 368          $mform->addElement('filemanager', 'imagefile', get_string('newpicture'), '', $filemanageroptions);
 369          $mform->addHelpButton('imagefile', 'newpicture');
 370  
 371          $mform->addElement('text', 'imagealt', get_string('imagealt'), 'maxlength="100" size="30"');
 372          $mform->setType('imagealt', PARAM_TEXT);
 373  
 374      }
 375  
 376      // Display user name fields that are not currenlty enabled here if there are any.
 377      $disabledusernamefields = useredit_get_disabled_name_fields($enabledusernamefields);
 378      if (count($disabledusernamefields) > 0) {
 379          $mform->addElement('header', 'moodle_additional_names', get_string('additionalnames'));
 380          foreach ($disabledusernamefields as $allname) {
 381              $purpose = user_edit_map_field_purpose($user->id, $allname);
 382              $mform->addElement('text', $allname, get_string($allname), 'maxlength="100" size="30"' . $purpose);
 383              $mform->setType($allname, PARAM_NOTAGS);
 384          }
 385      }
 386  
 387      if (core_tag_tag::is_enabled('core', 'user') and empty($USER->newadminuser)) {
 388          $mform->addElement('header', 'moodle_interests', get_string('interests'));
 389          $mform->addElement('tags', 'interests', get_string('interestslist'),
 390              array('itemtype' => 'user', 'component' => 'core'));
 391          $mform->addHelpButton('interests', 'interestslist');
 392      }
 393  
 394      // Moodle optional fields.
 395      $mform->addElement('header', 'moodle_optional', get_string('optional', 'form'));
 396  
 397      $mform->addElement('text', 'url', get_string('webpage'), 'maxlength="255" size="50"');
 398      $mform->setType('url', core_user::get_property_type('url'));
 399  
 400      $mform->addElement('text', 'icq', get_string('icqnumber'), 'maxlength="15" size="25"');
 401      $mform->setType('icq', core_user::get_property_type('icq'));
 402      $mform->setForceLtr('icq');
 403  
 404      $mform->addElement('text', 'skype', get_string('skypeid'), 'maxlength="50" size="25"');
 405      $mform->setType('skype', core_user::get_property_type('skype'));
 406      $mform->setForceLtr('skype');
 407  
 408      $mform->addElement('text', 'aim', get_string('aimid'), 'maxlength="50" size="25"');
 409      $mform->setType('aim', core_user::get_property_type('aim'));
 410      $mform->setForceLtr('aim');
 411  
 412      $mform->addElement('text', 'yahoo', get_string('yahooid'), 'maxlength="50" size="25"');
 413      $mform->setType('yahoo', core_user::get_property_type('yahoo'));
 414      $mform->setForceLtr('yahoo');
 415  
 416      $mform->addElement('text', 'msn', get_string('msnid'), 'maxlength="50" size="25"');
 417      $mform->setType('msn', core_user::get_property_type('msn'));
 418      $mform->setForceLtr('msn');
 419  
 420      $mform->addElement('text', 'idnumber', get_string('idnumber'), 'maxlength="255" size="25"');
 421      $mform->setType('idnumber', core_user::get_property_type('idnumber'));
 422  
 423      $mform->addElement('text', 'institution', get_string('institution'), 'maxlength="255" size="25"');
 424      $mform->setType('institution', core_user::get_property_type('institution'));
 425  
 426      $mform->addElement('text', 'department', get_string('department'), 'maxlength="255" size="25"');
 427      $mform->setType('department', core_user::get_property_type('department'));
 428  
 429      $mform->addElement('text', 'phone1', get_string('phone1'), 'maxlength="20" size="25"');
 430      $mform->setType('phone1', core_user::get_property_type('phone1'));
 431      $mform->setForceLtr('phone1');
 432  
 433      $mform->addElement('text', 'phone2', get_string('phone2'), 'maxlength="20" size="25"');
 434      $mform->setType('phone2', core_user::get_property_type('phone2'));
 435      $mform->setForceLtr('phone2');
 436  
 437      $mform->addElement('text', 'address', get_string('address'), 'maxlength="255" size="25"');
 438      $mform->setType('address', core_user::get_property_type('address'));
 439  }
 440  
 441  /**
 442   * Return required user name fields for forms.
 443   *
 444   * @return array required user name fields in order according to settings.
 445   */
 446  function useredit_get_required_name_fields() {
 447      global $CFG;
 448  
 449      // Get the name display format.
 450      $nameformat = $CFG->fullnamedisplay;
 451  
 452      // Names that are required fields on user forms.
 453      $necessarynames = array('firstname', 'lastname');
 454      $languageformat = get_string('fullnamedisplay');
 455  
 456      // Check that the language string and the $nameformat contain the necessary names.
 457      foreach ($necessarynames as $necessaryname) {
 458          $pattern = "/$necessaryname\b/";
 459          if (!preg_match($pattern, $languageformat)) {
 460              // If the language string has been altered then fall back on the below order.
 461              $languageformat = 'firstname lastname';
 462          }
 463          if (!preg_match($pattern, $nameformat)) {
 464              // If the nameformat doesn't contain the necessary name fields then use the languageformat.
 465              $nameformat = $languageformat;
 466          }
 467      }
 468  
 469      // Order all of the name fields in the postion they are written in the fullnamedisplay setting.
 470      $necessarynames = order_in_string($necessarynames, $nameformat);
 471      return $necessarynames;
 472  }
 473  
 474  /**
 475   * Gets enabled (from fullnameformate setting) user name fields in appropriate order.
 476   *
 477   * @return array Enabled user name fields.
 478   */
 479  function useredit_get_enabled_name_fields() {
 480      global $CFG;
 481  
 482      // Get all of the other name fields which are not ranked as necessary.
 483      $additionalusernamefields = array_diff(get_all_user_name_fields(), array('firstname', 'lastname'));
 484      // Find out which additional name fields are actually being used from the fullnamedisplay setting.
 485      $enabledadditionalusernames = array();
 486      foreach ($additionalusernamefields as $enabledname) {
 487          if (strpos($CFG->fullnamedisplay, $enabledname) !== false) {
 488              $enabledadditionalusernames[] = $enabledname;
 489          }
 490      }
 491  
 492      // Order all of the name fields in the postion they are written in the fullnamedisplay setting.
 493      $enabledadditionalusernames = order_in_string($enabledadditionalusernames, $CFG->fullnamedisplay);
 494      return $enabledadditionalusernames;
 495  }
 496  
 497  /**
 498   * Gets user name fields not enabled from the setting fullnamedisplay.
 499   *
 500   * @param array $enabledadditionalusernames Current enabled additional user name fields.
 501   * @return array Disabled user name fields.
 502   */
 503  function useredit_get_disabled_name_fields($enabledadditionalusernames = null) {
 504      // If we don't have enabled additional user name information then go and fetch it (try to avoid).
 505      if (!isset($enabledadditionalusernames)) {
 506          $enabledadditionalusernames = useredit_get_enabled_name_fields();
 507      }
 508  
 509      // These are the additional fields that are not currently enabled.
 510      $nonusednamefields = array_diff(get_all_user_name_fields(),
 511              array_merge(array('firstname', 'lastname'), $enabledadditionalusernames));
 512      return $nonusednamefields;
 513  }