user_add.php 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380
  1. <?php
  2. /* For licensing terms, see /license.txt*/
  3. /**
  4. * @package chamilo.user
  5. */
  6. /**
  7. * Code
  8. */
  9. /* INIT */
  10. // name of the language file that needs to be included
  11. $language_file="registration";
  12. include("../inc/global.inc.php");
  13. require_once(api_get_path(INCLUDE_PATH).'lib/mail.lib.inc.php');
  14. $this_section=SECTION_COURSES;
  15. if (! ($is_courseAdmin || $is_platformAdmin)) api_not_allowed(true);
  16. $currentCourseID = $_course['sysCode'];
  17. $currentCourseName = $_course['official_code'];
  18. $tbl_user = "user";
  19. $tbl_courseUser = "course_rel_user";
  20. /* DATA CHECKING */
  21. if($register) {
  22. /*
  23. * Fields Checking
  24. */
  25. $lastname_form = trim($lastname_form);
  26. $firstname_form = trim($firstname_form);
  27. $password_form = trim($password_form);
  28. $username_form = trim($username_form);
  29. $email_form = trim($email_form);
  30. $official_code_form = trim($official_code_form);
  31. // empty field checking
  32. if(empty($lastname_form) || empty($firstname_form) || empty($password_form) || empty($username_form) || empty($email_form))
  33. {
  34. $dataChecked = false;
  35. $message = get_lang('Filled');
  36. }
  37. // valid mail address checking
  38. elseif(!eregi('^[0-9a-z_.-]+@([0-9a-z-]+\.)+([0-9a-z]){2,4}$',$email_form))
  39. {
  40. $dataChecked = false;
  41. $message = get_lang('EmailWrong');
  42. }
  43. else
  44. {
  45. $dataChecked = true;
  46. }
  47. // prevent conflict with existing user account
  48. if($dataChecked)
  49. {
  50. $result=Database::query("SELECT user_id,
  51. (username='$username_form') AS loginExists,
  52. (lastname='$lastname_form' AND firstname='$firstname_form' AND email='$email_form') AS userExists
  53. FROM $tbl_user
  54. WHERE username='$username_form' OR (lastname='$lastname_form' AND firstname='$firstname_form' AND email='$email_form')
  55. ORDER BY userExists DESC, loginExists DESC");
  56. if(Database::num_rows($result))
  57. {
  58. while($user=Database::fetch_array($result))
  59. {
  60. // check if the user is already registered to the platform
  61. if($user['userExists'])
  62. {
  63. $userExists = true;
  64. $userId = $user['user_id'];
  65. break;
  66. }
  67. // check if the login name choosen is already taken by another user
  68. if($user['loginExists'])
  69. {
  70. $loginExists = true;
  71. $userId = 0;
  72. $message = get_lang('UserNo')." (".stripslashes($username_form).") ".get_lang('Taken');
  73. break;
  74. }
  75. } // end while $result
  76. } // end if num rows
  77. } // end if datachecked
  78. /*=============================
  79. NEW USER REGISTRATION PROCESS
  80. =============================*/
  81. if($dataChecked && !$userExists && !$loginExists)
  82. {
  83. /*---------------------------
  84. PLATFORM REGISTRATION
  85. ----------------------------*/
  86. if ($_cid) $platformStatus = STUDENT; // course registrartion context...
  87. else $platformStatus = $platformStatus; // admin section of the platform context...
  88. $pw = api_get_encrypted_password($password_form);
  89. $result = Database::query("INSERT INTO $tbl_user
  90. SET lastname = '$lastname_form',
  91. firstname = '$firstname_form',
  92. username = '$username_form',
  93. password = '$pw',
  94. email = '$email_form',
  95. status = '$platformStatus',
  96. official_code = '$official_code_form',
  97. creator_id = '".$_user['user_id']."'");
  98. $userId = Database::insert_id();
  99. if ($userId) $platformRegSucceed = true;
  100. }
  101. if($userId && $_cid)
  102. {
  103. /*
  104. Note : As we temporarly use this script in the platform administration
  105. section to also add user to the platform, We have to prevent course
  106. registration. That's why we check if $_cid is initialized, it gives us
  107. an hint about the use context of the script
  108. */
  109. /*---------------------------
  110. COURSE REGISTRATION
  111. ----------------------------*/
  112. /*
  113. * check the return value of the query
  114. * if 0, the user is already registered to the course
  115. */
  116. if (Database::query("INSERT INTO $tbl_courseUser
  117. SET user_id = '$userId',
  118. course_code = '$currentCourseID',
  119. status = '$admin_form',
  120. tutor_id = '$tutor_form'"))
  121. {
  122. $courseRegSucceed = true;
  123. }
  124. } // if $platformRegSucceed && $_cid
  125. /*---------------------------
  126. MAIL NOTIFICATION TO NEW USER
  127. ----------------------------*/
  128. if ($platformRegSucceed)
  129. {
  130. $emailto = "$lastname_form $firstname_form <$email_form>";
  131. $emailfromaddr = $administratorEmail;
  132. $emailfromname = api_get_setting('siteName');
  133. $emailsubject = get_lang('YourReg').' '.api_get_setting('siteName');
  134. $emailheaders = "From: ".api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'), null, PERSON_NAME_EMAIL_ADDRESS)." <".$administratorEmail.">\n";
  135. $emailheaders .= "Reply-To: ".$administratorEmail."\n";
  136. $emailheaders .= "Return-Path: ".$administratorEmail."\n";
  137. $emailheaders .= "charset: ".api_get_system_encoding()."\n";
  138. $emailheaders .= "X-Mailer: PHP/" . phpversion() . "\n";
  139. $emailheaders .= "X-Sender-IP: $REMOTE_ADDR"; // (small security precaution...)
  140. $recipient_name = api_get_person_name($firstname_form, $lastname_form, null, PERSON_NAME_EMAIL_ADDRESS);
  141. $sender_name = api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'), null, PERSON_NAME_EMAIL_ADDRESS);
  142. $email_admin = api_get_setting('emailAdministrator');
  143. $portal_url = $_configuration['root_web'];
  144. if ($_configuration['multiple_access_urls']) {
  145. $access_url_id = api_get_current_access_url_id();
  146. if ($access_url_id != -1 ){
  147. $url = api_get_access_url($access_url_id);
  148. $portal_url = $url['url'];
  149. }
  150. }
  151. if ($courseRegSucceed)
  152. {
  153. $emailbody = get_lang('Dear')." ".stripslashes(api_get_person_name($firstname_form, $lastname_form)).",\n".get_lang('OneResp')." $currentCourseName ".get_lang('RegYou')." ".api_get_setting('siteName')." ".get_lang('WithTheFollowingSettings')."\n\n".get_lang('Username')." : $username_form\n".get_lang('Pass').": $password_form\n".get_lang('Address')." ".api_get_setting('siteName')." ".get_lang('Is').": ".$portal_url."\n".get_lang('Problem')."\n".get_lang('SignatureFormula').",\n".api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'))."\n".get_lang('Manager')." ".api_get_setting('siteName')." \nT. ".api_get_setting('administratorTelephone')."\n".get_lang('Email').": ".api_get_setting('emailAdministrator')."\n";
  154. $message = get_lang('TheU')." ".stripslashes(api_get_person_name($firstname_form, $lastname_form))." ".get_lang('AddedToCourse')."<a href=\"user.php\">".get_lang('BackUser')."</a>\n";
  155. }
  156. else
  157. {
  158. $emailbody = get_lang('Dear')." ".api_get_person_name($firstname_form, $lastname_form).",\n ".get_lang('YouAreReg')." ".api_get_setting('siteName')." ".get_lang('WithTheFollowingSettings')."\n\n".get_lang('Username')." : $username_form\n".get_lang('Pass').": $password_form\n".get_lang('Address')." ".api_get_setting('siteName')." ".get_lang('Is').": ".$portal_url."\n".get_lang('Problem')."\n".get_lang('SignatureFormula').",\n".api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'))."\n".get_lang('Manager')." ".api_get_setting('siteName')." \nT. ".api_get_setting('administratorTelephone')."\n".get_lang('Email').": ".api_get_setting('emailAdministrator')."\n";
  159. $message = stripslashes(api_get_person_name($firstname_form, $lastname_form))." ".get_lang('AddedU');
  160. }
  161. $plugin = new AppPlugin();
  162. $additionalParameters = array(
  163. 'smsType' => constant($plugin->getSMSPluginName().'::BEEN_SUBSCRIBED_COURSE'),
  164. 'userId' => $user_id,
  165. 'courseTitle' => $currentCourseName
  166. );
  167. api_mail_html(
  168. $recipient_name,
  169. $email_form,
  170. $emailsubject,
  171. $emailbody,
  172. $sender_name,
  173. $email_admin,
  174. null,
  175. null,
  176. null,
  177. $additionalParameters
  178. );
  179. /*
  180. * remove <form> variables to prevent any pre-filled fields
  181. */
  182. unset($lastname_form, $firstname_form, $username_form, $password_form, $email_form, $admin_form, $tutor_form);
  183. } // end if ($platformRegSucceed)
  184. //else
  185. //{
  186. // $message = get_lang('UserAlreadyRegistered');
  187. //}
  188. } // end if register request
  189. $interbreadcrumb[] = array ("url"=>"user.php", "name"=> get_lang('ToolUser'));
  190. $nameTools = get_lang('AddAU');
  191. Display::display_header($nameTools, "User");
  192. ?>
  193. <h3><?php echo get_lang('ToolUser'); ?></h3>
  194. <table border="0" cellpadding="0" cellspacing="0" width="100%">
  195. <tr>
  196. <td><h4><?php echo $nameTools; ?></h4></td>
  197. <td></td>
  198. </tr>
  199. </table>
  200. <?php
  201. /*==========================
  202. ADD ONE USER FORM
  203. ==========================*/
  204. ?>
  205. <?php echo get_lang('OneByOne'); ?>. <?php echo get_lang('UserOneByOneExplanation'); ?>
  206. <form method="post" action="<?php echo api_get_self(); ?>?register=yes">
  207. <table cellpadding="3" cellspacing="0" border="0">
  208. <?php
  209. if(!empty($message))
  210. {
  211. ?>
  212. <tr>
  213. <td colspan="2">
  214. <?php
  215. Display::display_normal_message($message); //main API
  216. ?>
  217. </td>
  218. </tr>
  219. <?php
  220. }
  221. if (api_is_western_name_order()) {
  222. ?>
  223. <tr>
  224. <td align="right"><?php echo get_lang('FirstName'); ?> :</td>
  225. <td><input type="text" size="15" name="firstname_form" value="<?php echo api_htmlentities(stripslashes($firstname_form), ENT_QUOTES, $charset); ?>" /></td>
  226. </tr>
  227. <tr>
  228. <td align="right"><?php echo get_lang('LastName'); ?> :</td>
  229. <td><input type="text" size="15" name="lastname_form" value="<?php echo api_htmlentities(stripslashes($lastname_form), ENT_QUOTES, $charset); ?>" /></td>
  230. </tr>
  231. <?php
  232. } else {
  233. ?>
  234. <tr>
  235. <td align="right"><?php echo get_lang('LastName'); ?> :</td>
  236. <td><input type="text" size="15" name="lastname_form" value="<?php echo api_htmlentities(stripslashes($lastname_form), ENT_QUOTES, $charset); ?>" /></td>
  237. </tr>
  238. <tr>
  239. <td align="right"><?php echo get_lang('FirstName'); ?> :</td>
  240. <td><input type="text" size="15" name="firstname_form" value="<?php echo api_htmlentities(stripslashes($firstname_form), ENT_QUOTES, $charset); ?>" /></td>
  241. </tr>
  242. <?php
  243. }
  244. ?>
  245. <tr>
  246. <td align="right"><?php echo get_lang('OfficialCode'); ?> :</td>
  247. <td><input type="text" size="15" name="official_code_form" value="<?php echo api_htmlentities(stripslashes($official_code_form), ENT_QUOTES, $charset); ?>" /></td>
  248. </tr>
  249. <tr>
  250. <td align="right"><?php echo get_lang('UserName') ?> :</td>
  251. <td><input type="text" size="15" name="username_form" value="<?php echo api_htmlentities(stripslashes($username_form), ENT_QUOTES, $charset); ?>" /></td>
  252. </tr>
  253. <tr>
  254. <td align="right"><?php echo get_lang('Pass') ?> :</td>
  255. <td><input type="password" size="15" name="password_form" value="<?php echo api_htmlentities(stripslashes($password_form), ENT_QUOTES, $charset) ?>" /></td>
  256. </tr>
  257. <tr>
  258. <td align="right"><?php echo get_lang('Email'); ?> :</td>
  259. <td><input type="text" size="15" name="email_form" value="<?php echo $email_form; ?>" /></td>
  260. </tr>
  261. <tr>
  262. <?php
  263. if ($_cid) // if we're inside a course, then it's a course registration
  264. {
  265. ?>
  266. <td align="right"><?php echo get_lang('Tutor'); ?> :</td>
  267. <td><input class="checkbox" type="radio" name="tutor_form" value="0" <?php if(!isset($tutor_form) || !$tutor_form) echo 'checked="checked"'; ?> /> <?php echo get_lang('No'); ?>
  268. <input class="checkbox" type="radio" name="tutor_form" value="1" <?php if($tutor_form == 1) echo 'checked="checked"'; ?> /> <?php echo get_lang('Yes') ?></td>
  269. </tr>
  270. <tr>
  271. <td align="right"><?php echo get_lang('Manager') ?> :</td>
  272. <td><input class="checkbox" type="radio" name="admin_form" value="5" <?php if(!isset($admin_form) || $admin_form == 5) echo 'checked="checked"'; ?> /> <?php echo get_lang('No') ?>
  273. <input class="checkbox" type="radio" name="admin_form" value="1" <?php if($admin_form == 1) echo 'checked="checked"'; ?> /> <?php echo get_lang('Yes'); ?></td>
  274. </tr>
  275. <?php
  276. } // end if $_cid - for the case we're not in a course registration
  277. // but a platform registration
  278. else
  279. {
  280. ?>
  281. <tr>
  282. <td align="right"><?php echo get_lang('Status') ?> : </td>
  283. <td>
  284. <select name="platformStatus">
  285. <option value="<?php echo STUDENT ?>"><?php echo get_lang('RegStudent') ?></option>
  286. <option value="<?php echo COURSEMANAGER ?>"><?php echo get_lang('RegAdmin') ?></option>
  287. </select>
  288. </td>
  289. </tr>
  290. <?php
  291. } // end else if $_cid
  292. ?>
  293. <tr>
  294. <td>&nbsp;</td>
  295. <td><input type="submit" name="submit" value="<?php echo get_lang('Ok') ?>" /></td>
  296. </tr>
  297. </table>
  298. </form>
  299. <?php
  300. /*==========================
  301. IMPORT XML/CSV USER LIST
  302. ==========================*/
  303. echo "<p>".get_lang('IfYouWantToAddManyUsers')."</p>";
  304. Display::display_footer();