user_add.php 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. /**
  4. * Deprecated
  5. * @package chamilo.reporting
  6. */
  7. /**
  8. * Code
  9. */
  10. // name of the language file that needs to be included
  11. $language_file = array('admin', 'registration');
  12. $cidReset = true;
  13. exit; //@deprecated file seems to be unused
  14. // including necessary libraries
  15. require_once '../inc/global.inc.php';
  16. $libpath = api_get_path(LIBRARY_PATH);
  17. require_once $libpath.'fileManage.lib.php';
  18. require_once $libpath.'fileUpload.lib.php';
  19. require_once $libpath.'mail.lib.inc.php';
  20. // user permissions
  21. api_protect_admin_script(true);
  22. api_block_anonymous_users();
  23. // Database table definitions
  24. $table_admin = Database :: get_main_table(TABLE_MAIN_ADMIN);
  25. $table_user = Database :: get_main_table(TABLE_MAIN_USER);
  26. $database = Database::get_main_database();
  27. $htmlHeadXtra[] = '
  28. <script type="text/javascript">
  29. <!--
  30. function enable_expiration_date() { //v2.0
  31. document.user_add.radio_expiration_date[0].checked=false;
  32. document.user_add.radio_expiration_date[1].checked=true;
  33. }
  34. function password_switch_radio_button(form, input){
  35. var NodeList = document.getElementsByTagName("input");
  36. for(var i=0; i< NodeList.length; i++){
  37. if(NodeList.item(i).name=="password[password_auto]" && NodeList.item(i).value=="0"){
  38. NodeList.item(i).checked=true;
  39. }
  40. }
  41. }
  42. function display_drh_list(){
  43. if(document.getElementById("status_select").value=='.STUDENT.')
  44. {
  45. document.getElementById("drh_list").style.display="block";
  46. }
  47. else
  48. {
  49. document.getElementById("drh_list").style.display="none";
  50. document.getElementById("drh_select").options[0].selected="selected";
  51. }
  52. }
  53. //-->
  54. </script>';
  55. if (!empty($_GET['message'])) {
  56. $message = urldecode($_GET['message']);
  57. }
  58. $id_session='';
  59. if (isset($_GET["id_session"]) && $_GET["id_session"] != "") {
  60. $id_session = Security::remove_XSS($_GET["id_session"]);
  61. }
  62. $interbreadcrumb[] = array ('url' => '../admin/index.php', 'name' => get_lang('PlatformAdmin'));
  63. $tool_name = get_lang('AddUsers');
  64. // Create the form
  65. $form = new FormValidator('user_add');
  66. if (api_is_western_name_order()) {
  67. // Firstname
  68. $form->addElement('text','firstname', get_lang('FirstName'));
  69. $form->applyFilter('firstname', 'html_filter');
  70. $form->applyFilter('firstname', 'trim');
  71. $form->addRule('firstname', get_lang('ThisFieldIsRequired'), 'required');
  72. // Lastname
  73. $form->addElement('text','lastname', get_lang('LastName'));
  74. $form->applyFilter('lastname', 'html_filter');
  75. $form->applyFilter('lastname', 'trim');
  76. $form->addRule('lastname', get_lang('ThisFieldIsRequired'), 'required');
  77. } else {
  78. // Lastname
  79. $form->addElement('text','lastname', get_lang('LastName'));
  80. $form->applyFilter('lastname', 'html_filter');
  81. $form->applyFilter('lastname', 'trim');
  82. $form->addRule('lastname', get_lang('ThisFieldIsRequired'), 'required');
  83. // Firstname
  84. $form->addElement('text','firstname', get_lang('FirstName'));
  85. $form->applyFilter('firstname', 'html_filter');
  86. $form->applyFilter('firstname', 'trim');
  87. $form->addRule('firstname', get_lang('ThisFieldIsRequired'), 'required');
  88. }
  89. // Official code
  90. $form->addElement('text', 'official_code', get_lang('OfficialCode'), array('size' => '40'));
  91. $form->applyFilter('official_code', 'html_filter');
  92. $form->applyFilter('official_code', 'trim');
  93. // Email
  94. $form->addElement('text', 'email', get_lang('Email'), array('size' => '40'));
  95. $form->addRule('email', get_lang('EmailWrong'), 'email');
  96. $form->addRule('email', get_lang('EmailWrong'), 'required');
  97. // Phone
  98. $form->addElement('text', 'phone', get_lang('PhoneNumber'));
  99. // Picture
  100. $form->addElement('file', 'picture', get_lang('AddPicture'));
  101. $allowed_picture_types = array ('jpg', 'jpeg', 'png', 'gif');
  102. $form->addRule('picture', get_lang('OnlyImagesAllowed').' ('.implode(',', $allowed_picture_types).')', 'filetype', $allowed_picture_types);
  103. // Username
  104. $form->addElement('text', 'username', get_lang('LoginName'), array('maxlength' => USERNAME_MAX_LENGTH));
  105. $form->addRule('username', get_lang('ThisFieldIsRequired'), 'required');
  106. $form->addRule('username', sprintf(get_lang('UsernameMaxXCharacters'), (string)USERNAME_MAX_LENGTH), 'maxlength', USERNAME_MAX_LENGTH);
  107. $form->addRule('username', get_lang('OnlyLettersAndNumbersAllowed'), 'username');
  108. $form->addRule('username', get_lang('UserTaken'), 'username_available', $user_data['username']);
  109. // Password
  110. $group = array();
  111. $auth_sources = 0; //make available wider as we need it in case of form reset (see below)
  112. if (count($extAuthSource) > 0) {
  113. $group[] =& HTML_QuickForm::createElement('radio', 'password_auto', null, get_lang('ExternalAuthentication').' ', 2);
  114. $auth_sources = array();
  115. foreach ($extAuthSource as $key => $info) {
  116. $auth_sources[$key] = $key;
  117. }
  118. $group[] =& HTML_QuickForm::createElement('select', 'auth_source', null, $auth_sources);
  119. $group[] =& HTML_QuickForm::createElement('static', '', '', '<br />');
  120. }
  121. $group[] =& HTML_QuickForm::createElement('radio', 'password_auto', get_lang('Password'), get_lang('AutoGeneratePassword').'<br />', 1);
  122. $group[] =& HTML_QuickForm::createElement('radio', 'password_auto', 'id="radio_user_password"', null, 0);
  123. $group[] =& HTML_QuickForm::createElement('password', 'password', null, array('onkeydown' => 'javascript: password_switch_radio_button(document.user_add,"password[password_auto]");'));
  124. $form->addGroup($group, 'password', get_lang('Password'), '');
  125. // Send email
  126. $group = array();
  127. $group[] =& HTML_QuickForm::createElement('radio', 'send_mail',null,get_lang('Yes'), 1);
  128. $group[] =& HTML_QuickForm::createElement('radio', 'send_mail',null,get_lang('No'), 0);
  129. $form->addGroup($group, 'mail', get_lang('SendMailToNewUser'), '&nbsp;');
  130. // Expiration Date
  131. $form->addElement('radio', 'radio_expiration_date', get_lang('ExpirationDate'), get_lang('NeverExpires'), 0);
  132. $group = array ();
  133. $group[] = $form->createElement('radio', 'radio_expiration_date', null, get_lang('On'), 1);
  134. $group[] = $form->createElement('datepicker', 'expiration_date', null, array('form_name' => $form->getAttribute('name'), 'onchange' => 'javascript: enable_expiration_date();'));
  135. $form->addGroup($group, 'max_member_group', null, '', false);
  136. // Active account or inactive account
  137. $form->addElement('radio', 'active', get_lang('ActiveAccount'), get_lang('Active'), 1);
  138. $form->addElement('radio', 'active', '', get_lang('Inactive'), 0);
  139. $now = api_get_utc_datetime();
  140. //Session list
  141. if (api_is_session_admin()) {
  142. $where = 'WHERE session_admin_id='.intval(api_get_user_id());
  143. $where .= ' AND ( (session.date_start <= "'.$now.'" AND session.date_end >= "'.$now.'") OR session.date_start="0000-00-00" ) ';
  144. $tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
  145. $sql="SELECT id,name,nbr_courses,date_start,date_end FROM $tbl_session $where ORDER BY name";
  146. $result = Database::query($sql);
  147. $a_sessions = Database::store_result($result);
  148. $session_list = array();
  149. $session_list[0] = get_lang('SelectSession');
  150. if (is_array($a_sessions)) {
  151. foreach ($a_sessions as $session) {
  152. $session_list[$session['id']]=$session['name'];
  153. }
  154. }
  155. //asort($session_list);
  156. //api_asort($session_list, SORT_STRING);
  157. api_natsort($session_list);
  158. $form->addElement('select', 'session_id', get_lang('Session'), $session_list);
  159. }
  160. UserManager::set_extra_fields_in_form($form, null, 'registration');
  161. // Set default values
  162. $defaults['admin']['platform_admin'] = 0;
  163. $defaults['mail']['send_mail'] = 0;
  164. $defaults['password']['password_auto'] = 1;
  165. $defaults['active'] = 1;
  166. $defaults['expiration_date'] = array();
  167. $days = api_get_setting('account_valid_duration');
  168. $time = strtotime('+'.$days.' day');
  169. $defaults['expiration_date']['d'] = date('d', $time);
  170. $defaults['expiration_date']['F'] = date('m', $time);
  171. $defaults['expiration_date']['Y'] = date('Y', $time);
  172. $defaults['radio_expiration_date'] = 0;
  173. $defaults['status'] = STUDENT;
  174. $defaults['session_id'] = api_get_session_id();
  175. $form->setDefaults($defaults);
  176. // Submit button
  177. $select_level = array ();
  178. $html_results_enabled[] = FormValidator :: createElement ('style_submit_button', 'submit_plus', get_lang('Add').'+', 'class="add"');
  179. $html_results_enabled[] = FormValidator :: createElement ('style_submit_button', 'submit', get_lang('Add'), 'class="add"');
  180. $form->addGroup($html_results_enabled);
  181. // Validate form
  182. if ($form->validate()) {
  183. $check = Security::check_token('post');
  184. if ($check) {
  185. $user = $form->exportValues();
  186. $picture_element = $form->getElement('picture');
  187. $picture = $picture_element->getValue();
  188. $picture_uri = '';
  189. if (strlen($picture['name']) > 0) {
  190. if (!is_dir(api_get_path(SYS_CODE_PATH).'upload/users/')) {
  191. mkdir(api_get_path(SYS_CODE_PATH).'upload/users/', api_get_permissions_for_new_directories());
  192. }
  193. $picture_uri = uniqid('').'_'.replace_dangerous_char($picture['name']);
  194. $picture_location = api_get_path(SYS_CODE_PATH).'upload/users/'.$picture_uri;
  195. move_uploaded_file($picture['tmp_name'], $picture_location);
  196. }
  197. $lastname = $user['lastname'];
  198. $firstname = $user['firstname'];
  199. $official_code = $user['official_code'];
  200. $email = $user['email'];
  201. $phone = $user['phone'];
  202. $username = $user['username'];
  203. $status = intval($user['status']);
  204. $picture = $_FILES['picture'];
  205. $platform_admin = intval($user['admin']['platform_admin']);
  206. $send_mail = intval($user['mail']['send_mail']);
  207. $hr_dept_id = intval($user['hr_dept_id']);
  208. if (count($extAuthSource) > 0 && $user['password']['password_auto'] == '2') {
  209. $auth_source = $user['password']['auth_source'];
  210. $password = 'PLACEHOLDER';
  211. } else {
  212. $auth_source = PLATFORM_AUTH_SOURCE;
  213. $password = $user['password']['password_auto'] == '1' ? api_generate_password() : $user['password']['password'];
  214. }
  215. if ($user['radio_expiration_date'] == '1') {
  216. $expiration_date = $user['expiration_date'];
  217. } else {
  218. $expiration_date = '0000-00-00 00:00:00';
  219. }
  220. $active = intval($user['active']);
  221. // default status = student
  222. $status = 5;
  223. //create user
  224. $user_id = UserManager::create_user($firstname, $lastname, $status, $email, $username, $password, $official_code, api_get_setting('platformLanguage'), $phone, $picture_uri, $auth_source, $expiration_date, $active, $hr_dept_id);
  225. //adding to the session
  226. if (api_is_session_admin()) {
  227. $tbl_session_rel_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
  228. $tbl_session_rel_course_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
  229. $tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
  230. $tbl_session_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_USER);
  231. $id_session = $user['session_id'];
  232. if ($id_session != 0) {
  233. $result = Database::query("SELECT course_code FROM $tbl_session_rel_course WHERE id_session='$id_session'");
  234. $CourseList=array();
  235. while ($row = Database::fetch_array($result)) {
  236. $CourseList[] = $row['course_code'];
  237. }
  238. foreach ($CourseList as $enreg_course) {
  239. Database::query("INSERT INTO $tbl_session_rel_course_rel_user(id_session,course_code,id_user) VALUES('$id_session','$enreg_course','$user_id')");
  240. // updating the total
  241. $sql = "SELECT COUNT(id_user) as nbUsers FROM $tbl_session_rel_course_rel_user WHERE id_session='$id_session' AND course_code='$enreg_course'";
  242. $rs = Database::query($sql);
  243. list($nbr_users) = Database::fetch_array($rs);
  244. Database::query("UPDATE $tbl_session_rel_course SET nbr_users=$nbr_users WHERE id_session='$id_session' AND course_code='$enreg_course'");
  245. }
  246. Database::query("INSERT INTO $tbl_session_rel_user(id_session, id_user) VALUES('$id_session','$user_id')");
  247. $sql = "SELECT COUNT(nbr_users) as nbUsers FROM $tbl_session WHERE id='$id_session' ";
  248. $rs = Database::query($sql);
  249. list($nbr_users) = Database::fetch_array($rs);
  250. Database::query("UPDATE $tbl_session SET nbr_users= $nbr_users WHERE id='$id_session' ");
  251. }
  252. }
  253. $extras = array();
  254. foreach ($user as $key => $value) {
  255. if (substr($key, 0, 6) == 'extra_') {
  256. //an extra field
  257. $myres = UserManager::update_extra_field_value($user_id, substr($key, 6), $value);
  258. }
  259. }
  260. if ($platform_admin) {
  261. $sql = "INSERT INTO $table_admin SET user_id = '".$user_id."'";
  262. Database::query($sql);
  263. }
  264. if (!empty ($email) && $send_mail) {
  265. //$emailto = '"'.api_get_person_name($firstname, $lastname, null, PERSON_NAME_EMAIL_ADDRESS).'" <'.$email.'>';
  266. $emailsubject = '['.api_get_setting('siteName').'] '.get_lang('YourReg').' '.api_get_setting('siteName');
  267. $portal_url = $_configuration['root_web'];
  268. if ($_configuration['multiple_access_urls']) {
  269. $access_url_id = api_get_current_access_url_id();
  270. if ($access_url_id != -1) {
  271. $url = api_get_access_url($access_url_id);
  272. $portal_url = $url['url'];
  273. }
  274. }
  275. $emailbody = get_lang('Dear')." ".stripslashes(api_get_person_name($firstname, $lastname)).",\n\n".get_lang('YouAreReg')." ". api_get_setting('siteName') ." ".get_lang('WithTheFollowingSettings')."\n\n".get_lang('Username')." : ". $username ."\n". get_lang('Pass')." : ".stripslashes($password)."\n\n" .get_lang('Address') ." ". api_get_setting('siteName') ." ". get_lang('Is') ." : ".$portal_url."\n\n". get_lang('Problem'). "\n\n". get_lang('SignatureFormula').",\n\n".api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'))."\n". get_lang('Manager'). " ".api_get_setting('siteName')."\nT. ".api_get_setting('administratorTelephone')."\n" .get_lang('Email') ." : ".api_get_setting('emailAdministrator');
  276. api_mail_html(
  277. api_get_person_name($firstname, $lastname, null, PERSON_NAME_EMAIL_ADDRESS),
  278. $email,
  279. $emailsubject,
  280. $emailbody
  281. );
  282. }
  283. Security::clear_token();
  284. if (isset($user['submit_plus'])) {
  285. //we want to add more. Prepare report message and redirect to the same page (to clean the form)
  286. $tok = Security::get_token();
  287. header('Location: user_add.php?message='.urlencode(get_lang('UserAdded')).'&sec_token='.$tok);
  288. exit ();
  289. } else {
  290. $tok = Security::get_token();
  291. header('Location: ../admin/user_list.php?action=show_message&message='.urlencode(get_lang('UserAdded')).'&sec_token='.$tok);
  292. exit ();
  293. }
  294. }
  295. } else {
  296. if (isset($_POST['submit'])) {
  297. Security::clear_token();
  298. }
  299. $token = Security::get_token();
  300. $form->addElement('hidden', 'sec_token');
  301. $form->setConstants(array('sec_token' => $token));
  302. }
  303. // Display form
  304. Display::display_header($tool_name);
  305. //api_display_tool_title($tool_name);
  306. if (!empty($message)) {
  307. Display::display_normal_message(stripslashes($message));
  308. }
  309. $form->display();
  310. /*
  311. ==============================================================================
  312. FOOTER
  313. ==============================================================================
  314. */
  315. Display::display_footer();