user.php 39 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. /**
  4. * This script displays a list of the users of the current course.
  5. * Course admins can change user permissions, subscribe and unsubscribe users...
  6. *
  7. * EXPERIMENTAL: support for virtual courses
  8. * - show users registered in virtual and real courses;
  9. * - only show the users of a virtual course if the current user;
  10. * is registered in that virtual course.
  11. *
  12. * Exceptions: platform admin and the course admin will see all virtual courses.
  13. * This is a new feature, there may be bugs.
  14. *
  15. * @todo possibility to edit user-course rights and view statistics for users in virtual courses
  16. * @todo convert normal table display to display function (refactor virtual course display function)
  17. * @todo display table functions need support for align and valign (e.g. to center text in cells) (this is now possible)
  18. * @author Roan Embrechts, refactoring + virtual courses support
  19. * @author Julio Montoya Armas, Several fixes
  20. * @package chamilo.user
  21. */
  22. /**
  23. * Code
  24. */
  25. // name of the language file that needs to be included
  26. $language_file = array('registration', 'admin', 'userInfo', 'registration');
  27. $use_anonymous = true;
  28. require_once '../inc/global.inc.php';
  29. $current_course_tool = TOOL_USER;
  30. $this_section = SECTION_COURSES;
  31. // notice for unauthorized people.
  32. api_protect_course_script(true);
  33. /* Libraries */
  34. require_once api_get_path(LIBRARY_PATH).'export.lib.inc.php';
  35. global $_configuration;
  36. if (!api_is_platform_admin(true)) {
  37. if (!api_is_course_admin() && !api_is_coach()) {
  38. if (api_get_course_setting('allow_user_view_user_list') == 0) {
  39. api_not_allowed(true);
  40. }
  41. }
  42. }
  43. /* Constants and variables */
  44. $course_code = Database::escape_string(api_get_course_id());
  45. $session_id = api_get_session_id();
  46. $is_western_name_order = api_is_western_name_order();
  47. $sort_by_first_name = api_sort_by_first_name();
  48. $course_info = api_get_course_info();
  49. $user_id = api_get_user_id();
  50. $courseCode = api_get_course_id();
  51. //Can't auto unregister from a session
  52. if (!empty($session_id)) {
  53. $course_info['unsubscribe'] = 0;
  54. }
  55. /* Unregistering a user section */
  56. if (api_is_allowed_to_edit(null, true)) {
  57. if (isset($_POST['action'])) {
  58. switch ($_POST['action']) {
  59. case 'unsubscribe':
  60. // Make sure we don't unsubscribe current user from the course
  61. if (is_array($_POST['user'])) {
  62. $user_ids = array_diff($_POST['user'], array($user_id));
  63. if (count($user_ids) > 0) {
  64. CourseManager::unsubscribe_user($user_ids, $courseCode);
  65. $message = get_lang('UsersUnsubscribed');
  66. }
  67. }
  68. }
  69. }
  70. }
  71. // Getting extra fields that have the filter option "on"
  72. $extraField = new ExtraField('user');
  73. $extraFields = $extraField->get_all(array('field_filter' => 1));
  74. $user_image_pdf_size = 80;
  75. if (api_is_allowed_to_edit(null, true)) {
  76. if (isset($_GET['action'])) {
  77. switch ($_GET['action']) {
  78. case 'export':
  79. $table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
  80. $table_users = Database::get_main_table(TABLE_MAIN_USER);
  81. $is_western_name_order = api_is_western_name_order();
  82. $data = array();
  83. $a_users = array();
  84. $current_access_url_id = api_get_current_access_url_id();
  85. $extra_fields = UserManager::get_extra_user_data(
  86. api_get_user_id(),
  87. false,
  88. false,
  89. false,
  90. true
  91. );
  92. $extra_fields = array_keys($extra_fields);
  93. $select_email_condition = '';
  94. if (api_get_setting('show_email_addresses') == 'true') {
  95. $select_email_condition = ' user.email, ';
  96. if ($sort_by_first_name) {
  97. $a_users[0] = array(
  98. 'id',
  99. get_lang('FirstName'),
  100. get_lang('LastName'),
  101. get_lang('Username'),
  102. get_lang('Email'),
  103. get_lang('Phone'),
  104. get_lang('OfficialCode'),
  105. get_lang('Active')
  106. );
  107. } else {
  108. $a_users[0] = array(
  109. 'id',
  110. get_lang('LastName'),
  111. get_lang('FirstName'),
  112. get_lang('Username'),
  113. get_lang('Email'),
  114. get_lang('Phone'),
  115. get_lang('OfficialCode'),
  116. get_lang('Active')
  117. );
  118. }
  119. } else {
  120. if ($sort_by_first_name) {
  121. $a_users[0] = array(
  122. 'id',
  123. get_lang('FirstName'),
  124. get_lang('LastName'),
  125. get_lang('Username'),
  126. get_lang('Phone'),
  127. get_lang('OfficialCode'),
  128. get_lang('Active')
  129. );
  130. } else {
  131. $a_users[0] = array(
  132. 'id',
  133. get_lang('LastName'),
  134. get_lang('FirstName'),
  135. get_lang('Username'),
  136. get_lang('Phone'),
  137. get_lang('OfficialCode'),
  138. get_lang('Active')
  139. );
  140. }
  141. }
  142. $legal = '';
  143. if (isset($course_info['activate_legal']) AND $course_info['activate_legal'] == 1) {
  144. $legal = ', legal_agreement';
  145. $a_users[0][] = get_lang('LegalAgreementAccepted');
  146. }
  147. if ($_GET['type'] == 'pdf') {
  148. $select_email_condition = ' user.email, ';
  149. if ($is_western_name_order) {
  150. $a_users[0] = array(
  151. '#',
  152. get_lang('UserPicture'),
  153. get_lang('OfficialCode'),
  154. get_lang('FirstName') . ', ' . get_lang('LastName'),
  155. get_lang('Email'),
  156. get_lang('Phone')
  157. );
  158. } else {
  159. $a_users[0] = array(
  160. '#',
  161. get_lang('UserPicture'),
  162. get_lang('OfficialCode'),
  163. get_lang('LastName') . ', ' . get_lang('FirstName'),
  164. get_lang('Email'),
  165. get_lang('Phone')
  166. );
  167. }
  168. }
  169. $a_users[0] = array_merge($a_users[0], $extra_fields);
  170. // users subscribed to the course through a session.
  171. if (api_get_session_id()) {
  172. $table_session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
  173. $sql_query = "SELECT DISTINCT
  174. user.user_id, ".($is_western_name_order ? "user.firstname, user.lastname" : "user.lastname, user.firstname").",
  175. user.username,
  176. $select_email_condition
  177. phone,
  178. user.official_code,
  179. active
  180. $legal
  181. FROM $table_session_course_user as session_course_user, $table_users as user ";
  182. if (api_is_multiple_url_enabled()) {
  183. $sql_query .= ' , '.Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER).' au ';
  184. }
  185. $sql_query .=" WHERE course_code = '$course_code' AND session_course_user.id_user = user.user_id ";
  186. $sql_query .= ' AND id_session = '.$session_id;
  187. if (api_is_multiple_url_enabled()) {
  188. $sql_query .= " AND user.user_id = au.user_id AND access_url_id = $current_access_url_id ";
  189. }
  190. //only users no coaches/teachers
  191. $sql_query .= " AND session_course_user.status = 0 ";
  192. $sql_query .= $sort_by_first_name ? ' ORDER BY user.firstname, user.lastname' : ' ORDER BY user.lastname, user.firstname';
  193. $rs = Database::query($sql_query);
  194. $counter = 1;
  195. while ($user = Database:: fetch_array($rs, 'ASSOC')) {
  196. if (isset($user['legal_agreement'])) {
  197. if ($user['legal_agreement'] == 1) {
  198. $user['legal_agreement'] = get_lang('Yes');
  199. } else {
  200. $user['legal_agreement'] = get_lang('No');
  201. }
  202. }
  203. $extra_fields = UserManager::get_extra_user_data(
  204. $user['user_id'],
  205. false,
  206. false,
  207. false,
  208. true
  209. );
  210. if (!empty($extra_fields)) {
  211. foreach($extra_fields as $key => $extra_value) {
  212. $user[$key] = $extra_value;
  213. }
  214. }
  215. $data[] = $user;
  216. if ($_GET['type'] == 'pdf') {
  217. $user_info = api_get_user_info($user['user_id']);
  218. $user_image = Display::img($user_info['avatar'], null, array('width' => $user_image_pdf_size.'px'));
  219. if ($is_western_name_order) {
  220. $user_pdf = array(
  221. $counter,
  222. $user_image,
  223. $user['official_code'],
  224. $user['firstname'] . ', ' . $user['lastname'],
  225. $user['email'],
  226. $user['phone']
  227. );
  228. } else {
  229. $user_pdf = array(
  230. $counter,
  231. $user_image,
  232. $user['official_code'],
  233. $user['lastname'] . ', ' . $user['firstname'],
  234. $user['email'],
  235. $user['phone']
  236. );
  237. }
  238. $a_users[] = $user_pdf;
  239. } else {
  240. $a_users[] = $user;
  241. }
  242. $counter++;
  243. }
  244. }
  245. if ($session_id == 0) {
  246. // users directly subscribed to the course
  247. $table_course_user = Database :: get_main_table(TABLE_MAIN_COURSE_USER);
  248. $sql_query = "SELECT DISTINCT
  249. user.user_id, ".($is_western_name_order ? "user.firstname, user.lastname" : "user.lastname, user.firstname").",
  250. user.username,
  251. $select_email_condition
  252. phone,
  253. user.official_code,
  254. active $legal
  255. FROM $table_course_user as course_user, $table_users as user ";
  256. if (api_is_multiple_url_enabled()) {
  257. $sql_query .= ' , '.Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER).' au ';
  258. }
  259. $sql_query .= " WHERE
  260. course_code = '$course_code' AND
  261. course_user.relation_type<>".COURSE_RELATION_TYPE_RRHH." AND
  262. course_user.user_id = user.user_id ";
  263. if (api_is_multiple_url_enabled()) {
  264. $sql_query .= " AND user.user_id = au.user_id AND access_url_id = $current_access_url_id ";
  265. }
  266. //only users no teachers/coaches
  267. $sql_query .= " AND course_user.status = 5 ";
  268. $sql_query .= ($sort_by_first_name ? " ORDER BY user.firstname, user.lastname" : " ORDER BY user.lastname, user.firstname");
  269. $rs = Database::query($sql_query);
  270. $counter = 1;
  271. while ($user = Database::fetch_array($rs, 'ASSOC')) {
  272. if (isset($user['legal_agreement'])) {
  273. if ($user['legal_agreement'] == 1) {
  274. $user['legal_agreement'] = get_lang('Yes');
  275. } else {
  276. $user['legal_agreement'] = get_lang('No');
  277. }
  278. }
  279. $extra_fields = UserManager::get_extra_user_data(
  280. $user['user_id'],
  281. false,
  282. false,
  283. false,
  284. true
  285. );
  286. if (!empty($extra_fields)) {
  287. foreach ($extra_fields as $key => $extra_value) {
  288. $user[$key] = $extra_value;
  289. }
  290. }
  291. if ($_GET['type'] == 'pdf') {
  292. $user_info = api_get_user_info($user['user_id']);
  293. $user_image = Display::img(
  294. $user_info['avatar'],
  295. null,
  296. array('width' => $user_image_pdf_size.'px')
  297. );
  298. if ($is_western_name_order) {
  299. $user_pdf = array(
  300. $counter,
  301. $user_image,
  302. $user['official_code'],
  303. $user['firstname'] . ', ' . $user['lastname'],
  304. $user['email'],
  305. $user['phone']
  306. );
  307. } else {
  308. $user_pdf = array(
  309. $counter,
  310. $user_image,
  311. $user['official_code'],
  312. $user['lastname'] . ', ' . $user['firstname'],
  313. $user['email'],
  314. $user['phone']
  315. );
  316. }
  317. $a_users[] = $user_pdf;
  318. } else {
  319. $a_users[] = $user;
  320. }
  321. $data[] = $user;
  322. $counter++;
  323. }
  324. }
  325. switch ($_GET['type']) {
  326. case 'csv' :
  327. Export::export_table_csv($a_users);
  328. exit;
  329. case 'xls' :
  330. Export::export_table_xls($a_users);
  331. exit;
  332. case 'pdf' :
  333. $header_attributes = array(
  334. array('style' => 'width:10px'),
  335. array('style' => 'width:30px'),
  336. array('style' => 'width:50px'),
  337. array('style' => 'width:500px'),
  338. );
  339. $params = array(
  340. 'add_signatures' => false,
  341. 'filename' => get_lang('UserList'),
  342. 'pdf_title' => get_lang('StudentList'),
  343. 'header_attributes' => $header_attributes
  344. );
  345. Export::export_table_pdf($a_users, $params);
  346. exit;
  347. }
  348. }
  349. }
  350. } // end if allowed to edit
  351. if (api_is_allowed_to_edit(null, true)) {
  352. // Unregister user from course
  353. if ($_REQUEST['unregister']) {
  354. if (isset($_GET['user_id']) && is_numeric($_GET['user_id']) &&
  355. ($_GET['user_id'] != $_user['user_id'] || api_is_platform_admin())
  356. ) {
  357. $user_id = intval($_GET['user_id']);
  358. $tbl_user = Database::get_main_table(TABLE_MAIN_USER);
  359. $tbl_session_rel_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
  360. $tbl_session_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_USER);
  361. $sql = 'SELECT '.$tbl_user.'.user_id
  362. FROM '.$tbl_user.' user
  363. INNER JOIN '.$tbl_session_rel_user.' reluser
  364. ON user.user_id = reluser.id_user AND reluser.relation_type<>'.SESSION_RELATION_TYPE_RRHH.'
  365. INNER JOIN '.$tbl_session_rel_course.' rel_course
  366. ON rel_course.id_session = reluser.id_session
  367. WHERE user.user_id = "'.$user_id.'"
  368. AND rel_course.course_code = "'.$course_code.'"';
  369. $result = Database::query($sql);
  370. $row = Database::fetch_array($result, 'ASSOC');
  371. if ($row['user_id'] == $user_id || $row['user_id'] == "") {
  372. CourseManager::unsubscribe_user($_GET['user_id'], $_SESSION['_course']['sysCode']);
  373. $message = get_lang('UserUnsubscribed');
  374. } else {
  375. $message = get_lang('ThisStudentIsSubscribeThroughASession');
  376. }
  377. }
  378. }
  379. } else {
  380. // If student can unsubscribe
  381. if (isset($_REQUEST['unregister']) && $_REQUEST['unregister'] == 'yes') {
  382. if ($course_info['unsubscribe'] == 1) {
  383. $user_id = api_get_user_id();
  384. CourseManager::unsubscribe_user($user_id, $course_info['code']);
  385. header('Location: '.api_get_path(WEB_PATH).'user_portal.php');
  386. exit;
  387. }
  388. }
  389. }
  390. /**
  391. * Display search form
  392. */
  393. function display_user_search_form()
  394. {
  395. echo '<form method="get" action="user.php">';
  396. echo get_lang("SearchForUser") . "&nbsp;&nbsp;";
  397. echo '<input type="text" name="keyword" value="'.Security::remove_XSS($_GET['keyword']).'"/>';
  398. echo '<input type="submit" value="'.get_lang('SearchButton').'"/>';
  399. echo '</form>';
  400. }
  401. if (!$is_allowed_in_course) {
  402. api_not_allowed(true);
  403. }
  404. /* Header */
  405. if ($origin != 'learnpath') {
  406. if (isset($_GET['keyword']) && !empty($_GET['keyword'])) {
  407. $interbreadcrumb[] = array ("url" => "user.php", "name" => get_lang("Users"));
  408. $tool_name = get_lang('SearchResults');
  409. } else {
  410. $tool_name = get_lang('Users');
  411. $origin = 'users';
  412. }
  413. Display::display_header($tool_name, "User");
  414. } else {
  415. Display::display_reduced_header();
  416. }
  417. // Statistics
  418. event_access_tool(TOOL_USER);
  419. /* Setting the permissions for this page */
  420. $is_allowed_to_track = ($is_courseAdmin || $is_courseTutor);
  421. // Tool introduction
  422. Display::display_introduction_section(TOOL_USER, 'left');
  423. $actions = '';
  424. if (api_is_allowed_to_edit(null, true)) {
  425. echo '<div class="actions">';
  426. // the action links
  427. if (api_get_setting('allow_user_course_subscription_by_course_admin') == 'true' or
  428. api_is_platform_admin()
  429. ) {
  430. $actions .= '<a href="subscribe_user.php?'.api_get_cidreq().'">'.
  431. Display::return_icon('user_subscribe_course.png',get_lang("SubscribeUserToCourse"),'',ICON_SIZE_MEDIUM).'</a> ';
  432. $actions .= "<a href=\"subscribe_user.php?".api_get_cidreq()."&type=teacher\">".
  433. Display::return_icon('teacher_subscribe_course.png', get_lang("SubscribeUserToCourseAsTeacher"),'',ICON_SIZE_MEDIUM)."</a> ";
  434. }
  435. $actions .= '<a href="user.php?'.api_get_cidreq().'&action=export&amp;type=csv">'.
  436. Display::return_icon('export_csv.png', get_lang('ExportAsCSV'),'',ICON_SIZE_MEDIUM).'</a> ';
  437. $actions .= '<a href="user.php?'.api_get_cidreq().'&action=export&amp;type=xls">'.
  438. Display::return_icon('export_excel.png', get_lang('ExportAsXLS'),'',ICON_SIZE_MEDIUM).'</a> ';
  439. if (api_get_setting('allow_user_course_subscription_by_course_admin') == 'true' or
  440. api_is_platform_admin()
  441. ) {
  442. $actions .= '<a href="user_import.php?'.api_get_cidreq().'&action=import">'.
  443. Display::return_icon('import_csv.png', get_lang('ImportUsersToACourse'),'',ICON_SIZE_MEDIUM).'</a> ';
  444. }
  445. $actions .= '<a href="user.php?'.api_get_cidreq().'&action=export&type=pdf">'.
  446. Display::return_icon('pdf.png', get_lang('ExportToPDF'),'',ICON_SIZE_MEDIUM).'</a> ';
  447. $actions .= "<a href=\"../group/group.php?".api_get_cidreq()."\">".
  448. Display::return_icon('group.png', get_lang("GroupUserManagement"),'',ICON_SIZE_MEDIUM)."</a>";
  449. if (api_get_setting('allow_user_course_subscription_by_course_admin') == 'true' or
  450. api_is_platform_admin()
  451. ) {
  452. $actions .= ' <a class="btn" href="class.php?'.api_get_cidreq().'">'.get_lang('Classes').'</a>';
  453. }
  454. if (api_is_allowed_to_edit() && $_configuration['allow_tutors_to_assign_students_to_session'] == 'true') {
  455. $actions .= ' <a class="btn" href="session_list.php?'.api_get_cidreq().'">'.get_lang('Sessions').'</a>';
  456. }
  457. // Build search-form
  458. $form = new FormValidator('search_user', 'get', '', '', null, false);
  459. $renderer = $form->defaultRenderer();
  460. $renderer->setElementTemplate('<span>{element}</span> ');
  461. $form->add_textfield('keyword', '', false);
  462. $form->addElement('style_submit_button', 'submit', get_lang('SearchButton'), 'class="search"');
  463. $form->addElement('static', 'additionalactions', null, $actions);
  464. $form->display();
  465. echo '</div>';
  466. }
  467. if (isset($message)) {
  468. Display::display_confirmation_message($message);
  469. }
  470. /**
  471. * Get the users to display on the current page.
  472. */
  473. function get_number_of_users()
  474. {
  475. $counter = 0;
  476. $sessionId = api_get_session_id();
  477. $courseCode = api_get_course_id();
  478. $active = isset($_GET['active']) ? $_GET['active'] : null;
  479. if (!empty($sessionId)) {
  480. $a_course_users = CourseManager::get_user_list_from_course_code(
  481. $courseCode,
  482. $sessionId,
  483. null,
  484. null,
  485. null,
  486. null,
  487. false,
  488. false,
  489. null,
  490. null,
  491. null,
  492. $active
  493. );
  494. } else {
  495. $a_course_users = CourseManager::get_user_list_from_course_code(
  496. $courseCode,
  497. 0,
  498. null,
  499. null,
  500. null,
  501. null,
  502. false,
  503. false,
  504. null,
  505. null,
  506. null,
  507. $active
  508. );
  509. }
  510. foreach ($a_course_users as $o_course_user) {
  511. if ((isset($_GET['keyword']) &&
  512. searchUserKeyword(
  513. $o_course_user['firstname'],
  514. $o_course_user['lastname'],
  515. $o_course_user['username'],
  516. $o_course_user['official_code'],
  517. $_GET['keyword']
  518. )
  519. ) || !isset($_GET['keyword']) || empty($_GET['keyword'])
  520. ) {
  521. $counter++;
  522. }
  523. }
  524. return $counter;
  525. }
  526. /**
  527. * @param string $firstname
  528. * @param string $lastname
  529. * @param string $username
  530. * @param string $official_code
  531. * @param $keyword
  532. * @return bool
  533. */
  534. function searchUserKeyword($firstname, $lastname, $username, $official_code, $keyword) {
  535. if (
  536. api_strripos($firstname, $keyword) !== false ||
  537. api_strripos($lastname, $keyword) !== false ||
  538. api_strripos($username, $keyword) !== false ||
  539. api_strripos($official_code, $keyword) !== false
  540. ) {
  541. return true;
  542. } else {
  543. return false;
  544. }
  545. }
  546. /**
  547. * Get the users to display on the current page.
  548. */
  549. function get_user_data($from, $number_of_items, $column, $direction)
  550. {
  551. global $origin;
  552. global $course_info;
  553. global $is_western_name_order;
  554. global $session_id;
  555. global $extraFields;
  556. $a_users = array();
  557. // limit
  558. if (!isset($_GET['keyword']) || empty($_GET['keyword'])) {
  559. $limit = 'LIMIT '.intval($from).','.intval($number_of_items);
  560. }
  561. if (!in_array($direction, array('ASC', 'DESC'))) {
  562. $direction = 'ASC';
  563. }
  564. switch ($column) {
  565. case 2: //official code
  566. $order_by = 'ORDER BY user.official_code '.$direction;
  567. break;
  568. case 3:
  569. if ($is_western_name_order) {
  570. $order_by = 'ORDER BY user.firstname '.$direction.', user.lastname '.$direction;
  571. } else {
  572. $order_by = 'ORDER BY user.lastname '.$direction.', user.firstname '.$direction;
  573. }
  574. break;
  575. case 4:
  576. if ($is_western_name_order) {
  577. $order_by = 'ORDER BY user.lastname '.$direction.', user.firstname '.$direction;
  578. } else {
  579. $order_by = 'ORDER BY user.firstname '.$direction.', user.lastname '.$direction;
  580. }
  581. break;
  582. case 5: //username
  583. $order_by = 'ORDER BY user.username '.$direction;
  584. break;
  585. default:
  586. if ($is_western_name_order) {
  587. $order_by = 'ORDER BY user.lastname '.$direction.', user.firstname '.$direction;
  588. } else {
  589. $order_by = 'ORDER BY user.firstname '.$direction.', user.lastname '.$direction;
  590. }
  591. break;
  592. }
  593. $session_id = api_get_session_id();
  594. $course_code = api_get_course_id();
  595. $active = isset($_GET['active']) ? $_GET['active'] : null;
  596. $a_course_users = CourseManager :: get_user_list_from_course_code(
  597. $course_code,
  598. $session_id,
  599. $limit,
  600. $order_by,
  601. null,
  602. null,
  603. false,
  604. false,
  605. null,
  606. array(),
  607. array(),
  608. $active
  609. );
  610. foreach ($a_course_users as $user_id => $o_course_user) {
  611. if ((
  612. isset($_GET['keyword']) &&
  613. searchUserKeyword(
  614. $o_course_user['firstname'],
  615. $o_course_user['lastname'],
  616. $o_course_user['username'],
  617. $o_course_user['official_code'],
  618. $_GET['keyword'])
  619. ) || !isset($_GET['keyword']) || empty($_GET['keyword'])
  620. ) {
  621. $groupsNameList = GroupManager::getAllGroupPerUserSubscription($user_id);
  622. $temp = array();
  623. if (api_is_allowed_to_edit(null, true)) {
  624. $temp[] = $user_id;
  625. $image_path = UserManager::get_user_picture_path_by_id(
  626. $user_id,
  627. 'web',
  628. false,
  629. true
  630. );
  631. $user_profile = UserManager::get_picture_user(
  632. $user_id,
  633. $image_path['file'],
  634. 22,
  635. USER_IMAGE_SIZE_SMALL,
  636. ' width="22" height="22" '
  637. );
  638. if (!api_is_anonymous()) {
  639. $photo = '<a href="userInfo.php?'.api_get_cidreq().'&origin='.$origin.'&amp;uInfo='.$user_id.'" title="'.get_lang('Info').'" ><img src="'.$user_profile['file'].'" '.$user_profile['style'].' alt="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'" title="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'" /></a>';
  640. } else {
  641. $photo = '<img src="'.$user_profile['file'].'" '.$user_profile['style'].' alt="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'" title="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'" />';
  642. }
  643. $temp[] = $photo;
  644. $temp[] = $o_course_user['official_code'];
  645. if ($is_western_name_order) {
  646. $temp[] = $o_course_user['firstname'];
  647. $temp[] = $o_course_user['lastname'];
  648. } else {
  649. $temp[] = $o_course_user['lastname'];
  650. $temp[] = $o_course_user['firstname'];
  651. }
  652. $temp[] = $o_course_user['username'];
  653. // Description.
  654. $temp[] = isset($o_course_user['role']) ? $o_course_user['role'] : null;
  655. // Groups.
  656. $temp[] = implode(', ', $groupsNameList);
  657. // Status
  658. $default_status = '-';
  659. if ((isset($o_course_user['status_rel']) && $o_course_user['status_rel'] == 1) ||
  660. (isset($o_course_user['status_session']) && $o_course_user['status_session'] == 2)
  661. ) {
  662. $default_status = get_lang('CourseManager');
  663. } elseif (isset($o_course_user['tutor_id']) && $o_course_user['tutor_id'] == 1) {
  664. $default_status = get_lang('Tutor');
  665. }
  666. $temp[] = $default_status;
  667. // Active
  668. $temp[] = $o_course_user['active'];
  669. if (!empty($extraFields)) {
  670. foreach ($extraFields as $extraField) {
  671. $extraFieldValue = new ExtraFieldValue('user');
  672. $data = $extraFieldValue->get_values_by_handler_and_field_id(
  673. $user_id,
  674. $extraField['id']
  675. );
  676. $temp[] = $data['field_value'];
  677. }
  678. }
  679. // User id for actions
  680. $temp[] = $user_id;
  681. } else {
  682. $image_path = UserManager::get_user_picture_path_by_id($user_id, 'web', false, true);
  683. $image_repository = $image_path['dir'];
  684. $existing_image = $image_path['file'];
  685. if (!api_is_anonymous()) {
  686. $photo= '<a href="userInfo.php?'.api_get_cidreq().'&origin='.$origin.'&amp;uInfo='.$user_id.'" title="'.get_lang('Info').'" ><img src="'.$image_repository.$existing_image.'" alt="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'" width="22" height="22" title="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'" /></a>';
  687. } else {
  688. $photo= '<img src="'.$image_repository.$existing_image.'" alt="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'" width="22" height="22" title="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'" />';
  689. }
  690. $temp[] = $user_id;
  691. $temp[] = $photo;
  692. $temp[] = $o_course_user['official_code'];
  693. if ($is_western_name_order) {
  694. $temp[] = $o_course_user['firstname'];
  695. $temp[] = $o_course_user['lastname'];
  696. } else {
  697. $temp[] = $o_course_user['lastname'];
  698. $temp[] = $o_course_user['firstname'];
  699. }
  700. $temp[] = $o_course_user['username'];
  701. $temp[] = $o_course_user['role'];
  702. // Group.
  703. $temp[] = implode(', ', $groupsNameList);
  704. if ($course_info['unsubscribe'] == 1) {
  705. //User id for actions
  706. $temp[] = $user_id;
  707. }
  708. }
  709. $a_users[$user_id] = $temp;
  710. }
  711. }
  712. return $a_users;
  713. }
  714. /**
  715. * Build the active-column of the table to lock or unlock a certain user
  716. * lock = the user can no longer use this account
  717. * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
  718. * @param int $active the current state of the account
  719. * @param int $user_id The user id
  720. * @param string $url_params
  721. * @return string Some HTML-code with the lock/unlock button
  722. */
  723. function active_filter($active, $url_params, $row)
  724. {
  725. $userId = api_get_user_id();
  726. if ($active=='1') {
  727. $action='AccountActive';
  728. $image='accept';
  729. }
  730. if ($active=='0') {
  731. $action='AccountInactive';
  732. $image='error';
  733. }
  734. $result = '';
  735. /* you cannot lock yourself out otherwise you could disable all the accounts including your own => everybody is
  736. locked out and nobody can change it anymore.*/
  737. if ($row[count($row)-1] <> $userId) {
  738. $result = '<center><img src="../img/icons/16/'.$image.'.png" border="0" style="vertical-align: middle;" alt="'.get_lang(ucfirst($action)).'" title="'.get_lang(ucfirst($action)).'"/></center>';
  739. }
  740. return $result;
  741. }
  742. /**
  743. * Build the modify-column of the table
  744. * @param int $user_id The user id
  745. * @return string Some HTML-code
  746. */
  747. function modify_filter($user_id)
  748. {
  749. global $origin, $_course, $is_allowed_to_track, $charset, $course_info;
  750. $current_user_id = api_get_user_id();
  751. $result = "";
  752. if ($is_allowed_to_track) {
  753. $result .= '<a href="../mySpace/myStudents.php?'.api_get_cidreq().'&student='.$user_id.'&amp;details=true&amp;course='.$_course['id'].'&amp;origin=user_course&amp;id_session='.api_get_session_id().'" title="'.get_lang('Tracking').'" >
  754. <img border="0" alt="'.get_lang('Tracking').'" src="../img/icons/22/stats.png" />
  755. </a>';
  756. }
  757. // If platform admin, show the login_as icon (this drastically shortens
  758. // time taken by support to test things out)
  759. if (api_is_platform_admin()) {
  760. $result .= ' <a href="'.api_get_path(WEB_CODE_PATH).'admin/user_list.php?action=login_as&amp;user_id='.$user_id.'&amp;sec_token='.$_SESSION['sec_token'].'">'.
  761. Display::return_icon('login_as.gif', get_lang('LoginAs')).'</a>&nbsp;&nbsp;';
  762. }
  763. if (api_is_allowed_to_edit(null, true)) {
  764. // edit
  765. $result .= '<a href="userInfo.php?'.api_get_cidreq().'&origin='.$origin.'&amp;editMainUserInfo='.$user_id.'" title="'.get_lang('Edit').'" >'.
  766. Display::return_icon('edit.png', get_lang('Edit'),'',ICON_SIZE_SMALL).'</a>&nbsp;';
  767. if (api_get_setting('allow_user_course_subscription_by_course_admin') == 'true' or api_is_platform_admin()) {
  768. // unregister
  769. if ($user_id != $current_user_id || api_is_platform_admin()) {
  770. $result .= '<a class="btn btn-small btn-danger" href="'.api_get_self().'?'.api_get_cidreq().'&unregister=yes&amp;user_id='.$user_id.'" title="'.get_lang('Unreg').' " onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmYourChoice'),ENT_QUOTES,$charset)).'\')) return false;">'.get_lang('Unreg').'</a>&nbsp;';
  771. } else {
  772. //$result .= Display::return_icon('unsubscribe_course_na.png', get_lang('Unreg'),'',ICON_SIZE_SMALL).'</a>&nbsp;';
  773. }
  774. }
  775. } else {
  776. // Show buttons for unsubscribe
  777. if ($course_info['unsubscribe'] == 1) {
  778. if ($user_id == $current_user_id) {
  779. $result .= '<a class="btn btn-small btn-danger" href="'.api_get_self().'?'.api_get_cidreq().'&unregister=yes&amp;user_id='.$user_id.'" title="'.get_lang('Unreg').' " onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmYourChoice'),ENT_QUOTES,$charset)).'\')) return false;">'.get_lang('Unreg').'</a>&nbsp;';
  780. }
  781. }
  782. }
  783. return $result;
  784. }
  785. function hide_field()
  786. {
  787. return null;
  788. }
  789. $default_column = 3;
  790. $table = new SortableTable('user_list', 'get_number_of_users', 'get_user_data', $default_column);
  791. $parameters['keyword'] = isset($_GET['keyword']) ? Security::remove_XSS($_GET['keyword']) : null;
  792. $parameters['sec_token'] = Security::get_token();
  793. $table->set_additional_parameters($parameters);
  794. $header_nr = 0;
  795. $indexList = array();
  796. $table->set_header($header_nr++, '', false);
  797. $indexList['photo'] = $header_nr;
  798. $table->set_header($header_nr++, get_lang('Photo'), false);
  799. $table->set_header($header_nr++, get_lang('OfficialCode'));
  800. $indexList['official_code'] = $header_nr;
  801. if ($is_western_name_order) {
  802. $indexList['firstname'] = $header_nr;
  803. $table->set_header($header_nr++, get_lang('FirstName'));
  804. $indexList['lastname'] = $header_nr;
  805. $table->set_header($header_nr++, get_lang('LastName'));
  806. } else {
  807. $indexList['lastname'] = $header_nr;
  808. $table->set_header($header_nr++, get_lang('LastName'));
  809. $indexList['firstname'] = $header_nr;
  810. $table->set_header($header_nr++, get_lang('FirstName'));
  811. }
  812. $indexList['username'] = $header_nr;
  813. $table->set_header($header_nr++, get_lang('LoginName'));
  814. $indexList['description'] = $header_nr;
  815. $table->set_header($header_nr++, get_lang('Description'), false);
  816. $indexList['groups'] = $header_nr;
  817. $table->set_header($header_nr++, get_lang('GroupSingle'), false);
  818. if (api_is_allowed_to_edit(null, true) && api_get_setting('allow_user_course_subscription_by_course_admin') == 'true') {
  819. } else {
  820. $table->set_column_filter(0, 'hide_field');
  821. }
  822. $hideFields = api_get_configuration_value('hide_user_field_from_list');
  823. if (!empty($hideFields)) {
  824. foreach ($hideFields as $fieldToHide) {
  825. if (isset($indexList[$fieldToHide])) {
  826. $table->setHideColumn($indexList[$fieldToHide]);
  827. }
  828. }
  829. }
  830. if (api_is_allowed_to_edit(null, true)) {
  831. $table->set_header($header_nr++, get_lang('Status'), false);
  832. $table->set_header($header_nr++, get_lang('Active'), false);
  833. if (api_get_setting('allow_user_course_subscription_by_course_admin') == 'true') {
  834. $table->set_column_filter(9, 'active_filter');
  835. } else {
  836. $table->set_column_filter(9, 'active_filter');
  837. }
  838. foreach ($extraFields as $extraField) {
  839. $table->set_header($header_nr++, $extraField['field_display_text'], false);
  840. }
  841. // Actions column
  842. $table->set_header($header_nr++, get_lang('Action'), false);
  843. $table->set_column_filter($header_nr-1, 'modify_filter');
  844. if (api_get_setting('allow_user_course_subscription_by_course_admin') == 'true') {
  845. $table->set_form_actions(array('unsubscribe' => get_lang('Unreg')), 'user');
  846. }
  847. } else {
  848. if ($course_info['unsubscribe'] == 1) {
  849. $table->set_header($header_nr++, get_lang('Action'), false);
  850. $table->set_column_filter($header_nr-1, 'modify_filter');
  851. }
  852. }
  853. $table->display();
  854. if (!empty($_GET['keyword']) && !empty($_GET['submit'])) {
  855. $keyword_name = Security::remove_XSS($_GET['keyword']);
  856. echo '<br/>'.get_lang('SearchResultsFor').' <span style="font-style: italic ;"> '.$keyword_name.' </span><br>';
  857. }
  858. if (api_get_setting('allow_user_headings') == 'true' &&
  859. $is_courseAdmin &&
  860. api_is_allowed_to_edit() && $origin != 'learnpath'
  861. ) {
  862. // only course administrators see this line
  863. echo "<div align=\"right\">", "<form method=\"post\" action=\"userInfo.php\">", get_lang("CourseAdministratorOnly"), " : ", "<input type=\"submit\" class=\"save\" name=\"viewDefList\" value=\"".get_lang("DefineHeadings")."\" />", "</form>", "</div>\n";
  864. }
  865. if ($origin != 'learnpath') {
  866. Display::display_footer();
  867. }