Home Explore Help
Sign In
aj
/
chamilo-lms2
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: 1.9.x
Branches Tags
chamilo-lms2
/
main
/
user
/
user_add.php

user_add.php 14 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381 
  1. <?php
    2. 

  2. /* For licensing terms, see /license.txt*/
    3. 

  3. /**
    4. 

  4. * @package chamilo.user
    5. 

  5. */
    6. 

  6. /**
    7. 

  7.  * Code
    8. 

  8.  */
    9. 

  9. 

  10. /* INIT */
    11. 

  11. 

  12. // name of the language file that needs to be included
    13. 

  13. $language_file="registration";
    14. 

  14. 

  15. include("../inc/global.inc.php");
    16. 

  16. require_once(api_get_path(INCLUDE_PATH).'lib/mail.lib.inc.php');
    17. 

  17. $this_section=SECTION_COURSES;
    18. 

  18. 

  19. if (! ($is_courseAdmin || $is_platformAdmin)) api_not_allowed(true);
    20. 

  20. 

  21. $currentCourseID   = $_course['sysCode'];
    22. 

  22. $currentCourseName = $_course['official_code'];
    23. 

  23. $tbl_user          = "user";
    24. 

  24. $tbl_courseUser    = "course_rel_user";
    25. 

  25. 

  26. 

  27. 

  28. /* DATA CHECKING */
    29. 

  29. 

  30. if($register) {
    31. 

  31.     /*
    32. 

  32.      * Fields Checking
    33. 

  33.      */
    34. 

  34. 

  35.     $lastname_form    = trim($lastname_form);
    36. 

  36.     $firstname_form   = trim($firstname_form);
    37. 

  37.     $password_form = trim($password_form);
    38. 

  38.     $username_form = trim($username_form);
    39. 

  39.     $email_form    = trim($email_form);
    40. 

  40.     $official_code_form = trim($official_code_form);
    41. 

  41. 

  42.     // empty field checking
    43. 

  43. 

  44.     if(empty($lastname_form) || empty($firstname_form) || empty($password_form) || empty($username_form) || empty($email_form))
    45. 

  45.     {
    46. 

  46.         $dataChecked = false;
    47. 

  47.         $message     = get_lang('Filled');
    48. 

  48.     }
    49. 

  49. 

  50.     // valid mail address checking
    51. 

  51. 

  52.     elseif(!eregi('^[0-9a-z_.-]+@([0-9a-z-]+\.)+([0-9a-z]){2,4}$',$email_form))
    53. 

  53.     {
    54. 

  54.         $dataChecked = false;
    55. 

  55.         $message     = get_lang('EmailWrong');
    56. 

  56.     }
    57. 

  57.     else
    58. 

  58.     {
    59. 

  59.         $dataChecked = true;
    60. 

  60.     }
    61. 

  61. 

  62.     // prevent conflict with existing user account
    63. 

  63. 

  64.     if($dataChecked)
    65. 

  65.     {
    66. 

  66.         $result=Database::query("SELECT user_id,
    67. 

  67.                                (username='$username_form') AS loginExists,
    68. 

  68.                                (lastname='$lastname_form' AND firstname='$firstname_form' AND email='$email_form') AS userExists
    69. 

  69.                              FROM $tbl_user
    70. 

  70.                              WHERE username='$username_form' OR (lastname='$lastname_form' AND firstname='$firstname_form' AND email='$email_form')
    71. 

  71.                              ORDER BY userExists DESC, loginExists DESC");
    72. 

  72. 

  73.         if(Database::num_rows($result))
    74. 

  74.         {
    75. 

  75.             while($user=Database::fetch_array($result))
    76. 

  76.             {
    77. 

  77.                 // check if the user is already registered to the platform
    78. 

  78. 

  79.                 if($user['userExists'])
    80. 

  80.                 {
    81. 

  81.                     $userExists = true;
    82. 

  82.                     $userId     = $user['user_id'];
    83. 

  83.                     break;
    84. 

  84.                 }
    85. 

  85. 

  86.                 // check if the login name choosen is already taken by another user
    87. 

  87. 

  88.                 if($user['loginExists'])
    89. 

  89.                 {
    90. 

  90.                     $loginExists = true;
    91. 

  91.                     $userId      = 0;
    92. 

  92. 

  93.                     $message     = get_lang('UserNo')." (".stripslashes($username_form).") ".get_lang('Taken');
    94. 

  94. 

  95.                     break;
    96. 

  96.                 }
    97. 

  97.             }       // end while $result
    98. 

  98.         }         // end if num rows
    99. 

  99.     }           // end if datachecked
    100. 

  100. 

  101. 

  102. 

  103. 

  104. 

  105. /*=============================
    106. 

  106.   NEW USER REGISTRATION PROCESS
    107. 

  107.   =============================*/
    108. 

  108. 

  109.     if($dataChecked && !$userExists && !$loginExists)
    110. 

  110.     {
    111. 

  111.             /*---------------------------
    112. 

  112.                   PLATFORM REGISTRATION
    113. 

  113.               ----------------------------*/
    114. 

  114. 

  115.         if ($_cid) $platformStatus = STUDENT;          // course registrartion context...
    116. 

  116.         else       $platformStatus = $platformStatus; // admin section of the platform context...
    117. 

  117. 

  118.         $pw = api_get_encrypted_password($password_form);
    119. 

  119.         $result = Database::query("INSERT INTO $tbl_user
    120. 

  120.                                SET lastname       = '$lastname_form',
    121. 

  121.                                    firstname    = '$firstname_form',
    122. 

  122.                                    username  = '$username_form',
    123. 

  123.                                    password  = '$pw',
    124. 

  124.                                    email     = '$email_form',
    125. 

  125.                                    status    = '$platformStatus',
    126. 

  126.                                    official_code = '$official_code_form',
    127. 

  127.                                    creator_id = '".$_user['user_id']."'");
    128. 

  128. 

  129.         $userId = Database::insert_id();
    130. 

  130. 

  131.         if ($userId) $platformRegSucceed = true;
    132. 

  132.     }
    133. 

  133. 

  134.     if($userId && $_cid)
    135. 

  135.     {
    136. 

  136.         /*
    137. 

  137.           Note : As we temporarly use this script in the platform administration
    138. 

  138.           section to also add user to the platform, We have to prevent course
    139. 

  139.           registration. That's why we check if $_cid is initialized, it gives us
    140. 

  140.           an hint about the use context of the script
    141. 

  141.         */
    142. 

  142. 

  143.             /*---------------------------
    144. 

  144.                   COURSE REGISTRATION
    145. 

  145.               ----------------------------*/
    146. 

  146. 

  147.         /*
    148. 

  148.          * check the return value of the query
    149. 

  149.          * if 0, the user is already registered to the course
    150. 

  150.          */
    151. 

  151. 

  152.         if (Database::query("INSERT INTO $tbl_courseUser
    153. 

  153.                         SET user_id     = '$userId',
    154. 

  154.                             course_code  = '$currentCourseID',
    155. 

  155.                             status      = '$admin_form',
    156. 

  156.                             tutor_id       = '$tutor_form'"))
    157. 

  157.         {
    158. 

  158.             $courseRegSucceed = true;
    159. 

  159.         }
    160. 

  160.     } // if $platformRegSucceed && $_cid
    161. 

  161. 

  162. 

  163.     /*---------------------------
    164. 

  164.        MAIL NOTIFICATION TO NEW USER
    165. 

  165.       ----------------------------*/
    166. 

  166. 

  167.     if ($platformRegSucceed)
    168. 

  168.     {
    169. 

  169. 

  170.         $emailto       = "$lastname_form $firstname_form <$email_form>";
    171. 

  171.         $emailfromaddr = $administratorEmail;
    172. 

  172.         $emailfromname = api_get_setting('siteName');
    173. 

  173.         $emailsubject  = get_lang('YourReg').' '.api_get_setting('siteName');
    174. 

  174. 

  175.         $emailheaders  = "From: ".api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'), null, PERSON_NAME_EMAIL_ADDRESS)." <".$administratorEmail.">\n";
    176. 

  176.         $emailheaders .= "Reply-To: ".$administratorEmail."\n";
    177. 

  177.         $emailheaders .= "Return-Path: ".$administratorEmail."\n";
    178. 

  178.         $emailheaders .= "charset: ".api_get_system_encoding()."\n";
    179. 

  179.         $emailheaders .= "X-Mailer: PHP/" . phpversion() . "\n";
    180. 

  180.         $emailheaders .= "X-Sender-IP: $REMOTE_ADDR"; // (small security precaution...)
    181. 

  181.         $recipient_name = api_get_person_name($firstname_form, $lastname_form, null, PERSON_NAME_EMAIL_ADDRESS);
    182. 

  182.         $sender_name = api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'), null, PERSON_NAME_EMAIL_ADDRESS);
    183. 

  183.         $email_admin = api_get_setting('emailAdministrator');
    184. 

  184. 

  185.         $portal_url = $_configuration['root_web'];
    186. 

  186.         if ($_configuration['multiple_access_urls']) {
    187. 

  187.             $access_url_id = api_get_current_access_url_id();
    188. 

  188.             if ($access_url_id != -1 ){
    189. 

  189.                 $url = api_get_access_url($access_url_id);
    190. 

  190.                 $portal_url = $url['url'];
    191. 

  191.             }
    192. 

  192.         }
    193. 

  193. 

  194.         if ($courseRegSucceed)
    195. 

  195.         {
    196. 

  196.             $emailbody = get_lang('Dear')." ".stripslashes(api_get_person_name($firstname_form, $lastname_form)).",\n".get_lang('OneResp')." $currentCourseName ".get_lang('RegYou')." ".api_get_setting('siteName')." ".get_lang('WithTheFollowingSettings')."\n\n".get_lang('Username')." : $username_form\n".get_lang('Pass').": $password_form\n".get_lang('Address')." ".api_get_setting('siteName')." ".get_lang('Is').": ".$portal_url."\n".get_lang('Problem')."\n".get_lang('SignatureFormula').",\n".api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'))."\n".get_lang('Manager')." ".api_get_setting('siteName')." \nT. ".api_get_setting('administratorTelephone')."\n".get_lang('Email').": ".api_get_setting('emailAdministrator')."\n";
    197. 

  197.             $message = get_lang('TheU')." ".stripslashes(api_get_person_name($firstname_form, $lastname_form))." ".get_lang('AddedToCourse')."<a href=\"user.php\">".get_lang('BackUser')."</a>\n";
    198. 

  198.         }
    199. 

  199.         else
    200. 

  200.         {
    201. 

  201.             $emailbody = get_lang('Dear')." ".api_get_person_name($firstname_form, $lastname_form).",\n ".get_lang('YouAreReg')."  ".api_get_setting('siteName')."  ".get_lang('WithTheFollowingSettings')."\n\n".get_lang('Username')." : $username_form\n".get_lang('Pass').": $password_form\n".get_lang('Address')." ".api_get_setting('siteName')." ".get_lang('Is').": ".$portal_url."\n".get_lang('Problem')."\n".get_lang('SignatureFormula').",\n".api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'))."\n".get_lang('Manager')." ".api_get_setting('siteName')." \nT. ".api_get_setting('administratorTelephone')."\n".get_lang('Email').": ".api_get_setting('emailAdministrator')."\n";
    202. 

  202. 

  203.             $message = stripslashes(api_get_person_name($firstname_form, $lastname_form))." ".get_lang('AddedU');
    204. 

  204.         }
    205. 

  205. 

  206.         $plugin = new AppPlugin();
    207. 

  207.         $additionalParameters = array(
    208. 

  208.             'smsType' => constant($plugin->getSMSPluginName().'::BEEN_SUBSCRIBED_COURSE'),
    209. 

  209.             'userId' => $user_id,
    210. 

  210.             'courseTitle' => $currentCourseName
    211. 

  211.         );
    212. 

  212. 

  213.         api_mail_html(
    214. 

  214.             $recipient_name,
    215. 

  215.             $email_form,
    216. 

  216.             $emailsubject,
    217. 

  217.             $emailbody,
    218. 

  218.             $sender_name,
    219. 

  219.             $email_admin,
    220. 

  220.             null,
    221. 

  221.             null,
    222. 

  222.             null,
    223. 

  223.             $additionalParameters
    224. 

  224.         );
    225. 

  225. 

  226.         /*
    227. 

  227.          * remove <form> variables to prevent any pre-filled fields
    228. 

  228.          */
    229. 

  229. 

  230.         unset($lastname_form, $firstname_form, $username_form, $password_form, $email_form, $admin_form, $tutor_form);
    231. 

  231. 

  232.     }   // end if ($platformRegSucceed)
    233. 

  233.     //else
    234. 

  234.     //{
    235. 

  235.     //  $message = get_lang('UserAlreadyRegistered');
    236. 

  236.     //}
    237. 

  237. 

  238. } // end if register request
    239. 

  239. 

  240. $interbreadcrumb[] = array ("url"=>"user.php", "name"=> get_lang('ToolUser'));
    241. 

  241. 

  242. $nameTools = get_lang('AddAU');
    243. 

  243. 

  244. Display::display_header($nameTools, "User");
    245. 

  245. 

  246. 

  247. ?>
    248. 

  248. 

  249. 

  250. 

  251. <h3><?php echo get_lang('ToolUser'); ?></h3>
    252. 

  252. 

  253. <table border="0" cellpadding="0" cellspacing="0" width="100%">
    254. 

  254. <tr>
    255. 

  255.   <td><h4><?php echo $nameTools; ?></h4></td>
    256. 

  256.   <td></td>
    257. 

  257. </tr>
    258. 

  258. </table>
    259. 

  259. 

  260. <?php
    261. 

  261. /*==========================
    262. 

  262.      ADD ONE USER FORM
    263. 

  263.   ==========================*/
    264. 

  264. ?>
    265. 

  265. 

  266. <?php echo get_lang('OneByOne'); ?>. <?php echo get_lang('UserOneByOneExplanation'); ?>
    267. 

  267. 

  268. <form method="post" action="<?php echo api_get_self(); ?>?register=yes">
    269. 

  269. <table cellpadding="3" cellspacing="0" border="0">
    270. 

  270. 

  271. <?php
    272. 

  272. if(!empty($message))
    273. 

  273. {
    274. 

  274. ?>
    275. 

  275. 

  276. <tr>
    277. 

  277.   <td colspan="2">
    278. 

  278. 

  279. <?php
    280. 

  280.     Display::display_normal_message($message); //main API
    281. 

  281. ?>
    282. 

  282. 

  283.   </td>
    284. 

  284. </tr>
    285. 

  285. 

  286. <?php
    287. 

  287. }
    288. 

  288. 

  289. if (api_is_western_name_order()) {
    290. 

  290. ?>
    291. 

  291. <tr>
    292. 

  292. <td align="right"><?php echo get_lang('FirstName'); ?> :</td>
    293. 

  293. <td><input type="text" size="15" name="firstname_form" value="<?php echo api_htmlentities(stripslashes($firstname_form), ENT_QUOTES, $charset); ?>" /></td>
    294. 

  294. </tr>
    295. 

  295. <tr>
    296. 

  296. <td align="right"><?php echo get_lang('LastName'); ?> :</td>
    297. 

  297. <td><input type="text" size="15" name="lastname_form" value="<?php echo api_htmlentities(stripslashes($lastname_form), ENT_QUOTES, $charset); ?>" /></td>
    298. 

  298. </tr>
    299. 

  299. <?php
    300. 

  300. } else {
    301. 

  301. ?>
    302. 

  302. <tr>
    303. 

  303. <td align="right"><?php echo get_lang('LastName'); ?> :</td>
    304. 

  304. <td><input type="text" size="15" name="lastname_form" value="<?php echo api_htmlentities(stripslashes($lastname_form), ENT_QUOTES, $charset); ?>" /></td>
    305. 

  305. </tr>
    306. 

  306. <tr>
    307. 

  307. <td align="right"><?php echo get_lang('FirstName'); ?> :</td>
    308. 

  308. <td><input type="text" size="15" name="firstname_form" value="<?php echo api_htmlentities(stripslashes($firstname_form), ENT_QUOTES, $charset); ?>" /></td>
    309. 

  309. </tr>
    310. 

  310. <?php
    311. 

  311. }
    312. 

  312. ?>
    313. 

  313. <tr>
    314. 

  314. <td align="right"><?php echo get_lang('OfficialCode'); ?> :</td>
    315. 

  315. <td><input type="text" size="15" name="official_code_form" value="<?php echo api_htmlentities(stripslashes($official_code_form), ENT_QUOTES, $charset); ?>" /></td>
    316. 

  316. </tr>
    317. 

  317. <tr>
    318. 

  318. <td align="right"><?php echo  get_lang('UserName') ?> :</td>
    319. 

  319. <td><input type="text" size="15" name="username_form" value="<?php echo api_htmlentities(stripslashes($username_form), ENT_QUOTES, $charset); ?>" /></td>
    320. 

  320. </tr>
    321. 

  321. <tr>
    322. 

  322. <td align="right"><?php echo  get_lang('Pass') ?> :</td>
    323. 

  323. <td><input type="password" size="15" name="password_form" value="<?php echo api_htmlentities(stripslashes($password_form), ENT_QUOTES, $charset) ?>" /></td>
    324. 

  324. </tr>
    325. 

  325. <tr>
    326. 

  326. <td align="right"><?php echo  get_lang('Email'); ?> :</td>
    327. 

  327. <td><input type="text" size="15" name="email_form" value="<?php echo $email_form; ?>" /></td>
    328. 

  328. </tr>
    329. 

  329. <tr>
    330. 

  330. <?php
    331. 

  331. 

  332. if ($_cid) // if we're inside a course, then it's a course registration
    333. 

  333. {
    334. 

  334. 

  335. ?>
    336. 

  336. <td align="right"><?php echo  get_lang('Tutor'); ?> :</td>
    337. 

  337. <td><input class="checkbox" type="radio" name="tutor_form" value="0" <?php if(!isset($tutor_form) || !$tutor_form) echo 'checked="checked"'; ?> /> <?php echo get_lang('No'); ?>
    338. 

  338. <input class="checkbox" type="radio" name="tutor_form" value="1" <?php if($tutor_form == 1) echo 'checked="checked"'; ?> /> <?php echo  get_lang('Yes') ?></td>
    339. 

  339. </tr>
    340. 

  340. <tr>
    341. 

  341. <td align="right"><?php echo  get_lang('Manager') ?> :</td>
    342. 

  342. <td><input class="checkbox" type="radio" name="admin_form" value="5" <?php if(!isset($admin_form) || $admin_form == 5) echo 'checked="checked"'; ?> /> <?php echo get_lang('No') ?>
    343. 

  343. <input class="checkbox" type="radio" name="admin_form" value="1" <?php if($admin_form == 1) echo 'checked="checked"'; ?> /> <?php echo  get_lang('Yes'); ?></td>
    344. 

  344. </tr>
    345. 

  345. <?php
    346. 

  346. 

  347. }     // end if $_cid - for the case we're not in a course registration
    348. 

  348.             // but a platform registration
    349. 

  349. else
    350. 

  350. {
    351. 

  351. 

  352. ?>
    353. 

  353. <tr>
    354. 

  354. <td align="right"><?php echo  get_lang('Status') ?> : </td>
    355. 

  355. <td>
    356. 

  356. <select name="platformStatus">
    357. 

  357. <option value="<?php echo STUDENT ?>"><?php echo  get_lang('RegStudent') ?></option>
    358. 

  358. <option value="<?php echo COURSEMANAGER ?>"><?php echo  get_lang('RegAdmin') ?></option>
    359. 

  359. </select>
    360. 

  360. </td>
    361. 

  361. </tr>
    362. 

  362. 

  363. <?php
    364. 

  364. } // end else if $_cid
    365. 

  365. ?>
    366. 

  366. <tr>
    367. 

  367. <td>&nbsp;</td>
    368. 

  368. <td><input type="submit" name="submit" value="<?php echo  get_lang('Ok') ?>" /></td>
    369. 

  369. </tr>
    370. 

  370. </table>
    371. 

  371. </form>
    372. 

  372. 

  373. <?php
    374. 

  374. 

  375. /*==========================
    376. 

  376.     IMPORT XML/CSV USER LIST
    377. 

  377.   ==========================*/
    378. 

  378. 

  379. echo "<p>".get_lang('IfYouWantToAddManyUsers')."</p>";
    380. 

  380. Display::display_footer();
    381. 

  381.