123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805 |
- <?php
- /* For licensing terms, see /license.txt */
- use Chamilo\UserBundle\Entity\User;
- use ChamiloSession as Session;
- /**
- * This file displays the user's profile,
- * optionally it allows users to modify their profile as well.
- *
- * See inc/conf/profile.conf.php to modify settings
- *
- * @package chamilo.auth
- */
- $cidReset = true;
- require_once __DIR__.'/../inc/global.inc.php';
- $this_section = SECTION_MYPROFILE;
- $allowSocialTool = api_get_setting('allow_social_tool') == 'true';
- if ($allowSocialTool) {
- $this_section = SECTION_SOCIAL;
- }
- $logInfo = [
- 'tool' => 'profile',
- 'tool_id' => 0,
- 'tool_id_detail' => 0,
- 'action' => $this_section,
- 'info' => '',
- ];
- Event::registerLog($logInfo);
- $_SESSION['this_section'] = $this_section;
- if (!(isset($_user['user_id']) && $_user['user_id']) || api_is_anonymous($_user['user_id'], true)) {
- api_not_allowed(true);
- }
- $htmlHeadXtra[] = api_get_password_checker_js('#username', '#password1');
- $htmlHeadXtra[] = api_get_css_asset('cropper/dist/cropper.min.css');
- $htmlHeadXtra[] = api_get_asset('cropper/dist/cropper.min.js');
- $htmlHeadXtra[] = '<script>
- $(function() {
- $("#id_generate_api_key").on("click", function (e) {
- e.preventDefault();
- $.ajax({
- contentType: "application/x-www-form-urlencoded",
- type: "POST",
- url: "'.api_get_path(WEB_AJAX_PATH).'user_manager.ajax.php?a=generate_api_key",
- data: "num_key_id="+"",
- success: function(datos) {
- $("#div_api_key").html(datos);
- }
- });
- });
- });
- function confirmation(name) {
- if (confirm("'.get_lang('AreYouSureToDeleteJS', '').' " + name + " ?")) {
- document.forms["profile"].submit();
- } else {
- return false;
- }
- }
- function show_image(image,width,height) {
- width = parseInt(width) + 20;
- height = parseInt(height) + 20;
- window_x = window.open(image,\'windowX\',\'width=\'+ width + \', height=\'+ height + \'\');
- }
- </script>';
- $jquery_ready_content = '';
- if (api_get_setting('allow_message_tool') === 'true') {
- $jquery_ready_content = <<<EOF
- $(".message-content .message-delete").click(function(){
- $(this).parents(".message-content").animate({ opacity: "hide" }, "slow");
- $(".message-view").animate({ opacity: "show" }, "slow");
- });
- EOF;
- }
- $tool_name = is_profile_editable() ? get_lang('ModifProfile') : get_lang('ViewProfile');
- $table_user = Database::get_main_table(TABLE_MAIN_USER);
- /*
- * Get initial values for all fields.
- */
- $user_data = api_get_user_info(
- api_get_user_id(),
- false,
- false,
- false,
- false,
- true,
- true
- );
- $array_list_key = UserManager::get_api_keys(api_get_user_id());
- $id_temp_key = UserManager::get_api_key_id(api_get_user_id(), 'dokeos');
- $value_array = $array_list_key[$id_temp_key];
- $user_data['api_key_generate'] = $value_array;
- if ($user_data !== false) {
- if (api_get_setting('login_is_email') == 'true') {
- $user_data['username'] = $user_data['email'];
- }
- if (is_null($user_data['language'])) {
- $user_data['language'] = api_get_setting('platformLanguage');
- }
- }
- /*
- * Initialize the form.
- */
- $form = new FormValidator('profile');
- if (api_is_western_name_order()) {
- // FIRST NAME and LAST NAME
- $form->addElement('text', 'firstname', get_lang('FirstName'), ['size' => 40]);
- $form->addElement('text', 'lastname', get_lang('LastName'), ['size' => 40]);
- } else {
- // LAST NAME and FIRST NAME
- $form->addElement('text', 'lastname', get_lang('LastName'), ['size' => 40]);
- $form->addElement('text', 'firstname', get_lang('FirstName'), ['size' => 40]);
- }
- if (api_get_setting('profile', 'name') !== 'true') {
- $form->freeze(['lastname', 'firstname']);
- }
- $form->applyFilter(['lastname', 'firstname'], 'stripslashes');
- $form->applyFilter(['lastname', 'firstname'], 'trim');
- $form->applyFilter(['lastname', 'firstname'], 'html_filter');
- $form->addRule('lastname', get_lang('ThisFieldIsRequired'), 'required');
- $form->addRule('firstname', get_lang('ThisFieldIsRequired'), 'required');
- // USERNAME
- $form->addElement(
- 'text',
- 'username',
- get_lang('UserName'),
- [
- 'id' => 'username',
- 'maxlength' => USERNAME_MAX_LENGTH,
- 'size' => USERNAME_MAX_LENGTH,
- ]
- );
- if (api_get_setting('profile', 'login') !== 'true' || api_get_setting('login_is_email') == 'true') {
- $form->freeze('username');
- }
- $form->applyFilter('username', 'stripslashes');
- $form->applyFilter('username', 'trim');
- $form->addRule('username', get_lang('ThisFieldIsRequired'), 'required');
- $form->addRule('username', get_lang('UsernameWrong'), 'username');
- $form->addRule('username', get_lang('UserTaken'), 'username_available', $user_data['username']);
- // OFFICIAL CODE
- if (defined('CONFVAL_ASK_FOR_OFFICIAL_CODE') && CONFVAL_ASK_FOR_OFFICIAL_CODE === true) {
- $form->addElement('text', 'official_code', get_lang('OfficialCode'), ['size' => 40]);
- if (api_get_setting('profile', 'officialcode') !== 'true') {
- $form->freeze('official_code');
- }
- $form->applyFilter('official_code', 'stripslashes');
- $form->applyFilter('official_code', 'trim');
- $form->applyFilter('official_code', 'html_filter');
- if (api_get_setting('registration', 'officialcode') === 'true' &&
- api_get_setting('profile', 'officialcode') === 'true'
- ) {
- $form->addRule('official_code', get_lang('ThisFieldIsRequired'), 'required');
- }
- }
- // EMAIL
- $form->addElement('email', 'email', get_lang('Email'), ['size' => 40]);
- if (api_get_setting('profile', 'email') !== 'true') {
- $form->freeze('email');
- }
- if (api_get_setting('registration', 'email') == 'true' && api_get_setting('profile', 'email') == 'true') {
- $form->applyFilter('email', 'stripslashes');
- $form->applyFilter('email', 'trim');
- $form->addRule('email', get_lang('ThisFieldIsRequired'), 'required');
- $form->addRule('email', get_lang('EmailWrong'), 'email');
- }
- // OPENID URL
- if (is_profile_editable() && api_get_setting('openid_authentication') == 'true') {
- $form->addElement('text', 'openid', get_lang('OpenIDURL'), ['size' => 40]);
- if (api_get_setting('profile', 'openid') !== 'true') {
- $form->freeze('openid');
- }
- $form->applyFilter('openid', 'trim');
- }
- // PHONE
- $form->addElement('text', 'phone', get_lang('Phone'), ['size' => 20]);
- if (api_get_setting('profile', 'phone') !== 'true') {
- $form->freeze('phone');
- }
- $form->applyFilter('phone', 'stripslashes');
- $form->applyFilter('phone', 'trim');
- $form->applyFilter('phone', 'html_filter');
- // PICTURE
- if (is_profile_editable() && api_get_setting('profile', 'picture') == 'true') {
- $form->addFile(
- 'picture',
- [
- $user_data['picture_uri'] != '' ? get_lang('UpdateImage') : get_lang('AddImage'),
- get_lang('OnlyImagesAllowed'),
- ],
- [
- 'id' => 'picture',
- 'class' => 'picture-form',
- 'crop_image' => true,
- 'crop_ratio' => '1 / 1',
- 'accept' => 'image/*',
- ]
- );
- $form->addProgress();
- if (!empty($user_data['picture_uri'])) {
- $form->addElement('checkbox', 'remove_picture', null, get_lang('DelImage'));
- }
- $allowed_picture_types = api_get_supported_image_extensions(false);
- $form->addRule(
- 'picture',
- get_lang('OnlyImagesAllowed').' ('.implode(', ', $allowed_picture_types).')',
- 'filetype',
- $allowed_picture_types
- );
- }
- // LANGUAGE
- $form->addSelectLanguage('language', get_lang('Language'));
- if (api_get_setting('profile', 'language') !== 'true') {
- $form->freeze('language');
- }
- // THEME
- if (is_profile_editable() && api_get_setting('user_selected_theme') == 'true') {
- $form->addElement('SelectTheme', 'theme', get_lang('Theme'));
- if (api_get_setting('profile', 'theme') !== 'true') {
- $form->freeze('theme');
- }
- $form->applyFilter('theme', 'trim');
- }
- // EXTENDED PROFILE this make the page very slow!
- if (api_get_setting('extended_profile') === 'true') {
- $width_extended_profile = 500;
- // MY COMPETENCES
- $form->addHtmlEditor(
- 'competences',
- get_lang('MyCompetences'),
- false,
- false,
- [
- 'ToolbarSet' => 'Profile',
- 'Width' => $width_extended_profile,
- 'Height' => '130',
- ]
- );
- // MY DIPLOMAS
- $form->addHtmlEditor(
- 'diplomas',
- get_lang('MyDiplomas'),
- false,
- false,
- [
- 'ToolbarSet' => 'Profile',
- 'Width' => $width_extended_profile,
- 'Height' => '130',
- ]
- );
- // WHAT I AM ABLE TO TEACH
- $form->addHtmlEditor(
- 'teach',
- get_lang('MyTeach'),
- false,
- false,
- [
- 'ToolbarSet' => 'Profile',
- 'Width' => $width_extended_profile,
- 'Height' => '130',
- ]
- );
- // MY PRODUCTIONS
- $form->addElement('file', 'production', get_lang('MyProductions'));
- if ($production_list = UserManager::build_production_list(api_get_user_id(), '', true)) {
- $form->addElement('static', 'productions_list', null, $production_list);
- }
- // MY PERSONAL OPEN AREA
- $form->addHtmlEditor(
- 'openarea',
- get_lang('MyPersonalOpenArea'),
- false,
- false,
- [
- 'ToolbarSet' => 'Profile',
- 'Width' => $width_extended_profile,
- 'Height' => '350',
- ]
- );
- // openarea is untrimmed for maximum openness
- $form->applyFilter(['competences', 'diplomas', 'teach', 'openarea'], 'stripslashes');
- $form->applyFilter(['competences', 'diplomas', 'teach'], 'trim');
- }
- // PASSWORD, if auth_source is platform
- if (is_platform_authentication() &&
- is_profile_editable() &&
- api_get_setting('profile', 'password') == 'true'
- ) {
- $form->addElement('password', 'password0', [get_lang('Pass'), get_lang('Enter2passToChange')], ['size' => 40]);
- $form->addElement('password', 'password1', get_lang('NewPass'), ['id' => 'password1', 'size' => 40]);
- $form->addElement('password', 'password2', get_lang('Confirmation'), ['size' => 40]);
- // user must enter identical password twice so we can prevent some user errors
- $form->addRule(['password1', 'password2'], get_lang('PassTwo'), 'compare');
- $form->addPasswordRule('password1');
- }
- $extraField = new ExtraField('user');
- $return = $extraField->addElements(
- $form,
- api_get_user_id()
- );
- $jquery_ready_content = $return['jquery_ready_content'];
- // the $jquery_ready_content variable collects all functions that
- // will be load in the $(document).ready javascript function
- $htmlHeadXtra[] = '<script>
- $(function() {
- '.$jquery_ready_content.'
- });
- </script>';
- if (api_get_setting('profile', 'apikeys') == 'true') {
- $form->addElement('html', '<div id="div_api_key">');
- $form->addElement(
- 'text',
- 'api_key_generate',
- get_lang('MyApiKey'),
- ['size' => 40, 'id' => 'id_api_key_generate']
- );
- $form->addElement('html', '</div>');
- $form->addButton(
- 'generate_api_key',
- get_lang('GenerateApiKey'),
- 'cogs',
- 'default',
- 'default',
- null,
- ['id' => 'id_generate_api_key']
- );
- }
- // SUBMIT
- if (is_profile_editable()) {
- $form->addButtonUpdate(get_lang('SaveSettings'), 'apply_change');
- } else {
- $form->freeze();
- }
- // Student cannot modified their user conditions
- $extraConditions = api_get_configuration_value('show_conditions_to_user');
- if ($extraConditions && isset($extraConditions['conditions'])) {
- $extraConditions = $extraConditions['conditions'];
- foreach ($extraConditions as $condition) {
- $element = $form->getElement('extra_'.$condition['variable']);
- if ($element) {
- $element->freeze();
- }
- }
- }
- $form->setDefaults($user_data);
- $filtered_extension = false;
- if ($form->validate()) {
- $hook = HookUpdateUser::create();
- if ($hook) {
- $hook->notifyUpdateUser(HOOK_EVENT_TYPE_PRE);
- }
- $wrong_current_password = false;
- $user_data = $form->getSubmitValues(1);
- /** @var User $user */
- $user = UserManager::getRepository()->find(api_get_user_id());
- // set password if a new one was provided
- $validPassword = false;
- $passwordWasChecked = false;
- if ($user &&
- (!empty($user_data['password0']) &&
- !empty($user_data['password1'])) ||
- (!empty($user_data['password0']) &&
- api_get_setting('profile', 'email') == 'true')
- ) {
- $passwordWasChecked = true;
- $validPassword = UserManager::isPasswordValid(
- $user->getPassword(),
- $user_data['password0'],
- $user->getSalt()
- );
- if ($validPassword) {
- $password = $user_data['password1'];
- } else {
- Display::addFlash(
- Display:: return_message(
- get_lang('CurrentPasswordEmptyOrIncorrect'),
- 'warning',
- false
- )
- );
- }
- }
- $allow_users_to_change_email_with_no_password = true;
- if (is_platform_authentication() &&
- api_get_setting('allow_users_to_change_email_with_no_password') == 'false'
- ) {
- $allow_users_to_change_email_with_no_password = false;
- }
- // If user sending the email to be changed (input available and not frozen )
- if (api_get_setting('profile', 'email') == 'true') {
- if ($allow_users_to_change_email_with_no_password) {
- if (!check_user_email($user_data['email'])) {
- $changeemail = $user_data['email'];
- }
- } else {
- // Normal behaviour
- if (!check_user_email($user_data['email']) && $validPassword) {
- $changeemail = $user_data['email'];
- }
- if (!check_user_email($user_data['email']) && empty($user_data['password0'])) {
- Display::addFlash(
- Display:: return_message(
- get_lang('ToChangeYourEmailMustTypeYourPassword'),
- 'error',
- false
- )
- );
- }
- }
- }
- // Upload picture if a new one is provided
- if ($_FILES['picture']['size']) {
- $new_picture = UserManager::update_user_picture(
- api_get_user_id(),
- $_FILES['picture']['name'],
- $_FILES['picture']['tmp_name'],
- $user_data['picture_crop_result']
- );
- if ($new_picture) {
- $user_data['picture_uri'] = $new_picture;
- Display::addFlash(
- Display:: return_message(
- get_lang('PictureUploaded'),
- 'normal',
- false
- )
- );
- }
- } elseif (!empty($user_data['remove_picture'])) {
- // remove existing picture if asked
- UserManager::deleteUserPicture(api_get_user_id());
- $user_data['picture_uri'] = '';
- }
- // Remove production.
- if (isset($user_data['remove_production']) &&
- is_array($user_data['remove_production'])
- ) {
- foreach (array_keys($user_data['remove_production']) as $production) {
- UserManager::remove_user_production(api_get_user_id(), urldecode($production));
- }
- if ($production_list = UserManager::build_production_list(api_get_user_id(), true, true)) {
- $form->insertElementBefore(
- $form->createElement('static', null, null, $production_list),
- 'productions_list'
- );
- }
- $form->removeElement('productions_list');
- Display::addFlash(
- Display:: return_message(get_lang('FileDeleted'), 'normal', false)
- );
- }
- // upload production if a new one is provided
- if (isset($_FILES['production']) && $_FILES['production']['size']) {
- $res = upload_user_production(api_get_user_id());
- if (!$res) {
- //it's a bit excessive to assume the extension is the reason why
- // upload_user_production() returned false, but it's true in most cases
- $filtered_extension = true;
- } else {
- Display::addFlash(
- Display:: return_message(
- get_lang('ProductionUploaded'),
- 'normal',
- false
- )
- );
- }
- }
- // remove values that shouldn't go in the database
- unset(
- $user_data['password0'],
- $user_data['password1'],
- $user_data['password2'],
- $user_data['MAX_FILE_SIZE'],
- $user_data['remove_picture'],
- $user_data['apply_change'],
- $user_data['email']
- );
- // Following RFC2396 (http://www.faqs.org/rfcs/rfc2396.html), a URI uses ':' as a reserved character
- // we can thus ensure the URL doesn't contain any scheme name by searching for ':' in the string
- $my_user_openid = isset($user_data['openid']) ? $user_data['openid'] : '';
- if (!preg_match('/^[^:]*:\/\/.*$/', $my_user_openid)) {
- //ensure there is at least a http:// scheme in the URI provided
- $user_data['openid'] = 'http://'.$my_user_openid;
- }
- $extras = [];
- //Checking the user language
- $languages = api_get_languages();
- if (!in_array($user_data['language'], $languages['folder'])) {
- $user_data['language'] = api_get_setting('platformLanguage');
- }
- $_SESSION['_user']['language'] = $user_data['language'];
- //Only update values that are request by the "profile" setting
- $profile_list = api_get_setting('profile');
- //Adding missing variables
- $available_values_to_modify = [];
- foreach ($profile_list as $key => $status) {
- if ($status == 'true') {
- switch ($key) {
- case 'login':
- $available_values_to_modify[] = 'username';
- break;
- case 'name':
- $available_values_to_modify[] = 'firstname';
- $available_values_to_modify[] = 'lastname';
- break;
- case 'picture':
- $available_values_to_modify[] = 'picture_uri';
- break;
- default:
- $available_values_to_modify[] = $key;
- break;
- }
- }
- }
- //Fixing missing variables
- $available_values_to_modify = array_merge(
- $available_values_to_modify,
- ['competences', 'diplomas', 'openarea', 'teach', 'openid', 'address']
- );
- // build SQL query
- $sql = "UPDATE $table_user SET";
- unset($user_data['api_key_generate']);
- foreach ($user_data as $key => $value) {
- if (substr($key, 0, 6) === 'extra_') { //an extra field
- continue;
- } elseif (strpos($key, 'remove_extra_') !== false) {
- } else {
- if (in_array($key, $available_values_to_modify)) {
- $sql .= " $key = '".Database::escape_string($value)."',";
- }
- }
- }
- $changePassword = false;
- // Change email
- if ($allow_users_to_change_email_with_no_password) {
- if (isset($changeemail) && in_array('email', $available_values_to_modify)) {
- $sql .= " email = '".Database::escape_string($changeemail)."' ";
- }
- if (isset($password) && in_array('password', $available_values_to_modify)) {
- $changePassword = true;
- }
- } else {
- if (isset($changeemail) && !isset($password) && in_array('email', $available_values_to_modify)) {
- $sql .= " email = '".Database::escape_string($changeemail)."'";
- } else {
- if (isset($password) && in_array('password', $available_values_to_modify)) {
- if (isset($changeemail) && in_array('email', $available_values_to_modify)) {
- $sql .= " email = '".Database::escape_string($changeemail)."' ";
- }
- $changePassword = true;
- }
- }
- }
- $sql = rtrim($sql, ',');
- if ($changePassword && !empty($password)) {
- UserManager::updatePassword(api_get_user_id(), $password);
- }
- if (api_get_setting('profile', 'officialcode') === 'true' &&
- isset($user_data['official_code'])
- ) {
- $sql .= ", official_code = '".Database::escape_string($user_data['official_code'])."'";
- }
- $sql .= " WHERE id = '".api_get_user_id()."'";
- Database::query($sql);
- if ($passwordWasChecked == false) {
- Display::addFlash(
- Display:: return_message(get_lang('ProfileReg'), 'normal', false)
- );
- } else {
- if ($validPassword) {
- Display::addFlash(
- Display:: return_message(get_lang('ProfileReg'), 'normal', false)
- );
- }
- }
- $extraField = new ExtraFieldValue('user');
- $extraField->saveFieldValues($user_data);
- $userInfo = api_get_user_info(
- api_get_user_id(),
- false,
- false,
- false,
- false,
- true,
- true
- );
- Session::write('_user', $userInfo);
- if ($hook) {
- Database::getManager()->clear(User::class); //Avoid cache issue (user entity is used before)
- $user = api_get_user_entity(api_get_user_id()); //Get updated user info for hook event
- $hook->setEventData(['user' => $user]);
- $hook->notifyUpdateUser(HOOK_EVENT_TYPE_POST);
- }
- $url = api_get_self();
- header("Location: ".$url);
- exit;
- }
- // the header
- $actions = '';
- if ($allowSocialTool) {
- if (api_get_setting('extended_profile') === 'true') {
- if (api_get_setting('allow_message_tool') === 'true') {
- $actions .= '<a href="'.api_get_path(WEB_PATH).'main/social/profile.php">'.
- Display::return_icon('shared_profile.png', get_lang('ViewSharedProfile')).'</a>';
- $actions .= '<a href="'.api_get_path(WEB_PATH).'main/messages/inbox.php">'.
- Display::return_icon('inbox.png', get_lang('Messages')).'</a>';
- }
- $show = isset($_GET['show']) ? '&show='.Security::remove_XSS($_GET['show']) : '';
- if (isset($_GET['type']) && $_GET['type'] === 'extended') {
- $actions .= '<a href="profile.php?type=reduced'.$show.'">'.
- Display::return_icon('edit.png', get_lang('EditNormalProfile'), '', 16).'</a>';
- } else {
- $actions .= '<a href="profile.php?type=extended'.$show.'">'.
- Display::return_icon('edit.png', get_lang('EditExtendProfile'), '', 16).'</a>';
- }
- }
- }
- $show_delete_account_button = api_get_setting('platform_unsubscribe_allowed') === 'true' ? true : false;
- $tpl = new Template(get_lang('ModifyProfile'));
- if ($actions) {
- $tpl->assign(
- 'actions',
- Display::toolbarAction('toolbar', [$actions])
- );
- }
- SocialManager::setSocialUserBlock($tpl, api_get_user_id(), 'messages');
- if ($allowSocialTool) {
- SocialManager::setSocialUserBlock($tpl, api_get_user_id(), 'home');
- $menu = SocialManager::show_social_menu(
- 'home',
- null,
- api_get_user_id(),
- false,
- $show_delete_account_button
- );
- $tpl->assign('social_menu_block', $menu);
- $tpl->assign('social_right_content', $form->returnForm());
- $social_layout = $tpl->get_template('social/edit_profile.tpl');
- $tpl->display($social_layout);
- } else {
- $bigImage = UserManager::getUserPicture(api_get_user_id(), USER_IMAGE_SIZE_BIG);
- $normalImage = UserManager::getUserPicture(api_get_user_id(), USER_IMAGE_SIZE_ORIGINAL);
- $imageToShow = '<div id="image-message-container">';
- $imageToShow .= '<a class="expand-image pull-right" href="'.$bigImage.'" /><img src="'.$normalImage.'"></a>';
- $imageToShow .= '</div>';
- $content = $imageToShow.$form->returnForm();
- $tpl->assign('content', $content);
- $tpl->display_one_col_template();
- }
- // Helper functions defined below this point
- /**
- * Is user auth_source is platform ?
- *
- * @return bool Whether auth_source is 'platform' or not
- */
- function is_platform_authentication()
- {
- $tabUserInfo = api_get_user_info();
- return $tabUserInfo['auth_source'] == PLATFORM_AUTH_SOURCE;
- }
- /**
- * Can a user edit his/her profile?
- *
- * @return bool Whether the profile can be edited by the user or not
- */
- function is_profile_editable()
- {
- if (isset($GLOBALS['profileIsEditable'])) {
- return (bool) $GLOBALS['profileIsEditable'];
- }
- return true;
- }
- /**
- * Upload a submitted user production.
- *
- * @param int $userId User id
- *
- * @return mixed The filename of the new production or FALSE if the upload has failed
- */
- function upload_user_production($userId)
- {
- $productionRepository = UserManager::getUserPathById($userId, 'system');
- if (!file_exists($productionRepository)) {
- @mkdir($productionRepository, api_get_permissions_for_new_directories(), true);
- }
- $filename = api_replace_dangerous_char($_FILES['production']['name']);
- $filename = disable_dangerous_file($filename);
- if (filter_extension($filename)) {
- if (@move_uploaded_file($_FILES['production']['tmp_name'], $productionRepository.$filename)) {
- return $filename;
- }
- }
- return false; // this should be returned if anything went wrong with the upload
- }
- /**
- * Check current user's current password.
- *
- * @param string $email E-mail
- *
- * @return bool Whether this e-mail is already in use or not
- */
- function check_user_email($email)
- {
- $userId = api_get_user_id();
- if ($userId != strval(intval($userId)) || empty($email)) {
- return false;
- }
- $tableUser = Database::get_main_table(TABLE_MAIN_USER);
- $email = Database::escape_string($email);
- $sql = "SELECT * FROM $tableUser WHERE user_id = $userId AND email = '$email'";
- $result = Database::query($sql);
- return Database::num_rows($result) != 0;
- }
|