user.php 40 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. /**
  4. * This script displays a list of the users of the current course.
  5. * Course admins can change user permissions, subscribe and unsubscribe users...
  6. *
  7. * show users registered in courses
  8. *
  9. * @author Roan Embrechts
  10. * @author Julio Montoya, Several fixes
  11. *
  12. * @package chamilo.user
  13. */
  14. $use_anonymous = true;
  15. require_once __DIR__.'/../inc/global.inc.php';
  16. $current_course_tool = TOOL_USER;
  17. $this_section = SECTION_COURSES;
  18. // notice for unauthorized people.
  19. api_protect_course_script(true);
  20. if (!api_is_platform_admin(true)) {
  21. if (!api_is_course_admin() && !api_is_coach()) {
  22. if (api_get_course_setting('allow_user_view_user_list') == 0) {
  23. api_not_allowed(true);
  24. }
  25. }
  26. }
  27. /* Constants and variables */
  28. $course_code = api_get_course_id();
  29. $sessionId = api_get_session_id();
  30. $is_western_name_order = api_is_western_name_order();
  31. $sort_by_first_name = api_sort_by_first_name();
  32. $course_info = api_get_course_info();
  33. $user_id = api_get_user_id();
  34. $_user = api_get_user_info();
  35. $courseCode = $course_info['code'];
  36. $courseId = $course_info['real_id'];
  37. $type = isset($_REQUEST['type']) ? intval($_REQUEST['type']) : STUDENT;
  38. $canEditUsers = api_get_setting('allow_user_course_subscription_by_course_admin') == 'true' || api_is_platform_admin();
  39. //Can't auto unregister from a session
  40. if (!empty($sessionId)) {
  41. $course_info['unsubscribe'] = 0;
  42. }
  43. /* Un registering a user section */
  44. if (api_is_allowed_to_edit(null, true)) {
  45. if (isset($_POST['action'])) {
  46. switch ($_POST['action']) {
  47. case 'unsubscribe':
  48. // Make sure we don't unsubscribe current user from the course
  49. if (is_array($_POST['user'])) {
  50. $user_ids = array_diff($_POST['user'], [$user_id]);
  51. if (count($user_ids) > 0) {
  52. CourseManager::unsubscribe_user($user_ids, $courseCode);
  53. Display::addFlash(
  54. Display::return_message(get_lang('UsersUnsubscribed'))
  55. );
  56. }
  57. }
  58. }
  59. }
  60. }
  61. // Getting extra fields that have the filter option "on"
  62. $extraField = new ExtraField('user');
  63. $extraFields = $extraField->get_all(['filter = ?' => 1]);
  64. $user_image_pdf_size = 80;
  65. if (api_is_allowed_to_edit(null, true)) {
  66. if (isset($_GET['action'])) {
  67. switch ($_GET['action']) {
  68. case 'set_tutor':
  69. $userId = isset($_GET['user_id']) ? intval($_GET['user_id']) : null;
  70. $isTutor = isset($_GET['is_tutor']) ? intval($_GET['is_tutor']) : 0;
  71. $userInfo = api_get_user_info($userId);
  72. if (!empty($userId)) {
  73. if (!$sessionId) {
  74. if ($userInfo['status'] != INVITEE) {
  75. CourseManager::updateUserCourseTutor(
  76. $userId,
  77. $courseId,
  78. $isTutor
  79. );
  80. Display::addFlash(
  81. Display::return_message(get_lang('Updated'))
  82. );
  83. } else {
  84. Display::addFlash(
  85. Display::return_message(
  86. get_lang('InviteesCantBeTutors'),
  87. 'error'
  88. )
  89. );
  90. }
  91. }
  92. }
  93. break;
  94. case 'export':
  95. $table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
  96. $table_users = Database::get_main_table(TABLE_MAIN_USER);
  97. $is_western_name_order = api_is_western_name_order();
  98. $data = [];
  99. $a_users = [];
  100. $current_access_url_id = api_get_current_access_url_id();
  101. $extra_fields = UserManager::get_extra_user_data(
  102. api_get_user_id(),
  103. false,
  104. false,
  105. false,
  106. true
  107. );
  108. $extra_fields = array_keys($extra_fields);
  109. $select_email_condition = '';
  110. if (api_get_setting('show_email_addresses') == 'true') {
  111. $select_email_condition = ' user.email, ';
  112. if ($sort_by_first_name) {
  113. $a_users[0] = [
  114. 'id',
  115. get_lang('FirstName'),
  116. get_lang('LastName'),
  117. get_lang('Username'),
  118. get_lang('Email'),
  119. get_lang('Phone'),
  120. get_lang('OfficialCode'),
  121. get_lang('Active'),
  122. ];
  123. } else {
  124. $a_users[0] = [
  125. 'id',
  126. get_lang('LastName'),
  127. get_lang('FirstName'),
  128. get_lang('Username'),
  129. get_lang('Email'),
  130. get_lang('Phone'),
  131. get_lang('OfficialCode'),
  132. get_lang('Active'),
  133. ];
  134. }
  135. } else {
  136. if ($sort_by_first_name) {
  137. $a_users[0] = [
  138. 'id',
  139. get_lang('FirstName'),
  140. get_lang('LastName'),
  141. get_lang('Username'),
  142. get_lang('Phone'),
  143. get_lang('OfficialCode'),
  144. get_lang('Active'),
  145. ];
  146. } else {
  147. $a_users[0] = [
  148. 'id',
  149. get_lang('LastName'),
  150. get_lang('FirstName'),
  151. get_lang('Username'),
  152. get_lang('Phone'),
  153. get_lang('OfficialCode'),
  154. get_lang('Active'),
  155. ];
  156. }
  157. }
  158. $legal = '';
  159. if (isset($course_info['activate_legal']) && $course_info['activate_legal'] == 1) {
  160. $legal = ', legal_agreement';
  161. $a_users[0][] = get_lang('LegalAgreementAccepted');
  162. }
  163. if ($_GET['format'] == 'pdf') {
  164. $select_email_condition = ' user.email, ';
  165. if ($is_western_name_order) {
  166. $a_users[0] = [
  167. '#',
  168. get_lang('UserPicture'),
  169. get_lang('OfficialCode'),
  170. get_lang('FirstName').', '.get_lang('LastName'),
  171. get_lang('Email'),
  172. get_lang('Phone'),
  173. ];
  174. } else {
  175. $a_users[0] = [
  176. '#',
  177. get_lang('UserPicture'),
  178. get_lang('OfficialCode'),
  179. get_lang('LastName').', '.get_lang('FirstName'),
  180. get_lang('Email'),
  181. get_lang('Phone'),
  182. ];
  183. }
  184. }
  185. $a_users[0] = array_merge($a_users[0], $extra_fields);
  186. // users subscribed to the course through a session.
  187. if (api_get_session_id()) {
  188. $table_session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
  189. $sql = "SELECT DISTINCT
  190. user.user_id, ".($is_western_name_order ? "user.firstname, user.lastname" : "user.lastname, user.firstname").",
  191. user.username,
  192. $select_email_condition
  193. phone,
  194. user.official_code,
  195. active
  196. $legal
  197. FROM $table_session_course_user as session_course_user,
  198. $table_users as user ";
  199. if (api_is_multiple_url_enabled()) {
  200. $sql .= ' , '.Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER).' au ';
  201. }
  202. $sql .= "
  203. WHERE c_id = $courseId
  204. AND session_course_user.user_id = user.user_id
  205. AND session_id = $sessionId
  206. ";
  207. if (api_is_multiple_url_enabled()) {
  208. $sql .= " AND user.user_id = au.user_id AND access_url_id = $current_access_url_id ";
  209. }
  210. // only users no coaches/teachers
  211. if ($type == COURSEMANAGER) {
  212. $sql .= " AND session_course_user.status = 2 ";
  213. } else {
  214. $sql .= " AND session_course_user.status = 0 ";
  215. }
  216. $sql .= $sort_by_first_name ? ' ORDER BY user.firstname, user.lastname' : ' ORDER BY user.lastname, user.firstname';
  217. $rs = Database::query($sql);
  218. $counter = 1;
  219. while ($user = Database:: fetch_array($rs, 'ASSOC')) {
  220. if (isset($user['legal_agreement'])) {
  221. if ($user['legal_agreement'] == 1) {
  222. $user['legal_agreement'] = get_lang('Yes');
  223. } else {
  224. $user['legal_agreement'] = get_lang('No');
  225. }
  226. }
  227. $extra_fields = UserManager::get_extra_user_data(
  228. $user['user_id'],
  229. false,
  230. false,
  231. false,
  232. true
  233. );
  234. if (!empty($extra_fields)) {
  235. foreach ($extra_fields as $key => $extra_value) {
  236. $user[$key] = $extra_value;
  237. }
  238. }
  239. $data[] = $user;
  240. if ($_GET['format'] == 'pdf') {
  241. $user_info = api_get_user_info($user['user_id']);
  242. $user_image = '<img src="'.$user_info['avatar'].'" width ="'.$user_image_pdf_size.'px" />';
  243. if ($is_western_name_order) {
  244. $user_pdf = [
  245. $counter,
  246. $user_image,
  247. $user['official_code'],
  248. $user['firstname'].', '.$user['lastname'],
  249. $user['email'],
  250. $user['phone'],
  251. ];
  252. } else {
  253. $user_pdf = [
  254. $counter,
  255. $user_image,
  256. $user['official_code'],
  257. $user['lastname'].', '.$user['firstname'],
  258. $user['email'],
  259. $user['phone'],
  260. ];
  261. }
  262. $a_users[] = $user_pdf;
  263. } else {
  264. $a_users[] = $user;
  265. }
  266. $counter++;
  267. }
  268. }
  269. if ($sessionId == 0) {
  270. // users directly subscribed to the course
  271. $table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
  272. $sql = "SELECT DISTINCT
  273. user.user_id, ".($is_western_name_order ? "user.firstname, user.lastname" : "user.lastname, user.firstname").",
  274. user.username,
  275. $select_email_condition
  276. phone,
  277. user.official_code,
  278. active $legal
  279. FROM $table_course_user as course_user, $table_users as user ";
  280. if (api_is_multiple_url_enabled()) {
  281. $sql .= ' , '.Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER).' au ';
  282. }
  283. $sql .= " WHERE
  284. c_id = '$courseId' AND
  285. course_user.relation_type <> ".COURSE_RELATION_TYPE_RRHH." AND
  286. course_user.user_id = user.user_id ";
  287. if (api_is_multiple_url_enabled()) {
  288. $sql .= " AND user.user_id = au.user_id AND access_url_id = $current_access_url_id ";
  289. }
  290. // only users no teachers/coaches
  291. if ($type == COURSEMANAGER) {
  292. $sql .= " AND course_user.status = 1 ";
  293. } else {
  294. $sql .= " AND course_user.status = 5 ";
  295. }
  296. $sql .= ($sort_by_first_name ? " ORDER BY user.firstname, user.lastname" : " ORDER BY user.lastname, user.firstname");
  297. $rs = Database::query($sql);
  298. $counter = 1;
  299. while ($user = Database::fetch_array($rs, 'ASSOC')) {
  300. if (isset($user['legal_agreement'])) {
  301. if ($user['legal_agreement'] == 1) {
  302. $user['legal_agreement'] = get_lang('Yes');
  303. } else {
  304. $user['legal_agreement'] = get_lang('No');
  305. }
  306. }
  307. $extra_fields = UserManager::get_extra_user_data(
  308. $user['user_id'],
  309. false,
  310. false,
  311. false,
  312. true
  313. );
  314. if (!empty($extra_fields)) {
  315. foreach ($extra_fields as $key => $extra_value) {
  316. $user[$key] = $extra_value;
  317. }
  318. }
  319. if ($_GET['format'] == 'pdf') {
  320. $user_info = api_get_user_info($user['user_id']);
  321. $user_image = '<img src="'.$user_info['avatar'].'" width ="'.$user_image_pdf_size.'px" />';
  322. if ($is_western_name_order) {
  323. $user_pdf = [
  324. $counter,
  325. $user_image,
  326. $user['official_code'],
  327. $user['firstname'].', '.$user['lastname'],
  328. $user['email'],
  329. $user['phone'],
  330. ];
  331. } else {
  332. $user_pdf = [
  333. $counter,
  334. $user_image,
  335. $user['official_code'],
  336. $user['lastname'].', '.$user['firstname'],
  337. $user['email'],
  338. $user['phone'],
  339. ];
  340. }
  341. $a_users[] = $user_pdf;
  342. } else {
  343. $a_users[] = $user;
  344. }
  345. $data[] = $user;
  346. $counter++;
  347. }
  348. }
  349. $fileName = get_lang('StudentList');
  350. $pdfTitle = get_lang('StudentList');
  351. if ($type == COURSEMANAGER) {
  352. $fileName = get_lang('Teachers');
  353. $pdfTitle = get_lang('Teachers');
  354. }
  355. switch ($_GET['format']) {
  356. case 'csv':
  357. Export::arrayToCsv($a_users, $fileName);
  358. exit;
  359. case 'xls':
  360. Export::arrayToXls($a_users, $fileName);
  361. exit;
  362. case 'pdf':
  363. $header_attributes = [
  364. ['style' => 'width:10px'],
  365. ['style' => 'width:30px'],
  366. ['style' => 'width:50px'],
  367. ['style' => 'width:500px'],
  368. ];
  369. $params = [
  370. 'filename' => $fileName,
  371. 'pdf_title' => $pdfTitle,
  372. 'header_attributes' => $header_attributes,
  373. ];
  374. Export::export_table_pdf($a_users, $params);
  375. exit;
  376. }
  377. }
  378. }
  379. } // end if allowed to edit
  380. if (api_is_allowed_to_edit(null, true)) {
  381. // Unregister user from course
  382. if (isset($_REQUEST['unregister']) && $_REQUEST['unregister']) {
  383. if (isset($_GET['user_id']) && is_numeric($_GET['user_id']) &&
  384. ($_GET['user_id'] != $_user['user_id'] || api_is_platform_admin())
  385. ) {
  386. $user_id = intval($_GET['user_id']);
  387. $tbl_user = Database::get_main_table(TABLE_MAIN_USER);
  388. $tbl_session_rel_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
  389. $tbl_session_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_USER);
  390. $sql = 'SELECT user.user_id
  391. FROM '.$tbl_user.' user
  392. INNER JOIN '.$tbl_session_rel_user.' reluser
  393. ON user.user_id = reluser.user_id AND reluser.relation_type<>'.SESSION_RELATION_TYPE_RRHH.'
  394. INNER JOIN '.$tbl_session_rel_course.' rel_course
  395. ON rel_course.session_id = reluser.session_id
  396. WHERE
  397. user.user_id = "'.$user_id.'" AND
  398. rel_course.c_id = "'.$courseId.'"';
  399. $result = Database::query($sql);
  400. $row = Database::fetch_array($result, 'ASSOC');
  401. if ($row['user_id'] == $user_id || $row['user_id'] == "") {
  402. CourseManager::unsubscribe_user($_GET['user_id'], $courseCode);
  403. Display::addFlash(
  404. Display::return_message(get_lang('UserUnsubscribed'))
  405. );
  406. } else {
  407. Display::addFlash(
  408. Display::return_message(
  409. get_lang('ThisStudentIsSubscribeThroughASession')
  410. )
  411. );
  412. }
  413. }
  414. }
  415. } else {
  416. // If student can unsubscribe
  417. if (isset($_REQUEST['unregister']) && $_REQUEST['unregister'] == 'yes') {
  418. if ($course_info['unsubscribe'] == 1) {
  419. $user_id = api_get_user_id();
  420. CourseManager::unsubscribe_user($user_id, $course_info['code']);
  421. header('Location: '.api_get_path(WEB_PATH).'user_portal.php');
  422. exit;
  423. }
  424. }
  425. }
  426. // $is_allowed_in_course is first defined in local.inc.php
  427. if (!api_is_allowed_in_course()) {
  428. api_not_allowed(true);
  429. }
  430. // Statistics
  431. Event::event_access_tool(TOOL_USER);
  432. $default_column = 3;
  433. $tableLabel = $type === STUDENT ? 'student' : 'teacher';
  434. $table = new SortableTable(
  435. $tableLabel.'_list',
  436. 'get_number_of_users',
  437. 'get_user_data',
  438. $default_column
  439. );
  440. $parameters['keyword'] = isset($_GET['keyword']) ? Security::remove_XSS($_GET['keyword']) : null;
  441. $parameters['sec_token'] = Security::get_token();
  442. $parameters['id_session'] = api_get_session_id();
  443. $parameters['type'] = $type;
  444. $table->set_additional_parameters($parameters);
  445. $header_nr = 0;
  446. $indexList = [];
  447. $table->set_header($header_nr++, '', false);
  448. $indexList['photo'] = $header_nr;
  449. $table->set_header($header_nr++, get_lang('Photo'), false);
  450. $indexList['official_code'] = $header_nr;
  451. $table->set_header($header_nr++, get_lang('OfficialCode'));
  452. if ($is_western_name_order) {
  453. $indexList['firstname'] = $header_nr;
  454. $table->set_header($header_nr++, get_lang('FirstName'));
  455. $indexList['lastname'] = $header_nr;
  456. $table->set_header($header_nr++, get_lang('LastName'));
  457. } else {
  458. $indexList['lastname'] = $header_nr;
  459. $table->set_header($header_nr++, get_lang('LastName'));
  460. $indexList['firstname'] = $header_nr;
  461. $table->set_header($header_nr++, get_lang('FirstName'));
  462. }
  463. $indexList['username'] = $header_nr;
  464. $table->set_header($header_nr++, get_lang('LoginName'));
  465. $indexList['groups'] = $header_nr;
  466. $table->set_header($header_nr++, get_lang('GroupSingle'), false);
  467. $hideFields = api_get_configuration_value('hide_user_field_from_list');
  468. if (!empty($hideFields)) {
  469. $hideFields = $hideFields['fields'];
  470. foreach ($hideFields as $fieldToHide) {
  471. if (isset($indexList[$fieldToHide])) {
  472. $table->setHideColumn($indexList[$fieldToHide]);
  473. }
  474. }
  475. }
  476. $table->setHideColumn('is_tutor');
  477. $table->setHideColumn('user_status_in_course');
  478. if (api_is_allowed_to_edit(null, true)) {
  479. $table->set_header($header_nr++, get_lang('Status'), false);
  480. $table->set_header($header_nr++, get_lang('Active'), false);
  481. if ($canEditUsers) {
  482. $table->set_column_filter(8, 'active_filter');
  483. } else {
  484. $table->set_column_filter(8, 'active_filter');
  485. }
  486. foreach ($extraFields as $extraField) {
  487. $table->set_header($header_nr++, $extraField['display_text'], false);
  488. }
  489. // Actions column
  490. $table->set_header($header_nr++, get_lang('Action'), false);
  491. $table->set_column_filter($header_nr - 1, 'modify_filter');
  492. if ($canEditUsers) {
  493. $table->set_form_actions(['unsubscribe' => get_lang('Unreg')], 'user');
  494. }
  495. } else {
  496. if ($course_info['unsubscribe'] == 1) {
  497. $table->set_header($header_nr++, get_lang('Action'), false);
  498. $table->set_column_filter($header_nr - 1, 'modify_filter');
  499. }
  500. }
  501. /* Header */
  502. if (isset($origin) && $origin == 'learnpath') {
  503. Display::display_reduced_header();
  504. } else {
  505. if (isset($_GET['keyword']) && !empty($_GET['keyword'])) {
  506. $interbreadcrumb[] = [
  507. "url" => "user.php?".api_get_cidreq(),
  508. "name" => get_lang("Users"),
  509. ];
  510. $tool_name = get_lang('SearchResults');
  511. } else {
  512. $tool_name = get_lang('Users');
  513. $origin = 'users';
  514. }
  515. Display::display_header($tool_name, "User");
  516. }
  517. // Tool introduction
  518. Display::display_introduction_section(TOOL_USER, 'left');
  519. $actions = '';
  520. $selectedTab = 1;
  521. if (api_is_allowed_to_edit(null, true)) {
  522. echo '<div class="actions">';
  523. switch ($type) {
  524. case STUDENT:
  525. $selectedTab = 1;
  526. $url = api_get_path(WEB_CODE_PATH).'user/subscribe_user.php?'.api_get_cidreq().'&type='.STUDENT;
  527. $icon = Display::url(
  528. Display::return_icon('add-user.png', get_lang('Add'), [], ICON_SIZE_MEDIUM),
  529. $url
  530. );
  531. break;
  532. case COURSEMANAGER:
  533. $selectedTab = 2;
  534. $url = api_get_path(WEB_CODE_PATH).'user/subscribe_user.php?'.api_get_cidreq().'&type='.COURSEMANAGER;
  535. $icon = Display::url(
  536. Display::return_icon('add-teacher.png', get_lang('Add'), [], ICON_SIZE_MEDIUM),
  537. $url
  538. );
  539. break;
  540. }
  541. echo '<div class="row">';
  542. echo '<div class="col-md-6">';
  543. echo $icon;
  544. $actions .= '<a href="user.php?'.api_get_cidreq().'&action=export&format=csv&type='.$type.'">'.
  545. Display::return_icon('export_csv.png', get_lang('ExportAsCSV'), [], ICON_SIZE_MEDIUM).'</a> ';
  546. $actions .= '<a href="user.php?'.api_get_cidreq().'&action=export&format=xls&type='.$type.'">'.
  547. Display::return_icon('export_excel.png', get_lang('ExportAsXLS'), [], ICON_SIZE_MEDIUM).'</a> ';
  548. if ($canEditUsers) {
  549. $actions .= '<a href="user_import.php?'.api_get_cidreq().'&action=import&type='.$type.'">'.
  550. Display::return_icon('import_csv.png', get_lang('ImportUsersToACourse'), [], ICON_SIZE_MEDIUM).'</a> ';
  551. }
  552. $actions .= '<a href="user.php?'.api_get_cidreq().'&action=export&format=pdf&type='.$type.'">'.
  553. Display::return_icon('pdf.png', get_lang('ExportToPDF'), [], ICON_SIZE_MEDIUM).'</a> ';
  554. echo $actions;
  555. echo '</div>';
  556. echo '<div class="col-md-6">';
  557. echo '<div class="pull-right">';
  558. // Build search-form
  559. $form = new FormValidator(
  560. 'search_user',
  561. 'get',
  562. api_get_self().'?type='.$type,
  563. '',
  564. null,
  565. FormValidator::LAYOUT_INLINE
  566. );
  567. $form->addHidden('type', $type);
  568. $form->addText('keyword', '', false);
  569. $form->addElement('hidden', 'cidReq', api_get_course_id());
  570. $form->addButtonSearch(get_lang('SearchButton'));
  571. $form->display();
  572. echo '</div>';
  573. echo '</div>';
  574. echo '</div>';
  575. $allowTutors = api_get_setting('allow_tutors_to_assign_students_to_session');
  576. if (api_is_allowed_to_edit() && $allowTutors === 'true') {
  577. $actions .= ' <a class="btn btn-default" href="session_list.php?'.api_get_cidreq().'">'.
  578. get_lang('Sessions').'</a>';
  579. }
  580. echo '</div>';
  581. }
  582. echo UserManager::getUserSubscriptionTab($selectedTab);
  583. $table->display();
  584. if (!empty($_GET['keyword']) && !empty($_GET['submit'])) {
  585. $keyword_name = Security::remove_XSS($_GET['keyword']);
  586. echo '<br/>'.get_lang('SearchResultsFor').' <span style="font-style: italic ;"> '.$keyword_name.' </span><br>';
  587. }
  588. if (!isset($origin) || $origin != 'learnpath') {
  589. Display::display_footer();
  590. }
  591. /* Helper functions for the users lists in course */
  592. /**
  593. * Get the users to display on the current page.
  594. */
  595. function get_number_of_users()
  596. {
  597. $counter = 0;
  598. $sessionId = api_get_session_id();
  599. $courseCode = api_get_course_id();
  600. $active = isset($_GET['active']) ? $_GET['active'] : null;
  601. $type = isset($_REQUEST['type']) ? intval($_REQUEST['type']) : STUDENT;
  602. if (empty($sessionId)) {
  603. $status = $type;
  604. } else {
  605. if ($type == COURSEMANAGER) {
  606. $status = 2;
  607. } else {
  608. $status = 0;
  609. }
  610. }
  611. if (!empty($sessionId)) {
  612. $a_course_users = CourseManager::get_user_list_from_course_code(
  613. $courseCode,
  614. $sessionId,
  615. null,
  616. null,
  617. $status,
  618. null,
  619. false,
  620. false,
  621. null,
  622. null,
  623. null,
  624. $active
  625. );
  626. } else {
  627. $a_course_users = CourseManager::get_user_list_from_course_code(
  628. $courseCode,
  629. 0,
  630. null,
  631. null,
  632. $status,
  633. null,
  634. false,
  635. false,
  636. null,
  637. null,
  638. null,
  639. $active
  640. );
  641. }
  642. foreach ($a_course_users as $o_course_user) {
  643. if ((
  644. isset($_GET['keyword']) &&
  645. searchUserKeyword(
  646. $o_course_user['firstname'],
  647. $o_course_user['lastname'],
  648. $o_course_user['username'],
  649. $o_course_user['official_code'],
  650. $_GET['keyword']
  651. )
  652. ) || !isset($_GET['keyword']) || empty($_GET['keyword'])
  653. ) {
  654. $counter++;
  655. }
  656. }
  657. return $counter;
  658. }
  659. /**
  660. * @param string $firstname
  661. * @param string $lastname
  662. * @param string $username
  663. * @param string $official_code
  664. * @param $keyword
  665. *
  666. * @return bool
  667. */
  668. function searchUserKeyword($firstname, $lastname, $username, $official_code, $keyword)
  669. {
  670. if (api_strripos($firstname, $keyword) !== false ||
  671. api_strripos($lastname, $keyword) !== false ||
  672. api_strripos($username, $keyword) !== false ||
  673. api_strripos($official_code, $keyword) !== false
  674. ) {
  675. return true;
  676. } else {
  677. return false;
  678. }
  679. }
  680. /**
  681. * Get the users to display on the current page.
  682. *
  683. * @param int $from Offset
  684. * @param int $number_of_items
  685. * @param int $column The column on which to sort
  686. * @param string $direction ASC or DESC, for the sort order of the query results
  687. *
  688. * @return array
  689. */
  690. function get_user_data($from, $number_of_items, $column, $direction)
  691. {
  692. global $is_western_name_order;
  693. global $extraFields;
  694. $canEditUsers = api_get_setting('allow_user_course_subscription_by_course_admin') == 'true' || api_is_platform_admin();
  695. $type = isset($_REQUEST['type']) ? intval($_REQUEST['type']) : STUDENT;
  696. $course_info = api_get_course_info();
  697. $sessionId = api_get_session_id();
  698. $course_code = $course_info['code'];
  699. $a_users = [];
  700. $limit = null;
  701. // limit
  702. if (!isset($_GET['keyword']) || empty($_GET['keyword'])) {
  703. $limit = 'LIMIT '.intval($from).','.intval($number_of_items);
  704. }
  705. if (!in_array($direction, ['ASC', 'DESC'])) {
  706. $direction = 'ASC';
  707. }
  708. switch ($column) {
  709. case 2: //official code
  710. $order_by = 'ORDER BY user.official_code '.$direction;
  711. break;
  712. case 3:
  713. if ($is_western_name_order) {
  714. $order_by = 'ORDER BY user.firstname '.$direction.', user.lastname '.$direction;
  715. } else {
  716. $order_by = 'ORDER BY user.lastname '.$direction.', user.firstname '.$direction;
  717. }
  718. break;
  719. case 4:
  720. if ($is_western_name_order) {
  721. $order_by = 'ORDER BY user.lastname '.$direction.', user.firstname '.$direction;
  722. } else {
  723. $order_by = 'ORDER BY user.firstname '.$direction.', user.lastname '.$direction;
  724. }
  725. break;
  726. case 5: //username
  727. $order_by = 'ORDER BY user.username '.$direction;
  728. break;
  729. default:
  730. if ($is_western_name_order) {
  731. $order_by = 'ORDER BY user.lastname '.$direction.', user.firstname '.$direction;
  732. } else {
  733. $order_by = 'ORDER BY user.firstname '.$direction.', user.lastname '.$direction;
  734. }
  735. break;
  736. }
  737. $active = isset($_GET['active']) ? $_GET['active'] : null;
  738. if (empty($sessionId)) {
  739. $status = $type;
  740. } else {
  741. if ($type == COURSEMANAGER) {
  742. $status = 2;
  743. } else {
  744. $status = 0;
  745. }
  746. }
  747. $a_course_users = CourseManager :: get_user_list_from_course_code(
  748. $course_code,
  749. $sessionId,
  750. $limit,
  751. $order_by,
  752. $status,
  753. null,
  754. false,
  755. false,
  756. null,
  757. [],
  758. [],
  759. $active
  760. );
  761. foreach ($a_course_users as $user_id => $o_course_user) {
  762. if ((
  763. isset($_GET['keyword']) &&
  764. searchUserKeyword(
  765. $o_course_user['firstname'],
  766. $o_course_user['lastname'],
  767. $o_course_user['username'],
  768. $o_course_user['official_code'],
  769. $_GET['keyword']
  770. )
  771. ) || !isset($_GET['keyword']) || empty($_GET['keyword'])
  772. ) {
  773. $groupsNameList = GroupManager::getAllGroupPerUserSubscription($user_id);
  774. $groupsNameListParsed = [];
  775. if (!empty($groupsNameList)) {
  776. $groupsNameListParsed = array_column($groupsNameList, 'name');
  777. }
  778. $temp = [];
  779. if (api_is_allowed_to_edit(null, true)) {
  780. $userInfo = api_get_user_info($user_id);
  781. $photo = Display::img($userInfo['avatar_small'], $userInfo['complete_name'], [], false);
  782. $temp[] = $user_id;
  783. $temp[] = $photo;
  784. $temp[] = $o_course_user['official_code'];
  785. if ($is_western_name_order) {
  786. $temp[] = $o_course_user['firstname'];
  787. $temp[] = $o_course_user['lastname'];
  788. } else {
  789. $temp[] = $o_course_user['lastname'];
  790. $temp[] = $o_course_user['firstname'];
  791. }
  792. $temp[] = $o_course_user['username'];
  793. // Groups.
  794. $temp[] = implode(', ', $groupsNameListParsed);
  795. // Status
  796. $default_status = get_lang('Student');
  797. if ((isset($o_course_user['status_rel']) && $o_course_user['status_rel'] == 1) ||
  798. (isset($o_course_user['status_session']) && $o_course_user['status_session'] == 2)
  799. ) {
  800. $default_status = get_lang('CourseManager');
  801. } elseif (isset($o_course_user['is_tutor']) && $o_course_user['is_tutor'] == 1) {
  802. $default_status = get_lang('Tutor');
  803. }
  804. $temp[] = $default_status;
  805. // Active
  806. $temp[] = $o_course_user['active'];
  807. $extraFieldOption = new ExtraFieldOption('user');
  808. $extraFieldValue = new ExtraFieldValue('user');
  809. if (!empty($extraFields)) {
  810. foreach ($extraFields as $extraField) {
  811. $data = $extraFieldValue->get_values_by_handler_and_field_id(
  812. $user_id,
  813. $extraField['id']
  814. );
  815. $optionList = $extraFieldOption->get_field_option_by_field_and_option(
  816. $extraField['id'],
  817. $data['value']
  818. );
  819. if (!empty($optionList)) {
  820. $options = implode(', ', array_column($optionList, 'display_text'));
  821. $temp[] = $options;
  822. } else {
  823. $temp[] = $data['value'];
  824. }
  825. }
  826. }
  827. // User id for actions
  828. $temp[] = $user_id;
  829. $temp['is_tutor'] = isset($o_course_user['is_tutor']) ? $o_course_user['is_tutor'] : '';
  830. $temp['user_status_in_course'] = isset($o_course_user['status_rel']) ? $o_course_user['status_rel'] : '';
  831. } else {
  832. $userInfo = api_get_user_info($user_id);
  833. $userPicture = $userInfo['avatar'];
  834. $photo = '<img src="'.$userPicture.'" alt="'.$userInfo['complete_name'].'" width="22" height="22" title="'.$userInfo['complete_name'].'" />';
  835. $temp[] = '';
  836. $temp[] = $photo;
  837. $temp[] = $o_course_user['official_code'];
  838. if ($is_western_name_order) {
  839. $temp[] = $o_course_user['firstname'];
  840. $temp[] = $o_course_user['lastname'];
  841. } else {
  842. $temp[] = $o_course_user['lastname'];
  843. $temp[] = $o_course_user['firstname'];
  844. }
  845. $temp[] = $o_course_user['username'];
  846. // Group.
  847. $temp[] = implode(', ', $groupsNameListParsed);
  848. if ($course_info['unsubscribe'] == 1) {
  849. //User id for actions
  850. $temp[] = $user_id;
  851. }
  852. }
  853. $a_users[$user_id] = $temp;
  854. }
  855. }
  856. return $a_users;
  857. }
  858. /**
  859. * Build the active-column of the table to lock or unlock a certain user
  860. * lock = the user can no longer use this account.
  861. *
  862. * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
  863. *
  864. * @param int $active the current state of the account
  865. * @param string $urlParams
  866. *
  867. * @return string Some HTML-code with the lock/unlock button
  868. */
  869. function active_filter($active, $urlParams, $row)
  870. {
  871. $userId = api_get_user_id();
  872. $action = '';
  873. $image = '';
  874. if ($active == '1') {
  875. $action = 'AccountActive';
  876. $image = 'accept';
  877. }
  878. if ($active == '0') {
  879. $action = 'AccountInactive';
  880. $image = 'error';
  881. }
  882. $result = '';
  883. /* you cannot lock yourself out otherwise you could disable all the accounts including your own => everybody is
  884. locked out and nobody can change it anymore.*/
  885. if ($row[0] != $userId) {
  886. $result = '<center><img src="'.Display::returnIconPath($image.'.png', 16).'" border="0" alt="'.get_lang(ucfirst($action)).'" title="'.get_lang(ucfirst($action)).'"/></center>';
  887. }
  888. return $result;
  889. }
  890. /**
  891. * Build the modify-column of the table.
  892. *
  893. * @param int $user_id The user id
  894. *
  895. * @return string Some HTML-code
  896. */
  897. function modify_filter($user_id, $row, $data)
  898. {
  899. global $charset;
  900. $canEditUsers = api_get_setting('allow_user_course_subscription_by_course_admin') == 'true' || api_is_platform_admin();
  901. $is_allowed_to_track = api_is_allowed_to_edit(true, true);
  902. $user_id = $data[0];
  903. $userInfo = api_get_user_info($user_id);
  904. $isInvitee = $userInfo['status'] == INVITEE ? true : false;
  905. $course_info = $_course = api_get_course_info();
  906. $current_user_id = api_get_user_id();
  907. $sessionId = api_get_session_id();
  908. $type = isset($_REQUEST['type']) ? intval($_REQUEST['type']) : STUDENT;
  909. $result = '';
  910. if ($is_allowed_to_track) {
  911. $result .= '<a href="../mySpace/myStudents.php?'.api_get_cidreq().'&student='.$user_id.'&details=true&course='.$_course['id'].'&origin=user_course&id_session='.api_get_session_id().'" title="'.get_lang('Tracking').'">
  912. '.Display::return_icon('statistics.png', get_lang('Tracking')).'
  913. </a>';
  914. }
  915. // If platform admin, show the login_as icon (this drastically shortens
  916. // time taken by support to test things out)
  917. if (api_is_platform_admin()) {
  918. $result .= ' <a href="'.api_get_path(WEB_CODE_PATH).'admin/user_list.php?action=login_as&user_id='.$user_id.'&sec_token='.Security::getTokenFromSession().'">'.
  919. Display::return_icon('login_as.gif', get_lang('LoginAs')).'</a>&nbsp;&nbsp;';
  920. }
  921. if (api_is_allowed_to_edit(null, true)) {
  922. if (empty($sessionId)) {
  923. $isTutor = isset($data['is_tutor']) ? intval($data['is_tutor']) : 0;
  924. $isTutor = empty($isTutor) ? 1 : 0;
  925. $text = get_lang('RemoveTutorStatus');
  926. if ($isTutor) {
  927. $text = get_lang('SetTutor');
  928. }
  929. if ($isInvitee) {
  930. $disabled = 'disabled';
  931. } else {
  932. $disabled = '';
  933. }
  934. $allow = api_get_configuration_value('extra');
  935. if ($allow) {
  936. $result .= '<a href="'.
  937. api_get_path(WEB_CODE_PATH).'extra/userInfo.php?'.api_get_cidreq().'&editMainUserInfo='.$user_id.'" title="'.get_lang('Edit').'" >'.
  938. Display::return_icon('edit.png', get_lang('Edit'), '', ICON_SIZE_SMALL).
  939. '</a>&nbsp;';
  940. }
  941. if ($data['user_status_in_course'] == STUDENT) {
  942. $result .= Display::url(
  943. $text,
  944. 'user.php?'.api_get_cidreq().'&action=set_tutor&is_tutor='.$isTutor.'&user_id='.$user_id.'&type='.$type,
  945. ['class' => 'btn btn-default '.$disabled]
  946. ).'&nbsp;';
  947. }
  948. }
  949. // edit
  950. if ($canEditUsers) {
  951. // unregister
  952. if ($user_id != $current_user_id || api_is_platform_admin()) {
  953. $result .= '<a class="btn btn-small btn-danger" href="'.api_get_self().'?'.api_get_cidreq().'&type='.$type.'&unregister=yes&user_id='.$user_id.'" title="'.get_lang('Unreg').' " onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES, $charset)).'\')) return false;">'.
  954. get_lang('Unreg').'</a>&nbsp;';
  955. }
  956. }
  957. } else {
  958. // Show buttons for unsubscribe
  959. if ($course_info['unsubscribe'] == 1) {
  960. if ($user_id == $current_user_id) {
  961. $result .= '<a class="btn btn-small btn-danger" href="'.api_get_self().'?'.api_get_cidreq().'&type='.$type.'&unregister=yes&user_id='.$user_id.'" title="'.get_lang('Unreg').' " onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES, $charset)).'\')) return false;">'.
  962. get_lang('Unreg').'</a>&nbsp;';
  963. }
  964. }
  965. }
  966. return $result;
  967. }