123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192 |
- <?php
- /* For licensing terms, see /license.txt */
- // including necessary libraries
- $cidReset = true;
- require_once __DIR__.'/../inc/global.inc.php';
- // user permissions
- api_block_anonymous_users();
- if (!api_is_platform_admin()) {
- if (!api_is_drh()) {
- api_not_allowed(true);
- }
- } else {
- api_protect_admin_script();
- }
- $userId = isset($_REQUEST['user_id']) ? intval($_REQUEST['user_id']) : '';
- $userInfo = api_get_user_info($userId);
- if (empty($userInfo)) {
- api_not_allowed(true);
- }
- $userIsFollowed = UserManager::is_user_followed_by_drh($userId, api_get_user_id());
- if (api_drh_can_access_all_session_content()) {
- $students = SessionManager::getAllUsersFromCoursesFromAllSessionFromStatus(
- 'drh_all',
- api_get_user_id(),
- false,
- 0, //$from,
- null, //$limit,
- null, //$column,
- 'desc', //$direction,
- null, //$keyword,
- null, //$active,
- null, //$lastConnectionDate,
- null,
- null,
- STUDENT
- );
- if (empty($students)) {
- api_not_allowed(true);
- }
- $userIdList = [];
- foreach ($students as $student) {
- $userIdList[] = $student['user_id'];
- }
- if (!in_array($userId, $userIdList)) {
- api_not_allowed(true);
- }
- } else {
- if (!api_is_platform_admin() && !$userIsFollowed) {
- api_not_allowed(true);
- }
- }
- $url = api_get_self().'?user_id='.$userId;
- $tool_name = get_lang('Edit user information');
- // Create the form
- $form = new FormValidator('user_edit', 'post', $url);
- // Username
- $usernameInput = $form->addElement('text', 'username', get_lang('Login'));
- $usernameInput->freeze();
- // Password
- $group = [];
- $auth_sources = 0; //make available wider as we need it in case of form reset (see below)
- $group[] = &$form->createElement('radio', 'password_auto', get_lang('Password'), get_lang('Automatically generate a new password').'<br />', 1);
- $group[] = &$form->createElement('radio', 'password_auto', 'id="radio_user_password"', null, 0);
- $group[] = &$form->createElement('password', 'password', null, ['onkeydown' => 'javascript: password_switch_radio_button(document.user_add,"password[password_auto]");']);
- $form->addGroup($group, 'password', get_lang('Password'));
- // Send email
- $group = [];
- $group[] = &$form->createElement('radio', 'send_mail', null, get_lang('Yes'), 1);
- $group[] = &$form->createElement('radio', 'send_mail', null, get_lang('No'), 0);
- $form->addGroup($group, 'mail', get_lang('Send mail to new user'));
- // Set default values
- $defaults = [];
- $defaults['username'] = $userInfo['username'];
- $defaults['mail']['send_mail'] = 0;
- $defaults['password']['password_auto'] = 1;
- $form->setDefaults($defaults);
- // Submit button
- $select_level = [];
- $html_results_enabled[] = $form->addButtonUpdate(get_lang('Update'), 'submit', true);
- $form->addGroup($html_results_enabled);
- // Validate form
- if ($form->validate()) {
- $check = Security::check_token('post');
- if ($check) {
- $user = $form->exportValues();
- $email = $userInfo['email'];
- $username = $userInfo['username'];
- $send_mail = intval($user['mail']['send_mail']);
- $auth_source = PLATFORM_AUTH_SOURCE;
- $resetPassword = $user['password']['password_auto'] == '1' ? 0 : 2;
- $auth_source = $userInfo['auth_source'];
- $password = $user['password']['password_auto'] == '1' ? api_generate_password() : $user['password']['password'];
- UserManager::update_user(
- $userId,
- $userInfo['firstname'],
- $userInfo['lastname'],
- $userInfo['username'],
- $password,
- $auth_source,
- $userInfo['email'],
- $userInfo['status'],
- $userInfo['official_code'],
- $userInfo['phone'],
- $userInfo['picture_uri'],
- $userInfo['expiration_date'],
- $userInfo['active'],
- $userInfo['creator_id'],
- $userInfo['hr_dept_id'],
- null, //$extra =
- $userInfo['language'],
- null, //$encrypt_method
- false,
- $resetPassword
- );
- if (!empty($email) && $send_mail) {
- $emailsubject = '['.api_get_setting('siteName').'] '.get_lang('Your registration on').' '.api_get_setting('siteName');
- $portal_url = api_get_path(WEB_PATH);
- if (api_is_multiple_url_enabled()) {
- $access_url_id = api_get_current_access_url_id();
- if ($access_url_id != -1) {
- $url = api_get_access_url($access_url_id);
- $portal_url = $url['url'];
- }
- }
- $emailbody = get_lang('Dear')." ".stripslashes(api_get_person_name($userInfo['firstname'], $userInfo['lastname'])).",\n\n".
- get_lang('You are registered to')." ".api_get_setting('siteName')." ".get_lang('with the following settings:')."\n\n".
- get_lang('Username')." : ".$username."\n".get_lang('Pass')." : ".stripslashes($password)."\n\n".
- get_lang('The address of')." ".api_get_setting('siteName')." ".
- get_lang('is')." : ".$portal_url."\n\n".
- get_lang('In case of trouble, contact us.')."\n\n".
- get_lang('Sincerely').",\n\n".
- api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'))."\n".
- get_lang('Administrator')." ".
- api_get_setting('siteName')."\nT. ".
- api_get_setting('administratorTelephone')."\n".
- get_lang('e-mail')." : ".api_get_setting('emailAdministrator');
- $emailbody = nl2br($emailbody);
- api_mail_html(
- api_get_person_name($userInfo['firstname'], $userInfo['lastname'], null, PERSON_NAME_EMAIL_ADDRESS),
- $email,
- $emailsubject,
- $emailbody
- );
- }
- Security::clear_token();
- $tok = Security::get_token();
- header('Location: '.$url.'&message=1');
- exit();
- }
- } else {
- if (isset($_POST['submit'])) {
- Security::clear_token();
- }
- $token = Security::get_token();
- $form->addElement('hidden', 'sec_token');
- $form->setConstants(['sec_token' => $token]);
- }
- $interbreadcrumb[] = [
- 'url' => api_get_path(WEB_CODE_PATH)."mySpace/student.php",
- "name" => get_lang('User list'),
- ];
- if (isset($_REQUEST['message'])) {
- Display::addFlash(Display::return_message(get_lang('Update successful'), 'normal'));
- }
- Display::display_header($tool_name);
- // Display form
- $form->display();
- Display::display_footer();
|