user_edit.php 18 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. /**
  4. * @package chamilo.admin
  5. */
  6. $cidReset = true;
  7. require_once __DIR__.'/../inc/global.inc.php';
  8. $this_section = SECTION_PLATFORM_ADMIN;
  9. api_protect_admin_script(true);
  10. $user_id = isset($_GET['user_id']) ? intval($_GET['user_id']) : intval($_POST['user_id']);
  11. api_protect_super_admin($user_id, null, true);
  12. $is_platform_admin = api_is_platform_admin() ? 1 : 0;
  13. $userInfo = api_get_user_info($user_id);
  14. $htmlHeadXtra[] = '
  15. <script>
  16. var is_platform_id = "'.$is_platform_admin.'";
  17. function enable_expiration_date() {
  18. document.user_edit.radio_expiration_date[0].checked=false;
  19. document.user_edit.radio_expiration_date[1].checked=true;
  20. }
  21. function password_switch_radio_button(){
  22. var input_elements = document.getElementsByTagName("input");
  23. for (var i = 0; i < input_elements.length; i++) {
  24. if(input_elements.item(i).name == "reset_password" && input_elements.item(i).value == "2") {
  25. input_elements.item(i).checked = true;
  26. }
  27. }
  28. }
  29. function display_drh_list(){
  30. var $radios = $("input:radio[name=platform_admin]");
  31. if (document.getElementById("status_select").value=='.COURSEMANAGER.') {
  32. if (is_platform_id == 1)
  33. document.getElementById("id_platform_admin").style.display="block";
  34. } else if (document.getElementById("status_select").value=='.STUDENT.') {
  35. if (is_platform_id == 1)
  36. document.getElementById("id_platform_admin").style.display="none";
  37. $radios.filter("[value=0]").attr("checked", true);
  38. } else {
  39. if (is_platform_id == 1)
  40. document.getElementById("id_platform_admin").style.display="none";
  41. $radios.filter("[value=0]").attr("checked", true);
  42. }
  43. }
  44. function show_image(image,width,height) {
  45. width = parseInt(width) + 20;
  46. height = parseInt(height) + 20;
  47. window_x = window.open(image,\'windowX\',\'width=\'+ width + \', height=\'+ height + \' , resizable=0\');
  48. }
  49. function confirmation(name) {
  50. if (confirm("'.get_lang('AreYouSureToDeleteJS', '').' " + name + " ?")) {
  51. document.forms["profile"].submit();
  52. } else {
  53. return false;
  54. }
  55. }
  56. </script>';
  57. $gMapsPlugin = GoogleMapsPlugin::create();
  58. $geolocalization = $gMapsPlugin->get('enable_api') === 'true';
  59. if ($geolocalization) {
  60. $gmapsApiKey = $gMapsPlugin->get('api_key');
  61. $htmlHeadXtra[] = '<script type="text/javascript" src="//maps.googleapis.com/maps/api/js?sensor=true&key='.$gmapsApiKey.'" ></script>';
  62. }
  63. $htmlHeadXtra[] = api_get_css_asset('cropper/dist/cropper.min.css');
  64. $htmlHeadXtra[] = api_get_asset('cropper/dist/cropper.min.js');
  65. $libpath = api_get_path(LIBRARY_PATH);
  66. $noPHP_SELF = true;
  67. $tool_name = get_lang('ModifyUserInfo');
  68. $interbreadcrumb[] = array('url' => 'index.php', "name" => get_lang('PlatformAdmin'));
  69. $interbreadcrumb[] = array('url' => "user_list.php", "name" => get_lang('UserList'));
  70. $table_user = Database::get_main_table(TABLE_MAIN_USER);
  71. $table_admin = Database::get_main_table(TABLE_MAIN_ADMIN);
  72. $sql = "SELECT u.*, a.user_id AS is_admin FROM $table_user u
  73. LEFT JOIN $table_admin a ON a.user_id = u.id
  74. WHERE u.id = '".$user_id."'";
  75. $res = Database::query($sql);
  76. if (Database::num_rows($res) != 1) {
  77. header('Location: user_list.php');
  78. exit;
  79. }
  80. $user_data = Database::fetch_array($res, 'ASSOC');
  81. $user_data['platform_admin'] = is_null($user_data['is_admin']) ? 0 : 1;
  82. $user_data['send_mail'] = 0;
  83. $user_data['old_password'] = $user_data['password'];
  84. //Convert the registration date of the user
  85. $user_data['registration_date'] = api_get_local_time($user_data['registration_date']);
  86. unset($user_data['password']);
  87. // Create the form
  88. $form = new FormValidator(
  89. 'user_edit',
  90. 'post',
  91. api_get_self().'?user_id='.$user_id,
  92. ''
  93. );
  94. $form->addElement('header', $tool_name);
  95. $form->addElement('hidden', 'user_id', $user_id);
  96. if (api_is_western_name_order()) {
  97. // Firstname
  98. $form->addElement('text', 'firstname', get_lang('FirstName'));
  99. $form->applyFilter('firstname', 'html_filter');
  100. $form->applyFilter('firstname', 'trim');
  101. $form->addRule('firstname', get_lang('ThisFieldIsRequired'), 'required');
  102. // Lastname
  103. $form->addElement('text', 'lastname', get_lang('LastName'));
  104. $form->applyFilter('lastname', 'html_filter');
  105. $form->applyFilter('lastname', 'trim');
  106. $form->addRule('lastname', get_lang('ThisFieldIsRequired'), 'required');
  107. } else {
  108. // Lastname
  109. $form->addElement('text', 'lastname', get_lang('LastName'));
  110. $form->applyFilter('lastname', 'html_filter');
  111. $form->applyFilter('lastname', 'trim');
  112. $form->addRule('lastname', get_lang('ThisFieldIsRequired'), 'required');
  113. // Firstname
  114. $form->addElement('text', 'firstname', get_lang('FirstName'));
  115. $form->applyFilter('firstname', 'html_filter');
  116. $form->applyFilter('firstname', 'trim');
  117. $form->addRule('firstname', get_lang('ThisFieldIsRequired'), 'required');
  118. }
  119. // Official code
  120. $form->addElement('text', 'official_code', get_lang('OfficialCode'), array('size' => '40'));
  121. $form->applyFilter('official_code', 'html_filter');
  122. $form->applyFilter('official_code', 'trim');
  123. // Email
  124. $form->addElement('text', 'email', get_lang('Email'));
  125. $form->addRule('email', get_lang('EmailWrong'), 'email');
  126. if (api_get_setting('registration', 'email') == 'true') {
  127. $form->addRule('email', get_lang('EmailWrong'), 'required');
  128. }
  129. if (api_get_setting('login_is_email') == 'true') {
  130. $form->addRule('email', sprintf(get_lang('UsernameMaxXCharacters'), (string) USERNAME_MAX_LENGTH), 'maxlength', USERNAME_MAX_LENGTH);
  131. $form->addRule('email', get_lang('UserTaken'), 'username_available', $user_data['username']);
  132. }
  133. // OpenID
  134. if (api_get_setting('openid_authentication') == 'true') {
  135. $form->addElement('text', 'openid', get_lang('OpenIDURL'));
  136. }
  137. // Phone
  138. $form->addElement('text', 'phone', get_lang('PhoneNumber'));
  139. // Picture
  140. $form->addFile(
  141. 'picture',
  142. get_lang('AddImage'),
  143. array('id' => 'picture', 'class' => 'picture-form', 'crop_image' => true, 'crop_ratio' => '1 / 1')
  144. );
  145. $allowed_picture_types = api_get_supported_image_extensions(false);
  146. $form->addRule(
  147. 'picture',
  148. get_lang('OnlyImagesAllowed').' ('.implode(',', $allowed_picture_types).')',
  149. 'filetype',
  150. $allowed_picture_types
  151. );
  152. if (strlen($user_data['picture_uri']) > 0) {
  153. $form->addElement('checkbox', 'delete_picture', '', get_lang('DelImage'));
  154. }
  155. // Username
  156. if (api_get_setting('login_is_email') != 'true') {
  157. $form->addElement('text', 'username', get_lang('LoginName'), array('maxlength' => USERNAME_MAX_LENGTH));
  158. $form->addRule('username', get_lang('ThisFieldIsRequired'), 'required');
  159. $form->addRule('username', sprintf(get_lang('UsernameMaxXCharacters'), (string) USERNAME_MAX_LENGTH), 'maxlength', USERNAME_MAX_LENGTH);
  160. $form->addRule('username', get_lang('OnlyLettersAndNumbersAllowed'), 'username');
  161. $form->addRule('username', get_lang('UserTaken'), 'username_available', $user_data['username']);
  162. }
  163. if (isset($extAuthSource) && !empty($extAuthSource) && count($extAuthSource) > 0) {
  164. $form->addLabel(
  165. get_lang('ExternalAuthentication'),
  166. $userInfo['auth_source']
  167. );
  168. }
  169. // Password
  170. $form->addElement('radio', 'reset_password', get_lang('Password'), get_lang('DontResetPassword'), 0);
  171. $nb_ext_auth_source_added = 0;
  172. if (isset($extAuthSource) && !empty($extAuthSource) && count($extAuthSource) > 0) {
  173. $auth_sources = array();
  174. foreach ($extAuthSource as $key => $info) {
  175. // @todo : make uniform external authentication configuration (ex : cas and external_login ldap)
  176. // Special case for CAS. CAS is activated from Chamilo > Administration > Configuration > CAS
  177. // extAuthSource always on for CAS even if not activated
  178. // same action for file user_add.php
  179. if (($key == CAS_AUTH_SOURCE && api_get_setting('cas_activate') === 'true') || ($key != CAS_AUTH_SOURCE)) {
  180. $auth_sources[$key] = $key;
  181. $nb_ext_auth_source_added++;
  182. }
  183. }
  184. if ($nb_ext_auth_source_added > 0) {
  185. // @todo check the radio button for external authentification and select the external authentication in the menu
  186. $group[] = $form->createElement('radio', 'reset_password', null, get_lang('ExternalAuthentication').' ', 3);
  187. $group[] = $form->createElement('select', 'auth_source', null, $auth_sources);
  188. $group[] = $form->createElement('static', '', '', '<br />');
  189. $form->addGroup($group, 'password', null, null, false);
  190. }
  191. }
  192. $form->addElement('radio', 'reset_password', null, get_lang('AutoGeneratePassword'), 1);
  193. $group = array();
  194. $group[] = $form->createElement('radio', 'reset_password', null, get_lang('EnterPassword'), 2);
  195. $group[] = $form->createElement(
  196. 'password',
  197. 'password',
  198. null,
  199. array('onkeydown' => 'javascript: password_switch_radio_button();')
  200. );
  201. $form->addGroup($group, 'password', null, null, false);
  202. $form->addPasswordRule('password', 'password');
  203. // Status
  204. $status = array();
  205. $status[COURSEMANAGER] = get_lang('Teacher');
  206. $status[STUDENT] = get_lang('Learner');
  207. $status[DRH] = get_lang('Drh');
  208. $status[SESSIONADMIN] = get_lang('SessionsAdmin');
  209. $status[STUDENT_BOSS] = get_lang('RoleStudentBoss');
  210. $status[INVITEE] = get_lang('Invitee');
  211. $form->addElement(
  212. 'select',
  213. 'status',
  214. get_lang('Profile'),
  215. $status,
  216. array(
  217. 'id' => 'status_select',
  218. 'onchange' => 'javascript: display_drh_list();'
  219. )
  220. );
  221. $display = isset($user_data['status']) && ($user_data['status'] == STUDENT || (isset($_POST['status']) && $_POST['status'] == STUDENT)) ? 'block' : 'none';
  222. // Platform admin
  223. if (api_is_platform_admin()) {
  224. $group = array();
  225. $group[] = $form->createElement('radio', 'platform_admin', null, get_lang('Yes'), 1);
  226. $group[] = $form->createElement('radio', 'platform_admin', null, get_lang('No'), 0);
  227. $user_data['status'] == 1 ? $display = 'block' : $display = 'none';
  228. $form->addElement('html', '<div id="id_platform_admin" style="display:'.$display.'">');
  229. $form->addGroup($group, 'admin', get_lang('PlatformAdmin'), null, false);
  230. $form->addElement('html', '</div>');
  231. }
  232. //Language
  233. $form->addSelectLanguage('language', get_lang('Language'));
  234. // Send email
  235. $group = array();
  236. $group[] = $form->createElement('radio', 'send_mail', null, get_lang('Yes'), 1);
  237. $group[] = $form->createElement('radio', 'send_mail', null, get_lang('No'), 0);
  238. $form->addGroup($group, 'mail', get_lang('SendMailToNewUser'), null, false);
  239. // Registration User and Date
  240. $creatorInfo = api_get_user_info($user_data['creator_id']);
  241. $date = sprintf(get_lang('CreatedByXYOnZ'), 'user_information.php?user_id='.$user_data['creator_id'], $creatorInfo['username'], $user_data['registration_date']);
  242. $form->addElement('label', get_lang('RegistrationDate'), $date);
  243. if (!$user_data['platform_admin']) {
  244. // Expiration Date
  245. $form->addElement('radio', 'radio_expiration_date', get_lang('ExpirationDate'), get_lang('NeverExpires'), 0);
  246. $group = array();
  247. $group[] = $form->createElement('radio', 'radio_expiration_date', null, get_lang('Enabled'), 1);
  248. $group[] = $form->createElement('DateTimePicker', 'expiration_date', null, array('onchange' => 'javascript: enable_expiration_date();'));
  249. $form->addGroup($group, 'max_member_group', null, null, false);
  250. // Active account or inactive account
  251. $form->addElement('radio', 'active', get_lang('ActiveAccount'), get_lang('Active'), 1);
  252. $form->addElement('radio', 'active', '', get_lang('Inactive'), 0);
  253. }
  254. $studentBossList = UserManager::getStudentBossList($user_data['user_id']);
  255. $conditions = ['status' => STUDENT_BOSS];
  256. $studentBoss = UserManager::get_user_list($conditions);
  257. $studentBossToSelect = [];
  258. if ($studentBoss) {
  259. foreach ($studentBoss as $bossId => $userData) {
  260. $bossInfo = api_get_user_info($userData['user_id']);
  261. $studentBossToSelect[$bossInfo['user_id']] = $bossInfo['complete_name_with_username'];
  262. }
  263. }
  264. if ($studentBossList) {
  265. $studentBossList = array_column($studentBossList, 'boss_id');
  266. }
  267. $user_data['student_boss'] = array_values($studentBossList);
  268. $form->addElement('advmultiselect', 'student_boss', get_lang('StudentBoss'), $studentBossToSelect);
  269. // EXTRA FIELDS
  270. $extraField = new ExtraField('user');
  271. $returnParams = $extraField->addElements(
  272. $form,
  273. $user_data['user_id'],
  274. [],
  275. false,
  276. false,
  277. [],
  278. [],
  279. true
  280. );
  281. $jquery_ready_content = $returnParams['jquery_ready_content'];
  282. // the $jquery_ready_content variable collects all functions that will be load in the $(document).ready javascript function
  283. $htmlHeadXtra[] = '<script>
  284. $(document).ready(function(){
  285. '.$jquery_ready_content.'
  286. });
  287. </script>';
  288. // Submit button
  289. $form->addButtonSave(get_lang('Save'));
  290. // Set default values
  291. $user_data['reset_password'] = 0;
  292. $expiration_date = $user_data['expiration_date'];
  293. if (empty($expiration_date)) {
  294. $user_data['radio_expiration_date'] = 0;
  295. $user_data['expiration_date'] = api_get_local_time();
  296. } else {
  297. $user_data['radio_expiration_date'] = 1;
  298. $user_data['expiration_date'] = api_get_local_time($expiration_date);
  299. }
  300. $form->setDefaults($user_data);
  301. $error_drh = false;
  302. // Validate form
  303. if ($form->validate()) {
  304. $user = $form->getSubmitValues(1);
  305. $reset_password = intval($user['reset_password']);
  306. if ($reset_password == 2 && empty($user['password'])) {
  307. Display::addFlash(Display::return_message(get_lang('PasswordIsTooShort')));
  308. header('Location: '.api_get_self().'?user_id='.$user_id);
  309. exit();
  310. }
  311. $is_user_subscribed_in_course = CourseManager::is_user_subscribed_in_course($user['user_id']);
  312. if ($user['status'] == DRH && $is_user_subscribed_in_course) {
  313. $error_drh = true;
  314. } else {
  315. $picture_element = $form->getElement('picture');
  316. $picture = $picture_element->getValue();
  317. $picture_uri = $user_data['picture_uri'];
  318. if (isset($user['delete_picture']) && $user['delete_picture']) {
  319. $picture_uri = UserManager::delete_user_picture($user_id);
  320. } elseif (!empty($picture['name'])) {
  321. $picture_uri = UserManager::update_user_picture(
  322. $user_id,
  323. $_FILES['picture']['name'],
  324. $_FILES['picture']['tmp_name'],
  325. $user['picture_crop_result']
  326. );
  327. }
  328. $lastname = $user['lastname'];
  329. $firstname = $user['firstname'];
  330. $password = $user['password'];
  331. $auth_source = isset($user['auth_source']) ? $user['auth_source'] : $userInfo['auth_source'];
  332. $official_code = $user['official_code'];
  333. $email = $user['email'];
  334. $phone = $user['phone'];
  335. $username = isset($user['username']) ? $user['username'] : $userInfo['username'];
  336. $status = intval($user['status']);
  337. $platform_admin = intval($user['platform_admin']);
  338. $send_mail = intval($user['send_mail']);
  339. $reset_password = intval($user['reset_password']);
  340. $hr_dept_id = isset($user['hr_dept_id']) ? intval($user['hr_dept_id']) : null;
  341. $language = $user['language'];
  342. $address = isset($user['address']) ? $user['address'] : null;
  343. if ($user['radio_expiration_date'] == '1' && !$user_data['platform_admin']) {
  344. $expiration_date = $user['expiration_date'];
  345. } else {
  346. $expiration_date = null;
  347. }
  348. $active = $user_data['platform_admin'] ? 1 : intval($user['active']);
  349. //If the user is set to admin the status will be overwrite by COURSEMANAGER = 1
  350. if ($platform_admin == 1) {
  351. $status = COURSEMANAGER;
  352. }
  353. if (api_get_setting('login_is_email') == 'true') {
  354. $username = $email;
  355. }
  356. UserManager::update_user(
  357. $user_id,
  358. $firstname,
  359. $lastname,
  360. $username,
  361. $password,
  362. $auth_source,
  363. $email,
  364. $status,
  365. $official_code,
  366. $phone,
  367. $picture_uri,
  368. $expiration_date,
  369. $active,
  370. null,
  371. $hr_dept_id,
  372. null,
  373. $language,
  374. null,
  375. $send_mail,
  376. $reset_password,
  377. $address
  378. );
  379. if (isset($user['student_boss'])) {
  380. UserManager::subscribeUserToBossList(
  381. $user_id,
  382. $user['student_boss'],
  383. true
  384. );
  385. }
  386. if (api_get_setting('openid_authentication') == 'true' && !empty($user['openid'])) {
  387. $up = UserManager::update_openid($user_id, $user['openid']);
  388. }
  389. $currentUserId = api_get_user_id();
  390. $userObj = api_get_user_entity($user_id);
  391. UserManager::add_user_as_admin($userObj);
  392. if ($user_id != $currentUserId) {
  393. if ($platform_admin == 1) {
  394. $userObj = api_get_user_entity($user_id);
  395. UserManager::add_user_as_admin($userObj);
  396. } else {
  397. UserManager::remove_user_admin($user_id);
  398. }
  399. }
  400. $extraFieldValue = new ExtraFieldValue('user');
  401. $extraFieldValue->saveFieldValues($user);
  402. $tok = Security::get_token();
  403. Display::addFlash(Display::return_message(get_lang('UserUpdated')));
  404. header('Location: user_list.php?sec_token='.$tok);
  405. exit();
  406. }
  407. }
  408. if ($error_drh) {
  409. Display::addFlash(Display::return_message(get_lang('StatusCanNotBeChangedToHumanResourcesManager'), 'error'));
  410. }
  411. $content = null;
  412. $bigImage = UserManager::getUserPicture($user_id, USER_IMAGE_SIZE_BIG);
  413. $normalImage = UserManager::getUserPicture($user_id, USER_IMAGE_SIZE_ORIGINAL);
  414. $content .= '<div class="row">';
  415. $content .= '<div class="col-md-10">';
  416. // Display form
  417. $content .= $form->returnForm();
  418. $content .= '</div>';
  419. $content .= '<div class="col-md-2">';
  420. $content .= '<a class="thumbnail expand-image" href="'.$bigImage.'" /><img src="'.$normalImage.'"></a>';
  421. $content .= '</div>';
  422. $tpl = new Template($tool_name);
  423. $tpl->assign('content', $content);
  424. $tpl->display_one_col_template();