Kezdőlap Felfedezés Súgó
Regisztráció Bejelentkezés
aj
/
chamilo-lms2
1
0
Másolás 0
Fájlok Problémák 0 Beolvasztási kérések 0 Wiki
Fa: a860d6adfc
Branch-ok Tag-ek
chamilo-lms2
/
main
/
user
/
user.php

user.php 40 KB
Előzmények Nyers

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058 
  1. <?php
    2. 

  2. /* For licensing terms, see /license.txt */
    3. 

  3. 

  4. /**
    5. 

  5.  * This script displays a list of the users of the current course.
    6. 

  6.  * Course admins can change user permissions, subscribe and unsubscribe users...
    7. 

  7.  *
    8. 

  8.  * show users registered in courses
    9. 

  9.  *
    10. 

  10.  * @author Roan Embrechts
    11. 

  11.  * @author Julio Montoya, Several fixes
    12. 

  12.  * @package chamilo.user
    13. 

  13.  */
    14. 

  14. 

  15. $use_anonymous = true;
    16. 

  16. require_once __DIR__.'/../inc/global.inc.php';
    17. 

  17. $current_course_tool = TOOL_USER;
    18. 

  18. $this_section = SECTION_COURSES;
    19. 

  19. 

  20. // notice for unauthorized people.
    21. 

  21. api_protect_course_script(true);
    22. 

  22. 

  23. if (!api_is_platform_admin(true)) {
    24. 

  24.     if (!api_is_course_admin() && !api_is_coach()) {
    25. 

  25.         if (api_get_course_setting('allow_user_view_user_list') == 0) {
    26. 

  26.             api_not_allowed(true);
    27. 

  27.         }
    28. 

  28.     }
    29. 

  29. }
    30. 

  30. 

  31. /* Constants and variables */
    32. 

  32. $course_code = api_get_course_id();
    33. 

  33. $sessionId = api_get_session_id();
    34. 

  34. $is_western_name_order = api_is_western_name_order();
    35. 

  35. $sort_by_first_name = api_sort_by_first_name();
    36. 

  36. $course_info = api_get_course_info();
    37. 

  37. $user_id = api_get_user_id();
    38. 

  38. $_user = api_get_user_info();
    39. 

  39. $courseCode = $course_info['code'];
    40. 

  40. $courseId = $course_info['real_id'];
    41. 

  41. $type = isset($_REQUEST['type']) ? intval($_REQUEST['type']) : STUDENT;
    42. 

  42. 

  43. $canEditUsers = api_get_setting('allow_user_course_subscription_by_course_admin') == 'true' || api_is_platform_admin();
    44. 

  44. 

  45. //Can't auto unregister from a session
    46. 

  46. if (!empty($sessionId)) {
    47. 

  47.     $course_info['unsubscribe'] = 0;
    48. 

  48. }
    49. 

  49. 

  50. /* Un registering a user section	*/
    51. 

  51. if (api_is_allowed_to_edit(null, true)) {
    52. 

  52.     if (isset($_POST['action'])) {
    53. 

  53.         switch ($_POST['action']) {
    54. 

  54.             case 'unsubscribe':
    55. 

  55.                 // Make sure we don't unsubscribe current user from the course
    56. 

  56.                 if (is_array($_POST['user'])) {
    57. 

  57.                     $user_ids = array_diff($_POST['user'], array($user_id));
    58. 

  58.                     if (count($user_ids) > 0) {
    59. 

  59.                         CourseManager::unsubscribe_user($user_ids, $courseCode);
    60. 

  60.                         Display::addFlash(
    61. 

  61.                             Display::return_message(get_lang('UsersUnsubscribed'))
    62. 

  62.                         );
    63. 

  63.                     }
    64. 

  64.                 }
    65. 

  65.         }
    66. 

  66.     }
    67. 

  67. }
    68. 

  68. 

  69. // Getting extra fields that have the filter option "on"
    70. 

  70. $extraField = new ExtraField('user');
    71. 

  71. $extraFields = $extraField->get_all(array('filter = ?' => 1));
    72. 

  72. $user_image_pdf_size = 80;
    73. 

  73. 

  74. if (api_is_allowed_to_edit(null, true)) {
    75. 

  75.     if (isset($_GET['action'])) {
    76. 

  76.         switch ($_GET['action']) {
    77. 

  77.             case 'set_tutor':
    78. 

  78.                 $userId = isset($_GET['user_id']) ? intval($_GET['user_id']) : null;
    79. 

  79.                 $isTutor = isset($_GET['is_tutor']) ? intval($_GET['is_tutor']) : 0;
    80. 

  80.                 $userInfo = api_get_user_info($userId);
    81. 

  81. 

  82.                 if (!empty($userId)) {
    83. 

  83.                     if (!$sessionId) {
    84. 

  84.                         if ($userInfo['status'] != INVITEE) {
    85. 

  85.                             CourseManager::updateUserCourseTutor(
    86. 

  86.                                 $userId,
    87. 

  87.                                 $courseId,
    88. 

  88.                                 $isTutor
    89. 

  89.                             );
    90. 

  90.                             Display::addFlash(
    91. 

  91.                                 Display::return_message(get_lang('Updated'))
    92. 

  92.                             );
    93. 

  93.                         } else {
    94. 

  94.                             Display::addFlash(
    95. 

  95.                                 Display::return_message(
    96. 

  96.                                     get_lang('InviteesCantBeTutors'),
    97. 

  97.                                     'error'
    98. 

  98.                                 )
    99. 

  99.                             );
    100. 

  100.                         }
    101. 

  101.                     }
    102. 

  102.                 }
    103. 

  103.                 break;
    104. 

  104.             case 'export':
    105. 

  105.                 $table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
    106. 

  106.                 $table_users = Database::get_main_table(TABLE_MAIN_USER);
    107. 

  107.                 $is_western_name_order = api_is_western_name_order();
    108. 

  108. 

  109.                 $data = array();
    110. 

  110.                 $a_users = array();
    111. 

  111.                 $current_access_url_id = api_get_current_access_url_id();
    112. 

  112.                 $extra_fields = UserManager::get_extra_user_data(
    113. 

  113.                     api_get_user_id(),
    114. 

  114.                     false,
    115. 

  115.                     false,
    116. 

  116.                     false,
    117. 

  117.                     true
    118. 

  118.                 );
    119. 

  119. 

  120.                 $extra_fields = array_keys($extra_fields);
    121. 

  121.                 $select_email_condition = '';
    122. 

  122. 

  123.                 if (api_get_setting('show_email_addresses') == 'true') {
    124. 

  124.                     $select_email_condition = ' user.email, ';
    125. 

  125.                     if ($sort_by_first_name) {
    126. 

  126.                         $a_users[0] = array(
    127. 

  127.                             'id',
    128. 

  128.                             get_lang('FirstName'),
    129. 

  129.                             get_lang('LastName'),
    130. 

  130.                             get_lang('Username'),
    131. 

  131.                             get_lang('Email'),
    132. 

  132.                             get_lang('Phone'),
    133. 

  133.                             get_lang('OfficialCode'),
    134. 

  134.                             get_lang('Active')
    135. 

  135.                         );
    136. 

  136.                     } else {
    137. 

  137.                         $a_users[0] = array(
    138. 

  138.                             'id',
    139. 

  139.                             get_lang('LastName'),
    140. 

  140.                             get_lang('FirstName'),
    141. 

  141.                             get_lang('Username'),
    142. 

  142.                             get_lang('Email'),
    143. 

  143.                             get_lang('Phone'),
    144. 

  144.                             get_lang('OfficialCode'),
    145. 

  145.                             get_lang('Active')
    146. 

  146.                         );
    147. 

  147.                     }
    148. 

  148.                 } else {
    149. 

  149.                     if ($sort_by_first_name) {
    150. 

  150.                         $a_users[0] = array(
    151. 

  151.                             'id',
    152. 

  152.                             get_lang('FirstName'),
    153. 

  153.                             get_lang('LastName'),
    154. 

  154.                             get_lang('Username'),
    155. 

  155.                             get_lang('Phone'),
    156. 

  156.                             get_lang('OfficialCode'),
    157. 

  157.                             get_lang('Active')
    158. 

  158.                         );
    159. 

  159.                     } else {
    160. 

  160.                         $a_users[0] = array(
    161. 

  161.                             'id',
    162. 

  162.                             get_lang('LastName'),
    163. 

  163.                             get_lang('FirstName'),
    164. 

  164.                             get_lang('Username'),
    165. 

  165.                             get_lang('Phone'),
    166. 

  166.                             get_lang('OfficialCode'),
    167. 

  167.                             get_lang('Active')
    168. 

  168.                         );
    169. 

  169.                     }
    170. 

  170.                 }
    171. 

  171. 

  172.                 $legal = '';
    173. 

  173. 

  174.                 if (isset($course_info['activate_legal']) && $course_info['activate_legal'] == 1) {
    175. 

  175.                     $legal = ', legal_agreement';
    176. 

  176.                     $a_users[0][] = get_lang('LegalAgreementAccepted');
    177. 

  177.                 }
    178. 

  178. 

  179.                 if ($_GET['format'] == 'pdf') {
    180. 

  180.                     $select_email_condition = ' user.email, ';
    181. 

  181.                     if ($is_western_name_order) {
    182. 

  182.                         $a_users[0] = array(
    183. 

  183.                             '#',
    184. 

  184.                             get_lang('UserPicture'),
    185. 

  185.                             get_lang('OfficialCode'),
    186. 

  186.                             get_lang('FirstName').', '.get_lang('LastName'),
    187. 

  187.                             get_lang('Email'),
    188. 

  188.                             get_lang('Phone')
    189. 

  189.                         );
    190. 

  190.                     } else {
    191. 

  191.                         $a_users[0] = array(
    192. 

  192.                             '#',
    193. 

  193.                             get_lang('UserPicture'),
    194. 

  194.                             get_lang('OfficialCode'),
    195. 

  195.                             get_lang('LastName').', '.get_lang('FirstName'),
    196. 

  196.                             get_lang('Email'),
    197. 

  197.                             get_lang('Phone')
    198. 

  198.                         );
    199. 

  199.                     }
    200. 

  200.                 }
    201. 

  201. 

  202.                 $a_users[0] = array_merge($a_users[0], $extra_fields);
    203. 

  203. 

  204.                 // users subscribed to the course through a session.
    205. 

  205.                 if (api_get_session_id()) {
    206. 

  206.                     $table_session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
    207. 

  207.                     $sql = "SELECT DISTINCT
    208. 

  208.                                 user.user_id, ".($is_western_name_order ? "user.firstname, user.lastname" : "user.lastname, user.firstname").",
    209. 

  209.                                 user.username,
    210. 

  210.                                 $select_email_condition
    211. 

  211.                                 phone,
    212. 

  212.                                 user.official_code,
    213. 

  213.                                 active
    214. 

  214.                                 $legal
    215. 

  215.                             FROM $table_session_course_user as session_course_user,
    216. 

  216.                             $table_users as user ";
    217. 

  217.                     if (api_is_multiple_url_enabled()) {
    218. 

  218.                         $sql .= ' , '.Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER).' au ';
    219. 

  219.                     }
    220. 

  220.                     $sql .= " WHERE c_id = '$courseId' AND session_course_user.user_id = user.user_id ";
    221. 

  221.                     $sql .= ' AND session_id = '.$sessionId;
    222. 

  222. 

  223.                     if (api_is_multiple_url_enabled()) {
    224. 

  224.                         $sql .= " AND user.user_id = au.user_id AND access_url_id =  $current_access_url_id  ";
    225. 

  225.                     }
    226. 

  226. 

  227.                     // only users no coaches/teachers
    228. 

  228.                     if ($type == COURSEMANAGER) {
    229. 

  229.                         $sql .= " AND session_course_user.status = 2 ";
    230. 

  230.                     } else {
    231. 

  231.                         $sql .= " AND session_course_user.status = 0 ";
    232. 

  232.                     }
    233. 

  233.                     $sql .= $sort_by_first_name ? ' ORDER BY user.firstname, user.lastname' : ' ORDER BY user.lastname, user.firstname';
    234. 

  234. 

  235.                     $rs = Database::query($sql);
    236. 

  236.                     $counter = 1;
    237. 

  237. 

  238.                     while ($user = Database:: fetch_array($rs, 'ASSOC')) {
    239. 

  239.                         if (isset($user['legal_agreement'])) {
    240. 

  240.                             if ($user['legal_agreement'] == 1) {
    241. 

  241.                                 $user['legal_agreement'] = get_lang('Yes');
    242. 

  242.                             } else {
    243. 

  243.                                 $user['legal_agreement'] = get_lang('No');
    244. 

  244.                             }
    245. 

  245.                         }
    246. 

  246.                         $extra_fields = UserManager::get_extra_user_data(
    247. 

  247.                             $user['user_id'],
    248. 

  248.                             false,
    249. 

  249.                             false,
    250. 

  250.                             false,
    251. 

  251.                             true
    252. 

  252.                         );
    253. 

  253.                         if (!empty($extra_fields)) {
    254. 

  254.                             foreach ($extra_fields as $key => $extra_value) {
    255. 

  255.                                 $user[$key] = $extra_value;
    256. 

  256.                             }
    257. 

  257.                         }
    258. 

  258.                         $data[] = $user;
    259. 

  259.                         if ($_GET['format'] == 'pdf') {
    260. 

  260.                             $user_info = api_get_user_info($user['user_id']);
    261. 

  261.                             $user_image = '<img src="'.$user_info['avatar'].'" width ="'.$user_image_pdf_size.'px" />';
    262. 

  262. 

  263.                             if ($is_western_name_order) {
    264. 

  264.                                 $user_pdf = array(
    265. 

  265.                                     $counter,
    266. 

  266.                                     $user_image,
    267. 

  267.                                     $user['official_code'],
    268. 

  268.                                     $user['firstname'].', '.$user['lastname'],
    269. 

  269.                                     $user['email'],
    270. 

  270.                                     $user['phone']
    271. 

  271.                                 );
    272. 

  272.                             } else {
    273. 

  273.                                 $user_pdf = array(
    274. 

  274.                                     $counter,
    275. 

  275.                                     $user_image,
    276. 

  276.                                     $user['official_code'],
    277. 

  277.                                     $user['lastname'].', '.$user['firstname'],
    278. 

  278.                                     $user['email'],
    279. 

  279.                                     $user['phone']
    280. 

  280.                                 );
    281. 

  281.                             }
    282. 

  282. 

  283.                             $a_users[] = $user_pdf;
    284. 

  284.                         } else {
    285. 

  285.                             $a_users[] = $user;
    286. 

  286.                         }
    287. 

  287.                         $counter++;
    288. 

  288.                     }
    289. 

  289.                 }
    290. 

  290. 

  291.                 if ($sessionId == 0) {
    292. 

  292.                     // users directly subscribed to the course
    293. 

  293.                     $table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
    294. 

  294.                     $sql = "SELECT DISTINCT
    295. 

  295. 					            user.user_id, ".($is_western_name_order ? "user.firstname, user.lastname" : "user.lastname, user.firstname").",
    296. 

  296. 					            user.username,
    297. 

  297. 					            $select_email_condition
    298. 

  298. 					            phone,
    299. 

  299. 					            user.official_code,
    300. 

  300. 					            active $legal
    301. 

  301.                             FROM $table_course_user as course_user, $table_users as user ";
    302. 

  302.                     if (api_is_multiple_url_enabled()) {
    303. 

  303.                         $sql .= ' , '.Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER).' au ';
    304. 

  304.                     }
    305. 

  305.                     $sql .= " WHERE
    306. 

  306.                             c_id = '$courseId' AND
    307. 

  307.                             course_user.relation_type <> ".COURSE_RELATION_TYPE_RRHH." AND
    308. 

  308.                             course_user.user_id = user.user_id ";
    309. 

  309. 

  310.                     if (api_is_multiple_url_enabled()) {
    311. 

  311.                         $sql .= " AND user.user_id = au.user_id  AND access_url_id =  $current_access_url_id  ";
    312. 

  312.                     }
    313. 

  313. 

  314.                     // only users no teachers/coaches
    315. 

  315.                     if ($type == COURSEMANAGER) {
    316. 

  316.                         $sql .= " AND course_user.status = 1 ";
    317. 

  317.                     } else {
    318. 

  318.                         $sql .= " AND course_user.status = 5 ";
    319. 

  319.                     }
    320. 

  320. 

  321.                     $sql .= ($sort_by_first_name ? " ORDER BY user.firstname, user.lastname" : " ORDER BY user.lastname, user.firstname");
    322. 

  322. 

  323.                     $rs = Database::query($sql);
    324. 

  324.                     $counter = 1;
    325. 

  325.                     while ($user = Database::fetch_array($rs, 'ASSOC')) {
    326. 

  326.                         if (isset($user['legal_agreement'])) {
    327. 

  327.                             if ($user['legal_agreement'] == 1) {
    328. 

  328.                                 $user['legal_agreement'] = get_lang('Yes');
    329. 

  329.                             } else {
    330. 

  330.                                 $user['legal_agreement'] = get_lang('No');
    331. 

  331.                             }
    332. 

  332.                         }
    333. 

  333. 

  334.                         $extra_fields = UserManager::get_extra_user_data(
    335. 

  335.                             $user['user_id'],
    336. 

  336.                             false,
    337. 

  337.                             false,
    338. 

  338.                             false,
    339. 

  339.                             true
    340. 

  340.                         );
    341. 

  341.                         if (!empty($extra_fields)) {
    342. 

  342.                             foreach ($extra_fields as $key => $extra_value) {
    343. 

  343.                                 $user[$key] = $extra_value;
    344. 

  344.                             }
    345. 

  345.                         }
    346. 

  346.                         if ($_GET['format'] == 'pdf') {
    347. 

  347.                             $user_info = api_get_user_info($user['user_id']);
    348. 

  348. 

  349.                             $user_image = '<img src="'.$user_info['avatar'].'" width ="'.$user_image_pdf_size.'px" />';
    350. 

  350. 

  351.                             if ($is_western_name_order) {
    352. 

  352.                                 $user_pdf = array(
    353. 

  353.                                     $counter,
    354. 

  354.                                     $user_image,
    355. 

  355.                                     $user['official_code'],
    356. 

  356.                                     $user['firstname'].', '.$user['lastname'],
    357. 

  357.                                     $user['email'],
    358. 

  358.                                     $user['phone']
    359. 

  359.                                 );
    360. 

  360.                             } else {
    361. 

  361.                                 $user_pdf = array(
    362. 

  362.                                     $counter,
    363. 

  363.                                     $user_image,
    364. 

  364.                                     $user['official_code'],
    365. 

  365.                                     $user['lastname'].', '.$user['firstname'],
    366. 

  366.                                     $user['email'],
    367. 

  367.                                     $user['phone']
    368. 

  368.                                 );
    369. 

  369.                             }
    370. 

  370. 

  371.                             $a_users[] = $user_pdf;
    372. 

  372.                         } else {
    373. 

  373.                             $a_users[] = $user;
    374. 

  374.                         }
    375. 

  375.                         $data[] = $user;
    376. 

  376.                         $counter++;
    377. 

  377.                     }
    378. 

  378.                 }
    379. 

  379. 

  380.                 $fileName = get_lang('StudentList');
    381. 

  381.                 $pdfTitle = get_lang('StudentList');
    382. 

  382. 

  383.                 if ($type == COURSEMANAGER) {
    384. 

  384.                     $fileName = get_lang('Teachers');
    385. 

  385.                     $pdfTitle = get_lang('Teachers');
    386. 

  386.                 }
    387. 

  387. 

  388.                 switch ($_GET['format']) {
    389. 

  389.                     case 'csv':
    390. 

  390.                         Export::arrayToCsv($a_users, $fileName);
    391. 

  391.                         exit;
    392. 

  392.                     case 'xls':
    393. 

  393.                         Export::arrayToXls($a_users, $fileName);
    394. 

  394.                         exit;
    395. 

  395.                     case 'pdf':
    396. 

  396.                         $header_attributes = array(
    397. 

  397.                             array('style' => 'width:10px'),
    398. 

  398.                             array('style' => 'width:30px'),
    399. 

  399.                             array('style' => 'width:50px'),
    400. 

  400.                             array('style' => 'width:500px')
    401. 

  401.                         );
    402. 

  402.                         $params = array(
    403. 

  403.                             'filename' => $fileName,
    404. 

  404.                             'pdf_title' => $pdfTitle,
    405. 

  405.                             'header_attributes' => $header_attributes
    406. 

  406.                         );
    407. 

  407. 

  408.                         Export::export_table_pdf($a_users, $params);
    409. 

  409.                         exit;
    410. 

  410.                 }
    411. 

  411.         }
    412. 

  412.     }
    413. 

  413. } // end if allowed to edit
    414. 

  414. 

  415. if (api_is_allowed_to_edit(null, true)) {
    416. 

  416.     // Unregister user from course
    417. 

  417.     if (isset($_REQUEST['unregister']) && $_REQUEST['unregister']) {
    418. 

  418.         if (isset($_GET['user_id']) && is_numeric($_GET['user_id']) &&
    419. 

  419.             ($_GET['user_id'] != $_user['user_id'] || api_is_platform_admin())
    420. 

  420.         ) {
    421. 

  421.             $user_id = intval($_GET['user_id']);
    422. 

  422.             $tbl_user = Database::get_main_table(TABLE_MAIN_USER);
    423. 

  423.             $tbl_session_rel_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
    424. 

  424.             $tbl_session_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_USER);
    425. 

  425. 

  426.             $sql = 'SELECT user.user_id
    427. 

  427. 					FROM '.$tbl_user.' user
    428. 

  428. 					INNER JOIN '.$tbl_session_rel_user.' reluser
    429. 

  429. 					ON user.user_id = reluser.user_id AND reluser.relation_type<>'.SESSION_RELATION_TYPE_RRHH.'
    430. 

  430. 					INNER JOIN '.$tbl_session_rel_course.' rel_course
    431. 

  431. 					ON rel_course.session_id = reluser.session_id
    432. 

  432. 					WHERE
    433. 

  433. 					    user.user_id = "'.$user_id.'" AND
    434. 

  434. 					    rel_course.c_id = "'.$courseId.'"';
    435. 

  435. 

  436.             $result = Database::query($sql);
    437. 

  437.             $row = Database::fetch_array($result, 'ASSOC');
    438. 

  438.             if ($row['user_id'] == $user_id || $row['user_id'] == "") {
    439. 

  439.                 CourseManager::unsubscribe_user($_GET['user_id'], $courseCode);
    440. 

  440.                 Display::addFlash(
    441. 

  441.                     Display::return_message(get_lang('UserUnsubscribed'))
    442. 

  442.                 );
    443. 

  443.             } else {
    444. 

  444.                 Display::addFlash(
    445. 

  445.                     Display::return_message(
    446. 

  446.                         get_lang('ThisStudentIsSubscribeThroughASession')
    447. 

  447.                     )
    448. 

  448.                 );
    449. 

  449.             }
    450. 

  450.         }
    451. 

  451.     }
    452. 

  452. } else {
    453. 

  453.     // If student can unsubscribe
    454. 

  454.     if (isset($_REQUEST['unregister']) && $_REQUEST['unregister'] == 'yes') {
    455. 

  455.         if ($course_info['unsubscribe'] == 1) {
    456. 

  456.             $user_id = api_get_user_id();
    457. 

  457.             CourseManager::unsubscribe_user($user_id, $course_info['code']);
    458. 

  458.             header('Location: '.api_get_path(WEB_PATH).'user_portal.php');
    459. 

  459.             exit;
    460. 

  460.         }
    461. 

  461.     }
    462. 

  462. }
    463. 

  463. 

  464. // $is_allowed_in_course is first defined in local.inc.php
    465. 

  465. if (!api_is_allowed_in_course()) {
    466. 

  466.     api_not_allowed(true);
    467. 

  467. }
    468. 

  468. 

  469. // Statistics
    470. 

  470. Event::event_access_tool(TOOL_USER);
    471. 

  471. 

  472. $default_column = 3;
    473. 

  473. $tableLabel = $type === STUDENT ? 'student' : 'teacher';
    474. 

  474. $table = new SortableTable(
    475. 

  475.     $tableLabel.'_list',
    476. 

  476.     'get_number_of_users',
    477. 

  477.     'get_user_data',
    478. 

  478.     $default_column
    479. 

  479. );
    480. 

  480. $parameters['keyword'] = isset($_GET['keyword']) ? Security::remove_XSS($_GET['keyword']) : null;
    481. 

  481. $parameters['sec_token'] = Security::get_token();
    482. 

  482. $parameters['id_session'] = api_get_session_id();
    483. 

  483. $parameters['type'] = $type;
    484. 

  484. 

  485. $table->set_additional_parameters($parameters);
    486. 

  486. $header_nr = 0;
    487. 

  487. $indexList = array();
    488. 

  488. $table->set_header($header_nr++, '', false);
    489. 

  489. 

  490. $indexList['photo'] = $header_nr;
    491. 

  491. $table->set_header($header_nr++, get_lang('Photo'), false);
    492. 

  492. $indexList['official_code'] = $header_nr;
    493. 

  493. $table->set_header($header_nr++, get_lang('OfficialCode'));
    494. 

  494. 

  495. if ($is_western_name_order) {
    496. 

  496.     $indexList['firstname'] = $header_nr;
    497. 

  497.     $table->set_header($header_nr++, get_lang('FirstName'));
    498. 

  498.     $indexList['lastname'] = $header_nr;
    499. 

  499.     $table->set_header($header_nr++, get_lang('LastName'));
    500. 

  500. } else {
    501. 

  501.     $indexList['lastname'] = $header_nr;
    502. 

  502.     $table->set_header($header_nr++, get_lang('LastName'));
    503. 

  503.     $indexList['firstname'] = $header_nr;
    504. 

  504.     $table->set_header($header_nr++, get_lang('FirstName'));
    505. 

  505. }
    506. 

  506. $indexList['username'] = $header_nr;
    507. 

  507. $table->set_header($header_nr++, get_lang('LoginName'));
    508. 

  508. $indexList['groups'] = $header_nr;
    509. 

  509. $table->set_header($header_nr++, get_lang('GroupSingle'), false);
    510. 

  510. 

  511. $hideFields = api_get_configuration_value('hide_user_field_from_list');
    512. 

  512. 

  513. if (!empty($hideFields)) {
    514. 

  514.     $hideFields = $hideFields['fields'];
    515. 

  515.     foreach ($hideFields as $fieldToHide) {
    516. 

  516.         if (isset($indexList[$fieldToHide])) {
    517. 

  517.             $table->setHideColumn($indexList[$fieldToHide]);
    518. 

  518.         }
    519. 

  519.     }
    520. 

  520. }
    521. 

  521. 

  522. $table->setHideColumn('is_tutor');
    523. 

  523. $table->setHideColumn('user_status_in_course');
    524. 

  524. 

  525. if (api_is_allowed_to_edit(null, true)) {
    526. 

  526.     $table->set_header($header_nr++, get_lang('Status'), false);
    527. 

  527.     $table->set_header($header_nr++, get_lang('Active'), false);
    528. 

  528.     if ($canEditUsers) {
    529. 

  529.         $table->set_column_filter(8, 'active_filter');
    530. 

  530.     } else {
    531. 

  531.         $table->set_column_filter(8, 'active_filter');
    532. 

  532.     }
    533. 

  533. 

  534.     foreach ($extraFields as $extraField) {
    535. 

  535.         $table->set_header($header_nr++, $extraField['display_text'], false);
    536. 

  536.     }
    537. 

  537. 

  538.     // Actions column
    539. 

  539.     $table->set_header($header_nr++, get_lang('Action'), false);
    540. 

  540.     $table->set_column_filter($header_nr - 1, 'modify_filter');
    541. 

  541. 

  542.     if ($canEditUsers) {
    543. 

  543.         $table->set_form_actions(array('unsubscribe' => get_lang('Unreg')), 'user');
    544. 

  544.     }
    545. 

  545. } else {
    546. 

  546.     if ($course_info['unsubscribe'] == 1) {
    547. 

  547.         $table->set_header($header_nr++, get_lang('Action'), false);
    548. 

  548.         $table->set_column_filter($header_nr - 1, 'modify_filter');
    549. 

  549.     }
    550. 

  550. }
    551. 

  551. 

  552. /*	Header */
    553. 

  553. if (isset($origin) && $origin == 'learnpath') {
    554. 

  554.     Display::display_reduced_header();
    555. 

  555. } else {
    556. 

  556.     if (isset($_GET['keyword']) && !empty($_GET['keyword'])) {
    557. 

  557.         $interbreadcrumb[] = array(
    558. 

  558.             "url" => "user.php?".api_get_cidreq(),
    559. 

  559.             "name" => get_lang("Users"),
    560. 

  560.         );
    561. 

  561.         $tool_name = get_lang('SearchResults');
    562. 

  562.     } else {
    563. 

  563.         $tool_name = get_lang('Users');
    564. 

  564.         $origin = 'users';
    565. 

  565.     }
    566. 

  566.     Display::display_header($tool_name, "User");
    567. 

  567. }
    568. 

  568. 

  569. // Tool introduction
    570. 

  570. Display::display_introduction_section(TOOL_USER, 'left');
    571. 

  571. $actions = '';
    572. 

  572. $selectedTab = 1;
    573. 

  573. 

  574. if (api_is_allowed_to_edit(null, true)) {
    575. 

  575.     echo '<div class="actions">';
    576. 

  576.     switch ($type) {
    577. 

  577.         case STUDENT:
    578. 

  578.             $selectedTab = 1;
    579. 

  579.             $url = api_get_path(WEB_CODE_PATH).'user/subscribe_user.php?'.api_get_cidreq().'&type='.STUDENT;
    580. 

  580.             $icon = Display::url(
    581. 

  581.                 Display::return_icon('add-user.png', get_lang('Add'), '', ICON_SIZE_MEDIUM),
    582. 

  582.                 $url
    583. 

  583.             );
    584. 

  584.             break;
    585. 

  585.         case COURSEMANAGER:
    586. 

  586.             $selectedTab = 2;
    587. 

  587.             $url = api_get_path(WEB_CODE_PATH).'user/subscribe_user.php?'.api_get_cidreq().'&type='.COURSEMANAGER;
    588. 

  588.             $icon = Display::url(
    589. 

  589.                 Display::return_icon('add-teacher.png', get_lang('Add'), '', ICON_SIZE_MEDIUM),
    590. 

  590.                 $url
    591. 

  591.             );
    592. 

  592.             break;
    593. 

  593.     }
    594. 

  594. 

  595.     echo '<div class="row">';
    596. 

  596.     echo '<div class="col-md-6">';
    597. 

  597.     echo $icon;
    598. 

  598.     $actions .= '<a href="user.php?'.api_get_cidreq().'&action=export&format=csv&type='.$type.'">'.
    599. 

  599.         Display::return_icon('export_csv.png', get_lang('ExportAsCSV'), '', ICON_SIZE_MEDIUM).'</a> ';
    600. 

  600.     $actions .= '<a href="user.php?'.api_get_cidreq().'&action=export&format=xls&type='.$type.'">'.
    601. 

  601.         Display::return_icon('export_excel.png', get_lang('ExportAsXLS'), '', ICON_SIZE_MEDIUM).'</a> ';
    602. 

  602. 

  603.     if ($canEditUsers) {
    604. 

  604.         $actions .= '<a href="user_import.php?'.api_get_cidreq().'&action=import">'.
    605. 

  605.             Display::return_icon('import_csv.png', get_lang('ImportUsersToACourse'), '', ICON_SIZE_MEDIUM).'</a> ';
    606. 

  606.     }
    607. 

  607. 

  608.     $actions .= '<a href="user.php?'.api_get_cidreq().'&action=export&format=pdf&type='.$type.'">'.
    609. 

  609.         Display::return_icon('pdf.png', get_lang('ExportToPDF'), '', ICON_SIZE_MEDIUM).'</a> ';
    610. 

  610.     echo $actions;
    611. 

  611. 

  612.     echo '</div>';
    613. 

  613.     echo '<div class="col-md-6">';
    614. 

  614.     echo '<div class="pull-right">';
    615. 

  615.     // Build search-form
    616. 

  616.     $form = new FormValidator(
    617. 

  617.         'search_user',
    618. 

  618.         'get',
    619. 

  619.         api_get_self().'?type='.$type,
    620. 

  620.         '',
    621. 

  621.         null,
    622. 

  622.         FormValidator::LAYOUT_INLINE
    623. 

  623.     );
    624. 

  624.     $form->addHidden('type', $type);
    625. 

  625.     $form->addText('keyword', '', false);
    626. 

  626.     $form->addElement('hidden', 'cidReq', api_get_course_id());
    627. 

  627.     $form->addButtonSearch(get_lang('SearchButton'));
    628. 

  628.     $form->display();
    629. 

  629.     echo '</div>';
    630. 

  630.     echo '</div>';
    631. 

  631.     echo '</div>';
    632. 

  632. 

  633.     $allowTutors = api_get_setting('allow_tutors_to_assign_students_to_session');
    634. 

  634.     if (api_is_allowed_to_edit() && $allowTutors === 'true') {
    635. 

  635.         $actions .= ' <a class="btn btn-default" href="session_list.php?'.api_get_cidreq().'">'.
    636. 

  636.             get_lang('Sessions').'</a>';
    637. 

  637.     }
    638. 

  638.     echo '</div>';
    639. 

  639. }
    640. 

  640. 

  641. echo UserManager::getUserSubscriptionTab($selectedTab);
    642. 

  642. $table->display();
    643. 

  643. 

  644. if (!empty($_GET['keyword']) && !empty($_GET['submit'])) {
    645. 

  645.     $keyword_name = Security::remove_XSS($_GET['keyword']);
    646. 

  646.     echo '<br/>'.get_lang('SearchResultsFor').' <span style="font-style: italic ;"> '.$keyword_name.' </span><br>';
    647. 

  647. }
    648. 

  648. 

  649. if (!isset($origin) || $origin != 'learnpath') {
    650. 

  650.     Display::display_footer();
    651. 

  651. }
    652. 

  652. 

  653. /* Helper functions for the users lists in course */
    654. 

  654. /**
    655. 

  655.  * Get the users to display on the current page.
    656. 

  656.  */
    657. 

  657. function get_number_of_users()
    658. 

  658. {
    659. 

  659.     $counter = 0;
    660. 

  660.     $sessionId = api_get_session_id();
    661. 

  661.     $courseCode = api_get_course_id();
    662. 

  662.     $active = isset($_GET['active']) ? $_GET['active'] : null;
    663. 

  663.     $type = isset($_REQUEST['type']) ? intval($_REQUEST['type']) : STUDENT;
    664. 

  664. 

  665.     if (empty($sessionId)) {
    666. 

  666.         $status = $type;
    667. 

  667.     } else {
    668. 

  668.         if ($type == COURSEMANAGER) {
    669. 

  669.             $status = 2;
    670. 

  670.         } else {
    671. 

  671.             $status = 0;
    672. 

  672.         }
    673. 

  673.     }
    674. 

  674. 

  675.     if (!empty($sessionId)) {
    676. 

  676.         $a_course_users = CourseManager::get_user_list_from_course_code(
    677. 

  677.             $courseCode,
    678. 

  678.             $sessionId,
    679. 

  679.             null,
    680. 

  680.             null,
    681. 

  681.             $status,
    682. 

  682.             null,
    683. 

  683.             false,
    684. 

  684.             false,
    685. 

  685.             null,
    686. 

  686.             null,
    687. 

  687.             null,
    688. 

  688.             $active
    689. 

  689.         );
    690. 

  690.     } else {
    691. 

  691.         $a_course_users = CourseManager::get_user_list_from_course_code(
    692. 

  692.             $courseCode,
    693. 

  693.             0,
    694. 

  694.             null,
    695. 

  695.             null,
    696. 

  696.             $status,
    697. 

  697.             null,
    698. 

  698.             false,
    699. 

  699.             false,
    700. 

  700.             null,
    701. 

  701.             null,
    702. 

  702.             null,
    703. 

  703.             $active
    704. 

  704.         );
    705. 

  705.     }
    706. 

  706. 

  707.     foreach ($a_course_users as $o_course_user) {
    708. 

  708.         if ((isset($_GET['keyword']) &&
    709. 

  709.                 searchUserKeyword(
    710. 

  710.                     $o_course_user['firstname'],
    711. 

  711.                     $o_course_user['lastname'],
    712. 

  712.                     $o_course_user['username'],
    713. 

  713.                     $o_course_user['official_code'],
    714. 

  714.                     $_GET['keyword']
    715. 

  715.                 )
    716. 

  716.             ) || !isset($_GET['keyword']) || empty($_GET['keyword'])
    717. 

  717.         ) {
    718. 

  718.             $counter++;
    719. 

  719.         }
    720. 

  720.     }
    721. 

  721. 

  722.     return $counter;
    723. 

  723. }
    724. 

  724. 

  725. /**
    726. 

  726.  * @param string $firstname
    727. 

  727.  * @param string $lastname
    728. 

  728.  * @param string $username
    729. 

  729.  * @param string $official_code
    730. 

  730.  * @param $keyword
    731. 

  731.  * @return bool
    732. 

  732.  */
    733. 

  733. function searchUserKeyword($firstname, $lastname, $username, $official_code, $keyword)
    734. 

  734. {
    735. 

  735.     if (api_strripos($firstname, $keyword) !== false ||
    736. 

  736.         api_strripos($lastname, $keyword) !== false ||
    737. 

  737.         api_strripos($username, $keyword) !== false ||
    738. 

  738.         api_strripos($official_code, $keyword) !== false
    739. 

  739.     ) {
    740. 

  740.         return true;
    741. 

  741.     } else {
    742. 

  742.         return false;
    743. 

  743.     }
    744. 

  744. }
    745. 

  745. 

  746. /**
    747. 

  747.  * Get the users to display on the current page.
    748. 

  748.  * @param   int $from Offset
    749. 

  749.  * @param   int $number_of_items
    750. 

  750.  * @param   int $column The column on which to sort
    751. 

  751.  * @param   string $direction ASC or DESC, for the sort order of the query results
    752. 

  752.  * @return  array
    753. 

  753.  */
    754. 

  754. function get_user_data($from, $number_of_items, $column, $direction)
    755. 

  755. {
    756. 

  756.     global $is_western_name_order;
    757. 

  757.     global $extraFields;
    758. 

  758.     $canEditUsers = api_get_setting('allow_user_course_subscription_by_course_admin') == 'true' || api_is_platform_admin();
    759. 

  759.     $type = isset($_REQUEST['type']) ? intval($_REQUEST['type']) : STUDENT;
    760. 

  760.     $course_info = api_get_course_info();
    761. 

  761.     $sessionId = api_get_session_id();
    762. 

  762.     $course_code = $course_info['code'];
    763. 

  763.     $a_users = array();
    764. 

  764.     $limit = null;
    765. 

  765. 

  766.     // limit
    767. 

  767.     if (!isset($_GET['keyword']) || empty($_GET['keyword'])) {
    768. 

  768.         $limit = 'LIMIT '.intval($from).','.intval($number_of_items);
    769. 

  769.     }
    770. 

  770. 

  771.     if (!in_array($direction, array('ASC', 'DESC'))) {
    772. 

  772.         $direction = 'ASC';
    773. 

  773.     }
    774. 

  774. 

  775.     switch ($column) {
    776. 

  776.         case 2: //official code
    777. 

  777.             $order_by = 'ORDER BY user.official_code '.$direction;
    778. 

  778.             break;
    779. 

  779.         case 3:
    780. 

  780.             if ($is_western_name_order) {
    781. 

  781.                 $order_by = 'ORDER BY user.firstname '.$direction.', user.lastname '.$direction;
    782. 

  782.             } else {
    783. 

  783.                 $order_by = 'ORDER BY user.lastname '.$direction.', user.firstname '.$direction;
    784. 

  784.             }
    785. 

  785.             break;
    786. 

  786.         case 4:
    787. 

  787.             if ($is_western_name_order) {
    788. 

  788.                 $order_by = 'ORDER BY user.lastname '.$direction.', user.firstname '.$direction;
    789. 

  789.             } else {
    790. 

  790.                 $order_by = 'ORDER BY user.firstname '.$direction.', user.lastname '.$direction;
    791. 

  791.             }
    792. 

  792.             break;
    793. 

  793.         case 5: //username
    794. 

  794.             $order_by = 'ORDER BY user.username '.$direction;
    795. 

  795.             break;
    796. 

  796.         default:
    797. 

  797.             if ($is_western_name_order) {
    798. 

  798.                 $order_by = 'ORDER BY user.lastname '.$direction.', user.firstname '.$direction;
    799. 

  799.             } else {
    800. 

  800.                 $order_by = 'ORDER BY user.firstname '.$direction.', user.lastname '.$direction;
    801. 

  801.             }
    802. 

  802.             break;
    803. 

  803.     }
    804. 

  804. 

  805.     $active = isset($_GET['active']) ? $_GET['active'] : null;
    806. 

  806. 

  807.     if (empty($sessionId)) {
    808. 

  808.         $status = $type;
    809. 

  809.     } else {
    810. 

  810.         if ($type == COURSEMANAGER) {
    811. 

  811.             $status = 2;
    812. 

  812.         } else {
    813. 

  813.             $status = 0;
    814. 

  814.         }
    815. 

  815.     }
    816. 

  816. 

  817.     $a_course_users = CourseManager :: get_user_list_from_course_code(
    818. 

  818.         $course_code,
    819. 

  819.         $sessionId,
    820. 

  820.         $limit,
    821. 

  821.         $order_by,
    822. 

  822.         $status,
    823. 

  823.         null,
    824. 

  824.         false,
    825. 

  825.         false,
    826. 

  826.         null,
    827. 

  827.         array(),
    828. 

  828.         array(),
    829. 

  829.         $active
    830. 

  830.     );
    831. 

  831. 

  832.     foreach ($a_course_users as $user_id => $o_course_user) {
    833. 

  833.         if ((isset($_GET['keyword']) &&
    834. 

  834.                 searchUserKeyword(
    835. 

  835.                     $o_course_user['firstname'],
    836. 

  836.                     $o_course_user['lastname'],
    837. 

  837.                     $o_course_user['username'],
    838. 

  838.                     $o_course_user['official_code'],
    839. 

  839.                     $_GET['keyword']
    840. 

  840.                 )
    841. 

  841.             ) || !isset($_GET['keyword']) || empty($_GET['keyword'])
    842. 

  842.         ) {
    843. 

  843.             $groupsNameList = GroupManager::getAllGroupPerUserSubscription($user_id);
    844. 

  844.             $groupsNameListParsed = [];
    845. 

  845.             if (!empty($groupsNameList)) {
    846. 

  846.                 $groupsNameListParsed = array_column($groupsNameList, 'name');
    847. 

  847.             }
    848. 

  848. 

  849.             $temp = array();
    850. 

  850.             if (api_is_allowed_to_edit(null, true)) {
    851. 

  851.                 $userInfo = api_get_user_info($user_id);
    852. 

  852.                 $photo = Display::img($userInfo['avatar_small'], $userInfo['complete_name'], [], false);
    853. 

  853.                 $temp[] = $user_id;
    854. 

  854.                 $temp[] = $photo;
    855. 

  855.                 $temp[] = $o_course_user['official_code'];
    856. 

  856. 

  857.                 if ($is_western_name_order) {
    858. 

  858.                     $temp[] = $o_course_user['firstname'];
    859. 

  859.                     $temp[] = $o_course_user['lastname'];
    860. 

  860.                 } else {
    861. 

  861.                     $temp[] = $o_course_user['lastname'];
    862. 

  862.                     $temp[] = $o_course_user['firstname'];
    863. 

  863.                 }
    864. 

  864. 

  865.                 $temp[] = $o_course_user['username'];
    866. 

  866. 

  867.                 // Groups.
    868. 

  868.                 $temp[] = implode(', ', $groupsNameListParsed);
    869. 

  869. 

  870.                 // Status
    871. 

  871.                 $default_status = get_lang('Student');
    872. 

  872.                 if ((isset($o_course_user['status_rel']) && $o_course_user['status_rel'] == 1) ||
    873. 

  873.                     (isset($o_course_user['status_session']) && $o_course_user['status_session'] == 2)
    874. 

  874.                 ) {
    875. 

  875.                     $default_status = get_lang('CourseManager');
    876. 

  876.                 } elseif (isset($o_course_user['is_tutor']) && $o_course_user['is_tutor'] == 1) {
    877. 

  877.                     $default_status = get_lang('Tutor');
    878. 

  878.                 }
    879. 

  879. 

  880.                 $temp[] = $default_status;
    881. 

  881. 

  882.                 // Active
    883. 

  883.                 $temp[] = $o_course_user['active'];
    884. 

  884. 

  885.                 $extraFieldOption = new ExtraFieldOption('user');
    886. 

  886.                 $extraFieldValue = new ExtraFieldValue('user');
    887. 

  887. 

  888.                 if (!empty($extraFields)) {
    889. 

  889.                     foreach ($extraFields as $extraField) {
    890. 

  890.                         $data = $extraFieldValue->get_values_by_handler_and_field_id(
    891. 

  891.                             $user_id,
    892. 

  892.                             $extraField['id']
    893. 

  893.                         );
    894. 

  894. 

  895.                         $optionList = $extraFieldOption->get_field_option_by_field_and_option(
    896. 

  896.                             $extraField['id'],
    897. 

  897.                             $data['value']
    898. 

  898.                         );
    899. 

  899.                         if (!empty($optionList)) {
    900. 

  900.                             $options = implode(', ', array_column($optionList, 'display_text'));
    901. 

  901.                             $temp[] = $options;
    902. 

  902.                         } else {
    903. 

  903.                             $temp[] = $data['value'];
    904. 

  904.                         }
    905. 

  905.                     }
    906. 

  906.                 }
    907. 

  907. 

  908.                 // User id for actions
    909. 

  909.                 $temp[] = $user_id;
    910. 

  910.                 $temp['is_tutor'] = isset($o_course_user['is_tutor']) ? $o_course_user['is_tutor'] : '';
    911. 

  911.                 $temp['user_status_in_course'] = isset($o_course_user['status_rel']) ? $o_course_user['status_rel'] : '';
    912. 

  912.             } else {
    913. 

  913.                 $userInfo = api_get_user_info($user_id);
    914. 

  914.                 $userPicture = $userInfo['avatar'];
    915. 

  915. 

  916.                 $photo = '<img src="'.$userPicture.'" alt="'.$userInfo['complete_name'].'" width="22" height="22" title="'.$userInfo['complete_name'].'" />';
    917. 

  917. 

  918.                 $temp[] = '';
    919. 

  919.                 $temp[] = $photo;
    920. 

  920.                 $temp[] = $o_course_user['official_code'];
    921. 

  921. 

  922.                 if ($is_western_name_order) {
    923. 

  923.                     $temp[] = $o_course_user['firstname'];
    924. 

  924.                     $temp[] = $o_course_user['lastname'];
    925. 

  925.                 } else {
    926. 

  926.                     $temp[] = $o_course_user['lastname'];
    927. 

  927.                     $temp[] = $o_course_user['firstname'];
    928. 

  928.                 }
    929. 

  929. 

  930.                 $temp[] = $o_course_user['username'];
    931. 

  931.                 // Group.
    932. 

  932.                 $temp[] = implode(', ', $groupsNameListParsed);
    933. 

  933. 

  934.                 if ($course_info['unsubscribe'] == 1) {
    935. 

  935.                     //User id for actions
    936. 

  936.                     $temp[] = $user_id;
    937. 

  937.                 }
    938. 

  938.             }
    939. 

  939.             $a_users[$user_id] = $temp;
    940. 

  940.         }
    941. 

  941.     }
    942. 

  942. 

  943.     return $a_users;
    944. 

  944. }
    945. 

  945. 

  946. 

  947. /**
    948. 

  948.  * Build the active-column of the table to lock or unlock a certain user
    949. 

  949.  * lock = the user can no longer use this account
    950. 

  950.  * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
    951. 

  951.  * @param int $active the current state of the account
    952. 

  952.  * @param string $urlParams
    953. 

  953.  *
    954. 

  954.  * @return string Some HTML-code with the lock/unlock button
    955. 

  955.  */
    956. 

  956. function active_filter($active, $urlParams, $row)
    957. 

  957. {
    958. 

  958.     $userId = api_get_user_id();
    959. 

  959.     $action = '';
    960. 

  960.     $image = '';
    961. 

  961.     if ($active == '1') {
    962. 

  962.         $action = 'AccountActive';
    963. 

  963.         $image = 'accept';
    964. 

  964.     }
    965. 

  965.     if ($active == '0') {
    966. 

  966.         $action = 'AccountInactive';
    967. 

  967.         $image = 'error';
    968. 

  968.     }
    969. 

  969.     $result = '';
    970. 

  970. 

  971.     /* you cannot lock yourself out otherwise you could disable all the accounts including your own => everybody is
    972. 

  972.         locked out and nobody can change it anymore.*/
    973. 

  973.     if ($row[0] <> $userId) {
    974. 

  974.         $result = '<center><img src="'.Display::returnIconPath($image.'.png', 16).'" border="0" alt="'.get_lang(ucfirst($action)).'" title="'.get_lang(ucfirst($action)).'"/></center>';
    975. 

  975.     }
    976. 

  976. 

  977.     return $result;
    978. 

  978. }
    979. 

  979. 

  980. /**
    981. 

  981.  * Build the modify-column of the table
    982. 

  982.  * @param int $user_id The user id
    983. 

  983.  * @return string Some HTML-code
    984. 

  984.  */
    985. 

  985. function modify_filter($user_id, $row, $data)
    986. 

  986. {
    987. 

  987.     global $charset;
    988. 

  988.     $canEditUsers = api_get_setting('allow_user_course_subscription_by_course_admin') == 'true' || api_is_platform_admin();
    989. 

  989. 

  990.     $is_allowed_to_track = api_is_allowed_to_edit(true, true);
    991. 

  991. 

  992.     $user_id = $data[0];
    993. 

  993.     $userInfo = api_get_user_info($user_id);
    994. 

  994.     $isInvitee = $userInfo['status'] == INVITEE ? true : false;
    995. 

  995.     $course_info = $_course = api_get_course_info();
    996. 

  996.     $current_user_id = api_get_user_id();
    997. 

  997.     $sessionId = api_get_session_id();
    998. 

  998.     $type = isset($_REQUEST['type']) ? intval($_REQUEST['type']) : STUDENT;
    999. 

  999. 

  1000.     $result = '';
    1001. 

  1001.     if ($is_allowed_to_track) {
    1002. 

  1002.         $result .= '<a href="../mySpace/myStudents.php?'.api_get_cidreq().'&student='.$user_id.'&details=true&course='.$_course['id'].'&origin=user_course&id_session='.api_get_session_id().'" title="'.get_lang('Tracking').'">
    1003. 

  1003.             '.Display::return_icon('stats.png', get_lang('Tracking')).'
    1004. 

  1004.         </a>';
    1005. 

  1005.     }
    1006. 

  1006. 

  1007.     // If platform admin, show the login_as icon (this drastically shortens
    1008. 

  1008.     // time taken by support to test things out)
    1009. 

  1009.     if (api_is_platform_admin()) {
    1010. 

  1010.         $result .= ' <a href="'.api_get_path(WEB_CODE_PATH).'admin/user_list.php?action=login_as&user_id='.$user_id.'&sec_token='.$_SESSION['sec_token'].'">'.
    1011. 

  1011.             Display::return_icon('login_as.gif', get_lang('LoginAs')).'</a>&nbsp;&nbsp;';
    1012. 

  1012.     }
    1013. 

  1013. 

  1014.     if (api_is_allowed_to_edit(null, true)) {
    1015. 

  1015.         if (empty($sessionId)) {
    1016. 

  1016.             $isTutor = isset($data['is_tutor']) ? intval($data['is_tutor']) : 0;
    1017. 

  1017.             $isTutor = empty($isTutor) ? 1 : 0;
    1018. 

  1018. 

  1019.             $text = get_lang('RemoveTutorStatus');
    1020. 

  1020.             if ($isTutor) {
    1021. 

  1021.                 $text = get_lang('SetTutor');
    1022. 

  1022.             }
    1023. 

  1023. 

  1024.             if ($isInvitee) {
    1025. 

  1025.                 $disabled = 'disabled';
    1026. 

  1026.             } else {
    1027. 

  1027.                 $disabled = '';
    1028. 

  1028.             }
    1029. 

  1029. 

  1030.             if ($data['user_status_in_course'] == STUDENT) {
    1031. 

  1031.                 $result .= Display::url(
    1032. 

  1032.                     $text,
    1033. 

  1033.                     'user.php?'.api_get_cidreq().'&action=set_tutor&is_tutor='.$isTutor.'&user_id='.$user_id.'&type='.$type,
    1034. 

  1034.                     array('class' => 'btn btn-default '.$disabled)
    1035. 

  1035.                 ).'&nbsp;';
    1036. 

  1036.             }
    1037. 

  1037.         }
    1038. 

  1038. 

  1039.         // edit
    1040. 

  1040.         if ($canEditUsers) {
    1041. 

  1041.             // unregister
    1042. 

  1042.             if ($user_id != $current_user_id || api_is_platform_admin()) {
    1043. 

  1043.                 $result .= '<a class="btn btn-small btn-danger" href="'.api_get_self().'?'.api_get_cidreq().'&type='.$type.'&unregister=yes&user_id='.$user_id.'" title="'.get_lang('Unreg').' " onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES, $charset)).'\')) return false;">'.
    1044. 

  1044.                     get_lang('Unreg').'</a>&nbsp;';
    1045. 

  1045.             }
    1046. 

  1046.         }
    1047. 

  1047.     } else {
    1048. 

  1048.         // Show buttons for unsubscribe
    1049. 

  1049.         if ($course_info['unsubscribe'] == 1) {
    1050. 

  1050.             if ($user_id == $current_user_id) {
    1051. 

  1051.                 $result .= '<a class="btn btn-small btn-danger" href="'.api_get_self().'?'.api_get_cidreq().'&type='.$type.'&unregister=yes&user_id='.$user_id.'" title="'.get_lang('Unreg').' " onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES, $charset)).'\')) return false;">'.
    1052. 

  1052.                     get_lang('Unreg').'</a>&nbsp;';
    1053. 

  1053.             }
    1054. 

  1054.         }
    1055. 

  1055.     }
    1056. 

  1056. 

  1057.     return $result;
    1058. 

  1058. }
    1059.