user.php 33 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. /**
  4. * This script displays a list of the users of the current course.
  5. * Course admins can change user perimssions, subscribe and unsubscribe users...
  6. *
  7. *
  8. * Exceptions: platform admin and the course admin will see all virtual courses.
  9. * This is a new feature, there may be bugs.
  10. *
  11. * @todo possibility to edit user-course rights and view statistics for users in virtual courses
  12. * @todo convert normal table display to display function (refactor virtual course display function)
  13. * @todo display table functions need support for align and valign (e.g. to center text in cells) (this is now possible)
  14. * @author Roan Embrechts, refactoring + virtual courses support
  15. * @author Julio Montoya Armas, Several fixes
  16. * @package chamilo.user
  17. */
  18. /**
  19. * Code
  20. */
  21. // name of the language file that needs to be included
  22. $language_file = array('registration', 'admin', 'userInfo', 'registration');
  23. $use_anonymous = true;
  24. require_once '../inc/global.inc.php';
  25. $current_course_tool = TOOL_USER;
  26. $this_section = SECTION_COURSES;
  27. // notice for unauthorized people.
  28. api_protect_course_script(true);
  29. if (!api_is_platform_admin(true)) {
  30. if (!api_is_course_admin() && !api_is_coach()) {
  31. if (api_get_course_setting('allow_user_view_user_list') == 0) {
  32. api_not_allowed(true);
  33. }
  34. }
  35. }
  36. /*
  37. Constants and variables
  38. */
  39. $course_code = api_get_course_id();
  40. $courseId = api_get_course_int_id();
  41. $session_id = api_get_session_id();
  42. $is_western_name_order = api_is_western_name_order();
  43. $sort_by_first_name = api_sort_by_first_name();
  44. $course_info = api_get_course_info();
  45. $user_id = api_get_user_id();
  46. //Can't auto unregister from a session
  47. if (!empty($session_id)) {
  48. $course_info['unsubscribe'] = 0;
  49. }
  50. /* Unregistering a user section */
  51. if (api_is_allowed_to_edit(null, true)) {
  52. if (isset($_POST['action'])) {
  53. switch ($_POST['action']) {
  54. case 'unsubscribe' :
  55. // Make sure we don't unsubscribe current user from the course
  56. if (is_array($_POST['user'])) {
  57. $user_ids = array_diff($_POST['user'], array($_user['user_id']));
  58. if (count($user_ids) > 0) {
  59. CourseManager::unsubscribe_user($user_ids, $courseId);
  60. $message = get_lang('UsersUnsubscribed');
  61. }
  62. }
  63. }
  64. }
  65. }
  66. $user_image_pdf_size = 80;
  67. if (api_is_allowed_to_edit(null, true)) {
  68. if (isset($_GET['action'])) {
  69. switch ($_GET['action']) {
  70. case 'export' :
  71. $table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
  72. $table_users = Database::get_main_table(TABLE_MAIN_USER);
  73. $is_western_name_order = api_is_western_name_order();
  74. $data = array();
  75. $a_users = array();
  76. if (api_is_multiple_url_enabled()) {
  77. $current_access_url_id = api_get_current_access_url_id();
  78. }
  79. $extra_fields = UserManager::get_extra_user_data(api_get_user_id(), false, false, false, true);
  80. $extra_fields = array_keys($extra_fields);
  81. $select_email_condition = '';
  82. if (api_get_setting('show_email_addresses') == 'true') {
  83. $select_email_condition = ' user.email, ';
  84. if ($sort_by_first_name) {
  85. $a_users[0] = array('id', get_lang('FirstName'), get_lang('LastName'), get_lang('Username'), get_lang('Email'), get_lang('Phone'), get_lang('OfficialCode'), get_lang('Active'));
  86. } else {
  87. $a_users[0] = array('id', get_lang('LastName'), get_lang('FirstName'), get_lang('Username'), get_lang('Email'), get_lang('Phone'), get_lang('OfficialCode'), get_lang('Active'));
  88. }
  89. } else {
  90. if ($sort_by_first_name) {
  91. $a_users[0] = array('id', get_lang('FirstName'), get_lang('LastName'), get_lang('Username'), get_lang('Phone'), get_lang('OfficialCode'), get_lang('Active'));
  92. } else {
  93. $a_users[0] = array('id', get_lang('LastName'), get_lang('FirstName'), get_lang('Username'), get_lang('Phone'), get_lang('OfficialCode'), get_lang('Active'));
  94. }
  95. }
  96. $legal = '';
  97. if (isset($course_info['activate_legal']) AND $course_info['activate_legal'] == 1) {
  98. $legal = ', legal_agreement';
  99. $a_users[0][] = get_lang('LegalAgreementAccepted');
  100. }
  101. if ($_GET['type'] == 'pdf') {
  102. if ($is_western_name_order) {
  103. $a_users[0] = array('#', get_lang('UserPicture'), get_lang('OfficialCode'), get_lang('FirstName').', '.get_lang('LastName'));
  104. } else {
  105. $a_users[0] = array('#', get_lang('UserPicture'), get_lang('OfficialCode'), get_lang('LastName').', '.get_lang('FirstName'));
  106. }
  107. }
  108. $a_users[0] = array_merge($a_users[0], $extra_fields);
  109. // users subscribed to the course through a session
  110. if (api_get_session_id()) {
  111. $table_session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
  112. $table_session_user = Database::get_main_table(TABLE_MAIN_SESSION_USER);
  113. $sql_query = "SELECT DISTINCT user.user_id, ".($is_western_name_order ? "user.firstname, user.lastname" : "user.lastname, user.firstname").", user.username, $select_email_condition phone, user.official_code, active $legal
  114. FROM $table_session_course_user as session_course_user, $table_users as user, $table_session_user as su";
  115. if (api_is_multiple_url_enabled()) {
  116. $sql_query .= ' , '.Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER).' au ';
  117. }
  118. $sql_query .=" WHERE su.c_id = '$courseId' AND
  119. session_course_user.id_user = user.user_id AND
  120. su.id_user = session_course_user.id_user AND session_course_user.id_session = su.id_session AND
  121. su.moved_to = 0 AND su.moved_status <> ".SessionManager::SESSION_CHANGE_USER_REASON_ENROLLMENT_ANNULATION." AND
  122. session_course_user.id_session = $session_id";
  123. if (api_is_multiple_url_enabled()) {
  124. $sql_query .= " AND user.user_id = au.user_id AND access_url_id = $current_access_url_id ";
  125. }
  126. //only users no coaches/teachers
  127. $sql_query .= " AND session_course_user.status = 0 ";
  128. $sql_query .= $sort_by_first_name ? ' ORDER BY user.firstname, user.lastname' : ' ORDER BY user.lastname, user.firstname';
  129. $rs = Database::query($sql_query);
  130. $counter = 1;
  131. while ($user = Database:: fetch_array($rs, 'ASSOC')) {
  132. if (isset($user['legal_agreement'])) {
  133. if ($user['legal_agreement'] == 1) {
  134. $user['legal_agreement'] = get_lang('Yes');
  135. } else {
  136. $user['legal_agreement'] = get_lang('No');
  137. }
  138. }
  139. $extra_fields = UserManager::get_extra_user_data($user['user_id'], false, false, false, true);
  140. if (!empty($extra_fields)) {
  141. foreach($extra_fields as $key => $extra_value) {
  142. $user[$key] = $extra_value;
  143. }
  144. }
  145. $data[] = $user;
  146. if ($_GET['type'] == 'pdf') {
  147. $user_info = api_get_user_info($user['user_id']);
  148. $user_image = Display::img($user_info['avatar'], null, array('width' => $user_image_pdf_size.'px'));
  149. if ($is_western_name_order) {
  150. $user_pdf = array($counter, $user_image, $user['official_code'], $user['firstname'].', '.$user['lastname'] );
  151. } else {
  152. $user_pdf = array($counter, $user_image, $user['official_code'], $user['lastname'].', '.$user['firstname'] );
  153. }
  154. $a_users[] = $user_pdf;
  155. } else {
  156. $a_users[] = $user;
  157. }
  158. $counter++;
  159. }
  160. }
  161. if ($session_id == 0) {
  162. // users directly subscribed to the course
  163. $table_course_user = Database :: get_main_table(TABLE_MAIN_COURSE_USER);
  164. $sql_query = "SELECT DISTINCT user.user_id, ".($is_western_name_order ? "user.firstname, user.lastname" : "user.lastname, user.firstname").", user.username, $select_email_condition phone, user.official_code, active $legal
  165. FROM $table_course_user as course_user, $table_users as user ";
  166. if (api_is_multiple_url_enabled()) {
  167. $sql_query .= ' , '.Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER).' au ';
  168. }
  169. $sql_query .= " WHERE course_user.c_id = '$courseId' AND
  170. course_user.relation_type<>".COURSE_RELATION_TYPE_RRHH." AND
  171. course_user.user_id = user.user_id ";
  172. if (api_is_multiple_url_enabled()) {
  173. $sql_query .= " AND user.user_id = au.user_id AND access_url_id = $current_access_url_id ";
  174. }
  175. //only users no teachers/coaches
  176. $sql_query .= " AND course_user.status = 5 ";
  177. $sql_query .= ($sort_by_first_name ? " ORDER BY user.firstname, user.lastname" : " ORDER BY user.lastname, user.firstname");
  178. $rs = Database::query($sql_query);
  179. $counter = 1;
  180. while ($user = Database::fetch_array($rs, 'ASSOC')) {
  181. if (isset($user['legal_agreement'])) {
  182. if ($user['legal_agreement'] == 1) {
  183. $user['legal_agreement'] = get_lang('Yes');
  184. } else {
  185. $user['legal_agreement'] = get_lang('No');
  186. }
  187. }
  188. $extra_fields = UserManager::get_extra_user_data($user['user_id'], false, false, false, true);
  189. if (!empty($extra_fields)) {
  190. foreach ($extra_fields as $key => $extra_value) {
  191. $user[$key] = $extra_value;
  192. }
  193. }
  194. if ($_GET['type'] == 'pdf') {
  195. $user_info = api_get_user_info($user['user_id']);
  196. $user_image = Display::img($user_info['avatar'], null, array('width' => $user_image_pdf_size.'px'));
  197. if ($is_western_name_order) {
  198. $user_pdf = array($counter, $user_image, $user['official_code'], $user['firstname'].', '.$user['lastname'] );
  199. } else {
  200. $user_pdf = array($counter, $user_image, $user['official_code'], $user['lastname'].', '.$user['firstname'] );
  201. }
  202. $a_users[] = $user_pdf;
  203. } else {
  204. $a_users[] = $user;
  205. }
  206. $data[] = $user;
  207. $counter++;
  208. }
  209. }
  210. switch ($_GET['type']) {
  211. case 'csv' :
  212. Export::export_table_csv_utf8($a_users);
  213. exit;
  214. case 'xls' :
  215. Export::export_table_xls($a_users);
  216. exit;
  217. case 'pdf' :
  218. $description = '<table class="data_table_no_border">';
  219. if (api_get_session_id()) {
  220. $description .= '<tr><td>'.get_lang('Session').': </td><td class="highlight">'.api_get_session_name(api_get_session_id()).'</td>';
  221. }
  222. $description .= '<tr><td>'.get_lang('Course').': </td><td class="highlight">'.$course_info['name'].'</td>';
  223. $teachers = CourseManager::get_teacher_list_from_course_code($course_info['real_id']);
  224. //If I'm a teacher in this course show just my name
  225. if (isset($teachers[$user_id])) {
  226. if (!empty($teachers)) {
  227. $teacher_info = $teachers[$user_id];
  228. $description .= '<tr><td>'.get_lang('Teacher').': </td><td class="highlight">'.api_get_person_name($teacher_info['firstname'], $teacher_info['lastname']).'</td>';
  229. }
  230. } else {
  231. //If not show all teachers
  232. $teachers = CourseManager::get_teacher_list_from_course_code_to_string($course_info['real_id']);
  233. if (!empty($teachers)) {
  234. $description .= '<tr><td>'.get_lang('Teachers').': </td><td class="highlight">'.$teachers.'</td>';
  235. }
  236. }
  237. if (!empty($session_id)) {
  238. //If I'm a coach
  239. $coaches = CourseManager::get_coach_list_from_course_code($course_info['real_id'], $session_id);
  240. if (isset($coaches) && isset($coaches[$user_id])) {
  241. $user_info = api_get_user_info($user_id);
  242. $description .= '<tr><td>'.get_lang('Coach').': </td><td class="highlight">'.$user_info['complete_name'].'</td>';
  243. } else {
  244. //If not show everything
  245. $teachers = CourseManager::get_coach_list_from_course_code_to_string($course_info['real_id'], $session_id);
  246. if (!empty($teachers)) {
  247. $description .= '<tr><td>'.get_lang('Coachs').': </td><td class="highlight">'.$coaches.'</td>';
  248. }
  249. }
  250. }
  251. $description .= '<tr><td>'.get_lang('Date').': </td><td class="highlight">'.api_convert_and_format_date(time(), DATE_TIME_FORMAT_LONG).'</td>';
  252. $description .= '</table>';
  253. $header_attributes = array(
  254. array('style' => 'width:10px'),
  255. array('style' => 'width:30px'),
  256. array('style' => 'width:50px'),
  257. array('style' => 'width:500px'),
  258. );
  259. $params = array(
  260. 'add_signatures' => false,
  261. 'filename' => get_lang('UserList'),
  262. 'pdf_title' => get_lang('StudentList'),
  263. 'pdf_description' => $description,
  264. 'header_attributes' => $header_attributes
  265. );
  266. Export::export_table_pdf($a_users, $params);
  267. exit;
  268. }
  269. }
  270. }
  271. } // end if allowed to edit
  272. if (api_is_allowed_to_edit(null, true)) {
  273. // Unregister user from course
  274. if (isset($_REQUEST['unregister']) && $_REQUEST['unregister']) {
  275. if (isset($_GET['user_id']) && is_numeric($_GET['user_id']) && $_GET['user_id'] != $_user['user_id']) {
  276. $user_id = Database::escape_string($_GET['user_id']);
  277. $tbl_user = Database::get_main_table(TABLE_MAIN_USER);
  278. $tbl_session_rel_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
  279. $tbl_session_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_USER);
  280. $sql = 'SELECT DISTINCT '.$tbl_user.'.user_id
  281. FROM '.$tbl_user.' user
  282. INNER JOIN '.$tbl_session_rel_user.' reluser
  283. ON user.user_id = reluser.id_user AND reluser.relation_type<>'.SESSION_RELATION_TYPE_RRHH.'
  284. INNER JOIN '.$tbl_session_rel_course.' rel_course
  285. ON rel_course.id_session = reluser.id_session
  286. WHERE user.user_id = "'.$user_id.'"
  287. AND rel_course.c_id = "'.$courseId.'"';
  288. $result = Database::query($sql);
  289. $row = Database::fetch_array($result, 'ASSOC');
  290. if ($row['user_id'] == $user_id || $row['user_id'] == "") {
  291. CourseManager::unsubscribe_user($_GET['user_id'], $courseId);
  292. $message = get_lang('UserUnsubscribed');
  293. } else {
  294. $message = get_lang('ThisStudentIsSubscribeThroughASession');
  295. }
  296. }
  297. }
  298. } else {
  299. //if student can unsubsribe
  300. if (isset($_REQUEST['unregister']) && $_REQUEST['unregister'] == 'yes') {
  301. if ($course_info['unsubscribe'] == 1) {
  302. $user_id = api_get_user_id();
  303. CourseManager::unsubscribe_user($user_id, $courseId);
  304. header('Location: '.api_get_path(WEB_PATH).'user_portal.php');
  305. exit;
  306. }
  307. }
  308. }
  309. /* FUNCTIONS */
  310. function display_user_search_form() {
  311. echo '<form method="get" action="user.php">';
  312. echo get_lang("SearchForUser") . "&nbsp;&nbsp;";
  313. echo '<input type="text" name="keyword" value="'.Security::remove_XSS($_GET['keyword']).'"/>';
  314. echo '<input type="submit" value="'.get_lang('SearchButton').'"/>';
  315. echo '</form>';
  316. }
  317. /* Header */
  318. if (isset($origin) && $origin == 'learnpath') {
  319. Display::display_reduced_header();
  320. } else {
  321. if (isset($_GET['keyword']) && !empty($_GET['keyword'])) {
  322. $interbreadcrumb[] = array ("url" => "user.php", "name" => get_lang("Users"));
  323. $tool_name = get_lang('SearchResults');
  324. } else {
  325. $tool_name = get_lang('Users');
  326. $origin = 'users';
  327. }
  328. Display::display_header($tool_name, "User");
  329. }
  330. //statistics
  331. event_access_tool(TOOL_USER);
  332. /* Setting the permissions for this page */
  333. $is_allowed_to_track = (api_is_course_admin() || $is_courseTutor);
  334. // Tool introduction
  335. Display::display_introduction_section(TOOL_USER, 'left');
  336. $actions = '';
  337. if ( api_is_allowed_to_edit(null, true)) {
  338. echo '<div class="actions">';
  339. // the action links
  340. if (api_get_setting('allow_user_course_subscription_by_course_admin') == 'true' or api_is_platform_admin()) {
  341. $actions .= '<a href="subscribe_user.php?'.api_get_cidreq().'">'.Display::return_icon('user_subscribe_course.png',get_lang("SubscribeUserToCourse"),'',ICON_SIZE_MEDIUM).'</a> ';
  342. $actions .= "<a href=\"subscribe_user.php?".api_get_cidreq()."&type=teacher\">".Display::return_icon('teacher_subscribe_course.png', get_lang("SubscribeUserToCourseAsTeacher"),'',ICON_SIZE_MEDIUM)."</a> ";
  343. }
  344. $actions .= '<a href="user.php?'.api_get_cidreq().'&action=export&amp;type=csv">'.Display::return_icon('export_csv.png', get_lang('ExportAsCSV'),'',ICON_SIZE_MEDIUM).'</a> ';
  345. $actions .= '<a href="user.php?'.api_get_cidreq().'&action=export&amp;type=xls">'.Display::return_icon('export_excel.png', get_lang('ExportAsXLS'),'',ICON_SIZE_MEDIUM).'</a> ';
  346. if (api_get_setting('allow_user_course_subscription_by_course_admin') == 'true' or api_is_platform_admin()) {
  347. $actions .= '<a href="user_import.php?'.api_get_cidreq().'&action=import">'.Display::return_icon('import_csv.png', get_lang('ImportUsersToACourse'),'',ICON_SIZE_MEDIUM).'</a> ';
  348. }
  349. $actions .= '<a href="user.php?'.api_get_cidreq().'&action=export&type=pdf">'.Display::return_icon('pdf.png', get_lang('ExportToPDF'),'',ICON_SIZE_MEDIUM).'</a> ';
  350. $actions .= "<a href=\"../group/group.php?".api_get_cidreq()."\">".Display::return_icon('group.png', get_lang("GroupUserManagement"),'',ICON_SIZE_MEDIUM)."</a>";
  351. if (api_get_setting('allow_user_course_subscription_by_course_admin') == 'true' or api_is_platform_admin()) {
  352. $actions .= ' <a class="btn" href="class.php?'.api_get_cidreq().'">'.get_lang('Classes').'</a>';
  353. }
  354. //$actions .= ' <a class="btn" href="social_groups.php?'.api_get_cidreq().'">'.get_lang('SocialGroups').'</a>';
  355. // Build search-form
  356. $form = new FormValidator('search_user', 'get', '', '', null, false);
  357. $renderer = $form->defaultRenderer();
  358. $renderer->setElementTemplate('<span>{element}</span> ');
  359. $form->add_textfield('keyword', '', false);
  360. $form->addElement('style_submit_button', 'submit', get_lang('SearchButton'), 'class="search"');
  361. $form->addElement('static', 'additionalactions', null, $actions);
  362. $form->display();
  363. echo '</div>';
  364. }
  365. if (isset($message)) {
  366. Display::display_confirmation_message($message);
  367. }
  368. /* DISPLAY LIST OF USERS */
  369. /**
  370. * * Get the users to display on the current page.
  371. */
  372. function get_number_of_users() {
  373. $keyword = isset($_GET['keyword']) ? $_GET['keyword'] : null;
  374. return CourseManager::get_users_count_in_course(api_get_course_id(), api_get_session_id(), null, null, null, $keyword);
  375. }
  376. /**
  377. * Get the users to display on the current page.
  378. */
  379. function get_user_data($from, $number_of_items, $column, $direction) {
  380. global $origin;
  381. global $course_info;
  382. global $is_western_name_order;
  383. global $session_id;
  384. $a_users = array();
  385. // limit
  386. $limit = 'LIMIT '.intval($from).','.intval($number_of_items);
  387. if (!in_array($direction, array('ASC', 'DESC'))) {
  388. $direction = 'ASC';
  389. }
  390. switch ($column) {
  391. case 2: //official code
  392. $order_by = 'ORDER BY user.official_code '.$direction;
  393. break;
  394. case 3:
  395. if ($is_western_name_order) {
  396. $order_by = 'ORDER BY user.firstname '.$direction.', user.lastname '.$direction;
  397. } else {
  398. $order_by = 'ORDER BY user.lastname '.$direction.', user.firstname '.$direction;
  399. }
  400. break;
  401. case 4:
  402. if ($is_western_name_order) {
  403. $order_by = 'ORDER BY user.lastname '.$direction.', user.firstname '.$direction;
  404. } else {
  405. $order_by = 'ORDER BY user.firstname '.$direction.', user.lastname '.$direction;
  406. }
  407. break;
  408. case 5: //username
  409. $order_by = 'ORDER BY user.username '.$direction;
  410. break;
  411. default:
  412. if ($is_western_name_order) {
  413. $order_by = 'ORDER BY user.lastname '.$direction.', user.firstname '.$direction;
  414. } else {
  415. $order_by = 'ORDER BY user.firstname '.$direction.', user.lastname '.$direction;
  416. }
  417. break;
  418. }
  419. $session_id = api_get_session_id();
  420. $course_code = api_get_course_id();
  421. $keyword = isset($_REQUEST['keyword']) ? $_REQUEST['keyword'] : null;
  422. $a_course_users = CourseManager :: get_user_list_from_course_code($course_code, $session_id, $limit, $order_by, null, $keyword);
  423. foreach ($a_course_users as $user_id => $o_course_user) {
  424. $groups_name = GroupManager :: get_user_group_name($user_id);
  425. $temp = array();
  426. if (api_is_allowed_to_edit(null, true)) {
  427. //if (api_get_setting('allow_user_course_subscription_by_course_admin') == 'true') {
  428. $temp[] = $user_id;
  429. //}
  430. $image_path = UserManager::get_user_picture_path_by_id($user_id, 'web', false, true);
  431. $user_profile = UserManager::get_picture_user($user_id, $image_path['file'], 22, USER_IMAGE_SIZE_SMALL, ' width="22" height="22" ');
  432. if (!api_is_anonymous()) {
  433. $photo = '<a href="userInfo.php?'.api_get_cidreq().'&origin='.$origin.'&amp;uInfo='.$user_id.'" title="'.get_lang('Info').'" ><img src="'.$user_profile['file'].'" '.$user_profile['style'].' alt="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'" title="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'" /></a>';
  434. } else {
  435. $photo = '<img src="'.$user_profile['file'].'" '.$user_profile['style'].' alt="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'" title="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'" />';
  436. }
  437. $temp[] = $photo;
  438. $temp[] = $o_course_user['official_code'];
  439. if ($is_western_name_order) {
  440. $temp[] = $o_course_user['firstname'];
  441. $temp[] = $o_course_user['lastname'];
  442. } else {
  443. $temp[] = $o_course_user['lastname'];
  444. $temp[] = $o_course_user['firstname'];
  445. }
  446. $temp[] = $o_course_user['username'];
  447. $temp[] = isset($o_course_user['role']) ? $o_course_user['role'] : null; //Description
  448. $temp[] = implode(', ', $groups_name); //Group
  449. // Status
  450. $default_status = '-';
  451. if ((isset($o_course_user['status_rel']) && $o_course_user['status_rel'] == 1) || (isset($o_course_user['status_session']) && $o_course_user['status_session'] == 2)) {
  452. $default_status = get_lang('CourseManager');
  453. } elseif (isset($o_course_user['tutor_id']) && $o_course_user['tutor_id'] == 1) {
  454. $default_status = get_lang('Tutor');
  455. }
  456. $temp[] = $default_status;
  457. //Active
  458. $temp[] = $o_course_user['active'];
  459. //User id for actions
  460. $temp[] = $user_id;
  461. } else {
  462. $image_path = UserManager::get_user_picture_path_by_id($user_id, 'web', false, true);
  463. $image_repository = $image_path['dir'];
  464. $existing_image = $image_path['file'];
  465. if (!api_is_anonymous()) {
  466. $photo= '<a href="userInfo.php?'.api_get_cidreq().'&origin='.$origin.'&amp;uInfo='.$user_id.'" title="'.get_lang('Info').'" ><img src="'.$image_repository.$existing_image.'" alt="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'" width="22" height="22" title="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'" /></a>';
  467. } else {
  468. $photo= '<img src="'.$image_repository.$existing_image.'" alt="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'" width="22" height="22" title="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'" />';
  469. }
  470. $temp[] = $user_id;
  471. $temp[] = $photo;
  472. $temp[] = $o_course_user['official_code'];
  473. if ($is_western_name_order) {
  474. $temp[] = $o_course_user['firstname'];
  475. $temp[] = $o_course_user['lastname'];
  476. } else {
  477. $temp[] = $o_course_user['lastname'];
  478. $temp[] = $o_course_user['firstname'];
  479. }
  480. $temp[] = $o_course_user['username'];
  481. $temp[] = $o_course_user['role'];
  482. $temp[] = implode(', ', $groups_name);//Group
  483. if ($course_info['unsubscribe'] == 1) {
  484. //User id for actions
  485. $temp[] = $user_id;
  486. }
  487. //$temp[] = $o_course_user['official_code'];
  488. }
  489. $a_users[$user_id] = $temp;
  490. }
  491. return $a_users;
  492. }
  493. /**
  494. * Build the active-column of the table to lock or unlock a certain user
  495. * lock = the user can no longer use this account
  496. * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
  497. * @param int $active the current state of the account
  498. * @param int $user_id The user id
  499. * @param string $url_params
  500. * @return string Some HTML-code with the lock/unlock button
  501. */
  502. function active_filter($active, $url_params, $row) {
  503. global $_user;
  504. if ($active=='1') {
  505. $action='AccountActive';
  506. $image='accept';
  507. }
  508. if ($active=='0') {
  509. $action='AccountInactive';
  510. $image='error';
  511. }
  512. $result = '';
  513. if ($row[count($row)-1]<>$_user['user_id']) { // you cannot lock yourself out otherwise you could disable all the accounts including your own => everybody is locked out and nobody can change it anymore.
  514. $result = Display::return_icon($image.'.png', get_lang(ucfirst($action)), array(), ICON_SIZE_TINY);
  515. }
  516. return $result;
  517. }
  518. /**
  519. * Build the modify-column of the table
  520. * @param int $user_id The user id
  521. * @return string Some HTML-code
  522. */
  523. function modify_filter($user_id) {
  524. global $origin, $_course, $is_allowed_to_track, $charset, $course_info;
  525. $current_user_id = api_get_user_id();
  526. $result = "";
  527. if ($is_allowed_to_track) {
  528. $result .= '<a href="'.api_get_path(WEB_CODE_PATH).'mySpace/myStudents.php?'.api_get_cidreq().'&student='.$user_id.'&amp;details=true&amp;course='.$_course['id'].'&amp;origin=user_course&amp;id_session='.api_get_session_id().'" title="'.get_lang('Tracking').'" >
  529. '.Display::return_icon('stats.png', get_lang('Tracking')).'</a>';
  530. }
  531. //if platform admin, show the login_as icon (this drastically shortens
  532. // time taken by support to test things out)
  533. if (api_is_platform_admin()) {
  534. // If not forbidden globally
  535. if (empty($_configuration['login_as_forbidden_globally'])) {
  536. // If global admin, authorize, otherwise check db setting allows it
  537. if (api_is_global_platform_admin() or api_get_setting('login_as_allowed')==='true') {
  538. $result .= ' <a href="'.api_get_path(WEB_CODE_PATH).'admin/user_list.php?action=login_as&amp;user_id='.$user_id.'&amp;sec_token='.$_SESSION['sec_token'].'">'.Display::return_icon('login_as.gif', get_lang('LoginAs')).'</a>&nbsp;&nbsp;';
  539. }
  540. }
  541. }
  542. if (api_is_allowed_to_edit(null, true)) {
  543. // edit
  544. $result .= '<a href="userInfo.php?'.api_get_cidreq().'&origin='.$origin.'&amp;editMainUserInfo='.$user_id.'" title="'.get_lang('Edit').'" >'.Display::return_icon('edit.png', get_lang('Edit'),'',ICON_SIZE_SMALL).'</a>&nbsp;';
  545. if (api_get_setting('allow_user_course_subscription_by_course_admin') == 'true' or api_is_platform_admin()) {
  546. // unregister
  547. if ($user_id != $current_user_id) {
  548. $result .= '<a class="btn btn-small btn-danger" href="'.api_get_self().'?'.api_get_cidreq().'&unregister=yes&amp;user_id='.$user_id.'" title="'.get_lang('Unreg').' " onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmYourChoice'),ENT_QUOTES,$charset)).'\')) return false;">'.get_lang('Unreg').'</a>&nbsp;';
  549. } else {
  550. //$result .= Display::return_icon('unsubscribe_course_na.png', get_lang('Unreg'),'',ICON_SIZE_SMALL).'</a>&nbsp;';
  551. }
  552. }
  553. } else {
  554. //Show buttons for unsubscribe
  555. if ($course_info['unsubscribe'] == 1) {
  556. if ($user_id == $current_user_id) {
  557. $result .= '<a class="btn btn-small btn-danger" href="'.api_get_self().'?'.api_get_cidreq().'&unregister=yes&amp;user_id='.$user_id.'" title="'.get_lang('Unreg').' " onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmYourChoice'),ENT_QUOTES,$charset)).'\')) return false;">'.get_lang('Unreg').'</a>&nbsp;';
  558. }
  559. }
  560. }
  561. return $result;
  562. }
  563. function hide_field() {
  564. return null;
  565. }
  566. $default_column = 3;
  567. $table = new SortableTable('user_list', 'get_number_of_users', 'get_user_data', $default_column);
  568. $parameters['keyword'] = isset($_GET['keyword']) ? Security::remove_XSS($_GET['keyword']) : null;
  569. // Create a sortable table with user-data
  570. $parameters['sec_token'] = Security::get_token();
  571. $table->set_additional_parameters($parameters);
  572. $header_nr = 0;
  573. $table->set_header($header_nr++, '', false);
  574. $table->set_header($header_nr++, get_lang('Photo'), false);
  575. $table->set_header($header_nr++, get_lang('OfficialCode'));
  576. if ($is_western_name_order) {
  577. $table->set_header($header_nr++, get_lang('FirstName'));
  578. $table->set_header($header_nr++, get_lang('LastName'));
  579. } else {
  580. $table->set_header($header_nr++, get_lang('LastName'));
  581. $table->set_header($header_nr++, get_lang('FirstName'));
  582. }
  583. $table->set_header($header_nr++, get_lang('LoginName')); //
  584. $table->set_header($header_nr++, get_lang('Description'), false);
  585. $table->set_header($header_nr++, get_lang('GroupSingle'), false);
  586. if (api_is_allowed_to_edit(null, true) && api_get_setting('allow_user_course_subscription_by_course_admin') == 'true') {
  587. } else {
  588. $table->set_column_filter(0, 'hide_field');
  589. }
  590. if (api_is_allowed_to_edit(null, true)) {
  591. $table->set_header($header_nr++, get_lang('Status'), false);
  592. $table->set_header($header_nr++, get_lang('Active'), false);
  593. if (api_get_setting('allow_user_course_subscription_by_course_admin') == 'true') {
  594. $table->set_column_filter(9, 'active_filter');
  595. } else {
  596. $table->set_column_filter(9, 'active_filter');
  597. }
  598. //actions column
  599. $table->set_header($header_nr++, get_lang('Action'), false);
  600. $table->set_column_filter($header_nr-1, 'modify_filter');
  601. if (api_get_setting('allow_user_course_subscription_by_course_admin') == 'true') {
  602. $table->set_form_actions(array('unsubscribe' => get_lang('Unreg')), 'user');
  603. }
  604. } else {
  605. if ($course_info['unsubscribe'] == 1) {
  606. $table->set_header($header_nr++, get_lang('Action'), false);
  607. $table->set_column_filter($header_nr-1, 'modify_filter');
  608. }
  609. }
  610. $table->display();
  611. if (!empty($_GET['keyword']) && !empty($_GET['submit'])) {
  612. $keyword_name = Security::remove_XSS($_GET['keyword']);
  613. echo '<br/>'.get_lang('SearchResultsFor').' <span style="font-style: italic ;"> '.$keyword_name.' </span><br>';
  614. }
  615. if (api_get_setting('allow_user_headings') == 'true' && api_is_course_admin() && api_is_allowed_to_edit() && $origin != 'learnpath') { // only course administrators see this line
  616. echo "<div align=\"right\">", "<form method=\"post\" action=\"userInfo.php\">", get_lang("CourseAdministratorOnly"), " : ", "<input type=\"submit\" class=\"save\" name=\"viewDefList\" value=\"".get_lang("DefineHeadings")."\" />", "</form>", "</div>\n";
  617. }
  618. if ($origin != 'learnpath') {
  619. Display::display_footer();
  620. }