user_add.php 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361
  1. <?php
  2. /* For licensing terms, see /license.txt*/
  3. /**
  4. * @package chamilo.user
  5. */
  6. /**
  7. * Code
  8. */
  9. /* INIT */
  10. // name of the language file that needs to be included
  11. $language_file="registration";
  12. require_once "../inc/global.inc.php";
  13. $this_section = SECTION_COURSES;
  14. if (! (api_is_course_admin() || api_is_platform_admin())) api_not_allowed(true);
  15. $currentCourseID = $_course['sysCode'];
  16. $currentCourseName = $_course['official_code'];
  17. $tbl_user = "user";
  18. $tbl_courseUser = "course_rel_user";
  19. /* DATA CHECKING */
  20. if($register) {
  21. /*
  22. * Fields Checking
  23. */
  24. $lastname_form = trim($lastname_form);
  25. $firstname_form = trim($firstname_form);
  26. $password_form = trim($password_form);
  27. $username_form = trim($username_form);
  28. $email_form = trim($email_form);
  29. $official_code_form = trim($official_code_form);
  30. // empty field checking
  31. if(empty($lastname_form) || empty($firstname_form) || empty($password_form) || empty($username_form) || empty($email_form))
  32. {
  33. $dataChecked = false;
  34. $message = get_lang('Filled');
  35. }
  36. // valid mail address checking
  37. elseif(!eregi('^[0-9a-z_.-]+@([0-9a-z-]+\.)+([0-9a-z]){2,4}$',$email_form))
  38. {
  39. $dataChecked = false;
  40. $message = get_lang('EmailWrong');
  41. }
  42. else
  43. {
  44. $dataChecked = true;
  45. }
  46. // prevent conflict with existing user account
  47. if($dataChecked)
  48. {
  49. $result=Database::query("SELECT user_id,
  50. (username='$username_form') AS loginExists,
  51. (lastname='$lastname_form' AND firstname='$firstname_form' AND email='$email_form') AS userExists
  52. FROM $tbl_user
  53. WHERE username='$username_form' OR (lastname='$lastname_form' AND firstname='$firstname_form' AND email='$email_form')
  54. ORDER BY userExists DESC, loginExists DESC");
  55. if(Database::num_rows($result))
  56. {
  57. while($user=Database::fetch_array($result))
  58. {
  59. // check if the user is already registered to the platform
  60. if($user['userExists'])
  61. {
  62. $userExists = true;
  63. $userId = $user['user_id'];
  64. break;
  65. }
  66. // check if the login name choosen is already taken by another user
  67. if($user['loginExists'])
  68. {
  69. $loginExists = true;
  70. $userId = 0;
  71. $message = get_lang('UserNo')." (".stripslashes($username_form).") ".get_lang('Taken');
  72. break;
  73. }
  74. } // end while $result
  75. } // end if num rows
  76. } // end if datachecked
  77. /*=============================
  78. NEW USER REGISTRATION PROCESS
  79. =============================*/
  80. if($dataChecked && !$userExists && !$loginExists)
  81. {
  82. /*---------------------------
  83. PLATFORM REGISTRATION
  84. ----------------------------*/
  85. if ($_cid) $platformStatus = STUDENT; // course registrartion context...
  86. else $platformStatus = $platformStatus; // admin section of the platform context...
  87. $pw = api_get_encrypted_password($password_form);
  88. $result = Database::query("INSERT INTO $tbl_user
  89. SET lastname = '$lastname_form',
  90. firstname = '$firstname_form',
  91. username = '$username_form',
  92. password = '$pw',
  93. email = '$email_form',
  94. status = '$platformStatus',
  95. official_code = '$official_code_form',
  96. creator_id = '".$_user['user_id']."'");
  97. $userId = Database::insert_id();
  98. if ($userId) $platformRegSucceed = true;
  99. }
  100. if($userId && $_cid)
  101. {
  102. /*
  103. Note : As we temporarly use this script in the platform administration
  104. section to also add user to the platform, We have to prevent course
  105. registration. That's why we check if $_cid is initialized, it gives us
  106. an hint about the use context of the script
  107. */
  108. /*---------------------------
  109. COURSE REGISTRATION
  110. ----------------------------*/
  111. /*
  112. * check the return value of the query
  113. * if 0, the user is already registered to the course
  114. */
  115. if (Database::query("INSERT INTO $tbl_courseUser
  116. SET user_id = '$userId',
  117. course_code = '$currentCourseID',
  118. status = '$admin_form',
  119. tutor_id = '$tutor_form'"))
  120. {
  121. $courseRegSucceed = true;
  122. }
  123. } // if $platformRegSucceed && $_cid
  124. /*---------------------------
  125. MAIL NOTIFICATION TO NEW USER
  126. ----------------------------*/
  127. if ($platformRegSucceed)
  128. {
  129. $emailto = "$lastname_form $firstname_form <$email_form>";
  130. $emailfromaddr = $administratorEmail;
  131. $emailfromname = api_get_setting('siteName');
  132. $emailsubject = get_lang('YourReg').' '.api_get_setting('siteName');
  133. $emailheaders = "From: ".api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'), null, PERSON_NAME_EMAIL_ADDRESS)." <".$administratorEmail.">\n";
  134. $emailheaders .= "Reply-To: ".$administratorEmail."\n";
  135. $emailheaders .= "Return-Path: ".$administratorEmail."\n";
  136. $emailheaders .= "charset: ".api_get_system_encoding()."\n";
  137. $emailheaders .= "X-Mailer: PHP/" . phpversion() . "\n";
  138. $emailheaders .= "X-Sender-IP: $REMOTE_ADDR"; // (small security precaution...)
  139. $recipient_name = api_get_person_name($firstname_form, $lastname_form, null, PERSON_NAME_EMAIL_ADDRESS);
  140. $sender_name = api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'), null, PERSON_NAME_EMAIL_ADDRESS);
  141. $email_admin = api_get_setting('emailAdministrator');
  142. $portal_url = $_configuration['root_web'];
  143. if ($_configuration['multiple_access_urls']) {
  144. $access_url_id = api_get_current_access_url_id();
  145. if ($access_url_id != -1 ){
  146. $url = api_get_access_url($access_url_id);
  147. $portal_url = $url['url'];
  148. }
  149. }
  150. if ($courseRegSucceed)
  151. {
  152. $emailbody = get_lang('Dear')." ".stripslashes(api_get_person_name($firstname_form, $lastname_form)).",\n".get_lang('OneResp')." $currentCourseName ".get_lang('RegYou')." ".api_get_setting('siteName')." ".get_lang('WithTheFollowingSettings')."\n\n".get_lang('Username')." : $username_form\n".get_lang('Pass').": $password_form\n".get_lang('Address')." ".api_get_setting('siteName')." ".get_lang('Is').": ".$portal_url."\n".get_lang('Problem')."\n".get_lang('Formula').",\n".api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'))."\n".get_lang('Manager')." ".api_get_setting('siteName')." \nT. ".api_get_setting('administratorTelephone')."\n".get_lang('Email').": ".api_get_setting('emailAdministrator')."\n";
  153. $message = get_lang('TheU')." ".stripslashes(api_get_person_name($firstname_form, $lastname_form))." ".get_lang('AddedToCourse')."<a href=\"user.php\">".get_lang('BackUser')."</a>\n";
  154. }
  155. else
  156. {
  157. $emailbody = get_lang('Dear')." ".api_get_person_name($firstname_form, $lastname_form).",\n ".get_lang('YouAreReg')." ".api_get_setting('siteName')." ".get_lang('WithTheFollowingSettings')."\n\n".get_lang('Username')." : $username_form\n".get_lang('Pass').": $password_form\n".get_lang('Address')." ".api_get_setting('siteName')." ".get_lang('Is').": ".$portal_url."\n".get_lang('Problem')."\n".get_lang('Formula').",\n".api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'))."\n".get_lang('Manager')." ".api_get_setting('siteName')." \nT. ".api_get_setting('administratorTelephone')."\n".get_lang('Email').": ".api_get_setting('emailAdministrator')."\n";
  158. $message = stripslashes(api_get_person_name($firstname_form, $lastname_form))." ".get_lang('AddedU');
  159. }
  160. @api_mail($recipient_name, $email_form, $emailsubject, $emailbody, $sender_name,$email_admin);
  161. /*
  162. * remove <form> variables to prevent any pre-filled fields
  163. */
  164. unset($lastname_form, $firstname_form, $username_form, $password_form, $email_form, $admin_form, $tutor_form);
  165. } // end if ($platformRegSucceed)
  166. //else
  167. //{
  168. // $message = get_lang('UserAlreadyRegistered');
  169. //}
  170. } // end if register request
  171. $interbreadcrumb[] = array ("url"=>"user.php", "name"=> get_lang('ToolUser'));
  172. $nameTools = get_lang('AddAU');
  173. Display::display_header($nameTools, "User");
  174. ?>
  175. <h3><?php echo get_lang('ToolUser'); ?></h3>
  176. <table border="0" cellpadding="0" cellspacing="0" width="100%">
  177. <tr>
  178. <td><h4><?php echo $nameTools; ?></h4></td>
  179. <td></td>
  180. </tr>
  181. </table>
  182. <?php
  183. /*==========================
  184. ADD ONE USER FORM
  185. ==========================*/
  186. ?>
  187. <?php echo get_lang('OneByOne'); ?>. <?php echo get_lang('UserOneByOneExplanation'); ?>
  188. <form method="post" action="<?php echo api_get_self(); ?>?register=yes">
  189. <table cellpadding="3" cellspacing="0" border="0">
  190. <?php
  191. if(!empty($message))
  192. {
  193. ?>
  194. <tr>
  195. <td colspan="2">
  196. <?php
  197. Display::display_normal_message($message); //main API
  198. ?>
  199. </td>
  200. </tr>
  201. <?php
  202. }
  203. if (api_is_western_name_order()) {
  204. ?>
  205. <tr>
  206. <td align="right"><?php echo get_lang('FirstName'); ?> :</td>
  207. <td><input type="text" size="15" name="firstname_form" value="<?php echo api_htmlentities(stripslashes($firstname_form), ENT_QUOTES, $charset); ?>" /></td>
  208. </tr>
  209. <tr>
  210. <td align="right"><?php echo get_lang('LastName'); ?> :</td>
  211. <td><input type="text" size="15" name="lastname_form" value="<?php echo api_htmlentities(stripslashes($lastname_form), ENT_QUOTES, $charset); ?>" /></td>
  212. </tr>
  213. <?php
  214. } else {
  215. ?>
  216. <tr>
  217. <td align="right"><?php echo get_lang('LastName'); ?> :</td>
  218. <td><input type="text" size="15" name="lastname_form" value="<?php echo api_htmlentities(stripslashes($lastname_form), ENT_QUOTES, $charset); ?>" /></td>
  219. </tr>
  220. <tr>
  221. <td align="right"><?php echo get_lang('FirstName'); ?> :</td>
  222. <td><input type="text" size="15" name="firstname_form" value="<?php echo api_htmlentities(stripslashes($firstname_form), ENT_QUOTES, $charset); ?>" /></td>
  223. </tr>
  224. <?php
  225. }
  226. ?>
  227. <tr>
  228. <td align="right"><?php echo get_lang('OfficialCode'); ?> :</td>
  229. <td><input type="text" size="15" name="official_code_form" value="<?php echo api_htmlentities(stripslashes($official_code_form), ENT_QUOTES, $charset); ?>" /></td>
  230. </tr>
  231. <tr>
  232. <td align="right"><?php echo get_lang('UserName') ?> :</td>
  233. <td><input type="text" size="15" name="username_form" value="<?php echo api_htmlentities(stripslashes($username_form), ENT_QUOTES, $charset); ?>" /></td>
  234. </tr>
  235. <tr>
  236. <td align="right"><?php echo get_lang('Pass') ?> :</td>
  237. <td><input type="password" size="15" name="password_form" value="<?php echo api_htmlentities(stripslashes($password_form), ENT_QUOTES, $charset) ?>" /></td>
  238. </tr>
  239. <tr>
  240. <td align="right"><?php echo get_lang('Email'); ?> :</td>
  241. <td><input type="text" size="15" name="email_form" value="<?php echo $email_form; ?>" /></td>
  242. </tr>
  243. <tr>
  244. <?php
  245. if ($_cid) // if we're inside a course, then it's a course registration
  246. {
  247. ?>
  248. <td align="right"><?php echo get_lang('Tutor'); ?> :</td>
  249. <td><input class="checkbox" type="radio" name="tutor_form" value="0" <?php if(!isset($tutor_form) || !$tutor_form) echo 'checked="checked"'; ?> /> <?php echo get_lang('No'); ?>
  250. <input class="checkbox" type="radio" name="tutor_form" value="1" <?php if($tutor_form == 1) echo 'checked="checked"'; ?> /> <?php echo get_lang('Yes') ?></td>
  251. </tr>
  252. <tr>
  253. <td align="right"><?php echo get_lang('Manager') ?> :</td>
  254. <td><input class="checkbox" type="radio" name="admin_form" value="5" <?php if(!isset($admin_form) || $admin_form == 5) echo 'checked="checked"'; ?> /> <?php echo get_lang('No') ?>
  255. <input class="checkbox" type="radio" name="admin_form" value="1" <?php if($admin_form == 1) echo 'checked="checked"'; ?> /> <?php echo get_lang('Yes'); ?></td>
  256. </tr>
  257. <?php
  258. } // end if $_cid - for the case we're not in a course registration
  259. // but a platform registration
  260. else
  261. {
  262. ?>
  263. <tr>
  264. <td align="right"><?php echo get_lang('Status') ?> : </td>
  265. <td>
  266. <select name="platformStatus">
  267. <option value="<?php echo STUDENT ?>"><?php echo get_lang('RegStudent') ?></option>
  268. <option value="<?php echo COURSEMANAGER ?>"><?php echo get_lang('RegAdmin') ?></option>
  269. </select>
  270. </td>
  271. </tr>
  272. <?php
  273. } // end else if $_cid
  274. ?>
  275. <tr>
  276. <td>&nbsp;</td>
  277. <td><input type="submit" name="submit" value="<?php echo get_lang('Ok') ?>" /></td>
  278. </tr>
  279. </table>
  280. </form>
  281. <?php
  282. /*==========================
  283. IMPORT XML/CSV USER LIST
  284. ==========================*/
  285. echo "<p>".get_lang('IfYouWantToAddManyUsers')."</p>";
  286. Display::display_footer();