user_edit.php 7.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. // including necessary libraries
  4. $language_file = array('admin', 'registration');
  5. $cidReset = true;
  6. //require_once '../inc/global.inc.php';
  7. $libpath = api_get_path(LIBRARY_PATH);
  8. require_once $libpath.'fileManage.lib.php';
  9. require_once $libpath.'fileUpload.lib.php';
  10. // user permissions
  11. api_block_anonymous_users();
  12. if (!api_is_platform_admin()) {
  13. if (!api_is_drh()) {
  14. api_not_allowed(true);
  15. }
  16. } else {
  17. api_protect_admin_script();
  18. }
  19. // Database table definitions
  20. $table_admin = Database:: get_main_table(TABLE_MAIN_ADMIN);
  21. $table_user = Database:: get_main_table(TABLE_MAIN_USER);
  22. $database = Database::get_main_database();
  23. $userId = isset($_REQUEST['user_id']) ? intval($_REQUEST['user_id']) : '';
  24. $userInfo = api_get_user_info($userId);
  25. if (empty($userInfo)) {
  26. api_not_allowed(true);
  27. }
  28. $userIsFollowed = UserManager::is_user_followed_by_drh($userId, api_get_user_id());
  29. if (api_drh_can_access_all_session_content()) {
  30. $students = SessionManager::getAllUsersFromCoursesFromAllSessionFromStatus(
  31. 'drh_all',
  32. api_get_user_id(),
  33. false,
  34. 0, //$from,
  35. null, //$limit,
  36. null, //$column,
  37. 'desc', //$direction,
  38. null, //$keyword,
  39. null, //$active,
  40. null, //$lastConnectionDate,
  41. null,
  42. null,
  43. STUDENT
  44. );
  45. if (empty($students)) {
  46. api_not_allowed(true);
  47. }
  48. $userIdList = array();
  49. foreach ($students as $student) {
  50. $userIdList[] = $student['user_id'];
  51. }
  52. if (!in_array($userId, $userIdList)) {
  53. api_not_allowed(true);
  54. }
  55. } else {
  56. if (!$userIsFollowed) {
  57. api_not_allowed(true);
  58. }
  59. }
  60. $url = api_get_self().'?user_id='.$userId;
  61. $tool_name = get_lang('ModifyUserInfo');
  62. // Create the form
  63. $form = new FormValidator('user_edit', 'post', $url);
  64. // Username
  65. $usernameInput = $form->addElement('text', 'username', get_lang('LoginName'));
  66. $usernameInput->freeze();
  67. // Password
  68. $group = array();
  69. $auth_sources = 0; //make available wider as we need it in case of form reset (see below)
  70. /*if (count($extAuthSource) > 0) {
  71. $group[] =& $form->createElement('radio', 'password_auto', null, get_lang('ExternalAuthentication').' ', 2);
  72. $auth_sources = array();
  73. foreach ($extAuthSource as $key => $info) {
  74. $auth_sources[$key] = $key;
  75. }
  76. $group[] =& $form->createElement('select', 'auth_source', null, $auth_sources);
  77. $group[] =& $form->createElement('static', '', '', '<br />');
  78. }*/
  79. $group[] =& $form->createElement('radio', 'password_auto', get_lang('Password'), get_lang('AutoGeneratePassword').'<br />', 1);
  80. $group[] =& $form->createElement('radio', 'password_auto', 'id="radio_user_password"', null, 0);
  81. $group[] =& $form->createElement('password', 'password', null, array('onkeydown' => 'javascript: password_switch_radio_button(document.user_add,"password[password_auto]");'));
  82. $form->addGroup($group, 'password', get_lang('Password'), '');
  83. // Send email
  84. $group = array();
  85. $group[] =& $form->createElement('radio', 'send_mail', null, get_lang('Yes'), 1);
  86. $group[] =& $form->createElement('radio', 'send_mail', null, get_lang('No'), 0);
  87. $form->addGroup($group, 'mail', get_lang('SendMailToNewUser'), '&nbsp;');
  88. // Set default values
  89. $defaults = array();
  90. $defaults['username'] = $userInfo['username'];
  91. $defaults['mail']['send_mail'] = 0;
  92. $defaults['password']['password_auto'] = 1;
  93. $form->setDefaults($defaults);
  94. // Submit button
  95. $select_level = array ();
  96. $html_results_enabled[] = $form->addButtonUpdate(get_lang('Update'), 'submit', true);
  97. $form->addGroup($html_results_enabled);
  98. // Validate form
  99. if ($form->validate()) {
  100. $check = Security::check_token('post');
  101. if ($check) {
  102. $user = $form->exportValues();
  103. $email = $userInfo['email'];
  104. $username = $userInfo['username'];
  105. $send_mail = intval($user['mail']['send_mail']);
  106. $auth_source = PLATFORM_AUTH_SOURCE;
  107. $resetPassword = $user['password']['password_auto'] == '1' ? 0 : 2;
  108. if (count($extAuthSource) > 0 && $user['password']['password_auto'] == '2') {
  109. //$auth_source = $user['password']['auth_source'];
  110. //$password = 'PLACEHOLDER';
  111. } else {
  112. //$auth_source = PLATFORM_AUTH_SOURCE;
  113. //$password = $user['password']['password_auto'] == '1' ? api_generate_password() : $user['password']['password'];
  114. }
  115. $auth_source = $userInfo['auth_source'];
  116. $password = $user['password']['password_auto'] == '1' ? api_generate_password() : $user['password']['password'];
  117. UserManager::update_user(
  118. $userId,
  119. $userInfo['firstname'],
  120. $userInfo['lastname'],
  121. $userInfo['username'],
  122. $password,
  123. $auth_source,
  124. $userInfo['email'],
  125. $userInfo['status'],
  126. $userInfo['official_code'],
  127. $userInfo['phone'],
  128. $userInfo['picture_uri'],
  129. $userInfo['expiration_date'],
  130. $userInfo['active'],
  131. $userInfo['creator_id'],
  132. $userInfo['hr_dept_id'],
  133. null, //$extra =
  134. $userInfo['language'],
  135. null, //$encrypt_method
  136. false,
  137. $resetPassword
  138. );
  139. if (!empty($email) && $send_mail) {
  140. $emailsubject = '['.api_get_setting('platform.site_name').'] '.get_lang('YourReg').' '.api_get_setting('platform.site_name');
  141. $portal_url = api_get_path(WEB_PATH);
  142. if (api_is_multiple_url_enabled()) {
  143. $access_url_id = api_get_current_access_url_id();
  144. if ($access_url_id != -1) {
  145. $url = api_get_access_url($access_url_id);
  146. $portal_url = $url['url'];
  147. }
  148. }
  149. $emailbody = get_lang('Dear')." ".stripslashes(api_get_person_name($userInfo['firstname'], $userInfo['lastname'])).",\n\n".
  150. get_lang('YouAreReg')." ". api_get_setting('platform.site_name') ." ".get_lang('WithTheFollowingSettings')."\n\n".
  151. get_lang('Username')." : ". $username ."\n". get_lang('Pass')." : ".stripslashes($password)."\n\n" .
  152. get_lang('Address') ." ". api_get_setting('platform.site_name') ." ".
  153. get_lang('Is') ." : ".$portal_url."\n\n".
  154. get_lang('Problem'). "\n\n".
  155. get_lang('SignatureFormula').",\n\n".
  156. api_get_person_name(
  157. api_get_setting('admin.administrator_name'),
  158. api_get_setting('admin.administrator_surname')
  159. )."\n".
  160. get_lang('Manager'). " ".
  161. api_get_setting('platform.site_name')."\nT. ".
  162. api_get_setting('admin.administrator_phone')."\n".
  163. get_lang('Email')." : ".api_get_setting(
  164. 'admin.administrator_email'
  165. );
  166. $emailbody = nl2br($emailbody);
  167. api_mail_html(
  168. api_get_person_name($userInfo['firstname'], $userInfo['lastname'], null, PERSON_NAME_EMAIL_ADDRESS),
  169. $email,
  170. $emailsubject,
  171. $emailbody
  172. );
  173. }
  174. Security::clear_token();
  175. $tok = Security::get_token();
  176. header('Location: '.$url.'&message=1');
  177. exit();
  178. }
  179. } else {
  180. if (isset($_POST['submit'])) {
  181. Security::clear_token();
  182. }
  183. $token = Security::get_token();
  184. $form->addElement('hidden', 'sec_token');
  185. $form->setConstants(array('sec_token' => $token));
  186. }
  187. $interbreadcrumb[] = array(
  188. 'url' => api_get_path(WEB_CODE_PATH)."mySpace/student.php",
  189. "name" => get_lang('UserList'),
  190. );
  191. // Display form
  192. Display::display_header($tool_name);
  193. if (isset($_REQUEST['message'])) {
  194. Display::display_normal_message(get_lang('Updated'));
  195. }
  196. $form->display();
  197. Display::display_footer();