user_add.php 16 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. /**
  4. * @package chamilo.admin
  5. */
  6. $cidReset = true;
  7. // Including necessary libraries.
  8. require_once '../inc/global.inc.php';
  9. $libpath = api_get_path(LIBRARY_PATH);
  10. // Section for the tabs
  11. $this_section = SECTION_PLATFORM_ADMIN;
  12. // User permissions
  13. api_protect_admin_script(true);
  14. api_protect_limit_for_session_admin();
  15. $is_platform_admin = api_is_platform_admin() ? 1 : 0;
  16. $message = null;
  17. $htmlHeadXtra[] = api_get_password_checker_js('#username', '#password');
  18. $checkPass = api_get_setting('allow_strength_pass_checker');
  19. if ($checkPass == 'true') {
  20. $htmlHeadXtra[] = '
  21. <script>
  22. $(document).ready(function() {
  23. $("input[name=\'password[password_auto]\']").each(function(index, value) {
  24. $(this).click(function() {
  25. var value = $(this).attr("value");
  26. if (value == 0) {
  27. $("#password_progress").show();
  28. $(".password-verdict").show();
  29. $(".error-list").show();
  30. } else {
  31. $("#password_progress").hide();
  32. $(".password-verdict").hide();
  33. $(".error-list").hide();
  34. }
  35. });
  36. });
  37. });
  38. </script>';
  39. }
  40. $htmlHeadXtra[] = '
  41. <script>
  42. $("#status_select").ready(function() {
  43. if ($(this).attr("value") != '.STUDENT.') {
  44. $("#id_platform_admin").hide();
  45. }
  46. });
  47. function enable_expiration_date() { //v2.0
  48. document.user_add.radio_expiration_date[0].checked=false;
  49. document.user_add.radio_expiration_date[1].checked=true;
  50. }
  51. function password_switch_radio_button() {
  52. var input_elements = document.getElementsByTagName("input");
  53. for (var i = 0; i < input_elements.length; i++) {
  54. if (input_elements.item(i).name == "password[password_auto]" && input_elements.item(i).value == "0") {
  55. input_elements.item(i).checked = true;
  56. }
  57. }
  58. }
  59. var is_platform_id = "'.$is_platform_admin.'";
  60. function display_drh_list(){
  61. if (document.getElementById("status_select").value=='.STUDENT.') {
  62. document.getElementById("drh_list").style.display="block";
  63. if (is_platform_id == 1)
  64. document.getElementById("id_platform_admin").style.display="none";
  65. } else if (document.getElementById("status_select").value=='.COURSEMANAGER.') {
  66. document.getElementById("drh_list").style.display="none";
  67. if (is_platform_id == 1)
  68. document.getElementById("id_platform_admin").style.display="block";
  69. } else {
  70. document.getElementById("drh_list").style.display="none";
  71. if (is_platform_id == 1)
  72. document.getElementById("id_platform_admin").style.display="none";
  73. }
  74. }
  75. </script>';
  76. if (!empty($_GET['message'])) {
  77. $message = urldecode($_GET['message']);
  78. }
  79. $interbreadcrumb[] = array('url' => 'index.php', 'name' => get_lang('PlatformAdmin'));
  80. $interbreadcrumb[] = array("url" => 'user_list.php', "name" => get_lang('UserList'));
  81. $tool_name = get_lang('AddUsers');
  82. // Create the form
  83. $form = new FormValidator('user_add');
  84. $form->addElement('header', '', $tool_name);
  85. if (api_is_western_name_order()) {
  86. // Firstname
  87. $form->addElement('text', 'firstname', get_lang('FirstName'));
  88. $form->applyFilter('firstname', 'html_filter');
  89. $form->applyFilter('firstname', 'trim');
  90. $form->addRule('firstname', get_lang('ThisFieldIsRequired'), 'required');
  91. // Lastname
  92. $form->addElement('text', 'lastname', get_lang('LastName'));
  93. $form->applyFilter('lastname', 'html_filter');
  94. $form->applyFilter('lastname', 'trim');
  95. $form->addRule('lastname', get_lang('ThisFieldIsRequired'), 'required');
  96. } else {
  97. // Lastname
  98. $form->addElement('text', 'lastname', get_lang('LastName'));
  99. $form->applyFilter('lastname', 'html_filter');
  100. $form->applyFilter('lastname', 'trim');
  101. $form->addRule('lastname', get_lang('ThisFieldIsRequired'), 'required');
  102. // Firstname
  103. $form->addElement('text', 'firstname', get_lang('FirstName'));
  104. $form->applyFilter('firstname', 'html_filter');
  105. $form->applyFilter('firstname', 'trim');
  106. $form->addRule('firstname', get_lang('ThisFieldIsRequired'), 'required');
  107. }
  108. // Official code
  109. $form->addElement('text', 'official_code', get_lang('OfficialCode'), array('size' => '40'));
  110. $form->applyFilter('official_code', 'html_filter');
  111. $form->applyFilter('official_code', 'trim');
  112. // Email
  113. $form->addElement('text', 'email', get_lang('Email'), array('size' => '40'));
  114. $form->addRule('email', get_lang('EmailWrong'), 'email');
  115. if (api_get_setting('registration', 'email') == 'true') {
  116. $form->addRule('email', get_lang('EmailWrong'), 'required');
  117. }
  118. if (api_get_setting('login_is_email') == 'true') {
  119. $form->addRule('email', sprintf(get_lang('UsernameMaxXCharacters'), (string)USERNAME_MAX_LENGTH), 'maxlength', USERNAME_MAX_LENGTH);
  120. $form->addRule('email', get_lang('UserTaken'), 'username_available');
  121. }
  122. // Phone
  123. $form->addElement('text', 'phone', get_lang('PhoneNumber'));
  124. // Picture
  125. $form->addElement('file', 'picture', get_lang('AddPicture'));
  126. $allowed_picture_types = array ('jpg', 'jpeg', 'png', 'gif');
  127. $form->addRule('picture', get_lang('OnlyImagesAllowed').' ('.implode(',', $allowed_picture_types).')', 'filetype', $allowed_picture_types);
  128. // Username
  129. if (api_get_setting('login_is_email') != 'true') {
  130. $form->addElement('text', 'username', get_lang('LoginName'), array('id'=> 'username', 'maxlength' => USERNAME_MAX_LENGTH, 'autocomplete' => 'off'));
  131. $form->addRule('username', get_lang('ThisFieldIsRequired'), 'required');
  132. $form->addRule('username', sprintf(get_lang('UsernameMaxXCharacters'), (string)USERNAME_MAX_LENGTH), 'maxlength', USERNAME_MAX_LENGTH);
  133. $form->addRule('username', get_lang('OnlyLettersAndNumbersAllowed'), 'username');
  134. $form->addRule('username', get_lang('UserTaken'), 'username_available');
  135. }
  136. // Password
  137. $group = array();
  138. $auth_sources = 0; //make available wider as we need it in case of form reset (see below)
  139. $nb_ext_auth_source_added = 0;
  140. if (isset($extAuthSource) && count($extAuthSource) > 0) {
  141. $auth_sources = array();
  142. foreach ($extAuthSource as $key => $info) {
  143. // @todo : make uniform external authentification configuration (ex : cas and external_login ldap)
  144. // Special case for CAS. CAS is activated from Chamilo > Administration > Configuration > CAS
  145. // extAuthSource always on for CAS even if not activated
  146. // same action for file user_edit.php
  147. if (($key == CAS_AUTH_SOURCE && api_get_setting('cas_activate') === 'true') || ($key != CAS_AUTH_SOURCE)) {
  148. $auth_sources[$key] = $key;
  149. $nb_ext_auth_source_added++;
  150. }
  151. }
  152. if ($nb_ext_auth_source_added > 0) {
  153. $group[] = $form->createElement('radio', 'password_auto', null, get_lang('ExternalAuthentication').' ', 2);
  154. $group[] = $form->createElement('select', 'auth_source', null, $auth_sources);
  155. $group[] = $form->createElement('static', '', '', '<br />');
  156. }
  157. }
  158. $group[] = $form->createElement('radio', 'password_auto', get_lang('Password'), get_lang('AutoGeneratePassword').'<br />', 1);
  159. $group[] = $form->createElement(
  160. 'radio',
  161. 'password_auto',
  162. 'id="radio_user_password"',
  163. get_lang('EnterPassword'),
  164. 0
  165. );
  166. $group[] = $form->createElement(
  167. 'password',
  168. 'password',
  169. null,
  170. array(
  171. 'id' => 'password',
  172. 'autocomplete' => 'off',
  173. 'onkeydown' => 'javascript: password_switch_radio_button();',
  174. //'required' => 'required'
  175. )
  176. );
  177. $form->addGroup($group, 'password', get_lang('Password'), '');
  178. $form->addGroupRule('password', get_lang('EnterPassword'), 'required', null, 2);
  179. if ($checkPass) {
  180. $passwordStrengthLabels = '
  181. <div id="password-verdict"></div>
  182. <div id="password-errors"></div>
  183. <div id="password_progress" style="display:none"></div>
  184. ';
  185. $form->addElement('label', null, $passwordStrengthLabels);
  186. }
  187. // Status
  188. $status = array();
  189. $status[COURSEMANAGER] = get_lang('Teacher');
  190. $status[STUDENT] = get_lang('Learner');
  191. $status[DRH] = get_lang('Drh');
  192. $status[SESSIONADMIN] = get_lang('SessionsAdmin');
  193. $status[STUDENT_BOSS] = get_lang('RoleStudentBoss');
  194. $status[INVITEE] = get_lang('Invitee');
  195. $form->addElement(
  196. 'select',
  197. 'status',
  198. get_lang('Profile'),
  199. $status,
  200. array(
  201. 'id' => 'status_select',
  202. 'class' => 'chzn-select',
  203. 'onchange' => 'javascript: display_drh_list();',
  204. )
  205. );
  206. //drh list (display only if student)
  207. $display = isset($_POST['status']) && $_POST['status'] == STUDENT || !isset($_POST['status']) ? 'block' : 'none';
  208. //@todo remove the drh list here. This code is unused
  209. $form->addElement('html', '<div id="drh_list" style="display:'.$display.';">');
  210. if (isset($drh_list) && is_array($drh_list)) {
  211. foreach ($drh_list as $drh) {
  212. $drh_select->addOption(
  213. api_get_person_name($drh['firstname'], $drh['lastname']),
  214. $drh['user_id']
  215. );
  216. }
  217. }
  218. $form->addElement('html', '</div>');
  219. if (api_is_platform_admin()) {
  220. // Platform admin
  221. $group = array();
  222. $group[] = $form->createElement('radio', 'platform_admin', 'id="id_platform_admin"', get_lang('Yes'), 1);
  223. $group[] = $form->createElement('radio', 'platform_admin', 'id="id_platform_admin"', get_lang('No'), 0);
  224. $form->addElement('html', '<div id="id_platform_admin" style="display:'.$display.';">');
  225. $form->addGroup($group, 'admin', get_lang('PlatformAdmin'), '&nbsp;');
  226. $form->addElement('html', '</div>');
  227. }
  228. $form->addElement('select_language', 'language', get_lang('Language'), null);
  229. // Send email
  230. $group = array();
  231. $group[] = $form->createElement('radio', 'send_mail', null, get_lang('Yes'), 1);
  232. $group[] = $form->createElement('radio', 'send_mail', null, get_lang('No'), 0);
  233. $form->addGroup($group, 'mail', get_lang('SendMailToNewUser'), '&nbsp;');
  234. // Expiration Date
  235. $form->addElement('radio', 'radio_expiration_date', get_lang('ExpirationDate'), get_lang('NeverExpires'), 0);
  236. $group = array ();
  237. $group[] = $form->createElement('radio', 'radio_expiration_date', null, get_lang('Enabled'), 1);
  238. $group[] = $form->createElement(
  239. 'DateTimePicker',
  240. 'expiration_date',
  241. null,
  242. array(
  243. 'onchange' => 'javascript: enable_expiration_date();'
  244. )
  245. );
  246. $form->addGroup($group, 'max_member_group', null, '', false);
  247. // Active account or inactive account
  248. $form->addElement('radio', 'active', get_lang('ActiveAccount'), get_lang('Active'), 1);
  249. $form->addElement('radio', 'active', '', get_lang('Inactive'), 0);
  250. $extraField = new ExtraField('user');
  251. $returnParams = $extraField->addElements($form);
  252. $jquery_ready_content = $returnParams['jquery_ready_content'];
  253. // the $jquery_ready_content variable collects all functions that will be load in the $(document).ready javascript function
  254. $htmlHeadXtra[] ='<script>
  255. $(document).ready(function(){
  256. '.$jquery_ready_content.'
  257. });
  258. </script>';
  259. // Set default values
  260. $defaults['admin']['platform_admin'] = 0;
  261. $defaults['mail']['send_mail'] = 1;
  262. $defaults['password']['password_auto'] = 1;
  263. $defaults['active'] = 1;
  264. $days = api_get_setting('account_valid_duration');
  265. $defaults['expiration_date'] = api_get_local_time('+'.$days.' day');
  266. $defaults['extra_mail_notify_invitation'] = 1;
  267. $defaults['extra_mail_notify_message'] = 1;
  268. $defaults['extra_mail_notify_group_message'] = 1;
  269. $defaults['radio_expiration_date'] = 0;
  270. $defaults['status'] = STUDENT;
  271. $form->setDefaults($defaults);
  272. // Submit button
  273. $html_results_enabled[] = $form->createElement('button', 'submit', get_lang('Add'), 'plus', 'primary');
  274. $html_results_enabled[] = $form->createElement('button', 'submit_plus', get_lang('Add').'+', 'plus', 'primary');
  275. $form->addGroup($html_results_enabled);
  276. // Validate form
  277. if ($form->validate()) {
  278. $check = Security::check_token('post');
  279. if ($check) {
  280. $user = $form->exportValues();
  281. $lastname = $user['lastname'];
  282. $firstname = $user['firstname'];
  283. $official_code = $user['official_code'];
  284. $email = $user['email'];
  285. $phone = $user['phone'];
  286. $username = $user['username'];
  287. $status = intval($user['status']);
  288. $language = $user['language'];
  289. $picture = $_FILES['picture'];
  290. $platform_admin = intval($user['admin']['platform_admin']);
  291. $send_mail = intval($user['mail']['send_mail']);
  292. $hr_dept_id = isset($user['hr_dept_id']) ? intval($user['hr_dept_id']) : 0;
  293. if (isset($extAuthSource) && count($extAuthSource) > 0 &&
  294. $user['password']['password_auto'] == '2'
  295. ) {
  296. $auth_source = $user['password']['auth_source'];
  297. $password = 'PLACEHOLDER';
  298. } else {
  299. $auth_source = PLATFORM_AUTH_SOURCE;
  300. $password = $user['password']['password_auto'] == '1' ? api_generate_password() : $user['password']['password'];
  301. }
  302. if ($user['radio_expiration_date'] == '1') {
  303. $expiration_date = $user['expiration_date'];
  304. } else {
  305. $expiration_date = null;
  306. }
  307. $active = intval($user['active']);
  308. if (api_get_setting('login_is_email') == 'true') {
  309. $username = $email;
  310. }
  311. $extra = array();
  312. foreach ($user as $key => $value) {
  313. if (substr($key, 0, 6) == 'extra_') { //an extra field
  314. $extra[substr($key, 6)] = $value;
  315. }
  316. }
  317. $user_id = UserManager::create_user(
  318. $firstname,
  319. $lastname,
  320. $status,
  321. $email,
  322. $username,
  323. $password,
  324. $official_code,
  325. $language,
  326. $phone,
  327. null,
  328. $auth_source,
  329. $expiration_date,
  330. $active,
  331. $hr_dept_id,
  332. $extra,
  333. null,
  334. $send_mail,
  335. $platform_admin
  336. );
  337. Security::clear_token();
  338. $tok = Security::get_token();
  339. if ($user_id === false) {
  340. //If any error ocurred during user creation, print it (api_failureList
  341. // stores values as separate words, so rework it
  342. $message = '';
  343. $message_bits = explode(' ',api_get_last_failure());
  344. foreach ($message_bits as $bit) {
  345. $message .= ucfirst($bit);
  346. }
  347. } else {
  348. if (!empty($picture['name'])) {
  349. $picture_uri = UserManager::update_user_picture(
  350. $user_id,
  351. $_FILES['picture']['name'],
  352. $_FILES['picture']['tmp_name']
  353. );
  354. UserManager::update_user(
  355. $user_id,
  356. $firstname,
  357. $lastname,
  358. $username,
  359. $password,
  360. $auth_source,
  361. $email,
  362. $status,
  363. $official_code,
  364. $phone,
  365. $picture_uri,
  366. $expiration_date,
  367. $active,
  368. null,
  369. $hr_dept_id,
  370. null,
  371. $language
  372. );
  373. }
  374. $extraFieldValues = new ExtraFieldValue('user');
  375. $user['item_id'] = $user_id;
  376. $extraFieldValues->saveFieldValues($user);
  377. $message = get_lang('UserAdded');
  378. }
  379. if (isset($user['submit_plus'])) {
  380. //we want to add more. Prepare report message and redirect to the same page (to clean the form)
  381. header('Location: user_add.php?message='.urlencode($message).'&sec_token='.$tok);
  382. exit ();
  383. } else {
  384. $tok = Security::get_token();
  385. header('Location: user_list.php?action=show_message&message='.urlencode($message).'&sec_token='.$tok);
  386. exit ();
  387. }
  388. }
  389. } else {
  390. if (isset($_POST['submit'])) {
  391. Security::clear_token();
  392. }
  393. $token = Security::get_token();
  394. $form->addElement('hidden', 'sec_token');
  395. $form->setConstants(array('sec_token' => $token));
  396. }
  397. if (!empty($message)){
  398. $message = Display::return_message(stripslashes($message));
  399. }
  400. $content = $form->returnForm();
  401. $tpl = new Template($tool_name);
  402. //$tpl->assign('actions', $actions);
  403. $tpl->assign('message', $message);
  404. $tpl->assign('content', $content);
  405. $tpl->display_one_col_template();