<?php // $Id: user.php 22291 2009-07-22 17:39:20Z herodoto $
/*
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2004-2008 Dokeos SPRL
Copyright (c) 2003 Ghent University (UGent)
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact: Dokeos, rue Notre Dame, 152, B-1140 Evere, Belgium, info@dokeos.com
==============================================================================
*/
/**
==============================================================================
* This script displays a list of the users of the current course.
* Course admins can change user perimssions, subscribe and unsubscribe users...
*
* EXPERIMENTAL: support for virtual courses
* - show users registered in virtual and real courses;
* - only show the users of a virtual course if the current user;
* is registered in that virtual course.
*
* Exceptions: platform admin and the course admin will see all virtual courses.
* This is a new feature, there may be bugs.
*
* @todo possibility to edit user-course rights and view statistics for users in virtual courses
* @todo convert normal table display to display function (refactor virtual course display function)
* @todo display table functions need support for align and valign (e.g. to center text in cells) (this is now possible)
* @author Roan Embrechts, refactoring + virtual courses support
* @author Julio Montoya Armas Several fixes
* @package dokeos.user
==============================================================================
*/
/*
==============================================================================
INIT SECTION
==============================================================================
*/
// name of the language file that needs to be included
$language_file = array('registration','admin','userInfo');
$use_anonymous = true;
require_once ("../inc/global.inc.php");
$this_section = SECTION_COURSES;
// notice for unauthorized people.
api_protect_course_script(true);
/*
-----------------------------------------------------------
Libraries
-----------------------------------------------------------
*/
require_once (api_get_path(LIBRARY_PATH)."debug.lib.inc.php");
require_once (api_get_path(LIBRARY_PATH)."export.lib.inc.php");
require_once (api_get_path(LIBRARY_PATH)."course.lib.php");
require_once (api_get_path(LIBRARY_PATH).'sortabletable.class.php');
require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php');
require_once (api_get_path(LIBRARY_PATH).'usermanager.lib.php');
require_once (api_get_path(LIBRARY_PATH).'groupmanager.lib.php');
//CHECK KEYS
if( !isset ($_cid)) {
header("location: ".$_configuration['root_web']);
}
/*
-----------------------------------------------------------
Constants and variables
-----------------------------------------------------------
*/
$currentCourseID = $_course['sysCode'];
/*--------------------------------------
Unregistering a user section
--------------------------------------
*/
if (api_is_allowed_to_edit()) {
if (isset($_POST['action'])) {
switch ($_POST['action']) {
case 'unsubscribe' :
// Make sure we don't unsubscribe current user from the course
if (is_array($_POST['user'])) {
$user_ids = array_diff($_POST['user'],array($_user['user_id']));
if (count($user_ids) > 0) {
CourseManager::unsubscribe_user($user_ids, $_SESSION['_course']['sysCode']);
$message = get_lang('UsersUnsubscribed');
}
}
}
}
}
if (api_is_allowed_to_edit()) {
if ( isset ($_GET['action'])) {
switch ($_GET['action']) {
case 'export' :
$table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$session_id=0;
$table_users = Database :: get_main_table(TABLE_MAIN_USER);
$data=array();
$a_users=array();
// users subscribed to the course through a session
if (api_get_setting('use_session_mode')=='true') {
$session_id = intval($_SESSION['id_session']);
$table_session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
$sql_query = "SELECT DISTINCT user.user_id, user.lastname, user.firstname, user.email, user.official_code
FROM $table_session_course_user as session_course_user, $table_users as user
WHERE `course_code` = '$currentCourseID' AND session_course_user.id_user = user.user_id ";
if ($session_id!=0) {
$sql_query .= ' AND id_session = '.$session_id;
}
$sql_query.=' ORDER BY user.lastname';
$rs = api_sql_query($sql_query, __FILE__, __LINE__);
while ($user = Database:: fetch_array($rs,'ASSOC')) {
$data[]=$user;
//$user_infos = Database :: get_user_info_from_id($user['user_id']);
$a_users[$user['user_id']] = $user;
}
}
if ($session_id == 0) {
// users directly subscribed to the course
$table_course_user = Database :: get_main_table(TABLE_MAIN_COURSE_USER);
$sql_query = "SELECT DISTINCT user.user_id, user.lastname, user.firstname, user.email, user.official_code
FROM $table_course_user as course_user, $table_users as user WHERE `course_code` = '$currentCourseID' AND course_user.user_id = user.user_id ORDER BY user.lastname";
$rs = api_sql_query($sql_query, __FILE__, __LINE__);
while ($user = Database::fetch_array($rs,'ASSOC')) {
$data[]=$user;
$a_users[$user['user_id']] = $user;
}
}
switch ($_GET['type']) {
case 'csv' :
Export::export_table_csv($a_users);
case 'xls' :
Export::export_table_xls($a_users);
}
}
}
} // end if allowed to edit
if (api_is_allowed_to_edit()) {
// Unregister user from course
if ($_REQUEST['unregister']) {
if (isset($_GET['user_id']) & & is_numeric($_GET['user_id']) & & $_GET['user_id'] != $_user['user_id']) {
$user_id = Database::escape_string($_GET['user_id']);
$tbl_user = Database::get_main_table(TABLE_MAIN_USER);
$tbl_session_rel_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
$tbl_session_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_USER);
$sql = 'SELECT '.$tbl_user.'.user_id
FROM '.$tbl_user.' user
INNER JOIN '.$tbl_session_rel_user.' reluser
ON user.user_id = reluser.id_user
INNER JOIN '.$tbl_session_rel_course.' rel_course
ON rel_course.id_session = reluser.id_session
WHERE user.user_id = "'.$user_id.'"
AND rel_course.course_code = "'.$currentCourseID.'"
ORDER BY lastname, firstname';
$result=api_sql_query($sql,__FILE__,__LINE__);
$row=Database::fetch_array($result,'ASSOC');
if ($row['user_id']==$user_id || $row['user_id']=="") {
CourseManager::unsubscribe_user($_GET['user_id'],$_SESSION['_course']['sysCode']);
$message = get_lang('UserUnsubscribed');
} else {
$message = get_lang('ThisStudentIsSubscribeThroughASession');
}
}
}
} // end if allowed to edit
/*
==============================================================================
FUNCTIONS
==============================================================================
*/
function display_user_search_form() {
echo '< form method = "get" action = "user.php" > ';
echo get_lang("SearchForUser") . " ";
echo '< input type = "text" name = "keyword" value = "'.$_GET['keyword'].'" / > ';
echo '< input type = "submit" value = "'.get_lang('SearchButton').'" / > ';
echo '< / form > ';
}
/**
* This function displays a list if users for each virtual course linked to the current
* real course.
*
* defines globals
*
* @version 1.0
* @author Roan Embrechts
* @todo users from virtual courses always show "-" for the group related output. Edit and statistics columns are disabled * for these users, for now.
*/
function show_users_in_virtual_courses() {
global $_course, $_user, $origin;
$real_course_code = $_course['sysCode'];
$real_course_info = Database::get_course_info($real_course_code);
$user_subscribed_virtual_course_list = CourseManager::get_list_of_virtual_courses_for_specific_user_and_real_course($_user['user_id'], $real_course_code);
$number_of_virtual_courses = count($user_subscribed_virtual_course_list);
$row = 0;
$column_header[$row ++] = "ID";
$column_header[$row ++] = get_lang("FullUserName");
$column_header[$row ++] = get_lang("Role");
$column_header[$row ++] = get_lang("Group");
if ( api_is_allowed_to_edit()) {
$column_header[$row ++] = get_lang("Tutor");
}
if ( api_is_allowed_to_edit()) {
$column_header[$row ++] = get_lang("CourseManager");
}
if ( !is_array($user_subscribed_virtual_course_list)) {
return;
}
foreach ($user_subscribed_virtual_course_list as $virtual_course) {
$virtual_course_code = $virtual_course["code"];
$virtual_course_user_list = CourseManager::get_user_list_from_course_code($virtual_course_code);
$message = get_lang("RegisteredInVirtualCourse")." ".$virtual_course["title"]." (".$virtual_course["code"].")";
echo "< br / > ";
echo "< h4 > ".$message."< / h4 > ";
$properties["width"] = "100%";
$properties["cellspacing"] = "1";
Display::display_complex_table_header($properties, $column_header);
foreach ($virtual_course_user_list as $this_user) {
$user_id = $this_user["user_id"];
$loginname = $this_user["username"];
$lastname = $this_user["lastname"];
$firstname = $this_user["firstname"];
$status = $this_user["status"];
$role = $this_user["role"];
if ( $status == "1") {
$status = get_lang("CourseManager");
} else {
$status = " - ";
}
$full_name = $lastname.", ".$firstname;
if ( $lastname == "" || $firstname == '') {
$full_name = $loginname;
}
$user_info_hyperlink = "< a href = \"userInfo.php?".api_get_cidreq()."&origin=".$origin."&uInfo=".$user_id."&virtual_course=".$virtual_course["code"]."\" > ".$full_name."< / a > ";
$row = 0;
$table_row[$row ++] = $user_id;
$table_row[$row ++] = $user_info_hyperlink; //Full name
$table_row[$row ++] = $role; //Description
$table_row[$row ++] = " - "; //Group, for the moment groups don't work for students in virtual courses
if ( api_is_allowed_to_edit()) {
$table_row[$row ++] = " - "; //Tutor column
$table_row[$row ++] = $status; //Course Manager column
}
Display::display_table_row(null, $table_row, true);
}
Display::display_table_footer();
}
}
if (!$is_allowed_in_course) {
api_not_allowed(true);
}
/*
-----------------------------------------------------------
Header
-----------------------------------------------------------
*/
if ( $origin != 'learnpath') {
if (isset($_GET['keyword'])) {
$interbreadcrumb[] = array ("url" => "user.php", "name" => get_lang("Users"));
$tool_name = get_lang('SearchResults');
} else {
$tool_name = get_lang('Users');
}
Display::display_header($tool_name, "User");
} else {
?> < link rel = "stylesheet" type = "text/css" href = " <?php echo api_get_path ( WEB_CODE_PATH ); ?> css/default.css" /> <?php
}
if ( isset($message)) {
Display::display_normal_message($message);
}
/*
==============================================================================
MAIN CODE
==============================================================================
*/
//statistics
event_access_tool(TOOL_USER);
/*
--------------------------------------
Setting the permissions for this page
--------------------------------------
*/
$is_allowed_to_track = ($is_courseAdmin || $is_courseTutor) & & $_configuration['tracking_enabled'];
// Tool introduction
Display::display_introduction_section(TOOL_USER, 'left');
if ( api_is_allowed_to_edit()) {
echo "< div class = \"actions\" > ";
// the action links
$actions .= '< a href = "user.php?'.api_get_cidreq().'&action=export&type=csv" > '.Display::return_icon('csv.gif', get_lang('ExportAsCSV')).' '.get_lang('ExportAsCSV').'< / a > ';
$actions .= '< a href = "subscribe_user.php?'.api_get_cidreq().'" > '.Display::return_icon('add_user_big.gif',get_lang("SubscribeUserToCourse")).' '.get_lang("SubscribeUserToCourse").'< / a > ';
$actions .= "< a href = \"subscribe_user.php?".api_get_cidreq()."&type=teacher\" > ".Display::return_icon('add_teacher_big.gif', get_lang("SubscribeUserToCourseAsTeacher"))." ".get_lang("SubscribeUserToCourseAsTeacher")."< / a > ";
$actions .= "< a href = \"../group/group.php?".api_get_cidreq()."\" > ".Display::return_icon('group.gif', get_lang("GroupUserManagement"))." ".get_lang("GroupUserManagement")."< / a > ";
if (api_get_setting('use_session_mode')=='false') {
$actions .= ' < a href = "class.php?'.api_get_cidreq().'" > '.get_lang('Classes').'< / a > ';
}
// Build search-form
$form = new FormValidator('search_user', 'get','','',null,false);
$renderer = & $form->defaultRenderer();
$renderer->setElementTemplate('< span > {element}< / span > ');
$form->add_textfield('keyword', '', false);
$form->addElement('style_submit_button', 'submit', get_lang('SearchButton'), 'class="search"');
$form->addElement('static','additionalactions',null,$actions);
$form->display();
echo '< / div > ';
}
/*
if (1) // platform setting api_get_setting('subscribe_user_by_coach')
{
if (!api_is_allowed_to_edit() & & $is_courseTutor)
{
echo "< div align = \"right\" > ";
echo '< a href = "subscribe_user.php?'.api_get_cidreq().'" > '.Display::return_icon('add_user_big.gif',get_lang("SubscribeUserToCourse")).' '.get_lang("SubscribeUserToCourse").'< / a > ';
echo "< / div > ";
}
}*/
/*
--------------------------------------
DISPLAY USERS LIST
--------------------------------------
Also shows a "next page" button if there are
more than 50 users.
There's a bug in here somewhere - some users count as more than one if they are in more than one group
--> code for > 50 users should take this into account
(Roan, Feb 2004)
*/
if ( CourseManager::has_virtual_courses_from_code($course_id, $user_id)) {
$real_course_code = $_course['sysCode'];
$real_course_info = Database::get_course_info($real_course_code);
$message = get_lang("RegisteredInRealCourse")." ".$real_course_info["title"]." (".$real_course_info["official_code"].")";
echo "< h4 > ".$message."< / h4 > ";
}
/*
==============================================================================
DISPLAY LIST OF USERS
==============================================================================
*/
/**
* * Get the users to display on the current page.
*/
function get_number_of_users() {
$counter=0;
if (!empty($_SESSION["id_session"])) {
$a_course_users = CourseManager :: get_user_list_from_course_code($_SESSION['_course']['id'], true, $_SESSION['id_session']);
} else {
$a_course_users = CourseManager :: get_user_list_from_course_code($_SESSION['_course']['id'], true);
}
foreach ($a_course_users as $user_id=>$o_course_user) {
if ( (isset ($_GET['keyword']) & & search_keyword($o_course_user['firstname'],$o_course_user['lastname'],$o_course_user['username'],$o_course_user['official_code'],$_GET['keyword'])) || !isset($_GET['keyword']) || empty($_GET['keyword'])) {
$counter++;
}
}
return $counter;
}
function search_keyword($firstname,$lastname,$username,$official_code,$keyword) {
if (strripos($firstname,$keyword)!==false || strripos($lastname,$keyword)!==false || strripos($username,$keyword)!==false || strripos($official_code,$keyword)!==false) {
return true;
} else {
return false;
}
}
/**
* Get the users to display on the current page.
*/
function get_user_data($from, $number_of_items, $column, $direction) {
global $origin;
$a_users=array();
// limit
if (!isset($_GET['keyword']) || empty($_GET['keyword']))
$limit = 'LIMIT '.intval($from).','.intval($number_of_items);
// order by
switch ($column) {
case 1 : $order_by = 'ORDER BY user.firstname';break;
case 2 : $order_by = 'ORDER BY user.lastname';break;
case 5 : $order_by = 'ORDER BY user.official_code';break;
default: $order_by = 'ORDER BY user.lastname';break;
}
if(!in_array($direction, array('ASC','DESC'))){
$direction = 'ASC';
}
$order_by .= ' '.$direction;
if (!empty($_SESSION["id_session"])) {
$a_course_users = CourseManager :: get_user_list_from_course_code($_SESSION['_course']['id'], true, $_SESSION['id_session'], $limit, $order_by);
} else {
$a_course_users = CourseManager :: get_user_list_from_course_code($_SESSION['_course']['id'], false, 0, $limit, $order_by);
}
foreach ($a_course_users as $user_id=>$o_course_user) {
if ( (isset ($_GET['keyword']) & & search_keyword($o_course_user['firstname'],$o_course_user['lastname'],$o_course_user['username'],$o_course_user['official_code'],$_GET['keyword'])) || !isset($_GET['keyword']) || empty($_GET['keyword'])) {
$groups_name=GroupManager :: get_user_group_name($user_id);
if (api_is_allowed_to_edit()) {
$temp=array();
$temp[] = $user_id;
$image_path = UserManager::get_user_picture_path_by_id($user_id,'web',false, true);
$user_profile = UserManager::get_picture_user($user_id, $image_path['file'], 22, 'small_', ' width="22" height="22" ');
if (!api_is_anonymous()) {
$photo= '< center > < a href = "userInfo.php?'.api_get_cidreq().'&origin='.$origin.'&uInfo='.$user_id.'" title = "'.get_lang('Info').'" > < img src = "'.$user_profile['file'].'" ' . $ user_profile [ ' style ' ] . ' alt = "'.$o_course_user['firstname'].' '.$o_course_user['lastname'].'" title = "'.$o_course_user['firstname'].' '.$o_course_user['lastname'].'" / > < / a > < / center > ';
} else {
$photo= '< center > < img src = "'.$user_profile['file'].'" ' . $ user_profile [ ' style ' ] . ' alt = "'.$o_course_user['firstname'].' '.$o_course_user['lastname'].'" title = "'.$o_course_user['firstname'].' '.$o_course_user['lastname'].'" / > < / center > ';
}
$temp[] = $photo;
$temp[] = $o_course_user['firstname'];
$temp[] = $o_course_user['lastname'];
$temp[] = $o_course_user['role'];
$temp[] = implode(', ',$groups_name); //Group
$temp[] = $o_course_user['official_code'];
// deprecated feature
if (isset($o_course_user['tutor_id']) & & $o_course_user['tutor_id']==1) {
$temp[] = get_lang('Tutor');
} else {
$temp[] = '-';
}
if (isset($o_course_user['status']) & & $o_course_user['status']==1) {
$temp[] = get_lang('CourseManager');
} else {
$temp[] = '-';
}
$temp[] = $o_course_user['active'];
$temp[] = $user_id;
} else {
$temp=array();
$image_path = UserManager::get_user_picture_path_by_id($user_id,'web',false, true);
$image_repository = $image_path['dir'];
$existing_image = $image_path['file'];
if (!api_is_anonymous()) {
$photo= '< center > < a href = "userInfo.php?'.api_get_cidreq().'&origin='.$origin.'&uInfo='.$user_id.'" title = "'.get_lang('Info').'" > < img src = "'.$image_repository.$existing_image.'" alt = "'.$o_course_user['firstname'].' '.$o_course_user['lastname'].'" width = "22" height = "22" title = "'.$o_course_user['firstname'].' '.$o_course_user['lastname'].'" / > < / a > < / center > ';
}
else
{
$photo= '< center > < img src = "'.$image_repository.$existing_image.'" alt = "'.$o_course_user['firstname'].' '.$o_course_user['lastname'].'" width = "22" height = "22" title = "'.$o_course_user['firstname'].' '.$o_course_user['lastname'].'" / > < / center > ';
}
$temp[] = $photo;
$temp[] = $o_course_user['firstname'];
$temp[] = $o_course_user['lastname'];
$temp[] = $o_course_user['role'];
$temp[] = implode(', ',$groups_name);//Group
$temp[] = $o_course_user['official_code'];
$temp[] = $user_id;
}
$a_users[$user_id] = $temp;
}
}
return $a_users;
}
/**
* Build the active-column of the table to lock or unlock a certain user
* lock = the user can no longer use this account
* @author Patrick Cool < patrick.cool @ UGent . be > , Ghent University
* @param int $active the current state of the account
* @param int $user_id The user id
* @param string $url_params
* @return string Some HTML-code with the lock/unlock button
*/
function active_filter($active, $url_params, $row) {
global $_user;
if ($active=='1') {
$action='AccountActive';
$image='right';
}
if ($active=='0') {
$action='AccountInactive';
$image='wrong';
}
if ($row['0']< >$_user['user_id']) { // you cannot lock yourself out otherwise you could disable all the accounts including your own => everybody is locked out and nobody can change it anymore.
$result = '< center > < img src = "../img/'.$image.'.gif" border = "0" style = "vertical-align: middle;" alt = "'.get_lang(ucfirst($action)).'" title = "'.get_lang(ucfirst($action)).'" / > < / center > ';
}
return $result;
}
/**
* Build the modify-column of the table
* @param int $user_id The user id
* @return string Some HTML-code
*/
function modify_filter($user_id) {
global $origin,$_user, $_course, $is_allowed_to_track,$charset;
$result="< div style = 'text-align: center' > ";
if ($is_allowed_to_track) {
$result .= '< a href = "../mySpace/myStudents.php?'.api_get_cidreq().'&student='.$user_id.'&details=true&course='.$_course['id'].'&origin=user_course&id_session='.$_SESSION[" id_session " ] . ' " title = "'.get_lang('Tracking').'" > < img border = "0" alt = "'.get_lang('Tracking').'" src = "../img/statistics.gif" / > < / a > ';
}
if (api_is_allowed_to_edit()) {
// edit
$result .= '< a href = "userInfo.php?'.api_get_cidreq().'&origin='.$origin.'&editMainUserInfo='.$user_id.'" title = "'.get_lang('Edit').'" > < img border = "0" alt = "'.get_lang('Edit').'" src = "../img/edit.gif" / > < / a > ';
// unregister
if ( $user_id != $_user['user_id']) {
$result .= '< a href = "'.api_get_self().'?'.api_get_cidreq().'&unregister=yes&user_id='.$user_id.'" title = "'.get_lang('Unreg').' " onclick = "javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmYourChoice'),ENT_QUOTES,$charset)).'\')) return false;" > < img border = "0" alt = "'.get_lang(" Unreg " ) . ' " src = "../img/delete.gif" / > < / a > ';
} else {
$result .= '< img border = "0" alt = "'.get_lang(" Unreg " ) . ' " src = "../img/delete_na.gif" / > ';
}
}
$result.="< / div > ";
return $result;
}
$default_column = api_is_allowed_to_edit() ? 2 : 1;
$table = new SortableTable('users', 'get_number_of_users', 'get_user_data',$default_column);
$parameters['keyword'] = $_GET['keyword'];
$table->set_additional_parameters($parameters);
$header_nr = 0;
if ( api_is_allowed_to_edit()) {
$table->set_header($header_nr++, '', false);
}
$table->set_header($header_nr++, get_lang('Photo'),false);
$table->set_header($header_nr++, get_lang('FirstName'));
$table->set_header($header_nr++, get_lang('LastName'));
$table->set_header($header_nr++, get_lang('Description'),false);
$table->set_header($header_nr++, get_lang('GroupSingle'),false);
$table->set_header($header_nr++, get_lang('OfficialCode'));
if ( api_is_allowed_to_edit()) {
// deprecated feature
$table->set_header($header_nr++, get_lang('Tutor'),false);
$table->set_header($header_nr++, get_lang('CourseManager'),false);
$table->set_header($header_nr++, get_lang('Active'),false);
$table->set_column_filter(9,'active_filter');
}
//actions column
$table->set_header($header_nr++, get_lang('Modify'), false);
$table->set_column_filter($header_nr-1,'modify_filter');
if ( api_is_allowed_to_edit()) {
$table->set_form_actions(array ('unsubscribe' => get_lang('Unreg')), 'user');
}
$table->display();
if ( !empty($_GET['keyword']) & & !empty($_GET['submit']) ) {
$keyword_name=Security::remove_XSS($_GET['keyword']);
echo '< br / > '.get_lang('SearchResultsFor').' < span style = "font-style: italic ;" > '.$keyword_name.' < / span > < br > ';
}
if ( get_setting('allow_user_headings') == 'true' & & $is_courseAdmin & & api_is_allowed_to_edit() & & $origin != 'learnpath') { // only course administrators see this line
echo "< div align = \"right\" > ", "< form method = \"post\" action = \"userInfo.php\" > ", get_lang("CourseAdministratorOnly"), " : ", "< input type = \"submit\" name = \"viewDefList\" value = \"".get_lang("DefineHeadings")."\" / > ", "< / form > ", "< / div > \n";
}
//User list of the virtual courses linked to this course.
//show_users_in_virtual_courses($is_allowed_to_track);
/*
==============================================================================
FOOTER
==============================================================================
*/
if ( $origin != 'learnpath') {
Display::display_footer();
}
