Chamilo is a learning management system focused on ease of use and accessibility
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
chamilo-lms/main/user/user.php

615 lines
23 KiB

<?php // $Id: user.php 18319 2009-02-07 00:03:42Z herodoto $
/*
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2004-2008 Dokeos SPRL
Copyright (c) 2003 Ghent University (UGent)
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact: Dokeos, rue Notre Dame, 152, B-1140 Evere, Belgium, info@dokeos.com
==============================================================================
*/
/**
==============================================================================
* This script displays a list of the users of the current course.
* Course admins can change user perimssions, subscribe and unsubscribe users...
*
* EXPERIMENTAL: support for virtual courses
* - show users registered in virtual and real courses;
* - only show the users of a virtual course if the current user;
* is registered in that virtual course.
*
* Exceptions: platform admin and the course admin will see all virtual courses.
* This is a new feature, there may be bugs.
*
* @todo possibility to edit user-course rights and view statistics for users in virtual courses
* @todo convert normal table display to display function (refactor virtual course display function)
* @todo display table functions need support for align and valign (e.g. to center text in cells) (this is now possible)
* @author Roan Embrechts, refactoring + virtual courses support
* @author Julio Montoya Armas Several fixes
* @package dokeos.user
==============================================================================
*/
/*
==============================================================================
INIT SECTION
==============================================================================
*/
// name of the language file that needs to be included
$language_file = array('registration','admin','userInfo');
$use_anonymous = true;
require_once ("../inc/global.inc.php");
$this_section = SECTION_COURSES;
// notice for unauthorized people.
api_protect_course_script(true);
/*
-----------------------------------------------------------
Libraries
-----------------------------------------------------------
*/
require_once (api_get_path(LIBRARY_PATH)."debug.lib.inc.php");
require_once (api_get_path(LIBRARY_PATH)."events.lib.inc.php");
require_once (api_get_path(LIBRARY_PATH)."export.lib.inc.php");
require_once (api_get_path(LIBRARY_PATH)."course.lib.php");
require_once (api_get_path(LIBRARY_PATH).'sortabletable.class.php');
require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php');
require_once (api_get_path(LIBRARY_PATH).'usermanager.lib.php');
require_once (api_get_path(LIBRARY_PATH).'groupmanager.lib.php');
//CHECK KEYS
if( !isset ($_cid)) {
header("location: ".$_configuration['root_web']);
}
/*
-----------------------------------------------------------
Constants and variables
-----------------------------------------------------------
*/
$currentCourseID = $_course['sysCode'];
/*--------------------------------------
Unregistering a user section
--------------------------------------
*/
if (api_is_allowed_to_edit()) {
if (isset($_POST['action'])) {
switch ($_POST['action']) {
case 'unsubscribe' :
// Make sure we don't unsubscribe current user from the course
if (is_array($_POST['user'])) {
$user_ids = array_diff($_POST['user'],array($_user['user_id']));
if (count($user_ids) > 0) {
CourseManager::unsubscribe_user($user_ids, $_SESSION['_course']['sysCode']);
$message = get_lang('UsersUnsubscribed');
}
}
}
}
}
if (api_is_allowed_to_edit()) {
if ( isset ($_GET['action'])) {
switch ($_GET['action']) {
case 'export' :
$table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$session_id=0;
$table_users = Database :: get_main_table(TABLE_MAIN_USER);
$data=array();
$a_users=array();
// users subscribed to the course through a session
if (api_get_setting('use_session_mode')=='true') {
$session_id = intval($_SESSION['id_session']);
$table_session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
$sql_query = "SELECT DISTINCT user.user_id, user.lastname, user.firstname, user.email, user.official_code
FROM $table_session_course_user as session_course_user, $table_users as user
WHERE `course_code` = '$currentCourseID' AND session_course_user.id_user = user.user_id ";
if ($session_id!=0) {
$sql_query .= ' AND id_session = '.$session_id;
}
$sql_query.=' ORDER BY user.lastname';
$rs = api_sql_query($sql_query, __FILE__, __LINE__);
while ($user = Database:: fetch_array($rs,'ASSOC')) {
$data[]=$user;
//$user_infos = Database :: get_user_info_from_id($user['user_id']);
$a_users[$user['user_id']] = $user;
}
}
if ($session_id == 0) {
// users directly subscribed to the course
$table_course_user = Database :: get_main_table(TABLE_MAIN_COURSE_USER);
$sql_query = "SELECT DISTINCT user.user_id, user.lastname, user.firstname, user.email, user.official_code
FROM $table_course_user as course_user, $table_users as user WHERE `course_code` = '$currentCourseID' AND course_user.user_id = user.user_id ORDER BY user.lastname";
$rs = api_sql_query($sql_query, __FILE__, __LINE__);
while ($user = Database::fetch_array($rs,'ASSOC')) {
$data[]=$user;
$a_users[$user['user_id']] = $user;
}
}
switch ($_GET['type']) {
case 'csv' :
Export::export_table_csv($a_users);
case 'xls' :
Export::export_table_xls($a_users);
}
}
}
} // end if allowed to edit
if (api_is_allowed_to_edit()) {
// Unregister user from course
if ($_REQUEST['unregister']) {
if (isset($_GET['user_id']) && is_numeric($_GET['user_id']) && $_GET['user_id'] != $_user['user_id']) {
$user_id = Database::escape_string($_GET['user_id']);
$tbl_user = Database::get_main_table(TABLE_MAIN_USER);
$tbl_session_rel_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
$tbl_session_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_USER);
$sql = 'SELECT '.$tbl_user.'.user_id
FROM '.$tbl_user.' user
INNER JOIN '.$tbl_session_rel_user.' reluser
ON user.user_id = reluser.id_user
INNER JOIN '.$tbl_session_rel_course.' rel_course
ON rel_course.id_session = reluser.id_session
WHERE user.user_id = "'.$user_id.'"
AND rel_course.course_code = "'.$currentCourseID.'"
ORDER BY lastname, firstname';
$result=api_sql_query($sql,__FILE__,__LINE__);
$row=Database::fetch_array($result,'ASSOC');
if ($row['user_id']==$user_id || $row['user_id']=="") {
CourseManager::unsubscribe_user($_GET['user_id'],$_SESSION['_course']['sysCode']);
$message = get_lang('UserUnsubscribed');
} else {
$message = get_lang('ThisStudentIsSubscribeThroughASession');
}
}
}
} // end if allowed to edit
/*
==============================================================================
FUNCTIONS
==============================================================================
*/
function display_user_search_form() {
echo '<form method="get" action="user.php">';
echo get_lang("SearchForUser") . "&nbsp;&nbsp;";
echo '<input type="text" name="keyword" value="'.$_GET['keyword'].'"/>';
echo '<input type="submit" value="'.get_lang('SearchButton').'"/>';
echo '</form>';
}
/**
* This function displays a list if users for each virtual course linked to the current
* real course.
*
* defines globals
*
* @version 1.0
* @author Roan Embrechts
* @todo users from virtual courses always show "-" for the group related output. Edit and statistics columns are disabled * for these users, for now.
*/
function show_users_in_virtual_courses() {
global $_course, $_user, $origin;
$real_course_code = $_course['sysCode'];
$real_course_info = Database::get_course_info($real_course_code);
$user_subscribed_virtual_course_list = CourseManager::get_list_of_virtual_courses_for_specific_user_and_real_course($_user['user_id'], $real_course_code);
$number_of_virtual_courses = count($user_subscribed_virtual_course_list);
$row = 0;
$column_header[$row ++] = "ID";
$column_header[$row ++] = get_lang("FullUserName");
$column_header[$row ++] = get_lang("Role");
$column_header[$row ++] = get_lang("Group");
if ( api_is_allowed_to_edit()) {
$column_header[$row ++] = get_lang("Tutor");
}
if ( api_is_allowed_to_edit()) {
$column_header[$row ++] = get_lang("CourseManager");
}
if ( !is_array($user_subscribed_virtual_course_list)) {
return;
}
foreach ($user_subscribed_virtual_course_list as $virtual_course) {
$virtual_course_code = $virtual_course["code"];
$virtual_course_user_list = CourseManager::get_user_list_from_course_code($virtual_course_code);
$message = get_lang("RegisteredInVirtualCourse")." ".$virtual_course["title"]."&nbsp;&nbsp;(".$virtual_course["code"].")";
echo "<br/>";
echo "<h4>".$message."</h4>";
$properties["width"] = "100%";
$properties["cellspacing"] = "1";
Display::display_complex_table_header($properties, $column_header);
foreach ($virtual_course_user_list as $this_user) {
$user_id = $this_user["user_id"];
$loginname = $this_user["username"];
$lastname = $this_user["lastname"];
$firstname = $this_user["firstname"];
$status = $this_user["status"];
$role = $this_user["role"];
if ( $status == "1") {
$status = get_lang("CourseManager");
} else {
$status = " - ";
}
$full_name = $lastname.", ".$firstname;
if ( $lastname == "" || $firstname == '') {
$full_name = $loginname;
}
$user_info_hyperlink = "<a href=\"userInfo.php?".api_get_cidreq()."&origin=".$origin."&uInfo=".$user_id."&virtual_course=".$virtual_course["code"]."\">".$full_name."</a>";
$row = 0;
$table_row[$row ++] = $user_id;
$table_row[$row ++] = $user_info_hyperlink; //Full name
$table_row[$row ++] = $role; //Description
$table_row[$row ++] = " - "; //Group, for the moment groups don't work for students in virtual courses
if ( api_is_allowed_to_edit()) {
$table_row[$row ++] = " - "; //Tutor column
$table_row[$row ++] = $status; //Course Manager column
}
Display::display_table_row(null, $table_row, true);
}
Display::display_table_footer();
}
}
if (!$is_allowed_in_course) {
api_not_allowed(true);
}
/*
-----------------------------------------------------------
Header
-----------------------------------------------------------
*/
if ( $origin != 'learnpath') {
if (isset($_GET['keyword'])) {
$interbreadcrumb[] = array ("url" => "user.php", "name" => get_lang("Users"));
$tool_name = get_lang('SearchResults');
} else {
$tool_name = get_lang('Users');
}
Display::display_header($tool_name, "User");
} else {
?> <link rel="stylesheet" type="text/css" href="<?php echo api_get_path(WEB_CODE_PATH); ?>css/default.css" /> <?php
}
if ( isset($message)) {
Display::display_normal_message($message);
}
/*
==============================================================================
MAIN CODE
==============================================================================
*/
//statistics
event_access_tool(TOOL_USER);
/*
--------------------------------------
Setting the permissions for this page
--------------------------------------
*/
$is_allowed_to_track = ($is_courseAdmin || $is_courseTutor) && $_configuration['tracking_enabled'];
// introduction section
$fck_attribute['Width'] = '100%';
$fck_attribute['Height'] = '300';
$fck_attribute['ToolbarSet'] = 'Introduction';
Display::display_introduction_section(TOOL_USER, 'left');
$fck_attribute = null; // Clearing this global variable immediatelly after it has been used.
if ( api_is_allowed_to_edit()) {
echo "<div class=\"actions\">";
// the action links
$actions .= '<a href="user.php?'.api_get_cidreq().'&action=export&amp;type=csv">'.Display::return_icon('csv.gif', get_lang('ExportAsCSV')).'&nbsp;'.get_lang('ExportAsCSV').'</a> ';
$actions .= '<a href="subscribe_user.php?'.api_get_cidreq().'">'.Display::return_icon('add_user_big.gif',get_lang("SubscribeUserToCourse")).'&nbsp;'.get_lang("SubscribeUserToCourse").'</a> ';
$actions .= "<a href=\"subscribe_user.php?".api_get_cidreq()."&type=teacher\">".Display::return_icon('add_user_big.gif', get_lang("SubscribeUserToCourseAsTeacher"))."&nbsp;".get_lang("SubscribeUserToCourseAsTeacher")."</a> ";
$actions .= "<a href=\"../group/group.php?".api_get_cidreq()."\">".Display::return_icon('edit_group.gif', get_lang("GroupUserManagement"))."&nbsp;".get_lang("GroupUserManagement")."</a>";
if (api_get_setting('use_session_mode')=='false') {
$actions .= ' <a href="class.php?'.api_get_cidreq().'">'.get_lang('Classes').'</a>';
}
// Build search-form
$form = new FormValidator('search_user', 'get','','',null,false);
$renderer = & $form->defaultRenderer();
$renderer->setElementTemplate('<span>{element}</span> ');
$form->add_textfield('keyword', '', false);
$form->addElement('style_submit_button', 'submit', get_lang('SearchButton'), 'class="search"');
$form->addElement('static','additionalactions',null,$actions);
$form->display();
echo '</div>';
}
/*
if (1) // platform setting api_get_setting('subscribe_user_by_coach')
{
if (!api_is_allowed_to_edit() && $is_courseTutor)
{
echo "<div align=\"right\">";
echo '<a href="subscribe_user.php?'.api_get_cidreq().'">'.Display::return_icon('add_user_big.gif',get_lang("SubscribeUserToCourse")).'&nbsp;'.get_lang("SubscribeUserToCourse").'</a>';
echo "</div>";
}
}*/
/*
--------------------------------------
DISPLAY USERS LIST
--------------------------------------
Also shows a "next page" button if there are
more than 50 users.
There's a bug in here somewhere - some users count as more than one if they are in more than one group
--> code for > 50 users should take this into account
(Roan, Feb 2004)
*/
if ( CourseManager::has_virtual_courses_from_code($course_id, $user_id)) {
$real_course_code = $_course['sysCode'];
$real_course_info = Database::get_course_info($real_course_code);
$message = get_lang("RegisteredInRealCourse")." ".$real_course_info["title"]."&nbsp;&nbsp;(".$real_course_info["official_code"].")";
echo "<h4>".$message."</h4>";
}
/*
==============================================================================
DISPLAY LIST OF USERS
==============================================================================
*/
/**
* * Get the users to display on the current page.
*/
function get_number_of_users() {
$counter=0;
if (!empty($_SESSION["id_session"])) {
$a_course_users = CourseManager :: get_user_list_from_course_code($_SESSION['_course']['id'], true, $_SESSION['id_session']);
} else {
$a_course_users = CourseManager :: get_user_list_from_course_code($_SESSION['_course']['id'], true);
}
foreach ($a_course_users as $user_id=>$o_course_user) {
if ( (isset ($_GET['keyword']) && search_keyword($o_course_user['firstname'],$o_course_user['lastname'],$o_course_user['username'],$o_course_user['official_code'],$_GET['keyword'])) || !isset($_GET['keyword']) || empty($_GET['keyword'])) {
$counter++;
}
}
return $counter;
}
function search_keyword($firstname,$lastname,$username,$official_code,$keyword) {
if (strripos($firstname,$keyword)!==false || strripos($lastname,$keyword)!==false || strripos($username,$keyword)!==false || strripos($official_code,$keyword)!==false) {
return true;
} else {
return false;
}
}
/**
* Get the users to display on the current page.
*/
function get_user_data($from, $number_of_items, $column, $direction) {
$a_users=array();
// limit
$limit = 'LIMIT '.intval($from).','.intval($number_of_items);
// order by
switch ($column) {
case 1 : $order_by = 'ORDER BY user.firstname';break;
case 2 : $order_by = 'ORDER BY user.lastname';break;
case 5 : $order_by = 'ORDER BY user.official_code';break;
default: $order_by = 'ORDER BY user.lastname';break;
}
$order_by .= ' '.$direction;
if (!empty($_SESSION["id_session"])) {
$a_course_users = CourseManager :: get_user_list_from_course_code($_SESSION['_course']['id'], true, $_SESSION['id_session'], $limit, $order_by);
} else {
$a_course_users = CourseManager :: get_user_list_from_course_code($_SESSION['_course']['id'], false, 0, $limit, $order_by);
}
foreach ($a_course_users as $user_id=>$o_course_user) {
if ( (isset ($_GET['keyword']) && search_keyword($o_course_user['firstname'],$o_course_user['lastname'],$o_course_user['username'],$o_course_user['official_code'],$_GET['keyword'])) || !isset($_GET['keyword']) || empty($_GET['keyword'])) {
$groups_name=GroupManager :: get_user_group_name($user_id);
if (api_is_allowed_to_edit()) {
$temp=array();
$temp[] = $user_id;
$temp[] = $o_course_user['firstname'];
$temp[] = $o_course_user['lastname'];
$temp[] = $o_course_user['role'];
$temp[] = implode(', ',$groups_name); //Group
$temp[] = $o_course_user['official_code'];
// deprecated feature
if (isset($o_course_user['tutor_id']) && $o_course_user['tutor_id']==1) {
$temp[] = get_lang('Tutor');
} else {
$temp[] = '-';
}
if (isset($o_course_user['status']) && $o_course_user['status']==1) {
$temp[] = get_lang('CourseManager');
} else {
$temp[] = '-';
}
$temp[] = $o_course_user['active'];
$temp[] = $user_id;
} else {
$temp=array();
$temp[] = $o_course_user['firstname'];
$temp[] = $o_course_user['lastname'];
$temp[] = $o_course_user['role'];
$temp[] = implode(', ',$groups_name);//Group
$temp[] = $o_course_user['official_code'];
$temp[] = $user_id;
}
$a_users[$user_id] = $temp;
}
}
return $a_users;
}
/**
* Build the active-column of the table to lock or unlock a certain user
* lock = the user can no longer use this account
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
* @param int $active the current state of the account
* @param int $user_id The user id
* @param string $url_params
* @return string Some HTML-code with the lock/unlock button
*/
function active_filter($active, $url_params, $row) {
global $_user;
if ($active=='1') {
$action='AccountActive';
$image='right';
}
if ($active=='0') {
$action='AccountInactive';
$image='wrong';
}
if ($row['0']<>$_user['user_id']) { // you cannot lock yourself out otherwise you could disable all the accounts including your own => everybody is locked out and nobody can change it anymore.
$result = '<center><img src="../img/'.$image.'.gif" border="0" style="vertical-align: middle;" alt="'.get_lang(ucfirst($action)).'" title="'.get_lang(ucfirst($action)).'"/></center>';
}
return $result;
}
/**
* Build the modify-column of the table
* @param int $user_id The user id
* @return string Some HTML-code
*/
function modify_filter($user_id) {
global $origin,$_user, $_course, $is_allowed_to_track,$charset;
$result="<div style='text-align: center'>";
// info
if (!api_is_anonymous()) {
$result .= '<a href="userInfo.php?'.api_get_cidreq().'&origin='.$origin.'&amp;uInfo='.$user_id.'" title="'.get_lang('Info').'" ><img border="0" alt="'.get_lang('Info').'" src="../img/user_info.gif" /></a>&nbsp;';
}
if ($is_allowed_to_track) {
$result .= '<a href="../mySpace/myStudents.php?'.api_get_cidreq().'&student='.$user_id.'&amp;details=true&amp;course='.$_course['id'].'&amp;origin=user_course&amp;id_session='.$_SESSION["id_session"].'" title="'.get_lang('Tracking').'" ><img border="0" alt="'.get_lang('Tracking').'" src="../img/statistics.gif" /></a>&nbsp;';
}
if (api_is_allowed_to_edit()) {
// edit
$result .= '<a href="userInfo.php?'.api_get_cidreq().'&origin='.$origin.'&amp;editMainUserInfo='.$user_id.'" title="'.get_lang('Edit').'" ><img border="0" alt="'.get_lang('Edit').'" src="../img/edit.gif" /></a>&nbsp;';
// unregister
if ( $user_id != $_user['user_id']) {
$result .= '<a href="'.api_get_self().'?'.api_get_cidreq().'&unregister=yes&amp;user_id='.$user_id.'" title="'.get_lang('Unreg').' " onclick="javascript:if(!confirm(\''.addslashes(htmlentities(get_lang('ConfirmYourChoice'),ENT_QUOTES,$charset)).'\')) return false;"><img border="0" alt="'.get_lang("Unreg").'" src="../img/delete.gif"/></a>';
} else {
$result .= '<img border="0" alt="'.get_lang("Unreg").'" src="../img/delete_na.gif"/>';
}
}
$result.="</div>";
return $result;
}
$default_column = api_is_allowed_to_edit() ? 2 : 1;
$table = new SortableTable('users', 'get_number_of_users', 'get_user_data',$default_column);
$parameters['keyword'] = $_GET['keyword'];
$table->set_additional_parameters($parameters);
$header_nr = 0;
if ( api_is_allowed_to_edit()) {
$table->set_header($header_nr++, '', false);
}
$table->set_header($header_nr++, get_lang('FirstName'));
$table->set_header($header_nr++, get_lang('LastName'));
$table->set_header($header_nr++, get_lang('Description'),false);
$table->set_header($header_nr++, get_lang('GroupSingle'),false);
$table->set_header($header_nr++, get_lang('OfficialCode'));
if ( api_is_allowed_to_edit()) {
// deprecated feature
$table->set_header($header_nr++, get_lang('Tutor'),false);
$table->set_header($header_nr++, get_lang('CourseManager'),false);
$table->set_header($header_nr++, get_lang('Active'),false);
$table->set_column_filter(8,'active_filter');
}
//actions column
$table->set_header($header_nr++, get_lang('Modify'), false);
$table->set_column_filter($header_nr-1,'modify_filter');
if ( api_is_allowed_to_edit()) {
$table->set_form_actions(array ('unsubscribe' => get_lang('Unreg')), 'user');
}
$table->display();
if ( !empty($_GET['keyword']) && !empty($_GET['submit']) ) {
$keyword_name=Security::remove_XSS($_GET['keyword']);
echo '<br/>'.get_lang('SearchResultsFor').' <span style="font-style: italic ;"> '.$keyword_name.' </span><br>';
}
if ( get_setting('allow_user_headings') == 'true' && $is_courseAdmin && api_is_allowed_to_edit() && $origin != 'learnpath') { // only course administrators see this line
echo "<div align=\"right\">", "<form method=\"post\" action=\"userInfo.php\">", get_lang("CourseAdministratorOnly"), " : ", "<input type=\"submit\" name=\"viewDefList\" value=\"".get_lang("DefineHeadings")."\" />", "</form>", "</div>\n";
}
//User list of the virtual courses linked to this course.
//show_users_in_virtual_courses($is_allowed_to_track);
/*
==============================================================================
FOOTER
==============================================================================
*/
if ( $origin != 'learnpath') {
Display::display_footer();
}