chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Use extra fields to validate user add/edit on registration

Browse Source
pull/5541/head
Juan Cortizas Ponte 1 year ago
parent e8e5949917
commit 3aba815f57
2 changed files with 310 additions and 232 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 271
      main/admin/user_add.php
  2. 271
      main/admin/user_edit.php

271
main/admin/user_add.php
Unescape View File

@ -368,137 +368,176 @@ $html_results_enabled[] = $form->createElement('button', 'submit_plus', get_lang
$form->addGroup($html_results_enabled); $form->addGroup($html_results_enabled);
// Validate form // Validate form
if ($form->validate()) { $formValid = $form->validate();
if ($formValid) {
$check = Security::check_token('post'); $check = Security::check_token('post');
if ($check) { if ($check) {
$user = $form->exportValues(); $user = $form->exportValues();
$lastname = $user['lastname']; $extraFields = api_get_configuration_value('extra_fields_to_validate_on_user_registration');
$firstname = $user['firstname']; if (!empty($extraFields) && isset($extraFields['extra_fields'])) {
$official_code = $user['official_code']; $extraFieldList = $extraFields['extra_fields'];
$email = $user['email']; foreach ($user as $key => $value) {
$phone = $user['phone']; if (substr($key, 0, 6) == 'extra_') {
$username = $user['username']; $extra_value = Security::remove_XSS($value);
$status = (int) $user['status']; $extra_field = substr($key,6);
$language = $user['language'];
$picture = $_FILES['picture']; if(!empty($extra_value)) {
$platform_admin = (int) $user['admin']['platform_admin']; if (in_array($extra_field, $extraFieldList)) {
$send_mail = (int) $user['mail']['send_mail']; $extraValueExists = api_user_extra_field_validation($extra_field, $extra_value);
$hr_dept_id = isset($user['hr_dept_id']) ? (int) $user['hr_dept_id'] : 0; if ($extraValueExists) {
$formValid = false;
if (isset($extAuthSource) && count($extAuthSource) > 0 &&
$user['password']['password_auto'] == '2' $element = $form->getElement($key);
) { if ($element) {
$auth_source = $user['password']['auth_source']; $attrs = ['style' => 'border-color: #a94442;'];
$password = 'PLACEHOLDER'; $form->updateElementAttr([$element], $attrs);
} else { }
$auth_source = PLATFORM_AUTH_SOURCE;
$password = $user['password']['password_auto'] == '1' ? api_generate_password() : $user['password']['password']; Display::addFlash(
} Display::return_message(
get_lang('TheValueEntered ').$extra_field.get_lang('AlreadyExists'),
if ($user['radio_expiration_date'] == '1') { 'error',
$expiration_date = $user['expiration_date']; false
} else { )
$expiration_date = null; );
} }
}
$active = (int) $user['active']; }
if (api_get_setting('login_is_email') == 'true') { }
$username = $email;
}
$extra = [];
foreach ($user as $key => $value) {
if (substr($key, 0, 6) == 'extra_') {
// An extra field
$extra[substr($key, 6)] = $value;
} }
} }
$template = isset($user['email_template_option']) ? $user['email_template_option'] : []; if ($formValid) {
$lastname = $user['lastname'];
$user_id = UserManager::create_user( $firstname = $user['firstname'];
$firstname, $official_code = $user['official_code'];
$lastname, $email = $user['email'];
$status, $phone = $user['phone'];
$email, $username = $user['username'];
$username, $status = (int) $user['status'];
$password, $language = $user['language'];
$official_code, $picture = $_FILES['picture'];
$language, $platform_admin = (int) $user['admin']['platform_admin'];
$phone, $send_mail = (int) $user['mail']['send_mail'];
null, $hr_dept_id = isset($user['hr_dept_id']) ? (int) $user['hr_dept_id'] : 0;
$auth_source,
$expiration_date, if (isset($extAuthSource) && count($extAuthSource) > 0 &&
$active, $user['password']['password_auto'] == '2'
$hr_dept_id, ) {
$extra, $auth_source = $user['password']['auth_source'];
null, $password = 'PLACEHOLDER';
$send_mail, } else {
$platform_admin, $auth_source = PLATFORM_AUTH_SOURCE;
'', $password = $user['password']['password_auto'] == '1' ? api_generate_password() : $user['password']['password'];
false, }
null,
0,
$template
);
Security::clear_token(); if ($user['radio_expiration_date'] == '1') {
$tok = Security::get_token(); $expiration_date = $user['expiration_date'];
if (!empty($user_id)) { } else {
if (!empty($picture['name'])) { $expiration_date = null;
$picture_uri = UserManager::update_user_picture(
$user_id,
$_FILES['picture']['name'],
$_FILES['picture']['tmp_name'],
$user['picture_crop_result']
);
UserManager::update_user(
$user_id,
$firstname,
$lastname,
$username,
$password,
$auth_source,
$email,
$status,
$official_code,
$phone,
$picture_uri,
$expiration_date,
$active,
null,
$hr_dept_id,
null,
$language
);
} }
$extraFieldValues = new ExtraFieldValue('user'); $active = (int) $user['active'];
$user['item_id'] = $user_id; if (api_get_setting('login_is_email') == 'true') {
$extraFieldValues->saveFieldValues($user); $username = $email;
$message = get_lang('UserAdded').': '. }
Display::url(
api_get_person_name($firstname, $lastname),
api_get_path(WEB_CODE_PATH).'admin/user_edit.php?user_id='.$user_id
);
}
Display::addFlash(Display::return_message($message, 'normal', false)); $extra = [];
foreach ($user as $key => $value) {
if (substr($key, 0, 6) == 'extra_') {
// An extra field
$extra[substr($key, 6)] = $value;
}
}
if (isset($_POST['submit_plus']) $template = isset($user['email_template_option']) ? $user['email_template_option'] : [];
|| (api_is_session_admin() && api_get_configuration_value('limit_session_admin_list_users'))
) { $user_id = UserManager::create_user(
//we want to add more. Prepare report message and redirect to the same page (to clean the form) $firstname,
header('Location: user_add.php?sec_token='.$tok); $lastname,
exit; $status,
} else { $email,
$username,
$password,
$official_code,
$language,
$phone,
null,
$auth_source,
$expiration_date,
$active,
$hr_dept_id,
$extra,
null,
$send_mail,
$platform_admin,
'',
false,
null,
0,
$template
);
Security::clear_token();
$tok = Security::get_token(); $tok = Security::get_token();
header('Location: user_list.php?sec_token='.$tok); if (!empty($user_id)) {
exit; if (!empty($picture['name'])) {
$picture_uri = UserManager::update_user_picture(
$user_id,
$_FILES['picture']['name'],
$_FILES['picture']['tmp_name'],
$user['picture_crop_result']
);
UserManager::update_user(
$user_id,
$firstname,
$lastname,
$username,
$password,
$auth_source,
$email,
$status,
$official_code,
$phone,
$picture_uri,
$expiration_date,
$active,
null,
$hr_dept_id,
null,
$language
);
}
$extraFieldValues = new ExtraFieldValue('user');
$user['item_id'] = $user_id;
$extraFieldValues->saveFieldValues($user);
$message = get_lang('UserAdded').': '.
Display::url(
api_get_person_name($firstname, $lastname),
api_get_path(WEB_CODE_PATH).'admin/user_edit.php?user_id='.$user_id
);
}
Display::addFlash(Display::return_message($message, 'normal', false));
if (isset($_POST['submit_plus'])
|| (api_is_session_admin() && api_get_configuration_value('limit_session_admin_list_users'))
) {
//we want to add more. Prepare report message and redirect to the same page (to clean the form)
header('Location: user_add.php?sec_token='.$tok);
exit;
} else {
$tok = Security::get_token();
header('Location: user_list.php?sec_token='.$tok);
exit;
}
} }
} }
} else { }
if (!$formValid) {
if (isset($_POST['submit'])) { if (isset($_POST['submit'])) {
Security::clear_token(); Security::clear_token();
} }

271
main/admin/user_edit.php
Unescape View File

@ -432,142 +432,181 @@ $error_drh = false;
// Validate form // Validate form
if ($form->validate()) { if ($form->validate()) {
$user = $form->getSubmitValues(1); $user = $form->getSubmitValues(1);
$reset_password = (int) $user['reset_password'];
if ($reset_password == 2 && empty($user['password'])) {
Display::addFlash(Display::return_message(get_lang('PasswordIsTooShort')));
header('Location: '.api_get_self().'?user_id='.$user_id);
exit();
}
$is_user_subscribed_in_course = CourseManager::is_user_subscribed_in_course($user['user_id']);
$picture_element = $form->getElement('picture');
$picture = $picture_element->getValue();
$picture_uri = $user_data['picture_uri'];
if (isset($user['delete_picture']) && $user['delete_picture']) {
$picture_uri = UserManager::deleteUserPicture($user_id);
} elseif (!empty($picture['name'])) {
$picture_uri = UserManager::update_user_picture(
$user_id,
$_FILES['picture']['name'],
$_FILES['picture']['tmp_name'],
$user['picture_crop_result']
);
}
$lastname = $user['lastname']; $formValid = true;
$firstname = $user['firstname'];
$password = $user['password']; $extraFields = api_get_configuration_value('extra_fields_to_validate_on_user_registration');
$auth_source = isset($user['auth_source']) ? $user['auth_source'] : $userInfo['auth_source']; if (!empty($extraFields) && isset($extraFields['extra_fields'])) {
$official_code = $user['official_code']; $extraFieldList = $extraFields['extra_fields'];
$email = $user['email']; foreach ($user as $key => $value) {
$phone = $user['phone']; if (substr($key, 0, 6) == 'extra_') {
$username = isset($user['username']) ? $user['username'] : $userInfo['username']; $extra_value = Security::remove_XSS($value);
$status = (int) $user['status']; $extra_field = substr($key,6);
$platform_admin = 0;
// Only platform admin can change user status to admin. if(!empty($extra_value)) {
if (api_is_platform_admin()) { if (in_array($extra_field, $extraFieldList)) {
$platform_admin = (int) $user['platform_admin']; $extraValueExists = api_user_extra_field_validation($extra_field, $extra_value);
if ($extraValueExists) {
$formValid = false;
$element = $form->getElement($key);
if ($element) {
$attrs = ['style' => 'border-color: #a94442;'];
$form->updateElementAttr([$element], $attrs);
}
Display::addFlash(
Display::return_message(
get_lang('TheValueEntered ').$extra_field.get_lang('AlreadyExists'),
'error',
false
)
);
}
}
}
}
}
} }
$send_mail = (int) $user['send_mail']; if ($formValid) {
$reset_password = (int) $user['reset_password']; $reset_password = (int) $user['reset_password'];
$hr_dept_id = isset($user['hr_dept_id']) ? intval($user['hr_dept_id']) : null; if ($reset_password == 2 && empty($user['password'])) {
$language = $user['language']; Display::addFlash(Display::return_message(get_lang('PasswordIsTooShort')));
$address = isset($user['address']) ? $user['address'] : null;
$expiration_date = null;
if (!$user_data['platform_admin'] && $user['radio_expiration_date'] == '1') {
if (empty($user['expiration_date'])) {
Display::addFlash(Display::return_message(get_lang('EmptyExpirationDate')));
header('Location: '.api_get_self().'?user_id='.$user_id); header('Location: '.api_get_self().'?user_id='.$user_id);
exit(); exit();
} }
$expiration_date = $user['expiration_date'];
}
$active = $user_data['platform_admin'] ? 1 : intval($user['active']); $is_user_subscribed_in_course = CourseManager::is_user_subscribed_in_course($user['user_id']);
$picture_element = $form->getElement('picture');
$picture = $picture_element->getValue();
$picture_uri = $user_data['picture_uri'];
if (isset($user['delete_picture']) && $user['delete_picture']) {
$picture_uri = UserManager::deleteUserPicture($user_id);
} elseif (!empty($picture['name'])) {
$picture_uri = UserManager::update_user_picture(
$user_id,
$_FILES['picture']['name'],
$_FILES['picture']['tmp_name'],
$user['picture_crop_result']
);
}
//If the user is set to admin the status will be overwrite by COURSEMANAGER = 1 $lastname = $user['lastname'];
if ($platform_admin == 1) { $firstname = $user['firstname'];
$status = COURSEMANAGER; $password = $user['password'];
} $auth_source = isset($user['auth_source']) ? $user['auth_source'] : $userInfo['auth_source'];
$official_code = $user['official_code'];
$email = $user['email'];
$phone = $user['phone'];
$username = isset($user['username']) ? $user['username'] : $userInfo['username'];
$status = (int) $user['status'];
$platform_admin = 0;
// Only platform admin can change user status to admin.
if (api_is_platform_admin()) {
$platform_admin = (int) $user['platform_admin'];
}
if (api_get_setting('login_is_email') === 'true') { $send_mail = (int) $user['send_mail'];
$username = $email; $reset_password = (int) $user['reset_password'];
} $hr_dept_id = isset($user['hr_dept_id']) ? intval($user['hr_dept_id']) : null;
$language = $user['language'];
$address = isset($user['address']) ? $user['address'] : null;
$expiration_date = null;
if (!$user_data['platform_admin'] && $user['radio_expiration_date'] == '1') {
if (empty($user['expiration_date'])) {
Display::addFlash(Display::return_message(get_lang('EmptyExpirationDate')));
header('Location: '.api_get_self().'?user_id='.$user_id);
exit();
}
$expiration_date = $user['expiration_date'];
}
$template = isset($user['email_template_option']) ? $user['email_template_option'] : []; $active = $user_data['platform_admin'] ? 1 : intval($user['active']);
UserManager::update_user( //If the user is set to admin the status will be overwrite by COURSEMANAGER = 1
$user_id, if ($platform_admin == 1) {
$firstname, $status = COURSEMANAGER;
$lastname, }
$username,
$password,
$auth_source,
$email,
$status,
$official_code,
$phone,
$picture_uri,
$expiration_date,
$active,
null,
$hr_dept_id,
null,
$language,
null,
$send_mail,
$reset_password,
$address,
$template
);
$studentBossListSent = isset($user['student_boss']) ? $user['student_boss'] : []; if (api_get_setting('login_is_email') === 'true') {
UserManager::subscribeUserToBossList( $username = $email;
$user_id, }
$studentBossListSent,
true
);
if (api_get_setting('openid_authentication') === 'true' && !empty($user['openid'])) { $template = isset($user['email_template_option']) ? $user['email_template_option'] : [];
$up = UserManager::update_openid($user_id, $user['openid']);
}
$currentUserId = api_get_user_id(); UserManager::update_user(
if ($user_id != $currentUserId) { $user_id,
$userObj = api_get_user_entity($user_id); $firstname,
if ($platform_admin == 1) { $lastname,
UserManager::addUserAsAdmin($userObj); $username,
} else { $password,
UserManager::removeUserAdmin($userObj); $auth_source,
$email,
$status,
$official_code,
$phone,
$picture_uri,
$expiration_date,
$active,
null,
$hr_dept_id,
null,
$language,
null,
$send_mail,
$reset_password,
$address,
$template
);
$studentBossListSent = isset($user['student_boss']) ? $user['student_boss'] : [];
UserManager::subscribeUserToBossList(
$user_id,
$studentBossListSent,
true
);
if (api_get_setting('openid_authentication') === 'true' && !empty($user['openid'])) {
$up = UserManager::update_openid($user_id, $user['openid']);
} }
}
// It updates course relation type as EX-LEARNER if project name (extra field from user_edition_extra_field_to_check) is changed $currentUserId = api_get_user_id();
if (false !== api_get_configuration_value('user_edition_extra_field_to_check')) { if ($user_id != $currentUserId) {
$extraToCheck = api_get_configuration_value('user_edition_extra_field_to_check'); $userObj = api_get_user_entity($user_id);
if (isset($user['extra_'.$extraToCheck])) { if ($platform_admin == 1) {
$extraValueToCheck = $user['extra_'.$extraToCheck]; UserManager::addUserAsAdmin($userObj);
UserManager::updateCourseRelationTypeExLearner($user_id, $extraValueToCheck); } else {
UserManager::removeUserAdmin($userObj);
}
} }
}
$extraFieldValue = new ExtraFieldValue('user'); // It updates course relation type as EX-LEARNER if project name (extra field from user_edition_extra_field_to_check) is changed
$extraFieldValue->saveFieldValues($user); if (false !== api_get_configuration_value('user_edition_extra_field_to_check')) {
$userInfo = api_get_user_info($user_id); $extraToCheck = api_get_configuration_value('user_edition_extra_field_to_check');
$message = get_lang('UserUpdated').': '.Display::url( if (isset($user['extra_'.$extraToCheck])) {
$userInfo['complete_name_with_username'], $extraValueToCheck = $user['extra_'.$extraToCheck];
api_get_path(WEB_CODE_PATH).'admin/user_edit.php?user_id='.$user_id UserManager::updateCourseRelationTypeExLearner($user_id, $extraValueToCheck);
); }
}
Session::erase('system_timezone'); $extraFieldValue = new ExtraFieldValue('user');
$extraFieldValue->saveFieldValues($user);
$userInfo = api_get_user_info($user_id);
$message = get_lang('UserUpdated').': '.Display::url(
$userInfo['complete_name_with_username'],
api_get_path(WEB_CODE_PATH).'admin/user_edit.php?user_id='.$user_id
);
Display::addFlash(Display::return_message($message, 'normal', false)); Session::erase('system_timezone');
header('Location: user_list.php');
exit(); Display::addFlash(Display::return_message($message, 'normal', false));
header('Location: user_list.php');
exit();
}
} }
$actions = [ $actions = [

Write Preview
Loading…
Cancel
Save