function getTabNavigation($course_id)
{
#$navigation = new AutoNavigation(_('Teilnehmende'));
$navigation = new Navigation(_('Teilnehmende'));
$navigation->setImage(Icon::create('persons', 'info_alt'));
$navigation->setActiveImage(Icon::create('persons', 'info'));
$navigation->addSubNavigation('view', new Navigation(_('Teilnehmende'), 'dispatch.php/course/members'));
if (Course::find($course_id)->aux_lock_rule) {
$navigation->addSubNavigation('additional', new Navigation(_('Zusatzangaben'), 'dispatch.php/course/members/additional'));
}
$navigation->addSubNavigation('view_groups', new Navigation(_('Funktionen / Gruppen'), 'statusgruppen.php?view=statusgruppe_sem'));
if ($GLOBALS['perm']->have_studip_perm('tutor', $course_id) && !LockRules::check($course_id, 'groups')) {
$navigation->addSubNavigation('edit_groups', new Navigation(_('Funktionen / Gruppen verwalten'), 'admin_statusgruppe.php?new_sem=TRUE&range_id=' . $course_id));
}
return array('members' => $navigation);
}
/**
* Initialize the subnavigation of this item. This method
* is called once before the first item is added or removed.
*/
public function initSubNavigation()
{
global $user, $perm;
parent::initSubNavigation();
$username = Request::username('username', $user->username);
$current_user = $username == $user->username ? $user : User::findByUsername($username);
// profile
$navigation = new Navigation(_('Profil'), 'dispatch.php/profile/index');
$this->addSubNavigation('index', $navigation);
if ($perm->have_profile_perm('user', $current_user->user_id)) {
// avatar
$navigation = new Navigation(_('Bild'), 'dispatch.php/settings/avatar');
$this->addSubNavigation('avatar', $navigation);
// profile data
$navigation = new Navigation(_('Nutzerdaten'));
$navigation->addSubNavigation('profile', new Navigation(_('Grunddaten'), 'dispatch.php/settings/account'));
if (($perm->get_profile_perm($current_user->user_id) == 'user' || $perm->have_perm('root') && Config::get()->ALLOW_ADMIN_USERACCESS) && !StudipAuthAbstract::CheckField('auth_user_md5.password', $current_user->auth_plugin) && !LockRules::check($current_user->user_id, 'password')) {
$navigation->addSubNavigation('password', new Navigation(_('Passwort ändern'), 'dispatch.php/settings/password'));
}
$navigation->addSubNavigation('details', new Navigation(_('Weitere Daten'), 'dispatch.php/settings/details'));
if (!in_array($current_user->perms, words('user admin root'))) {
$navigation->addSubNavigation('studies', new Navigation(_('Studiendaten'), 'dispatch.php/settings/studies'));
}
if ($current_user->perms != 'root') {
if (count(UserDomain::getUserDomains())) {
$navigation->addSubNavigation('userdomains', new Navigation(_('Nutzerdomänen'), 'dispatch.php/settings/userdomains'));
}
if ($perm->is_staff_member($current_user->user_id)) {
$navigation->addSubNavigation('statusgruppen', new Navigation(_('Einrichtungsdaten'), 'dispatch.php/settings/statusgruppen'));
}
}
$this->addSubNavigation('edit', $navigation);
if ($perm->have_perm('autor')) {
$navigation = new Navigation(_('Einstellungen'));
$navigation->addSubNavigation('general', new Navigation(_('Allgemeines'), 'dispatch.php/settings/general'));
$navigation->addSubNavigation('privacy', new Navigation(_('Privatsphäre'), 'dispatch.php/settings/privacy'));
$navigation->addSubNavigation('messaging', new Navigation(_('Nachrichten'), 'dispatch.php/settings/messaging'));
if (get_config('CALENDAR_ENABLE')) {
$navigation->addSubNavigation('calendar_new', new Navigation(_('Terminkalender'), 'dispatch.php/settings/calendar'));
}
if (!$perm->have_perm('admin') and get_config('MAIL_NOTIFICATION_ENABLE')) {
$navigation->addSubNavigation('notification', new Navigation(_('Benachrichtigung'), 'dispatch.php/settings/notification'));
}
if (isDefaultDeputyActivated() && $perm->get_perm() == 'dozent') {
$navigation->addSubNavigation('deputies', new Navigation(_('Standardvertretung'), 'dispatch.php/settings/deputies'));
}
if (Config::Get()->API_ENABLED) {
$navigation->addSubNavigation('api', new Navigation(_('API-Berechtigungen'), 'dispatch.php/api/authorizations'));
}
$this->addSubNavigation('settings', $navigation);
}
// user defined sections
$navigation = new Navigation(_('Kategorien'), 'dispatch.php/settings/categories');
$this->addSubNavigation('categories', $navigation);
}
// user documents page
if (Config::get()->PERSONALDOCUMENT_ENABLE && ($perm->have_profile_perm('user', $current_user->user_id) || Config::get()->PERSONALDOCUMENT_OPEN_ACCESS)) {
$title = _('Meine Dateien');
if (Config::get()->PERSONALDOCUMENT_OPEN_ACCESS && $current_user->id !== $user->id) {
$title = _('Dateibereich');
}
$navigation = new Navigation($title, 'dispatch.php/document/files');
$this->addSubNavigation('files', $navigation);
}
}
case "admin_visibility.php":
if ($perm->have_perm("admin") || (get_config('ALLOW_DOZENT_VISIBILITY') && $perm->have_perm('dozent'))) {
if(!LockRules::check($seminar_id, 'seminar_visibility')){
?>
<input type="hidden" name="all_sem[]" value="<? echo $seminar_id ?>">
<input type="CHECKBOX" name="visibility_sem[<? echo $seminar_id ?>]" <? if (!Request::get('select_none') && (Request::get('select_all') || $result['visible'])) echo ' checked'; ?>>
<?
} else {
echo $result['visible'] ? _("sichtbar") : _("versteckt");
}
}
break;
case "archiv_assi.php":
if ($perm->have_perm("admin") || (get_config('ALLOW_DOZENT_ARCHIV') && $perm->have_perm('dozent'))) {
if(!LockRules::check($seminar_id, 'seminar_visibility')){
?>
<input type="hidden" name="archiv_sem[]" value="_id_<? echo $seminar_id ?>">
<input type="CHECKBOX" name="archiv_sem[]" <? if (Request::get('select_all')) echo ' checked'; ?>>
<?
} else {
echo " ";
}
}
break;
case "dispatch.php":
if ($this instanceof Course_StudyAreasController){
echo _("Studienbereiche") . '<br>',
LinkButton::create(_("Bearbeiten"), $this->url_for('course/study_areas/show/' . $seminar_id));
} elseif ($this instanceof Course_BasicdataController){
echo _("Veranstaltung") . '<br>',
?>
</td>
</tr>
<? endif; ?>
<tr>
<td>
<label for="email" <? if (!$prelim) echo 'class="required"'; ?>>
<?php
echo _('E-Mail');
?>
:
</label>
</td>
<td colspan="2">
<? if (StudipAuthAbstract::CheckField("auth_user_md5.Email", $auth_plugin) || LockRules::check($user['user_id'], 'email')) : ?>
<?php
echo htmlReady($user["Email"]);
?>
<? else : ?>
<input class="user_form" type="text" name="Email" id="email"
value="<?php
echo htmlReady($user['Email']);
?>
" <? if (!$prelim) echo 'required'; ?>>
<? if ($GLOBALS['MAIL_VALIDATE_BOX']) : ?>
<label>
<input type="checkbox" name="disable_mail_host_check" value="1">
<?php
echo _('Mailboxüberprüfung deaktivieren');
?>
/**
* Determines whether a user is permitted to change a certain value
* and if provided, whether the value has actually changed.
*
* @param String $field Which db field shall change
* @param mixed $attribute Which attribute is related (optional,
* automatically guessedif missing)
* @param mixed $value Optional new value of the field (used to determine
* whether the value has actually changed)
* @return bool Indicates whether the value shall actually change
*/
public function shallChange($field, $attribute = null, $value = null)
{
$column = end(explode('.', $field));
$attribute = $attribute ?: strtolower($column);
$global_mapping = array('email' => 'ALLOW_CHANGE_EMAIL', 'name' => 'ALLOW_CHANGE_NAME', 'title' => 'ALLOW_CHANGE_TITLE', 'username' => 'ALLOW_CHANGE_USERNAME');
if (isset($global_mapping[$attribute]) and !$GLOBALS[$global_mapping[$attribute]]) {
return false;
}
return !($field && StudipAuthAbstract::CheckField($field, $this->user->auth_plugin)) && !LockRules::check($this->user->user_id, $attribute) && ($value === null || $this->user->{$column} != $value);
}
function getTabNavigation($course_id)
{
$sem_create_perm = in_array(get_config('SEM_CREATE_PERM'), array('root', 'admin', 'dozent')) ? get_config('SEM_CREATE_PERM') : 'dozent';
if ($GLOBALS['perm']->have_studip_perm('tutor', $course_id)) {
$navigation = new Navigation(_('Verwaltung'));
$navigation->setImage(Icon::create('admin', 'info_alt'));
$navigation->setActiveImage(Icon::create('admin', 'info'));
$main = new Navigation(_('Verwaltung'), 'dispatch.php/course/management');
$navigation->addSubNavigation('main', $main);
if ($GLOBALS['SessSemName']['class'] !== "inst") {
$item = new Navigation(_('Grunddaten'), 'dispatch.php/course/basicdata/view/' . $course_id);
$item->setImage(Icon::create('edit', 'clickable'));
$item->setDescription(_('Bearbeiten der Grundeinstellungen dieser Veranstaltung.'));
$navigation->addSubNavigation('details', $item);
$item = new Navigation(_('Infobild'), 'dispatch.php/course/avatar/update/' . $course_id);
$item->setImage(Icon::create('file-pic', 'clickable'));
$item->setDescription(_('Infobild dieser Veranstaltung bearbeiten oder löschen.'));
$navigation->addSubNavigation('avatar', $item);
$item = new Navigation(_('Studienbereiche'), 'dispatch.php/course/study_areas/show/' . $course_id);
$item->setImage(Icon::create('module', 'clickable'));
$item->setDescription(_('Zuordnung dieser Veranstaltung zu Studienbereichen für die Darstellung im Verzeichnis aller Veranstaltungen.'));
$navigation->addSubNavigation('study_areas', $item);
$item = new Navigation(_('Zeiten/Räume'), 'dispatch.php/course/timesrooms');
$item->setImage(Icon::create('date', 'clickable'));
$item->setDescription(_('Regelmäßige Veranstaltungszeiten, Einzeltermine und Ortsangaben ändern.'));
$navigation->addSubNavigation('dates', $item);
if (get_config('RESOURCES_ENABLE') && get_config('RESOURCES_ALLOW_ROOM_REQUESTS')) {
$item = new Navigation(_('Raumanfragen'), 'dispatch.php/course/room_requests/index/' . $course_id);
$item->setImage(Icon::create('resources', 'clickable'));
$item->setDescription(_('Raumanfragen zu Veranstaltungszeiten verwalten.'));
$navigation->addSubNavigation('room_requests', $item);
}
$item = new Navigation(_('Zugangsberechtigungen'), 'dispatch.php/course/admission');
$item->setImage(Icon::create('lock-locked', 'clickable'));
$item->setDescription(_('Zugangsbeschränkungen, Anmeldeverfahren oder einen Passwortschutz für diese Veranstaltung einrichten.'));
$navigation->addSubNavigation('admission', $item);
$item = new AutoNavigation(_('Zusatzangaben'), 'dispatch.php/admin/additional');
$item->setImage(Icon::create('add', 'clickable'));
$item->setDescription(_('Vorlagen zur Erhebung weiterer Angaben von Teilnehmenden auswählen.'));
$navigation->addSubNavigation('additional_data', $item);
if ($GLOBALS['perm']->have_perm($sem_create_perm)) {
if (!LockRules::check($course_id, 'seminar_copy')) {
$item = new Navigation(_('Veranstaltung kopieren'), 'dispatch.php/course/wizard/copy/' . $course_id);
$item->setImage(Icon::create('seminar+add', 'clickable'));
$main->addSubNavigation('copy', $item);
}
if (get_config('ALLOW_DOZENT_ARCHIV') || $GLOBALS['perm']->have_perm('admin')) {
$item = new Navigation(_('Veranstaltung archivieren'), 'archiv_assi.php');
$item->setImage(Icon::create('seminar+remove', 'clickable'));
$main->addSubNavigation('archive', $item);
}
if ((get_config('ALLOW_DOZENT_VISIBILITY') || $GLOBALS['perm']->have_perm('admin')) && !LockRules::Check($course_id, 'seminar_visibility')) {
$is_visible = Course::findCurrent()->visible;
$item = new Navigation(_('Sichtbarkeit ändern') . ' (' . ($is_visible ? _('sichtbar') : _('unsichtbar')) . ')', 'dispatch.php/course/management/change_visibility');
$item->setImage(Icon::create('visibility-' . ($is_visible ? 'visible' : 'invisible'), 'clickable'));
$main->addSubNavigation('visibility', $item);
}
if ($GLOBALS['perm']->have_perm('admin')) {
$is_locked = Course::findCurrent()->lock_rule;
$item = new Navigation(_('Sperrebene ändern') . ' (' . ($is_locked ? _('gesperrt') : _('nicht gesperrt')) . ')', 'dispatch.php/course/management/lock');
$item->setImage(Icon::create('lock-' . ($is_locked ? 'locked' : 'unlocked'), 'clickable'), ['data-dialog' => 'size=auto']);
$main->addSubNavigation('lock', $item);
}
}
// show entry for simulated participant view
if (in_array($GLOBALS['perm']->get_studip_perm($course_id), words('tutor dozent'))) {
$item = new Navigation('Studierendenansicht simulieren', 'dispatch.php/course/change_view?cid=' . Request::option('cid'));
$item->setDescription(_('Hier können Sie sich die Veranstaltung aus der Sicht von Studierenden sehen.'));
$item->setImage(Icon::create('visibility-invisible', 'clickable'));
$main->addSubNavigation('change_view', $item);
}
}
// endif modules only seminars
if ($GLOBALS['perm']->have_studip_perm('tutor', $course_id)) {
if (get_config('VOTE_ENABLE')) {
$item = new Navigation(_('Umfragen und Tests'), 'admin_vote.php?view=vote_sem');
$item->setImage(Icon::create('vote', 'clickable'));
$item->setDescription(_('Erstellen und bearbeiten von einfachen Umfragen und Tests.'));
$navigation->addSubNavigation('vote', $item);
$item = new Navigation(_('Evaluationen'), 'admin_evaluation.php?view=eval_sem');
$item->setImage(Icon::create('evaluation', 'clickable'));
$item->setDescription(_('Richten Sie fragebogenbasierte Umfragen und Lehrevaluationen ein.'));
$navigation->addSubNavigation('evaluation', $item);
}
}
return array('admin' => $navigation);
} else {
return array();
}
}
function edit_email($user, $email, $force = False)
{
$msg = '';
$query = "SELECT email, username, auth_plugin\n FROM auth_user_md5\n WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($user->user_id));
$row = $statement->fetch(PDO::FETCH_ASSOC);
$email_cur = $row['email'];
$username = $row['username'];
$auth_plugin = $row['auth_plugin'];
if ($email_cur == $email && !$force) {
return array(True, $msg);
}
if (StudipAuthAbstract::CheckField("auth_user_md5.Email", $auth_plugin) || LockRules::check($user->user_id, 'email')) {
return array(False, $msg);
}
if (!$GLOBALS['ALLOW_CHANGE_EMAIL']) {
return array(False, $msg);
}
$validator = new email_validation_class();
## Klasse zum Ueberpruefen der Eingaben
$validator->timeout = 10;
$REMOTE_ADDR = $_SERVER["REMOTE_ADDR"];
$Zeit = date("H:i:s, d.m.Y", time());
// accept only registered domains if set
$email_restriction = trim(get_config('EMAIL_DOMAIN_RESTRICTION'));
if (!$validator->ValidateEmailAddress($email, $email_restriction)) {
if ($email_restriction) {
$email_restriction_msg_part = '';
$email_restriction_parts = explode(',', $email_restriction);
for ($email_restriction_count = 0; $email_restriction_count < count($email_restriction_parts); $email_restriction_count++) {
if ($email_restriction_count == count($email_restriction_parts) - 1) {
$email_restriction_msg_part .= '@' . trim($email_restriction_parts[$email_restriction_count]) . '<br>';
} else {
if (($email_restriction_count + 1) % 3) {
$email_restriction_msg_part .= '@' . trim($email_restriction_parts[$email_restriction_count]) . ', ';
} else {
$email_restriction_msg_part .= '@' . trim($email_restriction_parts[$email_restriction_count]) . ',<br>';
}
}
}
$msg .= 'error§' . sprintf(_("Die E-Mail-Adresse fehlt, ist falsch geschrieben oder gehört nicht zu folgenden Domains:%s"), '<br>' . $email_restriction_msg_part);
} else {
$msg .= "error§" . _("Die E-Mail-Adresse fehlt oder ist falsch geschrieben!") . "§";
}
return array(False, $msg);
// E-Mail syntaktisch nicht korrekt oder fehlend
}
if (!$validator->ValidateEmailHost($email)) {
// Mailserver nicht erreichbar, ablehnen
$msg .= "error§" . _("Der Mailserver ist nicht erreichbar. Bitte überprüfen Sie, ob Sie E-Mails mit der angegebenen Adresse verschicken können!") . "§";
return array(False, $msg);
} else {
// Server ereichbar
if (!$validator->ValidateEmailBox($email)) {
// aber user unbekannt. Mail an abuse!
StudipMail::sendAbuseMessage("edit_about", "Emailbox unbekannt\n\nUser: "******"\nEmail: {$email}\n\nIP: {$REMOTE_ADDR}\nZeit: {$Zeit}\n");
$msg .= "error§" . _("Die angegebene E-Mail-Adresse ist nicht erreichbar. Bitte überprüfen Sie Ihre Angaben!") . "§";
return array(False, $msg);
}
}
$query = "SELECT Vorname, Nachname\n FROM auth_user_md5\n WHERE Email = ? AND user_id != ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($email, $user->user_id));
$row = $statement->fetch(PDO::FETCH_ASSOC);
if ($row) {
$msg .= "error§" . sprintf(_("Die angegebene E-Mail-Adresse wird bereits von einem anderen Benutzer (%s %s) verwendet. Bitte geben Sie eine andere E-Mail-Adresse an."), htmlReady($row['Vorname']), htmlReady($row['Nachname'])) . "§";
return array(False, $msg);
}
// This already moved to the controller
// $query = "UPDATE auth_user_md5 SET Email = ? WHERE user_id = ?";
// $statement = DBManager::get()->prepare($query);
// $statement->execute(array($email, $uid));
if (StudipAuthAbstract::CheckField("auth_user_md5.validation_key", $auth_plugin)) {
$msg .= "msg§" . _("Ihre E-Mail-Adresse wurde geändert!") . "§";
return array(True, $msg);
} else {
// auth_plugin does not map validation_key (what if...?)
// generate 10 char activation key
$key = '';
mt_srand((double) microtime() * 1000000);
for ($i = 1; $i <= 10; $i++) {
$temp = mt_rand() % 36;
if ($temp < 10) {
$temp += 48;
} else {
$temp += 87;
}
// a = chr(97), z = chr(122)
$key .= chr($temp);
}
$user->validation_key = $key;
$activatation_url = $GLOBALS['ABSOLUTE_URI_STUDIP'] . 'activate_email.php?uid=' . $user->user_id . '&key=' . $user->validation_key;
// include language-specific subject and mailbody with fallback to german
$lang = $GLOBALS['_language_path'];
// workaround
if ($lang == '') {
$lang = 'de';
}
include_once "locale/{$lang}/LC_MAILS/change_self_mail.inc.php";
$mail = StudipMail::sendMessage($email, $subject, $mailbody);
if (!$mail) {
return array(True, $msg);
}
$query = "UPDATE auth_user_md5 SET validation_key = ? WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($user->validation_key, $user->user_id));
$msg .= "info§<b>" . sprintf(_('An Ihre neue E-Mail-Adresse <b>%s</b> wurde ein Aktivierungslink geschickt, dem Sie folgen müssen bevor Sie sich das nächste mal einloggen können.'), $email) . '</b>§';
log_event("USER_NEWPWD", $user->user_id);
// logging
}
return array(True, $msg);
}
">
<? endif ?>
<?php
echo htmlReady($entry->getName());
?>
<? if ($entry->isEditable() && !LockRules::check($user->user_id, $entry->getId()) && $entry->numberOfHTMLFields() == 1) : ?>
</label>
<? endif ?>
<? if (!$entry->isVisible($user->perms)): ?>
<?php
echo tooltipIcon(_('Systemfeld (für die Person selbst nicht sichtbar)'), true);
?>
<? endif; ?>
</td>
<td colspan="2">
<? if ($entry->isEditable() && !LockRules::check($user->user_id, $entry->getId())): ?>
<?php
echo $entry->getHTML('datafields');
?>
<? else: ?>
<?php
echo formatReady($entry->getDisplayValue(false));
?>
<br>
<hr style="background: #888; border: 0; color: #888; height: 1px; ">
<?php
echo _('(Das Feld ist für die Bearbeitung gesperrt und kann ' . 'nur durch einen Administrator verändert werden.)');
?>
<? endif; ?>
</td>
</tr>
