function get_content()
{
global $CFG, $USER, $DB, $OUTPUT;
// shortcut - only for logged in users!
if (!isloggedin() || isguestuser()) {
return false;
}
// according to start_jump_session,
// remote users can't on-jump
// so don't show this block to them
if (is_mnet_remote_user($USER)) {
if (debugging() and !empty($CFG->debugdisplay)) {
$this->content = new stdClass();
$this->content->footer = html_writer::tag('span', get_string('error_localusersonly', 'block_mnet_hosts'), array('class' => 'error'));
return $this->content;
} else {
return '';
}
}
if (!is_enabled_auth('mnet')) {
if (debugging() and !empty($CFG->debugdisplay)) {
$this->content = new stdClass();
$this->content->footer = html_writer::tag('span', get_string('error_authmnetneeded', 'block_mnet_hosts'), array('class' => 'error'));
return $this->content;
} else {
return '';
}
}
if (!has_capability('moodle/site:mnetlogintoremote', get_context_instance(CONTEXT_SYSTEM), NULL, false)) {
if (debugging() and !empty($CFG->debugdisplay)) {
$this->content = new stdClass();
$this->content->footer = html_writer::tag('span', get_string('error_roamcapabilityneeded', 'block_mnet_hosts'), array('class' => 'error'));
return $this->content;
} else {
return '';
}
}
if ($this->content !== NULL) {
return $this->content;
}
// TODO: Test this query - it's appropriate? It works?
// get the hosts and whether we are doing SSO with them
$sql = "\n SELECT DISTINCT\n h.id,\n h.name,\n h.wwwroot,\n a.name as application,\n a.display_name\n FROM\n {mnet_host} h,\n {mnet_application} a,\n {mnet_host2service} h2s_IDP,\n {mnet_service} s_IDP,\n {mnet_host2service} h2s_SP,\n {mnet_service} s_SP\n WHERE\n h.id <> ? AND\n h.id <> ? AND\n h.id = h2s_IDP.hostid AND\n h.deleted = 0 AND\n h.applicationid = a.id AND\n h2s_IDP.serviceid = s_IDP.id AND\n s_IDP.name = 'sso_idp' AND\n h2s_IDP.publish = '1' AND\n h.id = h2s_SP.hostid AND\n h2s_SP.serviceid = s_SP.id AND\n s_SP.name = 'sso_idp' AND\n h2s_SP.publish = '1'\n ORDER BY\n a.display_name,\n h.name";
$hosts = $DB->get_records_sql($sql, array($CFG->mnet_localhost_id, $CFG->mnet_all_hosts_id));
$this->content = new stdClass();
$this->content->items = array();
$this->content->icons = array();
$this->content->footer = '';
if ($hosts) {
foreach ($hosts as $host) {
$icon = '<img src="' . $OUTPUT->pix_url('i/' . $host->application . '_host') . '"' . ' class="icon" alt="' . get_string('server', 'block_mnet_hosts') . '" /> ';
if ($host->id == $USER->mnethostid) {
$this->content->items[] = "<a title=\"" . s($host->name) . "\" href=\"{$host->wwwroot}\">" . $icon . s($host->name) . "</a>";
} else {
$this->content->items[] = "<a title=\"" . s($host->name) . "\" href=\"{$CFG->wwwroot}/auth/mnet/jump.php?hostid={$host->id}\">" . $icon . s($host->name) . "</a>";
}
}
}
return $this->content;
}
public function __sendPassword($email)
{
global $CFG, $DB;
$systemcontext = context_system::instance();
$response = new CliniqueServiceResponce();
if (!empty($email) || !$email) {
$select = $DB->sql_like('email', ':email', false, true, false, '|') . " AND mnethostid = :mnethostid AND deleted=0 AND suspended=0";
$params = array('email' => $DB->sql_like_escape($email, '|'), 'mnethostid' => $CFG->mnet_localhost_id);
$user = $DB->get_record_select('user', $select, $params, '*', IGNORE_MULTIPLE);
if ($user and ($user->auth === 'nologin' or !is_enabled_auth($user->auth))) {
// bad luck - user is not able to login, do not let them reset password
$user = false;
$response->response(true, 'fp_nologin');
die;
}
if (!empty($user)) {
if (is_mnet_remote_user($user)) {
add_to_log(-1, 'custom_webservice', 'mnet_user', null, 'Forgot password - mnet user trying to access.', 0, $user->id);
$response->response(true, 'cp_mnet_user');
die;
}
if (isguestuser($user)) {
add_to_log(-1, 'custom_webservice', 'guest_user', null, 'Forgot password - guest user credential supplied.', 0, $user->id);
$response->response(true, 'fp_guest');
die;
}
// make sure user is allowed to change password
require_capability('moodle/user:changeownpassword', $systemcontext, $user->id);
if (!ForgotPassword::__app_reset_password_and_mail($user)) {
add_to_log(-1, 'custom_webservice', 'trigger_mail', null, 'Forgot password - email triggering failure.', 0, $user->id);
$response->response(true, 'fp_email_failure');
} else {
set_user_preference('auth_forcepasswordchange', true, $user->id);
$response->response(true, 'fp_email_success');
}
} else {
$response->response(false, 'fp_no_record');
}
} else {
add_to_log(-1, 'custom_webservice', 'input_parameters', null, 'Forgot password - input parameters missing.', 0, $user->id);
}
}
public function __getPassword($username, $email, $old_password, $new_password)
{
global $CFG, $DB;
$systemcontext = context_system::instance();
$response = new CliniqueServiceResponce();
if (!empty($username) && !empty($old_password) && !empty($new_password)) {
$user = $DB->get_record('user', array('username' => $username, 'mnethostid' => $CFG->mnet_localhost_id, 'deleted' => 0, 'suspended' => 0));
if (!empty($user)) {
if (is_mnet_remote_user($user)) {
add_to_log(-1, 'custom_webservice', 'mnet_user', null, 'Change password - mnet user trying to access.', 0, $user->id);
$response->response(true, 'cp_mnet_user');
die;
}
if (isguestuser($user)) {
add_to_log(-1, 'custom_webservice', 'mnet_user', null, 'Change password - guest user credential supplied.', 0, $user->id);
$response->response(true, 'cp_guest');
die;
}
// make sure user is allowed to change password
require_capability('moodle/user:changeownpassword', $systemcontext, $user->id);
// $generatePasswordResult = generatePassword::app_validate_internal_user_password($user, $old_password);
if (!ChangePassword::__app_validate_internal_user_password($user, $old_password)) {
$response->response(true, 'cp_wrong_oldpwd');
} else {
$userauth = get_auth_plugin($user->auth);
if ($userauth->user_update_password($user, $new_password)) {
unset_user_preference('auth_forcepasswordchange', $user);
unset_user_preference('create_password', $user);
$response->response(false, 'cp_success');
} else {
add_to_log(-1, 'custom_webservice', 'trigger_mail', null, 'Change password - password change updation failure.', 0, $user->id);
$response->response(true, 'cp_failure');
}
}
} else {
$response->response(false, 'cp_no_mail_record');
}
} else {
add_to_log(-1, 'custom_webservice', 'input_parameters', null, 'Change password - input parameters missing.', 0, $user->id);
}
}
/**
* Create a link that allows for displaying embedded Jasper reports
* on an HTML page
*
* @param $uri The resource id of the necessary report
* @param $parameters Additional parameters to be passed to the report
* @param $print If true, prints iframe on page
* @return The HTML of the iframe containing the report
*
*/
function embeddedreports_generate_link($uri, $parameters = array(), $print = true)
{
global $USER;
$parameters['elisembedded'] = 'true';
if (!is_enabled_auth('mnet')) {
error('mnet is disabled');
}
// check remote login permissions
if (!has_capability('moodle/site:mnetlogintoremote', get_context_instance(CONTEXT_SYSTEM)) or is_mnet_remote_user($USER) or $USER->username == 'guest' or empty($USER->id)) {
print_error('notpermittedtojump', 'mnet');
}
$mnet_auth = get_auth_plugin('mnet');
// check for SSO publish permission first
if ($mnet_auth->has_service(jasper_mnet_hostid(), 'sso_sp') == false) {
print_error('hostnotconfiguredforsso', 'mnet');
}
$mnet_link = jasper_mnet_link(jasper_report_link($uri, $parameters));
$result = '<iframe id="reportframe" name="reportframe" src="' . $mnet_link . '"></iframe>';
if ($print) {
echo $result;
}
return $result;
}
}
// The user profile we are editing.
if (!($user = $DB->get_record('user', array('id' => $userid)))) {
print_error('invaliduserid');
}
// Guest can not be edited.
if (isguestuser($user)) {
print_error('guestnoeditprofile');
}
// User interests separated by commas.
$user->interests = core_tag_tag::get_item_tags_array('core', 'user', $user->id);
// Remote users cannot be edited. We have to perform the strict
// user_not_fully_set_up() check, otherwise the remote user could end up in
// endless loop between user/view.php and herein. Note that required custom
// fields are not supported in MNet environment anyway.
if (is_mnet_remote_user($user)) {
if (user_not_fully_set_up($user, true)) {
$hostwwwroot = $DB->get_field('mnet_host', 'wwwroot', array('id' => $user->mnethostid));
print_error('usernotfullysetup', 'mnet', '', $hostwwwroot);
}
redirect($CFG->wwwroot . "/user/view.php?course={$course->id}");
}
// Load the appropriate auth plugin.
$userauth = get_auth_plugin($user->auth);
if (!$userauth->can_edit_profile()) {
print_error('noprofileedit', 'auth');
}
if ($editurl = $userauth->edit_profile_url()) {
// This internal script not used.
redirect($editurl);
}
/**
* This function gets called by {@link settings_navigation::load_user_settings()} and actually works out
* what can be shown/done
*
* @param int $courseid The current course' id
* @param int $userid The user id to load for
* @param string $gstitle The string to pass to get_string for the branch title
* @return navigation_node|false
*/
protected function generate_user_settings($courseid, $userid, $gstitle = 'usercurrentsettings')
{
global $DB, $CFG, $USER, $SITE;
if ($courseid != $SITE->id) {
if (!empty($this->page->course->id) && $this->page->course->id == $courseid) {
$course = $this->page->course;
} else {
$select = context_helper::get_preload_record_columns_sql('ctx');
$sql = "SELECT c.*, {$select}\n FROM {course} c\n JOIN {context} ctx ON c.id = ctx.instanceid\n WHERE c.id = :courseid AND ctx.contextlevel = :contextlevel";
$params = array('courseid' => $courseid, 'contextlevel' => CONTEXT_COURSE);
$course = $DB->get_record_sql($sql, $params, MUST_EXIST);
context_helper::preload_from_record($course);
}
} else {
$course = $SITE;
}
$coursecontext = context_course::instance($course->id);
// Course context
$systemcontext = context_system::instance();
$currentuser = $USER->id == $userid;
if ($currentuser) {
$user = $USER;
$usercontext = context_user::instance($user->id);
// User context
} else {
$select = context_helper::get_preload_record_columns_sql('ctx');
$sql = "SELECT u.*, {$select}\n FROM {user} u\n JOIN {context} ctx ON u.id = ctx.instanceid\n WHERE u.id = :userid AND ctx.contextlevel = :contextlevel";
$params = array('userid' => $userid, 'contextlevel' => CONTEXT_USER);
$user = $DB->get_record_sql($sql, $params, IGNORE_MISSING);
if (!$user) {
return false;
}
context_helper::preload_from_record($user);
// Check that the user can view the profile
$usercontext = context_user::instance($user->id);
// User context
$canviewuser = has_capability('moodle/user:viewdetails', $usercontext);
if ($course->id == $SITE->id) {
if ($CFG->forceloginforprofiles && !has_coursecontact_role($user->id) && !$canviewuser) {
// Reduce possibility of "browsing" userbase at site level
// Teachers can browse and be browsed at site level. If not forceloginforprofiles, allow access (bug #4366)
return false;
}
} else {
$canviewusercourse = has_capability('moodle/user:viewdetails', $coursecontext);
$userisenrolled = is_enrolled($coursecontext, $user->id, '', true);
if (!$canviewusercourse && !$canviewuser || !$userisenrolled) {
return false;
}
$canaccessallgroups = has_capability('moodle/site:accessallgroups', $coursecontext);
if (!$canaccessallgroups && groups_get_course_groupmode($course) == SEPARATEGROUPS && !$canviewuser) {
// If groups are in use, make sure we can see that group (MDL-45874). That does not apply to parents.
if ($courseid == $this->page->course->id) {
$mygroups = get_fast_modinfo($this->page->course)->groups;
} else {
$mygroups = groups_get_user_groups($courseid);
}
$usergroups = groups_get_user_groups($courseid, $userid);
if (!array_intersect_key($mygroups[0], $usergroups[0])) {
return false;
}
}
}
}
$fullname = fullname($user, has_capability('moodle/site:viewfullnames', $this->page->context));
$key = $gstitle;
$prefurl = new moodle_url('/user/preferences.php');
if ($gstitle != 'usercurrentsettings') {
$key .= $userid;
$prefurl->param('userid', $userid);
}
// Add a user setting branch.
if ($gstitle == 'usercurrentsettings') {
$dashboard = $this->add(get_string('myhome'), new moodle_url('/my/'), self::TYPE_CONTAINER, null, 'dashboard');
// This should be set to false as we don't want to show this to the user. It's only for generating the correct
// breadcrumb.
$dashboard->display = false;
if (get_home_page() == HOMEPAGE_MY) {
$dashboard->mainnavonly = true;
}
$iscurrentuser = $user->id == $USER->id;
$baseargs = array('id' => $user->id);
if ($course->id != $SITE->id && !$iscurrentuser) {
$baseargs['course'] = $course->id;
$issitecourse = false;
} else {
// Load all categories and get the context for the system.
$issitecourse = true;
}
// Add the user profile to the dashboard.
$profilenode = $dashboard->add(get_string('profile'), new moodle_url('/user/profile.php', array('id' => $user->id)), self::TYPE_SETTING, null, 'myprofile');
if (!empty($CFG->navadduserpostslinks)) {
// Add nodes for forum posts and discussions if the user can view either or both
// There are no capability checks here as the content of the page is based
// purely on the forums the current user has access too.
$forumtab = $profilenode->add(get_string('forumposts', 'forum'));
$forumtab->add(get_string('posts', 'forum'), new moodle_url('/mod/forum/user.php', $baseargs), null, 'myposts');
$forumtab->add(get_string('discussions', 'forum'), new moodle_url('/mod/forum/user.php', array_merge($baseargs, array('mode' => 'discussions'))), null, 'mydiscussions');
}
// Add blog nodes.
if (!empty($CFG->enableblogs)) {
if (!$this->cache->cached('userblogoptions' . $user->id)) {
require_once $CFG->dirroot . '/blog/lib.php';
// Get all options for the user.
$options = blog_get_options_for_user($user);
$this->cache->set('userblogoptions' . $user->id, $options);
} else {
$options = $this->cache->{'userblogoptions' . $user->id};
}
if (count($options) > 0) {
$blogs = $profilenode->add(get_string('blogs', 'blog'), null, navigation_node::TYPE_CONTAINER);
foreach ($options as $type => $option) {
if ($type == "rss") {
$blogs->add($option['string'], $option['link'], self::TYPE_SETTING, null, null, new pix_icon('i/rss', ''));
} else {
$blogs->add($option['string'], $option['link'], self::TYPE_SETTING, null, 'blog' . $type);
}
}
}
}
// Add the messages link.
// It is context based so can appear in the user's profile and in course participants information.
if (!empty($CFG->messaging)) {
$messageargs = array('user1' => $USER->id);
if ($USER->id != $user->id) {
$messageargs['user2'] = $user->id;
}
if ($course->id != $SITE->id) {
$messageargs['viewing'] = MESSAGE_VIEW_COURSE . $course->id;
}
$url = new moodle_url('/message/index.php', $messageargs);
$dashboard->add(get_string('messages', 'message'), $url, self::TYPE_SETTING, null, 'messages');
}
// Add the "My private files" link.
// This link doesn't have a unique display for course context so only display it under the user's profile.
if ($issitecourse && $iscurrentuser && has_capability('moodle/user:manageownfiles', $usercontext)) {
$url = new moodle_url('/user/files.php');
$dashboard->add(get_string('privatefiles'), $url, self::TYPE_SETTING);
}
// Add a node to view the users notes if permitted.
if (!empty($CFG->enablenotes) && has_any_capability(array('moodle/notes:manage', 'moodle/notes:view'), $coursecontext)) {
$url = new moodle_url('/notes/index.php', array('user' => $user->id));
if ($coursecontext->instanceid != SITEID) {
$url->param('course', $coursecontext->instanceid);
}
$profilenode->add(get_string('notes', 'notes'), $url);
}
// Show the grades node.
if ($issitecourse && $iscurrentuser || has_capability('moodle/user:viewdetails', $usercontext)) {
require_once $CFG->dirroot . '/user/lib.php';
// Set the grades node to link to the "Grades" page.
if ($course->id == SITEID) {
$url = user_mygrades_url($user->id, $course->id);
} else {
// Otherwise we are in a course and should redirect to the user grade report (Activity report version).
$url = new moodle_url('/course/user.php', array('mode' => 'grade', 'id' => $course->id, 'user' => $user->id));
}
$dashboard->add(get_string('grades', 'grades'), $url, self::TYPE_SETTING, null, 'mygrades');
}
// Let plugins hook into user navigation.
$pluginsfunction = get_plugins_with_function('extend_navigation_user', 'lib.php');
foreach ($pluginsfunction as $plugintype => $plugins) {
if ($plugintype != 'report') {
foreach ($plugins as $pluginfunction) {
$pluginfunction($profilenode, $user, $usercontext, $course, $coursecontext);
}
}
}
$usersetting = navigation_node::create(get_string('preferences', 'moodle'), $prefurl, self::TYPE_CONTAINER, null, $key);
$dashboard->add_node($usersetting);
} else {
$usersetting = $this->add(get_string('preferences', 'moodle'), $prefurl, self::TYPE_CONTAINER, null, $key);
$usersetting->display = false;
}
$usersetting->id = 'usersettings';
// Check if the user has been deleted.
if ($user->deleted) {
if (!has_capability('moodle/user:update', $coursecontext)) {
// We can't edit the user so just show the user deleted message.
$usersetting->add(get_string('userdeleted'), null, self::TYPE_SETTING);
} else {
// We can edit the user so show the user deleted message and link it to the profile.
if ($course->id == $SITE->id) {
$profileurl = new moodle_url('/user/profile.php', array('id' => $user->id));
} else {
$profileurl = new moodle_url('/user/view.php', array('id' => $user->id, 'course' => $course->id));
}
$usersetting->add(get_string('userdeleted'), $profileurl, self::TYPE_SETTING);
}
return true;
}
$userauthplugin = false;
if (!empty($user->auth)) {
$userauthplugin = get_auth_plugin($user->auth);
}
$useraccount = $usersetting->add(get_string('useraccount'), null, self::TYPE_CONTAINER, null, 'useraccount');
// Add the profile edit link.
if (isloggedin() && !isguestuser($user) && !is_mnet_remote_user($user)) {
if (($currentuser || is_siteadmin($USER) || !is_siteadmin($user)) && has_capability('moodle/user:update', $systemcontext)) {
$url = new moodle_url('/user/editadvanced.php', array('id' => $user->id, 'course' => $course->id));
$useraccount->add(get_string('editmyprofile'), $url, self::TYPE_SETTING);
} else {
if (has_capability('moodle/user:editprofile', $usercontext) && !is_siteadmin($user) || $currentuser && has_capability('moodle/user:editownprofile', $systemcontext)) {
if ($userauthplugin && $userauthplugin->can_edit_profile()) {
$url = $userauthplugin->edit_profile_url();
if (empty($url)) {
$url = new moodle_url('/user/edit.php', array('id' => $user->id, 'course' => $course->id));
}
$useraccount->add(get_string('editmyprofile'), $url, self::TYPE_SETTING);
}
}
}
}
// Change password link.
if ($userauthplugin && $currentuser && !\core\session\manager::is_loggedinas() && !isguestuser() && has_capability('moodle/user:changeownpassword', $systemcontext) && $userauthplugin->can_change_password()) {
$passwordchangeurl = $userauthplugin->change_password_url();
if (empty($passwordchangeurl)) {
$passwordchangeurl = new moodle_url('/login/change_password.php', array('id' => $course->id));
}
$useraccount->add(get_string("changepassword"), $passwordchangeurl, self::TYPE_SETTING, null, 'changepassword');
}
if (isloggedin() && !isguestuser($user) && !is_mnet_remote_user($user)) {
if ($currentuser && has_capability('moodle/user:editownprofile', $systemcontext) || has_capability('moodle/user:editprofile', $usercontext)) {
$url = new moodle_url('/user/language.php', array('id' => $user->id, 'course' => $course->id));
$useraccount->add(get_string('preferredlanguage'), $url, self::TYPE_SETTING, null, 'preferredlanguage');
}
}
$pluginmanager = core_plugin_manager::instance();
$enabled = $pluginmanager->get_enabled_plugins('mod');
if (isset($enabled['forum']) && isloggedin() && !isguestuser($user) && !is_mnet_remote_user($user)) {
if ($currentuser && has_capability('moodle/user:editownprofile', $systemcontext) || has_capability('moodle/user:editprofile', $usercontext)) {
$url = new moodle_url('/user/forum.php', array('id' => $user->id, 'course' => $course->id));
$useraccount->add(get_string('forumpreferences'), $url, self::TYPE_SETTING);
}
}
$editors = editors_get_enabled();
if (count($editors) > 1) {
if (isloggedin() && !isguestuser($user) && !is_mnet_remote_user($user)) {
if ($currentuser && has_capability('moodle/user:editownprofile', $systemcontext) || has_capability('moodle/user:editprofile', $usercontext)) {
$url = new moodle_url('/user/editor.php', array('id' => $user->id, 'course' => $course->id));
$useraccount->add(get_string('editorpreferences'), $url, self::TYPE_SETTING);
}
}
}
// Add "Course preferences" link.
if (isloggedin() && !isguestuser($user)) {
if ($currentuser && has_capability('moodle/user:editownprofile', $systemcontext) || has_capability('moodle/user:editprofile', $usercontext)) {
$url = new moodle_url('/user/course.php', array('id' => $user->id, 'course' => $course->id));
$useraccount->add(get_string('coursepreferences'), $url, self::TYPE_SETTING, null, 'coursepreferences');
}
}
// View the roles settings.
if (has_any_capability(array('moodle/role:assign', 'moodle/role:safeoverride', 'moodle/role:override', 'moodle/role:manage'), $usercontext)) {
$roles = $usersetting->add(get_string('roles'), null, self::TYPE_SETTING);
$url = new moodle_url('/admin/roles/usersroles.php', array('userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('thisusersroles', 'role'), $url, self::TYPE_SETTING);
$assignableroles = get_assignable_roles($usercontext, ROLENAME_BOTH);
if (!empty($assignableroles)) {
$url = new moodle_url('/admin/roles/assign.php', array('contextid' => $usercontext->id, 'userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('assignrolesrelativetothisuser', 'role'), $url, self::TYPE_SETTING);
}
if (has_capability('moodle/role:review', $usercontext) || count(get_overridable_roles($usercontext, ROLENAME_BOTH)) > 0) {
$url = new moodle_url('/admin/roles/permissions.php', array('contextid' => $usercontext->id, 'userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('permissions', 'role'), $url, self::TYPE_SETTING);
}
$url = new moodle_url('/admin/roles/check.php', array('contextid' => $usercontext->id, 'userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('checkpermissions', 'role'), $url, self::TYPE_SETTING);
}
// Repositories.
if (!$this->cache->cached('contexthasrepos' . $usercontext->id)) {
require_once $CFG->dirroot . '/repository/lib.php';
$editabletypes = repository::get_editable_types($usercontext);
$haseditabletypes = !empty($editabletypes);
unset($editabletypes);
$this->cache->set('contexthasrepos' . $usercontext->id, $haseditabletypes);
} else {
$haseditabletypes = $this->cache->{'contexthasrepos' . $usercontext->id};
}
if ($haseditabletypes) {
$repositories = $usersetting->add(get_string('repositories', 'repository'), null, self::TYPE_SETTING);
$repositories->add(get_string('manageinstances', 'repository'), new moodle_url('/repository/manage_instances.php', array('contextid' => $usercontext->id)));
}
// Portfolio.
if ($currentuser && !empty($CFG->enableportfolios) && has_capability('moodle/portfolio:export', $systemcontext)) {
require_once $CFG->libdir . '/portfoliolib.php';
if (portfolio_has_visible_instances()) {
$portfolio = $usersetting->add(get_string('portfolios', 'portfolio'), null, self::TYPE_SETTING);
$url = new moodle_url('/user/portfolio.php', array('courseid' => $course->id));
$portfolio->add(get_string('configure', 'portfolio'), $url, self::TYPE_SETTING);
$url = new moodle_url('/user/portfoliologs.php', array('courseid' => $course->id));
$portfolio->add(get_string('logs', 'portfolio'), $url, self::TYPE_SETTING);
}
}
$enablemanagetokens = false;
if (!empty($CFG->enablerssfeeds)) {
$enablemanagetokens = true;
} else {
if (!is_siteadmin($USER->id) && !empty($CFG->enablewebservices) && has_capability('moodle/webservice:createtoken', context_system::instance())) {
$enablemanagetokens = true;
}
}
// Security keys.
if ($currentuser && $enablemanagetokens) {
$url = new moodle_url('/user/managetoken.php', array('sesskey' => sesskey()));
$useraccount->add(get_string('securitykeys', 'webservice'), $url, self::TYPE_SETTING);
}
// Messaging.
if ($currentuser && has_capability('moodle/user:editownmessageprofile', $systemcontext) || !isguestuser($user) && has_capability('moodle/user:editmessageprofile', $usercontext) && !is_primary_admin($user->id)) {
$url = new moodle_url('/message/edit.php', array('id' => $user->id));
$useraccount->add(get_string('messaging', 'message'), $url, self::TYPE_SETTING);
}
// Blogs.
if ($currentuser && !empty($CFG->enableblogs)) {
$blog = $usersetting->add(get_string('blogs', 'blog'), null, navigation_node::TYPE_CONTAINER, null, 'blogs');
if (has_capability('moodle/blog:view', $systemcontext)) {
$blog->add(get_string('preferences', 'blog'), new moodle_url('/blog/preferences.php'), navigation_node::TYPE_SETTING);
}
if (!empty($CFG->useexternalblogs) && $CFG->maxexternalblogsperuser > 0 && has_capability('moodle/blog:manageexternal', $systemcontext)) {
$blog->add(get_string('externalblogs', 'blog'), new moodle_url('/blog/external_blogs.php'), navigation_node::TYPE_SETTING);
$blog->add(get_string('addnewexternalblog', 'blog'), new moodle_url('/blog/external_blog_edit.php'), navigation_node::TYPE_SETTING);
}
// Remove the blog node if empty.
$blog->trim_if_empty();
}
// Badges.
if ($currentuser && !empty($CFG->enablebadges)) {
$badges = $usersetting->add(get_string('badges'), null, navigation_node::TYPE_CONTAINER, null, 'badges');
if (has_capability('moodle/badges:manageownbadges', $usercontext)) {
$url = new moodle_url('/badges/mybadges.php');
$badges->add(get_string('managebadges', 'badges'), $url, self::TYPE_SETTING);
}
$badges->add(get_string('preferences', 'badges'), new moodle_url('/badges/preferences.php'), navigation_node::TYPE_SETTING);
if (!empty($CFG->badges_allowexternalbackpack)) {
$badges->add(get_string('backpackdetails', 'badges'), new moodle_url('/badges/mybackpack.php'), navigation_node::TYPE_SETTING);
}
}
// Let plugins hook into user settings navigation.
$pluginsfunction = get_plugins_with_function('extend_navigation_user_settings', 'lib.php');
foreach ($pluginsfunction as $plugintype => $plugins) {
foreach ($plugins as $pluginfunction) {
$pluginfunction($usersetting, $user, $usercontext, $course, $coursecontext);
}
}
return $usersetting;
}
} else {
// Editing existing user.
require_capability('moodle/user:update', $systemcontext);
$user = $DB->get_record('user', array('id' => $id), '*', MUST_EXIST);
$PAGE->set_context(context_user::instance($user->id));
$PAGE->navbar->includesettingsbase = true;
if ($user->id != $USER->id) {
$PAGE->navigation->extend_for_user($user);
} else {
if ($node = $PAGE->navigation->find('myprofile', navigation_node::TYPE_ROOTNODE)) {
$node->force_open();
}
}
}
// Remote users cannot be edited.
if ($user->id != -1 and is_mnet_remote_user($user)) {
redirect($CFG->wwwroot . "/user/view.php?id={$id}&course={$course->id}");
}
if ($user->id != $USER->id and is_siteadmin($user) and !is_siteadmin($USER)) {
// Only admins may edit other admins.
print_error('useradmineditadmin');
}
if (isguestuser($user->id)) {
// The real guest user can not be edited.
print_error('guestnoeditprofileother');
}
if ($user->deleted) {
echo $OUTPUT->header();
echo $OUTPUT->heading(get_string('userdeleted'));
echo $OUTPUT->footer();
die;
/**
* Return the standard string that says whether you are logged in (and switched
* roles/logged in as another user).
*
* @return string HTML fragment.
*/
public function login_info()
{
global $USER, $CFG, $DB, $SESSION;
if (during_initial_install()) {
return '';
}
$loginpage = (string) $this->page->url === get_login_url();
$course = $this->page->course;
if (session_is_loggedinas()) {
$realuser = session_get_realuser();
$fullname = fullname($realuser, true);
$realuserinfo = " [<a href=\"{$CFG->wwwroot}/course/loginas.php?id={$course->id}&sesskey=" . sesskey() . "\">{$fullname}</a>] ";
} else {
$realuserinfo = '';
}
$loginurl = get_login_url();
if (empty($course->id)) {
// $course->id is not defined during installation
return '';
} else {
if (isloggedin()) {
$context = get_context_instance(CONTEXT_COURSE, $course->id);
$fullname = fullname($USER, true);
// Since Moodle 2.0 this link always goes to the public profile page (not the course profile page)
$username = "******"{$CFG->wwwroot}/user/profile.php?id={$USER->id}\">{$fullname}</a>";
if (is_mnet_remote_user($USER) and $idprovider = $DB->get_record('mnet_host', array('id' => $USER->mnethostid))) {
$username .= " from <a href=\"{$idprovider->wwwroot}\">{$idprovider->name}</a>";
}
if (isguestuser()) {
$loggedinas = $realuserinfo . get_string('loggedinasguest');
if (!$loginpage) {
$loggedinas .= " (<a href=\"{$loginurl}\">" . get_string('login') . '</a>)';
}
} else {
if (is_role_switched($course->id)) {
// Has switched roles
$rolename = '';
if ($role = $DB->get_record('role', array('id' => $USER->access['rsw'][$context->path]))) {
$rolename = ': ' . format_string($role->name);
}
$loggedinas = get_string('loggedinas', 'moodle', $username) . $rolename . " (<a href=\"{$CFG->wwwroot}/course/view.php?id={$course->id}&switchrole=0&sesskey=" . sesskey() . "\">" . get_string('switchrolereturn') . '</a>)';
} else {
$loggedinas = $realuserinfo . get_string('loggedinas', 'moodle', $username) . ' ' . " (<a href=\"{$CFG->wwwroot}/login/logout.php?sesskey=" . sesskey() . "\">" . get_string('logout') . '</a>)';
}
}
} else {
$loggedinas = get_string('loggedinnot', 'moodle');
if (!$loginpage) {
$loggedinas .= " (<a href=\"{$loginurl}\">" . get_string('login') . '</a>)';
}
}
}
$loggedinas = '<div class="logininfo">' . $loggedinas . '</div>';
if (isset($SESSION->justloggedin)) {
unset($SESSION->justloggedin);
if (!empty($CFG->displayloginfailures)) {
if (!isguestuser()) {
if ($count = count_login_failures($CFG->displayloginfailures, $USER->username, $USER->lastlogin)) {
$loggedinas .= ' <div class="loginfailures">';
if (empty($count->accounts)) {
$loggedinas .= get_string('failedloginattempts', '', $count);
} else {
$loggedinas .= get_string('failedloginattemptsall', '', $count);
}
if (file_exists("{$CFG->dirroot}/report/log/index.php") and has_capability('report/log:view', get_context_instance(CONTEXT_SYSTEM))) {
$loggedinas .= ' (<a href="' . $CFG->wwwroot . '/report/log/index.php' . '?chooselog=1&id=1&modid=site_errors">' . get_string('logs') . '</a>)';
}
$loggedinas .= '</div>';
}
}
}
}
return $loggedinas;
}
/**
* Send an email to a specified user
*
* @param stdClass $user A {@link $USER} object
* @param stdClass $from A {@link $USER} object
* @param string $subject plain text subject line of the email
* @param string $messagetext plain text version of the message
* @param string $messagehtml complete html version of the message (optional)
* @param string $attachment a file on the filesystem, either relative to $CFG->dataroot or a full path to a file in $CFG->tempdir
* @param string $attachname the name of the file (extension indicates MIME)
* @param bool $usetrueaddress determines whether $from email address should
* be sent out. Will be overruled by user profile setting for maildisplay
* @param string $replyto Email address to reply to
* @param string $replytoname Name of reply to recipient
* @param int $wordwrapwidth custom word wrap width, default 79
* @return bool Returns true if mail was sent OK and false if there was an error.
*/
function email_to_user($user, $from, $subject, $messagetext, $messagehtml = '', $attachment = '', $attachname = '', $usetrueaddress = true, $replyto = '', $replytoname = '', $wordwrapwidth = 79)
{
global $CFG;
if (empty($user) or empty($user->id)) {
debugging('Can not send email to null user', DEBUG_DEVELOPER);
return false;
}
if (empty($user->email)) {
debugging('Can not send email to user without email: ' . $user->id, DEBUG_DEVELOPER);
return false;
}
if (!empty($user->deleted)) {
debugging('Can not send email to deleted user: '******'BEHAT_SITE_RUNNING')) {
// Fake email sending in behat.
return true;
}
if (!empty($CFG->noemailever)) {
// Hidden setting for development sites, set in config.php if needed.
debugging('Not sending email due to $CFG->noemailever config setting', DEBUG_NORMAL);
return true;
}
if (!empty($CFG->divertallemailsto)) {
$subject = "[DIVERTED {$user->email}] {$subject}";
$user = clone $user;
$user->email = $CFG->divertallemailsto;
}
// Skip mail to suspended users.
if (isset($user->auth) && $user->auth == 'nologin' or isset($user->suspended) && $user->suspended) {
return true;
}
if (!validate_email($user->email)) {
// We can not send emails to invalid addresses - it might create security issue or confuse the mailer.
debugging("email_to_user: User {$user->id} (" . fullname($user) . ") email ({$user->email}) is invalid! Not sending.");
return false;
}
if (over_bounce_threshold($user)) {
debugging("email_to_user: User {$user->id} (" . fullname($user) . ") is over bounce threshold! Not sending.");
return false;
}
// TLD .invalid is specifically reserved for invalid domain names.
// For More information, see {@link http://tools.ietf.org/html/rfc2606#section-2}.
if (substr($user->email, -8) == '.invalid') {
debugging("email_to_user: User {$user->id} (" . fullname($user) . ") email domain ({$user->email}) is invalid! Not sending.");
return true;
// This is not an error.
}
// If the user is a remote mnet user, parse the email text for URL to the
// wwwroot and modify the url to direct the user's browser to login at their
// home site (identity provider - idp) before hitting the link itself.
if (is_mnet_remote_user($user)) {
require_once $CFG->dirroot . '/mnet/lib.php';
$jumpurl = mnet_get_idp_jump_url($user);
$callback = partial('mnet_sso_apply_indirection', $jumpurl);
$messagetext = preg_replace_callback("%({$CFG->wwwroot}[^[:space:]]*)%", $callback, $messagetext);
$messagehtml = preg_replace_callback("%href=[\"'`]({$CFG->wwwroot}[\\w_:\\?=#&@/;.~-]*)[\"'`]%", $callback, $messagehtml);
}
$mail = get_mailer();
if (!empty($mail->SMTPDebug)) {
echo '<pre>' . "\n";
}
$temprecipients = array();
$tempreplyto = array();
$supportuser = core_user::get_support_user();
// Make up an email address for handling bounces.
if (!empty($CFG->handlebounces)) {
$modargs = 'B' . base64_encode(pack('V', $user->id)) . substr(md5($user->email), 0, 16);
$mail->Sender = generate_email_processing_address(0, $modargs);
} else {
$mail->Sender = $supportuser->email;
}
if (!empty($CFG->emailonlyfromnoreplyaddress)) {
$usetrueaddress = false;
if (empty($replyto) && $from->maildisplay) {
$replyto = $from->email;
$replytoname = fullname($from);
}
}
if (is_string($from)) {
// So we can pass whatever we want if there is need.
$mail->From = $CFG->noreplyaddress;
$mail->FromName = $from;
} else {
if ($usetrueaddress and $from->maildisplay) {
$mail->From = $from->email;
$mail->FromName = fullname($from);
} else {
$mail->From = $CFG->noreplyaddress;
$mail->FromName = fullname($from);
if (empty($replyto)) {
$tempreplyto[] = array($CFG->noreplyaddress, get_string('noreplyname'));
}
}
}
if (!empty($replyto)) {
$tempreplyto[] = array($replyto, $replytoname);
}
$mail->Subject = substr($subject, 0, 900);
$temprecipients[] = array($user->email, fullname($user));
// Set word wrap.
$mail->WordWrap = $wordwrapwidth;
if (!empty($from->customheaders)) {
// Add custom headers.
if (is_array($from->customheaders)) {
foreach ($from->customheaders as $customheader) {
$mail->addCustomHeader($customheader);
}
} else {
$mail->addCustomHeader($from->customheaders);
}
}
if (!empty($from->priority)) {
$mail->Priority = $from->priority;
}
if ($messagehtml && !empty($user->mailformat) && $user->mailformat == 1) {
// Don't ever send HTML to users who don't want it.
$mail->isHTML(true);
$mail->Encoding = 'quoted-printable';
$mail->Body = $messagehtml;
$mail->AltBody = "\n{$messagetext}\n";
} else {
$mail->IsHTML(false);
$mail->Body = "\n{$messagetext}\n";
}
if ($attachment && $attachname) {
if (preg_match("~\\.\\.~", $attachment)) {
// Security check for ".." in dir path.
$temprecipients[] = array($supportuser->email, fullname($supportuser, true));
$mail->addStringAttachment('Error in attachment. User attempted to attach a filename with a unsafe name.', 'error.txt', '8bit', 'text/plain');
} else {
require_once $CFG->libdir . '/filelib.php';
$mimetype = mimeinfo('type', $attachname);
$attachmentpath = $attachment;
// Before doing the comparison, make sure that the paths are correct (Windows uses slashes in the other direction).
$attachpath = str_replace('\\', '/', $attachmentpath);
// Make sure both variables are normalised before comparing.
$temppath = str_replace('\\', '/', $CFG->tempdir);
// If the attachment is a full path to a file in the tempdir, use it as is,
// otherwise assume it is a relative path from the dataroot (for backwards compatibility reasons).
if (strpos($attachpath, realpath($temppath)) !== 0) {
$attachmentpath = $CFG->dataroot . '/' . $attachmentpath;
}
$mail->addAttachment($attachmentpath, $attachname, 'base64', $mimetype);
}
}
// Check if the email should be sent in an other charset then the default UTF-8.
if (!empty($CFG->sitemailcharset) || !empty($CFG->allowusermailcharset)) {
// Use the defined site mail charset or eventually the one preferred by the recipient.
$charset = $CFG->sitemailcharset;
if (!empty($CFG->allowusermailcharset)) {
if ($useremailcharset = get_user_preferences('mailcharset', '0', $user->id)) {
$charset = $useremailcharset;
}
}
// Convert all the necessary strings if the charset is supported.
$charsets = get_list_of_charsets();
unset($charsets['UTF-8']);
if (in_array($charset, $charsets)) {
$mail->CharSet = $charset;
$mail->FromName = core_text::convert($mail->FromName, 'utf-8', strtolower($charset));
$mail->Subject = core_text::convert($mail->Subject, 'utf-8', strtolower($charset));
$mail->Body = core_text::convert($mail->Body, 'utf-8', strtolower($charset));
$mail->AltBody = core_text::convert($mail->AltBody, 'utf-8', strtolower($charset));
foreach ($temprecipients as $key => $values) {
$temprecipients[$key][1] = core_text::convert($values[1], 'utf-8', strtolower($charset));
}
foreach ($tempreplyto as $key => $values) {
$tempreplyto[$key][1] = core_text::convert($values[1], 'utf-8', strtolower($charset));
}
}
}
foreach ($temprecipients as $values) {
$mail->addAddress($values[0], $values[1]);
}
foreach ($tempreplyto as $values) {
$mail->addReplyTo($values[0], $values[1]);
}
if ($mail->send()) {
set_send_count($user);
if (!empty($mail->SMTPDebug)) {
echo '</pre>';
}
return true;
} else {
// Trigger event for failing to send email.
$event = \core\event\email_failed::create(array('context' => context_system::instance(), 'userid' => $from->id, 'relateduserid' => $user->id, 'other' => array('subject' => $subject, 'message' => $messagetext, 'errorinfo' => $mail->ErrorInfo)));
$event->trigger();
if (CLI_SCRIPT) {
mtrace('Error: lib/moodlelib.php email_to_user(): ' . $mail->ErrorInfo);
}
if (!empty($mail->SMTPDebug)) {
echo '</pre>';
}
return false;
}
}
if (!empty($user->suspended)) {
$suspendbutton = "<a href=\"editusers.php?unsuspend={$user->id}&sesskey=" . sesskey() . "\">{$strunsuspend}</a>";
} else {
$suspendbutton = "<a href=\"editusers.php?suspend={$user->id}&sesskey=" . sesskey() . "\">{$strsuspend}</a>";
}
} else {
$deletebutton = "";
$suspendbutton = "";
}
}
if ((iomad::has_capability('block/iomad_company_admin:editusers', $systemcontext) or iomad::has_capability('block/iomad_company_admin:editallusers', $systemcontext)) and ($user->id == $USER->id or $user->id != $mainadmin->id) and !is_mnet_remote_user($user)) {
$editbutton = "<a href=\"{$securewwwroot}/blocks/iomad_company_admin/editadvanced.php?id={$user->id}\">{$stredit}</a>";
} else {
$editbutton = "";
}
if ((iomad::has_capability('block/iomad_company_admin:company_course_users', $systemcontext) or iomad::has_capability('block/iomad_company_admin:editallusers', $systemcontext)) and ($user->id == $USER->id or $user->id != $mainadmin->id) and !is_mnet_remote_user($user)) {
$enrolmentbutton = "<a href=\"company_users_course_form.php?userid={$user->id}\">{$strenrolment}</a>";
} else {
$enrolmentbutton = "";
}
if ($user->lastaccess) {
$strlastaccess = format_time(time() - $user->lastaccess);
} else {
$strlastaccess = get_string('never');
}
$fullname = fullname($user, true);
// Is this a suspended user?
if (!empty($user->suspended)) {
$fullname .= " (S)";
}
// Get the users department.
/**
* Extend the form definition after data has been parsed.
*/
public function definition_after_data()
{
global $USER, $CFG, $DB, $OUTPUT;
$mform = $this->_form;
// Trim required name fields.
foreach (useredit_get_required_name_fields() as $field) {
$mform->applyFilter($field, 'trim');
}
if ($userid = $mform->getElementValue('id')) {
$user = $DB->get_record('user', array('id' => $userid));
} else {
$user = false;
}
// User can not change own auth method.
if ($userid == $USER->id) {
$mform->hardFreeze('auth');
$mform->hardFreeze('preference_auth_forcepasswordchange');
}
// Admin must choose some password and supply correct email.
if (!empty($USER->newadminuser)) {
$mform->addRule('newpassword', get_string('required'), 'required', null, 'client');
if ($mform->elementExists('suspended')) {
$mform->removeElement('suspended');
}
}
// Require password for new users.
if ($userid > 0) {
if ($mform->elementExists('createpassword')) {
$mform->removeElement('createpassword');
}
}
if ($user and is_mnet_remote_user($user)) {
// Only local accounts can be suspended.
if ($mform->elementExists('suspended')) {
$mform->removeElement('suspended');
}
}
if ($user and ($user->id == $USER->id or is_siteadmin($user))) {
// Prevent self and admin mess ups.
if ($mform->elementExists('suspended')) {
$mform->hardFreeze('suspended');
}
}
// Print picture.
if (empty($USER->newadminuser)) {
if ($user) {
$context = context_user::instance($user->id, MUST_EXIST);
$fs = get_file_storage();
$hasuploadedpicture = $fs->file_exists($context->id, 'user', 'icon', 0, '/', 'f2.png') || $fs->file_exists($context->id, 'user', 'icon', 0, '/', 'f2.jpg');
if (!empty($user->picture) && $hasuploadedpicture) {
$imagevalue = $OUTPUT->user_picture($user, array('courseid' => SITEID, 'size' => 64));
} else {
$imagevalue = get_string('none');
}
} else {
$imagevalue = get_string('none');
}
$imageelement = $mform->getElement('currentpicture');
$imageelement->setValue($imagevalue);
if ($user && $mform->elementExists('deletepicture') && !$hasuploadedpicture) {
$mform->removeElement('deletepicture');
}
}
// Next the customisable profile fields.
profile_definition_after_data($mform, $userid);
}
/**
* Show current user forum subscription info
* Show link to change profile email preferences (if allowed to change profile)
* @param $context context_module
* @return string output html
*/
public function render_subscribe_info($context)
{
global $USER;
$output = '';
$link = '';
$course = $context->get_course_context(true)->instanceid;
$userauthplugin = false;
if (!empty($USER->auth)) {
$userauthplugin = get_auth_plugin($USER->auth);
}
// Add the profile edit link (partial copy from navigationlib).
if (isloggedin() && !isguestuser($USER) && !is_mnet_remote_user($USER)) {
if (has_capability('moodle/user:editownprofile', $context)) {
if ($userauthplugin && $userauthplugin->can_edit_profile()) {
$url = $userauthplugin->edit_profile_url();
if (empty($url)) {
$url = new moodle_url('/user/edit.php', array('id' => $USER->id, 'course' => $course));
}
$link = ' (' . html_writer::link($url, get_string('subscribestate_info_link', 'forumng')) . ')';
}
}
}
$output = get_string('subscribestate_info', 'forumng', $link);
$info = ' ';
switch ($USER->maildigest) {
case 0:
$info .= get_string('emaildigestoff');
break;
case 1:
$info .= get_string('emaildigestcomplete');
break;
case 2:
$info .= get_string('emaildigestsubjects');
break;
}
$info .= ', ';
switch ($USER->mailformat) {
case 0:
$info .= get_string('textformat');
break;
case 1:
$info .= get_string('htmlformat');
break;
}
$infodiv = html_writer::span($info, 'forumng_subinfo_mail');
return html_writer::div($output . $infodiv, 'forumng_subinfo');
}
/**
* Starts an RPC jump session and returns the jump redirect URL.
*/
function start_jump_session($mnethostid, $wantsurl)
{
global $CFG;
global $USER;
global $MNET;
require_once $CFG->dirroot . '/mnet/xmlrpc/client.php';
// check remote login permissions
if (!has_capability('moodle/site:mnetlogintoremote', get_context_instance(CONTEXT_SYSTEM)) or is_mnet_remote_user($USER) or $USER->username == 'guest' or empty($USER->id)) {
print_error('notpermittedtojump', 'mnet');
}
// check for SSO publish permission first
if ($this->has_service($mnethostid, 'sso_sp') == false) {
print_error('hostnotconfiguredforsso', 'mnet');
}
// set RPC timeout to 30 seconds if not configured
// TODO: Is this needed/useful/problematic?
if (empty($this->config->rpc_negotiation_timeout)) {
set_config('rpc_negotiation_timeout', '30', 'auth/mnet');
}
// get the host info
$mnet_peer = new mnet_peer();
$mnet_peer->set_id($mnethostid);
// set up the session
$mnet_session = get_record('mnet_session', 'userid', $USER->id, 'mnethostid', $mnethostid, 'useragent', sha1($_SERVER['HTTP_USER_AGENT']));
if ($mnet_session == false) {
$mnet_session = new object();
$mnet_session->mnethostid = $mnethostid;
$mnet_session->userid = $USER->id;
$mnet_session->username = $USER->username;
$mnet_session->useragent = sha1($_SERVER['HTTP_USER_AGENT']);
$mnet_session->token = $this->generate_token();
$mnet_session->confirm_timeout = time() + $this->config->rpc_negotiation_timeout;
$mnet_session->expires = time() + (int) ini_get('session.gc_maxlifetime');
$mnet_session->session_id = session_id();
if (!($mnet_session->id = insert_record('mnet_session', addslashes_recursive($mnet_session)))) {
print_error('databaseerror', 'mnet');
}
} else {
$mnet_session->useragent = sha1($_SERVER['HTTP_USER_AGENT']);
$mnet_session->token = $this->generate_token();
$mnet_session->confirm_timeout = time() + $this->config->rpc_negotiation_timeout;
$mnet_session->expires = time() + (int) ini_get('session.gc_maxlifetime');
$mnet_session->session_id = session_id();
if (false == update_record('mnet_session', addslashes_recursive($mnet_session))) {
print_error('databaseerror', 'mnet');
}
}
// construct the redirection URL
//$transport = mnet_get_protocol($mnet_peer->transport);
$wantsurl = urlencode($wantsurl);
$url = "{$mnet_peer->wwwroot}{$mnet_peer->application->sso_land_url}?token={$mnet_session->token}&idp={$MNET->wwwroot}&wantsurl={$wantsurl}";
return $url;
}
/**
* Update or delete the user picture in the site
*
* @param int $draftitemid id of the user draft file to use as image
* @param bool $delete if we should delete the user picture
* @param int $userid id of the user, 0 for current user
* @return array warnings and success status
* @since Moodle 3.2
* @throws moodle_exception
*/
public static function update_picture($draftitemid, $delete = false, $userid = 0)
{
global $CFG, $USER, $PAGE;
$params = self::validate_parameters(self::update_picture_parameters(), array('draftitemid' => $draftitemid, 'delete' => $delete, 'userid' => $userid));
$context = context_system::instance();
self::validate_context($context);
if (!empty($CFG->disableuserimages)) {
throw new moodle_exception('userimagesdisabled', 'admin');
}
if (empty($params['userid']) or $params['userid'] == $USER->id) {
$user = $USER;
require_capability('moodle/user:editownprofile', $context);
} else {
$user = core_user::get_user($params['userid'], '*', MUST_EXIST);
core_user::require_active_user($user);
$personalcontext = context_user::instance($user->id);
require_capability('moodle/user:editprofile', $personalcontext);
if (is_siteadmin($user) and !is_siteadmin($USER)) {
// Only admins may edit other admins.
throw new moodle_exception('useradmineditadmin');
}
}
// Load the appropriate auth plugin.
$userauth = get_auth_plugin($user->auth);
if (is_mnet_remote_user($user) or !$userauth->can_edit_profile() or $userauth->edit_profile_url()) {
throw new moodle_exception('noprofileedit', 'auth');
}
$filemanageroptions = array('maxbytes' => $CFG->maxbytes, 'subdirs' => 0, 'maxfiles' => 1, 'accepted_types' => 'web_image');
$user->deletepicture = $params['delete'];
$user->imagefile = $params['draftitemid'];
$success = core_user::update_picture($user, $filemanageroptions);
$result = array('success' => $success, 'warnings' => array());
if ($success) {
$userpicture = new user_picture(core_user::get_user($user->id));
$userpicture->size = 1;
// Size f1.
$result['profileimageurl'] = $userpicture->get_url($PAGE)->out(false);
}
return $result;
}
public function login_info($withlinks = null) {
global $USER, $CFG, $DB, $SESSION,$OUTPUT;
if (during_initial_install()) {
return '';
}
if (is_null($withlinks)) {
$withlinks = empty($this->page->layout_options['nologinlinks']);
}
$loginpage = ((string)$this->page->url === get_login_url());
$course = $this->page->course;
if (\core\session\manager::is_loggedinas()) {
$realuser = session_get_realuser();
$fullname = fullname($realuser, true);
if ($withlinks) {
$loginastitle = get_string('loginas');
$realuserinfo = " <a href=\"$CFG->wwwroot/course/loginas.php?id=$course->id&sesskey=".sesskey()."\"";
$realuserinfo .= "title =\"".$loginastitle."\">$fullname</a>";
} else {
$realuserinfo = "$fullname";
}
} else {
$realuserinfo = '';
}
$loginurl = get_login_url();
if (empty($course->id)) {
// $course->id is not defined during installation
return '';
} else if (isloggedin()) {
$context = context_course::instance($course->id);
$fullname = fullname($USER, true);
// Since Moodle 2.0 this link always goes to the public profile page (not the course profile page)
if ($withlinks) {
$linktitle = get_string('viewprofile');
$username = "******"$CFG->wwwroot/user/view.php?id=$USER->id&course=$course->id\" title=\"$linktitle\">$fullname</a>";
} else {
$username = $fullname;
}
if (is_mnet_remote_user($USER) and $idprovider = $DB->get_record('mnet_host', array('id'=>$USER->mnethostid))) {
if ($withlinks) {
$username .= " from <a href=\"{$idprovider->wwwroot}\">{$idprovider->name}</a>";
} else {
$username .= " from {$idprovider->name}";
}
}
if (isguestuser()) {
$loggedinas = get_string('loggedinasguest','theme_colms');
$loggout = "<a href=\"$CFG->wwwroot/login/logout.php?sesskey=".sesskey()."\" id='logout'>".get_string('logout').'</a>';
if (!$loginpage && $withlinks) {
$loggedinas .= " (<a href=\"$loginurl\" style=\"vertical-align:middle;margin:0;\">".get_string('login').'</a>)';
}
} else if (is_role_switched($course->id)) { // Has switched roles
$rolename = '';
if ($role = $DB->get_record('role', array('id'=>$USER->access['rsw'][$context->path]))) {
// $rolename = ': '.role_get_name($role, $context);
$rolename = '';
}
$loggedinas = get_string('loggedinas', 'theme_colms', $username).$rolename;
if ($withlinks) {
$url = new moodle_url('/course/switchrole.php', array('id'=>$course->id,'sesskey'=>sesskey(), 'switchrole'=>0, 'returnurl'=>$this->page->url->out_as_local_url(false)));
// $loggedinas .= '('.html_writer::tag('a', get_string('switchrolereturn'), array('href'=>$url)).')';
}
} else {
$loggedinas = $realuserinfo.get_string('loggedinas', 'theme_colms', $username);
if ($withlinks) {
$loggout = "<a href=\"$CFG->wwwroot/login/logout.php?sesskey=".sesskey()."\" id='logout'>".get_string('logout').'</a>';
}
}
} else {
$loggedinas = get_string('loggedinnot', 'theme_colms');
if (!$loginpage && $withlinks) {
$loggedinas = "<a href='javascript:void(0)' id='login_button'>".get_string('login').'</a>';
}
}
// if(isloggedin() || isguestuser()){
// $loggedinas = '<div class="logininfo"><div id="logoutlink">'. $loggedinas .'<a href="javascript:void(0)" id="pop_logout"><img src=' . $OUTPUT->pix_url("down_arrow","theme") .' /></a></div>', array("class"=>"userimg")) . ''.$loggout.'</div>';
// }
if(isloggedin() || isguestuser()){
$loggout = "<a href=\"$CFG->wwwroot/login/logout.php?sesskey=".sesskey()."\" class='box_log'>".get_string('logout').'</a>';
$loggedinas = '<div class="logininfo"><div class="logoutlink">'. $loggedinas .'</div><div class="box_log">'.$loggout.'</div></div>';
}
if (isset($SESSION->justloggedin)) {
unset($SESSION->justloggedin);
if (!empty($CFG->displayloginfailures)) {
if (!isguestuser()) {
if ($count = count_login_failures($CFG->displayloginfailures, $USER->username, $USER->lastlogin)) {
$loggedinas .= ' <div class="loginfailures">';
if (empty($count->accounts)) {
$loggedinas .= get_string('failedloginattempts', '', $count);
} else {
$loggedinas .= get_string('failedloginattemptsall', '', $count);
}
if (file_exists("$CFG->dirroot/report/log/index.php") and has_capability('report/log:view', context_system::instance())) {
$loggedinas .= ' (<a href="'.$CFG->wwwroot.'/report/log/index.php'.
'?chooselog=1&id=1&modid=site_errors">'.get_string('logs').'</a>)';
}
$loggedinas .= '</div>';
}
}
}
}
return $loggedinas;
}
/**
* Outputs the user menu.
* @return custom_menu object
*/
public function custom_menu_user()
{
// Die if executed during install.
if (during_initial_install()) {
return false;
}
global $USER, $CFG, $DB;
$loginurl = get_login_url();
$usermenu = html_writer::start_tag('ul', array('class' => 'nav'));
$usermenu .= html_writer::start_tag('li', array('class' => 'dropdown'));
if (!isloggedin()) {
if ($this->page->pagelayout != 'login') {
$userpic = '<em><i class="fa fa-sign-in"></i>' . get_string('login') . '</em>';
$usermenu .= html_writer::link($loginurl, $userpic, array('class' => 'loginurl'));
}
} else {
if (isguestuser()) {
$userurl = new moodle_url('#');
$userpic = parent::user_picture($USER, array('link' => false));
$caret = '<i class="fa fa-caret-right"></i>';
$userclass = array('class' => 'dropdown-toggle', 'data-toggle' => 'dropdown');
$usermenu .= html_writer::link($userurl, $userpic . get_string('guest') . $caret, $userclass);
// Render direct logout link.
$usermenu .= html_writer::start_tag('ul', array('class' => 'dropdown-menu pull-right'));
$branchlabel = '<em><i class="fa fa-sign-out"></i>' . get_string('logout') . '</em>';
$branchurl = new moodle_url('/login/logout.php');
$branchurl->param('sesskey', sesskey());
$usermenu .= html_writer::tag('li', html_writer::link($branchurl, $branchlabel));
// Render Help Link.
$usermenu .= $this->theme_essential_render_helplink();
$usermenu .= html_writer::end_tag('ul');
} else {
$course = $this->page->course;
$context = context_course::instance($course->id);
// Output Profile link.
$userurl = new moodle_url('#');
$userpic = parent::user_picture($USER, array('link' => false));
$caret = '<i class="fa fa-caret-right"></i>';
$userclass = array('class' => 'dropdown-toggle', 'data-toggle' => 'dropdown');
if (!empty($USER->alternatename)) {
$usermenu .= html_writer::link($userurl, $userpic . $USER->alternatename . $caret, $userclass);
} else {
$usermenu .= html_writer::link($userurl, $userpic . $USER->firstname . $caret, $userclass);
}
// Start dropdown menu items.
$usermenu .= html_writer::start_tag('ul', array('class' => 'dropdown-menu pull-right'));
if (\core\session\manager::is_loggedinas()) {
$realuser = \core\session\manager::get_realuser();
$branchlabel = '<em><i class="fa fa-key"></i>' . fullname($realuser, true) . get_string('loggedinas', 'theme_essential') . fullname($USER, true) . '</em>';
} else {
$branchlabel = '<em><i class="fa fa-user"></i>' . fullname($USER, true) . '</em>';
}
$branchurl = new moodle_url('/user/profile.php', array('id' => $USER->id));
$usermenu .= html_writer::tag('li', html_writer::link($branchurl, $branchlabel));
if (is_mnet_remote_user($USER) && ($idprovider = $DB->get_record('mnet_host', array('id' => $USER->mnethostid)))) {
$branchlabel = '<em><i class="fa fa-users"></i>' . get_string('loggedinfrom', 'theme_essential') . $idprovider->name . '</em>';
$branchurl = new moodle_url($idprovider->wwwroot);
$usermenu .= html_writer::tag('li', html_writer::link($branchurl, $branchlabel));
}
if (is_role_switched($course->id)) {
// Has switched roles.
$branchlabel = '<em><i class="fa fa-users"></i>' . get_string('switchrolereturn') . '</em>';
$branchurl = new moodle_url('/course/switchrole.php', array('id' => $course->id, 'sesskey' => sesskey(), 'switchrole' => 0, 'returnurl' => $this->page->url->out_as_local_url(false)));
$usermenu .= html_writer::tag('li', html_writer::link($branchurl, $branchlabel));
}
// Add preferences submenu.
$usermenu .= $this->theme_essential_render_preferences($context);
$usermenu .= html_writer::empty_tag('hr', array('class' => 'sep'));
// Output Calendar link if user is allowed to edit own calendar entries.
if (has_capability('moodle/calendar:manageownentries', $context)) {
$branchlabel = '<em><i class="fa fa-calendar"></i>' . get_string('pluginname', 'block_calendar_month') . '</em>';
$branchurl = new moodle_url('/calendar/view.php');
$usermenu .= html_writer::tag('li', html_writer::link($branchurl, $branchlabel));
}
// Check if messaging is enabled.
if (!empty($CFG->messaging)) {
$branchlabel = '<em><i class="fa fa-envelope"></i>' . get_string('pluginname', 'block_messages') . '</em>';
$branchurl = new moodle_url('/message/index.php');
$usermenu .= html_writer::tag('li', html_writer::link($branchurl, $branchlabel));
}
// Check if user is allowed to manage files.
if (has_capability('moodle/user:manageownfiles', $context)) {
$branchlabel = '<em><i class="fa fa-file"></i>' . get_string('privatefiles', 'block_private_files') . '</em>';
$branchurl = new moodle_url('/user/files.php');
$usermenu .= html_writer::tag('li', html_writer::link($branchurl, $branchlabel));
}
// Check if user is allowed to view discussions.
if (has_capability('mod/forum:viewdiscussion', $context)) {
$branchlabel = '<em><i class="fa fa-list-alt"></i>' . get_string('forumposts', 'mod_forum') . '</em>';
$branchurl = new moodle_url('/mod/forum/user.php', array('id' => $USER->id));
$usermenu .= html_writer::tag('li', html_writer::link($branchurl, $branchlabel));
$branchlabel = '<em><i class="fa fa-list"></i>' . get_string('discussions', 'mod_forum') . '</em>';
$branchurl = new moodle_url('/mod/forum/user.php', array('id' => $USER->id, 'mode' => 'discussions'));
$usermenu .= html_writer::tag('li', html_writer::link($branchurl, $branchlabel));
$usermenu .= html_writer::empty_tag('hr', array('class' => 'sep'));
}
// Output user grade links course sensitive, workaround for frontpage, selecting first enrolled course.
if ($course->id == SITEID) {
$branchlabel = '<em><i class="fa fa-list-alt"></i>' . get_string('mygrades', 'theme_essential') . '</em>';
$branchurl = new moodle_url('/grade/report/overview/index.php', array('id' => $course->id, 'userid' => $USER->id));
$usermenu .= html_writer::tag('li', html_writer::link($branchurl, $branchlabel));
} else {
if (has_capability('gradereport/overview:view', $context)) {
$branchlabel = '<em><i class="fa fa-list-alt"></i>' . get_string('mygrades', 'theme_essential') . '</em>';
$branchurl = new moodle_url('/grade/report/overview/index.php', array('id' => $course->id, 'userid' => $USER->id));
$usermenu .= html_writer::tag('li', html_writer::link($branchurl, $branchlabel));
}
if (has_capability('gradereport/user:view', $context)) {
// In Course also output Course grade links.
$branchlabel = '<em><i class="fa fa-list-alt"></i>' . get_string('coursegrades', 'theme_essential') . '</em>';
$branchurl = new moodle_url('/grade/report/user/index.php', array('id' => $course->id, 'userid' => $USER->id));
$usermenu .= html_writer::tag('li', html_writer::link($branchurl, $branchlabel));
}
}
// Check if badges are enabled.
if (!empty($CFG->enablebadges) && has_capability('moodle/badges:manageownbadges', $context)) {
$branchlabel = '<em><i class="fa fa-certificate"></i>' . get_string('badges') . '</em>';
$branchurl = new moodle_url('/badges/mybadges.php');
$usermenu .= html_writer::tag('li', html_writer::link($branchurl, $branchlabel));
}
$usermenu .= html_writer::empty_tag('hr', array('class' => 'sep'));
// Render direct logout link.
$branchlabel = '<em><i class="fa fa-sign-out"></i>' . get_string('logout') . '</em>';
if (\core\session\manager::is_loggedinas()) {
$branchurl = new moodle_url('/course/loginas.php', array('id' => $course->id, 'sesskey' => sesskey()));
} else {
$branchurl = new moodle_url('/login/logout.php', array('sesskey' => sesskey()));
}
$usermenu .= html_writer::tag('li', html_writer::link($branchurl, $branchlabel));
// Render Help Link.
$usermenu .= $this->theme_essential_render_helplink();
$usermenu .= html_writer::end_tag('ul');
}
}
$usermenu .= html_writer::end_tag('li');
$usermenu .= html_writer::end_tag('ul');
return $usermenu;
}
/**
* Starts an RPC jump session and returns the jump redirect URL.
*
* @param int $mnethostid id of the mnet host to jump to
* @param string $wantsurl url to redirect to after the jump (usually on remote system)
* @param boolean $wantsurlbackhere defaults to false, means that the remote system should bounce us back here
* rather than somewhere inside *its* wwwroot
*/
function start_jump_session($mnethostid, $wantsurl, $wantsurlbackhere = false)
{
global $CFG, $USER, $DB;
require_once $CFG->dirroot . '/mnet/xmlrpc/client.php';
// check remote login permissions
if (!has_capability('moodle/site:mnetlogintoremote', get_system_context()) or is_mnet_remote_user($USER) or isguestuser() or !isloggedin()) {
print_error('notpermittedtojump', 'mnet');
}
// check for SSO publish permission first
if ($this->has_service($mnethostid, 'sso_sp') == false) {
print_error('hostnotconfiguredforsso', 'mnet');
}
// set RPC timeout to 30 seconds if not configured
if (empty($this->config->rpc_negotiation_timeout)) {
$this->config->rpc_negotiation_timeout = 30;
set_config('rpc_negotiation_timeout', '30', 'auth_mnet');
}
// get the host info
$mnet_peer = new mnet_peer();
$mnet_peer->set_id($mnethostid);
// set up the session
$mnet_session = $DB->get_record('mnet_session', array('userid' => $USER->id, 'mnethostid' => $mnethostid, 'useragent' => sha1($_SERVER['HTTP_USER_AGENT'])));
if ($mnet_session == false) {
$mnet_session = new stdClass();
$mnet_session->mnethostid = $mnethostid;
$mnet_session->userid = $USER->id;
$mnet_session->username = $USER->username;
$mnet_session->useragent = sha1($_SERVER['HTTP_USER_AGENT']);
$mnet_session->token = $this->generate_token();
$mnet_session->confirm_timeout = time() + $this->config->rpc_negotiation_timeout;
$mnet_session->expires = time() + (int) ini_get('session.gc_maxlifetime');
$mnet_session->session_id = session_id();
$mnet_session->id = $DB->insert_record('mnet_session', $mnet_session);
} else {
$mnet_session->useragent = sha1($_SERVER['HTTP_USER_AGENT']);
$mnet_session->token = $this->generate_token();
$mnet_session->confirm_timeout = time() + $this->config->rpc_negotiation_timeout;
$mnet_session->expires = time() + (int) ini_get('session.gc_maxlifetime');
$mnet_session->session_id = session_id();
$DB->update_record('mnet_session', $mnet_session);
}
// construct the redirection URL
//$transport = mnet_get_protocol($mnet_peer->transport);
$wantsurl = urlencode($wantsurl);
$url = "{$mnet_peer->wwwroot}{$mnet_peer->application->sso_land_url}?token={$mnet_session->token}&idp={$this->mnet->wwwroot}&wantsurl={$wantsurl}";
if ($wantsurlbackhere) {
$url .= '&remoteurl=1';
}
return $url;
}
public function login_info()
{
global $USER, $CFG, $DB, $SESSION;
if (during_initial_install()) {
return '';
}
$course = $this->page->course;
if (empty($course->id)) {
// $course->id is not defined during installation
return '';
}
if (session_is_loggedinas()) {
$real_user = session_get_realuser();
$real['name'] = fullname($real_user, true);
$real['link'] = html::url("{$CFG->wwwroot}/course/loginas.php", array('id' => $course->id, 'sesskey' => sesskey()));
} else {
$real = null;
}
if (!isloggedin()) {
return bootsnipp::sign_up_sign_in(new moodle_url('/login/index.php'));
}
$logout['link'] = html::url("{$CFG->wwwroot}/login/logout.php", array('sesskey' => sesskey()));
$logout['name'] = get_string('logout');
$context = get_context_instance(CONTEXT_COURSE, $course->id);
$user['name'] = fullname($USER, true);
$user['link'] = html::url("{$CFG->wwwroot}/user/profile.php", array('id' => $USER->id));
if (is_mnet_remote_user($USER) and $idprovider = $DB->get_record('mnet_host', array('id' => $USER->mnethostid))) {
$mnet['link'] = $idprovider->wwwroot;
$mnet['name'] = $idprovider->name;
} else {
$mnet = null;
}
if (isguestuser()) {
$guest['link'] = get_login_url();
$guest['name'] = get_string('login');
return bootsnipp::guest_user($user['name'], $guest, $logout);
}
if (is_role_switched($course->id)) {
if ($role = $DB->get_record('role', array('id' => $USER->access['rsw'][$context->path]))) {
$user['name'] .= ': ' . format_string($role->name);
}
$role_switch['link'] = "{$CFG->wwwroot}/course/view.php?id={$course->id}&switchrole=0&sesskey=" . sesskey();
$role_switch['name'] = get_string('switchrolereturn');
} else {
$role_switch = null;
}
$loginfailures = null;
if (isset($SESSION->justloggedin)) {
unset($SESSION->justloggedin);
if (!empty($CFG->displayloginfailures) && !isguestuser()) {
if (file_exists("{$CFG->dirroot}/report/log/index.php") and has_capability('report/log:view', get_context_instance(CONTEXT_SYSTEM))) {
if ($count = count_login_failures($CFG->displayloginfailures, $USER->username, $USER->lastlogin)) {
$loginfailures['link'] = "{$CFG->wwwroot}/report/log/index.php?chooselog=1&id=1&modid=site_errors";
if (empty($count->accounts)) {
$loginfailures['name'] = get_string('failedloginattempts', '', $count);
} else {
$loginfailures['name'] = get_string('failedloginattemptsall', '', $count);
}
}
}
}
}
return bootsnipp::signed_in($user, $loginfailures, $mnet, $real, $role_switch, $logout);
}
/**
* Performs the common access checks and page setup for all
* user preference pages.
*
* @param int $userid The user id to edit taken from the page params.
* @param int $courseid The optional course id if we came from a course context.
* @return array containing the user and course records.
*/
function useredit_setup_preference_page($userid, $courseid)
{
global $PAGE, $SESSION, $DB, $CFG, $OUTPUT, $USER;
// Guest can not edit.
if (isguestuser()) {
print_error('guestnoeditprofile');
}
if (!($course = $DB->get_record('course', array('id' => $courseid)))) {
print_error('invalidcourseid');
}
if ($course->id != SITEID) {
require_login($course);
} else {
if (!isloggedin()) {
if (empty($SESSION->wantsurl)) {
$SESSION->wantsurl = $CFG->httpswwwroot . '/user/preferences.php';
}
redirect(get_login_url());
} else {
$PAGE->set_context(context_system::instance());
}
}
// The user profile we are editing.
if (!($user = $DB->get_record('user', array('id' => $userid)))) {
print_error('invaliduserid');
}
// Guest can not be edited.
if (isguestuser($user)) {
print_error('guestnoeditprofile');
}
// Remote users cannot be edited.
if (is_mnet_remote_user($user)) {
if (user_not_fully_set_up($user, false)) {
$hostwwwroot = $DB->get_field('mnet_host', 'wwwroot', array('id' => $user->mnethostid));
print_error('usernotfullysetup', 'mnet', '', $hostwwwroot);
}
redirect($CFG->wwwroot . "/user/view.php?course={$course->id}");
}
$systemcontext = context_system::instance();
$personalcontext = context_user::instance($user->id);
// Check access control.
if ($user->id == $USER->id) {
// Editing own profile - require_login() MUST NOT be used here, it would result in infinite loop!
if (!has_capability('moodle/user:editownprofile', $systemcontext)) {
print_error('cannotedityourprofile');
}
} else {
// Teachers, parents, etc.
require_capability('moodle/user:editprofile', $personalcontext);
// No editing of primary admin!
if (is_siteadmin($user) and !is_siteadmin($USER)) {
// Only admins may edit other admins.
print_error('useradmineditadmin');
}
}
if ($user->deleted) {
echo $OUTPUT->header();
echo $OUTPUT->heading(get_string('userdeleted'));
echo $OUTPUT->footer();
die;
}
$PAGE->set_pagelayout('admin');
$PAGE->set_context($personalcontext);
if ($USER->id != $user->id) {
$PAGE->navigation->extend_for_user($user);
} else {
if ($node = $PAGE->navigation->find('myprofile', navigation_node::TYPE_ROOTNODE)) {
$node->force_open();
}
}
return array($user, $course);
}
/**
* Defines core nodes for my profile navigation tree.
*
* @param \core_user\output\myprofile\tree $tree Tree object
* @param stdClass $user user object
* @param bool $iscurrentuser is the user viewing profile, current user ?
* @param stdClass $course course object
*
* @return bool
*/
function core_myprofile_navigation(core_user\output\myprofile\tree $tree, $user, $iscurrentuser, $course)
{
global $CFG, $USER, $DB;
$usercontext = context_user::instance($user->id, MUST_EXIST);
$systemcontext = context_system::instance();
$context = !empty($course) ? context_course::instance($course->id) : $systemcontext;
$courseid = !empty($course) ? $course->id : SITEID;
$contactcategory = new core_user\output\myprofile\category('contact', get_string('userdetails'));
$coursedetailscategory = new core_user\output\myprofile\category('coursedetails', get_string('coursedetails'), 'contact');
$miscategory = new core_user\output\myprofile\category('miscellaneous', get_string('miscellaneous'), 'coursedetails');
$reportcategory = new core_user\output\myprofile\category('reports', get_string('reports'), 'miscellaneous');
$admincategory = new core_user\output\myprofile\category('administration', get_string('administration'), 'reports');
$loginactivitycategory = new core_user\output\myprofile\category('loginactivity', get_string('loginactivity'), 'administration');
// Add categories.
$tree->add_category($contactcategory);
$tree->add_category($coursedetailscategory);
$tree->add_category($miscategory);
$tree->add_category($reportcategory);
$tree->add_category($admincategory);
$tree->add_category($loginactivitycategory);
// Add core nodes.
// Full profile node.
if (!empty($course)) {
if (empty($CFG->forceloginforprofiles) || $iscurrentuser || has_capability('moodle/user:viewdetails', context_user::instance($user->id)) || has_coursecontact_role($user->id)) {
$url = new moodle_url('/user/profile.php', array('id' => $user->id));
$node = new core_user\output\myprofile\node('miscellaneous', 'fullprofile', get_string('fullprofile'), null, $url);
$tree->add_node($node);
}
}
// Edit profile.
if (isloggedin() && !isguestuser($user) && !is_mnet_remote_user($user)) {
if (($iscurrentuser || is_siteadmin($USER) || !is_siteadmin($user)) && has_capability('moodle/user:update', $systemcontext)) {
$url = new moodle_url('/user/editadvanced.php', array('id' => $user->id, 'course' => $courseid));
$node = new core_user\output\myprofile\node('contact', 'editprofile', get_string('editmyprofile'), null, $url);
$tree->add_node($node);
} else {
if (has_capability('moodle/user:editprofile', $usercontext) && !is_siteadmin($user) || $iscurrentuser && has_capability('moodle/user:editownprofile', $systemcontext)) {
$userauthplugin = false;
if (!empty($user->auth)) {
$userauthplugin = get_auth_plugin($user->auth);
}
if ($userauthplugin && $userauthplugin->can_edit_profile()) {
$url = $userauthplugin->edit_profile_url();
if (empty($url)) {
if (empty($course)) {
$url = new moodle_url('/user/edit.php', array('userid' => $user->id));
} else {
$url = new moodle_url('/user/edit.php', array('userid' => $user->id, 'course' => $course->id));
}
}
$node = new core_user\output\myprofile\node('contact', 'editprofile', get_string('editmyprofile'), null, $url);
$tree->add_node($node);
}
}
}
}
// Preference page. Only visible by administrators.
if (is_siteadmin()) {
$url = new moodle_url('/user/preferences.php', array('userid' => $user->id));
$title = $iscurrentuser ? get_string('mypreferences') : get_string('userspreferences', 'moodle', fullname($user));
$node = new core_user\output\myprofile\node('administration', 'preferences', $title, null, $url);
$tree->add_node($node);
}
// Login as ...
if (!$user->deleted && !$iscurrentuser && !\core\session\manager::is_loggedinas() && has_capability('moodle/user:loginas', $context) && !is_siteadmin($user->id)) {
$url = new moodle_url('/course/loginas.php', array('id' => $courseid, 'user' => $user->id, 'sesskey' => sesskey()));
$node = new core_user\output\myprofile\node('administration', 'loginas', get_string('loginas'), null, $url);
$tree->add_node($node);
}
// Contact details.
if (has_capability('moodle/user:viewhiddendetails', $usercontext)) {
$hiddenfields = array();
} else {
$hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields));
}
if (has_capability('moodle/site:viewuseridentity', $context)) {
$identityfields = array_flip(explode(',', $CFG->showuseridentity));
} else {
$identityfields = array();
}
if (is_mnet_remote_user($user)) {
$sql = "SELECT h.id, h.name, h.wwwroot,\n a.name as application, a.display_name\n FROM {mnet_host} h, {mnet_application} a\n WHERE h.id = ? AND h.applicationid = a.id";
$remotehost = $DB->get_record_sql($sql, array($user->mnethostid));
$remoteuser = new stdclass();
$remoteuser->remotetype = $remotehost->display_name;
$hostinfo = new stdclass();
$hostinfo->remotename = $remotehost->name;
$hostinfo->remoteurl = $remotehost->wwwroot;
$node = new core_user\output\myprofile\node('contact', 'mnet', get_string('remoteuser', 'mnet', $remoteuser), null, null, get_string('remoteuserinfo', 'mnet', $hostinfo), null, 'remoteuserinfo');
$tree->add_node($node);
}
if (isset($identityfields['email']) and ($iscurrentuser or $user->maildisplay == 1 or has_capability('moodle/course:useremail', $usercontext) or $user->maildisplay == 2 and enrol_sharing_course($user, $USER))) {
$node = new core_user\output\myprofile\node('contact', 'email', get_string('email'), null, null, obfuscate_mailto($user->email, ''));
$tree->add_node($node);
}
if (!isset($hiddenfields['country']) && $user->country) {
$node = new core_user\output\myprofile\node('contact', 'country', get_string('country'), null, null, get_string($user->country, 'countries'));
$tree->add_node($node);
}
if (!isset($hiddenfields['city']) && $user->city) {
$node = new core_user\output\myprofile\node('contact', 'city', get_string('city'), null, null, $user->city);
$tree->add_node($node);
}
if (isset($identityfields['address']) && $user->address) {
$node = new core_user\output\myprofile\node('contact', 'address', get_string('address'), null, null, $user->address);
$tree->add_node($node);
}
if (isset($identityfields['phone1']) && $user->phone1) {
$node = new core_user\output\myprofile\node('contact', 'phone1', get_string('phone'), null, null, $user->phone1);
$tree->add_node($node);
}
if (isset($identityfields['phone2']) && $user->phone2) {
$node = new core_user\output\myprofile\node('contact', 'phone2', get_string('phone2'), null, null, $user->phone2);
$tree->add_node($node);
}
if (isset($identityfields['institution']) && $user->institution) {
$node = new core_user\output\myprofile\node('contact', 'institution', get_string('institution'), null, null, $user->institution);
$tree->add_node($node);
}
if (isset($identityfields['department']) && $user->department) {
$node = new core_user\output\myprofile\node('contact', 'department', get_string('department'), null, null, $user->institution);
$tree->add_node($node);
}
if (isset($identityfields['idnumber']) && $user->idnumber) {
$node = new core_user\output\myprofile\node('contact', 'idnumber', get_string('idnumber'), null, null, $user->institution);
$tree->add_node($node);
}
if ($user->url && !isset($hiddenfields['webpage'])) {
$url = $user->url;
if (strpos($user->url, '://') === false) {
$url = 'http://' . $url;
}
$webpageurl = new moodle_url($url);
$node = new core_user\output\myprofile\node('contact', 'webpage', get_string('webpage'), null, null, html_writer::link($url, $webpageurl));
$tree->add_node($node);
}
// Printing tagged interests. We want this only for full profile.
if (!empty($CFG->usetags) && empty($course)) {
if ($interests = tag_get_tags_csv('user', $user->id)) {
$node = new core_user\output\myprofile\node('contact', 'interests', get_string('interests'), null, null, $interests);
$tree->add_node($node);
}
}
if (!isset($hiddenfields['mycourses'])) {
$showallcourses = optional_param('showallcourses', 0, PARAM_INT);
if ($mycourses = enrol_get_all_users_courses($user->id, true, null, 'visible DESC, sortorder ASC')) {
$shown = 0;
$courselisting = html_writer::start_tag('ul');
foreach ($mycourses as $mycourse) {
if ($mycourse->category) {
context_helper::preload_from_record($mycourse);
$ccontext = context_course::instance($mycourse->id);
if (!isset($course) || $mycourse->id != $course->id) {
$linkattributes = null;
if ($mycourse->visible == 0) {
if (!has_capability('moodle/course:viewhiddencourses', $ccontext)) {
continue;
}
$linkattributes['class'] = 'dimmed';
}
$params = array('id' => $user->id, 'course' => $mycourse->id);
if ($showallcourses) {
$params['showallcourses'] = 1;
}
$url = new moodle_url('/user/view.php', $params);
$courselisting .= html_writer::tag('li', html_writer::link($url, $ccontext->get_context_name(false), $linkattributes));
} else {
$courselisting .= html_writer::tag('li', $course->fullname);
}
}
$shown++;
if (!$showallcourses && $shown == $CFG->navcourselimit) {
$url = null;
if (isset($course)) {
$url = new moodle_url('/user/view.php', array('id' => $user->id, 'course' => $course->id, 'showallcourses' => 1));
} else {
$url = new moodle_url('/user/profile.php', array('id' => $user->id, 'showallcourses' => 1));
}
$courselisting .= html_writer::tag('li', html_writer::link($url, get_string('viewmore'), array('title' => get_string('viewmore'))));
break;
}
}
$courselisting .= html_writer::end_tag('ul');
if (!empty($mycourses)) {
// Add this node only if there are courses to display.
$node = new core_user\output\myprofile\node('coursedetails', 'courseprofiles', get_string('courseprofiles'), null, null, rtrim($courselisting, ', '));
$tree->add_node($node);
}
}
}
if (!empty($course)) {
// Show roles in this course.
if ($rolestring = get_user_roles_in_course($user->id, $course->id)) {
$node = new core_user\output\myprofile\node('coursedetails', 'roles', get_string('roles'), null, null, $rolestring);
$tree->add_node($node);
}
// Show groups this user is in.
if (!isset($hiddenfields['groups']) && !empty($course)) {
$accessallgroups = has_capability('moodle/site:accessallgroups', $context);
if ($usergroups = groups_get_all_groups($course->id, $user->id)) {
$groupstr = '';
foreach ($usergroups as $group) {
if ($course->groupmode == SEPARATEGROUPS and !$accessallgroups and $user->id != $USER->id) {
if (!groups_is_member($group->id, $user->id)) {
continue;
}
}
if ($course->groupmode != NOGROUPS) {
$groupstr .= ' <a href="' . $CFG->wwwroot . '/user/index.php?id=' . $course->id . '&group=' . $group->id . '">' . format_string($group->name) . '</a>,';
} else {
// The user/index.php shows groups only when course in group mode.
$groupstr .= ' ' . format_string($group->name);
}
}
if ($groupstr !== '') {
$node = new core_user\output\myprofile\node('coursedetails', 'groups', get_string('group'), null, null, rtrim($groupstr, ', '));
$tree->add_node($node);
}
}
}
if (!isset($hiddenfields['suspended'])) {
if ($user->suspended) {
$node = new core_user\output\myprofile\node('coursedetails', 'suspended', null, null, null, get_string('suspended', 'auth'));
$tree->add_node($node);
}
}
echo html_writer::end_tag('dl');
}
if ($user->icq && !isset($hiddenfields['icqnumber'])) {
$imurl = new moodle_url('http://web.icq.com/wwp', array('uin' => $user->icq));
$iconurl = new moodle_url('http://web.icq.com/whitepages/online', array('icq' => $user->icq, 'img' => '5'));
$statusicon = html_writer::tag('img', '', array('src' => $iconurl, 'class' => 'icon icon-post', 'alt' => get_string('status')));
$node = new core_user\output\myprofile\node('contact', 'icqnumber', get_string('icqnumber'), null, null, html_writer::link($imurl, s($user->icq) . $statusicon));
$tree->add_node($node);
}
if ($user->skype && !isset($hiddenfields['skypeid'])) {
$imurl = 'skype:' . urlencode($user->skype) . '?call';
$iconurl = new moodle_url('http://mystatus.skype.com/smallicon/' . urlencode($user->skype));
if (is_https()) {
// Bad luck, skype devs are lazy to set up SSL on their servers - see MDL-37233.
$statusicon = '';
} else {
$statusicon = html_writer::empty_tag('img', array('src' => $iconurl, 'class' => 'icon icon-post', 'alt' => get_string('status')));
}
$node = new core_user\output\myprofile\node('contact', 'skypeid', get_string('skypeid'), null, null, html_writer::link($imurl, s($user->skype) . $statusicon));
$tree->add_node($node);
}
if ($user->yahoo && !isset($hiddenfields['yahooid'])) {
$imurl = new moodle_url('http://edit.yahoo.com/config/send_webmesg', array('.target' => $user->yahoo, '.src' => 'pg'));
$iconurl = new moodle_url('http://opi.yahoo.com/online', array('u' => $user->yahoo, 'm' => 'g', 't' => '0'));
$statusicon = html_writer::tag('img', '', array('src' => $iconurl, 'class' => 'iconsmall icon-post', 'alt' => get_string('status')));
$node = new core_user\output\myprofile\node('contact', 'yahooid', get_string('yahooid'), null, null, html_writer::link($imurl, s($user->yahoo) . $statusicon));
$tree->add_node($node);
}
if ($user->aim && !isset($hiddenfields['aimid'])) {
$imurl = 'aim:goim?screenname=' . urlencode($user->aim);
$node = new core_user\output\myprofile\node('contact', 'aimid', get_string('aimid'), null, null, html_writer::link($imurl, s($user->aim)));
$tree->add_node($node);
}
if ($user->msn && !isset($hiddenfields['msnid'])) {
$node = new core_user\output\myprofile\node('contact', 'msnid', get_string('msnid'), null, null, s($user->msn));
$tree->add_node($node);
}
if ($categories = $DB->get_records('user_info_category', null, 'sortorder ASC')) {
foreach ($categories as $category) {
if ($fields = $DB->get_records('user_info_field', array('categoryid' => $category->id), 'sortorder ASC')) {
foreach ($fields as $field) {
require_once $CFG->dirroot . '/user/profile/field/' . $field->datatype . '/field.class.php';
$newfield = 'profile_field_' . $field->datatype;
$formfield = new $newfield($field->id, $user->id);
if ($formfield->is_visible() and !$formfield->is_empty()) {
$node = new core_user\output\myprofile\node('contact', $formfield->field->shortname, format_string($formfield->field->name), null, null, $formfield->display_data());
$tree->add_node($node);
}
}
}
}
}
// First access. (Why only for sites ?)
if (!isset($hiddenfields['firstaccess']) && empty($course)) {
if ($user->firstaccess) {
$datestring = userdate($user->firstaccess) . " (" . format_time(time() - $user->firstaccess) . ")";
} else {
$datestring = get_string("never");
}
$node = new core_user\output\myprofile\node('loginactivity', 'firstaccess', get_string('firstsiteaccess'), null, null, $datestring);
$tree->add_node($node);
}
// Last access.
if (!isset($hiddenfields['lastaccess'])) {
if (empty($course)) {
$string = get_string('lastsiteaccess');
if ($user->lastaccess) {
$datestring = userdate($user->lastaccess) . " (" . format_time(time() - $user->lastaccess) . ")";
} else {
$datestring = get_string("never");
}
} else {
$string = get_string('lastcourseaccess');
if ($lastaccess = $DB->get_record('user_lastaccess', array('userid' => $user->id, 'courseid' => $course->id))) {
$datestring = userdate($lastaccess->timeaccess) . " (" . format_time(time() - $lastaccess->timeaccess) . ")";
} else {
$datestring = get_string("never");
}
}
$node = new core_user\output\myprofile\node('loginactivity', 'lastaccess', $string, null, null, $datestring);
$tree->add_node($node);
}
// Last ip.
if (has_capability('moodle/user:viewlastip', $usercontext) && !isset($hiddenfields['lastip'])) {
if ($user->lastip) {
$iplookupurl = new moodle_url('/iplookup/index.php', array('ip' => $user->lastip, 'user' => $USER->id));
$ipstring = html_writer::link($iplookupurl, $user->lastip);
} else {
$ipstring = get_string("none");
}
$node = new core_user\output\myprofile\node('loginactivity', 'lastip', get_string('lastip'), null, null, $ipstring);
$tree->add_node($node);
}
}
/**
* Send an email to a specified user
*
* @param stdClass $user A {@link $USER} object
* @param stdClass $from A {@link $USER} object
* @param string $subject plain text subject line of the email
* @param string $messagetext plain text version of the message
* @param string $messagehtml complete html version of the message (optional)
* @param string $attachment a file on the filesystem, either relative to $CFG->dataroot or a full path to a file in $CFG->tempdir
* @param string $attachname the name of the file (extension indicates MIME)
* @param bool $usetrueaddress determines whether $from email address should
* be sent out. Will be overruled by user profile setting for maildisplay
* @param string $replyto Email address to reply to
* @param string $replytoname Name of reply to recipient
* @param int $wordwrapwidth custom word wrap width, default 79
* @return bool Returns true if mail was sent OK and false if there was an error.
*/
function email_to_user($user, $from, $subject, $messagetext, $messagehtml = '', $attachment = '', $attachname = '', $usetrueaddress = true, $replyto = '', $replytoname = '', $wordwrapwidth = 79)
{
global $CFG, $PAGE, $SITE;
if (empty($user) or empty($user->id)) {
debugging('Can not send email to null user', DEBUG_DEVELOPER);
return false;
}
if (empty($user->email)) {
debugging('Can not send email to user without email: ' . $user->id, DEBUG_DEVELOPER);
return false;
}
if (!empty($user->deleted)) {
debugging('Can not send email to deleted user: '******'BEHAT_SITE_RUNNING')) {
// Fake email sending in behat.
return true;
}
if (!empty($CFG->noemailever)) {
// Hidden setting for development sites, set in config.php if needed.
debugging('Not sending email due to $CFG->noemailever config setting', DEBUG_NORMAL);
return true;
}
if (email_should_be_diverted($user->email)) {
$subject = "[DIVERTED {$user->email}] {$subject}";
$user = clone $user;
$user->email = $CFG->divertallemailsto;
}
// Skip mail to suspended users.
if (isset($user->auth) && $user->auth == 'nologin' or isset($user->suspended) && $user->suspended) {
return true;
}
if (!validate_email($user->email)) {
// We can not send emails to invalid addresses - it might create security issue or confuse the mailer.
debugging("email_to_user: User {$user->id} (" . fullname($user) . ") email ({$user->email}) is invalid! Not sending.");
return false;
}
if (over_bounce_threshold($user)) {
debugging("email_to_user: User {$user->id} (" . fullname($user) . ") is over bounce threshold! Not sending.");
return false;
}
// TLD .invalid is specifically reserved for invalid domain names.
// For More information, see {@link http://tools.ietf.org/html/rfc2606#section-2}.
if (substr($user->email, -8) == '.invalid') {
debugging("email_to_user: User {$user->id} (" . fullname($user) . ") email domain ({$user->email}) is invalid! Not sending.");
return true;
// This is not an error.
}
// If the user is a remote mnet user, parse the email text for URL to the
// wwwroot and modify the url to direct the user's browser to login at their
// home site (identity provider - idp) before hitting the link itself.
if (is_mnet_remote_user($user)) {
require_once $CFG->dirroot . '/mnet/lib.php';
$jumpurl = mnet_get_idp_jump_url($user);
$callback = partial('mnet_sso_apply_indirection', $jumpurl);
$messagetext = preg_replace_callback("%({$CFG->wwwroot}[^[:space:]]*)%", $callback, $messagetext);
$messagehtml = preg_replace_callback("%href=[\"'`]({$CFG->wwwroot}[\\w_:\\?=#&@/;.~-]*)[\"'`]%", $callback, $messagehtml);
}
$mail = get_mailer();
if (!empty($mail->SMTPDebug)) {
echo '<pre>' . "\n";
}
$temprecipients = array();
$tempreplyto = array();
// Make sure that we fall back onto some reasonable no-reply address.
$noreplyaddress = empty($CFG->noreplyaddress) ? 'noreply@' . get_host_from_url($CFG->wwwroot) : $CFG->noreplyaddress;
// Make up an email address for handling bounces.
if (!empty($CFG->handlebounces)) {
$modargs = 'B' . base64_encode(pack('V', $user->id)) . substr(md5($user->email), 0, 16);
$mail->Sender = generate_email_processing_address(0, $modargs);
} else {
$mail->Sender = $noreplyaddress;
}
$alloweddomains = null;
if (!empty($CFG->allowedemaildomains)) {
$alloweddomains = explode(PHP_EOL, $CFG->allowedemaildomains);
}
// Email will be sent using no reply address.
if (empty($alloweddomains)) {
$usetrueaddress = false;
}
if (is_string($from)) {
// So we can pass whatever we want if there is need.
$mail->From = $noreplyaddress;
$mail->FromName = $from;
// Check if using the true address is true, and the email is in the list of allowed domains for sending email,
// and that the senders email setting is either displayed to everyone, or display to only other users that are enrolled
// in a course with the sender.
} else {
if ($usetrueaddress && can_send_from_real_email_address($from, $user, $alloweddomains)) {
$mail->From = $from->email;
$fromdetails = new stdClass();
$fromdetails->name = fullname($from);
$fromdetails->url = $CFG->wwwroot;
$fromstring = $fromdetails->name;
if ($CFG->emailfromvia == EMAIL_VIA_ALWAYS) {
$fromstring = get_string('emailvia', 'core', $fromdetails);
}
$mail->FromName = $fromstring;
if (empty($replyto)) {
$tempreplyto[] = array($from->email, fullname($from));
}
} else {
$mail->From = $noreplyaddress;
$fromdetails = new stdClass();
$fromdetails->name = fullname($from);
$fromdetails->url = $CFG->wwwroot;
$fromstring = $fromdetails->name;
if ($CFG->emailfromvia != EMAIL_VIA_NEVER) {
$fromstring = get_string('emailvia', 'core', $fromdetails);
}
$mail->FromName = $fromstring;
if (empty($replyto)) {
$tempreplyto[] = array($noreplyaddress, get_string('noreplyname'));
}
}
}
if (!empty($replyto)) {
$tempreplyto[] = array($replyto, $replytoname);
}
$temprecipients[] = array($user->email, fullname($user));
// Set word wrap.
$mail->WordWrap = $wordwrapwidth;
if (!empty($from->customheaders)) {
// Add custom headers.
if (is_array($from->customheaders)) {
foreach ($from->customheaders as $customheader) {
$mail->addCustomHeader($customheader);
}
} else {
$mail->addCustomHeader($from->customheaders);
}
}
// If the X-PHP-Originating-Script email header is on then also add an additional
// header with details of where exactly in moodle the email was triggered from,
// either a call to message_send() or to email_to_user().
if (ini_get('mail.add_x_header')) {
$stack = debug_backtrace(false);
$origin = $stack[0];
foreach ($stack as $depth => $call) {
if ($call['function'] == 'message_send') {
$origin = $call;
}
}
$originheader = $CFG->wwwroot . ' => ' . gethostname() . ':' . str_replace($CFG->dirroot . '/', '', $origin['file']) . ':' . $origin['line'];
$mail->addCustomHeader('X-Moodle-Originating-Script: ' . $originheader);
}
if (!empty($from->priority)) {
$mail->Priority = $from->priority;
}
$renderer = $PAGE->get_renderer('core');
$context = array('sitefullname' => $SITE->fullname, 'siteshortname' => $SITE->shortname, 'sitewwwroot' => $CFG->wwwroot, 'subject' => $subject, 'to' => $user->email, 'toname' => fullname($user), 'from' => $mail->From, 'fromname' => $mail->FromName);
if (!empty($tempreplyto[0])) {
$context['replyto'] = $tempreplyto[0][0];
$context['replytoname'] = $tempreplyto[0][1];
}
if ($user->id > 0) {
$context['touserid'] = $user->id;
$context['tousername'] = $user->username;
}
if (!empty($user->mailformat) && $user->mailformat == 1) {
// Only process html templates if the user preferences allow html email.
if ($messagehtml) {
// If html has been given then pass it through the template.
$context['body'] = $messagehtml;
$messagehtml = $renderer->render_from_template('core/email_html', $context);
} else {
// If no html has been given, BUT there is an html wrapping template then
// auto convert the text to html and then wrap it.
$autohtml = trim(text_to_html($messagetext));
$context['body'] = $autohtml;
$temphtml = $renderer->render_from_template('core/email_html', $context);
if ($autohtml != $temphtml) {
$messagehtml = $temphtml;
}
}
}
$context['body'] = $messagetext;
$mail->Subject = $renderer->render_from_template('core/email_subject', $context);
$mail->FromName = $renderer->render_from_template('core/email_fromname', $context);
$messagetext = $renderer->render_from_template('core/email_text', $context);
// Autogenerate a MessageID if it's missing.
if (empty($mail->MessageID)) {
$mail->MessageID = generate_email_messageid();
}
if ($messagehtml && !empty($user->mailformat) && $user->mailformat == 1) {
// Don't ever send HTML to users who don't want it.
$mail->isHTML(true);
$mail->Encoding = 'quoted-printable';
$mail->Body = $messagehtml;
$mail->AltBody = "\n{$messagetext}\n";
} else {
$mail->IsHTML(false);
$mail->Body = "\n{$messagetext}\n";
}
if ($attachment && $attachname) {
if (preg_match("~\\.\\.~", $attachment)) {
// Security check for ".." in dir path.
$temprecipients[] = array($supportuser->email, fullname($supportuser, true));
$mail->addStringAttachment('Error in attachment. User attempted to attach a filename with a unsafe name.', 'error.txt', '8bit', 'text/plain');
} else {
require_once $CFG->libdir . '/filelib.php';
$mimetype = mimeinfo('type', $attachname);
$attachmentpath = $attachment;
// Before doing the comparison, make sure that the paths are correct (Windows uses slashes in the other direction).
$attachpath = str_replace('\\', '/', $attachmentpath);
// Make sure both variables are normalised before comparing.
$temppath = str_replace('\\', '/', realpath($CFG->tempdir));
// If the attachment is a full path to a file in the tempdir, use it as is,
// otherwise assume it is a relative path from the dataroot (for backwards compatibility reasons).
if (strpos($attachpath, $temppath) !== 0) {
$attachmentpath = $CFG->dataroot . '/' . $attachmentpath;
}
$mail->addAttachment($attachmentpath, $attachname, 'base64', $mimetype);
}
}
// Check if the email should be sent in an other charset then the default UTF-8.
if (!empty($CFG->sitemailcharset) || !empty($CFG->allowusermailcharset)) {
// Use the defined site mail charset or eventually the one preferred by the recipient.
$charset = $CFG->sitemailcharset;
if (!empty($CFG->allowusermailcharset)) {
if ($useremailcharset = get_user_preferences('mailcharset', '0', $user->id)) {
$charset = $useremailcharset;
}
}
// Convert all the necessary strings if the charset is supported.
$charsets = get_list_of_charsets();
unset($charsets['UTF-8']);
if (in_array($charset, $charsets)) {
$mail->CharSet = $charset;
$mail->FromName = core_text::convert($mail->FromName, 'utf-8', strtolower($charset));
$mail->Subject = core_text::convert($mail->Subject, 'utf-8', strtolower($charset));
$mail->Body = core_text::convert($mail->Body, 'utf-8', strtolower($charset));
$mail->AltBody = core_text::convert($mail->AltBody, 'utf-8', strtolower($charset));
foreach ($temprecipients as $key => $values) {
$temprecipients[$key][1] = core_text::convert($values[1], 'utf-8', strtolower($charset));
}
foreach ($tempreplyto as $key => $values) {
$tempreplyto[$key][1] = core_text::convert($values[1], 'utf-8', strtolower($charset));
}
}
}
foreach ($temprecipients as $values) {
$mail->addAddress($values[0], $values[1]);
}
foreach ($tempreplyto as $values) {
$mail->addReplyTo($values[0], $values[1]);
}
if ($mail->send()) {
set_send_count($user);
if (!empty($mail->SMTPDebug)) {
echo '</pre>';
}
return true;
} else {
// Trigger event for failing to send email.
$event = \core\event\email_failed::create(array('context' => context_system::instance(), 'userid' => $from->id, 'relateduserid' => $user->id, 'other' => array('subject' => $subject, 'message' => $messagetext, 'errorinfo' => $mail->ErrorInfo)));
$event->trigger();
if (CLI_SCRIPT) {
mtrace('Error: lib/moodlelib.php email_to_user(): ' . $mail->ErrorInfo);
}
if (!empty($mail->SMTPDebug)) {
echo '</pre>';
}
return false;
}
}
/**
* Send an email to a specified user
*
* @global object
* @global string
* @global string IdentityProvider(IDP) URL user hits to jump to mnet peer.
* @uses SITEID
* @param stdClass $user A {@link $USER} object
* @param stdClass $from A {@link $USER} object
* @param string $subject plain text subject line of the email
* @param string $messagetext plain text version of the message
* @param string $messagehtml complete html version of the message (optional)
* @param string $attachment a file on the filesystem, relative to $CFG->dataroot
* @param string $attachname the name of the file (extension indicates MIME)
* @param bool $usetrueaddress determines whether $from email address should
* be sent out. Will be overruled by user profile setting for maildisplay
* @param string $replyto Email address to reply to
* @param string $replytoname Name of reply to recipient
* @param int $wordwrapwidth custom word wrap width, default 79
* @return bool Returns true if mail was sent OK and false if there was an error.
*/
function email_to_user($user, $from, $subject, $messagetext, $messagehtml = '', $attachment = '', $attachname = '', $usetrueaddress = true, $replyto = '', $replytoname = '', $wordwrapwidth = 79)
{
global $CFG, $FULLME;
if (empty($user) || empty($user->email)) {
mtrace('Error: lib/moodlelib.php email_to_user(): User is null or has no email');
return false;
}
if (!empty($user->deleted)) {
// do not mail delted users
mtrace('Error: lib/moodlelib.php email_to_user(): User is deleted');
return false;
}
if (!empty($CFG->noemailever)) {
// hidden setting for development sites, set in config.php if needed
mtrace('Error: lib/moodlelib.php email_to_user(): Not sending email due to noemailever config setting');
return true;
}
if (!empty($CFG->divertallemailsto)) {
$subject = "[DIVERTED {$user->email}] {$subject}";
$user = clone $user;
$user->email = $CFG->divertallemailsto;
}
// skip mail to suspended users
if (isset($user->auth) && $user->auth == 'nologin') {
return true;
}
if (over_bounce_threshold($user)) {
$bouncemsg = "User {$user->id} (" . fullname($user) . ") is over bounce threshold! Not sending.";
error_log($bouncemsg);
mtrace('Error: lib/moodlelib.php email_to_user(): ' . $bouncemsg);
return false;
}
// If the user is a remote mnet user, parse the email text for URL to the
// wwwroot and modify the url to direct the user's browser to login at their
// home site (identity provider - idp) before hitting the link itself
if (is_mnet_remote_user($user)) {
require_once $CFG->dirroot . '/mnet/lib.php';
$jumpurl = mnet_get_idp_jump_url($user);
$callback = partial('mnet_sso_apply_indirection', $jumpurl);
$messagetext = preg_replace_callback("%({$CFG->wwwroot}[^[:space:]]*)%", $callback, $messagetext);
$messagehtml = preg_replace_callback("%href=[\"'`]({$CFG->wwwroot}[\\w_:\\?=#&@/;.~-]*)[\"'`]%", $callback, $messagehtml);
}
$mail = get_mailer();
if (!empty($mail->SMTPDebug)) {
echo '<pre>' . "\n";
}
$temprecipients = array();
$tempreplyto = array();
$supportuser = generate_email_supportuser();
// make up an email address for handling bounces
if (!empty($CFG->handlebounces)) {
$modargs = 'B' . base64_encode(pack('V', $user->id)) . substr(md5($user->email), 0, 16);
$mail->Sender = generate_email_processing_address(0, $modargs);
} else {
$mail->Sender = $supportuser->email;
}
if (is_string($from)) {
// So we can pass whatever we want if there is need
$mail->From = $CFG->noreplyaddress;
$mail->FromName = $from;
} else {
if ($usetrueaddress and $from->maildisplay) {
$mail->From = $from->email;
$mail->FromName = fullname($from);
} else {
$mail->From = $CFG->noreplyaddress;
$mail->FromName = fullname($from);
if (empty($replyto)) {
$tempreplyto[] = array($CFG->noreplyaddress, get_string('noreplyname'));
}
}
}
if (!empty($replyto)) {
$tempreplyto[] = array($replyto, $replytoname);
}
$mail->Subject = substr($subject, 0, 900);
$temprecipients[] = array($user->email, fullname($user));
$mail->WordWrap = $wordwrapwidth;
// set word wrap
if (!empty($from->customheaders)) {
// Add custom headers
if (is_array($from->customheaders)) {
foreach ($from->customheaders as $customheader) {
$mail->AddCustomHeader($customheader);
}
} else {
$mail->AddCustomHeader($from->customheaders);
}
}
if (!empty($from->priority)) {
$mail->Priority = $from->priority;
}
if ($messagehtml && !empty($user->mailformat) && $user->mailformat == 1) {
// Don't ever send HTML to users who don't want it
$mail->IsHTML(true);
$mail->Encoding = 'quoted-printable';
// Encoding to use
$mail->Body = $messagehtml;
$mail->AltBody = "\n{$messagetext}\n";
} else {
$mail->IsHTML(false);
$mail->Body = "\n{$messagetext}\n";
}
if ($attachment && $attachname) {
if (preg_match("~\\.\\.~", $attachment)) {
// Security check for ".." in dir path
$temprecipients[] = array($supportuser->email, fullname($supportuser, true));
$mail->AddStringAttachment('Error in attachment. User attempted to attach a filename with a unsafe name.', 'error.txt', '8bit', 'text/plain');
} else {
require_once $CFG->libdir . '/filelib.php';
$mimetype = mimeinfo('type', $attachname);
$mail->AddAttachment($CFG->dataroot . '/' . $attachment, $attachname, 'base64', $mimetype);
}
}
// Check if the email should be sent in an other charset then the default UTF-8
if (!empty($CFG->sitemailcharset) || !empty($CFG->allowusermailcharset)) {
// use the defined site mail charset or eventually the one preferred by the recipient
$charset = $CFG->sitemailcharset;
if (!empty($CFG->allowusermailcharset)) {
if ($useremailcharset = get_user_preferences('mailcharset', '0', $user->id)) {
$charset = $useremailcharset;
}
}
// convert all the necessary strings if the charset is supported
$charsets = get_list_of_charsets();
unset($charsets['UTF-8']);
if (in_array($charset, $charsets)) {
$textlib = textlib_get_instance();
$mail->CharSet = $charset;
$mail->FromName = $textlib->convert($mail->FromName, 'utf-8', strtolower($charset));
$mail->Subject = $textlib->convert($mail->Subject, 'utf-8', strtolower($charset));
$mail->Body = $textlib->convert($mail->Body, 'utf-8', strtolower($charset));
$mail->AltBody = $textlib->convert($mail->AltBody, 'utf-8', strtolower($charset));
foreach ($temprecipients as $key => $values) {
$temprecipients[$key][1] = $textlib->convert($values[1], 'utf-8', strtolower($charset));
}
foreach ($tempreplyto as $key => $values) {
$tempreplyto[$key][1] = $textlib->convert($values[1], 'utf-8', strtolower($charset));
}
}
}
foreach ($temprecipients as $values) {
$mail->AddAddress($values[0], $values[1]);
}
foreach ($tempreplyto as $values) {
$mail->AddReplyTo($values[0], $values[1]);
}
if ($mail->Send()) {
set_send_count($user);
$mail->IsSMTP();
// use SMTP directly
if (!empty($mail->SMTPDebug)) {
echo '</pre>';
}
return true;
} else {
mtrace('ERROR: ' . $mail->ErrorInfo);
add_to_log(SITEID, 'library', 'mailer', $FULLME, 'ERROR: ' . $mail->ErrorInfo);
if (!empty($mail->SMTPDebug)) {
echo '</pre>';
}
return false;
}
}
/**
* Return the standard string that says whether you are logged in (and switched
* roles/logged in as another user).
* @param bool $withlinks if false, then don't include any links in the HTML produced.
* If not set, the default is the nologinlinks option from the theme config.php file,
* and if that is not set, then links are included.
* @return string HTML fragment.
*/
public function login_info($withlinks = null) {
global $USER, $CFG, $DB, $SESSION;
if (during_initial_install()) {
return '';
}
if (is_null($withlinks)) {
$withlinks = empty($this->page->layout_options['nologinlinks']);
}
$course = $this->page->course;
if (\core\session\manager::is_loggedinas()) {
$realuser = \core\session\manager::get_realuser();
$fullname = fullname($realuser, true);
if ($withlinks) {
$loginastitle = get_string('loginas');
$realuserinfo = " [<a href=\"$CFG->wwwroot/course/loginas.php?id=$course->id&sesskey=".sesskey()."\"";
$realuserinfo .= "title =\"".$loginastitle."\">$fullname</a>] ";
} else {
$realuserinfo = " [$fullname] ";
}
} else {
$realuserinfo = '';
}
$loginpage = $this->is_login_page();
$loginurl = get_login_url();
if (empty($course->id)) {
// $course->id is not defined during installation
return '';
} else if (isloggedin()) {
$context = context_course::instance($course->id);
$fullname = fullname($USER, true);
// Since Moodle 2.0 this link always goes to the public profile page (not the course profile page)
if ($withlinks) {
$linktitle = get_string('viewprofile');
$username = "******"$CFG->wwwroot/user/profile.php?id=$USER->id\" title=\"$linktitle\">$fullname</a>";
} else {
$username = $fullname;
}
if (is_mnet_remote_user($USER) and $idprovider = $DB->get_record('mnet_host', array('id'=>$USER->mnethostid))) {
if ($withlinks) {
$username .= " from <a href=\"{$idprovider->wwwroot}\">{$idprovider->name}</a>";
} else {
$username .= " from {$idprovider->name}";
}
}
if (isguestuser()) {
$loggedinas = $realuserinfo.get_string('loggedinasguest');
if (!$loginpage && $withlinks) {
$loggedinas .= " (<a href=\"$loginurl\">".get_string('login').'</a>)';
}
} else if (is_role_switched($course->id)) { // Has switched roles
$rolename = '';
if ($role = $DB->get_record('role', array('id'=>$USER->access['rsw'][$context->path]))) {
$rolename = ': '.role_get_name($role, $context);
}
$loggedinas = get_string('loggedinas', 'moodle', $username).$rolename;
if ($withlinks) {
$url = new moodle_url('/course/switchrole.php', array('id'=>$course->id,'sesskey'=>sesskey(), 'switchrole'=>0, 'returnurl'=>$this->page->url->out_as_local_url(false)));
$loggedinas .= ' ('.html_writer::tag('a', get_string('switchrolereturn'), array('href' => $url)).')';
}
} else {
$loggedinas = $realuserinfo.get_string('loggedinas', 'moodle', $username);
if ($withlinks) {
$loggedinas .= " (<a href=\"$CFG->wwwroot/login/logout.php?sesskey=".sesskey()."\">".get_string('logout').'</a>)';
}
}
} else {
$loggedinas = get_string('loggedinnot', 'moodle');
if (!$loginpage && $withlinks) {
$loggedinas .= " (<a href=\"$loginurl\">".get_string('login').'</a>)';
}
}
$loggedinas = '<div class="logininfo">'.$loggedinas.'</div>';
if (isset($SESSION->justloggedin)) {
unset($SESSION->justloggedin);
if (!empty($CFG->displayloginfailures)) {
if (!isguestuser()) {
// Include this file only when required.
require_once($CFG->dirroot . '/user/lib.php');
if ($count = user_count_login_failures($USER)) {
$loggedinas .= '<div class="loginfailures">';
$a = new stdClass();
$a->attempts = $count;
$loggedinas .= get_string('failedloginattempts', '', $a);
if (file_exists("$CFG->dirroot/report/log/index.php") and has_capability('report/log:view', context_system::instance())) {
$loggedinas .= ' ('.html_writer::link(new moodle_url('/report/log/index.php', array('chooselog' => 1,
'id' => 0 , 'modid' => 'site_errors')), get_string('logs')).')';
}
$loggedinas .= '</div>';
}
}
}
}
return $loggedinas;
}
function definition_after_data() {
global $USER, $CFG, $DB, $OUTPUT;
$mform =& $this->_form;
if ($userid = $mform->getElementValue('id')) {
$user = $DB->get_record('user', array('id'=>$userid));
} else {
$user = false;
}
// if language does not exist, use site default lang
if ($langsel = $mform->getElementValue('lang')) {
$lang = reset($langsel);
// check lang exists
if (!get_string_manager()->translation_exists($lang, false)) {
$lang_el =& $mform->getElement('lang');
$lang_el->setValue($CFG->lang);
}
}
// user can not change own auth method
if ($userid == $USER->id) {
$mform->hardFreeze('auth');
$mform->hardFreeze('preference_auth_forcepasswordchange');
}
// admin must choose some password and supply correct email
if (!empty($USER->newadminuser)) {
$mform->addRule('newpassword', get_string('required'), 'required', null, 'client');
if ($mform->elementExists('suspended')) {
$mform->removeElement('suspended');
}
}
// require password for new users
if ($userid == -1) {
$mform->addRule('newpassword', get_string('required'), 'required', null, 'client');
}
if ($user and is_mnet_remote_user($user)) {
// only local accounts can be suspended
if ($mform->elementExists('suspended')) {
$mform->removeElement('suspended');
}
}
if ($user and ($user->id == $USER->id or is_siteadmin($user))) {
// prevent self and admin mess ups
if ($mform->elementExists('suspended')) {
$mform->hardFreeze('suspended');
}
}
// print picture
if (!empty($CFG->gdversion) and empty($USER->newadminuser)) {
if ($user) {
$context = context_user::instance($user->id, MUST_EXIST);
$fs = get_file_storage();
$hasuploadedpicture = ($fs->file_exists($context->id, 'user', 'icon', 0, '/', 'f2.png') || $fs->file_exists($context->id, 'user', 'icon', 0, '/', 'f2.jpg'));
if (!empty($user->picture) && $hasuploadedpicture) {
$imagevalue = $OUTPUT->user_picture($user, array('courseid' => SITEID, 'size'=>64));
} else {
$imagevalue = get_string('none');
}
} else {
$imagevalue = get_string('none');
}
$imageelement = $mform->getElement('currentpicture');
$imageelement->setValue($imagevalue);
if ($user && $mform->elementExists('deletepicture') && !$hasuploadedpicture) {
$mform->removeElement('deletepicture');
}
}
/// Next the customisable profile fields
profile_definition_after_data($mform, $userid);
}
/**
* Get a list of essential user navigation items.
*
* @param stdclass $user user object.
* @param moodle_page $page page object.
* @return stdClass $returnobj navigation information object, where:
*
* $returnobj->navitems array array of links where each link is a
* stdClass with fields url, title, and
* pix
* $returnobj->metadata array array of useful user metadata to be
* used when constructing navigation;
* fields include:
*
* ROLE FIELDS
* asotherrole bool whether viewing as another role
* rolename string name of the role
*
* USER FIELDS
* These fields are for the currently-logged in user, or for
* the user that the real user is currently logged in as.
*
* userid int the id of the user in question
* userfullname string the user's full name
* userprofileurl moodle_url the url of the user's profile
* useravatar string a HTML fragment - the rendered
* user_picture for this user
* userloginfail string an error string denoting the number
* of login failures since last login
*
* "REAL USER" FIELDS
* These fields are for when asotheruser is true, and
* correspond to the underlying "real user".
*
* asotheruser bool whether viewing as another user
* realuserid int the id of the user in question
* realuserfullname string the user's full name
* realuserprofileurl moodle_url the url of the user's profile
* realuseravatar string a HTML fragment - the rendered
* user_picture for this user
*
* MNET PROVIDER FIELDS
* asmnetuser bool whether viewing as a user from an
* MNet provider
* mnetidprovidername string name of the MNet provider
* mnetidproviderwwwroot string URL of the MNet provider
*/
function user_get_user_navigation_info($user, $page)
{
global $OUTPUT, $DB, $SESSION, $CFG;
$returnobject = new stdClass();
$returnobject->navitems = array();
$returnobject->metadata = array();
$course = $page->course;
// Query the environment.
$context = context_course::instance($course->id);
// Get basic user metadata.
$returnobject->metadata['userid'] = $user->id;
$returnobject->metadata['userfullname'] = fullname($user, true);
$returnobject->metadata['userprofileurl'] = new moodle_url('/user/profile.php', array('id' => $user->id));
$returnobject->metadata['useravatar'] = $OUTPUT->user_picture($user, array('link' => false, 'visibletoscreenreaders' => false));
// Build a list of items for a regular user.
// Query MNet status.
if ($returnobject->metadata['asmnetuser'] = is_mnet_remote_user($user)) {
$mnetidprovider = $DB->get_record('mnet_host', array('id' => $user->mnethostid));
$returnobject->metadata['mnetidprovidername'] = $mnetidprovider->name;
$returnobject->metadata['mnetidproviderwwwroot'] = $mnetidprovider->wwwroot;
}
// Did the user just log in?
if (isset($SESSION->justloggedin)) {
// Don't unset this flag as login_info still needs it.
if (!empty($CFG->displayloginfailures)) {
// We're already in /user/lib.php, so we don't need to include.
if ($count = user_count_login_failures($user)) {
// Get login failures string.
$a = new stdClass();
$a->attempts = html_writer::tag('span', $count, array('class' => 'value'));
$returnobject->metadata['userloginfail'] = get_string('failedloginattempts', '', $a);
}
}
}
// Links: Dashboard.
$myhome = new stdClass();
$myhome->itemtype = 'link';
$myhome->url = new moodle_url('/my/');
$myhome->title = get_string('mymoodle', 'admin');
$myhome->pix = "i/course";
$returnobject->navitems[] = $myhome;
// Links: My Profile.
$myprofile = new stdClass();
$myprofile->itemtype = 'link';
$myprofile->url = new moodle_url('/user/profile.php', array('id' => $user->id));
$myprofile->title = get_string('profile');
$myprofile->pix = "i/user";
$returnobject->navitems[] = $myprofile;
// Links: Role-return or logout link.
$lastobj = null;
$buildlogout = true;
$returnobject->metadata['asotherrole'] = false;
if (is_role_switched($course->id)) {
if ($role = $DB->get_record('role', array('id' => $user->access['rsw'][$context->path]))) {
// Build role-return link instead of logout link.
$rolereturn = new stdClass();
$rolereturn->itemtype = 'link';
$rolereturn->url = new moodle_url('/course/switchrole.php', array('id' => $course->id, 'sesskey' => sesskey(), 'switchrole' => 0, 'returnurl' => $page->url->out_as_local_url(false)));
$rolereturn->pix = "a/logout";
$rolereturn->title = get_string('switchrolereturn');
$lastobj = $rolereturn;
$returnobject->metadata['asotherrole'] = true;
$returnobject->metadata['rolename'] = role_get_name($role, $context);
$buildlogout = false;
}
}
if ($returnobject->metadata['asotheruser'] = \core\session\manager::is_loggedinas()) {
$realuser = \core\session\manager::get_realuser();
// Save values for the real user, as $user will be full of data for the
// user the user is disguised as.
$returnobject->metadata['realuserid'] = $realuser->id;
$returnobject->metadata['realuserfullname'] = fullname($realuser, true);
$returnobject->metadata['realuserprofileurl'] = new moodle_url('/user/profile.php', array('id' => $realuser->id));
$returnobject->metadata['realuseravatar'] = $OUTPUT->user_picture($realuser, array('link' => false, 'visibletoscreenreaders' => false));
// Build a user-revert link.
$userrevert = new stdClass();
$userrevert->itemtype = 'link';
$userrevert->url = new moodle_url('/course/loginas.php', array('id' => $course->id, 'sesskey' => sesskey()));
$userrevert->pix = "a/logout";
$userrevert->title = get_string('logout');
$lastobj = $userrevert;
$buildlogout = false;
}
if ($buildlogout) {
// Build a logout link.
$logout = new stdClass();
$logout->itemtype = 'link';
$logout->url = new moodle_url('/login/logout.php', array('sesskey' => sesskey()));
$logout->pix = "a/logout";
$logout->title = get_string('logout');
$lastobj = $logout;
}
// Before we add the last item (usually a logout link), add any
// custom-defined items.
$customitems = user_convert_text_to_menu_items($CFG->customusermenuitems, $page);
foreach ($customitems as $item) {
$returnobject->navitems[] = $item;
}
// Add the last item to the list.
if (!is_null($lastobj)) {
$returnobject->navitems[] = $lastobj;
}
return $returnobject;
}
/**
* Send an email to a specified user
*
* @uses $CFG
* @uses $FULLME
* @uses $MNETIDPJUMPURL IdentityProvider(IDP) URL user hits to jump to mnet peer.
* @uses SITEID
* @param user $user A {@link $USER} object
* @param user $from A {@link $USER} object
* @param string $subject plain text subject line of the email
* @param string $messagetext plain text version of the message
* @param string $messagehtml complete html version of the message (optional)
* @param string $attachment a file on the filesystem, relative to $CFG->dataroot
* @param string $attachname the name of the file (extension indicates MIME)
* @param bool $usetrueaddress determines whether $from email address should
* be sent out. Will be overruled by user profile setting for maildisplay
* @param int $wordwrapwidth custom word wrap width
* @return bool|string Returns "true" if mail was sent OK, "emailstop" if email
* was blocked by user and "false" if there was another sort of error.
*/
function email_to_user($user, $from, $subject, $messagetext, $messagehtml = '', $attachment = '', $attachname = '', $usetrueaddress = true, $replyto = '', $replytoname = '', $wordwrapwidth = 79)
{
global $CFG, $FULLME, $MNETIDPJUMPURL;
static $mnetjumps = array();
if (empty($user) || empty($user->email)) {
return false;
}
if (!empty($user->deleted)) {
// do not mail delted users
return false;
}
if (!empty($CFG->noemailever)) {
// hidden setting for development sites, set in config.php if needed
return true;
}
// skip mail to suspended users
if (isset($user->auth) && $user->auth == 'nologin') {
return true;
}
if (!empty($user->emailstop)) {
return 'emailstop';
}
if (over_bounce_threshold($user)) {
error_log("User {$user->id} (" . fullname($user) . ") is over bounce threshold! Not sending.");
return false;
}
// If the user is a remote mnet user, parse the email text for URL to the
// wwwroot and modify the url to direct the user's browser to login at their
// home site (identity provider - idp) before hitting the link itself
if (is_mnet_remote_user($user)) {
require_once $CFG->dirroot . '/mnet/lib.php';
// Form the request url to hit the idp's jump.php
if (isset($mnetjumps[$user->mnethostid])) {
$MNETIDPJUMPURL = $mnetjumps[$user->mnethostid];
} else {
$idp = mnet_get_peer_host($user->mnethostid);
$idpjumppath = '/auth/mnet/jump.php';
$MNETIDPJUMPURL = $idp->wwwroot . $idpjumppath . '?hostwwwroot=' . $CFG->wwwroot . '&wantsurl=';
$mnetjumps[$user->mnethostid] = $MNETIDPJUMPURL;
}
$messagetext = preg_replace_callback("%({$CFG->wwwroot}[^[:space:]]*)%", 'mnet_sso_apply_indirection', $messagetext);
$messagehtml = preg_replace_callback("%href=[\"'`]({$CFG->wwwroot}[\\w_:\\?=#&@/;.~-]*)[\"'`]%", 'mnet_sso_apply_indirection', $messagehtml);
}
$mail =& get_mailer();
if (!empty($mail->SMTPDebug)) {
echo '<pre>' . "\n";
}
/// We are going to use textlib services here
$textlib = textlib_get_instance();
$supportuser = generate_email_supportuser();
// make up an email address for handling bounces
if (!empty($CFG->handlebounces)) {
$modargs = 'B' . base64_encode(pack('V', $user->id)) . substr(md5($user->email), 0, 16);
$mail->Sender = generate_email_processing_address(0, $modargs);
} else {
$mail->Sender = $supportuser->email;
}
if (is_string($from)) {
// So we can pass whatever we want if there is need
$mail->From = $CFG->noreplyaddress;
$mail->FromName = $from;
} else {
if ($usetrueaddress and $from->maildisplay) {
$mail->From = stripslashes($from->email);
$mail->FromName = fullname($from);
} else {
$mail->From = $CFG->noreplyaddress;
$mail->FromName = fullname($from);
if (empty($replyto)) {
$mail->AddReplyTo($CFG->noreplyaddress, get_string('noreplyname'));
}
}
}
if (!empty($replyto)) {
$mail->AddReplyTo($replyto, $replytoname);
}
$mail->Subject = substr(stripslashes($subject), 0, 900);
$mail->AddAddress(stripslashes($user->email), fullname($user));
$mail->WordWrap = $wordwrapwidth;
// set word wrap
if (!empty($from->customheaders)) {
// Add custom headers
if (is_array($from->customheaders)) {
foreach ($from->customheaders as $customheader) {
$mail->AddCustomHeader($customheader);
}
} else {
$mail->AddCustomHeader($from->customheaders);
}
}
if (!empty($from->priority)) {
$mail->Priority = $from->priority;
}
if ($messagehtml && $user->mailformat == 1) {
// Don't ever send HTML to users who don't want it
$mail->IsHTML(true);
$mail->Encoding = 'quoted-printable';
// Encoding to use
$mail->Body = $messagehtml;
$mail->AltBody = "\n{$messagetext}\n";
} else {
$mail->IsHTML(false);
$mail->Body = "\n{$messagetext}\n";
}
if ($attachment && $attachname) {
if (ereg("\\.\\.", $attachment)) {
// Security check for ".." in dir path
$mail->AddAddress($supportuser->email, fullname($supportuser, true));
$mail->AddStringAttachment('Error in attachment. User attempted to attach a filename with a unsafe name.', 'error.txt', '8bit', 'text/plain');
} else {
require_once $CFG->libdir . '/filelib.php';
$mimetype = mimeinfo('type', $attachname);
$mail->AddAttachment($CFG->dataroot . '/' . $attachment, $attachname, 'base64', $mimetype);
}
}
/// If we are running under Unicode and sitemailcharset or allowusermailcharset are set, convert the email
/// encoding to the specified one
if (!empty($CFG->sitemailcharset) || !empty($CFG->allowusermailcharset)) {
/// Set it to site mail charset
$charset = $CFG->sitemailcharset;
/// Overwrite it with the user mail charset
if (!empty($CFG->allowusermailcharset)) {
if ($useremailcharset = get_user_preferences('mailcharset', '0', $user->id)) {
$charset = $useremailcharset;
}
}
/// If it has changed, convert all the necessary strings
$charsets = get_list_of_charsets();
unset($charsets['UTF-8']);
if (in_array($charset, $charsets)) {
/// Save the new mail charset
$mail->CharSet = $charset;
/// And convert some strings
$mail->FromName = $textlib->convert($mail->FromName, 'utf-8', $mail->CharSet);
//From Name
foreach ($mail->ReplyTo as $key => $rt) {
//ReplyTo Names
$mail->ReplyTo[$key][1] = $textlib->convert($rt[1], 'utf-8', $mail->CharSet);
}
$mail->Subject = $textlib->convert($mail->Subject, 'utf-8', $mail->CharSet);
//Subject
foreach ($mail->to as $key => $to) {
$mail->to[$key][1] = $textlib->convert($to[1], 'utf-8', $mail->CharSet);
//To Names
}
$mail->Body = $textlib->convert($mail->Body, 'utf-8', $mail->CharSet);
//Body
$mail->AltBody = $textlib->convert($mail->AltBody, 'utf-8', $mail->CharSet);
//Subject
}
}
if ($mail->Send()) {
set_send_count($user);
$mail->IsSMTP();
// use SMTP directly
if (!empty($mail->SMTPDebug)) {
echo '</pre>';
}
return true;
} else {
mtrace('ERROR: ' . $mail->ErrorInfo);
add_to_log(SITEID, 'library', 'mailer', $FULLME, 'ERROR: ' . $mail->ErrorInfo);
if (!empty($mail->SMTPDebug)) {
echo '</pre>';
}
return false;
}
}
/**
* Return the standard string that says whether you are logged in (and switched
* roles/logged in as another user).
* @param bool $withlinks if false, then don't include any links in the HTML produced.
* If not set, the default is the nologinlinks option from the theme config.php file,
* and if that is not set, then links are included.
* @return string HTML fragment.
*/
public function login_info($withlinks = null)
{
global $USER, $CFG, $DB, $SESSION;
if (during_initial_install()) {
return '';
}
if (is_null($withlinks)) {
$withlinks = empty($this->page->layout_options['nologinlinks']);
}
$loginpage = (string) $this->page->url === get_login_url();
$course = $this->page->course;
if (\core\session\manager::is_loggedinas()) {
$realuser = \core\session\manager::get_realuser();
$fullname = fullname($realuser, true);
if ($withlinks) {
$loginastitle = get_string('loginas');
$realuserinfo = " [<a href=\"{$CFG->wwwroot}/course/loginas.php?id={$course->id}&sesskey=" . sesskey() . "\"";
$realuserinfo .= "title =\"" . $loginastitle . "\">{$fullname}</a>] ";
} else {
$realuserinfo = " [{$fullname}] ";
}
} else {
$realuserinfo = '';
}
$loginurl = get_login_url();
if (empty($course->id)) {
// $course->id is not defined during installation
return '';
} else {
if (isloggedin()) {
$context = context_course::instance($course->id);
$fullname = fullname($USER, true);
// Since Moodle 2.0 this link always goes to the public profile page (not the course profile page)
if ($withlinks) {
$linktitle = get_string('viewprofile');
$username = "******"{$CFG->wwwroot}/user/profile.php?id={$USER->id}\" title=\"{$linktitle}\">{$fullname}</a>";
} else {
$username = $fullname;
}
if (is_mnet_remote_user($USER) and $idprovider = $DB->get_record('mnet_host', array('id' => $USER->mnethostid))) {
if ($withlinks) {
$username .= " from <a href=\"{$idprovider->wwwroot}\">{$idprovider->name}</a>";
} else {
$username .= " from {$idprovider->name}";
}
}
if (isguestuser()) {
$loggedinas = $realuserinfo . get_string('loggedinasguest');
if (!$loginpage && $withlinks) {
$loggedinas .= " (<a href=\"{$loginurl}\">" . get_string('login') . '</a>)';
}
} else {
if (is_role_switched($course->id)) {
// Has switched roles
$rolename = '';
if ($role = $DB->get_record('role', array('id' => $USER->access['rsw'][$context->path]))) {
$rolename = ': ' . role_get_name($role, $context);
}
$loggedinas = get_string('loggedinas', 'moodle', $username) . $rolename;
if ($withlinks) {
$url = new moodle_url('/course/switchrole.php', array('id' => $course->id, 'sesskey' => sesskey(), 'switchrole' => 0, 'returnurl' => $this->page->url->out_as_local_url(false)));
$loggedinas .= '(' . html_writer::tag('a', get_string('switchrolereturn'), array('href' => $url)) . ')';
}
} else {
$loggedinas = $realuserinfo . get_string('loggedinas', 'moodle', $username);
if ($withlinks) {
echo "<i class='fa fa-user hide979 mywhite'></i> ";
//****************$loggedinas .= " (<a href=\"$CFG->wwwroot/login/logout.php?sesskey=".sesskey()."\">".get_string('logout').'</a>)';
$loggedinas .= " <span class=\"line-trans\">|</span><a class=\"logtop\" href=\"{$CFG->wwwroot}/login/logout.php?sesskey=" . sesskey() . "\"> " . get_string('logout') . '</a><span class="line-trans"> |</span>';
}
}
}
} else {
$loggedinas = get_string('loggedinnot', 'moodle');
if (!$loginpage && $withlinks) {
//****************$loggedinas $loggedinas .= " (<a href=\"$loginurl\">".get_string('login').'</a>)';
echo "<i class='fa fa-lock hide979 mywhite'></i> ";
$loggedinas .= " | <a href=\"{$loginurl}\">" . get_string('login') . '</a> |';
}
}
}
$loggedinas = '<div class="logininfo">' . $loggedinas . '</div>';
if (isset($SESSION->justloggedin)) {
unset($SESSION->justloggedin);
if (!empty($CFG->displayloginfailures)) {
if (!isguestuser()) {
if ($count = count_login_failures($CFG->displayloginfailures, $USER->username, $USER->lastlogin)) {
$loggedinas .= ' <div class="loginfailures">';
if (empty($count->accounts)) {
$loggedinas .= get_string('failedloginattempts', '', $count);
} else {
$loggedinas .= get_string('failedloginattemptsall', '', $count);
}
if (file_exists("{$CFG->dirroot}/report/log/index.php") and has_capability('report/log:view', context_system::instance())) {
$loggedinas .= ' (<a href="' . $CFG->wwwroot . '/report/log/index.php' . '?chooselog=1&id=1&modid=site_errors">' . get_string('logs') . '</a>)';
}
$loggedinas .= '</div>';
}
}
}
}
return $loggedinas;
}
/**
* Returns text to be displayed to the user which reflects their login status
*
* @uses $CFG
* @uses $USER
* @param course $course {@link $COURSE} object containing course information
* @param user $user {@link $USER} object containing user information
* @return string
*/
function user_login_string($course = NULL, $user = NULL)
{
global $USER, $CFG, $SITE, $DB;
if (empty($user) and !empty($USER->id)) {
$user = $USER;
}
if (empty($course)) {
$course = $SITE;
}
if (session_is_loggedinas()) {
$realuser = session_get_realuser();
$fullname = fullname($realuser, true);
$realuserinfo = " [<a {$CFG->frametarget}\n href=\"{$CFG->wwwroot}/course/loginas.php?id={$course->id}&return=1&sesskey=" . sesskey() . "\">{$fullname}</a>] ";
} else {
$realuserinfo = '';
}
$loginurl = get_login_url();
if (empty($course->id)) {
// $course->id is not defined during installation
return '';
} else {
if (!empty($user->id)) {
$context = get_context_instance(CONTEXT_COURSE, $course->id);
$fullname = fullname($user, true);
$username = "******"{$CFG->wwwroot}/user/view.php?id={$user->id}&course={$course->id}\">{$fullname}</a>";
if (is_mnet_remote_user($user) and $idprovider = $DB->get_record('mnet_host', array('id' => $user->mnethostid))) {
$username .= " from <a {$CFG->frametarget} href=\"{$idprovider->wwwroot}\">{$idprovider->name}</a>";
}
if (isset($user->username) && $user->username == 'guest') {
$loggedinas = $realuserinfo . get_string('loggedinasguest') . " (<a {$CFG->frametarget} href=\"{$loginurl}\">" . get_string('login') . '</a>)';
} else {
if (!empty($user->access['rsw'][$context->path])) {
$rolename = '';
if ($role = $DB->get_record('role', array('id' => $user->access['rsw'][$context->path]))) {
$rolename = ': ' . format_string($role->name);
}
$loggedinas = get_string('loggedinas', 'moodle', $username) . $rolename . " (<a {$CFG->frametarget}\n href=\"{$CFG->wwwroot}/course/view.php?id={$course->id}&switchrole=0&sesskey=" . sesskey() . "\">" . get_string('switchrolereturn') . '</a>)';
} else {
$loggedinas = $realuserinfo . get_string('loggedinas', 'moodle', $username) . ' ' . " (<a {$CFG->frametarget} href=\"{$CFG->wwwroot}/login/logout.php?sesskey=" . sesskey() . "\">" . get_string('logout') . '</a>)';
}
}
} else {
$loggedinas = get_string('loggedinnot', 'moodle') . " (<a {$CFG->frametarget} href=\"{$loginurl}\">" . get_string('login') . '</a>)';
}
}
return '<div class="logininfo">' . $loggedinas . '</div>';
}
/**
* This function gets called by {@link settings_navigation::load_user_settings()} and actually works out
* what can be shown/done
*
* @param int $courseid The current course' id
* @param int $userid The user id to load for
* @param string $gstitle The string to pass to get_string for the branch title
* @return navigation_node|false
*/
protected function generate_user_settings($courseid, $userid, $gstitle = 'usercurrentsettings')
{
global $DB, $CFG, $USER, $SITE;
if ($courseid != $SITE->id) {
if (!empty($this->page->course->id) && $this->page->course->id == $courseid) {
$course = $this->page->course;
} else {
$select = context_helper::get_preload_record_columns_sql('ctx');
$sql = "SELECT c.*, {$select}\n FROM {course} c\n JOIN {context} ctx ON c.id = ctx.instanceid\n WHERE c.id = :courseid AND ctx.contextlevel = :contextlevel";
$params = array('courseid' => $courseid, 'contextlevel' => CONTEXT_COURSE);
$course = $DB->get_record_sql($sql, $params, MUST_EXIST);
context_helper::preload_from_record($course);
}
} else {
$course = $SITE;
}
$coursecontext = get_context_instance(CONTEXT_COURSE, $course->id);
// Course context
$systemcontext = get_system_context();
$currentuser = $USER->id == $userid;
if ($currentuser) {
$user = $USER;
$usercontext = get_context_instance(CONTEXT_USER, $user->id);
// User context
} else {
$select = context_helper::get_preload_record_columns_sql('ctx');
$sql = "SELECT u.*, {$select}\n FROM {user} u\n JOIN {context} ctx ON u.id = ctx.instanceid\n WHERE u.id = :userid AND ctx.contextlevel = :contextlevel";
$params = array('userid' => $userid, 'contextlevel' => CONTEXT_USER);
$user = $DB->get_record_sql($sql, $params, IGNORE_MISSING);
if (!$user) {
return false;
}
context_helper::preload_from_record($user);
// Check that the user can view the profile
$usercontext = get_context_instance(CONTEXT_USER, $user->id);
// User context
$canviewuser = has_capability('moodle/user:viewdetails', $usercontext);
if ($course->id == $SITE->id) {
if ($CFG->forceloginforprofiles && !has_coursecontact_role($user->id) && !$canviewuser) {
// Reduce possibility of "browsing" userbase at site level
// Teachers can browse and be browsed at site level. If not forceloginforprofiles, allow access (bug #4366)
return false;
}
} else {
$canviewusercourse = has_capability('moodle/user:viewdetails', $coursecontext);
$canaccessallgroups = has_capability('moodle/site:accessallgroups', $coursecontext);
if (!$canviewusercourse && !$canviewuser || !can_access_course($course, $user->id)) {
return false;
}
if (!$canaccessallgroups && groups_get_course_groupmode($course) == SEPARATEGROUPS) {
// If groups are in use, make sure we can see that group
return false;
}
}
}
$fullname = fullname($user, has_capability('moodle/site:viewfullnames', $this->page->context));
$key = $gstitle;
if ($gstitle != 'usercurrentsettings') {
$key .= $userid;
}
// Add a user setting branch
$usersetting = $this->add(get_string($gstitle, 'moodle', $fullname), null, self::TYPE_CONTAINER, null, $key);
$usersetting->id = 'usersettings';
if ($this->page->context->contextlevel == CONTEXT_USER && $this->page->context->instanceid == $user->id) {
// Automatically start by making it active
$usersetting->make_active();
}
// Check if the user has been deleted
if ($user->deleted) {
if (!has_capability('moodle/user:update', $coursecontext)) {
// We can't edit the user so just show the user deleted message
$usersetting->add(get_string('userdeleted'), null, self::TYPE_SETTING);
} else {
// We can edit the user so show the user deleted message and link it to the profile
if ($course->id == $SITE->id) {
$profileurl = new moodle_url('/user/profile.php', array('id' => $user->id));
} else {
$profileurl = new moodle_url('/user/view.php', array('id' => $user->id, 'course' => $course->id));
}
$usersetting->add(get_string('userdeleted'), $profileurl, self::TYPE_SETTING);
}
return true;
}
$userauthplugin = false;
if (!empty($user->auth)) {
$userauthplugin = get_auth_plugin($user->auth);
}
// Add the profile edit link
if (isloggedin() && !isguestuser($user) && !is_mnet_remote_user($user)) {
if (($currentuser || is_siteadmin($USER) || !is_siteadmin($user)) && has_capability('moodle/user:update', $systemcontext)) {
$url = new moodle_url('/user/editadvanced.php', array('id' => $user->id, 'course' => $course->id));
$usersetting->add(get_string('editmyprofile'), $url, self::TYPE_SETTING);
} else {
if (has_capability('moodle/user:editprofile', $usercontext) && !is_siteadmin($user) || $currentuser && has_capability('moodle/user:editownprofile', $systemcontext)) {
if ($userauthplugin && $userauthplugin->can_edit_profile()) {
$url = $userauthplugin->edit_profile_url();
if (empty($url)) {
$url = new moodle_url('/user/edit.php', array('id' => $user->id, 'course' => $course->id));
}
$usersetting->add(get_string('editmyprofile'), $url, self::TYPE_SETTING);
}
}
}
}
// Change password link
if ($userauthplugin && $currentuser && !session_is_loggedinas() && !isguestuser() && has_capability('moodle/user:changeownpassword', $systemcontext) && $userauthplugin->can_change_password()) {
$passwordchangeurl = $userauthplugin->change_password_url();
if (empty($passwordchangeurl)) {
$passwordchangeurl = new moodle_url('/login/change_password.php', array('id' => $course->id));
}
$usersetting->add(get_string("changepassword"), $passwordchangeurl, self::TYPE_SETTING);
}
// View the roles settings
if (has_any_capability(array('moodle/role:assign', 'moodle/role:safeoverride', 'moodle/role:override', 'moodle/role:manage'), $usercontext)) {
$roles = $usersetting->add(get_string('roles'), null, self::TYPE_SETTING);
$url = new moodle_url('/admin/roles/usersroles.php', array('userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('thisusersroles', 'role'), $url, self::TYPE_SETTING);
$assignableroles = get_assignable_roles($usercontext, ROLENAME_BOTH);
if (!empty($assignableroles)) {
$url = new moodle_url('/admin/roles/assign.php', array('contextid' => $usercontext->id, 'userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('assignrolesrelativetothisuser', 'role'), $url, self::TYPE_SETTING);
}
if (has_capability('moodle/role:review', $usercontext) || count(get_overridable_roles($usercontext, ROLENAME_BOTH)) > 0) {
$url = new moodle_url('/admin/roles/permissions.php', array('contextid' => $usercontext->id, 'userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('permissions', 'role'), $url, self::TYPE_SETTING);
}
$url = new moodle_url('/admin/roles/check.php', array('contextid' => $usercontext->id, 'userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('checkpermissions', 'role'), $url, self::TYPE_SETTING);
}
// Portfolio
if ($currentuser && !empty($CFG->enableportfolios) && has_capability('moodle/portfolio:export', $systemcontext)) {
require_once $CFG->libdir . '/portfoliolib.php';
if (portfolio_instances(true, false)) {
$portfolio = $usersetting->add(get_string('portfolios', 'portfolio'), null, self::TYPE_SETTING);
$url = new moodle_url('/user/portfolio.php', array('courseid' => $course->id));
$portfolio->add(get_string('configure', 'portfolio'), $url, self::TYPE_SETTING);
$url = new moodle_url('/user/portfoliologs.php', array('courseid' => $course->id));
$portfolio->add(get_string('logs', 'portfolio'), $url, self::TYPE_SETTING);
}
}
$enablemanagetokens = false;
if (!empty($CFG->enablerssfeeds)) {
$enablemanagetokens = true;
} else {
if (!is_siteadmin($USER->id) && !empty($CFG->enablewebservices) && has_capability('moodle/webservice:createtoken', get_system_context())) {
$enablemanagetokens = true;
}
}
// Security keys
if ($currentuser && $enablemanagetokens) {
$url = new moodle_url('/user/managetoken.php', array('sesskey' => sesskey()));
$usersetting->add(get_string('securitykeys', 'webservice'), $url, self::TYPE_SETTING);
}
// Repository
if (!$currentuser && $usercontext->contextlevel == CONTEXT_USER) {
if (!$this->cache->cached('contexthasrepos' . $usercontext->id)) {
require_once $CFG->dirroot . '/repository/lib.php';
$editabletypes = repository::get_editable_types($usercontext);
$haseditabletypes = !empty($editabletypes);
unset($editabletypes);
$this->cache->set('contexthasrepos' . $usercontext->id, $haseditabletypes);
} else {
$haseditabletypes = $this->cache->{'contexthasrepos' . $usercontext->id};
}
if ($haseditabletypes) {
$url = new moodle_url('/repository/manage_instances.php', array('contextid' => $usercontext->id));
$usersetting->add(get_string('repositories', 'repository'), $url, self::TYPE_SETTING);
}
}
// Messaging
if ($currentuser && has_capability('moodle/user:editownmessageprofile', $systemcontext) || !isguestuser($user) && has_capability('moodle/user:editmessageprofile', $usercontext) && !is_primary_admin($user->id)) {
$url = new moodle_url('/message/edit.php', array('id' => $user->id));
$usersetting->add(get_string('editmymessage', 'message'), $url, self::TYPE_SETTING);
}
// Blogs
if ($currentuser && !empty($CFG->bloglevel)) {
$blog = $usersetting->add(get_string('blogs', 'blog'), null, navigation_node::TYPE_CONTAINER, null, 'blogs');
$blog->add(get_string('preferences', 'blog'), new moodle_url('/blog/preferences.php'), navigation_node::TYPE_SETTING);
if (!empty($CFG->useexternalblogs) && $CFG->maxexternalblogsperuser > 0 && has_capability('moodle/blog:manageexternal', get_context_instance(CONTEXT_SYSTEM))) {
$blog->add(get_string('externalblogs', 'blog'), new moodle_url('/blog/external_blogs.php'), navigation_node::TYPE_SETTING);
$blog->add(get_string('addnewexternalblog', 'blog'), new moodle_url('/blog/external_blog_edit.php'), navigation_node::TYPE_SETTING);
}
}
// Login as ...
if (!$user->deleted and !$currentuser && !session_is_loggedinas() && has_capability('moodle/user:loginas', $coursecontext) && !is_siteadmin($user->id)) {
$url = new moodle_url('/course/loginas.php', array('id' => $course->id, 'user' => $user->id, 'sesskey' => sesskey()));
$usersetting->add(get_string('loginas'), $url, self::TYPE_SETTING);
}
return $usersetting;
}
// require proper login; guest user can not change password
if (!isloggedin() or isguestuser()) {
if (empty($SESSION->wantsurl)) {
$SESSION->wantsurl = $CFG->httpswwwroot . '/login/change_password.php';
}
redirect(get_login_url());
}
// do not require change own password cap if change forced
if (!get_user_preferences('auth_forcepasswordchange', false)) {
require_capability('moodle/user:changeownpassword', $systemcontext);
}
// do not allow "Logged in as" users to change any passwords
if (session_is_loggedinas()) {
print_error('cannotcallscript');
}
if (is_mnet_remote_user($USER)) {
$message = get_string('usercannotchangepassword', 'mnet');
if ($idprovider = $DB->get_record('mnet_host', array('id' => $USER->mnethostid))) {
$message .= get_string('userchangepasswordlink', 'mnet', $idprovider);
}
print_error('userchangepasswordlink', 'mnet', '', $message);
}
// load the appropriate auth plugin
$userauth = get_auth_plugin($USER->auth);
if (!$userauth->can_change_password()) {
print_error('nopasswordchange', 'auth');
}
if ($changeurl = $userauth->change_password_url()) {
// this internal scrip not used
redirect($changeurl);
}
