/** * Sets the specified account settings to the current user. * A table with | Setting label | value | is expected. * * @Given /^I set the following account settings values:$/ * @param TableNode $table */ public function i_set_account_settings(TableNode $table) { global $USER; $prefs = array(); foreach ($table->getHash() as $accountpref) { $prefs[$accountpref['field']] = $accountpref['value']; } // Validate the settings if (isset($prefs['urlid']) && get_config('cleanurls') && $prefs['urlid'] != $USER->get('urlid')) { if (strlen($prefs['urlid']) < 3) { throw new Exception("Invalid urlid: " . get_string('rule.minlength.minlength', 'pieforms', 3)); } else { if (record_exists('usr', 'urlid', $prefs['urlid'])) { throw new Exception("Invalid urlid: " . get_string('urlalreadytaken', 'account')); } } } if (get_config('allowmobileuploads')) { foreach ($prefs['mobileuploadtoken'] as $k => $text) { if (strlen($text) > 0 && !preg_match('/^[a-zA-Z0-9 !@#$%^&*()\\-_=+\\[{\\]};:\'",<\\.>\\/?]{6,}$/', $text)) { throw new Exception("Invalid mobileuploadtoken: " . get_string('badmobileuploadtoken', 'account')); } } } // Update user's account settings db_begin(); // use this as looping through values is not safe. $expectedprefs = expected_account_preferences(); if (isset($prefs['maildisabled']) && $prefs['maildisabled'] == 0 && get_account_preference($USER->get('id'), 'maildisabled') == 1) { // Reset the sent and bounce counts otherwise mail will be disabled // on the next send attempt $u = new StdClass(); $u->email = $USER->get('email'); $u->id = $USER->get('id'); update_bounce_count($u, true); update_send_count($u, true); } // Remember the user's language & theme prefs, so we can reload the page if they change them $oldlang = $USER->get_account_preference('lang'); $oldtheme = $USER->get_account_preference('theme'); $oldgroupsideblockmaxgroups = $USER->get_account_preference('groupsideblockmaxgroups'); $oldgroupsideblocksortby = $USER->get_account_preference('groupsideblocksortby'); if (get_config('allowmobileuploads') && isset($prefs['mobileuploadtoken'])) { // Make sure the mobile token is formatted / saved correctly $prefs['mobileuploadtoken'] = array_filter($prefs['mobileuploadtoken']); $new_token_pref = '|' . join('|', $prefs['mobileuploadtoken']) . '|'; $USER->set_account_preference('mobileuploadtoken', $new_token_pref); unset($prefs['mobileuploadtoken']); } // Set user account preferences foreach ($expectedprefs as $eprefkey => $epref) { if (isset($prefs[$eprefkey]) && $prefs[$eprefkey] !== get_account_preference($USER->get('id'), $eprefkey)) { $USER->set_account_preference($eprefkey, $prefs[$eprefkey]); } } db_commit(); }
public static function render_instance(BlockInstance $instance, $editing = false) { global $USER; // Get site wide Embed.ly API key $embedlyapikey = get_config_plugin('blocktype', 'embedly', 'embedlysiteapikey'); // Get user's Embed.ly API key if site wide key is empty or not set if (empty($embedlyapikey) || !isset($embedlyapikey)) { $owner = $instance->get('view_obj')->get('owner'); $embedlyapikey = get_account_preference($owner, 'embedlyapikey'); } $configdata = $instance->get('configdata'); $width = !empty($configdata['width']) ? hsc($configdata['width']) : null; $height = !empty($configdata['height']) ? hsc($configdata['height']) : null; $align = !empty($configdata['align']) ? hsc($configdata['align']) : 'left'; $result = ''; // To silence warning if (isset($configdata['mediaid'])) { // IE seems to wait for all elements on the page to load // fully before the onload event goes off. This means the // view editor isn't initialised until all videos have // finished loading, and an invalid video URL can stop the // editor from loading and result in an uneditable view. // Therefore, when this block appears on first load of the // view editing page, keep the embed code out of the page // initially and add it in after the page has loaded. $url = 'http://api.embed.ly/1/oembed?key=' . $embedlyapikey . '&url=' . urlencode($configdata['mediaid']) . '&maxwidth=' . $width . '&maxheight=' . $height . '&wmode=transparent'; $request = array(CURLOPT_URL => $url); $result = mahara_http_request($request); $data = json_decode($result->data, true); $result = '<div class="' . $align . '">'; $result .= '<p>' . $configdata['mediadesc'] . '</p>'; switch ($data['type']) { case 'photo': $result .= '<img src="' . $data['url'] . '" width="' . $width . '" height="' . $height . '" border="0">'; break; case 'video': case 'rich': $result .= $data['html']; break; case 'link': $result .= $configdata['mediaid']; break; } if (isset($data['description']) && !empty($configdata['showdescription'])) { $result .= '<p>' . nl2br($data['description']) . '</p>'; } $result .= '</div>'; } return $result; }
public static function render_instance(BlockInstance $instance, $editing = false) { global $USER, $exporter; $userid = $instance->get_view()->get('owner'); if (!$userid) { // 'My Friends' doesn't make sense for group/site views return ''; } $limit = isset($exporter) ? false : MAXFRIENDDISPLAY; $friends = get_friends($userid, $limit, 0); if ($friends['count']) { self::build_myfriends_html($friends, $userid, $instance); } else { $friends = false; } $smarty = smarty_core(); $smarty->assign('friends', $friends); $smarty->assign('searchingforfriends', array('<a href="' . get_config('wwwroot') . 'user/find.php">', '</a>')); // If the user has no friends, try and display something useful, such // as a 'request friendship' button if (!$friends) { $loggedinid = $USER->get('id'); $is_friend = is_friend($userid, $loggedinid); if ($is_friend) { $relationship = 'existingfriend'; } else { if (record_exists('usr_friend_request', 'requester', $loggedinid, 'owner', $userid)) { $relationship = 'requestedfriendship'; } else { $relationship = 'none'; $friendscontrol = get_account_preference($userid, 'friendscontrol'); if ($friendscontrol == 'auto') { require_once 'pieforms/pieform.php'; $newfriendform = pieform(array('name' => 'myfriends_addfriend', 'successcallback' => 'addfriend_submit', 'autofocus' => false, 'renderer' => 'div', 'elements' => array('add' => array('type' => 'button', 'usebuttontag' => true, 'class' => 'btn-default', 'value' => '<span class="icon icon-user-plus icon-lg prs"></span>' . get_string('addtomyfriends', 'group')), 'id' => array('type' => 'hidden', 'value' => $userid)))); $smarty->assign('newfriendform', $newfriendform); } $smarty->assign('friendscontrol', $friendscontrol); } } $smarty->assign('relationship', $relationship); } $smarty->assign('loggedin', is_logged_in()); $smarty->assign('lookingatownpage', $USER->get('id') == $userid); $smarty->assign('USERID', $userid); return $smarty->fetch('blocktype:myfriends:myfriends.tpl'); }
/** * can a user send a message to another? * * @param int/object from the user to send the message * @param int/object to the user to receive the message * @return boolean whether userfrom is allowed to send messages to userto */ function can_send_message($from, $to) { if (empty($from)) { return false; // not logged in } if (!is_object($from)) { $from = get_record('usr', 'id', $from); } if (is_object($to)) { $to = $to->id; } $messagepref = get_account_preference($to, 'messages'); return is_friend($from->id, $to) && $messagepref == 'friends' || $messagepref == 'allow' || $from->admin; }
public static function views_by_owner($group = null, $institution = null) { global $USER; // Pagination configuration $setlimit = true; $limit = param_integer('limit', 0); $userlimit = get_account_preference($USER->get('id'), 'viewsperpage'); if ($limit > 0 && $limit != $userlimit) { $USER->set_account_preference('viewsperpage', $limit); } else { $limit = $userlimit; } $offset = param_integer('offset', 0); // load default page order from user settings as default and overwrite, if changed $usersettingorderby = get_account_preference($USER->get('id'), 'orderpagesby'); $orderby = param_variable('orderby', $usersettingorderby); if ($usersettingorderby !== $orderby) { set_account_preference($USER->get('id'), 'orderpagesby', $orderby); } $query = param_variable('query', null); $tag = param_variable('tag', null); $searchoptions = array('titleanddescription' => get_string('titleanddescription', 'view'), 'tagsonly' => get_string('tagsonly', 'view')); if (!empty($tag)) { $searchtype = 'tagsonly'; $searchdefault = $tag; $query = null; } else { $searchtype = 'titleanddescription'; $searchdefault = $query; } $searchform = array('name' => 'searchviews', 'checkdirtychange' => false, 'class' => 'with-heading form-inline', 'elements' => array('searchwithin' => array('type' => 'fieldset', 'class' => 'dropdown-group js-dropdown-group', 'elements' => array('query' => array('type' => 'text', 'title' => get_string('search') . ': ', 'class' => 'with-dropdown js-with-dropdown', 'defaultvalue' => $searchdefault), 'type' => array('title' => get_string('searchwithin') . ': ', 'class' => 'dropdown-connect js-dropdown-connect searchviews-type', 'type' => 'select', 'options' => $searchoptions, 'defaultvalue' => $searchtype))), 'setlimit' => array('type' => 'hidden', 'value' => $setlimit), 'orderbygroup' => array('type' => 'fieldset', 'class' => 'input-group', 'elements' => array('orderby' => array('type' => 'select', 'class' => 'input-small', 'title' => get_string('sortby'), 'options' => array('atoz' => get_string('defaultsort', 'view'), 'latestcreated' => get_string('latestcreated', 'view'), 'latestmodified' => get_string('latestmodified', 'view'), 'latestviewed' => get_string('latestviewed', 'view'), 'mostvisited' => get_string('mostvisited', 'view'), 'mostcomments' => get_string('mostcomments', 'view')), 'defaultvalue' => $orderby), 'submit' => array('type' => 'button', 'usebuttontag' => true, 'class' => 'btn-primary input-group-btn no-label', 'value' => get_string('search')))))); if ($group) { $searchform['elements']['group'] = array('type' => 'hidden', 'name' => 'group', 'value' => $group); } else { if ($institution) { $searchform['elements']['institution'] = array('type' => 'hidden', 'name' => 'institution', 'value' => $institution); } } $searchform = pieform($searchform); $data = self::get_myviews_data($limit, $offset, $query, $tag, $group, $institution, $orderby); $url = self::get_myviews_url($group, $institution, $query, $tag, $orderby); $pagination = build_pagination(array('url' => $url, 'count' => $data->count, 'limit' => $limit, 'setlimit' => $setlimit, 'offset' => $offset, 'jumplinks' => 6, 'numbersincludeprevnext' => 2)); return array($searchform, $data, $pagination); }
/** * Get a table of elements that can be used to set notification settings for the specified user, or for the site defaults. * * @param object $user whose settings are being displayed or... * @param bool $sitedefaults true if the elements should be loaded from the site default settings. * @return array of elements suitable for adding to a pieforms form. */ function get_notification_settings_elements($user = null, $sitedefaults = false) { global $SESSION; if ($user == null && !$sitedefaults) { throw new SystemException("Function get_notification_settings_elements requires a user or sitedefaults must be true"); } if ($sitedefaults || $user->get('admin') || $user->is_institutional_admin()) { $activitytypes = get_records_array('activity_type', '', '', 'id'); } else { $activitytypes = get_records_array('activity_type', 'admin', 0, 'id'); $activitytypes = get_special_notifications($user, $activitytypes); } $notifications = plugins_installed('notification'); $elements = array(); $options = array(); foreach ($notifications as $notification) { $options[$notification->name] = get_string('name', 'notification.' . $notification->name); } $maildisabledmsg = false; foreach ($activitytypes as $type) { // Find the default value. if ($sitedefaults) { $dv = $type->defaultmethod; } else { $dv = $user->get_activity_preference($type->id); if ($dv === false) { $dv = $type->defaultmethod; } } if (empty($dv)) { $dv = 'none'; } // Create one maildisabled error message if applicable. if (!$sitedefaults && $dv == 'email' && !isset($maildisabledmsg) && get_account_preference($user->get('id'), 'maildisabled')) { $SESSION->add_error_msg(get_string('maildisableddescription', 'account', get_config('wwwroot') . 'account/index.php'), false); $maildisabledmsg = true; } // Calculate the key. if (empty($type->plugintype)) { $key = "activity_{$type->name}"; } else { $key = "activity_{$type->name}_{$type->plugintype}_{$type->pluginname}"; } // Find the row title and section. $rowtitle = $type->name; if (!empty($type->plugintype)) { $section = $type->plugintype . '.' . $type->pluginname; } else { $section = 'activity'; } // Create the element. $elements[$key] = array('defaultvalue' => $dv, 'type' => 'select', 'title' => get_string('type' . $rowtitle, $section), 'options' => $options, 'help' => true); // Set up the help. $elements[$key]['helpformname'] = 'activityprefs'; if (empty($type->plugintype)) { $elements[$key]['helpplugintype'] = 'core'; $elements[$key]['helppluginname'] = 'account'; } else { $elements[$key]['helpplugintype'] = $type->plugintype; $elements[$key]['helppluginname'] = $type->pluginname; } // Add the 'none' option if applicable. if ($type->allownonemethod) { $elements[$key]['options']['none'] = get_string('none'); } } return $elements; }
function edituser_site_submit(Pieform $form, $values) { if (!($user = get_record('usr', 'id', $values['id']))) { return false; } if (isset($values['password']) && $values['password'] !== '') { $user->password = $values['password']; $user->salt = ''; } $user->passwordchange = (int) ($values['passwordchange'] == 'on'); $user->quota = $values['quota']; $user->expiry = db_format_timestamp($values['expiry']); global $USER; if ($USER->get('admin')) { // Not editable by institutional admins $user->staff = (int) ($values['staff'] == 'on'); $user->admin = (int) ($values['admin'] == 'on'); if ($user->admin) { activity_add_admin_defaults(array($user->id)); } } if ($values['maildisabled'] == 0 && get_account_preference($user->id, 'maildisabled') == 1) { // Reset the sent and bounce counts otherwise mail will be disabled // on the next send attempt $u = new StdClass(); $u->email = $user->email; $u->id = $user->id; update_bounce_count($u, true); update_send_count($u, true); } set_account_preference($user->id, 'maildisabled', $values['maildisabled']); // Authinstance can be changed by institutional admins if both the // old and new authinstances belong to the admin's institutions $remotename = get_field('auth_remote_user', 'remoteusername', 'authinstance', $user->authinstance, 'localusr', $user->id); if (!$remotename) { $remotename = $user->username; } if (isset($values['authinstance']) && ($values['authinstance'] != $user->authinstance || isset($values['remoteusername']) && $values['remoteusername'] != $remotename)) { $authinst = get_records_select_assoc('auth_instance', 'id = ? OR id = ?', array($values['authinstance'], $user->authinstance)); if ($USER->get('admin') || $USER->is_institutional_admin($authinst[$values['authinstance']]->institution) && $USER->is_institutional_admin($authinst[$user->authinstance]->institution)) { delete_records('auth_remote_user', 'localusr', $user->id); if ($authinst[$values['authinstance']]->authname != 'internal') { if (isset($values['remoteusername']) && strlen($values['remoteusername']) > 0) { $un = $values['remoteusername']; } else { $un = $remotename; } insert_record('auth_remote_user', (object) array('authinstance' => $values['authinstance'], 'remoteusername' => $un, 'localusr' => $user->id)); } $user->authinstance = $values['authinstance']; } } update_record('usr', $user); redirect('/admin/users/edit.php?id=' . $user->id); }
/** * Given a user and their remote user record, attempt to populate some of * the user's profile fields and account settings from the remote data. * * This does not change the first name, last name or e-mail fields, as these are * dealt with differently depending on whether we are creating the user * record or updating it. * * This method attempts to set: * * * City * * Country * * Language * * Introduction * * WYSIWYG editor setting * * @param User $user * @param stdClass $remoteuser */ private function import_user_settings($user, $remoteuser) { $imported = array(); // City if (!empty($remoteuser->city)) { if (get_profile_field($user->id, 'town') != $remoteuser->city) { set_profile_field($user->id, 'town', $remoteuser->city); } $imported[] = 'town'; } // Country if (!empty($remoteuser->country)) { $validcountries = array_keys(getoptions_country()); $newcountry = strtolower($remoteuser->country); if (in_array($newcountry, $validcountries)) { set_profile_field($user->id, 'country', $newcountry); } $imported[] = 'country'; } // Language if (!empty($remoteuser->lang)) { $validlanguages = array_keys(get_languages()); $newlanguage = str_replace('_utf8', '', strtolower($remoteuser->lang)) . '.utf8'; if (in_array($newlanguage, $validlanguages)) { set_account_preference($user->id, 'lang', $newlanguage); $user->set_account_preference('lang', $newlanguage); } } // Description if (isset($remoteuser->description)) { if (get_profile_field($user->id, 'introduction') != $remoteuser->description) { set_profile_field($user->id, 'introduction', $remoteuser->description); } $imported[] = 'introduction'; } // HTML Editor setting if (isset($remoteuser->htmleditor)) { $htmleditor = $remoteuser->htmleditor ? 1 : 0; if ($htmleditor != get_account_preference($user->id, 'wysiwyg')) { set_account_preference($user->id, 'wysiwyg', $htmleditor); $user->set_account_preference('wysiwyg', $htmleditor); } } return $imported; }
$items[$element]['rules']['required'] = true; } if (isset($lockedfields[$element]) && !$USER->get('admin')) { $items[$element]['disabled'] = true; if ($element == 'email') { $items[$element]['help'] = false; } } } if ($items['firstname']) { $items['firstname']['autofocus'] = true; } if (isset($items['socialprofile']) && $items['socialprofile']) { $items['socialprofile']['title'] = null; } $items['maildisabled']['ignore'] = !get_account_preference($USER->get('id'), 'maildisabled'); $items['maildisabled']['value'] = get_string('maildisableddescription', 'account', get_config('wwwroot') . 'account/index.php'); // build form elements $elements = array('profile' => array('type' => 'fieldset', 'legend' => get_string('aboutme', 'artefact.internal'), 'class' => 'has-help' . $fieldset != 'aboutme' ? 'collapsed' : '', 'elements' => get_desired_fields($items, array('firstname', 'lastname', 'studentid', 'preferredname', 'introduction'), 'about')), 'contact' => array('type' => 'fieldset', 'legend' => get_string('contact', 'artefact.internal'), 'class' => $fieldset != 'contact' ? '' : '', 'elements' => get_desired_fields($items, array('email', 'maildisabled', 'officialwebsite', 'personalwebsite', 'blogaddress', 'address', 'town', 'city', 'country', 'homenumber', 'businessnumber', 'mobilenumber', 'faxnumber'), 'contact')), 'social' => array('type' => 'fieldset', 'legend' => get_string('social', 'artefact.internal'), 'class' => $fieldset != 'social' ? 'collapsed' : '', 'elements' => get_desired_fields($items, array('socialprofile'), 'social')), 'general' => array('type' => 'fieldset', 'legend' => get_string('general'), 'class' => $fieldset != 'general' ? 'collapsed' : '', 'elements' => $items), 'fs' => array('type' => 'hidden', 'value' => $fieldset), 'submit' => array('type' => 'submit', 'value' => get_string('saveprofile', 'artefact.internal'), 'class' => 'btn-primary')); // Don't include fieldset if 'socialprofile' is not installed if (!get_record('blocktype_installed', 'active', 1, 'name', 'socialprofile')) { unset($elements['social']); } $profileform = pieform(array('name' => 'profileform', 'class' => 'jstabs form-group-nested', 'plugintype' => 'artefact', 'pluginname' => 'internal', 'method' => 'post', 'renderer' => 'div', 'elements' => $elements, 'autofocus' => false)); function get_desired_fields(&$allfields, $desiredfields, $section) { global $USER; if ($section == 'about') { $r = get_record_select('view', 'type = ? AND owner = ?', array('profile', $USER->id), 'id'); $label = '<div id="profileicon" class="profile-icon pseudolabel pull-left"><a href="' . get_config('wwwroot') . 'artefact/file/profileicons.php" class="user-icon"><img src="' . profile_icon_url($USER, 100, 100) . '" alt="' . get_string("editprofileicon", "artefact.file") . '"></a></div>'; $descr = '' . get_string('aboutprofilelinkdescription', 'artefact.internal', get_config('wwwroot') . 'view/blocks.php?id=' . $r->id);
/** * Update user * * @param object $user stdclass for the usr table * @param object $profile profile field/values to set * @param string $remotename username on the remote site * @param array $accountprefs user account preferences to set * @param bool $forceupdateremote force delete of remotename before update attempted * @return array list of updated fields */ function update_user($user, $profile, $remotename = null, $accountprefs = array(), $forceupdateremote = false, $quickhash = false) { require_once get_config('docroot') . 'auth/session.php'; if (!empty($user->id)) { $oldrecord = get_record('usr', 'id', $user->id); } else { $oldrecord = get_record('usr', 'username', $user->username); } $userid = $oldrecord->id; db_begin(); // Log the user out, otherwise they can overwrite all this on the next request remove_user_sessions($userid); $updated = array(); $newrecord = new StdClass(); foreach (get_object_vars($user) as $k => $v) { if (!empty($v) && ($k == 'password' || empty($oldrecord->{$k}) || $oldrecord->{$k} != $v)) { $newrecord->{$k} = $v; $updated[$k] = $v; } if (!empty($v) && $k === 'email' && $oldrecord->{$k} != $v) { set_user_primary_email($userid, $v); } } if (count(get_object_vars($newrecord))) { $newrecord->id = $userid; update_record('usr', $newrecord); if (!empty($newrecord->password)) { $newrecord->authinstance = $user->authinstance; reset_password($newrecord, false, $quickhash); } } foreach (get_object_vars($profile) as $k => $v) { if (get_profile_field($userid, $k) != $v) { set_profile_field($userid, $k, $v); $updated[$k] = $v; } } if ($remotename) { $oldremote = get_field('auth_remote_user', 'remoteusername', 'authinstance', $oldrecord->authinstance, 'localusr', $userid); if ($remotename != $oldremote) { $updated['remoteuser'] = $remotename; } delete_records('auth_remote_user', 'authinstance', $user->authinstance, 'localusr', $userid); // force the update of the remoteuser - for the case of a series of user updates swapping the remoteuser name if ($forceupdateremote) { delete_records('auth_remote_user', 'authinstance', $user->authinstance, 'remoteusername', $remotename); } else { // remote username must not already exist if (record_exists('auth_remote_user', 'remoteusername', $remotename, 'authinstance', $user->authinstance)) { throw new InvalidArgumentException("user_update: remoteusername already in use: " . $remotename); } } insert_record('auth_remote_user', (object) array('authinstance' => $user->authinstance, 'remoteusername' => $remotename, 'localusr' => $userid)); } // Update account preferences if (!empty($accountprefs)) { $expectedprefs = expected_account_preferences(); foreach ($expectedprefs as $eprefkey => $epref) { if (isset($accountprefs[$eprefkey]) && $accountprefs[$eprefkey] != get_account_preference($userid, $eprefkey)) { set_account_preference($userid, $eprefkey, $accountprefs[$eprefkey]); $updated[$eprefkey] = $accountprefs[$eprefkey]; } } } db_commit(); return $updated; }
function accountprefs_submit(Pieform $form, $values) { global $USER; $authobj = AuthFactory::create($USER->authinstance); db_begin(); if (isset($values['password1']) && $values['password1'] !== '') { global $authclass; $password = $authobj->change_password($USER, $values['password1']); $USER->password = $password; $USER->passwordchange = 0; $USER->commit(); } // use this as looping through values is not safe. $expectedprefs = expected_account_preferences(); if ($values['maildisabled'] == 0 && get_account_preference($USER->get('id'), 'maildisabled') == 1) { // Reset the sent and bounce counts otherwise mail will be disabled // on the next send attempt $u = new StdClass(); $u->email = $USER->get('email'); $u->id = $USER->get('id'); update_bounce_count($u, true); update_send_count($u, true); } foreach (array_keys($expectedprefs) as $pref) { if (isset($values[$pref])) { $USER->set_account_preference($pref, $values[$pref]); } } $returndata = array(); if (isset($values['username']) && $values['username'] != $USER->get('username')) { $USER->username = $values['username']; $USER->commit(); $returndata['username'] = $values['username']; } db_commit(); $returndata['message'] = get_string('prefssaved', 'account'); $form->json_reply(PIEFORM_OK, $returndata); }
function accountprefs_submit(Pieform $form, $values) { global $USER, $SESSION; $authobj = AuthFactory::create($USER->authinstance); db_begin(); $ispasswordchanged = false; if (isset($values['password1']) && $values['password1'] !== '') { global $authclass; $password = $authobj->change_password($USER, $values['password1']); $USER->password = $password; $USER->passwordchange = 0; $USER->commit(); $ispasswordchanged = true; } // use this as looping through values is not safe. $expectedprefs = expected_account_preferences(); if ($values['maildisabled'] == 0 && get_account_preference($USER->get('id'), 'maildisabled') == 1) { // Reset the sent and bounce counts otherwise mail will be disabled // on the next send attempt $u = new StdClass(); $u->email = $USER->get('email'); $u->id = $USER->get('id'); update_bounce_count($u, true); update_send_count($u, true); } // Remember the user's language & theme prefs, so we can reload the page if they change them $oldlang = $USER->get_account_preference('lang'); $oldtheme = $USER->get_account_preference('theme'); $oldgroupsideblockmaxgroups = $USER->get_account_preference('groupsideblockmaxgroups'); $oldgroupsideblocksortby = $USER->get_account_preference('groupsideblocksortby'); if (get_config('allowmobileuploads')) { // Make sure the mobile token is formatted / saved correctly $values['mobileuploadtoken'] = array_filter($values['mobileuploadtoken']); $new_token_pref = empty($values['mobileuploadtoken']) ? null : '|' . join('|', $values['mobileuploadtoken']) . '|'; $USER->set_account_preference('mobileuploadtoken', $new_token_pref); unset($values['mobileuploadtoken']); } // Set user account preferences foreach ($expectedprefs as $eprefkey => $epref) { if (isset($values[$eprefkey]) && $values[$eprefkey] !== get_account_preference($USER->get('id'), $eprefkey)) { $USER->set_account_preference($eprefkey, $values[$eprefkey]); } } $returndata = array(); if (isset($values['username']) && $values['username'] != $USER->get('username')) { $USER->username = $values['username']; $USER->commit(); $returndata['username'] = $values['username']; } $reload = false; if (get_config('cleanurls') && isset($values['urlid']) && $values['urlid'] != $USER->get('urlid')) { $USER->urlid = $values['urlid']; $USER->commit(); $reload = true; } if ($ispasswordchanged) { // Destroy other sessions of the user require_once get_config('docroot') . 'auth/session.php'; remove_user_sessions($USER->get('id')); } db_commit(); $returndata['message'] = get_string('prefssaved', 'account'); if (isset($values['theme']) && $values['theme'] != $oldtheme) { $USER->update_theme(); $reload = true; } if (isset($values['lang']) && $values['lang'] != $oldlang) { // The session language pref is used when the user has no user pref, // and when logged out. $SESSION->set('lang', $values['lang']); $returndata['message'] = get_string_from_language($values['lang'], 'prefssaved', 'account'); $reload = true; } if (isset($values['groupsideblockmaxgroups']) && $values['groupsideblockmaxgroups'] != $oldgroupsideblockmaxgroups) { $reload = true; } if ($values['groupsideblocksortby'] != $oldgroupsideblocksortby) { $reload = true; } $reload = plugin_account_prefs_submit($form, $values) || $reload; if (!empty($reload)) { // Use PIEFORM_CANCEL here to force a page reload and show the new language. $returndata['location'] = get_config('wwwroot') . 'account/index.php'; $SESSION->add_ok_msg($returndata['message']); $form->json_reply(PIEFORM_CANCEL, $returndata); } $form->json_reply(PIEFORM_OK, $returndata); }
* @author Melissa Draper <*****@*****.**>, Catalyst IT Ltd * @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later * @copyright For copyright information on Mahara, please see the README file distributed with this software. */ define('INTERNAL', 1); require dirname(dirname(__FILE__)) . '/init.php'; require_once 'view.php'; require_once 'group.php'; safe_require('artefact', 'comment'); define('TITLE', get_string('report', 'group')); define('MENUITEM', 'groups/report'); define('GROUP', param_integer('group')); $wwwroot = get_config('wwwroot'); $needsubdomain = get_config('cleanurlusersubdomains'); $limit = param_integer('limit', 0); $userlimit = get_account_preference($USER->get('id'), 'viewsperpage'); if ($limit > 0 && $limit != $userlimit) { $USER->set_account_preference('viewsperpage', $limit); } else { $limit = $userlimit; } $offset = param_integer('offset', 0); $sort = param_variable('sort', 'title'); $direction = param_variable('direction', 'asc'); $group = group_current_group(); $role = group_user_access($group->id); if (!group_role_can_access_report($group, $role)) { throw new AccessDeniedException(); } $sharedviews = View::get_participation_sharedviews_data($group->id, $sort, $direction, $limit, $offset); $pagination = array('baseurl' => $wwwroot . 'group/report.php?group=' . $group->id . '&sort=' . $sort . '&direction=' . $direction, 'id' => 'sharedviews_pagination', 'datatable' => 'sharedviewsreport', 'jsonscript' => 'group/participationsharedviews.json.php', 'setlimit' => true, 'resultcounttextsingular' => get_string('view', 'view'), 'resultcounttextplural' => get_string('views', 'view'));
function edituser_site_submit(Pieform $form, $values) { global $USER, $authobj, $SESSION; if (!($user = get_record('usr', 'id', $values['id']))) { return false; } if (is_using_probation()) { // Value should be between 0 and 10 inclusive $user->probation = ensure_valid_probation_points($values['probationpoints']); } if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) { $user->quota = $values['quota']; // check if the user has gone over the quota notify limit $quotanotifylimit = get_config_plugin('artefact', 'file', 'quotanotifylimit'); if ($quotanotifylimit <= 0 || $quotanotifylimit >= 100) { $quotanotifylimit = 100; } $user->quotausedpercent = $user->quotaused / $user->quota * 100; $overlimit = false; if ($quotanotifylimit <= $user->quotausedpercent) { $overlimit = true; } $notified = get_field('usr_account_preference', 'value', 'field', 'quota_exceeded_notified', 'usr', $user->id); if ($overlimit && '1' !== $notified) { require_once get_config('docroot') . 'artefact/file/lib.php'; ArtefactTypeFile::notify_users_threshold_exceeded(array($user), false); // no need to email admin as we can alert them right now $SESSION->add_error_msg(get_string('useroverquotathreshold', 'artefact.file', display_name($user))); } else { if ($notified && !$overlimit) { set_account_preference($user->id, 'quota_exceeded_notified', false); } } } $unexpire = $user->expiry && strtotime($user->expiry) < time() && (empty($values['expiry']) || $values['expiry'] > time()); $newexpiry = db_format_timestamp($values['expiry']); if ($user->expiry != $newexpiry) { $user->expiry = $newexpiry; if ($unexpire) { $user->expirymailsent = 0; $user->lastaccess = db_format_timestamp(time()); } } // Try to kick the user from any active login sessions, before saving data. require_once get_config('docroot') . 'auth/session.php'; remove_user_sessions($user->id); if ($USER->get('admin')) { // Not editable by institutional admins $user->staff = (int) ($values['staff'] == 'on'); $user->admin = (int) ($values['admin'] == 'on'); if ($user->admin) { activity_add_admin_defaults(array($user->id)); } } if ($values['maildisabled'] == 0 && get_account_preference($user->id, 'maildisabled') == 1) { // Reset the sent and bounce counts otherwise mail will be disabled // on the next send attempt $u = new StdClass(); $u->email = $user->email; $u->id = $user->id; update_bounce_count($u, true); update_send_count($u, true); } set_account_preference($user->id, 'maildisabled', $values['maildisabled']); // process the change of the authinstance and or the remoteuser if (isset($values['authinstance']) && isset($values['remoteusername'])) { // Authinstance can be changed by institutional admins if both the // old and new authinstances belong to the admin's institutions $authinst = get_records_select_assoc('auth_instance', 'id = ? OR id = ?', array($values['authinstance'], $user->authinstance)); // But don't bother if the auth instance doesn't take a remote username $authobj = AuthFactory::create($values['authinstance']); if ($USER->get('admin') || $USER->is_institutional_admin($authinst[$values['authinstance']]->institution) && ($USER->is_institutional_admin($authinst[$user->authinstance]->institution) || $user->authinstance == 1)) { if ($authobj->needs_remote_username()) { // determine the current remoteuser $current_remotename = get_field('auth_remote_user', 'remoteusername', 'authinstance', $user->authinstance, 'localusr', $user->id); if (!$current_remotename) { $current_remotename = $user->username; } // if the remoteuser is empty if (strlen(trim($values['remoteusername'])) == 0) { delete_records('auth_remote_user', 'authinstance', $user->authinstance, 'localusr', $user->id); } // what should the new remoteuser be $new_remoteuser = get_field('auth_remote_user', 'remoteusername', 'authinstance', $values['authinstance'], 'localusr', $user->id); // save the remotename for the target existence check $target_remotename = $new_remoteuser; if (!$new_remoteuser) { $new_remoteuser = $user->username; } if (strlen(trim($values['remoteusername'])) > 0) { // value changed on page - use it if ($values['remoteusername'] != $current_remotename) { $new_remoteuser = $values['remoteusername']; } } // only update remote name if the input actually changed on the page or it doesn't yet exist if ($current_remotename != $new_remoteuser || !$target_remotename) { // only remove the ones related to this traget authinstance as we now allow multiple // for dual login mechanisms delete_records('auth_remote_user', 'authinstance', $values['authinstance'], 'localusr', $user->id); insert_record('auth_remote_user', (object) array('authinstance' => $values['authinstance'], 'remoteusername' => $new_remoteuser, 'localusr' => $user->id)); } } // update the ai on the user master $user->authinstance = $values['authinstance']; // update the global $authobj to match the new authinstance // this is used by the password/username change methods // if either/both has been requested at the same time $authobj = AuthFactory::create($user->authinstance); } } // Only change the pw if the new auth instance allows for it if (method_exists($authobj, 'change_password')) { $user->passwordchange = (int) (isset($values['passwordchange']) && $values['passwordchange'] == 'on' ? 1 : 0); if (isset($values['password']) && $values['password'] !== '') { $userobj = new User(); $userobj = $userobj->find_by_id($user->id); $user->password = $authobj->change_password($userobj, $values['password']); $user->salt = $userobj->salt; unset($userobj); } } else { // inform the user that the chosen auth instance doesn't allow password changes // but only if they tried changing it if (isset($values['password']) && $values['password'] !== '') { $SESSION->add_error_msg(get_string('passwordchangenotallowed', 'admin')); // Set empty pw with salt $user->password = ''; $user->salt = auth_get_random_salt(); } } if (isset($values['username']) && $values['username'] !== '') { $userobj = new User(); $userobj = $userobj->find_by_id($user->id); if ($userobj->username != $values['username']) { // Only change the username if the auth instance allows for it if (method_exists($authobj, 'change_username')) { // check the existence of the chosen username try { if ($authobj->user_exists($values['username'])) { // set an error message if it is already in use $SESSION->add_error_msg(get_string('usernameexists', 'account')); } } catch (AuthUnknownUserException $e) { // update the username otherwise $user->username = $authobj->change_username($userobj, $values['username']); } } else { // inform the user that the chosen auth instance doesn't allow username changes $SESSION->add_error_msg(get_string('usernamechangenotallowed', 'admin')); } } unset($userobj); } // OVERWRITE 4: insert if (isset($values['email']) && !empty($values['email']) && $values['email'] != $user->email) { global $CFG; $user->email = $values['email']; $mhr_user = $CFG->current_app->getUserById($user->id); $mhr_user->setEmailAddress($values['email']); } // END OVERWRITE 4 db_begin(); update_record('usr', $user); delete_records('usr_tag', 'usr', $user->id); if (is_array($values['tags'])) { $values['tags'] = check_case_sensitive($values['tags'], 'usr_tag'); foreach (array_unique($values['tags']) as $tag) { if (empty($tag)) { continue; } insert_record('usr_tag', (object) array('usr' => $user->id, 'tag' => strtolower($tag))); } } db_commit(); $SESSION->add_ok_msg(get_string('usersitesettingschanged', 'admin')); redirect('/admin/users/edit.php?id=' . $user->id); }
if (!defined('CLI') && false === strpos($scriptfilename, 'admin/index.php') && false === strpos($scriptfilename, 'admin/upgrade.php') && false === strpos($scriptfilename, 'admin/upgrade.json.php') && false === strpos($scriptfilename, 'admin/cli/install.php') && false === strpos($scriptfilename, 'admin/cli/upgrade.php')) { redirect('/admin/index.php'); } } if (defined('JSON') && !defined('NOSESSKEY')) { $sesskey = param_variable('sesskey', null); global $USER; if ($sesskey === null || $USER->get('sesskey') != $sesskey) { $USER->logout(); json_reply('global', get_string('invalidsesskey'), 1); } } $mobile_detection_done = $SESSION->get('mobile_detection'); // Device detection if (!$mobile_detection_done) { if (get_config('installed') && get_account_preference($USER->get('id'), 'devicedetection')) { require_once get_config('libroot') . 'mobile_detect/Mobile_Detect.php'; $detect = new Mobile_Detect(); $isMobile = $detect->isMobile(); $isTablet = $detect->isTablet(); $SESSION->set('handheld_device', $isMobile); $SESSION->set('mobile', $isTablet ? false : $isMobile); $SESSION->set('tablet', $isTablet); } else { $SESSION->set('handheld_device', false); $SESSION->set('mobile', false); $SESSION->set('tablet', false); } $SESSION->set('mobile_detection', true); } // Run modules bootstrap code.
public static function render_instance(BlockInstance $instance, $editing = false) { global $USER; $userid = $instance->get_view()->get('owner'); if (!$userid) { // 'My Friends' doesn't make sense for group/site views return ''; } $smarty = smarty_core(); $records = get_records_sql_array('SELECT usr1, usr2 FROM {usr_friend} JOIN {usr} u1 ON (u1.id = usr1 AND u1.deleted = 0) JOIN {usr} u2 ON (u2.id = usr2 AND u2.deleted = 0) WHERE usr1 = ? OR usr2 = ? ORDER BY ' . db_random() . ' LIMIT ?', array($userid, $userid, MAXFRIENDDISPLAY)); // get the friends into a 4x4 array if ($records) { $friends = array(); for ($i = 0; $i < 4; $i++) { if (isset($records[4 * $i])) { $friends[$i] = array(); for ($j = 4 * $i; $j < ($i + 1) * 4; $j++) { if (isset($records[$j])) { if ($records[$j]->usr1 == $userid) { $friends[$i][] = $records[$j]->usr2; } else { $friends[$i][] = $records[$j]->usr1; } } } } } } else { $friends = false; } $smarty->assign('friends', $friends); // If the user has no friends, try and display something useful, such // as a 'request friendship' button $loggedinid = $USER->get('id'); $is_friend = is_friend($userid, $loggedinid); if ($is_friend) { $relationship = 'existingfriend'; } else { if (record_exists('usr_friend_request', 'requester', $loggedinid, 'owner', $userid)) { $relationship = 'requestedfriendship'; } else { $relationship = 'none'; $friendscontrol = get_account_preference($userid, 'friendscontrol'); if ($friendscontrol == 'auto') { $newfriendform = pieform(array('name' => 'myfriends_addfriend', 'successcallback' => 'addfriend_submit', 'autofocus' => false, 'renderer' => 'div', 'elements' => array('add' => array('type' => 'submit', 'value' => get_string('addtomyfriends', 'group')), 'id' => array('type' => 'hidden', 'value' => $userid)))); $smarty->assign('newfriendform', $newfriendform); } $smarty->assign('friendscontrol', $friendscontrol); } } $smarty->assign('relationship', $relationship); $smarty->assign_by_ref('USER', $USER); $smarty->assign('USERID', $userid); return $smarty->fetch('blocktype:myfriends:myfriends.tpl'); }
function pieform_element_wysiwyg_get_value(Pieform $form, $element) { global $USER; $global = $form->get_property('method') == 'get' ? $_GET : $_POST; if (isset($element['value'])) { return $element['value']; } else { if (isset($global[$element['name']])) { $value = $global[$element['name']]; if (!get_account_preference($USER->get('id'), 'wysiwyg')) { $value = format_whitespace($value); } return $value; } else { if (isset($element['defaultvalue'])) { return $element['defaultvalue']; } } } return null; }
$grouprequestedlistform = $addform; } } if ($is_friend) { $relationship = 'existingfriend'; } else { if (record_exists('usr_friend_request', 'requester', $loggedinid, 'owner', $userid)) { $relationship = 'requestedfriendship'; } else { if ($record = get_record('usr_friend_request', 'requester', $userid, 'owner', $loggedinid)) { $relationship = 'pending'; $remoteusermessage = $record->message; $remoteuseracceptform = acceptfriend_form($userid); } else { $relationship = 'none'; $friendscontrol = get_account_preference($userid, 'friendscontrol'); if ($friendscontrol == 'auto') { $remoteusernewfriendform = addfriend_form($userid); } $remoteuserfriendscontrol = $friendscontrol; } } } $remoteuserrelationship = $relationship; } if ($userid != $USER->get('id') && $USER->is_admin_for_user($user) && is_null($USER->get('parentuser'))) { $loginas = get_string('loginasuser', 'admin', display_username($user)); } else { $loginas = null; } // Set up skin, if the page has one
public static function views_by_owner($group = null, $institution = null) { global $USER; // Pagination configuration $setlimit = true; $limit = param_integer('limit', 0); $userlimit = get_account_preference($USER->get('id'), 'viewsperpage'); if ($limit > 0 && $limit != $userlimit) { $USER->set_account_preference('viewsperpage', $limit); } else { $limit = $userlimit; } $offset = param_integer('offset', 0); $orderby = param_variable('orderby', null); $query = param_variable('query', null); $tag = param_variable('tag', null); $searchoptions = array('titleanddescription' => get_string('titleanddescription', 'view'), 'tagsonly' => get_string('tagsonly', 'view')); if (!empty($tag)) { $searchtype = 'tagsonly'; $searchdefault = $tag; $query = null; } else { $searchtype = 'titleanddescription'; $searchdefault = $query; } $searchform = array('name' => 'searchviews', 'checkdirtychange' => false, 'renderer' => 'oneline', 'elements' => array('query' => array('type' => 'text', 'title' => get_string('search') . ': ', 'defaultvalue' => $searchdefault), 'type' => array('title' => get_string('searchwithin'), 'hiddenlabel' => true, 'type' => 'select', 'options' => $searchoptions, 'defaultvalue' => $searchtype), 'orderby' => array('type' => 'select', 'title' => get_string('sortby'), 'options' => array('atoz' => get_string('defaultsort', 'view'), 'latestcreated' => get_string('latestcreated', 'view'), 'latestmodified' => get_string('latestmodified', 'view'), 'latestviewed' => get_string('latestviewed', 'view'), 'mostvisited' => get_string('mostvisited', 'view'), 'mostcomments' => get_string('mostcomments', 'view')), 'defaultvalue' => $orderby), 'setlimit' => array('type' => 'hidden', 'value' => $setlimit), 'submit' => array('type' => 'submit', 'value' => get_string('search')))); if ($group) { $searchform['elements']['group'] = array('type' => 'hidden', 'name' => 'group', 'value' => $group); } else { if ($institution) { $searchform['elements']['institution'] = array('type' => 'hidden', 'name' => 'institution', 'value' => $institution); } } $searchform = pieform($searchform); $data = self::get_myviews_data($limit, $offset, $query, $tag, $group, $institution, $orderby); $url = self::get_myviews_url($group, $institution, $query, $tag, $orderby); $pagination = build_pagination(array('url' => $url, 'count' => $data->count, 'limit' => $limit, 'setlimit' => $setlimit, 'offset' => $offset, 'jumplinks' => 6, 'numbersincludeprevnext' => 2)); return array($searchform, $data, $pagination); }
/** * * @package mahara * @subpackage core * @author Catalyst IT Ltd * @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later * @copyright For copyright information on Mahara, please see the README file distributed with this software. * */ define('INTERNAL', 1); define('MENUITEM', 'groups/findfriends'); require dirname(dirname(__FILE__)) . '/init.php'; require_once 'pieforms/pieform.php'; $id = param_integer('id'); if (get_account_preference($id, 'friendscontrol') != 'auth' || $id == $USER->get('id') || !($user = get_record('usr', 'id', $id, 'deleted', 0))) { throw new AccessDeniedException(get_string('cantrequestfriendship', 'group')); } $user->introduction = get_field('artefact', 'title', 'artefacttype', 'introduction', 'owner', $id); define('TITLE', get_string('sendfriendshiprequest', 'group', display_name($id))); $returnto = param_alpha('returnto', 'myfriends'); $offset = param_integer('offset', 0); switch ($returnto) { case 'find': $goto = 'user/find.php'; break; case 'view': $goto = profile_url($user, false); break; default: $goto = 'user/myfriends.php';
$elements = array(); $options = array(); foreach ($notifications as $n) { $options[$n->name] = get_string('name', 'notification.' . $n->name); } foreach ($activitytypes as $type) { $dv = $USER->get_activity_preference($type->id); if (empty($dv)) { $dv = call_static_method(generate_activity_class_name($type->name, $type->plugintype, $type->pluginname), 'default_notification_method'); } if (!empty($type->plugintype)) { $section = $type->plugintype . '.' . $type->pluginname; } else { $section = 'activity'; } if ($dv == 'email' && !isset($maildisabledmsg) && get_account_preference($USER->get('id'), 'maildisabled')) { $SESSION->add_error_msg(get_string('maildisableddescription', 'account', get_config('wwwroot') . 'account/'), false); $maildisabledmsg = true; } $elements['activity_' . $type->id] = array('defaultvalue' => $dv, 'type' => 'select', 'title' => get_string('type' . $type->name, $section), 'options' => $options, 'rules' => array('required' => true)); if (!empty($type->admin)) { $elements['activity_' . $type->id]['rules']['required'] = false; $elements['activity_' . $type->id]['options']['none'] = get_string('none'); } } $elements['submit'] = array('type' => 'submit', 'value' => get_string('save')); $prefsform = pieform(array('name' => 'activityprefs', 'method' => 'post', 'jsform' => true, 'renderer' => 'table', 'plugintype ' => 'core', 'pluginname' => 'account', 'elements' => $elements)); $smarty = smarty(); $smarty->assign('pagedescription', get_string('prefsdescr', 'activity')); $smarty->assign('form', $prefsform); $smarty->assign('PAGEHEADING', TITLE);