/**
* Sets the specified account settings to the current user.
* A table with | Setting label | value | is expected.
*
* @Given /^I set the following account settings values:$/
* @param TableNode $table
*/
public function i_set_account_settings(TableNode $table)
{
global $USER;
$prefs = array();
foreach ($table->getHash() as $accountpref) {
$prefs[$accountpref['field']] = $accountpref['value'];
}
// Validate the settings
if (isset($prefs['urlid']) && get_config('cleanurls') && $prefs['urlid'] != $USER->get('urlid')) {
if (strlen($prefs['urlid']) < 3) {
throw new Exception("Invalid urlid: " . get_string('rule.minlength.minlength', 'pieforms', 3));
} else {
if (record_exists('usr', 'urlid', $prefs['urlid'])) {
throw new Exception("Invalid urlid: " . get_string('urlalreadytaken', 'account'));
}
}
}
if (get_config('allowmobileuploads')) {
foreach ($prefs['mobileuploadtoken'] as $k => $text) {
if (strlen($text) > 0 && !preg_match('/^[a-zA-Z0-9 !@#$%^&*()\\-_=+\\[{\\]};:\'",<\\.>\\/?]{6,}$/', $text)) {
throw new Exception("Invalid mobileuploadtoken: " . get_string('badmobileuploadtoken', 'account'));
}
}
}
// Update user's account settings
db_begin();
// use this as looping through values is not safe.
$expectedprefs = expected_account_preferences();
if (isset($prefs['maildisabled']) && $prefs['maildisabled'] == 0 && get_account_preference($USER->get('id'), 'maildisabled') == 1) {
// Reset the sent and bounce counts otherwise mail will be disabled
// on the next send attempt
$u = new StdClass();
$u->email = $USER->get('email');
$u->id = $USER->get('id');
update_bounce_count($u, true);
update_send_count($u, true);
}
// Remember the user's language & theme prefs, so we can reload the page if they change them
$oldlang = $USER->get_account_preference('lang');
$oldtheme = $USER->get_account_preference('theme');
$oldgroupsideblockmaxgroups = $USER->get_account_preference('groupsideblockmaxgroups');
$oldgroupsideblocksortby = $USER->get_account_preference('groupsideblocksortby');
if (get_config('allowmobileuploads') && isset($prefs['mobileuploadtoken'])) {
// Make sure the mobile token is formatted / saved correctly
$prefs['mobileuploadtoken'] = array_filter($prefs['mobileuploadtoken']);
$new_token_pref = '|' . join('|', $prefs['mobileuploadtoken']) . '|';
$USER->set_account_preference('mobileuploadtoken', $new_token_pref);
unset($prefs['mobileuploadtoken']);
}
// Set user account preferences
foreach ($expectedprefs as $eprefkey => $epref) {
if (isset($prefs[$eprefkey]) && $prefs[$eprefkey] !== get_account_preference($USER->get('id'), $eprefkey)) {
$USER->set_account_preference($eprefkey, $prefs[$eprefkey]);
}
}
db_commit();
}
public static function render_instance(BlockInstance $instance, $editing = false)
{
global $USER;
// Get site wide Embed.ly API key
$embedlyapikey = get_config_plugin('blocktype', 'embedly', 'embedlysiteapikey');
// Get user's Embed.ly API key if site wide key is empty or not set
if (empty($embedlyapikey) || !isset($embedlyapikey)) {
$owner = $instance->get('view_obj')->get('owner');
$embedlyapikey = get_account_preference($owner, 'embedlyapikey');
}
$configdata = $instance->get('configdata');
$width = !empty($configdata['width']) ? hsc($configdata['width']) : null;
$height = !empty($configdata['height']) ? hsc($configdata['height']) : null;
$align = !empty($configdata['align']) ? hsc($configdata['align']) : 'left';
$result = '';
// To silence warning
if (isset($configdata['mediaid'])) {
// IE seems to wait for all elements on the page to load
// fully before the onload event goes off. This means the
// view editor isn't initialised until all videos have
// finished loading, and an invalid video URL can stop the
// editor from loading and result in an uneditable view.
// Therefore, when this block appears on first load of the
// view editing page, keep the embed code out of the page
// initially and add it in after the page has loaded.
$url = 'http://api.embed.ly/1/oembed?key=' . $embedlyapikey . '&url=' . urlencode($configdata['mediaid']) . '&maxwidth=' . $width . '&maxheight=' . $height . '&wmode=transparent';
$request = array(CURLOPT_URL => $url);
$result = mahara_http_request($request);
$data = json_decode($result->data, true);
$result = '<div class="' . $align . '">';
$result .= '<p>' . $configdata['mediadesc'] . '</p>';
switch ($data['type']) {
case 'photo':
$result .= '<img src="' . $data['url'] . '" width="' . $width . '" height="' . $height . '" border="0">';
break;
case 'video':
case 'rich':
$result .= $data['html'];
break;
case 'link':
$result .= $configdata['mediaid'];
break;
}
if (isset($data['description']) && !empty($configdata['showdescription'])) {
$result .= '<p>' . nl2br($data['description']) . '</p>';
}
$result .= '</div>';
}
return $result;
}
public static function render_instance(BlockInstance $instance, $editing = false)
{
global $USER, $exporter;
$userid = $instance->get_view()->get('owner');
if (!$userid) {
// 'My Friends' doesn't make sense for group/site views
return '';
}
$limit = isset($exporter) ? false : MAXFRIENDDISPLAY;
$friends = get_friends($userid, $limit, 0);
if ($friends['count']) {
self::build_myfriends_html($friends, $userid, $instance);
} else {
$friends = false;
}
$smarty = smarty_core();
$smarty->assign('friends', $friends);
$smarty->assign('searchingforfriends', array('<a href="' . get_config('wwwroot') . 'user/find.php">', '</a>'));
// If the user has no friends, try and display something useful, such
// as a 'request friendship' button
if (!$friends) {
$loggedinid = $USER->get('id');
$is_friend = is_friend($userid, $loggedinid);
if ($is_friend) {
$relationship = 'existingfriend';
} else {
if (record_exists('usr_friend_request', 'requester', $loggedinid, 'owner', $userid)) {
$relationship = 'requestedfriendship';
} else {
$relationship = 'none';
$friendscontrol = get_account_preference($userid, 'friendscontrol');
if ($friendscontrol == 'auto') {
require_once 'pieforms/pieform.php';
$newfriendform = pieform(array('name' => 'myfriends_addfriend', 'successcallback' => 'addfriend_submit', 'autofocus' => false, 'renderer' => 'div', 'elements' => array('add' => array('type' => 'button', 'usebuttontag' => true, 'class' => 'btn-default', 'value' => '<span class="icon icon-user-plus icon-lg prs"></span>' . get_string('addtomyfriends', 'group')), 'id' => array('type' => 'hidden', 'value' => $userid))));
$smarty->assign('newfriendform', $newfriendform);
}
$smarty->assign('friendscontrol', $friendscontrol);
}
}
$smarty->assign('relationship', $relationship);
}
$smarty->assign('loggedin', is_logged_in());
$smarty->assign('lookingatownpage', $USER->get('id') == $userid);
$smarty->assign('USERID', $userid);
return $smarty->fetch('blocktype:myfriends:myfriends.tpl');
}
/**
* can a user send a message to another?
*
* @param int/object from the user to send the message
* @param int/object to the user to receive the message
* @return boolean whether userfrom is allowed to send messages to userto
*/
function can_send_message($from, $to)
{
if (empty($from)) {
return false;
// not logged in
}
if (!is_object($from)) {
$from = get_record('usr', 'id', $from);
}
if (is_object($to)) {
$to = $to->id;
}
$messagepref = get_account_preference($to, 'messages');
return is_friend($from->id, $to) && $messagepref == 'friends' || $messagepref == 'allow' || $from->admin;
}
public static function views_by_owner($group = null, $institution = null)
{
global $USER;
// Pagination configuration
$setlimit = true;
$limit = param_integer('limit', 0);
$userlimit = get_account_preference($USER->get('id'), 'viewsperpage');
if ($limit > 0 && $limit != $userlimit) {
$USER->set_account_preference('viewsperpage', $limit);
} else {
$limit = $userlimit;
}
$offset = param_integer('offset', 0);
// load default page order from user settings as default and overwrite, if changed
$usersettingorderby = get_account_preference($USER->get('id'), 'orderpagesby');
$orderby = param_variable('orderby', $usersettingorderby);
if ($usersettingorderby !== $orderby) {
set_account_preference($USER->get('id'), 'orderpagesby', $orderby);
}
$query = param_variable('query', null);
$tag = param_variable('tag', null);
$searchoptions = array('titleanddescription' => get_string('titleanddescription', 'view'), 'tagsonly' => get_string('tagsonly', 'view'));
if (!empty($tag)) {
$searchtype = 'tagsonly';
$searchdefault = $tag;
$query = null;
} else {
$searchtype = 'titleanddescription';
$searchdefault = $query;
}
$searchform = array('name' => 'searchviews', 'checkdirtychange' => false, 'class' => 'with-heading form-inline', 'elements' => array('searchwithin' => array('type' => 'fieldset', 'class' => 'dropdown-group js-dropdown-group', 'elements' => array('query' => array('type' => 'text', 'title' => get_string('search') . ': ', 'class' => 'with-dropdown js-with-dropdown', 'defaultvalue' => $searchdefault), 'type' => array('title' => get_string('searchwithin') . ': ', 'class' => 'dropdown-connect js-dropdown-connect searchviews-type', 'type' => 'select', 'options' => $searchoptions, 'defaultvalue' => $searchtype))), 'setlimit' => array('type' => 'hidden', 'value' => $setlimit), 'orderbygroup' => array('type' => 'fieldset', 'class' => 'input-group', 'elements' => array('orderby' => array('type' => 'select', 'class' => 'input-small', 'title' => get_string('sortby'), 'options' => array('atoz' => get_string('defaultsort', 'view'), 'latestcreated' => get_string('latestcreated', 'view'), 'latestmodified' => get_string('latestmodified', 'view'), 'latestviewed' => get_string('latestviewed', 'view'), 'mostvisited' => get_string('mostvisited', 'view'), 'mostcomments' => get_string('mostcomments', 'view')), 'defaultvalue' => $orderby), 'submit' => array('type' => 'button', 'usebuttontag' => true, 'class' => 'btn-primary input-group-btn no-label', 'value' => get_string('search'))))));
if ($group) {
$searchform['elements']['group'] = array('type' => 'hidden', 'name' => 'group', 'value' => $group);
} else {
if ($institution) {
$searchform['elements']['institution'] = array('type' => 'hidden', 'name' => 'institution', 'value' => $institution);
}
}
$searchform = pieform($searchform);
$data = self::get_myviews_data($limit, $offset, $query, $tag, $group, $institution, $orderby);
$url = self::get_myviews_url($group, $institution, $query, $tag, $orderby);
$pagination = build_pagination(array('url' => $url, 'count' => $data->count, 'limit' => $limit, 'setlimit' => $setlimit, 'offset' => $offset, 'jumplinks' => 6, 'numbersincludeprevnext' => 2));
return array($searchform, $data, $pagination);
}
/**
* Get a table of elements that can be used to set notification settings for the specified user, or for the site defaults.
*
* @param object $user whose settings are being displayed or...
* @param bool $sitedefaults true if the elements should be loaded from the site default settings.
* @return array of elements suitable for adding to a pieforms form.
*/
function get_notification_settings_elements($user = null, $sitedefaults = false)
{
global $SESSION;
if ($user == null && !$sitedefaults) {
throw new SystemException("Function get_notification_settings_elements requires a user or sitedefaults must be true");
}
if ($sitedefaults || $user->get('admin') || $user->is_institutional_admin()) {
$activitytypes = get_records_array('activity_type', '', '', 'id');
} else {
$activitytypes = get_records_array('activity_type', 'admin', 0, 'id');
$activitytypes = get_special_notifications($user, $activitytypes);
}
$notifications = plugins_installed('notification');
$elements = array();
$options = array();
foreach ($notifications as $notification) {
$options[$notification->name] = get_string('name', 'notification.' . $notification->name);
}
$maildisabledmsg = false;
foreach ($activitytypes as $type) {
// Find the default value.
if ($sitedefaults) {
$dv = $type->defaultmethod;
} else {
$dv = $user->get_activity_preference($type->id);
if ($dv === false) {
$dv = $type->defaultmethod;
}
}
if (empty($dv)) {
$dv = 'none';
}
// Create one maildisabled error message if applicable.
if (!$sitedefaults && $dv == 'email' && !isset($maildisabledmsg) && get_account_preference($user->get('id'), 'maildisabled')) {
$SESSION->add_error_msg(get_string('maildisableddescription', 'account', get_config('wwwroot') . 'account/index.php'), false);
$maildisabledmsg = true;
}
// Calculate the key.
if (empty($type->plugintype)) {
$key = "activity_{$type->name}";
} else {
$key = "activity_{$type->name}_{$type->plugintype}_{$type->pluginname}";
}
// Find the row title and section.
$rowtitle = $type->name;
if (!empty($type->plugintype)) {
$section = $type->plugintype . '.' . $type->pluginname;
} else {
$section = 'activity';
}
// Create the element.
$elements[$key] = array('defaultvalue' => $dv, 'type' => 'select', 'title' => get_string('type' . $rowtitle, $section), 'options' => $options, 'help' => true);
// Set up the help.
$elements[$key]['helpformname'] = 'activityprefs';
if (empty($type->plugintype)) {
$elements[$key]['helpplugintype'] = 'core';
$elements[$key]['helppluginname'] = 'account';
} else {
$elements[$key]['helpplugintype'] = $type->plugintype;
$elements[$key]['helppluginname'] = $type->pluginname;
}
// Add the 'none' option if applicable.
if ($type->allownonemethod) {
$elements[$key]['options']['none'] = get_string('none');
}
}
return $elements;
}
function edituser_site_submit(Pieform $form, $values)
{
if (!($user = get_record('usr', 'id', $values['id']))) {
return false;
}
if (isset($values['password']) && $values['password'] !== '') {
$user->password = $values['password'];
$user->salt = '';
}
$user->passwordchange = (int) ($values['passwordchange'] == 'on');
$user->quota = $values['quota'];
$user->expiry = db_format_timestamp($values['expiry']);
global $USER;
if ($USER->get('admin')) {
// Not editable by institutional admins
$user->staff = (int) ($values['staff'] == 'on');
$user->admin = (int) ($values['admin'] == 'on');
if ($user->admin) {
activity_add_admin_defaults(array($user->id));
}
}
if ($values['maildisabled'] == 0 && get_account_preference($user->id, 'maildisabled') == 1) {
// Reset the sent and bounce counts otherwise mail will be disabled
// on the next send attempt
$u = new StdClass();
$u->email = $user->email;
$u->id = $user->id;
update_bounce_count($u, true);
update_send_count($u, true);
}
set_account_preference($user->id, 'maildisabled', $values['maildisabled']);
// Authinstance can be changed by institutional admins if both the
// old and new authinstances belong to the admin's institutions
$remotename = get_field('auth_remote_user', 'remoteusername', 'authinstance', $user->authinstance, 'localusr', $user->id);
if (!$remotename) {
$remotename = $user->username;
}
if (isset($values['authinstance']) && ($values['authinstance'] != $user->authinstance || isset($values['remoteusername']) && $values['remoteusername'] != $remotename)) {
$authinst = get_records_select_assoc('auth_instance', 'id = ? OR id = ?', array($values['authinstance'], $user->authinstance));
if ($USER->get('admin') || $USER->is_institutional_admin($authinst[$values['authinstance']]->institution) && $USER->is_institutional_admin($authinst[$user->authinstance]->institution)) {
delete_records('auth_remote_user', 'localusr', $user->id);
if ($authinst[$values['authinstance']]->authname != 'internal') {
if (isset($values['remoteusername']) && strlen($values['remoteusername']) > 0) {
$un = $values['remoteusername'];
} else {
$un = $remotename;
}
insert_record('auth_remote_user', (object) array('authinstance' => $values['authinstance'], 'remoteusername' => $un, 'localusr' => $user->id));
}
$user->authinstance = $values['authinstance'];
}
}
update_record('usr', $user);
redirect('/admin/users/edit.php?id=' . $user->id);
}
/**
* Given a user and their remote user record, attempt to populate some of
* the user's profile fields and account settings from the remote data.
*
* This does not change the first name, last name or e-mail fields, as these are
* dealt with differently depending on whether we are creating the user
* record or updating it.
*
* This method attempts to set:
*
* * City
* * Country
* * Language
* * Introduction
* * WYSIWYG editor setting
*
* @param User $user
* @param stdClass $remoteuser
*/
private function import_user_settings($user, $remoteuser)
{
$imported = array();
// City
if (!empty($remoteuser->city)) {
if (get_profile_field($user->id, 'town') != $remoteuser->city) {
set_profile_field($user->id, 'town', $remoteuser->city);
}
$imported[] = 'town';
}
// Country
if (!empty($remoteuser->country)) {
$validcountries = array_keys(getoptions_country());
$newcountry = strtolower($remoteuser->country);
if (in_array($newcountry, $validcountries)) {
set_profile_field($user->id, 'country', $newcountry);
}
$imported[] = 'country';
}
// Language
if (!empty($remoteuser->lang)) {
$validlanguages = array_keys(get_languages());
$newlanguage = str_replace('_utf8', '', strtolower($remoteuser->lang)) . '.utf8';
if (in_array($newlanguage, $validlanguages)) {
set_account_preference($user->id, 'lang', $newlanguage);
$user->set_account_preference('lang', $newlanguage);
}
}
// Description
if (isset($remoteuser->description)) {
if (get_profile_field($user->id, 'introduction') != $remoteuser->description) {
set_profile_field($user->id, 'introduction', $remoteuser->description);
}
$imported[] = 'introduction';
}
// HTML Editor setting
if (isset($remoteuser->htmleditor)) {
$htmleditor = $remoteuser->htmleditor ? 1 : 0;
if ($htmleditor != get_account_preference($user->id, 'wysiwyg')) {
set_account_preference($user->id, 'wysiwyg', $htmleditor);
$user->set_account_preference('wysiwyg', $htmleditor);
}
}
return $imported;
}
$items[$element]['rules']['required'] = true;
}
if (isset($lockedfields[$element]) && !$USER->get('admin')) {
$items[$element]['disabled'] = true;
if ($element == 'email') {
$items[$element]['help'] = false;
}
}
}
if ($items['firstname']) {
$items['firstname']['autofocus'] = true;
}
if (isset($items['socialprofile']) && $items['socialprofile']) {
$items['socialprofile']['title'] = null;
}
$items['maildisabled']['ignore'] = !get_account_preference($USER->get('id'), 'maildisabled');
$items['maildisabled']['value'] = get_string('maildisableddescription', 'account', get_config('wwwroot') . 'account/index.php');
// build form elements
$elements = array('profile' => array('type' => 'fieldset', 'legend' => get_string('aboutme', 'artefact.internal'), 'class' => 'has-help' . $fieldset != 'aboutme' ? 'collapsed' : '', 'elements' => get_desired_fields($items, array('firstname', 'lastname', 'studentid', 'preferredname', 'introduction'), 'about')), 'contact' => array('type' => 'fieldset', 'legend' => get_string('contact', 'artefact.internal'), 'class' => $fieldset != 'contact' ? '' : '', 'elements' => get_desired_fields($items, array('email', 'maildisabled', 'officialwebsite', 'personalwebsite', 'blogaddress', 'address', 'town', 'city', 'country', 'homenumber', 'businessnumber', 'mobilenumber', 'faxnumber'), 'contact')), 'social' => array('type' => 'fieldset', 'legend' => get_string('social', 'artefact.internal'), 'class' => $fieldset != 'social' ? 'collapsed' : '', 'elements' => get_desired_fields($items, array('socialprofile'), 'social')), 'general' => array('type' => 'fieldset', 'legend' => get_string('general'), 'class' => $fieldset != 'general' ? 'collapsed' : '', 'elements' => $items), 'fs' => array('type' => 'hidden', 'value' => $fieldset), 'submit' => array('type' => 'submit', 'value' => get_string('saveprofile', 'artefact.internal'), 'class' => 'btn-primary'));
// Don't include fieldset if 'socialprofile' is not installed
if (!get_record('blocktype_installed', 'active', 1, 'name', 'socialprofile')) {
unset($elements['social']);
}
$profileform = pieform(array('name' => 'profileform', 'class' => 'jstabs form-group-nested', 'plugintype' => 'artefact', 'pluginname' => 'internal', 'method' => 'post', 'renderer' => 'div', 'elements' => $elements, 'autofocus' => false));
function get_desired_fields(&$allfields, $desiredfields, $section)
{
global $USER;
if ($section == 'about') {
$r = get_record_select('view', 'type = ? AND owner = ?', array('profile', $USER->id), 'id');
$label = '<div id="profileicon" class="profile-icon pseudolabel pull-left"><a href="' . get_config('wwwroot') . 'artefact/file/profileicons.php" class="user-icon"><img src="' . profile_icon_url($USER, 100, 100) . '" alt="' . get_string("editprofileicon", "artefact.file") . '"></a></div>';
$descr = '' . get_string('aboutprofilelinkdescription', 'artefact.internal', get_config('wwwroot') . 'view/blocks.php?id=' . $r->id);
/**
* Update user
*
* @param object $user stdclass for the usr table
* @param object $profile profile field/values to set
* @param string $remotename username on the remote site
* @param array $accountprefs user account preferences to set
* @param bool $forceupdateremote force delete of remotename before update attempted
* @return array list of updated fields
*/
function update_user($user, $profile, $remotename = null, $accountprefs = array(), $forceupdateremote = false, $quickhash = false)
{
require_once get_config('docroot') . 'auth/session.php';
if (!empty($user->id)) {
$oldrecord = get_record('usr', 'id', $user->id);
} else {
$oldrecord = get_record('usr', 'username', $user->username);
}
$userid = $oldrecord->id;
db_begin();
// Log the user out, otherwise they can overwrite all this on the next request
remove_user_sessions($userid);
$updated = array();
$newrecord = new StdClass();
foreach (get_object_vars($user) as $k => $v) {
if (!empty($v) && ($k == 'password' || empty($oldrecord->{$k}) || $oldrecord->{$k} != $v)) {
$newrecord->{$k} = $v;
$updated[$k] = $v;
}
if (!empty($v) && $k === 'email' && $oldrecord->{$k} != $v) {
set_user_primary_email($userid, $v);
}
}
if (count(get_object_vars($newrecord))) {
$newrecord->id = $userid;
update_record('usr', $newrecord);
if (!empty($newrecord->password)) {
$newrecord->authinstance = $user->authinstance;
reset_password($newrecord, false, $quickhash);
}
}
foreach (get_object_vars($profile) as $k => $v) {
if (get_profile_field($userid, $k) != $v) {
set_profile_field($userid, $k, $v);
$updated[$k] = $v;
}
}
if ($remotename) {
$oldremote = get_field('auth_remote_user', 'remoteusername', 'authinstance', $oldrecord->authinstance, 'localusr', $userid);
if ($remotename != $oldremote) {
$updated['remoteuser'] = $remotename;
}
delete_records('auth_remote_user', 'authinstance', $user->authinstance, 'localusr', $userid);
// force the update of the remoteuser - for the case of a series of user updates swapping the remoteuser name
if ($forceupdateremote) {
delete_records('auth_remote_user', 'authinstance', $user->authinstance, 'remoteusername', $remotename);
} else {
// remote username must not already exist
if (record_exists('auth_remote_user', 'remoteusername', $remotename, 'authinstance', $user->authinstance)) {
throw new InvalidArgumentException("user_update: remoteusername already in use: " . $remotename);
}
}
insert_record('auth_remote_user', (object) array('authinstance' => $user->authinstance, 'remoteusername' => $remotename, 'localusr' => $userid));
}
// Update account preferences
if (!empty($accountprefs)) {
$expectedprefs = expected_account_preferences();
foreach ($expectedprefs as $eprefkey => $epref) {
if (isset($accountprefs[$eprefkey]) && $accountprefs[$eprefkey] != get_account_preference($userid, $eprefkey)) {
set_account_preference($userid, $eprefkey, $accountprefs[$eprefkey]);
$updated[$eprefkey] = $accountprefs[$eprefkey];
}
}
}
db_commit();
return $updated;
}
function accountprefs_submit(Pieform $form, $values)
{
global $USER;
$authobj = AuthFactory::create($USER->authinstance);
db_begin();
if (isset($values['password1']) && $values['password1'] !== '') {
global $authclass;
$password = $authobj->change_password($USER, $values['password1']);
$USER->password = $password;
$USER->passwordchange = 0;
$USER->commit();
}
// use this as looping through values is not safe.
$expectedprefs = expected_account_preferences();
if ($values['maildisabled'] == 0 && get_account_preference($USER->get('id'), 'maildisabled') == 1) {
// Reset the sent and bounce counts otherwise mail will be disabled
// on the next send attempt
$u = new StdClass();
$u->email = $USER->get('email');
$u->id = $USER->get('id');
update_bounce_count($u, true);
update_send_count($u, true);
}
foreach (array_keys($expectedprefs) as $pref) {
if (isset($values[$pref])) {
$USER->set_account_preference($pref, $values[$pref]);
}
}
$returndata = array();
if (isset($values['username']) && $values['username'] != $USER->get('username')) {
$USER->username = $values['username'];
$USER->commit();
$returndata['username'] = $values['username'];
}
db_commit();
$returndata['message'] = get_string('prefssaved', 'account');
$form->json_reply(PIEFORM_OK, $returndata);
}
function accountprefs_submit(Pieform $form, $values)
{
global $USER, $SESSION;
$authobj = AuthFactory::create($USER->authinstance);
db_begin();
$ispasswordchanged = false;
if (isset($values['password1']) && $values['password1'] !== '') {
global $authclass;
$password = $authobj->change_password($USER, $values['password1']);
$USER->password = $password;
$USER->passwordchange = 0;
$USER->commit();
$ispasswordchanged = true;
}
// use this as looping through values is not safe.
$expectedprefs = expected_account_preferences();
if ($values['maildisabled'] == 0 && get_account_preference($USER->get('id'), 'maildisabled') == 1) {
// Reset the sent and bounce counts otherwise mail will be disabled
// on the next send attempt
$u = new StdClass();
$u->email = $USER->get('email');
$u->id = $USER->get('id');
update_bounce_count($u, true);
update_send_count($u, true);
}
// Remember the user's language & theme prefs, so we can reload the page if they change them
$oldlang = $USER->get_account_preference('lang');
$oldtheme = $USER->get_account_preference('theme');
$oldgroupsideblockmaxgroups = $USER->get_account_preference('groupsideblockmaxgroups');
$oldgroupsideblocksortby = $USER->get_account_preference('groupsideblocksortby');
if (get_config('allowmobileuploads')) {
// Make sure the mobile token is formatted / saved correctly
$values['mobileuploadtoken'] = array_filter($values['mobileuploadtoken']);
$new_token_pref = empty($values['mobileuploadtoken']) ? null : '|' . join('|', $values['mobileuploadtoken']) . '|';
$USER->set_account_preference('mobileuploadtoken', $new_token_pref);
unset($values['mobileuploadtoken']);
}
// Set user account preferences
foreach ($expectedprefs as $eprefkey => $epref) {
if (isset($values[$eprefkey]) && $values[$eprefkey] !== get_account_preference($USER->get('id'), $eprefkey)) {
$USER->set_account_preference($eprefkey, $values[$eprefkey]);
}
}
$returndata = array();
if (isset($values['username']) && $values['username'] != $USER->get('username')) {
$USER->username = $values['username'];
$USER->commit();
$returndata['username'] = $values['username'];
}
$reload = false;
if (get_config('cleanurls') && isset($values['urlid']) && $values['urlid'] != $USER->get('urlid')) {
$USER->urlid = $values['urlid'];
$USER->commit();
$reload = true;
}
if ($ispasswordchanged) {
// Destroy other sessions of the user
require_once get_config('docroot') . 'auth/session.php';
remove_user_sessions($USER->get('id'));
}
db_commit();
$returndata['message'] = get_string('prefssaved', 'account');
if (isset($values['theme']) && $values['theme'] != $oldtheme) {
$USER->update_theme();
$reload = true;
}
if (isset($values['lang']) && $values['lang'] != $oldlang) {
// The session language pref is used when the user has no user pref,
// and when logged out.
$SESSION->set('lang', $values['lang']);
$returndata['message'] = get_string_from_language($values['lang'], 'prefssaved', 'account');
$reload = true;
}
if (isset($values['groupsideblockmaxgroups']) && $values['groupsideblockmaxgroups'] != $oldgroupsideblockmaxgroups) {
$reload = true;
}
if ($values['groupsideblocksortby'] != $oldgroupsideblocksortby) {
$reload = true;
}
$reload = plugin_account_prefs_submit($form, $values) || $reload;
if (!empty($reload)) {
// Use PIEFORM_CANCEL here to force a page reload and show the new language.
$returndata['location'] = get_config('wwwroot') . 'account/index.php';
$SESSION->add_ok_msg($returndata['message']);
$form->json_reply(PIEFORM_CANCEL, $returndata);
}
$form->json_reply(PIEFORM_OK, $returndata);
}
* @author Melissa Draper <*****@*****.**>, Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*/
define('INTERNAL', 1);
require dirname(dirname(__FILE__)) . '/init.php';
require_once 'view.php';
require_once 'group.php';
safe_require('artefact', 'comment');
define('TITLE', get_string('report', 'group'));
define('MENUITEM', 'groups/report');
define('GROUP', param_integer('group'));
$wwwroot = get_config('wwwroot');
$needsubdomain = get_config('cleanurlusersubdomains');
$limit = param_integer('limit', 0);
$userlimit = get_account_preference($USER->get('id'), 'viewsperpage');
if ($limit > 0 && $limit != $userlimit) {
$USER->set_account_preference('viewsperpage', $limit);
} else {
$limit = $userlimit;
}
$offset = param_integer('offset', 0);
$sort = param_variable('sort', 'title');
$direction = param_variable('direction', 'asc');
$group = group_current_group();
$role = group_user_access($group->id);
if (!group_role_can_access_report($group, $role)) {
throw new AccessDeniedException();
}
$sharedviews = View::get_participation_sharedviews_data($group->id, $sort, $direction, $limit, $offset);
$pagination = array('baseurl' => $wwwroot . 'group/report.php?group=' . $group->id . '&sort=' . $sort . '&direction=' . $direction, 'id' => 'sharedviews_pagination', 'datatable' => 'sharedviewsreport', 'jsonscript' => 'group/participationsharedviews.json.php', 'setlimit' => true, 'resultcounttextsingular' => get_string('view', 'view'), 'resultcounttextplural' => get_string('views', 'view'));
function edituser_site_submit(Pieform $form, $values)
{
global $USER, $authobj, $SESSION;
if (!($user = get_record('usr', 'id', $values['id']))) {
return false;
}
if (is_using_probation()) {
// Value should be between 0 and 10 inclusive
$user->probation = ensure_valid_probation_points($values['probationpoints']);
}
if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) {
$user->quota = $values['quota'];
// check if the user has gone over the quota notify limit
$quotanotifylimit = get_config_plugin('artefact', 'file', 'quotanotifylimit');
if ($quotanotifylimit <= 0 || $quotanotifylimit >= 100) {
$quotanotifylimit = 100;
}
$user->quotausedpercent = $user->quotaused / $user->quota * 100;
$overlimit = false;
if ($quotanotifylimit <= $user->quotausedpercent) {
$overlimit = true;
}
$notified = get_field('usr_account_preference', 'value', 'field', 'quota_exceeded_notified', 'usr', $user->id);
if ($overlimit && '1' !== $notified) {
require_once get_config('docroot') . 'artefact/file/lib.php';
ArtefactTypeFile::notify_users_threshold_exceeded(array($user), false);
// no need to email admin as we can alert them right now
$SESSION->add_error_msg(get_string('useroverquotathreshold', 'artefact.file', display_name($user)));
} else {
if ($notified && !$overlimit) {
set_account_preference($user->id, 'quota_exceeded_notified', false);
}
}
}
$unexpire = $user->expiry && strtotime($user->expiry) < time() && (empty($values['expiry']) || $values['expiry'] > time());
$newexpiry = db_format_timestamp($values['expiry']);
if ($user->expiry != $newexpiry) {
$user->expiry = $newexpiry;
if ($unexpire) {
$user->expirymailsent = 0;
$user->lastaccess = db_format_timestamp(time());
}
}
// Try to kick the user from any active login sessions, before saving data.
require_once get_config('docroot') . 'auth/session.php';
remove_user_sessions($user->id);
if ($USER->get('admin')) {
// Not editable by institutional admins
$user->staff = (int) ($values['staff'] == 'on');
$user->admin = (int) ($values['admin'] == 'on');
if ($user->admin) {
activity_add_admin_defaults(array($user->id));
}
}
if ($values['maildisabled'] == 0 && get_account_preference($user->id, 'maildisabled') == 1) {
// Reset the sent and bounce counts otherwise mail will be disabled
// on the next send attempt
$u = new StdClass();
$u->email = $user->email;
$u->id = $user->id;
update_bounce_count($u, true);
update_send_count($u, true);
}
set_account_preference($user->id, 'maildisabled', $values['maildisabled']);
// process the change of the authinstance and or the remoteuser
if (isset($values['authinstance']) && isset($values['remoteusername'])) {
// Authinstance can be changed by institutional admins if both the
// old and new authinstances belong to the admin's institutions
$authinst = get_records_select_assoc('auth_instance', 'id = ? OR id = ?', array($values['authinstance'], $user->authinstance));
// But don't bother if the auth instance doesn't take a remote username
$authobj = AuthFactory::create($values['authinstance']);
if ($USER->get('admin') || $USER->is_institutional_admin($authinst[$values['authinstance']]->institution) && ($USER->is_institutional_admin($authinst[$user->authinstance]->institution) || $user->authinstance == 1)) {
if ($authobj->needs_remote_username()) {
// determine the current remoteuser
$current_remotename = get_field('auth_remote_user', 'remoteusername', 'authinstance', $user->authinstance, 'localusr', $user->id);
if (!$current_remotename) {
$current_remotename = $user->username;
}
// if the remoteuser is empty
if (strlen(trim($values['remoteusername'])) == 0) {
delete_records('auth_remote_user', 'authinstance', $user->authinstance, 'localusr', $user->id);
}
// what should the new remoteuser be
$new_remoteuser = get_field('auth_remote_user', 'remoteusername', 'authinstance', $values['authinstance'], 'localusr', $user->id);
// save the remotename for the target existence check
$target_remotename = $new_remoteuser;
if (!$new_remoteuser) {
$new_remoteuser = $user->username;
}
if (strlen(trim($values['remoteusername'])) > 0) {
// value changed on page - use it
if ($values['remoteusername'] != $current_remotename) {
$new_remoteuser = $values['remoteusername'];
}
}
// only update remote name if the input actually changed on the page or it doesn't yet exist
if ($current_remotename != $new_remoteuser || !$target_remotename) {
// only remove the ones related to this traget authinstance as we now allow multiple
// for dual login mechanisms
delete_records('auth_remote_user', 'authinstance', $values['authinstance'], 'localusr', $user->id);
insert_record('auth_remote_user', (object) array('authinstance' => $values['authinstance'], 'remoteusername' => $new_remoteuser, 'localusr' => $user->id));
}
}
// update the ai on the user master
$user->authinstance = $values['authinstance'];
// update the global $authobj to match the new authinstance
// this is used by the password/username change methods
// if either/both has been requested at the same time
$authobj = AuthFactory::create($user->authinstance);
}
}
// Only change the pw if the new auth instance allows for it
if (method_exists($authobj, 'change_password')) {
$user->passwordchange = (int) (isset($values['passwordchange']) && $values['passwordchange'] == 'on' ? 1 : 0);
if (isset($values['password']) && $values['password'] !== '') {
$userobj = new User();
$userobj = $userobj->find_by_id($user->id);
$user->password = $authobj->change_password($userobj, $values['password']);
$user->salt = $userobj->salt;
unset($userobj);
}
} else {
// inform the user that the chosen auth instance doesn't allow password changes
// but only if they tried changing it
if (isset($values['password']) && $values['password'] !== '') {
$SESSION->add_error_msg(get_string('passwordchangenotallowed', 'admin'));
// Set empty pw with salt
$user->password = '';
$user->salt = auth_get_random_salt();
}
}
if (isset($values['username']) && $values['username'] !== '') {
$userobj = new User();
$userobj = $userobj->find_by_id($user->id);
if ($userobj->username != $values['username']) {
// Only change the username if the auth instance allows for it
if (method_exists($authobj, 'change_username')) {
// check the existence of the chosen username
try {
if ($authobj->user_exists($values['username'])) {
// set an error message if it is already in use
$SESSION->add_error_msg(get_string('usernameexists', 'account'));
}
} catch (AuthUnknownUserException $e) {
// update the username otherwise
$user->username = $authobj->change_username($userobj, $values['username']);
}
} else {
// inform the user that the chosen auth instance doesn't allow username changes
$SESSION->add_error_msg(get_string('usernamechangenotallowed', 'admin'));
}
}
unset($userobj);
}
// OVERWRITE 4: insert
if (isset($values['email']) && !empty($values['email']) && $values['email'] != $user->email) {
global $CFG;
$user->email = $values['email'];
$mhr_user = $CFG->current_app->getUserById($user->id);
$mhr_user->setEmailAddress($values['email']);
}
// END OVERWRITE 4
db_begin();
update_record('usr', $user);
delete_records('usr_tag', 'usr', $user->id);
if (is_array($values['tags'])) {
$values['tags'] = check_case_sensitive($values['tags'], 'usr_tag');
foreach (array_unique($values['tags']) as $tag) {
if (empty($tag)) {
continue;
}
insert_record('usr_tag', (object) array('usr' => $user->id, 'tag' => strtolower($tag)));
}
}
db_commit();
$SESSION->add_ok_msg(get_string('usersitesettingschanged', 'admin'));
redirect('/admin/users/edit.php?id=' . $user->id);
}
if (!defined('CLI') && false === strpos($scriptfilename, 'admin/index.php') && false === strpos($scriptfilename, 'admin/upgrade.php') && false === strpos($scriptfilename, 'admin/upgrade.json.php') && false === strpos($scriptfilename, 'admin/cli/install.php') && false === strpos($scriptfilename, 'admin/cli/upgrade.php')) {
redirect('/admin/index.php');
}
}
if (defined('JSON') && !defined('NOSESSKEY')) {
$sesskey = param_variable('sesskey', null);
global $USER;
if ($sesskey === null || $USER->get('sesskey') != $sesskey) {
$USER->logout();
json_reply('global', get_string('invalidsesskey'), 1);
}
}
$mobile_detection_done = $SESSION->get('mobile_detection');
// Device detection
if (!$mobile_detection_done) {
if (get_config('installed') && get_account_preference($USER->get('id'), 'devicedetection')) {
require_once get_config('libroot') . 'mobile_detect/Mobile_Detect.php';
$detect = new Mobile_Detect();
$isMobile = $detect->isMobile();
$isTablet = $detect->isTablet();
$SESSION->set('handheld_device', $isMobile);
$SESSION->set('mobile', $isTablet ? false : $isMobile);
$SESSION->set('tablet', $isTablet);
} else {
$SESSION->set('handheld_device', false);
$SESSION->set('mobile', false);
$SESSION->set('tablet', false);
}
$SESSION->set('mobile_detection', true);
}
// Run modules bootstrap code.
public static function render_instance(BlockInstance $instance, $editing = false)
{
global $USER;
$userid = $instance->get_view()->get('owner');
if (!$userid) {
// 'My Friends' doesn't make sense for group/site views
return '';
}
$smarty = smarty_core();
$records = get_records_sql_array('SELECT usr1, usr2 FROM {usr_friend}
JOIN {usr} u1 ON (u1.id = usr1 AND u1.deleted = 0)
JOIN {usr} u2 ON (u2.id = usr2 AND u2.deleted = 0)
WHERE usr1 = ? OR usr2 = ?
ORDER BY ' . db_random() . '
LIMIT ?', array($userid, $userid, MAXFRIENDDISPLAY));
// get the friends into a 4x4 array
if ($records) {
$friends = array();
for ($i = 0; $i < 4; $i++) {
if (isset($records[4 * $i])) {
$friends[$i] = array();
for ($j = 4 * $i; $j < ($i + 1) * 4; $j++) {
if (isset($records[$j])) {
if ($records[$j]->usr1 == $userid) {
$friends[$i][] = $records[$j]->usr2;
} else {
$friends[$i][] = $records[$j]->usr1;
}
}
}
}
}
} else {
$friends = false;
}
$smarty->assign('friends', $friends);
// If the user has no friends, try and display something useful, such
// as a 'request friendship' button
$loggedinid = $USER->get('id');
$is_friend = is_friend($userid, $loggedinid);
if ($is_friend) {
$relationship = 'existingfriend';
} else {
if (record_exists('usr_friend_request', 'requester', $loggedinid, 'owner', $userid)) {
$relationship = 'requestedfriendship';
} else {
$relationship = 'none';
$friendscontrol = get_account_preference($userid, 'friendscontrol');
if ($friendscontrol == 'auto') {
$newfriendform = pieform(array('name' => 'myfriends_addfriend', 'successcallback' => 'addfriend_submit', 'autofocus' => false, 'renderer' => 'div', 'elements' => array('add' => array('type' => 'submit', 'value' => get_string('addtomyfriends', 'group')), 'id' => array('type' => 'hidden', 'value' => $userid))));
$smarty->assign('newfriendform', $newfriendform);
}
$smarty->assign('friendscontrol', $friendscontrol);
}
}
$smarty->assign('relationship', $relationship);
$smarty->assign_by_ref('USER', $USER);
$smarty->assign('USERID', $userid);
return $smarty->fetch('blocktype:myfriends:myfriends.tpl');
}
function pieform_element_wysiwyg_get_value(Pieform $form, $element)
{
global $USER;
$global = $form->get_property('method') == 'get' ? $_GET : $_POST;
if (isset($element['value'])) {
return $element['value'];
} else {
if (isset($global[$element['name']])) {
$value = $global[$element['name']];
if (!get_account_preference($USER->get('id'), 'wysiwyg')) {
$value = format_whitespace($value);
}
return $value;
} else {
if (isset($element['defaultvalue'])) {
return $element['defaultvalue'];
}
}
}
return null;
}
$grouprequestedlistform = $addform;
}
}
if ($is_friend) {
$relationship = 'existingfriend';
} else {
if (record_exists('usr_friend_request', 'requester', $loggedinid, 'owner', $userid)) {
$relationship = 'requestedfriendship';
} else {
if ($record = get_record('usr_friend_request', 'requester', $userid, 'owner', $loggedinid)) {
$relationship = 'pending';
$remoteusermessage = $record->message;
$remoteuseracceptform = acceptfriend_form($userid);
} else {
$relationship = 'none';
$friendscontrol = get_account_preference($userid, 'friendscontrol');
if ($friendscontrol == 'auto') {
$remoteusernewfriendform = addfriend_form($userid);
}
$remoteuserfriendscontrol = $friendscontrol;
}
}
}
$remoteuserrelationship = $relationship;
}
if ($userid != $USER->get('id') && $USER->is_admin_for_user($user) && is_null($USER->get('parentuser'))) {
$loginas = get_string('loginasuser', 'admin', display_username($user));
} else {
$loginas = null;
}
// Set up skin, if the page has one
public static function views_by_owner($group = null, $institution = null)
{
global $USER;
// Pagination configuration
$setlimit = true;
$limit = param_integer('limit', 0);
$userlimit = get_account_preference($USER->get('id'), 'viewsperpage');
if ($limit > 0 && $limit != $userlimit) {
$USER->set_account_preference('viewsperpage', $limit);
} else {
$limit = $userlimit;
}
$offset = param_integer('offset', 0);
$orderby = param_variable('orderby', null);
$query = param_variable('query', null);
$tag = param_variable('tag', null);
$searchoptions = array('titleanddescription' => get_string('titleanddescription', 'view'), 'tagsonly' => get_string('tagsonly', 'view'));
if (!empty($tag)) {
$searchtype = 'tagsonly';
$searchdefault = $tag;
$query = null;
} else {
$searchtype = 'titleanddescription';
$searchdefault = $query;
}
$searchform = array('name' => 'searchviews', 'checkdirtychange' => false, 'renderer' => 'oneline', 'elements' => array('query' => array('type' => 'text', 'title' => get_string('search') . ': ', 'defaultvalue' => $searchdefault), 'type' => array('title' => get_string('searchwithin'), 'hiddenlabel' => true, 'type' => 'select', 'options' => $searchoptions, 'defaultvalue' => $searchtype), 'orderby' => array('type' => 'select', 'title' => get_string('sortby'), 'options' => array('atoz' => get_string('defaultsort', 'view'), 'latestcreated' => get_string('latestcreated', 'view'), 'latestmodified' => get_string('latestmodified', 'view'), 'latestviewed' => get_string('latestviewed', 'view'), 'mostvisited' => get_string('mostvisited', 'view'), 'mostcomments' => get_string('mostcomments', 'view')), 'defaultvalue' => $orderby), 'setlimit' => array('type' => 'hidden', 'value' => $setlimit), 'submit' => array('type' => 'submit', 'value' => get_string('search'))));
if ($group) {
$searchform['elements']['group'] = array('type' => 'hidden', 'name' => 'group', 'value' => $group);
} else {
if ($institution) {
$searchform['elements']['institution'] = array('type' => 'hidden', 'name' => 'institution', 'value' => $institution);
}
}
$searchform = pieform($searchform);
$data = self::get_myviews_data($limit, $offset, $query, $tag, $group, $institution, $orderby);
$url = self::get_myviews_url($group, $institution, $query, $tag, $orderby);
$pagination = build_pagination(array('url' => $url, 'count' => $data->count, 'limit' => $limit, 'setlimit' => $setlimit, 'offset' => $offset, 'jumplinks' => 6, 'numbersincludeprevnext' => 2));
return array($searchform, $data, $pagination);
}
/**
*
* @package mahara
* @subpackage core
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
define('INTERNAL', 1);
define('MENUITEM', 'groups/findfriends');
require dirname(dirname(__FILE__)) . '/init.php';
require_once 'pieforms/pieform.php';
$id = param_integer('id');
if (get_account_preference($id, 'friendscontrol') != 'auth' || $id == $USER->get('id') || !($user = get_record('usr', 'id', $id, 'deleted', 0))) {
throw new AccessDeniedException(get_string('cantrequestfriendship', 'group'));
}
$user->introduction = get_field('artefact', 'title', 'artefacttype', 'introduction', 'owner', $id);
define('TITLE', get_string('sendfriendshiprequest', 'group', display_name($id)));
$returnto = param_alpha('returnto', 'myfriends');
$offset = param_integer('offset', 0);
switch ($returnto) {
case 'find':
$goto = 'user/find.php';
break;
case 'view':
$goto = profile_url($user, false);
break;
default:
$goto = 'user/myfriends.php';
$elements = array();
$options = array();
foreach ($notifications as $n) {
$options[$n->name] = get_string('name', 'notification.' . $n->name);
}
foreach ($activitytypes as $type) {
$dv = $USER->get_activity_preference($type->id);
if (empty($dv)) {
$dv = call_static_method(generate_activity_class_name($type->name, $type->plugintype, $type->pluginname), 'default_notification_method');
}
if (!empty($type->plugintype)) {
$section = $type->plugintype . '.' . $type->pluginname;
} else {
$section = 'activity';
}
if ($dv == 'email' && !isset($maildisabledmsg) && get_account_preference($USER->get('id'), 'maildisabled')) {
$SESSION->add_error_msg(get_string('maildisableddescription', 'account', get_config('wwwroot') . 'account/'), false);
$maildisabledmsg = true;
}
$elements['activity_' . $type->id] = array('defaultvalue' => $dv, 'type' => 'select', 'title' => get_string('type' . $type->name, $section), 'options' => $options, 'rules' => array('required' => true));
if (!empty($type->admin)) {
$elements['activity_' . $type->id]['rules']['required'] = false;
$elements['activity_' . $type->id]['options']['none'] = get_string('none');
}
}
$elements['submit'] = array('type' => 'submit', 'value' => get_string('save'));
$prefsform = pieform(array('name' => 'activityprefs', 'method' => 'post', 'jsform' => true, 'renderer' => 'table', 'plugintype ' => 'core', 'pluginname' => 'account', 'elements' => $elements));
$smarty = smarty();
$smarty->assign('pagedescription', get_string('prefsdescr', 'activity'));
$smarty->assign('form', $prefsform);
$smarty->assign('PAGEHEADING', TITLE);
