コード例 #1
0
ファイル: user_edit.php プロジェクト: ragebat/chamilo-lms
$image_path = UserManager::get_user_picture_path_by_id($user_id, 'web');
$image_dir = $image_path['dir'];
$image = $image_path['file'];
$image_file = $image != '' ? $image_dir . $image : api_get_path(WEB_IMG_PATH) . 'unknown.jpg';
$image_size = api_getimagesize($image_file);
// get the path,width and height from original picture
$big_image = $image_dir . 'big_' . $image;
$big_image_size = api_getimagesize($big_image);
$big_image_width = $big_image_size['width'];
$big_image_height = $big_image_size['height'];
$url_big_image = $big_image . '?rnd=' . time();
// Display form
$content = $form->return_form();
$em = Container::getEntityManager();
$request = Container::getRequest();
$user = new User();
if (!empty($user_id)) {
    $user = $em->getRepository('ChamiloUserBundle:User')->find($user_id);
}
$builder = Container::getFormFactory()->createBuilder(new UserType(Container::getSecurity()), $user);
$form = $builder->getForm();
$form->handleRequest($request);
if ($form->isValid()) {
    $em->flush();
    Container::addFlash(get_lang('Updated'));
    $url = Container::getRouter()->generate('main', array('name' => 'admin/user_list.php'));
    header('Location: ' . $url);
    exit;
}
$urlAction = api_get_self() . '?user_id=' . $user_id;
echo Container::getTemplate()->render('ChamiloCoreBundle:User:create.html.twig', array('form' => $form->createView(), 'url' => $urlAction));
コード例 #2
0
ファイル: api.lib.php プロジェクト: ragebat/chamilo-lms
/**
 * Checks whether the user given as user id is in the admin table.
 * @param int User ID. If none provided, will use current user
 * @param int URL ID. If provided, also check if the user is active on given URL
 * @result bool True if the user is admin, false otherwise
 */
function api_is_platform_admin_by_id($user_id = null, $url = null)
{
    $user_id = intval($user_id);
    if (!Container::getSecurity()->isGranted('IS_AUTHENTICATED_FULLY')) {
        return false;
    }
    if (empty($user_id)) {
        $user = Container::getSecurity()->getToken()->getUser();
    } else {
        $user = Container::getEntityManager()->getRepository('ChamiloUserBundle:User')->find($user_id);
    }
    $admin = Container::getEntityManager()->getRepository('ChamiloUserBundle:Group')->findOneBy(array('name' => 'admins'));
    $is_admin = $user->getGroups()->contains($admin);
    /*
        $admin_table = Database::get_main_table(TABLE_MAIN_ADMIN);
        $sql = "SELECT * FROM $admin_table WHERE user_id = $user_id";
        $res = Database::query($sql);
        $is_admin = Database::num_rows($res) === 1;*/
    if (!$is_admin or !isset($url)) {
        return $is_admin;
    }
    $portal = Container::getEntityManager()->getRepository('ChamiloCoreBundle:AccessUrl')->find($url);
    return $user->getPortals()->contains($portal);
    /*
        // We get here only if $url is set
        $url = intval($url);
        $url_user_table = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
        $sql = "SELCT * FROM $url_user_table WHERE access_url_id = $url AND user_id = $user_id";
        $res = Database::query($sql);
        $is_on_url = Database::num_rows($res) === 1;
        return $is_on_url;*/
}
コード例 #3
0
ファイル: user_list.php プロジェクト: ragebat/chamilo-lms
/**
 * Build the modify-column of the table
 * @param   int     The user id
 * @param   string  URL params to add to table links
 * @param   array   Row of elements to alter
 * @return string Some HTML-code with modify-buttons
 */
function modify_filter($user_id, $url_params, $row)
{
    global $delete_user_available;
    $userId = api_get_user_id();
    $is_admin = $row['is_admin'];
    $user_is_anonymous = $row['is_anonymous'];
    $result = '';
    if (!$user_is_anonymous) {
        $icon = Display::return_icon('course.png', get_lang('Courses'), array('onmouseout' => 'clear_course_list (\'div_' . $user_id . '\')'));
        $result .= '<a href="javascript:void(0)" onclick="load_course_list(\'div_' . $user_id . '\',' . $user_id . ')" >
			        ' . $icon . '
					<div class="blackboard_hide" id="div_' . $user_id . '">&nbsp;&nbsp;</div>
					</a>';
        $icon = Display::return_icon('session.png', get_lang('Sessions'), array('onmouseout' => 'clear_session_list (\'div_s_' . $user_id . '\')'));
        $result .= '<a href="javascript:void(0)" onclick="load_session_list(\'div_s_' . $user_id . '\',' . $user_id . ')" >
					' . $icon . '
					<div class="blackboard_hide" id="div_s_' . $user_id . '">&nbsp;&nbsp;</div>
					</a>';
    } else {
        $result .= Display::return_icon('course_na.png', get_lang('Courses')) . '&nbsp;&nbsp;';
        $result .= Display::return_icon('course_na.png', get_lang('Sessions')) . '&nbsp;&nbsp;';
    }
    if (api_is_platform_admin()) {
        if (!$user_is_anonymous) {
            $result .= '<a href="user_information.php?user_id=' . $user_id . '">' . Display::return_icon('synthese_view.gif', get_lang('Info')) . '</a>&nbsp;&nbsp;';
        } else {
            $result .= Display::return_icon('synthese_view_na.gif', get_lang('Info')) . '&nbsp;&nbsp;';
        }
    }
    //only allow platform admins to login_as, or session admins only for
    // students (not teachers nor other admins), and only if all options
    // match to say this user has the permission to do so
    // $_configuration['login_as_forbidden_globally'], defined in
    // configuration.php, is the master key to these conditions
    if (Container::getSecurity()->isGranted('ROLE_GLOBAL_ADMIN')) {
        // everything looks good, show "login as" link
        if ($user_id != $userId) {
            $result .= '<a href="' . api_get_path(WEB_PUBLIC_PATH) . '?_switch_user='******'">' . Display::return_icon('login_as.gif', get_lang('LoginAs')) . '</a>&nbsp;&nbsp;';
        } else {
            $result .= Display::return_icon('login_as_na.gif', get_lang('LoginAs')) . '&nbsp;&nbsp;';
        }
    } else {
        // if this user in particular can't be edited, show disabled
        $result .= Display::return_icon('login_as_na.gif', get_lang('LoginAs')) . '&nbsp;&nbsp;';
    }
    if (api_is_platform_admin(true)) {
        if (!$user_is_anonymous && api_global_admin_can_edit_admin($user_id, null, true)) {
            $result .= '<a href="user_edit.php?user_id=' . $user_id . '">' . Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL) . '</a>&nbsp;';
        } else {
            $result .= Display::return_icon('edit_na.png', get_lang('Edit'), array(), ICON_SIZE_SMALL) . '</a>&nbsp;';
        }
    }
    if ($is_admin) {
        $result .= Display::return_icon('admin_star.png', get_lang('IsAdministrator'), array('width' => ICON_SIZE_SMALL, 'heigth' => ICON_SIZE_SMALL));
    } else {
        $result .= Display::return_icon('admin_star_na.png', get_lang('IsNotAdministrator'));
    }
    // actions for assigning sessions, courses or users
    if (api_is_session_admin()) {
        /*if ($row[0] == api_get_user_id()) {
        			$result .= '<a href="dashboard_add_sessions_to_user.php?user='******'">'.Display::return_icon('view_more_stats.gif', get_lang('AssignSessions')).'</a>&nbsp;&nbsp;';
        		}*/
    }
    //var_dump($row['groups']);
    if (api_is_platform_admin()) {
        if ($row['groups']->containsKey('drh') || $is_admin) {
            $result .= '<a href="dashboard_add_users_to_user.php?user='******'">' . Display::return_icon('user_subscribe_course.png', get_lang('AssignUsers'), '', ICON_SIZE_SMALL) . '</a>';
            $result .= '<a href="dashboard_add_courses_to_user.php?user='******'">' . Display::return_icon('course_add.gif', get_lang('AssignCourses')) . '</a>&nbsp;&nbsp;';
            $result .= '<a href="dashboard_add_sessions_to_user.php?user='******'">' . Display::return_icon('view_more_stats.gif', get_lang('AssignSessions')) . '</a>&nbsp;&nbsp;';
        } else {
            if ($row['groups']->containsKey('session_admin')) {
                $result .= '<a href="dashboard_add_sessions_to_user.php?user='******'">' . Display::return_icon('view_more_stats.gif', get_lang('AssignSessions')) . '</a>&nbsp;&nbsp;';
            }
        }
    }
    if (api_is_platform_admin()) {
        $result .= ' <a href="' . api_get_path(WEB_AJAX_PATH) . 'agenda.ajax.php?a=get_user_agenda&amp;user_id=' . $user_id . '" class="agenda_opener">' . Display::return_icon('month.png', get_lang('FreeBusyCalendar'), array(), ICON_SIZE_SMALL) . '</a>';
        if ($delete_user_available) {
            if ($user_id != api_get_user_id() && !$user_is_anonymous && api_global_admin_can_edit_admin($user_id)) {
                // you cannot lock yourself out otherwise you could disable all the accounts including your own => everybody is locked out and nobody can change it anymore.
                $result .= ' <a href="user_list.php?action=delete_user&amp;user_id=' . $user_id . '&amp;' . $url_params . '&amp;sec_token=' . Security::getCurrentToken() . '"  onclick="javascript:if(!confirm(' . "'" . addslashes(get_lang("ConfirmYourChoice")) . "'" . ')) return false;">' . Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL) . '</a>';
            } else {
                $result .= Display::return_icon('delete_na.png', get_lang('Delete'), array(), ICON_SIZE_SMALL);
            }
        }
    }
    return $result;
}