function get_selection_data($ufiltering) { global $SESSION, $DB, $CFG; // get the SQL filter list($sqlwhere, $params) = $ufiltering->get_sql_filter("id<>:exguest AND deleted <> 1", array('exguest' => $CFG->siteguest)); $total = $DB->count_records_select('user', "id<>:exguest AND deleted <> 1", array('exguest' => $CFG->siteguest)); $acount = $DB->count_records_select('user', $sqlwhere, $params); $scount = count($SESSION->bulk_users); $userlist = array('acount' => $acount, 'scount' => $scount, 'ausers' => false, 'susers' => false, 'total' => $total); $userlist['ausers'] = $DB->get_records_select_menu('user', $sqlwhere, $params, 'fullname', 'id,' . fullname_sql() . ' AS fullname', 0, MAX_BULK_USERS); if ($scount) { if ($scount < MAX_BULK_USERS) { $in = implode(',', $SESSION->bulk_users); } else { $bulkusers = array_slice($SESSION->bulk_users, 0, MAX_BULK_USERS, true); $in = implode(',', $bulkusers); } $userlist['susers'] = $DB->get_records_select_menu('user', "id IN ({$in})", null, 'fullname', 'id,' . fullname_sql() . ' AS fullname'); } return $userlist; }
require_capability('moodle/user:delete', get_context_instance(CONTEXT_SYSTEM)); $return = $CFG->wwwroot . '/' . $CFG->admin . '/user/user_bulk.php'; if (empty($SESSION->bulk_users)) { redirect($return); } echo $OUTPUT->header(); //TODO: add support for large number of users if ($confirm and confirm_sesskey()) { list($in, $params) = $DB->get_in_or_equal($SESSION->bulk_users); $rs = $DB->get_recordset_select('user', "id {$in}", $params); foreach ($rs as $user) { if (!is_siteadmin($user) and $USER->id != $user->id and delete_user($user)) { unset($SESSION->bulk_users[$user->id]); } else { echo $OUTPUT->notification(get_string('deletednot', '', fullname($user, true))); } } $rs->close(); session_gc(); // remove stale sessions redirect($return, get_string('changessaved')); } else { list($in, $params) = $DB->get_in_or_equal($SESSION->bulk_users); $userlist = $DB->get_records_select_menu('user', "id {$in}", $params, 'fullname', 'id,' . fullname_sql() . ' AS fullname'); $usernames = implode(', ', $userlist); echo $OUTPUT->heading(get_string('confirmation', 'admin')); $formcontinue = new single_button(new moodle_url('user_bulk_delete.php', array('confirm' => 1)), get_string('yes')); $formcancel = new single_button(new moodle_url('user_bulk.php'), get_string('no'), 'get'); echo $OUTPUT->confirm(get_string('deletecheckfull', '', $usernames), $formcontinue, $formcancel); } echo $OUTPUT->footer();
function print_log_ods($course, $user, $date, $order = 'l.time DESC', $modname, $modid, $modaction, $groupid) { global $CFG, $DB; require_once "{$CFG->libdir}/odslib.class.php"; if (!($logs = build_logs_array($course, $user, $date, $order, '', '', $modname, $modid, $modaction, $groupid))) { return false; } $courses = array(); if ($course->id == SITEID) { $courses[0] = ''; if ($ccc = get_courses('all', 'c.id ASC', 'c.id,c.shortname')) { foreach ($ccc as $cc) { $courses[$cc->id] = $cc->shortname; } } } else { $courses[$course->id] = $course->shortname; } $count = 0; $ldcache = array(); $tt = getdate(time()); $today = mktime(0, 0, 0, $tt["mon"], $tt["mday"], $tt["year"]); $strftimedatetime = get_string("strftimedatetime"); $nroPages = ceil(count($logs) / (EXCELROWS - FIRSTUSEDEXCELROW + 1)); $filename = 'logs_' . userdate(time(), get_string('backupnameformat', 'langconfig'), 99, false); $filename .= '.ods'; $workbook = new MoodleODSWorkbook('-'); $workbook->send($filename); $worksheet = array(); $headers = array(get_string('course'), get_string('time'), get_string('ip_address'), get_string('fullnamecourse'), get_string('action'), get_string('info')); // Creating worksheets for ($wsnumber = 1; $wsnumber <= $nroPages; $wsnumber++) { $sheettitle = get_string('logs') . ' ' . $wsnumber . '-' . $nroPages; $worksheet[$wsnumber] =& $workbook->add_worksheet($sheettitle); $worksheet[$wsnumber]->set_column(1, 1, 30); $worksheet[$wsnumber]->write_string(0, 0, get_string('savedat') . userdate(time(), $strftimedatetime)); $col = 0; foreach ($headers as $item) { $worksheet[$wsnumber]->write(FIRSTUSEDEXCELROW - 1, $col, $item, ''); $col++; } } if (empty($logs['logs'])) { $workbook->close(); return true; } $formatDate =& $workbook->add_format(); $formatDate->set_num_format(get_string('log_excel_date_format')); $row = FIRSTUSEDEXCELROW; $wsnumber = 1; $myxls =& $worksheet[$wsnumber]; foreach ($logs['logs'] as $log) { if (isset($ldcache[$log->module][$log->action])) { $ld = $ldcache[$log->module][$log->action]; } else { $ld = $DB->get_record('log_display', array('module' => $log->module, 'action' => $log->action)); $ldcache[$log->module][$log->action] = $ld; } if ($ld && !empty($log->info)) { // ugly hack to make sure fullname is shown correctly if ($ld->mtable == 'user' and $ld->field == fullname_sql()) { $log->info = fullname($DB->get_record($ld->mtable, array('id' => $log->info)), true); } else { $log->info = $DB->get_field($ld->mtable, $ld->field, array('id' => $log->info)); } } // Filter log->info $log->info = format_string($log->info); $log->info = strip_tags(urldecode($log->info)); // Some XSS protection if ($nroPages > 1) { if ($row > EXCELROWS) { $wsnumber++; $myxls =& $worksheet[$wsnumber]; $row = FIRSTUSEDEXCELROW; } } $myxls->write_string($row, 0, $courses[$log->course]); $myxls->write_date($row, 1, $log->time); $myxls->write_string($row, 2, $log->ip); $fullname = fullname($log, has_capability('moodle/site:viewfullnames', get_context_instance(CONTEXT_COURSE, $course->id))); $myxls->write_string($row, 3, $fullname); $myxls->write_string($row, 4, $log->module . ' ' . $log->action); $myxls->write_string($row, 5, $log->info); $row++; } $workbook->close(); return true; }
/** * @todo Finish documenting this function * * @param string $sort An SQL field to sort by * @param string $dir The sort direction ASC|DESC * @param int $page The page or records to return * @param int $recordsperpage The number of records to return per page * @param string $search A simple string to search for * @param string $firstinitial Users whose first name starts with $firstinitial * @param string $lastinitial Users whose last name starts with $lastinitial * @param string $extraselect An additional SQL select statement to append to the query * @param array $extraparams Additional parameters to use for the above $extraselect * @return array Array of {@link $USER} records */ function get_users_listing($sort = 'lastaccess', $dir = 'ASC', $page = 0, $recordsperpage = 0, $search = '', $firstinitial = '', $lastinitial = '', $extraselect = '', array $extraparams = null) { global $DB; $fullname = fullname_sql(); $select = "deleted <> 1"; $params = array(); if (!empty($search)) { $search = trim($search); $select .= " AND (" . $DB->sql_like($fullname, ':search1', false, false) . " OR " . $DB->sql_like('email', ':search2', false, false) . " OR username = :search3)"; $params['search1'] = "%{$search}%"; $params['search2'] = "%{$search}%"; $params['search3'] = "{$search}"; } if ($firstinitial) { $select .= " AND " . $DB->sql_like('firstname', ':fni', false, false); $params['fni'] = "{$firstinitial}%"; } if ($lastinitial) { $select .= " AND " . $DB->sql_like('lastname', ':lni', false, false); $params['lni'] = "{$lastinitial}%"; } if ($extraselect) { $select .= " AND {$extraselect}"; $params = $params + (array) $extraparams; } if ($sort) { $sort = " ORDER BY {$sort} {$dir}"; } /// warning: will return UNCONFIRMED USERS return $DB->get_records_sql("SELECT id, username, email, firstname, lastname, city, country, lastaccess, confirmed, mnethostid\n FROM {user}\n WHERE {$select}\n {$sort}", $params, $page, $recordsperpage); }
<?php // This file is part of Moodle - http://moodle.org/ // // Moodle is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // // Moodle is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Moodle. If not, see <http://www.gnu.org/licenses/>. /** * Definition of log events * * @package core * @subpackage admin * @copyright 2010 Petr Skoda (http://skodak.org) * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ defined('MOODLE_INTERNAL') || die; global $DB; // TODO: this is a hack, we should really do something with the SQL in SQL tables $logs = array(array('module' => 'user', 'action' => 'view', 'mtable' => 'user', 'field' => fullname_sql()), array('module' => 'course', 'action' => 'user report', 'mtable' => 'user', 'field' => fullname_sql()), array('module' => 'course', 'action' => 'view', 'mtable' => 'course', 'field' => 'fullname'), array('module' => 'course', 'action' => 'update', 'mtable' => 'course', 'field' => 'fullname'), array('module' => 'course', 'action' => 'enrol', 'mtable' => 'course', 'field' => 'fullname'), array('module' => 'course', 'action' => 'unenrol', 'mtable' => 'course', 'field' => 'fullname'), array('module' => 'course', 'action' => 'report log', 'mtable' => 'course', 'field' => 'fullname'), array('module' => 'course', 'action' => 'report live', 'mtable' => 'course', 'field' => 'fullname'), array('module' => 'course', 'action' => 'report outline', 'mtable' => 'course', 'field' => 'fullname'), array('module' => 'course', 'action' => 'report participation', 'mtable' => 'course', 'field' => 'fullname'), array('module' => 'course', 'action' => 'report stats', 'mtable' => 'course', 'field' => 'fullname'), array('module' => 'message', 'action' => 'write', 'mtable' => 'user', 'field' => fullname_sql()), array('module' => 'message', 'action' => 'read', 'mtable' => 'user', 'field' => fullname_sql()), array('module' => 'message', 'action' => 'add contact', 'mtable' => 'user', 'field' => fullname_sql()), array('module' => 'message', 'action' => 'remove contact', 'mtable' => 'user', 'field' => fullname_sql()), array('module' => 'message', 'action' => 'block contact', 'mtable' => 'user', 'field' => fullname_sql()), array('module' => 'message', 'action' => 'unblock contact', 'mtable' => 'user', 'field' => fullname_sql()), array('module' => 'group', 'action' => 'view', 'mtable' => 'groups', 'field' => 'name'), array('module' => 'tag', 'action' => 'update', 'mtable' => 'tag', 'field' => 'name'));
$select .= $ccselect; $joins[] = $ccjoin; // limit list to users with some role only if ($roleid) { $wheres[] = "u.id IN (SELECT userid FROM {role_assignments} WHERE roleid = :roleid AND contextid {$contextlist})"; $params['roleid'] = $roleid; } $from = implode("\n", $joins); if ($wheres) { $where = "WHERE " . implode(" AND ", $wheres); } else { $where = ""; } $totalcount = $DB->count_records_sql("SELECT COUNT(u.id) {$from} {$where}", $params); if (!empty($search)) { $fullname = fullname_sql('u.'); $wheres[] = "(" . $DB->sql_like($fullname, ':search1', false, false) . " OR " . $DB->sql_like('email', ':search2', false, false) . " OR " . $DB->sql_like('idnumber', ':search3', false, false) . ") "; $params['search1'] = "%{$search}%"; $params['search2'] = "%{$search}%"; $params['search3'] = "%{$search}%"; } list($twhere, $tparams) = $table->get_sql_where(); if ($twhere) { $wheres[] = $twhere; $params = array_merge($params, $tparams); } $from = implode("\n", $joins); if ($wheres) { $where = "WHERE " . implode(" AND ", $wheres); } else { $where = "";
/** * Gets an array of the users that can be enrolled in this course. * * @global moodle_database $DB * @param int $enrolid * @param string $search * @param bool $searchanywhere * @param int $page Defaults to 0 * @param int $perpage Defaults to 25 * @return array Array(totalusers => int, users => array) */ public function get_potential_users($enrolid, $search = '', $searchanywhere = false, $page = 0, $perpage = 25) { global $DB, $CFG; // Add some additional sensible conditions $tests = array("id <> :guestid", 'u.deleted = 0', 'u.confirmed = 1'); $params = array('guestid' => $CFG->siteguest); if (!empty($search)) { $conditions = array(fullname_sql('u.'), 'u.email'); if ($searchanywhere) { $searchparam = '%' . $search . '%'; } else { $searchparam = $search . '%'; } $i = 0; foreach ($conditions as $key => $condition) { $conditions[$key] = $DB->sql_like($condition, ":con{$i}00", false); $params["con{$i}00"] = $searchparam; $i++; } $tests[] = '(' . implode(' OR ', $conditions) . ')'; } $wherecondition = implode(' AND ', $tests); $ufields = user_picture::fields('u', array('username', 'lastaccess')); $fields = 'SELECT ' . $ufields; $countfields = 'SELECT COUNT(1)'; $sql = " FROM {user} u\n WHERE {$wherecondition}\n AND u.id NOT IN (SELECT ue.userid\n FROM {user_enrolments} ue\n JOIN {enrol} e ON (e.id = ue.enrolid AND e.id = :enrolid))"; $order = ' ORDER BY u.lastname ASC, u.firstname ASC'; $params['enrolid'] = $enrolid; $totalusers = $DB->count_records_sql($countfields . $sql, $params); $availableusers = $DB->get_records_sql($fields . $sql . $order, $params, $page * $perpage, $perpage); return array('totalusers' => $totalusers, 'users' => $availableusers); }
/** * Search through course users * * If $coursid specifies the site course then this function searches * through all undeleted and confirmed users * @param int $courseid The course in question. * @param string $searchtext the text to search for * @param string $sort the column name to order by * @param string $exceptions comma separated list of user IDs to exclude * @return array An array of {@link $USER} records. */ function message_search_users($courseid, $searchtext, $sort = '', $exceptions = '') { global $CFG, $USER, $DB; $fullname = fullname_sql(); if (!empty($exceptions)) { $except = ' AND u.id NOT IN (' . $exceptions . ') '; } else { $except = ''; } if (!empty($sort)) { $order = ' ORDER BY ' . $sort; } else { $order = ''; } $ufields = user_picture::fields('u'); if (!$courseid or $courseid == SITEID) { $params = array($USER->id, "%{$searchtext}%"); return $DB->get_records_sql("SELECT {$ufields}, mc.id as contactlistid, mc.blocked\n FROM {user} u\n LEFT JOIN {message_contacts} mc\n ON mc.contactid = u.id AND mc.userid = ?\n WHERE u.deleted = '0' AND u.confirmed = '1'\n AND (" . $DB->sql_like($fullname, '?', false) . ")\n {$except}\n {$order}", $params); } else { //TODO: add enabled enrolment join here (skodak) $context = get_context_instance(CONTEXT_COURSE, $courseid); $contextlists = get_related_contexts_string($context); // everyone who has a role assignment in this course or higher $params = array($USER->id, "%{$searchtext}%"); $users = $DB->get_records_sql("SELECT {$ufields},\n FROM {user} u, mc.id as contactlistid, mc.blocked\n JOIN {role_assignments} ra ON ra.userid = u.id\n LEFT JOIN {message_contacts} mc\n ON mc.contactid = u.id AND mc.userid = ?\n WHERE u.deleted = '0' AND u.confirmed = '1'\n AND ra.contextid {$contextlists}\n AND (" . $DB->sql_like($fullname, '?', false) . ")\n {$except}\n {$order}", $params); return $users; } }
/** * @param string $search the text to search for. * @param string $u the table alias for the user table in the query being * built. May be ''. * @return array an array with two elements, a fragment of SQL to go in the * where clause the query, and an array containing any required parameters. * this uses ? style placeholders. */ protected function search_sql($search, $u) { global $DB, $CFG; $params = array(); $tests = array(); if ($u) { $u .= '.'; } // If we have a $search string, put a field LIKE '$search%' condition on each field. if ($search) { $conditions = array(fullname_sql($u), $conditions[] = $u . 'lastname'); foreach ($this->extrafields as $field) { $conditions[] = $u . $field; } if ($this->searchanywhere) { $searchparam = '%' . $search . '%'; } else { $searchparam = $search . '%'; } $i = 0; foreach ($conditions as $key => $condition) { $conditions[$key] = $DB->sql_like($condition, ":con{$i}00", false, false); $params["con{$i}00"] = $searchparam; $i++; } $tests[] = '(' . implode(' OR ', $conditions) . ')'; } // Add some additional sensible conditions $tests[] = $u . "id <> :guestid"; $params['guestid'] = $CFG->siteguest; $tests[] = $u . 'deleted = 0'; $tests[] = $u . 'confirmed = 1'; // If we are being asked to exclude any users, do that. if (!empty($this->exclude)) { list($usertest, $userparams) = $DB->get_in_or_equal($this->exclude, SQL_PARAMS_NAMED, 'ex000', false); $tests[] = $u . 'id ' . $usertest; $params = array_merge($params, $userparams); } // If we are validating a set list of userids, add an id IN (...) test. if (!empty($this->validatinguserids)) { list($usertest, $userparams) = $DB->get_in_or_equal($this->validatinguserids, SQL_PARAMS_NAMED, 'val000'); $tests[] = $u . 'id ' . $usertest; $params = array_merge($params, $userparams); } if (empty($tests)) { $tests[] = '1 = 1'; } // Combing the conditions and return. return array(implode(' AND ', $tests), $params); }
<?php // This file is part of Moodle - http://moodle.org/ // // Moodle is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // // Moodle is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Moodle. If not, see <http://www.gnu.org/licenses/>. /** * Definition of log events * * @package mod * @subpackage forum * @copyright 2010 Petr Skoda (http://skodak.org) * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ defined('MOODLE_INTERNAL') || die; global $DB; // TODO: this is a hack, we should really do something with the SQL in SQL tables $logs = array(array('module' => 'forum', 'action' => 'add', 'mtable' => 'forum', 'field' => 'name'), array('module' => 'forum', 'action' => 'update', 'mtable' => 'forum', 'field' => 'name'), array('module' => 'forum', 'action' => 'add discussion', 'mtable' => 'forum_discussions', 'field' => 'name'), array('module' => 'forum', 'action' => 'add post', 'mtable' => 'forum_posts', 'field' => 'subject'), array('module' => 'forum', 'action' => 'update post', 'mtable' => 'forum_posts', 'field' => 'subject'), array('module' => 'forum', 'action' => 'user report', 'mtable' => 'user', 'field' => fullname_sql()), array('module' => 'forum', 'action' => 'move discussion', 'mtable' => 'forum_discussions', 'field' => 'name'), array('module' => 'forum', 'action' => 'view subscribers', 'mtable' => 'forum', 'field' => 'name'), array('module' => 'forum', 'action' => 'view discussion', 'mtable' => 'forum_discussions', 'field' => 'name'), array('module' => 'forum', 'action' => 'view forum', 'mtable' => 'forum', 'field' => 'name'), array('module' => 'forum', 'action' => 'subscribe', 'mtable' => 'forum', 'field' => 'name'), array('module' => 'forum', 'action' => 'unsubscribe', 'mtable' => 'forum', 'field' => 'name'));