// Update interests.
if (isset($usernew->interests)) {
useredit_update_interests($usernew, $usernew->interests);
}
// Update user picture.
if (empty($CFG->disableuserimages)) {
useredit_update_picture($usernew, $userform, $filemanageroptions);
}
// Update mail bounces.
useredit_update_bounces($user, $usernew);
// Update forum track preference.
useredit_update_trackforums($user, $usernew);
// Save custom profile fields data.
profile_save_data($usernew);
// Trigger event.
\core\event\user_updated::create_from_userid($user->id)->trigger();
// If email was changed and confirmation is required, send confirmation email now to the new address.
if ($emailchanged && $CFG->emailchangeconfirmation) {
$tempuser = $DB->get_record('user', array('id' => $user->id), '*', MUST_EXIST);
$tempuser->email = $usernew->preference_newemail;
$a = new stdClass();
$a->url = $CFG->wwwroot . '/user/emailupdate.php?key=' . $usernew->preference_newemailkey . '&id=' . $user->id;
$a->site = format_string($SITE->fullname, true, array('context' => context_course::instance(SITEID)));
$a->fullname = fullname($tempuser, true);
$emailupdatemessage = get_string('emailupdatemessage', 'auth', $a);
$emailupdatetitle = get_string('emailupdatetitle', 'auth', $a);
// Email confirmation directly rather than using messaging so they will definitely get an email.
$supportuser = core_user::get_support_user();
if (!($mailresults = email_to_user($tempuser, $supportuser, $emailupdatetitle, $emailupdatemessage))) {
die("could not send email!");
}
/**
* Will update a local user record from an external source (MNET users can not be updated using this method!).
*
* @param int $id user id
* @return stdClass A complete user object
*/
function update_user_record_by_id($id)
{
global $DB, $CFG;
require_once $CFG->dirroot . "/user/profile/lib.php";
require_once $CFG->dirroot . '/user/lib.php';
$params = array('mnethostid' => $CFG->mnet_localhost_id, 'id' => $id, 'deleted' => 0);
$oldinfo = $DB->get_record('user', $params, '*', MUST_EXIST);
$newuser = array();
$userauth = get_auth_plugin($oldinfo->auth);
if ($newinfo = $userauth->get_userinfo($oldinfo->username)) {
$newinfo = truncate_userinfo($newinfo);
$customfields = $userauth->get_custom_user_profile_fields();
foreach ($newinfo as $key => $value) {
$iscustom = in_array($key, $customfields);
if (!$iscustom) {
$key = strtolower($key);
}
if (!property_exists($oldinfo, $key) && !$iscustom or $key === 'username' or $key === 'id' or $key === 'auth' or $key === 'mnethostid' or $key === 'deleted') {
// Unknown or must not be changed.
continue;
}
$confval = $userauth->config->{'field_updatelocal_' . $key};
$lockval = $userauth->config->{'field_lock_' . $key};
if (empty($confval) || empty($lockval)) {
continue;
}
if ($confval === 'onlogin') {
// MDL-4207 Don't overwrite modified user profile values with
// empty LDAP values when 'unlocked if empty' is set. The purpose
// of the setting 'unlocked if empty' is to allow the user to fill
// in a value for the selected field _if LDAP is giving
// nothing_ for this field. Thus it makes sense to let this value
// stand in until LDAP is giving a value for this field.
if (!(empty($value) && $lockval === 'unlockedifempty')) {
if ($iscustom || in_array($key, $userauth->userfields) && (string) $oldinfo->{$key} !== (string) $value) {
$newuser[$key] = (string) $value;
}
}
}
}
if ($newuser) {
$newuser['id'] = $oldinfo->id;
$newuser['timemodified'] = time();
user_update_user((object) $newuser, false, false);
// Save user profile data.
profile_save_data((object) $newuser);
// Trigger event.
\core\event\user_updated::create_from_userid($newuser['id'])->trigger();
}
}
return get_complete_user_data('id', $oldinfo->id);
}
/**
* Update a user with a user object (will compare against the ID)
*
* @param stdClass $user the user to update
* @param bool $updatepassword if true, authentication plugin will update password.
* @param bool $triggerevent set false if user_updated event should not be triggred.
*/
function user_update_user($user, $updatepassword = true, $triggerevent = true)
{
global $DB;
// set the timecreate field to the current time
if (!is_object($user)) {
$user = (object) $user;
}
//check username
if (isset($user->username)) {
if ($user->username !== core_text::strtolower($user->username)) {
throw new moodle_exception('usernamelowercase');
} else {
if ($user->username !== clean_param($user->username, PARAM_USERNAME)) {
throw new moodle_exception('invalidusername');
}
}
}
// Unset password here, for updating later, if password update is required.
if ($updatepassword && isset($user->password)) {
//check password toward the password policy
if (!check_password_policy($user->password, $errmsg)) {
throw new moodle_exception($errmsg);
}
$passwd = $user->password;
unset($user->password);
}
// Make sure calendartype, if set, is valid.
if (!empty($user->calendartype)) {
$availablecalendartypes = \core_calendar\type_factory::get_list_of_calendar_types();
// If it doesn't exist, then unset this value, we do not want to update the user's value.
if (empty($availablecalendartypes[$user->calendartype])) {
unset($user->calendartype);
}
} else {
// Unset this variable, must be an empty string, which we do not want to update the calendartype to.
unset($user->calendartype);
}
$user->timemodified = time();
$DB->update_record('user', $user);
if ($updatepassword) {
// Get full user record.
$updateduser = $DB->get_record('user', array('id' => $user->id));
// if password was set, then update its hash
if (isset($passwd)) {
$authplugin = get_auth_plugin($updateduser->auth);
if ($authplugin->can_change_password()) {
$authplugin->user_update_password($updateduser, $passwd);
}
}
}
// Trigger event if required.
if ($triggerevent) {
\core\event\user_updated::create_from_userid($user->id)->trigger();
}
}
/**
* Update users
*
* @param array $users
* @return null
* @since Moodle 2.2
*/
public static function update_users($users)
{
global $CFG, $DB;
require_once $CFG->dirroot . "/user/lib.php";
require_once $CFG->dirroot . "/user/profile/lib.php";
// Required for customfields related function.
// Ensure the current user is allowed to run this function.
$context = context_system::instance();
require_capability('moodle/user:update', $context);
self::validate_context($context);
$params = self::validate_parameters(self::update_users_parameters(), array('users' => $users));
$transaction = $DB->start_delegated_transaction();
foreach ($params['users'] as $user) {
user_update_user($user, true, false);
// Update user custom fields.
if (!empty($user['customfields'])) {
foreach ($user['customfields'] as $customfield) {
// Profile_save_data() saves profile file it's expecting a user with the correct id,
// and custom field to be named profile_field_"shortname".
$user["profile_field_" . $customfield['type']] = $customfield['value'];
}
profile_save_data((object) $user);
}
// Trigger event.
\core\event\user_updated::create_from_userid($user['id'])->trigger();
// Preferences.
if (!empty($user['preferences'])) {
foreach ($user['preferences'] as $preference) {
set_user_preference($preference['type'], $preference['value'], $user['id']);
}
}
}
$transaction->allow_commit();
return null;
}
/**
* will update a local user record from an external source.
* is a lighter version of the one in moodlelib -- won't do
* expensive ops such as enrolment.
*
* If you don't pass $updatekeys, there is a performance hit and
* values removed from DB won't be removed from moodle.
*
* @param string $username username
* @param bool $updatekeys
* @return stdClass
*/
function update_user_record($username, $updatekeys = false)
{
global $CFG, $DB;
//just in case check text case
$username = trim(core_text::strtolower($username));
// get the current user record
$user = $DB->get_record('user', array('username' => $username, 'mnethostid' => $CFG->mnet_localhost_id));
if (empty($user)) {
// trouble
error_log("Cannot update non-existent user: {$username}");
print_error('auth_dbusernotexist', 'auth_db', $username);
die;
}
// Ensure userid is not overwritten.
$userid = $user->id;
$updated = false;
if ($newinfo = $this->get_userinfo($username)) {
$newinfo = truncate_userinfo($newinfo);
if (empty($updatekeys)) {
// All keys? This does not support removing values.
$updatekeys = array_keys($newinfo);
}
foreach ($updatekeys as $key) {
if (isset($newinfo[$key])) {
$value = $newinfo[$key];
} else {
$value = '';
}
if (!empty($this->config->{'field_updatelocal_' . $key})) {
if (isset($user->{$key}) and $user->{$key} != $value) {
// Only update if it's changed.
$DB->set_field('user', $key, $value, array('id' => $userid));
$updated = true;
}
}
}
}
if ($updated) {
$DB->set_field('user', 'timemodified', time(), array('id' => $userid));
// Trigger user_updated event.
\core\event\user_updated::create_from_userid($userid)->trigger();
}
return $DB->get_record('user', array('id' => $userid, 'deleted' => 0));
}
/**
* Update users
*
* @param array $users
* @return null
* @since Moodle 2.2
*/
public static function update_users($users)
{
global $CFG, $DB;
require_once $CFG->dirroot . "/user/lib.php";
require_once $CFG->dirroot . "/user/profile/lib.php";
// Required for customfields related function.
// Ensure the current user is allowed to run this function.
$context = context_system::instance();
require_capability('moodle/user:update', $context);
self::validate_context($context);
$params = self::validate_parameters(self::update_users_parameters(), array('users' => $users));
$filemanageroptions = array('maxbytes' => $CFG->maxbytes, 'subdirs' => 0, 'maxfiles' => 1, 'accepted_types' => 'web_image');
$transaction = $DB->start_delegated_transaction();
foreach ($params['users'] as $user) {
user_update_user($user, true, false);
// Update user picture if it was specified for this user.
if (empty($CFG->disableuserimages) && isset($user['userpicture'])) {
$userobject = (object) $user;
$userobject->deletepicture = null;
if ($user['userpicture'] == 0) {
$userobject->deletepicture = true;
} else {
$userobject->imagefile = $user['userpicture'];
}
core_user::update_picture($userobject, $filemanageroptions);
}
// Update user custom fields.
if (!empty($user['customfields'])) {
foreach ($user['customfields'] as $customfield) {
// Profile_save_data() saves profile file it's expecting a user with the correct id,
// and custom field to be named profile_field_"shortname".
$user["profile_field_" . $customfield['type']] = $customfield['value'];
}
profile_save_data((object) $user);
}
// Trigger event.
\core\event\user_updated::create_from_userid($user['id'])->trigger();
// Preferences.
if (!empty($user['preferences'])) {
foreach ($user['preferences'] as $preference) {
set_user_preference($preference['type'], $preference['value'], $user['id']);
}
}
}
$transaction->allow_commit();
return null;
}
/**
* Update a user with a user object (will compare against the ID)
*
* @throws moodle_exception
* @param stdClass $user the user to update
* @param bool $updatepassword if true, authentication plugin will update password.
* @param bool $triggerevent set false if user_updated event should not be triggred.
* This will not affect user_password_updated event triggering.
*/
function user_update_user($user, $updatepassword = true, $triggerevent = true)
{
global $DB;
// Set the timecreate field to the current time.
if (!is_object($user)) {
$user = (object) $user;
}
// Check username.
if (isset($user->username)) {
if ($user->username !== core_text::strtolower($user->username)) {
throw new moodle_exception('usernamelowercase');
} else {
if ($user->username !== core_user::clean_field($user->username, 'username')) {
throw new moodle_exception('invalidusername');
}
}
}
// Unset password here, for updating later, if password update is required.
if ($updatepassword && isset($user->password)) {
// Check password toward the password policy.
if (!check_password_policy($user->password, $errmsg)) {
throw new moodle_exception($errmsg);
}
$passwd = $user->password;
unset($user->password);
}
// Make sure calendartype, if set, is valid.
if (empty($user->calendartype)) {
// Unset this variable, must be an empty string, which we do not want to update the calendartype to.
unset($user->calendartype);
}
$user->timemodified = time();
// Validate user data object.
$uservalidation = core_user::validate($user);
if ($uservalidation !== true) {
foreach ($uservalidation as $field => $message) {
debugging("The property '{$field}' has invalid data and has been cleaned.", DEBUG_DEVELOPER);
$user->{$field} = core_user::clean_field($user->{$field}, $field);
}
}
$DB->update_record('user', $user);
if ($updatepassword) {
// Get full user record.
$updateduser = $DB->get_record('user', array('id' => $user->id));
// If password was set, then update its hash.
if (isset($passwd)) {
$authplugin = get_auth_plugin($updateduser->auth);
if ($authplugin->can_change_password()) {
$authplugin->user_update_password($updateduser, $passwd);
}
}
}
// Trigger event if required.
if ($triggerevent) {
\core\event\user_updated::create_from_userid($user->id)->trigger();
}
}
/**
* Update details for the current user
* Password is passed in plaintext.
*
* @param object $user current user object
* @param boolean $notify print notice with link and terminate
*/
public function user_update_details($user)
{
global $CFG, $DB, $USER;
require_once $CFG->dirroot . '/user/profile/lib.php';
require_once $CFG->dirroot . '/user/lib.php';
if ($user->password == $user->confirmpassword and !empty($user->password)) {
$plainpassword = $user->password;
echo $plainpassword;
$user->password = hash_internal_user_password($user->password);
$this->user_update_password($user, $user->password);
user_add_password_history($user->id, $plainpassword);
}
if (empty($user->calendartype)) {
$user->calendartype = $CFG->calendartype;
}
try {
$transaction = $DB->start_delegated_transaction();
user_update_user($user, false, false);
$user->profile_field_yearlevel = empty($user->profile_field_yearlevel) ? 'N/A' : $user->profile_field_yearlevel;
$user->profile_field_yearofbirth = empty($user->profile_field_yearofbirth) ? 'N/A' : $user->profile_field_yearofbirth;
$user->profile_field_whereareyoufrom = empty($user->profile_field_whereareyoufrom) ? 'Perth' : $user->profile_field_whereareyoufrom;
$USER->profile['yearlevel'] = $user->profile_field_yearlevel;
$USER->profile['yearofbirth'] = $user->profile_field_yearofbirth;
$USER->profile['whereareyoufrom'] = $user->profile_field_whereareyoufrom;
profile_save_data($user);
// Trigger event.
\core\event\user_updated::create_from_userid($user->id)->trigger();
// Assuming the both inserts work, we get to the following line.
$transaction->allow_commit();
} catch (Exception $e) {
$transaction->rollback($e);
return false;
}
return $this->update_user_session($user);
}
