public function definition()
{
global $USER, $OUTPUT, $CFG;
$mform = $this->_form;
$instance = $this->_customdata;
$this->instance = $instance;
$plugin = enrol_get_plugin('boleto');
$heading = $plugin->get_instance_name($instance);
$mform->addElement('header', 'boletoheader', $heading);
if ($instance->password) {
// Change the id of boleto enrolment key input as there can be multiple boleto enrolment methods.
$mform->addElement('passwordunmask', 'enrolpassword', get_string('password', 'enrol_boleto'), array('id' => 'enrolpassword_' . $instance->id));
$context = context_course::instance($this->instance->courseid);
$keyholders = get_users_by_capability($context, 'enrol/boleto:holdkey', user_picture::fields('u'));
$keyholdercount = 0;
foreach ($keyholders as $keyholder) {
$keyholdercount++;
if ($keyholdercount === 1) {
$mform->addElement('static', 'keyholder', '', get_string('keyholder', 'enrol_boleto'));
}
$keyholdercontext = context_user::instance($keyholder->id);
if ($USER->id == $keyholder->id || has_capability('moodle/user:viewdetails', context_system::instance()) || has_coursecontact_role($keyholder->id)) {
$profilelink = '<a href="' . $CFG->wwwroot . '/user/view.php?id=' . $keyholder->id . '&course=' . $this->instance->courseid . '">' . fullname($keyholder) . '</a>';
} else {
$profilelink = fullname($keyholder);
}
$profilepic = $OUTPUT->user_picture($keyholder, array('size' => 35, 'courseid' => $this->instance->courseid));
$mform->addElement('static', 'keyholder' . $keyholdercount, '', $profilepic . $profilelink);
}
}
$boletourl = new moodle_url('/enrol/boleto/boleto.php', array('instanceid' => $this->instance->id));
$mform->addElement('static', 'info', '', get_string('boletoprintandpayinfo', 'enrol_boleto'));
// customint8 == avista.
if ($this->instance->customint8) {
$mform->addElement('static', 'info', '', get_string('boletoprintandpayinfodirectlinks', 'enrol_boleto', $boletourl->out(false)));
} else {
$mform->addElement('static', 'info', '', get_string('boletoprintandpayinfoparceladolink0', 'enrol_boleto', $boletourl->out(false)));
$boletourl->param('parcela', 1);
$mform->addElement('static', 'info', '', get_string('boletoprintandpayinfoparceladolink1', 'enrol_boleto', $boletourl->out(false)));
$boletourl->param('parcela', 2);
$mform->addElement('static', 'info', '', get_string('boletoprintandpayinfoparceladolink2', 'enrol_boleto', $boletourl->out(false)));
}
$this->add_action_buttons(false, get_string('enrolme', 'enrol_boleto'));
$mform->addElement('hidden', 'id');
$mform->setType('id', PARAM_INT);
$mform->setDefault('id', $instance->courseid);
$mform->addElement('hidden', 'instance');
$mform->setType('instance', PARAM_INT);
$mform->setDefault('instance', $instance->id);
}
if ($shown >= 20) {
$courselisting .= "...";
break;
}
}
print_row(get_string('courseprofiles') . ':', rtrim($courselisting, ', '));
}
}
echo "</table></div></div>";
// Print messaging link if allowed
if (isloggedin() && has_capability('moodle/site:sendmessage', $usercontext) && !empty($CFG->messaging) && !isguestuser() && !isguestuser($user) && $USER->id != $user->id) {
echo '<div class="messagebox">';
echo '<a href="' . $CFG->wwwroot . '/message/index.php?id=' . $user->id . '">' . get_string('messageselectadd') . '</a>';
echo '</div>';
}
if ($currentuser || has_capability('moodle/user:viewdetails', $usercontext) || has_coursecontact_role($id)) {
echo '<div class="fullprofilelink">';
echo html_writer::link($CFG->wwwroot . '/user/profile.php?id=' . $id, get_string('fullprofile'));
echo '</div>';
}
/// TODO Add more useful overview info for teachers here, see below
/// Show links to notes made about this student (must click to display, for privacy)
/// Recent comments made in this course
/// Recent blogs associated with this course and items in it
echo '</div>';
// userprofile class
echo $OUTPUT->footer();
/// Functions ///////
function print_row($left, $right)
{
echo "\n<tr><td class=\"label c0\">{$left}</td><td class=\"info c1\">{$right}</td></tr>\n";
/**
* Prints an individual user box
*
* @param user_object $user (contains the following fields: id, firstname, lastname and picture)
* @param bool $return if true return html string
* @return string|null a HTML string or null if this function does the output
*/
function tag_print_user_box($user, $return = false)
{
global $CFG, $OUTPUT;
$usercontext = get_context_instance(CONTEXT_USER, $user->id);
$profilelink = '';
if ($usercontext and has_capability('moodle/user:viewdetails', $usercontext) || has_coursecontact_role($user->id)) {
$profilelink = $CFG->wwwroot . '/user/view.php?id=' . $user->id;
}
$output = $OUTPUT->box_start('user-box', 'user' . $user->id);
$fullname = fullname($user);
$alt = '';
if (!empty($profilelink)) {
$output .= '<a href="' . $profilelink . '">';
$alt = $fullname;
}
$output .= $OUTPUT->user_picture($user, array('size' => 100));
$output .= '<br />';
if (!empty($profilelink)) {
$output .= '</a>';
}
//truncate name if it's too big
if (textlib::strlen($fullname) > 26) {
$fullname = textlib::substr($fullname, 0, 26) . '...';
}
$output .= '<strong>' . $fullname . '</strong>';
$output .= $OUTPUT->box_end();
if ($return) {
return $output;
} else {
echo $output;
}
}
/**
* This function delegates file serving to individual plugins
*
* @param string $relativepath
* @param bool $forcedownload
* @param null|string $preview the preview mode, defaults to serving the original file
* @todo MDL-31088 file serving improments
*/
function file_pluginfile($relativepath, $forcedownload, $preview = null)
{
global $DB, $CFG, $USER;
// relative path must start with '/'
if (!$relativepath) {
print_error('invalidargorconf');
} else {
if ($relativepath[0] != '/') {
print_error('pathdoesnotstartslash');
}
}
// extract relative path components
$args = explode('/', ltrim($relativepath, '/'));
if (count($args) < 3) {
// always at least context, component and filearea
print_error('invalidarguments');
}
$contextid = (int) array_shift($args);
$component = clean_param(array_shift($args), PARAM_COMPONENT);
$filearea = clean_param(array_shift($args), PARAM_AREA);
list($context, $course, $cm) = get_context_info_array($contextid);
$fs = get_file_storage();
// ========================================================================================================================
if ($component === 'blog') {
// Blog file serving
if ($context->contextlevel != CONTEXT_SYSTEM) {
send_file_not_found();
}
if ($filearea !== 'attachment' and $filearea !== 'post') {
send_file_not_found();
}
if (empty($CFG->enableblogs)) {
print_error('siteblogdisable', 'blog');
}
$entryid = (int) array_shift($args);
if (!($entry = $DB->get_record('post', array('module' => 'blog', 'id' => $entryid)))) {
send_file_not_found();
}
if ($CFG->bloglevel < BLOG_GLOBAL_LEVEL) {
require_login();
if (isguestuser()) {
print_error('noguest');
}
if ($CFG->bloglevel == BLOG_USER_LEVEL) {
if ($USER->id != $entry->userid) {
send_file_not_found();
}
}
}
if ($entry->publishstate === 'public') {
if ($CFG->forcelogin) {
require_login();
}
} else {
if ($entry->publishstate === 'site') {
require_login();
//ok
} else {
if ($entry->publishstate === 'draft') {
require_login();
if ($USER->id != $entry->userid) {
send_file_not_found();
}
}
}
}
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, $component, $filearea, $entryid, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
send_stored_file($file, 10 * 60, 0, true, array('preview' => $preview));
// download MUST be forced - security!
// ========================================================================================================================
} else {
if ($component === 'grade') {
if (($filearea === 'outcome' or $filearea === 'scale') and $context->contextlevel == CONTEXT_SYSTEM) {
// Global gradebook files
if ($CFG->forcelogin) {
require_login();
}
$fullpath = "/{$context->id}/{$component}/{$filearea}/" . implode('/', $args);
if (!($file = $fs->get_file_by_hash(sha1($fullpath))) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
if ($filearea === 'feedback' and $context->contextlevel == CONTEXT_COURSE) {
//TODO: nobody implemented this yet in grade edit form!!
send_file_not_found();
if ($CFG->forcelogin || $course->id != SITEID) {
require_login($course);
}
$fullpath = "/{$context->id}/{$component}/{$filearea}/" . implode('/', $args);
if (!($file = $fs->get_file_by_hash(sha1($fullpath))) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
send_file_not_found();
}
}
// ========================================================================================================================
} else {
if ($component === 'tag') {
if ($filearea === 'description' and $context->contextlevel == CONTEXT_SYSTEM) {
// All tag descriptions are going to be public but we still need to respect forcelogin
if ($CFG->forcelogin) {
require_login();
}
$fullpath = "/{$context->id}/tag/description/" . implode('/', $args);
if (!($file = $fs->get_file_by_hash(sha1($fullpath))) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 60 * 60, 0, true, array('preview' => $preview));
} else {
send_file_not_found();
}
// ========================================================================================================================
} else {
if ($component === 'badges') {
require_once $CFG->libdir . '/badgeslib.php';
$badgeid = (int) array_shift($args);
$badge = new badge($badgeid);
$filename = array_pop($args);
if ($filearea === 'badgeimage') {
if ($filename !== 'f1' && $filename !== 'f2') {
send_file_not_found();
}
if (!($file = $fs->get_file($context->id, 'badges', 'badgeimage', $badge->id, '/', $filename . '.png'))) {
send_file_not_found();
}
\core\session\manager::write_close();
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
if ($filearea === 'userbadge' and $context->contextlevel == CONTEXT_USER) {
if (!($file = $fs->get_file($context->id, 'badges', 'userbadge', $badge->id, '/', $filename . '.png'))) {
send_file_not_found();
}
\core\session\manager::write_close();
send_stored_file($file, 60 * 60, 0, true, array('preview' => $preview));
}
}
// ========================================================================================================================
} else {
if ($component === 'calendar') {
if ($filearea === 'event_description' and $context->contextlevel == CONTEXT_SYSTEM) {
// All events here are public the one requirement is that we respect forcelogin
if ($CFG->forcelogin) {
require_login();
}
// Get the event if from the args array
$eventid = array_shift($args);
// Load the event from the database
if (!($event = $DB->get_record('event', array('id' => (int) $eventid, 'eventtype' => 'site')))) {
send_file_not_found();
}
// Get the file and serve if successful
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, $component, $filearea, $eventid, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
if ($filearea === 'event_description' and $context->contextlevel == CONTEXT_USER) {
// Must be logged in, if they are not then they obviously can't be this user
require_login();
// Don't want guests here, potentially saves a DB call
if (isguestuser()) {
send_file_not_found();
}
// Get the event if from the args array
$eventid = array_shift($args);
// Load the event from the database - user id must match
if (!($event = $DB->get_record('event', array('id' => (int) $eventid, 'userid' => $USER->id, 'eventtype' => 'user')))) {
send_file_not_found();
}
// Get the file and serve if successful
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, $component, $filearea, $eventid, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 0, 0, true, array('preview' => $preview));
} else {
if ($filearea === 'event_description' and $context->contextlevel == CONTEXT_COURSE) {
// Respect forcelogin and require login unless this is the site.... it probably
// should NEVER be the site
if ($CFG->forcelogin || $course->id != SITEID) {
require_login($course);
}
// Must be able to at least view the course. This does not apply to the front page.
if ($course->id != SITEID && !is_enrolled($context) && !is_viewing($context)) {
//TODO: hmm, do we really want to block guests here?
send_file_not_found();
}
// Get the event id
$eventid = array_shift($args);
// Load the event from the database we need to check whether it is
// a) valid course event
// b) a group event
// Group events use the course context (there is no group context)
if (!($event = $DB->get_record('event', array('id' => (int) $eventid, 'courseid' => $course->id)))) {
send_file_not_found();
}
// If its a group event require either membership of view all groups capability
if ($event->eventtype === 'group') {
if (!has_capability('moodle/site:accessallgroups', $context) && !groups_is_member($event->groupid, $USER->id)) {
send_file_not_found();
}
} else {
if ($event->eventtype === 'course' || $event->eventtype === 'site') {
// Ok. Please note that the event type 'site' still uses a course context.
} else {
// Some other type.
send_file_not_found();
}
}
// If we get this far we can serve the file
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, $component, $filearea, $eventid, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
send_file_not_found();
}
}
}
// ========================================================================================================================
} else {
if ($component === 'user') {
if ($filearea === 'icon' and $context->contextlevel == CONTEXT_USER) {
if (count($args) == 1) {
$themename = theme_config::DEFAULT_THEME;
$filename = array_shift($args);
} else {
$themename = array_shift($args);
$filename = array_shift($args);
}
// fix file name automatically
if ($filename !== 'f1' and $filename !== 'f2' and $filename !== 'f3') {
$filename = 'f1';
}
if ((!empty($CFG->forcelogin) and !isloggedin()) || !empty($CFG->forceloginforprofileimage) && (!isloggedin() || isguestuser())) {
// protect images if login required and not logged in;
// also if login is required for profile images and is not logged in or guest
// do not use require_login() because it is expensive and not suitable here anyway
$theme = theme_config::load($themename);
redirect($theme->pix_url('u/' . $filename, 'moodle'));
// intentionally not cached
}
if (!($file = $fs->get_file($context->id, 'user', 'icon', 0, '/', $filename . '.png'))) {
if (!($file = $fs->get_file($context->id, 'user', 'icon', 0, '/', $filename . '.jpg'))) {
if ($filename === 'f3') {
// f3 512x512px was introduced in 2.3, there might be only the smaller version.
if (!($file = $fs->get_file($context->id, 'user', 'icon', 0, '/', 'f1.png'))) {
$file = $fs->get_file($context->id, 'user', 'icon', 0, '/', 'f1.jpg');
}
}
}
}
if (!$file) {
// bad reference - try to prevent future retries as hard as possible!
if ($user = $DB->get_record('user', array('id' => $context->instanceid), 'id, picture')) {
if ($user->picture > 0) {
$DB->set_field('user', 'picture', 0, array('id' => $user->id));
}
}
// no redirect here because it is not cached
$theme = theme_config::load($themename);
$imagefile = $theme->resolve_image_location('u/' . $filename, 'moodle', null);
send_file($imagefile, basename($imagefile), 60 * 60 * 24 * 14);
}
$options = array('preview' => $preview);
if (empty($CFG->forcelogin) && empty($CFG->forceloginforprofileimage)) {
// Profile images should be cache-able by both browsers and proxies according
// to $CFG->forcelogin and $CFG->forceloginforprofileimage.
$options['cacheability'] = 'public';
}
send_stored_file($file, 60 * 60 * 24 * 365, 0, false, $options);
// enable long caching, there are many images on each page
} else {
if ($filearea === 'private' and $context->contextlevel == CONTEXT_USER) {
require_login();
if (isguestuser()) {
send_file_not_found();
}
if ($USER->id !== $context->instanceid) {
send_file_not_found();
}
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, $component, $filearea, 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 0, 0, true, array('preview' => $preview));
// must force download - security!
} else {
if ($filearea === 'profile' and $context->contextlevel == CONTEXT_USER) {
if ($CFG->forcelogin) {
require_login();
}
$userid = $context->instanceid;
if ($USER->id == $userid) {
// always can access own
} else {
if (!empty($CFG->forceloginforprofiles)) {
require_login();
if (isguestuser()) {
send_file_not_found();
}
// we allow access to site profile of all course contacts (usually teachers)
if (!has_coursecontact_role($userid) && !has_capability('moodle/user:viewdetails', $context)) {
send_file_not_found();
}
$canview = false;
if (has_capability('moodle/user:viewdetails', $context)) {
$canview = true;
} else {
$courses = enrol_get_my_courses();
}
while (!$canview && count($courses) > 0) {
$course = array_shift($courses);
if (has_capability('moodle/user:viewdetails', context_course::instance($course->id))) {
$canview = true;
}
}
}
}
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, $component, $filearea, 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 0, 0, true, array('preview' => $preview));
// must force download - security!
} else {
if ($filearea === 'profile' and $context->contextlevel == CONTEXT_COURSE) {
$userid = (int) array_shift($args);
$usercontext = context_user::instance($userid);
if ($CFG->forcelogin) {
require_login();
}
if (!empty($CFG->forceloginforprofiles)) {
require_login();
if (isguestuser()) {
print_error('noguest');
}
//TODO: review this logic of user profile access prevention
if (!has_coursecontact_role($userid) and !has_capability('moodle/user:viewdetails', $usercontext)) {
print_error('usernotavailable');
}
if (!has_capability('moodle/user:viewdetails', $context) && !has_capability('moodle/user:viewdetails', $usercontext)) {
print_error('cannotviewprofile');
}
if (!is_enrolled($context, $userid)) {
print_error('notenrolledprofile');
}
if (groups_get_course_groupmode($course) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context)) {
print_error('groupnotamember');
}
}
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($usercontext->id, 'user', 'profile', 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 0, 0, true, array('preview' => $preview));
// must force download - security!
} else {
if ($filearea === 'backup' and $context->contextlevel == CONTEXT_USER) {
require_login();
if (isguestuser()) {
send_file_not_found();
}
$userid = $context->instanceid;
if ($USER->id != $userid) {
send_file_not_found();
}
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'user', 'backup', 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 0, 0, true, array('preview' => $preview));
// must force download - security!
} else {
send_file_not_found();
}
}
}
}
}
// ========================================================================================================================
} else {
if ($component === 'coursecat') {
if ($context->contextlevel != CONTEXT_COURSECAT) {
send_file_not_found();
}
if ($filearea === 'description') {
if ($CFG->forcelogin) {
// no login necessary - unless login forced everywhere
require_login();
}
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'coursecat', 'description', 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
send_file_not_found();
}
// ========================================================================================================================
} else {
if ($component === 'course') {
if ($context->contextlevel != CONTEXT_COURSE) {
send_file_not_found();
}
if ($filearea === 'summary' || $filearea === 'overviewfiles') {
if ($CFG->forcelogin) {
require_login();
}
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'course', $filearea, 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
if ($filearea === 'section') {
if ($CFG->forcelogin) {
require_login($course);
} else {
if ($course->id != SITEID) {
require_login($course);
}
}
$sectionid = (int) array_shift($args);
if (!($section = $DB->get_record('course_sections', array('id' => $sectionid, 'course' => $course->id)))) {
send_file_not_found();
}
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'course', 'section', $sectionid, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
send_file_not_found();
}
}
} else {
if ($component === 'cohort') {
$cohortid = (int) array_shift($args);
$cohort = $DB->get_record('cohort', array('id' => $cohortid), '*', MUST_EXIST);
$cohortcontext = context::instance_by_id($cohort->contextid);
// The context in the file URL must be either cohort context or context of the course underneath the cohort's context.
if ($context->id != $cohort->contextid && ($context->contextlevel != CONTEXT_COURSE || !in_array($cohort->contextid, $context->get_parent_context_ids()))) {
send_file_not_found();
}
// User is able to access cohort if they have view cap on cohort level or
// the cohort is visible and they have view cap on course level.
$canview = has_capability('moodle/cohort:view', $cohortcontext) || $cohort->visible && has_capability('moodle/cohort:view', $context);
if ($filearea === 'description' && $canview) {
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (($file = $fs->get_file($cohortcontext->id, 'cohort', 'description', $cohort->id, $filepath, $filename)) && !$file->is_directory()) {
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
}
}
send_file_not_found();
} else {
if ($component === 'group') {
if ($context->contextlevel != CONTEXT_COURSE) {
send_file_not_found();
}
require_course_login($course, true, null, false);
$groupid = (int) array_shift($args);
$group = $DB->get_record('groups', array('id' => $groupid, 'courseid' => $course->id), '*', MUST_EXIST);
if ($course->groupmodeforce and $course->groupmode == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context) and !groups_is_member($group->id, $USER->id)) {
// do not allow access to separate group info if not member or teacher
send_file_not_found();
}
if ($filearea === 'description') {
require_login($course);
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'group', 'description', $group->id, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
if ($filearea === 'icon') {
$filename = array_pop($args);
if ($filename !== 'f1' and $filename !== 'f2') {
send_file_not_found();
}
if (!($file = $fs->get_file($context->id, 'group', 'icon', $group->id, '/', $filename . '.png'))) {
if (!($file = $fs->get_file($context->id, 'group', 'icon', $group->id, '/', $filename . '.jpg'))) {
send_file_not_found();
}
}
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 60 * 60, 0, false, array('preview' => $preview));
} else {
send_file_not_found();
}
}
} else {
if ($component === 'grouping') {
if ($context->contextlevel != CONTEXT_COURSE) {
send_file_not_found();
}
require_login($course);
$groupingid = (int) array_shift($args);
// note: everybody has access to grouping desc images for now
if ($filearea === 'description') {
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'grouping', 'description', $groupingid, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
send_file_not_found();
}
// ========================================================================================================================
} else {
if ($component === 'backup') {
if ($filearea === 'course' and $context->contextlevel == CONTEXT_COURSE) {
require_login($course);
require_capability('moodle/backup:downloadfile', $context);
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'backup', 'course', 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 0, 0, $forcedownload, array('preview' => $preview));
} else {
if ($filearea === 'section' and $context->contextlevel == CONTEXT_COURSE) {
require_login($course);
require_capability('moodle/backup:downloadfile', $context);
$sectionid = (int) array_shift($args);
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'backup', 'section', $sectionid, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
if ($filearea === 'activity' and $context->contextlevel == CONTEXT_MODULE) {
require_login($course, false, $cm);
require_capability('moodle/backup:downloadfile', $context);
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'backup', 'activity', 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
if ($filearea === 'automated' and $context->contextlevel == CONTEXT_COURSE) {
// Backup files that were generated by the automated backup systems.
require_login($course);
require_capability('moodle/site:config', $context);
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'backup', 'automated', 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 0, 0, $forcedownload, array('preview' => $preview));
} else {
send_file_not_found();
}
}
}
}
// ========================================================================================================================
} else {
if ($component === 'question') {
require_once $CFG->libdir . '/questionlib.php';
question_pluginfile($course, $context, 'question', $filearea, $args, $forcedownload);
send_file_not_found();
// ========================================================================================================================
} else {
if ($component === 'grading') {
if ($filearea === 'description') {
// files embedded into the form definition description
if ($context->contextlevel == CONTEXT_SYSTEM) {
require_login();
} else {
if ($context->contextlevel >= CONTEXT_COURSE) {
require_login($course, false, $cm);
} else {
send_file_not_found();
}
}
$formid = (int) array_shift($args);
$sql = "SELECT ga.id\n FROM {grading_areas} ga\n JOIN {grading_definitions} gd ON (gd.areaid = ga.id)\n WHERE gd.id = ? AND ga.contextid = ?";
$areaid = $DB->get_field_sql($sql, array($formid, $context->id), IGNORE_MISSING);
if (!$areaid) {
send_file_not_found();
}
$fullpath = "/{$context->id}/{$component}/{$filearea}/{$formid}/" . implode('/', $args);
if (!($file = $fs->get_file_by_hash(sha1($fullpath))) or $file->is_directory()) {
send_file_not_found();
}
\core\session\manager::write_close();
// Unlock session during file serving.
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
}
// ========================================================================================================================
} else {
if (strpos($component, 'mod_') === 0) {
$modname = substr($component, 4);
if (!file_exists("{$CFG->dirroot}/mod/{$modname}/lib.php")) {
send_file_not_found();
}
require_once "{$CFG->dirroot}/mod/{$modname}/lib.php";
if ($context->contextlevel == CONTEXT_MODULE) {
if ($cm->modname !== $modname) {
// somebody tries to gain illegal access, cm type must match the component!
send_file_not_found();
}
}
if ($filearea === 'intro') {
if (!plugin_supports('mod', $modname, FEATURE_MOD_INTRO, true)) {
send_file_not_found();
}
require_course_login($course, true, $cm);
// all users may access it
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'mod_' . $modname, 'intro', 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
// finally send the file
send_stored_file($file, null, 0, false, array('preview' => $preview));
}
$filefunction = $component . '_pluginfile';
$filefunctionold = $modname . '_pluginfile';
if (function_exists($filefunction)) {
// if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
$filefunction($course, $cm, $context, $filearea, $args, $forcedownload, array('preview' => $preview));
} else {
if (function_exists($filefunctionold)) {
// if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
$filefunctionold($course, $cm, $context, $filearea, $args, $forcedownload, array('preview' => $preview));
}
}
send_file_not_found();
// ========================================================================================================================
} else {
if (strpos($component, 'block_') === 0) {
$blockname = substr($component, 6);
// note: no more class methods in blocks please, that is ....
if (!file_exists("{$CFG->dirroot}/blocks/{$blockname}/lib.php")) {
send_file_not_found();
}
require_once "{$CFG->dirroot}/blocks/{$blockname}/lib.php";
if ($context->contextlevel == CONTEXT_BLOCK) {
$birecord = $DB->get_record('block_instances', array('id' => $context->instanceid), '*', MUST_EXIST);
if ($birecord->blockname !== $blockname) {
// somebody tries to gain illegal access, cm type must match the component!
send_file_not_found();
}
if ($context->get_course_context(false)) {
// If block is in course context, then check if user has capability to access course.
require_course_login($course);
} else {
if ($CFG->forcelogin) {
// If user is logged out, bp record will not be visible, even if the user would have access if logged in.
require_login();
}
}
$bprecord = $DB->get_record('block_positions', array('contextid' => $context->id, 'blockinstanceid' => $context->instanceid));
// User can't access file, if block is hidden or doesn't have block:view capability
if ($bprecord && !$bprecord->visible || !has_capability('moodle/block:view', $context)) {
send_file_not_found();
}
} else {
$birecord = null;
}
$filefunction = $component . '_pluginfile';
if (function_exists($filefunction)) {
// if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
$filefunction($course, $birecord, $context, $filearea, $args, $forcedownload, array('preview' => $preview));
}
send_file_not_found();
// ========================================================================================================================
} else {
if (strpos($component, '_') === false) {
// all core subsystems have to be specified above, no more guessing here!
send_file_not_found();
} else {
// try to serve general plugin file in arbitrary context
$dir = core_component::get_component_directory($component);
if (!file_exists("{$dir}/lib.php")) {
send_file_not_found();
}
include_once "{$dir}/lib.php";
$filefunction = $component . '_pluginfile';
if (function_exists($filefunction)) {
// if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
$filefunction($course, $cm, $context, $filearea, $args, $forcedownload, array('preview' => $preview));
}
send_file_not_found();
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
send_stored_file($file, 0, 0, true);
// must force download - security!
} else {
if ($filearea === 'profile' and $context->contextlevel == CONTEXT_COURSE) {
$userid = (int) array_shift($args);
$usercontext = get_context_instance(CONTEXT_USER, $userid);
if ($CFG->forcelogin) {
require_login();
}
if (!empty($CFG->forceloginforprofiles)) {
require_login();
if (isguestuser()) {
print_error('noguest');
}
//TODO: review this logic of user profile access prevention
if (!has_coursecontact_role($userid) and !has_capability('moodle/user:viewdetails', $usercontext)) {
print_error('usernotavailable');
}
if (!has_capability('moodle/user:viewdetails', $context) && !has_capability('moodle/user:viewdetails', $usercontext)) {
print_error('cannotviewprofile');
}
if (!is_enrolled($context, $userid)) {
print_error('notenrolledprofile');
}
if (groups_get_course_groupmode($course) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context)) {
print_error('groupnotamember');
}
}
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($usercontext->id, 'user', 'profile', 0, $filepath, $filename)) or $file->is_directory()) {
function create_session_and_responses(&$question, &$state, $cmoptions, $attempt)
{
// Choose a random shortanswer question from the category:
// We need to make sure that no question is used more than once in the
// quiz. Therfore the following need to be excluded:
// 1. All questions that are explicitly assigned to the quiz
// 2. All random questions
// 3. All questions that are already chosen by an other random question
global $QTYPES, $OUTPUT, $USER;
if (!isset($cmoptions->questionsinuse)) {
$cmoptions->questionsinuse = $cmoptions->questions;
}
if ($question->options->subcats) {
// recurse into subcategories
$categorylist = question_categorylist($question->category);
} else {
$categorylist = $question->category;
}
$saquestions = $this->get_sa_candidates($categorylist, $cmoptions->questionsinuse);
$count = count($saquestions);
$wanted = $question->options->choose;
$errorstr = '';
if ($count < $wanted && has_coursecontact_role($USER->id)) {
//TODO: this teacher test is far from optimal
if ($count >= 2) {
$errorstr = "Error: could not get enough Short-Answer questions!\n Got {$count} Short-Answer questions, but wanted {$wanted}.\n Reducing number to choose from to {$count}!";
$wanted = $question->options->choose = $count;
} else {
$errorstr = "Error: could not get enough Short-Answer questions!\n This can happen if all available Short-Answer questions are already\n taken up by other Random questions or Random Short-Answer question.\n Another possible cause for this error is that Short-Answer\n questions were deleted after this Random Short-Answer question was\n created.";
}
echo $OUTPUT->notification($errorstr);
$errorstr = '<span class="notifyproblem">' . $errorstr . '</span>';
}
if ($count < $wanted) {
$question->questiontext = "{$errorstr}<br /><br />Insufficient selection options are\n available for this question, therefore it is not available in this\n quiz. Please inform your teacher.";
// Treat this as a description from this point on
$question->qtype = DESCRIPTION;
return true;
}
$saquestions = draw_rand_array($saquestions, $question->options->choose);
// from bug 1889
foreach ($saquestions as $key => $wrappedquestion) {
if (!$QTYPES[$wrappedquestion->qtype]->get_question_options($wrappedquestion)) {
return false;
}
// Now we overwrite the $question->options->answers field to only
// *one* (the first) correct answer. This loop can be deleted to
// take all answers into account (i.e. put them all into the
// drop-down menu.
$foundcorrect = false;
foreach ($wrappedquestion->options->answers as $answer) {
if ($foundcorrect || $answer->fraction != 1.0) {
unset($wrappedquestion->options->answers[$answer->id]);
} else {
if (!$foundcorrect) {
$foundcorrect = true;
}
}
}
if (!$QTYPES[$wrappedquestion->qtype]->create_session_and_responses($wrappedquestion, $state, $cmoptions, $attempt)) {
return false;
}
$wrappedquestion->name_prefix = $question->name_prefix;
$wrappedquestion->maxgrade = $question->maxgrade;
$cmoptions->questionsinuse .= ",{$wrappedquestion->id}";
$state->options->subquestions[$key] = clone $wrappedquestion;
}
// Shuffle the answers (Do this always because this is a random question type)
$subquestionids = array_values(array_map(create_function('$val', 'return $val->id;'), $state->options->subquestions));
$subquestionids = swapshuffle($subquestionids);
// Create empty responses
foreach ($subquestionids as $val) {
$state->responses[$val] = '';
}
return true;
}
if (!$user) {
echo $OUTPUT->notification(get_string('invaliduser', 'error'));
} else {
echo $OUTPUT->notification(get_string('userdeleted'));
}
echo $OUTPUT->footer();
die;
}
$currentuser = ($user->id == $USER->id);
$context = $usercontext = context_user::instance($userid, MUST_EXIST);
if (!$currentuser &&
!empty($CFG->forceloginforprofiles) &&
!has_capability('moodle/user:viewdetails', $context) &&
!has_coursecontact_role($userid)) {
// Course managers can be browsed at site level. If not forceloginforprofiles, allow access (bug #4366).
$struser = get_string('user');
$PAGE->set_context(context_system::instance());
$PAGE->set_title("$SITE->shortname: $struser"); // Do not leak the name.
$PAGE->set_heading($struser);
$PAGE->set_url('/user/profile.php', array('id' => $userid));
$PAGE->navbar->add($struser);
echo $OUTPUT->header();
echo $OUTPUT->notification(get_string('usernotavailable', 'error'));
echo $OUTPUT->footer();
exit;
}
// Get the profile page. Should always return something unless the database is broken.
require_login();
}
}
$userid = $userid ? $userid : $USER->id;
// Owner of the page
$user = $DB->get_record('user', array('id' => $userid));
if ($user->deleted) {
$PAGE->set_context(get_context_instance(CONTEXT_SYSTEM));
echo $OUTPUT->header();
echo $OUTPUT->notification(get_string('userdeleted'));
echo $OUTPUT->footer();
die;
}
$currentuser = $user->id == $USER->id;
$context = $usercontext = get_context_instance(CONTEXT_USER, $userid, MUST_EXIST);
if (!$currentuser && !empty($CFG->forceloginforprofiles) && !has_capability('moodle/user:viewdetails', $context) && !has_coursecontact_role($userid)) {
// Course managers can be browsed at site level. If not forceloginforprofiles, allow access (bug #4366)
$struser = get_string('user');
$PAGE->set_context(get_context_instance(CONTEXT_SYSTEM));
$PAGE->set_title("{$SITE->shortname}: {$struser}");
// Do not leak the name
$PAGE->set_heading("{$SITE->shortname}: {$struser}");
$PAGE->set_url('/user/profile.php', array('id' => $userid));
$PAGE->navbar->add($struser);
echo $OUTPUT->header();
echo $OUTPUT->notification(get_string('usernotavailable', 'error'));
echo $OUTPUT->footer();
exit;
}
// Get the profile page. Should always return something unless the database is broken.
if (!($currentpage = my_get_page($userid, MY_PAGE_PUBLIC))) {
$courses = forum_get_courses_user_posted_in($user, $discussionsonly);
}
// Get the posts by the requested user that the current user can access.
$result = forum_get_posts_by_user($user, $courses, $isspecificcourse, $discussionsonly, $page * $perpage, $perpage);
// Check whether there are not posts to display.
if (empty($result->posts)) {
// Ok no posts to display means that either the user has not posted or there
// are no posts made by the requested user that the current user is able to
// see.
// In either case we need to decide whether we can show personal information
// about the requested user to the current user so we will execute some checks
// First check the obvious, its the current user, a specific course has been
// provided (require_login has been called), or they have a course contact role.
// True to any of those and the current user can see the details of the
// requested user.
$canviewuser = $iscurrentuser || $isspecificcourse || empty($CFG->forceloginforprofiles) || has_coursecontact_role($userid);
// Next we'll check the caps, if the current user has the view details and a
// specific course has been requested, or if they have the view all details
$canviewuser = $canviewuser || ($isspecificcourse && has_capability('moodle/user:viewdetails', $coursecontext) || has_capability('moodle/user:viewalldetails', $usercontext));
// If none of the above was true the next step is to check a shared relation
// through some course
if (!$canviewuser) {
// Get all of the courses that the users have in common
$sharedcourses = enrol_get_shared_courses($USER->id, $user->id, true);
foreach ($sharedcourses as $sharedcourse) {
// Check the view cap within the course context
if (has_capability('moodle/user:viewdetails', get_context_instance(CONTEXT_COURSE, $sharedcourse->id))) {
$canviewuser = true;
break;
}
}
/**
* Defines core nodes for my profile navigation tree.
*
* @param \core_user\output\myprofile\tree $tree Tree object
* @param stdClass $user user object
* @param bool $iscurrentuser is the user viewing profile, current user ?
* @param stdClass $course course object
*
* @return bool
*/
function core_myprofile_navigation(core_user\output\myprofile\tree $tree, $user, $iscurrentuser, $course)
{
global $CFG, $USER, $DB;
$usercontext = context_user::instance($user->id, MUST_EXIST);
$systemcontext = context_system::instance();
$context = !empty($course) ? context_course::instance($course->id) : $systemcontext;
$courseid = !empty($course) ? $course->id : SITEID;
$contactcategory = new core_user\output\myprofile\category('contact', get_string('userdetails'));
$coursedetailscategory = new core_user\output\myprofile\category('coursedetails', get_string('coursedetails'), 'contact');
$miscategory = new core_user\output\myprofile\category('miscellaneous', get_string('miscellaneous'), 'coursedetails');
$reportcategory = new core_user\output\myprofile\category('reports', get_string('reports'), 'miscellaneous');
$admincategory = new core_user\output\myprofile\category('administration', get_string('administration'), 'reports');
$loginactivitycategory = new core_user\output\myprofile\category('loginactivity', get_string('loginactivity'), 'administration');
// Add categories.
$tree->add_category($contactcategory);
$tree->add_category($coursedetailscategory);
$tree->add_category($miscategory);
$tree->add_category($reportcategory);
$tree->add_category($admincategory);
$tree->add_category($loginactivitycategory);
// Add core nodes.
// Full profile node.
if (!empty($course)) {
if (empty($CFG->forceloginforprofiles) || $iscurrentuser || has_capability('moodle/user:viewdetails', context_user::instance($user->id)) || has_coursecontact_role($user->id)) {
$url = new moodle_url('/user/profile.php', array('id' => $user->id));
$node = new core_user\output\myprofile\node('miscellaneous', 'fullprofile', get_string('fullprofile'), null, $url);
$tree->add_node($node);
}
}
// Edit profile.
if (isloggedin() && !isguestuser($user) && !is_mnet_remote_user($user)) {
if (($iscurrentuser || is_siteadmin($USER) || !is_siteadmin($user)) && has_capability('moodle/user:update', $systemcontext)) {
$url = new moodle_url('/user/editadvanced.php', array('id' => $user->id, 'course' => $courseid));
$node = new core_user\output\myprofile\node('contact', 'editprofile', get_string('editmyprofile'), null, $url);
$tree->add_node($node);
} else {
if (has_capability('moodle/user:editprofile', $usercontext) && !is_siteadmin($user) || $iscurrentuser && has_capability('moodle/user:editownprofile', $systemcontext)) {
$userauthplugin = false;
if (!empty($user->auth)) {
$userauthplugin = get_auth_plugin($user->auth);
}
if ($userauthplugin && $userauthplugin->can_edit_profile()) {
$url = $userauthplugin->edit_profile_url();
if (empty($url)) {
if (empty($course)) {
$url = new moodle_url('/user/edit.php', array('userid' => $user->id));
} else {
$url = new moodle_url('/user/edit.php', array('userid' => $user->id, 'course' => $course->id));
}
}
$node = new core_user\output\myprofile\node('contact', 'editprofile', get_string('editmyprofile'), null, $url);
$tree->add_node($node);
}
}
}
}
// Preference page. Only visible by administrators.
if (is_siteadmin()) {
$url = new moodle_url('/user/preferences.php', array('userid' => $user->id));
$title = $iscurrentuser ? get_string('mypreferences') : get_string('userspreferences', 'moodle', fullname($user));
$node = new core_user\output\myprofile\node('administration', 'preferences', $title, null, $url);
$tree->add_node($node);
}
// Login as ...
if (!$user->deleted && !$iscurrentuser && !\core\session\manager::is_loggedinas() && has_capability('moodle/user:loginas', $context) && !is_siteadmin($user->id)) {
$url = new moodle_url('/course/loginas.php', array('id' => $courseid, 'user' => $user->id, 'sesskey' => sesskey()));
$node = new core_user\output\myprofile\node('administration', 'loginas', get_string('loginas'), null, $url);
$tree->add_node($node);
}
// Contact details.
if (has_capability('moodle/user:viewhiddendetails', $usercontext)) {
$hiddenfields = array();
} else {
$hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields));
}
if (has_capability('moodle/site:viewuseridentity', $context)) {
$identityfields = array_flip(explode(',', $CFG->showuseridentity));
} else {
$identityfields = array();
}
if (is_mnet_remote_user($user)) {
$sql = "SELECT h.id, h.name, h.wwwroot,\n a.name as application, a.display_name\n FROM {mnet_host} h, {mnet_application} a\n WHERE h.id = ? AND h.applicationid = a.id";
$remotehost = $DB->get_record_sql($sql, array($user->mnethostid));
$remoteuser = new stdclass();
$remoteuser->remotetype = $remotehost->display_name;
$hostinfo = new stdclass();
$hostinfo->remotename = $remotehost->name;
$hostinfo->remoteurl = $remotehost->wwwroot;
$node = new core_user\output\myprofile\node('contact', 'mnet', get_string('remoteuser', 'mnet', $remoteuser), null, null, get_string('remoteuserinfo', 'mnet', $hostinfo), null, 'remoteuserinfo');
$tree->add_node($node);
}
if (isset($identityfields['email']) and ($iscurrentuser or $user->maildisplay == 1 or has_capability('moodle/course:useremail', $usercontext) or $user->maildisplay == 2 and enrol_sharing_course($user, $USER))) {
$node = new core_user\output\myprofile\node('contact', 'email', get_string('email'), null, null, obfuscate_mailto($user->email, ''));
$tree->add_node($node);
}
if (!isset($hiddenfields['country']) && $user->country) {
$node = new core_user\output\myprofile\node('contact', 'country', get_string('country'), null, null, get_string($user->country, 'countries'));
$tree->add_node($node);
}
if (!isset($hiddenfields['city']) && $user->city) {
$node = new core_user\output\myprofile\node('contact', 'city', get_string('city'), null, null, $user->city);
$tree->add_node($node);
}
if (isset($identityfields['address']) && $user->address) {
$node = new core_user\output\myprofile\node('contact', 'address', get_string('address'), null, null, $user->address);
$tree->add_node($node);
}
if (isset($identityfields['phone1']) && $user->phone1) {
$node = new core_user\output\myprofile\node('contact', 'phone1', get_string('phone'), null, null, $user->phone1);
$tree->add_node($node);
}
if (isset($identityfields['phone2']) && $user->phone2) {
$node = new core_user\output\myprofile\node('contact', 'phone2', get_string('phone2'), null, null, $user->phone2);
$tree->add_node($node);
}
if (isset($identityfields['institution']) && $user->institution) {
$node = new core_user\output\myprofile\node('contact', 'institution', get_string('institution'), null, null, $user->institution);
$tree->add_node($node);
}
if (isset($identityfields['department']) && $user->department) {
$node = new core_user\output\myprofile\node('contact', 'department', get_string('department'), null, null, $user->institution);
$tree->add_node($node);
}
if (isset($identityfields['idnumber']) && $user->idnumber) {
$node = new core_user\output\myprofile\node('contact', 'idnumber', get_string('idnumber'), null, null, $user->institution);
$tree->add_node($node);
}
if ($user->url && !isset($hiddenfields['webpage'])) {
$url = $user->url;
if (strpos($user->url, '://') === false) {
$url = 'http://' . $url;
}
$webpageurl = new moodle_url($url);
$node = new core_user\output\myprofile\node('contact', 'webpage', get_string('webpage'), null, null, html_writer::link($url, $webpageurl));
$tree->add_node($node);
}
// Printing tagged interests. We want this only for full profile.
if (!empty($CFG->usetags) && empty($course)) {
if ($interests = tag_get_tags_csv('user', $user->id)) {
$node = new core_user\output\myprofile\node('contact', 'interests', get_string('interests'), null, null, $interests);
$tree->add_node($node);
}
}
if (!isset($hiddenfields['mycourses'])) {
$showallcourses = optional_param('showallcourses', 0, PARAM_INT);
if ($mycourses = enrol_get_all_users_courses($user->id, true, null, 'visible DESC, sortorder ASC')) {
$shown = 0;
$courselisting = html_writer::start_tag('ul');
foreach ($mycourses as $mycourse) {
if ($mycourse->category) {
context_helper::preload_from_record($mycourse);
$ccontext = context_course::instance($mycourse->id);
if (!isset($course) || $mycourse->id != $course->id) {
$linkattributes = null;
if ($mycourse->visible == 0) {
if (!has_capability('moodle/course:viewhiddencourses', $ccontext)) {
continue;
}
$linkattributes['class'] = 'dimmed';
}
$params = array('id' => $user->id, 'course' => $mycourse->id);
if ($showallcourses) {
$params['showallcourses'] = 1;
}
$url = new moodle_url('/user/view.php', $params);
$courselisting .= html_writer::tag('li', html_writer::link($url, $ccontext->get_context_name(false), $linkattributes));
} else {
$courselisting .= html_writer::tag('li', $course->fullname);
}
}
$shown++;
if (!$showallcourses && $shown == $CFG->navcourselimit) {
$url = null;
if (isset($course)) {
$url = new moodle_url('/user/view.php', array('id' => $user->id, 'course' => $course->id, 'showallcourses' => 1));
} else {
$url = new moodle_url('/user/profile.php', array('id' => $user->id, 'showallcourses' => 1));
}
$courselisting .= html_writer::tag('li', html_writer::link($url, get_string('viewmore'), array('title' => get_string('viewmore'))));
break;
}
}
$courselisting .= html_writer::end_tag('ul');
if (!empty($mycourses)) {
// Add this node only if there are courses to display.
$node = new core_user\output\myprofile\node('coursedetails', 'courseprofiles', get_string('courseprofiles'), null, null, rtrim($courselisting, ', '));
$tree->add_node($node);
}
}
}
if (!empty($course)) {
// Show roles in this course.
if ($rolestring = get_user_roles_in_course($user->id, $course->id)) {
$node = new core_user\output\myprofile\node('coursedetails', 'roles', get_string('roles'), null, null, $rolestring);
$tree->add_node($node);
}
// Show groups this user is in.
if (!isset($hiddenfields['groups']) && !empty($course)) {
$accessallgroups = has_capability('moodle/site:accessallgroups', $context);
if ($usergroups = groups_get_all_groups($course->id, $user->id)) {
$groupstr = '';
foreach ($usergroups as $group) {
if ($course->groupmode == SEPARATEGROUPS and !$accessallgroups and $user->id != $USER->id) {
if (!groups_is_member($group->id, $user->id)) {
continue;
}
}
if ($course->groupmode != NOGROUPS) {
$groupstr .= ' <a href="' . $CFG->wwwroot . '/user/index.php?id=' . $course->id . '&group=' . $group->id . '">' . format_string($group->name) . '</a>,';
} else {
// The user/index.php shows groups only when course in group mode.
$groupstr .= ' ' . format_string($group->name);
}
}
if ($groupstr !== '') {
$node = new core_user\output\myprofile\node('coursedetails', 'groups', get_string('group'), null, null, rtrim($groupstr, ', '));
$tree->add_node($node);
}
}
}
if (!isset($hiddenfields['suspended'])) {
if ($user->suspended) {
$node = new core_user\output\myprofile\node('coursedetails', 'suspended', null, null, null, get_string('suspended', 'auth'));
$tree->add_node($node);
}
}
echo html_writer::end_tag('dl');
}
if ($user->icq && !isset($hiddenfields['icqnumber'])) {
$imurl = new moodle_url('http://web.icq.com/wwp', array('uin' => $user->icq));
$iconurl = new moodle_url('http://web.icq.com/whitepages/online', array('icq' => $user->icq, 'img' => '5'));
$statusicon = html_writer::tag('img', '', array('src' => $iconurl, 'class' => 'icon icon-post', 'alt' => get_string('status')));
$node = new core_user\output\myprofile\node('contact', 'icqnumber', get_string('icqnumber'), null, null, html_writer::link($imurl, s($user->icq) . $statusicon));
$tree->add_node($node);
}
if ($user->skype && !isset($hiddenfields['skypeid'])) {
$imurl = 'skype:' . urlencode($user->skype) . '?call';
$iconurl = new moodle_url('http://mystatus.skype.com/smallicon/' . urlencode($user->skype));
if (is_https()) {
// Bad luck, skype devs are lazy to set up SSL on their servers - see MDL-37233.
$statusicon = '';
} else {
$statusicon = html_writer::empty_tag('img', array('src' => $iconurl, 'class' => 'icon icon-post', 'alt' => get_string('status')));
}
$node = new core_user\output\myprofile\node('contact', 'skypeid', get_string('skypeid'), null, null, html_writer::link($imurl, s($user->skype) . $statusicon));
$tree->add_node($node);
}
if ($user->yahoo && !isset($hiddenfields['yahooid'])) {
$imurl = new moodle_url('http://edit.yahoo.com/config/send_webmesg', array('.target' => $user->yahoo, '.src' => 'pg'));
$iconurl = new moodle_url('http://opi.yahoo.com/online', array('u' => $user->yahoo, 'm' => 'g', 't' => '0'));
$statusicon = html_writer::tag('img', '', array('src' => $iconurl, 'class' => 'iconsmall icon-post', 'alt' => get_string('status')));
$node = new core_user\output\myprofile\node('contact', 'yahooid', get_string('yahooid'), null, null, html_writer::link($imurl, s($user->yahoo) . $statusicon));
$tree->add_node($node);
}
if ($user->aim && !isset($hiddenfields['aimid'])) {
$imurl = 'aim:goim?screenname=' . urlencode($user->aim);
$node = new core_user\output\myprofile\node('contact', 'aimid', get_string('aimid'), null, null, html_writer::link($imurl, s($user->aim)));
$tree->add_node($node);
}
if ($user->msn && !isset($hiddenfields['msnid'])) {
$node = new core_user\output\myprofile\node('contact', 'msnid', get_string('msnid'), null, null, s($user->msn));
$tree->add_node($node);
}
if ($categories = $DB->get_records('user_info_category', null, 'sortorder ASC')) {
foreach ($categories as $category) {
if ($fields = $DB->get_records('user_info_field', array('categoryid' => $category->id), 'sortorder ASC')) {
foreach ($fields as $field) {
require_once $CFG->dirroot . '/user/profile/field/' . $field->datatype . '/field.class.php';
$newfield = 'profile_field_' . $field->datatype;
$formfield = new $newfield($field->id, $user->id);
if ($formfield->is_visible() and !$formfield->is_empty()) {
$node = new core_user\output\myprofile\node('contact', $formfield->field->shortname, format_string($formfield->field->name), null, null, $formfield->display_data());
$tree->add_node($node);
}
}
}
}
}
// First access. (Why only for sites ?)
if (!isset($hiddenfields['firstaccess']) && empty($course)) {
if ($user->firstaccess) {
$datestring = userdate($user->firstaccess) . " (" . format_time(time() - $user->firstaccess) . ")";
} else {
$datestring = get_string("never");
}
$node = new core_user\output\myprofile\node('loginactivity', 'firstaccess', get_string('firstsiteaccess'), null, null, $datestring);
$tree->add_node($node);
}
// Last access.
if (!isset($hiddenfields['lastaccess'])) {
if (empty($course)) {
$string = get_string('lastsiteaccess');
if ($user->lastaccess) {
$datestring = userdate($user->lastaccess) . " (" . format_time(time() - $user->lastaccess) . ")";
} else {
$datestring = get_string("never");
}
} else {
$string = get_string('lastcourseaccess');
if ($lastaccess = $DB->get_record('user_lastaccess', array('userid' => $user->id, 'courseid' => $course->id))) {
$datestring = userdate($lastaccess->timeaccess) . " (" . format_time(time() - $lastaccess->timeaccess) . ")";
} else {
$datestring = get_string("never");
}
}
$node = new core_user\output\myprofile\node('loginactivity', 'lastaccess', $string, null, null, $datestring);
$tree->add_node($node);
}
// Last ip.
if (has_capability('moodle/user:viewlastip', $usercontext) && !isset($hiddenfields['lastip'])) {
if ($user->lastip) {
$iplookupurl = new moodle_url('/iplookup/index.php', array('ip' => $user->lastip, 'user' => $USER->id));
$ipstring = html_writer::link($iplookupurl, $user->lastip);
} else {
$ipstring = get_string("none");
}
$node = new core_user\output\myprofile\node('loginactivity', 'lastip', get_string('lastip'), null, null, $ipstring);
$tree->add_node($node);
}
}
} else {
$ipstring = get_string("none");
}
echo html_writer::tag('dt', get_string('lastip'));
echo html_writer::tag('dd', $ipstring);
}
echo html_writer::end_tag('dl');
echo "</div></div>";
// Closing desriptionbox and userprofilebox.
// Print messaging link if allowed.
if (isloggedin() && has_capability('moodle/site:sendmessage', $usercontext) && !empty($CFG->messaging) && !isguestuser() && !isguestuser($user) && $USER->id != $user->id) {
echo '<div class="messagebox">';
$sendmessageurl = new moodle_url('/message/index.php', array('id' => $user->id));
if ($courseid) {
$sendmessageurl->param('viewing', MESSAGE_VIEW_COURSE . $courseid);
}
echo html_writer::link($sendmessageurl, get_string('messageselectadd'));
echo '</div>';
}
if (empty($CFG->forceloginforprofiles) || $currentuser || has_capability('moodle/user:viewdetails', $usercontext) || has_coursecontact_role($id)) {
echo '<div class="fullprofilelink">';
echo html_writer::link($CFG->wwwroot . '/user/profile.php?id=' . $id, get_string('fullprofile'));
echo '</div>';
}
// TODO Add more useful overview info for teachers here, see below.
// Show links to notes made about this student (must click to display, for privacy).
// Recent comments made in this course.
// Recent blogs associated with this course and items in it.
echo '</div>';
// Userprofile class.
echo $OUTPUT->footer();
echo html_writer::end_tag('dl');
echo "</div></div>"; // Closing desriptionbox and userprofilebox.
// Print messaging link if allowed.
if (isloggedin() && has_capability('moodle/site:sendmessage', $usercontext)
&& !empty($CFG->messaging) && !isguestuser() && !isguestuser($user) && ($USER->id != $user->id)) {
echo '<div class="messagebox">';
$sendmessageurl = new moodle_url('/message/index.php', array('id' => $user->id));
if ($courseid) {
$sendmessageurl->param('viewing', MESSAGE_VIEW_COURSE. $courseid);
}
echo html_writer::link($sendmessageurl, get_string('messageselectadd'));
echo '</div>';
}
if (empty($CFG->forceloginforprofiles) || $currentuser || has_capability('moodle/user:viewdetails', $usercontext)
|| has_coursecontact_role($id)) {
echo '<div class="fullprofilelink">';
echo html_writer::link($CFG->wwwroot.'/user/profile.php?id='.$id, get_string('fullprofile'));
echo '</div>';
}
// TODO Add more useful overview info for teachers here, see below.
// Show links to notes made about this student (must click to display, for privacy).
// Recent comments made in this course.
// Recent blogs associated with this course and items in it.
echo '</div>'; // Userprofile class.
echo $OUTPUT->footer();
/**
* Check if a user has the permission to viewdetails in a shared course's context.
*
* @param object $user The other user's details.
* @param object $course Use this course to see if we have permission to see this user's profile.
* @param context $usercontext The user context if available.
* @return bool true for ability to view this user, else false.
*/
function user_can_view_profile($user, $course = null, $usercontext = null)
{
global $USER, $CFG;
if ($user->deleted) {
return false;
}
// If any of these four things, return true.
// Number 1.
if ($USER->id == $user->id) {
return true;
}
// Number 2.
if (empty($CFG->forceloginforprofiles)) {
return true;
}
if (empty($usercontext)) {
$usercontext = context_user::instance($user->id);
}
// Number 3.
if (has_capability('moodle/user:viewdetails', $usercontext)) {
return true;
}
// Number 4.
if (has_coursecontact_role($user->id)) {
return true;
}
if (isset($course)) {
$sharedcourses = array($course);
} else {
$sharedcourses = enrol_get_shared_courses($USER->id, $user->id, true);
}
foreach ($sharedcourses as $sharedcourse) {
$coursecontext = context_course::instance($sharedcourse->id);
if (has_capability('moodle/user:viewdetails', $coursecontext)) {
if (!groups_user_groups_visible($sharedcourse, $user->id)) {
// Not a member of the same group.
continue;
}
return true;
}
}
return false;
}
/**
* This function gets called by {@link settings_navigation::load_user_settings()} and actually works out
* what can be shown/done
*
* @param int $courseid The current course' id
* @param int $userid The user id to load for
* @param string $gstitle The string to pass to get_string for the branch title
* @return navigation_node|false
*/
protected function generate_user_settings($courseid, $userid, $gstitle = 'usercurrentsettings')
{
global $DB, $CFG, $USER, $SITE;
if ($courseid != $SITE->id) {
if (!empty($this->page->course->id) && $this->page->course->id == $courseid) {
$course = $this->page->course;
} else {
$select = context_helper::get_preload_record_columns_sql('ctx');
$sql = "SELECT c.*, {$select}\n FROM {course} c\n JOIN {context} ctx ON c.id = ctx.instanceid\n WHERE c.id = :courseid AND ctx.contextlevel = :contextlevel";
$params = array('courseid' => $courseid, 'contextlevel' => CONTEXT_COURSE);
$course = $DB->get_record_sql($sql, $params, MUST_EXIST);
context_helper::preload_from_record($course);
}
} else {
$course = $SITE;
}
$coursecontext = context_course::instance($course->id);
// Course context
$systemcontext = context_system::instance();
$currentuser = $USER->id == $userid;
if ($currentuser) {
$user = $USER;
$usercontext = context_user::instance($user->id);
// User context
} else {
$select = context_helper::get_preload_record_columns_sql('ctx');
$sql = "SELECT u.*, {$select}\n FROM {user} u\n JOIN {context} ctx ON u.id = ctx.instanceid\n WHERE u.id = :userid AND ctx.contextlevel = :contextlevel";
$params = array('userid' => $userid, 'contextlevel' => CONTEXT_USER);
$user = $DB->get_record_sql($sql, $params, IGNORE_MISSING);
if (!$user) {
return false;
}
context_helper::preload_from_record($user);
// Check that the user can view the profile
$usercontext = context_user::instance($user->id);
// User context
$canviewuser = has_capability('moodle/user:viewdetails', $usercontext);
if ($course->id == $SITE->id) {
if ($CFG->forceloginforprofiles && !has_coursecontact_role($user->id) && !$canviewuser) {
// Reduce possibility of "browsing" userbase at site level
// Teachers can browse and be browsed at site level. If not forceloginforprofiles, allow access (bug #4366)
return false;
}
} else {
$canviewusercourse = has_capability('moodle/user:viewdetails', $coursecontext);
$userisenrolled = is_enrolled($coursecontext, $user->id);
if (!$canviewusercourse && !$canviewuser || !$userisenrolled) {
return false;
}
$canaccessallgroups = has_capability('moodle/site:accessallgroups', $coursecontext);
if (!$canaccessallgroups && groups_get_course_groupmode($course) == SEPARATEGROUPS && !$canviewuser) {
// If groups are in use, make sure we can see that group (MDL-45874). That does not apply to parents.
if ($courseid == $this->page->course->id) {
$mygroups = get_fast_modinfo($this->page->course)->groups;
} else {
$mygroups = groups_get_user_groups($courseid);
}
$usergroups = groups_get_user_groups($courseid, $userid);
if (!array_intersect_key($mygroups[0], $usergroups[0])) {
return false;
}
}
}
}
$fullname = fullname($user, has_capability('moodle/site:viewfullnames', $this->page->context));
$key = $gstitle;
if ($gstitle != 'usercurrentsettings') {
$key .= $userid;
}
// Add a user setting branch
$usersetting = $this->add(get_string($gstitle, 'moodle', $fullname), null, self::TYPE_CONTAINER, null, $key);
$usersetting->id = 'usersettings';
if ($this->page->context->contextlevel == CONTEXT_USER && $this->page->context->instanceid == $user->id) {
// Automatically start by making it active
$usersetting->make_active();
}
// Check if the user has been deleted
if ($user->deleted) {
if (!has_capability('moodle/user:update', $coursecontext)) {
// We can't edit the user so just show the user deleted message
$usersetting->add(get_string('userdeleted'), null, self::TYPE_SETTING);
} else {
// We can edit the user so show the user deleted message and link it to the profile
if ($course->id == $SITE->id) {
$profileurl = new moodle_url('/user/profile.php', array('id' => $user->id));
} else {
$profileurl = new moodle_url('/user/view.php', array('id' => $user->id, 'course' => $course->id));
}
$usersetting->add(get_string('userdeleted'), $profileurl, self::TYPE_SETTING);
}
return true;
}
$userauthplugin = false;
if (!empty($user->auth)) {
$userauthplugin = get_auth_plugin($user->auth);
}
// Add the profile edit link
if (isloggedin() && !isguestuser($user) && !is_mnet_remote_user($user)) {
if (($currentuser || is_siteadmin($USER) || !is_siteadmin($user)) && has_capability('moodle/user:update', $systemcontext)) {
$url = new moodle_url('/user/editadvanced.php', array('id' => $user->id, 'course' => $course->id));
$usersetting->add(get_string('editmyprofile'), $url, self::TYPE_SETTING);
} else {
if (has_capability('moodle/user:editprofile', $usercontext) && !is_siteadmin($user) || $currentuser && has_capability('moodle/user:editownprofile', $systemcontext)) {
if ($userauthplugin && $userauthplugin->can_edit_profile()) {
$url = $userauthplugin->edit_profile_url();
if (empty($url)) {
$url = new moodle_url('/user/edit.php', array('id' => $user->id, 'course' => $course->id));
}
$usersetting->add(get_string('editmyprofile'), $url, self::TYPE_SETTING);
}
}
}
}
// Change password link
if ($userauthplugin && $currentuser && !\core\session\manager::is_loggedinas() && !isguestuser() && has_capability('moodle/user:changeownpassword', $systemcontext) && $userauthplugin->can_change_password()) {
$passwordchangeurl = $userauthplugin->change_password_url();
if (empty($passwordchangeurl)) {
$passwordchangeurl = new moodle_url('/login/change_password.php', array('id' => $course->id));
}
$usersetting->add(get_string("changepassword"), $passwordchangeurl, self::TYPE_SETTING, null, 'changepassword');
}
// View the roles settings
if (has_any_capability(array('moodle/role:assign', 'moodle/role:safeoverride', 'moodle/role:override', 'moodle/role:manage'), $usercontext)) {
$roles = $usersetting->add(get_string('roles'), null, self::TYPE_SETTING);
$url = new moodle_url('/admin/roles/usersroles.php', array('userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('thisusersroles', 'role'), $url, self::TYPE_SETTING);
$assignableroles = get_assignable_roles($usercontext, ROLENAME_BOTH);
if (!empty($assignableroles)) {
$url = new moodle_url('/admin/roles/assign.php', array('contextid' => $usercontext->id, 'userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('assignrolesrelativetothisuser', 'role'), $url, self::TYPE_SETTING);
}
if (has_capability('moodle/role:review', $usercontext) || count(get_overridable_roles($usercontext, ROLENAME_BOTH)) > 0) {
$url = new moodle_url('/admin/roles/permissions.php', array('contextid' => $usercontext->id, 'userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('permissions', 'role'), $url, self::TYPE_SETTING);
}
$url = new moodle_url('/admin/roles/check.php', array('contextid' => $usercontext->id, 'userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('checkpermissions', 'role'), $url, self::TYPE_SETTING);
}
// Portfolio
if ($currentuser && !empty($CFG->enableportfolios) && has_capability('moodle/portfolio:export', $systemcontext)) {
require_once $CFG->libdir . '/portfoliolib.php';
if (portfolio_has_visible_instances()) {
$portfolio = $usersetting->add(get_string('portfolios', 'portfolio'), null, self::TYPE_SETTING);
$url = new moodle_url('/user/portfolio.php', array('courseid' => $course->id));
$portfolio->add(get_string('configure', 'portfolio'), $url, self::TYPE_SETTING);
$url = new moodle_url('/user/portfoliologs.php', array('courseid' => $course->id));
$portfolio->add(get_string('logs', 'portfolio'), $url, self::TYPE_SETTING);
}
}
$enablemanagetokens = false;
if (!empty($CFG->enablerssfeeds)) {
$enablemanagetokens = true;
} else {
if (!is_siteadmin($USER->id) && !empty($CFG->enablewebservices) && has_capability('moodle/webservice:createtoken', context_system::instance())) {
$enablemanagetokens = true;
}
}
// Security keys
if ($currentuser && $enablemanagetokens) {
$url = new moodle_url('/user/managetoken.php', array('sesskey' => sesskey()));
$usersetting->add(get_string('securitykeys', 'webservice'), $url, self::TYPE_SETTING);
}
// Messaging
if ($currentuser && has_capability('moodle/user:editownmessageprofile', $systemcontext) || !isguestuser($user) && has_capability('moodle/user:editmessageprofile', $usercontext) && !is_primary_admin($user->id)) {
$url = new moodle_url('/message/edit.php', array('id' => $user->id));
$usersetting->add(get_string('messaging', 'message'), $url, self::TYPE_SETTING);
}
// Blogs
if ($currentuser && !empty($CFG->enableblogs)) {
$blog = $usersetting->add(get_string('blogs', 'blog'), null, navigation_node::TYPE_CONTAINER, null, 'blogs');
$blog->add(get_string('preferences', 'blog'), new moodle_url('/blog/preferences.php'), navigation_node::TYPE_SETTING);
if (!empty($CFG->useexternalblogs) && $CFG->maxexternalblogsperuser > 0 && has_capability('moodle/blog:manageexternal', context_system::instance())) {
$blog->add(get_string('externalblogs', 'blog'), new moodle_url('/blog/external_blogs.php'), navigation_node::TYPE_SETTING);
$blog->add(get_string('addnewexternalblog', 'blog'), new moodle_url('/blog/external_blog_edit.php'), navigation_node::TYPE_SETTING);
}
}
// Badges.
if ($currentuser && !empty($CFG->enablebadges)) {
$badges = $usersetting->add(get_string('badges'), null, navigation_node::TYPE_CONTAINER, null, 'badges');
$badges->add(get_string('preferences'), new moodle_url('/badges/preferences.php'), navigation_node::TYPE_SETTING);
if (!empty($CFG->badges_allowexternalbackpack)) {
$badges->add(get_string('backpackdetails', 'badges'), new moodle_url('/badges/mybackpack.php'), navigation_node::TYPE_SETTING);
}
}
// Add reports node.
$reporttab = $usersetting->add(get_string('activityreports'));
$reports = get_plugin_list_with_function('report', 'extend_navigation_user', 'lib.php');
foreach ($reports as $reportfunction) {
$reportfunction($reporttab, $user, $course);
}
$anyreport = has_capability('moodle/user:viewuseractivitiesreport', $usercontext);
if ($anyreport || $course->showreports && $currentuser) {
// Add grade hardcoded grade report if necessary.
$gradeaccess = false;
if (has_capability('moodle/grade:viewall', $coursecontext)) {
// Can view all course grades.
$gradeaccess = true;
} else {
if ($course->showgrades) {
if ($currentuser && has_capability('moodle/grade:view', $coursecontext)) {
// Can view own grades.
$gradeaccess = true;
} else {
if (has_capability('moodle/grade:viewall', $usercontext)) {
// Can view grades of this user - parent most probably.
$gradeaccess = true;
} else {
if ($anyreport) {
// Can view grades of this user - parent most probably.
$gradeaccess = true;
}
}
}
}
}
if ($gradeaccess) {
$reporttab->add(get_string('grade'), new moodle_url('/course/user.php', array('mode' => 'grade', 'id' => $course->id, 'user' => $usercontext->instanceid)));
}
}
// Check the number of nodes in the report node... if there are none remove the node
$reporttab->trim_if_empty();
// Login as ...
if (!$user->deleted and !$currentuser && !\core\session\manager::is_loggedinas() && has_capability('moodle/user:loginas', $coursecontext) && !is_siteadmin($user->id)) {
$url = new moodle_url('/course/loginas.php', array('id' => $course->id, 'user' => $user->id, 'sesskey' => sesskey()));
$usersetting->add(get_string('loginas'), $url, self::TYPE_SETTING);
}
// Let admin tools hook into user settings navigation.
$tools = get_plugin_list_with_function('tool', 'extend_navigation_user_settings', 'lib.php');
foreach ($tools as $toolfunction) {
$toolfunction($usersetting, $user, $usercontext, $course, $coursecontext);
}
return $usersetting;
}
/**
* Tries to obtain user details, either recurring directly to the user's system profile
* or through one of the user's course enrollments (course profile).
*
* @param object $user The user.
* @return array if unsuccessful or the allowed user details.
*/
function user_get_user_details_courses($user)
{
global $USER;
$userdetails = null;
// Get the courses that the user is enrolled in (only active).
$courses = enrol_get_users_courses($user->id, true);
$systemprofile = false;
if (can_view_user_details_cap($user) || $user->id == $USER->id || has_coursecontact_role($user->id)) {
$systemprofile = true;
}
// Try using system profile.
if ($systemprofile) {
$userdetails = user_get_user_details($user, null);
} else {
// Try through course profile.
foreach ($courses as $course) {
if (can_view_user_details_cap($user, $course) || $user->id == $USER->id || has_coursecontact_role($user->id)) {
$userdetails = user_get_user_details($user, $course);
}
}
}
return $userdetails;
}
/**
* Test looking for course contacts.
*/
public function test_has_coursecontact_role()
{
global $DB, $CFG;
$this->resetAfterTest();
$users = $DB->get_records('user');
// Nobody is expected to have any course level roles.
$this->assertNotEmpty($CFG->coursecontact);
foreach ($users as $user) {
$this->assertFalse(has_coursecontact_role($user->id));
}
$user = $this->getDataGenerator()->create_user();
$course = $this->getDataGenerator()->create_course();
role_assign($CFG->coursecontact, $user->id, context_course::instance($course->id));
$this->assertTrue(has_coursecontact_role($user->id));
}
/**
*
* Give user record from mdl_user, build an array conntains
* all user details
* @param stdClass $user user record from mdl_user
* @param stdClass $context context object
* @param stdClass $course moodle course
* @param array $userfields required fields
* @return array
*/
function user_get_user_details($user, $course = null, array $userfields = array())
{
global $USER, $DB, $CFG;
require_once $CFG->dirroot . "/user/profile/lib.php";
//custom field library
require_once $CFG->dirroot . "/lib/filelib.php";
// file handling on description and friends
$defaultfields = array('id', 'username', 'fullname', 'firstname', 'lastname', 'email', 'address', 'phone1', 'phone2', 'icq', 'skype', 'yahoo', 'aim', 'msn', 'department', 'institution', 'interests', 'firstaccess', 'lastaccess', 'auth', 'confirmed', 'idnumber', 'lang', 'theme', 'timezone', 'mailformat', 'description', 'descriptionformat', 'city', 'url', 'country', 'profileimageurlsmall', 'profileimageurl', 'customfields', 'groups', 'roles', 'preferences', 'enrolledcourses');
if (empty($userfields)) {
$userfields = $defaultfields;
}
foreach ($userfields as $thefield) {
if (!in_array($thefield, $defaultfields)) {
throw new moodle_exception('invaliduserfield', 'error', '', $thefield);
}
}
// Make sure id and fullname are included
if (!in_array('id', $userfields)) {
$userfields[] = 'id';
}
if (!in_array('fullname', $userfields)) {
$userfields[] = 'fullname';
}
if (!empty($course)) {
$context = get_context_instance(CONTEXT_COURSE, $course->id);
$usercontext = get_context_instance(CONTEXT_USER, $user->id);
$canviewdetailscap = has_capability('moodle/user:viewdetails', $context) || has_capability('moodle/user:viewdetails', $usercontext);
} else {
$context = get_context_instance(CONTEXT_USER, $user->id);
$usercontext = $context;
$canviewdetailscap = has_capability('moodle/user:viewdetails', $usercontext);
}
$currentuser = $user->id == $USER->id;
$isadmin = is_siteadmin($USER);
if (!empty($course)) {
$canviewhiddenuserfields = has_capability('moodle/course:viewhiddenuserfields', $context);
} else {
$canviewhiddenuserfields = has_capability('moodle/user:viewhiddendetails', $context);
}
$canviewfullnames = has_capability('moodle/site:viewfullnames', $context);
if (!empty($course)) {
$canviewuseremail = has_capability('moodle/course:useremail', $context);
} else {
$canviewuseremail = false;
}
$cannotviewdescription = !empty($CFG->profilesforenrolledusersonly) && !$currentuser && !$DB->record_exists('role_assignments', array('userid' => $user->id));
if (!empty($course)) {
$canaccessallgroups = has_capability('moodle/site:accessallgroups', $context);
} else {
$canaccessallgroups = false;
}
if (!$currentuser && !$canviewdetailscap && !has_coursecontact_role($user->id)) {
// skip this user details
return null;
}
$userdetails = array();
$userdetails['id'] = $user->id;
if (($isadmin or $currentuser) and in_array('username', $userfields)) {
$userdetails['username'] = $user->username;
}
if ($isadmin or $canviewfullnames) {
if (in_array('firstname', $userfields)) {
$userdetails['firstname'] = $user->firstname;
}
if (in_array('lastname', $userfields)) {
$userdetails['lastname'] = $user->lastname;
}
}
$userdetails['fullname'] = fullname($user);
if (in_array('customfields', $userfields)) {
$fields = $DB->get_recordset_sql("SELECT f.*\n FROM {user_info_field} f\n JOIN {user_info_category} c\n ON f.categoryid=c.id\n ORDER BY c.sortorder ASC, f.sortorder ASC");
$userdetails['customfields'] = array();
foreach ($fields as $field) {
require_once $CFG->dirroot . '/user/profile/field/' . $field->datatype . '/field.class.php';
$newfield = 'profile_field_' . $field->datatype;
$formfield = new $newfield($field->id, $user->id);
if ($formfield->is_visible() and !$formfield->is_empty()) {
$userdetails['customfields'][] = array('name' => $formfield->field->name, 'value' => $formfield->data, 'type' => $field->datatype, 'shortname' => $formfield->field->shortname);
}
}
$fields->close();
// unset customfields if it's empty
if (empty($userdetails['customfields'])) {
unset($userdetails['customfields']);
}
}
// profile image
if (in_array('profileimageurl', $userfields)) {
$profileimageurl = moodle_url::make_pluginfile_url($usercontext->id, 'user', 'icon', NULL, '/', 'f1');
$userdetails['profileimageurl'] = $profileimageurl->out(false);
}
if (in_array('profileimageurlsmall', $userfields)) {
$profileimageurlsmall = moodle_url::make_pluginfile_url($usercontext->id, 'user', 'icon', NULL, '/', 'f2');
$userdetails['profileimageurlsmall'] = $profileimageurlsmall->out(false);
}
//hidden user field
if ($canviewhiddenuserfields) {
$hiddenfields = array();
// address, phone1 and phone2 not appears in hidden fields list
// but require viewhiddenfields capability
// according to user/profile.php
if ($user->address && in_array('address', $userfields)) {
$userdetails['address'] = $user->address;
}
if ($user->phone1 && in_array('phone1', $userfields)) {
$userdetails['phone1'] = $user->phone1;
}
if ($user->phone2 && in_array('phone2', $userfields)) {
$userdetails['phone2'] = $user->phone2;
}
} else {
$hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields));
}
if (isset($user->description) && (!isset($hiddenfields['description']) or $isadmin)) {
if (!$cannotviewdescription) {
if (in_array('description', $userfields)) {
$user->description = file_rewrite_pluginfile_urls($user->description, 'pluginfile.php', $usercontext->id, 'user', 'profile', null);
$userdetails['description'] = $user->description;
}
if (in_array('descriptionformat', $userfields)) {
$userdetails['descriptionformat'] = $user->descriptionformat;
}
}
}
if (in_array('country', $userfields) && (!isset($hiddenfields['country']) or $isadmin) && $user->country) {
$userdetails['country'] = $user->country;
}
if (in_array('city', $userfields) && (!isset($hiddenfields['city']) or $isadmin) && $user->city) {
$userdetails['city'] = $user->city;
}
if (in_array('url', $userfields) && $user->url && (!isset($hiddenfields['webpage']) or $isadmin)) {
$url = $user->url;
if (strpos($user->url, '://') === false) {
$url = 'http://' . $url;
}
$user->url = clean_param($user->url, PARAM_URL);
$userdetails['url'] = $user->url;
}
if (in_array('icq', $userfields) && $user->icq && (!isset($hiddenfields['icqnumber']) or $isadmin)) {
$userdetails['icq'] = $user->icq;
}
if (in_array('skype', $userfields) && $user->skype && (!isset($hiddenfields['skypeid']) or $isadmin)) {
$userdetails['skype'] = $user->skype;
}
if (in_array('yahoo', $userfields) && $user->yahoo && (!isset($hiddenfields['yahooid']) or $isadmin)) {
$userdetails['yahoo'] = $user->yahoo;
}
if (in_array('aim', $userfields) && $user->aim && (!isset($hiddenfields['aimid']) or $isadmin)) {
$userdetails['aim'] = $user->aim;
}
if (in_array('msn', $userfields) && $user->msn && (!isset($hiddenfields['msnid']) or $isadmin)) {
$userdetails['msn'] = $user->msn;
}
if (in_array('firstaccess', $userfields) && (!isset($hiddenfields['firstaccess']) or $isadmin)) {
if ($user->firstaccess) {
$userdetails['firstaccess'] = $user->firstaccess;
} else {
$userdetails['firstaccess'] = 0;
}
}
if (in_array('lastaccess', $userfields) && (!isset($hiddenfields['lastaccess']) or $isadmin)) {
if ($user->lastaccess) {
$userdetails['lastaccess'] = $user->lastaccess;
} else {
$userdetails['lastaccess'] = 0;
}
}
if (in_array('email', $userfields) && ($currentuser or $canviewuseremail or $user->maildisplay == 1 or $user->maildisplay == 2 and enrol_sharing_course($user, $USER))) {
$userdetails['email'] = $user->email;
}
if (in_array('interests', $userfields) && !empty($CFG->usetags)) {
require_once $CFG->dirroot . '/tag/lib.php';
if ($interests = tag_get_tags_csv('user', $user->id, TAG_RETURN_TEXT)) {
$userdetails['interests'] = $interests;
}
}
//Departement/Institution are not displayed on any profile, however you can get them from editing profile.
if ($isadmin or $currentuser) {
if (in_array('institution', $userfields) && $user->institution) {
$userdetails['institution'] = $user->institution;
}
if (in_array('department', $userfields) && isset($user->department)) {
//isset because it's ok to have department 0
$userdetails['department'] = $user->department;
}
}
if (in_array('roles', $userfields) && !empty($course)) {
// not a big secret
$roles = get_user_roles($context, $user->id, false);
$userdetails['roles'] = array();
foreach ($roles as $role) {
$userdetails['roles'][] = array('roleid' => $role->roleid, 'name' => $role->name, 'shortname' => $role->shortname, 'sortorder' => $role->sortorder);
}
}
// If groups are in use and enforced throughout the course, then make sure we can meet in at least one course level group
if (in_array('groups', $userfields) && !empty($course) && $canaccessallgroups) {
$usergroups = groups_get_all_groups($course->id, $user->id, $course->defaultgroupingid, 'g.id, g.name,g.description');
$userdetails['groups'] = array();
foreach ($usergroups as $group) {
$group->description = file_rewrite_pluginfile_urls($group->description, 'pluginfile.php', $context->id, 'group', 'description', $group->id);
$userdetails['groups'][] = array('id' => $group->id, 'name' => $group->name, 'description' => $group->description);
}
}
//list of courses where the user is enrolled
if (in_array('enrolledcourses', $userfields) && !isset($hiddenfields['mycourses'])) {
$enrolledcourses = array();
if ($mycourses = enrol_get_users_courses($user->id, true)) {
foreach ($mycourses as $mycourse) {
if ($mycourse->category) {
$coursecontext = get_context_instance(CONTEXT_COURSE, $mycourse->id);
$enrolledcourse = array();
$enrolledcourse['id'] = $mycourse->id;
$enrolledcourse['fullname'] = format_string($mycourse->fullname, true, array('context' => get_context_instance(CONTEXT_COURSE, $mycourse->id)));
$enrolledcourse['shortname'] = format_string($mycourse->shortname, true, array('context' => $coursecontext));
$enrolledcourses[] = $enrolledcourse;
}
}
$userdetails['enrolledcourses'] = $enrolledcourses;
}
}
//user preferences
if (in_array('preferences', $userfields) && $currentuser) {
$preferences = array();
$userpreferences = get_user_preferences();
foreach ($userpreferences as $prefname => $prefvalue) {
$preferences[] = array('name' => $prefname, 'value' => $prefvalue);
}
$userdetails['preferences'] = $preferences;
}
return $userdetails;
}
/**
* This function gets called by {@link settings_navigation::load_user_settings()} and actually works out
* what can be shown/done
*
* @param int $courseid The current course' id
* @param int $userid The user id to load for
* @param string $gstitle The string to pass to get_string for the branch title
* @return navigation_node|false
*/
protected function generate_user_settings($courseid, $userid, $gstitle = 'usercurrentsettings')
{
global $DB, $CFG, $USER, $SITE;
if ($courseid != $SITE->id) {
if (!empty($this->page->course->id) && $this->page->course->id == $courseid) {
$course = $this->page->course;
} else {
$select = context_helper::get_preload_record_columns_sql('ctx');
$sql = "SELECT c.*, {$select}\n FROM {course} c\n JOIN {context} ctx ON c.id = ctx.instanceid\n WHERE c.id = :courseid AND ctx.contextlevel = :contextlevel";
$params = array('courseid' => $courseid, 'contextlevel' => CONTEXT_COURSE);
$course = $DB->get_record_sql($sql, $params, MUST_EXIST);
context_helper::preload_from_record($course);
}
} else {
$course = $SITE;
}
$coursecontext = context_course::instance($course->id);
// Course context
$systemcontext = context_system::instance();
$currentuser = $USER->id == $userid;
if ($currentuser) {
$user = $USER;
$usercontext = context_user::instance($user->id);
// User context
} else {
$select = context_helper::get_preload_record_columns_sql('ctx');
$sql = "SELECT u.*, {$select}\n FROM {user} u\n JOIN {context} ctx ON u.id = ctx.instanceid\n WHERE u.id = :userid AND ctx.contextlevel = :contextlevel";
$params = array('userid' => $userid, 'contextlevel' => CONTEXT_USER);
$user = $DB->get_record_sql($sql, $params, IGNORE_MISSING);
if (!$user) {
return false;
}
context_helper::preload_from_record($user);
// Check that the user can view the profile
$usercontext = context_user::instance($user->id);
// User context
$canviewuser = has_capability('moodle/user:viewdetails', $usercontext);
if ($course->id == $SITE->id) {
if ($CFG->forceloginforprofiles && !has_coursecontact_role($user->id) && !$canviewuser) {
// Reduce possibility of "browsing" userbase at site level
// Teachers can browse and be browsed at site level. If not forceloginforprofiles, allow access (bug #4366)
return false;
}
} else {
$canviewusercourse = has_capability('moodle/user:viewdetails', $coursecontext);
$userisenrolled = is_enrolled($coursecontext, $user->id, '', true);
if (!$canviewusercourse && !$canviewuser || !$userisenrolled) {
return false;
}
$canaccessallgroups = has_capability('moodle/site:accessallgroups', $coursecontext);
if (!$canaccessallgroups && groups_get_course_groupmode($course) == SEPARATEGROUPS && !$canviewuser) {
// If groups are in use, make sure we can see that group (MDL-45874). That does not apply to parents.
if ($courseid == $this->page->course->id) {
$mygroups = get_fast_modinfo($this->page->course)->groups;
} else {
$mygroups = groups_get_user_groups($courseid);
}
$usergroups = groups_get_user_groups($courseid, $userid);
if (!array_intersect_key($mygroups[0], $usergroups[0])) {
return false;
}
}
}
}
$fullname = fullname($user, has_capability('moodle/site:viewfullnames', $this->page->context));
$key = $gstitle;
$prefurl = new moodle_url('/user/preferences.php');
if ($gstitle != 'usercurrentsettings') {
$key .= $userid;
$prefurl->param('userid', $userid);
}
// Add a user setting branch.
if ($gstitle == 'usercurrentsettings') {
$dashboard = $this->add(get_string('myhome'), new moodle_url('/my/'), self::TYPE_CONTAINER, null, 'dashboard');
// This should be set to false as we don't want to show this to the user. It's only for generating the correct
// breadcrumb.
$dashboard->display = false;
if (get_home_page() == HOMEPAGE_MY) {
$dashboard->mainnavonly = true;
}
$iscurrentuser = $user->id == $USER->id;
$baseargs = array('id' => $user->id);
if ($course->id != $SITE->id && !$iscurrentuser) {
$baseargs['course'] = $course->id;
$issitecourse = false;
} else {
// Load all categories and get the context for the system.
$issitecourse = true;
}
// Add the user profile to the dashboard.
$profilenode = $dashboard->add(get_string('profile'), new moodle_url('/user/profile.php', array('id' => $user->id)), self::TYPE_SETTING, null, 'myprofile');
if (!empty($CFG->navadduserpostslinks)) {
// Add nodes for forum posts and discussions if the user can view either or both
// There are no capability checks here as the content of the page is based
// purely on the forums the current user has access too.
$forumtab = $profilenode->add(get_string('forumposts', 'forum'));
$forumtab->add(get_string('posts', 'forum'), new moodle_url('/mod/forum/user.php', $baseargs), null, 'myposts');
$forumtab->add(get_string('discussions', 'forum'), new moodle_url('/mod/forum/user.php', array_merge($baseargs, array('mode' => 'discussions'))), null, 'mydiscussions');
}
// Add blog nodes.
if (!empty($CFG->enableblogs)) {
if (!$this->cache->cached('userblogoptions' . $user->id)) {
require_once $CFG->dirroot . '/blog/lib.php';
// Get all options for the user.
$options = blog_get_options_for_user($user);
$this->cache->set('userblogoptions' . $user->id, $options);
} else {
$options = $this->cache->{'userblogoptions' . $user->id};
}
if (count($options) > 0) {
$blogs = $profilenode->add(get_string('blogs', 'blog'), null, navigation_node::TYPE_CONTAINER);
foreach ($options as $type => $option) {
if ($type == "rss") {
$blogs->add($option['string'], $option['link'], self::TYPE_SETTING, null, null, new pix_icon('i/rss', ''));
} else {
$blogs->add($option['string'], $option['link'], self::TYPE_SETTING, null, 'blog' . $type);
}
}
}
}
// Add the messages link.
// It is context based so can appear in the user's profile and in course participants information.
if (!empty($CFG->messaging)) {
$messageargs = array('user1' => $USER->id);
if ($USER->id != $user->id) {
$messageargs['user2'] = $user->id;
}
if ($course->id != $SITE->id) {
$messageargs['viewing'] = MESSAGE_VIEW_COURSE . $course->id;
}
$url = new moodle_url('/message/index.php', $messageargs);
$dashboard->add(get_string('messages', 'message'), $url, self::TYPE_SETTING, null, 'messages');
}
// Add the "My private files" link.
// This link doesn't have a unique display for course context so only display it under the user's profile.
if ($issitecourse && $iscurrentuser && has_capability('moodle/user:manageownfiles', $usercontext)) {
$url = new moodle_url('/user/files.php');
$dashboard->add(get_string('privatefiles'), $url, self::TYPE_SETTING);
}
// Add a node to view the users notes if permitted.
if (!empty($CFG->enablenotes) && has_any_capability(array('moodle/notes:manage', 'moodle/notes:view'), $coursecontext)) {
$url = new moodle_url('/notes/index.php', array('user' => $user->id));
if ($coursecontext->instanceid != SITEID) {
$url->param('course', $coursecontext->instanceid);
}
$profilenode->add(get_string('notes', 'notes'), $url);
}
// Show the grades node.
if ($issitecourse && $iscurrentuser || has_capability('moodle/user:viewdetails', $usercontext)) {
require_once $CFG->dirroot . '/user/lib.php';
// Set the grades node to link to the "Grades" page.
if ($course->id == SITEID) {
$url = user_mygrades_url($user->id, $course->id);
} else {
// Otherwise we are in a course and should redirect to the user grade report (Activity report version).
$url = new moodle_url('/course/user.php', array('mode' => 'grade', 'id' => $course->id, 'user' => $user->id));
}
$dashboard->add(get_string('grades', 'grades'), $url, self::TYPE_SETTING, null, 'mygrades');
}
// Let plugins hook into user navigation.
$pluginsfunction = get_plugins_with_function('extend_navigation_user', 'lib.php');
foreach ($pluginsfunction as $plugintype => $plugins) {
if ($plugintype != 'report') {
foreach ($plugins as $pluginfunction) {
$pluginfunction($profilenode, $user, $usercontext, $course, $coursecontext);
}
}
}
$usersetting = navigation_node::create(get_string('preferences', 'moodle'), $prefurl, self::TYPE_CONTAINER, null, $key);
$dashboard->add_node($usersetting);
} else {
$usersetting = $this->add(get_string('preferences', 'moodle'), $prefurl, self::TYPE_CONTAINER, null, $key);
$usersetting->display = false;
}
$usersetting->id = 'usersettings';
// Check if the user has been deleted.
if ($user->deleted) {
if (!has_capability('moodle/user:update', $coursecontext)) {
// We can't edit the user so just show the user deleted message.
$usersetting->add(get_string('userdeleted'), null, self::TYPE_SETTING);
} else {
// We can edit the user so show the user deleted message and link it to the profile.
if ($course->id == $SITE->id) {
$profileurl = new moodle_url('/user/profile.php', array('id' => $user->id));
} else {
$profileurl = new moodle_url('/user/view.php', array('id' => $user->id, 'course' => $course->id));
}
$usersetting->add(get_string('userdeleted'), $profileurl, self::TYPE_SETTING);
}
return true;
}
$userauthplugin = false;
if (!empty($user->auth)) {
$userauthplugin = get_auth_plugin($user->auth);
}
$useraccount = $usersetting->add(get_string('useraccount'), null, self::TYPE_CONTAINER, null, 'useraccount');
// Add the profile edit link.
if (isloggedin() && !isguestuser($user) && !is_mnet_remote_user($user)) {
if (($currentuser || is_siteadmin($USER) || !is_siteadmin($user)) && has_capability('moodle/user:update', $systemcontext)) {
$url = new moodle_url('/user/editadvanced.php', array('id' => $user->id, 'course' => $course->id));
$useraccount->add(get_string('editmyprofile'), $url, self::TYPE_SETTING);
} else {
if (has_capability('moodle/user:editprofile', $usercontext) && !is_siteadmin($user) || $currentuser && has_capability('moodle/user:editownprofile', $systemcontext)) {
if ($userauthplugin && $userauthplugin->can_edit_profile()) {
$url = $userauthplugin->edit_profile_url();
if (empty($url)) {
$url = new moodle_url('/user/edit.php', array('id' => $user->id, 'course' => $course->id));
}
$useraccount->add(get_string('editmyprofile'), $url, self::TYPE_SETTING);
}
}
}
}
// Change password link.
if ($userauthplugin && $currentuser && !\core\session\manager::is_loggedinas() && !isguestuser() && has_capability('moodle/user:changeownpassword', $systemcontext) && $userauthplugin->can_change_password()) {
$passwordchangeurl = $userauthplugin->change_password_url();
if (empty($passwordchangeurl)) {
$passwordchangeurl = new moodle_url('/login/change_password.php', array('id' => $course->id));
}
$useraccount->add(get_string("changepassword"), $passwordchangeurl, self::TYPE_SETTING, null, 'changepassword');
}
if (isloggedin() && !isguestuser($user) && !is_mnet_remote_user($user)) {
if ($currentuser && has_capability('moodle/user:editownprofile', $systemcontext) || has_capability('moodle/user:editprofile', $usercontext)) {
$url = new moodle_url('/user/language.php', array('id' => $user->id, 'course' => $course->id));
$useraccount->add(get_string('preferredlanguage'), $url, self::TYPE_SETTING, null, 'preferredlanguage');
}
}
$pluginmanager = core_plugin_manager::instance();
$enabled = $pluginmanager->get_enabled_plugins('mod');
if (isset($enabled['forum']) && isloggedin() && !isguestuser($user) && !is_mnet_remote_user($user)) {
if ($currentuser && has_capability('moodle/user:editownprofile', $systemcontext) || has_capability('moodle/user:editprofile', $usercontext)) {
$url = new moodle_url('/user/forum.php', array('id' => $user->id, 'course' => $course->id));
$useraccount->add(get_string('forumpreferences'), $url, self::TYPE_SETTING);
}
}
$editors = editors_get_enabled();
if (count($editors) > 1) {
if (isloggedin() && !isguestuser($user) && !is_mnet_remote_user($user)) {
if ($currentuser && has_capability('moodle/user:editownprofile', $systemcontext) || has_capability('moodle/user:editprofile', $usercontext)) {
$url = new moodle_url('/user/editor.php', array('id' => $user->id, 'course' => $course->id));
$useraccount->add(get_string('editorpreferences'), $url, self::TYPE_SETTING);
}
}
}
// Add "Course preferences" link.
if (isloggedin() && !isguestuser($user)) {
if ($currentuser && has_capability('moodle/user:editownprofile', $systemcontext) || has_capability('moodle/user:editprofile', $usercontext)) {
$url = new moodle_url('/user/course.php', array('id' => $user->id, 'course' => $course->id));
$useraccount->add(get_string('coursepreferences'), $url, self::TYPE_SETTING, null, 'coursepreferences');
}
}
// View the roles settings.
if (has_any_capability(array('moodle/role:assign', 'moodle/role:safeoverride', 'moodle/role:override', 'moodle/role:manage'), $usercontext)) {
$roles = $usersetting->add(get_string('roles'), null, self::TYPE_SETTING);
$url = new moodle_url('/admin/roles/usersroles.php', array('userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('thisusersroles', 'role'), $url, self::TYPE_SETTING);
$assignableroles = get_assignable_roles($usercontext, ROLENAME_BOTH);
if (!empty($assignableroles)) {
$url = new moodle_url('/admin/roles/assign.php', array('contextid' => $usercontext->id, 'userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('assignrolesrelativetothisuser', 'role'), $url, self::TYPE_SETTING);
}
if (has_capability('moodle/role:review', $usercontext) || count(get_overridable_roles($usercontext, ROLENAME_BOTH)) > 0) {
$url = new moodle_url('/admin/roles/permissions.php', array('contextid' => $usercontext->id, 'userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('permissions', 'role'), $url, self::TYPE_SETTING);
}
$url = new moodle_url('/admin/roles/check.php', array('contextid' => $usercontext->id, 'userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('checkpermissions', 'role'), $url, self::TYPE_SETTING);
}
// Repositories.
if (!$this->cache->cached('contexthasrepos' . $usercontext->id)) {
require_once $CFG->dirroot . '/repository/lib.php';
$editabletypes = repository::get_editable_types($usercontext);
$haseditabletypes = !empty($editabletypes);
unset($editabletypes);
$this->cache->set('contexthasrepos' . $usercontext->id, $haseditabletypes);
} else {
$haseditabletypes = $this->cache->{'contexthasrepos' . $usercontext->id};
}
if ($haseditabletypes) {
$repositories = $usersetting->add(get_string('repositories', 'repository'), null, self::TYPE_SETTING);
$repositories->add(get_string('manageinstances', 'repository'), new moodle_url('/repository/manage_instances.php', array('contextid' => $usercontext->id)));
}
// Portfolio.
if ($currentuser && !empty($CFG->enableportfolios) && has_capability('moodle/portfolio:export', $systemcontext)) {
require_once $CFG->libdir . '/portfoliolib.php';
if (portfolio_has_visible_instances()) {
$portfolio = $usersetting->add(get_string('portfolios', 'portfolio'), null, self::TYPE_SETTING);
$url = new moodle_url('/user/portfolio.php', array('courseid' => $course->id));
$portfolio->add(get_string('configure', 'portfolio'), $url, self::TYPE_SETTING);
$url = new moodle_url('/user/portfoliologs.php', array('courseid' => $course->id));
$portfolio->add(get_string('logs', 'portfolio'), $url, self::TYPE_SETTING);
}
}
$enablemanagetokens = false;
if (!empty($CFG->enablerssfeeds)) {
$enablemanagetokens = true;
} else {
if (!is_siteadmin($USER->id) && !empty($CFG->enablewebservices) && has_capability('moodle/webservice:createtoken', context_system::instance())) {
$enablemanagetokens = true;
}
}
// Security keys.
if ($currentuser && $enablemanagetokens) {
$url = new moodle_url('/user/managetoken.php', array('sesskey' => sesskey()));
$useraccount->add(get_string('securitykeys', 'webservice'), $url, self::TYPE_SETTING);
}
// Messaging.
if ($currentuser && has_capability('moodle/user:editownmessageprofile', $systemcontext) || !isguestuser($user) && has_capability('moodle/user:editmessageprofile', $usercontext) && !is_primary_admin($user->id)) {
$url = new moodle_url('/message/edit.php', array('id' => $user->id));
$useraccount->add(get_string('messaging', 'message'), $url, self::TYPE_SETTING);
}
// Blogs.
if ($currentuser && !empty($CFG->enableblogs)) {
$blog = $usersetting->add(get_string('blogs', 'blog'), null, navigation_node::TYPE_CONTAINER, null, 'blogs');
if (has_capability('moodle/blog:view', $systemcontext)) {
$blog->add(get_string('preferences', 'blog'), new moodle_url('/blog/preferences.php'), navigation_node::TYPE_SETTING);
}
if (!empty($CFG->useexternalblogs) && $CFG->maxexternalblogsperuser > 0 && has_capability('moodle/blog:manageexternal', $systemcontext)) {
$blog->add(get_string('externalblogs', 'blog'), new moodle_url('/blog/external_blogs.php'), navigation_node::TYPE_SETTING);
$blog->add(get_string('addnewexternalblog', 'blog'), new moodle_url('/blog/external_blog_edit.php'), navigation_node::TYPE_SETTING);
}
// Remove the blog node if empty.
$blog->trim_if_empty();
}
// Badges.
if ($currentuser && !empty($CFG->enablebadges)) {
$badges = $usersetting->add(get_string('badges'), null, navigation_node::TYPE_CONTAINER, null, 'badges');
if (has_capability('moodle/badges:manageownbadges', $usercontext)) {
$url = new moodle_url('/badges/mybadges.php');
$badges->add(get_string('managebadges', 'badges'), $url, self::TYPE_SETTING);
}
$badges->add(get_string('preferences', 'badges'), new moodle_url('/badges/preferences.php'), navigation_node::TYPE_SETTING);
if (!empty($CFG->badges_allowexternalbackpack)) {
$badges->add(get_string('backpackdetails', 'badges'), new moodle_url('/badges/mybackpack.php'), navigation_node::TYPE_SETTING);
}
}
// Let plugins hook into user settings navigation.
$pluginsfunction = get_plugins_with_function('extend_navigation_user_settings', 'lib.php');
foreach ($pluginsfunction as $plugintype => $plugins) {
foreach ($plugins as $pluginfunction) {
$pluginfunction($usersetting, $user, $usercontext, $course, $coursecontext);
}
}
return $usersetting;
}
/**
* Prints an individual user box
*
* @deprecated since 3.1
* @param user_object $user (contains the following fields: id, firstname, lastname and picture)
* @param bool $return if true return html string
* @return string|null a HTML string or null if this function does the output
*/
function tag_print_user_box($user, $return = false)
{
global $CFG, $OUTPUT;
debugging('Function tag_print_user_box() is deprecated without replacement. ' . 'See core_user_renderer for similar code.', DEBUG_DEVELOPER);
$usercontext = context_user::instance($user->id);
$profilelink = '';
if ($usercontext and has_capability('moodle/user:viewdetails', $usercontext) || has_coursecontact_role($user->id)) {
$profilelink = $CFG->wwwroot . '/user/view.php?id=' . $user->id;
}
$output = $OUTPUT->box_start('user-box', 'user' . $user->id);
$fullname = fullname($user);
$alt = '';
if (!empty($profilelink)) {
$output .= '<a href="' . $profilelink . '">';
$alt = $fullname;
}
$output .= $OUTPUT->user_picture($user, array('size' => 100));
$output .= '<br />';
if (!empty($profilelink)) {
$output .= '</a>';
}
//truncate name if it's too big
if (core_text::strlen($fullname) > 26) {
$fullname = core_text::substr($fullname, 0, 26) . '...';
}
$output .= '<strong>' . $fullname . '</strong>';
$output .= $OUTPUT->box_end();
if ($return) {
return $output;
} else {
echo $output;
}
}
/**
* This function gets called by {@link settings_navigation::load_user_settings()} and actually works out
* what can be shown/done
*
* @param int $courseid The current course' id
* @param int $userid The user id to load for
* @param string $gstitle The string to pass to get_string for the branch title
* @return navigation_node|false
*/
protected function generate_user_settings($courseid, $userid, $gstitle = 'usercurrentsettings')
{
global $DB, $CFG, $USER, $SITE;
if ($courseid != $SITE->id) {
if (!empty($this->page->course->id) && $this->page->course->id == $courseid) {
$course = $this->page->course;
} else {
$select = context_helper::get_preload_record_columns_sql('ctx');
$sql = "SELECT c.*, {$select}\n FROM {course} c\n JOIN {context} ctx ON c.id = ctx.instanceid\n WHERE c.id = :courseid AND ctx.contextlevel = :contextlevel";
$params = array('courseid' => $courseid, 'contextlevel' => CONTEXT_COURSE);
$course = $DB->get_record_sql($sql, $params, MUST_EXIST);
context_helper::preload_from_record($course);
}
} else {
$course = $SITE;
}
$coursecontext = get_context_instance(CONTEXT_COURSE, $course->id);
// Course context
$systemcontext = get_system_context();
$currentuser = $USER->id == $userid;
if ($currentuser) {
$user = $USER;
$usercontext = get_context_instance(CONTEXT_USER, $user->id);
// User context
} else {
$select = context_helper::get_preload_record_columns_sql('ctx');
$sql = "SELECT u.*, {$select}\n FROM {user} u\n JOIN {context} ctx ON u.id = ctx.instanceid\n WHERE u.id = :userid AND ctx.contextlevel = :contextlevel";
$params = array('userid' => $userid, 'contextlevel' => CONTEXT_USER);
$user = $DB->get_record_sql($sql, $params, IGNORE_MISSING);
if (!$user) {
return false;
}
context_helper::preload_from_record($user);
// Check that the user can view the profile
$usercontext = get_context_instance(CONTEXT_USER, $user->id);
// User context
$canviewuser = has_capability('moodle/user:viewdetails', $usercontext);
if ($course->id == $SITE->id) {
if ($CFG->forceloginforprofiles && !has_coursecontact_role($user->id) && !$canviewuser) {
// Reduce possibility of "browsing" userbase at site level
// Teachers can browse and be browsed at site level. If not forceloginforprofiles, allow access (bug #4366)
return false;
}
} else {
$canviewusercourse = has_capability('moodle/user:viewdetails', $coursecontext);
$canaccessallgroups = has_capability('moodle/site:accessallgroups', $coursecontext);
if (!$canviewusercourse && !$canviewuser || !can_access_course($course, $user->id)) {
return false;
}
if (!$canaccessallgroups && groups_get_course_groupmode($course) == SEPARATEGROUPS) {
// If groups are in use, make sure we can see that group
return false;
}
}
}
$fullname = fullname($user, has_capability('moodle/site:viewfullnames', $this->page->context));
$key = $gstitle;
if ($gstitle != 'usercurrentsettings') {
$key .= $userid;
}
// Add a user setting branch
$usersetting = $this->add(get_string($gstitle, 'moodle', $fullname), null, self::TYPE_CONTAINER, null, $key);
$usersetting->id = 'usersettings';
if ($this->page->context->contextlevel == CONTEXT_USER && $this->page->context->instanceid == $user->id) {
// Automatically start by making it active
$usersetting->make_active();
}
// Check if the user has been deleted
if ($user->deleted) {
if (!has_capability('moodle/user:update', $coursecontext)) {
// We can't edit the user so just show the user deleted message
$usersetting->add(get_string('userdeleted'), null, self::TYPE_SETTING);
} else {
// We can edit the user so show the user deleted message and link it to the profile
if ($course->id == $SITE->id) {
$profileurl = new moodle_url('/user/profile.php', array('id' => $user->id));
} else {
$profileurl = new moodle_url('/user/view.php', array('id' => $user->id, 'course' => $course->id));
}
$usersetting->add(get_string('userdeleted'), $profileurl, self::TYPE_SETTING);
}
return true;
}
$userauthplugin = false;
if (!empty($user->auth)) {
$userauthplugin = get_auth_plugin($user->auth);
}
// Add the profile edit link
if (isloggedin() && !isguestuser($user) && !is_mnet_remote_user($user)) {
if (($currentuser || is_siteadmin($USER) || !is_siteadmin($user)) && has_capability('moodle/user:update', $systemcontext)) {
$url = new moodle_url('/user/editadvanced.php', array('id' => $user->id, 'course' => $course->id));
$usersetting->add(get_string('editmyprofile'), $url, self::TYPE_SETTING);
} else {
if (has_capability('moodle/user:editprofile', $usercontext) && !is_siteadmin($user) || $currentuser && has_capability('moodle/user:editownprofile', $systemcontext)) {
if ($userauthplugin && $userauthplugin->can_edit_profile()) {
$url = $userauthplugin->edit_profile_url();
if (empty($url)) {
$url = new moodle_url('/user/edit.php', array('id' => $user->id, 'course' => $course->id));
}
$usersetting->add(get_string('editmyprofile'), $url, self::TYPE_SETTING);
}
}
}
}
// Change password link
if ($userauthplugin && $currentuser && !session_is_loggedinas() && !isguestuser() && has_capability('moodle/user:changeownpassword', $systemcontext) && $userauthplugin->can_change_password()) {
$passwordchangeurl = $userauthplugin->change_password_url();
if (empty($passwordchangeurl)) {
$passwordchangeurl = new moodle_url('/login/change_password.php', array('id' => $course->id));
}
$usersetting->add(get_string("changepassword"), $passwordchangeurl, self::TYPE_SETTING);
}
// View the roles settings
if (has_any_capability(array('moodle/role:assign', 'moodle/role:safeoverride', 'moodle/role:override', 'moodle/role:manage'), $usercontext)) {
$roles = $usersetting->add(get_string('roles'), null, self::TYPE_SETTING);
$url = new moodle_url('/admin/roles/usersroles.php', array('userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('thisusersroles', 'role'), $url, self::TYPE_SETTING);
$assignableroles = get_assignable_roles($usercontext, ROLENAME_BOTH);
if (!empty($assignableroles)) {
$url = new moodle_url('/admin/roles/assign.php', array('contextid' => $usercontext->id, 'userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('assignrolesrelativetothisuser', 'role'), $url, self::TYPE_SETTING);
}
if (has_capability('moodle/role:review', $usercontext) || count(get_overridable_roles($usercontext, ROLENAME_BOTH)) > 0) {
$url = new moodle_url('/admin/roles/permissions.php', array('contextid' => $usercontext->id, 'userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('permissions', 'role'), $url, self::TYPE_SETTING);
}
$url = new moodle_url('/admin/roles/check.php', array('contextid' => $usercontext->id, 'userid' => $user->id, 'courseid' => $course->id));
$roles->add(get_string('checkpermissions', 'role'), $url, self::TYPE_SETTING);
}
// Portfolio
if ($currentuser && !empty($CFG->enableportfolios) && has_capability('moodle/portfolio:export', $systemcontext)) {
require_once $CFG->libdir . '/portfoliolib.php';
if (portfolio_instances(true, false)) {
$portfolio = $usersetting->add(get_string('portfolios', 'portfolio'), null, self::TYPE_SETTING);
$url = new moodle_url('/user/portfolio.php', array('courseid' => $course->id));
$portfolio->add(get_string('configure', 'portfolio'), $url, self::TYPE_SETTING);
$url = new moodle_url('/user/portfoliologs.php', array('courseid' => $course->id));
$portfolio->add(get_string('logs', 'portfolio'), $url, self::TYPE_SETTING);
}
}
$enablemanagetokens = false;
if (!empty($CFG->enablerssfeeds)) {
$enablemanagetokens = true;
} else {
if (!is_siteadmin($USER->id) && !empty($CFG->enablewebservices) && has_capability('moodle/webservice:createtoken', get_system_context())) {
$enablemanagetokens = true;
}
}
// Security keys
if ($currentuser && $enablemanagetokens) {
$url = new moodle_url('/user/managetoken.php', array('sesskey' => sesskey()));
$usersetting->add(get_string('securitykeys', 'webservice'), $url, self::TYPE_SETTING);
}
// Repository
if (!$currentuser && $usercontext->contextlevel == CONTEXT_USER) {
if (!$this->cache->cached('contexthasrepos' . $usercontext->id)) {
require_once $CFG->dirroot . '/repository/lib.php';
$editabletypes = repository::get_editable_types($usercontext);
$haseditabletypes = !empty($editabletypes);
unset($editabletypes);
$this->cache->set('contexthasrepos' . $usercontext->id, $haseditabletypes);
} else {
$haseditabletypes = $this->cache->{'contexthasrepos' . $usercontext->id};
}
if ($haseditabletypes) {
$url = new moodle_url('/repository/manage_instances.php', array('contextid' => $usercontext->id));
$usersetting->add(get_string('repositories', 'repository'), $url, self::TYPE_SETTING);
}
}
// Messaging
if ($currentuser && has_capability('moodle/user:editownmessageprofile', $systemcontext) || !isguestuser($user) && has_capability('moodle/user:editmessageprofile', $usercontext) && !is_primary_admin($user->id)) {
$url = new moodle_url('/message/edit.php', array('id' => $user->id));
$usersetting->add(get_string('editmymessage', 'message'), $url, self::TYPE_SETTING);
}
// Blogs
if ($currentuser && !empty($CFG->bloglevel)) {
$blog = $usersetting->add(get_string('blogs', 'blog'), null, navigation_node::TYPE_CONTAINER, null, 'blogs');
$blog->add(get_string('preferences', 'blog'), new moodle_url('/blog/preferences.php'), navigation_node::TYPE_SETTING);
if (!empty($CFG->useexternalblogs) && $CFG->maxexternalblogsperuser > 0 && has_capability('moodle/blog:manageexternal', get_context_instance(CONTEXT_SYSTEM))) {
$blog->add(get_string('externalblogs', 'blog'), new moodle_url('/blog/external_blogs.php'), navigation_node::TYPE_SETTING);
$blog->add(get_string('addnewexternalblog', 'blog'), new moodle_url('/blog/external_blog_edit.php'), navigation_node::TYPE_SETTING);
}
}
// Login as ...
if (!$user->deleted and !$currentuser && !session_is_loggedinas() && has_capability('moodle/user:loginas', $coursecontext) && !is_siteadmin($user->id)) {
$url = new moodle_url('/course/loginas.php', array('id' => $course->id, 'user' => $user->id, 'sesskey' => sesskey()));
$usersetting->add(get_string('loginas'), $url, self::TYPE_SETTING);
}
return $usersetting;
}
/**
* Get course participant's details
* @param array $userlist array of user ids and according course ids
* @return array An array of arrays describing course participants
*/
public static function get_course_participants_by_id($userlist) {
global $CFG, $USER, $DB;
require_once($CFG->dirroot . "/user/lib.php");
require_once($CFG->dirroot . "/user/profile/lib.php"); //custom field library
require_once($CFG->dirroot . "/lib/filelib.php"); // file handling on description and friends
$isadmin = is_siteadmin($USER);
$params = self::validate_parameters(self::get_course_participants_by_id_parameters(), array('userlist'=>$userlist));
$userids = array();
$courseids = array();
foreach ($params['userlist'] as $value) {
$userids[] = $value['userid'];
$courseids[$value['userid']] = $value['courseid'];
}
// cache all courses
$courses = array();
list($cselect, $cjoin) = context_instance_preload_sql('c.id', CONTEXT_COURSE, 'ctx');
list($sqlcourseids, $params) = $DB->get_in_or_equal(array_unique($courseids));
$coursesql = "SELECT c.* $uselect
FROM {course} c $cjoin
WHERE c.id $sqlcourseids";
$rs = $DB->get_recordset_sql($coursesql, $params);
foreach ($rs as $course) {
// adding course contexts to cache
context_instance_preload($course);
// cache courses
$courses[$course->id] = $course;
}
$rs->close();
list($uselect, $ujoin) = context_instance_preload_sql('u.id', CONTEXT_USER, 'ctx');
list($sqluserids, $params) = $DB->get_in_or_equal($userids);
$usersql = "SELECT u.* $uselect
FROM {user} u $ujoin
WHERE u.id $sqluserids";
$users = $DB->get_recordset_sql($usersql, $params);
$result = array();
foreach ($users as $user) {
if (!empty($user->deleted)) {
continue;
}
context_instance_preload($user);
$usercontext = get_context_instance(CONTEXT_USER, $user->id);
$course = $courses[$courseids[$user->id]];
$context = get_context_instance(CONTEXT_COURSE, $courseids[$user->id]);
$hasviewdetailscap = has_capability('moodle/user:viewdetails', $context) || has_capability('moodle/user:viewdetails', $usercontext);
self::validate_context($context);
$currentuser = ($user->id == $USER->id);
if (!$currentuser && !$hasviewdetailscap && !has_coursecontact_role($user->id)) {
throw new moodle_exception('usernotavailable', 'error');
}
$userarray = array();
//basic fields
$userarray['id'] = $user->id;
if ($isadmin) {
$userarray['username'] = $user->username;
}
if ($isadmin or has_capability('moodle/site:viewfullnames', $context)) {
$userarray['firstname'] = $user->firstname;
$userarray['lastname'] = $user->lastname;
}
$userarray['fullname'] = fullname($user);
//Custom fields (matching /user/profile/lib.php - profile_display_fields code logic)
$userarray['customfields'] = array();
$fields = $DB->get_recordset_sql("SELECT f.*
FROM {user_info_field} f
JOIN {user_info_category} c
ON f.categoryid=c.id
ORDER BY c.sortorder ASC, f.sortorder ASC");
foreach ($fields as $field) {
require_once($CFG->dirroot.'/user/profile/field/'.$field->datatype.'/field.class.php');
$newfield = 'profile_field_'.$field->datatype;
$formfield = new $newfield($field->id, $user->id);
if ($formfield->is_visible() and !$formfield->is_empty()) {
$userarray['customfields'][] =
array('name' => $formfield->field->name, 'value' => $formfield->data,
'type' => $field->datatype, 'shortname' => $formfield->field->shortname);
}
}
$fields->close();
//image profiles urls (public, no permission required in fact)
$profileimageurl = moodle_url::make_pluginfile_url($usercontext->id, 'user', 'icon', NULL, '/', 'f1');
$userarray['profileimageurl'] = $profileimageurl->out(false);
$profileimageurlsmall = moodle_url::make_pluginfile_url($usercontext->id, 'user', 'icon', NULL, '/', 'f2');
$userarray['profileimageurlsmall'] = $profileimageurlsmall->out(false);
//hidden user field
if (has_capability('moodle/course:viewhiddenuserfields', $context)) {
$hiddenfields = array();
} else {
$hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields));
}
if (isset($user->description) && (!isset($hiddenfields['description']) or $isadmin)) {
if (empty($CFG->profilesforenrolledusersonly) || $currentuser) {
$user->description = file_rewrite_pluginfile_urls($user->description, 'pluginfile.php', $context->id, 'user', 'profile', null);
$userarray['description'] = $user->description;
$userarray['descriptionformat'] = $user->descriptionformat;
}
}
if ((! isset($hiddenfields['country']) or $isadmin) && $user->country) {
$userarray['country'] = $user->country;
}
if ((! isset($hiddenfields['city']) or $isadmin) && $user->city) {
$userarray['city'] = $user->city;
}
if (has_capability('moodle/course:viewhiddenuserfields', $context)) {
if ($user->address) {
$userarray['address'] = $user->address;
}
if ($user->phone1) {
$userarray['phone1'] = $user->phone1;
}
if ($user->phone2) {
$userarray['phone2'] = $user->phone2;
}
}
if ($currentuser
or $user->maildisplay == 1
or has_capability('moodle/course:useremail', $context)
or ($user->maildisplay == 2 and enrol_sharing_course($user, $USER))) {
$userarray['email'] = $user->email;;
}
if ($user->url && (!isset($hiddenfields['webpage']) or $isadmin)) {
$url = $user->url;
if (strpos($user->url, '://') === false) {
$url = 'http://'. $url;
}
$user->url = clean_param($user->url, PARAM_URL);
$userarray['url'] = $user->url;
}
if ($user->icq && (!isset($hiddenfields['icqnumber']) or $isadmin)) {
$userarray['icq'] = $user->icq;
}
if ($user->skype && (!isset($hiddenfields['skypeid']) or $isadmin)) {
$userarray['skype'] = $user->skype;
}
if ($user->yahoo && (!isset($hiddenfields['yahooid']) or $isadmin)) {
$userarray['yahoo'] = $user->yahoo;
}
if ($user->aim && (!isset($hiddenfields['aimid']) or $isadmin)) {
$userarray['aim'] = $user->aim;
}
if ($user->msn && (!isset($hiddenfields['msnid']) or $isadmin)) {
$userarray['msn'] = $user->msn;
}
if ((!isset($hiddenfields['firstaccess'])) or $isadmin) {
if ($user->firstaccess) {
$userarray['firstaccess'] = $user->firstaccess;
} else {
$userarray['firstaccess'] = 0;
}
}
if ((!isset($hiddenfields['lastaccess'])) or $isadmin) {
if ($user->lastaccess) {
$userarray['lastaccess'] = $user->lastaccess;
} else {
$userarray['lastaccess'] = 0;
}
}
/// Printing tagged interests
if (!empty($CFG->usetags)) {
require_once($CFG->dirroot . '/tag/lib.php');
if ($interests = tag_get_tags_csv('user', $user->id, TAG_RETURN_TEXT) ) {
$userarray['interests'] = $interests;
}
}
//Departement/Institution are not displayed on any profile, however you can get them from editing profile.
if ($isadmin or $currentuser) {
if ($user->institution) {
$userarray['institution'] = $user->institution;
}
if (isset($user->department)) { //isset because it's ok to have department 0
$userarray['department'] = $user->department;
}
}
// not a big secret
$userarray['roles'] = array();
$roles = get_user_roles($context, $user->id, false);
foreach ($roles as $role) {
$userarray['roles'][] = array(
'roleid' => $role->roleid,
'name' => $role->name,
'shortname' => $role->shortname,
'sortorder' => $role->sortorder
);
}
// If groups are in use and enforced throughout the course, then make sure we can meet in at least one course level group
if (has_capability('moodle/site:accessallgroups', $context)) {
$usergroups = groups_get_all_groups($course->id, $user->id, $course->defaultgroupingid, 'g.id, g.name,g.description');
foreach ($usergroups as $group) {
$group->description = file_rewrite_pluginfile_urls($group->description, 'pluginfile.php', $context->id, 'group', 'description', $group->id);
$userarray['groups'][] = array('id'=>$group->id, 'name'=>$group->name, 'description'=>$group->description);
}
}
$result[] = $userarray;
}
$users->close();
return $result;
}