course->id, 'course', 'view sloodle user', '', "{$this->course->id}"); // We need to establish some permissions here $this->course_context = get_context_instance(CONTEXT_COURSE, $this->courseid); $this->system_context = get_context_instance(CONTEXT_SYSTEM); // Make sure the user has permission to view this course (but let anybody view the site course details) // Fetch some parameters $this->moodleuserid = required_param('id', PARAM_RAW); $this->deletesloodleentry = optional_param('delete', null, PARAM_INT); $this->userconfirmed = optional_param('confirm', null, PARAM_RAW); $this->courseid = optional_param('course', SITEID, PARAM_INT); $this->searchstr = addslashes(optional_param('search', '', PARAM_TEXT)); $this->deleteuserobjects = optional_param('deleteuserobjects', null, PARAM_TEXT); // If we are viewing 'all' avatar entries, then revert to the site course if (strcasecmp($this->moodleuserid, 'all') == 0) $this->courseid = SITEID; // Fetch our Moodle and SLOODLE course data if (!$this->course = sloodle_get_record('course', 'id', $this->courseid)) error('Could not find course.'); $this->sloodle_course = new SloodleCourse(); if (!$this->sloodle_course->load($this->course)) error(get_string('failedcourseload', 'sloodle')); $this->start = optional_param('start', 0, PARAM_INT); if ($this->start < 0) $this->start = 0; // Moodle 2 rendering functions like to know the course. // They get upset if you try to pass a course into sloodle_print_footer() that isn't what they were expecting. if ($this->course) { global $PAGE; if (isset($PAGE) && method_exists($PAGE, 'set_course')) { $PAGE->set_course($this->course); } } } /** * Check that the user is logged-in and has permission to alter course settings. */ function check_permission() { global $CFG, $USER; // Ensure the user logs in require_login(); if (isguestuser()) error(get_string('noguestaccess', 'sloodle')); //add_to_log($this->course->id, 'course', 'view sloodle user', '', "{$this->course->id}"); // We need to establish some permissions here $this->course_context = get_context_instance(CONTEXT_COURSE, $this->courseid); $this->system_context = get_context_instance(CONTEXT_SYSTEM); $this->viewingself = false; $this->canedit = false; // Is the user trying to view their own profile? if ($this->moodleuserid == $USER->id) { $this->viewingself = true; $this->canedit = true; } else { // The "all" view should be only available to admins if ( !has_capability('moodle/site:viewparticipants', $this->system_context) ){ error(get_string('insufficientpermissiontoviewpage', 'sloodle')); exit(); } // Does the user have permission to edit other peoples' profiles in the system and/or course? // If not, can they at least view others' profiles for the system or course? if (has_capability('moodle/user:editprofile', $this->system_context) || has_capability('moodle/user:editprofile', $this->course_context)) { // User can edit profiles $this->canedit = true; } else if (!(has_capability('moodle/user:viewdetails', $this->system_context) || has_capability('moodle/user:viewdetails', $this->course_context))) { // If this is the site course, then let it through anyway if ($this->courseid != SITEID) { error(get_string('insufficientpermissiontoviewpage','sloodle')); exit(); } } } } /** * Print the course settings page header. */ function sloodle_print_header() { } /** * Render the view of the module or feature. * This MUST be overridden to provide functionality. */ function render() { global $CFG, $USER; // Were any of the delete parameters specified in HTTP (e.g. from a form)? if (!empty($this->deleteuserobjects) || !empty($this->deletesloodleentry) || !empty($this->userconfirmed)) { // Convert them to session parameters if (!empty($this->deleteuserobjects)) $_SESSION['deleteuserobjects'] = $this->deleteuserobjects; if (!empty($this->deletesloodleentry)) $_SESSION['deletesloodleentry'] = $this->deletesloodleentry; if (!empty($this->userconfirmed)) $_SESSION['userconfirmed'] = $this->userconfirmed; // Construct our full URL, with GET parameters $url = sloodle_get_web_path(); $url .= "?_type=user&id={$this->moodleuserid}"; if (!empty($this->courseid)) $url .= "&course={$this->courseid}"; if (!empty($this->searchstr)) $url .= "&search={$this->searchstr}"; if (!empty($this->start)) $url .= "&start={$this->start}"; // Reload this page without those parameters redirect($url); exit(); } // Extract data from our session parameters if (isset($_SESSION['deleteuserobjects'])) { $this->deleteuserobjects = $_SESSION['deleteuserobjects']; unset($_SESSION['deleteuserobjects']); } if (isset($_SESSION['deletesloodleentry'])) { $this->deletesloodleentry = $_SESSION['deletesloodleentry']; unset($_SESSION['deletesloodleentry']); } if (isset($_SESSION['userconfirmed'])) { $this->userconfirmed = $_SESSION['userconfirmed']; unset($_SESSION['userconfirmed']); } // Check the mode: all, search, pending, or single $allentries = false; $searchentries = false; if (strcasecmp($this->moodleuserid, 'all') == 0) { $allentries = true; $this->moodleuserid = -1; } else if (strcasecmp($this->moodleuserid, 'search') == 0) { $searchentries = true; $this->moodleuserid = -1; } else { // Make sure the Moodle user ID is an integer $this->moodleuserid = (integer)$this->moodleuserid; if ($this->moodleuserid <= 0) error(ucwords(get_string('unknownuser', 'sloodle'))); } // Get the URL and names of the course $courseurl = $CFG->wwwroot.'/course/view.php?_type=user&id='.$this->courseid; $courseshortname = $this->course->shortname; $coursefullname = $this->course->fullname; // This value will indicate if we are currently confirming a deletion $confirmingdeletion = false; // These are localization strings used by the deletion confirmation form $form_yes = get_string('Yes', 'sloodle'); $form_no = get_string('No', 'sloodle'); // Are we deleting a Sloodle entry? $deletemsg = ''; if ($this->deletesloodleentry != NULL) { // Determine if the user is allowed to delete this entry $allowdelete = $this->canedit; // Just go with the editing ability for now... will maybe change this later. -PRB // Has the deletion been confirmed? if ($this->userconfirmed == $form_yes) { if (sloodle_record_exists('sloodle_users', 'id', $this->deletesloodleentry)) { // Is the user allowed to delete this? if ($allowdelete) { // Make sure it's a valid ID if (is_int($this->deletesloodleentry) && $this->deletesloodleentry > 0) { // Attempt to delete the entry $deleteresult = sloodle_delete_records('sloodle_users', 'id', $this->deletesloodleentry); if ($deleteresult === FALSE) { $deletemsg = get_string('deletionfailed', 'sloodle').': '.get_string('databasequeryfailed', 'sloodle'); } else { $deletemsg = get_string('deletionsuccessful', 'sloodle'); } } else { $deletemsg = get_string('deletionfailed', 'sloodle').': '.get_string('invalidid', 'sloodle'); } } else { $deletemsg = get_string('deletionfailed', 'sloodle').': '.get_string('insufficientpermission', 'sloodle'); } } } else if (is_null($this->userconfirmed)) { // User needs to confirm deletion $confirmingdeletion = true; $form_url = SLOODLE_WWWROOT."/view.php"; $deletemsg .= '
';
// Yes - do we have an account?
if ($moodleuserdata) {
// Yes - display the name and other general info
echo ''. $moodleuserdata->firstname .' '. $moodleuserdata->lastname.'';
echo " (wwwroot}/user/view.php?id={$this->moodleuserid}&course={$this->courseid}\">".get_string('moodleuserprofile','sloodle').")
";
} else {
echo get_string('moodleusernotfound', 'sloodle').'
';
}
echo "
\n";
// Check for issues such as no entries, or multiple entries
if ($numsloodleentries == 0) {
echo '';
print_string('noentries', 'sloodle');
echo '';
// If it is the profile owner who is viewing this, then offer a link to the loginzone entry page
if ($this->moodleuserid == $USER->id) {
echo "
'.get_string('allentries:info', 'sloodle').'
'; if (!empty($prevlink)) echo $prevlink; else echo '<< '; if (!empty($nextlink)) echo $nextlink; else echo '>> '; echo '
'; } // Display the table sloodle_print_table($sloodletable); } // Display a link allowing admin users to add an avatar if this is a single avatar page if (!$allentries && !$searchentries) { if ( has_capability('moodle/site:viewparticipants', $this->system_context) ) { echo "\n"; } } // Construct and display a table of Sloodle entries if ($numsloodleentries > 0) { // Display a list of user-authorised objects if (!$allentries && !$searchentries) { echo ''; echo ''; echo ' | '; echo ''; echo ' |