Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Cleanup of the admin interface - especially the user management

Bugs fixed, duplicate code removed, plus you can now add new users.

Aaah much better.  :-)
  • Loading branch information...
commit a3447e1053b2c033aab3d216be4fbe635dcd1d2f 1 parent e5a57e8
martin authored
View
40 CHANGES
@@ -1,3 +1,43 @@
+2002-08-08 Thursday 13:06 martin
+
+ * doc/future.html: Updated this page (because now bugs.moodle.org
+ exists)
+
+2002-08-08 Thursday 10:11 martin
+
+ * config-dist.php: Slightly clearer explanations ...
+
+2002-08-07 Wednesday 16:46 martin
+
+ * mod/assignment/: version.php, db/mysql.sql: Missing
+ 'auto_increment' on assignment_submissions table, for 'id'
+
+2002-08-07 Wednesday 16:26 martin
+
+ * lib/moodlelib.php: get_real_size() for translating text to byte
+ sizes (eg 2M)
+
+2002-08-07 Wednesday 16:24 martin
+
+ * files/index.php: Now properly sets and checks limits on file
+ sizes
+
+2002-08-07 Wednesday 11:45 martin
+
+ * files/index.php: Upload works again ...
+
+2002-08-07 Wednesday 01:41 martin
+
+ * index.php: Whoops ... typo in save_session
+
+2002-08-07 Wednesday 01:29 martin
+
+ * doc/install.html: Updated requirements.
+
+2002-08-07 Wednesday 01:24 martin
+
+ * CHANGES: Changes
+
2002-08-07 Wednesday 01:23 martin
* index.php, admin/user.php, course/enrol.php, course/loginas.php,
View
5 admin/index.php
@@ -165,14 +165,15 @@
$stradministration = get_string("administration");
print_header("$site->fullname: $stradministration","$site->fullname: $stradministration", "$stradministration");
- $table->head = array ("Site Management", "Course Setup", "Other");
+ $table->head = array (get_string("site"), get_string("courses"), get_string("users"));
$table->align = array ("CENTER", "CENTER", "CENTER");
$table->data[0][0] = "<P><A HREF=\"site.php\">".get_string("sitesettings")."</A></P>".
"<P><A HREF=\"../course/log.php?id=$site->id\">".get_string("sitelogs")."</A></P>";
$table->data[0][1] = "<P><A HREF=\"../course/edit.php\">".get_string("addnewcourse")."</A></P>".
"<P><A HREF=\"../course/teacher.php\">".get_string("assignteachers")."</A></P>".
"<P><A HREF=\"../course/delete.php\">".get_string("deletecourse")."</A></P>";
- $table->data[0][2] = "<P><A HREF=\"user.php\">".get_string("edituser")."</A></P>";
+ $table->data[0][2] = "<P><A HREF=\"user.php?newuser=true\">".get_string("addnewuser")."</A></P>".
+ "<P><A HREF=\"user.php\">".get_string("edituser")."</A></P>";
print_table($table);
View
11 admin/site.php
@@ -2,12 +2,12 @@
require("../config.php");
- if ($course = get_site()) {
+ if ($site = get_site()) {
if (!isadmin()) {
error("You need to be admin to edit this page");
}
}
- $course->format = "social"; // override
+ $site->format = "social"; // override
/// If data submitted, then process and store.
@@ -25,7 +25,7 @@
if (update_record("course", $form)) {
redirect("$CFG->wwwroot/admin/", "Changes saved");
} else {
- error("Serious Error! Could not update the course record! (id = $form->id)");
+ error("Serious Error! Could not update the site record! (id = $form->id)");
}
} else {
if ($newid = insert_record("course", $form)) {
@@ -50,11 +50,12 @@
/// Otherwise fill and print the form.
- if ($course && !$form) {
- $form = $course;
+ if ($site && !$form) {
+ $form = $site;
} else {
$form->category = 0;
$form->format = "social";
+ $form->newsitems = 0;
}
print_header("Admin: Setting up site", "Administration: Setting up site",
View
212 admin/user.php
@@ -15,17 +15,17 @@
$user->confirmed = 1;
$user->timemodified = time();
- if (! $id = insert_record("user", $user)) {
- error("Could not create admin user record !!!");
+ if (! $user->id = insert_record("user", $user)) {
+ error("SERIOUS ERROR: Could not create admin user record !!!");
}
- $admin->user = $id;
+ $admin->user = $user->id;
if (! insert_record("user_admins", $admin)) {
- error("Could not make user $id an admin !!!");
+ error("Could not make user $user->id an admin !!!");
}
- if (! $user = get_record("user", "id", $id)) {
+ if (! $user = get_record("user", "id", $user->id)) { // Double check
error("User ID was incorrect (can't find it)");
}
@@ -45,6 +45,13 @@
$USER->admin = true;
$USER->teacher["$course->id"] = true;
save_session("USER");
+
+ $id = $user->id;
+
+ } else {
+ if (! $course = get_site()) {
+ error("Could not find site-level course");
+ }
}
require_login();
@@ -53,172 +60,51 @@
error("You must be an administrator to edit users this way.");
}
- if (!$id) {
- $users = get_records_sql("SELECT * from user ORDER BY firstname");
-
- print_header("Edit users", "Edit users", "<A HREF=\"$CFG->wwwroot/admin\">Admin</A> -> Edit users", "");
- print_heading("Choose a user to edit");
- $table->head = array ("Name", "Email", "City/Town", "Country");
- $table->align = array ("LEFT", "LEFT", "CENTER", "CENTER");
- foreach ($users as $user) {
- $table->data[] = array ("<A HREF=\"user.php?id=$user->id\">$user->firstname $user->lastname</A>",
- "$user->email",
- "$user->city",
- $COUNTRIES[$user->country]);
- }
- print_table($table);
- print_footer();
- exit;
- }
-
- if (! $user = get_record("user", "id", $id)) {
- error("User ID was incorrect (can't find it)");
- }
-
-
-/// If data submitted, then process and store.
-
- if (match_referer() && isset($HTTP_POST_VARS)) {
+ if ($newuser) { // Create a new user
- $usernew = (object)$HTTP_POST_VARS;
+ $user->firstname = "New";
+ $user->lastname = "User";
+ $user->username = "username";
+ $user->password = "";
+ $user->email = "";
+ $user->confirmed = 1;
+ $user->timemodified = time();
- if (find_form_errors($user, $usernew, $err) ) {
- $user = $usernew;
+ if (! $user->id = insert_record("user", $user)) {
+ error("Could not create new user record !!!");
+ }
- } else {
+ redirect("$CFG->wwwroot/user/edit.php?id=$user->id&course=$course->id");
+
- $timenow = time();
+ } else if ($id) { // Edit a particular user
- if ($filename = valid_uploaded_file($imagefile)) {
- $imageinfo = GetImageSize($filename);
- $image->width = $imageinfo[0];
- $image->height = $imageinfo[1];
- $image->type = $imageinfo[2];
-
- switch ($image->type) {
- case 2: $im = ImageCreateFromJPEG($filename); break;
- case 3: $im = ImageCreateFromPNG($filename); break;
- default: error("Image must be in JPG or PNG format");
- }
- if (function_exists("ImageCreateTrueColor")) {
- $im1 = ImageCreateTrueColor(100,100);
- $im2 = ImageCreateTrueColor(35,35);
- } else {
- $im1 = ImageCreate(100,100);
- $im2 = ImageCreate(35,35);
- }
-
- $cx = $image->width / 2;
- $cy = $image->height / 2;
-
- if ($image->width < $image->height) {
- $half = floor($image->width / 2.0);
- } else {
- $half = floor($image->height / 2.0);
- }
-
- if (!file_exists("$CFG->dataroot/users")) {
- mkdir("$CFG->dataroot/users", 0777);
- }
- if (!file_exists("$CFG->dataroot/users/$USER->id")) {
- mkdir("$CFG->dataroot/users/$USER->id", 0777);
- }
-
- ImageCopyBicubic($im1, $im, 0, 0, $cx-$half, $cy-$half, 100, 100, $half*2, $half*2);
- ImageCopyBicubic($im2, $im, 0, 0, $cx-$half, $cy-$half, 35, 35, $half*2, $half*2);
-
- // Draw borders over the top.
- $black1 = ImageColorAllocate ($im1, 0, 0, 0);
- $black2 = ImageColorAllocate ($im2, 0, 0, 0);
- ImageLine ($im1, 0, 0, 0, 99, $black1);
- ImageLine ($im1, 0, 99, 99, 99, $black1);
- ImageLine ($im1, 99, 99, 99, 0, $black1);
- ImageLine ($im1, 99, 0, 0, 0, $black1);
- ImageLine ($im2, 0, 0, 0, 34, $black2);
- ImageLine ($im2, 0, 34, 34, 34, $black2);
- ImageLine ($im2, 34, 34, 34, 0, $black2);
- ImageLine ($im2, 34, 0, 0, 0, $black2);
-
- ImageJpeg($im1, "$CFG->dataroot/users/$USER->id/f1.jpg", 90);
- ImageJpeg($im2, "$CFG->dataroot/users/$USER->id/f2.jpg", 95);
- $usernew->picture = "1";
- } else {
- $usernew->picture = $user->picture;
- }
+ if (! $user = get_record("user", "id", $id)) {
+ error("User ID was incorrect (can't find it)");
+ }
- if ($usernew->password) {
- $usernew->password = md5($usernew->password);
- } else {
- unset($usernew->password);
- }
-
- $usernew->timemodified = time();
-
- if (update_record("user", $usernew)) {
- if ($usernew->id == $USER->id) { // Reload admin
- $USER = get_user_info_from_db("id", $usernew->id);
- $USER->loggedin = true;
- save_session("USER");
- set_moodle_cookie($USER->username);
- }
- redirect("index.php", "Changes saved");
- } else {
- error("Could not update the user record ($user->id)");
+ redirect("$CFG->wwwroot/user/edit.php?id=$user->id&course=$course->id");
+
+
+ } else { // List all users for editing
+
+ if ($users = get_records_sql("SELECT * from user WHERE username <> 'guest' ORDER BY firstname")) {
+ print_header("Edit users", "Edit users", "<A HREF=\"$CFG->wwwroot/admin\">Admin</A> -> Edit users", "");
+ print_heading("Choose a user to edit");
+ $table->head = array ("Name", "Email", "City/Town", "Country");
+ $table->align = array ("LEFT", "LEFT", "CENTER", "CENTER");
+ foreach ($users as $user) {
+ $table->data[] = array ("<A HREF=\"user.php?id=$user->id\">$user->firstname $user->lastname</A>",
+ "$user->email",
+ "$user->city",
+ $COUNTRIES[$user->country]);
}
- }
- }
-
-/// Otherwise fill and print the form.
-
- if (!$usernew) {
- $usernew = $user;
- $usernew->password = "";
- }
-
- print_header("Edit user profile", "Edit user profile", "<A HREF=\"$CFG->wwwroot/admin\">Admin</A> -> Edit user", "");
-
- print_simple_box_start("center", "", "$THEME->cellheading");
- echo "<H2>User profile for $usernew->firstname $usernew->lastname</H2>";
- include("user.html");
- print_simple_box_end();
-
- print_footer();
-
-
-
-
-/// FUNCTIONS ////////////////////
-
-function find_form_errors(&$user, &$usernew, &$err) {
-
- if (empty($usernew->email))
- $err["email"] = "Missing email address";
-
- else if (! validate_email($usernew->email))
- $err["email"] = "Invalid email address, check carefully";
-
- else if ($otheruser = get_record("user", "email", $usernew->email)) {
- if ($otheruser->id <> $user->id) {
- $err["email"] = "Email address already in use by someone else.";
+ print_table($table);
+ } else {
+ error("No users found!");
+
}
+ print_footer();
}
- $user->email = $usernew->email;
-
- if (empty($user->password) && empty($usernew->password)) {
- $err["password"] = "Must have a password";
- }
-
- if (empty($usernew->username))
- $err["username"] = "Must have a username";
-
- if (empty($usernew->firstname))
- $err["firstname"] = "Must enter your first name";
-
- if (empty($usernew->lastname))
- $err["lastname"] = "Must enter your last name";
-
- return count($err);
-}
-
?>
View
2  course/delete.php
@@ -17,7 +17,7 @@
$strdelete = get_string("deletecourse");
print_header($strdelete, $strdelete, "<A HREF=\"$CFG->wwwroot/admin\">$stradmin</A> -> $strdelete");
if ($courses = get_records_sql("SELECT * from course WHERE category > 0 ORDER BY fullname")) {
- print_heading("choosecourse");
+ print_heading(get_string("choosecourse"));
print_simple_box_start("CENTER");
foreach ($courses as $course) {
echo "<A HREF=\"delete.php?id=$course->id\">$course->fullname</A><BR>";
View
8 lang/en/moodle.php
@@ -3,6 +3,7 @@
$string[activity] = "Activity";
$string[activityreport] = "Activity report";
$string[addnewcourse] = "Add a new course";
+$string[addnewuser] = "Add a new user";
$string[address] = "Address";
$string[admin] = "Admin";
$string[administration] = "Administration";
@@ -43,7 +44,7 @@
$string[description] = "Description";
$string[edit] = "Edit \$a";
$string[editcoursesettings] = "Edit course settings";
-$string[editmyprofile] = "Edit my profile";
+$string[editmyprofile] = "Edit profile";
$string[edituser] = "Edit user accounts";
$string[email] = "Email address";
$string[emailformat] = "Email format";
@@ -95,6 +96,7 @@
$string[htmlformat] = "Pretty HTML format";
$string[icqnumber] = "ICQ number";
$string[idnumber] = "ID number";
+$string[leavetokeep] = "Leave blank to keep current password";
$string[invalidlogin] = "Invalid login, please try again";
$string[invalidemail] = "Invalid email address";
$string[lastaccess] = "Last access";
@@ -134,6 +136,7 @@
$string[missingcategory] = "You need to choose a category";
$string[missingcity] = "Missing city/town";
$string[missingcountry] = "Missing country";
+$string[missingdescription] = "Missing description";
$string[missingemail] = "Missing email address";
$string[missingfirstname] = "Missing first name";
$string[missingfullname] = "Missing full name";
@@ -226,7 +229,7 @@
$string[unenrol] = "Unenrol";
$string[unenrolme] = "Unenrol me from \$a";
$string[update] = "Update";
-$string[updatemyprofile] = "Update my profile";
+$string[updatemyprofile] = "Update profile";
$string[updatethiscourse] = "Update this course";
$string[upload] = "Upload";
$string[uploadthisfile] = "Upload this file";
@@ -234,6 +237,7 @@
$string[username] = "Username";
$string[usernameexists] = "This username already exists, choose another";
$string[userprofilefor] = "User profile for \$a";
+$string[users] = "Users";
$string[webpage] = "Web page";
$string[week] = "Week";
$string[welcometocourse] = "Welcome to \$a";
View
2  lib/moodlelib.php
@@ -993,7 +993,7 @@ function isguest($userid=0) {
return ($USER->username == "guest");
}
- return record_exists_sql("SELECT * FROM user WHERE user='$userid' AND username = 'guest' ");
+ return record_exists_sql("SELECT * FROM user WHERE id='$userid' AND username = 'guest' ");
}
function isediting($courseid, $user=NULL) {
View
42 user/edit.html
@@ -1,13 +1,30 @@
<FORM METHOD="post" ENCTYPE="multipart/form-data" action="edit.php">
<table cellpadding=9 cellspacing=0 >
-<tr valign=top>
- <td><P><? print_string("newpicture") ?>:</td>
- <td>
- <INPUT type="hidden" name="MAX_FILE_SIZE" value="4000000">
- <input type="file" name="imagefile" size=40> ( .jpg / .png ) <? helpbutton("picture", get_string("helppicture") ) ?>
- <? formerr($err["imagefile"]) ?>
- </td>
-</tr>
+<?
+if (isadmin()) {
+ echo "<tr valign=top>";
+ echo "<td><P>".get_string("username").":</td>";
+ echo "<td><input type=text name=username size=20 value=\"";
+ p($user->username);
+ echo "\">";
+ echo formerr($err["username"]);
+ echo "</td>";
+ echo "</tr>";
+
+ echo "<tr valign=top>";
+ echo "<td><P>".get_string("newpassword").":</td>";
+ echo "<td><input type=text name=newpassword size=20 value=\"";
+ p($user->newpassword);
+ echo "\">";
+ if (isset($err["newpassword"])) {
+ formerr($err["newpassword"]);
+ } else if (empty($user->newpassword)) {
+ echo "(".get_string("leavetokeep").")";
+ }
+ echo "</td>";
+ echo "</tr>";
+}
+?>
<tr valign=top>
<td><P><? print_string("firstname") ?>:</td>
<td><input type="text" name="firstname" size=30 value="<? p($user->firstname) ?>">
@@ -24,6 +41,15 @@
<td><P><? print_string("userdescription") ?>:</td>
<td><TEXTAREA NAME=description COLS=50 ROWS=10 WRAP=virtual><? p($user->description) ?></TEXTAREA>
<? helpbutton("text", get_string("helptext")) ?>
+ <? formerr($err["description"]) ?>
+ </td>
+</tr>
+<tr valign=top>
+ <td><P><? print_string("newpicture") ?>:</td>
+ <td>
+ <INPUT type="hidden" name="MAX_FILE_SIZE" value="4000000">
+ <input type="file" name="imagefile" size=40> ( .jpg / .png ) <? helpbutton("picture", get_string("helppicture") ) ?>
+ <? formerr($err["imagefile"]) ?>
</td>
</tr>
<tr valign=top>
View
69 user/edit.php
@@ -17,7 +17,7 @@
require_login($course->id);
- if ($USER->id <> $user->id) {
+ if ($USER->id <> $user->id and !isadmin()) {
error("You can only edit your own information");
}
@@ -25,6 +25,10 @@
error("The guest user cannot edit their profile.");
}
+ if (isguest($user->id)) {
+ error("Sorry, the guest user cannot be edited.");
+ }
+
/// If data submitted, then process and store.
@@ -32,7 +36,13 @@
$usernew = (object)$HTTP_POST_VARS;
- if (!find_form_errors($user, $usernew, $err) ) {
+ $usernew->firstname = strip_tags($usernew->firstname);
+ $usernew->lastname = strip_tags($usernew->lastname);
+
+ if (find_form_errors($user, $usernew, $err) ) {
+ $user = $usernew;
+
+ } else {
$timenow = time();
@@ -69,8 +79,8 @@
$badpermissions = true;
}
}
- if (!file_exists("$CFG->dataroot/users/$USER->id")) {
- if (! mkdir("$CFG->dataroot/users/$USER->id", 0777)) {
+ if (!file_exists("$CFG->dataroot/users/$user->id")) {
+ if (! mkdir("$CFG->dataroot/users/$user->id", 0777)) {
$badpermissions = true;
}
}
@@ -94,8 +104,8 @@
ImageLine ($im2, 34, 34, 34, 0, $black2);
ImageLine ($im2, 34, 0, 0, 0, $black2);
- ImageJpeg($im1, "$CFG->dataroot/users/$USER->id/f1.jpg", 90);
- ImageJpeg($im2, "$CFG->dataroot/users/$USER->id/f2.jpg", 95);
+ ImageJpeg($im1, "$CFG->dataroot/users/$user->id/f1.jpg", 90);
+ ImageJpeg($im2, "$CFG->dataroot/users/$user->id/f2.jpg", 95);
$usernew->picture = "1";
}
} else {
@@ -104,18 +114,30 @@
$usernew->timemodified = time();
-
+ if (isadmin()) {
+ if ($usernew->newpassword) {
+ $usernew->password = md5($usernew->newpassword);
+ }
+ } else {
+ if (isset($usernew->newpassword)) {
+ error("You can not change the password like that");
+ }
+ }
if (update_record("user", $usernew)) {
add_to_log($course->id, "user", "update", "view.php?id=$user->id&course=$course->id", "");
- // Copy data into $USER session variable
- $usernew = (array)$usernew;
- foreach ($usernew as $variable => $value) {
- $USER->$variable = $value;
+ if ($user->id == $USER->id) {
+ // Copy data into $USER session variable
+ $usernew = (array)$usernew;
+ foreach ($usernew as $variable => $value) {
+ $USER->$variable = $value;
+ }
+ save_session("USER");
+ redirect("view.php?id=$user->id&course=$course->id", "Changes saved");
+ } else {
+ redirect("../admin/user.php", "Changes saved");
}
- save_session("USER");
- redirect("view.php?id=$user->id&course=$course->id", "Changes saved");
} else {
error("Could not update the user record ($user->id)");
}
@@ -131,16 +153,18 @@
print_header($editmyprofile, $editmyprofile,
"<A HREF=\"$CFG->wwwroot/course/view.php?id=$course->id\">$course->shortname</A>
-> <A HREF=\"index.php?id=$course->id\">$participants</A>
- -> <A HREF=\"view.php?id=$USER->id&course=$course->id\">$USER->firstname $USER->lastname</A>
+ -> <A HREF=\"view.php?id=$user->id&course=$course->id\">$user->firstname $user->lastname</A>
-> $editmyprofile", "");
} else {
print_header($editmyprofile, $editmyprofile,
- "<A HREF=\"view.php?id=$USER->id&course=$course->id\">$USER->firstname $USER->lastname</A>
+ "<A HREF=\"view.php?id=$user->id&course=$course->id\">$user->firstname $user->lastname</A>
-> $editmyprofile", "");
}
$teacher = strtolower($course->teacher);
- $teacheronly = "(".get_string("teacheronly", "", $teacher).")";
+ if (!isadmin()) {
+ $teacheronly = "(".get_string("teacheronly", "", $teacher).")";
+ }
print_simple_box_start("center", "", "$THEME->cellheading");
print_heading( get_string("userprofilefor", "", "$user->firstname $user->lastname") );
@@ -155,9 +179,20 @@
function find_form_errors(&$user, &$usernew, &$err) {
+ if (isadmin()) {
+ if (empty($usernew->username))
+ $err["username"] = get_string("missingusername");
+
+ if (empty($usernew->newpassword) and empty($user->password))
+ $err["newpassword"] = get_string("missingpassword");
+ }
+
if (empty($usernew->email))
$err["email"] = get_string("missingemail");
+ if (empty($usernew->description))
+ $err["description"] = get_string("missingdescription");
+
if (empty($usernew->city))
$err["city"] = get_string("missingcity");
@@ -170,7 +205,7 @@ function find_form_errors(&$user, &$usernew, &$err) {
if (empty($usernew->country))
$err["country"] = get_string("missingcountry");
- else if (! validate_email($usernew->email))
+ if (! validate_email($usernew->email))
$err["email"] = get_string("invalidemail");
else if ($otheruser = get_record("user", "email", $usernew->email)) {
View
2  version.php
@@ -17,7 +17,7 @@
// If there's something it cannot do itself, it
// will tell you what you need to do.
-$version = 2002080300;
+$version = 2002080800;
function upgrade_moodle($oldversion=0) {
Please sign in to comment.
Something went wrong with that request. Please try again.