From d578afc883ff4bd051d040ee0fa3bde3c0704880 Mon Sep 17 00:00:00 2001
From: martin <martin>
Date: Sun, 22 Sep 2002 14:06:38 +0000
Subject: [PATCH] Major cleanup of user administration and display, including
 sortable listings, confirmation on deletions, removing deleted user from all
 student lists, teacher lists and subscription lists and freeing up their
 username and email to be used again.

---
 admin/user.php     |  78 ++++++++++++++++++++++++++-----
 course/enrol.php   |   4 +-
 course/lib.php     |  25 ++--------
 course/teacher.php |  19 +++-----
 course/unenrol.php |   2 +-
 lang/en/moodle.php |   3 ++
 lib/moodlelib.php  |  41 +++++++++++++++++
 user/edit.html     | 111 +++++++++++++++++++++++----------------------
 user/index.php     |  54 +++++++++++++---------
 9 files changed, 212 insertions(+), 125 deletions(-)

diff --git a/admin/user.php b/admin/user.php
index 259f9ef0d7ee5..73b61f59d1197 100644
--- a/admin/user.php
+++ b/admin/user.php
@@ -4,6 +4,12 @@
 	require("../user/lib.php");
     require("../lib/countries.php");
 
+    optional_variable($newuser, "");
+    optional_variable($delete, "");
+    optional_variable($confirm, "");
+    optional_variable($sort, "name");
+    optional_variable($dir, "ASC");
+
     if (! record_exists_sql("SELECT * FROM user_admins")) {   // No admin user yet
         $user->firstname = "Admin";
         $user->lastname  = "User";
@@ -61,7 +67,6 @@
     }
 
     if ($newuser) {                 // Create a new user
-
         $user->firstname = "";
         $user->lastname  = "";
         $user->username  = "changeme";
@@ -89,28 +94,79 @@
         print_header("$site->fullname : $stredituser", $site->fullname, 
                      "<A HREF=\"$CFG->wwwroot/admin\">$stradministration</A> -> $stredituser");
 
-        if ($delete) {
-            if ($deleteuser = get_record("user", "id", "$delete")) {
-                if (set_field("user", "deleted", "1", "id", "$delete")) {
-                    set_field("user", "timemodified", time(), "id", "$delete");
-                    notify(get_string("deletedactivity", "", "$deleteuser->firstname $deleteuser->lastname"));
+        if ($delete) {              // Delete a selected user, after confirmation
+            if (!$user = get_record("user", "id", "$delete")) {
+                error("No such user!");
+            }
+            if ($confirm != md5($delete)) {
+                notice_yesno(get_string("deletecheckfull", "", "'$user->firstname $user->lastname'"),
+                     "user.php?delete=$delete&confirm=".md5($delete), "user.php");
+
+                exit;
+            } else {
+                $user->deleted = "1";
+                $user->username = $user->email;  // Remember it just in case
+                $user->email = "";               // Clear this field to free it up
+                $user->timemodified = time();
+                if (update_record("user", $user)) {
+                    unenrol_student($user->id);  // From all courses
+                    remove_teacher($user->id);   // From all courses
+                    remove_admin($user->id);
+                    notify(get_string("deletedactivity", "", "$user->firstname $user->lastname"));
+                } else {
+                    notify(get_string("deletednot", "", "$user->firstname $user->lastname"));
                 }
             }
         }
 
-        if ($users = get_records_sql("SELECT * from user WHERE username <> 'guest' AND deleted <> '1' ORDER BY firstname")) {
+        // Carry on with the user listing
+
+        $columns = array("name", "email", "city", "country", "lastaccess");
+
+        foreach ($columns as $column) {
+            $string[$column] = get_string("$column");
+            $columnsort = "$column";
+            if ($column == "lastaccess") {
+                $columndir = "DESC";
+            } else {
+                $columndir = "ASC";
+            }
+            if ($columnsort == $sort) {
+               $$column = $string[$column];
+            } else {
+               $$column = "<A HREF=\"user.php?sort=$columnsort&dir=$columndir\">".$string[$column]."</A>";
+            }
+        }
+
+        if ($sort == "name") {
+            $sort = "firstname";
+        }
+
+        if ($users = get_records_sql("SELECT * from user WHERE username <> 'guest' 
+                                      AND deleted <> '1' ORDER BY $sort $dir")) {
+
             print_heading(get_string("chooseuser"));
 
-            $table->head  = array (get_string("fullname"), get_string("email"), get_string("city"), 
-                                   get_string("country"), " ", " ");
-            $table->align = array ("LEFT", "LEFT", "CENTER", "CENTER", "CENTER", "CENTER", "CENTER");
+            $table->head = array ($name, $email, $city, $country, $lastaccess, "", "");
+            $table->align = array ("LEFT", "LEFT", "LEFT", "LEFT", "LEFT", "CENTER", "CENTER");
             foreach ($users as $user) {
+                if ($user->id == $USER->id or $user->username == "changeme") {
+                    $deletebutton = "";
+                } else {
+                    $deletebutton = "<A HREF=\"user.php?delete=$user->id\" TARGET=\"$strdeletecheck\">$strdelete</A>";
+                }
+                if ($user->lastaccess) {
+                    $strlastaccess = format_time(time() - $user->lastaccess);
+                } else {
+                    $strlastaccess = get_string("never");
+                }
                 $table->data[] = array ("<A HREF=\"../user/view.php?id=$user->id&course=$site->id\">$user->firstname $user->lastname</A>",
                                  "$user->email",
                                  "$user->city",
                                  $COUNTRIES[$user->country],
+                                 $strlastaccess,
                                  "<A HREF=\"../user/edit.php?id=$user->id&course=$site->id\">$stredit</A>",
-                                 "<A HREF=\"user.php?delete=$user->id\" TARGET=\"$strdeletecheck\">$strdelete</A>");
+                                 $deletebutton);
             }
             print_table($table);
 
diff --git a/course/enrol.php b/course/enrol.php
index 2329c6b272340..c321f29ed2726 100644
--- a/course/enrol.php
+++ b/course/enrol.php
@@ -19,7 +19,7 @@
                 add_to_log($course->id, "course", "guest", "view.php?id=$course->id", "$REMOTE_ADDR, $REMOTE_HOST");
 
             } else {
-                if (! enrol_student_in_course($USER->id, $course->id)) {
+                if (! enrol_student($USER->id, $course->id)) {
                     error("An error occurred while trying to enrol you.");
                 }
 
@@ -65,7 +65,7 @@
         if (isguest()) {
             add_to_log($course->id, "course", "guest", "view.php?id=$course->id", "$USER->id");
         } else {
-            if (! enrol_student_in_course($USER->id, $course->id)) {
+            if (! enrol_student($USER->id, $course->id)) {
                 error("An error occurred while trying to enrol you.");
             }
             add_to_log($course->id, "course", "enrol", "view.php?id=$course->id", "$USER->id");
diff --git a/course/lib.php b/course/lib.php
index 519fb077b7bbe..06204fc05abd3 100644
--- a/course/lib.php
+++ b/course/lib.php
@@ -308,7 +308,9 @@ function print_recent_activity($course) {
                 $content = true;
             }
             $user = get_record("user", "id", $log->info);
-            echo "<P><FONT SIZE=1><A HREF=\"../user/view.php?id=$user->id&course=$course->id\">$user->firstname $user->lastname</A></FONT></P>";
+            if (isstudent($course->id, $user->id)) {
+                echo "<P><FONT SIZE=1><A HREF=\"../user/view.php?id=$user->id&course=$course->id\">$user->firstname $user->lastname</A></FONT></P>";
+            }
         }
     }
 
@@ -382,27 +384,6 @@ function print_recent_activity($course) {
 }
 
 
-function unenrol_student_in_course($user, $course) {
-    global $db;
-
-    return $db->Execute("DELETE FROM user_students WHERE user = '$user' AND course = '$course'");
-}
-
-
-
-function enrol_student_in_course($user, $course) {
-    global $db;
-
-	$timenow = time();
-
-	$rs = $db->Execute("INSERT INTO user_students (user, course, start, end, time) 
-                        VALUES ($user, $course, 0, 0, $timenow)");
-	if ($rs) {
-		return true;
-	} else {
-	    return false;
-	}
-}
 
 function get_all_mods($courseid, &$mods, &$modnames, &$modnamesplural, &$modnamesused) {
 // Returns a number of useful structures for course displays
diff --git a/course/teacher.php b/course/teacher.php
index 99d53495e6d76..ad69fc231eddf 100644
--- a/course/teacher.php
+++ b/course/teacher.php
@@ -62,10 +62,7 @@
 
 
 /// Get all existing teachers for this course.
-    $teachers = get_records_sql("SELECT u.*,t.authority,t.id as teachid FROM user u, user_teachers t 
-                                 WHERE t.course = '$course->id' 
-                                   AND t.user = u.id 
-                                   ORDER BY t.authority ASC");
+    $teachers = get_course_teachers($course->id);
 
 /// Add a teacher if one is specified
 
@@ -93,7 +90,6 @@
         if (! $teacher->id) {
             error("Could not add that teacher to this course!");
         }
-        $user->authority = $teacher->authority;
         $teachers[] = $user;
     }
 
@@ -104,16 +100,13 @@
             error("That teacher (id = $remove) doesn't exist", "teacher.php?id=$course->id");
         }
         if ($teachers) {
-            foreach ($teachers as $tt) {
+            foreach ($teachers as $key => $tt) {
                 if ($tt->id == $user->id) {
-                    delete_records("user_teachers", "id", "$tt->teachid");
+                    remove_teacher($user->id, $course->id);
+                    unset($teachers[$key]);
                 }
             }
         }
-        $teachers = get_records_sql("SELECT u.*,t.authority,t.id as teachid FROM user u, user_teachers t 
-                                 WHERE t.course = '$course->id' 
-                                   AND t.user = u.id 
-                                   ORDER BY t.authority ASC");
     }
 
 
@@ -139,13 +132,13 @@
 /// Print list of potential teachers
 
     if ($search) {
-        $users = get_records_sql("SELECT * from user WHERE confirmed = 1 
+        $users = get_records_sql("SELECT * from user WHERE confirmed = 1 AND deleted = 0
                                   AND (firstname LIKE '%$search%' OR 
                                        lastname LIKE '%$search%' OR 
                                        email LIKE '%$search%')
                                   AND username <> 'guest' AND username <> 'changeme'");
     } else {
-        $users = get_records_sql("SELECT * from user WHERE confirmed = 1 
+        $users = get_records_sql("SELECT * from user WHERE confirmed = 1 AND deleted = 0
                                   AND username <> 'guest' AND username <> 'changeme'");
     }
 
diff --git a/course/unenrol.php b/course/unenrol.php
index 65277329c9407..2e4af9fea16f0 100644
--- a/course/unenrol.php
+++ b/course/unenrol.php
@@ -26,7 +26,7 @@
 
     if (isset($confirm)) {
 
-        if (! unenrol_student_in_course($user->id, $course->id)) {
+        if (! unenrol_student($user->id, $course->id)) {
             error("An error occurred while trying to unenrol you.");
         }
 
diff --git a/lang/en/moodle.php b/lang/en/moodle.php
index a66f5dcdc2a16..19beeb0998792 100644
--- a/lang/en/moodle.php
+++ b/lang/en/moodle.php
@@ -93,6 +93,7 @@
 $string['deleted'] = "Deleted";
 $string['deletedactivity'] = "Deleted \$a";
 $string['deletedcourse'] = "\$a has been completely deleted";
+$string['deletednot'] = "Could not delete \$a !";
 $string['deletingcourse'] = "Deleting \$a";
 $string['description'] = "Description";
 $string['doyouagree'] = "Have you read these conditions and understood them?";
@@ -150,6 +151,8 @@
 $string['filloutallfields'] = "Please fill out all fields in this form";
 $string['firstname'] = "First name";
 $string['firsttime'] = "Is this your first time here?";
+$string['followingoptional'] = "The following items are optional";
+$string['followingrequired'] = "The following items are required";
 $string['forgotten'] = "Forgotten your username or password?";
 $string['format'] = "Format";
 $string['formatsocial'] = "Social format";
diff --git a/lib/moodlelib.php b/lib/moodlelib.php
index 6ec31a22514ad..98bcd45352669 100644
--- a/lib/moodlelib.php
+++ b/lib/moodlelib.php
@@ -1033,6 +1033,47 @@ function update_login_count() {
     }
 }
 
+function remove_admin($user) {
+    global $db;
+
+    return $db->Execute("DELETE FROM user_admins WHERE user = '$user'");
+}
+
+function remove_teacher($user, $course=0) {
+    global $db;
+
+    if ($course) {
+        return $db->Execute("DELETE FROM user_teachers WHERE user = '$user' AND course = '$course'");
+    } else {
+        return $db->Execute("DELETE FROM user_teachers WHERE user = '$user'");
+    }
+}
+
+
+function enrol_student($user, $course) {
+    global $db;
+
+	$timenow = time();
+
+	$rs = $db->Execute("INSERT INTO user_students (user, course, start, end, time) 
+                        VALUES ($user, $course, 0, 0, $timenow)");
+	if ($rs) {
+		return true;
+	} else {
+	    return false;
+	}
+}
+
+function unenrol_student($user, $course=0) {
+    global $db;
+
+    if ($course) {
+        return $db->Execute("DELETE FROM user_students WHERE user = '$user' AND course = '$course'");
+    } else {
+        return $db->Execute("DELETE FROM user_students WHERE user = '$user'");
+    }
+}
+
 
 function isadmin($userid=0) {
     global $USER;
diff --git a/user/edit.html b/user/edit.html
index df49f26a0efa6..f008a1878c783 100644
--- a/user/edit.html
+++ b/user/edit.html
@@ -37,6 +37,24 @@
 	<? formerr($err["lastname"]) ?>
 	</td>
 </tr>
+<tr valign=top>
+	<td><P><? print_string("email") ?>:</td>
+	<td><input type="text" name="email" size=30 value="<? p($user->email) ?>">
+	<? formerr($err["email"]) ?>
+	</td>
+</tr>
+<tr valign=top>
+	<td><P><? print_string("city") ?>:</td>
+	<td><input type="text" name="city" size=25 value="<? p($user->city) ?>">
+	<? formerr($err["city"]) ?>
+	</td>
+</tr>
+<tr valign=top>
+	<td><P><? print_string("country") ?>:</td>
+	<td><? choose_from_menu ($COUNTRIES, "country", $user->country, get_string("selectacountry")."...", "", "") ?>
+	<? formerr($err["country"]) ?>
+	</td>
+</tr>
 <tr valign=top>
 	<td><P><? print_string("userdescription") ?>:</td>
 	<td><TEXTAREA NAME=description COLS=50 ROWS=10 WRAP=virtual><? p($user->description) ?></TEXTAREA> 
@@ -44,10 +62,13 @@
 	<? formerr($err["description"]) ?>
 	</td>
 </tr>
+<tr>
+    <td colspan=2><BR><? print_string("followingoptional") ?>:</td>
+</tr>
 <tr valign=top>
 	<td><P><? print_string("newpicture") ?>:</td>
 	<td>
-    <INPUT type="hidden" name="MAX_FILE_SIZE" value="4000000">
+    <INPUT type="hidden" name="MAX_FILE_SIZE" value="<? echo get_max_upload_file_size() ?>">
     <input type="file" name="imagefile" size=40>
     <? helpbutton("picture", get_string("helppicture"));
        print_string("maxsize", "", display_size(get_max_upload_file_size())); 
@@ -56,11 +77,43 @@
 	</td>
 </tr>
 <tr valign=top>
-	<td><P><? print_string("email") ?>:</td>
-	<td><input type="text" name="email" size=30 value="<? p($user->email) ?>">
-	<? formerr($err["email"]) ?>
+	<td><P><? print_string("preferredlanguage") ?>:</td>
+	<td><? if ($languages = get_list_of_languages()) {
+               if (!$user->lang) {
+                   $user->lang = "en";
+               }
+               choose_from_menu ($languages, "lang", $user->lang, "", "", "");
+           }
+	       formerr($err["lang"]);
+        ?>
 	</td>
 </tr>
+<tr valign=top>
+	<td><P><? print_string("timezone") ?>:</td>
+	<td><?
+       if (abs($user->timezone) > 12) {
+           $user->timezone = 99;
+       }
+       $timenow = time();
+
+       for ($tz = -23; $tz <= 24; $tz++) {
+           $zone = (float)$tz/2.0;
+           $usertime = $timenow + ($tz * 1800);
+           if ($tz == 0) {
+               $timezones["$zone"] = gmstrftime("%a, %I:%M %p", $usertime)." (GMT)";
+           } else if ($tz < 0) {
+               $timezones["$zone"] = gmstrftime("%a, %I:%M %p", $usertime)." (GMT$zone)";
+           } else {
+               $timezones["$zone"] = gmstrftime("%a, %I:%M %p", $usertime)." (GMT+$zone)";
+           }
+       }
+
+       choose_from_menu ($timezones, "timezone", $user->timezone, get_string("serverlocaltime"), "", "99");
+
+       echo "(".get_string(currentlocaltime).")";
+	?>
+    </td>
+</tr>
 <tr valign=top>
 	<td><P><? print_string("emailformat") ?>:</td>
 	<td><? 
@@ -114,56 +167,6 @@
 	<? formerr($err["address"]) ?>
 	</td>
 </tr>
-<tr valign=top>
-	<td><P><? print_string("city") ?>:</td>
-	<td><input type="text" name="city" size=25 value="<? p($user->city) ?>">
-	<? formerr($err["city"]) ?>
-	</td>
-</tr>
-<tr valign=top>
-	<td><P><? print_string("country") ?>:</td>
-	<td><? choose_from_menu ($COUNTRIES, "country", $user->country, get_string("selectacountry")."...", "", "") ?>
-	<? formerr($err["country"]) ?>
-	</td>
-</tr>
-<tr valign=top>
-	<td><P><? print_string("preferredlanguage") ?>:</td>
-	<td><? if ($languages = get_list_of_languages()) {
-               if (!$user->lang) {
-                   $user->lang = "en";
-               }
-               choose_from_menu ($languages, "lang", $user->lang, "", "", "");
-           }
-	       formerr($err["lang"]);
-        ?>
-	</td>
-</tr>
-<tr valign=top>
-	<td><P><? print_string("timezone") ?>:</td>
-	<td><?
-       if (abs($user->timezone) > 12) {
-           $user->timezone = 99;
-       }
-       $timenow = time();
-
-       for ($tz = -23; $tz <= 24; $tz++) {
-           $zone = (float)$tz/2.0;
-           $usertime = $timenow + ($tz * 1800);
-           if ($tz == 0) {
-               $timezones["$zone"] = gmstrftime("%a, %I:%M %p", $usertime)." (GMT)";
-           } else if ($tz < 0) {
-               $timezones["$zone"] = gmstrftime("%a, %I:%M %p", $usertime)." (GMT$zone)";
-           } else {
-               $timezones["$zone"] = gmstrftime("%a, %I:%M %p", $usertime)." (GMT+$zone)";
-           }
-       }
-
-       choose_from_menu ($timezones, "timezone", $user->timezone, get_string("serverlocaltime"), "", "99");
-
-       echo "(".get_string(currentlocaltime).")";
-	?>
-    </td>
-</tr>
 <tr>
 	<td></td>
 	<td align=right><input type="submit" value="<? print_string("updatemyprofile") ?>"></td>
diff --git a/user/index.php b/user/index.php
index 88f649d1bfb8a..3de2874c3300a 100644
--- a/user/index.php
+++ b/user/index.php
@@ -7,7 +7,7 @@
     require("lib.php");
 
     require_variable($id);   //course
-    optional_variable($sort, "u.lastaccess");  //how to sort students
+    optional_variable($sort, "lastaccess");  //how to sort students
     optional_variable($dir,"DESC");   //how to sort students
 
     if (! $course = get_record("course", "id", $id)) {
@@ -47,35 +47,44 @@
         }
     }
 
-    if ($students = get_course_students($course->id, "$sort $dir")) {
+    if ($sort == "name") {
+        $dsort = "u.firstname";
+    } else {
+        $dsort = "u.$sort";
+    }
+
+    if ($students = get_course_students($course->id, "$dsort $dir")) {
         $numstudents = count($students);
         echo "<H2 align=center>$numstudents $course->students</H2>";
-        if ($numstudents < $USER_SMALL_CLASS) {
+        if ($numstudents > $USER_SMALL_CLASS) {
             foreach ($students as $student) {
                 print_user($student, $course, $string);
             }
         } else {  // Print one big table with abbreviated info
-            if ($sort == "u.firstname") {
-                $name       = "$string->name";
-                $location   = "<A HREF=\"index.php?id=$course->id&sort=u.country&dir=ASC\">$string->location</A>";
-                $lastaccess = "<A HREF=\"index.php?id=$course->id&sort=u.lastaccess&dir=DESC\">$string->lastaccess</A>";
-            } else if ($sort == "u.country") {
-                $name       = "<A HREF=\"index.php?id=$course->id&sort=u.firstname&dir=ASC\">$string->name</A>";
-                $location   = "$string->location";
-                $lastaccess = "<A HREF=\"index.php?id=$course->id&sort=u.lastaccess&dir=DESC\">$string->lastaccess</A>";
-            } else {
-                $name       = "<A HREF=\"index.php?id=$course->id&sort=u.firstname&dir=ASC\">$string->name</A>";
-                $location   = "<A HREF=\"index.php?id=$course->id&sort=u.country&dir=ASC\">$string->location</A>";
-                $lastaccess = "$string->lastaccess";
+            $columns = array("name", "city", "country", "lastaccess");
+
+            foreach ($columns as $column) {
+                $colname[$column] = get_string($column);
+                $columnsort = $column;
+                if ($column == "lastaccess") {
+                    $columndir = "DESC";
+                } else {
+                    $columndir = "ASC";
+                }
+                if ($columnsort == $sort) {
+                   $$column = $colname["$column"];
+                } else {
+                   $$column = "<A HREF=\"index.php?id=$course->id&sort=$columnsort&dir=$columndir\">".$colname["$column"]."</A>";
+                }
             }
-            $table->head = array ("&nbsp;", $name, $location, $lastaccess);
-            $table->align = array ("LEFT", "LEFT", "LEFT", "LEFT");
-            $table->size = array ("10", "*", "*", "*");
+
+            $table->head = array ("&nbsp;", $name, $city, $country, $lastaccess);
+            $table->align = array ("LEFT", "LEFT", "LEFT", "LEFT", "LEFT");
+            $table->size = array ("10", "*", "*", "*", "*");
             
             foreach ($students as $student) {
                 if ($student->lastaccess) {
-                    $lastaccess = userdate($student->lastaccess);
-                    $lastaccess .= "&nbsp (".format_time(time() - $student->lastaccess).")";
+                    $lastaccess = format_time(time() - $student->lastaccess);
                 } else {
                     $lastaccess = $string->never;
                 }
@@ -88,8 +97,9 @@
 
                 $table->data[] = array ($picture,
                     "<B><A HREF=\"$CFG->wwwroot/user/view.php?id=$student->id&course=$course->id\">$student->firstname $student->lastname</A></B>",
-                    "<FONT SIZE=1>$student->city, ".$COUNTRIES["$student->country"]."</FONT>",
-                    "<FONT SIZE=1>$lastaccess</FONT>");
+                    "<FONT SIZE=2>$student->city</FONT>", 
+                    "<FONT SIZE=2>".$COUNTRIES["$student->country"]."</FONT>",
+                    "<FONT SIZE=2>$lastaccess</FONT>");
             }
             print_table($table, 2, 0);
         }