user.module

Functions & methods

NameDescription
user_display_student_usersSimilar to user_display_users, except only for student users.
user_display_usersDisplay our list of faculty/staff users in the system.
user_edit_student_user_formLet the user edit a studentuser's information.
user_edit_student_user_form_submitSubmit handler for editing student users.
user_edit_student_user_form_validateValidate handler for editing student users.
user_edit_user_formLet the user edit a user's roles and other information.
user_edit_user_form_submitSubmit handler for our edit faculty form
user_edit_user_form_validateValidate handler for editing faculty users.
user_get_role_nameSimple function to return the human-readable name for a role, by rid.
user_menuImplementation of hook_menu
user_perm
user_permissions_formThis is the permissions form, where users can set which roles have which permissions.
user_permissions_form_submitSubmit handler for the permissions form.
user_subtab_switchboardDecide what should happen when we go to "admin/config/users" by itself
user_user_roles_formThis form allows the user to manage the roles in the system.
user_user_roles_form_submit

File

modules/user/user.module
View source
  1. <?php
  2. /**
  3. * Implementation of hook_menu
  4. */
  5. function user_menu() {
  6. $items = array();
  7. // This one will appear in our admin menu
  8. $items["admin/config/users"] = array(
  9. "title" => "Users",
  10. "description" => "Search and manage FlightPath users",
  11. "page_callback" => "user_subtab_switchboard",
  12. "access_arguments" => array("manage_users"),
  13. "type" => MENU_TYPE_NORMAL_ITEM,
  14. "tab_parent" => "admin-tools/admin",
  15. "weight" => 100,
  16. );
  17. // Subtab for which type of user we want to work on.
  18. $items["admin/users/faculty"] = array(
  19. "title" => "Faculty / Staff Users",
  20. "description" => "Search and manage faculty/staff users",
  21. "page_callback" => "user_display_users",
  22. "access_arguments" => array("manage_users"),
  23. "page_settings" => array(
  24. "page_has_search" => FALSE,
  25. "page_banner_is_link" => TRUE,
  26. "page_hide_report_error" => TRUE,
  27. "menu_links" => array(
  28. 0 => array(
  29. "text" => "Back to main menu",
  30. "path" => "admin-tools/admin",
  31. "query" => "de_catalog_year=%DE_CATALOG_YEAR%",
  32. ),
  33. ),
  34. ),
  35. "type" => MENU_TYPE_SUB_TAB,
  36. "tab_family" => "users",
  37. "tab_parent" => "admin-tools/admin",
  38. "weight" => 100,
  39. );
  40. $items["admin/users/students"] = array(
  41. "title" => "Student Users",
  42. "page_callback" => "user_display_student_users",
  43. "access_arguments" => array("manage_users"),
  44. "page_settings" => array(
  45. "page_has_search" => FALSE,
  46. "page_banner_is_link" => TRUE,
  47. "page_hide_report_error" => TRUE,
  48. "menu_links" => array(
  49. 0 => array(
  50. "text" => "Back to main menu",
  51. "path" => "admin-tools/admin",
  52. "query" => "de_catalog_year=%DE_CATALOG_YEAR%",
  53. ),
  54. ),
  55. ),
  56. "type" => MENU_TYPE_SUB_TAB,
  57. "tab_family" => "users",
  58. "tab_parent" => "admin-tools/admin",
  59. "weight" => 100,
  60. );
  61. $items["admin/config/user-roles"] = array(
  62. "title" => "User roles",
  63. "description" => "Manage roles for users. Ex: advisors, viewers, etc.",
  64. "page_callback" => "fp_render_form",
  65. "page_arguments" => array("user_user_roles_form"),
  66. "access_arguments" => array("can_edit_user_roles"),
  67. "page_settings" => array(
  68. "page_has_search" => FALSE,
  69. "page_banner_is_link" => TRUE,
  70. "page_hide_report_error" => TRUE,
  71. "menu_links" => array(
  72. 0 => array(
  73. "text" => "Back to main menu",
  74. "path" => "admin-tools/admin",
  75. "query" => "de_catalog_year=%DE_CATALOG_YEAR%",
  76. ),
  77. ),
  78. ),
  79. "type" => MENU_TYPE_NORMAL_ITEM,
  80. "tab_parent" => "admin-tools/admin",
  81. "weight" => 110,
  82. );
  83. $items["admin/users/edit-user"] = array(
  84. "title" => "Edit Faculty/Staff User",
  85. "page_callback" => "fp_render_form",
  86. "page_arguments" => array("user_edit_user_form"),
  87. "access_arguments" => array("manage_users"),
  88. "page_settings" => array(
  89. "page_has_search" => FALSE,
  90. "page_banner_is_link" => TRUE,
  91. "page_hide_report_error" => TRUE,
  92. "menu_links" => array(
  93. 0 => array(
  94. "text" => "Back to main menu",
  95. "path" => "admin-tools/admin",
  96. "query" => "de_catalog_year=%DE_CATALOG_YEAR%",
  97. ),
  98. 1 => array(
  99. "text" => "Back to Users list",
  100. "path" => "admin/users/faculty",
  101. "query" => "de_catalog_year=%DE_CATALOG_YEAR%",
  102. ),
  103. ),
  104. ),
  105. "type" => MENU_TYPE_NORMAL_ITEM,
  106. "tab_parent" => "admin-tools/admin",
  107. );
  108. $items["admin/users/edit-student-user"] = array(
  109. "title" => "Edit User",
  110. "page_callback" => "fp_render_form",
  111. "page_arguments" => array("user_edit_student_user_form"),
  112. "access_arguments" => array("manage_users"),
  113. "page_settings" => array(
  114. "page_has_search" => FALSE,
  115. "page_banner_is_link" => TRUE,
  116. "page_hide_report_error" => TRUE,
  117. "menu_links" => array(
  118. 0 => array(
  119. "text" => "Back to main menu",
  120. "path" => "admin-tools/admin",
  121. "query" => "de_catalog_year=%DE_CATALOG_YEAR%",
  122. ),
  123. 1 => array(
  124. "text" => "Back to Users list",
  125. "path" => "admin/users/students",
  126. "query" => "de_catalog_year=%DE_CATALOG_YEAR%",
  127. ),
  128. ),
  129. ),
  130. "type" => MENU_TYPE_NORMAL_ITEM,
  131. "tab_parent" => "admin-tools/admin",
  132. );
  133. $items["admin/config/permissions"] = array(
  134. "title" => "Permissions",
  135. "description" => "Manage permissions for user roles in FlightPath",
  136. "page_callback" => "fp_render_form",
  137. "page_arguments" => array("user_permissions_form"),
  138. "access_arguments" => array("can_edit_permissions"),
  139. "page_settings" => array(
  140. "page_has_search" => FALSE,
  141. "page_banner_is_link" => TRUE,
  142. "page_hide_report_error" => TRUE,
  143. "menu_links" => array(
  144. 0 => array(
  145. "text" => "Back to main menu",
  146. "path" => "admin-tools/admin",
  147. "query" => "de_catalog_year=%DE_CATALOG_YEAR%",
  148. ),
  149. ),
  150. ),
  151. "type" => MENU_TYPE_NORMAL_ITEM,
  152. "tab_parent" => "admin-tools/admin",
  153. "weight" => 120,
  154. );
  155. return $items;
  156. }
  157. /**
  158. * Decide what should happen when we go to "admin/config/users" by itself
  159. */
  160. function user_subtab_switchboard() {
  161. // For now, we will just always go to the faculty section, though this function
  162. // is helpful if that needs to change one day.
  163. $de_catalog_year = admin_get_de_catalog_year();
  164. fp_goto("admin/users/faculty", "de_catalog_year=$de_catalog_year");
  165. }
  166. function user_perm() {
  167. return array(
  168. "can_edit_user_roles" => array(
  169. "title" => t("Edit user roles"),
  170. "description" => t("The user may add/edit/delete user roles in the system."),
  171. ),
  172. "can_edit_permissions" => array(
  173. "title" => t("Edit permissions"),
  174. "description" => t("The user may assign permissions to different roles in the system."),
  175. ),
  176. "manage_users" => array(
  177. "title" => t("Manage users"),
  178. "description" => t("This is a powerful permission! It allows the user to edit the details
  179. of other users, as well as create users."),
  180. ),
  181. "delete_users" => array(
  182. "title" => t("Delete users"),
  183. "description" => t("This is a powerful permission! It allows the user delete users from the system."),
  184. ),
  185. );
  186. }
  187. /**
  188. * This is the permissions form, where users can set which roles have which permissions.
  189. */
  190. function user_permissions_form() {
  191. $form = array();
  192. fp_add_css(fp_get_module_path("user") . "/css/user.css");
  193. // Let's get all of our permissions from the permissions table.
  194. $permissions = array();
  195. $res = db_query("SELECT * FROM role_permissions");
  196. while ($cur = db_fetch_array($res)) {
  197. $permissions[$cur["rid"]][] = $cur["perm"];
  198. }
  199. $cb = $m = 1;
  200. $form["mark" . $m++] = array(
  201. "value" => t("Use this form to assign permissions to roles in the system.
  202. These permissions are defined by module."),
  203. );
  204. $roles = array();
  205. $res = db_query("SELECT * FROM roles ORDER BY rid ");
  206. while ($cur = db_fetch_array($res)) {
  207. $roles[$cur["rid"]] = $cur["name"];
  208. }
  209. $col_count = count($roles) + 1;
  210. $form["mark" . $m++] = array(
  211. "value" => "<table class='admin-perm-table' width='100%' cellpadding='0' cellspacing='0'>
  212. ",
  213. );
  214. // Go through all of the modules, then call hook_perm for them, to get their permissions.
  215. $modules = modules_implement_hook("perm");
  216. //fpm($modules);
  217. foreach ($modules as $module) {
  218. $form["mark" . $m++] = array(
  219. "value" => "<tr><td colspan='$col_count' class='perm-module-name'>" . ucwords($module) . " " . t("module") . "</td></tr>",
  220. );
  221. // Draw the headers...
  222. $form["mark" . $m++] = array(
  223. "value" => "<tr class='headers'><th style='min-width: 400px;'>" . t("Permission") . "</th>",
  224. );
  225. foreach ($roles as $key => $role) {
  226. $form["mark" . $m++] = array(
  227. "value" => "<th style='min-width: 100px;'>" . $role . "</th>",
  228. );
  229. }
  230. $form["mark" . $m++] = array(
  231. "value" => "</tr>",
  232. );
  233. // End of headers
  234. $zebra = "even";
  235. // Let's get all the perms.
  236. $perms = call_user_func($module . "_perm");
  237. foreach ($perms as $perm_name => $perm_details) {
  238. $title = $perm_details["title"];
  239. $desc = $perm_details["description"];
  240. $zebra = ($zebra == "even") ? "odd" : "even";
  241. $form["mark" . $m++] = array(
  242. "value" => "<tr class='perm-cb-row perm-cb-row-$zebra'><td class='perm-details' valign='top'>
  243. <div class='perm-title' title='$perm_name'>$title</div>
  244. <div class='perm-desc' title='$perm_name'>$desc</div>
  245. </td>",
  246. );
  247. foreach ($roles as $key => $role) {
  248. // Should this be checked by default (cause it was all ready in our table?)
  249. $default_value = array();
  250. if (is_array($permissions[$key]) && in_array($perm_name, $permissions[$key])) {
  251. // Yes, it was in there! Set up the default_value as an array that
  252. // looks like array(key => key). That is how we set a checkbox to be checked
  253. // by default.
  254. $default_value = array($key . "___$perm_name" => $key . "___$perm_name");
  255. }
  256. $form["perm_cb_" . $cb++] = array(
  257. "type" => "checkboxes",
  258. "options" => array("$key" . "___$perm_name" => ""),
  259. "value" => $default_value,
  260. "prefix" => "<td class='perm-cb'>",
  261. "suffix" => "</td>",
  262. );
  263. }
  264. $form["mark" . $m++] = array(
  265. "value" => "</tr>",
  266. );
  267. }
  268. }
  269. $form["mark" . $m++] = array(
  270. "value" => "</table>",
  271. );
  272. $form["submit"] = array(
  273. "type" => "submit",
  274. "value" => t("Save permissions"),
  275. "prefix" => "<hr>",
  276. );
  277. return $form;
  278. }
  279. /**
  280. * Submit handler for the permissions form.
  281. */
  282. function user_permissions_form_submit($form, $form_submit) {
  283. $values = $form_submit["values"];
  284. // We should begin by truncating our permissions table, then re-inserting
  285. // everything we get from this submission.
  286. db_query("TRUNCATE TABLE role_permissions");
  287. // Find all the perm checkboxes.
  288. foreach($values as $key => $val) {
  289. if (strstr($key, "perm_cb_")) {
  290. if (is_array($val)) {
  291. $cb = current($val);
  292. if (strstr($cb, "___")) {
  293. $temp = explode("___", $cb);
  294. $rid = $temp[0];
  295. $perm = $temp[1];
  296. // Okay, save this to our table.
  297. db_query("INSERT INTO role_permissions (rid, perm)
  298. VALUES ('?', '?') ", $rid, $perm);
  299. }
  300. }
  301. }
  302. }
  303. fp_add_message(t("Permissions saved successfully."));
  304. }
  305. /**
  306. * This form allows the user to manage the roles in the system.
  307. */
  308. function user_user_roles_form() {
  309. $form = array();
  310. fp_add_css(fp_get_module_path("user") . "/css/user.css");
  311. fp_add_js(fp_get_module_path("admin") . "/js/admin.js");
  312. $form["mark" . $m++] = array(
  313. "type" => "markup",
  314. "value" => t("Roles are able to be assigned permissions in FlightPath, and then users are assigned
  315. those roles. You may not remove the two roles, 'anonymous user' and 'authenticated user'.
  316. Those are assigned automatically when the user logs in or out.
  317. However, you may add as many more roles as you wish.")
  318. . "<br><br><b>" . t("roles:") . "</b>
  319. <table style='padding-left: 20px;'>",
  320. );
  321. $res = db_query("SELECT * FROM roles ORDER BY rid");
  322. while ($cur = db_fetch_array($res)) {
  323. $key = $cur["rid"];
  324. $value = $cur["name"];
  325. $prompt_link = fp_get_js_prompt_link("Enter a new name to change this role to:", $value, "document.getElementById(\"element-perform_action2\").value=\"edit~_~$key~_~\" + response; document.getElementById(\"fp-form-user_user_roles_form\").submit(); ", t("edit")) . " | ";
  326. $confirm_link = fp_get_js_confirm_link(t("Are you sure you wish to delete this role?\\nIt will be removed from users' accounts. This action cannot be undone.\\n\\nProceed?"), "document.getElementById(\"element-perform_action2\").value=\"del~_~$key\"; document.getElementById(\"fp-form-user_user_roles_form\").submit(); ", t("delete"));
  327. if ($key == 1 || $key == 2) {
  328. $prompt_link = $confirm_link = "";
  329. }
  330. $form["mark" . $m++] = array(
  331. "type" => "markup",
  332. "value" => "<tr><td>$value</td><td>" . $prompt_link . "
  333. " . $confirm_link . "</td></tr>",
  334. );
  335. }
  336. $form["mark" . $m++] = array(
  337. "type" => "markup",
  338. "value" => "</table>",
  339. );
  340. $form["perform_action2"] = array(
  341. "type" => "hidden",
  342. );
  343. $form["new_role"] = array(
  344. "type" => "textfield",
  345. "label" => t("Add a new role:"),
  346. );
  347. $form["submit"] = array(
  348. "type" => "submit",
  349. "value" => t("Add new"),
  350. );
  351. return $form;
  352. }
  353. function user_user_roles_form_submit($form, $form_state) {
  354. $values = $form_state["values"];
  355. if (trim($values["new_role"]) != "") {
  356. $new_role = strtolower(trim($values["new_role"]));
  357. // Clean up any trouble chars
  358. $new_role = preg_replace("/[^a-zA-Z0-9_]/", " ", $new_role);
  359. // Okay, add to the roles table.
  360. db_query("INSERT INTO roles (name) VALUES ('?') ", $new_role);
  361. fp_add_message("The new role has been added successfully.");
  362. }
  363. if (strstr($values["perform_action2"], "del~_~")) {
  364. $temp = explode("~_~", $values["perform_action2"]);
  365. $i = trim($temp[1]);
  366. // Remove this rid from the table.
  367. db_query("DELETE FROM roles WHERE rid = '?' ", $i);
  368. fp_add_message("The role has been deleted successfully.");
  369. }
  370. if (strstr($values["perform_action2"], "edit~_~")) {
  371. $temp = explode("~_~", $values["perform_action2"]);
  372. $i = trim($temp[1]);
  373. $new_name = strtolower(trim($temp[2]));
  374. $new_name = preg_replace("/[^a-zA-Z0-9_]/", " ", $new_name);
  375. if (trim($new_name) != "") {
  376. // Let's update the table.
  377. db_query("UPDATE roles SET name = '?' WHERE rid = '?' ", $new_name, $i);
  378. fp_add_message("The role has been edited successfully.");
  379. }
  380. }
  381. }
  382. /**
  383. * Let the user edit a studentuser's information.
  384. */
  385. function user_edit_student_user_form() {
  386. fp_add_js(fp_get_module_path("user") . "/js/user.js");
  387. $form = array();
  388. $student_cwid = $_REQUEST["student_cwid"];
  389. $user_id = db_get_user_id_from_cwid($student_cwid, "student");
  390. if ($student_cwid != "new") {
  391. $name = fp_get_student_name($student_cwid);
  392. fp_set_title(t("Edit Student User @name (@id)", array("@name" => $name, "@id" => $student_cwid)));
  393. }
  394. else {
  395. // A new student!
  396. fp_set_title(t("Create New Student User"));
  397. }
  398. $form["user_id"] = array(
  399. "type" => "hidden",
  400. "value" => $user_id,
  401. );
  402. $form["perform_action2"] = array(
  403. "type" => "hidden",
  404. "value" => "",
  405. );
  406. $form["student_cwid"] = array(
  407. "type" => "hidden",
  408. "value" => $student_cwid,
  409. );
  410. // TODO: At the moment, only faculty can be assigned roles in FP. However, this could change
  411. // one day, so I am going to leave this code in place for students, but commented out.
  412. /*
  413. $user_roles = system_get_roles_for_user($user_id);
  414. //fpm($user_roles);
  415. $default_values = array();
  416. foreach ($user_roles as $rid => $val) {
  417. $default_values[$rid] = $rid;
  418. }
  419. // Show a list of roles in the system which we may select from, and check the ones
  420. // all ready assigned to this user.
  421. $options = array();
  422. $res = db_query("SELECT * FROM roles ORDER BY rid");
  423. while ($cur = db_fetch_array($res)) {
  424. $key = $cur["rid"];
  425. $value = $cur["name"];
  426. if ($key > 2) {
  427. $options[$key] = $value;
  428. }
  429. }
  430. //fpm($default_values);
  431. $form["roles"] = array(
  432. "label" => t("Check which roles this user should have."),
  433. "type" => "checkboxes",
  434. "options" => $options,
  435. "value" => $default_values,
  436. );
  437. */
  438. // Let's present the form elements to allow some basic editing of this user.
  439. // Only if we are making a new student...
  440. if ($student_cwid == "new") {
  441. $form["new_student_cwid"] = array(
  442. "label" => t("Enter a new CWID, unique to students:"),
  443. "type" => "textfield",
  444. "size" => 20,
  445. "required" => TRUE,
  446. "description" => t("Enter a numeric ID for this student. It may be the same
  447. as a faculty member, but may not be the same as any existing
  448. student. You will not be able to edit this value, once saved."),
  449. );
  450. $form["new_user_name"] = array(
  451. "label" => t("Enter a new username, unique to all users:"),
  452. "type" => "textfield",
  453. "size" => 20,
  454. "required" => TRUE,
  455. "description" => t("Enter a username for this user. This is what the user will
  456. use to log in. It must be unique to all users (cannot have both
  457. a faculty and a student with the same username). You will not
  458. be able to edit this value, once saved."),
  459. );
  460. $cur = array();
  461. }
  462. else {
  463. // NOT a new student. Load their information normally.
  464. $res = db_query("SELECT * FROM users u, students s
  465. WHERE u.cwid = '?'
  466. AND u.is_student = '1'
  467. AND u.cwid = s.cwid", $student_cwid);
  468. $cur = db_fetch_array($res);
  469. }
  470. $user_name = $cur["user_name"];
  471. if ($user_name != "") {
  472. $form["mark" . $m++] = array(
  473. "value" => "<p><b>Username:</b> $user_name</p>",
  474. );
  475. }
  476. $form["new_password"] = array(
  477. "label" => t("Enter a new password for this user:"),
  478. "type" => "textfield",
  479. "size" => 20,
  480. "required" => ($student_cwid == "new") ? TRUE : FALSE,
  481. "description" => t("If you enter any value here, it will change the
  482. user's password in FlightPath. If you are using the LDAP module,
  483. the LDAP password will be unaffected."),
  484. );
  485. $form["email"] = array(
  486. "label" => t("Email:"),
  487. "type" => "textfield",
  488. "value" => $cur["email"],
  489. );
  490. $form["f_name"] = array(
  491. "label" => t("First name:"),
  492. "type" => "textfield",
  493. "value" => $cur["f_name"],
  494. );
  495. $form["l_name"] = array(
  496. "label" => t("Last name:"),
  497. "type" => "textfield",
  498. "value" => $cur["l_name"],
  499. );
  500. $form["is_disabled"] = array(
  501. "label" => t("Is disabled:"),
  502. "type" => "textfield",
  503. "value" => $cur["is_disabled"],
  504. "size" => 5,
  505. "description" => t("Enter only 1 or 0 (number one for 'yes', or number zero for 'no'). This setting means the user will
  506. be ignored by FlightPath, and they will not be able to log in or be searched for.
  507. It is safer to disable a user, than delete them."),
  508. );
  509. // Unique to students...
  510. $form["cumulative_hours"] = array(
  511. "label" => t("Cumulative hours:"),
  512. "type" => "textfield",
  513. "value" => $cur["cumulative_hours"],
  514. "size" => 5,
  515. "description" => t("How many hours has the student earned? NOTE: If FlightPath is set to
  516. calculate this, rather than read from the database, whatever you enter here
  517. will be ignored, and instead this value will be calculated on the fly when
  518. the student is loaded."),
  519. );
  520. $form["gpa"] = array(
  521. "label" => t("GPA:"),
  522. "type" => "textfield",
  523. "value" => $cur["gpa"],
  524. "size" => 5,
  525. "description" => t("What is the student's GPA? NOTE: If FlightPath is set to
  526. calculate this, rather than read from the database, whatever you enter here
  527. will be ignored, and instead this value will be calculated on the fly when
  528. the student is loaded."),
  529. );
  530. $form["rank_code"] = array(
  531. "label" => t("Rank or Classification:"),
  532. "type" => "textfield",
  533. "value" => $cur["rank_code"],
  534. "size" => 5,
  535. "description" => t("For example, FR, SO, JR, SR, GR for Freshman, Sophomore, Junior, Senior, and Graduate.") . "
  536. <br><b>" . t("Important:") . "</b> " . t("You must enter a code from the Allowed Student Ranks field
  537. on the System Settings form. For example, FR. If you do not do this, you will not be able to search
  538. for this student in FlightPath.") . "<br>&nbsp; &nbsp; &nbsp;" . t("Current value for Allowed Student Ranks:") . "
  539. <i>" . variable_get("allowed_student_ranks", "") . "</i>",
  540. );
  541. $form["major_code"] = array(
  542. "label" => t("Major code:"),
  543. "type" => "textfield",
  544. "value" => $cur["major_code"],
  545. "size" => 10,
  546. );
  547. $form["catalog_year"] = array(
  548. "label" => t("Catalog year:"),
  549. "type" => "textfield",
  550. "value" => $cur["catalog_year"],
  551. "size" => 10,
  552. "description" => t("Only the leading year is used. For example, for the
  553. catalog year 2008-2009, you would just enter 2008."),
  554. );
  555. $form["is_active"] = array(
  556. "label" => t("Is active:"),
  557. "type" => "textfield",
  558. "value" => $cur["is_active"],
  559. "size" => 5,
  560. "description" => t("Enter only 1 or 0 (number one for 'yes', or number zero for 'no'). This setting means the student
  561. will not appear in searches automatically, unless the advisor specifies to search
  562. for inactive students."),
  563. );
  564. $form["submit"] = array(
  565. "type" => "submit",
  566. "value" => "Submit",
  567. "prefix" => "<hr>",
  568. );
  569. if ($student_cwid != "new" && user_has_permission("delete_users")) {
  570. $form["mark" . $m++] = array(
  571. "type" => "markup",
  572. "value" => "<div align='right'>
  573. " . t("Delete this student?") . " <input type='button' value='X'
  574. onClick='userDeleteStudent();'>
  575. </div>",
  576. );
  577. }
  578. return $form;
  579. }
  580. /**
  581. * Validate handler for editing student users.
  582. */
  583. function user_edit_student_user_form_validate($form, $form_state) {
  584. $values = $form_state["values"];
  585. // If a password was given, make sure it is appropriate.
  586. if (trim($values["new_password"]) != "") {
  587. if (strlen(trim($values["new_password"])) < 5) {
  588. form_error("new_password", t("Please enter a password that is at least 5 characters long."));
  589. return;
  590. }
  591. }
  592. // If creating a new user, make sure new_student_cwid and new_user_name are not
  593. // already in use.
  594. if ($values["student_cwid"] == "new") {
  595. $new_cwid = trim($values["new_student_cwid"]);
  596. $new_user_name = trim($values["new_user_name"]);
  597. // Check that cwid is numeric.
  598. if (!is_numeric($new_cwid)) {
  599. form_error("new_student_cwid", t("The cwid you entered is not numeric. CWIDs must contain only numbers.
  600. Please select a different cwid."));
  601. return;
  602. }
  603. // Check that username is at least 4 characters
  604. if (strlen($new_user_name) < 4) {
  605. form_error("new_user_name", t("The username you entered is too short. It must be at least 4 characters.
  606. Please select a different username."));
  607. return;
  608. }
  609. // Check cwid isn't already in use.
  610. $test = db_result(db_query("SELECT cwid FROM users WHERE cwid = '?' AND is_student = '1'", $new_cwid));
  611. if ($test == $new_cwid) {
  612. form_error("new_student_cwid", t("The cwid you entered is already in use. Please select a different cwid."));
  613. return;
  614. }
  615. // Check user_name isn't already in use.
  616. $test = db_result(db_query("SELECT user_name FROM users WHERE user_name = '?' ", $new_user_name));
  617. if ($test == $new_user_name) {
  618. form_error("new_user_name", t("The username you entered is already in use. Please select a different username."));
  619. return;
  620. }
  621. }
  622. }
  623. /**
  624. * Submit handler for editing student users.
  625. */
  626. function user_edit_student_user_form_submit($form, $form_state) {
  627. $values = $form_state["values"];
  628. foreach ($values as $key => $val) {
  629. if (!is_array($val)) {
  630. $values[$key] = trim($val);
  631. }
  632. }
  633. //fpm($values);
  634. $user_id = $values["user_id"];
  635. $student_cwid = $values["student_cwid"];
  636. // Are we supposed to DELETE a student?
  637. if ($values["perform_action2"] == "delete_student" && user_has_permission("delete_users")) {
  638. db_query("DELETE FROM students WHERE cwid = '?' ", $student_cwid);
  639. db_query("DELETE FROM users WHERE cwid = '?' AND is_student = '1' ", $student_cwid);
  640. fp_add_message(t("User has been deleted."));
  641. fp_goto("admin/users/students");
  642. return;
  643. }
  644. if ($student_cwid != "new") {
  645. // NOT a new student! Insert values normally.
  646. // First-- was there a password given? If so, insert that separate.
  647. if (trim($values["new_password"]) != "") {
  648. $new_pass = md5(trim($values["new_password"]));
  649. db_query("UPDATE users
  650. SET password = '?'
  651. WHERE cwid = '?'
  652. AND is_student = '1' ", $new_pass, $student_cwid);
  653. }
  654. // Okay, now we can just update everything else.
  655. // Update users table first...
  656. db_query("UPDATE users
  657. SET email = '?',
  658. f_name = '?',
  659. l_name = '?',
  660. is_disabled = '?'
  661. WHERE cwid = '?'
  662. AND is_student = '1' ", $values["email"], $values["f_name"],
  663. $values["l_name"], $values["is_disabled"],
  664. $student_cwid);
  665. // Now, update the students table entry.
  666. db_query("UPDATE students
  667. SET cumulative_hours = '?',
  668. gpa = '?',
  669. rank_code = '?',
  670. major_code = '?',
  671. catalog_year = '?',
  672. is_active = '?'
  673. WHERE cwid = '?'", $values["cumulative_hours"], $values["gpa"], $values["rank_code"],
  674. $values["major_code"], $values["catalog_year"],
  675. $values["is_active"], $student_cwid);
  676. }
  677. else {
  678. // This is a NEW user! We need to perform inserts. Thanks to our validate handler,
  679. // we know all of the values we have are valid.
  680. db_query("INSERT INTO users (user_name, password, is_student, email, cwid, f_name, l_name, is_disabled)
  681. VALUES ('?', '?', '1', '?', '?', '?', '?', '?')
  682. ", $values["new_user_name"], md5($values["new_password"]), $values["email"], $values["new_student_cwid"],
  683. $values["f_name"], $values["l_name"], $values["is_disabled"]);
  684. db_query("INSERT INTO students (cwid, cumulative_hours, gpa, rank_code, major_code, catalog_year, is_active)
  685. VALUES ('?', '?', '?', '?', '?', '?', '?')
  686. ", $values["new_student_cwid"], $values["cumulative_hours"], $values["gpa"], $values["rank_code"],
  687. $values["major_code"], $values["catalog_year"], $values["is_active"]);
  688. fp_add_message(t("User created successfully."));
  689. fp_goto("admin/users/edit-student-user", "student_cwid=" . $values["new_student_cwid"]);
  690. }
  691. fp_add_message(t("User updated successfully."));
  692. }
  693. /**
  694. * Let the user edit a user's roles and other information.
  695. */
  696. function user_edit_user_form() {
  697. fp_add_js(fp_get_module_path("user") . "/js/user.js");
  698. $form = array();
  699. $faculty_cwid = $_REQUEST["faculty_cwid"];
  700. $user_id = db_get_user_id_from_cwid($faculty_cwid);
  701. $name = fp_get_faculty_name($faculty_cwid);
  702. fp_set_title(t("Edit Faculty/Staff User @name (@id)", array("@name" => $name, "@id" => $faculty_cwid)));
  703. $user_roles = system_get_roles_for_user($user_id);
  704. //fpm($user_roles);
  705. $default_values = array();
  706. foreach ($user_roles as $rid => $val) {
  707. $default_values[$rid] = $rid;
  708. }
  709. $form["user_id"] = array(
  710. "type" => "hidden",
  711. "value" => $user_id,
  712. );
  713. $form["perform_action2"] = array(
  714. "type" => "hidden",
  715. "value" => "",
  716. );
  717. $form["faculty_cwid"] = array(
  718. "type" => "hidden",
  719. "value" => $faculty_cwid,
  720. );
  721. // Show a list of roles in the system which we may select from, and check the ones
  722. // all ready assigned to this user.
  723. if ($faculty_cwid != "new") {
  724. // Not for new users, since we don't have a user_id for them yet.
  725. $options = array();
  726. $res = db_query("SELECT * FROM roles ORDER BY rid");
  727. while ($cur = db_fetch_array($res)) {
  728. $key = $cur["rid"];
  729. $value = $cur["name"];
  730. if ($key > 2) {
  731. $options[$key] = $value;
  732. }
  733. }
  734. //fpm($default_values);
  735. $form["roles"] = array(
  736. "label" => t("Check which roles this user should have."),
  737. "type" => "checkboxes",
  738. "options" => $options,
  739. "value" => $default_values,
  740. );
  741. }
  742. /////////////////////
  743. // Let's present the form elements to allow some basic editing of this user.
  744. // Only if we are making a new user...
  745. if ($faculty_cwid == "new") {
  746. $form["new_faculty_cwid"] = array(
  747. "label" => t("Enter a new CWID, unique to faculty:"),
  748. "type" => "textfield",
  749. "size" => 20,
  750. "required" => TRUE,
  751. "description" => t("Enter a numeric ID for this faculty. It may be the same
  752. as a student, but may not be the same as any existing
  753. faculty. You will not be able to edit this value, once saved."),
  754. );
  755. $form["new_user_name"] = array(
  756. "label" => t("Enter a new username, unique to all users:"),
  757. "type" => "textfield",
  758. "size" => 20,
  759. "required" => TRUE,
  760. "description" => t("Enter a username for this user. This is what the user will
  761. use to log in. It must be unique to all users (cannot have both
  762. a faculty and a student with the same username). You will not
  763. be able to edit this value, once saved."),
  764. );
  765. $cur = array();
  766. }
  767. else {
  768. // NOT a new faculty. Load their information normally.
  769. $res = db_query("SELECT * FROM users u, faculty s
  770. WHERE u.cwid = '?'
  771. AND u.is_faculty = '1'
  772. AND u.cwid = s.cwid", $faculty_cwid);
  773. $cur = db_fetch_array($res);
  774. }
  775. $user_name = $cur["user_name"];
  776. if ($user_name != "") {
  777. $form["mark" . $m++] = array(
  778. "value" => "<p><b>Username:</b> $user_name</p>",
  779. );
  780. }
  781. $form["new_password"] = array(
  782. "label" => t("Enter a new password for this user:"),
  783. "type" => "textfield",
  784. "size" => 20,
  785. "required" => ($faculty_cwid == "new") ? TRUE : FALSE,
  786. "description" => t("If you enter any value here, it will change the
  787. user's password in FlightPath. If you are using the LDAP module,
  788. the LDAP password will be unaffected."),
  789. );
  790. $form["email"] = array(
  791. "label" => t("Email:"),
  792. "type" => "textfield",
  793. "value" => $cur["email"],
  794. );
  795. $form["f_name"] = array(
  796. "label" => t("First name:"),
  797. "type" => "textfield",
  798. "value" => $cur["f_name"],
  799. );
  800. $form["l_name"] = array(
  801. "label" => t("Last name:"),
  802. "type" => "textfield",
  803. "value" => $cur["l_name"],
  804. );
  805. $form["is_disabled"] = array(
  806. "label" => t("Is disabled:"),
  807. "type" => "textfield",
  808. "value" => $cur["is_disabled"],
  809. "size" => 5,
  810. "description" => t("Enter only 1 or 0 (number one for 'yes', or number zero for 'no'). This setting means the user will
  811. be ignored by FlightPath, and they will not be able to log in or be searched for.
  812. It is safer to disable a user, than delete them."),
  813. );
  814. // Unique to faculty...
  815. $form["college"] = array(
  816. "label" => t("College:"),
  817. "type" => "textfield",
  818. "value" => $cur["college"],
  819. "size" => 5,
  820. );
  821. $form["department"] = array(
  822. "label" => t("Department:"),
  823. "type" => "textfield",
  824. "value" => $cur["department"],
  825. "size" => 30,
  826. );
  827. $form["major_code"] = array(
  828. "label" => t("Major code:"),
  829. "type" => "textfield",
  830. "value" => $cur["major_code"],
  831. "size" => 10,
  832. );
  833. $form["submit"] = array(
  834. "type" => "submit",
  835. "value" => "Submit",
  836. "prefix" => "<hr>",
  837. );
  838. if ($faculty_cwid != "new" && user_has_permission("delete_users")) {
  839. $form["mark" . $m++] = array(
  840. "type" => "markup",
  841. "value" => "<div align='right'>
  842. " . t("Delete this faculty member?") . " <input type='button' value='X'
  843. onClick='userDeleteFaculty();'>
  844. </div>",
  845. );
  846. }
  847. return $form;
  848. }
  849. /**
  850. * Validate handler for editing faculty users.
  851. */
  852. function user_edit_user_form_validate($form, $form_state) {
  853. $values = $form_state["values"];
  854. // If a password was given, make sure it is appropriate.
  855. if (trim($values["new_password"]) != "") {
  856. if (strlen(trim($values["new_password"])) < 5) {
  857. form_error("new_password", t("Please enter a password that is at least 5 characters long."));
  858. return;
  859. }
  860. }
  861. // If creating a new user, make sure new_student_cwid and new_user_name are not
  862. // already in use.
  863. if ($values["faculty_cwid"] == "new") {
  864. $new_cwid = trim($values["new_faculty_cwid"]);
  865. $new_user_name = trim($values["new_user_name"]);
  866. // Check that cwid is numeric.
  867. if (!is_numeric($new_cwid)) {
  868. form_error("new_faculty_cwid", t("The cwid you entered is not numeric. CWIDs must contain only numbers.
  869. Please select a different cwid."));
  870. return;
  871. }
  872. // Check that username is at least 4 characters
  873. if (strlen($new_user_name) < 4) {
  874. form_error("new_user_name", t("The username you entered is too short. It must be at least 4 characters.
  875. Please select a different username."));
  876. return;
  877. }
  878. // Check cwid isn't already in use.
  879. $test = db_result(db_query("SELECT cwid FROM users WHERE cwid = '?' AND is_faculty = '1'", $new_cwid));
  880. if ($test == $new_cwid) {
  881. form_error("new_faculty_cwid", t("The cwid you entered is already in use. Please select a different cwid."));
  882. return;
  883. }
  884. // Check user_name isn't already in use.
  885. $test = db_result(db_query("SELECT user_name FROM users WHERE user_name = '?' ", $new_user_name));
  886. if ($test == $new_user_name) {
  887. form_error("new_user_name", t("The username you entered is already in use. Please select a different username."));
  888. return;
  889. }
  890. }
  891. }
  892. /**
  893. * Submit handler for our edit faculty form
  894. */
  895. function user_edit_user_form_submit($form, $form_state) {
  896. $values = $form_state["values"];
  897. foreach ($values as $key => $val) {
  898. if (!is_array($val)) {
  899. $values[$key] = trim($val);
  900. }
  901. }
  902. $user_id = $values["user_id"];
  903. $faculty_cwid = $values["faculty_cwid"];
  904. // Save the roles into the database for this user.
  905. // Begin by deleting what's there all ready.
  906. db_query("DELETE FROM user_roles WHERE user_id = '?' ", $user_id);
  907. if (is_array($values["roles"])) {
  908. foreach ($values["roles"] as $rid) {
  909. //fpm("inserting $rid");
  910. db_query("INSERT INTO user_roles (user_id, rid)
  911. VALUES ('?', '?') ", $user_id, $rid);
  912. }
  913. }
  914. // Are we supposed to DELETE a faculty?
  915. if ($values["perform_action2"] == "delete_faculty" && user_has_permission("delete_users")) {
  916. db_query("DELETE FROM faculty WHERE cwid = '?' ", $faculty_cwid);
  917. db_query("DELETE FROM users WHERE cwid = '?' AND is_faculty = '1' ", $faculty_cwid);
  918. fp_add_message(t("User has been deleted."));
  919. fp_goto("admin/users/faculty");
  920. return;
  921. }
  922. if ($faculty_cwid != "new") {
  923. // NOT a new faculty! Insert values normally.
  924. // First-- was there a password given? If so, insert that separate.
  925. if (trim($values["new_password"]) != "") {
  926. $new_pass = md5(trim($values["new_password"]));
  927. db_query("UPDATE users
  928. SET password = '?'
  929. WHERE cwid = '?'
  930. AND is_faculty = '1' ", $new_pass, $faculty_cwid);
  931. }
  932. // Okay, now we can just update everything else.
  933. // Update users table first...
  934. db_query("UPDATE users
  935. SET email = '?',
  936. f_name = '?',
  937. l_name = '?',
  938. is_disabled = '?'
  939. WHERE cwid = '?'
  940. AND is_faculty = '1' ", $values["email"], $values["f_name"],
  941. $values["l_name"], $values["is_disabled"],
  942. $faculty_cwid);
  943. // Now, update the faculty table entry.
  944. db_query("UPDATE faculty
  945. SET college = '?',
  946. department = '?',
  947. major_code = '?'
  948. WHERE cwid = '?'", $values["college"], $values["department"],
  949. $values["major_code"], $faculty_cwid);
  950. }
  951. else {
  952. // This is a NEW user! We need to perform inserts. Thanks to our validate handler,
  953. // we know all of the values we have are valid.
  954. db_query("INSERT INTO users (user_name, password, is_faculty, email, cwid, f_name, l_name, is_disabled)
  955. VALUES ('?', '?', '1', '?', '?', '?', '?', '?')
  956. ", $values["new_user_name"], md5($values["new_password"]), $values["email"], $values["new_faculty_cwid"],
  957. $values["f_name"], $values["l_name"], $values["is_disabled"]);
  958. db_query("INSERT INTO faculty (cwid, college, department, major_code)
  959. VALUES ('?', '?', '?', '?')
  960. ", $values["new_faculty_cwid"], $values["college"], $values["department"], $values["major_code"]);
  961. fp_add_message(t("User created successfully."));
  962. fp_goto("admin/users/edit-user", "faculty_cwid=" . $values["new_faculty_cwid"]);
  963. }
  964. fp_add_message(t("User updated successfully."));
  965. }
  966. /**
  967. * Similar to user_display_users, except only for student users.
  968. */
  969. function user_display_student_users() {
  970. global $db, $screen;
  971. $de_catalog_year = $GLOBALS["de_catalog_year"];
  972. $cc = 1;
  973. $rtn = "";
  974. fp_add_css(fp_get_module_path("user") . "/css/user.css");
  975. // First, let's get our list of departments...
  976. $major_code_array = array();
  977. $d = 0;
  978. // Let's pull the needed variables out of our settings, so we know what
  979. // to query, because this is a non-FlightPath table.
  980. //$tsettings = $GLOBALS["fp_system_settings"]["extra_tables"]["human_resources:faculty_staff"];
  981. //$tf = (object) $tsettings["fields"]; //Convert to object, makes it easier to work with.
  982. //$table_name = $tsettings["table_name"];
  983. $res = db_query("SELECT DISTINCT major_code FROM students ORDER BY major_code ");
  984. while ($cur = db_fetch_array($res)) {
  985. if (trim($cur["major_code"]) == "")
  986. {// skip if blank
  987. continue;
  988. }
  989. $major_code_array[$d] = trim(ucwords($cur["major_code"]));
  990. $d++;
  991. }
  992. $rtn .= "<h2 class='title' style='margin-bottom:0;'>" . t("Edit Student Users") . "</h2>";
  993. $rtn .= "<div class='add-new-student-user'>" . l(t("Create a new student user"), "admin/users/edit-student-user", "student_cwid=new&de_catalog_year=$de_catalog_year") . "</div>";
  994. $letter_ranges = array(
  995. "A" => array("A", "AZZZZ"),
  996. "B" => array("B", "BZZZZ"),
  997. "C" => array("C", "CZZZ"),
  998. "D" => array("D", "DZZZZ"),
  999. "E" => array("E", "EZZZZ"),
  1000. "F" => array("F", "FZZZZ"),
  1001. "G" => array("G", "GZZZZ"),
  1002. "H" => array("H", "HZZZZ"),
  1003. "I" => array("I", "IZZZ"),
  1004. "J" => array("J", "JZZZ"),
  1005. "K" => array("K", "KZZZ"),
  1006. "L" => array("L", "LZZZ"),
  1007. "M" => array("M", "MZZZ"),
  1008. "N" => array("N", "NZZZ"),
  1009. "O" => array("O", "OZZZ"),
  1010. "P" => array("P", "PZZZ"),
  1011. "Q-R" => array("Q", "RZZZZ"),
  1012. "S" => array("S", "SZZZ"),
  1013. "T" => array("T", "TZZZZ"),
  1014. "U" => array("U", "UZZZ"),
  1015. "V-Z" => array("V", "ZZZZ"),
  1016. );
  1017. $rtn .= "<div class='user-select-letter-bar' style='padding-top: 20px;'>
  1018. ";
  1019. foreach($letter_ranges as $disp => $vals) {
  1020. $rtn .= l($disp, "admin/users/students", "de_catalog_year=$de_catalog_year&ur=" . $vals[0] . "&lr=" . $vals[1], array("class" => "admin-courses-letter-link")) . " &nbsp; ";
  1021. }
  1022. // Figure out what type of students to display-- active, inactive, or both
  1023. $set_disp = $_REQUEST["set_disp"];
  1024. if ($set_disp == "") {
  1025. $set_disp = $_SESSION["user_set_disp"];
  1026. if ($set_disp == "") {
  1027. $set_disp = "only_active";
  1028. }
  1029. }
  1030. // Save into session for ease later
  1031. $_SESSION["user_set_disp"] = $set_disp;
  1032. $in_active_query_line = "";
  1033. $sel_only_active = $sel_only_inactive = $sel_both = "";
  1034. if ($set_disp == "only_active") {
  1035. $sel_only_active = "selected";
  1036. $in_active_query_line = " AND is_active = '1' ";
  1037. }
  1038. if ($set_disp == "only_inactive") {
  1039. $sel_only_inactive = "selected";
  1040. $in_active_query_line = " AND is_active = '0' ";
  1041. }
  1042. if ($set_disp == "both") {
  1043. $sel_both = "selected";
  1044. }
  1045. $rtn .= "</div>";
  1046. $rtn .= "
  1047. <form class='filters' action='" . base_path() . "/admin/users/students' method='GET' >
  1048. <input type='hidden' name='performAction' value='editUsers'>
  1049. " . t("Search:") . " <input type='text' class='smallinput' name='search' value='{$_GET["search"]}' size='15'>
  1050. <input type='submit' name='searchsubmit' class='smallinput' value=' -> '>
  1051. &nbsp; &nbsp; " . t("or") . " &nbsp; &nbsp;
  1052. <select name='major_code' class='smallinput'>
  1053. <option value=''>" . t("Select a major code...") . "</option>
  1054. <option value=''>--------------------------</option>
  1055. <!--MAJORCODESEARCH-->
  1056. </select>
  1057. <input type='submit' name='major_code_submit' class='smallinput' value=' -> '>
  1058. &nbsp; &nbsp; " . t("Set disp:") . "
  1059. <select name='set_disp'>
  1060. <option value='only_active' $sel_only_active>" . t("only active") . "</option>
  1061. <option value='only_inactive' $sel_only_inactive>" . t("only inactive") . "</option>
  1062. <option value='both' $sel_both>" . t("show both") . "</option>
  1063. </select>
  1064. <input type='submit' name='show_inactive_submit' class='smallinput' value=' -> '>
  1065. </form>
  1066. </div>
  1067. <br>
  1068. ";
  1069. $displaying = "";
  1070. $ur = trim($_GET["ur"]);
  1071. $lr = trim($_GET["lr"]);
  1072. if ($ur != "" || $lr != "")
  1073. {
  1074. $_SESSION["prev_user_search"] = "";
  1075. }
  1076. if ($ur == "")
  1077. { // meaning, no range was set. Use A - C
  1078. $ur = $_SESSION["ur"];
  1079. $lr = $_SESSION["lr"];
  1080. if ($ur == "")
  1081. { // if still blank, assign it..
  1082. $ur = "A";
  1083. $lr = "AZZZZ";
  1084. }
  1085. }
  1086. $_SESSION["ur"] = $ur;
  1087. $_SESSION["lr"] = $lr;
  1088. $search = trim($_GET["search"]);
  1089. $major_code = trim($_GET["major_code"]);
  1090. if ($search != "" || $major_code != "")
  1091. {
  1092. $_SESSION["prev_user_search"] = "";
  1093. }
  1094. if ($_SESSION["prev_user_search"] != "")
  1095. {
  1096. $temp = explode("%%",$_SESSION["prev_user_search"]);
  1097. if ($temp[0] == "search")
  1098. {
  1099. $search = $temp[1];
  1100. }
  1101. if ($temp[0] == "major_code")
  1102. {
  1103. $_GET["major_codesubmit"] = "1";
  1104. $major_code = $temp[1];
  1105. }
  1106. }
  1107. $_SESSION["prev_user_search"] = "";
  1108. // Let's pull the needed variables out of our settings, so we know what
  1109. // to query, because this is a non-FlightPath table.
  1110. //$tsettings = $GLOBALS["fp_system_settings"]["extra_tables"]["human_resources:faculty_staff"];
  1111. //$tf = (object) $tsettings["fields"]; //Convert to object, makes it easier to work with.
  1112. //$table_name = $tsettings["table_name"];
  1113. // TODO: Check if we are searching through "active" as well!
  1114. if ($search != "" && !($_GET["major_code_submit"]))
  1115. {
  1116. // Something was searched for, and the major_code submit button was not pushed.
  1117. $major_code = "";
  1118. $temp = explode(" ",$search);
  1119. $search1 = $temp[0];
  1120. $search2 = trim($temp[1]);
  1121. $_SESSION["prev_user_search"] = "search%%$search";
  1122. $displaying = $search;
  1123. $second_part = "";
  1124. if ($search2 != "")
  1125. {
  1126. // Two search terms, probably a name...
  1127. $result = db_query("SELECT * FROM users u, students s
  1128. WHERE
  1129. u.is_student = 1
  1130. AND u.cwid = s.cwid
  1131. $in_active_query_line
  1132. AND (l_name LIKE '%?%'
  1133. AND f_name LIKE '%?%')
  1134. ORDER BY l_name, f_name ", $search2, $search1);
  1135. }
  1136. else {
  1137. // One search term....
  1138. $result = db_query("SELECT * FROM users u, students s
  1139. WHERE
  1140. u.is_student = 1
  1141. AND u.cwid = s.cwid
  1142. $in_active_query_line
  1143. AND (u.cwid LIKE '%?%'
  1144. OR l_name LIKE '%?%'
  1145. OR f_name LIKE '%?%')
  1146. ORDER BY l_name, f_name ", $search1, $search1, $search1);
  1147. }
  1148. }
  1149. else if ($major_code != "" && $_GET["major_code_submit"]) {
  1150. // User select a major_code. Look for it...
  1151. $search = "";
  1152. $_SESSION["prev_user_search"] = "major_code%%$major_code";
  1153. $result = db_query("SELECT * FROM users a, students b
  1154. WHERE a.cwid = b.cwid
  1155. AND a.is_student = 1
  1156. AND major_code = '?'
  1157. $in_active_query_line
  1158. ORDER BY l_name, f_name ", $major_code);
  1159. $displaying = $major_code;
  1160. }
  1161. else
  1162. { // No search, so look for the range...
  1163. $result = db_query("SELECT * FROM users u, students s
  1164. WHERE
  1165. u.is_student = 1
  1166. AND u.cwid = s.cwid
  1167. $in_active_query_line
  1168. AND l_name BETWEEN '?' AND '?'
  1169. ORDER BY l_name, f_name ", $ur, $lr);
  1170. $displaying = $ur;
  1171. }
  1172. $rtn .= "<div class='tenpt' style='padding-bottom: 5px;'><b>" . t("Displaying:") . "</b> $displaying</div>
  1173. <table border='0' width='100%' cellpadding='3' cellspacing='0' class='user-list'>
  1174. <tr>
  1175. <th>CWID</th>
  1176. <th>Name</th>
  1177. <th></th>
  1178. <th>Major code</th>
  1179. <th>Active?</th>
  1180. <th>&nbsp;</th>
  1181. </tr>
  1182. ";
  1183. while ($cur = db_fetch_array($result)) {
  1184. $user_id = $cur["user_id"];
  1185. $l_name = trim(ucwords(strtolower($cur["l_name"])));
  1186. $f_name = trim(ucwords(strtolower($cur["f_name"])));
  1187. $student_cwid = trim($cur["cwid"]);
  1188. $disp_major_code = trim($cur["major_code"]);
  1189. $is_active = ($cur["is_active"] == "1") ? "Y" : "N";
  1190. $ast = "";
  1191. $reason = "";
  1192. $fgcol = "black";
  1193. $rtn .= "<tr class='is-active-$is_active'>
  1194. <td valign='top' width='15%'>$student_cwid</td>
  1195. <td valign='top' width='15%'>$f_name</td>
  1196. <td valign='top' width='15%'>$l_name</td>
  1197. <td valign='top'>$disp_major_code</td>
  1198. <td valign='top'>$is_active</td>
  1199. <td valign='top'>" . l(t("edit"), "admin/users/edit-student-user", "student_cwid=$student_cwid&de_catalog_year=$de_catalog_year") . "</td>
  1200. </tr>";
  1201. } // while
  1202. $rtn .= "</table>";
  1203. // Put in the major_code pulldown....
  1204. $bC = "";
  1205. for ($t = 0; $t<count($major_code_array); $t++)
  1206. {
  1207. $dd = $major_code_array[$t];
  1208. $sel = "";
  1209. if ($dd == $major_code)
  1210. {
  1211. $sel = "selected";
  1212. }
  1213. $bC .= "<option value='$dd' $sel>{$major_code_array[$t]}</option> \n";
  1214. }
  1215. $rtn = str_replace("<!--MAJORCODESEARCH-->",$bC,$rtn);
  1216. return $rtn;
  1217. }
  1218. /**
  1219. * Display our list of faculty/staff users in the system.
  1220. */
  1221. function user_display_users() {
  1222. global $db, $screen;
  1223. $de_catalog_year = $GLOBALS["de_catalog_year"];
  1224. $cc = 1;
  1225. $rtn = "";
  1226. fp_add_css(fp_get_module_path("user") . "/css/user.css");
  1227. // First, let's get our list of departments...
  1228. $dept_array = array();
  1229. $d = 0;
  1230. // Let's pull the needed variables out of our settings, so we know what
  1231. // to query, because this is a non-FlightPath table.
  1232. //$tsettings = $GLOBALS["fp_system_settings"]["extra_tables"]["human_resources:faculty_staff"];
  1233. //$tf = (object) $tsettings["fields"]; //Convert to object, makes it easier to work with.
  1234. //$table_name = $tsettings["table_name"];
  1235. $res = db_query("SELECT DISTINCT department FROM faculty ORDER BY department ");
  1236. while ($cur = db_fetch_array($res)) {
  1237. if (trim($cur["department"]) == "")
  1238. {// skip if blank
  1239. continue;
  1240. }
  1241. $dept_array[$d] = trim(ucwords(strtolower($cur["department"])));
  1242. $d++;
  1243. }
  1244. $rtn .= "<h2 class='title' style='margin-bottom: 0;'>" . t("Edit Faculty / Staff Users") . "</h2>";
  1245. $rtn .= "<div class='add-new-user'>" . l(t("Create a new faculty/staff user"), "admin/users/edit-user", "faculty_cwid=new&de_catalog_year=$de_catalog_year") . "</div>";
  1246. $letter_ranges = array(
  1247. "A" => array("A", "AZZZZ"),
  1248. "B" => array("B", "BZZZZ"),
  1249. "C" => array("C", "CZZZ"),
  1250. "D" => array("D", "DZZZZ"),
  1251. "E" => array("E", "EZZZZ"),
  1252. "F" => array("F", "FZZZZ"),
  1253. "G" => array("G", "GZZZZ"),
  1254. "H" => array("H", "HZZZZ"),
  1255. "I" => array("I", "IZZZ"),
  1256. "J" => array("J", "JZZZ"),
  1257. "K" => array("K", "KZZZ"),
  1258. "L" => array("L", "LZZZ"),
  1259. "M" => array("M", "MZZZ"),
  1260. "N" => array("N", "NZZZ"),
  1261. "O" => array("O", "OZZZ"),
  1262. "P" => array("P", "PZZZ"),
  1263. "Q-R" => array("Q", "RZZZZ"),
  1264. "S" => array("S", "SZZZ"),
  1265. "T" => array("T", "TZZZZ"),
  1266. "U" => array("U", "UZZZ"),
  1267. "V-Z" => array("V", "ZZZZ"),
  1268. );
  1269. $rtn .= "<div class='user-select-letter-bar' style='padding-top: 20px;'>
  1270. ";
  1271. foreach($letter_ranges as $disp => $vals) {
  1272. $rtn .= l($disp, "admin/users/faculty", "de_catalog_year=$de_catalog_year&ur=" . $vals[0] . "&lr=" . $vals[1], array("class" => "admin-courses-letter-link")) . " &nbsp; ";
  1273. }
  1274. $rtn .= "</div>";
  1275. $rtn .= "
  1276. <form class='filters' action='" . base_path() . "/admin/users/faculty' method='GET' >
  1277. <input type='hidden' name='performAction' value='editUsers'>
  1278. " . t("Search:") . " <input type='text' class='smallinput' name='search' value='{$_GET["search"]}' size='15'>
  1279. <input type='submit' name='searchsubmit' class='smallinput' value=' -> '>
  1280. &nbsp;&nbsp;" . t("or") . "&nbsp;&nbsp;
  1281. <select name='department' class='smallinput'>
  1282. <option value=''>" . t("Select a department:") . "</option>
  1283. <option value=''>--------------------------</option>
  1284. <!--DEPTSEARCH-->
  1285. </select>
  1286. <input type='submit' name='deptsubmit' class='smallinput' value=' -> '>
  1287. &nbsp;&nbsp;" . t("or") . "&nbsp;&nbsp;
  1288. <select name='role' class='smallinput'>
  1289. <option value=''>" . t("Select a role:") . "</option>
  1290. <option value=''>--------------------------</option>
  1291. ";
  1292. // Show list of roles
  1293. $res = db_query("SELECT * FROM roles ORDER BY rid");
  1294. while ($cur = db_fetch_array($res)) {
  1295. $key = $cur["rid"];
  1296. $value = $cur["name"];
  1297. $dispval = $value;
  1298. // Skip anonymous and authenticated
  1299. if ($key == 1 || $key == 2) continue;
  1300. if (strlen($dispval) > 25) {
  1301. $dispval = trim(substr($dispval, 0, 22)) . "...";
  1302. }
  1303. $sel = "";
  1304. if ($key == $_GET["role"]*1) {
  1305. $sel = "selected";
  1306. }
  1307. $rtn .= "<option value='$key' $sel>$dispval</option>";
  1308. }
  1309. $rtn .= "</select>
  1310. <input type='submit' name='rolesubmit' class='smallinput' value=' -> '>
  1311. </form>
  1312. </div>
  1313. <br>
  1314. ";
  1315. $displaying = "";
  1316. $ur = trim($_GET["ur"]);
  1317. $lr = trim($_GET["lr"]);
  1318. if ($ur != "" || $lr != "")
  1319. {
  1320. $_SESSION["prev_user_search"] = "";
  1321. }
  1322. if ($ur == "")
  1323. { // meaning, no range was set. Use A - C
  1324. $ur = $_SESSION["ur"];
  1325. $lr = $_SESSION["lr"];
  1326. if ($ur == "")
  1327. { // if still blank, assign it..
  1328. $ur = "A";
  1329. $lr = "AZZZZ";
  1330. }
  1331. }
  1332. $_SESSION["ur"] = $ur;
  1333. $_SESSION["lr"] = $lr;
  1334. $search = trim($_GET["search"]);
  1335. $dept = trim($_GET["department"]);
  1336. $role = trim($_GET["role"]);
  1337. if ($search != "" || $dept != "")
  1338. {
  1339. $_SESSION["prev_user_search"] = "";
  1340. }
  1341. if ($_SESSION["prev_user_search"] != "")
  1342. {
  1343. $temp = explode("%%",$_SESSION["prev_user_search"]);
  1344. if ($temp[0] == "search")
  1345. {
  1346. $search = $temp[1];
  1347. }
  1348. if ($temp[0] == "dept")
  1349. {
  1350. $_GET["deptsubmit"] = "1";
  1351. $dept = $temp[1];
  1352. }
  1353. if ($temp[0] == "role") {
  1354. $_GET["rolesubmit"] = "1";
  1355. $role = $temp[1];
  1356. }
  1357. }
  1358. $_SESSION["prev_user_search"] = "";
  1359. // Let's pull the needed variables out of our settings, so we know what
  1360. // to query, because this is a non-FlightPath table.
  1361. //$tsettings = $GLOBALS["fp_system_settings"]["extra_tables"]["human_resources:faculty_staff"];
  1362. //$tf = (object) $tsettings["fields"]; //Convert to object, makes it easier to work with.
  1363. //$table_name = $tsettings["table_name"];
  1364. if ($search != "" && !($_GET["deptsubmit"]) && !($_GET["rolesubmit"]))
  1365. {
  1366. // Something was searched for, and the dept submit button was not pushed, nor role submit
  1367. $dept = "";
  1368. $temp = explode(" ",$search);
  1369. $search1 = $temp[0];
  1370. $search2 = trim($temp[1]);
  1371. $_SESSION["prev_user_search"] = "search%%$search";
  1372. $displaying = $search;
  1373. $second_part = "";
  1374. if ($search2 != "")
  1375. {
  1376. // Two search terms, probably a name...
  1377. $result = db_query("SELECT * FROM users u, faculty f
  1378. WHERE
  1379. u.is_faculty = 1
  1380. AND u.cwid = f.cwid
  1381. AND (l_name LIKE '%?%'
  1382. AND f_name LIKE '%?%')
  1383. ORDER BY l_name, f_name ", $search2, $search1);
  1384. }
  1385. else {
  1386. // One search term....
  1387. $result = db_query("SELECT * FROM users u, faculty f
  1388. WHERE
  1389. u.is_faculty = 1
  1390. AND u.cwid = f.cwid
  1391. AND (u.cwid LIKE '%?%'
  1392. OR l_name LIKE '%?%'
  1393. OR f_name LIKE '%?%')
  1394. ORDER BY l_name, f_name ", $search1, $search1, $search1);
  1395. }
  1396. }
  1397. else if ($dept != "" && $_GET["deptsubmit"]) {
  1398. // User select a department. Look for it...
  1399. $search = "";
  1400. $_SESSION["prev_user_search"] = "dept%%$dept";
  1401. $result = db_query("SELECT * FROM users a, faculty b
  1402. WHERE a.cwid = b.cwid
  1403. AND a.is_faculty = 1
  1404. AND department = '?'
  1405. ORDER BY l_name, f_name ", $dept);
  1406. $displaying = $dept;
  1407. }
  1408. else if ($role != "" && $_GET["rolesubmit"]) {
  1409. // User select a role. Look for it...
  1410. $search = "";
  1411. $_SESSION["prev_user_search"] = "role%%$role";
  1412. $result = db_query("SELECT * FROM users a, faculty b, user_roles c
  1413. WHERE a.cwid = b.cwid
  1414. AND a.is_faculty = 1
  1415. AND a.user_id = c.user_id
  1416. AND c.rid = '?'
  1417. ORDER BY l_name, f_name ", $role);
  1418. $displaying = user_get_role_name($role);
  1419. }
  1420. else
  1421. { // No search, so look for the range...
  1422. $result = db_query("SELECT * FROM users u, faculty f
  1423. WHERE
  1424. u.is_faculty = 1
  1425. AND u.cwid = f.cwid
  1426. AND l_name BETWEEN '?' AND '?'
  1427. ORDER BY l_name, f_name ", $ur, $lr);
  1428. $displaying = $ur;
  1429. }
  1430. $rtn .= "<div class='tenpt' style='padding-bottom: 5px;'><b>" . t("Displaying:") . "</b> $displaying</div>
  1431. <table border='0' width='100%' cellpadding='3' cellspacing='0' class='user-list'>
  1432. <tr>
  1433. <th>CWID</th>
  1434. <th>Name</th>
  1435. <th></th>
  1436. <th>Department</th>
  1437. <th>Roles</th>
  1438. <th>&nbsp;</th>
  1439. </tr>
  1440. ";
  1441. while ($cur = db_fetch_array($result)) {
  1442. $user_id = $cur["user_id"];
  1443. $l_name = trim(ucwords(strtolower($cur["l_name"])));
  1444. $f_name = trim(ucwords(strtolower($cur["f_name"])));
  1445. $faculty_cwid = trim($cur["cwid"]);
  1446. $dept_name = trim(ucwords(strtolower($cur["department"])));
  1447. $ast = "";
  1448. $reason = "";
  1449. $fgcol = "black";
  1450. $roles = "";
  1451. $roles_classes = "no-roles";
  1452. $temp = system_get_roles_for_user($user_id);
  1453. if (count($temp) > 1) $roles_classes = "";
  1454. foreach ($temp as $rid => $t) {
  1455. if ($rid > 2) {
  1456. // rid 1 and 2 are anonymous and authenticated-- no need to show them.
  1457. $roles .= "<div class='list-role'>$t</div>";
  1458. $roles_classes .= " role-" . fp_get_machine_readable($t);
  1459. }
  1460. }
  1461. // $pC .= "<a href='edit_users.php?action=load&course_id=$course_id'> user: $f_name $mid_name $l_name </a><br>";
  1462. $rtn .= "<tr class='$roles_classes'>
  1463. <td valign='top' width='15%'>$faculty_cwid</td>
  1464. <td valign='top' width='15%'>$f_name</td>
  1465. <td valign='top' width='15%'>$l_name</td>
  1466. <td valign='top'>$dept_name</td>
  1467. <td valign='top'>$roles</td>
  1468. <td valign='top'>" . l(t("edit"), "admin/users/edit-user", "faculty_cwid=$faculty_cwid&de_catalog_year=$de_catalog_year") . "</td>
  1469. </tr>";
  1470. } // while
  1471. $rtn .= "</table>";
  1472. // Put in the dept pulldown....
  1473. $bC = "";
  1474. for ($t = 0; $t<count($dept_array); $t++)
  1475. {
  1476. $dd = $dept_array[$t];
  1477. $sel = "";
  1478. if ($dd == $dept)
  1479. {
  1480. $sel = "selected";
  1481. }
  1482. $dispval = $dd;
  1483. if (strlen($dispval) > 40) {
  1484. $dispval = trim(substr($dispval, 0, 37)) . "...";
  1485. }
  1486. $bC .= "<option value='$dd' $sel>$dispval</option> \n";
  1487. }
  1488. $rtn = str_replace("<!--DEPTSEARCH-->",$bC,$rtn);
  1489. return $rtn;
  1490. }
  1491. /**
  1492. * Simple function to return the human-readable name for a role, by rid.
  1493. *
  1494. * @param unknown_type $rid
  1495. */
  1496. function user_get_role_name($rid) {
  1497. $name = db_result(db_query("SELECT name FROM roles WHERE rid = '?' ", $rid));
  1498. return $name;
  1499. }