AutorÃa | Ultima modificación | Ver Log |
<?php// This file is part of Moodle - http://moodle.org///// Moodle is free software: you can redistribute it and/or modify// it under the terms of the GNU General Public License as published by// the Free Software Foundation, either version 3 of the License, or// (at your option) any later version.//// Moodle is distributed in the hope that it will be useful,// but WITHOUT ANY WARRANTY; without even the implied warranty of// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the// GNU General Public License for more details.//// You should have received a copy of the GNU General Public License// along with Moodle. If not, see <http://www.gnu.org/licenses/>.namespace core\output;use core\context\user as context_user;use core\exception\coding_exception;use moodle_page;use moodle_url;use stdClass;/*** Data structure representing a user picture.** @copyright 2009 Nicolas Connault, 2010 Petr Skoda* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later* @since Modle 2.0* @package core* @category output*/class user_picture implements renderable {/*** @var stdClass A user object with at least fields all columns specified* in $fields array constant set.*/public $user;/*** @var int The course id. Used when constructing the link to the user's* profile, page course id used if not specified.*/public $courseid;/*** @var bool Add course profile link to image*/public $link = true;/*** @var int Size in pixels. Special values are (true/1 = 100px) and (false/0 = 35px) for backward compatibility.* Recommended values (supporting user initials too): 16, 35, 64 and 100.*/public $size = 35;/*** @var bool Add non-blank alt-text to the image.* Default true, set to false when image alt just duplicates text in screenreaders.*/public $alttext = true;/*** @var bool Whether or not to open the link in a popup window.*/public $popup = false;/*** @var string Image class attribute*/public $class = 'userpicture';/*** @var bool Whether to be visible to screen readers.*/public $visibletoscreenreaders = true;/*** @var bool Whether to include the fullname in the user picture link.*/public $includefullname = false;/*** @var mixed Include user authentication token. True indicates to generate a token for current user, and integer value* indicates to generate a token for the user whose id is the value indicated.*/public $includetoken = false;/*** User picture constructor.** @param stdClass $user user record with at least id, picture, imagealt, firstname and lastname set.* It is recommended to add also contextid of the user for performance reasons.*/public function __construct(stdClass $user) {global $DB;if (empty($user->id)) {throw new coding_exception('User id is required when printing user avatar image.');}// Only touch the DB if we are missing data and complain loudly...$needrec = false;foreach (\core_user\fields::get_picture_fields() as $field) {if (!property_exists($user, $field)) {$needrec = true;debugging("Missing '{$field}' property in \$user object, ". "this is a performance problem that needs to be fixed by a developer. ". 'Please use the \core_user\fields API to get the full list of required fields.',DEBUG_DEVELOPER,);break;}}if ($needrec) {$this->user = $DB->get_record('user',['id' => $user->id],implode(',', \core_user\fields::get_picture_fields()),MUST_EXIST);} else {$this->user = clone($user);}}/*** Returns a list of required user fields, useful when fetching required user info from db.** In some cases we have to fetch the user data together with some other information,* the idalias is useful there because the id would otherwise override the main* id of the result record. Please note it has to be converted back to id before rendering.** @param string $tableprefix name of database table prefix in query* @param null|array $extrafields extra fields to be included in result* Do not include TEXT columns because it would break SELECT DISTINCT in MSSQL.* @param string $idalias alias of id field* @param string $fieldprefix prefix to add to all columns in their aliases, does not apply to 'id'* @return string* @deprecated since Moodle 3.11 MDL-45242* @see \core_user\fields*/public static function fields($tableprefix = '',?array $extrafields = null,$idalias = 'id',$fieldprefix = '',) {debugging('user_picture::fields() is deprecated. Please use the \core_user\fields API instead.', DEBUG_DEVELOPER);$userfields = \core_user\fields::for_userpic();if ($extrafields) {$userfields->including(...$extrafields);}$selects = $userfields->get_sql($tableprefix, false, $fieldprefix, $idalias, false)->selects;if ($tableprefix === '') {// If no table alias is specified, don't add {user}. in front of fields.$selects = str_replace('{user}.', '', $selects);}// Maintain legacy behaviour where the field list was done with 'implode' and no spaces.$selects = str_replace(', ', ',', $selects);return $selects;}/*** Extract the aliased user fields from a given record** Given a record that was previously obtained using {@see self::fields()} with aliases,* this method extracts user related unaliased fields.** @param stdClass $record containing user picture fields* @param null|array $extrafields extra fields included in the $record* @param string $idalias alias of the id field* @param string $fieldprefix prefix added to all columns in their aliases, does not apply to 'id'* @return stdClass object with unaliased user fields*/public static function unalias(stdClass $record,?array $extrafields = null,$idalias = 'id',$fieldprefix = '',) {if (empty($idalias)) {$idalias = 'id';}$return = new stdClass();foreach (\core_user\fields::get_picture_fields() as $field) {if ($field === 'id') {if (property_exists($record, $idalias)) {$return->id = $record->{$idalias};}} else {if (property_exists($record, $fieldprefix . $field)) {$return->{$field} = $record->{$fieldprefix . $field};}}}// Add extra fields if not already there.if ($extrafields) {foreach ($extrafields as $e) {if ($e === 'id' || property_exists($return, $e)) {continue;}$return->{$e} = $record->{$fieldprefix . $e};}}return $return;}/*** Checks if the current user is permitted to view user profile images.** This is based on the forcelogin and forceloginforprofileimage config settings, and the* moodle/user:viewprofilepictures capability.** Logged-in users are allowed to view their own profile image regardless of capability.** @param int $imageuserid User id of profile image being viewed* @return bool True if current user can view profile images*/public static function allow_view(int $imageuserid): bool {global $CFG, $USER;// Not allowed to view profile images if forcelogin is enabled and not logged in (guest// allowed), or forceloginforprofileimage is enabled and not logged in or guest.if ((!empty($CFG->forcelogin) && !isloggedin()) ||(!empty($CFG->forceloginforprofileimage) && (!isloggedin() || isguestuser()))) {return false;}// Unless one of the forcelogin options is enabled, users can download profile pics// without login, so the capability should not be checked as it might lead to a// false sense of security (i.e. you log in as a test user, the HTML page doesn't// show the picture, but they can still access it if they just log out).// When the capability is checked, use system context for performance (if we check at// user level, pages that show a lot of user pictures will individually load a lot of// user contexts).if ((!empty($CFG->forcelogin) || !empty($CFG->forceloginforprofileimage)) &&$USER->id != $imageuserid &&!has_capability('moodle/user:viewprofilepictures', \context_system::instance())) {return false;}return true;}/*** Works out the URL for the users picture.** This method is recommended as it avoids costly redirects of user pictures* if requests are made for non-existent files etc.** @param moodle_page $page* @param null|renderer_base $renderer* @return moodle_url*/public function get_url(moodle_page $page,?renderer_base $renderer = null,) {global $CFG;if (is_null($renderer)) {$renderer = $page->get_renderer('core');}// Sort out the filename and size. Size is only required for the gravatar// implementation presently.if (empty($this->size)) {$filename = 'f2';$size = 35;} else if ($this->size === true || $this->size == 1) {$filename = 'f1';$size = 100;} else if ($this->size > 100) {$filename = 'f3';$size = (int)$this->size;} else if ($this->size >= 50) {$filename = 'f1';$size = (int)$this->size;} else {$filename = 'f2';$size = (int)$this->size;}$defaulturl = $renderer->image_url('u/' . $filename); // Default image.if (!self::allow_view($this->user->id)) {return $defaulturl;}// First try to detect deleted users - but do not read from database for performance reasons!if (!empty($this->user->deleted) || !str_contains($this->user->email, '@')) {// All deleted users should have email replaced by md5 hash,// all active users are expected to have valid email.return $defaulturl;}// Did the user upload a picture?if ($this->user->picture > 0) {if (!empty($this->user->contextid)) {$contextid = $this->user->contextid;} else {$context = context_user::instance($this->user->id, IGNORE_MISSING);if (!$context) {// This must be an incorrectly deleted user, all other users have context.return $defaulturl;}$contextid = $context->id;}$path = '/';if (clean_param($page->theme->name, PARAM_THEME) == $page->theme->name) {// We append the theme name to the file path if we have it so that// in the circumstance that the profile picture is not available// when the user actually requests it they still get the profile// picture for the correct theme.$path .= $page->theme->name . '/';}// Set the image URL to the URL for the uploaded file and return.$url = moodle_url::make_pluginfile_url($contextid,'user','icon',null,$path,$filename,false,$this->includetoken);$url->param('rev', $this->user->picture);return $url;}if ($this->user->picture == 0 && !empty($CFG->enablegravatar)) {// Normalise the size variable to acceptable bounds.if ($size < 1 || $size > 512) {$size = 35;}// Hash the users email address.$md5 = md5(strtolower(trim($this->user->email)));// Build a gravatar URL with what we know.// Find the best default image URL we can (MDL-35669).if (empty($CFG->gravatardefaulturl)) {$absoluteimagepath = $page->theme->resolve_image_location('u/' . $filename, 'core');if (strpos($absoluteimagepath, $CFG->dirroot) === 0) {$gravatardefault = $CFG->wwwroot . substr($absoluteimagepath, strlen($CFG->dirroot));} else {$gravatardefault = $CFG->wwwroot . '/pix/u/' . $filename . '.png';}} else {$gravatardefault = $CFG->gravatardefaulturl;}// If the currently requested page is https then we'll return an// https gravatar page.if (is_https()) {return new moodle_url("https://secure.gravatar.com/avatar/{$md5}", ['s' => $size, 'd' => $gravatardefault]);} else {return new moodle_url("http://www.gravatar.com/avatar/{$md5}", ['s' => $size, 'd' => $gravatardefault]);}}return $defaulturl;}}// Alias this class to the old name.// This file will be autoloaded by the legacyclasses autoload system.// In future all uses of this class will be corrected and the legacy references will be removed.class_alias(user_picture::class, \user_picture::class);