Default value of the $flag argument changed in PHP 8.1 from ENT_COMPAT to ENT_QUOTES | ENT_SUBSTITUTE
To ensure consistent behavior across different PHP version the second parameter is now required for the functions:
htmlspecialchars(), htmlentities(), htmlspecialchars_decode(), html_entity_decode() and get_html_translation_table()
This class would belong more appropriately within the 'user' API
(core_user) instead of within the 'core' API, since it is
directly related to user data.
Since the class has only just been added to Moodle, now is a good
time to move it.
In all cases changes have been kept to a minimum while not making
the code completely horrible. For example, there are many instances
where it would probably be better to rewrite a query entirely, but
I have not done that (in order to reduce the risk of changes).
The user_selector classes supported custom list of extra identity
fields. But they should obey the configured user policy and respect the
privacy setting made by site administrators. So the list of user
identifiers should never be hard-coded, but the setting
$CFG->showuseridentity should be always respected.
Added $viewfullnames property to the user_selector_base class so anyone using a child class of this class can
let it know if user has viewfullnames capability or not.
This function used to be in the user selector, but it is useful in
other areas where we want to search for users as it handles a number
of search options (including extra fields, etc.) and returns SQL
which can be included in a joined query.
A unit test has been added to check the results of these searches.
course, cohort, enrol, role, groups and forum used to use hard-coded
MAX_USERS_PER_PAGE=100 for rendering user list. This has been converted
to $CFG->maxusersperpage.
This commit coverts everything in the codebase to use the new
users_order_by_sql function when sorting lists of users. More details in
the bug.
Note that this does not change places where users are displayed in a
sortable table, and the sort order comes from the table.
when function find_users was supposed to be used for user validation but no userids were passed to it, it retrieved all users in the system.
This caused memory overflow on systems with too many users (like moodle.org).
Now we make sure that find_users is not called for validation if there is nobody to validate.
Also improved query inside find_users to make it work faster
This change:
- Renames the existing setting 'extrauserselectorfields' to 'showuseridentity'
in preparation for using it in more places. (Upgrade change, new version.)
- Adds a new capability moodle/site:viewuseridentity, now required in order
to see the extra fields; if you don't have the capability, you don't see them
- Slightly improves the display of extra fields in user selector list; it used
to be like 'sam marshall, 01234567, email@address' and is now
'sam marshall [01234567, email@address]' ie the fields are in square
brackets
- Turns feature on for the group selector - the feature was enabled for other
user selectors but not for the group selector. Tim did the disable code, he
thinks this may be to do with more people having access to group selector -
probably not a problem now it is controlled by capability.