How can we disable the students from editing there username and changing password?
RAFI
Yes how?
Well the best way to do this is to authenticate to a separate database that has your student information.
Short of that kind of solution, you can edit files in Moodle (particularly moodle/user/edit.php).
Can I ask what kind of trouble you are having? Are students acting irresponsibly? Could this be a "teachable moment" rather than a shortcut? I ask only because profiles can carry some really important information about learners and to chop off that functionality could be disappointing.
-Tom
Short of that kind of solution, you can edit files in Moodle (particularly moodle/user/edit.php).
Can I ask what kind of trouble you are having? Are students acting irresponsibly? Could this be a "teachable moment" rather than a shortcut? I ask only because profiles can carry some really important information about learners and to chop off that functionality could be disappointing.
-Tom
Frequently it comes down to a privacy issue as well as managment issue. We've developed a system for our current LMS that looks up a username and password based on the users university ID and password.
It may be illegal to store the other profile data in the US as well. The new education privacy laws are fairly restrictive and the less user data the better. Right now, we store the persons first name, last name and email, and that's it.
Jason
It may be illegal to store the other profile data in the US as well. The new education privacy laws are fairly restrictive and the less user data the better. Right now, we store the persons first name, last name and email, and that's it.
Jason
Student shouldn't edit there username provided by the teachers.
What change should i make in edit.php for the above said??
rafi
By user name do you mean their first and last names, or the login names? Normally when students edit their profiles, they don't have access to changing their login/user names.
Essentially, the fields you don't want the students changing, you'll need to comment out in the edit.php file. You might want to keep a clean copy of the edit.php file saved as edit2.php file, so that you can call it when necessary.
Essentially, the fields you don't want the students changing, you'll need to comment out in the edit.php file. You might want to keep a clean copy of the edit.php file saved as edit2.php file, so that you can call it when necessary.
after making comment on edit.php what will happen to the student creating new profile??
RAFI
That's the problem, it will disable it for everyone. I'd only recommend editing edit.php after you have everyone enrolled.
Tom thanks for your help.
RAFI.
Use an external authentication, then edit the "edit.html" to prevent users in changing thier profile... see sample attachment below (temporary solution???)
Thank you.
One more,How to add photo's to the profile?
Thanks
RAF
The above sample may cause you some error in data storage. So better edit the edit.php
TOM:
What part of edit.php should be edited?
Martin,
Can I add this in the config.php:
$CFG->disableuserfirstname = true;
$CFG->disableuserlastname = true;
How can this be done to disable changes in the personal profile...?
Hello everyone,
sorry to dig up this old thread, but I'd really like to find out if there's a way to disable non-administrators' ability to edit their username, firstname and lastname (but NOT any other fields)? I would like students/teachers to be able to add/edit the above information at account creation (only) however.
Disabling edit.php (as suggested above) seems to disable creation for users creating new accounts too, so that option would have to be ruled out.
Thanks in advance.
sorry to dig up this old thread, but I'd really like to find out if there's a way to disable non-administrators' ability to edit their username, firstname and lastname (but NOT any other fields)? I would like students/teachers to be able to add/edit the above information at account creation (only) however.
Disabling edit.php (as suggested above) seems to disable creation for users creating new accounts too, so that option would have to be ruled out.
Thanks in advance.
I'd love to know the same thing only I would need to disable email as well!
Thanks
- Find the input field(s) and change the attribute "text" into "hidden"
- add an echo of the content of that field, so the user still will see it
- add a condition like: if (isadmin()) {do the old line}else{do the new line);
Ger this solution implies a security problem, becouse the user can change the html in the client side and send it back modified.
In reply to Genner Cerna
I don't want ANYONE to be able to create a NEW account
by ellen friedlander -
I don't want anyone to be able to create a new profile. My students are creating multiple account and then can't log into the course because I need to put them into the specific course. Then I have multiples of everyone in the gradebook. I really need to be able to enroll a student and not have them be able to create user accounts themselves. I love the program but I certainly need control over what's going on in the gradebook. I am 2secs away from shutting down my site. I spend an hour each day eliminating duplicate accounts. Every day I tell students NOT to create additional accounts, but the program brings them to a profile page when they log in. HELP.
In reply to ellen friedlander
Re: I don't want ANYONE to be able to create a NEW account
by Martin Dougiamas -
Set authentication to "manual" in your admin settings.
Set an enrolment key in your course settings and don't tell the students what it is (except ones you want to allow in). You can enrol them manually as well.
Set an enrolment key in your course settings and don't tell the students what it is (except ones you want to allow in). You can enrol them manually as well.
In reply to Martin Dougiamas
Re: I don't want ANYONE to be able to create a NEW account
by ellen friedlander -
Martin, thank you VERY much. I have been such a tremendous devotee of Moodle. Your product is wonderful. These students have been driving me crazy! THANK YOU!!!!!!!!!
In reply to Martin Dougiamas
Re: I don't want ANYONE to be able to create a NEW account
by ellen friedlander -
Actually, doesn't that just solve half the problem? The students create additional profiles for themselves so that then I have their original profile as a user and enrolled in the course. The new profile then isn't in the class because they can't enrol themselves - I don't want them to be able to enrol themselves or I have 2 of JoeWhoDunItAgain in the grade book. As a result, however, they find they can't get into the course and email me incessantly.
I've now made it so that they cannot progress into the site without logging in - and they also cannot edit their profiles. I don't think they can even create a new profile, although I'm not sure of this.
In a nutshell, I'd like to make it so that no one can create a new user account and that no one can edit his/her profile. While this sounds to be counter-Moodle, I believe it's the only way to control who's in the site and classes.
In reply to ellen friedlander
Re: I don't want ANYONE to be able to create a NEW account
by Kieran Denny -
hi Ellen
no too sure if i'm reading into this too much, but what authentication type are you using?
i had a similar issue [students being sent to a profile page upon login] when initially implementing LDAP authentication. the issue was that our students do not have email addresses. therefore, an import from our LDAP server resulted in invalid profiles [moodle 'requires' an email address].
the end result was that i modified some of the code to import 'dummy' email addresses as part of the import, then disabled the options in code on the profile page [as well as the verification pages].
you may need to consider which authentication option you want. there are so many out there [most in my opinion preferable to 'email']. Of course as martin mentioned you could just set auth to 'manual', and then the site admin would have to setup all accounts.
regards,
Kieran
In reply to Kieran Denny
Re: I don't want ANYONE to be able to create a NEW account
by ellen friedlander -
Kieran, I don't want them to be able to either create new or edit profiles. I've added the code so that they cannot edit their profiles. This was important because as many times as I've explained it in class, they still go in and remove student id's and create weird names for themselves.
Worst of all is the fact that they keep creating duplicates of themselves, as opposed to editing the profile that exists. For them, it seems like the easier route, to just create a new profile (and the wording on the site invites them to do that - can't find the coding to change the wording!). This means that I then have 2 of whomever in my gradebook.
Can I make it so that they cannot create user accounts.
In reply to Abdul Rafi Jaffarullah
Disable editing of User Profile for all users excluding admin
by David Keenan -
Disable editing of User Profile for all users excluding admin
To disable editing of the user profile by students and teachers and only allow your admins to edit these you can add a couple of lines to the user/edit.php file. see below.
require_once("../config.php");
require_once("$CFG->libdir/gdlib.php");
require_variable($id); // user id
require_variable($course); // course id
if (! $user = get_record("user", "id", $id)) {
error("User ID was incorrect");
}
if (!isadmin()) {
error("You do not have permission to access this area");
}
if (! $course = get_record("course", "id", $course)) {
error("Course ID was incorrect");
}
If you find this useful or have any other queries please could you let me know.
Regards.
DK
In reply to David Keenan
Re: Disable editing of User Profile for all users excluding admin
by Jason Bouwmeester -
After looking at this snippet (which works great), I added this to the following page:
user/view.php
search for this line (109 or so):
if(($currentuser and !isguest()) or isadmin()){
and replace it with this:
if(isadmin()){
Doing this will disable the "Edit Profile" button (which I find very useful and the user doesn't get an error message, which I found was kicking you out to the login page after you hit continue).
~jb
user/view.php
search for this line (109 or so):
if(($currentuser and !isguest()) or isadmin()){
and replace it with this:
if(isadmin()){
Doing this will disable the "Edit Profile" button (which I find very useful and the user doesn't get an error message, which I found was kicking you out to the login page after you hit continue).
~jb
In reply to Jason Bouwmeester
Re: Disable editing of User Profile for all users excluding admin
by Genner Cerna -
This means that students cant upload their desire picture. Best way to do this is to disable some of the fields not all.
In reply to Genner Cerna
Re: Disable editing of User Profile for all users excluding admin
by Jason Bouwmeester -
True, however in our instance, we are loading student pictures from a database so we don't want them to be able to upload their desired pictures 
In reply to Jason Bouwmeester
Re: Disable editing of User Profile for all users excluding admin
by ellen friedlander -
I'm getting kicked out also. My site now says access denied even when just typing in the address after dumping all internet files online and off.
In reply to Jason Bouwmeester
Re: Disable editing of User Profile for all users excluding admin
by ellen friedlander -
Manual accounts only
| This method removes any way for users to create their own accounts. All accounts must be manually created by the admin user. |
I'd missed this.
Between this and locking various fields, I believe the problem is solved!!!!
In reply to David Keenan
Re: Disable editing of User Profile for all users excluding admin
by Mike Wills -
Will this work with the latest version of Moodle?
Thanks
In reply to Mike Wills
Re: Disable editing of User Profile for all users excluding admin (online lock solution)
by Leônidas Brandão -
I think the best solution to avoid users to change important data (like "firstname" and "lastname") is to use "on-line" options (not programming intervention).
In this case I suggest to you to use the options "Manual accounts" e "Email-based self-registration" and set them as "Locked". However, it is necessary the "Admin" role. These options are in:
* SITE ADMINISTRATION
* PLUGINS
* AUTHENTICATION
* MANUAL ACCOUNTS: after get this, set it as "Locked"
* EMAIL-BASED SELF-REGISTRATION: do the same here (if you allow email registration).
This works (at least) under Moodle 2.4 until 2.8.
Best regards,
Leônidas
In this case I suggest to you to use the options "Manual accounts" e "Email-based self-registration" and set them as "Locked". However, it is necessary the "Admin" role. These options are in:
* SITE ADMINISTRATION
* PLUGINS
* AUTHENTICATION
* MANUAL ACCOUNTS: after get this, set it as "Locked"
* EMAIL-BASED SELF-REGISTRATION: do the same here (if you allow email registration).
This works (at least) under Moodle 2.4 until 2.8.
Best regards,
Leônidas
In reply to Leônidas Brandão
Re: Disable editing of User Profile for all users excluding admin (online lock solution)
by gilang jayadiningrat -
Hi Leonidas,
Thanks for your tips. This solve my problem . I'm using Moodle 2.9 and its still work.
May i ask one question ,
How to disable user to update their profile picture ?
In reply to gilang jayadiningrat
Re: Disable editing of User Profile for all users excluding admin (online lock solution)
by Mary Cooch -
If you want to prevent users changing their profile picture, please see Administration > Site administration > Security > Site policies >Disable user profile images.