Compare commits

..

664 Commits

Author SHA1 Message Date
martinlanghoff ff8ed9e118 Merged from MOODLE_15_STABLE: Fix for Secunia Advisory SA18267 and test file cleanup 2006-01-03 21:04:16 +00:00
martinlanghoff 11d6d2302e AdoDB tests cleanup after Secunia Advisory SA18267 and test file cleanup 2006-01-03 21:03:28 +00:00
stronk7 8122533f6f Some RSS readers seems to have problems with that wrong p tag.
Merged from MOODLE_15_STABLE
2005-09-07 17:09:20 +00:00
stronk7 c5d8c7e050 Wrong syntax fixed. Bug 4014.
Curiosly, the bug is in 1.4 and HEAD, but no in 1.5... Uhmmm,
be careful with those merges... ;-)

(http://moodle.org/bugs/bug.php?op=show&bugid=4014)
2005-09-05 16:17:52 +00:00
moodler 353a7c0073 Fix for bug 3958 and google overactivity 2005-08-30 09:30:44 +00:00
patrickslee 7ac133f2b0 Fixed a serious bug in table_column() that modified column not having NOT NULL for postgres (merged from 15_STABLE) 2005-08-11 23:53:28 +00:00
patrickslee 10f277917b Duplicate process in postgres upgrade file 2005-07-28 04:03:18 +00:00
patrickslee da607a290a Sorry, typo on last revision 2005-07-27 22:30:58 +00:00
patrickslee 03f9fd035b We have extremely crappy support for postgres7 in those modules in 14_STABLE, someone forgot to backport from HEAD? 2005-07-27 22:16:43 +00:00
patrickslee ca0a595d48 Fixed a problem that courses cannot be move to another category when there are quotes in some text fields. 2005-07-18 21:51:32 +00:00
bobopinna 8c531b70c4 Fixed a bug in course structure display 2005-07-15 07:15:42 +00:00
bobopinna e44d24d215 Removed manifest validation 2005-06-29 07:00:16 +00:00
martinlanghoff ba0a46c67b Better DB errors debug traces from Patrick Li 2005-05-19 21:55:16 +00:00
stronk7 12a9d95c17 Old file I forgot to commit, sorry Gustav. Should fix Bug 3293
(http://moodle.org/bugs/bug.php?op=show&bugid=3293)
2005-05-19 17:04:01 +00:00
stronk7 50e5c4c33c Avoid some notice under PHP5 2005-05-19 16:57:26 +00:00
stronk7 5e2648e0c1 Prevent multiple execution of restore. Bug 3291
(http://moodle.org/bugs/bug.php?op=show&bugid=3291)
2005-05-18 18:05:24 +00:00
defacer 573d9922af Merging fix for bug 2635 from HEAD. 2005-05-17 15:31:37 +00:00
stronk7 8798defb52 Fix for wrong behaviour under PHP5 where units were wrongly
populated (because we were working against the same $tmpunit
always).

(plus a bit of change in coding style...)

Credits go to Julian Sedding!
2005-05-14 18:18:58 +00:00
moodler bbbe23a851 Fixed missing brace that breaks authentication 2005-05-14 03:08:42 +00:00
martinlanghoff 41a0a5dfc1 Fixes 'Erroneous redirection to course enrolment page' bug #3224 - patch by Patrick Li 2005-05-13 05:08:41 +00:00
mjollnir_ 530a11b3cd SQL errors are now (optionally -- defaults to off) logged to the apache error log. Helps debugging! Credit: Patrick Li <patrick@catalyst.net.nz> 2005-05-11 23:34:23 +00:00
martinlanghoff 142eb0ee13 Added recent release notes (in English) to release notes in DE, IT, JA, JA-UTF8 and PT_BR 2005-05-11 07:18:51 +00:00
martinlanghoff 718ba8252f Merged NL release notes from HEAD into STABLE 2005-05-11 07:05:14 +00:00
martinlanghoff 5f9c28ef8d Merged FR release notes from HEAD -r1.48 -r 1.54 into STABLE 2005-05-11 06:58:31 +00:00
martinlanghoff bd1475b1dc Removed old SV release notes. 2005-05-11 06:34:31 +00:00
martinlanghoff 0888ce4507 Removed old SQ release notes. 2005-05-11 06:33:50 +00:00
martinlanghoff 6029f8bf85 Removed old PL release notes. 2005-05-11 06:32:48 +00:00
martinlanghoff c198b05b97 Removed old BE release notes. 2005-05-11 06:30:55 +00:00
mjollnir_ 82078e47be Default course id for htmlarea insert image to 0 rather than empty string to prevent invalid sql. Credit: Patrick Li 2005-05-11 02:05:38 +00:00
mjollnir_ 10ed56e401 Fixed report counter according to HEAD view.php 1.26 (Credit: Patrick Li) 2005-05-10 23:45:58 +00:00
martinlanghoff 9c3b3e16c9 SQL fixes in GROUP BY clause in SCORM module -- merged patch from Patrick Li 2005-05-10 00:28:46 +00:00
stronk7 9c4cfb0b8a kses lib updated to 0.2.2. See bug 2702.
(http://moodle.org/bugs/bug.php?op=show&bugid=2702)
2005-05-09 15:39:22 +00:00
moodler 3805d713ec Moving on 2005-05-08 02:28:59 +00:00
moodler d386fabb05 Releasing 1.5 very shortly 2005-05-07 13:33:36 +00:00
stronk7 e32fac556d Updated to 1.4.5 (links to bus processed too) 2005-05-07 09:58:51 +00:00
moodler 7c6415430b Added note about prefetching 2005-05-07 08:19:47 +00:00
moodler 5d3a4bbe9b Google suggest 404 rather than 403 2005-05-07 08:17:54 +00:00
moodler fb3ec96293 To help some 1.5 scripts around the place 2005-05-07 05:41:29 +00:00
martinlanghoff 9132b70313 Block link prefetching from Mozilla and Google Web Accelerator. 2005-05-07 03:02:59 +00:00
martinlanghoff 085c7c40e8 Fixed calls to set_user_sesskey(). 2005-05-07 01:30:05 +00:00
martinlanghoff 8ae3ede134 Release notes now link bug numbers to bugtracker. 2005-05-07 00:32:40 +00:00
martinlanghoff 7df9662c23 Updated release notes for 1.4.5 2005-05-07 00:08:14 +00:00
moodler 8e82d14a23 Merging fix for SC113 from HEAD 2005-05-06 03:12:47 +00:00
julmis 7152eb2b2c Adding charset. Hopefully fixing some language problems. 2005-04-24 21:58:37 +00:00
moodler 26ec0487c2 Bogus file! 2005-04-20 03:02:30 +00:00
mjollnir_ c32eee0b15 Backporting Howard's commit fixing bug #2963 for import/export dropdown from HEAD 2005-04-19 22:44:25 +00:00
mjollnir_ 8d37ee0d67 Backporting Howard's commit fixing bug #2963 where course dir missing from HEAD 2005-04-19 22:03:17 +00:00
defacer 4498266e5b Fix for bug 2945. 2005-04-19 21:54:28 +00:00
ethem 74c8399392 New strings for MOODLE_14_STABLE 2005-04-15 08:31:24 +00:00
ethem 4500eaf113 fixing NCR notation 2005-04-15 08:23:32 +00:00
ethem 698d89f83a new strings 2005-04-15 08:07:34 +00:00
stronk7 ce18f817f1 Bug 2918. Change proposed by t.imoto.
(http://moodle.org/bugs/bug.php?op=show&bugid=2918)
2005-04-14 23:13:13 +00:00
moodler fd56432d31 Left out a line somehow! 2005-04-13 09:18:57 +00:00
moodler debe10aaeb Continuing last fix, allow students not in a group to post into a
discussion which is also not in a group, even if the course is
using groups.
2005-04-13 09:16:49 +00:00
moodler f03554927b FIxed some logic for a wierd situation when you have a grouped forum but
upgrouped discussions and ungrouped students
2005-04-13 08:23:27 +00:00
martinlanghoff 78ac8df2d0 Added option to cache langlist in dataroot/cache/languages. Small logic fix. 2005-04-11 06:04:35 +00:00
martinlanghoff d162ab2307 Added option to cache langlist in dataroot/cache/languages. If enabled saves around 10MB of memory and 40 includes (some really large) 2005-04-11 05:53:56 +00:00
stronk7 7940571d9b Argh! Simply forget my previous commit. I was mixing 1.4 and 1.5 in
my tests! Sorry!
Under 1.4.x, assessments.php is always called from itself.
2005-04-10 18:43:23 +00:00
stronk7 f1b1783d73 Whorkshop assessments weren't working in 1.4.4+ with secure forms enabled.
this script can be called from a different one (assess.php), so I've used
the 'nomatch' trick.
2005-04-10 18:36:25 +00:00
mjollnir_ 43dd005911 Fixing problem with set up of site course 2005-04-06 22:23:25 +00:00
moodler cc02531610 FIxed a notice (bug 2850) 2005-04-06 05:28:52 +00:00
martinlanghoff 1a87d76bd4 Fixed 'Can't save changes in editor configuration' form bug reported in http://moodle.org/mod/forum/discuss.php?d=21359 2005-04-05 22:10:31 +00:00
moodler 36bf82baa5 Fixed paths on includes (we must always use absolute paths because some
servers are buggy)
2005-04-05 13:34:47 +00:00
moodler 219bd603a7 Just to remove a warning 2005-04-04 16:59:53 +00:00
danmarsden 7345d816fe Fix for Bug #2452 - Choice shows a bad number of answers 2005-04-03 23:39:05 +00:00
mjollnir_ b0debb89ce Fix for return id for insert_record - needs to be cast to an int 2005-04-03 21:03:35 +00:00
stronk7 2e9ddb98af Replace $HTTP_POST_FILES to $_FILES because the old one is
"deprecated" in new PHP versions.

Perhaps I should have used the upload manager but I'm not really sure
if it's fully available under 14_STABLE and viewing other modules
they use the $_FILES global, so I use such variable here too!
2005-04-02 18:24:56 +00:00
stronk7 965f6d9ba5 Replacing some HTTP_POST_VARS uses because it doesn't work always!
Using data_submitted() or $_POST
2005-04-02 17:37:36 +00:00
stronk7 77051d2c6f Now course/recent.php works under PHP5.
See bug 2828
(http://moodle.org/bugs/bug.php?op=show&bugid=2828)
2005-04-02 11:24:24 +00:00
stronk7 2fecd30383 Manual links from lesson pages to resources are now preserved
between backup/restore anywhere.
(see discussion http://moodle.org/mod/forum/discuss.php?d=21044)
2005-04-02 00:04:02 +00:00
moodler 0c7f4e816a Don't throw a fatal error on unknown question, try to continue. 2005-04-01 12:17:21 +00:00
martinlanghoff f5db2e8aa6 insert_record() - major efficiency improvements for Postgres databases on insert. Also fixed many calls to insert_record() which discard the returned record id to not ask for the record id. 2005-04-01 05:33:21 +00:00
martinlanghoff 63eadeac79 add_to_log() - fixed a postgres support bug when is set to '', and clarified the logic that decides whether to update the user_students/user_teacher records. 2005-03-23 07:02:19 +00:00
mjollnir_ 4131f8923b Another fix for my old fix for a postgres constraint that was missing a prefix. This time we don't create it with the silly name in the first place 2005-03-22 05:36:07 +00:00
moodler 94fae211d9 Reset proper encoding upon login bug 2770 2005-03-21 06:13:22 +00:00
martinlanghoff 657af04aac More efficient SQL UPDATE in forum_mark_old_posts_as_mailed() -- improves performance under PostgreSQL. 2005-03-20 23:10:08 +00:00
martinlanghoff 12c181bc50 Pedantic HTTP correctness; now we return an appropriate 503 HTTP status code when the database is unreachable and assumed overloaded. This is for the benefit of monitoring and load testing scripts. 2005-03-20 08:11:21 +00:00
julmis 4099382df2 Fixing Bug #2763 - Garbled characters in utf-8 2005-03-19 16:39:31 +00:00
moodler 565bcdfbda Turn off the autoloading of sound files 2005-03-16 08:00:14 +00:00
mjollnir_ 92ac9fe4f4 Fix for bug 2742 - sequences out of sequences in postgres 2005-03-15 22:57:15 +00:00
moodler 0e6a20f493 Bump 2005-03-15 17:34:52 +00:00
moodler 7066f5c8cb Andy fixed the bug with interpreting filenames - looks 100% now! 2005-03-15 12:55:21 +00:00
moodler a88acdd603 Better invocation of the new MP3 player 2005-03-14 18:14:14 +00:00
moodler fe610f51c9 New better version from Andy that lets you play before the file is downloaded 2005-03-14 15:23:44 +00:00
martinlanghoff b52bf78003 Fixed memory limit overrun in backup config page. Why SELECT * FROM mdl_course when all we need is id? :) 2005-03-14 02:06:24 +00:00
gustav_delius 9fe1f87bbe fixed typo leading to bug 2723 2005-03-13 09:54:38 +00:00
defacer 75aa6f4ea9 Fix for bug 2729: incorrect display of previous/next days in calendar day
view when the server's TZ was less than GMT and the user's TZ was greater
than the server's.

This was already fixed in HEAD as part of the DST overhaul.

Kudos to Dan Fleming (dflemingnz at aol dot com) for a most informative report.
2005-03-12 21:26:54 +00:00
stronk7 e137c8f3f9 Opps. 2nd try to hide lessons under 1.4. I was supposing that some new code
under 1.5 require_login() was working here too!
Bug 2733.
(http://moodle.org/bugs/bug.php?op=show&bugid=2733)
2005-03-12 17:54:30 +00:00
stronk7 d04f8b6cdc Now hidden lessons cannot be viewed.
Thanks to Javier Gil detecting it. Bug 2733.
(http://moodle.org/bugs/bug.php?op=show&bugid=2733)
2005-03-12 17:20:12 +00:00
martinlanghoff a394a14f85 Fix from Dan Marsden: address_in_subnet() had a loop control error. 2005-03-10 02:39:49 +00:00
moodler 3779604518 Bumping for version 1.4.4 2005-03-09 11:04:52 +00:00
mjollnir_ a331476e41 Add new line after url in journal mailout to prevent /mod/journal/view.php?id=1----- type requests 2005-03-08 20:56:22 +00:00
mjollnir_ 930c08c352 Postgres fix in quiz (added AS) 2005-03-08 20:46:23 +00:00
stronk7 3cc821f8fe Release info updated (es)
Merged from HEAD
2005-03-08 08:31:09 +00:00
stronk7 067ce31750 New way to get the server name from wwwroot instead of
using such SERVER_NAME and HTTP_HOST variables.

It should help in servers having wrong Apache configurations, being
the cause of bad logins, referer problems....making Moodle a bit less
demanding.

Semi-merged from MOODLE_HEAD (it has been working there from some days ago
with possitive resuts).

SEMI because I've retroffited from HEAD only the WWWROOT part. The rest are
quite different but I haven't modified it. Perhaps we shoul retroffit the
function completely?
2005-03-07 18:08:30 +00:00
moodler 64afd5f7f4 Fixed a notice when sending mail 2005-03-07 12:29:39 +00:00
moodler d69f04ee5d FIxed a date formatting bug 2005-03-07 05:57:51 +00:00
martinlanghoff 52de3da486 Release notes for 1.4.4 2005-03-07 04:35:50 +00:00
martinlanghoff d682f3c9de Fixed bug 2319 DB auth not fetching user data fields correctly -- credits go to andres.marquez@accenture.com and doug nutsch 2005-03-07 01:59:50 +00:00
stronk7 af7d98d028 Minor changes: Corrected some indentation and change a bit the method
used to store (oldid,newid) pairs to be a bit more standard.

I was ABSOLUTELY wrong! Lessons backup and restore are working fine
under 1.4. Ray & Michael work rocks!!
2005-03-03 23:39:11 +00:00
moodler a3a02e99d2 New version - better, smaller! A couple of small improvements still coming! 2005-03-02 17:26:34 +00:00
moodler 59a4a94d8f Some notices fixed 2005-03-02 16:19:36 +00:00
moodler 751fac4e6e Updated the lang file ... 2005-03-02 06:47:19 +00:00
martinlanghoff 15d37cd080 Fixed typo: == should be = 2005-03-01 03:08:19 +00:00
martinlanghoff 1e1a7ac3c6 loglive now has a proper footer and the links in header & footer open in new windows 2005-02-28 10:27:44 +00:00
martinlanghoff 05d24ee32d Better handling of trailing semicolons and spaces in LDAP configs. Fixes a regression from 1.4.2 . 2005-02-28 10:06:55 +00:00
stronk7 0002702346 Some $ME are now out! 2005-02-27 02:07:19 +00:00
stronk7 3de575a6b5 Some $ME are now out! 2005-02-27 00:48:44 +00:00
moodler f32f1338c0 Better display for Choice options 2005-02-25 14:20:27 +00:00
stronk7 8b66564aa4 Avoid some notices breaking image display and correct redirects. Bug 2638.
(http://moodle.org/bugs/bug.php?op=show&bugid=2638)
2005-02-25 00:10:04 +00:00
stronk7 e8704f463d Now the get_participants() standard function is working inside wiki module 2005-02-24 23:48:17 +00:00
martinlanghoff bf043e689c Provide an explicit sortorder for new courses in empty categories, and run fix_course_sortorder() after adding the course to make sure its in the appropriate range for the category 2005-02-24 21:20:29 +00:00
martinlanghoff ce1eb2484f Backing out bad sortorder fix in restorelib -- actually we didn't need one. 2005-02-24 21:14:05 +00:00
moodler 9d1ff56c6b Merged allow_url_fopen fix from HEAD 2005-02-23 15:44:01 +00:00
moodler f2da10a89a Merged allow_url_fopen from HEAD 2005-02-23 15:42:32 +00:00
martinlanghoff cd71433ca1 Merged from MOODLE_14_STABLE - Fix problem when restoring courses to empty categories 2005-02-23 04:50:15 +00:00
moodler d7519b5350 Copied the latest install.php from Moodle 1.5 bug 2625 2005-02-23 03:10:41 +00:00
martinlanghoff 91589f2168 Bug fix. Using external auth, the user account fails to be created on login if currently logged-in as guest. Credits go to Dan Marsden for the fix. 2005-02-23 02:09:28 +00:00
martinlanghoff 996b44d851 Fixed a bug in get_categories() when called for category '0', and some extra fixes to fix_course_sortorder() 2005-02-23 01:47:37 +00:00
moodler 8a50e66742 Just some robuestness with bad data in the calendar 2005-02-22 10:33:11 +00:00
moodler 141302854d FIxed sorting bug on forums, bug 2613 2005-02-21 15:38:15 +00:00
mchurch a3bd219a37 Fixed help button position in accordance with other modules. see bug 2556. 2005-02-18 18:10:26 +00:00
moodler 7b141f51c9 forum_count_discussion_replies() is now a LOT more efficient!! :-/ 2005-02-18 07:54:43 +00:00
moodler e30fcef7fd New MP3 filter is working well and is so much better, so merging from 1.5 2005-02-18 02:52:51 +00:00
stronk7 602aea1221 Now 0 rates are supported in glossary. Bug 2582
(http://moodle.org/bugs/bug.php?op=show&bugid=2582)

Merged from HEAD
2005-02-18 01:15:15 +00:00
stronk7 eea96a893f ARGGG. I spent 1 hour discovering where was the error!!
Under PHP5 we must cast objects to arrays to use them in loops.
But what is really annoying is that, instead of return an error, PHP
returns the 1st element! This should close bug 2581.
(http://moodle.org/bugs/bug.php?op=show&bugid=2581)

Merged from HEAD
2005-02-18 00:23:01 +00:00
stronk7 b88317c2e7 If the user isn't admin and the restored course hasn't teachers, add teacher.
Bug 2381
(http://moodle.org/bugs/bug.php?op=show&bugid=2381)
2005-02-17 22:53:31 +00:00
julmis 0fb4b471ef Fixing bug #2570. Making OK and Cancel buttons more visible. 2005-02-17 02:26:02 +00:00
mchurch 40ffe0916d Bug #2133 - Fixed group caching. 2005-02-16 13:43:08 +00:00
moodler a377f08b45 Merging fix for bug 2562 from HEAD 2005-02-16 06:39:29 +00:00
defacer 884925d4d7 Fix for bug 2550:
Users cannot see their own profile if course is set to separate groups and
the user is not a member of any group.

Patch provided by cdu@somerville.qld.edu.au, slightly modified
2005-02-15 16:06:25 +00:00
martinlanghoff dcdfb3680e Cleanup of warnings in filter/activitynames 2005-02-14 07:39:55 +00:00
martinlanghoff 6a69f3a260 Cleared a warning 2005-02-14 07:21:34 +00:00
martinlanghoff 0c38a48c07 Stop DB inserts we know are going to fail, and clearer error message when file upload stops. 2005-02-14 06:04:52 +00:00
martinlanghoff 19f97a11aa trim() user data coming from external auth - now covers cases where we had a space on the truncation limit 2005-02-14 01:30:20 +00:00
martinlanghoff b0686d1d07 trim() user data coming from external auth - fixes problems with locked user data in auth/ldap in 1.5 2005-02-14 01:11:36 +00:00
martinlanghoff 9b05df5e0a Cleaned up stray tabs. 2005-02-13 22:49:47 +00:00
martinlanghoff 3ce5387d29 Added option to respect php.ini session settings, else we reenable garbage collection for sessions. Fixes stale session problems with Debian systems, but still allows package maintainers to override. 2005-02-13 22:43:04 +00:00
moodler f21b480d19 Merged fix from HEAD 2005-02-10 17:23:34 +00:00
moodler 65caded8a0 Merged latest from HEAD 2005-02-09 07:13:23 +00:00
moodler cf6be4c7ba Merged files from head 2005-02-09 02:24:29 +00:00
defacer 71b774398e Fix for bug 2488:
Extending mdl_log column module to varchar(20).
It was already 20 chars in Postgres, so no changes there.
2005-02-08 20:33:36 +00:00
moodler 6ab3069e44 Merged some new strings 2005-02-08 18:16:08 +00:00
defacer f28fd7a6af Fix for bug 2491:
Implementing a "parent folder" icon in the file manager.
2005-02-08 18:01:44 +00:00
moodler f760a27352 Don't show isteacher() notice to everyone 2005-02-08 07:44:01 +00:00
moodler c7a3002e4e Cleaned up use of $id a bit bug 2513 2005-02-08 06:20:45 +00:00
martinlanghoff 831fbcf920 fix_course_sortorder() bug #2509 - Should fix overlaps when moving categories with large gaps -- affects only mysql. Prevent from landing even near the newly assigned range during the temporary shift. 2005-02-08 03:39:57 +00:00
defacer 87909ae0d6 This definitely fixes the bug described at
http://moodle.org/mod/forum/discuss.php?d=18323

but is it the same bug as bug 2513? Time will tell...

All credits to Penny!
2005-02-08 01:38:23 +00:00
stronk7 fd495cc1ad Small typo (bug 2512)
(http://moodle.org/bugs/bug.php?op=show&bugid=2512)
2005-02-08 01:05:50 +00:00
martinlanghoff ad1908146b fix_course_sortorder() bug #2509 - Should fix overlaps when moving categories with large gaps -- affects only mysql 2005-02-07 09:12:04 +00:00
moodler 78e4d1f366 Removed strtolower from PARAM_ALPHA bug 2500 and SC 90 2005-02-07 02:12:23 +00:00
moodler 9e4e90132b Merged English from HEAD 2005-02-06 12:45:32 +00:00
skodak 5e150ed183 increased maximum socket read size to prevent empty pages and repeated messages - merged from STABLE 2005-02-06 10:02:29 +00:00
defacer 12f60822fc Merging the isteacher() ---> isteacherinanycourse() fix from HEAD.
This should take care of SC#65 for good.
2005-02-05 01:50:45 +00:00
defacer 3081fefaad Bugfix: don't send HTML digests to people who want plain text email. 2005-02-04 21:15:38 +00:00
stronk7 20caf128b9 Now group members are only included (backup and restore) if
we have selected to have users! Thanks to Etienne! Bug 2486
(http://moodle.org/bugs/bug.php?op=show&bugid=2486)
2005-02-04 16:13:42 +00:00
skodak 80bdfe86d5 PARAM_ALPHA now converts to lowercase 2005-02-03 22:51:57 +00:00
skodak c3431d2f52 incorrect use of preg_quote(), add '/' to list of quoted chars - see man page 2005-02-03 19:35:32 +00:00
skodak 5fa32737f6 new parameter cleaning PARAM_BOOL and PARAM_ALPHANUM 2005-02-03 18:09:34 +00:00
martinlanghoff 76b268597b Better behavviour of fix_course_sortorder() -- related to bug #2334 2005-02-01 01:36:17 +00:00
defacer 9f5b48b33e Stopgap measure for the wrong behavior discussed in SC#87.
I believe this ensures the required behavior, but we may still change
it because it can be confusing...
2005-01-30 04:29:11 +00:00
skodak bb8889747b changes in file/path cleaning SC#84 2005-01-29 15:49:52 +00:00
skodak 642f1e22ed cleaned download filename SC#69 2005-01-29 15:14:50 +00:00
skodak 157d9457f2 direct access to script forbidden SC#58 2005-01-29 14:16:45 +00:00
skodak 52b38b1ae5 fixed clean_text() SC#76 2005-01-29 12:57:31 +00:00
skodak d8a09929ef better cleaning of imageurl SC#54 2005-01-29 09:59:51 +00:00
moodler 63a2da08dc FIx the XML mimetypes 2005-01-29 04:41:16 +00:00
martinlanghoff da1504234a Reverting validation in current_language() due to performance concerns. 2005-01-27 07:05:42 +00:00
defacer 268f71a656 Better variable initialization. SC#83. 2005-01-27 05:24:35 +00:00
martinlanghoff ddeaac7195 Stronger validation of form data in user/edit, and validation of lang in current_language() -- closes SC#67 2005-01-27 03:43:09 +00:00
defacer fd0c975a70 Merge enabling PARAM_LOCALURL for clean_param() from HEAD (SC#54). 2005-01-25 17:44:58 +00:00
martinlanghoff 8709af9bea Tighter input validation fixes SC#54 2005-01-25 06:20:49 +00:00
martinlanghoff 13e3dfb091 clean_param() now handles PARAM_URL 2005-01-25 06:06:51 +00:00
martinlanghoff bc7ba277ec Importing validateurlsyntax.php from http://www.canowhoopass.com/guides/regex/index.php as of 15/Dec/2004, provides
- validateUrlSyntax()
 - validateEmailSyntax()
 - validateFtpSyntax()
2005-01-25 06:02:47 +00:00
martinlanghoff 9690e2be10 Fixing bug 2334 - where fix_coursesortorder() sometimes leaves overlapping sortorder values across categories 2005-01-25 05:21:24 +00:00
martinlanghoff 596728959b Ensuring correct sortorder at the beginning of the category when creating courses. 2005-01-25 04:56:29 +00:00
martinlanghoff eda27289aa Closing SC#66 - more 2005-01-22 09:05:49 +00:00
martinlanghoff 35b09c6973 Closing SC#66 2005-01-22 08:59:26 +00:00
moodler ded6659cbe Formatting improvements merged from HEAD 2005-01-22 02:41:11 +00:00
moodler f7eb2d5336 Copied improved library from HEAD
I tested it on several big HTML files and couldn't see any problems.
2005-01-19 12:22:34 +00:00
martinlanghoff 446f0a5328 Issue a warning when overriding $CFG settings. 2005-01-18 22:10:24 +00:00
moodler 1307a14d62 Fix merged from HEAD ... the new check on isset($CFG...) had broken any non-internal enrolment :-/ 2005-01-18 18:42:26 +00:00
stronk7 3b28c9003a Latest changes from english version.
Merged from MOODLE_HEAD
2005-01-17 17:15:17 +00:00
martinlanghoff efad7316a9 Show a warning to admins if cron.php hasn't been run 2005-01-17 09:11:50 +00:00
martinlanghoff 19032095c0 Added an early session_write_close() to loglive.php and log.php pages 2005-01-17 05:41:55 +00:00
moodler 8d39975ee8 Merged from HEAD 2005-01-16 15:50:17 +00:00
stronk7 16b0406dd9 Remove one notice in PHP5. From HEAD. 2005-01-14 08:28:00 +00:00
moodler 014f27e3ab Small fix that prevents large files from hogging the session... Just this
should be good for most situations but 1.4.3 maintainers feel free to
do this more comprehensively as per the moodle.org discussion on it.  ;-)
2005-01-13 07:13:43 +00:00
mjollnir_ 1f08492ac1 Fixing warning about invalid argument for foreach in course/lib.php in log selector form 2005-01-13 03:56:07 +00:00
moodler 2cb9e31052 MOre fixes for bad calls to isteacher() (bug 2379) 2005-01-13 02:57:13 +00:00
moodler 7231ff0781 isteacher() was called incorrectly (bug #2379) 2005-01-13 02:55:38 +00:00
martinlanghoff 5cba81fd45 Fix bug #2334 - New unique undes in course table causes course move to fail
There were several issues in fix_coursesortorder() that were fixed. Mainly:
 - the recursive calls dropped the $safe parameter
 - we did not even try to maintain uniqueness in the sortorder field across categories

http://moodle.org/bugs/bug.php?op=show&bugid=2334
2005-01-13 02:23:39 +00:00
defacer 105dece910 Fix for bug 2264:
Added the function set_user_sesskey() in moodlelib.php, which sets
$USER->sesskey if not set and then returns its value. It provides:

  a) a central point for setting sesskeys
  b) a replacement for the expression $USER->sesskey which guarantees
     that a sesskey will be returned

Replaced all $USER->sesskey = random_string(10) calls to set_user_sesskey()
to take advantage of the first property.

Took advantage of the second property to fix the actual bug.
2005-01-12 11:01:31 +00:00
defacer a420ef8836 Fix for bug 2350:
Removed extra </td> from output of weeks course format.

Credits to tapio.kautto@salpaus.fi for finding the bug and supplying a
patch. I didn't apply the other, unrelated, half of the patch (changing
the attributes of the table) to keep it consistent with the other course
formats.
2005-01-12 10:43:19 +00:00
defacer 88a5277af1 Fixing bug 1384 again. It seems to have been caused by optimizing code which
doesn't work, because unfortunately $courses is actually NOT a collection of
course records in this function. With the optimization removed all is well
again.
2005-01-12 10:30:05 +00:00
stronk7 f3f90ac553 Maintain whitespace when importing glossary entries. Aplied to
blackboard import of questions too. Bug 2310.

(http://moodle.org/bugs/bug.php?op=show&bugid=2310)
2005-01-11 11:27:11 +00:00
stronk7 6bf83ea6bb Maintain whitespace when importing glossary entries. I forgot to
commit this! Bug 2310.
2005-01-11 11:22:42 +00:00
moodler 4dbc2dfdfd FIxed bug 2363 that prevents downloads from the simplestat report
when the course uses groups.
2005-01-11 11:12:50 +00:00
mjollnir_ 758a8e15c2 Adding slashes to backup_log.info as courses with an apostrophe in their fullname cause sql errors 2005-01-10 21:46:21 +00:00
martinlanghoff 5de740d89b SC#62 - Prevent database values from overriding $CFG values defined in config.php -- Credits go to Petr Skoda. 2005-01-09 21:53:25 +00:00
moodler 53a422c67d Merged changes from HEAD 2005-01-09 13:13:40 +00:00
stronk7 2ea8fe3e57 Typo. Bug 2351. 2005-01-08 10:47:00 +00:00
bobopinna 5f09a18471 Fixed Navigation Bar Error 2005-01-07 08:56:19 +00:00
martinlanghoff d79506ccd9 Fixed warning in ipatlas, thanks to Jens Gammelgaard <jens.gammelgaard@optimon.dk> 2005-01-06 02:06:16 +00:00
stronk7 77d94a35e3 Now text sent to PayPal can be 'sanitised' to avoid
some diacritics (spanish for now) break the enrol process.
Only German and French diacritics are supported for now by PayPal.
Functionality can be easily expanded to other characters.
It make the sanitity when $CFG->sanitise_for_paypal is enabled.
2005-01-05 00:25:35 +00:00
martinlanghoff 9e749677e5 Further cleanup to bug 2334 -- we just avoid passing an invalid value in sortoder for empty categories. 2005-01-04 22:47:32 +00:00
martinlanghoff c4ba56985d Fixes bug 2334 http://moodle.org/bugs/bug.php?op=show&bugid=2334
Courses will sometimes fail to be moved across categories if there are collisions in the sortorder field, due to a combined unique index.

With this fix, the 'category move' logic is aware of sortorder and will do The Right Thing(tm) putting the course at the beginning of the category: MIN(sortorder)-1 WHERE category=$destcategory->id .
2005-01-04 21:46:24 +00:00
fiedorow db054a5c17 add closing tag, see bug #2324 2004-12-30 22:07:29 +00:00
fiedorow ad00d9ae5b fixing some instances of hardcoded /admin/ 2004-12-30 18:36:34 +00:00
fiedorow ada76e0ba3 fixing an instance of hardcoded /admin/ 2004-12-30 18:22:54 +00:00
fiedorow 227f33395c fixing a couple of instances of hardcoded /admin/ 2004-12-30 18:14:11 +00:00
fiedorow 4013a66bd9 Fix for bug #2323 - forum search problem 2004-12-30 17:01:54 +00:00
moodler 7b5a73a0c5 Removing this override allows paypal courses with no cost to
use the normal internal enrollment.  Thanks, Chardelle!  See bug 2312
2004-12-28 02:44:34 +00:00
moodler 3f3e8d9c8d Fixing the text format 2004-12-28 02:42:50 +00:00
moodler 9b71bfd10f Fixed notices when debugging is on 2004-12-23 12:30:05 +00:00
moodler a54b8ed824 Incrementing the version again to distinguish the ongoing stable code
from the re-roll of the 1.4.3 release that I just publicised (2004083131).
2004-12-23 07:40:32 +00:00
mjollnir_ d20aa8e36a Added empty rather than just testing variable, added trim to search string in get_users and get_users_listing 2004-12-22 23:11:15 +00:00
martinlanghoff fb549063df Fixed upgrade bug that could show up in cases where:
- installations with large numbers of courses in a category AND 'hidden' courses in those categories
 - where the database upgrade was performed while NOT in a logged-in-admin session
fix_course_sortorder() would fail to guarantee the uniqueness of course,sortorder and the new unique index on that column would fail  to be created.

Sigh.
2004-12-22 21:59:13 +00:00
skodak 6f5f7646ac Reverting accept-ranges change, it did break PDFs on one site - see http://moodle.org/mod/forum/discuss.php?d=16465 2004-12-22 21:30:04 +00:00
moodler 2538c34519 Merged some new language files 2004-12-22 17:10:24 +00:00
moodler 065aadc0c7 Merged some language changes from HEAD 2004-12-22 02:36:34 +00:00
martinlanghoff 9adb97f8d3 Updated 1.4.3 release date in en,es,de release notes 2004-12-21 21:00:10 +00:00
mjollnir_ 7bd05dc10e Fixing postgres bug on unique constraint 2004-12-21 18:24:50 +00:00
moodler 9a1101fa6c Moving on! 2004-12-21 10:13:10 +00:00
moodler 9be36f580e Merged link fixes from HEAD 2004-12-20 16:12:32 +00:00
moodler 4edf96511b Merged name change from HEAD 2004-12-20 16:08:32 +00:00
moodler d95767674d Merged from head 2004-12-20 16:05:33 +00:00
moodler 0a398d1bb5 Fixed bug 2303 and extra s 2004-12-20 02:49:38 +00:00
moodler 33ec1db2cc Merged recent changes from HEAD 2004-12-20 02:41:19 +00:00
stronk7 14717970db Now backup names are cleaned completely, avoiding some problems
with translations and manually typed names with diacritics.
Thanks to Marian Zvalo!
2004-12-19 16:15:47 +00:00
moodler 7b05c4594e Can't log in as guest if the guest button is disabled SC37 2004-12-19 14:10:03 +00:00
moodler a7f3e2f568 Fix for SC44 to disallow dots in $file parameter 2004-12-19 14:03:02 +00:00
moodler 561e4b7204 Updates from Paula 2004-12-19 03:09:10 +00:00
stronk7 8c2bcbf240 The entrylist format now shows the approval button.
Bug 2291.
(http://moodle.org/bugs/bug.php?op=show&bugid=2291)
2004-12-18 20:26:25 +00:00
stronk7 df01154cc0 Updated to 1.4.3 (from HEAD) 2004-12-18 19:18:42 +00:00
moodler 628f32309d Merged fix from HEAD 2004-12-18 05:59:12 +00:00
moodler 1a0c2033be Merged from HEAD 2004-12-18 04:03:54 +00:00
moodler 35d97d423c Merged extra line 2004-12-17 17:14:15 +00:00
moodler a29e76cc88 Merged from HEAD 2004-12-17 17:06:36 +00:00
moodler bf09a1d96d Merging from head 2004-12-17 17:05:54 +00:00
moodler 4718b038eb More Lithuanian 2004-12-17 16:58:30 +00:00
moodler 4346fb9171 Lithuanian 2004-12-17 16:57:31 +00:00
moodler 5760c0082a Yet more Albanian 2004-12-17 16:55:15 +00:00
moodler 0ded1a2407 More Albanian 2004-12-17 16:52:18 +00:00
moodler de20819b90 Alabanian 2004-12-17 16:47:47 +00:00
moodler 3dcf9cd573 Kannada 2004-12-17 16:46:30 +00:00
moodler 7873b9bd0f Merged language changes from HEAD 2004-12-17 16:23:44 +00:00
moodler c17ae15841 Latest tags 2004-12-17 09:50:40 +00:00
moodler 2572eaaaaf Merged changes from HEAD 2004-12-17 07:36:35 +00:00
mjollnir_ fa115ec5a2 Updating release notes ready for 1.4.3 2004-12-17 05:38:32 +00:00
mjollnir_ 44b052de61 Adding fix for idnumber duplication problem in restoring from backup discussed at http://moodle.org/mod/forum/discuss.php?d=16297 2004-12-17 03:03:35 +00:00
mjollnir_ 30060fe892 Postgres fix for exercise: get_submit_logs - amazing what you see with debug=on ;) 2004-12-17 02:51:46 +00:00
mjollnir_ 9a4a7d0040 Committing skodak's fixes for sc#40 and #42 2004-12-17 01:42:31 +00:00
moodler c3155c06af OK, let's call this 1.4.3 2004-12-17 01:40:06 +00:00
mjollnir_ 13f26d69a7 Merged Jon's fixes from HEAD for change password in debug mode. Changes in user/edit.html not present in stable so not patched 2004-12-16 21:32:14 +00:00
bobopinna b8be93026c Delete attribute title from navigation bar link 2004-12-16 17:26:31 +00:00
stronk7 391d1268bd Changes to RSS. SC#23.
Retrofitted from HEAD
2004-12-16 08:45:55 +00:00
stronk7 bbb34b78a6 Added send_file() here. SC#23.
Retrofitted from HEAD
2004-12-16 08:39:15 +00:00
martinlanghoff ff9a78aa55 Several fixes in ipatlas and new param type for clean_param().
- clean_param() now handles PARAM_HOST, which will only let through stuff that looks like a valid IPv4 dotted quad or a FQDN
- SC#10 - Several issues in ipatlas fixed -- though not with elegance :(
- Some short tags expanded

This code needs some love and care.
2004-12-16 05:08:55 +00:00
moodler 0b8d3275d8 Logins and logouts are now logged 2004-12-16 02:10:41 +00:00
defacer 440d3cd360 Merging fix for bug 2285 from HEAD, it works as it should. 2004-12-16 00:41:50 +00:00
skodak 8eca7e454f improved directory handling and PDF compatibility SC#5 2004-12-15 22:18:48 +00:00
skodak 92a89ca210 updated zipping code - see bug #2228 2004-12-15 21:57:13 +00:00
stronk7 01dced7e99 small typo! 2004-12-15 19:59:28 +00:00
moodler 5a5d8c7cf5 Fixed a fairly major problem where none of the guest or key icons
were being shown in abbreviated course listings!  Some fields were
a little over-optimised.  ;-)
2004-12-15 13:31:31 +00:00
bobopinna 50484cd220 Fixed a UTF8-ISO problem 2004-12-15 13:22:46 +00:00
moodler fb97c774fc Fixed a PHP5 notice 2004-12-15 13:20:15 +00:00
moodler a97e45be56 Better check for bad resource name - Found by skodak SC#32 2004-12-15 13:02:48 +00:00
stronk7 01988ca33f Some checks are now done. SC#18. 2004-12-15 09:01:12 +00:00
skodak 4a01c21c53 preparation for new handling of uploaded files (to simplify testing of new code from 1.5dev) 2004-12-14 19:07:16 +00:00
moodler fff09b40c9 Wow, ow, stupid old man!!!
Wrong function name - I changed one site and accidentally tested another!
2004-12-14 11:07:07 +00:00
moodler 41edb82bcd Updated parameter checking to help with bug 2286 2004-12-14 08:51:37 +00:00
moodler 7cf96542da Removed the debug block and turned on the caching since everyone seems happy with it. 2004-12-14 06:36:39 +00:00
martinlanghoff 2c09cb2e12 Fixes bug #2147 http://moodle.org/bugs/bug.php?op=show&bugid=2147
The config.php generated by install.php was missing $CFG->admin -- credit goes to serge.laot@wanadoo.fr for the report and patch.
2004-12-13 07:36:37 +00:00
martinlanghoff 2da759e7cd Post SC#30 fix - SCORM now requires a correct clean_param() - credits go to skodak 2004-12-13 06:41:30 +00:00
martinlanghoff cd8beea5d9 Fixed SC#30 - credits go to skodak 2004-12-13 06:37:57 +00:00
stronk7 da8648b4b5 Some dyslexic problem solved! :-D 2004-12-13 01:30:34 +00:00
stronk7 d1f9ad57d5 Now activity names are sorted by name length to avoid Bug 2282
(http://moodle.org/bugs/bug.php?op=show&bugid=2282)
2004-12-13 01:23:22 +00:00
mjollnir_ 7e334604be Added addslashes back in to username field after splitting it out for lowercasing 2004-12-12 20:43:05 +00:00
stronk7 ec3a195f56 Check added. SC#23 2004-12-12 12:52:55 +00:00
stronk7 651a50567a Some checks added. SC#34. 2004-12-12 12:31:24 +00:00
moodler 86fb3c83db Added fix from SC22 to check arguments better. 2004-12-12 07:08:09 +00:00
moodler 8fcd89c3ab Better checking of arguments (SC28) 2004-12-12 07:00:29 +00:00
moodler 7839870f41 Better error logging in mail when cron is run from command line
(use $FULLME instead of REQUEST_URI)
2004-12-12 06:46:49 +00:00
moodler 4893ee397c Check for a define FULLME instead of global $FULLME SC29 2004-12-12 06:45:44 +00:00
moodler 80ebbb7c08 Change $FULLME to a define, see SC29 2004-12-12 06:45:03 +00:00
moodler b86e528be4 Added a new defined constant to moodlelib.php, to be used by scripts with
php extensions that should not be called directly.  See SC19

Constant:   MOODLE_INTERNAL
2004-12-12 04:30:57 +00:00
stronk7 470dda0aa9 Now search function look into aliases too.
Bug 2242
(http://moodle.org/bugs/bug.php?op=show&bugid=2242)
2004-12-11 00:52:19 +00:00
stronk7 4d1aead12e Skipping empty categories in restore. They shouldn't exist but
I've received some examples of this these days.
2004-12-10 18:25:45 +00:00
moodler c492f5fe27 Adding new caching code here (still disabled) to make testing easier 2004-12-10 17:29:27 +00:00
mjollnir_ 5aeaa64aee Upload users should lowercase username field just as user/edit.php does 2004-12-10 04:15:37 +00:00
bobopinna bdebf9a5ae Fixed an incompatibility with scandir 2004-12-09 14:28:59 +00:00
mchurch 5e36a8315a Modified to ouput proper XHTML - especially if it already was XHTML.
See bug #2230.
2004-12-08 21:58:00 +00:00
moodler 97152c1b88 If the first chat session was a real one with more than one person, then
the logs for it are now displayed in the list of sessions.
2004-12-08 13:45:54 +00:00
moodler 0970dd6a48 Added a temporary hack to disable caching completely again until we can
understand the problem better.

This new line must be removed before 1.4.3.
2004-12-08 03:30:26 +00:00
martinlanghoff 9c21bcd89b Merged from HEAD (originally by gustav_delius)
course.guest was not loaded from database but used in code.
2004-12-07 19:41:55 +00:00
bobopinna 4abde0607d Fixed a missunderstanding coding. Thanks, Mustali 2004-12-06 08:52:00 +00:00
defacer a9615e79cc Merging fix from HEAD for the recently introduced regression
(incorrent usage of optional_parameter())
2004-12-02 19:51:29 +00:00
bobopinna 48da6c3c0c Close all the non implemented datamodel error 2004-12-02 18:17:47 +00:00
bobopinna c8b59fc944 fixed some undefined variables 2004-12-02 17:24:36 +00:00
bobopinna 45f15b5c94 Fixed a problem when were deleted many files or a BIG directory 2004-12-02 13:22:59 +00:00
bobopinna 6ec5d2c298 Forgot two debug printing lines. 2004-12-02 11:07:36 +00:00
bobopinna 04c39c8ded Fixed a problem with packages validation and PHP5 2004-12-02 10:41:43 +00:00
stronk7 9fba045d1a New rss_geterrorxmlfile() function added
and some optional data checked.
2004-12-01 19:49:58 +00:00
skodak 53eddb7b6e Preparation for new file.php, new function get_file_argument() SC#5 2004-11-30 19:37:47 +00:00
stronk7 d5c9d4bac8 Updated to 2.4RC1. This should terminate
some know incompatibilities.
Bug 2234
(http://moodle.org/bugs/bug.php?op=show&bugid=2234)
2004-11-30 17:52:07 +00:00
moodler ab606712ec Wow, bad bug in language editing ... every file had those translator
messages added ... :-/  How did this escape detection for so long?
2004-11-30 03:47:13 +00:00
moodler 7a4df581bf More robust finding of last postid that doesn't depend on order of POST variables 2004-11-30 02:51:56 +00:00
moodler ae5eca6313 FIxed strange bug when returning from a rating to a discussion 2004-11-30 01:41:52 +00:00
stronk7 98e83c1517 Changed some parameters. SC#33. 2004-11-28 23:51:49 +00:00
stronk7 54669cd376 Calculate NEXT course->sortorder in restore to avoid
sortorder grown always (by fix_course_sortorder()).
2004-11-27 23:29:18 +00:00
moodler 3fa6dd59e3 Tiny hack to make $course work OK in file resources (print_header)
Should be replaced with proper global $COURSE in 1.5
2004-11-27 16:03:37 +00:00
moodler 18826234c3 SCORM reports now actually show user pictures 2004-11-26 15:27:29 +00:00
stronk7 02eb71379e Solve some visualisation issues in encyclopedia format. I think that now
it will be correct!
2004-11-26 01:16:16 +00:00
martinlanghoff d9399f4caf Fix for bug 2227 "bug in pclzip.php causing scorm errors"
http://moodle.org/bugs/bug.php?op=show&bugid=2227

Credits go to skodak
2004-11-26 00:54:36 +00:00
mjollnir_ 9430b5a322 In get logs don't join on the user table for just counting the records 2004-11-25 21:56:05 +00:00
martinlanghoff d5cbabd831 Fixed an issue with postgres database upgrade code -- drop either index or constraint if they exist
Merge of patchset arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-430
2004-11-25 00:01:52 +00:00
mjollnir_ 8b34bee9c6 Fixed bug in dialogue where plain text email notification had no break between the url and the ---- that was causing GET requests like mod/dialogue/view.php?id=foo--------- and subsequent invalid sql 2004-11-24 23:50:43 +00:00
stronk7 b9734b5d15 New paging system for glosaries.
100% compatible with Moodle's one.
Supports more options. Perhaps we could use it
sitewide.
2004-11-24 23:27:43 +00:00
mjollnir_ a961a2b851 Fix for postgres-invalid-sql (must have AS between field and alias) 2004-11-24 23:23:09 +00:00
martinlanghoff 6f454ff99a SQL fix:Much better performance in listing and counting all users of courses with groups, plus warnings cleanup
Patchsets
   arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-374 (partial)
   arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-375
2004-11-24 23:11:59 +00:00
martinlanghoff 778f416bd7 Additional fixes for indexes in postgres. A few unique indexes may have been created non-unique. Still deferring the version bump -- please review the patch!
Merge of patchsets
 arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-423
 arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-425
2004-11-24 22:48:16 +00:00
mjollnir_ b9ebeecd11 Removing duplicate index for workshop_grades assessmentid 2004-11-24 21:21:59 +00:00
mjollnir_ a925263bd3 Fixing typo in mysql.sql for unique key for user_teachers on course userid 2004-11-24 18:58:15 +00:00
moodler 38a7def0f0 FIxes to make cache parameter behave more as expected
see: http://moodle.org/mod/forum/discuss.php?d=14818#73912
2004-11-24 07:14:06 +00:00
martinlanghoff 55f21d31e2 raise_memory() now uses get_real_size(), duplicate function return_bytes() removed.
Issue discussed in 2202 (http://moodle.org/bugs/bug.php?op=show&bugid=2202).
Also seen as arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-424
2004-11-24 03:56:09 +00:00
martinlanghoff 7a2596f854 Student and teacher enrolments now unique
Made student and teacher enrolments unique, enforced at the database level. This patch also removes a cleanup job in moodle's cron that removed duplicate enrolments.
The database changes are rolled as part of a version bump that we are *deferring* on MOODLE_14_STABLE.

Merge of patchset  arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-422
2004-11-24 02:20:46 +00:00
mjollnir_ 1a0c7e470b Forum: Do not trust userid from hidden form field, use $USER->id instead for db inserts 2004-11-23 23:34:14 +00:00
mjollnir_ b442f81966 Fix for invalid sql in postgres - don't query log table for what was in log display if log->info is not set 2004-11-23 23:26:49 +00:00
mjollnir_ e74d8b7fbc Requires bump for glossary for last patch - needs db_lowercase and db_uppercase 2004-11-23 23:15:28 +00:00
mjollnir_ 3a4b285549 Bug fix for forum rating redirects - manifested itself in invalid sql in postgres 2004-11-23 23:12:45 +00:00
mjollnir_ c12ab13b7f Fixing use of UCASE and LCASE in glossary which are not postgres friendly - two new functions in datalib, db_uppercase and db_lowercase which return the database-correct functions to use 2004-11-23 22:58:35 +00:00
mjollnir_ c110bf9c4a Attempt to fix bad constraint name in wiki and version bump (honoring partial freeze) and requires bump (needs changes in execute_sql to not show adodb feedback) 2004-11-23 22:40:27 +00:00
moodler c69232269c Robustness in function with empty input 2004-11-23 10:25:35 +00:00
mjollnir_ 0df93edd14 Attempt to fix the unique index on quiz_attemptonlast_datasets for postgres (requires version bump in quiz AND requires bump in quiz for the getting rid of adodb feedback in execute_sql 2004-11-23 04:59:16 +00:00
mjollnir_ 61d5adce1e Backported Martin D's patch to get rid of adodb debug if feedback off in execute_sql to help with trying to fix up the bad constraint in quiz module for postgres 2004-11-23 04:31:47 +00:00
mjollnir_ 7435a34081 Update log_display to use postgres friendly concat functions for firstname lastname (holding off version bump for a day or two for more db changes) 2004-11-23 03:52:51 +00:00
moodler 86fad6838a Fixed HTML code in post.html (ported from HEAD) and some slightly
better checking of 'course' parameter to post.php.

None of this should really make a difference but it MAY help bug 2212
2004-11-23 03:40:32 +00:00
mjollnir_ 0e2d8f7d99 Fixing weird forum bug to do with forum ratings (manifested itself in invalid postgres sql) 2004-11-23 02:49:22 +00:00
moodler 3a42ca4bf7 Updated version with bug fixes (see bug 2179) 2004-11-23 02:46:15 +00:00
mjollnir_ 68d69eb096 More small sql tweaks to avoid invalid postgres sql 2004-11-23 01:58:55 +00:00
mjollnir_ 4eebe5eb59 Fix for invalid sql (for postgres) in cron cleanup of duplicate enrolments. Possibly soon to be overridden by a unique index 2004-11-23 01:04:45 +00:00
martinlanghoff fab2f0b23a Committing backported patch from Pavel (paolo@psychpan.waw.pl). See http://moodle.org/bugs/bug.php?op=show&bugid=2168 2004-11-23 00:02:30 +00:00
martinlanghoff 3729ab341e Fixed extra quote -- html typo -- reported in http://moodle.org/bugs/bug.php?op=show&bugid=2170.
The bug is not present in HEAD.
2004-11-22 23:29:17 +00:00
martinlanghoff b2a07f418c Fixed support in LDAP for apostrophes, quotes and backslashes in LDAP data. This is a backport of a fix already in HEAD.
Discussed in: http://moodle.org/mod/forum/discuss.php?d=15403
2004-11-22 21:51:09 +00:00
mjollnir_ 1cc1fdcd6f Fix for bug #2207 - sortorder now honored in front page listing 2004-11-22 21:29:41 +00:00
moodler eaeafbce15 Fixed bug 2210 - some sesskey variables were missed in this block making
moving of activities in here non-functional - doh!
2004-11-22 14:41:19 +00:00
mjollnir_ a80a5921ca Don't need to select course.* in rebuild course cache 2004-11-22 05:45:58 +00:00
mjollnir_ fdbadd57eb Changes to calls to get_courses to not get all fields 2004-11-22 05:40:45 +00:00
mjollnir_ f8731332d5 Commented out calls for functions that aren't necessary in scale popup display 2004-11-22 05:18:54 +00:00
mjollnir_ 7e8c56795a No need to sort the courses when counting the number of courses using a scale 2004-11-22 05:16:31 +00:00
mjollnir_ 9e903136b6 Optimisation for scales page - cache array of courses for site_scale_used -- Fixed 2004-11-22 05:12:10 +00:00
mjollnir_ 3644b6dca1 Optimisation for scales page - cache array of courses for site_scale_used 2004-11-22 05:05:30 +00:00
mjollnir_ 61f779597d Another fix for getting all fields for all courses - in blocks_get_courses_using_block_by_id 2004-11-22 04:44:14 +00:00
mjollnir_ d13e627af5 Fixes in datalib and backuplib for postgres invalid sql 2004-11-22 04:24:05 +00:00
mjollnir_ 1e47ecd5d9 modify_database function change - if no ; in single line sql strings, add it 2004-11-22 04:10:05 +00:00
martinlanghoff e3da2769b8 Fixed bug in external auth.
Added truncate_userinfo() which ensures data from external auth fits in moodle database fields. Before, user records that did not fit would be dropped silently.

This is a merge from arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-172
2004-11-22 03:43:08 +00:00
mjollnir_ ea77aa0617 Fixed another instance of getting all fields from all courses (in log selector) 2004-11-22 03:34:49 +00:00
mjollnir_ d44af20f37 Fix for calendar set filters to not query the database for groups of a course if it doesn't use groups 2004-11-22 03:15:31 +00:00
mjollnir_ 461a4afe83 Bugfix for search courses in postgres 2004-11-21 22:30:22 +00:00
mjollnir_ 9958e237c3 Indexes for workshop and version bump (honoring partial freeze) 2004-11-21 21:39:56 +00:00
mjollnir_ c26fdb80fb Indexes for wiki and version bump (honoring partial freeze) 2004-11-21 21:07:54 +00:00
mjollnir_ a1c0899be1 Indexes for survey and version bump (honoring partial freeze) 2004-11-21 20:37:31 +00:00
moodler 8a07a15029 Excess sections that are not shown (because the course numsections
are set to less) are now also not shown on the navmenu.
2004-11-21 06:27:01 +00:00
defacer d32ae936e4 Merged DST-related fixes from HEAD. 2004-11-20 20:14:18 +00:00
defacer cd47b250c2 Merging notice removal from HEAD 2004-11-20 19:08:20 +00:00
moodler d94c70cc7b COmbined fix for bug 2199 (course teacher roles) and bug 2200 (course
sortorder)
2004-11-20 17:47:30 +00:00
martinlanghoff 4b8980fc83 Fixing handling of empty memory_limit for PHP without memory_limit (mostly Windows binaries)- fixed typo 2004-11-20 10:37:03 +00:00
mjollnir_ 609cba70d2 Fixing bug # 2199 - missing some teacher roles in course/category.php 2004-11-20 10:36:58 +00:00
skodak 175885e3ff updated parameter cleaning, preparation for new file.php SC#5 2004-11-19 21:23:07 +00:00
mjollnir_ 37ac5dfdb1 Indexes for scorm and version bump (honoring partial freeze) 2004-11-19 05:21:06 +00:00
mjollnir_ a4f2ce6946 Indexes for resource and version bump (honoring partial freeze) 2004-11-19 04:52:34 +00:00
mjollnir_ 6ddc682c3c Indexes for quiz and version bump (honoring partial freeze) 2004-11-19 03:23:58 +00:00
defacer bce32e1373 Merging patch from HEAD: addressing SC#20 and updating parameter handling code. 2004-11-19 03:18:41 +00:00
mjollnir_ 0d3a8fa280 Indexes for lesson and version bump (honoring partial freeze) 2004-11-19 03:00:17 +00:00
martinlanghoff b55be229e9 moodle--eduforge--1.3.3--patch-159 get_courses checks to see if sort is not empty before putting it in the query + removal of redundant (and costly) SQL SELECT 2004-11-19 02:13:44 +00:00
mjollnir_ 96522de058 Indexes for label and version bump (honoring partial freeze) 2004-11-19 02:12:58 +00:00
mjollnir_ 51cf993598 Indexes for journal and version bump (honoring partial freeze) 2004-11-18 22:40:29 +00:00
moodler 93f14c02ac Upgrade all the defective module version numbers in the database 2004-11-18 19:22:08 +00:00
moodler 18d30cd1d2 Downgrading versions to fix recent mistake in upgrading them 2004-11-18 19:15:49 +00:00
stronk7 00878c64d5 2004111000 downto 2004060401
(version never changes in STABLE branches)
2004-11-18 19:14:35 +00:00
moodler db6efd66bd Downgrading versions to fix recent mistake in upgrading 2004-11-18 19:14:02 +00:00
stronk7 ac8d60eae0 2004111200 downto 2004070103
(version never changes in STABLE branches)
2004-11-18 19:12:32 +00:00
moodler acc1bff289 Downgrading / repairing large version numbers 2004-11-18 19:11:58 +00:00
stronk7 4f854e3830 2004121100 downto 2004060401
(version never changes in STABLE branches)
2004-11-18 19:08:56 +00:00
stronk7 cd3565a13c 2004111200 downto 2004060401
(version never changes in STABLE branches)
2004-11-18 19:01:47 +00:00
skodak c7b29ed094 fixed encoding of html entities in tex expressions - SC#7 2004-11-18 10:06:46 +00:00
moodler d4b57dfe19 First quiz edit in a new course now always has a default category defined 2004-11-18 07:31:02 +00:00
mjollnir_ 8fcb9ebb39 Indexes for glossary and version bump 2004-11-18 04:38:16 +00:00
mjollnir_ e8f491f249 Indexes on forum and version bump 2004-11-18 04:10:19 +00:00
martinlanghoff 726f4ca317 moodle--eduforge--1.3.3--patch-335 Now memory_limit can be overriden by higher config settings from php.ini, commandline, httpd.conf, .htaccess 2004-11-18 02:54:35 +00:00
martinlanghoff ff75e0fe8a moodle--eduforge--1.3.3--patch-321 Fixed bug in user search: now we trim() the search string 2004-11-18 02:46:30 +00:00
martinlanghoff 7380fc552a moodle--eduforge--1.3.3--patch-305 - Postgres SQL bugfix for instance_is_visible() 2004-11-18 02:37:13 +00:00
martinlanghoff ea9d7e8815 moodle--eduforge--1.3.3--patch-222 - SQL improvements\n Better SQL performance for get_courses() and get_courses_page() calls, specially from the categories page. This gives much better performance when browsing existing courses 2004-11-18 02:31:11 +00:00
mjollnir_ ee99d4dd14 Indexes for exercise and version bump 2004-11-18 01:54:56 +00:00
mjollnir_ a12772c292 Indexes and version bump for dialogue 2004-11-18 01:33:17 +00:00
mjollnir_ b53f6cbec4 Indexes and version bump for choice 2004-11-17 23:03:46 +00:00
mjollnir_ 7bf8395be7 Indexes for chat and version bump 2004-11-17 22:53:07 +00:00
mjollnir_ eca64410fa Indexes and version bump for attendance 2004-11-17 22:11:28 +00:00
mjollnir_ f3f9ab2a5e Indexes and version bump for assignment 2004-11-17 21:49:12 +00:00
mjollnir_ 602c1506e4 Version bump for new indexes 2004-11-17 07:48:45 +00:00
mjollnir_ 3ebf865805 Add a unique key to guarantee that course,sortorder is unique. Allows fix_course_sortorder and ordering operations to be much faster. (martinlanghoff)
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-231
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-236
2004-11-17 07:42:36 +00:00
mjollnir_ bd2c2596c2 Indexes on faux foreign keys and often used fields, one more set and version bump to come. 2004-11-17 07:06:18 +00:00
mjollnir_ 0ee95ca7c3 Fixes to fix_course_sortorder() and course/category.php pages. (martinlanghoff)
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-160
  Minor fix: moodle would crash on high number of courses when doing course creation -- should be more scalable now

arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-164
Fix a bug I have introduced in fix_course_sortorder() - v2

arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-210
  Fixed nested transaction in fix_course_sortorder()

arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-215
  Performance and memory usage fixes for re-sort courses function

arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-268
  Major performance and correctness improvements in the functions that move courses up and down, reorder by name, and in fix_course_sortorder(). All now assume course-sortorder is unique (this is enforced at the DB)

arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-332
  fix_coursesortorder() bugfixes and logic simplification

arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-333
  courses listing enhancements: bugfix on re-ordering, keep the right page on actions
2004-11-17 06:56:46 +00:00
mjollnir_ ad16b64f1a moodle--eduforge--1.3.3--patch-207(partial) + moodle--eduforge--1.3.3--patch-408 - added begin_sql() and commit_sql() (martinlanghoff) 2004-11-17 05:28:24 +00:00
mjollnir_ dcb043ddd3 moodle--eduforge--1.3.3--patch-201 - optimized calls to get_courses() to retrieve only required fields (martinlanghoff) 2004-11-17 05:03:51 +00:00
stronk7 b0e5543a31 Just changing some parameters stuff to new functions...
See SC and Bug 1837
2004-11-17 00:06:36 +00:00
stronk7 d5e739bc92 Print view isn't accesible if the activity is hidden.
Bug 1837
(http://moodle.org/bugs/bug.php?op=show&bugid=1837)
2004-11-16 23:34:29 +00:00
stronk7 7ba2b3a7f4 Header is out and "Site:" is in.
Partially solved Bug 1837
(http://moodle.org/bugs/bug.php?op=show&bugid=1837)
2004-11-16 23:09:23 +00:00
stronk7 21b674db66 Now hidden sections are hidden completely from student view if
"invisible sections" are configured in course settings.
Patch sent by Geoff Wilbert. Thanks!
See Bug 2185
(http://moodle.org/bugs/bug.php?op=show&bugid=2185)
2004-11-16 17:03:03 +00:00
moodler 76cea3d68f Update all references to obsolete ma_nt language pack to mi_nt 2004-11-15 09:31:18 +00:00
moodler a95fb63fbe Maori renamed to proper code 2004-11-15 09:21:29 +00:00
moodler 7f9da8a112 Missing files 2004-11-11 08:56:48 +00:00
moodler d9e747e909 Latest new files from HEAD 2004-11-11 08:56:01 +00:00
moodler b81285be22 Stub file to overwrite formerly buggy script 2004-11-11 08:04:43 +00:00
moodler a5b75f54ca Replaced buggy old script with a script 2004-11-11 08:03:05 +00:00
moodler edd61be0e7 Stub to overwrite formerly buggy script. 2004-11-11 08:00:45 +00:00
moodler a86b324790 Fixed typo when accepting payment amount from paypal
See: http://moodle.org/mod/forum/discuss.php?d=14770
2004-11-11 06:50:39 +00:00
moodler ecc1076a06 Allow teachers to always try quizzes, even when it's not open yet 2004-11-11 02:21:06 +00:00
moodler edf8528f96 FIxed uploading limit confusion
Fixed loss of choose mode when uploading a file
2004-11-10 15:47:31 +00:00
moodler f1d7b1301c Hide a notice 2004-11-10 14:18:49 +00:00
moodler 645ed2b688 A robustness check when dealing with unexpected question data.
Shouldn't ever be needed, but I can't yet see what is causing the
situation I'm seeing on a couple of sites where a question doesn't
have a type, and this solves it neatly.
2004-11-10 14:05:01 +00:00
moodler 6f6109d4ef Fixed a variable that had been accidentally lowercased ($CFG) 2004-11-10 13:55:22 +00:00
moodler e46a0bc728 Bumping version as we move on. I'm also testing the new syncmail script 2004-11-10 02:10:48 +00:00
stronk7 ffe79bd906 Old-awaiting for 1.4.2 release changes in the glossary.
Now, print view is different for each format (consistent with it).
New, custom formats can, optionally, define their print view. Else
the default one will be used.
With this, 1.4.x glossary developments are finished and we can start
solving some pending things in 1.5...
2004-11-09 18:37:02 +00:00
stronk7 f94c9601f0 New release of the multilang filter:
- 100% compatible with previous "Multilang" filter.
    - Supports a new "short" syntax to make things easier. Simply use:
        <lang lang="XX">
    - It needs less resources and executes faster.
    - It Allows any type of content to be used. No restrictions at all!
2004-11-07 17:03:56 +00:00
moodler 742960a9c2 Don't post out assignment notifications older than a day 2004-11-07 15:24:49 +00:00
stronk7 cc67fc0b5d Updated to 1.4.2 release (from HEAD) 2004-11-05 08:30:50 +00:00
moodler 79a661bd2a MIssing files 2004-11-05 06:34:44 +00:00
moodler d6067b0c43 Fix sesskey from calendar entries 2004-11-05 06:28:16 +00:00
moodler 579961aba4 FIxed missing string 2004-11-05 06:24:55 +00:00
moodler c51ffe5107 Drawing a line in the sand at this point. 2004-11-05 03:22:11 +00:00
moodler b60003a832 Updated release notes a little 2004-11-05 03:20:40 +00:00
moodler 7fc51d17c3 New file 2004-11-05 03:02:06 +00:00
moodler 9bd37fa711 New files 2004-11-05 03:01:44 +00:00
moodler 9e74ddd633 Copied over language files from HEAD 2004-11-05 02:52:14 +00:00
moodler 0551474e63 Fixed up some XHTML and also sesskey links on link dialog 2004-11-04 16:56:29 +00:00
moodler c562717acb Added sesskey etc to HTML editor file browser 2004-11-04 16:23:13 +00:00
skodak d52e13002e initialized $image and moved filemtime after file_exists 2004-11-04 09:31:33 +00:00
skodak d8d356d4c7 initialized variables - the same as algebra/pix.php 2004-11-04 07:58:41 +00:00
moodler 57af827e39 Trim search string of spaces 2004-11-04 07:14:16 +00:00
moodler 8ba0912440 Patch for postgresql happiness 2004-11-04 07:05:10 +00:00
moodler 54b5310062 Addslashes to pathinfo to prevent SQL injections 2004-11-04 06:28:17 +00:00
stronk7 f4f27c0675 Ready BUMP! 2004-11-04 00:11:34 +00:00
stronk7 796d3c880a Now courses are deleted from backup_courses when they have been
deleted from Moodle. See:
http://moodle.org/mod/forum/discuss.php?d=13633
2004-11-04 00:08:28 +00:00
moodler d6f6091a4b Initialise some variables $cmd and $status - thanks Petr 2004-11-03 16:01:32 +00:00
moodler fa1c36fb99 Hidden teachers should not be shown in separate groups mode 2004-11-03 14:11:52 +00:00
moodler 5ff5caa58d Bump 2004-11-03 12:53:05 +00:00
moodler 34990da46d Merged changes from HEAD to STABLE 2004-11-03 08:49:44 +00:00
moodler e41871f1fb Whoops, missing uploadfile.php! 2004-11-03 08:41:39 +00:00
moodler af0145e39d Removed use of PHP_SELF 2004-11-03 02:01:22 +00:00
moodler 40dcb53fc6 Nullified courseimages.php, and made some of the security improvements
to lib/editor.php ... not quite completed yet with that though.
2004-11-02 16:57:10 +00:00
moodler fbc914dafe files/index.php now allows choosing and it makes the coursefiles.php
scripts unnecessary.

Wiki, Resource and Scorm now use the new method, so their versions
have been bumped.
2004-11-02 12:02:00 +00:00
stronk7 412e0bb881 Bug 2140 solved partially. Now categories are
deleted properly.

Delete of orphan categories will be done later...
2004-11-01 20:47:48 +00:00
moodler c5505d8071 Initialise $parent variable to avoid Norton bug 2004-11-01 12:47:38 +00:00
moodler 153bd6ec63 Fixed the bug introduced in 1.4 (part of the site-level module changes)
that caused assignment notifications to not be mailed out
2004-10-31 04:09:05 +00:00
gustav_delius ebd32e3e38 Fixed a bug that allowed teachers to upload images of arbitrary size 2004-10-30 22:40:22 +00:00
defacer d907cdad93 Importing fix for bug #2004 (Bug of the Year! :D) from HEAD:
Events in each day are now displayed ordered by starting time, and not by
eventid as before. Thanks to Gustav for pointing this out!
2004-10-29 17:29:29 +00:00
moodler 7747441767 I have removed the <style> tag from the list of allowed tags in forum
posts and other places students can write.

It allows too many possibilities like this:

<style>
div {
   position:absolute;
   width:100%;
   height:100%;
   background:black;
   top:0;
   left:0;
}
</style>
<div>test</div>

styles within tags don't allow this for some reason.

Thanks to Andrea Giardina for the alert.

Note that the HTML editor strips this tag anyway so it's not a big deal.
2004-10-29 07:28:32 +00:00
skodak f349337d7e removed incorrect global $USER 2004-10-28 14:17:19 +00:00
moodler 00980197b8 FIxed bug with displaying user access time on site level 2004-10-27 05:57:34 +00:00
skodak da11cdfbe4 updated htmleditor invocation (from files/index.php) 2004-10-26 19:53:26 +00:00
skodak 5dcda7b86f changes:
* sesskey;
* only editing teachers can use it;
* time modified - used filemtime (consistency with files/index.php, better for Win32);
* directory sizes shown;
* removed unused "torte" action;
* updated breadcrums (active folder not linked and &raquo;);
* updated comments;
* some other fixes from files/index.php.

Please test, test, test.
2004-10-26 18:55:47 +00:00
moodler 1a8b9564c4 Add slashes to wiki names when creating new entries. 2004-10-26 07:40:48 +00:00
gustav_delius e8715b0d9b added missing print_footer() 2004-10-25 20:33:27 +00:00
stronk7 7092220f99 Added sesskey to more actions + bug fix when detecting directory traversals.
From skodak!
2004-10-24 23:51:51 +00:00
skodak aeb0e7ee1e fixed warning in Activity report/Outline - oops, wrong line 2004-10-24 21:00:48 +00:00
stronk7 e674aa8ba8 Now everything in files/index.php is using sesskey.
Patch submmited by skodak.
2004-10-24 00:04:56 +00:00
skodak 20f961f1e2 fixed warning in Activity report/Outline 2004-10-23 19:07:31 +00:00
moodler ed95139596 Fix for bug 2114 that was losing track of the Real user when loginas
was used by a logged-in user
2004-10-21 15:49:59 +00:00
stronk7 4cc9465bc7 Solved one annoying bug where label texts in sections != first
was being always cleared, preventing some tags to be there!
2004-10-20 23:22:16 +00:00
moodler 91bbe51649 Moved the new additions from the display() function into the constructor 2004-10-19 09:41:01 +00:00
moodler 4fe3740b36 Centralised some of the display stuff in the display function in the base class
Added better checking for students accessing hidden resources
2004-10-19 09:28:18 +00:00
moodler 64f689e0d0 No need for DISTINCT when getting courses any more (only one table) 2004-10-18 05:58:12 +00:00
moodler b0cbbc56c2 More efficient querying of courses (from Martin Langhoff) 2004-10-18 05:57:09 +00:00
stronk7 4a69819405 Strip control chars when unzipping. 2004-10-17 23:42:48 +00:00
stronk7 dcf2a27a32 Now Wiki's FileManager is using central zip & unzip functions. 2004-10-17 23:14:40 +00:00
stronk7 83b640f957 Now Editor's FileManager is using central zip and unzip functions.
NOTE: What is the courseimages.php file, I haven't tested it because
I didn't find how to do it!!
2004-10-17 23:08:59 +00:00
stronk7 07d0fff0f3 Now Scorm's FileManager is using central zip and unzip functions. 2004-10-17 22:46:31 +00:00
stronk7 e5e3f219dd Small change in condition... 2004-10-17 22:34:49 +00:00
stronk7 6ee3b260cb Included some filename transformations to work like info-zip.
Directory traversal protection added.

Working under Win32, MacOS X and BSD (and rest of Unix, I hope).

Patch file from Petr. Thanks!
2004-10-17 22:26:45 +00:00
stronk7 35a510d8b6 Now resource's FileManager is using central zip & unzip functions. 2004-10-17 19:33:46 +00:00
stronk7 1a9911452e Now pclzip generated files are compatible with info-zip
(linux, macos x, win32, bsd...) based extractors. This
include command-line flavours, stuffit and so on...

Thanks to Petr!!

We have to remember to apply this patch when we update the
pclzip in th future (if their authors don't include it).
2004-10-17 13:34:26 +00:00
stronk7 736db01dc4 ZIP_METHOD included in backup for future tests at restore time. 2004-10-16 17:47:26 +00:00
stronk7 1e55f8cfce Not mandatory but I prefer to initialise it. 2004-10-16 17:36:37 +00:00
stronk7 3eb92f112c Now backup and restore are using central zip & unzip functions. 2004-10-16 17:09:49 +00:00
stronk7 20b53a7ba2 Added the optional showstatus parameter to unzip_file() to avoid
sending any output if desired.
2004-10-16 16:29:57 +00:00
stronk7 4bc418dc6d Bump to 1.4.2 2004-10-16 16:10:04 +00:00
stronk7 27974c8587 Latest patches from skodak included in param functions.
Simple and double quotes are out now.
Full paths in unzip are now hidden too.

Please test it. It could have some pending changes yet!
2004-10-16 11:30:14 +00:00
moodler 882a125790 Added some robustness 2004-10-16 10:15:26 +00:00
moodler ee4fe14631 Implemented Eloy's suggestion from Bug 2073 2004-10-15 09:52:16 +00:00
moodler c56d16bb4e Prettier error message when Moodle can't connect to database,
but also the database info is no longer printed (bug 2074)
2004-10-15 08:46:13 +00:00
moodler f7375fe1c3 Bumping for ID purposes 2004-10-15 06:41:40 +00:00
paca70 a67dd90008 Prevent auth_iscreator from overriding users course creation status 2004-10-13 07:27:34 +00:00
skodak 00c6364cbb added sesskey to update_module_button(), error reported in moodle forum d=13835
I made a quick fix - it seemed critical to me
2004-10-12 18:37:56 +00:00
stronk7 176d456ed9 Under Win32, we need backslashes in paths. Now it works!! 2004-10-10 23:24:15 +00:00
stronk7 4f64ed9405 Added some nedded strings 2004-10-10 22:45:00 +00:00
stronk7 27ed82e82f Deleted some unused strings 2004-10-10 22:44:37 +00:00
stronk7 54ce5e46c8 Delete some debug output... 2004-10-10 21:57:58 +00:00
stronk7 a748a0f84d Now we are using the new, central, unzip_file() function here...
Please TEST, TEST, TEST!!
2004-10-10 21:54:11 +00:00
stronk7 ed124087d7 vim is in again... :-) 2004-10-10 21:47:29 +00:00
stronk7 0954d514b8 Central unzip_file() function included:
- Supports both internal and external zip execution.
    - Displays the results of the execution.
    - All Petr's patched added.
    - External zip execution in Win32 supported.
Please TEST, TEST, TEST.
2004-10-10 21:33:46 +00:00
skodak 2d9a666670 one more cleaned 2004-10-10 20:21:40 +00:00
stronk7 291fd04602 Order logs by creation order (id) 2004-10-10 18:46:25 +00:00
skodak 2c9f5a3a00 cleaned text from forms 2004-10-10 17:26:34 +00:00
stronk7 f54d5ea5fb Now FileManager is using the new, central zip_files() function.
Only tested under MacOS X. It should support all the new
features of that function (Win32 external zip, imporved security...).

TODO: Create the unzip_file() function and use it here too!!
      Apply this changes to the rest of filemanagers (coursefiles.php...)
      TEST, TEST, TEST...!!
2004-10-10 01:17:20 +00:00
stronk7 2b26825cb2 Now the zip_files() function is working better:
- More checks are done
- Non existing files are out
- Both internal an external are supported and protected
- All Petr's patchs applied
- Included support to Win32 external zip.

TODO: Create a paralel unzip_file() function
      Use this functions in all the FileManager scripts

THOUGHT: External zip seems to work always adding files to
      zip file if it exists, where PclZip resets the file.
      Perhaps a rm (or delete) should be included in the
      command chain. Analyse it!!
2004-10-10 01:01:02 +00:00
stronk7 d5640b844b Use of cleardoubleslashes() added to the backup and restore functions.
They will be changed to calls to new, central zip and unzip functions.
(coming soon)
2004-10-09 23:00:51 +00:00
stronk7 3099dc3e6f course/view.php is using sesskey
(changes in blocks done, please check them)
2004-10-09 20:04:45 +00:00
stronk7 1824077052 course/unenrol.php is using sesskey. 2004-10-09 19:06:51 +00:00
stronk7 672610e605 course/teacher.php is using sesskey.
(in POST form too)
2004-10-09 19:01:02 +00:00
stronk7 473d3495a5 course/student.php is using sesskey. 2004-10-09 18:43:32 +00:00
stronk7 dfcbccbbef course/scales.php is using sesskey. 2004-10-09 18:30:11 +00:00
stronk7 55b55d08f9 course/mod.php is using sesskey. 2004-10-09 17:02:28 +00:00
stronk7 952d9baf58 course/index.php is using sesskey. 2004-10-09 13:11:49 +00:00
stronk7 bccdea508c course/groups.php is using sesskey. 2004-10-09 12:01:34 +00:00
stronk7 ecea1540da course/group.php is using sesskey. 2004-10-09 11:45:48 +00:00
stronk7 2e989420c9 course/grades.php is using sesskey. 2004-10-09 11:36:10 +00:00
moodler 08bae16463 Removed a notice 2004-10-09 04:38:01 +00:00
stronk7 ac63a3f445 course/editsection.php is using sesskey. 2004-10-08 18:29:02 +00:00
stronk7 58b9565184 edit.php is using sesskey 2004-10-08 18:10:37 +00:00
stronk7 4a25390975 course/delete.php is now using sesskey 2004-10-08 17:55:16 +00:00
stronk7 d177dd7713 course/category.php is using sesskey 2004-10-08 16:41:04 +00:00
moodler c30dd54457 Slightly changed the shortcut method of disabling email so that it's
less potentially confusing for students.  The status is now written
in full (not just an icon) and only for re-enabling an email.
2004-10-08 07:01:52 +00:00
moodler 229ee13480 Merged into stable 2004-10-08 04:02:58 +00:00
defacer 4d54248710 Smallish refinement. 2004-10-08 00:19:20 +00:00
defacer 9dc9d6b0a8 Updated the translation in a place it was so badly behind that it actually
caused the admins to turn to the programmers for help... sad.
2004-10-08 00:15:05 +00:00
moodler fdce874a70 Send welcome email even when there is no course password 2004-10-07 15:21:49 +00:00
stronk7 3db6b58aa4 PclZip library upgraded to 2.1 2004-10-07 14:05:33 +00:00
stronk7 913f744325 Changes to the zip, unzip, listzip and restore sections of the file:
- Added a new function in lib/moodlelib.php
- Uses the new version of pclzip.php library.
- Petr patches applied.
- Some minor changes to hide full paths under Win32.
- Tested in MacOS X and Win32 (not linux).
- New function zip_files() in moodlelib.php. Not used, but a good start.

Please test it!!
2004-10-07 14:04:37 +00:00
stronk7 c5544714a8 Changed some conditions against the $USER variable
to work fine under PHP5.

Bug 2053
(http://moodle.org/bugs/bug.php?op=show&bugid=2053)
2004-10-06 16:47:27 +00:00
moodler dcbe5864f6 Damn, typo 2004-10-06 14:19:06 +00:00
moodler 028f222c2a Changed the error logging format in error_log to make it
- more standard
   - better for multi-site servers
2004-10-06 13:53:55 +00:00
moodler 8b559dc502 Slight fix for logic of USER 2004-10-06 13:42:57 +00:00
stronk7 2c13dbe497 Now sesskey is working fine at installation time.
Bug 2049
(http://moodle.org/bugs/bug.php?op=show&bugid=2049)
2004-10-06 00:03:32 +00:00
stronk7 92ff33eee8 Small typo closing tr... 2004-10-05 23:12:25 +00:00
stronk7 7c957e6052 Now RSS links ae showed properly in SITE course when
user isn't logged.

Solve a problem with if($USER) under PHP5.
2004-10-05 22:51:48 +00:00
stronk7 2a8d898ae0 Now RSS links are displayed ok in SITEID course.
Bug 2048.
(http://moodle.org/bugs/bug.php?op=show&bugid=2048)
2004-10-04 22:05:36 +00:00
moodler d7fef4ea06 Just to help avoid confusion ... it messes up the nice round number
but oh well.  :-)
2004-10-04 17:28:06 +00:00
moodler d7b9ae5984 Send first "change password" mail even if mail was stopped. 2004-10-04 15:47:28 +00:00
moodler 853fdc2076 Added sesskey checking for confirmuser variable 2004-10-04 13:40:32 +00:00
moodler eb1f864d0a Added sesskey checking 2004-10-04 13:38:53 +00:00
moodler 9935789477 Added session key checking to timezone.php 2004-10-04 13:14:50 +00:00
moodler 3d3b104b1b Added sesskey checking to site settings page 2004-10-04 13:08:16 +00:00
moodler ddc2560146 Added sesskey checks to variables page 2004-10-04 12:54:22 +00:00
moodler 87e1fb0e31 Fixes to check arguments better for file manager 2004-10-04 12:04:22 +00:00
moodler 95bd142e85 One more divide-by-zero 2004-10-04 11:49:08 +00:00
moodler c7d5bd00b8 Prevented two divide-by-zero errors (bug 2043) 2004-10-04 11:47:26 +00:00
stronk7 b0fbbd20f6 admin/user.php is now using sesskey. 2004-10-03 17:04:56 +00:00
stronk7 c6ad74fad4 admin/uploaduser.php is now using sesskey. 2004-10-03 16:03:44 +00:00
stronk7 37a192beca admin/register.php is now using sesskey.
Solved a minor bug with the use of one incorrect string.
2004-10-03 15:24:51 +00:00
stronk7 13a2015285 admin/modules.php is now using sesskey. 2004-10-03 15:05:11 +00:00
stronk7 215241b0f0 admin/module.php is now using sesskey. 2004-10-03 09:44:59 +00:00
stronk7 e85705799e admin/lang.php is now using sesskey. 2004-10-03 09:11:11 +00:00
moodler e1f2e71b60 Use a permanent "siteidentifier" code for Moodle.org registrations 2004-10-03 03:45:21 +00:00
stronk7 5657bcafcd admin/filters.php is now using sesskey. 2004-10-03 00:28:22 +00:00
stronk7 0f8c7865b1 admin/enrol.php is now using sesskey. 2004-10-03 00:17:55 +00:00
stronk7 a959544c5b admin/editor.php is now using sesskey. 2004-10-03 00:01:58 +00:00
stronk7 09b1a30d72 admin/creators.php is now using sesskey. 2004-10-02 23:49:22 +00:00
stronk7 9b464d9fb2 admin/blocks.php is now using sesskey. 2004-10-02 23:29:44 +00:00
stronk7 a8b50ee01e admin/block.php is now using sesskey. 2004-10-02 23:09:36 +00:00
stronk7 36b1e811e4 admin/block.php is now using sesskey.
And solved bug when trying to unset config['block']. It isn't
an array but an object.
2004-10-02 23:07:22 +00:00
stronk7 719593e839 admin/backup.php is now using sesskey. 2004-10-02 22:44:25 +00:00
stronk7 249c36eaa0 admin/auth.php is now using sesskey. 2004-10-02 19:43:17 +00:00
stronk7 05c2036b1f admin/admin.php is now using sesskey. 2004-10-02 19:16:16 +00:00
skodak 833b9fd8d5 missing htmlSpecialChars() in INPUT's value 2004-10-02 18:50:25 +00:00
moodler 1721518730 More options for parameter handling ... 2004-10-02 16:11:46 +00:00
moodler bb89f07c23 Don't show hidden activities in activity reports 2004-10-02 15:29:02 +00:00
moodler 27b93cf8e5 Set the sesskey for new admins 2004-10-02 15:21:17 +00:00
ikawhero 10604909ea Changes for language strings 2004-10-02 13:03:59 +00:00
gustav_delius 42cc44d560 provisional fix for bug reported by Timothy Allen in http://moodle.org/mod/forum/discuss.php?d=13388. Provisional because I am not sure I am using the new parameter functions correctly. 2004-10-02 11:09:17 +00:00
ikawhero 7b94708be9 Fixing some bugs in the class 2004-10-01 23:40:34 +00:00
moodler b93635e369 Not ready yet 2004-10-01 15:23:21 +00:00
moodler 22bb7196b0 Don't allow any dots in the subdirectory string for directory resources Thanks Petr! 2004-10-01 15:18:24 +00:00
moodler 98cda81fcf Better check for integer when cleaning parameter 2004-10-01 15:04:21 +00:00
moodler edfa37ae27 Added a new sesskey variable to perform better checks of identity
for some scripts.

Thanks to Petr for finding the exploit!
2004-10-01 14:09:30 +00:00
stronk7 9d90abb900 Included one more translation of links from
assignments to resources. Required in bug 2027.
Easy and not risky.
2004-10-01 11:31:12 +00:00
stronk7 2a135a5f64 More format_text() calls... 2004-10-01 10:26:11 +00:00
stronk7 f85e2d3767 Clean text for category->name 2004-10-01 09:49:06 +00:00
stronk7 b430433c2e clean_text() from entry->concept and aliases!! 2004-10-01 09:46:08 +00:00
stronk7 8259642b1b Changed to new 'point release' schema in STABLE. 2004-10-01 09:23:29 +00:00
moodler ed6804bf75 New functions to check parameters:
required_param()
   optional_param()

Putting them in stable to aid backward compatibility later
2004-10-01 08:40:41 +00:00
stronk7 af796dc774 New version syntax. 2004-10-01 08:36:36 +00:00
ikawhero e39d41ec6b Bug in path for language strings fixed 2004-10-01 04:31:25 +00:00
papita 62b9331113 Latest updates 2004-10-01 04:12:09 +00:00
moodler 9cc29c562c Parameters to common error and notice functions are now always cleaned 2004-10-01 02:38:39 +00:00
moodler 21ba61c3cf Clean error messages just in case scripts have been injected 2004-10-01 02:23:44 +00:00
moodler 9022e87436 Clean action so it isn't shown raw in error messages 2004-10-01 02:18:33 +00:00
moodler 36e62734ec Clean pathname before showing an error 2004-10-01 02:15:03 +00:00
stronk7 d683df8086 Up to 1.4.2 !! 2004-10-01 01:32:10 +00:00
moodler 30a5ea69f5 Latest release notes 2004-09-30 18:15:36 +00:00
moodler 0ed0f0298d Ready for tomorrow 2004-09-30 18:13:58 +00:00
moodler a410c12d23 Fixed bug 2020 in stable 2004-09-30 08:38:20 +00:00
julmis f4df4e9a26 Bug fix for Bug #1999 2004-09-29 22:09:11 +00:00
moodler 73197ea200 Full tags 2004-09-29 16:01:28 +00:00
stronk7 8d3b392d7d More use of SITEID 2004-09-29 15:18:32 +00:00
moodler 1b1779d677 Fixed SQL for PostgreSQL (always use AS). Thanks to Miles Metcalfe from the UK! 2004-09-29 07:54:09 +00:00
moodler ec9111371f Fixed SQL for PostgreSQL (need to always use AS) 2004-09-29 07:52:34 +00:00
moodler e30102faed Checkig pathnames for security 2004-09-29 07:01:33 +00:00
moodler e40bd2e541 Safer processing of pathnames 2004-09-29 06:56:55 +00:00
moodler 2dcadca9a6 Check filenames before including files 2004-09-29 06:51:35 +00:00
moodler b77f5e7a06 Fixes to check path names properly 2004-09-29 05:33:00 +00:00
moodler c99c3dac32 Check resource->type more carefully 2004-09-29 03:11:28 +00:00
stronk7 685a07e8ab Quoted some parameters as they must be. Thanks skodak! 2004-09-28 23:14:31 +00:00
moodler 357df17cb8 Clean modulename before calling include. Thanks again Petr! 2004-09-28 15:54:05 +00:00
moodler 1129e06081 Use the new parameter() function to check parameters better 2004-09-28 15:48:16 +00:00
moodler be35eacfb3 Added new function parameter(). Eventually this will replace all the
optional_variable and require_variable calls anyway, but it's needed
in STABLE to fix some security issues.

See bug 1865.
2004-09-28 15:27:08 +00:00
moodler 74845319b5 Added rtsp to protocols, and moved protocols out to top of the file 2004-09-28 08:25:26 +00:00
moodler ff377eb66b Copy of the change from files/index.php to clean $oldname during rename 2004-09-28 08:02:19 +00:00
moodler 018d7c657a Clean old name as well - thanks, Petr! 2004-09-28 07:59:17 +00:00
moodler c24313bc8c Little typo 2004-09-27 13:51:33 +00:00
moodler 802766d303 Looking at releasing a 1.4.2 within days to include all the recent fixes.
Also, I'm going to change the numbering convention slightly for stable
releases and start using both characters after the date
2004-09-27 13:47:25 +00:00
moodler db5bf3f55a 1) If user or course aren't specified, then assume current user and site course.
2) Closed possible security hole when using userid from form-sunmitted data

   (Thanks again Chief Security Officer Petr!)
2004-09-27 13:24:58 +00:00
moodler 69a791b831 Do safety check on $auth pathname before doing include. Thanks, Petr Skoda! 2004-09-27 12:50:23 +00:00
moodler 2003a0d463 Closed potential security problem (thanks, Petr!) 2004-09-27 01:46:42 +00:00
moodler 62592b861c Moving redirect back again - my fault! bug 2000 2004-09-26 02:41:45 +00:00
stronk7 5fd78134a4 Updated xmilze to official new 1.0.1 version
(it's 'our' version with some comments).
2004-09-25 16:20:35 +00:00
moodler b986e3b007 Upgraded to phpmailer 1.72 - none of the old hacks necessary any more! 2004-09-25 16:01:32 +00:00
moodler 8fcccd5ba8 Restore $CFG->prefix just in case 2004-09-25 15:31:37 +00:00
moodler e335cc7193 EVeryone can login to the site all the time 2004-09-25 15:21:31 +00:00
moodler dc9999208b Daryl Hawes found this fix for bug 1991 2004-09-25 15:17:58 +00:00
moodler 823940bcb3 Only break up subject lines for recent activity bug 1995 2004-09-25 13:10:23 +00:00
stronk7 303eaa286e Added backup & restore to SITE page.
Some changes from hardcoded '1' to SITEID.

See Bug 1928
(http://moodle.org/bugs/bug.php?op=show&bugid=1928)
2004-09-25 11:33:12 +00:00
stronk7 f258f45e31 Scheduled backup improvements:
- Old (>4 hour) directories are deleted at the beginning of the
  execution, so the disk full problem should be out!
- There are 2 types of errors:
    - Controlled errors: The backup process finish although something
        has been wrong.
    - Uncontrolled errors: The backup process dies (memory fault, apache
        problem, electric problem...:-)).
- Now scheduled backup is able to detect previous uncontrolled errors to
  avoid repeating the same course always. It'll be deferred to the next
  execution.
- Every time that a backup cycle has finished, admins will receive an email
  with the summary of the execution.
- The 'ERROR' text will be present in email subjects if something was wrong.

With this, all should be ok (I hope).
2004-09-24 19:01:11 +00:00
stronk7 6d5f3867e9 3 new strings for scheduled backups. 2004-09-24 18:37:03 +00:00
stronk7 e62064ad43 The get_directory_list() function was being executed with
directories excluded so backup_delete_old_dirs() was no
working fine! This should delete REALLY old dirs in sites
with problems in their scheduled backup.
2004-09-24 11:47:03 +00:00
paca70 78a0c06ae6 DB-authentication fix for postgres7.
Fix bud id 1740
2004-09-24 08:41:03 +00:00
paca70 8c589739b6 Fixes for new postgresql database creation 2004-09-24 08:20:42 +00:00
moodler 8a9d7a93af Added two strings for PAM authentication 2004-09-24 04:46:38 +00:00
moodler dd26a66841 Added PAM module for authentication 2004-09-24 04:42:46 +00:00
moodler 8a91a43fae Completely improved database enrolment that actually works this time ;-) 2004-09-23 17:00:20 +00:00
moodler 7b8ebd2771 Redirect to site page earlier if we know it's a site 2004-09-23 16:59:29 +00:00
moodler 146296b733 Allow course creators to restore to new or existing courses too 2004-09-23 11:25:44 +00:00
moodler 95c129edfb Fixed bug in forum ratings with PHP 5 2004-09-23 07:36:20 +00:00
moodler f5650a9675 Highlight was stripping backslashes but I can't see why! 2004-09-23 07:19:57 +00:00
paca70 6b9d8ab22b Added utf8_decode when reading info from ldap.
Thanks to stronk7 pointing this out.
2004-09-22 18:45:05 +00:00
moodler c4b8c0c709 New versions of get_courses and get_courses_page that don't require
a big JOIN between 'course' and 'user_teachers'.

Normally it works fine, but on one server with big tables I saw
a terrible delay that could not be fixed with indexes or by
upgrading MySQL ...

These new versions just avoid the issue.
2004-09-22 15:44:41 +00:00
bobopinna f6c70cf3bf Fixed a problem with onbeforeunload 2004-09-20 14:33:44 +00:00
bobopinna ebd62fdd86 Fixed a typo 2004-09-20 14:32:08 +00:00
moodler 6cce9458a5 Should always use p() function when printing variables 2004-09-20 12:47:56 +00:00
defacer 2c241d2a9d Fix for bug 1957:
Now the calendar behaves correctly even if you "log as" someone else.
2004-09-19 22:18:33 +00:00
moodler 8a70716abf Strip tags from heading before calling print_heading_with_help 2004-09-19 14:00:00 +00:00
moodler 1defa4e7be Pass formatoptions when formatting text so that it's not cleaned 2004-09-19 04:30:58 +00:00
skodak 7b3019e3e6 short php tags - Bug #1956 2004-09-18 22:31:11 +00:00
moodler 1cca75d257 On the front page, if the user is logged in then the calendar blocks
now only show events from their own courses.   bug 1957.
2004-09-18 13:16:01 +00:00
moodler f8ab1daa7c Merged forum post headers feature from HEAD into 1.4.x so that we
can use this on moodle.org posts (among other sites ;-)).
2004-09-18 08:18:02 +00:00
rkingdon 5e56f16030 One more workshop help file... 2004-09-17 17:58:22 +00:00
rkingdon 9b30b693ad Adding the five help files needed by the 1.4 STABLE 2004-09-17 17:39:38 +00:00
moodler 50e752d018 Moved spellcheck button a little :-) 2004-09-17 03:53:37 +00:00
moodler a187eda73f Fix for PHP5 new object referencing ... :-/
http://moodle.org/mod/forum/discuss.php?d=12541
2004-09-17 02:58:16 +00:00
defacer 0afc847f80 Small fixes: change site-detection code to use SITEID and some XHTML stuff
(I 'm going to merge this over to HEAD).
2004-09-16 10:52:00 +00:00
defacer 198f0fb09b Changed all references to hard-coded "1"s to SITEID. Made the logical expressions
in those lines a bit more clear. Removed one obsolete function. Thanks Eloy! :-)
2004-09-16 10:25:08 +00:00
moodler 203469c660 Implemented fix to use draw_rand_array instead of shuffle
(From Bernard Boucher, see bug 1889)

This could use some better testing!
2004-09-16 05:42:18 +00:00
mchurch 5ec9237d2b Fixed remove_teacher, so that a removed teacher is also removed from any
groups they belong to.
2004-09-14 23:41:27 +00:00
mchurch 908b8b9a4f Fixed strip_pages bug. 2004-09-13 23:09:33 +00:00
stronk7 855faed103 Release 1.4.1 info merged from HEAD.
(perhaps anybody forgot to do this before 1.4.1 release?) :-D
2004-09-13 19:31:09 +00:00
moodler 69f1e0a3cf This should make the charset detection automatic ... 2004-09-13 08:20:30 +00:00
moodler b8a6ed644b Checking in fixes to xml_parser_create to specify an encoding (UTF-8)
See Eloy's bug 1927 for details.

After this checkin I'll be immediately testing some backup/restores on PHP 4.
2004-09-13 07:42:13 +00:00
moodler 41e783c3cc Moving on ... 2004-09-12 16:24:11 +00:00
moodler ed6913a320 Merged more stuff from HEAD 2004-09-12 08:21:57 +00:00
moodler 854e0622c3 Merged changes from Trunk 2004-09-11 15:51:37 +00:00
moodler 7d5e12061e Seems very stable, I'll add the email protection filter to stable 2004-09-11 13:29:29 +00:00
moodler 0e468cfc54 FIxed some HTML 2004-09-11 08:35:37 +00:00
mchurch 7dc26ba47b Fixed a bug to export caused by removal of the email filters. 2004-09-10 18:34:52 +00:00
2651 changed files with 68135 additions and 58240 deletions
+1
View File
@@ -1,6 +1,7 @@
<form name="adminform" id="adminform" method="post" action="admin.php">
<input type="hidden" name="previoussearch" value="<?php echo $previoussearch ?>">
<input type="hidden" name="sesskey" value="<?php echo $USER->sesskey ?>">
<table align="center" border="0" cellpadding="5" cellspacing="0">
<tr>
<td valign="top">
+4
View File
@@ -19,6 +19,10 @@
error("You must be an administrator to use this page.");
}
if (!confirm_sesskey()) {
error(get_string('confirmsesskeybad', 'error'));
}
$primaryadmin = get_admin();
/// If you want any administrator to have the ability to assign admin
+9 -4
View File
@@ -12,10 +12,13 @@
error("Only the admin can use this page");
}
if (!confirm_sesskey()) {
error(get_string('confirmsesskeybad', 'error'));
}
/// If data submitted, then process and store.
if ($config = data_submitted()) {
if ($config = data_submitted()) {
$config = (array)$config;
validate_form($config, $err);
@@ -27,7 +30,7 @@
notify("Problem saving config $name as $value");
}
}
redirect("auth.php", get_string("changessaved"), 1);
redirect("auth.php?sesskey=$USER->sesskey", get_string("changessaved"), 1);
exit;
} else {
@@ -35,7 +38,7 @@
$focus = "form.$key";
}
}
}
}
/// Otherwise fill and print the form.
@@ -53,6 +56,7 @@
} else {
$auth = $config->auth;
}
$auth = clean_filename($auth);
require_once("$CFG->dirroot/auth/$auth/lib.php"); //just to make sure that current authentication functions are loaded
if (! isset($config->guestloginbutton)) {
$config->guestloginbutton = 1;
@@ -93,9 +97,10 @@
echo "<CENTER><P><B>";
echo "<form TARGET=\"{$CFG->framename}\" NAME=\"authmenu\" method=\"post\" action=\"auth.php\">";
echo "<input type=\"hidden\" name=\"sesskey\" value=\"".$USER->sesskey."\">";
print_string("chooseauthmethod","auth");
choose_from_menu ($options, "auth", $auth, "","document.location='auth.php?auth='+document.authmenu.auth.options[document.authmenu.auth.selectedIndex].value", "");
choose_from_menu ($options, "auth", $auth, "","document.location='auth.php?sesskey=$USER->sesskey&auth='+document.authmenu.auth.options[document.authmenu.auth.selectedIndex].value", "");
echo "</B></P></CENTER>";
+5 -1
View File
@@ -15,6 +15,10 @@
error("Site isn't defined!");
}
if (!confirm_sesskey()) {
error(get_string('confirmsesskeybad', 'error'));
}
//Initialise error variables
$error = false;
$sche_destination_error = "";
@@ -73,7 +77,7 @@
}
if ($status) {
//get courses
if ($courses = get_records("course")) {
if ($courses = get_records('course', '', '', '', 'id,shortname')) {
//For each course, we check (insert, update) the backup_course table
//with needed data
foreach ($courses as $course) {
+8 -4
View File
@@ -14,6 +14,10 @@
error("Site isn't defined!");
}
if (!confirm_sesskey()) {
error(get_string('confirmsesskeybad', 'error'));
}
require_variable($_REQUEST['block']);
$blockid = intval($_REQUEST['block']);
@@ -28,13 +32,13 @@
/// If data submitted, then process and store.
if ($config = data_submitted()) {
unset($config['block']); // This will always be set if we have reached this point
$block->handle_config($config);
if ($config = data_submitted()) {
unset($config->block); // This will always be set if we have reached this point
$block->handle_config($config);
print_header();
redirect("$CFG->wwwroot/$CFG->admin/blocks.php", get_string("changessaved"), 1);
exit;
}
}
/// Otherwise print the form.
+8 -8
View File
@@ -44,21 +44,21 @@
/// If data submitted, then process and store.
if (!empty($_GET['hide'])) {
if (!empty($_GET['hide']) and confirm_sesskey()) {
if (!$block = get_record('blocks', 'id', $_GET['hide'])) {
error("Block doesn't exist!");
}
set_field('blocks', 'visible', '0', 'id', $block->id); // Hide block
}
if (!empty($_GET['show'])) {
if (!empty($_GET['show']) and confirm_sesskey() ) {
if (!$block = get_record('blocks', 'id', $_GET['show'])) {
error("Block doesn't exist!");
}
set_field('blocks', 'visible', '1', 'id', $block->id); // Show block
}
if (!empty($delete)) {
if (!empty($delete) and confirm_sesskey()) {
if (!$block = get_record('blocks', 'id', $delete)) {
error("Block doesn't exist!");
@@ -69,7 +69,7 @@
if (!$_GET['confirm']) {
notice_yesno(get_string('blockdeleteconfirm', '', $strblockname),
'blocks.php?delete='.$block->id.'&amp;confirm=1',
'blocks.php?delete='.$block->id.'&amp;confirm=1&sesskey='.$USER->sesskey,
'blocks.php');
print_footer();
exit;
@@ -148,21 +148,21 @@
//$icon = "<img src=\"$modpixpath/$block->name/icon.gif\" hspace=10 height=16 width=16 border=0>";
$blockobject = $blockobjects[$blockid];
$delete = '<a href="blocks.php?delete='.$blockid.'">'.$strdelete.'</a>';
$delete = '<a href="blocks.php?delete='.$blockid.'&sesskey='.$USER->sesskey.'">'.$strdelete.'</a>';
$settings = ''; // By default, no configuration
if($blockobject->has_config()) {
$settings = '<a href="block.php?block='.$blockid.'">'.$strsettings.'</a>';
$settings = '<a href="block.php?block='.$blockid.'&sesskey='.$USER->sesskey.'">'.$strsettings.'</a>';
}
$count = blocks_get_courses_using_block_by_id($blockid);
$class = ''; // Nothing fancy, by default
if ($blocks[$blockid]->visible) {
$visible = '<a href="blocks.php?hide='.$blockid.'" title="'.$strhide.'">'.
$visible = '<a href="blocks.php?hide='.$blockid.'&sesskey='.$USER->sesskey.'" title="'.$strhide.'">'.
'<img src="'.$pixpath.'/i/hide.gif" style="height: 16px; width: 16px;" /></a>';
} else {
$visible = '<a href="blocks.php?show='.$blockid.'" title="'.$strshow.'">'.
$visible = '<a href="blocks.php?show='.$blockid.'&sesskey='.$USER->sesskey.'" title="'.$strshow.'">'.
'<img src="'.$pixpath.'/i/show.gif" style="height: 16px; width: 16px;" /></a>';
$class = ' class="dimmed_text"'; // Leading space required!
}
+1
View File
@@ -611,6 +611,7 @@
<tr>
<td colspan=3 align=center>
<input type="hidden" name="sesskey" value="<?php p($sesskey) ?>">
<input type="submit" value="<?php print_string("savechanges") ?>"></td>
</tr>
</table>
+18 -10
View File
@@ -3,7 +3,6 @@
require_once("../config.php");
if ($site = get_site()) { // If false then this is a new installation
require_login();
if (!isadmin()) {
@@ -22,6 +21,12 @@
if ($config = data_submitted($match)) {
if (!empty($USER->id)) { // Additional identity check
if (!confirm_sesskey()) {
error(get_string('confirmsesskeybad', 'error'));
}
}
validate_form($config, $err);
if (count($err) == 0) {
@@ -82,6 +87,8 @@
echo "<br />";
}
$sesskey = !empty($USER->id) ? $USER->sesskey : '';
print_simple_box_start("center", "", "$THEME->cellheading");
include("config.html");
print_simple_box_end();
@@ -90,12 +97,14 @@
$httpsurl = str_replace('http://', 'https://', $CFG->wwwroot);
if ($httpsurl != $CFG->wwwroot) {
if ((($fh = @fopen($httpsurl, 'r')) == false) and ($config->loginhttps == 0)) {
echo '<script>'."\n";
echo '<!--'."\n";
echo "eval('document.form.loginhttps.disabled=true');\n";
echo '-->'."\n";
echo '</script>'."\n";
if (ini_get('allow_url_fopen')) {
if ((($fh = @fopen($httpsurl, 'r')) == false) and ($config->loginhttps == 0)) {
echo '<script>'."\n";
echo '<!--'."\n";
echo "eval('document.form.loginhttps.disabled=true');\n";
echo '-->'."\n";
echo '</script>'."\n";
}
}
}
@@ -110,10 +119,9 @@
function validate_form(&$form, &$err) {
// if (empty($form->fullname))
// $err["fullname"] = get_string("missingsitename");
// Currently no checks are needed ...
return;
return true;
}
+3 -3
View File
@@ -34,14 +34,14 @@
get_string("adminhelpmanagemodules"));
$table->data[] = array("<b><a href=\"blocks.php\">".get_string("manageblocks")."</a></b>",
get_string("adminhelpmanageblocks"));
$table->data[] = array("<b><a href=\"filters.php\">".get_string("managefilters")."</a></b>",
$table->data[] = array("<b><a href=\"filters.php?sesskey=$USER->sesskey\">".get_string("managefilters")."</a></b>",
get_string("adminhelpmanagefilters"));
if (!isset($CFG->disablescheduledbackups)) {
$table->data[] = array("<b><a href=\"backup.php\">".get_string("backup")."</a></b>",
$table->data[] = array("<b><a href=\"backup.php?sesskey=$USER->sesskey\">".get_string("backup")."</a></b>",
get_string("adminhelpbackup"));
}
$table->data[]= array("<b><a href=\"editor.php\">". get_string("editorsettings") ."</a></b>",
$table->data[]= array("<b><a href=\"editor.php?sesskey=$USER->sesskey\">". get_string("editorsettings") ."</a></b>",
get_string("adminhelpeditorsettings"));
print_table($table);
+1
View File
@@ -1,6 +1,7 @@
<form name="creatorsform" id="creatorsform" method="post" action="creators.php">
<input type="hidden" name="previoussearch" value="<?php echo $previoussearch ?>">
<input type="hidden" name="sesskey" value="<?php echo $USER->sesskey ?>">
<table align="center" border="0" cellpadding="5" cellspacing="0">
<tr>
<td valign="top">
+4
View File
@@ -19,6 +19,10 @@
error("You must be an administrator to use this page.");
}
if (!confirm_sesskey()) {
error(get_string('confirmsesskeybad', 'error'));
}
$primaryadmin = get_admin();
/// assign all of the configurable language strings
+11 -16
View File
@@ -11,9 +11,12 @@
/// eg wget -q -O /dev/null 'http://moodle.somewhere.edu/admin/cron.php'
/// or php /web/moodle/admin/cron.php
$FULLME = "cron";
$starttime = microtime();
/// The following is a hack necessary to allow this script to work well
/// from the command line.
define('FULLME', 'cron');
/// The current directory in PHP version 4.3.0 and above isn't necessarily the
/// directory of the script when run from the command line. The require_once()
@@ -99,19 +102,6 @@
}
flush();
/// Delete duplicate enrolments (don't know what causes these yet - expired sessions?)
if ($users = get_records_select("user_students", "userid > 0 GROUP BY course, userid ".
"HAVING count(*) > 1", "", "*,count(*)")) {
foreach ($users as $user) {
delete_records_select("user_students", "userid = '$user->userid' ".
"AND course = '$user->course' AND id <> '$user->id'");
}
}
flush();
/// Delete old logs to save space (this might need a timer to slow it down...)
if (!empty($CFG->loglifetime)) { // value in days
@@ -128,6 +118,11 @@
}
flush();
if (!empty($CFG->langcache)) {
get_list_of_languages();
}
flush();
if (!empty($CFG->notifyloginfailures)) {
notify_login_failures();
}
@@ -144,7 +139,7 @@
//Execute backup's cron
//Perhaps a long time and memory could help in large sites
@set_time_limit(0);
@ini_set("memory_limit","128M");
@raise_memory_limit("128M");
if (file_exists("$CFG->dirroot/backup/backup_scheduled.php") and
file_exists("$CFG->dirroot/backup/backuplib.php") and
file_exists("$CFG->dirroot/backup/lib.php") and
+24 -17
View File
@@ -3,31 +3,38 @@
// Deletes the moodledata directory, COMPLETELY!!
// BE VERY CAREFUL USING THIS!
require_once("../config.php");
require_once('../config.php');
require_login();
$sure = optional_param('sure', '');
$reallysure = optional_param('reallysure', '');
if (!isadmin()) {
error("You must be admin to use this script!");
error('You must be admin to use this script!');
}
$deletedir = $CFG->dataroot; // The directory to delete!
if (!$sure) {
notice_yesno ("Are you completely sure you want to delete everything inside the directory $deletedir ?", "delete.php?sure=yes", "index.php");
if (empty($sure)) {
notice_yesno ('Are you completely sure you want to delete everything inside the directory '. $deletedir .' ?', 'delete.php?sure=yes&amp;sesskey='.set_user_sesskey(), 'index.php');
exit;
}
if (!$reallysure) {
notice_yesno ("Are you REALLY REALLY completely sure you want to delete everything inside the directory $deletedir (this includes all user images, and any other course files that have been created) ?", "delete.php?sure=yes&reallysure=yes", "index.php");
if (empty($reallysure)) {
notice_yesno ('Are you REALLY REALLY completely sure you want to delete everything inside the directory '. $deletedir .' (this includes all user images, and any other course files that have been created) ?', 'delete.php?sure=yes&amp;reallysure=yes&amp;sesskey='.set_user_sesskey(), 'index.php');
exit;
}
if (!confirm_sesskey()) {
error('This script was called wrongly');
}
/// OK, here goes ...
delete_subdirectories($deletedir);
echo "<H1 align=center>Done!</H1>";
echo '<h1 align="center">Done!</h1>';
print_continue($CFG->wwwroot);
exit;
@@ -37,22 +44,22 @@ function delete_subdirectories($rootdir) {
$dir = opendir($rootdir);
while ($file = readdir($dir)) {
if ($file != "." and $file != "..") {
$fullfile = "$rootdir/$file";
if (filetype($fullfile) == "dir") {
if ($file != '.' and $file != '..') {
$fullfile = $rootdir .'/'. $file;
if (filetype($fullfile) == 'dir') {
delete_subdirectories($fullfile);
echo "Deleting $fullfile ... ";
echo 'Deleting '. $fullfile .' ... ';
if (rmdir($fullfile)) {
echo "Done.<BR>";
echo 'Done.<br />';
} else {
echo "FAILED.<BR>";
echo 'FAILED.<br />';
}
} else {
echo "Deleting $fullfile ... ";
if (unlink("$fullfile")) {
echo "Done.<BR>";
echo 'Deleting '. $fullfile .' ... ';
if (unlink($fullfile)) {
echo 'Done.<br />';
} else {
echo "FAILED.<BR>";
echo 'FAILED.<br />';
}
}
}
+3 -1
View File
@@ -1,4 +1,5 @@
<form method="post" action="<?php print($GLOBALS['ME']);?>">
<form method="post" action="editor.php">
<input type="hidden" name="sesskey" value="<?php echo $USER->sesskey ?>">
<table border="0" cellpadding="4" cellspacing="2">
<tr valign=top>
<td align=right><p>htmleditor:</td>
@@ -76,6 +77,7 @@
</form>
<form method="post" action="<?php print($GLOBALS['ME']);?>">
<input type="hidden" name="sesskey" value="<?php echo $USER->sesskey ?>">
<center>
<input type="submit" name="resettodefaults" value="<?php print_string('editorresettodefaults') ?>" />
</center>
+5 -1
View File
@@ -8,6 +8,10 @@
error("Only admins can access this page");
}
if (!confirm_sesskey()) {
error(get_string('confirmsesskeybad', 'error'));
}
if ($data = data_submitted()) {
// do we want default values?
@@ -21,7 +25,7 @@
error("Editor settings could not be updated!");
}
}
redirect("$CFG->wwwroot/$CFG->admin/editor.php", get_string("changessaved"), 1);
redirect("$CFG->wwwroot/$CFG->admin/editor.php?sesskey=$USER->sesskey", get_string("changessaved"), 1);
} else {
// Generate edit form
+11 -3
View File
@@ -3,8 +3,10 @@
// Yes, enrol is correct English spelling.
include("../config.php");
$enrol = optional_param('enrol', $CFG->enrol);
require_login();
optional_variable($enrol, $CFG->enrol);
if (!$site = get_site()) {
redirect("index.php");
@@ -14,6 +16,11 @@
error("Only the admin can use this page");
}
if (!confirm_sesskey()) {
error(get_string('confirmsesskeybad', 'error'));
}
$enrol = clean_filename($enrol);
require_once("$CFG->dirroot/enrol/$enrol/enrol.php"); /// Open the class
$enrolment = new enrolment_plugin();
@@ -24,7 +31,7 @@
if ($frm = data_submitted()) {
if ($enrolment->process_config($frm)) {
set_config('enrol', $frm->enrol);
redirect("enrol.php", get_string("changessaved"), 1);
redirect("enrol.php?sesskey=$USER->sesskey", get_string("changessaved"), 1);
}
} else {
$frm = $CFG;
@@ -47,13 +54,14 @@
<a href=\"users.php\">$str->users</a> -> $str->enrolments");
echo "<form target=\"{$CFG->framename}\" name=\"enrolmenu\" method=\"post\" action=\"enrol.php\">";
echo "<input type=\"hidden\" name=\"sesskey\" value=\"".$USER->sesskey."\">";
echo "<div align=\"center\"><p><b>";
/// Choose an enrolment method
echo get_string('chooseenrolmethod').': ';
choose_from_menu ($options, "enrol", $enrol, "",
"document.location='enrol.php?enrol='+document.enrolmenu.enrol.options[document.enrolmenu.enrol.selectedIndex].value", "");
"document.location='enrol.php?sesskey=$USER->sesskey&enrol='+document.enrolmenu.enrol.options[document.enrolmenu.enrol.selectedIndex].value", "");
echo "</b></p></div>";
+2
View File
@@ -1,6 +1,7 @@
<?php print_simple_box_start("center", "", "$THEME->cellheading"); ?>
<form name="filters" id="filters" method="post" action="filters.php">
<input type="hidden" name="sesskey" value="<?php echo $USER->sesskey ?>">
<table align="center" border="0" cellpadding="5" cellspacing="0">
<tr>
<td valign="top"><div align="right">
@@ -80,6 +81,7 @@
<?php print_simple_box_start("center", "", "$THEME->cellheading"); ?>
<form name="options" id="options" method="post" action="filters.php">
<input type="hidden" name="sesskey" value="<?php echo $USER->sesskey ?>">
<input type="hidden" name="options" value="1">
<table cellpadding="20">
<tr valign=top>
+4
View File
@@ -16,6 +16,10 @@
error("Only administrators can use this page!");
}
if (!confirm_sesskey()) {
error(get_string('confirmsesskeybad', 'error'));
}
if (!$site = get_site()) {
error("Site isn't defined!");
}
+20 -14
View File
@@ -249,7 +249,6 @@
error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
/// At this point everything is set up and the user is an admin, so print menu
$stradministration = get_string("administration");
@@ -263,6 +262,12 @@
print_spacer(10,10);
}
/// If no recently cron run
$lastcron = get_field_sql('SELECT max(lastcron) FROM ' . $CFG->prefix . 'modules');
if (time() - $lastcron > 3600 * 24) {
print_simple_box(get_string('cronwarning', 'admin') , 'center');
}
$table->tablealign = "right";
$table->align = array ("right", "left");
$table->wrap = array ("nowrap", "nowrap");
@@ -282,46 +287,46 @@
get_string("adminhelpmanagemodules")."</font><br />";
$configdata .= "<font size=+1>&nbsp;</font><a href=\"blocks.php\">".get_string("manageblocks")."</a> - <font size=1>".
get_string("adminhelpmanageblocks")."</font><br />";
$configdata .= "<font size=+1>&nbsp;</font><a href=\"filters.php\">".get_string("managefilters")."</a> - <font size=1>".
$configdata .= "<font size=+1>&nbsp;</font><a href=\"filters.php?sesskey=$USER->sesskey\">".get_string("managefilters")."</a> - <font size=1>".
get_string("adminhelpmanagefilters")."</font><br />";
if (!isset($CFG->disablescheduledbackups)) {
$configdata .= "<font size=+1>&nbsp;</font><a href=\"backup.php\">".get_string("backup")."</a> - <font size=1>".
$configdata .= "<font size=+1>&nbsp;</font><a href=\"backup.php?sesskey=$USER->sesskey\">".get_string("backup")."</a> - <font size=1>".
get_string("adminhelpbackup")."</font><br />";
}
$configdata .= "<font size=+1>&nbsp;</font><a href=\"editor.php\">". get_string("editorsettings") ."</a> - <font size=1>".
$configdata .= "<font size=+1>&nbsp;</font><a href=\"editor.php?sesskey=$USER->sesskey\">". get_string("editorsettings") ."</a> - <font size=1>".
get_string("adminhelpeditorsettings")."</font><br />";
$table->data[] = array("<font size=+1><b><a href=\"configure.php\">".get_string("configuration")."</a></b>",
$configdata);
$userdata = "<font size=+1>&nbsp;</font><a href=\"auth.php\">".get_string("authentication")."</a> - <font size=1>".
$userdata = "<font size=+1>&nbsp;</font><a href=\"auth.php?sesskey=$USER->sesskey\">".get_string("authentication")."</a> - <font size=1>".
get_string("adminhelpauthentication")."</font><br />";
$userdata .= "<font size=+1>&nbsp;</font><a href=\"user.php\">".get_string("edituser")."</a> - <font size=1>".
get_string("adminhelpedituser")."</font><br />";
$userdata .= "<font size=+1>&nbsp;</font><a href=\"$CFG->wwwroot/$CFG->admin/user.php?newuser=true\">".
$userdata .= "<font size=+1>&nbsp;</font><a href=\"$CFG->wwwroot/$CFG->admin/user.php?newuser=true&sesskey=$USER->sesskey\">".
get_string("addnewuser")."</a> - <font size=1>".
get_string("adminhelpaddnewuser")."</font><br />";
$userdata .= "<font size=+1>&nbsp;</font><a href=\"$CFG->wwwroot/$CFG->admin/uploaduser.php\">".
$userdata .= "<font size=+1>&nbsp;</font><a href=\"$CFG->wwwroot/$CFG->admin/uploaduser.php?sesskey=$USER->sesskey\">".
get_string("uploadusers")."</a> - <font size=1>".
get_string("adminhelpuploadusers")."</font><br />";
$userdata .= "<hr><font size=+1>&nbsp;</font><a href=\"enrol.php\">".get_string("enrolments")."</a> - <font size=1>".
$userdata .= "<hr><font size=+1>&nbsp;</font><a href=\"enrol.php?sesskey=$USER->sesskey\">".get_string("enrolments")."</a> - <font size=1>".
get_string("adminhelpenrolments")."</font><br />";
$userdata .= "<font size=+1>&nbsp;</font><a href=\"../course/index.php?edit=off\">".get_string("assignstudents")."</a> - <font size=1>".
$userdata .= "<font size=+1>&nbsp;</font><a href=\"../course/index.php?edit=off&sesskey=$USER->sesskey\">".get_string("assignstudents")."</a> - <font size=1>".
get_string("adminhelpassignstudents")."</font><br />";
$userdata .= "<font size=+1>&nbsp;</font><a href=\"../course/index.php?edit=on\">".get_string("assignteachers")."</a> - <font size=1>".
$userdata .= "<font size=+1>&nbsp;</font><a href=\"../course/index.php?edit=on&sesskey=$USER->sesskey\">".get_string("assignteachers")."</a> - <font size=1>".
get_string("adminhelpassignteachers").
" <img src=\"../pix/t/user.gif\" height=11 width=11></font><br />";
$userdata .= "<font size=+1>&nbsp;</font><a href=\"creators.php\">".get_string("assigncreators")."</a> - <font size=1>".
$userdata .= "<font size=+1>&nbsp;</font><a href=\"creators.php?sesskey=$USER->sesskey\">".get_string("assigncreators")."</a> - <font size=1>".
get_string("adminhelpassigncreators")."</font><br />";
$userdata .= "<font size=+1>&nbsp;</font><a href=\"admin.php\">".get_string("assignadmins")."</a> - <font size=1>".
$userdata .= "<font size=+1>&nbsp;</font><a href=\"admin.php?sesskey=$USER->sesskey\">".get_string("assignadmins")."</a> - <font size=1>".
get_string("adminhelpassignadmins")."</font><br />";
$table->data[] = array("<font size=+1><b><a href=\"users.php\">".get_string("users")."</a></b>", $userdata);
$table->data[] = array("<font size=+1><b><a href=\"../course/index.php?edit=on\">".get_string("courses")."</a></b>",
$table->data[] = array("<font size=+1><b><a href=\"../course/index.php?edit=on&sesskey=$USER->sesskey\">".get_string("courses")."</a></b>",
"<font size=+1>&nbsp;</font>".get_string("adminhelpcourses"));
$table->data[] = array("<font size=+1><b><a href=\"../course/log.php?id=$site->id\">".get_string("logs")."</a></b>",
"<font size=+1>&nbsp;</font>".get_string("adminhelplogs"));
@@ -354,7 +359,8 @@
echo "</td>";
echo "<td align=center width=33%>";
print_single_button("register.php", NULL, get_string("registration"));
$options['sesskey'] = $USER->sesskey;
print_single_button("register.php", $options, get_string("registration"));
echo "</td>";
echo "<tr></table>";
+13 -10
View File
@@ -27,15 +27,17 @@
case "missing":
$navigation = "<A HREF=\"lang.php\">$strlanguage</A> -> $strmissingstrings";
$title = $strmissingstrings;
$button = '<form target="'.$CFG->framename.'" method="get" action="'.$CFG->wwwroot.'/admin/lang.php">'.
$button = '<form target="'.$CFG->framename.'" method="get" action="'.$CFG->wwwroot.'/'.$CFG->admin.'/lang.php">'.
'<input type="hidden" name="mode" value="compare" />'.
'<input type="hidden" name="sesskey" value="'.$USER->sesskey.'" />'.
'<input type="submit" value="'.$strcomparelanguage.'" /></form>';
break;
case "compare":
$navigation = "<A HREF=\"lang.php\">$strlanguage</A> -> $strcomparelanguage";
$title = $strcomparelanguage;
$button = '<form target="'.$CFG->framename.'" method="get" action="'.$CFG->wwwroot.'/admin/lang.php">'.
$button = '<form target="'.$CFG->framename.'" method="get" action="'.$CFG->wwwroot.'/'.$CFG->admin.'/lang.php">'.
'<input type="hidden" name="mode" value="missing" />'.
'<input type="hidden" name="sesskey" value="'.$USER->sesskey.'" />'.
'<input type="submit" value="'.$strmissingstrings.'" /></form>';
break;
default:
@@ -58,10 +60,10 @@
echo "<table align=center><tr><td align=\"right\">";
echo "<b>$strcurrentlanguage:</b>";
echo "</td><td>";
echo popup_form ("$CFG->wwwroot/admin/lang.php?lang=", $langs, "chooselang", $currlang, "", "", "", true);
echo popup_form ("$CFG->wwwroot/$CFG->admin/lang.php?lang=", $langs, "chooselang", $currlang, "", "", "", true);
echo "</td></tr></table>";
print_heading("<a href=\"lang.php?mode=missing\">$strmissingstrings</a>");
print_heading("<a href=\"lang.php?mode=compare\">$strcomparelanguage</a>");
print_heading("<a href=\"lang.php?mode=missing&sesskey=$USER->sesskey\">$strmissingstrings</a>");
print_heading("<a href=\"lang.php?mode=compare&sesskey=$USER->sesskey\">$strcomparelanguage</a>");
echo "<center><hr noshade size=1>";
$options["lang"] = $currentlang;
print_single_button("http://moodle.org/download/lang/", $options, get_string("latestlanguagepack"));
@@ -85,7 +87,7 @@
}
}
if ($mode == "missing") {
if ($mode == "missing" and confirm_sesskey()) {
// For each file, check that a counterpart exists, then check all the strings
foreach ($stringfiles as $file) {
@@ -151,7 +153,7 @@
notice(get_string("languagegood"), "lang.php");
}
} else if ($mode == "compare") {
} else if ($mode == "compare" and confirm_sesskey()) {
if (isset($_POST['currentfile'])){ // Save a file
$newstrings = $_POST;
@@ -159,7 +161,7 @@
if (lang_save_file($langdir, $currentfile, $newstrings)) {
notify(get_string("changessaved")." ($langdir/$currentfile)", "green");
} else {
error("Could not save the file '$currentfile'!", "lang.php?mode=compare&currentfile=$currentfile");
error("Could not save the file '$currentfile'!", "lang.php?mode=compare&currentfile=$currentfile&sesskey=$USER->sesskey");
}
}
@@ -171,7 +173,7 @@
if ($file == $currentfile) {
echo "<b>$file</b> &nbsp; ";
} else {
echo "<a href=\"lang.php?mode=compare&currentfile=$file\">$file</a> &nbsp; ";
echo "<a href=\"lang.php?mode=compare&currentfile=$file&sesskey=$USER->sesskey\">$file</a> &nbsp; ";
}
}
echo '</font></center>';
@@ -201,7 +203,7 @@
unset($string);
include("$enlangdir/$currentfile");
$enstring = $string;
if ($currentlang != 'en') {
if ($currentlang != 'en' and $currentfile == 'moodle.php') {
$enstring['thislanguage'] = "<< TRANSLATORS: Specify the name of your language here. If possible use Unicode Numeric Character References >>";
$enstring['thischarset'] = "<< TRANSLATORS: Specify the character set of your language here. Note that all text created while this language is active will be stored using this character set, so don't change it once you have set it. Example: iso-8859-1 >>";
$enstring['thisdirection'] = "<< TRANSLATORS: This string specifies the direction of your text, either left-to-right or right-to-left. Insert either 'ltr' or 'rtl' here. >>";
@@ -214,6 +216,7 @@
if ($editable) {
echo "<form name=\"$currentfile\" action=\"lang.php\" method=\"post\">";
echo '<input type="hidden" name="sesskey" value="'.$USER->sesskey.'" />';
}
echo "<table width=\"100%\" cellpadding=2 cellspacing=3 border=0>";
foreach ($enstring as $key => $envalue) {
+4
View File
@@ -13,6 +13,9 @@
error("Site isn't defined!");
}
if (!confirm_sesskey()) {
error(get_string('confirmsesskeybad', 'error'));
}
/// If data submitted, then process and store.
@@ -29,6 +32,7 @@
require_variable($module);
$module = clean_filename($module);
require_once("$CFG->dirroot/mod/$module/lib.php");
+8 -8
View File
@@ -42,7 +42,7 @@
/// If data submitted, then process and store.
if (!empty($hide)) {
if (!empty($hide) and confirm_sesskey()) {
if (!$module = get_record("modules", "name", $hide)) {
error("Module doesn't exist!");
}
@@ -50,7 +50,7 @@
set_field("course_modules", "visible", "0", "module", $module->id); // Hide all related activity modules
}
if (!empty($show)) {
if (!empty($show) and confirm_sesskey()) {
if (!$module = get_record("modules", "name", $show)) {
error("Module doesn't exist!");
}
@@ -58,13 +58,13 @@
set_field("course_modules", "visible", "1", "module", $module->id); // Show all related activity modules
}
if (!empty($delete)) {
if (!empty($delete) and confirm_sesskey()) {
$strmodulename = get_string("modulename", "$delete");
if (empty($confirm)) {
notice_yesno(get_string("moduledeleteconfirm", "", $strmodulename),
"modules.php?delete=$delete&confirm=$delete",
"modules.php?delete=$delete&confirm=$delete&sesskey=$USER->sesskey",
"modules.php");
print_footer();
exit;
@@ -162,10 +162,10 @@
$icon = "<img src=\"$modpixpath/$module->name/icon.gif\" hspace=10 height=16 width=16 border=0>";
$delete = "<a href=\"modules.php?delete=$module->name\">$strdelete</a>";
$delete = "<a href=\"modules.php?delete=$module->name&sesskey=$USER->sesskey\">$strdelete</a>";
if (file_exists("$CFG->dirroot/mod/$module->name/config.html")) {
$settings = "<a href=\"module.php?module=$module->name\">$strsettings</a>";
$settings = "<a href=\"module.php?module=$module->name&sesskey=$USER->sesskey\">$strsettings</a>";
} else {
$settings = "";
}
@@ -173,11 +173,11 @@
$count = count_records("$module->name");
if ($module->visible) {
$visible = "<a href=\"modules.php?hide=$module->name\" title=\"$strhide\">".
$visible = "<a href=\"modules.php?hide=$module->name&sesskey=$USER->sesskey\" title=\"$strhide\">".
"<img src=\"$pixpath/i/hide.gif\" align=\"absmiddle\" height=16 width=16 border=0></a>";
$class = "";
} else {
$visible = "<a href=\"modules.php?show=$module->name\" title=\"$strshow\">".
$visible = "<a href=\"modules.php?show=$module->name&sesskey=$USER->sesskey\" title=\"$strshow\">".
"<img src=\"$pixpath/i/show.gif\" align=\"absmiddle\" height=16 width=16 border=0></a>";
$class = "class=\"dimmed_text\"";
}
+8 -8
View File
@@ -13,6 +13,10 @@
redirect("index.php");
}
if (!confirm_sesskey()) {
error(get_string('confirmsesskeybad', 'error'));
}
if (!$admin = get_admin()) {
error("No admins");
}
@@ -21,12 +25,8 @@
$admin->country = $CFG->country;
}
if (!$admin->secret) { // secret field hasn't been set yet
$admin->secret = random_string(15);
if (!set_field("user", "secret", $admin->secret, "id", $admin->id)) {
error("Could not set admin's secret string!");
}
if (empty($CFG->siteidentifier)) { // Unique site identification code
set_config('siteidentifier', random_string(32));
}
@@ -39,7 +39,7 @@
print_header("$site->shortname: $strregistration", "$site->fullname",
"<a href=\"../$CFG->admin/index.php\">$stradministration</a> -> $strregistration");
print_heading($strmanagemodules);
print_heading($strregistration);
print_simple_box($strregistrationinfo, "center", "70%");
echo "<br />";
@@ -60,7 +60,7 @@
echo "<!-- is flagged as a new entry and will be manually checked by the list maintainer -->\n";
echo "<input type=\"hidden\" name=\"url\" value=\"$CFG->wwwroot\">\n";
echo "<input type=\"hidden\" name=\"secret\" value=\"$admin->secret\">\n";
echo "<input type=\"hidden\" name=\"secret\" value=\"$CFG->siteidentifier\">\n";
echo "<input type=\"hidden\" name=\"host\" value=\"".$_SERVER["HTTP_HOST"]."\">\n";
echo "<input type=\"hidden\" name=\"lang\" value=\"".current_language()."\">\n";
echo "</td></tr>\n";
+2 -7
View File
@@ -1,4 +1,4 @@
<form method="post" action="site.php" name="form" <?php echo $onsubmit ?>>
<form method="post" action="site.php" name="form">
<table cellpadding=9 cellspacing=0 >
<tr valign=top>
<td align=right><P><?php print_string("fullsitename") ?>:</td>
@@ -111,10 +111,5 @@
<input type="hidden" name="id" value="<?php p($form->id) ?>">
<input type="hidden" name="category" value="<?php p($form->category) ?>">
<input type="hidden" name="format" value="<?php p($form->format) ?>">
<input type="hidden" name="sesskey" value="<?php p($sesskey) ?>">
</form>
<?php
if ($usehtmleditor) {
print_richedit_javascript("form", "summary", "no");
}
?>
+16 -4
View File
@@ -14,6 +14,12 @@
if ($form = data_submitted()) {
if (!empty($USER->id)) { // Additional identity check
if (!confirm_sesskey()) {
error(get_string('confirmsesskeybad', 'error'));
}
}
validate_form($form, $err);
if (count($err) == 0) {
@@ -108,17 +114,23 @@
print_heading($strsitesettings);
}
$defaultformat = FORMAT_HTML;
if ($usehtmleditor = can_use_richtext_editor()) {
$onsubmit = "onsubmit=\"copyrichtext(form.summary);\"";
if (empty($USER->id)) { // New undefined admin user
$USER->htmleditor = true;
$sesskey = '';
} else {
$onsubmit = "";
$sesskey = $USER->sesskey;
}
$usehtmleditor = can_use_html_editor();
$defaultformat = FORMAT_HTML;
print_simple_box_start("center", "", "$THEME->cellheading");
include("site.html");
print_simple_box_end();
if ($usehtmleditor) {
use_html_editor();
}
if (!$firsttime) {
print_footer();
}
+5 -4
View File
@@ -17,7 +17,7 @@
print_heading("");
if (isset($zone)) {
if (isset($zone) and confirm_sesskey()) {
$db->debug = true;
echo "<center>";
execute_sql("UPDATE {$CFG->prefix}user SET timezone = '$zone'");
@@ -47,11 +47,12 @@
}
}
echo "<center><form action=timezone.php method=get>";
echo '<center><form action="timezone.php" method="get">';
echo "$strusers ($strall): ";
choose_from_menu ($timezones, "zone", $user->timezone, get_string("serverlocaltime"), "", "99");
echo "<input type=submit value=\"$strsavechanges\">";
echo "</form>";
echo "<input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\">";
echo "<input type=\"submit\" value=\"$strsavechanges\">";
echo "</form></center>";
print_footer();
+3 -1
View File
@@ -33,10 +33,12 @@
if (empty($_GET['confirm'])) {
notice_yesno(get_string("upgradelogsinfo", "admin"),
"upgradelogs.php?confirm=true",
"upgradelogs.php?confirm=true&sesskey=$USER->sesskey",
"index.php");
print_footer();
exit;
} else if (!confirm_sesskey()) {
error(get_string('confirmsesskeybad', 'error'));
}
+15 -6
View File
@@ -17,6 +17,10 @@
error("Could not find site-level course");
}
if (!confirm_sesskey()) {
error(get_string('confirmsesskeybad', 'error'));
}
if (!$adminuser = get_admin()) {
error("Could not find site admin");
}
@@ -105,7 +109,7 @@
foreach ($header as $i => $h) {
$h = trim($h); $header[$i] = $h; // remove whitespace
if (!($required[$h] or $optionalDefaults[$h] or $optional[$h])) {
error(get_string('invalidfieldname', 'error', $h), 'uploaduser.php');
error(get_string('invalidfieldname', 'error', $h), 'uploaduser.php?sesskey='.$USER->sesskey);
}
if ($required[$h]) {
$required[$h] = 2;
@@ -114,7 +118,7 @@
// check for required fields
foreach ($required as $key => $value) {
if ($value < 2) {
error(get_string('fieldrequired', 'error', $key), 'uploaduser.php');
error(get_string('fieldrequired', 'error', $key), 'uploaduser.php?sesskey='.$USER->sesskey);
}
}
$linenum = 2; // since header is line 1
@@ -139,13 +143,17 @@
// check for required values
if ($required[$name] and !$value) {
error(get_string('missingfield', 'error', $name). " ".
get_string('erroronline', 'error', $linenum),
'uploaduser.php');
get_string('erroronline', 'error', $linenum) .". ".
get_string('processingstops', 'error'),
'uploaduser.php?sesskey='.$USER->sesskey);
}
// password needs to be encrypted
else if ($name == "password") {
$user->password = md5($value);
}
else if ($name == "username") {
$user->username = addslashes(moodle_strtolower($value));
}
// normal entry
else {
$user->{$name} = addslashes($value);
@@ -166,7 +174,7 @@
$addgroup[2] = $user->group3;
$addgroup[3] = $user->group4;
$addgroup[4] = $user->group5;
$courses = get_courses("all");
$courses = get_courses("all",'c.sortorder','c.id,c.shortname,c.fullname,c.sortorder');
for ($i=0; $i<5; $i++) {
$courseid[$i]=0;
}
@@ -177,7 +185,7 @@
}
}
}
if (! $user->id = insert_record("user", $user)) {
if (get_record("user","username",$username) || !($user->id = insert_record("user", $user))) {
if (!$user = get_record("user", "username", "changeme")) { // half finished user from another time
//Record not added - probably because user is already registered
//In this case, output userid from previous registration
@@ -258,6 +266,7 @@
echo '<center>';
echo '<form method="post" enctype="multipart/form-data" action="uploaduser.php">'.
$strchoose.':<input type="hidden" name="MAX_FILE_SIZE" value="'.$maxuploadsize.'">'.
'<input type="hidden" name="sesskey" value="'.$USER->sesskey.'">'.
'<input type="file" name="userfile" size=30>'.
'<input type="submit" value="'.$struploadusers.'">'.
'</form></br>';
+14 -8
View File
@@ -10,6 +10,9 @@
optional_variable($dir, "ASC");
optional_variable($page, 0);
optional_variable($search, "");
if (!empty($search)) {
$search=trim($search);
}
optional_variable($lastinitial, ""); // only show students with this last initial
optional_variable($firstinitial, ""); // only show students with this first initial
optional_variable($perpage, "30"); // how many per page
@@ -18,6 +21,8 @@
unset($admin);
unset($teacher);
$search = trim($search);
if (! record_exists("user_admins")) { // No admin user yet
$user->firstname = get_string("admin");
@@ -61,6 +66,7 @@
$USER->admin = true;
$USER->teacher["$site->id"] = true;
$USER->newadminuser = true;
set_user_sesskey(); // for added security, used to check script parameters
redirect("$CFG->wwwroot/user/edit.php?id=$user->id&course=$site->id");
exit;
@@ -77,7 +83,7 @@
error("You must be an administrator to edit users this way.");
}
if ($newuser) { // Create a new user
if ($newuser and confirm_sesskey()) { // Create a new user
$user->auth = "manual";
$user->firstname = "";
$user->lastname = "";
@@ -118,7 +124,7 @@
"<a href=\"users.php\">$strusers</a> -> $stredituser");
}
if ($confirmuser) {
if ($confirmuser and confirm_sesskey()) {
if (!$user = get_record("user", "id", "$confirmuser")) {
error("No such user!");
}
@@ -134,7 +140,7 @@
notify(get_string("usernotconfirmed", "", fullname($user, true)));
}
} else if ($delete) { // Delete a selected user, after confirmation
} else if ($delete and confirm_sesskey()) { // Delete a selected user, after confirmation
if (!$user = get_record("user", "id", "$delete")) {
error("No such user!");
}
@@ -147,7 +153,7 @@
if ($confirm != md5($delete)) {
$fullname = fullname($user, true);
notice_yesno(get_string("deletecheckfull", "", "'$fullname'"),
"user.php?delete=$delete&confirm=".md5($delete), "user.php");
"user.php?delete=$delete&confirm=".md5($delete)."&sesskey=$USER->sesskey", "user.php");
exit;
} else if (!$user->deleted) {
@@ -300,7 +306,7 @@
if ($user->id == $USER->id or $user->username == "changeme") {
$deletebutton = "";
} else {
$deletebutton = "<a href=\"user.php?delete=$user->id\">$strdelete</a>";
$deletebutton = "<a href=\"user.php?delete=$user->id&sesskey=$USER->sesskey\">$strdelete</a>";
}
if ($user->lastaccess) {
$strlastaccess = format_time(time() - $user->lastaccess);
@@ -308,7 +314,7 @@
$strlastaccess = get_string("never");
}
if ($user->confirmed == 0) {
$confirmbutton = "<a href=\"user.php?confirmuser=$user->id\">" . get_string("confirm") . "</a>";
$confirmbutton = "<a href=\"user.php?confirmuser=$user->id&sesskey=$USER->sesskey\">" . get_string("confirm") . "</a>";
} else {
$confirmbutton = "";
}
@@ -333,7 +339,7 @@
echo "</form>";
echo "</td></tr></table>";
if (is_internal_auth()){
print_heading("<a href=\"user.php?newuser=true\">".get_string("addnewuser")."</a>");
print_heading("<a href=\"user.php?newuser=true&sesskey=$USER->sesskey\">".get_string("addnewuser")."</a>");
}
print_table($table);
@@ -345,7 +351,7 @@
}
if (is_internal_auth()){
print_heading("<a href=\"user.php?newuser=true\">".get_string("addnewuser")."</a>");
print_heading("<a href=\"user.php?newuser=true&sesskey=$USER->sesskey\">".get_string("addnewuser")."</a>");
}
print_footer();
+8 -8
View File
@@ -22,27 +22,27 @@
$table->align = array ("right", "left");
$table->data[] = array("<b><a href=\"auth.php\">".get_string("authentication")."</a></b>",
$table->data[] = array("<b><a href=\"auth.php?sesskey=$USER->sesskey\">".get_string("authentication")."</a></b>",
get_string("adminhelpauthentication"));
$table->data[] = array("<b><a href=\"user.php\">".get_string("edituser")."</a></b>",
get_string("adminhelpedituser"));
if (is_internal_auth()) {
$table->data[] = array("<b><a href=\"$CFG->wwwroot/$CFG->admin/user.php?newuser=true\">".get_string("addnewuser")."</a></b>",
$table->data[] = array("<b><a href=\"$CFG->wwwroot/$CFG->admin/user.php?newuser=true&sesskey=$USER->sesskey\">".get_string("addnewuser")."</a></b>",
get_string("adminhelpaddnewuser"));
$table->data[] = array("<b><a href=\"$CFG->wwwroot/$CFG->admin/uploaduser.php\">".get_string("uploadusers")."</a></b>",
$table->data[] = array("<b><a href=\"$CFG->wwwroot/$CFG->admin/uploaduser.php?sesskey=$USER->sesskey\">".get_string("uploadusers")."</a></b>",
get_string("adminhelpuploadusers"));
}
$table->data[] = array('', '<hr />');
$table->data[] = array("<b><a href=\"enrol.php\">".get_string("enrolments")."</a></b>",
$table->data[] = array("<b><a href=\"enrol.php?sesskey=$USER->sesskey\">".get_string("enrolments")."</a></b>",
get_string("adminhelpenrolments"));
$table->data[] = array("<b><a href=\"../course/index.php?edit=off\">".get_string("assignstudents")."</a></b>",
$table->data[] = array("<b><a href=\"../course/index.php?edit=off&sesskey=$USER->sesskey\">".get_string("assignstudents")."</a></b>",
get_string("adminhelpassignstudents"));
$table->data[] = array("<b><a href=\"../course/index.php?edit=on\">".get_string("assignteachers")."</a></b>",
$table->data[] = array("<b><a href=\"../course/index.php?edit=on&sesskey=$USER->sesskey\">".get_string("assignteachers")."</a></b>",
get_string("adminhelpassignteachers")." <img src=\"../pix/t/user.gif\" height=11 width=11>");
$table->data[] = array("<b><a href=\"creators.php\">".get_string("assigncreators")."</a></b>",
$table->data[] = array("<b><a href=\"creators.php?sesskey=$USER->sesskey\">".get_string("assigncreators")."</a></b>",
get_string("adminhelpassigncreators"));
$table->data[] = array("<b><a href=\"admin.php\">".get_string("assignadmins")."</a></b>",
$table->data[] = array("<b><a href=\"admin.php?sesskey=$USER->sesskey\">".get_string("assignadmins")."</a></b>",
get_string("adminhelpassignadmins"));
print_table($table);
+4 -2
View File
@@ -12,7 +12,9 @@ function auth_user_login ($username, $password) {
// two databases of the same kind ... it seems to get confused when trying to access
// the first database again, after having accessed the second.
// The following hack will make the database explicit which keeps it happy
$CFG->prefix = "$CFG->dbname.$CFG->prefix";
if ($CFG->dbtype != 'postgres7') {
$CFG->prefix = "$CFG->dbname.$CFG->prefix";
}
// Connect to the external database
$authdb = &ADONewConnection($CFG->auth_dbtype);
@@ -65,7 +67,7 @@ function auth_get_userinfo($username){
if ($rs = $authdb->Execute("SELECT ".$config["auth_user_$field"]." FROM $CFG->auth_dbtable
WHERE $CFG->auth_dbfielduser = '$username'")) {
if ( $rs->RecordCount() == 1 ) {
$result["$field"] = $rs->fields[$config["auth_user_$field"]];
$result["$field"] = $rs->fields[0];
}
}
}
+20 -4
View File
@@ -132,7 +132,7 @@ function auth_get_userinfo($username){
$user_entry = ldap_get_entries($ldap_connection, $user_info_result);
foreach ($attrmap as $key=>$value){
if(isset($user_entry[0][strtolower($value)][0])){
$result[$key]=$user_entry[0][strtolower($value)][0];
$result[$key]=addslashes(stripslashes(utf8_decode($user_entry[0][strtolower($value)][0])));
}
}
$result['guid']='ldap';
@@ -221,6 +221,11 @@ function auth_get_users($filter='*') {
foreach ($contexts as $context) {
$context = trim($context);
if (empty($context)) {
continue;
}
if ($CFG->ldap_search_sub) {
//use ldap_search to find first user from subtree
@@ -368,7 +373,7 @@ function auth_iscreator($username=0) {
}
if ((! $CFG->ldap_creators) OR (! $CFG->ldap_memberattribute)) {
return false;
return null;
}
return auth_ldap_isgroupmember($username, $CFG->ldap_creators);
@@ -396,7 +401,10 @@ function auth_ldap_isgroupmember ($username='', $groupdns='') {
//build filter
$filter = "(& ($CFG->ldap_user_attribute=$username)(|";
foreach ($groups as $group){
$filter .= "($CFG->ldap_memberattribute=$group)";
$group = trim($group);
if(!empty($group)) {
$filter .= "($CFG->ldap_memberattribute=$group)";
}
}
$filter .= "))";
//search
@@ -473,7 +481,10 @@ function auth_ldap_find_userdn ($ldap_connection, $username){
foreach ($ldap_contexts as $context) {
$context == trim($context);
$context = trim($context);
if (empty($context)) {
continue;
}
if ($CFG->ldap_search_sub){
//use ldap_search to find first user from subtree
@@ -539,6 +550,11 @@ function auth_ldap_get_userlist($filter="*") {
foreach ($contexts as $context) {
$context = trim($context);
if (empty($context)) {
continue;
}
if ($CFG->ldap_search_sub) {
//use ldap_search to find first user from subtree
$ldap_result = ldap_search($ldap_connection, $context,
+9
View File
@@ -0,0 +1,9 @@
<tr valign="top">
<td align="right"><p><?php print_string("instructions", "auth") ?>:</p></td>
<td><textarea name="auth_instructions" cols="30" rows="10" wrap="virtual"><?php p($config->auth_instructions) ?></textarea>
</td>
<td>
<?php print_string("authinstructions","auth") ?>
<?php helpbutton("text", get_string("helptext")) ?>
</td>
</tr>
+42
View File
@@ -0,0 +1,42 @@
<?PHP // $Id$
//
// PAM (Pluggable Authentication Modules) for Moodle
//
// Description:
// Authentication by using the PHP4 PAM module:
// http://www.math.ohio-state.edu/~ccunning/pam_auth/
//
// Version 0.2: 2004/09/01 by Martin Vögeli (stable version)
// Version 0.1: 2004/08/30 by Martin Vögeli (first draft)
//
// Contact: martinvoegeli@gmx.ch
// Website 1: http://elearning.zhwin.ch/
// Website 2: http://birdy1976.com/
//
// License: GPL License v2
// // // // // // // // // // // // // // // // // // //
function auth_user_login ($username, $password) {
global $CFG;
// returns true if the username and password work
// and false if they are wrong or don't exist
// variable to store possible errors during authentication
$strErrorPAM = " ";
// the maximal length of returned messages is 512
// let's double the number to give it enough space ;)
// (the errror variable is passed by reference)
for ($i = 1; $i <= 1024; $i++) {
$strErrorPAM += "{$strErrorPAM} ";
}
// just for testing and debugging
// error_reporting(E_ALL);
// finally the actual authentication part...
if (pam_auth($username, $password, &$strErrorPAM)) {
// authentication success
return true;
} else {
// authentication failure
return false;
}
}
?>
+3 -3
View File
@@ -49,11 +49,11 @@
print_header("$site->shortname: $strcoursebackup", $site->fullname,
"<A HREF=\"$CFG->wwwroot/$CFG->admin/index.php\">$stradministration</A> -> $strcoursebackup");
if ($courses = get_courses()) {
if ($courses = get_courses('all','c.shortname','c.id,c.shortname,c.fullname')) {
print_heading(get_string("choosecourse"));
print_simple_box_start("CENTER");
foreach ($courses as $course) {
echo "<A HREF=\"backup.php?id=$course->id\">$course->fullname ($course->shortname)</A><BR>";
echo "<A HREF=\"backup.php?id=$course->id\">$course->fullname ($course->shortname)</A><BR>";
}
print_simple_box_end();
} else {
@@ -88,7 +88,7 @@
//Adjust some php variables to the execution of this script
@ini_set("max_execution_time","3000");
@ini_set("memory_limit","128M");
raise_memory_limit("128M");
//Call the form, depending the step we are
if (!$launch) {
+3 -1
View File
@@ -73,7 +73,7 @@
}
?>
<form name="form" method="post" action="<?php echo $ME ?>">
<form name="form" method="post" action="backup.php">
<table cellpadding=5>
<?php
@@ -115,6 +115,8 @@
$backup_name .= userdate(time(),$backup_date_format,99,false);
//The extension
$backup_name .= ".zip";
//And finally, clean everything
$backup_name = clean_filename($backup_name);
//Add as text field
echo "<input type=\"text\" name=\"backup_name\" size=\"40\" value=\"".$backup_name."\">";
+3 -2
View File
@@ -88,7 +88,8 @@
if (!isset($backup_name)) {
error ("Backup name not specified");
}
$preferences->backup_name = $backup_name;
//We clean it again (to prevent diacritics entered manually)
$preferences->backup_name = clean_filename($backup_name);
if (!isset($backup_unique_code)) {
error ("Backup unique code not specified");
@@ -113,7 +114,7 @@
echo "<td align=\"right\"><P><B>";
echo get_string("name").":";
echo "</B></td><td>";
echo $backup_name;
echo $preferences->backup_name;
echo "</td></tr>";
//Start the main tr, where all the backup progress is done
+1 -1
View File
@@ -73,7 +73,7 @@
?>
<form name="form" method="post" action="<?php echo $ME ?>">
<form name="form" method="post" action="backup.php">
<table cellpadding=5>
<?php
if ($allmods = get_records("modules") ) {
+82 -33
View File
@@ -54,9 +54,31 @@ function schedule_backup_cron() {
$status = false;
}
//Delete old_entries from backup tables
if ($status) {
mtrace(" Deleting old data");
$status = backup_delete_old_data();
}
//Now we get a list of courses in the server
if ($status) {
mtrace(" Checking courses");
//First of all, we delete everything from backup tables related to deleted courses
mtrace(" Skipping deleted courses");
$skipped = 0;
if ($bckcourses = get_records('backup_courses')) {
foreach($bckcourses as $bckcourse) {
//Search if it exists
if (!$exists = get_record('course', 'id', "$bckcourse->courseid")) {
//Doesn't exist, so delete from backup tables
delete_records('backup_courses', 'courseid', "$bckcourse->courseid");
delete_records('backup_log', 'courseid', "$bckcourse->courseid");
$skipped++;
}
}
}
mtrace(" $skipped courses");
//Now process existing courses
$courses = get_records("course");
//For each course, we check (insert, update) the backup_course table
//with needed data
@@ -79,20 +101,25 @@ function schedule_backup_cron() {
}
//Now we backup every course with nextstarttime < now
if ($backup_course->nextstarttime > 0 && $backup_course->nextstarttime < $now) {
//Set laststarttime
$starttime = time();
set_field("backup_courses","laststarttime",$starttime,"courseid",$backup_course->courseid);
//Launch backup
$course_status = schedule_backup_launch_backup($course,$starttime);
//We have to send a email because we have included at least one backup
$emailpending = true;
//Set lastendtime
set_field("backup_courses","lastendtime",time(),"courseid",$backup_course->courseid);
//Set laststatus
if ($course_status) {
set_field("backup_courses","laststatus","1","courseid",$backup_course->courseid);
} else {
set_field("backup_courses","laststatus","0","courseid",$backup_course->courseid);
//Only make the backup if laststatus isn't 2-UNFINISHED (uncontrolled error)
if ($backup_course->laststatus != 2) {
//Set laststarttime
$starttime = time();
set_field("backup_courses","laststarttime",$starttime,"courseid",$backup_course->courseid);
//Set course status to unfinished, the process will reset it
set_field("backup_courses","laststatus","2","courseid",$backup_course->courseid);
//Launch backup
$course_status = schedule_backup_launch_backup($course,$starttime);
//Set lastendtime
set_field("backup_courses","lastendtime",time(),"courseid",$backup_course->courseid);
//Set laststatus
if ($course_status) {
set_field("backup_courses","laststatus","1","courseid",$backup_course->courseid);
} else {
set_field("backup_courses","laststatus","0","courseid",$backup_course->courseid);
}
}
}
@@ -117,25 +144,47 @@ function schedule_backup_cron() {
delete_records_select("backup_log", "laststarttime < '$loglifetime'");
}
//Send email to admin
//Send email to admin if necessary
if ($emailpending) {
mtrace(" Sending email to admin");
$message = "";
//Build the message text (future versions should handle html messages too!!)
$logs = get_records_select ("backup_log","laststarttime >= '$now'","id");
if ($logs) {
$currentcourse = 1;
foreach ($logs as $log) {
if ($currentcourse != $log->courseid) {
$message .= "\n==================================================\n\n";
$currentcourse = $log->courseid;
}
$message .= userdate($log->time,"%T",$admin->timezone)." ".$log->info."\n";
}
//Get info about the status of courses
$count_all = count_records('backup_courses');
$count_ok = count_records('backup_courses','laststatus','1');
$count_error = count_records('backup_courses','laststatus','0');
$count_unfinished = count_records('backup_courses','laststatus','2');
//Build the message text
//Summary
$message .= get_string('summary')."\n";
$message .= "==================================================\n";
$message .= " ".get_string('courses').": ".$count_all."\n";
$message .= " ".get_string('ok').": ".$count_ok."\n";
$message .= " ".get_string('error').": ".$count_error."\n";
$message .= " ".get_string('unfinished').": ".$count_unfinished."\n\n";
//Reference
if ($count_error != 0 || $count_unfinished != 0) {
$message .= " ".get_string('backupfailed')."\n\n";
$dest_url = $CFG->wwwroot.'/backup/log.php';
$message .= " ".get_string('backuptakealook','',$dest_url)."\n\n";
//Reset unfinished to error
set_field('backup_courses','laststatus','0','laststatus','2');
} else {
$message .= " ".get_string('backupfinished')."\n";
}
//Send the message
//Build the message subject
$site = get_site();
email_to_user($admin,$admin,"$site->shortname: ".get_string("scheduledbackupstatus"),$message);
$prefix = $site->shortname.": ";
if ($count_error != 0 || $count_unfinished != 0) {
$prefix .= "[".strtoupper(get_string('error'))."] ";
}
$subject = $prefix.get_string("scheduledbackupstatus");
//Send the message
email_to_user($admin,$admin,$subject,$message);
}
@@ -161,6 +210,7 @@ function schedule_backup_launch_backup($course,$starttime = 0) {
schedule_backup_log($starttime,$course->id," Phase 2: Executing and copying:");
$status = schedule_backup_course_execute($preferences,$starttime);
}
if ($status && $preferences) {
//Only if the backup_sche_keep is set
if ($preferences->backup_keep) {
@@ -168,6 +218,7 @@ function schedule_backup_launch_backup($course,$starttime = 0) {
$status = schedule_backup_course_delete_old_files($preferences,$starttime);
}
}
if ($status && $preferences) {
mtrace(" End backup OK");
schedule_backup_log($starttime,$course->id,"End backup course $course->fullname - OK");
@@ -187,7 +238,7 @@ function schedule_backup_log($starttime,$courseid,$message) {
$log->courseid = $courseid;
$log->time = time();
$log->laststarttime = $starttime;
$log->info = $message;
$log->info = addslashes($message);
insert_record ("backup_log",$log);
}
@@ -374,11 +425,15 @@ function schedule_backup_course_configure($course,$starttime = 0) {
$backup_name .= userdate(time(),$backup_date_format,99,false);
//The extension
$backup_name .= ".zip";
//And finally, clean everything
$backup_name = clean_filename($backup_name);
//Calculate the string to match the keep preference
$keep_name = $backup_word."-";
//The shortname
$keep_name .= strtolower($backup_shortname)."-";
//And finally, clean everything
$keep_name = clean_filename($keep_name);
$preferences->backup_name = $backup_name;
$preferences->keep_name = $keep_name;
@@ -485,12 +540,6 @@ function schedule_backup_course_execute($preferences,$starttime = 0) {
$status = clear_backup_dir($preferences->backup_unique_code);
}
//Delete old_entries from backup tables
if ($status) {
schedule_backup_log($starttime,$preferences->backup_course," cleaning old data");
$status = backup_delete_old_data();
}
//Create the moodle.xml file
if ($status) {
schedule_backup_log($starttime,$preferences->backup_course," creating backup file");
+25 -42
View File
@@ -9,7 +9,7 @@
$status = true;
$status = execute_sql("INSERT INTO {$CFG->prefix}backup_ids
(backup_code, table_name, old_id)
SELECT DISTINCT '$backup_unique_code','quiz_categories',t.category
SELECT DISTINCT $backup_unique_code,'quiz_categories',t.category
FROM {$CFG->prefix}quiz_questions t,
{$CFG->prefix}quiz_question_grades g,
{$CFG->prefix}quiz q
@@ -261,8 +261,9 @@
$rootdir = $CFG->dataroot."/users";
//Check if directory exists
if (is_dir($rootdir)) {
$coursedirs = get_directory_list($rootdir);
foreach ($coursedirs as $dir) {
//Get directories without descend
$userdirs = get_directory_list($rootdir,"",false,true,false);
foreach ($userdirs as $dir) {
//Extracts user id from file path
$tok = strtok($dir,"/");
if ($tok) {
@@ -313,7 +314,8 @@
$rootdir = $CFG->dataroot."/$course";
//Check if directory exists
if (is_dir($rootdir)) {
$coursedirs = get_directory_list($rootdir,$CFG->moddata);
//Get files and directories without descend
$coursedirs = get_directory_list($rootdir,$CFG->moddata,false,true,true);
$backupdata_dir = "backupdata";
foreach ($coursedirs as $dir) {
//Check it isn't backupdata_dir
@@ -464,6 +466,13 @@
fwrite ($bf,full_tag("DATE",2,false,$preferences->backup_unique_code));
//The original site wwwroot
fwrite ($bf,full_tag("ORIGINAL_WWWROOT",2,false,$CFG->wwwroot));
//The zip method used
if (!empty($CFG->zip)) {
$zipmethod = 'external';
} else {
$zipmethod = 'internal';
}
fwrite ($bf,full_tag("ZIP_METHOD",2,false,$zipmethod));
//Te includes tag
fwrite ($bf,start_tag("DETAILS",2,true));
//Now, go to mod element of preferences to print its status
@@ -1057,8 +1066,10 @@
fwrite ($bf,full_tag("TIMECREATED",4,false,$group->timecreated));
fwrite ($bf,full_tag("TIMEMODIFIED",4,false,$group->timemodified));
//Now, backup groups_members
$status2 = backup_groups_members_info($bf,$preferences,$group->id);
//Now, backup groups_members, only if users are included
if ($preferences->backup_users != 2) {
$status2 = backup_groups_members_info($bf,$preferences,$group->id);
}
//End group tag
fwrite ($bf,end_tag("GROUP",3,true));
@@ -1260,48 +1271,20 @@
$status = true;
//Base dir where everything happens
$basedir = $CFG->dataroot."/temp/backup/".$preferences->backup_unique_code;
$basedir = cleardoubleslashes($CFG->dataroot."/temp/backup/".$preferences->backup_unique_code);
//Backup zip file name
$name = $preferences->backup_name;
//List base_dir files and directories
//List of files and directories
$filelist = list_directories_and_files ($basedir);
if (empty($CFG->zip)) { // Use built-in php-based zip function
//echo "<br>Using pclzip"; //Debug
$files = array();
foreach ($filelist as $file) {
//If directory, append "/"
//Commented. Not needed wit version 2.0 of pclzip !!
//if (is_dir($basedir."/".$file)) {
// $file = $file."/";
//}
//Include into array
//echo "<br>Adding file/dir ".$file; //Debug
$files[] = $basedir."/".$file;
}
include_once("$CFG->dirroot/lib/pclzip/pclzip.lib.php");
//include_once("$CFG->dirroot/lib/pclzip/pclerror.lib.php"); //Debug
//include_once("$CFG->dirroot/lib/pclzip/pcltrace.lib.php"); //Debug
//PclTraceOn(2); //Debug
$archive = new PclZip("$basedir/$name");
if (($list = $archive->create($files,PCLZIP_OPT_REMOVE_PATH,$basedir)) == 0) {
error($archive->errorInfo(true));
$status = false;
}
//PclTraceDisplay(); //Debug
//PclTraceOff(); //Debug
} else { // Use external zip program
//echo "<br>Using external zip"; //Debug
$files = "";
foreach ($filelist as $file) {
$files .= basename($file);
$files .= " ";
}
$command = "cd $basedir ; $CFG->zip -r $name $files";
//echo "<br>Executing command: ".$command; //Debug
$status = Exec($command);
//Convert them to full paths
$files = array();
foreach ($filelist as $file) {
$files[] = "$basedir/$file";
}
$status = zip_files($files, "$basedir/$name");
//echo "<br>Status: ".$status; //Debug
return $status;
+1
View File
@@ -82,6 +82,7 @@
$keep_array[500] = "500";
?>
<form method="post" action="backup.php" name="form">
<?php echo "<input type=\"hidden\" name=\"sesskey\" value=\"".$USER->sesskey."\">"; ?>
<table cellpadding=9 cellspacing=0 >
<tr valign=top>
+3 -2
View File
@@ -56,7 +56,8 @@
global $CFG;
$status = true;
$list = get_directory_list($CFG->dataroot."/temp/backup", "", false);
//Get files and directories in the temp backup dir witout descend
$list = get_directory_list($CFG->dataroot."/temp/backup", "", false, true, true);
foreach ($list as $file) {
$file_path = $CFG->dataroot."/temp/backup/".$file;
$moddate = filemtime($file_path);
@@ -455,7 +456,7 @@
"old_id", $old_id);
//If info field = "infile", get file contents
if ($status->info == "infile") {
if ($status && $status->info == "infile") {
$filename = $CFG->dataroot."/temp/backup/".$backup_unique_code."/".$backup_unique_code."_".$table."_".$old_id.".info";
//Read data from file
$status2 = backup_file2data($filename,$info);
+9 -6
View File
@@ -28,6 +28,7 @@
$strftimetime = get_string("strftimetime").":%S";
$strerror = get_string("error");
$strok = get_string("ok");
$strunfinished = get_string("unfinished");
$strcourse = get_string("course");
$strtimetaken = get_string("timetaken","quiz");
$strstatus = get_string("status");
@@ -39,7 +40,7 @@
print_header("$site->shortname: $strconfiguration: $strbackup", $site->fullname,
"<a href=\"../$CFG->admin/index.php\">$stradmin</a> -> ".
"<a href=\"../$CFG->admin/configure.php\">$strconfiguration</a> -> ".
"<a href=\"../$CFG->admin/backup.php\">$strbackup</a> -> ".
"<a href=\"../$CFG->admin/backup.php?sesskey=$USER->sesskey\">$strbackup</a> -> ".
$strlogs);
print_heading($backuploglaststatus);
@@ -66,10 +67,12 @@
echo "<td nowrap><font size=2>".userdate($course->laststarttime,$strftimedatetime)."</td>";
echo "<td nowrap><font size=2> - </td>";
echo "<td nowrap><font size=2>".userdate($course->lastendtime,$strftimedatetime)."</td>";
if (!$course->laststatus) {
echo "<td nowrap align=center><font size=2 color=red>".$strerror."</td>";
} else {
if ($course->laststatus == 1) {
echo "<td nowrap align=center><font size=2 color=green>".$strok."</td>";
} else if ($course->laststatus == 2) {
echo "<td nowrap align=center><font size=2 color=red>".$strunfinished."</td>";
} else {
echo "<td nowrap align=center><font size=2 color=red>".$strerror."</td>";
}
echo "<td nowrap><font size=2>".userdate($course->nextstarttime,$strftimedatetime)."</td>";
echo "</tr>";
@@ -83,7 +86,7 @@
print_header("$site->shortname: $strconfiguration: $strbackup", $site->fullname,
"<a href=\"../$CFG->admin/index.php\">$stradmin</a> -> ".
"<a href=\"../$CFG->admin/configure.php\">$strconfiguration</a> -> ".
"<a href=\"../$CFG->admin/backup.php\">$strbackup</a> -> ".
"<a href=\"../$CFG->admin/backup.php?sesskey=$USER->sesskey\">$strbackup</a> -> ".
"<a href=\"log.php\">$strlogs</a> -> ".
$strbackupdetails);
@@ -115,7 +118,7 @@
FROM {$CFG->prefix}backup_log
WHERE courseid = '$courseid' AND
laststarttime = '$execution->laststarttime'
ORDER BY time");
ORDER BY id");
if ($logs) {
foreach ($logs as $log) {
echo "<tr nowrap>";
+9 -1
View File
@@ -95,7 +95,7 @@
//Adjust some php variables to the execution of this script
@ini_set("max_execution_time","3000");
@ini_set("memory_limit","128M");
raise_memory_limit("128M");
//Call the form, depending the step we are
if (!$launch) {
@@ -104,7 +104,15 @@
include_once("restore_form.html");
} else if ($launch == "check") {
include_once("restore_check.html");
//To avoid multiple restore executions...
$SESSION->cancontinue = true;
} else if ($launch == "execute") {
//Prevent multiple restore executions...
if (empty($SESSION->cancontinue)) {
error("Multiple restore execution not allowed!");
}
//Unset this for the future
unset($SESSION->cancontinue);
include_once("restore_execute.html");
}
print_simple_box_end();
+8 -8
View File
@@ -116,18 +116,18 @@
}
//Depending the selected restoreto:
// If user is a teacher (and nor admin):
// If user is a teacher (and not creator):
// 0-Current course, deleting: Put $restore->course_id and $restore->deleting (true), create the restore object
// 1-Current course, adding: Put $restore->course_id and $restore->deleting (false), create the restore object
// If the uses is an admin:
// If the uses is a creator:
// 0-Existing course, deleting: Select the destination course and launch the check again, then
// put $restore->course_id and $restore->deleting (true), create the restore object.
// 1-Existing course, adding: Select the destination course and launch the check again, then
// put $restore->course_id and $restore->deleting (false), create the restore object.
// 2-New course: Create the restore object and launch the execute.
//If the user is a teacher and not an admin
if (isteacher($id) and !isadmin()) {
//If the user is a teacher and not a creator
if (isteacheredit($id) and !iscreator()) {
$restore->course_id = $id;
if ($restore->restoreto == 0) {
$restore->deleting = true;
@@ -136,8 +136,8 @@
}
}
//If the user is an admin
if (isadmin()) {
//If the user is a creator (or admin)
if (iscreator()) {
//Set restore->deleting as needed
if ($restore->restoreto == 0) {
$restore->deleting = true;
@@ -147,8 +147,8 @@
}
//Now, select the course if needed
if (($restore->restoreto == 0 or $restore->restoreto == 1) and ($restore->course_id == 0) and (isadmin())) {
if ($courses = get_courses("all","c.fullname")) {
if (($restore->restoreto == 0 or $restore->restoreto == 1) and ($restore->course_id == 0) and (iscreator())) {
if ($courses = get_courses("all","c.fullname","c.id,c.fullname,c.shortname")) {
print_heading(get_string("choosecourse"));
print_simple_box_start("CENTER");
foreach ($courses as $course) {
+12
View File
@@ -64,6 +64,7 @@
//Saving conversion id variables into backup_tables
if ($restore->restoreto == 2) {
echo "<li>".get_string("creatingnewcourse");
$oldidnumber = $course_header->course_idnumber;
if (!$status = restore_create_new_course($restore,$course_header)) {
notify("Error while creating the new empty course.");
}
@@ -72,6 +73,9 @@
echo "<ul>";
echo "<li>".$course_header->course_fullname." (".$course_header->course_shortname.")";
echo "<li>".get_string("category").": ".$course_header->category->name;
if (!empty($oldidnumber)) {
echo "<li>".get_string("nomoreidnumber","moodle",$oldidnumber)."</li>";
}
echo "</ul>";
//Put the destination course_id
$restore->course_id = $course_header->course_id;
@@ -290,6 +294,7 @@
//Now if all is OK, update:
// - course modinfo field
// - categories table
// - add user as teacher
if ($status) {
echo "<li>".get_string("checkingcourse");
//modinfo field
@@ -297,6 +302,13 @@
//categories table
$course = get_record("course","id",$restore->course_id);
fix_course_sortorder();
//Make the user a teacher if the course hasn't teachers (bug 2381)
if (!isadmin()) {
if (!$checktea = get_records('user_teachers','course', $restore->course_id)) {
//Add the teacher to the course
$status = add_teacher($USER->id, $restore->course_id);
}
}
}
//Cleanup temps (files and db)
+3 -3
View File
@@ -113,7 +113,7 @@ function selectItemInMenuByName(formId, menuName, selectIndex ) {
-->
</script>
<form name="form1" id="form1" method="post" action="<?php echo $ME ?>">
<form name="form1" id="form1" method="post" action="restore.php">
<table cellpadding=5>
<?php
@@ -123,11 +123,11 @@ function selectItemInMenuByName(formId, menuName, selectIndex ) {
echo "<td align=\"right\"><P><b>";
echo get_string("restoreto").":</b>";
echo "</td><td>";
if (isteacheredit($id) and !isadmin()) {
if (isteacheredit($id) and !iscreator()) {
$restore_restoreto_options[0] = get_string("currentcoursedeleting");
$restore_restoreto_options[1] = get_string("currentcourseadding");
}
if (isadmin()) {
if (iscreator()) {
$restore_restoreto_options[0] = get_string("existingcoursedeleting");
$restore_restoreto_options[1] = get_string("existingcourseadding");
$restore_restoreto_options[2] = get_string("newcourse");
+28 -30
View File
@@ -5,27 +5,8 @@
//It automatically uses pclzip or command line unzip
function restore_unzip ($file) {
global $CFG;
return unzip_file($file, '', false);
$status = true;
if (empty($CFG->unzip)) { // Use built-in php-based unzip function
include_once("$CFG->dirroot/lib/pclzip/pclzip.lib.php");
//include_once("$CFG->dirroot/lib/pclzip/pclerror.lib.php"); //Debug
//include_once("$CFG->dirroot/lib/pclzip/pcltrace.lib.php"); //Debug
//PclTraceOn(2); //Debug
$archive = new PclZip($file);
if (!$list = $archive->extract(dirname($file))) {
$status = false;
}
//PclTraceDisplay(); //Debug
//PclTraceOff(); //Debug
} else { // Use external unzip program
$command = "cd ".dirname($file)."; $CFG->unzip -o ".basename($file);
Exec($command);
}
return $status;
}
//This function checks if moodle.xml seems to be a valid xml file
@@ -537,6 +518,7 @@
$course->fullname = addslashes($course_header->course_fullname);
$course->shortname = addslashes($course_header->course_shortname);
$course->idnumber = addslashes($course_header->course_idnumber);
$course->idnumber = ''; //addslashes($course_header->course_idnumber); // we don't want this at all.
$course->summary = restore_decode_absolute_links(addslashes($course_header->course_summary));
$course->format = addslashes($course_header->course_format);
$course->showgrades = addslashes($course_header->course_showgrades);
@@ -562,6 +544,16 @@
$course->hiddensections = addslashes($course_header->course_hiddensections);
$course->timecreated = addslashes($course_header->course_timecreated);
$course->timemodified = addslashes($course_header->course_timemodified);
//Calculate sortorder field
$sortmax = get_record_sql('SELECT MAX(sortorder) AS max
FROM ' . $CFG->prefix . 'course
WHERE category=' . $course->category);
if (!empty($sortmax->max)) {
$course->sortorder = $sortmax->max + 1;
unset($sortmax);
} else {
$course->sortorder = 100;
}
//Adjust blockinfo field.
//If the info doesn't exist in backup, we create defaults, else we recode it
//to current site blocks.
@@ -946,13 +938,16 @@
if ($info !== true) {
//Iterate over each category
foreach ($info as $category) {
$catrestore = "quiz_restore_question_categories";
if (function_exists($catrestore)) {
//print_object ($category); //Debug
$status = $catrestore($category,$restore);
} else {
//Something was wrong. Function should exist.
$status = false;
//Skip empty categories (some backups can contain them)
if (!empty($category->id)) {
$catrestore = "quiz_restore_question_categories";
if (function_exists($catrestore)) {
//print_object ($category); //Debug
$status = $catrestore($category,$restore);
} else {
//Something was wrong. Function should exist.
$status = false;
}
}
}
}
@@ -1116,8 +1111,11 @@
backup_putid($restore->backup_unique_code,"group",
$group->id, $newid);
}
//Now restore members in the groups_members
$status2 = restore_create_groups_members($newid,$info,$restore);
//Now restore members in the groups_members, only if
//users are included
if ($restore->users != 2) {
$status2 = restore_create_groups_members($newid,$info,$restore);
}
}
}
}
@@ -2961,7 +2959,7 @@
$status = true;
$xml_parser = xml_parser_create();
$xml_parser = xml_parser_create('UTF-8');
$moodle_parser = new MoodleParser();
$moodle_parser->todo = $todo;
$moodle_parser->preferences = $preferences;
+1 -1
View File
@@ -21,7 +21,7 @@
//Adjust some php variables to the execution of this script
@ini_set("max_execution_time","3000");
@ini_set("memory_limit","128M");
raise_memory_limit("128M");
echo "<pre>\n";
+4 -2
View File
@@ -5,6 +5,8 @@
// database (backup_version) to determine whether upgrades should
// be performed (see db/backup_*.php)
$backup_version = 2004083100; // The current version is a date (YYYYMMDDXX)
$backup_version = 2004083124; // YYYYMMDD = date of first major branch release 1.4
// X = point release version 1,2,3 etc
// Y = increments between point releases
$backup_release = "1.4"; // User-friendly version number
$backup_release = "1.4.2"; // User-friendly version number
+11 -5
View File
@@ -21,7 +21,7 @@ class CourseBlock_admin extends MoodleBlock {
if (empty($this->course)) {
$this->content = '';
} else if ($this->course->category == 0) {
} else if ($this->course->id == SITEID) {
$this->load_content_for_site();
} else {
$this->load_content_for_course();
@@ -32,7 +32,7 @@ class CourseBlock_admin extends MoodleBlock {
function load_content_for_site() {
global $CFG;
global $CFG, $USER;
if (isadmin()) {
$this->content->items[] = '<a href="'.$CFG->wwwroot.'/'.$CFG->admin.'/configure.php">'.get_string('configuration').'</a>...';
@@ -40,18 +40,24 @@ class CourseBlock_admin extends MoodleBlock {
$this->content->items[] = '<a href="'.$CFG->wwwroot.'/'.$CFG->admin.'/users.php">'.get_string('users').'</a>...';
$this->content->icons[] = '<img src="'.$CFG->pixpath.'/i/users.gif" height="16" width="16" alt="" />';
$this->content->items[]='<a href="'.$CFG->wwwroot.'/backup/backup.php?id='.SITEID.'">'.get_string('backup').'...</a>';
$this->content->icons[]='<img src="'.$CFG->pixpath.'/i/backup.gif" height="16" width="16" alt="">';
$this->content->items[]='<a href="'.$CFG->wwwroot.'/files/index.php?id='.SITEID.'&amp;wdir=/backupdata">'.get_string('restore').'...</a>';
$this->content->icons[]='<img src="'.$CFG->pixpath.'/i/restore.gif" height="16" width="16" alt="">';
}
if (iscreator()) {
$this->content->items[] = '<a href="'.$CFG->wwwroot.'/course/index.php?edit=on">'.get_string('courses').'</a>';
$this->content->items[] = '<a href="'.$CFG->wwwroot.'/course/index.php?edit=on&sesskey='.set_user_sesskey().'">'.get_string('courses').'</a>';
$this->content->icons[] = '<img src="'.$CFG->pixpath.'/i/course.gif" height="16" width="16" alt="" />';
}
if (isadmin()) {
$this->content->items[] = '<a href="'.$CFG->wwwroot.'/course/log.php?id=1">'.get_string('logs').'</a>';
$this->content->items[] = '<a href="'.$CFG->wwwroot.'/course/log.php?id='.SITEID.'">'.get_string('logs').'</a>';
$this->content->icons[] = '<img src="'.$CFG->pixpath.'/i/log.gif" height="16" width="16" alt="" />';
$this->content->items[] = '<a href="'.$CFG->wwwroot.'/files/index.php?id=1">'.get_string('sitefiles').'</a>';
$this->content->items[] = '<a href="'.$CFG->wwwroot.'/files/index.php?id='.SITEID.'">'.get_string('sitefiles').'</a>';
$this->content->icons[] = '<img src="'.$CFG->pixpath.'/i/files.gif" height="16" width="16" alt="" />';
if (file_exists($CFG->dirroot.'/'.$CFG->admin.'/'.$CFG->dbtype)) {
@@ -38,12 +38,11 @@ class CourseBlock_calendar_upcoming extends MoodleBlock {
'/calendar/event.php?action=new&amp;course='.$this->course->id.'">'.
get_string('newevent', 'calendar').'</a>...';
if($this->course->id == SITEID) {
if ($this->course->id == SITEID) {
// Being displayed at site level. This will cause the filter to fall back to auto-detecting
// the list of courses it will be grabbing events from.
$filtercourse = NULL;
}
else {
} else {
// Forcibly filter events to include only those from the particular course we are in.
$filtercourse = array($courseshown => 1);
}
@@ -56,12 +55,18 @@ class CourseBlock_calendar_upcoming extends MoodleBlock {
// Correct formatting is [courseid] => 1 to be concise with moodlelib.php functions.
calendar_set_filters($courses, $group, $user, $filtercourse, $filtercourse, false);
$events = calendar_get_upcoming($courses, $group, $user, get_user_preferences('calendar_lookahead', CALENDAR_UPCOMING_DAYS), get_user_preferences('calendar_maxevents', CALENDAR_UPCOMING_MAXEVENTS));
$events = calendar_get_upcoming($courses, $group, $user,
get_user_preferences('calendar_lookahead', CALENDAR_UPCOMING_DAYS),
get_user_preferences('calendar_maxevents', CALENDAR_UPCOMING_MAXEVENTS));
$this->content->text = calendar_get_sideblock_upcoming($events, 'view.php?view=day&amp;course='.$this->course->id.'&amp;');
if (!empty($this->course)) {
$this->content->text = calendar_get_sideblock_upcoming($events,
'view.php?view=day&amp;course='.$this->course->id.'&amp;');
}
if(empty($this->content->text)) {
$this->content->text = '<div style="font-size: 0.8em; text-align: center;">'.get_string('noupcomingevents', 'calendar').'</div>';
if (empty($this->content->text)) {
$this->content->text = '<div style="font-size: 0.8em; text-align: center;">'.
get_string('noupcomingevents', 'calendar').'</div>';
}
return $this->content;
+1 -1
View File
@@ -13,7 +13,7 @@ class CourseBlock_course_list extends MoodleBlock {
}
function print_config() {
global $CFG, $THEME;
global $CFG, $USER, $THEME;
print_simple_box_start('center', '', $THEME->cellheading);
include($CFG->dirroot.'/blocks/'.$this->name().'/config.html');
print_simple_box_end();
+1
View File
@@ -1,4 +1,5 @@
<form method="post" action="block.php">
<?php echo "<input type=\"hidden\" name=\"sesskey\" value=\"".$USER->sesskey."\">"; ?>
<table cellpadding="9" cellspacing="0">
<tr valign="top">
@@ -2,7 +2,7 @@
class CourseBlock_course_summary extends MoodleBlock {
function CourseBlock_course_summary ($course) {
if (empty($course->category)) { // Site level
if(!empty($course) && $course->id == SITEID) { // Site level
$this->title = get_string('frontpagedescription');
} else {
$this->title = get_string('blockname','block_course_summary');
@@ -26,13 +26,13 @@ class CourseBlock_course_summary extends MoodleBlock {
$this->content = New stdClass;
$options->noclean = true; // Don't clean Javascripts etc
$this->content->text = format_text($this->course->summary, FORMAT_HTML, $options);
if (isediting($this->course->id)) {
if (empty($this->course->category)) {
$editpage = $CFG->wwwroot.'/admin/site.php';
if(isediting($this->course->id)) {
if($this->course->id == SITEID) {
$editpage = $CFG->wwwroot.'/'.$CFG->admin.'/site.php';
} else {
$editpage = $CFG->wwwroot.'/course/edit.php?id='.$this->course->id;
}
$this->content->text .= "<div align=\"right\"><a href=\"$editpage\"><img src=\"$CFG->pixpath/t/edit.gif\" /></a></div>";
$this->content->text .= '<div style="text-align: right;"><a href="'.$editpage.'"><img src="'.$CFG->pixpath.'/t/edit.gif" /></a></div>';
}
$this->content->footer = '';
+9 -7
View File
@@ -119,7 +119,7 @@ class MoodleBlock {
}
function add_edit_controls($options, $blockid) {
global $CFG, $THEME;
global $CFG, $THEME, $USER;
// The block may be disabled
$blockid = intval($blockid);
@@ -143,6 +143,8 @@ class MoodleBlock {
} else {
$pixpath = $path.'/../theme/'.$CFG->theme.'/pix';
}
$sesskeystr = '&amp;sesskey='.$USER->sesskey;
$movebuttons = '<div style="float: right;">';
@@ -155,26 +157,26 @@ class MoodleBlock {
$title = $this->str->show;
}
$movebuttons .= '<a style="margin-right: 6px; margin-left: 3px;" title="'.$title.'" href="'.$path.'/view.php?id='.$this->course->id.'&amp;blockaction=toggle&amp;blockid='.$blockid.'">' .
$movebuttons .= '<a style="margin-right: 6px; margin-left: 3px;" title="'.$title.'" href="'.$path.'/view.php?id='.$this->course->id.'&amp;blockaction=toggle&amp;blockid='.$blockid.$sesskeystr.'">' .
'<img src="'.$pixpath.$icon.'" /></a>';
$movebuttons .= '<a title="'.$this->str->delete.'" href="'.$path.'/view.php?id='.$this->course->id.'&amp;blockaction=delete&amp;blockid='.$blockid.'">' .
$movebuttons .= '<a title="'.$this->str->delete.'" href="'.$path.'/view.php?id='.$this->course->id.'&amp;blockaction=delete&amp;blockid='.$blockid.$sesskeystr.'">' .
'<img src="'.$pixpath.'/t/delete.gif" /></a> ';
if ($options & BLOCK_MOVE_LEFT) {
$movebuttons .= '<a style="margin-right: 2px; margin-left: 2px;" title="'.$this->str->moveleft.'" href="'.$path.'/view.php?id='.$this->course->id.'&amp;blockaction=moveside&amp;blockid='.$blockid.'">' .
$movebuttons .= '<a style="margin-right: 2px; margin-left: 2px;" title="'.$this->str->moveleft.'" href="'.$path.'/view.php?id='.$this->course->id.'&amp;blockaction=moveside&amp;blockid='.$blockid.$sesskeystr.'">' .
'<img src="'.$pixpath.'/t/left.gif" /></a>';
}
if ($options & BLOCK_MOVE_UP) {
$movebuttons .= '<a style="margin-right: 2px; margin-left: 2px;" title="'.$this->str->moveup.'" href="'.$path.'/view.php?id='.$this->course->id.'&amp;blockaction=moveup&amp;blockid='.$blockid.'">' .
$movebuttons .= '<a style="margin-right: 2px; margin-left: 2px;" title="'.$this->str->moveup.'" href="'.$path.'/view.php?id='.$this->course->id.'&amp;blockaction=moveup&amp;blockid='.$blockid.$sesskeystr.'">' .
'<img src="'.$pixpath.'/t/up.gif" /></a>';
}
if ($options & BLOCK_MOVE_DOWN) {
$movebuttons .= '<a style="margin-right: 2px; margin-left: 2px;" title="'.$this->str->movedown.'" href="'.$path.'/view.php?id='.$this->course->id.'&amp;blockaction=movedown&amp;blockid='.$blockid.'">' .
$movebuttons .= '<a style="margin-right: 2px; margin-left: 2px;" title="'.$this->str->movedown.'" href="'.$path.'/view.php?id='.$this->course->id.'&amp;blockaction=movedown&amp;blockid='.$blockid.$sesskeystr.'">' .
'<img src="'.$pixpath.'/t/down.gif" /></a>';
}
if ($options & BLOCK_MOVE_RIGHT) {
$movebuttons .= '<a style="margin-right: 2px; margin-left: 2px;" title="'.$this->str->moveright.'" href="'.$path.'/view.php?id='.$this->course->id.'&amp;blockaction=moveside&amp;blockid='.$blockid.'">' .
$movebuttons .= '<a style="margin-right: 2px; margin-left: 2px;" title="'.$this->str->moveright.'" href="'.$path.'/view.php?id='.$this->course->id.'&amp;blockaction=moveside&amp;blockid='.$blockid.$sesskeystr.'">' .
'<img src="'.$pixpath.'/t/right.gif" /></a>';
}
+1 -1
View File
@@ -11,7 +11,7 @@ class CourseBlock_online_users extends MoodleBlock {
function has_config() {return true;}
function print_config() {
global $CFG, $THEME;
global $CFG, $USER, $THEME;
print_simple_box_start('center', '', $THEME->cellheading);
include($CFG->dirroot.'/blocks/'.$this->name().'/config.html');
print_simple_box_end();
+1
View File
@@ -1,4 +1,5 @@
<form method="post" action="block.php">
<?php echo "<input type=\"hidden\" name=\"sesskey\" value=\"".$USER->sesskey."\">"; ?>
<table cellpadding="9" cellspacing="0">
<tr valign="top">
+1 -1
View File
@@ -27,7 +27,7 @@ class CourseBlock_participants extends MoodleBlock {
$strgroups = get_string('groups');
$strgroupmy = get_string('groupmy');
if ($this->course->category or $CFG->showsiteparticipantslist > 1 or ($CFG->showsiteparticipantslist == 1 and isteacher()) or isteacher(SITEID)) {
if ($this->course->category or $CFG->showsiteparticipantslist > 1 or ($CFG->showsiteparticipantslist == 1 and isteacherinanycourse()) or isteacher(SITEID)) {
$this->content->items[]='<a title="'.get_string('listofallpeople').'" href="'.$CFG->wwwroot.'/user/index.php?id='.$this->course->id.'">'.get_string('participants').'</a>';
$this->content->icons[]='<img src="'.$CFG->pixpath.'/i/users.gif" height="16" width="16" alt="">';
}
@@ -54,7 +54,7 @@ class CourseBlock_site_main_menu extends MoodleBlock {
if ($ismoving) {
$this->content->icons[] = '&nbsp;<img align="bottom" src="'.$CFG->pixpath.'/t/move.gif" height="11" width="11">';
$this->content->items[] = $USER->activitycopyname.'&nbsp;(<a href="'.$CFG->wwwroot.'/course/mod.php?cancelcopy=true">'.$strcancel.'</a>)';
$this->content->items[] = $USER->activitycopyname.'&nbsp;(<a href="'.$CFG->wwwroot.'/course/mod.php?cancelcopy=true&amp;sesskey='.$USER->sesskey.'">'.$strcancel.'</a>)';
}
if (!empty($section->sequence)) {
@@ -82,7 +82,7 @@ class CourseBlock_site_main_menu extends MoodleBlock {
if ($mod->id == $USER->activitycopy) {
continue;
}
$this->content->items[] = '<a title="'.$strmovefull.'" href="'.$CFG->wwwroot.'/course/mod.php?moveto='.$mod->id.'">'.
$this->content->items[] = '<a title="'.$strmovefull.'" href="'.$CFG->wwwroot.'/course/mod.php?moveto='.$mod->id.'&amp;sesskey='.$USER->sesskey.'">'.
'<img height="16" width="80" src="'.$CFG->pixpath.'/movehere.gif" alt="'.$strmovehere.'" border="0"></a>';
$this->content->icons[] = '';
}
@@ -115,7 +115,7 @@ class CourseBlock_site_main_menu extends MoodleBlock {
}
if ($ismoving) {
$this->content->items[] = '<a title="'.$strmovefull.'" href="'.$CFG->wwwroot.'/course/mod.php?movetosection='.$section->id.'">'.
$this->content->items[] = '<a title="'.$strmovefull.'" href="'.$CFG->wwwroot.'/course/mod.php?movetosection='.$section->id.'&amp;sesskey='.$USER->sesskey.'">'.
'<img height="16" width="80" src="'.$CFG->pixpath.'/movehere.gif" alt="'.$strmovehere.'" border="0"></a>';
$this->content->icons[] = '';
}
@@ -78,7 +78,7 @@ class CourseBlock_social_activities extends MoodleBlock {
if ($mod->id == $USER->activitycopy) {
continue;
}
$this->content->items[] = '<a title="'.$strmovefull.'" href="'.$CFG->wwwroot.'/course/mod.php?moveto='.$mod->id.'">'.
$this->content->items[] = '<a title="'.$strmovefull.'" href="'.$CFG->wwwroot.'/course/mod.php?moveto='.$mod->id.'&amp;sesskey='.$USER->sesskey.'">'.
'<img height="16" width="80" src="'.$CFG->pixpath.'/movehere.gif" alt="'.$strmovehere.'" border="0"></a>';
$this->content->icons[] = '';
}
@@ -111,7 +111,7 @@ class CourseBlock_social_activities extends MoodleBlock {
}
if ($ismoving) {
$this->content->items[] = '<a title="'.$strmovefull.'" href="'.$CFG->wwwroot.'/course/mod.php?movetosection='.$section->id.'">'.
$this->content->items[] = '<a title="'.$strmovefull.'" href="'.$CFG->wwwroot.'/course/mod.php?movetosection='.$section->id.'&amp;sesskey='.$USER->sesskey.'">'.
'<img height="16" width="80" src="'.$CFG->pixpath.'/movehere.gif" alt="'.$strmovehere.'" border="0"></a>';
$this->content->icons[] = '';
}
+52 -58
View File
@@ -112,11 +112,11 @@ function calendar_get_mini($courses, $groups, $users, $cal_month = false, $cal_y
$events = array();
}
else {
$events = get_records_select('event', $whereclause);
$events = get_records_select('event', $whereclause, 'timestart');
}
// This is either a genius idea or an idiot idea: in order to not complicate things, we use this rule: if, after
// possibly removing courseid 1 from $courses, there is only one course left, then clicking on a day in the month
// possibly removing SITEID from $courses, there is only one course left, then clicking on a day in the month
// will also set the $SESSION->cal_courses_shown variable to that one course. Otherwise, we 'd need to add extra
// arguments to this function.
@@ -190,10 +190,10 @@ function calendar_get_mini($courses, $groups, $users, $cal_month = false, $cal_y
$popupicon = $CFG->modpixpath.'/'.$event->modulename.'/icon.gif';
$popupalt = $event->modulename;
} else if ($event->courseid == 1) { // Site event
} else if ($event->courseid == SITEID) { // Site event
$popupicon = $CFG->pixpath.'/c/site.gif';
$popupalt = '';
} else if ($event->courseid > 1 and empty($event->groupid)) { // Course event
} else if ($event->courseid != 0 && $event->courseid != SITEID && $event->groupid == 0) { // Course event
$popupicon = $CFG->pixpath.'/c/course.gif';
$popupalt = '';
} else if ($event->groupid) { // Group event
@@ -290,6 +290,9 @@ function calendar_get_upcoming($courses, $groups, $users, $daysinfuture, $maxeve
// This effectively adds as many days as needed, and the final SECS_IN_DAY - 1
// serves to cover the duration until the end of the final day. We could
// just do another gmmktime() and an addition, but this is "faster" :)
// WARNING: IT IS ALSO BUGGY WITH REGARDS TO DST CHANGES! THIS HAS TO BE FIXED SOMEDAY!
// IF YOU DO SECS ARITHMETIC, THE CODE WILL ALWAYS BE BUGGY WITH REGARD TO DST!
$display->tend = $display->tstart + (SECS_IN_DAY * $display->range) - 1;
// Get the events matching our criteria
@@ -297,12 +300,11 @@ function calendar_get_upcoming($courses, $groups, $users, $daysinfuture, $maxeve
if ($whereclause === false) {
$events = false;
} else {
$whereclause .= ' ORDER BY timestart'; // We want them this way
$events = get_records_select('event', $whereclause);
$events = get_records_select('event', $whereclause, 'timestart');
}
// This is either a genius idea or an idiot idea: in order to not complicate things, we use this rule: if, after
// possibly removing courseid 1 from $courses, there is only one course left, then clicking on a day in the month
// possibly removing SITEID from $courses, there is only one course left, then clicking on a day in the month
// will also set the $SESSION->cal_courses_shown variable to that one course. Otherwise, we 'd need to add extra
// arguments to this function.
@@ -355,14 +357,12 @@ function calendar_get_upcoming($courses, $groups, $users, $daysinfuture, $maxeve
$output[$outkey]->cmid = $module->id;
} else if($event->courseid == 1) { // Site event
} else if($event->courseid == SITEID) { // Site event
$output[$outkey]->icon = '<img height=16 width=16 src="'.$CFG->pixpath.'/c/site.gif" alt="" style="vertical-align: middle;" />';
$output[$outkey]->time = $eventtime;
} else if($event->courseid > 1 and !$event->groupid) { // Course event
} else if($event->courseid != 0 && $event->courseid != SITEID && $event->groupid == 0) { // Course event
calendar_get_course_cached($coursecache, $event->courseid);
$output[$outkey]->icon = '<img height=16 width=16 src="'.$CFG->pixpath.'/c/course.gif" alt="" style="vertical-align: middle;" />';
@@ -393,6 +393,7 @@ function calendar_sql_where($tstart, $tend, $users, $groups, $courses, $withdura
if(is_bool($users) && is_bool($groups) && is_bool($courses)) {
return false;
}
if(is_array($users) && !empty($users)) {
// Events from a number of users
if(!empty($whereclause)) $whereclause .= ' OR';
@@ -412,6 +413,7 @@ function calendar_sql_where($tstart, $tend, $users, $groups, $courses, $withdura
// No user at all
// No need to do anything
}
if(is_array($groups) && !empty($groups)) {
// Events from a number of groups
if(!empty($whereclause)) $whereclause .= ' OR';
@@ -427,6 +429,8 @@ function calendar_sql_where($tstart, $tend, $users, $groups, $courses, $withdura
if(!empty($whereclause)) $whereclause .= ' OR ';
$whereclause .= ' groupid != 0';
}
// boolean false (no groups at all): we don't need to do anything
if(is_array($courses)) {
// A number of courses (maybe none at all!)
if(!empty($courses)) {
@@ -451,6 +455,14 @@ function calendar_sql_where($tstart, $tend, $users, $groups, $courses, $withdura
$whereclause .= ' groupid = 0 AND courseid != 0';
}
// Security check: if, by now, we have NOTHING in $whereclause, then it means
// that NO event-selecting clauses were defined. Thus, we won't be returning ANY
// events no matter what. Allowing the code to proceed might return a completely
// valid query with only time constraints, thus selecting ALL events in that time frame!
if(empty($whereclause)) {
return false;
}
if ($ignorehidden) {
if (!empty($whereclause)) $whereclause .= ' AND';
$whereclause .= ' visible = 1';
@@ -528,8 +540,8 @@ function calendar_top_controls($type, $data) {
case 'day':
$data['d'] = $date['mday']; // Just for convenience
$dayname = calendar_wday_name($date['weekday']);
$prevdate = getdate($time - SECS_IN_DAY);
$nextdate = getdate($time + SECS_IN_DAY);
$prevdate = usergetdate(make_timestamp($data['y'], $data['m'], $data['d'] - 1));
$nextdate = usergetdate(make_timestamp($data['y'], $data['m'], $data['d'] + 1));
$prevname = calendar_wday_name($prevdate['weekday']);
$nextname = calendar_wday_name($nextdate['weekday']);
$content .= "<table style='width: 100%;'><tr>\n";
@@ -597,7 +609,7 @@ function calendar_filter_controls($type, $vars = NULL, $course = NULL) {
$content .= '<td style="width: 8px;"></td><td><a href="'.CALENDAR_URL.'set.php?var=showcourses'.$getvars.'" title="'.get_string('tt_showcourse', 'calendar').'">'.get_string('courseevents', 'calendar').'</a></td>'."\n";
}
if(!empty($USER) && !isguest()) {
if(!empty($USER->id) && !isguest()) {
$content .= "</tr>\n<tr>";
if($groupevents) {
@@ -735,6 +747,9 @@ function calendar_get_sideblock_upcoming($events, $linkhref = NULL) {
}
for ($i = 0; $i < $lines; ++$i) {
if (!isset($events[$i]->time)) { // Just for robustness
continue;
}
$content .= '<div class="cal_event">'.$events[$i]->icon.' ';
if (!empty($events[$i]->referer)) {
// That's an activity event, so let's provide the hyperlink
@@ -802,10 +817,10 @@ function calendar_events_by_day($events, $month, $year, &$eventsbyday, &$duratio
$eventsbyday[$eventdaystart][] = $event->id;
// Mark the day as having such an event
if($event->courseid == 1 && $event->groupid == 0) {
if($event->courseid == SITEID && $event->groupid == 0) {
$typesbyday[$eventdaystart]['startglobal'] = true;
}
else if($event->courseid > 1 && $event->groupid == 0) {
else if($event->courseid != 0 && $event->courseid != SITEID && $event->groupid == 0) {
$typesbyday[$eventdaystart]['startcourse'] = true;
}
else if($event->groupid) {
@@ -830,10 +845,10 @@ function calendar_events_by_day($events, $month, $year, &$eventsbyday, &$duratio
// Mark all days between $lowerbound and $upperbound (inclusive) as duration
for($i = $lowerbound + 1; $i <= $upperbound; ++$i) {
$durationbyday[$i][] = $event->id;
if($event->courseid == 1 && $event->groupid == 0) {
if($event->courseid == SITEID && $event->groupid == 0) {
$typesbyday[$i]['durationglobal'] = true;
}
else if($event->courseid > 1 && $event->groupid == 0) {
else if($event->courseid != 0 && $event->courseid != SITEID && $event->groupid == 0) {
$typesbyday[$i]['durationcourse'] = true;
}
else if($event->groupid) {
@@ -868,6 +883,19 @@ function calendar_get_course_cached(&$coursecache, $courseid) {
function calendar_session_vars() {
global $SESSION, $USER;
if(!empty($USER->id) && isset($USER->realuser) && !isset($SESSION->cal_loggedinas)) {
// We just logged in as someone else, update the filtering
unset($SESSION->cal_users_shown);
unset($SESSION->cal_courses_shown);
$SESSION->cal_loggedinas = true;
}
else if(!empty($USER->id) && !isset($USER->realuser) && isset($SESSION->cal_loggedinas)) {
// We just logged back to our real self, update again
unset($SESSION->cal_users_shown);
unset($SESSION->cal_courses_shown);
unset($SESSION->cal_loggedinas);
}
if(!isset($SESSION->cal_course_referer)) {
$SESSION->cal_course_referer = 0;
}
@@ -932,11 +960,11 @@ function calendar_set_filters(&$courses, &$group, &$user, $courseeventsfrom = NU
if(($SESSION->cal_show_course && $SESSION->cal_show_global) || $ignorefilters) {
if(is_int($courseeventsfrom)) {
$courses = array(1, $courseeventsfrom);
$courses = array(SITEID, $courseeventsfrom);
}
else if(is_array($courseeventsfrom)) {
$courses = array_keys($courseeventsfrom);
$courses[] = 1;
$courses[] = SITEID;
}
}
else if($SESSION->cal_show_course) {
@@ -1001,13 +1029,13 @@ function calendar_set_filters(&$courses, &$group, &$user, $courseeventsfrom = NU
function calendar_edit_event_allowed($event) {
global $USER;
if(empty($USER) || isguest($USER->id)) {
if(empty($USER->id) || isguest($USER->id)) {
return false;
}
if (isadmin($USER->id)) return true; // Admins are allowed anything
if ($event->courseid > 1) {
if ($event->courseid != 0 && $event->courseid != SITEID) {
// Course event, only editing teachers may... edit :P
if(isteacheredit($event->courseid)) {
return true;
@@ -1033,10 +1061,10 @@ function calendar_get_default_courses($ignoreref = false) {
global $USER, $CFG, $SESSION;
if(!empty($SESSION->cal_course_referer) && !$ignoreref) {
return array($SESSION->cal_course_referer => 1);
return array($SESSION->cal_course_referer => SITEID);
}
if(empty($USER)) {
if(empty($USER->id)) {
return array();
}
@@ -1054,40 +1082,6 @@ function calendar_get_default_courses($ignoreref = false) {
return $courses;
}
function calendar_get_tz_offset() {
global $USER, $CFG;
static $tzfix;
// Caching
if(isset($tzfix)) {
return $tzfix;
}
if(empty($USER)) {
// Don't forget that there are users which have NOT logged in, even as guests
$timezone = $CFG->timezone;
}
else {
// If, on the other hand, we do have a user...
$timezone = $USER->timezone;
if(abs($timezone > 13)) {
// But if the user has specified 'server default' time,
// don't get the server's; get the Moodle $CFG setting
// (Martin's help text on site cfg implies this)
$timezone = $CFG->timezone;
}
}
if(abs($timezone) <= 13) {
$tzfix = $timezone * 3600;
}
else {
$tzfix = date('Z');
}
return $tzfix;
}
function calendar_preferences_array() {
return array(
'startwday' => get_string('pref_startwday', 'calendar'),
+20 -23
View File
@@ -44,11 +44,7 @@
require_once($CFG->dirroot.'/course/lib.php');
require_once($CFG->dirroot.'/calendar/lib.php');
optional_variable($_GET['view'], 'upcoming');
optional_variable($_GET['course'], 0);
optional_variable($_GET['cal_d']);
optional_variable($_GET['cal_m']);
optional_variable($_GET['cal_y']);
if(!$site = get_site()) {
redirect($CFG->wwwroot.'/'.$CFG->admin.'/index.php');
@@ -60,10 +56,11 @@
$nav = calendar_get_link_tag(get_string('calendar', 'calendar'), CALENDAR_URL.'view.php?view=upcoming&amp;', $now['mday'], $now['mon'], $now['year']);
// Make sure that the GET variables are correct
$day = intval($_GET['cal_d']);
$mon = intval($_GET['cal_m']);
$yr = intval($_GET['cal_y']);
$view = optional_param('view', 'upcoming');
$day = optional_param('cal_d', 0, PARAM_INT);
$mon = optional_param('cal_m', 0, PARAM_INT);
$yr = optional_param('cal_y', 0, PARAM_INT);
if(!checkdate($mon, $day, $yr)) {
$day = intval($now['mday']);
$mon = intval($now['mon']);
@@ -71,7 +68,7 @@
}
$time = mktime(0, 0, 0, $mon, $day, $yr);
switch($_GET['view']) {
switch($view) {
case 'day':
$text = strftime(get_string('strftimedate'), $time);
if($text[0] == '0') {
@@ -105,7 +102,7 @@
}
}
if (empty($USER) or isguest()) {
if (empty($USER->id) or isguest()) {
$defaultcourses = calendar_get_default_courses();
calendar_set_filters($courses, $groups, $users, $defaultcourses, $defaultcourses);
@@ -139,7 +136,7 @@
echo '<td style="vertical-align: top; width: 100%;">';
switch($_GET['view']) {
switch($view) {
case 'day':
calendar_show_day($day, $mon, $yr, $courses, $groups, $users);
break;
@@ -161,7 +158,7 @@
list($prevmon, $prevyr) = calendar_sub_month($mon, $yr);
list($nextmon, $nextyr) = calendar_add_month($mon, $yr);
$getvars = 'cal_d='.$day.'&amp;cal_m='.$mon.'&amp;cal_y='.$yr; // For filtering
echo calendar_filter_controls($_GET['view'], $getvars);
echo calendar_filter_controls($view, $getvars);
echo '<p>';
echo calendar_top_controls('display', array('m' => $prevmon, 'y' => $prevyr));
echo calendar_get_mini($courses, $groups, $users, $prevmon, $prevyr);
@@ -193,12 +190,12 @@ function calendar_show_day($d, $m, $y, $courses, $groups, $users) {
$getvars = 'from=day&amp;cal_d='.$d.'&amp;cal_m='.$m.'&amp;cal_y='.$y; // For filtering
$starttime = make_timestamp($y, $m, $d);
$endtime = $starttime + SECS_IN_DAY - 1;
$endtime = make_timestamp($y, $m, $d + 1) - 1;
$events = calendar_get_upcoming($courses, $groups, $users, 1, 100, $starttime);
// New event button
if (empty($USER) || isguest()) {
if (empty($USER->id) || isguest()) {
$text = get_string('dayview', 'calendar').': '.calendar_course_filter_selector($getvars);
} else {
$text = '<div style="float: left;">'.get_string('dayview', 'calendar').': '.
@@ -312,14 +309,14 @@ function calendar_show_month_detailed($m, $y, $courses, $groups, $users) {
$events = array();
}
else {
$events = get_records_select('event', $whereclause);
$events = get_records_select('event', $whereclause, 'timestart');
}
// Extract information: events vs. time
calendar_events_by_day($events, $m, $y, $eventsbyday, $durationbyday, $typesbyday);
// New event button
if(empty($USER) || isguest()) {
if(empty($USER->id) || isguest()) {
$text = get_string('detailedmonthview', 'calendar').': '.calendar_course_filter_selector($getvars);
}
else {
@@ -482,7 +479,7 @@ function calendar_show_month_detailed($m, $y, $courses, $groups, $users) {
echo "</tr>\n";
if(!empty($USER) && !isguest()) {
if(!empty($USER->id) && !isguest()) {
echo '<tr>';
// Group events
if($SESSION->cal_show_groups) {
@@ -515,7 +512,7 @@ function calendar_show_upcoming_events($courses, $groups, $users, $futuredays, $
$events = calendar_get_upcoming($courses, $groups, $users, $futuredays, $maxevents);
// New event button
if(empty($USER) || isguest()) {
if(empty($USER->id) || isguest()) {
$text = get_string('upcomingevents', 'calendar').': '.calendar_course_filter_selector('from=upcoming');
} else {
@@ -544,7 +541,7 @@ function calendar_show_upcoming_events($courses, $groups, $users, $futuredays, $
function calendar_print_event($event) {
global $CFG, $THEME;
global $CFG, $THEME, $USER;
static $strftimetime;
@@ -582,8 +579,8 @@ function calendar_print_event($event) {
$editlink = CALENDAR_URL.'event.php?action=edit&amp;id='.$event->id;
$deletelink = CALENDAR_URL.'event.php?action=delete&amp;id='.$event->id;
} else {
$editlink = $CFG->wwwroot.'/course/mod.php?update='.$event->cmid.'&amp;return=true';
$deletelink = $CFG->wwwroot.'/course/mod.php?delete='.$event->cmid;
$editlink = $CFG->wwwroot.'/course/mod.php?update='.$event->cmid.'&amp;return=true&amp;sesskey='.$USER->sesskey;
$deletelink = $CFG->wwwroot.'/course/mod.php?delete='.$event->cmid.'&amp;sesskey='.$USER->sesskey;;
}
echo ' <a href="'.$editlink.'"><img
src="'.$CFG->pixpath.'/t/edit.gif" alt="'.get_string('tt_editevent', 'calendar').'"
@@ -601,12 +598,12 @@ function calendar_print_event($event) {
function calendar_course_filter_selector($getvars = '') {
global $USER, $SESSION;
if (empty($USER) or isguest()) {
if (empty($USER->id) or isguest()) {
return '';
}
if (isadmin()) {
$courses = get_courses('all', 'c.shortname');
$courses = get_courses('all', 'c.shortname','c.id,c.shortname');
} else {
$courses = get_my_courses($USER->id, 'shortname');
}
+18
View File
@@ -177,6 +177,24 @@ $CFG->admin = 'admin';
// then all addresses are ALLOWED EXCEPT those listed.
// $CFG->allowemailaddresses = "myschool.edu.au hotmail.com";
// $CFG->denyemailaddresses = "hotmail.com yahoo.com";
//
// The following setting will tell Moodle to respect your PHP session
// settings. Use this if you want to control session configuration
// from php.ini, httpd.conf or .htaccess files.
// $CFG->respectsessionsettings = true;
//
// Generating the language menu consumes a *lot* of memory and queries a
// lot of files. if you are looking for performance, and not adding/removing
// languages often, enable the language menu cache. With the cache enabled,
// Moodle only refreshes the list of languages every few invocations of the
// cron script. For maximum efficiency, make sure your cron is called from the
// commandline, not via HTTP.
// $CFG->langcache = true;
//
// The following setting will turn SQL Error logging on. This will output an
// entry in apache error log indicating the position of the error and the statement
// called. This option will action disregarding error_reporting setting.
// $CFG->dblogerror = true;
//=========================================================================
// ALL DONE! To continue installation, visit your main page with a browser
+77 -55
View File
@@ -23,7 +23,7 @@
}
if (iscreator()) {
if (isset($_GET['edit'])) {
if (isset($_GET['edit']) and confirm_sesskey()) {
if ($edit == "on") {
$USER->categoryediting = true;
} else if ($edit == "off") {
@@ -47,7 +47,7 @@
if (isadmin()) {
/// Rename the category if requested
if (!empty($_POST['rename'])) {
if (!empty($_POST['rename']) and confirm_sesskey()) {
$category->name = $_POST['rename'];
if (! set_field("course_categories", "name", $category->name, "id", $category->id)) {
notify("An error occurred while renaming the category");
@@ -56,14 +56,19 @@
/// Resort the category if requested
if (!empty($_GET['resort'])) {
if ($courses = get_courses($category->id, "fullname ASC")) {
$count = 0;
if (!empty($_GET['resort']) and confirm_sesskey()) {
if ($courses = get_courses($category->id, "fullname ASC", 'c.id,c.fullname,c.sortorder')) {
// move it off the range
$count = get_record_sql('SELECT MAX(sortorder) AS max, 1
FROM ' . $CFG->prefix . 'course WHERE category=' . $category->id);
$count = $count->max + 100;
begin_sql();
foreach ($courses as $course) {
set_field('course', 'sortorder', $count, 'id', $course->id);
$count++;
}
fix_course_sortorder();
commit_sql();
fix_course_sortorder($category->id);
}
}
}
@@ -114,7 +119,7 @@
/// Move a specified course to a new category
if (isset($moveto) and $data = data_submitted()) { // Some courses are being moved
if (isset($moveto) and $data = data_submitted() and confirm_sesskey()) { // Some courses are being moved
if (! $destcategory = get_record("course_categories", "id", $data->moveto)) {
error("Error finding the category");
@@ -122,15 +127,37 @@
unset($data->moveto);
unset($data->id);
unset($data->sesskey);
if ($data) {
foreach ($data as $code => $junk) {
$courseid = substr($code, 1);
if (! $course = get_record("course", "id", $courseid)) {
notify("Error finding course $courseid");
} else {
if (!set_field("course", "category", $destcategory->id, "id", $course->id)) {
// figure out a sortorder that we can use in the destination category
$sortorder = get_field_sql('SELECT MIN(sortorder)-1 AS min
FROM ' . $CFG->prefix . 'course WHERE category=' . $destcategory->id);
if ($sortorder < 1) {
// rather than let the db default to 0
// set it to > 100 and avoid extra work in fix_coursesortorder()
$sortorder = 200;
}
$course->category = $destcategory->id;
$course->sortorder = $sortorder;
$course->fullname = addslashes($course->fullname);
$course->shortname = addslashes($course->shortname);
$course->summary = addslashes($course->summary);
$course->password = addslashes($course->password);
$course->teacher = addslashes($course->teacher);
$course->teachers = addslashes($course->teachers);
$course->student = addslashes($course->student);
$course->students = addslashes($course->students);
if (!update_record('course', $course)) {
notify("An error occurred - course not moved!");
}
fix_course_sortorder();
@@ -143,7 +170,7 @@
/// Hide or show a course
if (isset($hide) or isset($show)) {
if ((isset($hide) or isset($show)) and confirm_sesskey()) {
if (isset($hide)) {
$course = get_record("course", "id", $hide);
$visible = 0;
@@ -161,54 +188,44 @@
/// Move a course up or down
if (isset($moveup) or isset($movedown)) {
if ((isset($moveup) or isset($movedown)) and confirm_sesskey()) {
$movecourse = NULL;
$swapcourse = NULL;
$courses = get_courses($category->id);
// ensure the course order has no gaps
// and isn't at 0
fix_course_sortorder($category->id);
// we are going to need to know the range
$max = get_record_sql('SELECT MAX(sortorder) AS max, 1
FROM ' . $CFG->prefix . 'course WHERE category=' . $category->id);
$max = $max->max + 100;
if (isset($moveup)) {
if ($movecourse = get_record("course", "id", $moveup)) {
foreach ($courses as $course) {
if ($course->id == $movecourse->id) {
break;
}
$swapcourse = $course;
}
}
}
if (isset($movedown)) {
if ($movecourse = get_record("course", "id", $movedown)) {
$choosenext = false;
foreach ($courses as $course) {
if ($choosenext) {
$swapcourse = $course;
break;
}
if ($course->id == $movecourse->id) {
$choosenext = true;
}
}
}
$movecourse = get_record('course', 'id', $moveup);
$swapcourse = get_record('course',
'category', $category->id,
'sortorder', $movecourse->sortorder - 1);
} else {
$movecourse = get_record('course', 'id', $movedown);
$swapcourse = get_record('course',
'category', $category->id,
'sortorder', $movecourse->sortorder + 1);
}
if ($swapcourse and $movecourse) { // Renumber everything for robustness
$count=0;
foreach ($courses as $course) {
$count++;
if ($course->id == $swapcourse->id) {
$course = $movecourse;
} else if ($course->id == $movecourse->id) {
$course = $swapcourse;
}
if (! set_field("course", "sortorder", $count, "id", $course->id)) {
notify("Could not update that course!");
}
begin_sql();
if (!( set_field("course", "sortorder", $max, "id", $swapcourse->id)
&& set_field("course", "sortorder", $swapcourse->sortorder, "id", $movecourse->id)
&& set_field("course", "sortorder", $movecourse->sortorder, "id", $swapcourse->id)
)) {
notify("Could not update that course!");
}
commit_sql();
}
}
fix_course_sortorder();
}
} // End of editing stuff
@@ -238,7 +255,9 @@
/// Print out all the courses
unset($course); // To avoid unwanted language effects later
$courses = get_courses_page($category->id, "c.sortorder ASC", "c.*", $totalcount, $page*$perpage, $perpage);
$courses = get_courses_page($category->id, 'c.sortorder ASC',
'c.id,c.sortorder,c.shortname,c.fullname,c.summary,c.visible,c.teacher,c.guest,c.password',
$totalcount, $page*$perpage, $perpage);
$numcourses = count($courses);
if (!$courses) {
@@ -274,6 +293,7 @@
}
echo "<form name=\"movecourses\" action=\"category.php\" method=\"post\">";
echo "<input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\">";
echo "<table align=\"center\" border=0 cellspacing=2 cellpadding=4 class=\"generalbox\"><tr>";
echo "<th>$strcourses</th>";
if ($creatorediting) {
@@ -308,10 +328,10 @@
echo "<a title=\"$strdelete\" href=\"delete.php?id=$acourse->id\"><img".
" src=\"$pixpath/t/delete.gif\" height=11 width=11 border=0></a> ";
if (!empty($acourse->visible)) {
echo "<a title=\"$strhide\" href=\"category.php?id=$category->id&hide=$acourse->id\"><img".
echo "<a title=\"$strhide\" href=\"category.php?id=$category->id&page=$page&hide=$acourse->id&amp;sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/hide.gif\" height=11 width=11 border=0></a> ";
} else {
echo "<a title=\"$strshow\" href=\"category.php?id=$category->id&show=$acourse->id\"><img".
echo "<a title=\"$strshow\" href=\"category.php?id=$category->id&page=$page&show=$acourse->id&amp;sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/show.gif\" height=11 width=11 border=0></a> ";
}
@@ -322,14 +342,14 @@
" src=\"$pixpath/t/restore.gif\" height=11 width=11 border=0></a> ";
if ($up) {
echo "<a title=\"$strmoveup\" href=\"category.php?id=$category->id&moveup=$acourse->id\"><img".
echo "<a title=\"$strmoveup\" href=\"category.php?id=$category->id&page=$page&moveup=$acourse->id&amp;sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/up.gif\" height=11 width=11 border=0></a> ";
} else {
echo "<img src=\"$CFG->wwwroot/pix/spacer.gif\" height=11 width=11 border=0></a> ";
}
if ($down) {
echo "<a title=\"$strmovedown\" href=\"category.php?id=$category->id&movedown=$acourse->id\"><img".
echo "<a title=\"$strmovedown\" href=\"category.php?id=$category->id&page=$page&movedown=$acourse->id&amp;sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/down.gif\" height=11 width=11 border=0></a> ";
} else {
echo "<img src=\"$CFG->wwwroot/pix/spacer.gif\" height=11 width=11 border=0></a> ";
@@ -350,13 +370,13 @@
echo "</td>";
} else {
echo "<td align=\"right\">";
if ($acourse->guest ) {
if (!empty($acourse->guest)) {
echo "<a href=\"view.php?id=$acourse->id\"><img hspace=2 title=\"$strallowguests\" alt=\"\" height=16 width=16 border=0 src=\"$pixpath/i/user.gif\"></a>";
}
if ($acourse->password) {
if (!empty($acourse->password)) {
echo "<a href=\"view.php?id=$acourse->id\"><img hspace=2 title=\"$strrequireskey\" alt=\"\" height=16 width=16 border=0 src=\"$pixpath/i/key.gif\"></a>";
}
if ($acourse->summary) {
if (!empty($acourse->summary)) {
link_to_popup_window ("/course/info.php?id=$acourse->id", "courseinfo",
"<img hspace=2 alt=\"info\" height=16 width=16 border=0 src=\"$pixpath/i/info.gif\">",
400, 500, $strsummary);
@@ -386,6 +406,7 @@
unset($options);
$options["id"] = $category->id;
$options["resort"] = "name";
$options["sesskey"] = $USER->sesskey;
print_single_button("category.php", $options, get_string("resortcoursesbyname"), "get");
}
@@ -400,6 +421,7 @@
$strrename= get_string("rename");
echo "<form name=\"renameform\" action=\"category.php\" method=\"post\">";
echo "<input type=\"hidden\" name=\"id\" value=\"$category->id\">";
echo "<input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\">";
echo "<input type=\"text\" size=30 name=\"rename\" value=\"".s($category->name)."\">";
echo "<input type=\"submit\" value=\"$strrename\">";
echo "</form>";
+5 -1
View File
@@ -38,7 +38,7 @@
"$strdeletecheck");
notice_yesno("$strdeletecoursecheck<BR><BR>$course->fullname ($course->shortname)",
"delete.php?id=$course->id&delete=".md5($course->timemodified),
"delete.php?id=$course->id&delete=".md5($course->timemodified)."&sesskey=$USER->sesskey",
"category.php?id=$course->category");
exit;
}
@@ -47,6 +47,10 @@
error("The check variable was wrong - try again");
}
if (!confirm_sesskey()) {
error(get_string('confirmsesskeybad', 'error'));
}
// OK checks done, delete the course now.
$strdeletingcourse = get_string("deletingcourse", "", $course->shortname);
+1
View File
@@ -260,4 +260,5 @@
<td><input type="submit" value="<?php print_string("savechanges") ?>"></td>
</table>
<input type="hidden" name="id" value="<?php echo $form->id ?>">
<input type="hidden" name="sesskey" value="<?php echo $form->sesskey ?>">
</form>
+16 -3
View File
@@ -5,8 +5,8 @@
require_once("lib.php");
require_once("$CFG->libdir/blocklib.php");
optional_variable($id, 0); // course id
optional_variable($category, 0); // category id
$id = (int)optional_param('id', 0); // course id
$category = (int)optional_param('category', 0); // possible default category
require_login();
@@ -36,7 +36,7 @@
/// If data submitted, then process and store.
if ($form = data_submitted()) {
if ($form = data_submitted() and confirm_sesskey()) {
if (empty($course)) {
check_for_restricted_user($USER->username, "$CFG->wwwroot");
@@ -46,6 +46,8 @@
$form->startdate = make_timestamp($form->startyear, $form->startmonth, $form->startday);
$form->format = optional_param('format', 'social', PARAM_ALPHA);
validate_form($course, $form, $err);
if (count($err) == 0) {
@@ -75,6 +77,13 @@
//For topics and weeks formats (default built in the function)
$form->blockinfo = blocks_get_default_blocks();
}
// place at beginning of category
fix_course_sortorder();
$form->sortorder = get_field_sql("SELECT min(sortorder)-1 FROM {$CFG->prefix}course WHERE category=$form->category");
if (empty($form->sortorder)) {
$form->sortorder = 100;
}
if ($newcourseid = insert_record("course", $form)) { // Set up new course
$section = NULL;
@@ -103,6 +112,8 @@
$USER->teacher[$newcourseid] = true;
$USER->teacheredit[$newcourseid] = true;
fix_course_sortorder();
redirect("view.php?id=$newcourseid", get_string("changessaved"));
}
@@ -187,6 +198,8 @@
"<a href=\"index.php\">$strcategories</a> -> $straddnewcourse", $focus);
}
$form->sesskey = !empty($USER->id) ? $USER->sesskey : '';
print_heading($streditcoursesettings);
print_simple_box_start("center", "", "$THEME->cellheading");
include("edit.html");
+1
View File
@@ -22,6 +22,7 @@
</tr>
</table>
<input type="hidden" name=id value="<?php echo $form->id ?>">
<input type="hidden" name=sesskey value="<?php echo $form->sesskey ?>">
<input type="submit" value="<?php print_string("savechanges") ?>">
</form>
</center>
+3 -1
View File
@@ -23,7 +23,7 @@
/// If data submitted, then process and store.
if ($form = data_submitted()) {
if ($form = data_submitted() and confirm_sesskey()) {
$timenow = time();
@@ -43,6 +43,8 @@
$form = $section;
}
$form->sesskey = !empty($USER->id) ? $USER->sesskey : '';
$usehtmleditor = can_use_html_editor();
$sectionname = get_string("name$course->format");
+6 -6
View File
@@ -33,16 +33,16 @@
echo "<td width=\"*\" valign=\"top\">";
if ($social = forum_get_course_forum($course->id, "social")) {
if (forum_is_subscribed($USER->id, $social->id)) {
$subtext = get_string("unsubscribe", "forum");
if (forum_is_forcesubscribed($social->id)) {
$subtext = get_string('everyoneissubscribed', 'forum');
} else if (forum_is_subscribed($USER->id, $social->id)) {
$subtext = '<a href="../mod/forum/subscribe.php?id='.$social->id.'">'.get_string('unsubscribe', 'forum').'</a>';
} else {
$subtext = get_string("subscribe", "forum");
$subtext = '<a href="../mod/forum/subscribe.php?id='.$social->id.'">'.get_string('subscribe', 'forum').'</a>';
}
$headertext = "<table border=0 width=100% cellpadding=0 cellspacing=0 class=headingblockcontent><tr><td>".
get_string("socialheadline").
"</td><td align=right><font size=1>".
"<a href=\"../mod/forum/subscribe.php?id=$social->id\">$subtext</a></td>".
"</tr></table>";
"</td><td align=right><font size='1'>$subtext</font></td></tr></table>";
print_heading_block($headertext);
echo "<img alt=\"\" height=7 src=\"../pix/spacer.gif\"><br>";
+8 -8
View File
@@ -31,7 +31,7 @@
}
}
if (isteacher($course->id) and isset($marker)) {
if (isteacher($course->id) and isset($marker) and confirm_sesskey()) {
$course->marker = $marker;
if (! set_field("course", "marker", $marker, "id", $course->id)) {
error("Could not mark that topic for this course");
@@ -84,7 +84,7 @@
echo "<tr>";
echo "<td colspan=3 valign=top bgcolor=\"$THEME->cellcontent\" class=\"topicoutlineclip\" width=\"100%\">";
echo "<p><font size=2>";
echo "$stractivityclipboard&nbsp;&nbsp;(<a href=\"mod.php?cancelcopy=true\">$strcancel</a>)";
echo "$stractivityclipboard&nbsp;&nbsp;(<a href=\"mod.php?cancelcopy=true&amp;sesskey=$USER->sesskey\">$strcancel</a>)";
echo "</font></p>";
echo "</td>";
echo "</tr>";
@@ -226,28 +226,28 @@
if (isediting($course->id)) {
if ($course->marker == $section) { // Show the "light globe" on/off
echo "<a href=\"view.php?id=$course->id&marker=0\" title=\"$strmarkedthistopic\">".
echo "<a href=\"view.php?id=$course->id&marker=0&sesskey=$USER->sesskey\" title=\"$strmarkedthistopic\">".
"<img src=\"$CFG->pixpath/i/marked.gif\" vspace=3 height=16 width=16 border=0></a><br />";
} else {
echo "<a href=\"view.php?id=$course->id&marker=$section\" title=\"$strmarkthistopic\">".
echo "<a href=\"view.php?id=$course->id&marker=$section&sesskey=$USER->sesskey\" title=\"$strmarkthistopic\">".
"<img src=\"$CFG->pixpath/i/marker.gif\" vspace=3 height=16 width=16 border=0></a><br />";
}
if ($thissection->visible) { // Show the hide/show eye
echo "<a href=\"view.php?id=$course->id&hide=$section\" title=\"$strtopichide\">".
echo "<a href=\"view.php?id=$course->id&hide=$section&sesskey=$USER->sesskey\" title=\"$strtopichide\">".
"<img src=\"$CFG->pixpath/i/hide.gif\" vspace=3 height=16 width=16 border=0></a><br />";
} else {
echo "<a href=\"view.php?id=$course->id&show=$section\" title=\"$strtopicshow\">".
echo "<a href=\"view.php?id=$course->id&show=$section&sesskey=$USER->sesskey\" title=\"$strtopicshow\">".
"<img src=\"$CFG->pixpath/i/show.gif\" vspace=3 height=16 width=16 border=0></a><br />";
}
if ($section > 1) { // Add a arrow to move section up
echo "<a href=\"view.php?id=$course->id&section=$section&move=-1\" title=\"$strmoveup\">".
echo "<a href=\"view.php?id=$course->id&section=$section&move=-1&sesskey=$USER->sesskey\" title=\"$strmoveup\">".
"<img src=\"$CFG->pixpath/t/up.gif\" vspace=3 height=11 width=11 border=0></a><br />";
}
if ($section < $course->numsections) { // Add a arrow to move section down
echo "<a href=\"view.php?id=$course->id&section=$section&move=1\" title=\"$strmovedown\">".
echo "<a href=\"view.php?id=$course->id&section=$section&move=1&sesskey=$USER->sesskey\" title=\"$strmovedown\">".
"<img src=\"$CFG->pixpath/t/down.gif\" vspace=3 height=11 width=11 border=0></a><br />";
}
+6 -6
View File
@@ -61,7 +61,7 @@
}
/// Start main column
echo "</td><td width=\"*\">";
echo "<td width=\"*\">";
print_heading_block(get_string("weeklyoutline"), "100%", "outlineheadingblock");
print_spacer(8, 1, true);
@@ -74,7 +74,7 @@
echo "<tr>";
echo "<td colspan=3 valign=top bgcolor=\"$THEME->cellcontent\" class=\"weeklyoutlineclip\" width=\"100%\">";
echo "<p><font size=2>";
echo "$stractivityclipboard&nbsp;&nbsp;(<a href=\"mod.php?cancelcopy=true\">$strcancel</a>)";
echo "$stractivityclipboard&nbsp;&nbsp;(<a href=\"mod.php?cancelcopy=true&amp;sesskey=$USER->sesskey\">$strcancel</a>)";
echo "</font></p>";
echo "</td>";
echo "</tr>";
@@ -219,20 +219,20 @@
if (isediting($course->id)) {
if ($thissection->visible) { // Show the hide/show eye
echo "<a href=\"view.php?id=$course->id&hide=$section\" title=\"$strweekhide\">".
echo "<a href=\"view.php?id=$course->id&hide=$section&sesskey=$USER->sesskey\" title=\"$strweekhide\">".
"<img src=\"$CFG->pixpath/i/hide.gif\" vspace=3 height=16 width=16 border=0></a><br />";
} else {
echo "<a href=\"view.php?id=$course->id&show=$section\" title=\"$strweekshow\">".
echo "<a href=\"view.php?id=$course->id&show=$section&sesskey=$USER->sesskey\" title=\"$strweekshow\">".
"<img src=\"$CFG->pixpath/i/show.gif\" vspace=3 height=16 width=16 border=0></a><br />";
}
if ($section > 1) { // Add a arrow to move section up
echo "<a href=\"view.php?id=$course->id&section=$section&move=-1\" title=\"$strmoveup\">".
echo "<a href=\"view.php?id=$course->id&section=$section&move=-1&sesskey=$USER->sesskey\" title=\"$strmoveup\">".
"<img src=\"$CFG->pixpath/t/up.gif\" vspace=3 height=11 width=11 border=0></a><br />";
}
if ($section < $course->numsections) { // Add a arrow to move section down
echo "<a href=\"view.php?id=$course->id&section=$section&move=1\" title=\"$strmovedown\">".
echo "<a href=\"view.php?id=$course->id&section=$section&move=1&sesskey=$USER->sesskey\" title=\"$strmovedown\">".
"<img src=\"$CFG->pixpath/t/down.gif\" vspace=3 height=11 width=11 border=0></a><br />";
}
+4 -2
View File
@@ -141,7 +141,7 @@
/// OK, we have all the data, now present it to the user
if ($download == "xls") {
if ($download == "xls" and confirm_sesskey()) {
require_once("../lib/excel/Worksheet.php");
require_once("../lib/excel/Workbook.php");
@@ -199,7 +199,7 @@
exit;
} else if ($download == "txt") {
} else if ($download == "txt" and confirm_sesskey()) {
/// Print header to force download
@@ -254,9 +254,11 @@
echo "<TD>";
$options["id"] = "$course->id";
$options["download"] = "xls";
$options["sesskey"] = $USER->sesskey;
print_single_button("grades.php", $options, get_string("downloadexcel"));
echo "<TD>";
$options["download"] = "txt";
$options["sesskey"] = $USER->sesskey;
print_single_button("grades.php", $options, get_string("downloadtext"));
echo "</TABLE>";
+1
View File
@@ -50,4 +50,5 @@
<input type="hidden" name="group" value="<?php p($group->id) ?>">
<input type="hidden" name="id" value="<?php p($course->id) ?>">
<input type="hidden" name="sesskey" value="<?php p($sesskey) ?>">
</form>
+3 -1
View File
@@ -58,7 +58,7 @@
/// If data submitted, then process and store.
if ($form = data_submitted()) {
if ($form = data_submitted() and confirm_sesskey()) {
if (empty($form->name)) {
$edit = true;
@@ -92,6 +92,8 @@
$defaultformat = FORMAT_MOODLE;
}
$sesskey = !empty($USER->id) ? $USER->sesskey : '';
include('group-edit.html');
if ($usehtmleditor) {
+3
View File
@@ -87,6 +87,7 @@ function groupWindow(selectgroup) {
<form name="form1" id="form1" method="post" action="groups.php">
<input type="hidden" name="id" value="<?php p($course->id) ?>" />
<input type="hidden" name="groupid" value="<?php p($selectedgroup) ?>" />
<input type="hidden" name="sesskey" value="<?php p($sesskey) ?>">
<select name="nonmembers[]" size="15" multiple="multiple">
<?php
if (!empty($nonmembers)) {
@@ -113,6 +114,7 @@ function groupWindow(selectgroup) {
<td class="generalboxcontent"><p>
<form name="form2" id="form2" method="post" action="groups.php">
<input type="hidden" name="id" value="<?php p($course->id) ?>" />
<input type="hidden" name="sesskey" value="<?php p($sesskey) ?>">
<select name="groups" size="15" onChange="updateMembers(this)">
<?php
if (!empty($listgroups)) {
@@ -146,6 +148,7 @@ function groupWindow(selectgroup) {
<form name="form3" id="form3" method="post" action="groups.php">
<input type="hidden" name="id" value="<?php p($course->id) ?>" />
<input type="hidden" name="groupid" value="<?php p($selectedgroup) ?>" />
<input type="hidden" name="sesskey" value="<?php p($sesskey) ?>">
<select name="members[]" size="15" multiple="multiple">
<?php
if (!empty($members)) {
+3 -1
View File
@@ -82,7 +82,7 @@
/// We are in editing mode. First, process any inputs there may be.
if ($data = data_submitted()) {
if ($data = data_submitted() and confirm_sesskey()) {
if (!empty($data->nonmembersadd)) { /// Add people to a group
if (!empty($data->nonmembers) and !empty($data->groupid)) {
@@ -219,6 +219,8 @@
$members = $listmembers[$selectedgroup];
}
$sesskey = !empty($USER->id) ? $USER->sesskey : '';
/// Print out the complete form
include('groups-edit.html');
+16 -15
View File
@@ -14,7 +14,7 @@
}
if (isadmin()) {
if (isset($_GET['edit'])) {
if (isset($_GET['edit']) and confirm_sesskey()) {
if ($edit == "on") {
$USER->categoriesediting = true;
} else if ($edit == "off") {
@@ -84,7 +84,7 @@
/// If data for a new category was submitted, then add it
if ($form = data_submitted()) {
if ($form = data_submitted() and confirm_sesskey()) {
if (!empty($form->addcategory)) {
unset($newcategory);
$newcategory->name = $form->addcategory;
@@ -100,7 +100,7 @@
/// Delete a category if necessary
if (isset($delete)) {
if (isset($delete) and confirm_sesskey()) {
if ($deletecat = get_record("course_categories", "id", $delete)) {
/// Send the children categories to live with their grandparent
@@ -145,7 +145,7 @@
/// Move a category to a new parent if required
if (isset($move) and isset($moveto)) {
if (isset($move) and isset($moveto) and confirm_sesskey()) {
if ($tempcat = get_record("course_categories", "id", $move)) {
if ($tempcat->parent != $moveto) {
if (! set_field("course_categories", "parent", $moveto, "id", $tempcat->id)) {
@@ -157,7 +157,7 @@
/// Hide or show a category
if (isset($hide) or isset($show)) {
if ((isset($hide) or isset($show)) and confirm_sesskey()) {
if (isset($hide)) {
$tempcat = get_record("course_categories", "id", $hide);
$visible = 0;
@@ -178,7 +178,7 @@
/// Move a category up or down
if (isset($moveup) or isset($movedown)) {
if ((isset($moveup) or isset($movedown)) and confirm_sesskey()) {
$swapcategory = NULL;
$movecategory = NULL;
@@ -237,7 +237,7 @@
}
/// Find any orphan courses that don't yet have a valid category and set to default
if ($courses = get_courses()) {
if ($courses = get_courses(NULL,NULL,'c.category,c.id,c.sortorder')) {
foreach ($courses as $course) {
if ($course->category and !isset($categories[$course->category])) {
set_field("course", "category", $default, "id", $course->id);
@@ -253,6 +253,7 @@
echo "<form name=\"addform\" action=\"index.php\" method=\"post\">";
echo "<input type=\"text\" size=30 name=\"addcategory\">";
echo "<input type=\"submit\" value=\"$straddnewcategory\">";
echo "<input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\">";
echo "</form>";
echo "</center>";
@@ -298,7 +299,7 @@
function print_category_edit($category, $displaylist, $parentslist, $depth=-1, $up=false, $down=false) {
/// Recursive function to print all the categories ready for editing
global $THEME, $CFG;
global $THEME, $CFG, $USER;
static $str = '';
static $pixpath = '';
@@ -327,7 +328,7 @@ function print_category_edit($category, $displaylist, $parentslist, $depth=-1, $
echo "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
}
$linkcss = $category->visible ? "" : " class=\"dimmed\" ";
echo "<a $linkcss title=\"$str->edit\" href=\"category.php?id=$category->id&edit=on\">$category->name</a>";
echo "<a $linkcss title=\"$str->edit\" href=\"category.php?id=$category->id&edit=on&sesskey=$USER->sesskey\">$category->name</a>";
echo "</p>";
echo "</td>";
@@ -335,23 +336,23 @@ function print_category_edit($category, $displaylist, $parentslist, $depth=-1, $
echo "<td nowrap=\"nowrap\">"; /// Print little icons
echo "<a title=\"$str->delete\" href=\"index.php?delete=$category->id\"><img".
echo "<a title=\"$str->delete\" href=\"index.php?delete=$category->id&sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/delete.gif\" height=11 width=11 border=0></a> ";
if (!empty($category->visible)) {
echo "<a title=\"$str->hide\" href=\"index.php?hide=$category->id\"><img".
echo "<a title=\"$str->hide\" href=\"index.php?hide=$category->id&sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/hide.gif\" height=11 width=11 border=0></a> ";
} else {
echo "<a title=\"$str->show\" href=\"index.php?show=$category->id\"><img".
echo "<a title=\"$str->show\" href=\"index.php?show=$category->id&sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/show.gif\" height=11 width=11 border=0></a> ";
}
if ($up) {
echo "<a title=\"$str->moveup\" href=\"index.php?moveup=$category->id\"><img".
echo "<a title=\"$str->moveup\" href=\"index.php?moveup=$category->id&sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/up.gif\" height=11 width=11 border=0></a> ";
}
if ($down) {
echo "<a title=\"$str->movedown\" href=\"index.php?movedown=$category->id\"><img".
echo "<a title=\"$str->movedown\" href=\"index.php?movedown=$category->id&sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/down.gif\" height=11 width=11 border=0></a> ";
}
echo "</td>";
@@ -364,7 +365,7 @@ function print_category_edit($category, $displaylist, $parentslist, $depth=-1, $
unset($tempdisplaylist[$key]);
}
}
popup_form ("index.php?move=$category->id&moveto=", $tempdisplaylist, "moveform$category->id", "$category->parent", "", "", "", false);
popup_form ("index.php?move=$category->id&sesskey=$USER->sesskey&moveto=", $tempdisplaylist, "moveform$category->id", "$category->parent", "", "", "", false);
echo "</td>";
echo "</tr>";
} else {
+48 -37
View File
@@ -255,11 +255,18 @@ function print_log_selector_form($course, $selecteduser=0, $selecteddate="today"
/// If using a group, only get users in that group.
if ($selectedgroup) {
$sql = 'SELECT u.id as id, u.firstname, u.lastname, u.lastaccess '.
'FROM '.$CFG->prefix.'user u,'.$CFG->prefix.'user_students us,'.$CFG->prefix.'groups_members gm, '.
$CFG->prefix.'user_teachers ut '.
'WHERE us.course='.$course->id.' AND gm.groupid='.$selectedgroup.
' AND (gm.userid=us.userid OR gm.userid=ut.userid) AND gm.userid=u.id';
$courseusers = get_records_sql($sql);
'FROM '.$CFG->prefix.'user u '.
' JOIN '.$CFG->prefix.'groups_members gm ON gm.userid=u.id '.
' JOIN '.$CFG->prefix.'user_teachers ut ON gm.userid=ut.userid '.
'WHERE ut.course='.$course->id.' AND gm.groupid='.$selectedgroup;
$courseusers = get_records_sql($sql);
// students
$sql = 'SELECT u.id as id, u.firstname, u.lastname, u.lastaccess '.
'FROM '.$CFG->prefix.'user u '.
' JOIN '.$CFG->prefix.'groups_members gm ON gm.userid=u.id '.
' JOIN '.$CFG->prefix.'user_students us ON gm.userid=us.userid '.
'WHERE us.course='.$course->id.' AND gm.groupid='.$selectedgroup;
$courseusers = array_merge($couseusers, get_records_sql($sql));
} else {
$courseusers = get_course_users($course->id, '', '', 'u.id, u.firstname, u.lastname');
}
@@ -277,9 +284,9 @@ function print_log_selector_form($course, $selecteduser=0, $selecteddate="today"
}
if (isadmin()) {
if ($ccc = get_records("course", "", "", "fullname")) {
if ($ccc = get_records("course", "", "", "fullname","id,fullname,category")) {
foreach ($ccc as $cc) {
if ($cc->category) {
if (!empty($cc->category)) {
$courses["$cc->id"] = "$cc->fullname";
} else {
$courses["$cc->id"] = " $cc->fullname (Site)";
@@ -373,9 +380,13 @@ function print_log_selector_form($course, $selecteduser=0, $selecteddate="today"
}
if ($showgroups) {
$cgroups = get_groups($course->id);
foreach ($cgroups as $cgroup) {
$groups[$cgroup->id] = $cgroup->name;
if ($cgroups = get_groups($course->id)) {
foreach ($cgroups as $cgroup) {
$groups[$cgroup->id] = $cgroup->name;
}
}
else {
$groups = array();
}
choose_from_menu ($groups, "group", $selectedgroup, get_string("allgroups") );
}
@@ -521,7 +532,7 @@ function print_log($course, $user=0, $date=0, $order="l.time ASC", $page=0, $per
$ld = get_record('log_display', 'module', $log->module, "action", $log->action);
$ldcache[$log->module][$log->action] = $ld;
}
if ($ld) {
if ($ld && !empty($log->info)) {
$log->info = get_field($ld->mtable, $ld->field, 'id', $log->info);
}
@@ -809,7 +820,7 @@ function get_all_sections($courseid) {
function course_set_display($courseid, $display=0) {
global $USER;
if (empty($USER)) {
if (empty($USER->id)) {
return false;
}
@@ -876,8 +887,8 @@ function print_section($course, $section, $mods, $modnamesused, $absolute=false,
$strmovehere = get_string("movehere");
$strmovefull = strip_tags(get_string("movefull", "", "'$USER->activitycopyname'"));
}
$labelformatoptions->noclean = true;
}
$labelformatoptions->noclean = true;
$modinfo = unserialize($course->modinfo);
@@ -899,7 +910,7 @@ function print_section($course, $section, $mods, $modnamesused, $absolute=false,
continue;
}
echo "<a title=\"$strmovefull\"".
" href=\"$CFG->wwwroot/course/mod.php?moveto=$mod->id\">".
" href=\"$CFG->wwwroot/course/mod.php?moveto=$mod->id&amp;sesskey=$USER->sesskey\">".
"<img height=\"16\" width=\"80\" src=\"$CFG->pixpath/movehere.gif\" ".
" alt=\"$strmovehere\" border=\"0\"></a><br />\n";
}
@@ -959,7 +970,7 @@ function print_section($course, $section, $mods, $modnamesused, $absolute=false,
}
if ($ismoving) {
echo "<tr><td><a title=\"$strmovefull\"".
" href=\"$CFG->wwwroot/course/mod.php?movetosection=$section->id\">".
" href=\"$CFG->wwwroot/course/mod.php?movetosection=$section->id&amp;sesskey=$USER->sesskey\">".
"<img height=\"16\" width=\"80\" src=\"$CFG->pixpath/movehere.gif\" ".
" alt=\"$strmovehere\" border=\"0\"></a></td></tr>\n";
}
@@ -970,7 +981,7 @@ function print_section($course, $section, $mods, $modnamesused, $absolute=false,
function print_section_add_menus($course, $section, $modnames, $vertical=false, $return=false) {
// Prints the menus to add activities and resources
global $CFG;
global $CFG, $USER;
static $straddactivity, $stractivities, $straddresource, $resources;
if (!isset($straddactivity)) {
@@ -990,7 +1001,7 @@ function print_section_add_menus($course, $section, $modnames, $vertical=false,
$output = '';
$output .= '<div align="right"><table align="right"><tr><td>';
$output .= popup_form("$CFG->wwwroot/course/mod.php?id=$course->id&amp;section=$section&add=",
$output .= popup_form("$CFG->wwwroot/course/mod.php?id=$course->id&amp;section=$section&amp;sesskey=$USER->sesskey&add=",
$resources, "ressection$section", "", $straddresource, 'resource/types', $straddresource, true);
$output .= '</td>';
@@ -999,7 +1010,7 @@ function print_section_add_menus($course, $section, $modnames, $vertical=false,
}
$output .= '<td>';
$output .= popup_form("$CFG->wwwroot/course/mod.php?id=$course->id&amp;section=$section&add=",
$output .= popup_form("$CFG->wwwroot/course/mod.php?id=$course->id&amp;section=$section&amp;sesskey=$USER->sesskey&add=",
$modnames, "section$section", "", $straddactivity, 'mods', $straddactivity, true);
$output .= '</td></tr></table>';
$output .= '</div>';
@@ -1021,7 +1032,7 @@ function rebuild_course_cache($courseid=0) {
$select = "";
}
if ($courses = get_records_select("course", $select)) {
if ($courses = get_records_select("course", $select,'','id,fullname')) {
foreach ($courses as $course) {
$modinfo = serialize(get_array_of_activities($course->id));
if (!set_field("course", "modinfo", $modinfo, "id", $course->id)) {
@@ -1139,7 +1150,7 @@ function print_category_info($category, $depth) {
echo "\n\n<table border=0 cellpadding=3 cellspacing=0 width=\"100%\"><tr>";
if ($CFG->frontpage == FRONTPAGECOURSELIST) {
$courses = get_courses($category->id);
$courses = get_courses($category->id, 'c.sortorder ASC', 'c.id,c.sortorder,c.visible,c.fullname,c.shortname,c.password,c.summary,c.guest');
echo "<tr>";
@@ -1214,14 +1225,14 @@ function print_courses($category, $width="100%") {
$categories = get_categories(0); // Parent = 0 ie top-level categories only
if (count($categories) == 1) {
$category = array_shift($categories);
$courses = get_courses($category->id);
$courses = get_courses($category->id, 'c.sortorder ASC', 'c.id,c.sortorder,c.visible,c.fullname,c.shortname,c.password,c.summary,c.teacher');
} else {
$courses = get_courses("all");
$courses = get_courses("all", 'c.sortorder ASC', 'c.id,c.sortorder,c.visible,c.fullname,c.shortname,c.password,c.summary,c.teacher');
}
unset($categories);
} else {
$categories = get_categories($category->id); // sub categories
$courses = get_courses($category->id);
$courses = get_courses($category->id, 'c.sortorder ASC', 'c.id,c.sortorder,c.visible,c.fullname,c.shortname,c.password,c.summary,c.teacher');
}
if ($courses) {
@@ -1653,7 +1664,7 @@ function move_module($cm, $move) {
}
function make_editing_buttons($mod, $absolute=false, $moveselect=true, $indent=-1) {
global $CFG, $THEME;
global $CFG, $THEME, $USER;
static $str;
@@ -1688,10 +1699,10 @@ function make_editing_buttons($mod, $absolute=false, $moveselect=true, $indent=-
}
if ($mod->visible) {
$hideshow = "<a title=\"$str->hide\" href=\"$path/mod.php?hide=$mod->id\"><img".
$hideshow = "<a title=\"$str->hide\" href=\"$path/mod.php?hide=$mod->id&amp;sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/hide.gif\" hspace=\"2\" height=\"11\" width=\"11\" border=\"0\" alt=\"$str->hide\"></a> ";
} else {
$hideshow = "<a title=\"$str->show\" href=\"$path/mod.php?show=$mod->id\"><img".
$hideshow = "<a title=\"$str->show\" href=\"$path/mod.php?show=$mod->id&amp;sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/show.gif\" hspace=\"2\" height=\"11\" width=\"11\" ".
"border=\"0\" alt=\"$str->show\"></a> ";
}
@@ -1699,15 +1710,15 @@ function make_editing_buttons($mod, $absolute=false, $moveselect=true, $indent=-
if ($mod->groupmode == SEPARATEGROUPS) {
$grouptitle = $str->groupsseparate;
$groupimage = "$pixpath/t/groups.gif";
$grouplink = "$path/mod.php?id=$mod->id&groupmode=0";
$grouplink = "$path/mod.php?id=$mod->id&groupmode=0&amp;sesskey=$USER->sesskey";
} else if ($mod->groupmode == VISIBLEGROUPS) {
$grouptitle = $str->groupsvisible;
$groupimage = "$pixpath/t/groupv.gif";
$grouplink = "$path/mod.php?id=$mod->id&groupmode=1";
$grouplink = "$path/mod.php?id=$mod->id&groupmode=1&amp;sesskey=$USER->sesskey";
} else {
$grouptitle = $str->groupsnone;
$groupimage = "$pixpath/t/groupn.gif";
$grouplink = "$path/mod.php?id=$mod->id&groupmode=2";
$grouplink = "$path/mod.php?id=$mod->id&groupmode=2&amp;sesskey=$USER->sesskey";
}
if ($mod->groupmodelink) {
$groupmode = "<a title=\"$grouptitle ($str->clicktochange)\" href=\"$grouplink\">".
@@ -1723,37 +1734,37 @@ function make_editing_buttons($mod, $absolute=false, $moveselect=true, $indent=-
}
if ($moveselect) {
$move = "<a title=\"$str->move\" href=\"$path/mod.php?copy=$mod->id\"><img".
$move = "<a title=\"$str->move\" href=\"$path/mod.php?copy=$mod->id&amp;sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/move.gif\" hspace=\"2\" height=\"11\" width=\"11\" ".
" border=\"0\" alt=\"$str->move\"></a>";
} else {
$move = "<a title=\"$str->moveup\" href=\"$path/mod.php?id=$mod->id&move=-1\"><img".
$move = "<a title=\"$str->moveup\" href=\"$path/mod.php?id=$mod->id&move=-1&amp;sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/up.gif\" hspace=\"2\" height=\"11\" width=\"11\" ".
" border=\"0\" alt=\"$str->moveup\"></a>".
"<a title=\"$str->movedown\" href=\"$path/mod.php?id=$mod->id&move=1\"><img".
"<a title=\"$str->movedown\" href=\"$path/mod.php?id=$mod->id&move=1&amp;sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/down.gif\" hspace=\"2\" height=\"11\" width=\"11\" ".
" border=\"0\" alt=\"$str->movedown\"></a>";
}
$leftright = "";
if ($indent > 0) {
$leftright .= "<a title=\"$str->moveleft\" href=\"$path/mod.php?id=$mod->id&indent=-1\"><img".
$leftright .= "<a title=\"$str->moveleft\" href=\"$path/mod.php?id=$mod->id&indent=-1&amp;sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/left.gif\" hspace=\"2\" height=\"11\" width=\"11\" ".
" border=\"0\" alt=\"$str->moveleft\"></a>";
}
if ($indent >= 0) {
$leftright .= "<a title=\"$str->moveright\" href=\"$path/mod.php?id=$mod->id&indent=1\"><img".
$leftright .= "<a title=\"$str->moveright\" href=\"$path/mod.php?id=$mod->id&indent=1&amp;sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/right.gif\" hspace=\"2\" height=\"11\" width=\"11\" ".
" border=\"0\" alt=\"$str->moveright\"></a>";
}
return "$leftright$move".
"<a title=\"$str->update\" href=\"$path/mod.php?update=$mod->id\"><img".
"<a title=\"$str->update\" href=\"$path/mod.php?update=$mod->id&amp;sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/edit.gif\" hspace=\"2\" height=\"11\" width=\"11\" border=\"0\" ".
" alt=\"$str->update\"></a>".
// Following line is commented out until this feature is more definite -- martin
// "<a title=\"$str->duplicate\" href=\"$path/mod.php?duplicate=$mod->id\"> 2 </a>".
"<a title=\"$str->delete\" href=\"$path/mod.php?delete=$mod->id\"><img".
// "<a title=\"$str->duplicate\" href=\"$path/mod.php?duplicate=$mod->id&amp;sesskey=$USER->sesskey\"> 2 </a>".
"<a title=\"$str->delete\" href=\"$path/mod.php?delete=$mod->id&amp;sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/delete.gif\" hspace=\"2\" height=\"11\" width=\"11\" border=\"0\" ".
" alt=\"$str->delete\"></a>$hideshow$groupmode";
}
+1
View File
@@ -33,6 +33,7 @@
$strlogs = get_string("logs");
$stradministration = get_string("administration");
session_write_close();
if (!empty($_GET['chooselog'])) {
$userinfo = get_string("allparticipants");
+13 -11
View File
@@ -4,9 +4,9 @@
require_once("../config.php");
require_once("lib.php");
require_variable($id); // course id
require_variable($id); // course id
optional_variable($user); // login as this user
optional_variable($return); // return to being the real user again
optional_variable($return); // return to the page we came from
if (! $course = get_record("course", "id", $id)) {
error("Course ID was incorrect");
@@ -16,13 +16,13 @@
require_login($course->id);
}
if ($return and $USER->realuser) {
if (isset($USER->realuser)) { /// Reset user back to their real self
$USER = get_user_info_from_db("id", $USER->realuser);
$USER->loggedin = true;
$USER->site = $CFG->wwwroot;
if (isset($SESSION->oldcurrentgroup)) { // Restore previous "current group"
$SESSION->currentgroup[$course->id] = $SESSION->oldcurrentgroup;
if (isset($SESSION->oldcurrentgroup)) { // Restore previous "current group" cache.
$SESSION->currentgroup = $SESSION->oldcurrentgroup;
unset($SESSION->oldcurrentgroup);
}
if (isset($SESSION->oldtimeaccess)) { // Restore previous timeaccess settings
@@ -30,8 +30,10 @@
unset($SESSION->oldtimeaccess);
}
redirect($_SERVER["HTTP_REFERER"]);
exit;
if ($return) { /// That's all we wanted to do, so let's go back
redirect($_SERVER["HTTP_REFERER"]);
exit;
}
}
// $user must be defined to go on
@@ -66,9 +68,9 @@
$USER->site = $CFG->wwwroot;
$USER->realuser = $teacher_id;
if (isset($SESSION->currentgroup[$course->id])) { // Remember current setting for later
$SESSION->oldcurrentgroup = $SESSION->currentgroup[$course->id];
unset($SESSION->currentgroup[$course->id]);
if (isset($SESSION->currentgroup)) { // Remember current cache setting for later
$SESSION->oldcurrentgroup = $SESSION->currentgroup;
unset($SESSION->currentgroup);
}
set_moodle_cookie($USER->username);
@@ -86,4 +88,4 @@
notice($strloggedinas, "$CFG->wwwroot/course/view.php?id=$course->id");
?>
?>
+10
View File
@@ -16,6 +16,14 @@
error("Only teachers can view logs");
}
session_write_close();
// we override the default framename so header/footer
// links open in a new window
if (empty($CFG->framename) || $CFG->framename==='_top') {
$CFG->framename = '_blank';
}
$strlivelogs = get_string("livelogs");
$strupdatesevery = get_string("updatesevery", "moodle", COURSE_LIVELOG_REFRESH);
@@ -28,6 +36,8 @@
print_log($course, $user, $date, "l.time DESC", 0, 500,
"loglive.php?id=$course->id&user=$user&date=$date");
print_footer();
exit;
?>
+27 -13
View File
@@ -27,6 +27,14 @@
if (isset($_POST["course"])) { // add or update form submitted
//It caller is correct, $SESSION->sesskey must exist and coincide
if (empty($SESSION->sesskey) or !confirm_sesskey($SESSION->sesskey)) {
error(get_string('confirmsesskeybad', 'error'));
}
//Unset this, check done
unset($SESSION->sesskey);
if (!$course = get_record("course", "id", $mod->course)) {
error("This course doesn't exist");
}
@@ -35,7 +43,9 @@
error("You can't modify this course!");
}
$mod->modulename = clean_filename($mod->modulename); // For safety
$modlib = "$CFG->dirroot/mod/$mod->modulename/lib.php";
if (file_exists($modlib)) {
include_once($modlib);
} else {
@@ -163,7 +173,7 @@
}
if (isset($_GET['move'])) {
if (isset($_GET['move']) and confirm_sesskey()) {
require_variable($id);
@@ -187,7 +197,7 @@
}
exit;
} else if (isset($_GET['movetosection']) or isset($_GET['moveto'])) {
} else if ((isset($_GET['movetosection']) or isset($_GET['moveto'])) and confirm_sesskey()) {
if (! $cm = get_record("course_modules", "id", $USER->activitycopy)) {
error("The copied course module doesn't exist!");
@@ -231,7 +241,7 @@
redirect("view.php?id=$section->course");
}
} else if (isset($_GET['indent'])) {
} else if (isset($_GET['indent']) and confirm_sesskey()) {
require_variable($id);
@@ -257,7 +267,7 @@
}
exit;
} else if (isset($_GET['hide'])) {
} else if (isset($_GET['hide']) and confirm_sesskey()) {
if (! $cm = get_record("course_modules", "id", $_GET['hide'])) {
error("This course module doesn't exist");
@@ -279,7 +289,7 @@
}
exit;
} else if (isset($_GET['show'])) {
} else if (isset($_GET['show']) and confirm_sesskey()) {
if (! $cm = get_record("course_modules", "id", $_GET['show'])) {
error("This course module doesn't exist");
@@ -311,7 +321,7 @@
}
exit;
} else if (isset($_GET['groupmode'])) {
} else if (isset($_GET['groupmode']) and confirm_sesskey()) {
if (! $cm = get_record("course_modules", "id", $_GET['id'])) {
error("This course module doesn't exist");
@@ -333,7 +343,7 @@
}
exit;
} else if (isset($_GET['copy'])) { // value = course module
} else if (isset($_GET['copy']) and confirm_sesskey()) { // value = course module
if (! $cm = get_record("course_modules", "id", $_GET['copy'])) {
error("This course module doesn't exist");
@@ -361,7 +371,7 @@
redirect("view.php?id=$cm->course");
} else if (isset($_GET['cancelcopy'])) { // value = course module
} else if (isset($_GET['cancelcopy']) and confirm_sesskey()) { // value = course module
$courseid = $USER->activitycopycourse;
@@ -371,7 +381,7 @@
redirect("view.php?id=$courseid");
} else if (isset($_GET['delete'])) { // value = course module
} else if (isset($_GET['delete']) and confirm_sesskey()) { // value = course module
if (! $cm = get_record("course_modules", "id", $_GET['delete'])) {
error("This course module doesn't exist");
@@ -410,11 +420,12 @@
$form->modulename = $module->name;
$form->fullmodulename = $fullmodulename;
$form->instancename = $instance->name;
$SESSION->sesskey = !empty($USER->id) ? $USER->sesskey : '';
$strdeletecheck = get_string("deletecheck", "", "$form->fullmodulename");
$strdeletecheckfull = get_string("deletecheckfull", "", "$form->fullmodulename '$form->instancename'");
print_header_simple("$strdeletecheck", "$",
print_header_simple("$strdeletecheck", "",
"$strdeletecheck");
print_simple_box_start("center", "60%", "#FFAAAA", 20, "noticebox");
@@ -426,7 +437,7 @@
exit;
} else if (isset($_GET['update'])) { // value = course module
} else if (isset($_GET['update']) and confirm_sesskey()) { // value = course module
if (! $cm = get_record("course_modules", "id", $_GET['update'])) {
error("This course module doesn't exist");
@@ -463,6 +474,7 @@
$form->modulename = $module->name;
$form->instance = $cm->instance;
$form->mode = "update";
$SESSION->sesskey = !empty($USER->id) ? $USER->sesskey : '';
$sectionname = get_string("name$course->format");
$fullmodulename = strtolower(get_string("modulename", $module->name));
@@ -475,7 +487,7 @@
$pageheading = get_string("updatinga", "moodle", $fullmodulename);
}
} else if (isset($_GET['duplicate'])) { // value = course module
} else if (isset($_GET['duplicate']) and confirm_sesskey()) { // value = course module
if (! $cm = get_record("course_modules", "id", $_GET['duplicate'])) {
error("This course module doesn't exist");
@@ -514,6 +526,7 @@
$form->modulename = $module->name;
$form->instance = $cm->instance;
$form->mode = "add";
$SESSION->sesskey = !empty($USER->id) ? $USER->sesskey : '';
$sectionname = get_string("name$course->format");
$fullmodulename = strtolower(get_string("modulename", $module->name));
@@ -527,7 +540,7 @@
}
} else if (isset($_GET['add'])) {
} else if (isset($_GET['add']) and confirm_sesskey()) {
if (empty($_GET['add'])) {
redirect($_SERVER["HTTP_REFERER"]);
@@ -552,6 +565,7 @@
$form->instance = "";
$form->coursemodule = "";
$form->mode = "add";
$SESSION->sesskey = !empty($USER->id) ? $USER->sesskey : '';
if (isset($_GET['type'])) {
$form->type = $_GET['type'];
}
+5 -3
View File
@@ -110,7 +110,7 @@
} else { // you chose a group of activities
if (isteacher($user)) {
if (isteacher($course->id)) {
$hiddenfilter = "";
} else {
$hiddenfilter = " AND cs.visible = '1' ";
@@ -135,7 +135,7 @@
$activityfilter = "";
}
if (isteacher($user)) {
if (isteacher($course->id)) {
$hiddenfilter = "";
} else {
$hiddenfilter = " AND cm.visible = '1' ";
@@ -144,6 +144,7 @@
foreach ($sections as $section) {
if ($i <= $course->numsections) {
$activity = new Object;
$activity->type = "section";
if ($i) {
$activity->name = $sectiontitle . " $i";
@@ -194,6 +195,7 @@
$get_recent_mod_activity = $coursemod->name."_get_recent_mod_activity";
if (function_exists($get_recent_mod_activity)) {
$activity = new Object;
$activity->type = "activity";
$activity->name = $instance->name;
$activity->visible = $coursemod->visible;
@@ -229,7 +231,7 @@
$section = 0;
if (isteacher($user)) {
if (isteacher($course->id)) {
$teacher = true;
} else {
$teacher = false;
+20 -13
View File
@@ -39,11 +39,14 @@
$stroptions = get_string("action");
$strtype = get_string("group");
/// init this here so we can pass it by reference to every call to site_scale_used to avoid getting the courses out of the db over and over again
$courses = array();
/// If scale data is being submitted, then save it and continue
$errors = NULL;
if ($action == 'sendform') {
if ($action == 'sendform' and confirm_sesskey()) {
if ($form = data_submitted()) {
if (empty($form->name)) {
$errors[$scaleid]->name = true;
@@ -98,8 +101,8 @@
error("Scale ID was incorrect");
}
$scales_course_uses = course_scale_used($course->id,$scale->id);
$scales_site_uses = site_scale_used($scale->id);
// $scales_course_uses = course_scale_used($course->id,$scale->id);
// $scales_site_uses = site_scale_used($scale->id,$courses);
$scalemenu = make_menu_from_list($scale->scale);
print_header("$course->shortname: $strscales", "$course->fullname",
@@ -124,6 +127,9 @@
//If action is edit or new, show the form
if ($action == "edit" || $action == "new") {
$sesskey = !empty($USER->id) ? $USER->sesskey : '';
//Check for teacher edit
if (! isteacheredit($course->id)) {
error("Only editing teachers can modify scales !");
@@ -143,7 +149,7 @@
//Calculate the uses
if ($scale->courseid == 0) {
$scale_uses = site_scale_used($scale->id);
$scale_uses = site_scale_used($scale->id,$courses);
} else {
$scale_uses = course_scale_used($course->id,$scale->id);
}
@@ -216,6 +222,7 @@
echo "<tr>";
echo "<td colspan=2 align=\"center\">";
echo "<input type=\"hidden\" name=\"id\" value=\"$course->id\">";
echo "<input type=\"hidden\" name=\"sesskey\" value=\"$sesskey\">";
echo "<input type=\"hidden\" name=\"courseid\" value=\"$scale->courseid\">";
echo "<input type=\"hidden\" name=\"scaleid\" value=\"$scale->id\">";
echo "<input type=\"hidden\" name=\"action\" value=\"sendform\">";
@@ -230,7 +237,7 @@
}
//If action is delete, do it
if ($action == "delete") {
if ($action == "delete" and confirm_sesskey()) {
//Check for teacher edit
if (! isteacheredit($course->id)) {
error("Only editing teachers can delete scales !");
@@ -242,7 +249,7 @@
//Calculate the uses
if ($scale->courseid == 0) {
$scale_uses = site_scale_used($scale->id);
$scale_uses = site_scale_used($scale->id,$courses);
} else {
$scale_uses = course_scale_used($course->id,$scale->id);
}
@@ -263,7 +270,7 @@
}
//If action is down or up, do it
if ($action == "down" || $action == "up" ) {
if (($action == "down" || $action == "up") and confirm_sesskey()) {
//Check for teacher edit
if (! isadmin()) {
error("Only administrators can move scales",$CFG->wwwroot.'/course/scales.php?id='.$course->id);
@@ -275,7 +282,7 @@
//Calculate the uses
if ($scale->courseid == 0) {
$scale_uses = site_scale_used($scale->id);
$scale_uses = site_scale_used($scale->id,$courses);
} else {
$scale_uses = course_scale_used($course->id,$scale->id);
}
@@ -436,7 +443,7 @@
if (!empty($scale->courseid)) {
$scales_uses = course_scale_used($course->id,$scale->id);
} else {
$scales_uses = site_scale_used($scale->id);
$scales_uses = site_scale_used($scale->id,$courses);
}
$line[] = $scales_uses;
if ($incustom) {
@@ -449,14 +456,14 @@
$buttons .= "<a title=\"$stredit\" href=\"$path/scales.php?id=$course->id&scaleid=$scale->id&action=edit\"><img".
" src=\"$pixpath/t/edit.gif\" hspace=2 height=11 width=11 border=0></a> ";
if ($incustom && isadmin()) {
$buttons .= "<a title=\"$strdown\" href=\"$path/scales.php?id=$course->id&scaleid=$scale->id&action=down\"><img".
$buttons .= "<a title=\"$strdown\" href=\"$path/scales.php?id=$course->id&scaleid=$scale->id&action=down&amp;sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/down.gif\" hspace=2 height=11 width=11 border=0></a> ";
}
if (!$incustom && isadmin()) {
$buttons .= "<a title=\"$strup\" href=\"$path/scales.php?id=$course->id&scaleid=$scale->id&action=up\"><img".
$buttons .= "<a title=\"$strup\" href=\"$path/scales.php?id=$course->id&scaleid=$scale->id&action=up&amp;sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/up.gif\" hspace=2 height=11 width=11 border=0></a> ";
}
$buttons .= "<a title=\"$strdelete\" href=\"$path/scales.php?id=$course->id&scaleid=$scale->id&action=delete\"><img".
$buttons .= "<a title=\"$strdelete\" href=\"$path/scales.php?id=$course->id&scaleid=$scale->id&action=delete&amp;sesskey=$USER->sesskey\"><img".
" src=\"$pixpath/t/delete.gif\" hspace=2 height=11 width=11 border=0></a> ";
}
$line[] = $buttons;
@@ -465,7 +472,7 @@
}
$head = $strscale.",".$stractivities.",".$strtype.",".$stroptions;
$table->head = explode(",",$head);
$size = "50%,20$,20%,10%";
$size = "50%,20%,20%,10%";
$table->size = explode(",",$size);
$align = "left,center,center,center";
$table->align = explode(",",$align);
+1
View File
@@ -1,6 +1,7 @@
<form name="studentform" id="studentform" method="post" action="student.php">
<input type="hidden" name="previoussearch" value="<?php echo $previoussearch ?>">
<input type="hidden" name="sesskey" value="<?php echo $sesskey ?>">
<input type="hidden" name="id" value="<?php echo $id?>">
<table align="center" border="0" cellpadding="5" cellspacing="0">
<tr>
+4 -2
View File
@@ -67,7 +67,7 @@
/// A form was submitted so process the input
} else {
if (!empty($frm->add) and !empty($frm->addselect)) {
if (!empty($frm->add) and !empty($frm->addselect) and confirm_sesskey()) {
if ($course->enrolperiod) {
$timestart = time();
$timeend = $timestart + $course->enrolperiod;
@@ -79,7 +79,7 @@
error("Could not add student with id $addstudent to this course!");
}
}
} else if (!empty($frm->remove) and !empty($frm->removeselect)) {
} else if (!empty($frm->remove) and !empty($frm->removeselect) and confirm_sesskey()) {
foreach ($frm->removeselect as $removestudent) {
if (! unenrol_student($removestudent, $course->id)) {
error("Could not remove student with id $removestudent from this course!");
@@ -135,6 +135,8 @@
print_simple_box_start("center", "", "$THEME->cellheading");
$sesskey = !empty($USER->id) ? $USER->sesskey : '';
include('student.html');
print_simple_box_end();
+8 -6
View File
@@ -67,7 +67,8 @@
/// If data submitted, then process and store.
if ($form = data_submitted()) {
if ($form = data_submitted() and confirm_sesskey()) {
unset ($form->sesskey);
$rank = array();
// Peel out all the data from variable names.
@@ -95,7 +96,7 @@
/// Add a teacher if one is specified
if (!empty($_GET['add'])) {
if (!empty($_GET['add']) and confirm_sesskey()) {
if (! add_teacher($add, $course->id)) {
error("Could not add that teacher to this course!");
}
@@ -103,9 +104,9 @@
/// Remove a teacher if one is specified.
if (!empty($_GET['remove'])) {
if (!empty($_GET['remove']) and confirm_sesskey()) {
if (! remove_teacher($remove, $course->id)) {
error("Could not add that teacher to this course!");
error("Could not remove that teacher from this course!");
}
}
@@ -150,7 +151,7 @@
$editall = choose_from_menu ($editmenu, "e$teacher->id", $teacher->editall, "", "", "", true);
}
$removelink = "<a href=\"teacher.php?id=$course->id&remove=$teacher->id\">$strremoveteacher</a>";
$removelink = "<a href=\"teacher.php?id=$course->id&remove=$teacher->id&sesskey=$USER->sesskey\">$strremoveteacher</a>";
if (!$teacher->role) {
$teacher->role = $course->teacher;
@@ -165,6 +166,7 @@
print_table($table);
echo "<input type=hidden name=id value=\"$course->id\">";
echo "<input type=hidden name=sesskey value=\"$USER->sesskey\">";
echo "<center><input type=submit value=\"".get_string("savechanges")."\"> ";
echo "</center>";
echo "</form>";
@@ -201,7 +203,7 @@
foreach ($users as $user) {
$addlink = "<a href=\"teacher.php?id=$course->id&add=$user->id\">$straddteacher</a>";
$addlink = "<a href=\"teacher.php?id=$course->id&add=$user->id&sesskey=$USER->sesskey\">$straddteacher</a>";
$picture = print_user_picture($user->id, $course->id, $user->picture, false, true);
$table->data[] = array ($picture, fullname($user, true), $user->email, $addlink);
}
+2 -2
View File
@@ -28,7 +28,7 @@
error("You are not allowed to unenroll");
}
if (isset($confirm)) {
if (isset($confirm) and confirm_sesskey()) {
if (! unenrol_student($user->id, $course->id)) {
error("An error occurred while trying to unenrol you.");
@@ -56,7 +56,7 @@
$strunenrolsure = get_string("unenrolsure", "", fullname($user, true));
}
notice_yesno ($strunenrolsure, "unenrol.php?id=$id&user=$user->id&confirm=yes", "$HTTP_REFERER");
notice_yesno ($strunenrolsure, "unenrol.php?id=$id&user=$user->id&confirm=yes&sesskey=$USER->sesskey", "$HTTP_REFERER");
print_footer();
+60 -53
View File
@@ -93,67 +93,74 @@
if (isset($sections[$i])) { // should always be true
$section = $sections[$i];
if ($section->sequence) {
echo "<HR>";
echo "<H2>";
switch ($course->format) {
case "weeks": print_string("week"); break;
case "topics": print_string("topic"); break;
default: print_string("section"); break;
}
echo " $i</H2>";
$showsection = (isteacher($course->id) or $section->visible or !$course->hiddensections);
echo "<UL>";
if ($showsection) { // prevent hidden sections in user activity. Thanks to Geoff Wilbert!
if ($mode == "outline") {
echo "<TABLE CELLPADDING=4 CELLSPACING=0>";
}
$sectionmods = explode(",", $section->sequence);
foreach ($sectionmods as $sectionmod) {
if (empty($mods[$sectionmod])) {
continue;
if ($section->sequence) {
echo "<HR>";
echo "<H2>";
switch ($course->format) {
case "weeks": print_string("week"); break;
case "topics": print_string("topic"); break;
default: print_string("section"); break;
}
$mod = $mods[$sectionmod];
$instance = get_record("$mod->modname", "id", "$mod->instance");
$libfile = "$CFG->dirroot/mod/$mod->modname/lib.php";
echo " $i</H2>";
echo "<UL>";
if (file_exists($libfile)) {
require_once($libfile);
if ($mode == "outline") {
echo "<TABLE CELLPADDING=4 CELLSPACING=0>";
}
switch ($mode) {
case "outline":
$user_outline = $mod->modname."_user_outline";
if (function_exists($user_outline)) {
$output = $user_outline($course, $user, $mod, $instance);
print_outline_row($mod, $instance, $output);
}
break;
case "complete":
$user_complete = $mod->modname."_user_complete";
if (function_exists($user_complete)) {
$image = "<IMG SRC=\"../mod/$mod->modname/icon.gif\" ".
"HEIGHT=16 WIDTH=16 ALT=\"$mod->modfullname\">";
echo "<H4>$image $mod->modfullname: ".
"<A HREF=\"$CFG->wwwroot/mod/$mod->modname/view.php?id=$mod->id\">".
"$instance->name</A></H4>";
echo "<UL>";
$user_complete($course, $user, $mod, $instance);
echo "</UL>";
}
break;
$sectionmods = explode(",", $section->sequence);
foreach ($sectionmods as $sectionmod) {
if (empty($mods[$sectionmod])) {
continue;
}
$mod = $mods[$sectionmod];
if (empty($mod->visible)) {
continue;
}
$instance = get_record("$mod->modname", "id", "$mod->instance");
$libfile = "$CFG->dirroot/mod/$mod->modname/lib.php";
if (file_exists($libfile)) {
require_once($libfile);
switch ($mode) {
case "outline":
$user_outline = $mod->modname."_user_outline";
if (function_exists($user_outline)) {
$output = $user_outline($course, $user, $mod, $instance);
print_outline_row($mod, $instance, $output);
}
break;
case "complete":
$user_complete = $mod->modname."_user_complete";
if (function_exists($user_complete)) {
$image = "<IMG SRC=\"../mod/$mod->modname/icon.gif\" ".
"HEIGHT=16 WIDTH=16 ALT=\"$mod->modfullname\">";
echo "<H4>$image $mod->modfullname: ".
"<A HREF=\"$CFG->wwwroot/mod/$mod->modname/view.php?id=$mod->id\">".
"$instance->name</A></H4>";
echo "<UL>";
$user_complete($course, $user, $mod, $instance);
echo "</UL>";
}
break;
}
}
}
if ($mode == "outline") {
echo "</TABLE>";
print_simple_box_end();
}
echo "</UL>";
}
if ($mode == "outline") {
echo "</TABLE>";
print_simple_box_end();
}
echo "</UL>";
}
}
}
+6 -5
View File
@@ -29,6 +29,7 @@
add_to_log($course->id, "course", "view", "view.php?id=$course->id", "$course->id");
$course->format = clean_param($course->format, PARAM_ALPHA);
if (!file_exists($CFG->dirroot.'/course/format/'.$course->format.'/format.php')) {
$course->format = 'weeks'; // Default format is weeks
}
@@ -75,15 +76,15 @@
$editing = $USER->editing;
if (isset($hide)) {
if (isset($hide) and confirm_sesskey()) {
set_section_visible($course->id, $hide, '0');
}
if (isset($show)) {
if (isset($show) and confirm_sesskey()) {
set_section_visible($course->id, $show, '1');
}
if (isset($_GET['blockaction'])) {
if (isset($_GET['blockaction']) and confirm_sesskey()) {
if (isset($_GET['blockid'])) {
block_action($course, $leftblocks, $rightblocks, strtolower($_GET['blockaction']), intval($_GET['blockid']));
}
@@ -118,7 +119,7 @@
}
if (!empty($section)) {
if (!empty($move)) {
if (!empty($move) and confirm_sesskey()) {
if (!move_section($course, $section, $move)) {
notify("An error occurred while moving a section");
}
@@ -135,7 +136,7 @@
$SESSION->fromdiscussion = "$CFG->wwwroot/course/view.php?id=$course->id";
if (! $course->category) { // This course is not a real course.
if ($course->id == SITEID) { // This course is not a real course.
redirect("$CFG->wwwroot/");
}
+2 -1
View File
@@ -5,7 +5,8 @@
if (! $info = document_file("files.php", false)) {
error("404 - File Not Found");
}
$string = array();
if ($CFG->forcelogin) {
require_login();
}
+3 -8
View File
@@ -2,19 +2,14 @@
require("../config.php");
optional_variable($file, ""); // docs file to view
optional_variable($frame, ""); // docs file to view
optional_variable($sub, ""); // sub-section (named anchor)
optional_variable($lang, ""); // override current language
$file = optional_param('file', "", PARAM_FILE); // docs file to view straight
$frame = optional_param('frame', "", PARAM_FILE); // docs file to view in frame
$sub = optional_param('sub', "", PARAM_CLEAN); // sub-section (named anchor)
if ($CFG->forcelogin) {
require_login();
}
if (!empty($lang)) {
$SESSION->lang = $lang;
}
if (!empty($sub)) {
$sub = "#$sub";
} else {
+48 -22
View File
@@ -17,45 +17,71 @@ class enrolment_plugin extends enrolment_base {
function get_student_courses(&$user) {
global $CFG;
parent::get_student_courses($user);
parent::get_student_courses($user); /// Start with the list of known enrolments
/// If the database fails we can at least use this
// This is a hack to workaround what seems to be a bug in ADOdb with accessing
// two databases of the same kind ... it seems to get confused when trying to access
// the first database again, after having accessed the second.
// The following hack will make the database explicit which keeps it happy
if (strpos($CFG->prefix, $CFG->dbname) === false) {
$oldprefix = $CFG->prefix;
$CFG->prefix = "$CFG->dbname.$CFG->prefix";
}
// Connect to the external database
// Try to connect to the external database
$enroldb = &ADONewConnection($CFG->enrol_dbtype);
if ($enroldb->PConnect($CFG->enrol_dbhost,$CFG->enrol_dbuser,$CFG->enrol_dbpass,$CFG->enrol_dbname)) {
foreach ($user->student as $courseid=>$value) {
/// Get the value of the local course field
$localcoursevalue = get_field("course", $CFG->enrol_localcoursefield, "id", $courseid);
/// Find a record in the external database that matches the local course field and local user field
/// to the respective remote fields
$rs = $enroldb->Execute("SELECT * FROM $CFG->enrol_dbtable
WHERE $CFG->enrol_remotecoursefield = '$localcoursevalue'
AND $CFG->enrol_remoteuserfield = '{$user->$CFG->enrol_localuserfield}' ");
$courselist = array(); /// Initialise new array
$newstudent = array();
/// If no records existed then student has been unenrolled externally.
/// Unenrol locally and remove entry from the $user->student array
if (! ($rs->RecordCount()) ) {
unenrol_student($user->id, $courseid);
unset ($user->student[$courseid]);
/// Get the authoritative list of enrolments from the database
$useridnumber = $user->{$CFG->enrol_localuserfield};
if ($rs = $enroldb->Execute("SELECT $CFG->enrol_remotecoursefield
FROM $CFG->enrol_dbtable
WHERE $CFG->enrol_remoteuserfield = '$useridnumber' ")) {
if ($rs->RecordCount() > 0) {
while (!$rs->EOF) {
$courselist[] = $rs->fields[0];
$rs->MoveNext();
}
foreach ($courselist as $coursefield) {
if ($course = get_record('course', $CFG->enrol_localcoursefield, $coursefield)) {
$newstudent[$course->id] = true; /// Add it to new list
if (isset($user->student[$course->id])) { /// We have it already
unset($user->student[$course->id]); /// Remove from old list
} else {
enrol_student($user->id, $course->id); /// Enrol the student
}
}
}
}
if (!empty($user->student)) { /// We have some courses left that we need to unenrol from
foreach ($user->student as $courseid => $value) {
unenrol_student($user->id, $courseid); /// Unenrol the student
unset($user->student[$course->id]); /// Remove from old list
}
}
$user->student = $newstudent; /// Overwrite the array with the new one
}
$enroldb->Close();
}
if (!empty($oldprefix)) {
$CFG->prefix = $oldprefix; // Restore it just in case
}
}
@@ -87,7 +113,7 @@ function get_access_icons($course) {
}
/// Overrise the base config_form() function
/// Overide the base config_form() function
function config_form($frm) {
global $CFG;
include("$CFG->dirroot/enrol/database/config.html");
+23 -5
View File
@@ -129,15 +129,15 @@ function print_entry($course) {
if (isguest()) {
add_to_log($course->id, "course", "guest", "view.php?id=$course->id", "$USER->id");
} else if (empty($_GET['confirm'])) {
} else if (empty($_GET['confirm']) && empty($_GET['cancel'])) {
print_header($strloginto, $course->fullname, "<a href=\".\">$strcourses</a> -> $strloginto");
echo "<br />";
notice_yesno(get_string("enrolmentconfirmation"), "enrol.php?id=$course->id&confirm=1", $CFG->wwwroot);
notice_yesno(get_string("enrolmentconfirmation"), "enrol.php?id=$course->id&confirm=1", "enrol.php?id=$course->id&cancel=1");
print_footer();
exit;
} else {
} elseif (!empty($_GET['confirm'])) {
if ($course->enrolperiod) {
$timestart = time();
$timeend = time() + $course->enrolperiod;
@@ -148,6 +148,16 @@ function print_entry($course) {
if (! enrol_student($USER->id, $course->id, $timestart, $timeend)) {
error("An error occurred while trying to enrol you.");
}
$subject = get_string("welcometocourse", "", $course->fullname);
$a->coursename = $course->fullname;
$a->profileurl = "$CFG->wwwroot/user/view.php?id=$USER->id&course=$course->id";
$message = get_string("welcometocoursetext", "", $a);
if (! $teacher = get_teacher($course->id)) {
$teacher = get_admin();
}
email_to_user($USER, $teacher, $subject, $message);
add_to_log($course->id, "course", "enrol", "view.php?id=$course->id", "$USER->id");
$USER->student[$course->id] = true;
@@ -160,6 +170,9 @@ function print_entry($course) {
}
redirect($destination);
} elseif (!empty($_GET['cancel'])) {
unset($SESSION->wantsurl);
redirect($CFG->wwwroot);
}
}
@@ -292,6 +305,11 @@ function cron() {
if ($students = get_records_select('user_students', $select)) {
foreach ($students as $student) {
if ($course = get_record('course', 'id', $student->course)) {
if (empty($course->enrolperiod)) { // This overrides student timeend
continue;
}
}
unenrol_student($student->userid, $student->course);
}
}
@@ -315,12 +333,12 @@ function get_access_icons($course) {
$str = '';
if ($course->guest) {
if (!empty($course->guest)) {
$strallowguests = get_string("allowguests");
$str .= "<a title=\"$strallowguests\" href=\"$CFG->wwwroot/course/view.php?id=$course->id\">";
$str .= "<img vspace=4 alt=\"$strallowguests\" height=16 width=16 border=0 src=\"$CFG->pixpath/i/guest.gif\"></a>&nbsp;&nbsp;";
}
if ($course->password) {
if (!empty($course->password)) {
$strrequireskey = get_string("requireskey");
$str .= "<a title=\"$strrequireskey\" href=\"$CFG->wwwroot/course/view.php?id=$course->id\">";
$str .= "<img vspace=4 alt=\"$strrequireskey\" height=16 width=16 border=0 src=\"$CFG->pixpath/i/key.gif\"></a>";
+46 -1
View File
@@ -1 +1,46 @@
<table cellpadding="20" align="center">
<table cellpadding="20" align="center">
<tr valign="top">
<td>
<p align="center">
<?php
if ($teacher) {
$site = get_site();
$teachername = "<a href=\"../user/view.php?id=$teacher->id&course=$site->id\">".
"$teacher->firstname $teacher->lastname</a>.";
} else {
$teachername = get_string("yourteacher", "", strtolower($course->teacher));
}
print_string("enrolmentkeyfrom", "", $teachername);
?>
</p>
</td>
</tr>
<tr valign=top>
<td class="generalbox" bgcolor="<?php p($THEME->cellcontent) ?>">
<center><?php if (! empty($this->errormsg)) {formerr($this->errormsg);} ?></center>
<form name="form" method="post" action="enrol.php">
<table>
<tr>
<td width="50%" align="right"><p><?php print_string("enrolmentkey") ?>:</p></td>
<td width="50%">
<input type="password" name="password" size="20" value="<?php p($password) ?>" >
<input type="hidden" name="id" value="<?php p($course->id) ?>" >
</td>
<tr>
<td width="50%">&nbsp;</td>
<td width="50%">
<table cellpadding="1" cellspacing="0" align="center">
<tr>
<td><input type="submit" value="<?php print_string("login") ?>">&nbsp;&nbsp;</form></td>
<td><form action="<?php p($CFG->wwwroot)?>/index.php" method=post>
<input type="submit" value="<?php print_string("cancel") ?>"></form></td>
</tr>
</table>
</td>
</table>
</td>
</tr>
</table>
+7 -7
View File
@@ -8,11 +8,11 @@
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="<?php p($CFG->enrol_paypalbusiness)?>">
<input type="hidden" name="item_name" value="<?php p($course->fullname) ?>">
<input type="hidden" name="item_number" value="<?php p($course->shortname) ?>">
<input type="hidden" name="item_name" value="<?php p($coursefullname) ?>">
<input type="hidden" name="item_number" value="<?php p($courseshortname) ?>">
<input type="hidden" name="quantity" value="1">
<input type="hidden" name="on0" value="<?php print_string("user") ?>">
<input type="hidden" name="os0" value="<?php echo fullname($USER) ?>">
<input type="hidden" name="os0" value="<?php p($userfullname) ?>">
<input type="hidden" name="custom" value="<?php echo "$USER->id-$course->id" ?>">
<input type="hidden" name="currency_code" value="<?php p($CFG->enrol_currency) ?>">
@@ -26,10 +26,10 @@
<input type="hidden" name="rm" value="2">
<input type="hidden" name="cbt" value="<?php print_string("continuetocourse") ?>">
<input type="hidden" name="first_name" value="<?php p($USER->firstname) ?>">
<input type="hidden" name="last_name" value="<?php p($USER->lastname) ?>">
<input type="hidden" name="address" value="<?php p($USER->address) ?>">
<input type="hidden" name="city" value="<?php p($USER->city) ?>">
<input type="hidden" name="first_name" value="<?php p($userfirstname) ?>">
<input type="hidden" name="last_name" value="<?php p($userlastname) ?>">
<input type="hidden" name="address" value="<?php p($useraddress) ?>">
<input type="hidden" name="city" value="<?php p($usercity) ?>">
<input type="hidden" name="email" value="<?php p($USER->email) ?>">
<input type="hidden" name="country" value="<?php p($USER->country) ?>">
+42 -8
View File
@@ -35,10 +35,18 @@ function print_entry($course) {
} else {
print_header($strloginto, $course->fullname,
"<a href=\"$CFG->wwwroot/courses/\">$strcourses</a> -> $strloginto");
"<a href=\"$CFG->wwwroot/course/\">$strcourses</a> -> $strloginto");
print_course($course, "80%");
print_simple_box_start("center");
//Sanitise some fields before building the PayPal form
$coursefullname = $this->sanitise_for_paypal($course->fullname);
$courseshortname = $this->sanitise_for_paypal($course->shortname);
$userfullname = $this->sanitise_for_paypal(fullname($USER));
$userfirstname = $this->sanitise_for_paypal($USER->firstname);
$userlastname = $this->sanitise_for_paypal($USER->lastname);
$useraddress = $this->sanitise_for_paypal($USER->address);
$usercity = $this->sanitise_for_paypal($USER->city);
include("$CFG->dirroot/enrol/paypal/enrol.html");
@@ -51,13 +59,6 @@ function print_entry($course) {
/// Override the base check_entry() function
/// This should never be called for this type of enrolment anyway
function check_entry($form, $course) {
}
/// Override the get_access_icons() function
function get_access_icons($course) {
global $CFG;
@@ -150,5 +151,38 @@ function process_config($config) {
}
//To avoid wrong (for PayPal) characters in sent data
function sanitise_for_paypal($text) {
global $CFG;
if (!empty($CFG->sanitise_for_paypal)) {
//Array of characters to replace (not allowed by PayPal)
//Can be expanded as necessary to add other diacritics
$replace = array('á' => 'a', //Spanish characters
'é' => 'e',
'í' => 'i',
'ó' => 'o',
'ú' => 'u',
'Á' => 'A',
'É' => 'E',
'Í' => 'I',
'Ó' => 'O',
'Ú' => 'U',
'ñ' => 'n',
'Ñ' => 'N',
'ü' => 'u',
'Ü' => 'U');
$text = strtr($text, $replace);
//Make here other sanities if necessary
}
return $text;
}
} // end of class definition
?>
+2 -2
View File
@@ -34,7 +34,7 @@
$custom = explode('-', $data->custom);
$data->userid = $custom[0];
$data->courseid = $custom[1];
$data->payment_amount = $data->mc_gross;
$data->payment_gross = $data->mc_gross;
$data->payment_currency = $data->mc_currency;
@@ -184,7 +184,7 @@
} else if (strcmp ($result, "INVALID") == 0) { // ERROR
insert_record("enrol_paypal", $data);
insert_record("enrol_paypal", $data, false);
email_paypal_error_to_admin("Received an invalid payment notification!! (Fake payment?)", $data);
}
}

Some files were not shown because too many files have changed in this diff Show More