Compare commits

..

93 Commits

Author SHA1 Message Date
Eloy Lafuente (stronk7) 86e74d3eaf Moodle release 1.9.17 2012-03-11 15:55:59 +01:00
Eloy Lafuente (stronk7) 076b2ce86c weekly release 1.9.16+ 2012-03-09 11:16:53 +01:00
Eloy Lafuente (stronk7) b3391165f1 Merge branch 'wip-MDL-31248-MOODLE_19_STABLE-v3' of git://github.com/abgreeve/moodle into MOODLE_19_STABLE 2012-03-09 09:49:52 +01:00
Eloy Lafuente (stronk7) cf9b51f4f1 Revert "MDL-31248 - lib - Alteration to the rc4encrypt function to allow for old password use."
This reverts commit f8adbd6a02.
2012-03-09 09:40:40 +01:00
Eloy Lafuente (stronk7) f4f2b26ec5 Revert "MDL-31248 - lib - prevent moodle_strtolower() silent discard to lead to false-correct usernames"
This reverts commit c67bc65cbe.
2012-03-09 09:40:38 +01:00
Eloy Lafuente (stronk7) 281afcd067 Revert "MDL-31248 - lib - Gah, erroneus condition fixed."
This reverts commit e85a54d931.
2012-03-09 09:40:32 +01:00
Adrian Greeve b48d546c97 MDL-31248 - lib - Retaining the old password key and creating a new cookie prefix. 2012-03-09 13:35:22 +08:00
Eloy Lafuente (stronk7) e85a54d931 MDL-31248 - lib - Gah, erroneus condition fixed.
For sure that leaded to accept anything as valid username
for cookies in 19_STABLE. That explains why garbled username were
being transformed into "invented" usernames, instead of blank.
2012-03-08 12:27:44 +01:00
Eloy Lafuente (stronk7) c67bc65cbe MDL-31248 - lib - prevent moodle_strtolower() silent discard to lead to false-correct usernames 2012-03-08 11:42:13 +01:00
Adrian Greeve f8adbd6a02 MDL-31248 - lib - Alteration to the rc4encrypt function to allow for old password use. 2012-03-08 08:15:45 +08:00
Eloy Lafuente (stronk7) 2c39e251b4 weekly release 1.9.16+ 2012-03-01 11:34:39 +01:00
Eloy Lafuente (stronk7) cd20b15196 weekly release 1.9.16+ 2012-02-23 11:41:24 +01:00
Eloy Lafuente (stronk7) a364ab036c weekly release 1.9.16+ 2012-02-17 01:53:52 +01:00
Eloy Lafuente (stronk7) 46d0e6fb17 MDL-25185 - data - whitespace fixes 2012-02-13 16:20:20 +01:00
Sam Hemelryk 7eb1327487 Merge branch 'wip-MDL-25185-MOODLE_19_STABLE' of git://github.com/abgreeve/moodle into MOODLE_19_STABLE 2012-02-13 17:34:09 +13:00
Eloy Lafuente (stronk7) f5dc0e4110 weekly release 1.9.16+ 2012-02-13 01:21:39 +01:00
Adrian Greeve 312ada2856 MDL-25185 - data - Allowing data from the database to be exported according to group roles. 2012-02-03 07:49:27 +08:00
Eloy Lafuente (stronk7) 4f87a0dccc weekly release 1.9.16+ 2012-02-02 12:16:03 +01:00
Eloy Lafuente (stronk7) 2726791626 weekly release 1.9.16+ 2012-01-27 02:24:07 +01:00
Eloy Lafuente (stronk7) 8db39dc10a weekly release 1.9.16+ 2012-01-19 13:31:02 +01:00
Eloy Lafuente (stronk7) ebd57374cb Merge branch 'w03_MDL-31213_m19_attributesmess' of git://github.com/skodak/moodle into MOODLE_19_STABLE 2012-01-17 12:38:56 +01:00
Petr Skoda c444939ec7 MDL-31213 fix incorrect modifications of quickforms attributes 2012-01-17 11:17:35 +01:00
Tim Gus bc6e8366a9 MDL-31055 backport disabledIf fix from 2.0. (MDL-27045) 2012-01-16 15:22:21 +08:00
Eloy Lafuente (stronk7) 09249fe5c9 weekly release 1.9.16+ 2012-01-12 11:29:47 +01:00
Eloy Lafuente (stronk7) 863b49bd9c Merge branch 'MDL-29294_19' of git://github.com/timhunt/moodle into MOODLE_19_STABLE 2012-01-08 22:59:52 +01:00
Eloy Lafuente (stronk7) 593a3e84c0 Moodle release 1.9.16 2012-01-07 17:09:21 +01:00
Eloy Lafuente (stronk7) fa6008c687 weekly release 1.9.15+ 2012-01-05 15:09:59 +01:00
Aparup Banerjee 15624257cb Merge branch 'wip-mdl-29844-m19' of git://github.com/rajeshtaneja/moodle into MOODLE_19_STABLE 2012-01-04 10:11:20 +08:00
Sam Hemelryk 5753b2da0b Merge branch 'w52_MDL-29917_m19_autocomplete' of git://github.com/skodak/moodle into MOODLE_19_STABLE 2012-01-04 10:57:58 +13:00
Rajesh Taneja 4ed1199524 MDL-29844 Administration: Added new config for users to login for viewing profile image 2012-01-03 13:48:24 +08:00
Petr Skoda f88a9ef3fb MDL-13572 do not send messages to invalid addresses 2012-01-02 23:25:38 +01:00
Petr Skoda 43625959f7 MDL-29917 prevent form autocompletion in most Moodle forms
The password autocompletion in case of Moodle makes sense only on the login page, the form autocompletion in general is most probably useful only on the user signup page.

This patch is compatible with html 5, unfortunately we have to ignore strict warnings in legacy xhtml 1.0 standard.
2011-12-30 14:57:36 +01:00
Tim Hunt 4d06e61a53 MDL-29294 qtype match restore problem on Oracle. 2011-12-28 11:44:51 +00:00
Eloy Lafuente (stronk7) ea5534f864 weekly release 1.9.15+ 2011-12-23 03:06:52 +01:00
Eloy Lafuente (stronk7) faecf14df6 Merge branch 'MDL-20198c_m19' of git://github.com/rwijaya/moodle into MOODLE_19_STABLE 2011-12-20 01:26:21 +01:00
Sam Hemelryk 8afed3b9fc Merge branch 'wip-MDL-28948-MOODLE_19_STABLE' of git://github.com/abgreeve/moodle into MOODLE_19_STABLE 2011-12-20 10:40:51 +13:00
adrian@moodle.com 75366c60ff MDL-28948 - lib - removed the hard coded key for the rc4encryt function. 2011-12-16 09:27:10 +08:00
Petr Skoda 65e18e9ea8 MDL-30610 new environment requirements for 2.3 2011-12-14 02:44:20 +01:00
Rossiani Wijaya 5d72721e5c MDL-20198: wiki module: extend Dong's patch to fixed grouping access to view/edit wiki.. 2011-12-13 13:37:40 +08:00
Rossiani Wijaya 4866f01b4a MDL-20198: wiki module: fixed grouping access in wiki. Credit goes to Dong Kim(kimx0794@umn.edu). 2011-12-13 13:34:47 +08:00
Petr Skoda 1501cc8cea MDL-30575 yet more mail header cleanup 2011-12-11 23:42:32 +01:00
Petr Skoda a9e3abe0b4 MDL-30575 more mail header cleanup 2011-12-10 18:21:35 +01:00
Eloy Lafuente (stronk7) 485cb391de weekly release 1.9.15+ 2011-12-09 16:30:03 +01:00
Petr Skoda c3056feed8 MDL-27364 use https for recaptcha when site runs via https
Based on solution by Rajesh Taneja.
2011-12-09 11:11:55 +08:00
Aparup Banerjee f844dbcace Merge branch 'wip-MDL-30336-MOODLE_19_STABLE' of git://github.com/abgreeve/moodle into MOODLE_19_STABLE 2011-12-08 16:24:00 +08:00
Aparup Banerjee cc4d45b916 Merge branch 'wip-MDL-30012-m19' of git://github.com/samhemelryk/moodle into MOODLE_19_STABLE 2011-12-08 14:46:40 +08:00
adrian@moodle.com 630fc6ee7e MDL-30336 - login - Added a setting in security that allows auto complete to be set to off in password fields. 2011-12-08 09:21:15 +08:00
Eloy Lafuente (stronk7) 54947d0dad MDL-19147 - forum - whitespace cleanup 2011-12-07 15:56:46 +01:00
Sam Hemelryk e114543f69 Merge branch 'wip-MDL-19147-MOODLE_19_STABLE' of git://github.com/abgreeve/moodle into MOODLE_19_STABLE 2011-12-07 14:19:45 +13:00
Sam Hemelryk 36b0ddeed4 MDL-30012 mod_forum: Fixed bug in forum user script 2011-12-06 16:05:49 +13:00
Eloy Lafuente (stronk7) 7fe52ca7d9 weekly release 1.9.15+ 2011-12-05 12:35:36 +01:00
adrian@moodle.com 24b048c2cf MDL-19147 - forum - Removed single discussions from the pull down menu for moving posts to single discussions. 2011-12-02 08:11:16 +08:00
Eloy Lafuente (stronk7) 6dc36a0101 weekly release 1.9.15+ 2011-12-01 19:21:21 +01:00
Eloy Lafuente (stronk7) dadac0b3b3 emergency release 1.9.15 2011-12-01 18:17:12 +01:00
Eloy Lafuente (stronk7) fdcc0f46cc Merge branch 'wip-MDL-20627-MOODLE_19_STABLE' of git://github.com/abgreeve/moodle into MOODLE_19_STABLE 2011-12-01 18:02:51 +01:00
Eloy Lafuente (stronk7) 51c6d453e1 Merge branch 'w48_MDL-30480_m19_dmlobjects' of git://github.com/skodak/moodle into MOODLE_19_STABLE 2011-11-29 15:33:18 +01:00
Petr Skoda 33314c72f3 MDL-30480 fix BC regression from MDL-29033
Improve insert_record() and update_record() handling of $dataobject parameter. Some developers expect they can use any class instance there. This is not officially supported, but in any case we should not break backwards compatibility so late in STABLE branch.

Credit for discovery goes to Pascal Maury, thanks!
2011-11-29 15:20:23 +01:00
Sam Hemelryk 79cf3f0884 MDL-30273 whitespace cleanup 2011-11-29 16:48:10 +13:00
Sam Hemelryk 921383f789 Merge branch 'wip-MDL-30273-MOODLE_19_STABLE' of git://github.com/abgreeve/moodle into MOODLE_19_STABLE 2011-11-29 16:41:38 +13:00
Eloy Lafuente (stronk7) b4cdee0a73 Moodle release 1.9.15 2011-11-27 23:44:23 +01:00
Eloy Lafuente (stronk7) 8bcfa47d9b weekly release 1.9.14+ 2011-11-25 11:08:15 +01:00
Eloy Lafuente (stronk7) e0d470b5a6 MDL-15610 add missing condition to allow some tests to pass 2011-11-24 20:10:15 +01:00
Dan Marsden 1958705818 SCORM MDL-25757 fix for saving of duplicate CMI values - thanks to Evan Irving-Pease for the patch 2011-11-23 11:10:30 +01:00
adrian@moodle.com 8f83cfbe91 MDL-20627 user - Fixed viewing permission of email when sending group messages. 2011-11-21 08:30:57 +08:00
Charles Fulton 0f035ff23b MDL-30273 forum - prevent the creation of discussions in simple single forums 2011-11-18 15:48:59 +08:00
Eloy Lafuente (stronk7) 5a0fba7e7e weekly release 1.9.14+ 2011-11-18 01:33:06 +01:00
Eloy Lafuente (stronk7) 6ae95cc856 Merge branch 'MDL-29551' of git://github.com/ankitagarwal/moodle into MOODLE_19_STABLE 2011-11-17 17:11:53 +01:00
Ankit Kumar Agarwal c42cd0d1b3 MDL-29893 Fixing issues with password generation function 2011-11-16 11:39:36 +05:30
Patrick Mcneill 3ab2851d2a MDL-29551 Fixing ip_in_range function 2011-11-16 11:09:01 +05:30
Eloy Lafuente (stronk7) 012a51e958 weekly release 1.9.14+ 2011-11-15 11:09:43 +01:00
Eloy Lafuente (stronk7) 5fe44ec90d Merge branch 'MDL-29092_m19' of git://github.com/rwijaya/moodle into MOODLE_19_STABLE 2011-11-11 18:31:34 +01:00
Stephen Bourget ee1692e740 MDL-29529 Assignment: Fix regression (order by status) caused by MDL-27638 2011-11-11 01:21:46 +01:00
Aparup Banerjee 9d7e30f9b8 Merge branch 'MDL-29977-mnet-masquerade_19_STABLE' of git://github.com/mudrd8mz/moodle into MOODLE_19_STABLE 2011-11-09 13:37:41 +08:00
David Mudrak 408d3ca000 MDL-29977 MNet does not allow to start a remote session when masquerading as another user 2011-11-04 10:57:58 +01:00
Tim Hunt 9d656f584a MDL-30038 mod_lesson was not working on PHP4. 2011-11-03 10:24:38 +00:00
Rossiani Wijaya 01dd64a8c8 MDL-29092 login/change password: backporting to 1.9 for MDL-26381 and set form action to user https when loginhttps is enable 2011-11-03 13:02:24 +08:00
Eloy Lafuente (stronk7) f28a448513 weekly release 1.9.14+ 2011-11-02 19:55:31 +01:00
Sam Hemelryk 01c33e8a01 Merge branch 'w43_MDL-29925_m19_calendar' of git://github.com/skodak/moodle into MOODLE_19_STABLE 2011-11-01 09:37:18 +13:00
David Mudrak 67205358fc MDL-29991 MDL-27107 auth_mnet - consider all incoming roaming users confirmed
Moodle 2.x sites do not send the 'confirmed' field any more (see MDL-27107). We
consider all roaming users confirmed automatically.
2011-10-29 17:04:29 +02:00
Petr Skoda e311b14364 MDL-29925 fix calendar parameter handling 2011-10-28 19:07:48 +02:00
Eloy Lafuente (stronk7) ea8bda2526 weekly release 1.9.14+ 2011-10-27 18:55:42 +02:00
Eloy Lafuente (stronk7) b3b6da8b72 weekly release 1.9.14+ 2011-10-19 18:47:10 +02:00
Sam Hemelryk 37e289a131 Merge branch 'MDL-29697-Fix_incorrect_error_msg' of https://github.com/ncsu-delta/moodle into MOODLE_19_STABLE 2011-10-18 11:11:57 +13:00
Sam Hemelryk 0aff48f3a4 Merge branch 'MDL-28170_19' of git://github.com/stronk7/moodle into MOODLE_19_STABLE 2011-10-17 18:51:08 +13:00
Eloy Lafuente (stronk7) e660329ab1 MDL-28170 environment - add new 2.2 section
nothing changes from 2.1 as far as it was agreed that this will be
the last version supporting 1.9 upgrade. See issue for details.
2011-10-17 02:15:13 +02:00
Eloy Lafuente (stronk7) 53f32cbd8a MDL-29626 backup - fix restore of links to course page to behave like other links 2011-10-17 01:47:16 +02:00
Eloy Lafuente (stronk7) ba6446ecaf weekly release 1.9.14+ 2011-10-12 23:50:28 +02:00
Eloy Lafuente (stronk7) a89aa3131b MDL-16553 Assignment, student view: whitespace fix 2011-10-10 13:12:18 +02:00
Sam Hemelryk e1b4fa3029 Merge branch 'MDL-16553-19' of git://github.com/bostelm/moodle into MOODLE_19_STABLE 2011-10-10 17:57:41 +13:00
Sam Hemelryk d2a5725cd5 Merge branch 'MDL-23047-Add_missing_log' of https://github.com/ncsu-delta/moodle into MOODLE_19_STABLE 2011-10-10 12:18:08 +13:00
Henning Bostelmann b9625c16b6 MDL-16553 Assignment, student view: show response files when no grade available 2011-10-07 23:23:41 +01:00
Glenn Ansley 6e698a4563 MDL-29697 Don't return the error if it wasn't updated because original question type had no answers 2011-10-07 12:04:13 -04:00
Glenn Ansley cefe46ad16 MDL-23047 Add resorce view to log table when viewing file set to 'Yes, without frame' 2011-10-07 09:16:30 -04:00
43 changed files with 640 additions and 164 deletions
+228
View File
@@ -442,4 +442,232 @@
</PHP_SETTING>
</PHP_SETTINGS>
</MOODLE>
<MOODLE version="2.2" requires="1.9">
<UNICODE level="required">
<FEEDBACK>
<ON_ERROR message="unicoderequired" />
</FEEDBACK>
</UNICODE>
<DATABASE level="required">
<VENDOR name="mysql" version="5.0.25">
<FEEDBACK>
<ON_ERROR message="mysql416required" />
</FEEDBACK>
</VENDOR>
<VENDOR name="postgres" version="8.3" />
<VENDOR name="mssql" version="9.0" />
<VENDOR name="odbc_mssql" version="9.0" />
<VENDOR name="mssql_n" version="9.0" />
<VENDOR name="oracle" version="10.2" />
<VENDOR name="sqlite" version="2.0" />
</DATABASE>
<PHP version="5.3.2" level="required">
</PHP>
<PHP_EXTENSIONS>
<PHP_EXTENSION name="iconv" level="required">
<FEEDBACK>
<ON_CHECK message="iconvrequired" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="mbstring" level="optional">
<FEEDBACK>
<ON_CHECK message="mbstringrecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="curl" level="required">
<FEEDBACK>
<ON_CHECK message="curlrequired" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="openssl" level="optional">
<FEEDBACK>
<ON_CHECK message="opensslrecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="tokenizer" level="optional">
<FEEDBACK>
<ON_CHECK message="tokenizerrecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="xmlrpc" level="optional">
<FEEDBACK>
<ON_CHECK message="xmlrpcrecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="soap" level="optional">
<FEEDBACK>
<ON_CHECK message="soaprecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="ctype" level="required">
<FEEDBACK>
<ON_ERROR message="ctyperequired" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="zip" level="required">
<FEEDBACK>
<ON_ERROR message="ziprequired" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="gd" level="optional">
<FEEDBACK>
<ON_CHECK message="gdrecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="simplexml" level="required">
<FEEDBACK>
<ON_CHECK message="simplexmlrequired" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="spl" level="required">
<FEEDBACK>
<ON_CHECK message="splrequired" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="pcre" level="required">
</PHP_EXTENSION>
<PHP_EXTENSION name="dom" level="required">
</PHP_EXTENSION>
<PHP_EXTENSION name="xml" level="required">
</PHP_EXTENSION>
<PHP_EXTENSION name="intl" level="optional">
<FEEDBACK>
<ON_CHECK message="intlrecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="json" level="required">
</PHP_EXTENSION>
</PHP_EXTENSIONS>
<PHP_SETTINGS>
<PHP_SETTING name="memory_limit" value="40M" level="required">
<FEEDBACK>
<ON_ERROR message="settingmemorylimit" />
</FEEDBACK>
</PHP_SETTING>
<PHP_SETTING name="safe_mode" value="0" level="optional">
<FEEDBACK>
<ON_CHECK message="settingsafemode" />
</FEEDBACK>
</PHP_SETTING>
<PHP_SETTING name="file_uploads" value="1" level="optional">
<FEEDBACK>
<ON_CHECK message="settingfileuploads" />
</FEEDBACK>
</PHP_SETTING>
</PHP_SETTINGS>
</MOODLE>
<MOODLE version="2.3" requires="2.2">
<UNICODE level="required">
<FEEDBACK>
<ON_ERROR message="unicoderequired" />
</FEEDBACK>
</UNICODE>
<DATABASE level="required">
<VENDOR name="mysql" version="5.0.25">
<FEEDBACK>
<ON_ERROR message="mysql416required" />
</FEEDBACK>
</VENDOR>
<VENDOR name="postgres" version="8.3" />
<VENDOR name="mssql" version="9.0" />
<VENDOR name="odbc_mssql" version="9.0" />
<VENDOR name="mssql_n" version="9.0" />
<VENDOR name="oracle" version="10.2" />
<VENDOR name="sqlite" version="2.0" />
</DATABASE>
<PHP version="5.3.2" level="required">
</PHP>
<PHP_EXTENSIONS>
<PHP_EXTENSION name="iconv" level="required">
<FEEDBACK>
<ON_CHECK message="iconvrequired" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="mbstring" level="optional">
<FEEDBACK>
<ON_CHECK message="mbstringrecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="curl" level="required">
<FEEDBACK>
<ON_CHECK message="curlrequired" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="openssl" level="optional">
<FEEDBACK>
<ON_CHECK message="opensslrecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="tokenizer" level="optional">
<FEEDBACK>
<ON_CHECK message="tokenizerrecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="xmlrpc" level="optional">
<FEEDBACK>
<ON_CHECK message="xmlrpcrecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="soap" level="optional">
<FEEDBACK>
<ON_CHECK message="soaprecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="ctype" level="required">
<FEEDBACK>
<ON_ERROR message="ctyperequired" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="zip" level="required">
<FEEDBACK>
<ON_ERROR message="ziprequired" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="gd" level="optional">
<FEEDBACK>
<ON_CHECK message="gdrecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="simplexml" level="required">
<FEEDBACK>
<ON_CHECK message="simplexmlrequired" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="spl" level="required">
<FEEDBACK>
<ON_CHECK message="splrequired" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="pcre" level="required">
</PHP_EXTENSION>
<PHP_EXTENSION name="dom" level="required">
</PHP_EXTENSION>
<PHP_EXTENSION name="xml" level="required">
</PHP_EXTENSION>
<PHP_EXTENSION name="intl" level="optional">
<FEEDBACK>
<ON_CHECK message="intlrecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="json" level="required">
</PHP_EXTENSION>
</PHP_EXTENSIONS>
<PHP_SETTINGS>
<PHP_SETTING name="memory_limit" value="40M" level="required">
<FEEDBACK>
<ON_ERROR message="settingmemorylimit" />
</FEEDBACK>
</PHP_SETTING>
<PHP_SETTING name="safe_mode" value="0" level="optional">
<FEEDBACK>
<ON_CHECK message="settingsafemode" />
</FEEDBACK>
</PHP_SETTING>
<PHP_SETTING name="file_uploads" value="1" level="optional">
<FEEDBACK>
<ON_CHECK message="settingfileuploads" />
</FEEDBACK>
</PHP_SETTING>
</PHP_SETTINGS>
</MOODLE>
</COMPATIBILITY_MATRIX>
+2
View File
@@ -8,6 +8,7 @@ if ($hassiteconfig) { // speedup for non-admins, add all caps used on this page
$temp->add(new admin_setting_configcheckbox('protectusernames', get_string('protectusernames', 'admin'), get_string('configprotectusernames', 'admin'), 1));
$temp->add(new admin_setting_configcheckbox('forcelogin', get_string('forcelogin', 'admin'), get_string('configforcelogin', 'admin'), 0));
$temp->add(new admin_setting_configcheckbox('forceloginforprofiles', get_string('forceloginforprofiles', 'admin'), get_string('configforceloginforprofiles', 'admin'), 1));
$temp->add(new admin_setting_configcheckbox('forceloginforprofileimage', get_string('forceloginforprofileimage', 'admin'), get_string('forceloginforprofileimage_help', 'admin'), 0));
$temp->add(new admin_setting_configcheckbox('opentogoogle', get_string('opentogoogle', 'admin'), get_string('configopentogoogle', 'admin'), 0));
$max_upload_choices = get_max_upload_sizes();
@@ -67,6 +68,7 @@ if ($hassiteconfig) { // speedup for non-admins, add all caps used on this page
$temp->add(new admin_setting_configcheckbox('cookiehttponly', get_string('cookiehttponly', 'admin'), get_string('configcookiehttponly', 'admin'), 0));
$temp->add(new admin_setting_configcheckbox('regenloginsession', get_string('regenloginsession', 'admin'), get_string('configregenloginsession', 'admin'), 1));
$temp->add(new admin_setting_configtext('excludeoldflashclients', get_string('excludeoldflashclients', 'admin'), get_string('configexcludeoldflashclients', 'admin'), '10.0.12', PARAM_TEXT));
$temp->add(new admin_setting_configcheckbox('loginpasswordautocomplete', get_string('loginpasswordautocomplete', 'admin'), get_string('loginpasswordautocomplete_help', 'admin'), 0));
$ADMIN->add('security', $temp);
+5
View File
@@ -170,6 +170,10 @@ class auth_plugin_mnet extends auth_plugin_base {
global $MNET;
require_once $CFG->dirroot . '/mnet/xmlrpc/client.php';
if (!empty($USER->realuser)) {
print_error('notpermittedtojumpas', 'mnet');
}
// check remote login permissions
if (! has_capability('moodle/site:mnetlogintoremote', get_context_instance(CONTEXT_SYSTEM))
or is_mnet_remote_user($USER)
@@ -306,6 +310,7 @@ class auth_plugin_mnet extends auth_plugin_base {
}
$remoteuser->mnethostid = $remotehost->id;
$remoteuser->firstaccess = time(); // First time user in this server, grab it here
$remoteuser->confirmed = 1;
if (!$remoteuser->id = insert_record('user', addslashes_recursive($remoteuser))) {
print_error('databaseerror', 'mnet');
+22 -3
View File
@@ -209,10 +209,29 @@ define('RESTORE_GROUPS_GROUPINGS', 3);
// Links to course
$searchstring = '/\$@(COURSEVIEWBYID)\*([0-9]+)@\$/';
$replacestring= $CFG->wwwroot . '/course/view.php?id=' . $restore->course_id;
$result = preg_replace($searchstring, $replacestring, $content);
// We look for it
preg_match_all($searchstring, $content, $foundset);
// If found, then we are going to look for its new id (in backup tables)
if ($foundset[0]) {
// Iterate over foundset[2]. They are the old_ids
foreach ($foundset[2] as $old_id) {
// We get the needed variables here (course id)
$rec = backup_getid($restore->backup_unique_code, 'course', $old_id);
// Personalize the searchstring
$searchstring = '/\$@(COURSEVIEWBYID)\*('.$old_id.')@\$/';
// If it is a link to itself, replace it
if (!empty($rec->new_id)) {
$replacestring = $CFG->wwwroot . '/course/view.php?id=' . $rec->new_id;
// It s a link to another course, keep it unmodified
} else {
$replacestring = $restore->original_wwwroot . '/course/view.php?id=' . $old_id;
}
// Perform the replacement
$content = preg_replace($searchstring, $replacestring, $content);
}
}
return $result;
return $content;
}
//This function is called from all xxxx_decode_content_links_caller(),
+6 -1
View File
@@ -49,7 +49,12 @@ class block_login extends block_base {
$this->content->text .= '<input type="text" name="username" id="login_username" value="'.s($username).'" /></div>';
$this->content->text .= '<div class="c1 fld password"><label for="login_password">'.get_string('password').'</label>';
$this->content->text .= '<input type="password" name="password" id="login_password" value="" /></div>';
if (!empty($CFG->loginpasswordautocomplete)) {
$this->content->text .= '<input type="password" name="password" id="login_password" value="" autocomplete="off" /></div>';
} else {
$this->content->text .= '<input type="password" name="password" id="login_password" value="" /></div>';
}
$this->content->text .= '<div class="c1 btn"><input type="submit" value="'.get_string('login').'" /></div>';
+8
View File
@@ -32,6 +32,14 @@ class block_mnet_hosts extends block_list {
return '';
}
if (!empty($USER->realuser)) {
$this->content = new stdClass();
$this->content->items = array();
$this->content->icons = array();
$this->content->footer = get_string('notpermittedtojumpas', 'mnet');
return $this->content;
}
// check for outgoing roaming permission first
if (!has_capability('moodle/site:mnetlogintoremote', get_context_instance(CONTEXT_SYSTEM), NULL, false)) {
return '';
+3 -3
View File
@@ -49,9 +49,9 @@
$eventid = optional_param('id', 0, PARAM_INT);
$eventtype = optional_param('type', 'select', PARAM_ALPHA);
$urlcourse = optional_param('course', 0, PARAM_INT);
$cal_y = optional_param('cal_y');
$cal_m = optional_param('cal_m');
$cal_d = optional_param('cal_d');
$cal_y = optional_param('cal_y', 0, PARAM_INT);
$cal_m = optional_param('cal_m', 0, PARAM_INT);
$cal_d = optional_param('cal_d', 0, PARAM_INT);
if(isguest()) {
// Guests cannot do anything with events
+10 -11
View File
@@ -41,15 +41,14 @@
require_once('../config.php');
require_once($CFG->dirroot.'/calendar/lib.php');
$from = required_param('from');
$var = required_param('var');
$value = optional_param('value');
$id = optional_param('id');
$cal_d = optional_param('cal_d');
$cal_m = optional_param('cal_m');
$cal_y = optional_param('cal_y');
$action = optional_param('action');
$type = optional_param('type');
$from = required_param('from', PARAM_ALPHA);
$var = required_param('var', PARAM_ALPHA);
$id = optional_param('id', 0, PARAM_INT);
$cal_d = optional_param('cal_d', 0, PARAM_INT);
$cal_m = optional_param('cal_m', 0, PARAM_INT);
$cal_y = optional_param('cal_y', 0, PARAM_INT);
$action = optional_param('action', '', PARAM_ALPHA);
$type = optional_param('type', '', PARAM_ALPHA);
// Initialize the session variables
calendar_session_vars();
@@ -107,7 +106,7 @@
switch($from) {
case 'event':
redirect(CALENDAR_URL.'event.php?action='.$action.'&amp;type='.$type.'&amp;id='.intval($id));
redirect(CALENDAR_URL.'event.php?action='.$action.'&amp;type='.$type.'&amp;id='.$id);
break;
case 'month':
redirect(CALENDAR_URL.'view.php?view=month'.$courseid.'&cal_d='.$cal_d.'&cal_m='.$cal_m.'&cal_y='.$cal_y);
@@ -119,7 +118,7 @@
redirect(CALENDAR_URL.'view.php?view=day'.$courseid.'&cal_d='.$cal_d.'&cal_m='.$cal_m.'&cal_y='.$cal_y);
break;
case 'course':
redirect($CFG->wwwroot.'/course/view.php?id='.intval($id));
redirect($CFG->wwwroot.'/course/view.php?id='.$id);
break;
default:
+16 -16
View File
@@ -426,7 +426,7 @@ function calendar_show_month_detailed($m, $y, $courses, $groups, $users, $course
}
// Now display all the calendar
for($day = 1; $day <= $display->maxdays; ++$day, ++$dayweek) {
for($aday = 1; $aday <= $display->maxdays; ++$aday, ++$dayweek) {
if($dayweek > $display->maxwday) {
// We need to change week (table row)
echo "</tr>\n<tr>";
@@ -436,7 +436,7 @@ function calendar_show_month_detailed($m, $y, $courses, $groups, $users, $course
// Reset vars
$cell = '';
$dayhref = calendar_get_link_href(CALENDAR_URL.'view.php?view=day&amp;course='.$courseid.'&amp;', $day, $m, $y);
$dayhref = calendar_get_link_href(CALENDAR_URL.'view.php?view=day&amp;course='.$courseid.'&amp;', $aday, $m, $y);
if(CALENDAR_WEEKEND & (1 << ($dayweek % 7))) {
// Weekend. This is true no matter what the exact range is.
@@ -448,35 +448,35 @@ function calendar_show_month_detailed($m, $y, $courses, $groups, $users, $course
}
// Special visual fx if an event is defined
if(isset($eventsbyday[$day])) {
if(count($eventsbyday[$day]) == 1) {
if(isset($eventsbyday[$aday])) {
if(count($eventsbyday[$aday]) == 1) {
$title = get_string('oneevent', 'calendar');
}
else {
$title = get_string('manyevents', 'calendar', count($eventsbyday[$day]));
$title = get_string('manyevents', 'calendar', count($eventsbyday[$aday]));
}
$cell = '<div class="day"><a href="'.$dayhref.'" title="'.$title.'">'.$day.'</a></div>';
$cell = '<div class="day"><a href="'.$dayhref.'" title="'.$title.'">'.$aday.'</a></div>';
}
else {
$cell = '<div class="day">'.$day.'</div>';
$cell = '<div class="day">'.$aday.'</div>';
}
// Special visual fx if an event spans many days
if(isset($typesbyday[$day]['durationglobal'])) {
if(isset($typesbyday[$aday]['durationglobal'])) {
$class .= ' duration_global';
}
else if(isset($typesbyday[$day]['durationcourse'])) {
else if(isset($typesbyday[$aday]['durationcourse'])) {
$class .= ' duration_course';
}
else if(isset($typesbyday[$day]['durationgroup'])) {
else if(isset($typesbyday[$aday]['durationgroup'])) {
$class .= ' duration_group';
}
else if(isset($typesbyday[$day]['durationuser'])) {
else if(isset($typesbyday[$aday]['durationuser'])) {
$class .= ' duration_user';
}
// Special visual fx for today
if($display->thismonth && $day == $d) {
if($display->thismonth && $aday == $d) {
$class .= ' today';
} else {
$class .= ' nottoday';
@@ -488,9 +488,9 @@ function calendar_show_month_detailed($m, $y, $courses, $groups, $users, $course
}
echo '<td'.$class.'>'.$cell;
if(isset($eventsbyday[$day])) {
if(isset($eventsbyday[$aday])) {
echo '<ul class="events-new">';
foreach($eventsbyday[$day] as $eventindex) {
foreach($eventsbyday[$aday] as $eventindex) {
// If event has a class set then add it to the event <li> tag
$eventclass = '';
@@ -502,9 +502,9 @@ function calendar_show_month_detailed($m, $y, $courses, $groups, $users, $course
}
echo '</ul>';
}
if(isset($durationbyday[$day])) {
if(isset($durationbyday[$aday])) {
echo '<ul class="events-underway">';
foreach($durationbyday[$day] as $eventindex) {
foreach($durationbyday[$aday] as $eventindex) {
echo '<li>['.format_string($events[$eventindex]->name,true).']</li>';
}
echo '</ul>';
+4
View File
@@ -396,6 +396,8 @@ $string['filtersettings'] = 'Manage filters';
$string['filtersettingsgeneral'] = 'General filter settings';
$string['filteruploadedfiles'] = 'Filter uploaded files';
$string['forcelogin'] = 'Force users to login';
$string['forceloginforprofileimage'] = 'Force users to login to view user pictures';
$string['forceloginforprofileimage_help'] = 'If enabled, users must login in order to view user profile pictures and the default user picture will be used in all notification emails.';
$string['forceloginforprofiles'] = 'Force users to login for profiles';
$string['forcetimezone'] = 'Force default timezone';
$string['framename'] = 'Frame name';
@@ -493,6 +495,8 @@ $string['location'] = 'Location';
$string['locationsettings'] = 'Location settings';
$string['log'] = 'Logs';
$string['loginhttps'] = 'Use HTTPS for logins';
$string['loginpasswordautocomplete'] = 'Prevent password autocompletion on login form.';
$string['loginpasswordautocomplete_help'] = 'Having this off will let users save their account password in their browser. Switching this setting on will result in your site no longer following XHTML strict validation rules.';
$string['loglifetime'] = 'Keep logs for';
$string['longtimenosee'] = 'Unsubscribe users from courses after';
$string['longtimewarning'] = '<b>Please note that this process can take a long time.</b>';
+1
View File
@@ -208,6 +208,7 @@ $string['addtoacl'] = 'Add to Access Control';
$string['accesslevel'] = 'Access Level';
$string['ssoaccesscontrol'] = 'SSO Access Control';
$string['notpermittedtojump'] = 'You do not have permission to begin a remote session from this Moodle hub.';
$string['notpermittedtojumpas'] = 'You can\'t begin a remote session while you are logged in as another user.';
$string['notpermittedtoland'] = 'You do not have permission to begin a remote session.';
$string['authfail_nosessionexists'] = 'Authorisation failed: the mnet session does not exist.';
$string['authfail_sessiontimedout'] = 'Authorisation failed: the mnet session has timed out.';
+1
View File
@@ -503,6 +503,7 @@ $string['emaildisable'] = 'This email address is disabled';
$string['emaildisableclick'] = 'Click here to disable all email from being sent to this address';
$string['emaildisplay'] = 'Email display';
$string['emaildisplaycourse'] = 'Allow only other course members to see my email address';
$string['emaildisplayhidden'] = 'Email hidden';
$string['emaildisplayno'] = 'Hide my email address from everyone';
$string['emaildisplayyes'] = 'Allow everyone to see my email address';
$string['emailenable'] = 'This email address is enabled';
+16
View File
@@ -1448,6 +1448,14 @@ function insert_record($table, $dataobject, $returnid=true, $primarykey='id') {
if (is_array($dataobject)) {
debugging('Warning. Wrong call to insert_record(). $dataobject must be an object. array found instead', DEBUG_DEVELOPER);
$dataobject = (object)$dataobject;
} else if (is_object($dataobject)) {
// make sure there are no properties or private methods because we cast to array later,
// at the same time this undos the object references so that PHP 5 works the same as PHP 4,
// the main reason for this is BC after the dirty magic hack introduction
if ($properties = get_object_vars($dataobject)) {
$dataobject = (object)$properties;
}
unset($properties);
}
/// Temporary hack as part of phasing out all access to obsolete user tables XXX
@@ -1643,6 +1651,14 @@ function update_record($table, $dataobject) {
if (is_array($dataobject)) {
debugging('Warning. Wrong call to update_record(). $dataobject must be an object. array found instead', DEBUG_DEVELOPER);
$dataobject = (object)$dataobject;
} else if (is_object($dataobject)) {
// make sure there are no properties or private methods because we cast to array later,
// at the same time this undos the object references so that PHP 5 works the same as PHP 4,
// the main reason for this is BC after the dirty magic hack introduction
if ($properties = get_object_vars($dataobject)) {
$dataobject = (object)$properties;
}
unset($properties);
}
/// Extra protection against SQL injections
+16 -1
View File
@@ -15,6 +15,21 @@ class MoodleQuickForm_password extends HTML_QuickForm_password{
*/
var $_helpbutton='';
function MoodleQuickForm_password($elementName=null, $elementLabel=null, $attributes=null) {
global $CFG;
if (empty($CFG->xmlstrictheaders)) {
// no standard mform in moodle should allow autocomplete of passwords
// this is valid attribute in html5, sorry, we have to ignore validation errors in legacy xhtml 1.0
if (empty($attributes)) {
$attributes = array('autocomplete'=>'off');
} else if (is_array($attributes)) {
$attributes['autocomplete'] = 'off';
} else {
if (strpos($attributes, 'autocomplete') === false) {
$attributes .= ' autocomplete="off" ';
}
}
}
parent::HTML_QuickForm_password($elementName, $elementLabel, $attributes);
}
/**
@@ -48,4 +63,4 @@ class MoodleQuickForm_password extends HTML_QuickForm_password{
return $this->_helpbutton;
}
}
?>
?>
+15
View File
@@ -15,6 +15,21 @@ require_once($CFG->libdir.'/form/password.php');
class MoodleQuickForm_passwordunmask extends MoodleQuickForm_password {
function MoodleQuickForm_passwordunmask($elementName=null, $elementLabel=null, $attributes=null) {
global $CFG;
if (empty($CFG->xmlstrictheaders)) {
// no standard mform in moodle should allow autocomplete of passwords
// this is valid attribute in html5, sorry, we have to ignore validation errors in legacy xhtml 1.0
if (empty($attributes)) {
$attributes = array('autocomplete'=>'off');
} else if (is_array($attributes)) {
$attributes['autocomplete'] = 'off';
} else {
if (strpos($attributes, 'autocomplete') === false) {
$attributes .= ' autocomplete="off" ';
}
}
}
parent::MoodleQuickForm_password($elementName, $elementLabel, $attributes);
}
+5 -2
View File
@@ -33,10 +33,13 @@ class MoodleQuickForm_recaptcha extends HTML_QuickForm_input {
* </code>
*/
function MoodleQuickForm_recaptcha($elementName = null, $elementLabel = null, $attributes = null) {
global $CFG;
parent::HTML_QuickForm_input($elementName, $elementLabel, $attributes);
$this->_type = 'recaptcha';
if (!empty($attributes['https'])) {
$this->_https = $attributes['https'];
if (!empty($attributes['https']) or strpos($CFG->httpswwwroot, 'https:') === 0) {
$this->_https = true;
} else {
$this->_https = false;
}
}
+16 -1
View File
@@ -106,6 +106,21 @@ class moodleform {
* @return moodleform
*/
function moodleform($action=null, $customdata=null, $method='post', $target='', $attributes=null, $editable=true) {
global $CFG;
if (empty($CFG->xmlstrictheaders)) {
// no standard mform in moodle should allow autocomplete with the exception of user signup
// this is valid attribute in html5, sorry, we have to ignore validation errors in legacy xhtml 1.0
if (empty($attributes)) {
$attributes = array('autocomplete'=>'off');
} else if (is_array($attributes)) {
$attributes['autocomplete'] = 'off';
} else {
if (strpos($attributes, 'autocomplete') === false) {
$attributes .= ' autocomplete="off" ';
}
}
}
if (empty($action)){
$action = strip_querystring(qualified_me());
}
@@ -1486,7 +1501,7 @@ function validate_' . $this->_formName . '(frm) {
} else if (is_a($element, 'HTML_QuickForm_hidden')) {
return array();
} else if (method_exists($element, 'getPrivateName')) {
} else if (method_exists($element, 'getPrivateName') && !($element instanceof HTML_QuickForm_advcheckbox)) {
return array($element->getPrivateName());
} else {
+3 -2
View File
@@ -427,13 +427,14 @@ function unmaskPassword(id) {
try {
// first try IE way - it can not set name attribute later
if (chb.checked) {
var newpw = document.createElement('<input type="text" name="'+pw.name+'">');
var newpw = document.createElement('<input type="text" autocomplete="off" name="'+pw.name+'">');
} else {
var newpw = document.createElement('<input type="password" name="'+pw.name+'">');
var newpw = document.createElement('<input type="password" autocomplete="off" name="'+pw.name+'">');
}
newpw.attributes['class'].nodeValue = pw.attributes['class'].nodeValue;
} catch (e) {
var newpw = document.createElement('input');
newpw.setAttribute('autocomplete', 'off');
newpw.setAttribute('name', pw.name);
if (chb.checked) {
newpw.setAttribute('type', 'text');
+31 -18
View File
@@ -2741,13 +2741,13 @@ function set_moodle_cookie($thing) {
return;
}
$cookiename = 'MOODLEID_'.$CFG->sessioncookie;
$cookiename = 'MOODLEID1_'.$CFG->sessioncookie;
$days = 60;
$seconds = DAYSECS*$days;
setCookie($cookiename, '', time() - HOURSECS, $CFG->sessioncookiepath, $CFG->sessioncookiedomain, $CFG->cookiesecure);
setCookie($cookiename, rc4encrypt($thing), time()+$seconds, $CFG->sessioncookiepath, $CFG->sessioncookiedomain, $CFG->cookiesecure);
setCookie($cookiename, rc4encrypt($thing, true), time()+$seconds, $CFG->sessioncookiepath, $CFG->sessioncookiedomain, $CFG->cookiesecure);
}
/**
@@ -2759,12 +2759,12 @@ function set_moodle_cookie($thing) {
function get_moodle_cookie() {
global $CFG;
$cookiename = 'MOODLEID_'.$CFG->sessioncookie;
$cookiename = 'MOODLEID1_'.$CFG->sessioncookie;
if (empty($_COOKIE[$cookiename])) {
return '';
} else {
$thing = rc4decrypt($_COOKIE[$cookiename]);
$thing = rc4decrypt($_COOKIE[$cookiename], true);
return ($thing == 'guest') ? '': $thing; // Ignore guest account
}
}
@@ -6024,25 +6024,33 @@ function get_list_of_currencies() {
/**
* rc4encrypt
*
* @param string $data ?
* @return string
* @todo Finish documenting this function
* @param string $data Data to encrypt.
* @param bool $usesecurekey Lets us know if we are using the old or new password.
* @return string The now encrypted data.
*/
function rc4encrypt($data) {
$password = 'nfgjeingjk';
return endecrypt($password, $data, '');
function rc4encrypt($data, $usesecurekey = false) {
if (!$usesecurekey) {
$passwordkey = 'nfgjeingjk';
} else {
$passwordkey = get_site_identifier();
}
return endecrypt($passwordkey, $data, '');
}
/**
* rc4decrypt
*
* @param string $data ?
* @return string
* @todo Finish documenting this function
* @param string $data Data to decrypt.
* @param bool $usesecurekey Lets us know if we are using the old or new password.
* @return string The now decrypted data.
*/
function rc4decrypt($data) {
$password = 'nfgjeingjk';
return endecrypt($password, $data, 'de');
function rc4decrypt($data, $usesecurekey = false) {
if (!$usesecurekey) {
$passwordkey = 'nfgjeingjk';
} else {
$passwordkey = get_site_identifier();
}
return endecrypt($passwordkey, $data, 'de');
}
/**
@@ -7083,12 +7091,17 @@ function generate_password($maxlen=10) {
$filler1 = $fillers[rand(0, strlen($fillers) - 1)];
$password = $word1 . $filler1 . $word2;
} else {
$maxlen = !empty($CFG->minpasswordlength) ? $CFG->minpasswordlength : 0;
$minlen = !empty($CFG->minpasswordlength) ? $CFG->minpasswordlength : 0;
$digits = $CFG->minpassworddigits;
$lower = $CFG->minpasswordlower;
$upper = $CFG->minpasswordupper;
$nonalphanum = $CFG->minpasswordnonalphanum;
$additional = $maxlen - ($lower + $upper + $digits + $nonalphanum);
$total = $lower + $upper + $digits + $nonalphanum;
// minlength should be the greater one of the two ( $minlen and $total )
$minlen = $minlen < $total ? $total : $minlen;
// maxlen can never be smaller than minlen
$maxlen = $minlen > $maxlen ? $minlen : $maxlen;
$additional = $maxlen - $total;
// Make sure we have enough characters to fulfill
// complexity requirements
+9 -6
View File
@@ -653,11 +653,11 @@ class PHPMailer
*/
function AddrFormat($addr) {
if(empty($addr[1]))
$formatted = $addr[0];
$formatted = preg_replace('/[\r\n]+/', '', $addr[0]); // Moodle modification
else
{
$formatted = $this->EncodeHeader($addr[1], 'phrase') . " <" .
$addr[0] . ">";
$formatted = $this->EncodeHeader($addr[1], 'phrase') . " <" .
preg_replace('/[\r\n]+/', '', $addr[0]) . ">"; // Moodle modification
}
return $formatted;
@@ -780,9 +780,9 @@ class PHPMailer
$result .= $this->HeaderLine("Date", $this->RFCDate());
if($this->Sender == "")
$result .= $this->HeaderLine("Return-Path", trim($this->From));
$result .= $this->HeaderLine("Return-Path", trim(preg_replace('/[\r\n]+/', '', $this->From))); // Moodle modification
else
$result .= $this->HeaderLine("Return-Path", trim($this->Sender));
$result .= $this->HeaderLine("Return-Path", trim(preg_replace('/[\r\n]+/', '', $this->Sender))); // Moodle modification
// To be created automatically by mail()
if($this->Mailer != "mail")
@@ -1190,7 +1190,10 @@ class PHPMailer
*/
function EncodeHeader ($str, $position = 'text') {
/// Start Moodle Hack - do our own multibyte-safe header encoding
/// Start Moodle Hack - do our own multibyte-safe header encoding and cleanup
$str = str_replace("\r", '', $str);
$str = str_replace("\n", '', $str);
$textlib = textlib_get_instance();
$encoded = $textlib->encode_mimeheader($str, $this->CharSet);
if ($encoded !== false) {
+28 -26
View File
@@ -6203,8 +6203,35 @@ function redirect($url, $message='', $delay=-1) {
$message = clean_text($message);
// Technically, HTTP/1.1 requires Location: header to contain the absolute path.
// (In practice browsers accept relative paths - but still, might as well do it properly.)
// This code turns relative into absolute.
if (!preg_match('|^[a-z]+:|', $url)) {
// Get host name http://www.wherever.com
$hostpart = preg_replace('|^(.*?[^:/])/.*$|', '$1', $CFG->wwwroot);
if (preg_match('|^/|', $url)) {
// URLs beginning with / are relative to web server root so we just add them in
$url = $hostpart.$url;
} else {
// URLs not beginning with / are relative to path of current script, so add that on.
$url = $hostpart.preg_replace('|\?.*$|','',me()).'/../'.$url;
}
// Replace all ..s
while (true) {
$newurl = preg_replace('|/(?!\.\.)[^/]*/\.\./|', '/', $url);
if ($newurl == $url) {
break;
}
$url = $newurl;
}
}
// Sanitise url - we can not rely on our URL cleaning
// because it does not support all valid external URLs
$url = preg_replace('/[\x00-\x1F\x7F]/', '', $url);
$url = str_replace('"', '%22', $url);
$encodedurl = preg_replace("/\&(?![a-zA-Z0-9#]{1,8};)/", "&amp;", $url);
$encodedurl = preg_replace('/^.*href="([^"]*)".*$/', "\\1", clean_text('<a href="'.$encodedurl.'" />'));
$encodedurl = preg_replace('/^.*href="([^"]*)".*$/', "\\1", clean_text('<a href="'.$encodedurl.'" />', FORMAT_HTML));
$url = str_replace('&amp;', '&', $encodedurl);
/// At developer debug level. Don't redirect if errors have been printed on screen.
@@ -6226,31 +6253,6 @@ function redirect($url, $message='', $delay=-1) {
/// when no message and header printed yet, try to redirect
if (empty($message) and !defined('HEADER_PRINTED')) {
// Technically, HTTP/1.1 requires Location: header to contain
// the absolute path. (In practice browsers accept relative
// paths - but still, might as well do it properly.)
// This code turns relative into absolute.
if (!preg_match('|^[a-z]+:|', $url)) {
// Get host name http://www.wherever.com
$hostpart = preg_replace('|^(.*?[^:/])/.*$|', '$1', $CFG->wwwroot);
if (preg_match('|^/|', $url)) {
// URLs beginning with / are relative to web server root so we just add them in
$url = $hostpart.$url;
} else {
// URLs not beginning with / are relative to path of current script, so add that on.
$url = $hostpart.preg_replace('|\?.*$|','',me()).'/../'.$url;
}
// Replace all ..s
while (true) {
$newurl = preg_replace('|/(?!\.\.)[^/]*/\.\./|', '/', $url);
if ($newurl == $url) {
break;
}
$url = $newurl;
}
}
$delay = 0;
//try header redirection first
@header($_SERVER['SERVER_PROTOCOL'] . ' 303 See Other'); //302 might not work for POST requests, 303 is ignored by obsolete clients
+16 -2
View File
@@ -4,6 +4,7 @@
require_once('change_password_form.php');
$id = optional_param('id', SITEID, PARAM_INT); // current course
$return = optional_param('return', 0, PARAM_BOOL); // redirect after password change
$strparticipants = get_string('participants');
@@ -12,6 +13,19 @@
$systemcontext = get_context_instance(CONTEXT_SYSTEM);
if ($return) {
// this redirect prevents security warning because https can not POST to http pages
if (empty($SESSION->wantsurl)
or stripos(str_replace('https://', 'http://', $SESSION->wantsurl), str_replace('https://', 'http://', $CFG->wwwroot.'/login/change_password.php') === 0)) {
$returnto = "$CFG->wwwroot/user/view.php?id=$USER->id&course=$id";
} else {
$returnto = $SESSION->wantsurl;
}
unset($SESSION->wantsurl);
redirect($returnto);
}
if (!$course = get_record('course', 'id', $id)) {
error('No such course!');
}
@@ -19,7 +33,7 @@
// require proper login; guest user can not change password
if (empty($USER->id) or isguestuser()) {
if (empty($SESSION->wantsurl)) {
$SESSION->wantsurl = $CFG->httpswwwroot.'/login/change_password.php';
$SESSION->wantsurl = $CFG->httpswwwroot.'/login/change_password.php?id=' . $id;
}
redirect($CFG->httpswwwroot.'/login/index.php');
}
@@ -54,7 +68,7 @@
redirect($changeurl);
}
$mform = new login_change_password_form();
$mform = new login_change_password_form($CFG->httpswwwroot . '/login/change_password.php');
$mform->set_data(array('id'=>$course->id));
$navlinks = array();
+1 -1
View File
@@ -35,7 +35,7 @@ if ($show_instructions) {
<div class="clearer"><!-- --></div>
<div class="form-label"><label for="password"><?php print_string("password") ?></label></div>
<div class="form-input">
<input type="password" name="password" id="password" size="15" value="" />
<input type="password" name="password" id="password" size="15" value="" <?php if (!empty($CFG->loginpasswordautocomplete)) {echo 'autocomplete="off"';} ?> />
<input type="submit" value="<?php print_string("login") ?>" />
<input type="hidden" name="testcookies" value="1" />
</div>
+1 -1
View File
@@ -26,7 +26,7 @@
//HTTPS is potentially required in this page
httpsrequired();
$mform_signup = new login_signup_form();
$mform_signup = new login_signup_form(null, null, 'post', '', array('autocomplete'=>'on'));
if ($mform_signup->is_cancelled()) {
redirect($CFG->httpswwwroot.'/login/index.php');
+1 -1
View File
@@ -996,7 +996,7 @@ function message_post_message($userfrom, $userto, $message, $format, $messagetyp
$messagehtml = NULL;
}
if (!empty($preference->message_emailaddress)) {
if (!empty($preference->message_emailaddress) and validate_email($preference->message_emailaddress)) {
$userto->email = $preference->message_emailaddress; // Use custom messaging address
}
+2 -2
View File
@@ -412,10 +412,10 @@ function ip_in_range($address, $network, $mask) {
$lnetwork = ip2long($network);
$laddress = ip2long($address);
$binnet = str_pad( decbin($lnetwork),32,"0","STR_PAD_LEFT" );
$binnet = str_pad( decbin($lnetwork), 32, "0", STR_PAD_LEFT );
$firstpart = substr($binnet,0,$mask);
$binip = str_pad( decbin($laddress),32,"0","STR_PAD_LEFT" );
$binip = str_pad( decbin($laddress), 32, "0", STR_PAD_LEFT );
$firstip = substr($binip,0,$mask);
return(strcmp($firstpart,$firstip)==0);
}
+8 -6
View File
@@ -838,7 +838,10 @@ class assignment_base {
if ($users) {
$select = 'SELECT u.id, u.firstname, u.lastname, u.picture, u.imagealt,
s.id AS submissionid, s.grade, s.submissioncomment,
s.timemodified, s.timemarked ';
s.timemodified, s.timemarked,
CASE WHEN s.timemarked > 0 AND s.timemarked >= s.timemodified THEN 1
ELSE 0 END AS status ';
$sql = 'FROM '.$CFG->prefix.'user u '.
'LEFT JOIN '.$CFG->prefix.'assignment_submissions s ON u.id = s.userid
AND s.assignment = '.$this->assignment->id.' '.
@@ -850,8 +853,6 @@ class assignment_base {
if (($auser = get_records_sql($select.$sql.$sort, $offset+1, 1)) !== false) {
$nextuser = array_shift($auser);
/// Calculate user status
$nextuser->status = ($nextuser->timemarked > 0) && ($nextuser->timemarked >= $nextuser->timemodified);
$nextid = $nextuser->id;
}
}
@@ -1166,7 +1167,10 @@ class assignment_base {
$select = 'SELECT u.id, u.firstname, u.lastname, u.picture, u.imagealt,
s.id AS submissionid, s.grade, s.submissioncomment,
s.timemodified, s.timemarked ';
s.timemodified, s.timemarked,
CASE WHEN s.timemarked > 0 AND s.timemarked >= s.timemodified THEN 1
ELSE 0 END AS status ';
$sql = 'FROM '.$CFG->prefix.'user u '.
'LEFT JOIN '.$CFG->prefix.'assignment_submissions s ON u.id = s.userid
AND s.assignment = '.$this->assignment->id.' '.
@@ -1192,8 +1196,6 @@ class assignment_base {
$locked_overridden = 'overridden';
}
/// Calculate user status
$auser->status = ($auser->timemarked > 0) && ($auser->timemarked >= $auser->timemodified);
$picture = print_user_picture($auser, $course->id, $auser->picture, false, true);
if (empty($auser->submissionid)) {
@@ -80,11 +80,6 @@ class assignment_upload extends assignment_base {
}
if (empty($submission->timemarked)) { /// Nothing to show, so print nothing
if ($this->count_responsefiles($USER->id)) {
print_heading(get_string('responsefiles', 'assignment', $this->course->teacher), '', 3);
$responsefiles = $this->print_responsefiles($USER->id, true);
print_simple_box($responsefiles, 'center');
}
return;
}
@@ -96,7 +91,12 @@ class assignment_upload extends assignment_base {
return;
}
if ($grade->grade === null and empty($grade->str_feedback)) { /// Nothing to show yet
if ($grade->grade === null and empty($grade->str_feedback)) { // No grades to show yet
if ($this->count_responsefiles($USER->id)) { // but possibly response files to show
print_heading(get_string('responsefiles', 'assignment', $this->course->teacher), '', 3);
$responsefiles = $this->print_responsefiles($USER->id, true);
print_simple_box($responsefiles, 'center');
}
return;
}
+14 -1
View File
@@ -60,6 +60,7 @@ if($mform->is_cancelled()) {
print_header_simple($data->name, '', $nav,
'', '', true, update_module_button($cm->id, $course->id, get_string('modulename', 'data')),
navmenu($course, $cm), '', '');
groups_print_activity_menu($cm, "$CFG->wwwroot/mod/data/export.php?d=$d");
print_heading(format_string($data->name));
// these are for the tab display
@@ -83,13 +84,25 @@ foreach($fields as $key => $field) {
$exportdata[0][] = $field->field->name;
}
}
$groupid = groups_get_activity_group($cm);
$datarecords = get_records('data_records', 'dataid', $data->id);
ksort($datarecords);
$line = 1;
foreach($datarecords as $record) {
// get content indexed by fieldid
if( $content = get_records('data_content', 'recordid', $record->id, 'fieldid', 'fieldid, content, content1, content2, content3, content4') ) {
if($groupid) {
$select = "SELECT c.fieldid, c.content, c.content1, c.content2, c.content3, c.content4
FROM {$CFG->prefix}data_content c, {$CFG->prefix}data_records r
WHERE c.recordid = $record->id
AND r.id = c.recordid
AND r.groupid = $groupid";
} else {
$select = "SELECT fieldid, content, content1, content2, content3, content4
FROM {$CFG->prefix}data_content
WHERE recordid = $record->id";
}
if( $content = get_records_sql($select) ) {
foreach($fields as $field) {
$contents = '';
if(isset($content[$field->field->id])) {
+9 -1
View File
@@ -62,6 +62,10 @@
error('You can\'t move to that forum - it doesn\'t exist!', $return);
}
if ($forumto->type == 'single') {
error('Cannot move discussion to a simple single discussion forum.', $return);
}
if (!$cmto = get_coursemodule_from_instance('forum', $forumto->id, $course->id)) {
error('Target forum not found in this course.', $return);
}
@@ -187,6 +191,8 @@
}
$section = -1;
$forummenu = array();
// Check forum types and eliminate simple discussions.
$forumcheck = get_records('forum', 'course', $course->id, '', 'id, type');
foreach ($modinfo->instances['forum'] as $forumcm) {
if (!$forumcm->uservisible || !has_capability('mod/forum:startdiscussion',
get_context_instance(CONTEXT_MODULE,$forumcm->id))) {
@@ -197,7 +203,9 @@
$forummenu[] = "-------------- $strsection $forumcm->sectionnum --------------";
}
$section = $forumcm->sectionnum;
if ($forumcm->instance != $forum->id) {
$forumidcompare = $forumcm->instance != $forum->id;
$forumtypecheck = $forumcheck[$forumcm->instance]->type !== 'single';
if ($forumidcompare and $forumtypecheck) {
$url = "discuss.php?d=$discussion->id&amp;move=$forumcm->instance&amp;sesskey=".sesskey();
$forummenu[$url] = format_string($forumcm->name);
}
+4
View File
@@ -4484,6 +4484,10 @@ function forum_user_can_post_discussion($forum, $currentgroup=null, $unused=-1,
return false;
}
if ($forum->type == 'single') {
return false;
}
if ($forum->type == 'eachuser') {
if (forum_user_has_posted_discussion($forum->id, $USER->id)) {
return false;
+45 -27
View File
@@ -40,6 +40,50 @@
die;
}
switch ($mode) {
case 'posts' :
$searchterms = array('userid:'.$user->id);
$extrasql = '';
break;
default:
$searchterms = array('userid:'.$user->id);
$extrasql = 'AND p.parent = 0';
break;
}
if ($course->id == SITEID) {
if (empty($CFG->forceloginforprofiles) || isloggedin()) {
// Search throughout the whole site.
$searchcourse = 0;
} else {
$searchcourse = SITEID;
}
} else {
// Search only for posts the user made in this course.
$searchcourse = $course->id;
}
$posts = forum_search_posts($searchterms, $searchcourse, $page*$perpage, $perpage, $totalcount, $extrasql);
$hasposts = !empty($posts);
$iscurrentuser = $user->id == $USER->id;
$specificcourseprovided = !empty($searchcourse) && $searchcourse != SITEID;
if (!$hasposts && !$iscurrentuser && !$specificcourseprovided) {
$mustlogin = (!isloggedin() && $CFG->forceloginforprofiles);
$canviewtheuser = (isloggedin() && has_capability('moodle/user:viewdetails', $usercontext));
if ($mustlogin || (!isteacherinanycourse() && !isteacherinanycourse($user->id) && !$canviewtheuser)) {
// Best to assume that the current user cannot view the requested user
// so we are careful not to give out any information.
print_header();
print_heading(get_string('noposts', 'forum'));
print_footer();
exit;
} else {
// Nothing to check here. If a course has been specified then require_course_login
// has been called OR the current user is a parent of the requested user.
}
}
add_to_log($course->id, "forum", "user report",
"user.php?course=$course->id&amp;id=$user->id&amp;mode=$mode", "$user->id");
@@ -65,36 +109,10 @@
$showroles = 1;
include($CFG->dirroot.'/user/tabs.php'); /// Prints out tabs as part of user page
switch ($mode) {
case 'posts' :
$searchterms = array('userid:'.$user->id);
$extrasql = '';
break;
default:
$searchterms = array('userid:'.$user->id);
$extrasql = 'AND p.parent = 0';
break;
}
echo '<div class="user-content">';
if ($course->id == SITEID) {
if (empty($CFG->forceloginforprofiles) || isloggedin()) {
// Search throughout the whole site.
$searchcourse = 0;
} else {
$searchcourse = SITEID;
}
} else {
// Search only for posts the user made in this course.
$searchcourse = $course->id;
}
// Get the posts.
if ($posts = forum_search_posts($searchterms, $searchcourse, $page*$perpage, $perpage,
$totalcount, $extrasql)) {
if ($posts) {
print_paging_bar($totalcount, $page, $perpage,
"user.php?id=$user->id&amp;course=$course->id&amp;mode=$mode&amp;perpage=$perpage&amp;");
+1 -1
View File
@@ -33,7 +33,7 @@ function xmldb_label_upgrade($oldversion=0) {
/// }
//===== 1.9.0 upgrade line ======//
if ($oldversion < 2007101510) {
if ($result && $oldversion < 2007101510) {
execute_sql("UPDATE {$CFG->prefix}log_display SET mtable = 'label' WHERE module = 'label'", 'false');
}
+5 -3
View File
@@ -414,8 +414,9 @@
$userresponse = implode(",", $userresponse);
$response = '';
if ($ncorrect == count($answers)-2) { // dont count correct/wrong responses in the total.
$response = reset($answers)->answer;
if ($ncorrect == count($answers) - 2) { // dont count correct/wrong responses in the total.
$answer = reset($answers);
$response = $answer->answer;
if (isset($correctpageid)) {
$newpageid = $correctpageid;
}
@@ -425,7 +426,8 @@
$correctanswer = true;
} else {
reset($answers);
$response = next($answers)->answer;
$answer = next($answers);
$response = $answer->answer;
$newpageid = $wrongpageid;
$answerid = $wronganswerid;
}
+2 -1
View File
@@ -71,7 +71,8 @@
}
}
}
if (!update_record("lesson_answers", $oldanswer)) {
// Don't return the error if it wasn't updated because original question type had no answers
if (!empty($oldanswer->id) && !update_record("lesson_answers", $oldanswer)) {
error("Update page: EOB not updated");
}
} else {
@@ -412,6 +412,7 @@ class resource_file extends resource_base {
print_simple_box(format_text($resource->summary, FORMAT_MOODLE, $formatoptions, $course->id), "center");
}
echo "</body></html>";
add_to_log($course->id, "resource", "view", "view.php?id={$cm->id}", $resource->id, $cm->id);
exit;
}
/// display the resource into a frame tag
+50 -7
View File
@@ -556,19 +556,49 @@ function SCORMapi1_2() {
} else {
element = parent+'.'+property;
expression = new RegExp(CMIIndex,'g');
// get the generic name for this element (e.g. convert 'cmi.interactions.1.id' to 'cmi.interactions.n.id')
elementmodel = String(element).replace(expression,'.n.');
if (elementmodel != "cmi.core.session_time") {
if ((typeof eval('datamodel["'+elementmodel+'"]')) != "undefined") {
if (eval('datamodel["'+elementmodel+'"].mod') != 'r') {
// ignore the session time element
if (element != "cmi.core.session_time") {
// check if this specific element is not defined in the datamodel,
// but the generic element name is
if ((eval('typeof datamodel["'+element+'"]')) == "undefined"
&& (eval('typeof datamodel["'+elementmodel+'"]')) != "undefined") {
// add this specific element to the data model (by cloning
// the generic element) so we can track changes to it
eval('datamodel["'+element+'"]=CloneObj(datamodel["'+elementmodel+'"]);');
}
// check if the current element exists in the datamodel
if ((typeof eval('datamodel["'+element+'"]')) != "undefined") {
// make sure this is not a read only element
if (eval('datamodel["'+element+'"].mod') != 'r') {
elementstring = '&'+underscore(element)+'='+encodeURIComponent(data[property]);
if ((typeof eval('datamodel["'+elementmodel+'"].defaultvalue')) != "undefined") {
if (eval('datamodel["'+elementmodel+'"].defaultvalue') != data[property] || eval('typeof(datamodel["'+elementmodel+'"].defaultvalue)') != typeof(data[property])) {
// check if the element has a default value
if ((typeof eval('datamodel["'+element+'"].defaultvalue')) != "undefined") {
// check if the default value is different from the current value
if (eval('datamodel["'+element+'"].defaultvalue') != data[property]
|| eval('typeof(datamodel["'+element+'"].defaultvalue)') != typeof(data[property])) {
// append the URI fragment to the string we plan to commit
datastring += elementstring;
eval('datamodel["'+elementmodel+'"].defaultvalue=data[property];');
// update the element default to reflect the current committed value
eval('datamodel["'+element+'"].defaultvalue=data[property];');
}
} else {
// append the URI fragment to the string we plan to commit
datastring += elementstring;
eval('datamodel["'+elementmodel+'"].defaultvalue=data[property];');
// no default value for the element, so set it now
eval('datamodel["'+element+'"].defaultvalue=data[property];');
}
}
}
@@ -578,6 +608,19 @@ function SCORMapi1_2() {
return datastring;
}
function CloneObj(obj){
if(obj == null || typeof(obj) != 'object') {
return obj;
}
var temp = new obj.constructor(); // changed (twice)
for(var key in obj) {
temp[key] = CloneObj(obj[key]);
}
return temp;
}
function StoreData(data,storetotaltime) {
if (storetotaltime) {
if (cmi.core.lesson_status == 'not attempted') {
+13 -6
View File
@@ -397,14 +397,16 @@ function wiki_get_default_entry(&$wiki, &$course, $userid=0, $groupid=0) {
global $USER;
/// If there is a groupmode, get the user's group id.
$groupmode = groups_get_activity_groupmode($wiki);
// if groups mode is in use and no group supplied, use the first one found
if ($groupmode && !$groupid) {
if(($mygroupids=mygroupid($course->id)) && count($mygroupids)>0) {
// Use first group. They ought to be able to change later
$groupid=$mygroupids[0];
// Get a group of wiki that user has access to in the course with groupingid.
$groups = groups_get_all_groups($course->id, $USER->id, $wiki->groupingid);
if ($groups && count($groups) > 0) {
// Select the first element in the array. Set the groupid to the id of the first element.
$group = current($groups);
$groupid = $group->id;
} else {
// Whatever groups are in the course, pick one
$coursegroups = groups_get_all_groups($course->id);
$coursegroups = groups_get_all_groups($course->id, 0, $wiki->groupingid);
if(!$coursegroups || count($coursegroups)==0) {
error("Can't access wiki in group mode when no groups are configured for the course");
}
@@ -1088,7 +1090,12 @@ function wiki_user_can_access_group_wiki(&$wiki, $groupid, &$course) {
/// Get the groupmode. It's been added to the wiki object.
$groupmode = groups_get_activity_groupmode($wiki);
$usersgroup = mygroupid($course->id);
if ($usersgroup = groups_get_all_groups($course->id, $USER->id, $wiki->groupingid)) {
$usersgroup = array_keys($usersgroup);
} else {
$usersgroup = array();
}
$isteacher = wiki_is_teacher($wiki, $USER->id);
/// A user can access a group wiki, if:
+3 -3
View File
@@ -571,9 +571,9 @@ class question_match_qtype extends default_questiontype {
//mappings in backup_ids to use them later where restoring states (user level).
//Get the match_sub from DB (by question, questiontext and answertext)
$db_match_sub = get_record ("question_match_sub","question",$new_question_id,
"questiontext",$match_sub->questiontext,
"answertext",$match_sub->answertext);
$db_match_sub = get_record('question_match_sub', 'question', $new_question_id,
sql_compare_text('questiontext', 255), $match_sub->questiontext,
'answertext', $match_sub->answertext);
//Do some output
if (($i+1) % 50 == 0) {
if (!defined('RESTORE_SILENTLY')) {
+7 -1
View File
@@ -56,7 +56,13 @@
$course->teacher = get_string('defaultcourseteacher');
}
foreach ($SESSION->emailto[$id] as $user) {
echo '<tr><td>'.fullname($user,true).'</td><td>'.$user->email.'</td><td>';
echo '<tr><td>'.fullname($user,true).'</td>';
// Check to see if we should be showing the email address.
if ($user->maildisplay == 0 ) { // 0 = don't display my email to anyone.
echo '<td>' . get_string('emaildisplayhidden') . '</td><td>';
} else {
echo '<td>'.$user->email.'</td><td>';
}
if ($user->teacher) {
echo '<img src="'.$CFG->pixpath.'/t/user.gif" alt="'.$course->teacher.'" title="'.$course->teacher.'"/>';
}
+1 -1
View File
@@ -46,7 +46,7 @@
foreach ($_POST as $k => $v) {
if (preg_match('/^(user|teacher)(\d+)$/',$k,$m)) {
if (!array_key_exists($m[2],$SESSION->emailto[$id])) {
if ($user = get_record_select('user','id = '.$m[2],'id,firstname,lastname,idnumber,email,emailstop,mailformat,lastaccess')) {
if ($user = get_record_select('user','id = '.$m[2],'id,firstname,lastname,idnumber,email,emailstop,mailformat,lastaccess,maildisplay')) {
$SESSION->emailto[$id][$m[2]] = $user;
$SESSION->emailto[$id][$m[2]]->teacher = ($m[1] == 'teacher');
$count++;
+3 -1
View File
@@ -6,8 +6,10 @@
require_once('../config.php');
require_once($CFG->libdir.'/filelib.php');
if (!empty($CFG->forcelogin) and !isloggedin()) {
if ((!empty($CFG->forcelogin) and !isloggedin()) ||
(!empty($CFG->forceloginforprofileimage) && (!isloggedin() || isguestuser()))) {
// protect images if login required and not logged in;
// also if login is required for profile images and is not logged in or guest
// do not use require_login() because it is expensive and not suitable here anyway
redirect($CFG->pixpath.'/u/f1.png');
}
+2 -2
View File
@@ -6,10 +6,10 @@
// This is compared against the values stored in the database to determine
// whether upgrades should be performed (see lib/db/*.php)
$version = 2007101591.06; // YYYYMMDD = date of the 1.9 branch (don't change)
$version = 2007101591.12; // YYYYMMDD = date of the 1.9 branch (don't change)
// X = release number 1.9.[0,1,2,3,4,5...]
// Y.YY = micro-increments between releases
$release = '1.9.14 (Build: 20111010)'; // Human-friendly version name
$release = '1.9.17 (Build: 20120312)'; // Human-friendly version name
?>