Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 3.10.x will end 8 November 2021 (12 months).
  • Bug fixes for security issues in 3.10.x will end 9 May 2022 (18 months).
  • PHP version: minimum PHP 7.2.0 Note: minimum PHP version has increased since Moodle 3.8. PHP 7.3.x and 7.4.x are supported too.
/blog/ -> edit.php (source)

Differences Between: [Versions 310 and 401] [Versions 310 and 402] [Versions 310 and 403]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  
  18  /**
  19   * Blog entry edit page
  20   *
  21   * @package    moodlecore
  22   * @subpackage blog
  23   * @copyright  2009 Nicolas Connault
  24   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  25   */
  26  require_once(__DIR__ . '/../config.php');
  27  require_once($CFG->dirroot . '/blog/lib.php');
  28  require_once($CFG->dirroot . '/blog/locallib.php');
  29  require_once($CFG->dirroot . '/comment/lib.php');
  30  require_once($CFG->dirroot . '/blog/edit_form.php');
  31  
  32  $action   = required_param('action', PARAM_ALPHA);
  33  $id       = optional_param('entryid', 0, PARAM_INT);
  34  $confirm  = optional_param('confirm', 0, PARAM_BOOL);
  35  $modid = optional_param('modid', 0, PARAM_INT); // To associate the entry with a module instance.
  36  $courseid = optional_param('courseid', 0, PARAM_INT); // To associate the entry with a course.
  37  
  38  if ($action == 'edit') {
  39      $id = required_param('entryid', PARAM_INT);
  40  }
  41  
  42  $PAGE->set_url('/blog/edit.php', array('action' => $action,
  43                                         'entryid' => $id,
  44                                         'confirm' => $confirm,
  45                                         'modid' => $modid,
  46                                         'courseid' => $courseid));
  47  
  48  // If action is add, we ignore $id to avoid any further problems.
  49  if (!empty($id) && $action == 'add') {
  50      $id = null;
  51  }
  52  
  53  $entry = new stdClass();
  54  $entry->id = null;
  55  
  56  if ($id) {
  57      if (!$entry = new blog_entry($id)) {
  58          print_error('wrongentryid', 'blog');
  59      }
  60      $userid = $entry->userid;
  61  } else {
  62      $userid = $USER->id;
  63  }
  64  
  65  $sitecontext = context_system::instance();
  66  $usercontext = context_user::instance($userid);
  67  if ($modid) {
  68      $PAGE->set_context($sitecontext);
  69  } else {
  70      $PAGE->set_context($usercontext);
  71      $blognode = $PAGE->settingsnav->find('blogadd', null);
  72      $blognode->make_active();
  73  }
  74  
  75  require_login($courseid);
  76  
  77  if (empty($CFG->enableblogs)) {
  78      print_error('blogdisable', 'blog');
  79  }
  80  
  81  if (isguestuser()) {
  82      print_error('noguest');
  83  }
  84  
  85  $returnurl = new moodle_url('/blog/index.php');
  86  
  87  if (!empty($courseid) && empty($modid)) {
  88      $returnurl->param('courseid', $courseid);
  89  }
  90  
  91  // If a modid is given, guess courseid.
  92  if (!empty($modid)) {
  93      $returnurl->param('modid', $modid);
  94      $courseid = $DB->get_field('course_modules', 'course', array('id' => $modid));
  95      $returnurl->param('courseid', $courseid);
  96  }
  97  
  98  $blogheaders = blog_get_headers();
  99  
 100  if (!has_capability('moodle/blog:create', $sitecontext) && !has_capability('moodle/blog:manageentries', $sitecontext)) {
 101      print_error('cannoteditentryorblog');
 102  }
 103  
 104  // Make sure that the person trying to edit has access right.
 105  if ($id) {
 106      if (!blog_user_can_edit_entry($entry)) {
 107          print_error('notallowedtoedit', 'blog');
 108      }
 109      $entry->subject      = clean_text($entry->subject);
 110      $entry->summary      = clean_text($entry->summary, $entry->format);
 111  } else {
 112      if (!has_capability('moodle/blog:create', $sitecontext)) {
 113          print_error('noentry', 'blog'); // The capability "manageentries" is not enough for adding.
 114      }
 115  }
 116  $returnurl->param('userid', $userid);
 117  
 118  // Blog renderer.
 119  $output = $PAGE->get_renderer('blog');
 120  
 121  $strblogs = get_string('blogs', 'blog');
 122  
 123  if ($action === 'delete') {
 124      // Init comment JS strings.
 125      comment::init();
 126  
 127      if (empty($entry->id)) {
 128          print_error('wrongentryid', 'blog');
 129      }
 130      if (data_submitted() && $confirm && confirm_sesskey()) {
 131          // Make sure the current user is the author of the blog entry, or has some deleteanyentry capability.
 132          if (!blog_user_can_edit_entry($entry)) {
 133              print_error('nopermissionstodeleteentry', 'blog');
 134          } else {
 135              $entry->delete();
 136              blog_rss_delete_file($userid);
 137              redirect($returnurl);
 138          }
 139      } else if (blog_user_can_edit_entry($entry)) {
 140          $optionsyes = array('entryid' => $id,
 141                              'action' => 'delete',
 142                              'confirm' => 1,
 143                              'sesskey' => sesskey(),
 144                              'courseid' => $courseid);
 145          $optionsno = array('userid' => $entry->userid, 'courseid' => $courseid);
 146          $PAGE->set_title("$SITE->shortname: $strblogs");
 147          $PAGE->set_heading($SITE->fullname);
 148          echo $OUTPUT->header();
 149  
 150          // Output edit mode title.
 151          echo $OUTPUT->heading($strblogs . ': ' . get_string('deleteentry', 'blog'), 2);
 152  
 153          echo $OUTPUT->confirm(get_string('blogdeleteconfirm', 'blog', format_string($entry->subject)),
 154                                new moodle_url('edit.php', $optionsyes),
 155                                new moodle_url('index.php', $optionsno));
 156  
 157          echo '<br />';
 158          // Output the entry.
 159          $entry->prepare_render();
 160          echo $output->render($entry);
 161  
 162          echo $OUTPUT->footer();
 163          die;
 164      }
 165  } else if ($action == 'add') {
 166      $editmodetitle = $strblogs . ': ' . get_string('addnewentry', 'blog');
 167      $PAGE->set_title("$SITE->shortname: $editmodetitle");
 168      $PAGE->set_heading(fullname($USER));
 169  } else if ($action == 'edit') {
 170      $editmodetitle = $strblogs . ': ' . get_string('editentry', 'blog');
 171      $PAGE->set_title("$SITE->shortname: $editmodetitle");
 172      $PAGE->set_heading(fullname($USER));
 173  }
 174  
 175  if (!empty($entry->id)) {
 176      if ($CFG->useblogassociations && ($blogassociations = $DB->get_records('blog_association', array('blogid' => $entry->id)))) {
 177  
 178          foreach ($blogassociations as $assocrec) {
 179              $context = context::instance_by_id($assocrec->contextid);
 180  
 181              switch ($context->contextlevel) {
 182                  case CONTEXT_COURSE:
 183                      $entry->courseassoc = $assocrec->contextid;
 184                      break;
 185                  case CONTEXT_MODULE:
 186                      $entry->modassoc = $assocrec->contextid;
 187                      break;
 188              }
 189          }
 190      }
 191  }
 192  
 193  $summaryoptions = array('maxfiles' => 99, 'maxbytes' => $CFG->maxbytes, 'trusttext' => true, 'context' => $sitecontext,
 194      'subdirs' => file_area_contains_subdirs($sitecontext, 'blog', 'post', $entry->id));
 195  $attachmentoptions = array('subdirs' => false, 'maxfiles' => 99, 'maxbytes' => $CFG->maxbytes);
 196  
 197  $blogeditform = new blog_edit_form(null, compact('entry',
 198                                                   'summaryoptions',
 199                                                   'attachmentoptions',
 200                                                   'sitecontext',
 201                                                   'courseid',
 202                                                   'modid'));
 203  
 204  $entry = file_prepare_standard_editor($entry, 'summary', $summaryoptions, $sitecontext, 'blog', 'post', $entry->id);
 205  $entry = file_prepare_standard_filemanager($entry,
 206                                             'attachment',
 207                                             $attachmentoptions,
 208                                             $sitecontext,
 209                                             'blog',
 210                                             'attachment',
 211                                             $entry->id);
 212  
 213  if (!empty($entry->id)) {
 214      $entry->tags = core_tag_tag::get_item_tags_array('core', 'post', $entry->id);
 215  }
 216  
 217  $entry->action = $action;
 218  // Set defaults.
 219  $blogeditform->set_data($entry);
 220  
 221  if ($blogeditform->is_cancelled()) {
 222      redirect($returnurl);
 223  
 224  } else if ($data = $blogeditform->get_data()) {
 225  
 226      switch ($action) {
 227          case 'add':
 228              $blogentry = new blog_entry(null, $data, $blogeditform);
 229              $blogentry->add();
 230              $blogentry->edit($data, $blogeditform, $summaryoptions, $attachmentoptions);
 231          break;
 232  
 233          case 'edit':
 234              if (empty($entry->id)) {
 235                  print_error('wrongentryid', 'blog');
 236              }
 237  
 238              $entry->edit($data, $blogeditform, $summaryoptions, $attachmentoptions);
 239          break;
 240  
 241          default :
 242              print_error('invalidaction');
 243      }
 244  
 245      redirect($returnurl);
 246  }
 247  
 248  
 249  // GUI setup.
 250  switch ($action) {
 251      case 'add':
 252          // Prepare new empty form.
 253          $entry->publishstate = 'site';
 254          $strformheading = get_string('addnewentry', 'blog');
 255          $entry->action       = $action;
 256  
 257          if ($CFG->useblogassociations) {
 258  
 259              // Pre-select the course for associations.
 260              if ($courseid) {
 261                  $context = context_course::instance($courseid);
 262                  $entry->courseassoc = $context->id;
 263              }
 264  
 265              // Pre-select the mod for associations.
 266              if ($modid) {
 267                  $context = context_module::instance($modid);
 268                  $entry->modassoc = $context->id;
 269              }
 270          }
 271          break;
 272  
 273      case 'edit':
 274          if (empty($entry->id)) {
 275              print_error('wrongentryid', 'blog');
 276          }
 277          $strformheading = get_string('updateentrywithid', 'blog');
 278  
 279          break;
 280  
 281      default :
 282          print_error('unknowaction');
 283  }
 284  
 285  $entry->modid = $modid;
 286  $entry->courseid = $courseid;
 287  
 288  echo $OUTPUT->header();
 289  // Output title for editing mode.
 290  if (isset($editmodetitle)) {
 291      echo $OUTPUT->heading($editmodetitle, 2);
 292  }
 293  $blogeditform->display();
 294  echo $OUTPUT->footer();
 295  
 296  die;