Search moodle.org's
Developer Documentation

See Release Notes
Long Term Support Release

  • Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
  • Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
  • PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.

Differences Between: [Versions 310 and 401] [Versions 311 and 401] [Versions 39 and 401] [Versions 400 and 401] [Versions 401 and 402] [Versions 401 and 403]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Form for editing HTML block instances.
  19   *
  20   * @package   block_html
  21   * @copyright 1999 onwards Martin Dougiamas (http://dougiamas.com)
  22   * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23   */
  24  
  25  class block_html extends block_base {
  26  
  27      function init() {
  28          $this->title = get_string('pluginname', 'block_html');
  29      }
  30  
  31      function has_config() {
  32          return true;
  33      }
  34  
  35      function applicable_formats() {
  36          return array('all' => true);
  37      }
  38  
  39      function specialization() {
  40          if (isset($this->config->title)) {
  41              $this->title = $this->title = format_string($this->config->title, true, ['context' => $this->context]);
  42          } else {
  43              $this->title = get_string('newhtmlblock', 'block_html');
  44          }
  45      }
  46  
  47      function instance_allow_multiple() {
  48          return true;
  49      }
  50  
  51      function get_content() {
  52          global $CFG;
  53  
  54          require_once($CFG->libdir . '/filelib.php');
  55  
  56          if ($this->content !== NULL) {
  57              return $this->content;
  58          }
  59  
  60          $filteropt = new stdClass;
  61          $filteropt->overflowdiv = true;
  62          if ($this->content_is_trusted()) {
  63              // fancy html allowed only on course, category and system blocks.
  64              $filteropt->noclean = true;
  65          }
  66  
  67          $this->content = new stdClass;
  68          $this->content->footer = '';
  69          if (isset($this->config->text)) {
  70              // rewrite url
  71              $this->config->text = file_rewrite_pluginfile_urls($this->config->text, 'pluginfile.php', $this->context->id, 'block_html', 'content', NULL);
  72              // Default to FORMAT_HTML which is what will have been used before the
  73              // editor was properly implemented for the block.
  74              $format = FORMAT_HTML;
  75              // Check to see if the format has been properly set on the config
  76              if (isset($this->config->format)) {
  77                  $format = $this->config->format;
  78              }
  79              $this->content->text = format_text($this->config->text, $format, $filteropt);
  80          } else {
  81              $this->content->text = '';
  82          }
  83  
  84          unset($filteropt); // memory footprint
  85  
  86          return $this->content;
  87      }
  88  
  89      public function get_content_for_external($output) {
  90          global $CFG;
  91          require_once($CFG->libdir . '/externallib.php');
  92  
  93          $bc = new stdClass;
  94          $bc->title = null;
  95          $bc->content = '';
  96          $bc->contenformat = FORMAT_MOODLE;
  97          $bc->footer = '';
  98          $bc->files = [];
  99  
 100          if (!$this->hide_header()) {
 101              $bc->title = $this->title;
 102          }
 103  
 104          if (isset($this->config->text)) {
 105              $filteropt = new stdClass;
 106              if ($this->content_is_trusted()) {
 107                  // Fancy html allowed only on course, category and system blocks.
 108                  $filteropt->noclean = true;
 109              }
 110  
 111              $format = FORMAT_HTML;
 112              // Check to see if the format has been properly set on the config.
 113              if (isset($this->config->format)) {
 114                  $format = $this->config->format;
 115              }
 116              list($bc->content, $bc->contentformat) =
 117                  external_format_text($this->config->text, $format, $this->context, 'block_html', 'content', null, $filteropt);
 118              $bc->files = external_util::get_area_files($this->context->id, 'block_html', 'content', false, false);
 119  
 120          }
 121          return $bc;
 122      }
 123  
 124  
 125      /**
 126       * Serialize and store config data
 127       */
 128      function instance_config_save($data, $nolongerused = false) {
 129          global $DB;
 130  
 131          $config = clone($data);
 132          // Move embedded files into a proper filearea and adjust HTML links to match
 133          $config->text = file_save_draft_area_files($data->text['itemid'], $this->context->id, 'block_html', 'content', 0, array('subdirs'=>true), $data->text['text']);
 134          $config->format = $data->text['format'];
 135  
 136          parent::instance_config_save($config, $nolongerused);
 137      }
 138  
 139      function instance_delete() {
 140          global $DB;
 141          $fs = get_file_storage();
 142          $fs->delete_area_files($this->context->id, 'block_html');
 143          return true;
 144      }
 145  
 146      /**
 147       * Copy any block-specific data when copying to a new block instance.
 148       * @param int $fromid the id number of the block instance to copy from
 149       * @return boolean
 150       */
 151      public function instance_copy($fromid) {
 152          $fromcontext = context_block::instance($fromid);
 153          $fs = get_file_storage();
 154          // Do not use draft files hacks outside of forms.
 155          $files = $fs->get_area_files($fromcontext->id, 'block_html', 'content', 0, 'id ASC', false);
 156          foreach ($files as $file) {
 157              $filerecord = ['contextid' => $this->context->id];
 158              $fs->create_file_from_storedfile($filerecord, $file);
 159          }
 160          return true;
 161      }
 162  
 163      function content_is_trusted() {
 164          global $SCRIPT;
 165  
 166          if (!$context = context::instance_by_id($this->instance->parentcontextid, IGNORE_MISSING)) {
 167              return false;
 168          }
 169          //find out if this block is on the profile page
 170          if ($context->contextlevel == CONTEXT_USER) {
 171              if ($SCRIPT === '/my/index.php') {
 172                  // this is exception - page is completely private, nobody else may see content there
 173                  // that is why we allow JS here
 174                  return true;
 175              } else {
 176                  // no JS on public personal pages, it would be a big security issue
 177                  return false;
 178              }
 179          }
 180  
 181          return true;
 182      }
 183  
 184      /**
 185       * The block should only be dockable when the title of the block is not empty
 186       * and when parent allows docking.
 187       *
 188       * @return bool
 189       */
 190      public function instance_can_be_docked() {
 191          return (!empty($this->config->title) && parent::instance_can_be_docked());
 192      }
 193  
 194      /*
 195       * Add custom html attributes to aid with theming and styling
 196       *
 197       * @return array
 198       */
 199      function html_attributes() {
 200          global $CFG;
 201  
 202          $attributes = parent::html_attributes();
 203  
 204          if (!empty($CFG->block_html_allowcssclasses)) {
 205              if (!empty($this->config->classes)) {
 206                  $attributes['class'] .= ' '.$this->config->classes;
 207              }
 208          }
 209  
 210          return $attributes;
 211      }
 212  
 213      /**
 214       * Return the plugin config settings for external functions.
 215       *
 216       * @return stdClass the configs for both the block instance and plugin
 217       * @since Moodle 3.8
 218       */
 219      public function get_config_for_external() {
 220          global $CFG;
 221  
 222          // Return all settings for all users since it is safe (no private keys, etc..).
 223          $instanceconfigs = !empty($this->config) ? $this->config : new stdClass();
 224          $pluginconfigs = (object) ['allowcssclasses' => $CFG->block_html_allowcssclasses];
 225  
 226          return (object) [
 227              'instance' => $instanceconfigs,
 228              'plugin' => $pluginconfigs,
 229          ];
 230      }
 231  }