Search moodle.org's
Developer Documentation
Developer Documentation
- Bug fixes for general core bugs in 4.2.x will end 22 April 2024 (12 months).
- Bug fixes for security issues in 4.2.x will end 7 October 2024 (18 months).
- PHP version: minimum PHP 8.0.0 Note: minimum PHP version has increased since Moodle 4.1. PHP 8.1.x is supported too.
Differences Between: [Versions 310 and 402] [Versions 311 and 402] [Versions 39 and 402] [Versions 400 and 402]
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * Core global functions for Blog. 19 * 20 * @package moodlecore 21 * @subpackage blog 22 * @copyright 2009 Nicolas Connault 23 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 24 */ 25 26 defined('MOODLE_INTERNAL') || die(); 27 28 /* 29 * Library of functions and constants for blog 30 */ 31 require_once($CFG->dirroot .'/blog/rsslib.php'); 32 33 /** 34 * User can edit a blog entry if this is their own blog entry and they have 35 * the capability moodle/blog:create, or if they have the capability 36 * moodle/blog:manageentries. 37 * 38 * This also applies to deleting of entries. 39 */ 40 function blog_user_can_edit_entry($blogentry) { 41 global $USER; 42 43 $sitecontext = context_system::instance(); 44 45 if (has_capability('moodle/blog:manageentries', $sitecontext)) { 46 return true; // Can edit any blog entry. 47 } 48 49 if ($blogentry->userid == $USER->id && has_capability('moodle/blog:create', $sitecontext)) { 50 return true; // Can edit own when having blog:create capability. 51 } 52 53 return false; 54 } 55 56 57 /** 58 * Checks to see if a user can view the blogs of another user. 59 * Only blog level is checked here, the capabilities are enforced 60 * in blog/index.php 61 */ 62 function blog_user_can_view_user_entry($targetuserid, $blogentry=null) { 63 global $CFG, $USER, $DB; 64 65 if (empty($CFG->enableblogs)) { 66 return false; // Blog system disabled. 67 } 68 69 if (isloggedin() && $USER->id == $targetuserid) { 70 return true; // Can view own entries in any case. 71 } 72 73 $sitecontext = context_system::instance(); 74 if (has_capability('moodle/blog:manageentries', $sitecontext)) { 75 return true; // Can manage all entries. 76 } 77 78 // If blog is in draft state, then make sure user have proper capability. 79 if ($blogentry && $blogentry->publishstate == 'draft' && !has_capability('moodle/blog:viewdrafts', $sitecontext)) { 80 return false; // Can not view draft of others. 81 } 82 83 // If blog entry is not public, make sure user is logged in. 84 if ($blogentry && $blogentry->publishstate != 'public' && !isloggedin()) { 85 return false; 86 } 87 88 // If blogentry is not passed or all above checks pass, then check capability based on system config. 89 switch ($CFG->bloglevel) { 90 case BLOG_GLOBAL_LEVEL: 91 return true; 92 break; 93 94 case BLOG_SITE_LEVEL: 95 if (isloggedin()) { // Not logged in viewers forbidden. 96 return true; 97 } 98 return false; 99 break; 100 101 case BLOG_USER_LEVEL: 102 default: 103 // If user is viewing other user blog, then user should have user:readuserblogs capability. 104 $personalcontext = context_user::instance($targetuserid); 105 return has_capability('moodle/user:readuserblogs', $personalcontext); 106 break; 107 108 } 109 } 110 111 /** 112 * remove all associations for the blog entries of a particular user 113 * @param int userid - id of user whose blog associations will be deleted 114 */ 115 function blog_remove_associations_for_user($userid) { 116 global $DB; 117 throw new coding_exception('function blog_remove_associations_for_user() is not finished'); 118 /* 119 $blogentries = blog_fetch_entries(array('user' => $userid), 'lasmodified DESC'); 120 foreach ($blogentries as $entry) { 121 if (blog_user_can_edit_entry($entry)) { 122 blog_remove_associations_for_entry($entry->id); 123 } 124 } 125 */ 126 } 127 128 /** 129 * remove all associations for the blog entries of a particular course 130 * @param int courseid - id of user whose blog associations will be deleted 131 */ 132 function blog_remove_associations_for_course($courseid) { 133 global $DB; 134 $context = context_course::instance($courseid); 135 $DB->delete_records('blog_association', array('contextid' => $context->id)); 136 } 137 138 /** 139 * Remove module associated blogs and blog tag instances. 140 * 141 * @param int $modcontextid Module context ID. 142 */ 143 function blog_remove_associations_for_module($modcontextid) { 144 global $DB; 145 146 if (!empty($assocblogids = $DB->get_fieldset_select('blog_association', 'blogid', 147 'contextid = :contextid', ['contextid' => $modcontextid]))) { 148 list($sql, $params) = $DB->get_in_or_equal($assocblogids, SQL_PARAMS_NAMED); 149 150 $DB->delete_records_select('tag_instance', "itemid $sql", $params); 151 $DB->delete_records_select('post', "id $sql AND module = :module", 152 array_merge($params, ['module' => 'blog'])); 153 $DB->delete_records('blog_association', ['contextid' => $modcontextid]); 154 } 155 } 156 157 /** 158 * Given a record in the {blog_external} table, checks the blog's URL 159 * for new entries not yet copied into Moodle. 160 * Also attempts to identify and remove deleted blog entries 161 * 162 * @param object $externalblog 163 * @return boolean False if the Feed is invalid 164 */ 165 function blog_sync_external_entries($externalblog) { 166 global $CFG, $DB; 167 require_once($CFG->libdir . '/simplepie/moodle_simplepie.php'); 168 169 $rss = new moodle_simplepie(); 170 $rssfile = $rss->registry->create('File', array($externalblog->url)); 171 $filetest = $rss->registry->create('Locator', array($rssfile)); 172 173 if (!$filetest->is_feed($rssfile)) { 174 $externalblog->failedlastsync = 1; 175 $DB->update_record('blog_external', $externalblog); 176 return false; 177 } else if (!empty($externalblog->failedlastsync)) { 178 $externalblog->failedlastsync = 0; 179 $DB->update_record('blog_external', $externalblog); 180 } 181 182 $rss->set_feed_url($externalblog->url); 183 $rss->init(); 184 185 if (empty($rss->data)) { 186 return null; 187 } 188 // Used to identify blog posts that have been deleted from the source feed. 189 $oldesttimestamp = null; 190 $uniquehashes = array(); 191 192 foreach ($rss->get_items() as $entry) { 193 // If filtertags are defined, use them to filter the entries by RSS category. 194 if (!empty($externalblog->filtertags)) { 195 $containsfiltertag = false; 196 $categories = $entry->get_categories(); 197 $filtertags = explode(',', $externalblog->filtertags); 198 $filtertags = array_map('trim', $filtertags); 199 $filtertags = array_map('strtolower', $filtertags); 200 201 if (!empty($categories)) { 202 foreach ($categories as $category) { 203 if (in_array(trim(strtolower($category->term)), $filtertags)) { 204 $containsfiltertag = true; 205 } 206 } 207 } 208 209 if (!$containsfiltertag) { 210 continue; 211 } 212 } 213 214 $uniquehashes[] = $entry->get_permalink(); 215 216 $newentry = new stdClass(); 217 $newentry->userid = $externalblog->userid; 218 $newentry->module = 'blog_external'; 219 $newentry->content = $externalblog->id; 220 $newentry->uniquehash = $entry->get_permalink(); 221 $newentry->publishstate = 'site'; 222 $newentry->format = FORMAT_HTML; 223 // Clean subject of html, just in case. 224 $newentry->subject = clean_param($entry->get_title(), PARAM_TEXT); 225 // Observe 128 max chars in DB. 226 // TODO: +1 to raise this to 255. 227 if (core_text::strlen($newentry->subject) > 128) { 228 $newentry->subject = core_text::substr($newentry->subject, 0, 125) . '...'; 229 } 230 $newentry->summary = $entry->get_description(); 231 232 // Used to decide whether to insert or update. 233 // Uses enty permalink plus creation date if available. 234 $existingpostconditions = array('uniquehash' => $entry->get_permalink()); 235 236 // Our DB doesnt allow null creation or modified timestamps so check the external blog supplied one. 237 $entrydate = $entry->get_date('U'); 238 if (!empty($entrydate)) { 239 $existingpostconditions['created'] = $entrydate; 240 } 241 242 // The post ID or false if post not found in DB. 243 $postid = $DB->get_field('post', 'id', $existingpostconditions); 244 245 $timestamp = null; 246 if (empty($entrydate)) { 247 $timestamp = time(); 248 } else { 249 $timestamp = $entrydate; 250 } 251 252 // Only set created if its a new post so we retain the original creation timestamp if the post is edited. 253 if ($postid === false) { 254 $newentry->created = $timestamp; 255 } 256 $newentry->lastmodified = $timestamp; 257 258 if (empty($oldesttimestamp) || $timestamp < $oldesttimestamp) { 259 // Found an older post. 260 $oldesttimestamp = $timestamp; 261 } 262 263 if (core_text::strlen($newentry->uniquehash) > 255) { 264 // The URL for this item is too long for the field. Rather than add 265 // the entry without the link we will skip straight over it. 266 // RSS spec says recommended length 500, we use 255. 267 debugging('External blog entry skipped because of oversized URL', DEBUG_DEVELOPER); 268 continue; 269 } 270 271 if ($postid === false) { 272 $id = $DB->insert_record('post', $newentry); 273 274 // Set tags. 275 if ($tags = core_tag_tag::get_item_tags_array('core', 'blog_external', $externalblog->id)) { 276 core_tag_tag::set_item_tags('core', 'post', $id, context_user::instance($externalblog->userid), $tags); 277 } 278 } else { 279 $newentry->id = $postid; 280 $DB->update_record('post', $newentry); 281 } 282 } 283 284 // Look at the posts we have in the database to check if any of them have been deleted from the feed. 285 // Only checking posts within the time frame returned by the rss feed. Older items may have been deleted or 286 // may just not be returned anymore. We can't tell the difference so we leave older posts alone. 287 $sql = "SELECT id, uniquehash 288 FROM {post} 289 WHERE module = 'blog_external' 290 AND " . $DB->sql_compare_text('content') . " = " . $DB->sql_compare_text(':blogid') . " 291 AND created > :ts"; 292 $dbposts = $DB->get_records_sql($sql, array('blogid' => $externalblog->id, 'ts' => $oldesttimestamp)); 293 294 $todelete = array(); 295 foreach ($dbposts as $dbpost) { 296 if ( !in_array($dbpost->uniquehash, $uniquehashes) ) { 297 $todelete[] = $dbpost->id; 298 } 299 } 300 $DB->delete_records_list('post', 'id', $todelete); 301 302 $DB->update_record('blog_external', array('id' => $externalblog->id, 'timefetched' => time())); 303 } 304 305 /** 306 * Given an external blog object, deletes all related blog entries from the post table. 307 * NOTE: The external blog's id is saved as post.content, a field that is not oterhwise used by blog entries. 308 * @param object $externablog 309 */ 310 function blog_delete_external_entries($externalblog) { 311 global $DB; 312 require_capability('moodle/blog:manageexternal', context_system::instance()); 313 $DB->delete_records_select('post', 314 "module='blog_external' AND " . $DB->sql_compare_text('content') . " = ?", 315 array($externalblog->id)); 316 } 317 318 /** 319 * This function checks that blogs are enabled, and that the user can see blogs at all 320 * @return bool 321 */ 322 function blog_is_enabled_for_user() { 323 global $CFG; 324 return (!empty($CFG->enableblogs) && (isloggedin() || ($CFG->bloglevel == BLOG_GLOBAL_LEVEL))); 325 } 326 327 /** 328 * This function gets all of the options available for the current user in respect 329 * to blogs. 330 * 331 * It loads the following if applicable: 332 * - Module options {@see blog_get_options_for_module} 333 * - Course options {@see blog_get_options_for_course} 334 * - User specific options {@see blog_get_options_for_user} 335 * - General options (BLOG_LEVEL_GLOBAL) 336 * 337 * @param moodle_page $page The page to load for (normally $PAGE) 338 * @param stdClass $userid Load for a specific user 339 * @return array An array of options organised by type. 340 */ 341 function blog_get_all_options(moodle_page $page, stdClass $userid = null) { 342 global $CFG, $DB, $USER; 343 344 $options = array(); 345 346 // If blogs are enabled and the user is logged in and not a guest. 347 if (blog_is_enabled_for_user()) { 348 // If the context is the user then assume we want to load for the users context. 349 if (is_null($userid) && $page->context->contextlevel == CONTEXT_USER) { 350 $userid = $page->context->instanceid; 351 } 352 // Check the userid var. 353 if (!is_null($userid) && $userid !== $USER->id) { 354 // Load the user from the userid... it MUST EXIST throw a wobbly if it doesn't! 355 $user = $DB->get_record('user', array('id' => $userid), '*', MUST_EXIST); 356 } else { 357 $user = null; 358 } 359 360 if ($CFG->useblogassociations && $page->cm !== null) { 361 // Load for the module associated with the page. 362 $options[CONTEXT_MODULE] = blog_get_options_for_module($page->cm, $user); 363 } else if ($CFG->useblogassociations && $page->course->id != SITEID) { 364 // Load the options for the course associated with the page. 365 $options[CONTEXT_COURSE] = blog_get_options_for_course($page->course, $user); 366 } 367 368 // Get the options for the user. 369 if ($user !== null and !isguestuser($user)) { 370 // Load for the requested user. 371 $options[CONTEXT_USER + 1] = blog_get_options_for_user($user); 372 } 373 // Load for the current user. 374 if (isloggedin() and !isguestuser()) { 375 $options[CONTEXT_USER] = blog_get_options_for_user(); 376 } 377 } 378 379 // If blog level is global then display a link to view all site entries. 380 if (!empty($CFG->enableblogs) 381 && $CFG->bloglevel >= BLOG_GLOBAL_LEVEL 382 && has_capability('moodle/blog:view', context_system::instance())) { 383 384 $options[CONTEXT_SYSTEM] = array('viewsite' => array( 385 'string' => get_string('viewsiteentries', 'blog'), 386 'link' => new moodle_url('/blog/index.php') 387 )); 388 } 389 390 // Return the options. 391 return $options; 392 } 393 394 /** 395 * Get all of the blog options that relate to the passed user. 396 * 397 * If no user is passed the current user is assumed. 398 * 399 * @staticvar array $useroptions Cache so we don't have to regenerate multiple times 400 * @param stdClass $user 401 * @return array The array of options for the requested user 402 */ 403 function blog_get_options_for_user(stdClass $user=null) { 404 global $CFG, $USER; 405 // Cache. 406 static $useroptions = array(); 407 408 $options = array(); 409 // Blogs must be enabled and the user must be logged in. 410 if (!blog_is_enabled_for_user()) { 411 return $options; 412 } 413 414 // Sort out the user var. 415 if ($user === null || $user->id == $USER->id) { 416 $user = $USER; 417 $iscurrentuser = true; 418 } else { 419 $iscurrentuser = false; 420 } 421 422 // If we've already generated serve from the cache. 423 if (array_key_exists($user->id, $useroptions)) { 424 return $useroptions[$user->id]; 425 } 426 427 $sitecontext = context_system::instance(); 428 $canview = has_capability('moodle/blog:view', $sitecontext); 429 430 if (!$iscurrentuser && $canview && ($CFG->bloglevel >= BLOG_SITE_LEVEL)) { 431 // Not the current user, but we can view and its blogs are enabled for SITE or GLOBAL. 432 $options['userentries'] = array( 433 'string' => get_string('viewuserentries', 'blog', fullname($user)), 434 'link' => new moodle_url('/blog/index.php', array('userid' => $user->id)) 435 ); 436 } else { 437 // It's the current user. 438 if ($canview) { 439 // We can view our own blogs .... BIG surprise. 440 $options['view'] = array( 441 'string' => get_string('blogentries', 'blog'), 442 'link' => new moodle_url('/blog/index.php', array('userid' => $USER->id)) 443 ); 444 } 445 if (has_capability('moodle/blog:create', $sitecontext)) { 446 // We can add to our own blog. 447 $options['add'] = array( 448 'string' => get_string('addnewentry', 'blog'), 449 'link' => new moodle_url('/blog/edit.php', array('action' => 'add')) 450 ); 451 } 452 } 453 if ($canview && $CFG->enablerssfeeds) { 454 $options['rss'] = array( 455 'string' => get_string('rssfeed', 'blog'), 456 'link' => new moodle_url(rss_get_url($sitecontext->id, $USER->id, 'blog', 'user/'.$user->id)) 457 ); 458 } 459 460 // Cache the options. 461 $useroptions[$user->id] = $options; 462 // Return the options. 463 return $options; 464 } 465 466 /** 467 * Get the blog options that relate to the given course for the given user. 468 * 469 * @staticvar array $courseoptions A cache so we can save regenerating multiple times 470 * @param stdClass $course The course to load options for 471 * @param stdClass $user The user to load options for null == current user 472 * @return array The array of options 473 */ 474 function blog_get_options_for_course(stdClass $course, stdClass $user=null) { 475 global $CFG, $USER; 476 // Cache. 477 static $courseoptions = array(); 478 479 $options = array(); 480 481 // User must be logged in and blogs must be enabled. 482 if (!blog_is_enabled_for_user()) { 483 return $options; 484 } 485 486 // Check that the user can associate with the course. 487 $sitecontext = context_system::instance(); 488 // Generate the cache key. 489 $key = $course->id.':'; 490 if (!empty($user)) { 491 $key .= $user->id; 492 } else { 493 $key .= $USER->id; 494 } 495 // Serve from the cache if we've already generated for this course. 496 if (array_key_exists($key, $courseoptions)) { 497 return $courseoptions[$key]; 498 } 499 500 if (has_capability('moodle/blog:view', $sitecontext)) { 501 // We can view! 502 if ($CFG->bloglevel >= BLOG_SITE_LEVEL) { 503 // View entries about this course. 504 $options['courseview'] = array( 505 'string' => get_string('viewcourseblogs', 'blog'), 506 'link' => new moodle_url('/blog/index.php', array('courseid' => $course->id)) 507 ); 508 } 509 // View MY entries about this course. 510 $options['courseviewmine'] = array( 511 'string' => get_string('viewmyentriesaboutcourse', 'blog'), 512 'link' => new moodle_url('/blog/index.php', array('courseid' => $course->id, 'userid' => $USER->id)) 513 ); 514 if (!empty($user) && ($CFG->bloglevel >= BLOG_SITE_LEVEL)) { 515 // View the provided users entries about this course. 516 $options['courseviewuser'] = array( 517 'string' => get_string('viewentriesbyuseraboutcourse', 'blog', fullname($user)), 518 'link' => new moodle_url('/blog/index.php', array('courseid' => $course->id, 'userid' => $user->id)) 519 ); 520 } 521 } 522 523 if (has_capability('moodle/blog:create', $sitecontext)) { 524 // We can blog about this course. 525 $options['courseadd'] = array( 526 'string' => get_string('blogaboutthiscourse', 'blog'), 527 'link' => new moodle_url('/blog/edit.php', array('action' => 'add', 'courseid' => $course->id)) 528 ); 529 } 530 531 // Cache the options for this course. 532 $courseoptions[$key] = $options; 533 // Return the options. 534 return $options; 535 } 536 537 /** 538 * Get the blog options relating to the given module for the given user 539 * 540 * @staticvar array $moduleoptions Cache 541 * @param stdClass|cm_info $module The module to get options for 542 * @param stdClass $user The user to get options for null == currentuser 543 * @return array 544 */ 545 function blog_get_options_for_module($module, $user=null) { 546 global $CFG, $USER; 547 // Cache. 548 static $moduleoptions = array(); 549 550 $options = array(); 551 // User must be logged in, blogs must be enabled. 552 if (!blog_is_enabled_for_user()) { 553 return $options; 554 } 555 556 $sitecontext = context_system::instance(); 557 558 // Generate the cache key. 559 $key = $module->id.':'; 560 if (!empty($user)) { 561 $key .= $user->id; 562 } else { 563 $key .= $USER->id; 564 } 565 if (array_key_exists($key, $moduleoptions)) { 566 // Serve from the cache so we don't have to regenerate. 567 return $moduleoptions[$key]; 568 } 569 570 if (has_capability('moodle/blog:view', $sitecontext)) { 571 // Save correct module name for later usage. 572 $modulename = get_string('modulename', $module->modname); 573 574 // We can view! 575 if ($CFG->bloglevel >= BLOG_SITE_LEVEL) { 576 // View all entries about this module. 577 $a = new stdClass; 578 $a->type = $modulename; 579 $options['moduleview'] = array( 580 'string' => get_string('viewallmodentries', 'blog', $a), 581 'link' => new moodle_url('/blog/index.php', array('modid' => $module->id)) 582 ); 583 } 584 // View MY entries about this module. 585 $options['moduleviewmine'] = array( 586 'string' => get_string('viewmyentriesaboutmodule', 'blog', $modulename), 587 'link' => new moodle_url('/blog/index.php', array('modid' => $module->id, 'userid' => $USER->id)) 588 ); 589 if (!empty($user) && ($CFG->bloglevel >= BLOG_SITE_LEVEL)) { 590 // View the given users entries about this module. 591 $a = new stdClass; 592 $a->mod = $modulename; 593 $a->user = fullname($user); 594 $options['moduleviewuser'] = array( 595 'string' => get_string('blogentriesbyuseraboutmodule', 'blog', $a), 596 'link' => new moodle_url('/blog/index.php', array('modid' => $module->id, 'userid' => $user->id)) 597 ); 598 } 599 } 600 601 if (has_capability('moodle/blog:create', $sitecontext)) { 602 // The user can blog about this module. 603 $options['moduleadd'] = array( 604 'string' => get_string('blogaboutthismodule', 'blog', $modulename), 605 'link' => new moodle_url('/blog/edit.php', array('action' => 'add', 'modid' => $module->id)) 606 ); 607 } 608 // Cache the options. 609 $moduleoptions[$key] = $options; 610 // Return the options. 611 return $options; 612 } 613 614 /** 615 * This function encapsulates all the logic behind the complex 616 * navigation, titles and headings of the blog listing page, depending 617 * on URL params. It looks at URL params and at the current context level. 618 * It builds and returns an array containing: 619 * 620 * 1. heading: The heading displayed above the blog entries 621 * 2. stradd: The text to be used as the "Add entry" link 622 * 3. strview: The text to be used as the "View entries" link 623 * 4. url: The moodle_url object used as the base for add and view links 624 * 5. filters: An array of parameters used to filter blog listings. Used by index.php and the Recent blogs block 625 * 626 * All other variables are set directly in $PAGE 627 * 628 * It uses the current URL to build these variables. 629 * A number of mutually exclusive use cases are used to structure this function. 630 * 631 * @param int $courseid course id the the blog is associated to (can be null). 632 * @param int $groupid group id to filter blogs I can see (can be null) 633 * @param int $userid blog author id (can be null) 634 * @param int $tagid tag id to filter (can be null) 635 * @param string $tag tag name to filter (can be null) 636 * @param int $modid module id the blog is associated to (can be null). 637 * @param int $entryid blog entry id to filter(can be null) 638 * @param string $search string to search (can be null) 639 * @return array 640 */ 641 function blog_get_headers($courseid=null, $groupid=null, $userid=null, $tagid=null, $tag=null, $modid=null, $entryid=null, 642 $search = null) { 643 global $CFG, $PAGE, $DB, $USER; 644 645 $id = optional_param('id', null, PARAM_INT); 646 $tag = optional_param('tag', $tag, PARAM_NOTAGS); 647 $tagid = optional_param('tagid', $tagid, PARAM_INT); 648 $userid = optional_param('userid', $userid, PARAM_INT); 649 $modid = optional_param('modid', $modid, PARAM_INT); 650 $entryid = optional_param('entryid', $entryid, PARAM_INT); 651 $groupid = optional_param('groupid', $groupid, PARAM_INT); 652 $courseid = optional_param('courseid', $courseid, PARAM_INT); 653 $search = optional_param('search', $search, PARAM_RAW); 654 $action = optional_param('action', null, PARAM_ALPHA); 655 $confirm = optional_param('confirm', false, PARAM_BOOL); 656 657 // Ignore userid when action == add. 658 if ($action == 'add' && $userid) { 659 unset($userid); 660 $PAGE->url->remove_params(array('userid')); 661 } else if ($action == 'add' && $entryid) { 662 unset($entryid); 663 $PAGE->url->remove_params(array('entryid')); 664 } 665 666 $headers = array('title' => '', 'heading' => '', 'cm' => null, 'filters' => array()); 667 668 $blogurl = new moodle_url('/blog/index.php'); 669 670 $headers['stradd'] = get_string('addnewentry', 'blog'); 671 $headers['strview'] = null; 672 673 $site = $DB->get_record('course', array('id' => SITEID)); 674 $sitecontext = context_system::instance(); 675 // Common Lang strings. 676 $strparticipants = get_string("participants"); 677 $strblogentries = get_string("blogentries", 'blog'); 678 679 // Prepare record objects as needed. 680 if (!empty($courseid)) { 681 $headers['filters']['course'] = $courseid; 682 $course = $DB->get_record('course', array('id' => $courseid)); 683 } 684 685 if (!empty($userid)) { 686 $headers['filters']['user'] = $userid; 687 $user = $DB->get_record('user', array('id' => $userid)); 688 } 689 690 if (!empty($groupid)) { // The groupid always overrides courseid. 691 $headers['filters']['group'] = $groupid; 692 $group = $DB->get_record('groups', array('id' => $groupid)); 693 $course = $DB->get_record('course', array('id' => $group->courseid)); 694 } 695 696 $PAGE->set_pagelayout('standard'); 697 698 // The modid always overrides courseid, so the $course object may be reset here. 699 if (!empty($modid) && $CFG->useblogassociations) { 700 701 $headers['filters']['module'] = $modid; 702 // A groupid param may conflict with this coursemod's courseid. Ignore groupid in that case. 703 $courseid = $DB->get_field('course_modules', 'course', array('id' => $modid)); 704 $course = $DB->get_record('course', array('id' => $courseid)); 705 $cm = $DB->get_record('course_modules', array('id' => $modid)); 706 $cm->modname = $DB->get_field('modules', 'name', array('id' => $cm->module)); 707 $cm->name = $DB->get_field($cm->modname, 'name', array('id' => $cm->instance)); 708 $a = new stdClass(); 709 $a->type = get_string('modulename', $cm->modname); 710 $PAGE->set_cm($cm, $course); 711 $headers['stradd'] = get_string('blogaboutthis', 'blog', $a); 712 $headers['strview'] = get_string('viewallmodentries', 'blog', $a); 713 } 714 715 // Case 1: No entry, mod, course or user params: all site entries to be shown (filtered by search and tag/tagid) 716 // Note: if action is set to 'add' or 'edit', we do this at the end. 717 if (empty($entryid) && empty($modid) && empty($courseid) && empty($userid) && !in_array($action, array('edit', 'add'))) { 718 $PAGE->navbar->add($strblogentries, $blogurl); 719 $strsiteblog = get_string('siteblogheading', 'blog'); 720 $PAGE->set_title($strsiteblog); 721 $PAGE->set_heading($site->fullname); 722 $headers['heading'] = $strsiteblog; 723 } 724 725 // Case 2: only entryid is requested, ignore all other filters. courseid is used to give more contextual information. 726 if (!empty($entryid)) { 727 $headers['filters']['entry'] = $entryid; 728 $sql = 'SELECT u.* FROM {user} u, {post} p WHERE p.id = ? AND p.userid = u.id'; 729 $user = $DB->get_record_sql($sql, array($entryid)); 730 $entry = $DB->get_record('post', array('id' => $entryid)); 731 732 $blogurl->param('userid', $user->id); 733 734 if (!empty($course)) { 735 $mycourseid = $course->id; 736 $blogurl->param('courseid', $mycourseid); 737 } else { 738 $mycourseid = $site->id; 739 } 740 $shortname = format_string($site->shortname, true, array('context' => context_course::instance(SITEID))); 741 742 $PAGE->navbar->add($strblogentries, $blogurl); 743 744 $blogurl->remove_params('userid'); 745 $PAGE->navbar->add($entry->subject, $blogurl); 746 $blogentryby = get_string('blogentrybyuser', 'blog', fullname($user)); 747 $PAGE->set_title($entry->subject . moodle_page::TITLE_SEPARATOR . $blogentryby); 748 $PAGE->set_heading("$shortname: " . fullname($user) . ": $entry->subject"); 749 $headers['heading'] = $blogentryby; 750 751 // We ignore tag and search params. 752 if (empty($action) || !$CFG->useblogassociations) { 753 $headers['url'] = $blogurl; 754 return $headers; 755 } 756 } 757 758 if (!empty($userid) && empty($entryid) && ((empty($courseid) && empty($modid)) || !$CFG->useblogassociations)) { 759 // Case 3: A user's blog entries. 760 761 $shortname = format_string($site->shortname, true, array('context' => context_course::instance(SITEID))); 762 $blogurl->param('userid', $userid); 763 $PAGE->set_title(fullname($user) . ": " . get_string('blog', 'blog')); 764 $PAGE->set_heading("$shortname: " . fullname($user) . ": " . get_string('blog', 'blog')); 765 $headers['heading'] = get_string('userblog', 'blog', fullname($user)); 766 $headers['strview'] = get_string('viewuserentries', 'blog', fullname($user)); 767 768 } else if (!$CFG->useblogassociations && empty($userid) && !in_array($action, array('edit', 'add'))) { 769 // Case 4: No blog associations, no userid. 770 771 $strsiteblog = get_string('siteblogheading', 'blog'); 772 $PAGE->set_title($strsiteblog); 773 $PAGE->set_heading($site->fullname); 774 $headers['heading'] = $strsiteblog; 775 } else if (!empty($userid) && !empty($modid) && empty($entryid)) { 776 // Case 5: Blog entries associated with an activity by a specific user (courseid ignored). 777 778 $shortname = format_string($site->shortname, true, array('context' => context_course::instance(SITEID))); 779 $blogurl->param('userid', $userid); 780 $blogurl->param('modid', $modid); 781 782 // Course module navigation is handled by build_navigation as the second param. 783 $headers['cm'] = $cm; 784 $PAGE->navbar->add(fullname($user), "$CFG->wwwroot/user/view.php?id=$user->id"); 785 $PAGE->navbar->add($strblogentries, $blogurl); 786 787 $PAGE->set_title(fullname($user) . ': ' . get_string('blogentries', 'blog') . moodle_page::TITLE_SEPARATOR . $cm->name); 788 $PAGE->set_heading("$shortname: $cm->name: " . fullname($user) . ': ' . get_string('blogentries', 'blog')); 789 790 $a = new stdClass(); 791 $a->user = fullname($user); 792 $a->mod = $cm->name; 793 $a->type = get_string('modulename', $cm->modname); 794 $headers['heading'] = get_string('blogentriesbyuseraboutmodule', 'blog', $a); 795 $headers['stradd'] = get_string('blogaboutthis', 'blog', $a); 796 $headers['strview'] = get_string('viewallmodentries', 'blog', $a); 797 } else if (!empty($userid) && !empty($courseid) && empty($modid) && empty($entryid)) { 798 // Case 6: Blog entries associated with a course by a specific user. 799 800 $blogurl->param('userid', $userid); 801 $blogurl->param('courseid', $courseid); 802 803 $PAGE->set_title($course->fullname); 804 $PAGE->set_heading($course->fullname); 805 806 $a = new stdClass(); 807 $a->user = fullname($user); 808 $a->course = format_string($course->fullname, true, array('context' => context_course::instance($course->id))); 809 $a->type = get_string('course'); 810 $headers['heading'] = get_string('blogentriesbyuseraboutcourse', 'blog', $a); 811 $headers['stradd'] = get_string('blogaboutthis', 'blog', $a); 812 $headers['strview'] = get_string('viewblogentries', 'blog', $a); 813 814 // Remove the userid from the URL to inform the blog_menu block correctly. 815 $blogurl->remove_params(array('userid')); 816 } else if (!empty($groupid) && empty($modid) && empty($entryid)) { 817 // Case 7: Blog entries by members of a group, associated with that group's course. 818 819 $blogurl->param('courseid', $course->id); 820 821 $PAGE->navbar->add($strblogentries, $blogurl); 822 $blogurl->remove_params(array('courseid')); 823 $blogurl->param('groupid', $groupid); 824 $PAGE->navbar->add($group->name, $blogurl); 825 826 $PAGE->set_title($course->fullname); 827 $PAGE->set_heading($course->fullname); 828 829 $a = new stdClass(); 830 $a->group = $group->name; 831 $a->course = format_string($course->fullname, true, array('context' => context_course::instance($course->id))); 832 $a->type = get_string('course'); 833 $headers['heading'] = get_string('blogentriesbygroupaboutcourse', 'blog', $a); 834 $headers['stradd'] = get_string('blogaboutthis', 'blog', $a); 835 $headers['strview'] = get_string('viewblogentries', 'blog', $a); 836 } else if (!empty($groupid) && !empty($modid) && empty($entryid)) { 837 // Case 8: Blog entries by members of a group, associated with an activity in that course. 838 839 $headers['cm'] = $cm; 840 $blogurl->param('modid', $modid); 841 $PAGE->navbar->add($strblogentries, $blogurl); 842 843 $blogurl->param('groupid', $groupid); 844 $PAGE->navbar->add($group->name, $blogurl); 845 846 $PAGE->set_title($course->fullname); 847 $PAGE->set_heading($course->fullname); 848 849 $a = new stdClass(); 850 $a->group = $group->name; 851 $a->mod = $cm->name; 852 $a->type = get_string('modulename', $cm->modname); 853 $headers['heading'] = get_string('blogentriesbygroupaboutmodule', 'blog', $a); 854 $headers['stradd'] = get_string('blogaboutthis', 'blog', $a); 855 $headers['strview'] = get_string('viewallmodentries', 'blog', $a); 856 857 } else if (!empty($modid) && empty($userid) && empty($groupid) && empty($entryid)) { 858 // Case 9: All blog entries associated with an activity. 859 860 $PAGE->set_cm($cm, $course); 861 $blogurl->param('modid', $modid); 862 $PAGE->navbar->add($strblogentries, $blogurl); 863 $PAGE->set_title($course->fullname); 864 $PAGE->set_heading($course->fullname); 865 $headers['heading'] = get_string('blogentriesabout', 'blog', $cm->name); 866 $a = new stdClass(); 867 $a->type = get_string('modulename', $cm->modname); 868 $headers['stradd'] = get_string('blogaboutthis', 'blog', $a); 869 $headers['strview'] = get_string('viewallmodentries', 'blog', $a); 870 } else if (!empty($courseid) && empty($userid) && empty($groupid) && empty($modid) && empty($entryid)) { 871 // Case 10: All blog entries associated with a course. 872 873 $blogurl->param('courseid', $courseid); 874 $PAGE->navbar->add($strblogentries, $blogurl); 875 $PAGE->set_title($course->fullname); 876 $PAGE->set_heading($course->fullname); 877 $a = new stdClass(); 878 $a->type = get_string('course'); 879 $headers['heading'] = get_string('blogentriesabout', 880 'blog', 881 format_string($course->fullname, 882 true, 883 array('context' => context_course::instance($course->id)))); 884 $headers['stradd'] = get_string('blogaboutthis', 'blog', $a); 885 $headers['strview'] = get_string('viewblogentries', 'blog', $a); 886 $blogurl->remove_params(array('userid')); 887 } 888 889 if (!in_array($action, array('edit', 'add'))) { 890 // Append Tag info. 891 if (!empty($tagid)) { 892 $headers['filters']['tag'] = $tagid; 893 $blogurl->param('tagid', $tagid); 894 $tagrec = $DB->get_record('tag', array('id' => $tagid)); 895 $PAGE->navbar->add($tagrec->name, $blogurl); 896 } else if (!empty($tag)) { 897 if ($tagrec = $DB->get_record('tag', array('name' => $tag))) { 898 $tagid = $tagrec->id; 899 $headers['filters']['tag'] = $tagid; 900 $blogurl->param('tag', $tag); 901 $PAGE->navbar->add(get_string('tagparam', 'blog', $tag), $blogurl); 902 } 903 } 904 905 // Append Search info. 906 if (!empty($search) && has_capability('moodle/blog:search', $sitecontext)) { 907 $headers['filters']['search'] = $search; 908 $blogurl->param('search', $search); 909 $PAGE->navbar->add(get_string('searchterm', 'blog', s($search)), $blogurl->out()); 910 } 911 } 912 913 // Append edit mode info. 914 if (!empty($action) && $action == 'add') { 915 916 } else if (!empty($action) && $action == 'edit') { 917 $PAGE->navbar->add(get_string('editentry', 'blog')); 918 } 919 920 if (empty($headers['url'])) { 921 $headers['url'] = $blogurl; 922 } 923 return $headers; 924 } 925 926 /** 927 * Shortcut function for getting a count of blog entries associated with a course or a module 928 * @param int $courseid The ID of the course 929 * @param int $cmid The ID of the course_modules 930 * @return string The number of associated entries 931 */ 932 function blog_get_associated_count($courseid, $cmid=null) { 933 global $DB; 934 $context = context_course::instance($courseid); 935 if ($cmid) { 936 $context = context_module::instance($cmid); 937 } 938 return $DB->count_records('blog_association', array('contextid' => $context->id)); 939 } 940 941 /** 942 * Running addtional permission check on plugin, for example, plugins 943 * may have switch to turn on/off comments option, this callback will 944 * affect UI display, not like pluginname_comment_validate only throw 945 * exceptions. 946 * blog_comment_validate will be called before viewing/adding/deleting 947 * comment, so don't repeat checks. 948 * Capability check has been done in comment->check_permissions(), we 949 * don't need to do it again here. 950 * 951 * @package core_blog 952 * @category comment 953 * 954 * @param stdClass $commentparam { 955 * context => context the context object 956 * courseid => int course id 957 * cm => stdClass course module object 958 * commentarea => string comment area 959 * itemid => int itemid 960 * } 961 * @return array 962 */ 963 function blog_comment_permissions($commentparam) { 964 global $DB; 965 966 // If blog is public and current user is guest, then don't let him post comments. 967 $blogentry = $DB->get_record('post', array('id' => $commentparam->itemid), 'publishstate', MUST_EXIST); 968 969 if ($blogentry->publishstate != 'public') { 970 if (!isloggedin() || isguestuser()) { 971 return array('post' => false, 'view' => true); 972 } 973 } 974 return array('post' => true, 'view' => true); 975 } 976 977 /** 978 * Validate comment parameter before perform other comments actions 979 * 980 * @package core_blog 981 * @category comment 982 * 983 * @param stdClass $comment { 984 * context => context the context object 985 * courseid => int course id 986 * cm => stdClass course module object 987 * commentarea => string comment area 988 * itemid => int itemid 989 * } 990 * @return boolean 991 */ 992 function blog_comment_validate($commentparam) { 993 global $CFG, $DB, $USER; 994 995 // Check if blogs are enabled user can comment. 996 if (empty($CFG->enableblogs) || empty($CFG->blogusecomments)) { 997 throw new comment_exception('nopermissiontocomment'); 998 } 999 1000 // Validate comment area. 1001 if ($commentparam->commentarea != 'format_blog') { 1002 throw new comment_exception('invalidcommentarea'); 1003 } 1004 1005 $blogentry = $DB->get_record('post', array('id' => $commentparam->itemid), '*', MUST_EXIST); 1006 1007 // Validation for comment deletion. 1008 if (!empty($commentparam->commentid)) { 1009 if ($record = $DB->get_record('comments', array('id' => $commentparam->commentid))) { 1010 if ($record->commentarea != 'format_blog') { 1011 throw new comment_exception('invalidcommentarea'); 1012 } 1013 if ($record->contextid != $commentparam->context->id) { 1014 throw new comment_exception('invalidcontext'); 1015 } 1016 if ($record->itemid != $commentparam->itemid) { 1017 throw new comment_exception('invalidcommentitemid'); 1018 } 1019 } else { 1020 throw new comment_exception('invalidcommentid'); 1021 } 1022 } 1023 1024 // Validate if user has blog view permission. 1025 $sitecontext = context_system::instance(); 1026 return has_capability('moodle/blog:view', $sitecontext) && 1027 blog_user_can_view_user_entry($blogentry->userid, $blogentry); 1028 } 1029 1030 /** 1031 * Return a list of page types 1032 * @param string $pagetype current page type 1033 * @param stdClass $parentcontext Block's parent context 1034 * @param stdClass $currentcontext Current context of block 1035 */ 1036 function blog_page_type_list($pagetype, $parentcontext, $currentcontext) { 1037 return array( 1038 '*' => get_string('page-x', 'pagetype'), 1039 'blog-*' => get_string('page-blog-x', 'blog'), 1040 'blog-index' => get_string('page-blog-index', 'blog'), 1041 'blog-edit' => get_string('page-blog-edit', 'blog') 1042 ); 1043 } 1044 1045 /** 1046 * Add nodes to myprofile page. 1047 * 1048 * @param \core_user\output\myprofile\tree $tree Tree object 1049 * @param stdClass $user user object 1050 * @param bool $iscurrentuser 1051 * @param stdClass $course Course object 1052 * 1053 * @return bool 1054 */ 1055 function core_blog_myprofile_navigation(core_user\output\myprofile\tree $tree, $user, $iscurrentuser, $course) { 1056 global $CFG; 1057 if (!blog_is_enabled_for_user() || isguestuser($user)) { 1058 // The guest user cannot post, so it is not possible to view any posts. 1059 // Also blogs might be disabled. 1060 // May as well just bail aggressively here. 1061 return true; 1062 } 1063 if (!blog_user_can_view_user_entry($user->id)) { 1064 return true; 1065 } 1066 $url = new moodle_url("/blog/index.php", array('userid' => $user->id)); 1067 if (!empty($course)) { 1068 $url->param('courseid', $course->id); 1069 } 1070 if ($iscurrentuser) { 1071 $title = get_string('blogentries', 'core_blog'); 1072 } else { 1073 $title = get_string('myprofileuserblogs', 'core_blog'); 1074 } 1075 $blognode = new core_user\output\myprofile\node('miscellaneous', 'blogs', $title, null, $url); 1076 $tree->add_node($blognode); 1077 return true; 1078 } 1079 1080 /** 1081 * Returns posts tagged with a specified tag. 1082 * 1083 * @param core_tag_tag $tag 1084 * @param bool $exclusivemode if set to true it means that no other entities tagged with this tag 1085 * are displayed on the page and the per-page limit may be bigger 1086 * @param int $fromctx context id where the link was displayed, may be used by callbacks 1087 * to display items in the same context first 1088 * @param int $ctx context id where to search for records 1089 * @param bool $rec search in subcontexts as well 1090 * @param int $page 0-based number of page being displayed 1091 * @return \core_tag\output\tagindex 1092 */ 1093 function blog_get_tagged_posts($tag, $exclusivemode = false, $fromctx = 0, $ctx = 0, $rec = true, $page = 0) { 1094 global $CFG, $OUTPUT; 1095 require_once($CFG->dirroot.'/user/lib.php'); 1096 1097 $systemcontext = context_system::instance(); 1098 $perpage = $exclusivemode ? 20 : 5; 1099 $context = $ctx ? context::instance_by_id($ctx) : context_system::instance(); 1100 1101 $content = ''; 1102 if (empty($CFG->enableblogs) || !has_capability('moodle/blog:view', $systemcontext)) { 1103 // Blogs are not enabled or are not visible to the current user. 1104 $totalpages = 0; 1105 } else if ($context->contextlevel != CONTEXT_SYSTEM && empty($CFG->useblogassociations)) { 1106 // No blog entries can be associated to the non-system context. 1107 $totalpages = 0; 1108 } else if (!$rec && $context->contextlevel != CONTEXT_COURSE && $context->contextlevel != CONTEXT_MODULE) { 1109 // No blog entries can be associated with category or block context. 1110 $totalpages = 0; 1111 } else { 1112 require_once($CFG->dirroot.'/blog/locallib.php'); 1113 1114 $filters = array('tag' => $tag->id); 1115 if ($rec) { 1116 if ($context->contextlevel != CONTEXT_SYSTEM) { 1117 $filters['context'] = $context->id; 1118 } 1119 } else if ($context->contextlevel == CONTEXT_COURSE) { 1120 $filters['course'] = $context->instanceid; 1121 } else if ($context->contextlevel == CONTEXT_MODULE) { 1122 $filters['module'] = $context->instanceid; 1123 } 1124 $bloglisting = new blog_listing($filters); 1125 $blogs = $bloglisting->get_entries($page * $perpage, $perpage); 1126 $totalcount = $bloglisting->count_entries(); 1127 $totalpages = ceil($totalcount / $perpage); 1128 if (!empty($blogs)) { 1129 $tagfeed = new core_tag\output\tagfeed(); 1130 foreach ($blogs as $blog) { 1131 $user = fullclone($blog); 1132 $user->id = $blog->userid; 1133 $user->deleted = 0; 1134 $img = $OUTPUT->user_picture($user, array('size' => 35)); 1135 $subject = format_string($blog->subject); 1136 1137 if ($blog->publishstate == 'draft') { 1138 $class = 'dimmed'; 1139 } else { 1140 $class = ''; 1141 } 1142 1143 $url = new moodle_url('/blog/index.php', array('entryid' => $blog->id)); 1144 $subject = html_writer::link($url, $subject, array('class' => $class)); 1145 1146 $fullname = fullname($user); 1147 if (user_can_view_profile($user)) { 1148 $profilelink = new moodle_url('/user/view.php', array('id' => $blog->userid)); 1149 $fullname = html_writer::link($profilelink, $fullname); 1150 } 1151 $details = $fullname . ', ' . userdate($blog->created); 1152 1153 $tagfeed->add($img, $subject, $details); 1154 } 1155 1156 $items = $tagfeed->export_for_template($OUTPUT); 1157 $content = $OUTPUT->render_from_template('core_tag/tagfeed', $items); 1158 1159 $urlparams = array('tagid' => $tag->id); 1160 if ($context->contextlevel == CONTEXT_COURSE) { 1161 $urlparams['courseid'] = $context->instanceid; 1162 } else if ($context->contextlevel == CONTEXT_MODULE) { 1163 $urlparams['modid'] = $context->instanceid; 1164 } 1165 $allblogsurl = new moodle_url('/blog/index.php', $urlparams); 1166 1167 $rv = new core_tag\output\tagindex($tag, 'core', 'post', 1168 $content, 1169 $exclusivemode, $fromctx, $ctx, $rec, $page, $totalpages); 1170 $rv->exclusiveurl = $allblogsurl; 1171 return $rv; 1172 } 1173 } 1174 1175 $rv = new core_tag\output\tagindex($tag, 'core', 'post', 1176 $content, 1177 $exclusivemode, $fromctx, $ctx, $rec, $page, $totalpages); 1178 $rv->exclusiveurl = null; 1179 return $rv; 1180 } 1181 1182 /** 1183 * Validate the access to a blog. 1184 * 1185 * @param int $courseid course id the the blog is associated to (can be null). 1186 * @param int $modid module id the blog is associated to (can be null). 1187 * @param int $groupid group id to filter blogs I can see (can be null) 1188 * @param int $entryid blog entry id (can be null) 1189 * @param int $userid blog author id (can be null) 1190 * @return array with the calculated course and id 1191 * @since Moodle 3.6 1192 */ 1193 function blog_validate_access($courseid, $modid, $groupid, $entryid, $userid) { 1194 global $CFG, $DB, $USER, $COURSE; 1195 1196 $sitecontext = context_system::instance(); 1197 1198 // Add courseid if modid or groupid is specified: This is used for navigation and title. 1199 if (!empty($modid) && empty($courseid)) { 1200 $courseid = $DB->get_field('course_modules', 'course', array('id' => $modid)); 1201 } 1202 1203 if (!empty($groupid) && empty($courseid)) { 1204 $courseid = $DB->get_field('groups', 'courseid', array('id' => $groupid)); 1205 } 1206 1207 if (!$userid && has_capability('moodle/blog:view', $sitecontext) && $CFG->bloglevel > BLOG_USER_LEVEL) { 1208 if ($entryid) { 1209 if (!$entryobject = $DB->get_record('post', array('id' => $entryid))) { 1210 throw new \moodle_exception('nosuchentry', 'blog'); 1211 } 1212 $userid = $entryobject->userid; 1213 } 1214 } else if (!$userid) { 1215 $userid = $USER->id; 1216 } 1217 1218 if (!empty($modid)) { 1219 if ($CFG->bloglevel < BLOG_SITE_LEVEL) { 1220 throw new \moodle_exception('courseblogdisable', 'blog'); 1221 } 1222 if (!$mod = $DB->get_record('course_modules', array('id' => $modid))) { 1223 throw new \moodle_exception('invalidmoduleid', 'error', $modid); 1224 } 1225 $courseid = $mod->course; 1226 } 1227 1228 if ((empty($courseid) ? true : $courseid == SITEID) && empty($userid)) { 1229 if ($CFG->bloglevel < BLOG_SITE_LEVEL) { 1230 throw new \moodle_exception('siteblogdisable', 'blog'); 1231 } 1232 if (!has_capability('moodle/blog:view', $sitecontext)) { 1233 throw new \moodle_exception('cannotviewsiteblog', 'blog'); 1234 } 1235 1236 $COURSE = $DB->get_record('course', array('format' => 'site')); 1237 $courseid = $COURSE->id; 1238 } 1239 1240 if (!empty($courseid)) { 1241 if (!$course = $DB->get_record('course', array('id' => $courseid))) { 1242 throw new \moodle_exception('invalidcourseid'); 1243 } 1244 1245 $courseid = $course->id; 1246 1247 if (!has_capability('moodle/blog:view', $sitecontext)) { 1248 throw new \moodle_exception('cannotviewcourseblog', 'blog'); 1249 } 1250 } else { 1251 $coursecontext = context_course::instance(SITEID); 1252 } 1253 1254 if (!empty($groupid)) { 1255 if ($CFG->bloglevel < BLOG_SITE_LEVEL) { 1256 throw new \moodle_exception('groupblogdisable', 'blog'); 1257 } 1258 1259 if (! $group = groups_get_group($groupid)) { 1260 throw new \moodle_exception('invalidgroupid', 'blog'); 1261 } 1262 1263 if (!$course = $DB->get_record('course', array('id' => $group->courseid))) { 1264 throw new \moodle_exception('invalidcourseid'); 1265 } 1266 1267 $coursecontext = context_course::instance($course->id); 1268 $courseid = $course->id; 1269 1270 if (!has_capability('moodle/blog:view', $sitecontext)) { 1271 throw new \moodle_exception('cannotviewcourseorgroupblog', 'blog'); 1272 } 1273 1274 if (groups_get_course_groupmode($course) == SEPARATEGROUPS && 1275 !has_capability('moodle/site:accessallgroups', $coursecontext)) { 1276 1277 if (!groups_is_member($groupid)) { 1278 throw new \moodle_exception('notmemberofgroup'); 1279 } 1280 } 1281 } 1282 1283 if (!empty($userid)) { 1284 if ($CFG->bloglevel < BLOG_USER_LEVEL) { 1285 throw new \moodle_exception('blogdisable', 'blog'); 1286 } 1287 1288 if (!$user = $DB->get_record('user', array('id' => $userid))) { 1289 throw new \moodle_exception('invaliduserid'); 1290 } 1291 1292 if ($user->deleted) { 1293 throw new \moodle_exception('userdeleted'); 1294 } 1295 1296 if ($USER->id == $userid) { 1297 if (!has_capability('moodle/blog:create', $sitecontext) 1298 && !has_capability('moodle/blog:view', $sitecontext)) { 1299 throw new \moodle_exception('donothaveblog', 'blog'); 1300 } 1301 } else { 1302 if (!has_capability('moodle/blog:view', $sitecontext) || !blog_user_can_view_user_entry($userid)) { 1303 throw new \moodle_exception('cannotviewcourseblog', 'blog'); 1304 } 1305 } 1306 } 1307 return array($courseid, $userid); 1308 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
