Search moodle.org's
Developer Documentation
Developer Documentation
- Bug fixes for general core bugs in 4.3.x will end 7 October 2024 (12 months).
- Bug fixes for security issues in 4.3.x will end 21 April 2025 (18 months).
- PHP version: minimum PHP 8.0.0 Note: minimum PHP version has increased since Moodle 4.1. PHP 8.2.x is supported too.
/blocks/html/ -> block_html.php (source)
Differences Between: [Versions 310 and 403] [Versions 311 and 403] [Versions 39 and 403] [Versions 400 and 403] [Versions 401 and 403]
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 use core_external\util as external_util; 18 19 /** 20 * Form for editing HTML block instances. 21 * 22 * @package block_html 23 * @copyright 1999 onwards Martin Dougiamas (http://dougiamas.com) 24 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 25 */ 26 class block_html extends block_base { 27 function init() { 28 $this->title = get_string('pluginname', 'block_html'); 29 } 30 31 function has_config() { 32 return true; 33 } 34 35 function applicable_formats() { 36 return array('all' => true); 37 } 38 39 function specialization() { 40 if (isset($this->config->title)) { 41 $this->title = $this->title = format_string($this->config->title, true, ['context' => $this->context]); 42 } else { 43 $this->title = get_string('newhtmlblock', 'block_html'); 44 } 45 } 46 47 function instance_allow_multiple() { 48 return true; 49 } 50 51 function get_content() { 52 global $CFG; 53 54 require_once($CFG->libdir . '/filelib.php'); 55 56 if ($this->content !== NULL) { 57 return $this->content; 58 } 59 60 $filteropt = new stdClass; 61 $filteropt->overflowdiv = true; 62 if ($this->content_is_trusted()) { 63 // fancy html allowed only on course, category and system blocks. 64 $filteropt->noclean = true; 65 } 66 67 $this->content = new stdClass; 68 $this->content->footer = ''; 69 if (isset($this->config->text)) { 70 // rewrite url 71 $this->config->text = file_rewrite_pluginfile_urls($this->config->text, 'pluginfile.php', $this->context->id, 'block_html', 'content', NULL); 72 // Default to FORMAT_HTML which is what will have been used before the 73 // editor was properly implemented for the block. 74 $format = FORMAT_HTML; 75 // Check to see if the format has been properly set on the config 76 if (isset($this->config->format)) { 77 $format = $this->config->format; 78 } 79 $this->content->text = format_text($this->config->text, $format, $filteropt); 80 } else { 81 $this->content->text = ''; 82 } 83 84 unset($filteropt); // memory footprint 85 86 return $this->content; 87 } 88 89 public function get_content_for_external($output) { 90 $bc = new stdClass; 91 $bc->title = null; 92 $bc->content = ''; 93 $bc->contenformat = FORMAT_MOODLE; 94 $bc->footer = ''; 95 $bc->files = []; 96 97 if (!$this->hide_header()) { 98 $bc->title = $this->title; 99 } 100 101 if (isset($this->config->text)) { 102 $filteropt = new stdClass; 103 if ($this->content_is_trusted()) { 104 // Fancy html allowed only on course, category and system blocks. 105 $filteropt->noclean = true; 106 } 107 108 $format = FORMAT_HTML; 109 // Check to see if the format has been properly set on the config. 110 if (isset($this->config->format)) { 111 $format = $this->config->format; 112 } 113 [$bc->content, $bc->contentformat] = \core_external\util::format_text( 114 $this->config->text, 115 $format, 116 $this->context, 117 'block_html', 118 'content', 119 null, 120 $filteropt 121 ); 122 $bc->files = external_util::get_area_files($this->context->id, 'block_html', 'content', false, false); 123 124 } 125 return $bc; 126 } 127 128 129 /** 130 * Serialize and store config data 131 */ 132 function instance_config_save($data, $nolongerused = false) { 133 global $DB; 134 135 $config = clone($data); 136 // Move embedded files into a proper filearea and adjust HTML links to match 137 $config->text = file_save_draft_area_files($data->text['itemid'], $this->context->id, 'block_html', 'content', 0, array('subdirs'=>true), $data->text['text']); 138 $config->format = $data->text['format']; 139 140 parent::instance_config_save($config, $nolongerused); 141 } 142 143 function instance_delete() { 144 global $DB; 145 $fs = get_file_storage(); 146 $fs->delete_area_files($this->context->id, 'block_html'); 147 return true; 148 } 149 150 /** 151 * Copy any block-specific data when copying to a new block instance. 152 * @param int $fromid the id number of the block instance to copy from 153 * @return boolean 154 */ 155 public function instance_copy($fromid) { 156 $fromcontext = context_block::instance($fromid); 157 $fs = get_file_storage(); 158 // Do not use draft files hacks outside of forms. 159 $files = $fs->get_area_files($fromcontext->id, 'block_html', 'content', 0, 'id ASC', false); 160 foreach ($files as $file) { 161 $filerecord = ['contextid' => $this->context->id]; 162 $fs->create_file_from_storedfile($filerecord, $file); 163 } 164 return true; 165 } 166 167 function content_is_trusted() { 168 global $SCRIPT; 169 170 if (!$context = context::instance_by_id($this->instance->parentcontextid, IGNORE_MISSING)) { 171 return false; 172 } 173 //find out if this block is on the profile page 174 if ($context->contextlevel == CONTEXT_USER) { 175 if ($SCRIPT === '/my/index.php') { 176 // this is exception - page is completely private, nobody else may see content there 177 // that is why we allow JS here 178 return true; 179 } else { 180 // no JS on public personal pages, it would be a big security issue 181 return false; 182 } 183 } 184 185 return true; 186 } 187 188 /** 189 * The block should only be dockable when the title of the block is not empty 190 * and when parent allows docking. 191 * 192 * @return bool 193 */ 194 public function instance_can_be_docked() { 195 return (!empty($this->config->title) && parent::instance_can_be_docked()); 196 } 197 198 /* 199 * Add custom html attributes to aid with theming and styling 200 * 201 * @return array 202 */ 203 function html_attributes() { 204 global $CFG; 205 206 $attributes = parent::html_attributes(); 207 208 if (!empty($CFG->block_html_allowcssclasses)) { 209 if (!empty($this->config->classes)) { 210 $attributes['class'] .= ' '.$this->config->classes; 211 } 212 } 213 214 return $attributes; 215 } 216 217 /** 218 * Return the plugin config settings for external functions. 219 * 220 * @return stdClass the configs for both the block instance and plugin 221 * @since Moodle 3.8 222 */ 223 public function get_config_for_external() { 224 global $CFG; 225 226 // Return all settings for all users since it is safe (no private keys, etc..). 227 $instanceconfigs = !empty($this->config) ? $this->config : new stdClass(); 228 $pluginconfigs = (object) ['allowcssclasses' => $CFG->block_html_allowcssclasses]; 229 230 return (object) [ 231 'instance' => $instanceconfigs, 232 'plugin' => $pluginconfigs, 233 ]; 234 } 235 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
