$param_s = optional_param('s', null, PARAM_CLEAN);
$param_ob = optional_param('ob', null, PARAM_CLEAN);
$param_sh = optional_param('sh', null, PARAM_CLEAN);
$param_fr = optional_param('fr', null, PARAM_CLEAN);
$param_export_data = optional_param('export_data', null, PARAM_CLEAN);
$param_objectid = optional_param('objectid', null, PARAM_CLEAN);
$param_partid = optional_param('partid', null, PARAM_CLEAN);
$param_utp = optional_param('utp', null, PARAM_CLEAN);
$param_enrollstudent = optional_param('enrollstudent', null, PARAM_CLEAN);
$param_reloadrow = optional_param('reloadrow', null, PARAM_CLEAN);
// Clean the post array so we can pass it into the functions below
$post = array();
foreach ($_POST as $key => $value) {
// If 1.9 use clean_param to clean an array / if 2.0 use clean_param_array
if (is_array($value) and is_callable('clean_param_array')) {
$post[$key] = clean_param_array($value, PARAM_CLEAN);
} else {
$post[$key] = clean_param($value, PARAM_CLEAN);
}
}
if (!is_null($param_jumppage)) {
turnitintool_url_jumpto($param_userid, $param_jumppage, $turnitintool, $param_utp, $param_objectid, $param_partid, $param_export_data);
exit;
}
if (!is_null($param_delete)) {
if (!($submission = turnitintool_get_record('turnitintool_submissions', 'id', $param_delete))) {
print_error('submissiongeterror', 'turnitintool');
exit;
}
turnitintool_delete_submission($cm, $turnitintool, $USER->id, $submission);
exit;
*/
require_once "../../config.php";
require_once "lib.php";
// Check that all the parameters have been provided.
$id = required_param('id', PARAM_INT);
// Course Module ID
$action = optional_param('action', '', PARAM_ALPHA);
// What to look at
$qid = optional_param('qid', 0, PARAM_RAW);
// Question IDs comma-separated list
$student = optional_param('student', 0, PARAM_INT);
// Student ID
$notes = optional_param('notes', '', PARAM_RAW);
// Save teachers notes
$qids = explode(',', $qid);
$qids = clean_param_array($qids, PARAM_INT);
$qid = implode(',', $qids);
if (!($cm = get_coursemodule_from_id('survey', $id))) {
print_error('invalidcoursemodule');
}
if (!($course = $DB->get_record("course", array("id" => $cm->course)))) {
print_error('coursemisconf');
}
$url = new moodle_url('/mod/survey/report.php', array('id' => $id));
if ($action !== '') {
$url->param('action', $action);
}
if ($qid !== 0) {
$url->param('qid', $qid);
}
if ($student !== 0) {
/**
* Return the cleaned value using the passed type(s).
*
* @param mixed $value value that has to be cleaned.
* @param int|array $type constant value to use to clean (PARAM_...), typically returned by {@link self::getCleanType()}.
* @return mixed cleaned up value.
*/
public function getCleanedValue($value, $type)
{
if (is_array($type) && is_array($value)) {
foreach ($type as $key => $param) {
$value[$key] = $this->getCleanedValue($value[$key], $param);
}
} else {
if (!is_array($type) && !is_array($value)) {
$value = clean_param($value, $type);
} else {
if (!is_array($type) && is_array($value)) {
$value = clean_param_array($value, $type, true);
} else {
throw new coding_exception('Unexpected type or value received in MoodleQuickForm::getCleanedValue()');
}
}
}
return $value;
}
/**
* Receive JSON and decide what to do based on mode switch
* @param string $json JSON to parse
* @return string JSON response
* @throws MoodletxtAJAXException
* @version 2013061801
* @since 2011061301
*/
public function processJSON($json)
{
$decoded = json_decode($json);
// Check that JSON is valid
if (!is_object($decoded) || !isset($decoded->mode)) {
throw new MoodletxtAJAXException(get_string('errorinvalidjson', 'block_moodletxt'), MoodletxtAJAXException::$ERROR_CODE_BAD_JSON, null, false);
}
$response = '';
// What do we need to do with this?
switch ($decoded->mode) {
case 'getAccountDetails':
$response = $this->getAccountDetails(clean_param($decoded->accountId, PARAM_INT));
break;
case 'updateAccountRestrictions':
$response = $this->updateAccountRestrictions(clean_param($decoded->accountId, PARAM_INT), clean_param_array($decoded->allowedUsers, PARAM_INT));
break;
case 'updateAccountFromUser':
$response = $this->updateAccountFromUser(clean_param($decoded->accountId, PARAM_INT), clean_param($decoded->description, PARAM_TEXT), clean_param($decoded->newPassword, PARAM_TEXT));
break;
case 'updateAccountFromTxttools':
$response = $this->updateAccountFromTxttools(clean_param($decoded->accountId, PARAM_INT));
break;
case 'setInboundAccess':
$response = $this->setAccountAccess(clean_param($decoded->accountId, PARAM_INT), self::$DIRECTION_IDENTIFIER_INBOUND, clean_param($decoded->allowInbound, PARAM_BOOL));
break;
case 'setOutboundAccess':
$response = $this->setAccountAccess(clean_param($decoded->accountId, PARAM_INT), self::$DIRECTION_IDENTIFIER_OUTBOUND, clean_param($decoded->allowOutbound, PARAM_BOOL));
break;
case 'toggleOutboundAccess':
$response = $this->toggleAccountAccess(clean_param($decoded->accountId, PARAM_INT), self::$DIRECTION_IDENTIFIER_OUTBOUND);
break;
case 'toggleInboundAccess':
$response = $this->toggleAccountAccess(clean_param($decoded->accountId, PARAM_INT), self::$DIRECTION_IDENTIFIER_INBOUND);
break;
default:
throw new MoodletxtAJAXException(get_string('errorinvalidjson', 'block_moodletxt'), MoodletxtAJAXException::$ERROR_CODE_BAD_JSON, null, false, $decoded->accountId);
}
return $response;
}
protected function process_submitted_data()
{
global $DB;
$qubaids = optional_param('qubaids', null, PARAM_SEQUENCE);
$assumedslotforevents = optional_param('slot', null, PARAM_INT);
if (!$qubaids) {
return;
}
$qubaids = clean_param_array(explode(',', $qubaids), PARAM_INT);
$attempts = $this->load_attempts_by_usage_ids($qubaids);
$events = array();
$transaction = $DB->start_delegated_transaction();
foreach ($qubaids as $qubaid) {
$attempt = $attempts[$qubaid];
$attemptobj = new quiz_attempt($attempt, $this->quiz, $this->cm, $this->course);
$attemptobj->process_submitted_actions(time());
// Add the event we will trigger later.
$params = array('objectid' => $attemptobj->get_question_attempt($assumedslotforevents)->get_question()->id, 'courseid' => $attemptobj->get_courseid(), 'context' => context_module::instance($attemptobj->get_cmid()), 'other' => array('quizid' => $attemptobj->get_quizid(), 'attemptid' => $attemptobj->get_attemptid(), 'slot' => $assumedslotforevents));
$events[] = \mod_quiz\event\question_manually_graded::create($params);
}
$transaction->allow_commit();
// Trigger events for all the questions we manually marked.
foreach ($events as $event) {
$event->trigger();
}
}
$courseid = required_param('id', PARAM_INT);
// course id
$page = optional_param('page', 0, PARAM_INT);
// active page
$perpageurl = optional_param('perpage', 0, PARAM_INT);
$sortitemid = optional_param('sortitemid', 0, PARAM_ALPHANUM);
// sort by which grade item
$stu = optional_param('stu', 0, PARAM_INT);
// evaluated student id
$cma = optional_param('cma', 0, PARAM_INT);
// cm id of evaluated activity
$grd = optional_param('grd', 0, PARAM_INT);
// 1 if the system must pass grades to Moodle´s Grades Report
//$selection = optional_param('select', 0, PARAM_INT);
if (function_exists('clean_param_array')) {
$data = clean_param_array($_POST, PARAM_ALPHANUM);
} elseif (function_exists('clean_param')) {
$data = clean_param($_POST, PARAM_ALPHANUM);
} else {
$data = $_POST;
}
if ($stu) {
$data['stu'] = $stu;
}
if ($cma) {
$data['cma'] = $cma;
}
global $OUTPUT, $DB;
if (!($course = $DB->get_record('course', array('id' => $courseid)))) {
print_error('nocourseid');
}
private function sanitize_quiz_submit_data($quizsubmitdata)
{
$sanitizeddata = array();
$sanitizeddata['quizattemptdata']['quiz'] = clean_param($quizsubmitdata['quizattemptdata']['quiz'], PARAM_RAW);
$sanitizeddata['quizattemptdata']['sumgrades'] = clean_param($quizsubmitdata['quizattemptdata']['sumgrades'], PARAM_FLOAT);
$sanitizeddata['quizattemptdata']['totaltimetaken'] = clean_param($quizsubmitdata['quizattemptdata']['totaltimetaken'], PARAM_INT);
$sanitizeddata['quizattemptdata']['timeattempted'] = clean_param($quizsubmitdata['quizattemptdata']['timeattempted'], PARAM_INT);
$sanitizeddata['questionsattemptdata'] = clean_param_array($quizsubmitdata['questionsattemptdata'], PARAM_INT, true);
return $sanitizeddata;
}
/**
* Updates submitted values
*
* @param array $submission submitted values
* @param array $files list of files
*/
function updateSubmission($submission, $files)
{
$this->_flagSubmitted = false;
if (empty($submission)) {
$this->_submitValues = array();
} else {
foreach ($submission as $key => $s) {
if (array_key_exists($key, $this->_types)) {
$type = $this->_types[$key];
} else {
$type = PARAM_RAW;
}
if (is_array($s)) {
$submission[$key] = clean_param_array($s, $type, true);
} else {
$submission[$key] = clean_param($s, $type);
}
}
$this->_submitValues = $submission;
$this->_flagSubmitted = true;
}
if (empty($files)) {
$this->_submitFiles = array();
} else {
$this->_submitFiles = $files;
$this->_flagSubmitted = true;
}
// need to tell all elements that they need to update their value attribute.
foreach (array_keys($this->_elements) as $key) {
$this->_elements[$key]->onQuickFormEvent('updateValue', null, $this);
}
}
function local_mail_add_recipients($message, $recipients, $role) {
global $DB;
$context = context_course::instance($message->course()->id);
$groupid = 0;
$severalseparategroups = false;
$roles = array('to', 'cc', 'bcc');
$role = ($role >= 0 and $role < 3) ? $role : 0;
if ($message->course()->groupmode == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context)) {
$groups = groups_get_user_groups($message->course()->id, $message->sender()->id);
if (count($groups[0]) == 0) {
return;
} else if (count($groups[0]) == 1) {// Only one group
$groupid = $groups[0][0];
} else {
$severalseparategroups = true;// Several groups
}
}
// Make sure recipients ids are integers
$recipients = clean_param_array($recipients, PARAM_INT);
$participants = array();
list($select, $from, $where, $sort, $params) = local_mail_getsqlrecipients($message->course()->id, '', $groupid, 0, implode(',', $recipients));
$rs = $DB->get_recordset_sql("$select $from $where $sort", $params);
foreach ($rs as $rec) {
if (!array_key_exists($rec->id, $participants)) {// Avoid duplicated users
if ($severalseparategroups) {
$valid = false;
foreach ($groups[0] as $group) {
$valid = $valid || groups_is_member($group, $rec->id);
}
if (!$valid) {
continue;
}
}
$message->add_recipient($roles[$role], $rec->id);
$participants[$rec->id] = true;
}
}
$rs->close();
}
public function test_clean_param_array()
{
$this->assertSame(array(), clean_param_array(null, PARAM_RAW));
$this->assertSame(array('a', 'b'), clean_param_array(array('a', 'b'), PARAM_RAW));
$this->assertSame(array('a', array('b')), clean_param_array(array('a', array('b')), PARAM_RAW, true));
// Require correct type.
try {
clean_param_array(array('x'), 'xxxxxx');
$this->fail('moodle_exception expected');
} catch (moodle_exception $ex) {
$this->assertInstanceOf('moodle_exception', $ex);
}
try {
@clean_param_array(array('x'));
$this->fail('moodle_exception expected');
} catch (moodle_exception $ex) {
$this->assertInstanceOf('moodle_exception', $ex);
} catch (Error $error) {
// PHP 7.1 throws Error even earlier.
$this->assertRegExp('/Too few arguments to function/', $error->getMessage());
}
try {
clean_param_array(array('x', array('y')), PARAM_RAW);
$this->fail('coding_exception expected');
} catch (moodle_exception $ex) {
$this->assertInstanceOf('coding_exception', $ex);
}
// Test recursive.
}
if (isset($data->labelid)) {
$data->labelid = clean_param_array($data->labelid, PARAM_INT);
$labels = local_mail_label::fetch_user($USER->id);
foreach ($labels as $label) {
if ($data->labelid[$label->id()]) {
$message->add_label($label);
} else {
$message->remove_label($label);
}
}
}
} else {
if ($msgs) {
$messages = local_mail_message::fetch_many($msgs);
if (isset($data->labelid)) {
$data->labelid = clean_param_array($data->labelid, PARAM_INT);
$labels = local_mail_label::fetch_user($USER->id);
}
foreach ($messages as $message) {
if (!$message->viewable($USER->id) or $message->deleted($USER->id)) {
print_error('invalidmessage', 'local_mail');
}
if (isset($data->labelid)) {
foreach ($labels as $label) {
if ($data->labelid[$label->id()]) {
$message->add_label($label);
} else {
$message->remove_label($label);
}
}
}
function local_mail_updaterecipients($message, $recipients, $roles)
{
global $DB;
$context = context_course::instance($message->course()->id);
$groupid = 0;
$severalseparategroups = false;
if ($message->course()->groupmode == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context)) {
$groups = groups_get_user_groups($message->course()->id, $message->sender()->id);
if (count($groups[0]) == 0) {
return array('msgerror' => '', 'info' => '', 'html' => '', 'redirect' => 'ok');
} else {
if (count($groups[0]) == 1) {
// Only one group
$groupid = $groups[0][0];
} else {
$severalseparategroups = true;
// Several groups
}
}
}
// Make sure recipients ids are integers
$recipients = clean_param_array($recipients, PARAM_INT);
foreach ($recipients as $key => $recipid) {
$roleids[$recipid] = isset($roles[$key]) ? clean_param($roles[$key], PARAM_INT) : false;
}
$participants = array();
list($select, $from, $where, $sort, $params) = local_mail_getsqlrecipients($message->course()->id, '', $groupid, 0, implode(',', $recipients));
$rs = $DB->get_recordset_sql("{$select} {$from} {$where} {$sort}", $params);
foreach ($rs as $rec) {
if (!array_key_exists($rec->id, $participants)) {
// Avoid duplicated users
if ($severalseparategroups) {
$valid = false;
foreach ($groups[0] as $group) {
$valid = $valid || groups_is_member($group, $rec->id);
}
if (!$valid) {
continue;
}
}
$role = false;
if ($roleids[$rec->id] === 0) {
$role = 'to';
} else {
if ($roleids[$rec->id] === 1) {
$role = 'cc';
} else {
if ($roleids[$rec->id] === 2) {
$role = 'bcc';
}
}
}
if ($message->has_recipient($rec->id)) {
$message->remove_recipient($rec->id);
}
if ($role) {
$message->add_recipient($role, $rec->id);
}
$participants[$rec->id] = true;
}
}
$rs->close();
return array('msgerror' => '', 'info' => '', 'html' => '', 'redirect' => 'ok');
}
/**
* Get optional array page parameters.
*/
public function optional_param_array($name, $default, $type)
{
if ($this->params !== null) {
if (isset($this->params[$name])) {
$result = array();
foreach ($this->params[$name] as $key => $value) {
if (!preg_match('/^[a-z0-9_-]+$/i', $key)) {
debugging('Invalid key name in page::optional_param_array() detected: ' . $key . ', parameter: ' . $name);
continue;
}
// Support nested array params!
$result[$key] = is_array($value) ? clean_param_array($value, $type) : clean_param($value, $type);
}
return $result;
} else {
return $default;
}
} else {
// NOTE: cannot just call optional_param_array()
// because it doesn't support nested array params!
if (func_num_args() != 3 or empty($name) or empty($type)) {
throw new coding_exception('page::optional_param_array() requires $name, $default and $type to be specified (parameter: ' . $name . ')');
}
if (isset($_POST[$name])) {
// POST has precedence
$param = $_POST[$name];
} else {
if (isset($_GET[$name])) {
$param = $_GET[$name];
} else {
return $default;
}
}
if (!is_array($param)) {
debugging('page::optional_param_array() expects array parameters only: ' . $parname);
return $default;
}
$result = array();
foreach ($param as $key => $value) {
if (!preg_match('/^[a-z0-9_-]+$/i', $key)) {
debugging('Invalid key name in page::optional_param_array() detected: ' . $key . ', parameter: ' . $name);
continue;
}
// Support nested array params!
$result[$key] = is_array($value) ? clean_param_array($value, $type) : clean_param($value, $type);
}
return $result;
}
}
public function prepare_simulated_post_data($simulatedresponse)
{
$postdata = array();
$stemtostemids = array_flip(clean_param_array($this->stems, PARAM_NOTAGS));
$choicetochoiceno = array_flip($this->choices);
$choicenotochoiceselectvalue = array_flip($this->choiceorder);
foreach ($simulatedresponse as $stem => $choice) {
$choice = clean_param($choice, PARAM_NOTAGS);
$stemid = $stemtostemids[$stem];
$shuffledstemno = array_search($stemid, $this->stemorder);
if (empty($choice)) {
$choiceselectvalue = 0;
} else {
if ($choicetochoiceno[$choice]) {
$choiceselectvalue = $choicenotochoiceselectvalue[$choicetochoiceno[$choice]];
} else {
throw new coding_exception("Unknown choice {$choice} in matching question - {$this->name}.");
}
}
$postdata[$this->field($shuffledstemno)] = $choiceselectvalue;
}
return $postdata;
}
$date = str_replace('.txt', '', $date);
$output .= $OUTPUT->box(html_writer::link($CFG->wwwroot . '/mod/turnitintooltwo/settings_extras.php?' . 'cmd=' . $cmd . '&filedate=' . $date, ucfirst($cmd) . ' (' . userdate(strtotime($date), '%d/%m/%Y') . ')'), '');
}
}
if ($i == 0) {
$output .= get_string("nologsfound");
}
} else {
$output .= get_string("nologsfound");
}
}
break;
case "unlinkusers":
$jsrequired = true;
$userids = isset($_REQUEST['userids']) ? $_REQUEST["userids"] : array();
$userids = clean_param_array($userids, PARAM_INT);
// Relink users if form has been submitted.
if ((!is_null($relink) || !is_null($unlink)) && isset($userids) && count($userids) > 0) {
foreach ($userids as $tiiid) {
$tuser = $DB->get_record('turnitintooltwo_users', array('id' => $tiiid));
if ($muser = $DB->get_record('user', array('id' => $tuser->userid))) {
// Get the email address if the user has been deleted.
if (empty($muser->email) || strpos($muser->email, '@') === false) {
$split = explode('.', $muser->username);
array_pop($split);
$muser->email = join('.', $split);
}
// Unlink user from Turnitin.
$user = new turnitintooltwo_user($muser->id, $role = null, $enrol = null, $workflowcontext = null, $finduser = false);
$user->unlink_user($tiiid);
// Relink user.
<?php
/**
* @package block_evalcomix
* @copyright 2010 onwards EVALfor Research Group {@link http://evalfor.net/}
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @author Daniel Cabeza S�nchez <*****@*****.**>, Juan Antonio Caballero Hern�ndez <*****@*****.**>
*/
require_once '../../../config.php';
if (function_exists('clean_param_array')) {
$datapost = clean_param_array($_POST, PARAM_ALPHANUM);
$dataget = clean_param_array($_GET, PARAM_ALPHANUM);
} elseif (function_exists('clean_param')) {
$datapost = clean_param($_POST, PARAM_ALPHANUM);
$dataget = clean_param($_GET, PARAM_ALPHANUM);
} else {
$datapost = $_POST;
$dataget = $_GET;
}
if (isset($datapost['stu']) && isset($datapost['cma']) && isset($dataget['id']) && isset($dataget['eva'])) {
require_once 'lib.php';
$courseid = $dataget['id'];
$assessorid = $dataget['eva'];
$page = $datapost['page'];
$context = context_course::instance($courseid);
$report_evalcomix = new grade_report_evalcomix($courseid, null, $context, $page);
$userid = $datapost['stu'];
$cmid = $datapost['cma'];
$report_evalcomix->process_data($datapost);
//Obtains course�s users
$users = $report_evalcomix->load_users();
$mform = new \core_search\output\form\search(null, array('searchengine' => $search->get_engine()->get_plugin_name()));
$data = $mform->get_data();
if (!$data && $q) {
// Data can also come from the URL.
$data = new stdClass();
$data->q = $q;
$data->title = $title;
$areaids = optional_param('areaids', '', PARAM_RAW);
if (!empty($areaids)) {
$areaids = explode(',', $areaids);
$data->areaids = clean_param_array($areaids, PARAM_ALPHANUMEXT);
}
$courseids = optional_param('courseids', '', PARAM_RAW);
if (!empty($courseids)) {
$courseids = explode(',', $courseids);
$data->courseids = clean_param_array($courseids, PARAM_INT);
}
$data->timestart = optional_param('timestart', 0, PARAM_INT);
$data->timeend = optional_param('timeend', 0, PARAM_INT);
$mform->set_data($data);
}
// Set the page URL.
$urlparams = array('page' => $page);
if ($data) {
$urlparams['q'] = $data->q;
$urlparams['title'] = $data->title;
if (!empty($data->areaids)) {
$urlparams['areaids'] = implode(',', $data->areaids);
}
if (!empty($data->courseids)) {
$urlparams['courseids'] = implode(',', $data->courseids);
protected function process_submitted_data()
{
global $DB;
$qubaids = optional_param('qubaids', null, PARAM_SEQUENCE);
if (!$qubaids) {
return;
}
$qubaids = clean_param_array(explode(',', $qubaids), PARAM_INT);
$attempts = $this->load_attempts_by_usage_ids($qubaids);
$transaction = $DB->start_delegated_transaction();
foreach ($qubaids as $qubaid) {
$attempt = $attempts[$qubaid];
$attemptobj = new quiz_attempt($attempt, $this->quiz, $this->cm, $this->course);
$attemptobj->process_submitted_actions(time());
}
$transaction->allow_commit();
}
private function item_array_to_string($value) {
if (!is_array($value)) {
return $value;
}
$retval = '';
$arrvals = array_values($value);
$arrvals = clean_param_array($arrvals, PARAM_INT); //prevent sql-injection
$retval = $arrvals[0];
$sizeofarrvals = count($arrvals);
for ($i = 1; $i < $sizeofarrvals; $i++) {
$retval .= FEEDBACK_MULTICHOICE_LINE_SEP.$arrvals[$i];
}
return $retval;
}
public function clean_input_value($value)
{
return clean_param_array($value, $this->value_type());
}
function test_clean_param_array() {
$this->assertSame(clean_param_array(null, PARAM_RAW), array());
$this->assertSame(clean_param_array(array('a', 'b'), PARAM_RAW), array('a', 'b'));
$this->assertSame(clean_param_array(array('a', array('b')), PARAM_RAW, true), array('a', array('b')));
// require correct type
try {
clean_param_array(array('x'), 'xxxxxx');
$this->fail('moodle_exception expected');
} catch (moodle_exception $ex) {
$this->assertTrue(true);
}
try {
@clean_param_array(array('x'));
$this->fail('moodle_exception expected');
} catch (moodle_exception $ex) {
$this->assertTrue(true);
}
try {
clean_param_array(array('x', array('y')), PARAM_RAW);
$this->fail('coding_exception expected');
} catch (coding_exception $ex) {
$this->assertTrue(true);
}
// test recursive
}
/**
* Makes sure array contains only the allowed types, this function does not validate array key names!
*
* <code>
* $options = clean_param($options, PARAM_INT);
* </code>
*
* @param array $param the variable array we are cleaning
* @param string $type expected format of param after cleaning.
* @param bool $recursive clean recursive arrays
* @return array
* @throws coding_exception
*/
function clean_param_array(array $param = null, $type, $recursive = false)
{
// Convert null to empty array.
$param = (array) $param;
foreach ($param as $key => $value) {
if (is_array($value)) {
if ($recursive) {
$param[$key] = clean_param_array($value, $type, true);
} else {
throw new coding_exception('clean_param_array can not process multidimensional arrays when $recursive is false.');
}
} else {
$param[$key] = clean_param($value, $type);
}
}
return $param;
}
/**
* Receive JSON and decide what to do based on mode switch
* @param string $json JSON to parse
* @param int $userId Owner of received messages
* @return string JSON response
* @throws MoodletxtAJAXException
* @version 2013061701
* @since 2012043101
*/
public function processJSON($json, $userId)
{
$decoded = json_decode($json);
// Check that JSON is valid
if (!is_object($decoded) || !isset($decoded->mode)) {
throw new MoodletxtAJAXException(get_string('errorinvalidjson', 'block_moodletxt'), MoodletxtAJAXException::$ERROR_CODE_BAD_JSON, null, false);
}
$response = '';
// What do we need to do with this?
switch ($decoded->mode) {
case 'getNewMessages':
$response = $this->getNewMessages(clean_param($userId, PARAM_INT), clean_param($decoded->lastMessageTime, PARAM_INT));
break;
case 'copyMessages':
$response = $this->copyMessagesToUser(clean_param($userId, PARAM_INT), clean_param_array($decoded->messageIds, PARAM_INT), clean_param($decoded->userId, PARAM_INT));
break;
case 'moveMessages':
$response = $this->moveMessagesToUser(clean_param($userId, PARAM_INT), clean_param_array($decoded->messageIds, PARAM_INT), clean_param($decoded->userId, PARAM_INT));
break;
case 'deleteMessages':
$response = $this->deleteMessages(clean_param($userId, PARAM_INT), clean_param_array($decoded->messagesToDelete, PARAM_INT));
break;
case 'createTag':
$response = $this->createTag(clean_param($userId, PARAM_INT), clean_param($decoded->tagName, PARAM_TAG), preg_replace('/[^#A-Za-z]/', '', $decoded->tagColour));
break;
case 'deleteTag':
$response = $this->deleteTag(clean_param($userId, PARAM_INT), clean_param($decoded->tagName, PARAM_TAG));
break;
case 'addTagToMessage':
$response = $this->addTagToMessage(clean_param($userId, PARAM_INT), clean_param($decoded->messageId, PARAM_INT), clean_param($decoded->tagName, PARAM_TAG));
break;
case 'removeTagFromMessage':
$response = $this->removeTagFromMessage(clean_param($userId, PARAM_INT), clean_param($decoded->messageId, PARAM_INT), clean_param($decoded->tagName, PARAM_TAG));
break;
default:
throw new MoodletxtAJAXException(get_string('errorinvalidjson', 'block_moodletxt'), MoodletxtAJAXException::$ERROR_CODE_BAD_JSON, null, false);
}
return $response;
}
public function test_clean_param_array()
{
$this->assertSame(array(), clean_param_array(null, PARAM_RAW));
$this->assertSame(array('a', 'b'), clean_param_array(array('a', 'b'), PARAM_RAW));
$this->assertSame(array('a', array('b')), clean_param_array(array('a', array('b')), PARAM_RAW, true));
// Require correct type.
try {
clean_param_array(array('x'), 'xxxxxx');
$this->fail('moodle_exception expected');
} catch (moodle_exception $ex) {
$this->assertInstanceOf('moodle_exception', $ex);
}
try {
@clean_param_array(array('x'));
$this->fail('moodle_exception expected');
} catch (moodle_exception $ex) {
$this->assertInstanceOf('moodle_exception', $ex);
}
try {
clean_param_array(array('x', array('y')), PARAM_RAW);
$this->fail('coding_exception expected');
} catch (moodle_exception $ex) {
$this->assertInstanceOf('coding_exception', $ex);
}
// Test recursive.
}
$types[$atype->id] = $atype->name;
}
} else {
$types = array();
}
// If data submitted, proceed.
$form = new customlabel_updateall_form($url, array('courses' => $allcourses, 'types' => $types));
if ($form->is_cancelled()) {
redirect($CFG->wwwroot . '/admin/settings.php?section=modsettingcustomlabel');
}
echo $OUTPUT->header();
if ($data = $form->get_data()) {
echo $OUTPUT->container_start('emptyleftspace');
echo $OUTPUT->heading(get_string('updatelabels', 'customlabel', get_string('modulename', 'customlabel')), 1);
$courseids = clean_param_array($data->courses, PARAM_INT);
$labelclasses = clean_param_array($data->labelclasses, PARAM_RAW);
if (empty($courseids)) {
$courses = array();
} else {
$courses = $DB->get_records_list('course', 'id', $courseids);
}
if (empty($labelclasses)) {
$labelclasses = array();
}
echo "<pre>";
foreach ($courses as $courseid => $course) {
mtrace("processing course {$courseid} : {$course->shortname}");
customlabel_course_regenerate($course, $labelclasses);
}
echo '</pre>';
echo $OUTPUT->container_end();