/**
* This method constructs a display record. It retrieves the mail itself, along with its parent
* (if it has one) and the entire threaded conversation.
*
* @param int $mailid This is the ID of the mail record to display.
* @param string $folder This is the folder the mail is in.
* @param int $courseid This is the course ID
* @param bool $logging T/F indicating if logging should be performed (turn off for unit tests)
*
*/
public function __construct($mailid, $folder, $courseid, $logging = true)
{
global $DB, $USER;
$this->folder = $folder;
$this->viewrecord = $DB->get_record('course_message_mails', array('id' => $mailid));
$this->threadmails = null;
// Store IDs for convenience.
$this->mailid = $mailid;
$this->parentid = $this->viewrecord->parentmessage;
if ($this->parentid != 0) {
$this->fetch_thread($courseid);
}
if ($this->check_for_children($courseid)) {
$this->parentid = $this->mailid;
$this->fetch_thread($courseid);
}
if ($logging == true) {
$params = array('context' => context_course::instance($courseid), 'objectid' => $mailid, 'other' => array('folder' => $folder, 'parentid' => $this->parentid), 'courseid' => $courseid, 'userid' => $USER->id);
$event = \block_course_message\event\mail_viewed::create($params);
$event->trigger();
user_accesstime_log($courseid);
}
}
define('BLOCK_R_MAX_WIDTH', $rmax);
// check if major upgrade needed - also present in login/index.php
if ((int) $CFG->version < 2006101100) {
//1.7 or older
@require_logout();
redirect("{$CFG->wwwroot}/{$CFG->admin}/");
}
// Trigger 1.9 accesslib upgrade?
if ((int) $CFG->version < 2007092000 && isset($USER->id) && is_siteadmin($USER->id)) {
// this test is expensive, but is only triggered during the upgrade
redirect("{$CFG->wwwroot}/{$CFG->admin}/");
}
if ($CFG->forcelogin) {
require_login();
} else {
user_accesstime_log();
}
if ($CFG->rolesactive) {
// if already using roles system
if (has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM))) {
if (moodle_needs_upgrading()) {
redirect($CFG->wwwroot . '/' . $CFG->admin . '/index.php');
}
} else {
if (!empty($CFG->mymoodleredirect)) {
// Redirect logged-in users to My Moodle overview if required
if (isloggedin() && $USER->username != 'guest') {
redirect($CFG->wwwroot . '/my/index.php');
}
}
}
/**
* Weaker version of require_login()
*
* This is a weaker version of {@link require_login()} which only requires login
* when called from within a course rather than the site page, unless
* the forcelogin option is turned on.
* @see require_login()
*
* @package core_access
* @category access
*
* @param mixed $courseorid The course object or id in question
* @param bool $autologinguest Allow autologin guests if that is wanted
* @param object $cm Course activity module if known
* @param bool $setwantsurltome Define if we want to set $SESSION->wantsurl, defaults to
* true. Used to avoid (=false) some scripts (file.php...) to set that variable,
* in order to keep redirects working properly. MDL-14495
* @param bool $preventredirect set to true in scripts that can not redirect (CLI, rss feeds, etc.), throws exceptions
* @return void
* @throws coding_exception
*/
function require_course_login($courseorid, $autologinguest = true, $cm = null, $setwantsurltome = true, $preventredirect = false)
{
global $CFG, $PAGE, $SITE;
$issite = (is_object($courseorid) and $courseorid->id == SITEID or !is_object($courseorid) and $courseorid == SITEID);
if ($issite && !empty($cm) && !$cm instanceof cm_info) {
// Note: nearly all pages call get_fast_modinfo anyway and it does not make any
// db queries so this is not really a performance concern, however it is obviously
// better if you use get_fast_modinfo to get the cm before calling this.
if (is_object($courseorid)) {
$course = $courseorid;
} else {
$course = clone $SITE;
}
$modinfo = get_fast_modinfo($course);
$cm = $modinfo->get_cm($cm->id);
}
if (!empty($CFG->forcelogin)) {
// Login required for both SITE and courses.
require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect);
} else {
if ($issite && !empty($cm) and !$cm->uservisible) {
// Always login for hidden activities.
require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect);
} else {
if ($issite) {
// Login for SITE not required.
// We still need to instatiate PAGE vars properly so that things that rely on it like navigation function correctly.
if (!empty($courseorid)) {
if (is_object($courseorid)) {
$course = $courseorid;
} else {
$course = clone $SITE;
}
if ($cm) {
if ($cm->course != $course->id) {
throw new coding_exception('course and cm parameters in require_course_login() call do not match!!');
}
$PAGE->set_cm($cm, $course);
$PAGE->set_pagelayout('incourse');
} else {
$PAGE->set_course($course);
}
} else {
// If $PAGE->course, and hence $PAGE->context, have not already been set up properly, set them up now.
$PAGE->set_course($PAGE->course);
}
user_accesstime_log(SITEID);
return;
} else {
// Course login always required.
require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect);
}
}
}
}
/**
* This is a weaker version of {@link require_login()} which only requires login
* when called from within a course rather than the site page, unless
* the forcelogin option is turned on.
*
* @uses $CFG
* @param mixed $courseorid The course object or id in question
* @param bool $autologinguest Allow autologin guests if that is wanted
* @param object $cm Course activity module if known
* @param bool $setwantsurltome Define if we want to set $SESSION->wantsurl, defaults to
* true. Used to avoid (=false) some scripts (file.php...) to set that variable,
* in order to keep redirects working properly. MDL-14495
*/
function require_course_login($courseorid, $autologinguest = true, $cm = null, $setwantsurltome = true)
{
global $CFG;
if (!empty($CFG->forcelogin)) {
// login required for both SITE and courses
require_login($courseorid, $autologinguest, $cm, $setwantsurltome);
} else {
if (!empty($cm) and !$cm->visible) {
// always login for hidden activities
require_login($courseorid, $autologinguest, $cm, $setwantsurltome);
} else {
if (is_object($courseorid) and $courseorid->id == SITEID or !is_object($courseorid) and $courseorid == SITEID) {
//login for SITE not required
if ($cm and empty($cm->visible)) {
// hidden activities are not accessible without login
require_login($courseorid, $autologinguest, $cm, $setwantsurltome);
} else {
if ($cm and !empty($CFG->enablegroupings) and $cm->groupmembersonly) {
// not-logged-in users do not have any group membership
require_login($courseorid, $autologinguest, $cm, $setwantsurltome);
} else {
user_accesstime_log(SITEID);
return;
}
}
} else {
// course login always required
require_login($courseorid, $autologinguest, $cm, $setwantsurltome);
}
}
}
}
/**
* Weaker version of require_login()
*
* This is a weaker version of {@link require_login()} which only requires login
* when called from within a course rather than the site page, unless
* the forcelogin option is turned on.
* @see require_login()
*
* @global object
* @param mixed $courseorid The course object or id in question
* @param bool $autologinguest Allow autologin guests if that is wanted
* @param object $cm Course activity module if known
* @param bool $setwantsurltome Define if we want to set $SESSION->wantsurl, defaults to
* true. Used to avoid (=false) some scripts (file.php...) to set that variable,
* in order to keep redirects working properly. MDL-14495
*/
function require_course_login($courseorid, $autologinguest = true, $cm = null, $setwantsurltome = true)
{
global $CFG;
if (!empty($CFG->forcelogin)) {
// login required for both SITE and courses
require_login($courseorid, $autologinguest, $cm, $setwantsurltome);
} else {
if (!empty($cm) and !$cm->visible) {
// always login for hidden activities
require_login($courseorid, $autologinguest, $cm, $setwantsurltome);
} else {
if (is_object($courseorid) and $courseorid->id == SITEID or !is_object($courseorid) and $courseorid == SITEID) {
//login for SITE not required
user_accesstime_log(SITEID);
return;
} else {
// course login always required
require_login($courseorid, $autologinguest, $cm, $setwantsurltome);
}
}
}
}
function require_obu_login($courseorid = null, $autologinguest = true, $cm = null, $setwantsurltome = true, $preventredirect = false)
{
global $CFG, $SESSION, $USER, $PAGE, $SITE, $DB, $OUTPUT;
$login_url = '/local/obu_application/login.php';
// Must not redirect when byteserving already started.
if (!empty($_SERVER['HTTP_RANGE'])) {
$preventredirect = true;
}
// Do not touch global $COURSE via $PAGE->set_course(),
// the reasons is we need to be able to call require_obu_login() at any time!!
$course = $SITE;
// If this is an AJAX request and $setwantsurltome is true then we need to override it and set it to false.
// Otherwise the AJAX request URL will be set to $SESSION->wantsurl and events such as self enrolment in the future
// risk leading the user back to the AJAX request URL.
if ($setwantsurltome && defined('AJAX_SCRIPT') && AJAX_SCRIPT) {
$setwantsurltome = false;
}
// Redirect to the login page if session has expired, only with dbsessions enabled (MDL-35029) to maintain current behaviour.
if ((!isloggedin() or isguestuser()) && !empty($SESSION->has_timed_out) && !$preventredirect && !empty($CFG->dbsessions)) {
if ($setwantsurltome) {
$SESSION->wantsurl = qualified_me();
}
redirect($login_url);
}
// If the user is not even logged in yet then make sure they are.
if (!isloggedin()) {
if ($autologinguest and !empty($CFG->guestloginbutton) and !empty($CFG->autologinguests)) {
if (!($guest = get_complete_user_data('id', $CFG->siteguest))) {
// Misconfigured site guest, just redirect to login page.
redirect($login_url);
exit;
// Never reached.
}
$lang = isset($SESSION->lang) ? $SESSION->lang : $CFG->lang;
complete_user_login($guest);
$USER->autologinguest = true;
$SESSION->lang = $lang;
} else {
// NOTE: $USER->site check was obsoleted by session test cookie, $USER->confirmed test is in login/index.php.
if ($preventredirect) {
throw new require_login_exception('You are not logged in');
}
if ($setwantsurltome) {
$SESSION->wantsurl = qualified_me();
}
if (!empty($_SERVER['HTTP_REFERER'])) {
$SESSION->fromurl = $_SERVER['HTTP_REFERER'];
}
redirect($login_url);
exit;
// Never reached.
}
}
// Make sure the USER has a sesskey set up. Used for CSRF protection.
sesskey();
// Do not bother admins with any formalities.
if (is_siteadmin()) {
// Set accesstime or the user will appear offline which messes up messaging.
user_accesstime_log($course->id);
return;
}
// Fetch the system context, the course context, and prefetch its child contexts.
$sysctx = context_system::instance();
$coursecontext = context_course::instance($course->id, MUST_EXIST);
$cmcontext = null;
// If the site is currently under maintenance, then print a message.
if (!empty($CFG->maintenance_enabled) and !has_capability('moodle/site:config', $sysctx)) {
if ($preventredirect) {
throw new require_login_exception('Maintenance in progress');
}
print_maintenance_message();
}
// Finally access granted, update lastaccess times.
user_accesstime_log($course->id);
}
/**
* Weaker version of require_login()
*
* This is a weaker version of {@link require_login()} which only requires login
* when called from within a course rather than the site page, unless
* the forcelogin option is turned on.
* @see require_login()
*
* @package core_access
* @category access
*
* @param mixed $courseorid The course object or id in question
* @param bool $autologinguest Allow autologin guests if that is wanted
* @param object $cm Course activity module if known
* @param bool $setwantsurltome Define if we want to set $SESSION->wantsurl, defaults to
* true. Used to avoid (=false) some scripts (file.php...) to set that variable,
* in order to keep redirects working properly. MDL-14495
* @param bool $preventredirect set to true in scripts that can not redirect (CLI, rss feeds, etc.), throws exceptions
* @return void
*/
function require_course_login($courseorid, $autologinguest = true, $cm = NULL, $setwantsurltome = true, $preventredirect = false)
{
global $CFG, $PAGE, $SITE;
$issite = (is_object($courseorid) and $courseorid->id == SITEID) or !is_object($courseorid) and $courseorid == SITEID;
if ($issite && !empty($cm) && !$cm instanceof cm_info) {
// note: nearly all pages call get_fast_modinfo anyway and it does not make any
// db queries so this is not really a performance concern, however it is obviously
// better if you use get_fast_modinfo to get the cm before calling this.
if (is_object($courseorid)) {
$course = $courseorid;
} else {
$course = clone $SITE;
}
$modinfo = get_fast_modinfo($course);
$cm = $modinfo->get_cm($cm->id);
}
if (!empty($CFG->forcelogin)) {
// login required for both SITE and courses
/*
* resources attached in dependent modules are not accessible in inital / delta sync so disabling the check.
*/
require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect);
} else {
if ($issite && !empty($cm) and !$cm->uservisible) {
// always login for hidden activities
require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect);
} else {
if ($issite) {
//login for SITE not required
if ($cm and empty($cm->visible)) {
// hidden activities are not accessible without login
require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect);
} else {
if ($cm and !empty($CFG->enablegroupmembersonly) and $cm->groupmembersonly) {
// not-logged-in users do not have any group membership
require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect);
} else {
// We still need to instatiate PAGE vars properly so that things
// that rely on it like navigation function correctly.
if (!empty($courseorid)) {
if (is_object($courseorid)) {
$course = $courseorid;
} else {
$course = clone $SITE;
}
if ($cm) {
if ($cm->course != $course->id) {
throw new coding_exception('course and cm parameters in require_course_login() call do not match!!');
}
$PAGE->set_cm($cm, $course);
$PAGE->set_pagelayout('incourse');
} else {
$PAGE->set_course($course);
}
} else {
// If $PAGE->course, and hence $PAGE->context, have not already been set
// up properly, set them up now.
$PAGE->set_course($PAGE->course);
}
//TODO: verify conditional activities here
user_accesstime_log(SITEID);
return;
}
}
} else {
// course login always required
require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect);
}
}
}
}
/**
* Weaker version of require_login()
*
* This is a weaker version of {@link require_login()} which only requires login
* when called from within a course rather than the site page, unless
* the forcelogin option is turned on.
* @see require_login()
*
* @global object
* @param mixed $courseorid The course object or id in question
* @param bool $autologinguest Allow autologin guests if that is wanted
* @param object $cm Course activity module if known
* @param bool $setwantsurltome Define if we want to set $SESSION->wantsurl, defaults to
* true. Used to avoid (=false) some scripts (file.php...) to set that variable,
* in order to keep redirects working properly. MDL-14495
* @param bool $preventredirect set to true in scripts that can not redirect (CLI, rss feeds, etc.), throws exceptions
* @return void
*/
function require_course_login($courseorid, $autologinguest = true, $cm = NULL, $setwantsurltome = true, $preventredirect = false)
{
global $CFG, $PAGE, $SITE;
if (!empty($CFG->forcelogin)) {
// login required for both SITE and courses
require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect);
} else {
if (!empty($cm) and !$cm->visible) {
// always login for hidden activities
require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect);
} else {
if (is_object($courseorid) and $courseorid->id == SITEID or !is_object($courseorid) and $courseorid == SITEID) {
//login for SITE not required
if ($cm and empty($cm->visible)) {
// hidden activities are not accessible without login
require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect);
} else {
if ($cm and !empty($CFG->enablegroupmembersonly) and $cm->groupmembersonly) {
// not-logged-in users do not have any group membership
require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect);
} else {
// We still need to instatiate PAGE vars properly so that things
// that rely on it like navigation function correctly.
if (!empty($courseorid)) {
if (is_object($courseorid)) {
$course = $courseorid;
} else {
$course = clone $SITE;
}
if ($cm) {
if ($cm->course != $course->id) {
throw new coding_exception('course and cm parameters in require_course_login() call do not match!!');
}
$PAGE->set_cm($cm, $course);
$PAGE->set_pagelayout('incourse');
} else {
$PAGE->set_course($course);
}
} else {
// If $PAGE->course, and hence $PAGE->context, have not already been set
// up properly, set them up now.
$PAGE->set_course($PAGE->course);
}
//TODO: verify conditional activities here
user_accesstime_log(SITEID);
return;
}
}
} else {
// course login always required
require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect);
}
}
}
}
