} if (!($user = $DB->get_record('user', array('id' => $userid)))) { print_error('invaliduserid'); } if ($user->deleted) { echo $OUTPUT->header(); echo $OUTPUT->heading(get_string('userdeleted')); echo $OUTPUT->footer(); die; } if ($USER->id == $userid) { if (!has_capability('moodle/blog:create', $sitecontext) && !has_capability('moodle/blog:view', $sitecontext)) { print_error('donothaveblog', 'blog'); } } else { if (!has_capability('moodle/blog:view', $sitecontext) || !blog_user_can_view_user_entry($userid)) { print_error('cannotviewcourseblog', 'blog'); } $PAGE->navigation->extend_for_user($user); } } $courseid = empty($courseid) ? SITEID : $courseid; $blogheaders = blog_get_headers(); $rsscontext = null; $filtertype = null; $thingid = null; $rsstitle = ''; if ($CFG->enablerssfeeds) { list($thingid, $rsscontext, $filtertype) = blog_rss_get_params($blogheaders['filters']); if (empty($rsscontext)) { $rsscontext = context_system::instance();
/** * Validate comment parameter before perform other comments actions * * @package core_blog * @category comment * * @param stdClass $comment { * context => context the context object * courseid => int course id * cm => stdClass course module object * commentarea => string comment area * itemid => int itemid * } * @return boolean */ function blog_comment_validate($comment_param) { global $CFG, $DB, $USER; // Check if blogs are enabled user can comment. if (empty($CFG->enableblogs) || empty($CFG->blogusecomments)) { throw new comment_exception('nopermissiontocomment'); } // Validate comment area. if ($comment_param->commentarea != 'format_blog') { throw new comment_exception('invalidcommentarea'); } $blogentry = $DB->get_record('post', array('id' => $comment_param->itemid), '*', MUST_EXIST); // Validation for comment deletion. if (!empty($comment_param->commentid)) { if ($record = $DB->get_record('comments', array('id' => $comment_param->commentid))) { if ($record->commentarea != 'format_blog') { throw new comment_exception('invalidcommentarea'); } if ($record->contextid != $comment_param->context->id) { throw new comment_exception('invalidcontext'); } if ($record->itemid != $comment_param->itemid) { throw new comment_exception('invalidcommentitemid'); } } else { throw new comment_exception('invalidcommentid'); } } // Validate if user has blog view permission. $sitecontext = context_system::instance(); return has_capability('moodle/blog:view', $sitecontext) && blog_user_can_view_user_entry($blogentry->userid, $blogentry); }
if ($user->deleted) { echo $OUTPUT->header(); echo $OUTPUT->heading(get_string('userdeleted')); echo $OUTPUT->footer(); die; } if ($USER->id == $userid) { if (!has_capability('moodle/blog:create', $sitecontext) && !has_capability('moodle/blog:view', $sitecontext)) { print_error('donothaveblog', 'blog'); } } else { $personalcontext = context_user::instance($userid); if (!has_capability('moodle/blog:view', $sitecontext) && !has_capability('moodle/user:readuserblogs', $personalcontext)) { print_error('cannotviewuserblog', 'blog'); } if (!blog_user_can_view_user_entry($userid)) { print_error('cannotviewcourseblog', 'blog'); } $PAGE->navigation->extend_for_user($user); } } $courseid = empty($courseid) ? SITEID : $courseid; if (empty($entryid) && empty($modid) && empty($groupid)) { $PAGE->set_context(context_user::instance($USER->id)); } else { if (!empty($modid)) { $PAGE->set_context(context_module::instance($modid)); } else { if (!empty($courseid)) { $PAGE->set_context(context_course::instance($courseid)); } else {
/** * Add nodes to myprofile page. * * @param \core_user\output\myprofile\tree $tree Tree object * @param stdClass $user user object * @param bool $iscurrentuser * @param stdClass $course Course object * * @return bool */ function core_blog_myprofile_navigation(core_user\output\myprofile\tree $tree, $user, $iscurrentuser, $course) { global $CFG; if (!blog_is_enabled_for_user() || isguestuser($user)) { // The guest user cannot post, so it is not possible to view any posts. // Also blogs might be disabled. // May as well just bail aggressively here. return true; } if (!blog_user_can_view_user_entry($user->id)) { return true; } $url = new moodle_url("/blog/index.php", array('userid' => $user->id)); if (!empty($course)) { $url->param('courseid', $course->id); } if ($iscurrentuser) { $title = get_string('blogentries', 'core_blog'); } else { $title = get_string('myprofileuserblogs', 'core_blog'); } $blognode = new core_user\output\myprofile\node('miscellaneous', 'blogs', $title, null, $url); $tree->add_node($blognode); return true; }