/** * Actually ask the user for the password, if they have not already given it this session. * This function only returns is access is OK. * * @param boolean $canpreview used to enfore securewindow stuff. * @param object $accessmanager the accessmanager calling us. * @param boolean $return if true, return the HTML for the form (if required), instead of * outputting it at stopping * @return mixed return null, unless $return is true, and a form needs to be displayed. */ public function do_password_check($canpreview, $accessmanager, $return = false) { global $CFG, $SESSION; /// We have already checked the password for this quiz this session, so don't ask again. if (!empty($SESSION->passwordcheckedquizzes[$this->_quiz->id])) { return; } /// If the user cancelled the password form, send them back to the view page. if (optional_param('cancelpassword', false, PARAM_BOOL)) { $accessmanager->back_to_view_page($canpreview); } /// If they entered the right password, let them in. $enteredpassword = optional_param('quizpassword', '', PARAM_RAW); if (strcmp($this->_quiz->password, $enteredpassword) === 0) { $SESSION->passwordcheckedquizzes[$this->_quiz->id] = true; return; } /// User entered the wrong password, or has not entered one yet, so display the form. $output = ''; /// Start the page and print the quiz intro, if any. if (!$return) { print_header('', '', '', 'quizpassword'); } if (trim(strip_tags($this->_quiz->intro))) { $cm = get_coursemodule_from_id('quiz', $this->_quiz->id); $output .= print_box(format_module_intro('quiz', $this->_quiz, $cm->id), 'generalbox', 'intro', true); } $output .= print_box_start('generalbox', 'passwordbox', true); /// If they have previously tried and failed to enter a password, tell them it was wrong. if (!empty($enteredpassword)) { $output .= '<p class="notifyproblem">' . get_string('passworderror', 'quiz') . '</p>'; } /// Print the password entry form. $output .= '<p>' . get_string('requirepasswordmessage', 'quiz') . "</p>\n"; $output .= '<form id="passwordform" method="post" action="' . $CFG->wwwroot . '/mod/quiz/startattempt.php" onclick="this.autocomplete=\'off\'">' . "\n"; $output .= "<div>\n"; $output .= '<label for="quizpassword">' . get_string('password') . "</label>\n"; $output .= '<input name="quizpassword" id="quizpassword" type="password" value=""/>' . "\n"; $output .= '<input name="cmid" type="hidden" value="' . $this->_quizobj->get_cmid() . '"/>' . "\n"; $output .= '<input name="sesskey" type="hidden" value="' . sesskey() . '"/>' . "\n"; $output .= '<input type="submit" value="' . get_string('ok') . '" />'; $output .= '<input type="submit" name="cancelpassword" value="' . get_string('cancel') . '" />' . "\n"; $output .= "</div>\n"; $output .= "</form>\n"; /// Finish page. $output .= print_box_end(true); /// return or display form. if ($return) { return $output; } else { echo $output; print_footer('empty'); exit; } }
/** * Actually ask the user for the password, if they have not already given it this session. * This function only returns is access is OK. * * @param bool $canpreview used to enfore securewindow stuff. * @param object $accessmanager the accessmanager calling us. * @return mixed return null, unless $return is true, and a form needs to be displayed. */ public function do_password_check($canpreview, $accessmanager) { global $CFG, $SESSION, $OUTPUT, $PAGE; // We have already checked the password for this quiz this session, so don't ask again. if (!empty($SESSION->passwordcheckedquizzes[$this->_quiz->id])) { return; } // If the user cancelled the password form, send them back to the view page. if (optional_param('cancelpassword', false, PARAM_BOOL)) { $accessmanager->back_to_view_page($canpreview); } // If they entered the right password, let them in. $enteredpassword = optional_param('quizpassword', '', PARAM_RAW); $validpassword = false; if (strcmp($this->_quiz->password, $enteredpassword) === 0) { $validpassword = true; } else if (isset($this->_quiz->extrapasswords)) { // group overrides may have additional passwords foreach ($this->_quiz->extrapasswords as $password) { if (strcmp($password, $enteredpassword) === 0) { $validpassword = true; break; } } } if ($validpassword) { $SESSION->passwordcheckedquizzes[$this->_quiz->id] = true; return; } // User entered the wrong password, or has not entered one yet, so display the form. $output = ''; // Start the page and print the quiz intro, if any. if ($accessmanager->securewindow_required($canpreview)) { $accessmanager->setup_secure_page($this->_quizobj->get_course()->shortname . ': ' . format_string($this->_quizobj->get_quiz_name())); } else if ($accessmanager->safebrowser_required($canpreview)) { $PAGE->set_title($this->_quizobj->get_course()->shortname . ': ' . format_string($this->_quizobj->get_quiz_name())); $PAGE->set_cacheable(false); } else { $PAGE->set_title(format_string($this->_quizobj->get_quiz_name())); } echo $OUTPUT->header(); if (trim(strip_tags($this->_quiz->intro))) { $output .= $OUTPUT->box(format_module_intro('quiz', $this->_quiz, $this->_quizobj->get_cmid()), 'generalbox', 'intro'); } $output .= $OUTPUT->box_start('generalbox', 'passwordbox'); // If they have previously tried and failed to enter a password, tell them it was wrong. if (!empty($enteredpassword)) { $output .= '<p class="notifyproblem">' . get_string('passworderror', 'quiz') . '</p>'; } // Print the password entry form. $output .= '<p>' . get_string('requirepasswordmessage', 'quiz') . "</p>\n"; $output .= '<form id="passwordform" method="post" action="' . $CFG->wwwroot . '/mod/quiz/startattempt.php" onclick="this.autocomplete=\'off\'">' . "\n"; $output .= "<div>\n"; $output .= '<label for="quizpassword">' . get_string('password') . "</label>\n"; $output .= '<input name="quizpassword" id="quizpassword" type="password" value=""/>' . "\n"; $output .= '<input name="cmid" type="hidden" value="' . $this->_quizobj->get_cmid() . '"/>' . "\n"; $output .= '<input name="sesskey" type="hidden" value="' . sesskey() . '"/>' . "\n"; $output .= '<input type="submit" value="' . get_string('ok') . '" />'; $output .= '<input type="submit" name="cancelpassword" value="' . get_string('cancel') . '" />' . "\n"; $output .= "</div>\n"; $output .= "</form>\n"; // Finish page. $output .= $OUTPUT->box_end(); // return or display form. echo $output; echo $OUTPUT->footer(); exit; }