/**
* Handle requests to the redirect URL.
*
* @return mixed Determined by loginflow.
*/
public function handleredirect()
{
$state = param_variable('state', null);
$promptlogin = (bool) param_variable('promptlogin', 0);
if (!empty($state)) {
// Response from OP.
$this->handleauthresponse($_REQUEST);
} else {
// Initial login request.
$this->initiateauthrequest($promptlogin, array('forceflow' => 'authcode'));
}
}
function delete_all_notifications_submit()
{
global $USER, $SESSION;
$userid = $USER->get('id');
$type = param_variable('type', 'all');
$typesql = '';
if ($type != 'all') {
// Treat as comma-separated list of activity type names
$types = explode(',', preg_replace('/[^a-z,]+/', '', $type));
if ($types) {
$typesql = ' at.name IN (' . join(',', array_map('db_quote', $types)) . ')';
if (in_array('adminmessages', $types)) {
$typesql = '(' . $typesql . ' OR at.admin = 1)';
}
$typesql = ' AND ' . $typesql;
}
}
$from = "\n FROM {notification_internal_activity} a\n JOIN {activity_type} at ON a.type = at.id\n WHERE a.usr = ? {$typesql}";
$values = array($userid);
db_begin();
$count = 0;
$records = get_records_sql_array('SELECT a.id ' . $from, $values);
if ($records) {
$count = sizeof($records);
$ids = array();
foreach ($records as $row) {
$ids[] = $row->id;
}
// Remove parent pointers to messages we're about to delete
execute_sql('
UPDATE {notification_internal_activity}
SET parent = NULL
WHERE parent IN (
' . join(',', array_map('db_quote', $ids)) . '
)');
// delete
execute_sql('
DELETE FROM {notification_internal_activity}
WHERE id IN (
' . join(',', array_map('db_quote', $ids)) . '
)');
// The update_unread_delete db trigger on notification_internal_activity
// will update the unread column on the usr table.
}
db_commit();
$SESSION->add_ok_msg(get_string('deletednotifications1', 'activity', $count));
safe_require('module', 'multirecipientnotification');
if (PluginModuleMultirecipientnotification::is_active()) {
redirect(get_config('wwwroot') . 'module/multirecipientnotification/inbox.php?type=' . $type);
} else {
redirect(get_config('wwwroot') . 'account/activity/index.php?type=' . $type);
}
}
public static function render_instance(BlockInstance $instance, $editing = false)
{
global $USER;
if ($editing) {
$smarty = smarty_core();
$smarty->assign('editing', get_string('ineditordescription1', 'blocktype.comment/comment'));
$html = $smarty->fetch('blocktype:comment:comment.tpl');
return $html;
}
// Feedback list pagination requires limit/offset params
$limit = param_integer('limit', 10);
$offset = param_integer('offset', 0);
$showcomment = param_integer('showcomment', null);
// Create the "make feedback private form" now if it's been submitted
if (param_variable('make_public_submit', null)) {
pieform(ArtefactTypeComment::make_public_form(param_integer('comment')));
} else {
if (param_variable('delete_comment_submit_x', null)) {
pieform(ArtefactTypeComment::delete_comment_form(param_integer('comment')));
}
}
$view = new View($instance->get('view'));
$submittedgroup = (int) $view->get('submittedgroup');
if ($USER->is_logged_in() && $submittedgroup && group_user_can_assess_submitted_views($submittedgroup, $USER->get('id'))) {
$releaseform = true;
} else {
$releaseform = false;
}
// If the view has comments turned off, tutors can still leave
// comments if the view is submitted to their group.
if (!empty($releaseform) || $view->user_comments_allowed($USER)) {
$addfeedbackpopup = true;
}
safe_require('artefact', 'comment');
$commentoptions = ArtefactTypeComment::get_comment_options();
$commentoptions->limit = $limit;
$commentoptions->offset = $offset;
$commentoptions->showcomment = $showcomment;
$commentoptions->view = $instance->get_view();
$feedback = ArtefactTypeComment::get_comments($commentoptions);
$smarty = smarty_core();
$smarty->assign('feedback', $feedback);
if (isset($addfeedbackpopup)) {
$smarty->assign('enablecomments', 1);
$smarty->assign('addfeedbackpopup', $addfeedbackpopup);
}
$html = $smarty->fetch('blocktype:comment:comment.tpl');
return $html;
}
function search_submit(Pieform $form, $values)
{
// Convert (query,type) parameters from form to (query,tag)
global $queryparams, $tag, $query, $share;
if (isset($queryparams['query'])) {
unset($queryparams['query']);
$query = null;
}
if (isset($queryparams['tag'])) {
unset($queryparams['tag']);
$tag = null;
}
if (isset($values['query']) && $values['query'] != '') {
if ($values['type'] == 'tagsonly') {
$queryparams['tag'] = $tag = $values['query'];
} else {
$queryparams['query'] = $query = $values['query'];
}
}
$share = $queryparams['share'] = param_variable('share', array());
}
public static function render_instance(BlockInstance $instance, $editing = false)
{
require_once get_config('docroot') . 'artefact/lib.php';
global $USER;
$smarty = smarty_core();
$filter = param_alpha('filter', 'canjoin');
$query = param_variable('query', '');
// check that the filter is valid, if not default to 'all'
if (in_array($filter, array('member', 'notmember', 'canjoin'))) {
$type = $filter;
} else {
// all or some other text
$filter = 'all';
$type = 'all';
}
$filter_elements = array();
$filter_elements['query'] = array('title' => get_string('search'), 'defaultvalue' => $query);
$filter_elements['filter'] = array('title' => get_string('filter'), 'options' => array('canjoin' => get_string('groupsicanjoin', 'group'), 'notmember' => get_string('groupsnotin', 'group'), 'member' => get_string('groupsimin', 'group'), 'all' => get_string('allgroups', 'group')), 'defaultvalue' => $filter);
$filter_elements['search'] = array('type' => 'submit', 'value' => get_string('search'));
$smarty->assign('filter_elements', $filter_elements);
return $smarty->fetch('blocktype:eselmasearchgroup:content.tpl');
}
function pieform_element_filebrowser_changefolder(Pieform $form, $element, $folder)
{
$owner = $ownerid = $group = $institution = $user = null;
$prefix = $form->get_name() . '_' . $element['name'];
if (isset($element['tabs'])) {
if ($owner = param_variable($prefix . '_owner', null)) {
if ($owner == 'site') {
$owner = 'institution';
$institution = $ownerid = 'mahara';
} else {
if ($ownerid = param_variable($prefix . '_ownerid', null)) {
if ($owner == 'group') {
$group = (int) $ownerid;
} else {
if ($owner == 'institution') {
$institution = $ownerid;
} else {
if ($owner == 'user') {
$user = true;
}
}
}
}
}
}
}
// If changing to a group folder, check whether the user can edit it
if ($g = $owner ? $group : $form->get_property('group')) {
if (!pieform_element_filebrowser_view_group_folder($g, $folder)) {
return array('error' => true, 'message' => get_string('cannotviewfolder', 'artefact.file'));
}
$editgroupfolder = pieform_element_filebrowser_edit_group_folder($g, $folder);
}
return array('error' => false, 'changedfolder' => true, 'folder' => $folder, 'disableedit' => isset($editgroupfolder) && $editgroupfolder == false, 'newlist' => pieform_element_filebrowser_build_filelist($form, $element, $folder, null, $user, $group, $institution), 'newpath' => pieform_element_filebrowser_build_path($form, $element, $folder, $owner, $ownerid));
}
* @subpackage artefact-blog
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL
* @copyright (C) 2006-2008 Catalyst IT Ltd http://catalyst.net.nz
*
*/
define('INTERNAL', 1);
define('JSON', 1);
define('PUBLIC', 1);
require dirname(dirname(dirname(dirname(__FILE__)))) . '/init.php';
safe_require('artefact', 'blog');
json_headers();
$id = param_integer('id');
$limit = param_integer('limit', ArtefactTypeBlog::pagination);
$offset = param_integer('offset', 0);
$options = json_decode(param_variable('options'));
$viewid = isset($options->viewid) ? $options->viewid : null;
if ($viewid) {
if (!can_view_view($viewid)) {
throw new AccessDeniedException();
}
} else {
if (!$USER->is_logged_in()) {
throw new AccessDeniedException();
}
if (!$viewid && get_field('artefact', 'owner', 'id', $id) != $USER->get('id')) {
throw new AccessDeniedException();
}
}
list($count, $data) = ArtefactTypeBlogPost::render_posts(FORMAT_ARTEFACT_RENDERFULL, $options, $id, $limit, $offset);
if (!$count) {
protected static function get_data($groupid)
{
global $USER;
if (!defined('GROUP')) {
define('GROUP', $groupid);
}
// get the currently requested group
$group = group_current_group();
$group->ctime = strftime(get_string('strftimedate'), $group->ctime);
// if the user isn't logged in an the group isn't public don't show anything
if (!is_logged_in() && !$group->public) {
throw new AccessDeniedException();
}
// find the group administrators
$group->admins = get_column_sql("SELECT \"member\"\n FROM {group_member}\n WHERE \"group\" = ?\n AND \"role\" = 'admin'", array($group->id));
$role = group_user_access($group->id);
$group->role = $role;
// logged in user can do stuff
if (is_logged_in()) {
$afterjoin = param_variable('next', 'view');
if ($role) {
if ($role == 'admin') {
$group->membershiptype = 'admin';
$group->requests = count_records('group_member_request', 'group', $group->id);
} else {
$group->membershiptype = 'member';
}
$group->canleave = group_user_can_leave($group->id);
} else {
if ($group->jointype == 'invite' and $invite = get_record('group_member_invite', 'group', $group->id, 'member', $USER->get('id'))) {
$group->membershiptype = 'invite';
$group->invite = group_get_accept_form('invite', $group->id, $afterjoin);
} else {
if ($group->jointype == 'request' and $request = get_record('group_member_request', 'group', $group->id, 'member', $USER->get('id'))) {
$group->membershiptype = 'request';
} else {
if ($group->jointype == 'open') {
$group->groupjoin = group_get_join_form('joingroup', $group->id, $afterjoin);
}
}
}
}
}
$group->settingsdescription = group_display_settings($group);
if (get_config('allowgroupcategories')) {
$group->categorytitle = $group->category ? get_field('group_category', 'title', 'id', $group->category) : '';
}
$filecounts = ArtefactTypeFileBase::count_user_files(null, $group->id, null);
return array('group' => $group, 'filecounts' => $filecounts);
}
/**
*
* @package mahara
* @subpackage module-multirecipientnotification
* @author David Ballhausen, Tobias Zeuch
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
define('INTERNAL', 1);
define('JSON', 1);
require dirname(dirname(dirname(__FILE__))) . '/init.php';
require_once dirname(__FILE__) . '/lib/multirecipientnotification.php';
require_once get_config('docroot') . '/lib/searchlib.php';
global $USER;
$request = param_variable('q');
$page = param_integer('page');
if ($page < 1) {
$page = 1;
}
$usersperpage = 10;
$more = true;
$tmpuser = array();
while ($more && count($tmpuser) < $usersperpage) {
$users = search_user($request, $usersperpage, $usersperpage * ($page - 1));
$more = $users['count'] > $usersperpage * $page;
if (!$users['data']) {
$users['data'] = array();
}
foreach ($users['data'] as $user) {
if (count($tmpuser) >= $usersperpage) {
/**
* used by user/myfriends.php and user/find.php to get the data (including pieforms etc) for display
* @param $userlist the ids separated by commas
* @return array containing the users in the order from $userlist
*/
function get_users_data($userlist, $getviews = true)
{
global $USER;
// $userlist is only used by build_userlist_html() in this file and is sanitised there
$sql = 'SELECT u.id, u.username, u.preferredname, u.firstname, u.lastname, u.admin, u.staff, u.deleted,
u.profileicon, u.email,
0 AS pending, ap.value AS hidenamepref,
COALESCE((SELECT ap.value FROM {usr_account_preference} ap WHERE ap.usr = u.id AND ap.field = \'messages\'), \'allow\') AS messages,
COALESCE((SELECT ap.value FROM {usr_account_preference} ap WHERE ap.usr = u.id AND ap.field = \'friendscontrol\'), \'auth\') AS friendscontrol,
(SELECT 1 FROM {usr_friend} WHERE ((usr1 = ? AND usr2 = u.id) OR (usr2 = ? AND usr1 = u.id))) AS friend,
(SELECT 1 FROM {usr_friend_request} fr WHERE fr.requester = ? AND fr.owner = u.id) AS requestedfriendship,
(SELECT title FROM {artefact} WHERE artefacttype = \'introduction\' AND owner = u.id) AS introduction,
NULL AS message
FROM {usr} u
LEFT JOIN {usr_account_preference} ap ON (u.id = ap.usr AND ap.field = \'hiderealname\')
WHERE u.id IN (' . $userlist . ')
UNION
SELECT u.id, u.username, u.preferredname, u.firstname, u.lastname, u.admin, u.staff, u.deleted,
u.profileicon, u.email,
1 AS pending, ap.value AS hidenamepref,
COALESCE((SELECT ap.value FROM {usr_account_preference} ap WHERE ap.usr = u.id AND ap.field = \'messages\'), \'allow\') AS messages,
NULL AS friendscontrol,
NULL AS friend,
NULL AS requestedfriendship,
(SELECT title FROM {artefact} WHERE artefacttype = \'introduction\' AND owner = u.id) AS introduction,
message
FROM {usr} u
LEFT JOIN {usr_account_preference} ap ON (u.id = ap.usr AND ap.field = \'hiderealname\')
JOIN {usr_friend_request} fr ON fr.requester = u.id
WHERE fr.owner = ?
AND u.id IN (' . $userlist . ')';
$userid = $USER->get('id');
$data = get_records_sql_assoc($sql, array($userid, $userid, $userid, $userid));
$allowhidename = get_config('userscanhiderealnames');
$showusername = get_config('searchusernames');
foreach ($data as &$record) {
$record->messages = $record->messages == 'allow' || $record->friend && $record->messages == 'friends' || $USER->get('admin') ? 1 : 0;
$record->institutions = get_institution_string_for_user($record->id);
$record->display_name = display_name($record, null, false, !$allowhidename || !$record->hidenamepref, $showusername);
}
if (!$data || !$getviews || !($views = get_views(array_keys($data), null, null))) {
$views = array();
}
if ($getviews) {
$viewcount = array_map('count', $views);
// since php is so special and inconsistent, we can't use array_map for this because it breaks the top level indexes.
$cleanviews = array();
foreach ($views as $userindex => $viewarray) {
$cleanviews[$userindex] = array_slice($viewarray, 0, 5);
// Don't reveal any more about the view than necessary
foreach ($cleanviews as $userviews) {
foreach ($userviews as &$view) {
foreach (array_keys(get_object_vars($view)) as $key) {
if ($key != 'id' && $key != 'title') {
unset($view->{$key});
}
}
}
}
}
}
foreach ($data as $friend) {
if ($getviews && isset($cleanviews[$friend->id])) {
$friend->views = $cleanviews[$friend->id];
}
if ($friend->pending) {
$friend->accept = pieform(array('name' => 'acceptfriend' . $friend->id, 'successcallback' => 'acceptfriend_submit', 'renderer' => 'div', 'autofocus' => 'false', 'elements' => array('submit' => array('type' => 'submit', 'value' => get_string('approverequest', 'group')), 'id' => array('type' => 'hidden', 'value' => $friend->id))));
}
if (!$friend->friend && !$friend->pending && !$friend->requestedfriendship && $friend->friendscontrol == 'auto') {
$friend->makefriend = pieform(array('name' => 'addfriend' . $friend->id, 'successcallback' => 'addfriend_submit', 'renderer' => 'div', 'autofocus' => 'false', 'elements' => array('submit' => array('type' => 'submit', 'value' => get_string('addtofriendslist', 'group')), 'id' => array('type' => 'hidden', 'value' => $friend->id), 'query' => array('type' => 'hidden', 'value' => param_variable('query', '')), 'offset' => array('type' => 'hidden', 'value' => param_integer('offset', 0)))));
}
}
$order = explode(',', $userlist);
$ordereddata = array();
foreach ($order as $id) {
if (isset($data[$id])) {
$ordereddata[] = $data[$id];
}
}
return $ordereddata;
}
$markasread = param_integer('markasread', 0);
$delete = param_integer('delete', 0);
if ($readone) {
if ('notification_internal_activity' === $table) {
set_field($table, 'read', 1, 'id', $readone, 'usr', $USER->get('id'));
} else {
if ('artefact_multirecipient_notification' === $table) {
mark_as_read_mr(array($readone), $USER->get('id'));
}
}
$unread = $USER->add_unread(-1);
$data = array('newunreadcount' => $unread, 'newimage' => $THEME->get_url($unread ? 'images/newmail.png' : 'images/message.png'));
json_reply(false, array('data' => $data));
}
require_once get_config('libroot') . 'activity.php';
$type = param_variable('type', 'all');
$limit = param_integer('limit', 10);
$offset = param_integer('offset', 0);
$message = false;
if ($markasread) {
$ids = array();
$m = array();
foreach ($_GET as $k => $v) {
if (preg_match('/^unread\\-([a-zA-Z_]+)\\-(\\d+)$/', $k, $m)) {
$table = $m[1];
$ids[$table][] = $m[2];
}
}
foreach ($ids as $table => $idspertable) {
if ($idspertable) {
if ('artefact_multirecipient_notification' === $table) {
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
define('INTERNAL', 1);
define('SECTION_PLUGINTYPE', 'core');
define('SECTION_PLUGINNAME', 'collection');
define('SECTION_PAGE', 'views');
require dirname(dirname(__FILE__)) . '/init.php';
require_once 'pieforms/pieform.php';
require_once 'collection.php';
require_once 'view.php';
$id = param_integer('id');
// view addition/displayorder values
$view = param_integer('view', 0);
$direction = param_variable('direction', '');
$collection = new Collection($id);
if (!$USER->can_edit_collection($collection)) {
throw new AccessDeniedException(get_string('canteditcollection', 'collection'));
}
$sesskey = $USER->get('sesskey');
$inlinejs = '';
if ($accesschanged = $SESSION->get('pageaccesschanged')) {
$alertstr = get_string('viewsaddedaccesschanged', 'collection');
foreach ($accesschanged as $viewid) {
$changedview = new View($viewid);
$alertstr .= " " . json_encode($changedview->get('title')) . ",";
}
$alertstr = substr($alertstr, 0, -1) . '.';
$alertstr = get_string('viewsaddedtocollection1', 'collection', $SESSION->get('pagesadded')) . ' ' . $alertstr;
$inlinejs = <<<EOF
$remove = param_variable('removeuser', null);
$member = param_integer('member', null);
if ($remove && $member) {
// Create the remove user pieform for the user that's being removed.
// The form's submit function will be called as soon as the form
// is generated.
//
// We do this now because the user could be on the 2nd page of
// results, so their remove form might never get generated on
// this page. And also because generating the rest of the page
// would be a waste of time -- the submit function just redirects
// back here.
group_get_removeuser_form($member, $group->id);
}
// Search related stuff for member pager
$query = trim(param_variable('query', ''));
// pagination params
$setlimit = true;
//Enable choosing page size; list of page sizes has been predefined in function build_pagination()
$offset = param_integer('offset', 0);
$limit = param_integer('limit', 10);
// Sort options index and list of sort options
// ORDER BY statements defined in group_user_search function need to be matched
$sortoptions = array('adminfirst' => get_string('adminfirst'), 'nameatoz' => get_string('nameatoz'), 'nameztoa' => get_string('nameztoa'), 'firstjoined' => get_string('firstjoined'), 'lastjoined' => get_string('lastjoined'));
$sortoptionidx = param_alpha('sortoption', 'adminfirst');
if ($membershiptype == 'request') {
array_shift($sortoptions);
$sortoptionidx = param_alpha('sortoption', 'nameatoz');
}
$results = get_group_user_search_results($group->id, $query, $offset, $limit, $membershiptype, null, null, $sortoptionidx);
list($html, $pagination, $count, $offset, $membershiptype) = group_get_membersearch_data($results, $group->id, $query, $membershiptype, $setlimit, $sortoptionidx);
* @package mahara
* @subpackage core
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
// NOTE: this JSON script is used by the 'viewacl' element. It could probably
// be moved elsewhere without harm if necessary (e.g. if the 'viewacl' element
// was used in more places
define('INTERNAL', 1);
define('JSON', 1);
require dirname(dirname(__FILE__)) . '/init.php';
require_once 'searchlib.php';
$type = param_variable('type');
$query = param_variable('query', '');
$page = param_integer('page');
$limit = 10;
if ($page < 1) {
$page = 1;
}
$offset = ($page - 1) * $limit;
switch ($type) {
case 'friend':
$data = search_user($query, $limit, $offset, array('exclude' => $USER->get('id'), 'friends' => true));
break;
case 'user':
$data = search_user($query, $limit, $offset, array('exclude' => $USER->get('id')));
break;
case 'group':
require_once 'group.php';
$sp = param_alphanumext('as', 'default-sp');
if (!in_array($sp, SimpleSAML_Auth_Source::getSources())) {
$sp = 'default-sp';
}
$as = new SimpleSAML_Auth_Simple($sp);
// Check the SimpleSAMLphp config is compatible
$saml_config = SimpleSAML_Configuration::getInstance();
$session_handler = $saml_config->getString('session.handler', false);
$store_type = $saml_config->getString('store.type', false);
if ($store_type == 'phpsession' || $session_handler == 'phpsession' || empty($store_type) && empty($session_handler)) {
throw new AuthInstanceException(get_string('errorbadssphp', 'auth.saml'));
}
// what is the session like?
$valid_saml_session = $saml_session->isValid($sp);
// figure out what the returnto URL should be
$wantsurl = param_variable("wantsurl", false);
if (!$wantsurl) {
if (isset($_SESSION['wantsurl'])) {
$wantsurl = $_SESSION['wantsurl'];
} else {
if (!$saml_session->getIdP()) {
$wantsurl = array_key_exists('HTTP_REFERER', $_SERVER) ? $_SERVER['HTTP_REFERER'] : $CFG->wwwroot;
} else {
$wantsurl = $CFG->wwwroot;
}
}
}
// taken from Moodle clean_param - make sure the wantsurl is correctly formed
include_once 'validateurlsyntax.php';
if (!validateUrlSyntax($wantsurl, 's?H?S?F?E?u-P-a?I?p?f?q?r?')) {
$wantsurl = $CFG->wwwroot;
*
* @package mahara
* @subpackage admin
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
define('INTERNAL', 1);
define('ADMIN', 1);
define('INSTALLER', 1);
define('JSON', 1);
require dirname(dirname(__FILE__)) . '/init.php';
require get_config('libroot') . 'upgrade.php';
require get_config('docroot') . 'local/install.php';
$name = param_variable('name');
$install = $name == 'firstcoredata' || $name == 'lastcoredata' || $name == 'localpreinst' || $name == 'localpostinst';
if (!$install) {
$upgrade = check_upgrades($name);
if (!empty($upgrade) && empty($upgrade->disablelogin)) {
auth_setup();
}
}
raise_time_limit(120);
raise_memory_limit('256M');
$data = array('key' => $name);
if ($install) {
if (!get_config('installed')) {
if ($name == 'localpreinst' || $name == 'localpostinst') {
$fun = $name;
$data['localdata'] = true;
public static function views_by_owner($group = null, $institution = null)
{
global $USER;
// Pagination configuration
$setlimit = true;
$limit = param_integer('limit', 0);
$userlimit = get_account_preference($USER->get('id'), 'viewsperpage');
if ($limit > 0 && $limit != $userlimit) {
$USER->set_account_preference('viewsperpage', $limit);
} else {
$limit = $userlimit;
}
$offset = param_integer('offset', 0);
// load default page order from user settings as default and overwrite, if changed
$usersettingorderby = get_account_preference($USER->get('id'), 'orderpagesby');
$orderby = param_variable('orderby', $usersettingorderby);
if ($usersettingorderby !== $orderby) {
set_account_preference($USER->get('id'), 'orderpagesby', $orderby);
}
$query = param_variable('query', null);
$tag = param_variable('tag', null);
$searchoptions = array('titleanddescription' => get_string('titleanddescription', 'view'), 'tagsonly' => get_string('tagsonly', 'view'));
if (!empty($tag)) {
$searchtype = 'tagsonly';
$searchdefault = $tag;
$query = null;
} else {
$searchtype = 'titleanddescription';
$searchdefault = $query;
}
$searchform = array('name' => 'searchviews', 'checkdirtychange' => false, 'class' => 'with-heading form-inline', 'elements' => array('searchwithin' => array('type' => 'fieldset', 'class' => 'dropdown-group js-dropdown-group', 'elements' => array('query' => array('type' => 'text', 'title' => get_string('search') . ': ', 'class' => 'with-dropdown js-with-dropdown', 'defaultvalue' => $searchdefault), 'type' => array('title' => get_string('searchwithin') . ': ', 'class' => 'dropdown-connect js-dropdown-connect searchviews-type', 'type' => 'select', 'options' => $searchoptions, 'defaultvalue' => $searchtype))), 'setlimit' => array('type' => 'hidden', 'value' => $setlimit), 'orderbygroup' => array('type' => 'fieldset', 'class' => 'input-group', 'elements' => array('orderby' => array('type' => 'select', 'class' => 'input-small', 'title' => get_string('sortby'), 'options' => array('atoz' => get_string('defaultsort', 'view'), 'latestcreated' => get_string('latestcreated', 'view'), 'latestmodified' => get_string('latestmodified', 'view'), 'latestviewed' => get_string('latestviewed', 'view'), 'mostvisited' => get_string('mostvisited', 'view'), 'mostcomments' => get_string('mostcomments', 'view')), 'defaultvalue' => $orderby), 'submit' => array('type' => 'button', 'usebuttontag' => true, 'class' => 'btn-primary input-group-btn no-label', 'value' => get_string('search'))))));
if ($group) {
$searchform['elements']['group'] = array('type' => 'hidden', 'name' => 'group', 'value' => $group);
} else {
if ($institution) {
$searchform['elements']['institution'] = array('type' => 'hidden', 'name' => 'institution', 'value' => $institution);
}
}
$searchform = pieform($searchform);
$data = self::get_myviews_data($limit, $offset, $query, $tag, $group, $institution, $orderby);
$url = self::get_myviews_url($group, $institution, $query, $tag, $orderby);
$pagination = build_pagination(array('url' => $url, 'count' => $data->count, 'limit' => $limit, 'setlimit' => $setlimit, 'offset' => $offset, 'jumplinks' => 6, 'numbersincludeprevnext' => 2));
return array($searchform, $data, $pagination);
}
/**
* Builds the configuration pieform for this blockinstance
*
* @return array Array with two keys: 'html' for raw html, 'javascript' for
* javascript to run, 'css' for dynamic css to add to header
*/
public function build_configure_form($new = false)
{
static $renderedform;
if (!empty($renderedform)) {
return $renderedform;
}
safe_require('blocktype', $this->get('blocktype'));
$blocktypeclass = generate_class_name('blocktype', $this->get('blocktype'));
$elements = call_static_method($blocktypeclass, 'instance_config_form', $this, $this->get_view()->get('template'));
// Block types may specify a method to generate a default title for a block
$hasdefault = method_exists($blocktypeclass, 'get_instance_title');
$title = $this->get('title');
$configdata = $this->get('configdata');
$retractable = isset($configdata['retractable']) ? $configdata['retractable'] : false;
$retractedonload = isset($configdata['retractedonload']) ? $configdata['retractedonload'] : $retractable;
if (call_static_method($blocktypeclass, 'override_instance_title', $this)) {
$titleelement = array('type' => 'hidden', 'value' => $title);
} else {
$titleelement = array('type' => 'text', 'title' => get_string('blocktitle', 'view'), 'description' => $hasdefault ? get_string('defaulttitledescription', 'blocktype.' . blocktype_name_to_namespaced($this->get('blocktype'))) : null, 'defaultvalue' => $title, 'rules' => array('maxlength' => 255), 'hidewhenempty' => $hasdefault, 'expandtext' => get_string('setblocktitle'));
}
$elements = array_merge(array('title' => $titleelement, 'blockconfig' => array('type' => 'hidden', 'value' => $this->get('id')), 'id' => array('type' => 'hidden', 'value' => $this->get('view')), 'change' => array('type' => 'hidden', 'value' => 1), 'new' => array('type' => 'hidden', 'value' => $new)), $elements, array('retractable' => array('type' => 'select', 'title' => get_string('retractable', 'view'), 'description' => get_string('retractabledescription', 'view'), 'options' => array(BlockInstance::RETRACTABLE_NO => get_string('no'), BlockInstance::RETRACTABLE_YES => get_string('yes'), BlockInstance::RETRACTABLE_RETRACTED => get_string('retractedonload', 'view')), 'defaultvalue' => $retractable + $retractedonload)));
if ($new) {
$cancel = get_string('remove');
$elements['removeoncancel'] = array('type' => 'hidden', 'value' => 1);
$elements['sure'] = array('type' => 'hidden', 'value' => 1);
} else {
$cancel = get_string('cancel');
}
// Add submit/cancel buttons
$elements['action_configureblockinstance_id_' . $this->get('id')] = array('type' => 'submitcancel', 'class' => 'btn-default', 'value' => array(get_string('save'), $cancel), 'goto' => View::make_base_url());
$configdirs = array(get_config('libroot') . 'form/');
if ($this->get('artefactplugin')) {
$configdirs[] = get_config('docroot') . 'artefact/' . $this->get('artefactplugin') . '/form/';
}
$form = array('name' => 'instconf', 'renderer' => 'div', 'validatecallback' => array(generate_class_name('blocktype', $this->get('blocktype')), 'instance_config_validate'), 'successcallback' => array($this, 'instance_config_store'), 'jsform' => true, 'jssuccesscallback' => 'blockConfigSuccess', 'jserrorcallback' => 'blockConfigError', 'elements' => $elements, 'viewgroup' => $this->get_view()->get('group'), 'group' => $this->get_view()->get('group'), 'viewinstitution' => $this->get_view()->get('institution'), 'institution' => $this->get_view()->get('institution'), 'configdirs' => $configdirs, 'plugintype' => 'blocktype', 'pluginname' => $this->get('blocktype'));
if (param_variable('action_acsearch_id_' . $this->get('id'), false)) {
$form['validate'] = false;
}
require_once 'pieforms/pieform.php';
$pieform = new Pieform($form);
if ($pieform->is_submitted()) {
global $SESSION;
$SESSION->add_error_msg(get_string('errorprocessingform'));
}
$html = $pieform->build();
// We probably need a new version of $pieform->build() that separates out the js
// Temporary evil hack:
if (preg_match('/<script type="(text|application)\\/javascript">(new Pieform\\(.*\\);)<\\/script>/', $html, $matches)) {
$js = "var pf_{$form['name']} = " . $matches[2] . "pf_{$form['name']}.init();";
} else {
$js = '';
}
// We need to load any javascript required for the pieform. We do this
// by checking for an api function that has been added especially for
// the purpose, but that is not part of Pieforms. Maybe one day later
// it will be though
foreach ($elements as $key => $element) {
$element['name'] = $key;
$function = 'pieform_element_' . $element['type'] . '_views_js';
if (is_callable($function)) {
$js .= call_user_func_array($function, array($pieform, $element));
}
}
$configjs = call_static_method($blocktypeclass, 'get_instance_config_javascript', $this);
if (is_array($configjs)) {
$js .= $this->get_get_javascript_javascript($configjs);
} else {
if (is_string($configjs)) {
$js .= $configjs;
}
}
// We need to load any dynamic css required for the pieform. We do this
// by checking for an api function that has been added especially for
// the purpose, but that is not part of Pieforms. Maybe one day later
// it will be though
$css = array();
foreach ($elements as $key => $element) {
$element['name'] = $key;
$function = 'pieform_element_' . $element['type'] . '_views_css';
if (is_callable($function)) {
$css[] = call_user_func_array($function, array($pieform, $element));
}
}
$renderedform = array('html' => $html, 'javascript' => $js, 'css' => $css);
return $renderedform;
}
/**
*
* @package mahara
* @subpackage admin
* @author Richard Mansfield
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
define('INTERNAL', 1);
define('INSTITUTIONALADMIN', 1);
define('MENUITEM', 'configusers');
require dirname(dirname(dirname(__FILE__))) . '/init.php';
require_once get_config('docroot') . 'lib/antispam.php';
define('TITLE', get_string('bulkactions', 'admin'));
$userids = array_map('intval', param_variable('users'));
$ph = $userids;
$institutionsql = '';
if (!$USER->get('admin')) {
// Filter the users by the admin's institutions
$institutions = array_values($USER->get('admininstitutions'));
$ph = array_merge($ph, $institutions);
$institutionsql = '
AND id IN (
SELECT usr FROM {usr_institution} WHERE institution IN (' . join(',', array_fill(0, count($institutions), '?')) . ')
)';
}
$users = get_records_sql_assoc('
SELECT
u.id, u.username, u.email, u.firstname, u.lastname, u.suspendedcusr, u.authinstance, u.studentid,
u.preferredname, CHAR_LENGTH(u.password) AS haspassword, aru.remoteusername AS remoteuser, u.lastlogin,
/**
*
* @package mahara
* @subpackage admin
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
define('INTERNAL', 1);
define('ADMIN', 1);
define('JSON', 1);
require dirname(dirname(dirname(__FILE__))) . '/init.php';
json_headers();
$name = param_variable('name');
$itemid = param_variable('itemid');
$data = new StdClass();
$data->title = $name;
if ($itemid == 'new') {
try {
$displayorders = get_records_array('group_category', '', '', '', 'displayorder');
$max = 0;
if ($displayorders) {
foreach ($displayorders as $r) {
$max = $r->displayorder >= $max ? $r->displayorder + 1 : $max;
}
}
$data->displayorder = $max;
$itemid = insert_record('group_category', $data, 'id', true);
} catch (Exception $e) {
json_reply('local', get_string('savefailed', 'admin'));
$feedlink = get_config('wwwroot') . 'interaction/forum/atom.php?type=f&id=' . $forum->id;
$moderators = get_column_sql('SELECT gm.user FROM {interaction_forum_moderator} gm
INNER JOIN {usr} u ON (u.id = gm.user AND u.deleted = 0)
WHERE gm.forum = ?', array($forumid));
// updates the selected topics as subscribed/closed/sticky
if ($membership && isset($_POST['checked'])) {
$checked = array_map('intval', array_keys($_POST['checked']));
// get type based on which button was pressed
if (isset($_POST['updatetopics'])) {
$type = $_POST['type'];
}
// check that user is only messing with topics from this forum
$alltopics = get_column('interaction_forum_topic', 'id', 'forum', $forumid, 'deleted', 0);
if ($checked == array_intersect($checked, $alltopics)) {
// $checked is a subset of the topics in this forum
form_validate(param_variable('sesskey', null));
if ($moderator && $type == 'sticky') {
set_field_select('interaction_forum_topic', 'sticky', 1, 'id IN (' . implode(',', $checked) . ')', array());
$SESSION->add_ok_msg(get_string('topicstickysuccess', 'interaction.forum'));
} else {
if ($moderator && $type == 'unsticky') {
set_field_select('interaction_forum_topic', 'sticky', 0, 'id IN (' . implode(',', $checked) . ')', array());
$SESSION->add_ok_msg(get_string('topicunstickysuccess', 'interaction.forum'));
} else {
if ($moderator && $type == 'closed') {
set_field_select('interaction_forum_topic', 'closed', 1, 'id IN (' . implode(',', $checked) . ')', array());
$SESSION->add_ok_msg(get_string('topicclosedsuccess', 'interaction.forum'));
} else {
if ($moderator && $type == 'open') {
set_field_select('interaction_forum_topic', 'closed', 0, 'id IN (' . implode(',', $checked) . ')', array());
$SESSION->add_ok_msg(get_string('topicopenedsuccess', 'interaction.forum'));
*
* @package mahara
* @subpackage core
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
define('INTERNAL', 1);
define('STAFF', 1);
define('JSON', 1);
require dirname(dirname(__FILE__)) . '/init.php';
require get_config('libroot') . 'registration.php';
$limit = param_integer('limit', 10);
$offset = param_integer('offset', 0);
$extradata = json_decode(param_variable('extradata'));
$type = param_alpha('type', 'users');
$subpages = array('users', 'groups', 'views', 'content', 'historical', 'institutions');
if (!in_array($type, $subpages)) {
$type = 'users';
}
if ($type == 'historical') {
$field = isset($extradata->field) ? $extradata->field : 'count_usr';
}
if ($type == 'institutions') {
$sort = isset($extradata->sort) ? $extradata->sort : 'displayname';
$sortdesc = isset($extradata->sortdesc) ? $extradata->sortdesc : false;
}
switch ($type) {
case 'institutions':
$data = institution_comparison_stats_table($limit, $offset, $sort, $sortdesc);
<?php
/**
*
* @package mahara
* @subpackage core
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
define('INTERNAL', 1);
define('JSON', 1);
require dirname(dirname(__FILE__)) . '/init.php';
require_once 'searchlib.php';
$tag = param_variable('tag', null);
$limit = param_integer('limit', 10);
$offset = param_integer('offset', 0);
$sort = param_alpha('sort', 'name');
$type = param_alpha('type', null);
$owner = (object) array('type' => 'user', 'id' => $USER->get('id'));
$data = get_portfolio_items_by_tag($tag, $owner, $limit, $offset, $sort, $type);
build_portfolio_search_html($data);
$data->tagdisplay = is_null($tag) ? get_string('alltags') : hsc(str_shorten_text($tag, 50));
$data->tagurl = urlencode($tag);
json_reply(false, array('data' => $data));
*/
define('INTERNAL', 1);
define('JSON', 1);
require dirname(dirname(__FILE__)) . '/init.php';
require_once 'searchlib.php';
safe_require('search', 'internal');
try {
$query = param_variable('query');
} catch (ParameterException $e) {
json_reply('missingparameter', 'Missing parameter \'query\'');
}
$limit = param_integer('limit', 20);
$offset = param_integer('offset', 0);
$allfields = param_boolean('allfields');
$group = param_integer('group', 0);
$includeadmins = param_boolean('includeadmins', true);
$orderby = param_variable('orderby', 'firstname');
$options = array('orderby' => $orderby);
if ($group) {
$options['group'] = $group;
$options['includeadmins'] = $includeadmins;
$data = search_user($query, $limit, $offset, $options);
} else {
$data = search_user($query, $limit, $offset, $options);
}
if ($data['data']) {
foreach ($data['data'] as &$result) {
$result = array('id' => $result['id'], 'name' => $result['name']);
}
}
json_reply(false, $data);
*
* @package mahara
* @subpackage auth-webservice
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
define('INTERNAL', 1);
define('ADMIN', 1);
define('MENUITEM', 'configextensions/webservices');
require dirname(dirname(dirname(__FILE__))) . '/init.php';
define('TITLE', get_string('pluginadmin', 'admin'));
require_once 'pieforms/pieform.php';
require_once get_config('docroot') . 'api/xmlrpc/lib.php';
$token = param_variable('token', 0);
// lookup user cancelled
if ($token == 'add') {
redirect('/webservice/admin/index.php?open=webservices_token');
}
$dbtoken = get_record('external_tokens', 'id', $token);
if (empty($dbtoken)) {
$SESSION->add_error_msg(get_string('invalidtoken', 'auth.webservice'));
redirect('/webservice/admin/index.php?open=webservices_token');
}
$dbuser = get_record('usr', 'id', $dbtoken->userid);
$dbservice = get_record('external_services', 'id', $dbtoken->externalserviceid);
$token_details = array('name' => 'allocate_webservice_tokens', 'successcallback' => 'allocate_webservice_tokens_submit', 'validatecallback' => 'allocate_webservice_tokens_validate', 'jsform' => true, 'renderer' => 'multicolumntable', 'elements' => array('tokenid' => array('type' => 'hidden', 'value' => $dbtoken->id)));
$institutions = get_records_array('institution');
$iopts = array();
foreach ($institutions as $institution) {
*
* @package mahara
* @subpackage admin
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
define('INTERNAL', 1);
define('ADMIN', 1);
define('MENUITEM', 'configextensions/pluginadmin');
require dirname(dirname(dirname(__FILE__))) . '/init.php';
define('TITLE', get_string('pluginadmin', 'admin'));
require_once 'pieforms/pieform.php';
$plugintype = param_alpha('plugintype');
$pluginname = param_variable('pluginname');
define('SECTION_PLUGINTYPE', $plugintype);
define('SECTION_PLUGINNAME', $pluginname);
define('SECTION_PAGE', 'pluginconfig');
safe_require($plugintype, $pluginname);
$enable = param_integer('enable', 0);
$disable = param_integer('disable', 0);
if ($disable && !call_static_method(generate_class_name($plugintype, $pluginname), 'can_be_disabled')) {
throw new UserException("Plugin {$plugintype} {$pluginname} cannot be disabled");
}
if ($enable || $disable) {
require_once get_config('libroot') . 'upgrade.php';
clear_menu_cache();
activate_plugin_form($plugintype, get_record($plugintype . '_installed', 'name', $pluginname));
}
if ($plugintype == 'artefact') {
$classname = generate_artefact_class_name($type);
try {
$artefact = artefact_instance_from_type($type);
} catch (Exception $e) {
$artefact = new $classname(0, array('owner' => $USER->get('id')));
$artefact->commit();
}
} else {
throw new ArtefactNotFoundException(get_string('cannotfindcreateartefact', 'artefact.resume'));
}
}
if ($artefact->get('owner') != $USER->get('id')) {
throw new AccessDeniedException(get_string('notartefactowner', 'error'));
}
$folder = param_integer('folder', 0);
$browse = (int) param_variable('browse', 0);
$highlight = null;
if ($file = param_integer('file', 0)) {
$highlight = array($file);
}
$form = pieform(array('name' => 'editgoalsandskills', 'method' => 'post', 'jsform' => true, 'newiframeonsubmit' => true, 'jssuccesscallback' => 'editgoalsandskills_callback', 'jserrorcallback' => 'editgoalsandskills_callback', 'plugintype' => 'artefact', 'pluginname' => 'resume', 'configdirs' => array(get_config('libroot') . 'form/', get_config('docroot') . 'artefact/file/form/'), 'elements' => array('description' => array('type' => 'wysiwyg', 'title' => get_string('description', 'artefact.resume'), 'rows' => 20, 'cols' => 65, 'defaultvalue' => $artefact->get('description'), 'rules' => array('maxlength' => 65536)), 'filebrowser' => array('type' => 'filebrowser', 'title' => get_string('attachments', 'artefact.blog'), 'folder' => $folder, 'highlight' => $highlight, 'browse' => $browse, 'page' => get_config('wwwroot') . 'artefact/resume/editgoalsandskills.php?id=' . $artefact->get('id') . '&browse=1', 'browsehelp' => 'browsemyfiles', 'config' => array('upload' => true, 'uploadagreement' => get_config_plugin('artefact', 'file', 'uploadagreement'), 'resizeonuploaduseroption' => get_config_plugin('artefact', 'file', 'resizeonuploaduseroption'), 'resizeonuploaduserdefault' => $USER->get_account_preference('resizeonuploaduserdefault'), 'createfolder' => false, 'edit' => false, 'select' => true), 'defaultvalue' => $artefact->attachment_id_list(), 'selectlistcallback' => 'artefact_get_records_by_id', 'selectcallback' => 'add_resume_attachment', 'unselectcallback' => 'delete_resume_attachment'), 'artefacttype' => array('type' => 'hidden', 'value' => $artefact->get('artefacttype')), 'submitform' => array('type' => 'submitcancel', 'class' => 'btn-success', 'value' => array(get_string('save'), get_string('cancel')), 'goto' => get_config('wwwroot') . 'artefact/resume/goalsandskills.php'))));
/*
* Javascript specific to this page. Creates the list of files
* attached to the resume goals or skills.
*/
$wwwroot = get_config('wwwroot');
$noimagesmessage = json_encode(get_string('noimageshavebeenattachedtothispost', 'artefact.blog'));
$javascript = <<<EOF
function editgoalsandskills_callback(form, data) {
editgoalsandskills_filebrowser.callback(form, data);
};
require_once get_config('libroot') . 'pieforms/pieform.php';
safe_require('artefact', 'annotation');
// Pagination is not really working here so extradata won't
// really be a parameter.
$extradata = json_decode(param_variable('extradata', null));
$ispagination = false;
if (param_exists('offset')) {
$ispagination = true;
$limit = param_integer('limit', 10);
$offset = param_integer('offset');
}
if (!isset($extradata)) {
$viewid = json_decode(param_variable('viewid'));
$annotationid = json_decode(param_variable('annotationid'));
$artefactid = json_decode(param_variable('artefactid', ''));
$blockid = json_decode(param_variable('blockid'));
$extradata = new stdClass();
$extradata->view = $viewid;
$extradata->artefact = $artefactid;
$extradata->annotation = $annotationid;
$extradata->blockid = $blockid;
}
if (empty($extradata->view) || empty($extradata->annotation) || empty($extradata->blockid)) {
json_reply('local', get_string('annotationinformationerror', 'artefact.annotation'));
}
if (!can_view_view($extradata->view)) {
json_reply('local', get_string('noaccesstoview', 'view'));
}
if (!artefact_in_view($extradata->annotation, $extradata->view)) {
json_reply('local', get_string('accessdenied', 'error'));
}
*
* @package mahara
* @subpackage core
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL
* @copyright (C) 2006-2008 Catalyst IT Ltd http://catalyst.net.nz
*
*/
define('INTERNAL', 1);
define('JSON', 1);
require dirname(dirname(__FILE__)) . '/init.php';
json_headers();
$data = new StdClass();
$data->view = param_integer('view');
$data->artefact = param_integer('artefact', null);
$data->message = param_variable('message');
$data->public = param_boolean('public') ? 1 : 0;
$data->attachment = param_integer('attachment', null);
$data->author = $USER->get('id');
$data->ctime = db_format_timestamp(time());
if ($data->artefact) {
$table = 'artefact_feedback';
} else {
$table = 'view_feedback';
}
if (!insert_record($table, $data, 'id', true)) {
json_reply('local', get_string('addfeedbackfailed', 'view'));
}
require_once 'activity.php';
activity_occurred('feedback', $data);
json_reply(false, get_string('feedbacksubmitted', 'view'));
// so it differs from the atime in the View constructor and so triggers
// the saving of the atime change. Can't use $view->set('dirty', true)
// as that will also get the view object to update the mtime which is not
// what we want.
$view->set('atime', time() - 1);
$view->commit();
}
// Feedback list pagination requires limit/offset params
$limit = param_integer('limit', 10);
$offset = param_integer('offset', 0);
$showcomment = param_integer('showcomment', null);
// Create the "make feedback private form" now if it's been submitted
if (param_variable('make_public_submit', null)) {
pieform(ArtefactTypeComment::make_public_form(param_integer('comment')));
} else {
if (param_variable('delete_comment_submit_x', null)) {
pieform(ArtefactTypeComment::delete_comment_form(param_integer('comment')));
}
}
$owner = $view->get('owner');
$viewtype = $view->get('type');
if ($viewtype == 'profile' || $viewtype == 'dashboard' || $viewtype == 'grouphomepage') {
redirect($view->get_url());
}
define('TITLE', $view->get('title'));
$collection = $view->get('collection');
$submittedgroup = (int) $view->get('submittedgroup');
if ($USER->is_logged_in() && $submittedgroup && group_user_can_assess_submitted_views($submittedgroup, $USER->get('id'))) {
// The user is a tutor of the group that this view has
// been submitted to, and is entitled to release the view
$submittedgroup = get_record('group', 'id', $submittedgroup);
