/** * Handle requests to the redirect URL. * * @return mixed Determined by loginflow. */ public function handleredirect() { $state = param_variable('state', null); $promptlogin = (bool) param_variable('promptlogin', 0); if (!empty($state)) { // Response from OP. $this->handleauthresponse($_REQUEST); } else { // Initial login request. $this->initiateauthrequest($promptlogin, array('forceflow' => 'authcode')); } }
function delete_all_notifications_submit() { global $USER, $SESSION; $userid = $USER->get('id'); $type = param_variable('type', 'all'); $typesql = ''; if ($type != 'all') { // Treat as comma-separated list of activity type names $types = explode(',', preg_replace('/[^a-z,]+/', '', $type)); if ($types) { $typesql = ' at.name IN (' . join(',', array_map('db_quote', $types)) . ')'; if (in_array('adminmessages', $types)) { $typesql = '(' . $typesql . ' OR at.admin = 1)'; } $typesql = ' AND ' . $typesql; } } $from = "\n FROM {notification_internal_activity} a\n JOIN {activity_type} at ON a.type = at.id\n WHERE a.usr = ? {$typesql}"; $values = array($userid); db_begin(); $count = 0; $records = get_records_sql_array('SELECT a.id ' . $from, $values); if ($records) { $count = sizeof($records); $ids = array(); foreach ($records as $row) { $ids[] = $row->id; } // Remove parent pointers to messages we're about to delete execute_sql(' UPDATE {notification_internal_activity} SET parent = NULL WHERE parent IN ( ' . join(',', array_map('db_quote', $ids)) . ' )'); // delete execute_sql(' DELETE FROM {notification_internal_activity} WHERE id IN ( ' . join(',', array_map('db_quote', $ids)) . ' )'); // The update_unread_delete db trigger on notification_internal_activity // will update the unread column on the usr table. } db_commit(); $SESSION->add_ok_msg(get_string('deletednotifications1', 'activity', $count)); safe_require('module', 'multirecipientnotification'); if (PluginModuleMultirecipientnotification::is_active()) { redirect(get_config('wwwroot') . 'module/multirecipientnotification/inbox.php?type=' . $type); } else { redirect(get_config('wwwroot') . 'account/activity/index.php?type=' . $type); } }
public static function render_instance(BlockInstance $instance, $editing = false) { global $USER; if ($editing) { $smarty = smarty_core(); $smarty->assign('editing', get_string('ineditordescription1', 'blocktype.comment/comment')); $html = $smarty->fetch('blocktype:comment:comment.tpl'); return $html; } // Feedback list pagination requires limit/offset params $limit = param_integer('limit', 10); $offset = param_integer('offset', 0); $showcomment = param_integer('showcomment', null); // Create the "make feedback private form" now if it's been submitted if (param_variable('make_public_submit', null)) { pieform(ArtefactTypeComment::make_public_form(param_integer('comment'))); } else { if (param_variable('delete_comment_submit_x', null)) { pieform(ArtefactTypeComment::delete_comment_form(param_integer('comment'))); } } $view = new View($instance->get('view')); $submittedgroup = (int) $view->get('submittedgroup'); if ($USER->is_logged_in() && $submittedgroup && group_user_can_assess_submitted_views($submittedgroup, $USER->get('id'))) { $releaseform = true; } else { $releaseform = false; } // If the view has comments turned off, tutors can still leave // comments if the view is submitted to their group. if (!empty($releaseform) || $view->user_comments_allowed($USER)) { $addfeedbackpopup = true; } safe_require('artefact', 'comment'); $commentoptions = ArtefactTypeComment::get_comment_options(); $commentoptions->limit = $limit; $commentoptions->offset = $offset; $commentoptions->showcomment = $showcomment; $commentoptions->view = $instance->get_view(); $feedback = ArtefactTypeComment::get_comments($commentoptions); $smarty = smarty_core(); $smarty->assign('feedback', $feedback); if (isset($addfeedbackpopup)) { $smarty->assign('enablecomments', 1); $smarty->assign('addfeedbackpopup', $addfeedbackpopup); } $html = $smarty->fetch('blocktype:comment:comment.tpl'); return $html; }
function search_submit(Pieform $form, $values) { // Convert (query,type) parameters from form to (query,tag) global $queryparams, $tag, $query, $share; if (isset($queryparams['query'])) { unset($queryparams['query']); $query = null; } if (isset($queryparams['tag'])) { unset($queryparams['tag']); $tag = null; } if (isset($values['query']) && $values['query'] != '') { if ($values['type'] == 'tagsonly') { $queryparams['tag'] = $tag = $values['query']; } else { $queryparams['query'] = $query = $values['query']; } } $share = $queryparams['share'] = param_variable('share', array()); }
public static function render_instance(BlockInstance $instance, $editing = false) { require_once get_config('docroot') . 'artefact/lib.php'; global $USER; $smarty = smarty_core(); $filter = param_alpha('filter', 'canjoin'); $query = param_variable('query', ''); // check that the filter is valid, if not default to 'all' if (in_array($filter, array('member', 'notmember', 'canjoin'))) { $type = $filter; } else { // all or some other text $filter = 'all'; $type = 'all'; } $filter_elements = array(); $filter_elements['query'] = array('title' => get_string('search'), 'defaultvalue' => $query); $filter_elements['filter'] = array('title' => get_string('filter'), 'options' => array('canjoin' => get_string('groupsicanjoin', 'group'), 'notmember' => get_string('groupsnotin', 'group'), 'member' => get_string('groupsimin', 'group'), 'all' => get_string('allgroups', 'group')), 'defaultvalue' => $filter); $filter_elements['search'] = array('type' => 'submit', 'value' => get_string('search')); $smarty->assign('filter_elements', $filter_elements); return $smarty->fetch('blocktype:eselmasearchgroup:content.tpl'); }
function pieform_element_filebrowser_changefolder(Pieform $form, $element, $folder) { $owner = $ownerid = $group = $institution = $user = null; $prefix = $form->get_name() . '_' . $element['name']; if (isset($element['tabs'])) { if ($owner = param_variable($prefix . '_owner', null)) { if ($owner == 'site') { $owner = 'institution'; $institution = $ownerid = 'mahara'; } else { if ($ownerid = param_variable($prefix . '_ownerid', null)) { if ($owner == 'group') { $group = (int) $ownerid; } else { if ($owner == 'institution') { $institution = $ownerid; } else { if ($owner == 'user') { $user = true; } } } } } } } // If changing to a group folder, check whether the user can edit it if ($g = $owner ? $group : $form->get_property('group')) { if (!pieform_element_filebrowser_view_group_folder($g, $folder)) { return array('error' => true, 'message' => get_string('cannotviewfolder', 'artefact.file')); } $editgroupfolder = pieform_element_filebrowser_edit_group_folder($g, $folder); } return array('error' => false, 'changedfolder' => true, 'folder' => $folder, 'disableedit' => isset($editgroupfolder) && $editgroupfolder == false, 'newlist' => pieform_element_filebrowser_build_filelist($form, $element, $folder, null, $user, $group, $institution), 'newpath' => pieform_element_filebrowser_build_path($form, $element, $folder, $owner, $ownerid)); }
* @subpackage artefact-blog * @author Catalyst IT Ltd * @license http://www.gnu.org/copyleft/gpl.html GNU GPL * @copyright (C) 2006-2008 Catalyst IT Ltd http://catalyst.net.nz * */ define('INTERNAL', 1); define('JSON', 1); define('PUBLIC', 1); require dirname(dirname(dirname(dirname(__FILE__)))) . '/init.php'; safe_require('artefact', 'blog'); json_headers(); $id = param_integer('id'); $limit = param_integer('limit', ArtefactTypeBlog::pagination); $offset = param_integer('offset', 0); $options = json_decode(param_variable('options')); $viewid = isset($options->viewid) ? $options->viewid : null; if ($viewid) { if (!can_view_view($viewid)) { throw new AccessDeniedException(); } } else { if (!$USER->is_logged_in()) { throw new AccessDeniedException(); } if (!$viewid && get_field('artefact', 'owner', 'id', $id) != $USER->get('id')) { throw new AccessDeniedException(); } } list($count, $data) = ArtefactTypeBlogPost::render_posts(FORMAT_ARTEFACT_RENDERFULL, $options, $id, $limit, $offset); if (!$count) {
protected static function get_data($groupid) { global $USER; if (!defined('GROUP')) { define('GROUP', $groupid); } // get the currently requested group $group = group_current_group(); $group->ctime = strftime(get_string('strftimedate'), $group->ctime); // if the user isn't logged in an the group isn't public don't show anything if (!is_logged_in() && !$group->public) { throw new AccessDeniedException(); } // find the group administrators $group->admins = get_column_sql("SELECT \"member\"\n FROM {group_member}\n WHERE \"group\" = ?\n AND \"role\" = 'admin'", array($group->id)); $role = group_user_access($group->id); $group->role = $role; // logged in user can do stuff if (is_logged_in()) { $afterjoin = param_variable('next', 'view'); if ($role) { if ($role == 'admin') { $group->membershiptype = 'admin'; $group->requests = count_records('group_member_request', 'group', $group->id); } else { $group->membershiptype = 'member'; } $group->canleave = group_user_can_leave($group->id); } else { if ($group->jointype == 'invite' and $invite = get_record('group_member_invite', 'group', $group->id, 'member', $USER->get('id'))) { $group->membershiptype = 'invite'; $group->invite = group_get_accept_form('invite', $group->id, $afterjoin); } else { if ($group->jointype == 'request' and $request = get_record('group_member_request', 'group', $group->id, 'member', $USER->get('id'))) { $group->membershiptype = 'request'; } else { if ($group->jointype == 'open') { $group->groupjoin = group_get_join_form('joingroup', $group->id, $afterjoin); } } } } } $group->settingsdescription = group_display_settings($group); if (get_config('allowgroupcategories')) { $group->categorytitle = $group->category ? get_field('group_category', 'title', 'id', $group->category) : ''; } $filecounts = ArtefactTypeFileBase::count_user_files(null, $group->id, null); return array('group' => $group, 'filecounts' => $filecounts); }
/** * * @package mahara * @subpackage module-multirecipientnotification * @author David Ballhausen, Tobias Zeuch * @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later * @copyright For copyright information on Mahara, please see the README file distributed with this software. * */ define('INTERNAL', 1); define('JSON', 1); require dirname(dirname(dirname(__FILE__))) . '/init.php'; require_once dirname(__FILE__) . '/lib/multirecipientnotification.php'; require_once get_config('docroot') . '/lib/searchlib.php'; global $USER; $request = param_variable('q'); $page = param_integer('page'); if ($page < 1) { $page = 1; } $usersperpage = 10; $more = true; $tmpuser = array(); while ($more && count($tmpuser) < $usersperpage) { $users = search_user($request, $usersperpage, $usersperpage * ($page - 1)); $more = $users['count'] > $usersperpage * $page; if (!$users['data']) { $users['data'] = array(); } foreach ($users['data'] as $user) { if (count($tmpuser) >= $usersperpage) {
/** * used by user/myfriends.php and user/find.php to get the data (including pieforms etc) for display * @param $userlist the ids separated by commas * @return array containing the users in the order from $userlist */ function get_users_data($userlist, $getviews = true) { global $USER; // $userlist is only used by build_userlist_html() in this file and is sanitised there $sql = 'SELECT u.id, u.username, u.preferredname, u.firstname, u.lastname, u.admin, u.staff, u.deleted, u.profileicon, u.email, 0 AS pending, ap.value AS hidenamepref, COALESCE((SELECT ap.value FROM {usr_account_preference} ap WHERE ap.usr = u.id AND ap.field = \'messages\'), \'allow\') AS messages, COALESCE((SELECT ap.value FROM {usr_account_preference} ap WHERE ap.usr = u.id AND ap.field = \'friendscontrol\'), \'auth\') AS friendscontrol, (SELECT 1 FROM {usr_friend} WHERE ((usr1 = ? AND usr2 = u.id) OR (usr2 = ? AND usr1 = u.id))) AS friend, (SELECT 1 FROM {usr_friend_request} fr WHERE fr.requester = ? AND fr.owner = u.id) AS requestedfriendship, (SELECT title FROM {artefact} WHERE artefacttype = \'introduction\' AND owner = u.id) AS introduction, NULL AS message FROM {usr} u LEFT JOIN {usr_account_preference} ap ON (u.id = ap.usr AND ap.field = \'hiderealname\') WHERE u.id IN (' . $userlist . ') UNION SELECT u.id, u.username, u.preferredname, u.firstname, u.lastname, u.admin, u.staff, u.deleted, u.profileicon, u.email, 1 AS pending, ap.value AS hidenamepref, COALESCE((SELECT ap.value FROM {usr_account_preference} ap WHERE ap.usr = u.id AND ap.field = \'messages\'), \'allow\') AS messages, NULL AS friendscontrol, NULL AS friend, NULL AS requestedfriendship, (SELECT title FROM {artefact} WHERE artefacttype = \'introduction\' AND owner = u.id) AS introduction, message FROM {usr} u LEFT JOIN {usr_account_preference} ap ON (u.id = ap.usr AND ap.field = \'hiderealname\') JOIN {usr_friend_request} fr ON fr.requester = u.id WHERE fr.owner = ? AND u.id IN (' . $userlist . ')'; $userid = $USER->get('id'); $data = get_records_sql_assoc($sql, array($userid, $userid, $userid, $userid)); $allowhidename = get_config('userscanhiderealnames'); $showusername = get_config('searchusernames'); foreach ($data as &$record) { $record->messages = $record->messages == 'allow' || $record->friend && $record->messages == 'friends' || $USER->get('admin') ? 1 : 0; $record->institutions = get_institution_string_for_user($record->id); $record->display_name = display_name($record, null, false, !$allowhidename || !$record->hidenamepref, $showusername); } if (!$data || !$getviews || !($views = get_views(array_keys($data), null, null))) { $views = array(); } if ($getviews) { $viewcount = array_map('count', $views); // since php is so special and inconsistent, we can't use array_map for this because it breaks the top level indexes. $cleanviews = array(); foreach ($views as $userindex => $viewarray) { $cleanviews[$userindex] = array_slice($viewarray, 0, 5); // Don't reveal any more about the view than necessary foreach ($cleanviews as $userviews) { foreach ($userviews as &$view) { foreach (array_keys(get_object_vars($view)) as $key) { if ($key != 'id' && $key != 'title') { unset($view->{$key}); } } } } } } foreach ($data as $friend) { if ($getviews && isset($cleanviews[$friend->id])) { $friend->views = $cleanviews[$friend->id]; } if ($friend->pending) { $friend->accept = pieform(array('name' => 'acceptfriend' . $friend->id, 'successcallback' => 'acceptfriend_submit', 'renderer' => 'div', 'autofocus' => 'false', 'elements' => array('submit' => array('type' => 'submit', 'value' => get_string('approverequest', 'group')), 'id' => array('type' => 'hidden', 'value' => $friend->id)))); } if (!$friend->friend && !$friend->pending && !$friend->requestedfriendship && $friend->friendscontrol == 'auto') { $friend->makefriend = pieform(array('name' => 'addfriend' . $friend->id, 'successcallback' => 'addfriend_submit', 'renderer' => 'div', 'autofocus' => 'false', 'elements' => array('submit' => array('type' => 'submit', 'value' => get_string('addtofriendslist', 'group')), 'id' => array('type' => 'hidden', 'value' => $friend->id), 'query' => array('type' => 'hidden', 'value' => param_variable('query', '')), 'offset' => array('type' => 'hidden', 'value' => param_integer('offset', 0))))); } } $order = explode(',', $userlist); $ordereddata = array(); foreach ($order as $id) { if (isset($data[$id])) { $ordereddata[] = $data[$id]; } } return $ordereddata; }
$markasread = param_integer('markasread', 0); $delete = param_integer('delete', 0); if ($readone) { if ('notification_internal_activity' === $table) { set_field($table, 'read', 1, 'id', $readone, 'usr', $USER->get('id')); } else { if ('artefact_multirecipient_notification' === $table) { mark_as_read_mr(array($readone), $USER->get('id')); } } $unread = $USER->add_unread(-1); $data = array('newunreadcount' => $unread, 'newimage' => $THEME->get_url($unread ? 'images/newmail.png' : 'images/message.png')); json_reply(false, array('data' => $data)); } require_once get_config('libroot') . 'activity.php'; $type = param_variable('type', 'all'); $limit = param_integer('limit', 10); $offset = param_integer('offset', 0); $message = false; if ($markasread) { $ids = array(); $m = array(); foreach ($_GET as $k => $v) { if (preg_match('/^unread\\-([a-zA-Z_]+)\\-(\\d+)$/', $k, $m)) { $table = $m[1]; $ids[$table][] = $m[2]; } } foreach ($ids as $table => $idspertable) { if ($idspertable) { if ('artefact_multirecipient_notification' === $table) {
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later * @copyright For copyright information on Mahara, please see the README file distributed with this software. * */ define('INTERNAL', 1); define('SECTION_PLUGINTYPE', 'core'); define('SECTION_PLUGINNAME', 'collection'); define('SECTION_PAGE', 'views'); require dirname(dirname(__FILE__)) . '/init.php'; require_once 'pieforms/pieform.php'; require_once 'collection.php'; require_once 'view.php'; $id = param_integer('id'); // view addition/displayorder values $view = param_integer('view', 0); $direction = param_variable('direction', ''); $collection = new Collection($id); if (!$USER->can_edit_collection($collection)) { throw new AccessDeniedException(get_string('canteditcollection', 'collection')); } $sesskey = $USER->get('sesskey'); $inlinejs = ''; if ($accesschanged = $SESSION->get('pageaccesschanged')) { $alertstr = get_string('viewsaddedaccesschanged', 'collection'); foreach ($accesschanged as $viewid) { $changedview = new View($viewid); $alertstr .= " " . json_encode($changedview->get('title')) . ","; } $alertstr = substr($alertstr, 0, -1) . '.'; $alertstr = get_string('viewsaddedtocollection1', 'collection', $SESSION->get('pagesadded')) . ' ' . $alertstr; $inlinejs = <<<EOF
$remove = param_variable('removeuser', null); $member = param_integer('member', null); if ($remove && $member) { // Create the remove user pieform for the user that's being removed. // The form's submit function will be called as soon as the form // is generated. // // We do this now because the user could be on the 2nd page of // results, so their remove form might never get generated on // this page. And also because generating the rest of the page // would be a waste of time -- the submit function just redirects // back here. group_get_removeuser_form($member, $group->id); } // Search related stuff for member pager $query = trim(param_variable('query', '')); // pagination params $setlimit = true; //Enable choosing page size; list of page sizes has been predefined in function build_pagination() $offset = param_integer('offset', 0); $limit = param_integer('limit', 10); // Sort options index and list of sort options // ORDER BY statements defined in group_user_search function need to be matched $sortoptions = array('adminfirst' => get_string('adminfirst'), 'nameatoz' => get_string('nameatoz'), 'nameztoa' => get_string('nameztoa'), 'firstjoined' => get_string('firstjoined'), 'lastjoined' => get_string('lastjoined')); $sortoptionidx = param_alpha('sortoption', 'adminfirst'); if ($membershiptype == 'request') { array_shift($sortoptions); $sortoptionidx = param_alpha('sortoption', 'nameatoz'); } $results = get_group_user_search_results($group->id, $query, $offset, $limit, $membershiptype, null, null, $sortoptionidx); list($html, $pagination, $count, $offset, $membershiptype) = group_get_membersearch_data($results, $group->id, $query, $membershiptype, $setlimit, $sortoptionidx);
* @package mahara * @subpackage core * @author Catalyst IT Ltd * @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later * @copyright For copyright information on Mahara, please see the README file distributed with this software. * */ // NOTE: this JSON script is used by the 'viewacl' element. It could probably // be moved elsewhere without harm if necessary (e.g. if the 'viewacl' element // was used in more places define('INTERNAL', 1); define('JSON', 1); require dirname(dirname(__FILE__)) . '/init.php'; require_once 'searchlib.php'; $type = param_variable('type'); $query = param_variable('query', ''); $page = param_integer('page'); $limit = 10; if ($page < 1) { $page = 1; } $offset = ($page - 1) * $limit; switch ($type) { case 'friend': $data = search_user($query, $limit, $offset, array('exclude' => $USER->get('id'), 'friends' => true)); break; case 'user': $data = search_user($query, $limit, $offset, array('exclude' => $USER->get('id'))); break; case 'group': require_once 'group.php';
$sp = param_alphanumext('as', 'default-sp'); if (!in_array($sp, SimpleSAML_Auth_Source::getSources())) { $sp = 'default-sp'; } $as = new SimpleSAML_Auth_Simple($sp); // Check the SimpleSAMLphp config is compatible $saml_config = SimpleSAML_Configuration::getInstance(); $session_handler = $saml_config->getString('session.handler', false); $store_type = $saml_config->getString('store.type', false); if ($store_type == 'phpsession' || $session_handler == 'phpsession' || empty($store_type) && empty($session_handler)) { throw new AuthInstanceException(get_string('errorbadssphp', 'auth.saml')); } // what is the session like? $valid_saml_session = $saml_session->isValid($sp); // figure out what the returnto URL should be $wantsurl = param_variable("wantsurl", false); if (!$wantsurl) { if (isset($_SESSION['wantsurl'])) { $wantsurl = $_SESSION['wantsurl']; } else { if (!$saml_session->getIdP()) { $wantsurl = array_key_exists('HTTP_REFERER', $_SERVER) ? $_SERVER['HTTP_REFERER'] : $CFG->wwwroot; } else { $wantsurl = $CFG->wwwroot; } } } // taken from Moodle clean_param - make sure the wantsurl is correctly formed include_once 'validateurlsyntax.php'; if (!validateUrlSyntax($wantsurl, 's?H?S?F?E?u-P-a?I?p?f?q?r?')) { $wantsurl = $CFG->wwwroot;
* * @package mahara * @subpackage admin * @author Catalyst IT Ltd * @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later * @copyright For copyright information on Mahara, please see the README file distributed with this software. * */ define('INTERNAL', 1); define('ADMIN', 1); define('INSTALLER', 1); define('JSON', 1); require dirname(dirname(__FILE__)) . '/init.php'; require get_config('libroot') . 'upgrade.php'; require get_config('docroot') . 'local/install.php'; $name = param_variable('name'); $install = $name == 'firstcoredata' || $name == 'lastcoredata' || $name == 'localpreinst' || $name == 'localpostinst'; if (!$install) { $upgrade = check_upgrades($name); if (!empty($upgrade) && empty($upgrade->disablelogin)) { auth_setup(); } } raise_time_limit(120); raise_memory_limit('256M'); $data = array('key' => $name); if ($install) { if (!get_config('installed')) { if ($name == 'localpreinst' || $name == 'localpostinst') { $fun = $name; $data['localdata'] = true;
public static function views_by_owner($group = null, $institution = null) { global $USER; // Pagination configuration $setlimit = true; $limit = param_integer('limit', 0); $userlimit = get_account_preference($USER->get('id'), 'viewsperpage'); if ($limit > 0 && $limit != $userlimit) { $USER->set_account_preference('viewsperpage', $limit); } else { $limit = $userlimit; } $offset = param_integer('offset', 0); // load default page order from user settings as default and overwrite, if changed $usersettingorderby = get_account_preference($USER->get('id'), 'orderpagesby'); $orderby = param_variable('orderby', $usersettingorderby); if ($usersettingorderby !== $orderby) { set_account_preference($USER->get('id'), 'orderpagesby', $orderby); } $query = param_variable('query', null); $tag = param_variable('tag', null); $searchoptions = array('titleanddescription' => get_string('titleanddescription', 'view'), 'tagsonly' => get_string('tagsonly', 'view')); if (!empty($tag)) { $searchtype = 'tagsonly'; $searchdefault = $tag; $query = null; } else { $searchtype = 'titleanddescription'; $searchdefault = $query; } $searchform = array('name' => 'searchviews', 'checkdirtychange' => false, 'class' => 'with-heading form-inline', 'elements' => array('searchwithin' => array('type' => 'fieldset', 'class' => 'dropdown-group js-dropdown-group', 'elements' => array('query' => array('type' => 'text', 'title' => get_string('search') . ': ', 'class' => 'with-dropdown js-with-dropdown', 'defaultvalue' => $searchdefault), 'type' => array('title' => get_string('searchwithin') . ': ', 'class' => 'dropdown-connect js-dropdown-connect searchviews-type', 'type' => 'select', 'options' => $searchoptions, 'defaultvalue' => $searchtype))), 'setlimit' => array('type' => 'hidden', 'value' => $setlimit), 'orderbygroup' => array('type' => 'fieldset', 'class' => 'input-group', 'elements' => array('orderby' => array('type' => 'select', 'class' => 'input-small', 'title' => get_string('sortby'), 'options' => array('atoz' => get_string('defaultsort', 'view'), 'latestcreated' => get_string('latestcreated', 'view'), 'latestmodified' => get_string('latestmodified', 'view'), 'latestviewed' => get_string('latestviewed', 'view'), 'mostvisited' => get_string('mostvisited', 'view'), 'mostcomments' => get_string('mostcomments', 'view')), 'defaultvalue' => $orderby), 'submit' => array('type' => 'button', 'usebuttontag' => true, 'class' => 'btn-primary input-group-btn no-label', 'value' => get_string('search')))))); if ($group) { $searchform['elements']['group'] = array('type' => 'hidden', 'name' => 'group', 'value' => $group); } else { if ($institution) { $searchform['elements']['institution'] = array('type' => 'hidden', 'name' => 'institution', 'value' => $institution); } } $searchform = pieform($searchform); $data = self::get_myviews_data($limit, $offset, $query, $tag, $group, $institution, $orderby); $url = self::get_myviews_url($group, $institution, $query, $tag, $orderby); $pagination = build_pagination(array('url' => $url, 'count' => $data->count, 'limit' => $limit, 'setlimit' => $setlimit, 'offset' => $offset, 'jumplinks' => 6, 'numbersincludeprevnext' => 2)); return array($searchform, $data, $pagination); }
/** * Builds the configuration pieform for this blockinstance * * @return array Array with two keys: 'html' for raw html, 'javascript' for * javascript to run, 'css' for dynamic css to add to header */ public function build_configure_form($new = false) { static $renderedform; if (!empty($renderedform)) { return $renderedform; } safe_require('blocktype', $this->get('blocktype')); $blocktypeclass = generate_class_name('blocktype', $this->get('blocktype')); $elements = call_static_method($blocktypeclass, 'instance_config_form', $this, $this->get_view()->get('template')); // Block types may specify a method to generate a default title for a block $hasdefault = method_exists($blocktypeclass, 'get_instance_title'); $title = $this->get('title'); $configdata = $this->get('configdata'); $retractable = isset($configdata['retractable']) ? $configdata['retractable'] : false; $retractedonload = isset($configdata['retractedonload']) ? $configdata['retractedonload'] : $retractable; if (call_static_method($blocktypeclass, 'override_instance_title', $this)) { $titleelement = array('type' => 'hidden', 'value' => $title); } else { $titleelement = array('type' => 'text', 'title' => get_string('blocktitle', 'view'), 'description' => $hasdefault ? get_string('defaulttitledescription', 'blocktype.' . blocktype_name_to_namespaced($this->get('blocktype'))) : null, 'defaultvalue' => $title, 'rules' => array('maxlength' => 255), 'hidewhenempty' => $hasdefault, 'expandtext' => get_string('setblocktitle')); } $elements = array_merge(array('title' => $titleelement, 'blockconfig' => array('type' => 'hidden', 'value' => $this->get('id')), 'id' => array('type' => 'hidden', 'value' => $this->get('view')), 'change' => array('type' => 'hidden', 'value' => 1), 'new' => array('type' => 'hidden', 'value' => $new)), $elements, array('retractable' => array('type' => 'select', 'title' => get_string('retractable', 'view'), 'description' => get_string('retractabledescription', 'view'), 'options' => array(BlockInstance::RETRACTABLE_NO => get_string('no'), BlockInstance::RETRACTABLE_YES => get_string('yes'), BlockInstance::RETRACTABLE_RETRACTED => get_string('retractedonload', 'view')), 'defaultvalue' => $retractable + $retractedonload))); if ($new) { $cancel = get_string('remove'); $elements['removeoncancel'] = array('type' => 'hidden', 'value' => 1); $elements['sure'] = array('type' => 'hidden', 'value' => 1); } else { $cancel = get_string('cancel'); } // Add submit/cancel buttons $elements['action_configureblockinstance_id_' . $this->get('id')] = array('type' => 'submitcancel', 'class' => 'btn-default', 'value' => array(get_string('save'), $cancel), 'goto' => View::make_base_url()); $configdirs = array(get_config('libroot') . 'form/'); if ($this->get('artefactplugin')) { $configdirs[] = get_config('docroot') . 'artefact/' . $this->get('artefactplugin') . '/form/'; } $form = array('name' => 'instconf', 'renderer' => 'div', 'validatecallback' => array(generate_class_name('blocktype', $this->get('blocktype')), 'instance_config_validate'), 'successcallback' => array($this, 'instance_config_store'), 'jsform' => true, 'jssuccesscallback' => 'blockConfigSuccess', 'jserrorcallback' => 'blockConfigError', 'elements' => $elements, 'viewgroup' => $this->get_view()->get('group'), 'group' => $this->get_view()->get('group'), 'viewinstitution' => $this->get_view()->get('institution'), 'institution' => $this->get_view()->get('institution'), 'configdirs' => $configdirs, 'plugintype' => 'blocktype', 'pluginname' => $this->get('blocktype')); if (param_variable('action_acsearch_id_' . $this->get('id'), false)) { $form['validate'] = false; } require_once 'pieforms/pieform.php'; $pieform = new Pieform($form); if ($pieform->is_submitted()) { global $SESSION; $SESSION->add_error_msg(get_string('errorprocessingform')); } $html = $pieform->build(); // We probably need a new version of $pieform->build() that separates out the js // Temporary evil hack: if (preg_match('/<script type="(text|application)\\/javascript">(new Pieform\\(.*\\);)<\\/script>/', $html, $matches)) { $js = "var pf_{$form['name']} = " . $matches[2] . "pf_{$form['name']}.init();"; } else { $js = ''; } // We need to load any javascript required for the pieform. We do this // by checking for an api function that has been added especially for // the purpose, but that is not part of Pieforms. Maybe one day later // it will be though foreach ($elements as $key => $element) { $element['name'] = $key; $function = 'pieform_element_' . $element['type'] . '_views_js'; if (is_callable($function)) { $js .= call_user_func_array($function, array($pieform, $element)); } } $configjs = call_static_method($blocktypeclass, 'get_instance_config_javascript', $this); if (is_array($configjs)) { $js .= $this->get_get_javascript_javascript($configjs); } else { if (is_string($configjs)) { $js .= $configjs; } } // We need to load any dynamic css required for the pieform. We do this // by checking for an api function that has been added especially for // the purpose, but that is not part of Pieforms. Maybe one day later // it will be though $css = array(); foreach ($elements as $key => $element) { $element['name'] = $key; $function = 'pieform_element_' . $element['type'] . '_views_css'; if (is_callable($function)) { $css[] = call_user_func_array($function, array($pieform, $element)); } } $renderedform = array('html' => $html, 'javascript' => $js, 'css' => $css); return $renderedform; }
/** * * @package mahara * @subpackage admin * @author Richard Mansfield * @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later * @copyright For copyright information on Mahara, please see the README file distributed with this software. * */ define('INTERNAL', 1); define('INSTITUTIONALADMIN', 1); define('MENUITEM', 'configusers'); require dirname(dirname(dirname(__FILE__))) . '/init.php'; require_once get_config('docroot') . 'lib/antispam.php'; define('TITLE', get_string('bulkactions', 'admin')); $userids = array_map('intval', param_variable('users')); $ph = $userids; $institutionsql = ''; if (!$USER->get('admin')) { // Filter the users by the admin's institutions $institutions = array_values($USER->get('admininstitutions')); $ph = array_merge($ph, $institutions); $institutionsql = ' AND id IN ( SELECT usr FROM {usr_institution} WHERE institution IN (' . join(',', array_fill(0, count($institutions), '?')) . ') )'; } $users = get_records_sql_assoc(' SELECT u.id, u.username, u.email, u.firstname, u.lastname, u.suspendedcusr, u.authinstance, u.studentid, u.preferredname, CHAR_LENGTH(u.password) AS haspassword, aru.remoteusername AS remoteuser, u.lastlogin,
/** * * @package mahara * @subpackage admin * @author Catalyst IT Ltd * @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later * @copyright For copyright information on Mahara, please see the README file distributed with this software. * */ define('INTERNAL', 1); define('ADMIN', 1); define('JSON', 1); require dirname(dirname(dirname(__FILE__))) . '/init.php'; json_headers(); $name = param_variable('name'); $itemid = param_variable('itemid'); $data = new StdClass(); $data->title = $name; if ($itemid == 'new') { try { $displayorders = get_records_array('group_category', '', '', '', 'displayorder'); $max = 0; if ($displayorders) { foreach ($displayorders as $r) { $max = $r->displayorder >= $max ? $r->displayorder + 1 : $max; } } $data->displayorder = $max; $itemid = insert_record('group_category', $data, 'id', true); } catch (Exception $e) { json_reply('local', get_string('savefailed', 'admin'));
$feedlink = get_config('wwwroot') . 'interaction/forum/atom.php?type=f&id=' . $forum->id; $moderators = get_column_sql('SELECT gm.user FROM {interaction_forum_moderator} gm INNER JOIN {usr} u ON (u.id = gm.user AND u.deleted = 0) WHERE gm.forum = ?', array($forumid)); // updates the selected topics as subscribed/closed/sticky if ($membership && isset($_POST['checked'])) { $checked = array_map('intval', array_keys($_POST['checked'])); // get type based on which button was pressed if (isset($_POST['updatetopics'])) { $type = $_POST['type']; } // check that user is only messing with topics from this forum $alltopics = get_column('interaction_forum_topic', 'id', 'forum', $forumid, 'deleted', 0); if ($checked == array_intersect($checked, $alltopics)) { // $checked is a subset of the topics in this forum form_validate(param_variable('sesskey', null)); if ($moderator && $type == 'sticky') { set_field_select('interaction_forum_topic', 'sticky', 1, 'id IN (' . implode(',', $checked) . ')', array()); $SESSION->add_ok_msg(get_string('topicstickysuccess', 'interaction.forum')); } else { if ($moderator && $type == 'unsticky') { set_field_select('interaction_forum_topic', 'sticky', 0, 'id IN (' . implode(',', $checked) . ')', array()); $SESSION->add_ok_msg(get_string('topicunstickysuccess', 'interaction.forum')); } else { if ($moderator && $type == 'closed') { set_field_select('interaction_forum_topic', 'closed', 1, 'id IN (' . implode(',', $checked) . ')', array()); $SESSION->add_ok_msg(get_string('topicclosedsuccess', 'interaction.forum')); } else { if ($moderator && $type == 'open') { set_field_select('interaction_forum_topic', 'closed', 0, 'id IN (' . implode(',', $checked) . ')', array()); $SESSION->add_ok_msg(get_string('topicopenedsuccess', 'interaction.forum'));
* * @package mahara * @subpackage core * @author Catalyst IT Ltd * @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later * @copyright For copyright information on Mahara, please see the README file distributed with this software. * */ define('INTERNAL', 1); define('STAFF', 1); define('JSON', 1); require dirname(dirname(__FILE__)) . '/init.php'; require get_config('libroot') . 'registration.php'; $limit = param_integer('limit', 10); $offset = param_integer('offset', 0); $extradata = json_decode(param_variable('extradata')); $type = param_alpha('type', 'users'); $subpages = array('users', 'groups', 'views', 'content', 'historical', 'institutions'); if (!in_array($type, $subpages)) { $type = 'users'; } if ($type == 'historical') { $field = isset($extradata->field) ? $extradata->field : 'count_usr'; } if ($type == 'institutions') { $sort = isset($extradata->sort) ? $extradata->sort : 'displayname'; $sortdesc = isset($extradata->sortdesc) ? $extradata->sortdesc : false; } switch ($type) { case 'institutions': $data = institution_comparison_stats_table($limit, $offset, $sort, $sortdesc);
<?php /** * * @package mahara * @subpackage core * @author Catalyst IT Ltd * @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later * @copyright For copyright information on Mahara, please see the README file distributed with this software. * */ define('INTERNAL', 1); define('JSON', 1); require dirname(dirname(__FILE__)) . '/init.php'; require_once 'searchlib.php'; $tag = param_variable('tag', null); $limit = param_integer('limit', 10); $offset = param_integer('offset', 0); $sort = param_alpha('sort', 'name'); $type = param_alpha('type', null); $owner = (object) array('type' => 'user', 'id' => $USER->get('id')); $data = get_portfolio_items_by_tag($tag, $owner, $limit, $offset, $sort, $type); build_portfolio_search_html($data); $data->tagdisplay = is_null($tag) ? get_string('alltags') : hsc(str_shorten_text($tag, 50)); $data->tagurl = urlencode($tag); json_reply(false, array('data' => $data));
*/ define('INTERNAL', 1); define('JSON', 1); require dirname(dirname(__FILE__)) . '/init.php'; require_once 'searchlib.php'; safe_require('search', 'internal'); try { $query = param_variable('query'); } catch (ParameterException $e) { json_reply('missingparameter', 'Missing parameter \'query\''); } $limit = param_integer('limit', 20); $offset = param_integer('offset', 0); $allfields = param_boolean('allfields'); $group = param_integer('group', 0); $includeadmins = param_boolean('includeadmins', true); $orderby = param_variable('orderby', 'firstname'); $options = array('orderby' => $orderby); if ($group) { $options['group'] = $group; $options['includeadmins'] = $includeadmins; $data = search_user($query, $limit, $offset, $options); } else { $data = search_user($query, $limit, $offset, $options); } if ($data['data']) { foreach ($data['data'] as &$result) { $result = array('id' => $result['id'], 'name' => $result['name']); } } json_reply(false, $data);
* * @package mahara * @subpackage auth-webservice * @author Catalyst IT Ltd * @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later * @copyright For copyright information on Mahara, please see the README file distributed with this software. * */ define('INTERNAL', 1); define('ADMIN', 1); define('MENUITEM', 'configextensions/webservices'); require dirname(dirname(dirname(__FILE__))) . '/init.php'; define('TITLE', get_string('pluginadmin', 'admin')); require_once 'pieforms/pieform.php'; require_once get_config('docroot') . 'api/xmlrpc/lib.php'; $token = param_variable('token', 0); // lookup user cancelled if ($token == 'add') { redirect('/webservice/admin/index.php?open=webservices_token'); } $dbtoken = get_record('external_tokens', 'id', $token); if (empty($dbtoken)) { $SESSION->add_error_msg(get_string('invalidtoken', 'auth.webservice')); redirect('/webservice/admin/index.php?open=webservices_token'); } $dbuser = get_record('usr', 'id', $dbtoken->userid); $dbservice = get_record('external_services', 'id', $dbtoken->externalserviceid); $token_details = array('name' => 'allocate_webservice_tokens', 'successcallback' => 'allocate_webservice_tokens_submit', 'validatecallback' => 'allocate_webservice_tokens_validate', 'jsform' => true, 'renderer' => 'multicolumntable', 'elements' => array('tokenid' => array('type' => 'hidden', 'value' => $dbtoken->id))); $institutions = get_records_array('institution'); $iopts = array(); foreach ($institutions as $institution) {
* * @package mahara * @subpackage admin * @author Catalyst IT Ltd * @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later * @copyright For copyright information on Mahara, please see the README file distributed with this software. * */ define('INTERNAL', 1); define('ADMIN', 1); define('MENUITEM', 'configextensions/pluginadmin'); require dirname(dirname(dirname(__FILE__))) . '/init.php'; define('TITLE', get_string('pluginadmin', 'admin')); require_once 'pieforms/pieform.php'; $plugintype = param_alpha('plugintype'); $pluginname = param_variable('pluginname'); define('SECTION_PLUGINTYPE', $plugintype); define('SECTION_PLUGINNAME', $pluginname); define('SECTION_PAGE', 'pluginconfig'); safe_require($plugintype, $pluginname); $enable = param_integer('enable', 0); $disable = param_integer('disable', 0); if ($disable && !call_static_method(generate_class_name($plugintype, $pluginname), 'can_be_disabled')) { throw new UserException("Plugin {$plugintype} {$pluginname} cannot be disabled"); } if ($enable || $disable) { require_once get_config('libroot') . 'upgrade.php'; clear_menu_cache(); activate_plugin_form($plugintype, get_record($plugintype . '_installed', 'name', $pluginname)); } if ($plugintype == 'artefact') {
$classname = generate_artefact_class_name($type); try { $artefact = artefact_instance_from_type($type); } catch (Exception $e) { $artefact = new $classname(0, array('owner' => $USER->get('id'))); $artefact->commit(); } } else { throw new ArtefactNotFoundException(get_string('cannotfindcreateartefact', 'artefact.resume')); } } if ($artefact->get('owner') != $USER->get('id')) { throw new AccessDeniedException(get_string('notartefactowner', 'error')); } $folder = param_integer('folder', 0); $browse = (int) param_variable('browse', 0); $highlight = null; if ($file = param_integer('file', 0)) { $highlight = array($file); } $form = pieform(array('name' => 'editgoalsandskills', 'method' => 'post', 'jsform' => true, 'newiframeonsubmit' => true, 'jssuccesscallback' => 'editgoalsandskills_callback', 'jserrorcallback' => 'editgoalsandskills_callback', 'plugintype' => 'artefact', 'pluginname' => 'resume', 'configdirs' => array(get_config('libroot') . 'form/', get_config('docroot') . 'artefact/file/form/'), 'elements' => array('description' => array('type' => 'wysiwyg', 'title' => get_string('description', 'artefact.resume'), 'rows' => 20, 'cols' => 65, 'defaultvalue' => $artefact->get('description'), 'rules' => array('maxlength' => 65536)), 'filebrowser' => array('type' => 'filebrowser', 'title' => get_string('attachments', 'artefact.blog'), 'folder' => $folder, 'highlight' => $highlight, 'browse' => $browse, 'page' => get_config('wwwroot') . 'artefact/resume/editgoalsandskills.php?id=' . $artefact->get('id') . '&browse=1', 'browsehelp' => 'browsemyfiles', 'config' => array('upload' => true, 'uploadagreement' => get_config_plugin('artefact', 'file', 'uploadagreement'), 'resizeonuploaduseroption' => get_config_plugin('artefact', 'file', 'resizeonuploaduseroption'), 'resizeonuploaduserdefault' => $USER->get_account_preference('resizeonuploaduserdefault'), 'createfolder' => false, 'edit' => false, 'select' => true), 'defaultvalue' => $artefact->attachment_id_list(), 'selectlistcallback' => 'artefact_get_records_by_id', 'selectcallback' => 'add_resume_attachment', 'unselectcallback' => 'delete_resume_attachment'), 'artefacttype' => array('type' => 'hidden', 'value' => $artefact->get('artefacttype')), 'submitform' => array('type' => 'submitcancel', 'class' => 'btn-success', 'value' => array(get_string('save'), get_string('cancel')), 'goto' => get_config('wwwroot') . 'artefact/resume/goalsandskills.php')))); /* * Javascript specific to this page. Creates the list of files * attached to the resume goals or skills. */ $wwwroot = get_config('wwwroot'); $noimagesmessage = json_encode(get_string('noimageshavebeenattachedtothispost', 'artefact.blog')); $javascript = <<<EOF function editgoalsandskills_callback(form, data) { editgoalsandskills_filebrowser.callback(form, data); };
require_once get_config('libroot') . 'pieforms/pieform.php'; safe_require('artefact', 'annotation'); // Pagination is not really working here so extradata won't // really be a parameter. $extradata = json_decode(param_variable('extradata', null)); $ispagination = false; if (param_exists('offset')) { $ispagination = true; $limit = param_integer('limit', 10); $offset = param_integer('offset'); } if (!isset($extradata)) { $viewid = json_decode(param_variable('viewid')); $annotationid = json_decode(param_variable('annotationid')); $artefactid = json_decode(param_variable('artefactid', '')); $blockid = json_decode(param_variable('blockid')); $extradata = new stdClass(); $extradata->view = $viewid; $extradata->artefact = $artefactid; $extradata->annotation = $annotationid; $extradata->blockid = $blockid; } if (empty($extradata->view) || empty($extradata->annotation) || empty($extradata->blockid)) { json_reply('local', get_string('annotationinformationerror', 'artefact.annotation')); } if (!can_view_view($extradata->view)) { json_reply('local', get_string('noaccesstoview', 'view')); } if (!artefact_in_view($extradata->annotation, $extradata->view)) { json_reply('local', get_string('accessdenied', 'error')); }
* * @package mahara * @subpackage core * @author Catalyst IT Ltd * @license http://www.gnu.org/copyleft/gpl.html GNU GPL * @copyright (C) 2006-2008 Catalyst IT Ltd http://catalyst.net.nz * */ define('INTERNAL', 1); define('JSON', 1); require dirname(dirname(__FILE__)) . '/init.php'; json_headers(); $data = new StdClass(); $data->view = param_integer('view'); $data->artefact = param_integer('artefact', null); $data->message = param_variable('message'); $data->public = param_boolean('public') ? 1 : 0; $data->attachment = param_integer('attachment', null); $data->author = $USER->get('id'); $data->ctime = db_format_timestamp(time()); if ($data->artefact) { $table = 'artefact_feedback'; } else { $table = 'view_feedback'; } if (!insert_record($table, $data, 'id', true)) { json_reply('local', get_string('addfeedbackfailed', 'view')); } require_once 'activity.php'; activity_occurred('feedback', $data); json_reply(false, get_string('feedbacksubmitted', 'view'));
// so it differs from the atime in the View constructor and so triggers // the saving of the atime change. Can't use $view->set('dirty', true) // as that will also get the view object to update the mtime which is not // what we want. $view->set('atime', time() - 1); $view->commit(); } // Feedback list pagination requires limit/offset params $limit = param_integer('limit', 10); $offset = param_integer('offset', 0); $showcomment = param_integer('showcomment', null); // Create the "make feedback private form" now if it's been submitted if (param_variable('make_public_submit', null)) { pieform(ArtefactTypeComment::make_public_form(param_integer('comment'))); } else { if (param_variable('delete_comment_submit_x', null)) { pieform(ArtefactTypeComment::delete_comment_form(param_integer('comment'))); } } $owner = $view->get('owner'); $viewtype = $view->get('type'); if ($viewtype == 'profile' || $viewtype == 'dashboard' || $viewtype == 'grouphomepage') { redirect($view->get_url()); } define('TITLE', $view->get('title')); $collection = $view->get('collection'); $submittedgroup = (int) $view->get('submittedgroup'); if ($USER->is_logged_in() && $submittedgroup && group_user_can_assess_submitted_views($submittedgroup, $USER->get('id'))) { // The user is a tutor of the group that this view has // been submitted to, and is entitled to release the view $submittedgroup = get_record('group', 'id', $submittedgroup);