/** * This method constructs a display record. It retrieves the mail itself, along with its parent * (if it has one) and the entire threaded conversation. * * @param int $mailid This is the ID of the mail record to display. * @param string $folder This is the folder the mail is in. * @param int $courseid This is the course ID * @param bool $logging T/F indicating if logging should be performed (turn off for unit tests) * */ public function __construct($mailid, $folder, $courseid, $logging = true) { global $DB, $USER; $this->folder = $folder; $this->viewrecord = $DB->get_record('course_message_mails', array('id' => $mailid)); $this->threadmails = null; // Store IDs for convenience. $this->mailid = $mailid; $this->parentid = $this->viewrecord->parentmessage; if ($this->parentid != 0) { $this->fetch_thread($courseid); } if ($this->check_for_children($courseid)) { $this->parentid = $this->mailid; $this->fetch_thread($courseid); } if ($logging == true) { $params = array('context' => context_course::instance($courseid), 'objectid' => $mailid, 'other' => array('folder' => $folder, 'parentid' => $this->parentid), 'courseid' => $courseid, 'userid' => $USER->id); $event = \block_course_message\event\mail_viewed::create($params); $event->trigger(); user_accesstime_log($courseid); } }
define('BLOCK_R_MAX_WIDTH', $rmax); // check if major upgrade needed - also present in login/index.php if ((int) $CFG->version < 2006101100) { //1.7 or older @require_logout(); redirect("{$CFG->wwwroot}/{$CFG->admin}/"); } // Trigger 1.9 accesslib upgrade? if ((int) $CFG->version < 2007092000 && isset($USER->id) && is_siteadmin($USER->id)) { // this test is expensive, but is only triggered during the upgrade redirect("{$CFG->wwwroot}/{$CFG->admin}/"); } if ($CFG->forcelogin) { require_login(); } else { user_accesstime_log(); } if ($CFG->rolesactive) { // if already using roles system if (has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM))) { if (moodle_needs_upgrading()) { redirect($CFG->wwwroot . '/' . $CFG->admin . '/index.php'); } } else { if (!empty($CFG->mymoodleredirect)) { // Redirect logged-in users to My Moodle overview if required if (isloggedin() && $USER->username != 'guest') { redirect($CFG->wwwroot . '/my/index.php'); } } }
/** * Weaker version of require_login() * * This is a weaker version of {@link require_login()} which only requires login * when called from within a course rather than the site page, unless * the forcelogin option is turned on. * @see require_login() * * @package core_access * @category access * * @param mixed $courseorid The course object or id in question * @param bool $autologinguest Allow autologin guests if that is wanted * @param object $cm Course activity module if known * @param bool $setwantsurltome Define if we want to set $SESSION->wantsurl, defaults to * true. Used to avoid (=false) some scripts (file.php...) to set that variable, * in order to keep redirects working properly. MDL-14495 * @param bool $preventredirect set to true in scripts that can not redirect (CLI, rss feeds, etc.), throws exceptions * @return void * @throws coding_exception */ function require_course_login($courseorid, $autologinguest = true, $cm = null, $setwantsurltome = true, $preventredirect = false) { global $CFG, $PAGE, $SITE; $issite = (is_object($courseorid) and $courseorid->id == SITEID or !is_object($courseorid) and $courseorid == SITEID); if ($issite && !empty($cm) && !$cm instanceof cm_info) { // Note: nearly all pages call get_fast_modinfo anyway and it does not make any // db queries so this is not really a performance concern, however it is obviously // better if you use get_fast_modinfo to get the cm before calling this. if (is_object($courseorid)) { $course = $courseorid; } else { $course = clone $SITE; } $modinfo = get_fast_modinfo($course); $cm = $modinfo->get_cm($cm->id); } if (!empty($CFG->forcelogin)) { // Login required for both SITE and courses. require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect); } else { if ($issite && !empty($cm) and !$cm->uservisible) { // Always login for hidden activities. require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect); } else { if ($issite) { // Login for SITE not required. // We still need to instatiate PAGE vars properly so that things that rely on it like navigation function correctly. if (!empty($courseorid)) { if (is_object($courseorid)) { $course = $courseorid; } else { $course = clone $SITE; } if ($cm) { if ($cm->course != $course->id) { throw new coding_exception('course and cm parameters in require_course_login() call do not match!!'); } $PAGE->set_cm($cm, $course); $PAGE->set_pagelayout('incourse'); } else { $PAGE->set_course($course); } } else { // If $PAGE->course, and hence $PAGE->context, have not already been set up properly, set them up now. $PAGE->set_course($PAGE->course); } user_accesstime_log(SITEID); return; } else { // Course login always required. require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect); } } } }
/** * This is a weaker version of {@link require_login()} which only requires login * when called from within a course rather than the site page, unless * the forcelogin option is turned on. * * @uses $CFG * @param mixed $courseorid The course object or id in question * @param bool $autologinguest Allow autologin guests if that is wanted * @param object $cm Course activity module if known * @param bool $setwantsurltome Define if we want to set $SESSION->wantsurl, defaults to * true. Used to avoid (=false) some scripts (file.php...) to set that variable, * in order to keep redirects working properly. MDL-14495 */ function require_course_login($courseorid, $autologinguest = true, $cm = null, $setwantsurltome = true) { global $CFG; if (!empty($CFG->forcelogin)) { // login required for both SITE and courses require_login($courseorid, $autologinguest, $cm, $setwantsurltome); } else { if (!empty($cm) and !$cm->visible) { // always login for hidden activities require_login($courseorid, $autologinguest, $cm, $setwantsurltome); } else { if (is_object($courseorid) and $courseorid->id == SITEID or !is_object($courseorid) and $courseorid == SITEID) { //login for SITE not required if ($cm and empty($cm->visible)) { // hidden activities are not accessible without login require_login($courseorid, $autologinguest, $cm, $setwantsurltome); } else { if ($cm and !empty($CFG->enablegroupings) and $cm->groupmembersonly) { // not-logged-in users do not have any group membership require_login($courseorid, $autologinguest, $cm, $setwantsurltome); } else { user_accesstime_log(SITEID); return; } } } else { // course login always required require_login($courseorid, $autologinguest, $cm, $setwantsurltome); } } } }
/** * Weaker version of require_login() * * This is a weaker version of {@link require_login()} which only requires login * when called from within a course rather than the site page, unless * the forcelogin option is turned on. * @see require_login() * * @global object * @param mixed $courseorid The course object or id in question * @param bool $autologinguest Allow autologin guests if that is wanted * @param object $cm Course activity module if known * @param bool $setwantsurltome Define if we want to set $SESSION->wantsurl, defaults to * true. Used to avoid (=false) some scripts (file.php...) to set that variable, * in order to keep redirects working properly. MDL-14495 */ function require_course_login($courseorid, $autologinguest = true, $cm = null, $setwantsurltome = true) { global $CFG; if (!empty($CFG->forcelogin)) { // login required for both SITE and courses require_login($courseorid, $autologinguest, $cm, $setwantsurltome); } else { if (!empty($cm) and !$cm->visible) { // always login for hidden activities require_login($courseorid, $autologinguest, $cm, $setwantsurltome); } else { if (is_object($courseorid) and $courseorid->id == SITEID or !is_object($courseorid) and $courseorid == SITEID) { //login for SITE not required user_accesstime_log(SITEID); return; } else { // course login always required require_login($courseorid, $autologinguest, $cm, $setwantsurltome); } } } }
function require_obu_login($courseorid = null, $autologinguest = true, $cm = null, $setwantsurltome = true, $preventredirect = false) { global $CFG, $SESSION, $USER, $PAGE, $SITE, $DB, $OUTPUT; $login_url = '/local/obu_application/login.php'; // Must not redirect when byteserving already started. if (!empty($_SERVER['HTTP_RANGE'])) { $preventredirect = true; } // Do not touch global $COURSE via $PAGE->set_course(), // the reasons is we need to be able to call require_obu_login() at any time!! $course = $SITE; // If this is an AJAX request and $setwantsurltome is true then we need to override it and set it to false. // Otherwise the AJAX request URL will be set to $SESSION->wantsurl and events such as self enrolment in the future // risk leading the user back to the AJAX request URL. if ($setwantsurltome && defined('AJAX_SCRIPT') && AJAX_SCRIPT) { $setwantsurltome = false; } // Redirect to the login page if session has expired, only with dbsessions enabled (MDL-35029) to maintain current behaviour. if ((!isloggedin() or isguestuser()) && !empty($SESSION->has_timed_out) && !$preventredirect && !empty($CFG->dbsessions)) { if ($setwantsurltome) { $SESSION->wantsurl = qualified_me(); } redirect($login_url); } // If the user is not even logged in yet then make sure they are. if (!isloggedin()) { if ($autologinguest and !empty($CFG->guestloginbutton) and !empty($CFG->autologinguests)) { if (!($guest = get_complete_user_data('id', $CFG->siteguest))) { // Misconfigured site guest, just redirect to login page. redirect($login_url); exit; // Never reached. } $lang = isset($SESSION->lang) ? $SESSION->lang : $CFG->lang; complete_user_login($guest); $USER->autologinguest = true; $SESSION->lang = $lang; } else { // NOTE: $USER->site check was obsoleted by session test cookie, $USER->confirmed test is in login/index.php. if ($preventredirect) { throw new require_login_exception('You are not logged in'); } if ($setwantsurltome) { $SESSION->wantsurl = qualified_me(); } if (!empty($_SERVER['HTTP_REFERER'])) { $SESSION->fromurl = $_SERVER['HTTP_REFERER']; } redirect($login_url); exit; // Never reached. } } // Make sure the USER has a sesskey set up. Used for CSRF protection. sesskey(); // Do not bother admins with any formalities. if (is_siteadmin()) { // Set accesstime or the user will appear offline which messes up messaging. user_accesstime_log($course->id); return; } // Fetch the system context, the course context, and prefetch its child contexts. $sysctx = context_system::instance(); $coursecontext = context_course::instance($course->id, MUST_EXIST); $cmcontext = null; // If the site is currently under maintenance, then print a message. if (!empty($CFG->maintenance_enabled) and !has_capability('moodle/site:config', $sysctx)) { if ($preventredirect) { throw new require_login_exception('Maintenance in progress'); } print_maintenance_message(); } // Finally access granted, update lastaccess times. user_accesstime_log($course->id); }
/** * Weaker version of require_login() * * This is a weaker version of {@link require_login()} which only requires login * when called from within a course rather than the site page, unless * the forcelogin option is turned on. * @see require_login() * * @package core_access * @category access * * @param mixed $courseorid The course object or id in question * @param bool $autologinguest Allow autologin guests if that is wanted * @param object $cm Course activity module if known * @param bool $setwantsurltome Define if we want to set $SESSION->wantsurl, defaults to * true. Used to avoid (=false) some scripts (file.php...) to set that variable, * in order to keep redirects working properly. MDL-14495 * @param bool $preventredirect set to true in scripts that can not redirect (CLI, rss feeds, etc.), throws exceptions * @return void */ function require_course_login($courseorid, $autologinguest = true, $cm = NULL, $setwantsurltome = true, $preventredirect = false) { global $CFG, $PAGE, $SITE; $issite = (is_object($courseorid) and $courseorid->id == SITEID) or !is_object($courseorid) and $courseorid == SITEID; if ($issite && !empty($cm) && !$cm instanceof cm_info) { // note: nearly all pages call get_fast_modinfo anyway and it does not make any // db queries so this is not really a performance concern, however it is obviously // better if you use get_fast_modinfo to get the cm before calling this. if (is_object($courseorid)) { $course = $courseorid; } else { $course = clone $SITE; } $modinfo = get_fast_modinfo($course); $cm = $modinfo->get_cm($cm->id); } if (!empty($CFG->forcelogin)) { // login required for both SITE and courses /* * resources attached in dependent modules are not accessible in inital / delta sync so disabling the check. */ require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect); } else { if ($issite && !empty($cm) and !$cm->uservisible) { // always login for hidden activities require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect); } else { if ($issite) { //login for SITE not required if ($cm and empty($cm->visible)) { // hidden activities are not accessible without login require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect); } else { if ($cm and !empty($CFG->enablegroupmembersonly) and $cm->groupmembersonly) { // not-logged-in users do not have any group membership require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect); } else { // We still need to instatiate PAGE vars properly so that things // that rely on it like navigation function correctly. if (!empty($courseorid)) { if (is_object($courseorid)) { $course = $courseorid; } else { $course = clone $SITE; } if ($cm) { if ($cm->course != $course->id) { throw new coding_exception('course and cm parameters in require_course_login() call do not match!!'); } $PAGE->set_cm($cm, $course); $PAGE->set_pagelayout('incourse'); } else { $PAGE->set_course($course); } } else { // If $PAGE->course, and hence $PAGE->context, have not already been set // up properly, set them up now. $PAGE->set_course($PAGE->course); } //TODO: verify conditional activities here user_accesstime_log(SITEID); return; } } } else { // course login always required require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect); } } } }
/** * Weaker version of require_login() * * This is a weaker version of {@link require_login()} which only requires login * when called from within a course rather than the site page, unless * the forcelogin option is turned on. * @see require_login() * * @global object * @param mixed $courseorid The course object or id in question * @param bool $autologinguest Allow autologin guests if that is wanted * @param object $cm Course activity module if known * @param bool $setwantsurltome Define if we want to set $SESSION->wantsurl, defaults to * true. Used to avoid (=false) some scripts (file.php...) to set that variable, * in order to keep redirects working properly. MDL-14495 * @param bool $preventredirect set to true in scripts that can not redirect (CLI, rss feeds, etc.), throws exceptions * @return void */ function require_course_login($courseorid, $autologinguest = true, $cm = NULL, $setwantsurltome = true, $preventredirect = false) { global $CFG, $PAGE, $SITE; if (!empty($CFG->forcelogin)) { // login required for both SITE and courses require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect); } else { if (!empty($cm) and !$cm->visible) { // always login for hidden activities require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect); } else { if (is_object($courseorid) and $courseorid->id == SITEID or !is_object($courseorid) and $courseorid == SITEID) { //login for SITE not required if ($cm and empty($cm->visible)) { // hidden activities are not accessible without login require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect); } else { if ($cm and !empty($CFG->enablegroupmembersonly) and $cm->groupmembersonly) { // not-logged-in users do not have any group membership require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect); } else { // We still need to instatiate PAGE vars properly so that things // that rely on it like navigation function correctly. if (!empty($courseorid)) { if (is_object($courseorid)) { $course = $courseorid; } else { $course = clone $SITE; } if ($cm) { if ($cm->course != $course->id) { throw new coding_exception('course and cm parameters in require_course_login() call do not match!!'); } $PAGE->set_cm($cm, $course); $PAGE->set_pagelayout('incourse'); } else { $PAGE->set_course($course); } } else { // If $PAGE->course, and hence $PAGE->context, have not already been set // up properly, set them up now. $PAGE->set_course($PAGE->course); } //TODO: verify conditional activities here user_accesstime_log(SITEID); return; } } } else { // course login always required require_login($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect); } } } }