} else { $errormsg = get_string("invalidlogin"); $errorcode = 3; } } } } /// Detect problems with timedout sessions if ($session_has_timed_out and !data_submitted()) { $errormsg = get_string('sessionerroruser', 'error'); $errorcode = 4; } /// First, let's remember where the user was trying to get to before they got here if (empty($SESSION->wantsurl)) { $SESSION->wantsurl = null; $referer = get_local_referer(false); if ($referer && $referer != $CFG->wwwroot && $referer != $CFG->wwwroot . '/' && $referer != $CFG->httpswwwroot . '/login/' && strpos($referer, $CFG->httpswwwroot . '/login/?') !== 0 && strpos($referer, $CFG->httpswwwroot . '/login/index.php') !== 0) { // There might be some extra params such as ?lang=. $SESSION->wantsurl = $referer; } } /// Redirect to alternative login URL if needed if (!empty($CFG->alternateloginurl)) { $loginurl = $CFG->alternateloginurl; if (strpos($SESSION->wantsurl, $loginurl) === 0) { //we do not want to return to alternate url $SESSION->wantsurl = NULL; } if ($errorcode) { if (strpos($loginurl, '?') === false) { $loginurl .= '?';
$renderer = $PAGE->get_renderer('mod_choice'); echo $renderer->display_options($options, $cm->id, $choice->display, $choice->allowmultiple); $choiceformshown = true; } else { $choiceformshown = false; } if (!$choiceformshown) { $sitecontext = context_system::instance(); if (isguestuser()) { // Guest account echo $OUTPUT->confirm(get_string('noguestchoose', 'choice') . '<br /><br />' . get_string('liketologin'), get_login_url(), new moodle_url('/course/view.php', array('id' => $course->id))); } else { if (!is_enrolled($context)) { // Only people enrolled can make a choice $SESSION->wantsurl = qualified_me(); $SESSION->enrolcancel = get_local_referer(false); $coursecontext = context_course::instance($course->id); $courseshortname = format_string($course->shortname, true, array('context' => $coursecontext)); echo $OUTPUT->box_start('generalbox', 'notice'); echo '<p align="center">' . get_string('notenrolledchoose', 'choice') . '</p>'; echo $OUTPUT->container_start('continuebutton'); echo $OUTPUT->single_button(new moodle_url('/enrol/index.php?', array('id' => $course->id)), get_string('enrolme', 'core_enrol', $courseshortname)); echo $OUTPUT->container_end(); echo $OUTPUT->box_end(); } } } // print the results at the bottom of the screen if (choice_can_view_results($choice, $current, $choiceopen)) { if (!empty($choice->showunanswered)) { $choice->option[0] = get_string('notanswered', 'choice');
/** * This function checks that the current user is logged in and has the * required privileges * * This function checks that the current user is logged in, and optionally * whether they are allowed to be in a particular course and view a particular * course module. * If they are not logged in, then it redirects them to the site login unless * $autologinguest is set and {@link $CFG}->autologinguests is set to 1 in which * case they are automatically logged in as guests. * If $courseid is given and the user is not enrolled in that course then the * user is redirected to the course enrolment page. * If $cm is given and the course module is hidden and the user is not a teacher * in the course then the user is redirected to the course home page. * * When $cm parameter specified, this function sets page layout to 'module'. * You need to change it manually later if some other layout needed. * * @package core_access * @category access * * @param mixed $courseorid id of the course or course object * @param bool $autologinguest default true * @param object $cm course module object * @param bool $setwantsurltome Define if we want to set $SESSION->wantsurl, defaults to * true. Used to avoid (=false) some scripts (file.php...) to set that variable, * in order to keep redirects working properly. MDL-14495 * @param bool $preventredirect set to true in scripts that can not redirect (CLI, rss feeds, etc.), throws exceptions * @return mixed Void, exit, and die depending on path * @throws coding_exception * @throws require_login_exception */ function require_login($courseorid = null, $autologinguest = true, $cm = null, $setwantsurltome = true, $preventredirect = false) { global $CFG, $SESSION, $USER, $PAGE, $SITE, $DB, $OUTPUT; // Must not redirect when byteserving already started. if (!empty($_SERVER['HTTP_RANGE'])) { $preventredirect = true; } if (AJAX_SCRIPT) { // We cannot redirect for AJAX scripts either. $preventredirect = true; } // Setup global $COURSE, themes, language and locale. if (!empty($courseorid)) { if (is_object($courseorid)) { $course = $courseorid; } else { if ($courseorid == SITEID) { $course = clone $SITE; } else { $course = $DB->get_record('course', array('id' => $courseorid), '*', MUST_EXIST); } } if ($cm) { if ($cm->course != $course->id) { throw new coding_exception('course and cm parameters in require_login() call do not match!!'); } // Make sure we have a $cm from get_fast_modinfo as this contains activity access details. if (!$cm instanceof cm_info) { // Note: nearly all pages call get_fast_modinfo anyway and it does not make any // db queries so this is not really a performance concern, however it is obviously // better if you use get_fast_modinfo to get the cm before calling this. $modinfo = get_fast_modinfo($course); $cm = $modinfo->get_cm($cm->id); } } } else { // Do not touch global $COURSE via $PAGE->set_course(), // the reasons is we need to be able to call require_login() at any time!! $course = $SITE; if ($cm) { throw new coding_exception('cm parameter in require_login() requires valid course parameter!'); } } // If this is an AJAX request and $setwantsurltome is true then we need to override it and set it to false. // Otherwise the AJAX request URL will be set to $SESSION->wantsurl and events such as self enrolment in the future // risk leading the user back to the AJAX request URL. if ($setwantsurltome && defined('AJAX_SCRIPT') && AJAX_SCRIPT) { $setwantsurltome = false; } // Redirect to the login page if session has expired, only with dbsessions enabled (MDL-35029) to maintain current behaviour. if ((!isloggedin() or isguestuser()) && !empty($SESSION->has_timed_out) && !empty($CFG->dbsessions)) { if ($preventredirect) { throw new require_login_session_timeout_exception(); } else { if ($setwantsurltome) { $SESSION->wantsurl = qualified_me(); } redirect(get_login_url()); } } // If the user is not even logged in yet then make sure they are. if (!isloggedin()) { if ($autologinguest and !empty($CFG->guestloginbutton) and !empty($CFG->autologinguests)) { if (!($guest = get_complete_user_data('id', $CFG->siteguest))) { // Misconfigured site guest, just redirect to login page. redirect(get_login_url()); exit; // Never reached. } $lang = isset($SESSION->lang) ? $SESSION->lang : $CFG->lang; complete_user_login($guest); $USER->autologinguest = true; $SESSION->lang = $lang; } else { // NOTE: $USER->site check was obsoleted by session test cookie, $USER->confirmed test is in login/index.php. if ($preventredirect) { throw new require_login_exception('You are not logged in'); } if ($setwantsurltome) { $SESSION->wantsurl = qualified_me(); } $referer = get_local_referer(false); if (!empty($referer)) { $SESSION->fromurl = $referer; } // Give auth plugins an opportunity to authenticate or redirect to an external login page $authsequence = get_enabled_auth_plugins(true); // auths, in sequence foreach ($authsequence as $authname) { $authplugin = get_auth_plugin($authname); $authplugin->pre_loginpage_hook(); if (isloggedin()) { break; } } // If we're still not logged in then go to the login page if (!isloggedin()) { redirect(get_login_url()); exit; // Never reached. } } } // Loginas as redirection if needed. if ($course->id != SITEID and \core\session\manager::is_loggedinas()) { if ($USER->loginascontext->contextlevel == CONTEXT_COURSE) { if ($USER->loginascontext->instanceid != $course->id) { print_error('loginasonecourse', '', $CFG->wwwroot . '/course/view.php?id=' . $USER->loginascontext->instanceid); } } } // Check whether the user should be changing password (but only if it is REALLY them). if (get_user_preferences('auth_forcepasswordchange') && !\core\session\manager::is_loggedinas()) { $userauth = get_auth_plugin($USER->auth); if ($userauth->can_change_password() and !$preventredirect) { if ($setwantsurltome) { $SESSION->wantsurl = qualified_me(); } if ($changeurl = $userauth->change_password_url()) { // Use plugin custom url. redirect($changeurl); } else { // Use moodle internal method. if (empty($CFG->loginhttps)) { redirect($CFG->wwwroot . '/login/change_password.php'); } else { $wwwroot = str_replace('http:', 'https:', $CFG->wwwroot); redirect($wwwroot . '/login/change_password.php'); } } } else { if ($userauth->can_change_password()) { throw new moodle_exception('forcepasswordchangenotice'); } else { throw new moodle_exception('nopasswordchangeforced', 'auth'); } } } // Check that the user account is properly set up. If we can't redirect to // edit their profile, perform just the lax check. It will allow them to // use filepicker on the profile edit page. if ($preventredirect) { $usernotfullysetup = user_not_fully_set_up($USER, false); } else { $usernotfullysetup = user_not_fully_set_up($USER, true); } if ($usernotfullysetup) { if ($preventredirect) { throw new moodle_exception('usernotfullysetup'); } if ($setwantsurltome) { $SESSION->wantsurl = qualified_me(); } redirect($CFG->wwwroot . '/user/edit.php?id=' . $USER->id . '&course=' . SITEID); } // Make sure the USER has a sesskey set up. Used for CSRF protection. sesskey(); // Do not bother admins with any formalities. if (is_siteadmin()) { // Set the global $COURSE. if ($cm) { $PAGE->set_cm($cm, $course); $PAGE->set_pagelayout('incourse'); } else { if (!empty($courseorid)) { $PAGE->set_course($course); } } // Set accesstime or the user will appear offline which messes up messaging. user_accesstime_log($course->id); return; } // Check that the user has agreed to a site policy if there is one - do not test in case of admins. if (!$USER->policyagreed and !is_siteadmin()) { if (!empty($CFG->sitepolicy) and !isguestuser()) { if ($preventredirect) { throw new moodle_exception('sitepolicynotagreed', 'error', '', $CFG->sitepolicy); } if ($setwantsurltome) { $SESSION->wantsurl = qualified_me(); } redirect($CFG->wwwroot . '/user/policy.php'); } else { if (!empty($CFG->sitepolicyguest) and isguestuser()) { if ($preventredirect) { throw new moodle_exception('sitepolicynotagreed', 'error', '', $CFG->sitepolicyguest); } if ($setwantsurltome) { $SESSION->wantsurl = qualified_me(); } redirect($CFG->wwwroot . '/user/policy.php'); } } } // Fetch the system context, the course context, and prefetch its child contexts. $sysctx = context_system::instance(); $coursecontext = context_course::instance($course->id, MUST_EXIST); if ($cm) { $cmcontext = context_module::instance($cm->id, MUST_EXIST); } else { $cmcontext = null; } // If the site is currently under maintenance, then print a message. if (!empty($CFG->maintenance_enabled) and !has_capability('moodle/site:maintenanceaccess', $sysctx)) { if ($preventredirect) { throw new require_login_exception('Maintenance in progress'); } $PAGE->set_context(null); print_maintenance_message(); } // Make sure the course itself is not hidden. if ($course->id == SITEID) { // Frontpage can not be hidden. } else { if (is_role_switched($course->id)) { // When switching roles ignore the hidden flag - user had to be in course to do the switch. } else { if (!$course->visible and !has_capability('moodle/course:viewhiddencourses', $coursecontext)) { // Originally there was also test of parent category visibility, BUT is was very slow in complex queries // involving "my courses" now it is also possible to simply hide all courses user is not enrolled in :-). if ($preventredirect) { throw new require_login_exception('Course is hidden'); } $PAGE->set_context(null); // We need to override the navigation URL as the course won't have been added to the navigation and thus // the navigation will mess up when trying to find it. navigation_node::override_active_url(new moodle_url('/')); notice(get_string('coursehidden'), $CFG->wwwroot . '/'); } } } // Is the user enrolled? if ($course->id == SITEID) { // Everybody is enrolled on the frontpage. } else { if (\core\session\manager::is_loggedinas()) { // Make sure the REAL person can access this course first. $realuser = \core\session\manager::get_realuser(); if (!is_enrolled($coursecontext, $realuser->id, '', true) and !is_viewing($coursecontext, $realuser->id) and !is_siteadmin($realuser->id)) { if ($preventredirect) { throw new require_login_exception('Invalid course login-as access'); } $PAGE->set_context(null); echo $OUTPUT->header(); notice(get_string('studentnotallowed', '', fullname($USER, true)), $CFG->wwwroot . '/'); } } $access = false; if (is_role_switched($course->id)) { // Ok, user had to be inside this course before the switch. $access = true; } else { if (is_viewing($coursecontext, $USER)) { // Ok, no need to mess with enrol. $access = true; } else { if (isset($USER->enrol['enrolled'][$course->id])) { if ($USER->enrol['enrolled'][$course->id] > time()) { $access = true; if (isset($USER->enrol['tempguest'][$course->id])) { unset($USER->enrol['tempguest'][$course->id]); remove_temp_course_roles($coursecontext); } } else { // Expired. unset($USER->enrol['enrolled'][$course->id]); } } if (isset($USER->enrol['tempguest'][$course->id])) { if ($USER->enrol['tempguest'][$course->id] == 0) { $access = true; } else { if ($USER->enrol['tempguest'][$course->id] > time()) { $access = true; } else { // Expired. unset($USER->enrol['tempguest'][$course->id]); remove_temp_course_roles($coursecontext); } } } if (!$access) { // Cache not ok. $until = enrol_get_enrolment_end($coursecontext->instanceid, $USER->id); if ($until !== false) { // Active participants may always access, a timestamp in the future, 0 (always) or false. if ($until == 0) { $until = ENROL_MAX_TIMESTAMP; } $USER->enrol['enrolled'][$course->id] = $until; $access = true; } else { $params = array('courseid' => $course->id, 'status' => ENROL_INSTANCE_ENABLED); $instances = $DB->get_records('enrol', $params, 'sortorder, id ASC'); $enrols = enrol_get_plugins(true); // First ask all enabled enrol instances in course if they want to auto enrol user. foreach ($instances as $instance) { if (!isset($enrols[$instance->enrol])) { continue; } // Get a duration for the enrolment, a timestamp in the future, 0 (always) or false. $until = $enrols[$instance->enrol]->try_autoenrol($instance); if ($until !== false) { if ($until == 0) { $until = ENROL_MAX_TIMESTAMP; } $USER->enrol['enrolled'][$course->id] = $until; $access = true; break; } } // If not enrolled yet try to gain temporary guest access. if (!$access) { foreach ($instances as $instance) { if (!isset($enrols[$instance->enrol])) { continue; } // Get a duration for the guest access, a timestamp in the future or false. $until = $enrols[$instance->enrol]->try_guestaccess($instance); if ($until !== false and $until > time()) { $USER->enrol['tempguest'][$course->id] = $until; $access = true; break; } } } } } } } if (!$access) { if ($preventredirect) { throw new require_login_exception('Not enrolled'); } if ($setwantsurltome) { $SESSION->wantsurl = qualified_me(); } redirect($CFG->wwwroot . '/enrol/index.php?id=' . $course->id); } } // Check visibility of activity to current user; includes visible flag, conditional availability, etc. if ($cm && !$cm->uservisible) { if ($preventredirect) { throw new require_login_exception('Activity is hidden'); } if ($course->id != SITEID) { $url = new moodle_url('/course/view.php', array('id' => $course->id)); } else { $url = new moodle_url('/'); } redirect($url, get_string('activityiscurrentlyhidden')); } // Set the global $COURSE. if ($cm) { $PAGE->set_cm($cm, $course); $PAGE->set_pagelayout('incourse'); } else { if (!empty($courseorid)) { $PAGE->set_course($course); } } // Finally access granted, update lastaccess times. user_accesstime_log($course->id); }
/** * @global object * @global object */ function forum_set_return() { global $CFG, $SESSION; if (!isset($SESSION->fromdiscussion)) { $referer = get_local_referer(false); // If the referer is NOT a login screen then save it. if (!strncasecmp("{$CFG->wwwroot}/login", $referer, 300)) { $SESSION->fromdiscussion = $referer; } } }
/** * Will get called before the login page is shownr. Ff NTLM SSO * is enabled, and the user is in the right network, we'll redirect * to the magic NTLM page for SSO... * */ function loginpage_hook() { global $CFG, $SESSION; // HTTPS is potentially required //httpsrequired(); - this must be used before setting the URL, it is already done on the login/index.php if (($_SERVER['REQUEST_METHOD'] === 'GET' || $_SERVER['REQUEST_METHOD'] === 'POST' && get_local_referer() != strip_querystring(qualified_me())) && !empty($this->config->ntlmsso_enabled) && !empty($this->config->ntlmsso_subnet) && empty($_GET['authldap_skipntlmsso']) && (isguestuser() || !isloggedin()) && address_in_subnet(getremoteaddr(), $this->config->ntlmsso_subnet)) { // First, let's remember where we were trying to get to before we got here if (empty($SESSION->wantsurl)) { $SESSION->wantsurl = null; $referer = get_local_referer(false); if ($referer && $referer != $CFG->wwwroot && $referer != $CFG->wwwroot . '/' && $referer != $CFG->httpswwwroot . '/login/' && $referer != $CFG->httpswwwroot . '/login/index.php') { $SESSION->wantsurl = $referer; } } // Now start the whole NTLM machinery. if ($this->config->ntlmsso_ie_fastpath == AUTH_NTLM_FASTPATH_YESATTEMPT || $this->config->ntlmsso_ie_fastpath == AUTH_NTLM_FASTPATH_YESFORM) { if (core_useragent::is_ie()) { $sesskey = sesskey(); redirect($CFG->wwwroot . '/auth/ldap/ntlmsso_magic.php?sesskey=' . $sesskey); } else { if ($this->config->ntlmsso_ie_fastpath == AUTH_NTLM_FASTPATH_YESFORM) { redirect($CFG->httpswwwroot . '/login/index.php?authldap_skipntlmsso=1'); } } } redirect($CFG->wwwroot . '/auth/ldap/ntlmsso_attempt.php'); } // No NTLM SSO, Use the normal login page instead. // If $SESSION->wantsurl is empty and we have a 'Referer:' header, the login // page insists on redirecting us to that page after user validation. If // we clicked on the redirect link at the ntlmsso_finish.php page (instead // of waiting for the redirection to happen) then we have a 'Referer:' header // we don't want to use at all. As we can't get rid of it, just point // $SESSION->wantsurl to $CFG->wwwroot (after all, we came from there). if (empty($SESSION->wantsurl) && get_local_referer() == $CFG->httpswwwroot . '/auth/ldap/ntlmsso_finish.php') { $SESSION->wantsurl = $CFG->wwwroot; } }
if (!($cm = get_coursemodule_from_instance("forum", $forum->id, $course->id))) { print_error('invalidcoursemodule'); } require_login($course, false, $cm); $returnpageurl = new moodle_url('/mod/forum/' . $returnpage, array('id' => $course->id, 'f' => $forum->id)); $returnto = forum_go_back_to($returnpageurl); if (!forum_tp_can_track_forums($forum)) { redirect($returnto); } $info = new stdClass(); $info->name = fullname($USER); $info->forum = format_string($forum->name); $eventparams = array('context' => context_module::instance($cm->id), 'relateduserid' => $USER->id, 'other' => array('forumid' => $forum->id)); if (forum_tp_is_tracked($forum)) { if (forum_tp_stop_tracking($forum->id)) { $event = \mod_forum\event\readtracking_disabled::create($eventparams); $event->trigger(); redirect($returnto, get_string("nownottracking", "forum", $info), 1); } else { print_error('cannottrack', '', get_local_referer(false)); } } else { // subscribe if (forum_tp_start_tracking($forum->id)) { $event = \mod_forum\event\readtracking_enabled::create($eventparams); $event->trigger(); redirect($returnto, get_string("nowtracking", "forum", $info), 1); } else { print_error('cannottrack', '', get_local_referer(false)); } }
/** * Initialise $_SESSION, handles google access * and sets up not-logged-in user properly. * * WARNING: $USER and $SESSION are set up later, do not use them yet! * * @param bool $newsid is this a new session in first http request? */ protected static function initialise_user_session($newsid) { global $CFG, $DB; $sid = session_id(); if (!$sid) { // No session, very weird. error_log('Missing session ID, session not started!'); self::init_empty_session(); return; } if (!($record = $DB->get_record('sessions', array('sid' => $sid), 'id, sid, state, userid, lastip, timecreated, timemodified'))) { if (!$newsid) { if (!empty($_SESSION['USER']->id)) { // This should not happen, just log it, we MUST not produce any output here! error_log("Cannot find session record {$sid} for user " . $_SESSION['USER']->id . ", creating new session."); } // Prevent session fixation attacks. session_regenerate_id(true); } $_SESSION = array(); } unset($sid); if (isset($_SESSION['USER']->id)) { if (!empty($_SESSION['USER']->realuser)) { $userid = $_SESSION['USER']->realuser; } else { $userid = $_SESSION['USER']->id; } // Verify timeout first. $maxlifetime = $CFG->sessiontimeout; $timeout = false; if (isguestuser($userid) or empty($userid)) { // Ignore guest and not-logged in timeouts, there is very little risk here. $timeout = false; } else { if ($record->timemodified < time() - $maxlifetime) { $timeout = true; $authsequence = get_enabled_auth_plugins(); // Auths, in sequence. foreach ($authsequence as $authname) { $authplugin = get_auth_plugin($authname); if ($authplugin->ignore_timeout_hook($_SESSION['USER'], $record->sid, $record->timecreated, $record->timemodified)) { $timeout = false; break; } } } } if ($timeout) { session_regenerate_id(true); $_SESSION = array(); $DB->delete_records('sessions', array('id' => $record->id)); } else { // Update session tracking record. $update = new \stdClass(); $updated = false; if ($record->userid != $userid) { $update->userid = $record->userid = $userid; $updated = true; } $ip = getremoteaddr(); if ($record->lastip != $ip) { $update->lastip = $record->lastip = $ip; $updated = true; } $updatefreq = empty($CFG->session_update_timemodified_frequency) ? 20 : $CFG->session_update_timemodified_frequency; if ($record->timemodified == $record->timecreated) { // Always do first update of existing record. $update->timemodified = $record->timemodified = time(); $updated = true; } else { if ($record->timemodified < time() - $updatefreq) { // Update the session modified flag only once every 20 seconds. $update->timemodified = $record->timemodified = time(); $updated = true; } } if ($updated) { $update->id = $record->id; $DB->update_record('sessions', $update); } return; } } else { if ($record) { // This happens when people switch session handlers... session_regenerate_id(true); $_SESSION = array(); $DB->delete_records('sessions', array('id' => $record->id)); } } unset($record); $timedout = false; if (!isset($_SESSION['SESSION'])) { $_SESSION['SESSION'] = new \stdClass(); if (!$newsid) { $timedout = true; } } $user = null; if (!empty($CFG->opentogoogle)) { if (\core_useragent::is_web_crawler()) { $user = guest_user(); } $referer = get_local_referer(false); if (!empty($CFG->guestloginbutton) and !$user and !empty($referer)) { // Automatically log in users coming from search engine results. if (strpos($referer, 'google') !== false) { $user = guest_user(); } else { if (strpos($referer, 'altavista') !== false) { $user = guest_user(); } } } } // Setup $USER and insert the session tracking record. if ($user) { self::set_user($user); self::add_session_record($user->id); } else { self::init_empty_session(); self::add_session_record(0); } if ($timedout) { $_SESSION['SESSION']->has_timed_out = true; } }
/** * Outputs an error message for any guests accessing the quiz * * @param int $course The course ID * @param array $quiz Array contingin quiz data * @param int $cm Course Module ID * @param int $context The page contect ID * @param array $messages Array containing any messages */ public function view_page_guest($course, $quiz, $cm, $context, $messages) { $output = ''; $output .= $this->view_information($quiz, $cm, $context, $messages); $guestno = html_writer::tag('p', get_string('guestsno', 'quiz')); $liketologin = html_writer::tag('p', get_string('liketologin')); $referer = get_local_referer(false); $output .= $this->confirm($guestno . "\n\n" . $liketologin . "\n", get_login_url(), $referer); return $output; }
} } else { if (\mod_twf\subscriptions::unsubscribe_user_from_discussion($user->id, $discussion, $context)) { $info->discussion = $discussion->name; redirect($returnto, get_string("discussionnownotsubscribed", "twf", $info), 1); } else { print_error('cannotunsubscribe', 'twf', get_local_referer(false)); } } } else { // subscribe if (\mod_twf\subscriptions::subscription_disabled($twf) && !has_capability('mod/twf:managesubscriptions', $context)) { print_error('disallowsubscribe', 'twf', get_local_referer(false)); } if (!has_capability('mod/twf:viewdiscussion', $context)) { print_error('noviewdiscussionspermission', 'twf', get_local_referer(false)); } if (is_null($sesskey)) { // We came here via link in email. $PAGE->set_title($course->shortname); $PAGE->set_heading($course->fullname); echo $OUTPUT->header(); $viewurl = new moodle_url('/mod/twf/view.php', array('f' => $id)); if ($discussionid) { $a = new stdClass(); $a->twf = format_string($twf->name); $a->discussion = format_string($discussion->name); echo $OUTPUT->confirm(get_string('confirmsubscribediscussion', 'twf', $a), $PAGE->url, $viewurl); } else { echo $OUTPUT->confirm(get_string('confirmsubscribe', 'twf', format_string($twf->name)), $PAGE->url, $viewurl); }
} redirect($destination); // Bye! } $PAGE->set_title($course->shortname); $PAGE->set_heading($course->fullname); $PAGE->navbar->add(get_string('enrolmentoptions', 'enrol')); echo $OUTPUT->header(); echo $OUTPUT->heading(get_string('enrolmentoptions', 'enrol')); $courserenderer = $PAGE->get_renderer('core', 'course'); echo $courserenderer->course_info_box($course); //TODO: find if future enrolments present and display some info foreach ($forms as $form) { echo $form; } if (!$forms) { if (isguestuser()) { notice(get_string('noguestaccess', 'enrol'), get_login_url()); } else { if ($returnurl) { notice(get_string('notenrollable', 'enrol'), $returnurl); } else { $url = get_local_referer(false); if (empty($url)) { $url = new moodle_url('/index.php'); } notice(get_string('notenrollable', 'enrol'), $url); } } } echo $OUTPUT->footer();
print_error('coursemisconf'); } $PAGE->set_url('/mod/survey/save.php', array('id' => $id)); require_login($course, false, $cm); $context = context_module::instance($cm->id); require_capability('mod/survey:participate', $context); if (!($survey = $DB->get_record("survey", array("id" => $cm->instance)))) { print_error('invalidsurveyid', 'survey'); } $strsurveysaved = get_string('surveysaved', 'survey'); $PAGE->set_title($strsurveysaved); $PAGE->set_heading($course->fullname); echo $OUTPUT->header(); echo $OUTPUT->heading($survey->name); if (survey_already_done($survey->id, $USER->id)) { notice(get_string("alreadysubmitted", "survey"), get_local_referer(false)); exit; } // Sort through the data and arrange it // This is necessary because some of the questions // may have two answers, eg Question 1 -> 1 and P1 $answers = array(); foreach ($formdata as $key => $val) { if ($key != "userid" && $key != "id") { if (substr($key, 0, 1) == "q") { $key = clean_param(substr($key, 1), PARAM_ALPHANUM); // keep everything but the 'q', number or Pnumber } if (substr($key, 0, 1) == "P") { $realkey = (int) substr($key, 1); $answers[$realkey][1] = $val;
public function view() { global $OUTPUT, $CFG; if (!$this->items && $this->canedit()) { redirect(new moodle_url('/mod/checklist/edit.php', array('id' => $this->cm->id))); } if ($this->canupdateown()) { $currenttab = 'view'; } else { if ($this->canpreview()) { $currenttab = 'preview'; } else { if ($this->canviewreports()) { // No editing, but can view reports. redirect(new moodle_url('/mod/checklist/report.php', array('id' => $this->cm->id))); } else { $this->view_header(); if ($CFG->branch >= 30) { $ref = get_local_referer(false); } else { $ref = get_referer(false); } echo $OUTPUT->heading(format_string($this->checklist->name)); echo $OUTPUT->confirm('<p>' . get_string('guestsno', 'checklist') . "</p>\n\n<p>" . get_string('liketologin') . "</p>\n", get_login_url(), $ref); echo $OUTPUT->footer(); die; } $currenttab = ''; } } $this->view_header(); echo $OUTPUT->heading(format_string($this->checklist->name)); $this->view_tabs($currenttab); if ($CFG->version > 2014051200) { // Moodle 2.7+. $params = array('contextid' => $this->context->id, 'objectid' => $this->checklist->id); $event = \mod_checklist\event\course_module_viewed::create($params); $event->trigger(); } else { // Before Moodle 2.7. add_to_log($this->course->id, 'checklist', 'view', "view.php?id={$this->cm->id}", $this->checklist->id, $this->cm->id); } if ($this->canupdateown()) { $this->process_view_actions(); } $this->view_items(); $this->view_footer(); }
$questionnaire->page->add_to_page('message', get_string('noneinuse', 'questionnaire')); } } } } } } } } if ($questionnaire->capabilities->editquestions && !$questionnaire->questions && $questionnaire->is_active()) { $questionnaire->page->add_to_page('complete', '<a href="' . $CFG->wwwroot . htmlspecialchars('/mod/questionnaire/questions.php?' . 'id=' . $questionnaire->cm->id) . '">' . '<strong>' . get_string('addquestions', 'questionnaire') . '</strong></a>'); } if (isguestuser()) { $guestno = html_writer::tag('p', get_string('noteligible', 'questionnaire')); $liketologin = html_writer::tag('p', get_string('liketologin')); $questionnaire->page->add_to_page('guestuser', $questionnaire->renderer->confirm($guestno . "\n\n" . $liketologin . "\n", get_login_url(), get_local_referer(false))); } // Log this course module view. // Needed for the event logging. $context = context_module::instance($questionnaire->cm->id); $anonymous = $questionnaire->respondenttype == 'anonymous'; $event = \mod_questionnaire\event\course_module_viewed::create(array('objectid' => $questionnaire->id, 'anonymous' => $anonymous, 'context' => $context)); $event->trigger(); $usernumresp = $questionnaire->count_submissions($USER->id); if ($questionnaire->capabilities->readownresponses && $usernumresp > 0) { $argstr = 'instance=' . $questionnaire->id . '&user='******'viewyourresponses', 'questionnaire', $usernumresp); } else { $titletext = get_string('yourresponse', 'questionnaire'); $argstr .= '&byresponse=1&action=vresp';
$files = $fs->get_area_files($context->id, 'mod_resource', 'content', 0, 'sortorder DESC, id ASC', false); // TODO: this is not very efficient!! if (count($files) < 1) { resource_print_filenotfound($resource, $cm, $course); die; } else { $file = reset($files); unset($files); } $resource->mainfile = $file->get_filename(); $displaytype = resource_get_final_display_type($resource); if ($displaytype == RESOURCELIB_DISPLAY_OPEN || $displaytype == RESOURCELIB_DISPLAY_DOWNLOAD) { // For 'open' and 'download' links, we always redirect to the content - except // if the user just chose 'save and display' from the form then that would be // confusing if (strpos(get_local_referer(false), 'modedit.php') === false) { $redirect = true; } } // Don't redirect teachers, otherwise they can not access course or module settings. if ($redirect && !course_get_format($course)->has_view_page() && (has_capability('moodle/course:manageactivities', $context) || has_capability('moodle/course:update', context_course::instance($course->id)))) { $redirect = false; } if ($redirect) { // coming from course page or url index page // this redirect trick solves caching problems when tracking views ;-) $path = '/' . $context->id . '/mod_resource/content/' . $resource->revision . $file->get_filepath() . $file->get_filename(); $fullurl = moodle_url::make_file_url('/pluginfile.php', $path, $displaytype == RESOURCELIB_DISPLAY_DOWNLOAD); redirect($fullurl); } switch ($displaytype) {
} } } if ($questionnaire->is_active() && !$questionnaire->questions) { echo '<p>' . get_string('noneinuse', 'questionnaire') . '</p>'; } if ($questionnaire->is_active() && $questionnaire->capabilities->editquestions && !$questionnaire->questions) { // Sanity check. echo '<a href="' . $CFG->wwwroot . htmlspecialchars('/mod/questionnaire/questions.php?' . 'id=' . $questionnaire->cm->id) . '">' . '<strong>' . get_string('addquestions', 'questionnaire') . '</strong></a>'; } echo $OUTPUT->box_end(); if (isguestuser()) { $output = ''; $guestno = html_writer::tag('p', get_string('noteligible', 'questionnaire')); $liketologin = html_writer::tag('p', get_string('liketologin')); $output .= $OUTPUT->confirm($guestno . "\n\n" . $liketologin . "\n", get_login_url(), get_local_referer(false)); echo $output; } // Log this course module view. // Needed for the event logging. $context = context_module::instance($questionnaire->cm->id); $anonymous = $questionnaire->respondenttype == 'anonymous'; $event = \mod_questionnaire\event\course_module_viewed::create(array('objectid' => $questionnaire->id, 'anonymous' => $anonymous, 'context' => $context)); $event->trigger(); $usernumresp = $questionnaire->count_submissions($USER->id); if ($questionnaire->capabilities->readownresponses && $usernumresp > 0) { echo $OUTPUT->box_start('generalbox boxaligncenter boxwidthwide'); $argstr = 'instance=' . $questionnaire->id . '&user='******'viewyourresponses', 'questionnaire', $usernumresp); } else {