public static function render_instance(BlockInstance $instance, $editing = false)
{
$userid = $instance->get_view()->get('owner');
if (!$userid) {
return '';
}
$smarty = smarty_core();
// Get viewable views
$views = array();
if ($allviews = get_records_select_array('view', "\"owner\" = ? AND type NOT IN ('profile', 'dashboard')", array($userid))) {
foreach ($allviews as $view) {
if (can_view_view($view->id)) {
$views[$view->id] = $view;
$view->artefacts = array();
}
}
}
if ($views) {
$viewidlist = implode(', ', array_map(create_function('$a', 'return (int)$a->id;'), $views));
$artefacts = get_records_sql_array('SELECT va.view, va.artefact, a.title, a.artefacttype, t.plugin
FROM {view_artefact} va
INNER JOIN {artefact} a ON va.artefact = a.id
INNER JOIN {artefact_installed_type} t ON a.artefacttype = t.name
WHERE va.view IN (' . $viewidlist . ')
GROUP BY 1, 2, 3, 4, 5
ORDER BY a.title, va.artefact', '');
if ($artefacts) {
foreach ($artefacts as $artefactrec) {
safe_require('artefact', $artefactrec->plugin);
// Perhaps I shouldn't have to construct the entire
// artefact object to render the name properly.
$classname = generate_artefact_class_name($artefactrec->artefacttype);
$artefactobj = new $classname(0, array('title' => $artefactrec->title));
$artefactobj->set('dirty', false);
if (!$artefactobj->in_view_list()) {
continue;
}
$artname = $artefactobj->display_title(30);
if (strlen($artname)) {
$views[$artefactrec->view]->artefacts[] = array('id' => $artefactrec->artefact, 'title' => $artname);
}
}
}
$tags = get_records_select_array('view_tag', 'view IN (' . $viewidlist . ')');
if ($tags) {
foreach ($tags as &$tag) {
$views[$tag->view]->tags[] = $tag->tag;
}
}
}
$smarty->assign('VIEWS', $views);
return $smarty->fetch('blocktype:myviews:myviews.tpl');
}
function can_download_artefact($artefact)
{
global $USER, $viewid;
if ($USER->can_view_artefact($artefact)) {
return true;
} else {
if (artefact_in_view($artefact, $viewid)) {
return can_view_view($viewid);
}
}
$parent = $artefact->get('parent');
while ($parent !== null) {
$parentobj = artefact_instance_from_id($parent);
$parent = $parentobj->get('parent');
if (artefact_in_view($parentobj, $viewid)) {
return can_view_view($viewid);
}
}
return false;
}
}
if (!isset($extradata)) {
$viewid = json_decode(param_variable('viewid'));
$annotationid = json_decode(param_variable('annotationid'));
$artefactid = json_decode(param_variable('artefactid', ''));
$blockid = json_decode(param_variable('blockid'));
$extradata = new stdClass();
$extradata->view = $viewid;
$extradata->artefact = $artefactid;
$extradata->annotation = $annotationid;
$extradata->blockid = $blockid;
}
if (empty($extradata->view) || empty($extradata->annotation) || empty($extradata->blockid)) {
json_reply('local', get_string('annotationinformationerror', 'artefact.annotation'));
}
if (!can_view_view($extradata->view)) {
json_reply('local', get_string('noaccesstoview', 'view'));
}
if (!artefact_in_view($extradata->annotation, $extradata->view)) {
json_reply('local', get_string('accessdenied', 'error'));
}
if (!empty($extradata->artefact) && !artefact_in_view($extradata->artefact, $extradata->view)) {
json_reply('local', get_string('accessdenied', 'error'));
}
if ($ispagination) {
// This is not really working yet. Need to do more work on artefact/artefact.php
$options = ArtefactTypeAnnotationfeedback::get_annotation_feedback_options();
$options->limit = $limit;
$options->offset = $offset;
$options->view = $extradata->view;
$options->annotation = $extradata->annotation;
set_cookie('mviewaccess:' . $viewid, $mnettoken);
}
} else {
if ($usertoken) {
if (!($viewid = get_view_from_token($usertoken, true))) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
}
if ($usertoken != get_cookie('mviewaccess:' . $viewid)) {
set_cookie('mviewaccess:' . $viewid, $usertoken);
}
} else {
$viewid = param_integer('id');
}
}
$new = param_boolean('new');
if (!can_view_view($viewid, null, $usertoken, $mnettoken)) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
}
$view = new View($viewid);
$group = $view->get('group');
$title = $view->get('title');
define('TITLE', $title);
$submittedgroup = (int) $view->get('submittedgroup');
if ($USER->is_logged_in() && $submittedgroup && group_user_can_assess_submitted_views($submittedgroup, $USER->get('id'))) {
// The user is a tutor of the group that this view has
// been submitted to, and is entitled to release the view, and to
// upload an additional file when submitting feedback.
$submittedgroup = get_record('group', 'id', $submittedgroup);
$releaseform = pieform(array('name' => 'releaseview', 'method' => 'post', 'plugintype' => 'core', 'pluginname' => 'view', 'autofocus' => false, 'elements' => array('submittedview' => array('type' => 'html', 'value' => get_string('viewsubmittedtogroup', 'view', get_config('wwwroot') . 'group/view.php?id=' . $submittedgroup->id, $submittedgroup->name)), 'submit' => array('type' => 'submit', 'value' => get_string('releaseview', 'group')))));
$allowattachments = true;
} else {
/**
* returns all submissions to a given group id
*/
define('INTERNAL', 1);
define('JSON', 1);
require dirname(dirname(dirname(__FILE__))) . '/init.php';
safe_require('blocktype', 'groupviews');
require_once get_config('libroot') . 'view.php';
require_once get_config('libroot') . 'group.php';
require_once get_config('libroot') . 'pieforms/pieform.php';
$offset = param_integer('offset', 0);
$groupid = param_integer('group');
$editing = param_boolean('editing', false);
$group_homepage_view = group_get_homepage_view($groupid);
$bi = group_get_homepage_view_groupview_block($groupid);
if (!can_view_view($group_homepage_view) || !group_user_can_assess_submitted_views($groupid, $USER->get('id'))) {
json_reply(true, get_string('accessdenied', 'error'));
}
$configdata = $bi->get('configdata');
$limit = isset($configdata['count']) ? intval($configdata['count']) : 5;
$limit = $limit > 0 ? $limit : 5;
if (!isset($configdata['sortsubmittedby']) || $configdata['sortsubmittedby'] == PluginBlocktypeGroupViews::SORTBY_TITLE) {
$sortsubmittedby = 'c.name, v.title';
} else {
$sortsubmittedby = 'c.submittedtime DESC, v.submittedtime DESC';
}
list($collections, $views) = View::get_views_and_collections(null, null, null, null, false, $groupid, $sortsubmittedby);
$allsubmitted = array_merge(array_values($collections), array_values($views));
$allsubmitted = array('data' => array_slice($allsubmitted, $offset, $limit), 'count' => count($allsubmitted), 'limit' => $limit, 'offset' => $offset);
if (!empty($configdata['showsubmitted'])) {
$baseurl = $group_homepage_view->get_url();
/**
* Creates a View for the given user, based off a given template and other
* View information supplied.
*
* Will set a default title of 'Copy of $viewtitle' if title is not
* specified in $viewdata.
*
* @param array $viewdata See View::_create
* @param int $templateid The ID of the View to copy
* @param int $userid The user who has issued the command to create the
* view. See View::_create
* @param int $checkaccess Whether to check that the user can see the view before copying it
* @return array A list consisting of the new view, the template view and
* information about the copy - i.e. how many blocks and
* artefacts were copied
* @throws SystemException under various circumstances, see the source for
* more information
*/
public static function create_from_template($viewdata, $templateid, $userid = null, $checkaccess = true)
{
if (is_null($userid)) {
global $USER;
$userid = $USER->get('id');
}
$user = new User();
$user->find_by_id($userid);
db_begin();
$template = new View($templateid);
if ($template->get('deleted')) {
throw new SystemException("View::create_from_template: This template has been deleted");
}
if (!$template->get('template') && !$user->can_edit_view($template)) {
throw new SystemException("View::create_from_template: Attempting to create a View from another View that is not marked as a template");
} else {
if ($checkaccess && !can_view_view($templateid, $userid)) {
throw new SystemException("View::create_from_template: User {$userid} is not permitted to copy View {$templateid}");
}
}
$view = self::_create($viewdata, $userid);
// Set a default title if one wasn't set
if (!isset($viewdata['title'])) {
$view->set('title', self::new_title(get_string('Copyof', 'mahara', $template->get('title')), (object) $viewdata));
$view->set('dirty', true);
}
try {
$copystatus = $view->copy_contents($template);
} catch (QuotaExceededException $e) {
db_rollback();
return array(null, $template, array('quotaexceeded' => true));
}
$view->commit();
db_commit();
return array($view, $template, $copystatus);
}
<?php
/**
*
* @package mahara
* @subpackage blocktype
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
define('INTERNAL', 1);
define('PUBLIC', 1);
require dirname(dirname(__FILE__)) . '/init.php';
require $CFG->docroot . '/blocktype/lib.php';
// Close the session to prevent session locking.
session_write_close();
$blockid = param_integer('blockid');
$block = new BlockInstance($blockid);
if (!can_view_view($block->get('view'))) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
}
safe_require_plugin('blocktype', $block->get('blocktype'));
echo call_static_method(generate_class_name('blocktype', $block->get('blocktype')), 'render_instance', $block);
/**
* returns shared views in a given group id
*/
define('INTERNAL', 1);
define('JSON', 1);
require dirname(dirname(dirname(__FILE__))) . '/init.php';
safe_require('blocktype', 'groupviews');
require_once get_config('libroot') . 'view.php';
require_once get_config('libroot') . 'group.php';
require_once get_config('libroot') . 'pieforms/pieform.php';
$offset = param_integer('offset', 0);
$groupid = param_integer('group');
$editing = param_boolean('editing', false);
$group_homepage_view = group_get_homepage_view($groupid);
$bi = group_get_homepage_view_groupview_block($groupid);
if (!can_view_view($group_homepage_view)) {
json_reply(true, get_string('accessdenied', 'error'));
}
$configdata = $bi->get('configdata');
if (!isset($configdata['showsharedviews'])) {
$configdata['showsharedviews'] = 1;
}
$limit = isset($configdata['count']) ? intval($configdata['count']) : 5;
$limit = $limit > 0 ? $limit : 5;
// Find out what order to sort them by (default is titles)
if (!isset($configdata['sortsharedviewsby']) || $configdata['sortsharedviewsby'] == PluginBlocktypeGroupViews::SORTBY_TITLE) {
$sortsharedviewsby = 'v.title';
} else {
$sortsharedviewsby = 'v.mtime DESC';
}
// For group members, display a list of views that others have
/**
* @param array $data Parameters:
* - view (int)
*/
public function __construct($data, $cron)
{
parent::__construct($data, $cron);
require_once 'view.php';
if ($this->viewinfo = new View($this->view)) {
$this->ownerinfo = hsc($this->viewinfo->formatted_owner());
}
if (empty($this->ownerinfo)) {
if (!empty($this->cron)) {
// probably deleted already
return;
}
throw new ViewNotFoundException(get_string('viewnotfound', 'error', $this->view));
}
$viewurl = $this->viewinfo->get_url(false);
// mysql compatibility (sigh...)
$casturl = 'CAST(? AS TEXT)';
if (is_mysql()) {
$casturl = '?';
}
$sql = 'SELECT u.*, p.method, ap.value AS lang, ' . $casturl . ' AS url
FROM {usr_watchlist_view} wv
JOIN {usr} u
ON wv.usr = u.id
LEFT JOIN {usr_activity_preference} p
ON p.usr = u.id
LEFT OUTER JOIN {usr_account_preference} ap
ON (ap.usr = u.id AND ap.field = \'lang\')
WHERE (p.activity = ? OR p.activity IS NULL)
AND wv.view = ?
';
$this->users = get_records_sql_array($sql, array($viewurl, $this->get_id(), $this->view));
// Remove the view from the watchlist of users who can no longer see it
if ($this->users) {
$userstodelete = array();
foreach ($this->users as $k => &$u) {
if (!can_view_view($this->view, $u->id)) {
$userstodelete[] = $u->id;
unset($this->users[$k]);
}
}
if ($userstodelete) {
delete_records_select('usr_watchlist_view', 'view = ? AND usr IN (' . join(',', $userstodelete) . ')', array($this->view));
}
}
$this->add_urltext(array('key' => 'View', 'section' => 'view'));
}
if ($userid == 0) {
redirect();
}
if ($userid == $loggedinid) {
define('MENUITEM', 'profile/view');
}
// Get the user's details
if (!($user = get_record('usr', 'id', $userid, 'deleted', 0))) {
throw new UserNotFoundException("User with id {$userid} not found");
}
$is_friend = is_friend($userid, $loggedinid);
$userobj = new User();
$userobj->find_by_id($userid);
$view = $userobj->get_profile_view();
# access will either be logged in (always) or public as well
if (!$view || !can_view_view($view->get('id'))) {
throw new AccessDeniedException();
}
$name = display_name($user);
define('TITLE', $name);
$smarty = smarty(array('tablerenderer'), array('<link rel="stylesheet" type="text/css" href="' . get_config('wwwroot') . 'theme/views.css">'), array(), array('stylesheets' => array('style/views.css')));
$sql = "SELECT g.*, a.type FROM {group} g JOIN (\nSELECT gm.group, 'invite' AS type\n FROM {group_member_invite} gm WHERE gm.member = ?\nUNION\nSELECT gm.group, 'request' AS type\n FROM {group_member_request} gm WHERE gm.member = ?\nUNION\nSELECT gm.group, gm.role AS type\n FROM {group_member} gm\n WHERE gm.member = ?\n) AS a ON a.group = g.id\nWHERE g.deleted = 0\nORDER BY g.name";
if (!($allusergroups = get_records_sql_assoc($sql, array($userid, $userid, $userid)))) {
$allusergroups = array();
}
if (!empty($loggedinid) && $loggedinid != $userid) {
$invitedlist = array();
// Groups admin'ed by the logged in user that the displayed user has been invited to
$requestedlist = array();
// Groups admin'ed by the logged in user that the displayed user has requested membership of
// Get the logged in user's "invite only" groups
/**
* @param array $data Parameters:
* - view (int)
*/
public function __construct($data, $cron)
{
parent::__construct($data, $cron);
//$oldsubject = $this->subject;
if (!($this->viewinfo = get_record_sql('SELECT u.*, v.title FROM {usr} u
JOIN {view} v ON v.owner = u.id
WHERE v.id = ?', array($this->view)))) {
if (!empty($this->cron)) {
// probably deleted already
return;
}
throw new ViewNotFoundException(get_string('viewnotfound', 'error', $this->view));
}
// mysql compatibility (sigh...)
$casturl = 'CAST(? AS TEXT)';
if (get_config('dbtype') == 'mysql') {
$casturl = 'CAST(? AS CHAR)';
// note, NOT varchar
}
$sql = 'SELECT u.*, p.method, ap.value AS lang, ' . $casturl . ' AS url
FROM {usr_watchlist_view} wv
JOIN {usr} u
ON wv.usr = u.id
LEFT JOIN {usr_activity_preference} p
ON p.usr = u.id
LEFT OUTER JOIN {usr_account_preference} ap
ON (ap.usr = u.id AND ap.field = \'lang\')
WHERE (p.activity = ? OR p.activity IS NULL)
AND wv.view = ?
';
$this->users = get_records_sql_array($sql, array(get_config('wwwroot') . 'view/view.php?id=' . $this->view, $this->get_id(), $this->view));
// Remove the view from the watchlist of users who can no longer see it
if ($this->users) {
$userstodelete = array();
foreach ($this->users as $k => &$u) {
if (!can_view_view($this->view, $u->id)) {
$userstodelete[] = $u->id;
unset($this->users[$k]);
}
}
if ($userstodelete) {
delete_records_select('usr_watchlist_view', 'view = ? AND usr IN (' . join(',', $userstodelete) . ')', array($this->view));
}
}
$this->add_urltext(array('key' => 'View', 'section' => 'view'));
}
}
// Get the user's details
if (!($user = get_record('usr', 'id', $userid, 'deleted', 0))) {
throw new UserNotFoundException("User with id {$userid} not found");
}
$is_friend = is_friend($userid, $loggedinid);
if ($loggedinid == $userid) {
$view = $USER->get_profile_view();
} else {
$userobj = new User();
$userobj->find_by_id($userid);
$view = $userobj->get_profile_view();
}
$viewid = $view->get('id');
# access will either be logged in (always) or public as well
if (!$view || !can_view_view($viewid)) {
throw new AccessDeniedException(get_string('youcannotviewthisusersprofile', 'error'));
}
// Set up theme
$viewtheme = $view->get('theme');
if ($viewtheme && $THEME->basename != $viewtheme) {
$THEME = new Theme($viewtheme);
}
$stylesheets = array('<link rel="stylesheet" type="text/css" href="' . get_config('wwwroot') . 'theme/views.css">');
$name = display_name($user);
define('TITLE', $name);
$smarty = smarty(array('paginator', 'lib/pieforms/static/core/pieforms.js', 'artefact/resume/resumeshowhide.js'), $stylesheets, array(), array('stylesheets' => array('style/views.css'), 'sidebars' => false));
$sql = "SELECT g.*, a.type FROM {group} g JOIN (\nSELECT gm.group, 'invite' AS type\n FROM {group_member_invite} gm WHERE gm.member = ?\nUNION\nSELECT gm.group, 'request' AS type\n FROM {group_member_request} gm WHERE gm.member = ?\nUNION\nSELECT gm.group, gm.role AS type\n FROM {group_member} gm\n WHERE gm.member = ?\n) AS a ON a.group = g.id\nWHERE g.deleted = 0\nORDER BY g.name";
if (!($allusergroups = get_records_sql_assoc($sql, array($userid, $userid, $userid)))) {
$allusergroups = array();
}
public function render_self($options)
{
global $USER;
$suffix = '_' . substr(md5(microtime()), 0, 4);
$smarty = smarty_core();
$smarty->assign('hidetitle', true);
$smarty->assign('suffix', $suffix);
$type = $this->get('artefacttype');
$othertable = 'artefact_resume_' . $type;
$owner = $USER->get('id');
$sql = 'SELECT ar.*, a.owner
FROM {artefact} a
JOIN {' . $othertable . '} ar ON ar.artefact = a.id
WHERE a.owner = ? AND a.artefacttype = ?
ORDER BY ar.displayorder';
if (!empty($options['viewid'])) {
if (!can_view_view($options['viewid'])) {
throw new AccessDeniedException();
}
require_once 'view.php';
$v = new View($options['viewid']);
$owner = $v->get('owner');
}
if (!($data = get_records_sql_array($sql, array($owner, $type)))) {
$data = array();
}
// Give the artefact type a chance to format the data how it sees fit
$data = call_static_method(generate_artefact_class_name($type), 'format_render_self_data', $data);
$smarty->assign('rows', $data);
$content = array('html' => $smarty->fetch('artefact:resume:fragments/' . $type . '.tpl'), 'javascript' => $this->get_showhide_composite_js());
return $content;
}
}
$viewid = $view->get('id');
} else {
$viewid = param_integer('id');
}
}
}
$new = param_boolean('new');
$showmore = param_boolean('showmore');
if (!$showmore) {
$showmore = 0;
}
if (!isset($view)) {
$view = new View($viewid);
}
if (!can_view_view($view)) {
$errorstr = param_integer('objection', null) ? get_string('accessdeniedobjection', 'error') : get_string('accessdenied', 'error');
throw new AccessDeniedException($errorstr);
} else {
// To save the atime in the db - make it a millisecond in the past
// so it differs from the atime in the View constructor and so triggers
// the saving of the atime change. Can't use $view->set('dirty', true)
// as that will also get the view object to update the mtime which is not
// what we want.
$view->set('atime', time() - 1);
$view->commit();
}
// Feedback list pagination requires limit/offset params
$limit = param_integer('limit', 10);
$offset = param_integer('offset', 0);
$showcomment = param_integer('showcomment', null);
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @package mahara
* @subpackage core
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL
* @copyright (C) 2006-2008 Catalyst IT Ltd http://catalyst.net.nz
*
*/
define('INTERNAL', 1);
define('JSON', 1);
require dirname(dirname(__FILE__)) . '/init.php';
require_once get_config('libroot') . 'view.php';
$id = param_integer('id');
if (!can_view_view($id)) {
json_reply('local', get_string('accessdenied', 'error'));
}
$view = new View($id);
$smarty = smarty_core();
$smarty->assign('viewtitle', $view->get('title'));
$smarty->assign('ownername', $view->formatted_owner());
$smarty->assign('viewdescription', $view->get('description'));
$smarty->assign('viewcontent', $view->build_columns());
ob_start();
$smarty->display('view/viewcontent.tpl');
$html = ob_get_contents();
ob_end_clean();
json_reply(false, array('message' => null, 'html' => $html));
public function display_author()
{
$view = null;
if (!empty($this->owner)) {
$userobj = new User();
$userobj->find_by_id($this->owner);
$view = $userobj->get_profile_view();
// Hide author if profile isn't visible to user
if (!$view || !can_view_view($view)) {
return null;
}
} else {
if (!empty($this->group)) {
$view = group_get_homepage_view($this->group);
// Hide author if profile isn't visible to user
if (!$view || !can_view_view($view)) {
return null;
}
} else {
if (!empty($this->institution)) {
global $USER;
if (!$USER->is_logged_in() || !get_field('institution', 'registerallowed', 'name', $this->institution) && !$USER->in_institution($this->institution) && !$USER->get('admin')) {
return null;
}
}
}
}
$ownername = hsc($this->formatted_owner());
$ownerlink = hsc($this->owner_link());
return get_string('viewauthor', 'view', $ownerlink, $ownername);
}
if ($loggedinid == $userid) {
$view = $USER->get_profile_view();
} else {
$userobj = new User();
$userobj->find_by_id($userid);
$view = $userobj->get_profile_view();
}
# access will either be logged in (always) or public as well
if (!$view) {
// No access, so restrict profile view
throw new AccessDeniedException(get_string('youcannotviewthisusersprofile', 'error'));
}
$viewid = $view->get('id');
// Special behaviour: Logged in users who the page hasn't been shared with, see a special page
// with the user's name, icon, and little else.
$restrictedview = !can_view_view($viewid);
// Logged-out users can't see any details, though
if ($restrictedview && !$USER->is_logged_in()) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
}
if (!$restrictedview) {
$viewcontent = $view->build_rows();
// Build content before initialising smarty in case pieform elements define headers.
}
$javascript = array('paginator', 'lib/pieforms/static/core/pieforms.js');
$blocktype_js = $view->get_all_blocktype_javascript();
$javascript = array_merge($javascript, $blocktype_js['jsfiles']);
$inlinejs = "addLoadEvent( function() {\n" . join("\n", $blocktype_js['initjs']) . "\n});";
// Set up theme
$viewtheme = $view->get('theme');
if ($viewtheme && $THEME->basename != $viewtheme) {
function add_annotation_feedback_form_validate(Pieform $form, $values)
{
require_once get_config('libroot') . 'antispam.php';
if ($form->get_property('spam')) {
$spamtrap = new_spam_trap(array(array('type' => 'body', 'value' => $values['message'])));
if ($form->spam_error() || $spamtrap->is_spam()) {
$msg = get_string('formerror');
$emailcontact = get_config('emailcontact');
if (!empty($emailcontact)) {
$msg .= ' ' . get_string('formerroremail', 'mahara', $emailcontact, $emailcontact);
}
$form->set_error('message', $msg);
}
}
// Make sure that the user has not manipulated the ids.
if (empty($values['artefactid']) && empty($values['viewid'])) {
// One of them must have data.
$form->set_error('message', get_string('invalidannotationfeedbacklinkerror', 'artefact.annotation'));
}
if (empty($values['annotationid'])) {
$form->set_error('message', get_string('annotationinformationerror', 'artefact.annotation'));
}
if (!empty($values['viewid']) && !can_view_view($values['viewid'])) {
// The user does not access to this view.
$form->set_error('message', get_string('noaccesstoview', 'view'));
}
if (!empty($values['viewid']) && !artefact_in_view($values['annotationid'], $values['viewid'])) {
// The annotation is not on the view.
$form->set_error('message', get_string('accessdenied', 'error'));
}
if (!empty($values['artefactid']) && !empty($values['viewid']) && !artefact_in_view($values['artefactid'], $values['viewid'])) {
// The artefact is not on the view.
$form->set_error('message', get_string('accessdenied', 'error'));
}
if (empty($values['message'])) {
$form->set_error('message', get_string('annotationfeedbackempty', 'artefact.annotation'));
}
$result = probation_validate_content($values['message']);
if ($result !== true) {
$form->set_error('message', get_string('newuserscantpostlinksorimages'));
}
}
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @package mahara
* @subpackage core
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL
* @copyright (C) 2006-2009 Catalyst IT Ltd http://catalyst.net.nz
*
*/
define('INTERNAL', 1);
define('JSON', 1);
require dirname(dirname(__FILE__)) . '/init.php';
require_once get_config('docroot') . 'blocktype/lib.php';
$bi = new BlockInstance(param_integer('id'));
safe_require('blocktype', $bi->get('blocktype'));
if (!can_view_view($bi->get('view'))) {
json_reply('local', get_string('accessdenied', 'error'));
}
$content = call_static_method(generate_class_name('blocktype', $bi->get('blocktype')), 'render_instance', $bi, true);
json_reply(false, array('message' => false, 'data' => $content));
* @copyright (C) 2006-2008 Catalyst IT Ltd http://catalyst.net.nz
*
*/
define('INTERNAL', 1);
define('JSON', 1);
define('PUBLIC', 1);
require dirname(dirname(dirname(dirname(__FILE__)))) . '/init.php';
safe_require('artefact', 'blog');
json_headers();
$id = param_integer('id');
$limit = param_integer('limit', ArtefactTypeBlog::pagination);
$offset = param_integer('offset', 0);
$options = json_decode(param_variable('options'));
$viewid = isset($options->viewid) ? $options->viewid : null;
if ($viewid) {
if (!can_view_view($viewid)) {
throw new AccessDeniedException();
}
} else {
if (!$USER->is_logged_in()) {
throw new AccessDeniedException();
}
if (!$viewid && get_field('artefact', 'owner', 'id', $id) != $USER->get('id')) {
throw new AccessDeniedException();
}
}
list($count, $data) = ArtefactTypeBlogPost::render_posts(FORMAT_ARTEFACT_RENDERFULL, $options, $id, $limit, $offset);
if (!$count) {
$count = 1;
$data = array(array('content' => get_string('noresults', 'artefact.blog')));
}
*
* @package mahara
* @subpackage blocktype/groupviews
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
/**
* returns shared views in a given group id
*/
define('INTERNAL', 1);
define('JSON', 1);
require dirname(dirname(dirname(__FILE__))) . '/init.php';
safe_require('blocktype', 'myviews');
require_once get_config('libroot') . 'view.php';
require_once get_config('libroot') . 'pieforms/pieform.php';
$offset = param_integer('offset', 0);
$viewid = param_integer('view');
$editing = param_boolean('editing', false);
$dashboard = new View($viewid);
if (!can_view_view($dashboard)) {
json_reply(true, get_string('accessdenied', 'error'));
}
$views = View::view_search(null, null, (object) array('owner' => $userid), null, 10, $offset, true, null, array('portfolio'), null, null, null, null, null, true);
$views = (array) $views;
$baseurl = $dashboard->get_url();
$baseurl .= (strpos($baseurl, '?') === false ? '?' : '&') . 'view=' . $viewid . '&editing=' . $editing;
$pagination = array('baseurl' => $baseurl, 'id' => 'myviews_pagination', 'datatable' => 'myviewlist', 'jsonscript' => 'blocktype/myviews/myviews.json.php', 'resultcounttextsingular' => get_string('view', 'view'), 'resultcounttextplural' => get_string('views', 'view'));
PluginBlocktypeMyViews::render_items($views, 'blocktype:myviews:myviewspaginator.tpl', array(), $pagination);
json_reply(false, array('data' => $views));
