/** * Add url instance. * @param object $data * @param object $mform * @return int new url instance id */ function morsle_add_instance($data, $mform) { global $CFG, $DB, $COURSE, $USER; require_once $CFG->dirroot . '/mod/morsle/locallib.php'; require_once $CFG->dirroot . '/google/lib.php'; require_once $CFG->dirroot . '/blocks/morsle/morsle.php'; require_once $CFG->dirroot . '/repository/morsle/lib.php'; require_once $CFG->dirroot . '/repository/morsle/morsle_class.php'; $username = '******'; $morsle = new morsle_google_auth($username, 'drive'); $morsle->domain = '@luther.edu'; $morsle->useremail = strtolower($COURSE->shortname) . $morsle->domain; $parameters = array(); for ($i = 0; $i < 100; $i++) { $parameter = "parameter_{$i}"; $variable = "variable_{$i}"; if (empty($data->{$parameter}) or empty($data->{$variable})) { continue; } $parameters[$data->{$parameter}] = $data->{$variable}; } $data->parameters = serialize($parameters); $displayoptions = array(); if ($data->display == RESOURCELIB_DISPLAY_POPUP) { $displayoptions['popupwidth'] = $data->popupwidth; $displayoptions['popupheight'] = $data->popupheight; } if (in_array($data->display, array(RESOURCELIB_DISPLAY_AUTO, RESOURCELIB_DISPLAY_EMBED, RESOURCELIB_DISPLAY_FRAME))) { $displayoptions['printheading'] = (int) (!empty($data->printheading)); $displayoptions['printintro'] = (int) (!empty($data->printintro)); } $data->displayoptions = serialize($displayoptions); $data->externalurl = morsle_fix_submitted_url($data->externalurl); // get the docid $docid = get_doc_id($data->externalurl); // get the read-only folder id // $morsle = new repository_morsle(); $title = strtolower($COURSE->shortname) . '-read'; $owner = strtolower($COURSE->shortname) . '@' . $morsle->domain; $collectionid = get_collection($morsle, $title); // share resource with course user // $base_feed = $morsle->docs_feed . $docid . '/acl'; assign_permissions($morsle, $docid, 'writer', $USER->email, $base_feed); // link resource to the read-only folder add_file_tocollection($morsle, $docid, $collectionid); $data->timemodified = time(); $data->id = $DB->insert_record('morsle', $data); return $data->id; }
function validation($data, $files) { // need to fill in name with document title if it wasn't supplied if ($data['name'] == '') { global $CFG, $USER; require_once "{$CFG->dirroot}/google/lib.php"; if (!($CONSUMER_KEY = get_config('morsle', 'consumer_key'))) { exit; } $owner = strtolower($USER->email); // $owner = strtolower($COURSE->shortname . '@' . $CONSUMER_KEY); $id = get_doc_id($data['externalurl']); $properties = retrieve_properties($this->morsle->service, $id); // $feed = get_doc_feed_by_id($this->morsle, $id); // $feed = get_doc_feed_by_name($this->morsle, $data['name']); // $data['name'] = (string) $feed->title; // $this->_form->_submitValues['name'] = $data['name']; } $errors = parent::validation($data, $files); // Validating Entered url, we are looking for obvious problems only, // teachers are responsible for testing if it actually works. // This is not a security validation!! Teachers are allowed to enter "javascript:alert(666)" for example. // NOTE: do not try to explain the difference between URL and URI, people would be only confused... if (empty($data['externalurl'])) { $errors['externalurl'] = get_string('required'); } else { $morsle = trim($data['externalurl']); if (empty($morsle)) { $errors['externalurl'] = get_string('required'); } else { if (preg_match('|^/|', $morsle)) { // links relative to server root are ok - no validation necessary } else { if (preg_match('|^[a-z]+://|i', $morsle) or preg_match('|^https?:|i', $morsle) or preg_match('|^ftp:|i', $morsle)) { // normal URL if (!morsle_appears_valid_url($morsle)) { $errors['externalurl'] = get_string('invalidurl', 'morsle'); } } else { if (preg_match('|^[a-z]+:|i', $morsle)) { // general URI such as teamspeak, mailto, etc. - it may or may not work in all browsers, // we do not validate these at all, sorry } else { // invalid URI, we try to fix it by adding 'http://' prefix, // relative links are NOT allowed because we display the link on different pages! if (!morsle_appears_valid_url('http://' . $morsle)) { $errors['externalurl'] = get_string('invalidurl', 'morsle'); } } } } } } return $errors; }