MDL-39207 badges: Generate badge assertions using user's backpack email if it is set

lang/en/badges.php

@@ -86,7 +86,9 @@ $string['backpackconnection_help'] = 'This page allows you to set up connection
 Currently, only <a href="http://backpack.openbadges.org">Mozilla OpenBadges Backpack</a> is supported. You need to sign up for a backpack service before trying to set up backpack connection on this page.';
 $string['backpackdetails'] = 'Backpack settings';
 $string['backpackemail'] = 'Email address';
-$string['backpackemail_help'] = 'Email address associated with your backpack';
+$string['backpackemail_help'] = 'Email address associated with your backpack.
+
+If backpack connection is established, this email address is used instead of your internal email address to push badges to your backpack.';
 $string['backpackimport'] = 'Badge import settings';
 $string['backpackimport_help'] = 'After backpack connection is successfully established, badges from your backpack can be displayed on your "My Badges" page and your profile page.
 
@@ -100,7 +102,7 @@ To add a new image, browse and select an image (in JPG or PNG format) then click
 $string['badgeprivacysetting'] = 'Badge privacy settings';
 $string['badgeprivacysetting_help'] = 'Badges you earn can be displayed on your account profile page. This setting allows you to automatically set visibility of the newly earned badges.
 
-You can still control individual badge privacy settings on your <a href="mybadges.php">My badges</a> page.';
+You can still control individual badge privacy settings on your "My badges" page.';
 $string['badgeprivacysetting_str'] = 'Automatically show badges I earn on my profile page';
 $string['badgesalt'] = 'Salt for hashing the recepient\'s email address';
 $string['badgesalt_desc'] = 'Using a hash allows backpack services to confirm the badge earner without having to expose their email address. This setting should only use numbers and letters.';

lib/badgeslib.php

@@ -836,14 +836,17 @@ function badges_get_issued_badge_info($hash) {
                 bi.dateissued,
                 bi.dateexpire,
                 u.email,
-                b.*
+                b.*,
+                bb.email as backpackemail
             FROM
-                {badge} b,
+                {badge} b
-                {badge_issued} bi,
+                JOIN {badge_issued} bi
-                {user} u
+                    ON b.id = bi.badgeid
-            WHERE b.id = bi.badgeid
+                JOIN {user} u
-                AND u.id = bi.userid
+                    ON u.id = bi.userid
-                AND ' . $DB->sql_compare_text('bi.uniquehash', 40) . ' = ' . $DB->sql_compare_text(':hash', 40),
+                LEFT JOIN {badge_backpack} bb
+                    ON bb.userid = bi.userid
+            WHERE ' . $DB->sql_compare_text('bi.uniquehash', 40) . ' = ' . $DB->sql_compare_text(':hash', 40),
             array('hash' => $hash), IGNORE_MISSING);
 
     if ($record) {
@@ -854,11 +857,11 @@ function badges_get_issued_badge_info($hash) {
         }
 
         $url = new moodle_url('/badges/badge.php', array('hash' => $hash));
+        $email = empty($record->backpackemail) ? $record->email : $record->backpackemail;
 
         // Recipient's email is hashed: <algorithm>$<hash(email + salt)>.
-        $badgesalt = isset($CFG->badgesalt) ? $CFG->badgesalt : '';
+        $a['recipient'] = 'sha256$' . hash('sha256', $email . $CFG->badges_badgesalt);
-        $a['recipient'] = 'sha256$' . hash('sha256', $record->email . $badgesalt);
+        $a['salt'] = $CFG->badges_badgesalt;
-        $a['salt'] = $badgesalt;
 
         if ($record->dateexpire) {
             $a['expires'] = date('Y-m-d', $record->dateexpire);