diff --git a/blog/edit.php b/blog/edit.php index fadc8adaf2a..ebf4c969b5f 100644 --- a/blog/edit.php +++ b/blog/edit.php @@ -31,8 +31,12 @@ include_once('locallib.php'); $action = required_param('action', PARAM_ALPHA); $id = optional_param('entryid', 0, PARAM_INT); $confirm = optional_param('confirm', 0, PARAM_BOOL); -$modid = optional_param('modid', 0, PARAM_INT); // To associate the entry with a module instance -$courseid = optional_param('courseid', 0, PARAM_INT); // To associate the entry with a course +$modid = optional_param('modid', 0, PARAM_INT); // To associate the entry with a module instance. +$courseid = optional_param('courseid', 0, PARAM_INT); // To associate the entry with a course. + +if ($action == 'edit') { + $id = required_param('entryid', PARAM_INT); +} $PAGE->set_url('/blog/edit.php', array('action' => $action, 'entryid' => $id, 'confirm' => $confirm, 'modid' => $modid, 'courseid' => $courseid)); @@ -41,6 +45,20 @@ if (!empty($id) && $action == 'add') { $id = null; } +// Blogs are always in system context. +$sitecontext = context_system::instance(); +$PAGE->set_context($sitecontext); + +require_login($courseid); + +if (empty($CFG->enableblogs)) { + print_error('blogdisable', 'blog'); +} + +if (isguestuser()) { + print_error('noguestentry', 'blog'); +} + $returnurl = new moodle_url('/blog/index.php'); if (!empty($courseid) && empty($modid)) { @@ -54,27 +72,8 @@ if (!empty($modid)) { $returnurl->param('courseid', $courseid); } -// Blogs are always in system context. -$sitecontext = context_system::instance(); -$PAGE->set_context($sitecontext); - - $blogheaders = blog_get_headers(); -require_login($courseid); - -if ($action == 'edit') { - $id = required_param('entryid', PARAM_INT); -} - -if (empty($CFG->enableblogs)) { - print_error('blogdisable', 'blog'); -} - -if (isguestuser()) { - print_error('noguestentry', 'blog'); -} - if (!has_capability('moodle/blog:create', $sitecontext) && !has_capability('moodle/blog:manageentries', $sitecontext)) { print_error('cannoteditentryorblog'); } diff --git a/blog/index.php b/blog/index.php index 6b3d5db9d31..3fc0abb7933 100644 --- a/blog/index.php +++ b/blog/index.php @@ -34,10 +34,6 @@ foreach ($url_params as $var => $val) { } $PAGE->set_url('/blog/index.php', $url_params); -if (empty($CFG->enableblogs)) { - print_error('blogdisable', 'blog'); -} - //correct tagid if a text tag is provided as a param if (!empty($tag)) { if ($tagrec = $DB->get_record('tag', array('name' => $tag))) { @@ -47,15 +43,6 @@ if (!empty($tag)) { } } -// add courseid if modid or groupid is specified: This is used for navigation and title -if (!empty($modid) && empty($courseid)) { - $courseid = $DB->get_field('course_modules', 'course', array('id'=>$modid)); -} - -if (!empty($groupid) && empty($courseid)) { - $courseid = $DB->get_field('groups', 'courseid', array('id'=>$groupid)); -} - $sitecontext = context_system::instance(); // Blogs are always in system context. $PAGE->set_context($sitecontext); @@ -84,6 +71,19 @@ if ($CFG->bloglevel == BLOG_GLOBAL_LEVEL) { print_error('blogdisable', 'blog'); } +if (empty($CFG->enableblogs)) { + print_error('blogdisable', 'blog'); +} + +// Add courseid if modid or groupid is specified: This is used for navigation and title. +if (!empty($modid) && empty($courseid)) { + $courseid = $DB->get_field('course_modules', 'course', array('id' => $modid)); +} + +if (!empty($groupid) && empty($courseid)) { + $courseid = $DB->get_field('groups', 'courseid', array('id' => $groupid)); +} + if (!$userid && has_capability('moodle/blog:view', $sitecontext) && $CFG->bloglevel > BLOG_USER_LEVEL) { if ($entryid) { diff --git a/notes/delete.php b/notes/delete.php index 21b0f99c040..573d068d961 100644 --- a/notes/delete.php +++ b/notes/delete.php @@ -18,14 +18,17 @@ if (!$course = $DB->get_record('course', array('id'=>$note->courseid))) { print_error('invalidcourseid'); } -// locate user information - if (!$user = $DB->get_record('user', array('id'=>$note->userid))) { - print_error('invaliduserid'); - } - // require login to access notes require_login($course); +if (empty($CFG->enablenotes)) { + print_error('notesdisabled', 'notes'); +} + +if (!$user = $DB->get_record('user', array('id' => $note->userid))) { + print_error('invaliduserid'); +} + // locate context information $context = context_course::instance($course->id); @@ -34,10 +37,6 @@ if (!has_capability('moodle/notes:manage', $context)) { print_error('nopermissiontodelete', 'notes'); } -if (empty($CFG->enablenotes)) { - print_error('notesdisabled', 'notes'); -} - if (data_submitted() && confirm_sesskey()) { //if data was submitted and is valid, then delete note $returnurl = $CFG->wwwroot . '/notes/index.php?course=' . $course->id . '&user=' . $note->userid; diff --git a/notes/edit.php b/notes/edit.php index 32d3c02120c..be9ed29978f 100644 --- a/notes/edit.php +++ b/notes/edit.php @@ -41,20 +41,19 @@ if (!$course = $DB->get_record('course', array('id'=>$note->courseid))) { print_error('invalidcourseid'); } -/// locate user information -if (!$user = $DB->get_record('user', array('id'=>$note->userid))) { - print_error('invaliduserid'); -} - /// require login to access notes require_login($course); +if (empty($CFG->enablenotes)) { + print_error('notesdisabled', 'notes'); +} + /// locate context information $context = context_course::instance($course->id); require_capability('moodle/notes:manage', $context); -if (empty($CFG->enablenotes)) { - print_error('notesdisabled', 'notes'); +if (!$user = $DB->get_record('user', array('id' => $note->userid))) { + print_error('invaliduserid'); } /// create form