moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-05 08:56:36 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

ROLES AND PERMISSIONS - FIRST CHECK-IN

Browse source 
=======================================

WARNING:  DEV IS CURRENTLY VERY UNSTABLE.

This is a mega-checkin of the new Roles system.   A lot of changes have
been made in core and modules.

Currently there are a lot of rough edges and known problems.  We are
working hard on these .. .the reason for getting this into HEAD at this
stage is enable us to move faster (our branch was diverging from HEAD
too much).

Please keep an eye on http://docs.moodle.org/en/Roles for current status
and information for developers on how to use the new Roles system.
This commit is contained in:
moodler 2006-08-08 05:13:06 +00:00
parent 394577c3e4
commit bbbf2d4015
139 changed files with 40452 additions and 2001 deletions
Download patch file Download diff file Expand all files Collapse all files

276
mod/forum/db/access.php Normal file
View file

@ -0,0 +1,276 @@
<?php
//
// Capability definitions for the forum module.
//
// The capabilities are loaded into the database table when the module is
// installed or updated. Whenever the capability definitions are updated,
// the module version number should be bumped up.
//
// The system has four possible values for a capability:
// CAP_ALLOW, CAP_PREVENT, CAP_PROHIBIT, and inherit (not set).
//
//
// CAPABILITY NAMING CONVENTION
//
// It is important that capability names are unique. The naming convention
// for capabilities that are specific to modules and blocks is as follows:
// [mod/block]/<component_name>:<capabilityname>
//
// component_name should be the same as the directory name of the mod or block.
//
// Core moodle capabilities are defined thus:
// moodle/<capabilityclass>:<capabilityname>
//
// Examples: mod/forum:viewpost
// block/recent_activity:view
// moodle/site:deleteuser
//
// The variable name for the capability definitions array follows the format
// $<componenttype>_<component_name>_capabilities
//
// For the core capabilities, the variable is $moodle_capabilities.
$mod_forum_capabilities = array(
'mod/forum:viewforum' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'guest' => CAP_PREVENT,
'student' => CAP_ALLOW,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
'mod/forum:viewdiscussion' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'guest' => CAP_PREVENT,
'student' => CAP_ALLOW,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
'mod/forum:viewdiscussionsfromallgroups' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'guest' => CAP_PREVENT,
'student' => CAP_PREVENT,
'teacher' => CAP_PREVENT,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
'mod/forum:startdiscussion' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'guest' => CAP_PREVENT,
'student' => CAP_ALLOW,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
'mod/forum:replypost' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'guest' => CAP_PREVENT,
'student' => CAP_ALLOW,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
'mod/forum:viewrating' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'guest' => CAP_PREVENT,
'student' => CAP_ALLOW,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
'mod/forum:viewanyrating' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'guest' => CAP_PREVENT,
'student' => CAP_PREVENT,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
'mod/forum:rate' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'guest' => CAP_PREVENT,
'student' => CAP_PREVENT,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
'mod/forum:createattachment' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'guest' => CAP_PREVENT,
'student' => CAP_ALLOW,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
'mod/forum:deleteownpost' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'guest' => CAP_PREVENT,
'student' => CAP_ALLOW,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
'mod/forum:deleteanypost' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'guest' => CAP_PREVENT,
'student' => CAP_PREVENT,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
'mod/forum:splitdiscussions' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'guest' => CAP_PREVENT,
'student' => CAP_PREVENT,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
'mod/forum:movediscussions' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'guest' => CAP_PREVENT,
'student' => CAP_PREVENT,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
'mod/forum:editanypost' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'guest' => CAP_PREVENT,
'student' => CAP_PREVENT,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
'mod/forum:viewqandawithoutposting' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'guest' => CAP_PREVENT,
'student' => CAP_PREVENT,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
'mod/forum:viewsubscribers' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'guest' => CAP_PREVENT,
'student' => CAP_PREVENT,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
'mod/forum:managesubscriptions' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'guest' => CAP_PREVENT,
'student' => CAP_PREVENT,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
)
);
?>

37
mod/forum/db/mysql.php
View file

@ -223,15 +223,42 @@ function forum_upgrade($oldversion) {
if ($oldversion < 2006011700) {
table_column('forum_posts','','mailnow','integer');
}
if ($oldversion < 2006011702) {
execute_sql("INSERT INTO {$CFG->prefix}log_display (module, action, mtable, field) VALUES ('forum', 'user report', 'user', 'CONCAT(firstname,\' \',lastname)')");
// Upgrades for new roles and capabilities support.
if ($oldversion < 2006011701) {
// forum.open defines what students can do:
// 0 = No discussions, no replies
// 1 = No discussions, but replies are allowed
// 2 = Discussions and replies are allowed
// Delete column forum.open
// forum.assessed defines who can rate posts:
// 1 = Everyone can rate posts
// 2 = Only teachers can rate posts
// Delete column forum.assessed
// forum.assesspublic defines whether students can see everybody's
// ratings:
// 0 = Students can only see their own ratings
// 1 = Students can see everyone's ratings
// Delete column forum.assesspublic
}
return true;
}
?>
?>

1
mod/forum/db/mysql.sql
View file

@ -163,7 +163,6 @@ INSERT INTO prefix_log_display (module, action, mtable, field) VALUES ('forum',
INSERT INTO prefix_log_display (module, action, mtable, field) VALUES ('forum', 'add discussion', 'forum_discussions', 'name');
INSERT INTO prefix_log_display (module, action, mtable, field) VALUES ('forum', 'add post', 'forum_posts', 'subject');
INSERT INTO prefix_log_display (module, action, mtable, field) VALUES ('forum', 'update post', 'forum_posts', 'subject');
INSERT INTO prefix_log_display (module, action, mtable, field) VALUES ('forum', 'user report', 'user', 'CONCAT(firstname,\' \',lastname)');
INSERT INTO prefix_log_display (module, action, mtable, field) VALUES ('forum', 'move discussion', 'forum_discussions', 'name');
INSERT INTO prefix_log_display (module, action, mtable, field) VALUES ('forum', 'view subscribers', 'forum', 'name');
INSERT INTO prefix_log_display (module, action, mtable, field) VALUES ('forum', 'view discussion', 'forum_discussions', 'name');

10
mod/forum/db/postgres7.php
View file

@ -156,7 +156,6 @@ function forum_upgrade($oldversion) {
}
if ($oldversion < 2006011600) {
notify('forum_type does not exists, you can ignore and this will properly removed');
execute_sql("ALTER TABLE {$CFG->prefix}forum DROP CONSTRAINT {$CFG->prefix}forum_type");
execute_sql("ALTER TABLE {$CFG->prefix}forum ADD CONSTRAINT {$CFG->prefix}forum_type CHECK (type IN ('single','news','general','social','eachuser','teacher','qanda')) ");
}
@ -171,15 +170,6 @@ function forum_upgrade($oldversion) {
table_column('forum_posts','','mailnow','integer');
}
if ($oldversion < 2006011701) {
execute_sql("ALTER TABLE {$CFG->prefix}forum DROP CONSTRAINT {$CFG->prefix}forum_type_check");
}
if ($oldversion < 2006011702) {
execute_sql("INSERT INTO {$CFG->prefix}log_display (module, action, mtable, field) VALUES ('forum', 'user report', 'user', 'firstname||\' \'||lastname')");
}
return true;
}

1
mod/forum/db/postgres7.sql
View file

@ -175,7 +175,6 @@ INSERT INTO prefix_log_display (module, action, mtable, field) VALUES ('forum',
INSERT INTO prefix_log_display (module, action, mtable, field) VALUES ('forum', 'add discussion', 'forum_discussions', 'name');
INSERT INTO prefix_log_display (module, action, mtable, field) VALUES ('forum', 'add post', 'forum_posts', 'subject');
INSERT INTO prefix_log_display (module, action, mtable, field) VALUES ('forum', 'update post', 'forum_posts', 'subject');
INSERT INTO prefix_log_display (module, action, mtable, field) VALUES ('forum', 'user report', 'user', 'firstname||\' \'||lastname');
INSERT INTO prefix_log_display (module, action, mtable, field) VALUES ('forum', 'move discussion', 'forum_discussions', 'name');
INSERT INTO prefix_log_display (module, action, mtable, field) VALUES ('forum', 'view subscribers', 'forum', 'name');
INSERT INTO prefix_log_display (module, action, mtable, field) VALUES ('forum', 'view discussion', 'forum_discussions', 'name');

91
mod/forum/discuss.php
View file

@ -25,17 +25,20 @@
notify("Bad forum ID stored in this discussion");
}
if ($forum->type == "teacher") {
require_login($course->id);
if (! $cm = get_coursemodule_from_instance('forum', $forum->id, $course->id)) {
error('Course Module ID was incorrect');
}
$canviewdiscussion = false;
if (!isteacher($course->id)) {
error("You must be a $course->teacher to view this forum");
}
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
if (has_capability('mod/forum:viewdiscussion', $context->id)) {
$canviewdiscussion = true;
}
} elseif ($forum->type == "news") {
if (!((isadmin() and !empty($CFG->admineditalways))
|| isteacher($course->id)
|| (!empty($USER->id) && $USER->id == $discussion->userid)
if ($forum->type == "news") {
if (!($canviewdiscussion || $USER->id == $discussion->userid
|| (($discussion->timestart == 0 || $discussion->timestart <= time())
&& ($discussion->timeend == 0 || $discussion->timeend > time())))) {
error('Discussion ID was incorrect or no longer exists', "$CFG->wwwroot/mod/forum/view.php?f=$forum->id");
@ -50,58 +53,15 @@
if (!empty($move)) {
if (!isteacher($course->id)) {
error("Only teachers can do that!");
if (has_capability('mod/forum:movediscussions', $context->id)) {
error("You do not have the permission to move this discussion!");
}
if ($forum = get_record("forum", "id", $move)) {
if (!forum_move_attachments($discussion, $move)) {
notify("Errors occurred while moving attachment directories - check your file permissions");
}
if (!$fromforum = get_record("forum", "id", $discussion->forum)) {
notify('Bad forum ID stored in this discussion');
}
set_field("forum_discussions", "forum", $forum->id, "id", $discussion->id);
$discussion->forum = $forum->id;
$discussion->timemodified = time();
// Leave behind a skeleton discussion containing only a post which
// notifies that the discussion has been moved.
$skeleton = clone($discussion);
$skeleton->forum = $fromforum->id;
$skeleton->name = addslashes( $skeleton->name . ' ' . get_string('movedmarker', 'forum') );
// Prepare replacement parameters for message content string
// - these create the link to the new discussion location
$link = new stdClass;
$me = strip_querystring(me());
$link->discusshref = $me . '?d=' . $discussion->id;
$link->forumhref = dirname($me) . '/view.php?f=' . $forum->id;
$link->forumname = $forum->name;
// retrieve translateable message content
$skeleton->intro = addslashes( get_string('discussionmovedpost', 'forum', $link) );
$skeleton->format = 1;
$skeleton->mailnow = 0;
// add the skeleton discussion to the database
if (!($skeleton->id = forum_add_discussion($skeleton, $msg))) {
notify('Failed to add discussion-moved notification : '. $msg);
}
if (update_record('forum_discussions', $discussion)) {
// Update RSS feeds for both from and to forums.
require_once('rsslib.php');
require_once($CFG->libdir.'/rsslib.php');
// Delete the RSS files for the 2 forums because we want to force
// the regeneration of the feeds since the discussions have been
// moved.
if (!forum_rss_delete_file($forum) || !forum_rss_delete_file($fromforum)) {
notify('Could not purge the cached RSS feeds for the source and/or'.
'destination forum(s) - check your file permissionsforums');
}
}
if ($cm = get_coursemodule_from_instance("forum", $forum->id, $course->id)) {
add_to_log($course->id, "forum", "move discussion", "discuss.php?d=$discussion->id", "$discussion->id",
$cm->id);
@ -195,9 +155,9 @@
if ($groupmode and !isteacheredit($course->id)) { // Groups must be kept separate
if ($groupmode and !has_capability('mod/forum:viewdiscussionsfromallgroups', $context->id)) { // Groups must be kept separate
//change this to ismember
$mygroupid = mygroupid($course->id);//only useful if 0, otherwise it's an array now
$mygroupid = mygroupid($course->id); //only useful if 0, otherwise it's an array now
if ($groupmode == SEPARATEGROUPS) {
require_login();
@ -212,7 +172,9 @@
}
} else if ($groupmode == VISIBLEGROUPS) {
$canreply = ((empty($mygroupid) and $discussion->groupid == -1) || (ismember($discussion->groupid) || $mygroupid == $discussion->groupid));
$canreply = ( (empty($mygroupid) && $discussion->groupid == -1) ||
(ismember($discussion->groupid) || $mygroupid == $discussion->groupid) &&
has_capability('mod/forum:replypost', $context->id) );
}
}
@ -222,7 +184,7 @@
echo '<table width="100%"><tr><td width="33%">';
if ($groupmode == VISIBLEGROUPS or ($groupmode and isteacheredit($course->id))) {
if ($groupmode == VISIBLEGROUPS or ($groupmode and has_capability('mod/forum:viewdiscussionsfromallgroups', $context->id))) {
if ($groups = get_records_menu('groups', 'courseid', $course->id, 'name ASC', 'id,name')) {
print_group_menu($groups, $groupmode, $discussion->groupid, "view.php?id=$cm->id&amp;group=");
}
@ -232,7 +194,7 @@
forum_print_mode_form($discussion->id, $displaymode);
echo "</td><td width=\"33%\">";
if (isteacher($course->id) && $forum->type != "teacher") { // Popup menu to move discussions to other forums
if (has_capability('mod/forum:movediscussions', $context->id)) { // Popup menu to move discussions to other forums
if ($forums = get_all_instances_in_course("forum", $course)) {
if ($course->format == 'weeks') {
$strsection = get_string("week");
@ -266,7 +228,8 @@
notify(get_string('thisforumisthrottled','forum',$a));
}
if ($forum->type == 'qanda' && !isteacher($forum->course) && !forum_user_has_posted($forum->id,$discussion->id,$USER->id)) {
if ($forum->type == 'qanda' && !has_capability('mod/forum:viewqandawithoutposting', $context->id) &&
!forum_user_has_posted($forum->id,$discussion->id,$USER->id)) {
notify(get_string('qandanotify','forum'));
}
@ -275,9 +238,9 @@
}
/// Print the actual discussion
forum_print_discussion($course, $forum, $discussion, $post, $displaymode, $canreply);
$canrate = has_capability('mod/forum:rate', $context->id);
forum_print_discussion($course, $forum, $discussion, $post, $displaymode, $canreply, $canrate);
print_footer($course);
?>
?>

28
mod/forum/index.php
View file

@ -91,7 +91,9 @@
foreach ($forums as $forum) {
if (!isset($forum->visible)) {
$forum->visible = instance_is_visible("forum", $forum);
if (!$forum->visible and !isteacher($course->id)) {
$cm = get_coursemodule_from_instance("forum", $forum->id, $course->id);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
if (!$forum->visible and !has_capability('moodle/course:viewhiddenactivities', $context->id)) {
if (isset($forum->keyreference)) {
unset($learningforums[$forum->keyreference]);
}
@ -106,12 +108,14 @@
unset($learningforums[$forum->keyreference]);
}
break;
/*
case "teacher":
if (isteacher($course->id)) {
$forum->visible = true;
$generalforums[] = $forum;
}
break;
*/
default:
if (!$course->category or empty($forum->section)) { // Site level or section 0
$generalforums[] = $forum;
@ -153,13 +157,19 @@
if ($generalforums) {
foreach ($generalforums as $forum) {
if (isset($forum->groupmode)) {
$cm = get_coursemodule_from_instance("forum", $forum->id, $course->id);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
if (isset($forum->groupmode)) {
$groupmode = groupmode($course, $forum); /// Can do this because forum->groupmode is defined
} else {
$groupmode = NOGROUPS;
}
if ($groupmode == SEPARATEGROUPS and !isteacheredit($course->id)) {
// this is potentially wrong logic. could possibly check for if user has the right to hmmm
if ($groupmode == SEPARATEGROUPS and !has_capability('mod/forum:viewdiscussionsfromallgroups', $context->id)) {
$count = count_records_select("forum_discussions", "forum = '$forum->id' AND (groupid = '$currentgroup' OR groupid = '-1')");
} else {
$count = count_records("forum_discussions", "forum", "$forum->id");
@ -167,7 +177,7 @@
if ($usetracking) {
if (($forum->trackingtype == FORUM_TRACKING_ON) || !isset($untracked[$forum->id])) {
$groupid = ($groupmode==SEPARATEGROUPS && !isteacheredit($course->id)) ? $currentgroup : false;
$groupid = ($groupmode==SEPARATEGROUPS && !has_capability('mod/forum:viewdiscussionsfromallgroups', $context->id)) ? $currentgroup : false;
$unread = forum_tp_count_forum_unread_posts($USER->id, $forum->id, $groupid);
if ($unread > 0) {
$unreadlink = '<span class="unread"><a href="view.php?f='.$forum->id.'">'.$unread.'</a>';
@ -177,6 +187,7 @@
$unreadlink = '<span class="read"><a href="view.php?f='.$forum->id.'">'.$unread.'</a>';
}
if ($forum->trackingtype == FORUM_TRACKING_OPTIONAL) {
$trackedlink = '<a title="'.$strnotrackforum.'" href="settracking.php?id='.
$forum->id.'">'.$stryes.'</a>';
@ -226,7 +237,7 @@
if (forum_is_forcesubscribed($forum->id)) {
$sublink = $stryes;
} else {
if ($groupmode and !isteacheredit($course->id) and !mygroupid($course->id)) {
if ($groupmode and !has_capability('mod/forum:viewdiscussionsfromallgroups', $context->id) and !mygroupid($course->id)) {
$sublink = $strno; // Can't subscribe to a group forum (not in a group)
$forumlink = format_string($forum->name,true);
} else {
@ -303,11 +314,12 @@
if ($learningforums) {
$currentsection = "";
foreach ($learningforums as $key => $forum) {
$groupmode = groupmode($course, $forum); /// Can do this because forum->groupmode is defined
if ($groupmode == SEPARATEGROUPS and !isteacheredit($course->id)) {
$forum->visible = instance_is_visible("forum", $forum);
$cm = get_coursemodule_from_instance("forum", $forum->id, $course->id);
if ($groupmode == SEPARATEGROUPS and !has_capability('mod/forum:viewdiscussionsfromallgroups', $context->id)) {
$count = count_records("forum_discussions", "forum", "$forum->id", "groupid", $currentgroup);
} else {
$count = count_records("forum_discussions", "forum", "$forum->id");

310
mod/forum/lib.php
View file

@ -81,9 +81,6 @@ if (!isset($CFG->forum_enabletimedposts)) { // Newish feature that is not quit
$CFG->forum_enabletimedposts = false;
}
if (!isset($CFG->forum_enablerssfeeds)) { // Disable forum RSS feeds by default
$CFG->forum_enablerssfeeds = false;
}
/// STANDARD FUNCTIONS ///////////////////////////////////////////////////////////
@ -111,10 +108,6 @@ function forum_add_instance($forum) {
$forum->assesstimefinish = 0;
}
//sanitize given values a bit
$forum->warnafter = clean_param($forum->warnafter, PARAM_INT);
$forum->blockafter = clean_param($forum->blockafter, PARAM_INT);
if (! $forum->id = insert_record('forum', $forum)) {
return false;
}
@ -244,9 +237,7 @@ function forum_cron () {
}
if (!empty($USER->id)) { // Remember real USER account if necessary
$realuser = clone($USER); //PHP5 compatibility
} else {
$realuser = false;
$realuser = $USER;
}
/// Posts older than 2 days will not be mailed. This is to avoid the problem where
@ -1105,48 +1096,95 @@ function forum_get_child_posts($parent, $forumid) {
ORDER BY p.created ASC");
}
/**
* Returns a list of posts found using an array of search terms.
* e.g. word +word -word
* @param $searchterms
* @param $courseid
* @param $page
* @param $recordsperpage=50
* @param &$totalcount
* @param $groupid - either a single groupid or an array of groupids.
* this specifies the groups the search is to be carried
* for. However, please note that, unless the user has
* the capability 'mod/forum:viewdiscussionsfromallgroups',
* we will restrict the search to a subset of groups from
* $groupid. The subset consists of the groups the user
* really is in.
* @param $extrasql
*/
function forum_search_posts($searchterms, $courseid, $page=0, $recordsperpage=50,
&$totalcount, $groupid=0, $extrasql='') {
function forum_search_posts($searchterms, $courseid, $page=0, $recordsperpage=50, &$totalcount, $sepgroups=0, $extrasql='') {
/// Returns a list of posts found using an array of search terms
/// eg word +word -word
///
global $CFG, $USER;
require_once($CFG->libdir.'/searchlib.php');
if (!isteacher($courseid)) {
$notteacherforum = "AND f.type <> 'teacher'";
$forummodule = get_record("modules", "name", "forum");
$onlyvisible = "AND d.forum = f.id AND f.id = cm.instance AND cm.visible = 1 AND cm.module = $forummodule->id";
$onlyvisibletable = ", {$CFG->prefix}course_modules cm, {$CFG->prefix}forum f";
if (!empty($sepgroups)) {
$separategroups = SEPARATEGROUPS;
$selectgroup = " AND ( NOT (cm.groupmode='$separategroups'".
" OR (c.groupmode='$separategroups' AND c.groupmodeforce='1') )";//.
$selectgroup .= " OR d.groupid = '-1'"; //search inside discussions for all groups too
foreach ($sepgroups as $sepgroup){
$selectgroup .= " OR d.groupid = '$sepgroup->id'";
}
$selectgroup .= ")";
// " OR d.groupid = '$groupid')";
$selectcourse = " AND d.course = '$courseid' AND c.id='$courseid'";
$coursetable = ", {$CFG->prefix}course c";
} else {
$selectgroup = '';
$selectcourse = " AND d.course = '$courseid'";
$coursetable = '';
}
$forummodule = get_record("modules", "name", "forum");
$coursecontext = get_context_instance(CONTEXT_COURSE, $course->id);
$modcontext = get_context_instance(CONTEXT_MODULE, $cm->id); // Will need to fix this.
// Take into account forum visibility.
if (has_capability('moodle/course:viewhiddenactivities', $coursecontext->id)) {
$onlyvisible = '';
$onlyvisibletable = '';
} else {
$notteacherforum = "";
$onlyvisible = "AND d.forum = f.id
AND f.id = cm.instance
AND cm.visible = 1
AND cm.module = $forummodule->id";
$onlyvisibletable = ", {$CFG->prefix}course_modules cm, {$CFG->prefix}forum f";
}
// Take into account user groups.
if (has_capability('mod/forum:viewdiscussionsfromallgroups', $modcontext->id)) {
$selectgroup = '';
$onlyvisible = "";
$onlyvisibletable = "";
$coursetable = '';
if ($courseid == SITEID && isadmin()) {
$selectcourse = '';
} else {
$selectcourse = " AND d.course = '$courseid'";
}
} else {
$searchgroupid = mygroupid($courseid);
if ($groupid) {
// Okay we don't necessarily trust the groups specified. We'll
// force the search to occur for a subset of the groups the user
// is really in.
$novalidgroups = false;
if (is_array($groupid)) {
foreach ($searchgroupid as $index => $validgroupid) {
if (array_search($validgroupid, $groupid) === false) {
unset($searchgroupid[$index]);
}
}
if (count($searchgroupid) == 0) {
$novalidgroups = true;
}
} else {
if (array_search($groupid, $searchgroupid) === false) {
$novalidgroups = true;
}
}
if ($novalidgroups) {
error('The user does not belong in the group(s) specified '.
'by $groupid and the user does not have the '.
'required permission to view posts from all '.
'groups.');
}
}
$separategroups = SEPARATEGROUPS;
$selectgroup = " AND ( NOT (cm.groupmode='$separategroups'".
" OR (c.groupmode='$separategroups' AND c.groupmodeforce='1') )";//.
foreach ($searchgroupid as $index => $value){
$selectgroup .= " OR d.groupid = '$value'";
}
$selectgroup .= ")";
// " OR d.groupid = '$groupid')";
$selectcourse = " AND d.course = '$courseid' AND c.id='$courseid'";
$coursetable = ", {$CFG->prefix}course c";
}
$timelimit = '';
@ -1190,14 +1228,23 @@ function forum_search_posts($searchterms, $courseid, $page=0, $recordsperpage=50
$parsearray = $parser->get_parsed_array();
$messagesearch = search_generate_SQL($parsearray,'p.message','p.subject','p.userid','u.id','u.firstname','u.lastname','p.modified', 'd.forum');
}
/*
$selectsql = "{$CFG->prefix}forum_posts p,
{$CFG->prefix}forum_discussions d,
{$CFG->prefix}user u $onlyvisibletable $coursetable
WHERE ($messagesearch)
AND p.userid = u.id
AND p.discussion = d.id $selectcourse $notteacherforum $onlyvisible $selectgroup $timelimit $extrasql";
*/
$selectsql = "{$CFG->prefix}forum_posts p,
{$CFG->prefix}forum_discussions d,
{$CFG->prefix}user u $onlyvisibletable $coursetable
WHERE ($messagesearch)
AND p.userid = u.id
AND p.discussion = d.id $selectcourse $onlyvisible $selectgroup $timelimit $extrasql";
$totalcount = count_records_sql("SELECT COUNT(*) FROM $selectsql");
return get_records_sql("SELECT p.*,d.forum, u.firstname,u.lastname,u.email,u.picture FROM
@ -2264,14 +2311,14 @@ function forum_print_mode_form($discussion, $mode) {
function forum_search_form($course, $search='') {
global $CFG;
$output = '<div class="forumsearchform">';
$output .= '<form name="search" action="'.$CFG->wwwroot.'/mod/forum/search.php" style="display:inline">';
$output = '<table border="0" cellpadding="0" cellspacing="0"><tr><td nowrap="nowrap">';
$output .= helpbutton('search', get_string('search'), 'moodle', true, false, '', true);
$output .= '&nbsp;<form name="search" action="'.$CFG->wwwroot.'/mod/forum/search.php" style="display:inline">';
$output .= '<input name="search" type="text" size="18" value="'.$search.'" alt="search" />';
$output .= '<input value="'.get_string('searchforums', 'forum').'" type="submit" />';
$output .= '<input name="id" type="hidden" value="'.$course->id.'" />';
$output .= '</form>';
$output .= helpbutton('search', get_string('search'), 'moodle', true, false, '', true);
$output .= '</div>';
$output .= '</td></tr></table>';
return $output;
}
@ -2712,32 +2759,32 @@ function forum_user_has_posted_discussion($forumid, $userid) {
}
}
function forum_user_has_posted($forumid,$did,$userid) {
function forum_user_has_posted($forumid, $did, $userid) {
return record_exists('forum_posts','discussion',$did,'userid',$userid);
}
function forum_user_can_post_discussion($forum, $currentgroup=false, $groupmode='', $edit=0) {
function forum_user_can_post_discussion($forum, $currentgroup=false, $groupmode='') {
// $forum is an object
global $USER, $SESSION;
if (!$cm = get_coursemodule_from_instance('forum', $forum->id, $forum->course)) {
error('Course Module ID was incorrect');
}
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
if (!has_capability('mod/forum:startdiscussion', $context->id)) {
return false;
}
if ($forum->type == "eachuser") {
if ($edit) { // fix for 5551, if 1 post per user, should allow edit, if poster is owner
$post = get_record('forum_posts','id',$edit);
return ($post->userid == $USER->id); // editting your own post?
} else {
return (! forum_user_has_posted_discussion($forum->id, $USER->id));
}
} else if ($forum->type == 'qanda') {
return isteacher($forum->course);
} else if ($forum->type == "teacher") {
return isteacher($forum->course);
return (!forum_user_has_posted_discussion($forum->id, $USER->id));
} else if ($currentgroup) {
return (isteacheredit($forum->course) or (ismember($currentgroup) and $forum->open == 2));
} else if (isteacher($forum->course)) {
return true;
return (has_capability('mod/forum:viewdiscussionsfromallgroups', $context->id)
or (ismember($currentgroup) and $forum->open == 2));
} else {
//else it might be group 0 in visible mode
if ($groupmode == VISIBLEGROUPS){
return ($forum->open == 2 AND ismember($currentgroup));
return ($forum->open == 2 and ismember($currentgroup));
}
else {
return ($forum->open == 2);
@ -2745,59 +2792,66 @@ function forum_user_can_post_discussion($forum, $currentgroup=false, $groupmode=
}
}
/**
* This function checks whether the user can reply to posts in a forum
* discussion. Use forum_user_can_post_discussion() to check whether the user
* can start dicussions.
* @param $forum - forum object
* @param $user - user object
*/
function forum_user_can_post($forum, $user=NULL) {
// $forum, $user are objects
if ($user) {
$isteacher = isteacher($forum->course, $user->id);
if (!$forum->open) {
// No point doing the more expensive has_capability checks.
return false;
}
if (!$cm = get_coursemodule_from_instance('forum', $forum->id, $forum->course)) {
error('Course Module ID was incorrect');
}
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
if (isset($user)) {
$canreply = has_capability('mod/forum:replypost', $context->id, false, $user->id);
} else {
$isteacher = isteacher($forum->course);
$canreply = has_capability('mod/forum:replypost', $context->id, false);
}
if ($forum->type == "teacher") {
return $isteacher;
} else if ($isteacher) {
return true;
} else {
return $forum->open;
}
return $canreply;
}
//checks to see if a user can view a particular post
function forum_user_can_view_post($post, $course, $cm, $forum, $discussion, $user=NULL){
global $CFG, $USER;
if (!$user){
$user = $USER;
}
if (isteacheredit($course->id)) {
return true;
$modcontext = get_context_instance(CONTEXT_MODULE, $cm->id);
if (!has_capability('mod/forum:viewdiscussion', $modcontext->id)) {
return false;
}
if ($forum->type == 'teacher'){ //teacher type forum
return isteacher($course->id);
}
/// Make sure the user is allowed in the course
if (!(isstudent($course->id) or
isteacher($course->id) or
($course->id == SITEID && !$CFG->forcelogin) or
(isguest() && $course->guest) )){
$coursecontext = get_context_instance(CONTEXT_COURSE, $course->id);
if (!has_capability('moodle/course:view', $coursecontext->id)) {
return false;
}
/// If it's a grouped discussion, make sure the user is a member
if ($discussion->groupid > 0) {
if ($cm->groupmode == SEPARATEGROUPS) {
return ismember($discussion->groupid);
return ismember($discussion->groupid) ||
has_capability('mod/forum:viewdiscussionsfromallgroups', $modcontext->id);
}
}
return true;
}
function forum_user_can_see_discussion($forum,$discussion,$user=NULL) {
function forum_user_can_see_discussion($forum, $discussion, $contextid, $user=NULL) {
global $USER;
if (empty($user) || empty($user->id)) {
@ -2815,29 +2869,30 @@ function forum_user_can_see_discussion($forum,$discussion,$user=NULL) {
return false;
}
}
if ($forum->type == 'qanda') {
return (forum_user_has_posted($forum->id,$discussion->id,$user->id) || isteacher($forum->course));
if (!has_capability('mod/forum:viewdiscussion', $contextid)) {
return false;
}
if ($forum->type == 'qanda' &&
!forum_user_has_posted($forum->id, $discussion->id, $user->id) &&
!has_capability('mod/forum:viewqandawithoutposting', $contextid)) {
return false;
}
return true;
}
function forum_user_can_see_post($forum,$discussion,$post,$user=NULL) {
function forum_user_can_see_post($forum, $discussion, $post, $user=NULL) {
global $USER;
if (empty($user) || empty($user->id)) {
$user = $USER;
}
// retrive objects (yuk)
if (is_numeric($forum)) {
if (!$forum = get_record('forum','id',$forum)) {
return false;
}
}
if (isteacher($forum->course)) {
return true;
}
if (is_numeric($discussion)) {
if (!$discussion = get_record('forum_discussions','id',$discussion)) {
return false;
@ -2848,14 +2903,29 @@ function forum_user_can_see_post($forum,$discussion,$post,$user=NULL) {
return false;
}
}
if (!isset($post->id) && isset($post->parent)) {
$post->id = $post->parent;
}
if (!$cm = get_coursemodule_from_instance('forum', $forum->id, $forum->course)) {
error('Course Module ID was incorrect');
}
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
if (empty($user) || empty($user->id)) {
$user = $USER;
}
if (!has_capability('mod/forum:viewdiscussion', $context->id, false, $user->id)) {
return false;
}
if ($forum->type == 'qanda') {
$firstpost = forum_get_firstpost_from_discussion($discussion->id);
return (forum_user_has_posted($forum->id,$discussion->id,$user->id) || $firstpost->id == $post->id || isteacher($forum->course));
return (forum_user_has_posted($forum->id,$discussion->id,$user->id) ||
$firstpost->id == $post->id ||
has_capability('mod/forum:viewqandawithoutposting', $context->id, false, $user->id));
}
return true;
}
@ -2877,6 +2947,12 @@ function forum_user_can_see_post($forum,$discussion,$post,$user=NULL) {
function forum_print_latest_discussions($course, $forum, $maxdiscussions=5, $displayformat='plain', $sort='',
$currentgroup=-1, $groupmode=-1, $page=-1) {
global $CFG, $USER;
if (!$cm = get_coursemodule_from_instance('forum', $forum->id, $forum->course)) {
error('Course Module ID was incorrect');
}
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
/// Sort out some defaults
@ -2906,7 +2982,8 @@ function forum_print_latest_discussions($course, $forum, $maxdiscussions=5, $dis
$currentgroup = get_current_group($course->id);
}
if (!$currentgroup and ($groupmode != SEPARATEGROUPS or isteacheredit($course->id)) ) {
if (!$currentgroup and ($groupmode != SEPARATEGROUPS or
has_capability('mod/forum:viewdiscussionsfromallgroups', $context->id)) ) {
$visiblegroups = -1;
} else {
$visiblegroups = $currentgroup;
@ -3098,7 +3175,7 @@ function forum_print_latest_discussions($course, $forum, $maxdiscussions=5, $dis
}
function forum_print_discussion($course, $forum, $discussion, $post, $mode, $canreply=NULL) {
function forum_print_discussion($course, $forum, $discussion, $post, $mode, $canreply=NULL, $canrate=false) {
global $USER, $CFG;
@ -3120,11 +3197,12 @@ function forum_print_discussion($course, $forum, $discussion, $post, $mode, $can
$ratings->assesspublic = $forum->assesspublic;
$ratings->assesstimestart = $forum->assesstimestart;
$ratings->assesstimefinish = $forum->assesstimefinish;
$ratings->allow = (($forum->assessed != 2 or isteacher($course->id)) && !isguest());
$ratings->allow = $canrate;
if ($ratings->allow) {
echo '<form name="form" method="post" action="rate.php">';
echo '<input type="hidden" name="id" value="'.$course->id.'" />';
echo '<input type="hidden" name="forumid" value="'.$forum->id.'" />';
}
}
}
@ -3241,7 +3319,7 @@ function forum_print_posts_threaded($parent, $courseid, $depth, $ratings, $reply
if (!forum_user_can_see_post($post->forum,$post->discussion,$post)) {
continue;
}
$by->name = fullname($post, isteacher($courseid));
$by->name = fullname($post);
$by->date = userdate($post->modified);
if ($istracking) {
@ -3426,19 +3504,17 @@ function forum_update_subscriptions_button($courseid, $forumid) {
// Prints the editing button on subscribers page
global $CFG, $USER;
if (isteacher($courseid)) {
if (!empty($USER->subscriptionsediting)) {
$string = get_string("turneditingoff");
$edit = "off";
} else {
$string = get_string("turneditingon");
$edit = "on";
}
return "<form target=\"$CFG->framename\" method=\"get\" action=\"$CFG->wwwroot/mod/forum/subscribers.php\">".
"<input type=\"hidden\" name=\"id\" value=\"$forumid\" />".
"<input type=\"hidden\" name=\"edit\" value=\"$edit\" />".
"<input type=\"submit\" value=\"$string\" /></form>";
if (!empty($USER->subscriptionsediting)) {
$string = get_string("turneditingoff");
$edit = "off";
} else {
$string = get_string("turneditingon");
$edit = "on";
}
return "<form target=\"$CFG->framename\" method=\"get\" action=\"$CFG->wwwroot/mod/forum/subscribers.php\">".
"<input type=\"hidden\" name=\"id\" value=\"$forumid\" />".
"<input type=\"hidden\" name=\"edit\" value=\"$edit\" />".
"<input type=\"submit\" value=\"$string\" /></form>";
}
function forum_add_user($userid, $courseid) {

2
mod/forum/markposts.php
View file

@ -29,7 +29,7 @@
if (isguest()) { // Guests can't change forum
$wwwroot = $CFG->wwwroot.'/login/index.php';
if (!empty($CFG->loginhttps)) {
$wwwroot = str_replace('http:','https:', $wwwroot);
$wwwroot = str_replace('http','https', $wwwroot);
}
$strforums = get_string('modulenameplural', 'forum');

32
mod/forum/mod.html
View file

@ -105,17 +105,6 @@
<?php print_textarea($usehtmleditor, 20, 50, 680, 400, 'intro', $form->intro); ?>
</td>
</tr>
<tr valign="top">
<td align="right"><b><?php print_string('allowdiscussions', 'forum', strtolower("$course->student")) ?>:</b></td>
<td>
<?php
choose_from_menu($FORUM_OPEN_MODES, 'open', $form->open, '');
helpbutton('allowdiscussions', get_string('allowdiscussions',
'forum', moodle_strtolower("$course->student")), 'forum');
?>
</td>
</tr>
<tr>
<td align="right"><b><?php print_string('forcesubscribeq', 'forum') ?>:</b></td>
<td>
@ -218,26 +207,7 @@
echo ' />';
echo '&nbsp;'.get_string('ratingsuse', 'forum').':';
echo '</td></tr>';
echo '<tr><td>';
// The odd order below was to maintain backward compatibility
unset($options);
$options[2] = get_string('ratingonlyteachers', 'forum', moodle_strtolower($course->teachers));
$options[1] = get_string('ratingeveryone', 'forum');
echo get_string('users').': ';
echo '</td><td>';
choose_from_menu($options, 'assessed', $form->assessed, '');
echo '</td></tr>';
echo '<tr><td>';
unset($options);
$options[0] = get_string('ratingpublicnot', 'forum', $course->students);
$options[1] = get_string('ratingpublic', 'forum', $course->students);
echo get_string('view').': ';
echo '</td><td>';
choose_from_menu($options, 'assesspublic', $form->assesspublic, '');
echo '</td></tr>';
echo '<tr><td>';
echo get_string('grade').': ';
echo '</td><td>';

21
mod/forum/post.html
View file

@ -1,4 +1,9 @@
<?php
/**
* This file is required by post.php. Therefore, the context objects
* $modcontext and $coursecontext are available to the script.
*/
if (!isset($discussion->timestart)) {
$discussion->timestart = 0;
}
@ -59,7 +64,8 @@ if (!isset($discussion->timeend)) {
<?php
if (forum_is_forcesubscribed($forum->id)) {
print_string("everyoneissubscribed", "forum");
} else if ($forum->forcesubscribe != FORUM_DISALLOWSUBSCRIBE || isteacher($forum->course)){
} else if ($forum->forcesubscribe != FORUM_DISALLOWSUBSCRIBE ||
has_capability('moodle/course:manageactivities', $coursecontext->id)){
unset($options);
if (forum_is_subscribed($USER->id, $post->forum)) {
$options[0] = get_string("subscribestart", "forum");
@ -102,7 +108,10 @@ if (!isset($discussion->timeend)) {
<?php } ?>
<?php if (isadmin() && empty($post->id)) { ?>
<?php
if (has_capability('moodle/course:manageactivities', $coursecontext->id)
&& empty($post->id)) {
?>
<tr valign="top">
<td align="right"><b><?php print_string("mailnow", "forum") ?>:</b></td>
@ -113,9 +122,8 @@ if (!isset($discussion->timeend)) {
<?php } ?>
<?php if (!empty($CFG->forum_enabletimedposts) &&
isteacher($course->id) && $forum->type == 'news' && !$post->parent) {
// This is the first post of a discussion in news forum
<?php if (!empty($CFG->forum_enabletimedposts) && !$post->parent) {
// This is the first post of a discussion, and timed posts are enabled.
?>
<tr valign="top">
<td align="right"><b><?php print_string("displayperiod", "forum") ?>:<br />(<?php print_string("optional") ?>)&nbsp;</b></td>
@ -150,7 +158,7 @@ if (!isset($discussion->timeend)) {
<?php } else { ?>
<input type="hidden" name="timestartdisabled" value="1" />
<input type="hidden" name="timeenddisabled" value="1" />
<?php } ?>
<? } ?>
<tr>
<td align="center" colspan="2">
<input type="hidden" name="course" value="<?php p($post->course) ?>" />
@ -158,6 +166,7 @@ if (!isset($discussion->timeend)) {
<input type="hidden" name="discussion" value="<?php p($post->discussion) ?>" />
<input type="hidden" name="parent" value="<?php p($post->parent) ?>" />
<input type="hidden" name="userid" value="<?php p($post->userid) ?>" />
<input type="hidden" name="groupid" value="<?php p($post->groupid) ?>" />
<input type="hidden" name="edit" value="<?php p($post->edit) ?>" />
<input type="submit" value="<?php p(($post->edit) ? get_string('savechanges') : get_string('posttoforum', 'forum')); ?>" />
</td>

264
mod/forum/post.php
View file

@ -12,14 +12,18 @@
$prune = optional_param('prune',0,PARAM_INT);
$name = optional_param('name','',PARAM_CLEAN);
$confirm = optional_param('confirm',0,PARAM_INT);
$coursecontext = get_context_instance(CONTEXT_COURSE, $course->id);
if (isguest()) {
$wwwroot = $CFG->wwwroot.'/login/index.php';
if (!empty($CFG->loginhttps)) {
$wwwroot = str_replace('http:','https:', $wwwroot);
$wwwroot = str_replace('http','https', $wwwroot);
}
if (!empty($forum)) { // User is starting a new discussion in a forum
if (isset($forum)) { // User is starting a new discussion in a forum
if (! $forum = get_record('forum', 'id', $forum)) {
error('The forum number was incorrect');
}
@ -38,7 +42,10 @@
error('The course number was incorrect');
}
if (!$cm = get_coursemodule_from_instance('forum', $forum->id, $course->id)) { // For the logs
// Teacher forum?
$cm->id = 0;
} else {
$modcontext = get_context_instance(CONTEXT_MODULE, $cm->id);
}
$strforums = get_string('modulenameplural', 'forum');
@ -61,84 +68,54 @@
require_login(0, false); // Script is useless unless they're logged in
if ($post = data_submitted()) {
if (! $forum = get_record('forum', 'id', $forum)) {
error('The forum number was incorrect');
if (empty($post->course)) {
error('No course was defined!');
}
if (!$course = get_record('course', 'id', $forum->course)) {
if (!$course = get_record('course', 'id', $post->course)) {
error('Could not find specified course!');
}
require_login($course->id, false);
$adminedit = (isadmin() and !empty($CFG->admineditalways));
if (!empty($course->lang)) { // Override current language
$CFG->courselang = $course->lang;
}
if (empty($SESSION->fromurl)) {
$errordestination = "$CFG->wwwroot/mod/forum/view.php?f=$forum->id";
$errordestination = "$CFG->wwwroot/mod/forum/view.php?f=$post->forum";
} else {
$errordestination = $SESSION->fromurl;
}
$post->subject = clean_param(strip_tags($post->subject, '<lang><span>'), PARAM_CLEAN); // Strip all tags except multilang
$post->subject = strip_tags($post->subject, '<lang><span>'); // Strip all tags except lang
//$post->message will be cleaned later before display
//$post->message = clean_text($post->message, $post->format); // Clean up any bad tags
$post->attachment = isset($_FILES['attachment']) ? $_FILES['attachment'] : NULL;
if (!$cm = get_coursemodule_from_instance("forum", $forum->id, $course->id)) { // For the logs
if (!$cm = get_coursemodule_from_instance("forum", $post->forum, $course->id)) { // For the logs
$cm->id = 0;
}
if (($post->subject == '') or ($post->message == '')) {
if (!$post->subject or !$post->message) {
$post->error = get_string("emptymessage", "forum");
} else if ($post->edit) {
/// Updating a post
if (! $oldpost = forum_get_post_full($post->edit)) {
error("Post ID was incorrect");
}
if (($oldpost->userid <> $USER->id) and !$adminedit) {
error("You can't edit other people's posts!");
}
if (! $discussion = get_record("forum_discussions", "id", $oldpost->discussion)) {
error("This post is not part of a discussion!");
}
if ($discussion->forum != $forum->id) {
error("The forum number is incorrect");
}
if ($discussion->course != $course->id) {
error("The course number is incorrect");
}
if (!($forum->type == 'news' && !$oldpost->parent && $discussion->timestart > time())) {
if (((time() - $oldpost->created) > $CFG->maxeditingtime) and !$adminedit) {
error( get_string("maxtimehaspassed", "forum", format_time($CFG->maxeditingtime)) );
}
}
$updatepost = new object;
$updatepost->id = $oldpost->id;
$updatepost->parent = $oldpost->parent;
$updatepost->forum = $oldpost->forum;
$updatepost->discussion = $oldpost->discussion;
$updatepost->userid = $oldpost->userid;
$updatepost->subject = $post->subject; //already cleaned
$updatepost->message = $post->message; //cleaning only before display
$updatepost->format = $post->format;
$updatepost->attachment = $post->attachment;
$updatepost->course = $course->id;
$updatepost->subscribe = optional_param('subscribe', 0, PARAM_BOOL);
$updatepost->unsubscribe = optional_param('unsubscribe', 0, PARAM_BOOL);
} else if ($post->edit) { // Updating a post
$post->id = $post->edit;
$message = '';
if (get_field('forum', 'type', 'id', $forum) == 'news' && !$oldpost->parent) {
$updatediscussion = new object;
$updatediscussion->id = $oldpost->discussion;
//fix for bug #4314
if (!$realpost = get_record('forum_posts','id',$post->id)){
$realpost = new object;
$realpost->userid = -1;
}
if ( !(($realpost->userid == $USER->id && has_capability('mod/forum:replypost', $modcontext->id)) ||
has_capability('mod/forum:editanypost', $modcontext->id)) )
error("You can not update this post");
}
if (get_field('forum', 'type', 'id', $forum) == 'news' && !$post->parent) {
$updatediscussion->id = $post->discussion;
if (empty($post->timestartdisabled)) {
$updatediscussion->timestart = make_timestamp($post->timestartyear, $post->timestartmonth, $post->timestartday);
} else {
@ -158,10 +135,10 @@
if (!isset($post->error)) {
if (forum_update_post($updatepost,$message)) {
if (forum_update_post($post,$message)) {
add_to_log($course->id, "forum", "update post",
"discuss.php?d=$updatepost->discussion&amp;parent=$updatepost->id", "$updatepost->id", $cm->id);
"discuss.php?d=$post->discussion&amp;parent=$post->id", "$post->id", $cm->id);
$timemessage = 2;
if (!empty($message)) { // if we're printing stuff about the file upload
@ -169,10 +146,10 @@
}
$message .= '<br />'.get_string("postupdated", "forum");
if ($subscribemessage = forum_post_subscription($updatepost)) {
if ($subscribemessage = forum_post_subscription($post)) {
$timemessage = 4;
}
redirect(forum_go_back_to("discuss.php?d=$updatepost->discussion#$updatepost->id"), $message.$subscribemessage, $timemessage);
redirect(forum_go_back_to("discuss.php?d=$post->discussion#$post->id"), $message.$subscribemessage, $timemessage);
} else {
error(get_string("couldnotupdate", "forum"), $errordestination);
@ -180,49 +157,12 @@
exit;
}
} else if ($post->discussion) {
/// Adding a new post to an existing discussion
if (! $discussion = get_record("forum_discussions", "id", $post->discussion)) {
error("This post is not part of a discussion!");
}
if ($discussion->forum != $forum->id) {
error("The forum number is incorrect");
}
if ($discussion->course != $course->id) {
error("The course number is incorrect");
}
if (! $parent = forum_get_post_full($post->parent)) {
error("Parent post does not exist");
}
if ($parent->discussion != $discussion->id) {
error("Parent not in this discussion");
}
if (! forum_user_can_post($forum)) {
error("Sorry, but you can not post in this forum.");
}
$newpost = new object;
$newpost->parent = $post->parent;
$newpost->forum = $forum->id;
$newpost->discussion = $discussion->id;
$newpost->parent = $parent->id;
$newpost->subject = $post->subject; //already cleaned
$newpost->message = $post->message; //cleaning only before display
$newpost->format = $post->format;
$newpost->mailnow = optional_param('mailnow', 0, PARAM_BOOL);
$newpost->course = $course->id;
$newpost->subscribe = optional_param('subscribe', 0, PARAM_BOOL);
$newpost->unsubscribe = optional_param('unsubscribe', 0, PARAM_BOOL);
} else if ($post->discussion) { // Adding a new post to an existing discussion
$message = '';
if ($newpost->id = forum_add_new_post($newpost,$message)) {
if ($post->id = forum_add_new_post($post,$message)) {
add_to_log($course->id, "forum", "add post",
"discuss.php?d=$newpost->discussion&amp;parent=$newpost->id", "$newpost->id", $cm->id);
"discuss.php?d=$post->discussion&amp;parent=$post->id", "$post->id", $cm->id);
$timemessage = 2;
if (!empty($message)) { // if we're printing stuff about the file upload
@ -230,51 +170,29 @@
}
$message .= '<br />'.get_string("postadded", "forum", format_time($CFG->maxeditingtime));
if ($subscribemessage = forum_post_subscription($newpost)) {
if ($subscribemessage = forum_post_subscription($post)) {
$timemessage = 4;
}
if ($newpost->mailnow) {
if ($post->mailnow) {
$message .= get_string("postmailnow", "forum");
$timemessage = 4;
}
redirect(forum_go_back_to("discuss.php?d=$newpost->discussion#$newpost->id"), $message.$subscribemessage, $timemessage);
redirect(forum_go_back_to("discuss.php?d=$post->discussion#$post->id"), $message.$subscribemessage, $timemessage);
} else {
error(get_string("couldnotadd", "forum"), $errordestination);
}
exit;
} else {
/// Adding a new discussion
if (! forum_user_can_post_discussion($forum)) {
error("Sorry, but you can not post a new discussion in this forum.");
}
$discussion = new object;
$discussion->forum = $forum->id;
$discussion->course = $course->id;
$discussion->mailnow = optional_param('mailnow', 0, PARAM_BOOL);
$discussion->name = $post->subject;
} else { // Adding a new discussion
$post->mailnow = empty($post->mailnow) ? 0 : 1;
$discussion = $post;
$discussion->name = $post->subject;
$discussion->intro = $post->message;
$discussion->format = $post->format;
$discussion->groupid = get_current_group($course->id);
if (isteacheredit($course->id) and $discussion->groupid == 0) {
$discussion->groupid = -1;
}
$discussion->course = $course->id;
$discussion->subscribe = optional_param('subscribe', 0, PARAM_BOOL);
$discussion->unsubscribe = optional_param('unsubscribe', 0, PARAM_BOOL);
if (! forum_user_can_post_discussion($forum)) {
error("Sorry, but you can not post a new discussion in this forum.");
}
$newstopic = false;
if (get_field('forum', 'type', 'id', $forum) == 'news') {
if (get_field('forum', 'type', 'id', $forum) == 'news' && !$post->parent) {
$newstopic = true;
}
if ($newstopic && empty($post->timestartdisabled)) {
@ -302,7 +220,7 @@
}
$message .= '<br />'.get_string("postadded", "forum", format_time($CFG->maxeditingtime));
if ($discussion->mailnow) {
if ($post->mailnow) {
$message .= get_string("postmailnow", "forum");
$timemessage = 4;
}
@ -311,7 +229,7 @@
$timemessage = 4;
}
redirect(forum_go_back_to("view.php?f=$discussion->forum"), $message.$subscribemessage, $timemessage);
redirect(forum_go_back_to("view.php?f=$post->forum"), $message.$subscribemessage, $timemessage);
} else {
error(get_string("couldnotadd", "forum"), $errordestination);
@ -328,8 +246,7 @@
$defaultformat = FORMAT_MOODLE;
}
if (!empty($post->error)) {
/// User is re-editing a failed posting
if (isset($post->error)) { // User is re-editing a failed posting
// Set up all the required objects again, and reuse the same $post
@ -369,14 +286,9 @@
}
}
} else if (!empty($forum)) {
/// User is starting a new discussion in a forum
} else if (!empty($forum)) { // User is starting a new discussion in a forum
if (!empty($_SERVER["HTTP_REFERER"])) {
$SESSION->fromurl = $_SERVER["HTTP_REFERER"];
} else {
$SESSION->fromurl = '';
}
$SESSION->fromurl = $_SERVER["HTTP_REFERER"];
if (! $forum = get_record("forum", "id", $forum)) {
error("The forum number was incorrect ($forum)");
@ -390,7 +302,7 @@
}
if ($cm = get_coursemodule_from_instance("forum", $forum->id, $course->id)) {
if (!$cm->visible and !isteacher($course->id)) {
if (!$cm->visible and !has_capability('moodle/course:manageactivities', $coursecontext->id)) {
error(get_string("activityiscurrentlyhidden"));
}
}
@ -406,10 +318,14 @@
$post->message = "";
$post->format = $defaultformat;
$post->groupid = get_current_group($course->id);
if ($post->groupid == 0) {
$post->groupid = -1;
}
forum_set_return();
} else if (!empty($reply)) {
/// User is writing a new reply
} else if (!empty($reply)) { // User is writing a new reply
if (! $parent = forum_get_post_full($reply)) {
error("Parent post ID was incorrect");
@ -429,13 +345,13 @@
}
if ($cm = get_coursemodule_from_instance("forum", $forum->id, $course->id)) {
if (groupmode($course, $cm) and !isteacheredit($course->id)) { // Make sure user can post here
if (groupmode($course, $cm)) { // Make sure user can post here
$mygroupid = mygroupid($course->id);
if (!((empty($mygroupid) and $discussion->groupid == -1) || (ismember($discussion->groupid)/*$mygroupid == $discussion->groupid*/))) {
error("Sorry, but you can not post in this discussion.");
}
}
if (!$cm->visible and !isteacher($course->id)) {
if (!$cm->visible and !has_capability('moodle/course:manageactivities', $coursecontext->id)) {
error(get_string("activityiscurrentlyhidden"));
}
}
@ -458,15 +374,13 @@
unset($SESSION->fromdiscussion);
} else if (!empty($edit)) {
/// User is editing their own post
$adminedit = (isadmin() and !empty($CFG->admineditalways));
} else if (!empty($edit)) { // User is editing their own post
if (! $post = forum_get_post_full($edit)) {
error("Post ID was incorrect");
}
if (($post->userid <> $USER->id) and !$adminedit) {
if (($post->userid <> $USER->id) and
!has_capability('mod/forum:editanypost', $modcontext->id)) {
error("You can't edit other people's posts!");
}
if ($post->parent) {
@ -481,9 +395,9 @@
error("The forum number was incorrect ($discussion->forum)");
}
if (!($forum->type == 'news' && !$post->parent && $discussion->timestart > time())) {
if (((time() - $post->created) > $CFG->maxeditingtime) and !$adminedit) {
error( get_string("maxtimehaspassed", "forum", format_time($CFG->maxeditingtime)),
"$CFG->wwwroot/mod/forum/discuss.php?d=$discussion->id#$post->id" );
if (((time() - $post->created) > $CFG->maxeditingtime) and
!has_capability('mod/forum:editanypost', $modcontext->id)) {
error( get_string("maxtimehaspassed", "forum", format_time($CFG->maxeditingtime)) );
}
}
if (! $course = get_record("course", "id", $discussion->course)) {
@ -500,8 +414,7 @@
unset($SESSION->fromdiscussion);
} else if (!empty($delete)) {
/// User is deleting a post
} else if (!empty($delete)) { // User is deleting a post
if (! $post = forum_get_post_full($delete)) {
error("Post ID was incorrect");
@ -512,8 +425,9 @@
if (! $forum = get_record("forum", "id", $discussion->forum)) {
error("The forum number was incorrect ($discussion->forum)");
}
if (($post->userid <> $USER->id) and !isteacher($forum->course)) {
error("You can't delete other people's posts!");
if ( !(($post->userid == $USER->id && has_capability('mod/forum:deleteownpost', $modcontext->id))
|| has_capability('mod/forum:deleteanypost', $modcontext->id)) ) {
error("You can't delete this post!");
}
if (!empty($forum->course)) {
if ($course = get_record('course', 'id', $forum->course)) {
@ -525,13 +439,13 @@
$replycount = forum_count_replies($post);
if (!empty($confirm) and confirm_sesskey()) { // User has confirmed the delete
if (!empty($confirm)) { // User has confirmed the delete
if ($post->totalscore) {
notice(get_string("couldnotdeleteratings", "forum"),
forum_go_back_to("discuss.php?d=$post->discussion"));
} else if ($replycount && !isteacher($course->id)) {
} else if ($replycount && !has_capability('mod/forum:deleteanypost', $modcontext->id)) {
error(get_string("couldnotdeletereplies", "forum"),
forum_go_back_to("discuss.php?d=$post->discussion"));
@ -552,7 +466,7 @@
redirect("view.php?f=$discussion->forum",
get_string("deleteddiscussion", "forum"), 1);
} else if (forum_delete_post($post, isteacher($course->id))) {
} else if (forum_delete_post($post, has_capability('mod/forum:deleteanypost', $modcontext->id))) {
add_to_log($discussion->course, "forum", "delete post",
"discuss.php?d=$post->discussion", "$post->id", $cm->id);
@ -565,19 +479,18 @@
}
} else {
// User just asked to delete something
} else { // User just asked to delete something
forum_set_return();
if ($replycount) {
if (!isteacher($course->id)) {
if (!has_capability('mof/forum:deleteanypost', $modcontext->id)) {
error(get_string("couldnotdeletereplies", "forum"),
forum_go_back_to("discuss.php?d=$post->discussion"));
}
print_header();
notice_yesno(get_string("deletesureplural", "forum", $replycount+1),
"post.php?delete=$delete&amp;confirm=$delete&amp;sesskey=".sesskey(),
"post.php?delete=$delete&amp;confirm=$delete",
$_SERVER["HTTP_REFERER"]);
forum_print_post($post, $course->id, $ownpost=false, $reply=false, $link=false);
@ -592,7 +505,7 @@
} else {
print_header();
notice_yesno(get_string("deletesure", "forum", $replycount),
"post.php?delete=$delete&amp;confirm=$delete&amp;sesskey=".sesskey(),
"post.php?delete=$delete&amp;confirm=$delete",
$_SERVER["HTTP_REFERER"]);
forum_print_post($post, $forum->course, $ownpost=false, $reply=false, $link=false);
}
@ -602,8 +515,7 @@
die;
} else if (!empty($prune)) {
// Teacher is pruning
} else if (!empty($prune)) { // Teacher is pruning
if (!$post = forum_get_post_full($prune)) {
error("Post ID was incorrect");
@ -614,7 +526,7 @@
if (!$forum = get_record("forum", "id", $discussion->forum)) {
error("The forum number was incorrect ($discussion->forum)");
}
if (!isteacher($forum->course)) {
if (!has_capability('mod/forum:splitdiscussions', $modcontext->id)) {
error("You can't split discussions!");
}
if (!$post->parent) {
@ -624,12 +536,11 @@
$cm->id = 0;
}
if (!empty($name) and confirm_sesskey()) { // User has confirmed the prune
if (!empty($name)) { // User has confirmed the prune
$newdiscussion = new object;
$newdiscussion->course = $discussion->course;
$newdiscussion->forum = $discussion->forum;
$newdiscussion->name = strip_tags($name, '<lang><span>'); // Strip all tags except multilang
$newdiscussion->name = $name;
$newdiscussion->firstpost = $post->id;
$newdiscussion->userid = $discussion->userid;
$newdiscussion->groupid = $discussion->groupid;
@ -644,7 +555,7 @@
$newpost->id = $post->id;
$newpost->parent = 0;
$newpost->subject = $newdiscussion->name;
$newpost->subject = $name;
if (!update_record("forum_posts", $newpost)) {
error('Could not update the original post');
@ -752,11 +663,12 @@
if (!empty($parent) && !forum_user_can_see_post($forum,$discussion,$post)) {
error("You cannot reply to this post");
}
if (empty($parent) && !forum_user_can_post_discussion($forum, false, '', $edit)) {
if (empty($parent) && !forum_user_can_post_discussion($forum)) {
error("You cannot start a new discussion in this forum");
}
if ($forum->type == 'qanda' && !isteacher($forum->course) && !forum_user_has_posted($forum->id,$discussion->id,$USER->id)) {
if ($forum->type == 'qanda' && !has_capability('mod/forum:viewqandawithoutposting', $modcontext->id) &&
!forum_user_has_posted($forum->id,$discussion->id,$USER->id)) {
notify(get_string('qandanotify','forum'));
}
@ -770,7 +682,7 @@
} else {
$user_read_array = array();
}
if ($forum->type != 'qanda' || forum_user_can_see_discussion($forum,$discussion)) {
if ($forum->type != 'qanda' || forum_user_can_see_discussion($forum, $discussion, $modcontext->id)) {
forum_print_posts_threaded($parent->id, $course->id, 0, false, false, $user_read_array, $discussion->forum);
}
}

1
mod/forum/prune.html
View file

@ -11,7 +11,6 @@
<td align="center" colspan="2">
<input type="hidden" name="prune" value="<?php p($prune) ?>" />
<input type="hidden" name="confirm" value="<?php p($prune) ?>" />
<input type="hidden" name="sesskey" value="<?php echo sesskey() ?>" />
<input type="submit" value="<?php print_string('prune', 'forum'); ?>" />
</td>
</tr>

21
mod/forum/rate.php
View file

@ -5,13 +5,22 @@
require_once("../../config.php");
require_once("lib.php");
if (isguest()) {
error("Guests are not allowed to rate posts.", $_SERVER["HTTP_REFERER"]);
$id = required_param('id',PARAM_INT); // The course these ratings are part of
$forumid = required_param('forumid',PARAM_INT); // The forum the rated posts are from
if (! $cm = get_coursemodule_from_instance('forum', $forumid, $id)) {
error('Course Module ID was incorrect');
}
$id = required_param('id',PARAM_INT); // The course these ratings are part of
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
if (!has_capability('mod/forum:ratepost', $context->id) {
error('You do not have the permission to rate this post');
}
if (! $course = get_record("course", "id", $id)) {
error("Course ID was incorrect");
}
@ -73,4 +82,4 @@
error("This page was not accessed correctly");
}
?>
?>

39
mod/forum/report.php
View file

@ -5,8 +5,7 @@
require_once("../../config.php");
require_once("lib.php");
$id = required_param('id',PARAM_INT);
$sort = optional_param('sort', '', PARAM_RAW);
$id = required_param('id',PARAM_INT);
if (! $post = get_record("forum_posts", "id", $id)) {
error("Post ID was incorrect");
@ -23,16 +22,22 @@
if (! $course = get_record("course", "id", $forum->course)) {
error("Course ID was incorrect");
}
if (!isteacher($course->id) and $USER->id != $post->userid) {
error("You can only look at results for posts you own");
if (! $cm = get_coursemodule_from_instance('forum', $forum->id, $course->id)) {
error('Course Module ID was incorrect');
}
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
if (!has_capability('mod/forum:viewrating', $context->id)) {
error('You do not have the capability to view post ratings');
}
if (!has_capability('mod/forum:viewanyrating', $context->id) and $USER->id != $post->userid) {
error("You can only look at results for posts that you made");
}
switch ($sort) {
case 'time': $sqlsort = "r.time ASC"; break;
case 'firstname': $sqlsort = "u.firstname ASC"; break;
case 'rating': $sqlsort = "r.rating ASC"; break;
default: $sqlsort = "r.time ASC";
if (!isset($sort)) {
$sort = "r.time";
}
$scalemenu = make_grades_menu($forum->scale);
@ -44,22 +49,18 @@
print_header("$strratings: ".format_string($post->subject));
if (!$ratings = forum_get_ratings($post->id, $sqlsort)) {
if (!$ratings = forum_get_ratings($post->id, $sort)) {
error("No ratings for this post: \"".format_string($post->subject)."\"");
} else {
echo "<table border=\"0\" cellpadding=\"3\" cellspacing=\"3\" class=\"generalbox\" width=\"100%\">";
echo "<tr>";
echo "<th>&nbsp;</th>";
echo "<th><a href=\"report.php?id=$post->id&amp;sort=firstname\">$strname</a>";
echo "<th width=\"100%\"><a href=\"report.php?id=$post->id&amp;sort=rating\">$strrating</a>";
echo "<th><a href=\"report.php?id=$post->id&amp;sort=time\">$strtime</a>";
echo "<th><a href=\"report.php?id=$post->id&amp;sort=u.firstname\">$strname</a>";
echo "<th width=\"100%\"><a href=\"report.php?id=$post->id&amp;sort=r.rating\">$strrating</a>";
echo "<th><a href=\"report.php?id=$post->id&amp;sort=r.time\">$strtime</a>";
foreach ($ratings as $rating) {
if (isteacher($discussion->course, $rating->id)) {
echo '<tr class="forumpostheadertopic">';
} else {
echo '<tr class="forumpostheader">';
}
echo '<tr class="forumpostheader">';
echo "<td>";
print_user_picture($rating->id, $forum->course, $rating->picture);
echo '<td nowrap="nowrap"><p><font size="-1">'.fullname($rating).'</p>';

29
mod/forum/restorelib.php
View file

@ -165,11 +165,7 @@
$status = true;
//Get the discussions array
if (!empty($info['MOD']['#']['SUBSCRIPTIONS'])) {
$subscriptions = $info['MOD']['#']['SUBSCRIPTIONS']['0']['#']['SUBSCRIPTION'];
} else {
$subscriptions = array();
}
$subscriptions = $info['MOD']['#']['SUBSCRIPTIONS']['0']['#']['SUBSCRIPTION'];
//Iterate over subscriptions
for($i = 0; $i < sizeof($subscriptions); $i++) {
@ -226,11 +222,7 @@
$status = true;
//Get the discussions array
if (!empty($info['MOD']['#']['DISCUSSIONS'])) {
$discussions = $info['MOD']['#']['DISCUSSIONS']['0']['#']['DISCUSSION'];
} else {
$discussions = array();
}
$discussions = $info['MOD']['#']['DISCUSSIONS']['0']['#']['DISCUSSION'];
//Iterate over discussions
for($i = 0; $i < sizeof($discussions); $i++) {
@ -331,11 +323,7 @@
$status = true;
//Get the read array
if (!empty($info['MOD']['#']['READPOSTS'])) {
$readposts = $info['MOD']['#']['READPOSTS']['0']['#']['READ'];
} else {
$readposts = array();
}
$readposts = $info['MOD']['#']['READPOSTS']['0']['#']['READ'];
//Iterate over readposts
for($i = 0; $i < sizeof($readposts); $i++) {
@ -878,17 +866,6 @@
$log->url = "search.php?id=".$log->course."&search=".urlencode($log->info);
$status = true;
break;
case "user report":
//recode the info field (it's the user id)
$user = backup_getid($restore->backup_unique_code,"user",$log->info);
if ($user) {
$log->info = $user->new_id;
//Now, extract the mode from the url field
$mode = substr(strrchr($log->url,"="),1);
$log->url = "user.php?course=".$log->course."&id=".$log->info."&mode=".$mode;
$status = true;
}
break;
default:
if (!defined('RESTORE_SILENTLY')) {
echo "action (".$log->module."-".$log->action.") unknown. Not restored<br />"; //Debug

20
mod/forum/rsslib.php
View file

@ -78,20 +78,6 @@
}
return $status;
}
// Given a forum object, deletes the RSS file
function forum_rss_delete_file($forum) {
global $CFG;
//return unlink("{$CFG->dataroot}/rss/{$modname}/{$forum->id}.xml");
$rssfile = rss_file_name('forum', $forum);
if (file_exists($rssfile)) {
return unlink($rssfile);
} else {
return true;
}
}
function forum_rss_newstuff($forum, $time) {
// If there is new stuff in the forum since $time then this returns
@ -172,7 +158,7 @@
$items = array();
if ($newsince) {
$newsince = " AND (p.modified > '$newsince' OR d.timemodified > '$newsince')";
$newsince = " AND p.modified > '$newsince'";
} else {
$newsince = "";
}
@ -232,7 +218,7 @@
$items = array();
if ($newsince) {
$newsince = " AND (p.modified > '$newsince' OR d.timemodified > '$newsince')";
$newsince = " AND p.modified > '$newsince'";
} else {
$newsince = "";
}
@ -277,7 +263,7 @@
$item->description = format_text($rec->postmessage,$rec->postformat,NULL,$forum->course);
$post_file_area_name = "$forum->course/$CFG->moddata/forum/$forum->id/$rec->postid";
$post_file_area_name = str_replace('//', '/', "$forum->course/$CFG->moddata/$rec->course/forum/$forum->id/$rec->postid");
$post_files = get_directory_list("$CFG->dataroot/$post_file_area_name");
if (!empty($post_files)) {

43
mod/forum/search.php
View file

@ -114,13 +114,13 @@
$searchform = forum_search_form($course, $search);
if ((!isteacheredit($course->id)) and forum_get_separate_modules($course->id)) {
$sepgroups = user_group($course->id, $USER->id);
if ($group = user_group($course->id, $USER->id)) {
$groupid = $group->id;
} else {
$sepgroups = false;
$groupid = 0;
}
if (!$posts = forum_search_posts($searchterms, $course->id, $page*$perpage, $perpage, $totalcount, $sepgroups)) {
if (!$posts = forum_search_posts($searchterms, $course->id, $page*$perpage, $perpage, $totalcount, $groupid)) {
print_header_simple("$strsearchresults", "",
"<a href=\"index.php?id=$course->id\">$strforums</a> ->
@ -361,15 +361,7 @@ function forum_clean_search_terms($words, $prefix='') {
function forum_menu_list($course) {
$menu = array();
$currentgroup = get_current_group($course->id);
$isteacher = isteacher($course->id);
if ($isteacher) { // Add teacher forum
if ($forum = forum_get_course_forum($course->id, 'teacher')) {
$menu[$forum->id] = format_string($forum->name,true);
}
}
if ($forums = get_all_instances_in_course("forum", $course)) {
if ($course->format == 'weeks') {
@ -379,23 +371,19 @@ function forum_menu_list($course) {
}
foreach ($forums as $forum) {
if (!$isteacher) { // Non-teachers
if ($forum->type == "teacher") {
if ($cm = get_coursemodule_from_instance('forum', $forum->id, $course->id)) {
if (!isset($forum->visible)) {
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
if (!instance_is_visible("forum", $forum) &&
!has_capability('moodle/course:viewhiddenactivities', $context->id)) {
continue;
}
}
$groupmode = groupmode($course, $cm); // Groups are being used
if (($groupmode == SEPARATEGROUPS) and ($currentgroup === false)) {
continue;
}
if (!isset($forum->visible)) {
if (! instance_is_visible("forum", $forum)) {
continue;
}
}
if ($cm = get_coursemodule_from_instance('forum', $forum->id, $course->id)) {
$groupmode = groupmode($course, $cm); // Groups are being used
if (($groupmode == SEPARATEGROUPS) and ($currentgroup === false)) {
continue;
}
}
}
$menu[$forum->id] = format_string($forum->name,true);
}
}
@ -403,5 +391,4 @@ function forum_menu_list($course) {
return $menu;
}
?>
?>

2
mod/forum/settracking.php
View file

@ -27,7 +27,7 @@
if (isguest()) { // Guests can't change tracking
$wwwroot = $CFG->wwwroot.'/login/index.php';
if (!empty($CFG->loginhttps)) {
$wwwroot = str_replace('http:','https:', $wwwroot);
$wwwroot = str_replace('http','https', $wwwroot);
}
$strforums = get_string('modulenameplural', 'forum');

29
mod/forum/subscribe.php
View file

@ -18,20 +18,24 @@
}
if ($cm = get_coursemodule_from_instance("forum", $forum->id, $course->id)) {
if (groupmode($course, $cm) and !isteacheredit($course->id)) { // Make sure user is allowed
if (! mygroupid($course->id)) {
error("Sorry, but you must be a group member to subscribe.");
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
if (groupmode($course, $cm) and
!has_capability('mod/forum:viewdiscussionsfromallgroups', $context->id)) {
if (!mygroupid($course->id)) {
error('Sorry, but you must be a group member to subscribe.');
}
}
} else {
$cm->id = 0;
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
}
if ($user) {
if (!isteacher($course->id)) {
error("Only teachers can subscribe/unsubscribe other people!");
if (!has_capability('mod/forum:managesubscriptions', $context->id)) {
error('You do not have the permission to subscribe/unsubscribe other people!');
}
if (! $user = get_record("user", "id", $user)) {
if (!$user = get_record("user", "id", $user)) {
error("User ID was incorrect");
}
} else {
@ -43,7 +47,7 @@
if (isguest()) { // Guests can't subscribe
$wwwroot = $CFG->wwwroot.'/login/index.php';
if (!empty($CFG->loginhttps)) {
$wwwroot = str_replace('http:','https:', $wwwroot);
$wwwroot = str_replace('http','https', $wwwroot);
}
$strforums = get_string('modulenameplural', 'forum');
@ -63,15 +67,9 @@
exit;
}
if ($forum->type == "teacher") {
if (!isteacher($course->id)) {
error("You must be a $course->teacher to subscribe to this forum");
}
}
$returnto = forum_go_back_to("index.php?id=$course->id");
if ($force and isteacher($course->id)) {
if ($force and has_capability('mod/forum:managesubscriptions', $context->id)) {
if (forum_is_forcesubscribed($forum->id)) {
forum_forcesubscribe($forum->id, 0);
redirect($returnto, get_string("everyonecanchoose", "forum"), 1);
@ -97,7 +95,8 @@
}
} else { // subscribe
if ($forum->forcesubscribe == FORUM_DISALLOWSUBSCRIBE && !isteacher($forum->course)) {
if ($forum->forcesubscribe == FORUM_DISALLOWSUBSCRIBE &&
!has_capability('mod/forum:managesubscriptions', $context->id)) {
error(get_string('disallowsubscribe'),$_SERVER["HTTP_REFERER"]);
}
if (forum_subscribe($user->id, $forum->id) ) {

22
mod/forum/subscribers.php
View file

@ -21,18 +21,16 @@
require_login($course->id, false, $cm);
if (!isteacher($course->id)) {
error("This page is for teachers only");
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
if (!has_capability('mod/forum:viewsubscribers', $context->id)) {
error('You do not have the permission to view forum subscribers');
}
unset($SESSION->fromdiscussion);
add_to_log($course->id, "forum", "view subscribers", "subscribers.php?id=$forum->id", $forum->id, $cm->id);
if ($edit != -1) {
$USER->subscriptionsediting = $edit;
}
$strsubscribeall = get_string("subscribeall", "forum");
$strsubscribenone = get_string("subscribenone", "forum");
$strsubscribers = get_string("subscribers", "forum");
@ -41,8 +39,16 @@
$navigation = "<a href=\"index.php?id=$course->id\">$strforums</a> ->
<a href=\"view.php?f=$forum->id\">".format_string($forum->name,true)."</a> -> $strsubscribers";
print_header_simple("$strsubscribers", "", "$navigation",
"", "", true, forum_update_subscriptions_button($course->id, $id));
if (has_capability('mod/forum:managesubscriptions', $context->id)) {
print_header_simple("$strsubscribers", "", "$navigation",
"", "", true, forum_update_subscriptions_button($course->id, $id));
if ($edit != -1) {
$USER->subscriptionsediting = $edit;
}
} else {
print_header_simple("$strsubscribers", "", "$navigation", "", "", true, '');
unset($USER->subscriptionsediting);
}
/// Check to see if groups are being used in this forum
if ($groupmode = groupmode($course, $cm)) { // Groups are being used

34
mod/forum/user.php
View file

@ -27,7 +27,7 @@
require_course_login($course);
add_to_log($course->id, "forum", "user report", "user.php?course=$course->id&amp;id=$user->id&amp;mode=$mode", "$user->id");
add_to_log($course->id, "forum", "user report", "user.php?id=$course->id&amp;user=$user->id&amp;mode=$mode", "$user->id");
$strforumposts = get_string('forumposts', 'forum');
$strparticipants = get_string('participants');
@ -49,11 +49,18 @@
$currenttab = $mode;
include($CFG->dirroot.'/user/tabs.php'); /// Prints out tabs as part of user page
if ((!isteacheredit($course->id)) and forum_get_separate_modules($course->id)) {
$sepgroups = user_group($course->id, $USER->id);
} else {
$sepgroups = false;
$isseparategroups = /*(($course->groupmode == SEPARATEGROUPS and
$course->groupmodeforce and
!isteacheredit($course->id))*/forum_get_separate_modules($course->id);
/*
//editting teacher can view everything so do not pass in groupid
if (isteacheredit ($course->id)){
$isseparategroups = false;
}
*/
$groupid = $isseparategroups ? /*get_current_group*/mygroupid($course->id) : NULL;
switch ($mode) {
case 'posts' :
@ -68,8 +75,10 @@
}
echo '<div class="user-content">';
// Get the posts regardless of group first.
if ($posts = forum_search_posts($searchterms, $course->id, $page*$perpage, $perpage,
$totalcount, $sepgroups, $extrasql)) {
$totalcount, $groupid, $extrasql)) {
print_paging_bar($totalcount, $page, $perpage,
"user.php?id=$user->id&amp;course=$course->id&amp;mode=$mode&amp;perpage=$perpage&amp;");
foreach ($posts as $post) {
@ -80,7 +89,7 @@
if (! $forum = get_record('forum', 'id', "$discussion->forum")) {
error("Could not find forum $discussion->forum");
}
$fullsubject = "<a href=\"view.php?f=$forum->id\">".format_string($forum->name,true)."</a>";
if ($forum->type != 'single') {
$fullsubject .= " -> <a href=\"discuss.php?d=$discussion->id\">".format_string($discussion->name,true)."</a>";
@ -88,19 +97,20 @@
$fullsubject .= " -> <a href=\"discuss.php?d=$post->discussion&amp;parent=$post->id\">".format_string($post->subject,true)."</a>";
}
}
if (isadmin() && $course->id == SITEID) {
$context = get_context_instance(CONTEXT_SYSTEM, SITEID);
if ($course->id == SITEID && has_capability('moodle/site:config', $context->id)) {
$postcoursename = get_field('course', 'shortname', 'id', $forum->course);
$fullsubject = '<a href="'.$CFG->wwwroot.'/course/view.php?id='.$forum->course.'">'.$postcoursename.'</a> -> '. $fullsubject;
}
$post->subject = $fullsubject;
$fulllink = "<a href=\"discuss.php?d=$post->discussion#$post->id\">".
get_string("postincontext", "forum")."</a>";
forum_print_post($post, $course->id, false, false, false, false, $fulllink);
echo "<br />";
}

2
mod/forum/version.php
View file

@ -5,7 +5,7 @@
// This fragment is called by /admin/index.php
////////////////////////////////////////////////////////////////////////////////
$module->version = 2006011702;
$module->version = 2006080800;
$module->requires = 2005031000; // Requires this Moodle version
$module->cron = 60;

32
mod/forum/view.php
View file

@ -60,12 +60,15 @@
$navigation = "<a href=\"index.php?id=$course->id\">$strforums</a> ->";
if ($forum->type == "teacher") {
if (!isteacher($course->id)) {
error("You must be a $course->teacher to view this forum");
}
}
/// Check whether the should be able to view this forum.
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
if (!has_capability('mod/forum:viewforum', $context->id)) {
error('You do not have the permission to view this forum');
}
if ($cm->id) {
add_to_log($course->id, "forum", "view forum", "view.php?id=$cm->id", "$forum->id", $cm->id);
} else {
@ -75,7 +78,7 @@
print_header_simple(format_string($forum->name), "",
"$navigation ".format_string($forum->name), "", "", true, $buttontext, navmenu($course, $cm));
if (empty($cm->visible) and !isteacher($course->id)) {
if (empty($cm->visible) and !has_capability('moodle/course:manageactivities', $context->id)) {
notice(get_string("activityiscurrentlyhidden"));
}
@ -91,7 +94,9 @@
$currentgroup = get_and_set_current_group($course, $groupmode, $changegroup);
if ($groupmode and ($currentgroup === false) and !isteacheredit($course->id)) {
if ($groupmode and ($currentgroup === false) and
!has_capability('mod/forum:viewdiscussionsfromallgroups', $context->id)) {
print_heading(get_string("notingroup", "forum"));
print_footer($course);
exit;
@ -108,7 +113,9 @@
///menu for students in forums.
//now we need a menu for separategroups as well!
if ($groupmode == VISIBLEGROUPS or ($groupmode and isteacheredit($course->id))) {
if ($groupmode == VISIBLEGROUPS or ($groupmode and
has_capability('module:forum:viewdiscussionsfromallgroups', $context->id))) {
//the following query really needs to change
if ($groups = get_records_menu("groups", "courseid", $course->id, "name ASC", "id,name")) {
echo '<td>';
@ -143,7 +150,7 @@
$strallowchoice = get_string('allowchoice', 'forum');
helpbutton("subscription", $streveryoneissubscribed, "forum");
echo '&nbsp;<span class="helplink">';
if (isteacher($course->id)) {
if (has_capability('moodle/course:manageactivities', $context->id)) {
echo "<a title=\"$strallowchoice\" href=\"subscribe.php?id=$forum->id&amp;force=no\">$streveryoneissubscribed</a>";
} else {
echo $streveryoneissubscribed;
@ -161,7 +168,7 @@
helpbutton("subscription", $streveryonecanchoose, "forum");
echo '&nbsp;';
if (isteacher($course->id)) {
if (has_capability('moodle/course:manageactivities', $context->id)) {
echo "<span class=\"helplink\"><a title=\"$strforcesubscribe\" href=\"subscribe.php?id=$forum->id&amp;force=yes\">$streveryonecanchoose</a></span>";
echo "<br />";
echo "<span class=\"helplink\"><a href=\"subscribers.php?id=$forum->id\">$strshowsubscribers</a></span>";
@ -223,7 +230,7 @@
notify(get_string('thisforumisthrottled','forum',$a));
}
if ($forum->type == 'qanda' && !isteacher($forum->course)) {
if ($forum->type == 'qanda' && !has_capability('moodle/course:manageactivities', $context->id)) {
notify(get_string('qandanotify','forum'));
}
@ -246,7 +253,8 @@
set_user_preference("forum_displaymode", $mode);
}
$displaymode = get_user_preferences("forum_displaymode", $CFG->forum_displaymode);
forum_print_discussion($course, $forum, $discussion, $post, $displaymode);
$canrate = has_capability('mod/forum:rate', $context->id);
forum_print_discussion($course, $forum, $discussion, $post, $displaymode, NULL, $canrate);
break;
case 'eachuser':