mirror of
https://github.com/moodle/moodle.git
synced 2025-08-03 16:13:28 +02:00
MDL-27542 calendar export: fixed the following:
1. changing auth token to use user id instead of username 2. add fall back checking for old url 3. remove yui functionality to generate calendar url 4. add missing variable 5. fixed usercontext instance
This commit is contained in:
Rossiani Wijaya
parent
735de1c276
commit
d52777b486
7 changed files with 49 additions and 36 deletions
|
|
@ -59,6 +59,7 @@ $action = optional_param('action', '', PARAM_ALPHA);
|
|||
$day = optional_param('cal_d', 0, PARAM_INT);
|
||||
$mon = optional_param('cal_m', 0, PARAM_INT);
|
||||
$yr = optional_param('cal_y', 0, PARAM_INT);
|
||||
$generateurl = optional_param('generateurl', 0, PARAM_BOOL);
|
||||
|
||||
if ($courseid != SITEID && !empty($courseid)) {
|
||||
$course = $DB->get_record('course', array('id' => $courseid));
|
||||
|
|
@ -93,6 +94,7 @@ $calendar = new calendar_information($day, $mon, $yr);
|
|||
$calendar->prepare_for_view($course, $courses);
|
||||
|
||||
$pagetitle = get_string('export', 'calendar');
|
||||
$now = usergetdate(time());
|
||||
|
||||
// Print title and header
|
||||
if ($issite) {
|
||||
|
|
@ -122,8 +124,8 @@ switch($action) {
|
|||
if (isset($CFG->calendar_weekend)) {
|
||||
$weekend = intval($CFG->calendar_weekend);
|
||||
}
|
||||
$username = $USER->username;
|
||||
$authtoken = sha1($USER->username . $USER->password . $CFG->calendar_exportsalt);
|
||||
|
||||
$authtoken = sha1($USER->id . $USER->password . $CFG->calendar_exportsalt);
|
||||
// Let's populate some vars to let "common tasks" be somewhat smart...
|
||||
// If today it's weekend, give the "next week" option
|
||||
$allownextweek = $weekend & (1 << $now['wday']);
|
||||
|
|
@ -131,9 +133,19 @@ switch($action) {
|
|||
$allownextmonth = calendar_days_in_month($now['mon'], $now['year']) - $now['mday'] < 7;
|
||||
// If today it's weekend but tomorrow it isn't, do NOT give the "this week" option
|
||||
$allowthisweek = !(($weekend & (1 << $now['wday'])) && !($weekend & (1 << (($now['wday'] + 1) % 7))));
|
||||
echo $renderer->basic_export_form($allowthisweek, $allownextweek, $allownextmonth, $username, $authtoken);
|
||||
echo $renderer->basic_export_form($allowthisweek, $allownextweek, $allownextmonth, $USER->id, $authtoken);
|
||||
break;
|
||||
}
|
||||
|
||||
if (!empty($generateurl)) {
|
||||
$params['userid'] = optional_param('userid', 0, PARAM_INT);
|
||||
$params['authtoken'] = optional_param('authtoken', '', PARAM_ALPHANUM);
|
||||
$params['preset_what'] = optional_param('preset_what', 'all', PARAM_ALPHA);
|
||||
$params['preset_time'] = optional_param('preset_time', 'weeknow', PARAM_ALPHA);
|
||||
|
||||
$link = new moodle_url('/calendar/export_execute.php', $params);
|
||||
print html_writer::tag('div', get_string('calendarurl', 'calendar', $link->out()), array('class' => 'generalbox calendarurl'));
|
||||
}
|
||||
|
||||
echo $renderer->complete_layout();
|
||||
echo $OUTPUT->footer();
|
||||
|
|
|
|||
|
|
@ -5,21 +5,29 @@ require_once('../config.php');
|
|||
require_once($CFG->dirroot.'/calendar/lib.php');
|
||||
require_once($CFG->libdir.'/bennu/bennu.inc.php');
|
||||
|
||||
$username = required_param('username', PARAM_TEXT);
|
||||
$userid = optional_param('userid', 0, PARAM_INT);
|
||||
$username = optional_param('username', '', PARAM_TEXT);
|
||||
$authtoken = required_param('authtoken', PARAM_ALPHANUM);
|
||||
$generateurl = optional_param('generateurl', '', PARAM_TEXT);
|
||||
|
||||
if (empty($CFG->enablecalendarexport)) {
|
||||
die('no export');
|
||||
}
|
||||
|
||||
//Fetch user information
|
||||
if (!$user = $DB->get_record('user', array('username' => $username), 'id,password')) {
|
||||
//No such user
|
||||
$checkuserid = !empty($userid) && $user = $DB->get_record('user', array('id' => $userid), 'id,password');
|
||||
//allowing for fallback check of old url - MDL-27542
|
||||
$checkusername = !empty($username) && $user = $DB->get_record('user', array('username' => $username), 'id,password');
|
||||
if (!$checkuserid && !$checkusername) {
|
||||
//No such user
|
||||
die('Invalid authentication');
|
||||
}
|
||||
|
||||
//Check authentication token
|
||||
if ($authtoken != sha1($username . $user->password . $CFG->calendar_exportsalt)) {
|
||||
$authuserid = !empty($userid) && $authtoken == sha1($userid . $user->password . $CFG->calendar_exportsalt);
|
||||
//allowing for fallback check of old url - MDL-27542
|
||||
$authusername = !empty($username) && $authtoken == sha1($username . $user->password . $CFG->calendar_exportsalt);
|
||||
if (!$authuserid && !$authusername) {
|
||||
die('Invalid authentication');
|
||||
}
|
||||
|
||||
|
|
@ -31,6 +39,20 @@ $now = usergetdate(time());
|
|||
$allowed_what = array('all', 'courses');
|
||||
$allowed_time = array('weeknow', 'weeknext', 'monthnow', 'monthnext', 'recentupcoming');
|
||||
|
||||
if (!empty($generateurl)) {
|
||||
$authtoken = sha1($user->id . $user->password . $CFG->calendar_exportsalt);
|
||||
$params = array();
|
||||
$params['preset_what'] = $what;
|
||||
$params['preset_time'] = $time;
|
||||
$params['userid'] = $userid;
|
||||
$params['authtoken'] = $authtoken;
|
||||
$params['generateurl'] = true;
|
||||
|
||||
$link = new moodle_url('/calendar/export.php', $params);
|
||||
redirect($link->out());
|
||||
die;
|
||||
}
|
||||
|
||||
if(!empty($what) && !empty($time)) {
|
||||
if(in_array($what, $allowed_what) && in_array($time, $allowed_time)) {
|
||||
$courses = enrol_get_users_courses($user->id, true, 'id, visible, shortname');
|
||||
|
|
|
|||
|
|
@ -1806,7 +1806,7 @@ class calendar_event {
|
|||
$group = $DB->get_record('groups', array('id'=>$data->groupid));
|
||||
$context = get_context_instance(CONTEXT_COURSE, $group->courseid);
|
||||
} else if (isset($data->userid) && $data->userid > 0 && $data->userid == $USER->id) {
|
||||
$context = get_context_instance(CONTEXT_USER);
|
||||
$context = get_context_instance(CONTEXT_USER, $data->userid);
|
||||
} else if (isset($data->userid) && $data->userid > 0 && $data->userid != $USER->id &&
|
||||
isset($data->instance) && $data->instance > 0) {
|
||||
$cm = get_coursemodule_from_instance($data->modulename, $data->instance, 0, false, MUST_EXIST);
|
||||
|
|
|
|||
|
|
@ -34,11 +34,11 @@ class core_calendar_renderer extends plugin_renderer_base {
|
|||
* @param bool $allowthisweek
|
||||
* @param bool $allownextweek
|
||||
* @param bool $allownextmonth
|
||||
* @param string $username
|
||||
* @param int $userid
|
||||
* @param string $authtoken
|
||||
* @return string
|
||||
*/
|
||||
public function basic_export_form($allowthisweek, $allownextweek, $allownextmonth, $username, $authtoken) {
|
||||
public function basic_export_form($allowthisweek, $allownextweek, $allownextmonth, $userid, $authtoken) {
|
||||
|
||||
$output = html_writer::tag('div', get_string('export', 'calendar'), array('class'=>'header'));
|
||||
$output .= html_writer::start_tag('fieldset');
|
||||
|
|
@ -86,10 +86,10 @@ class core_calendar_renderer extends plugin_renderer_base {
|
|||
$output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'cal_d', 'value'=>''));
|
||||
$output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'cal_m', 'value'=>''));
|
||||
$output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'cal_y', 'value'=>''));
|
||||
$output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'username', 'value'=>$username));
|
||||
$output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'userid', 'value'=>$userid));
|
||||
$output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'authtoken', 'value'=>$authtoken));
|
||||
|
||||
$output .= html_writer::empty_tag('input', array('type'=>'button', 'id'=>'generateurl', 'value'=>get_string('generateurlbutton', 'calendar')));
|
||||
$output .= html_writer::empty_tag('input', array('type'=>'submit', 'name' => 'generateurl', 'id'=>'generateurl', 'value'=>get_string('generateurlbutton', 'calendar')));
|
||||
$output .= html_writer::empty_tag('input', array('type'=>'submit', 'value'=>get_string('exportbutton', 'calendar')));
|
||||
|
||||
$output .= html_writer::end_tag('div');
|
||||
|
|
@ -102,8 +102,6 @@ class core_calendar_renderer extends plugin_renderer_base {
|
|||
$output .= html_writer::tag('div', '', array('id'=>'url', 'style'=>'overflow:scroll;width:650px;'));
|
||||
$output .= html_writer::end_tag('div');
|
||||
|
||||
$this->page->requires->yui_module('moodle-calendar-eventmanager', 'M.core_calendar.init_basic_export', array($allowthisweek, $allownextweek, $allownextmonth, $username, $authtoken));
|
||||
|
||||
return $output;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -150,8 +150,8 @@ echo $OUTPUT->container_start('bottom');
|
|||
if (!empty($CFG->enablecalendarexport)) {
|
||||
echo $OUTPUT->single_button(new moodle_url('export.php', array('course'=>$courseid)), get_string('exportcalendar', 'calendar'));
|
||||
if (isloggedin()) {
|
||||
$authtoken = sha1($USER->username . $USER->password . $CFG->calendar_exportsalt);
|
||||
$link = new moodle_url('/calendar/export_execute.php', array('preset_what'=>'all', 'preset_time'=>'recentupcoming', 'username'=>$USER->username, 'authtoken'=>$authtoken));
|
||||
$authtoken = sha1($USER->id . $USER->password . $CFG->calendar_exportsalt);
|
||||
$link = new moodle_url('/calendar/export_execute.php', array('preset_what'=>'all', 'preset_time'=>'recentupcoming', 'userid' => $USER->id, 'authtoken'=>$authtoken));
|
||||
$icon = html_writer::empty_tag('img', array('src'=>$OUTPUT->pix_url('i/ical'), 'height'=>'14', 'width'=>'36', 'alt'=>get_string('ical', 'calendar'), 'title'=>get_string('quickdownloadcalendar', 'calendar')));
|
||||
echo html_writer::tag('a', $icon, array('href'=>$link));
|
||||
}
|
||||
|
|
|
|||
20
calendar/yui/eventmanager/eventmanager.js
vendored
20
calendar/yui/eventmanager/eventmanager.js
vendored
|
|
@ -120,26 +120,6 @@ YUI.add('moodle-calendar-eventmanager', function(Y) {
|
|||
var EVENTMANAGER = {
|
||||
add_event : function(config) {
|
||||
new EVENT(config);
|
||||
},
|
||||
init_basic_export : function(allowthisweek, allownextweek, allownextmonth, username, authtoken) {
|
||||
var params = {
|
||||
preset_what : (Y.one('#pw_course').get('checked'))?'courses':'all',
|
||||
preset_time : 'recentupcoming',
|
||||
username : username,
|
||||
authtoken : authtoken
|
||||
|
||||
}
|
||||
if (allowthisweek && Y.one('#pt_wknow').get('checked')) {
|
||||
params.presettime = 'weeknow';
|
||||
} else if (allownextweek && Y.one('#pt_wknext').get('checked')) {
|
||||
params.presettime = 'weeknext';
|
||||
} else if (allownextmonth && Y.one('#pt_monnext').get('checked')) {
|
||||
params.presettime = 'monthnext';
|
||||
} else if (Y.one('#pt_monnow').get('checked')) {
|
||||
params.presettime = 'monthnow';
|
||||
}
|
||||
Y.one('#url').setContent(M.cfg.wwwroot+'/calendar/export_execute.php?'+build_querystring(params));
|
||||
Y.one('#urlbox').setStyle('display', 'block');
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -28,6 +28,7 @@ $string['allday'] = 'All day';
|
|||
$string['calendar'] = 'Calendar';
|
||||
$string['calendarheading'] = '{$a} Calendar';
|
||||
$string['calendarpreferences'] = 'Calendar preferences';
|
||||
$string['calendarurl'] = 'Calendar URL: {$a}';
|
||||
$string['clickhide'] = 'click to hide';
|
||||
$string['clickshow'] = 'click to show';
|
||||
$string['commontasks'] = 'Options';
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue