moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-04 08:26:37 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

MDL-27542 calendar export: fixed the following:

Browse source 
1. changing auth token to use user id instead of username
2. add fall back checking for old url
3. remove yui functionality to generate calendar url
4. add missing variable
5. fixed usercontext instance
This commit is contained in:
Rossiani Wijaya 2011-11-07 17:07:00 +08:00
parent 735de1c276
commit d52777b486
7 changed files with 49 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

18
calendar/export.php
View file

@ -59,6 +59,7 @@ $action = optional_param('action', '', PARAM_ALPHA);
$day = optional_param('cal_d', 0, PARAM_INT); $day = optional_param('cal_d', 0, PARAM_INT);
$mon = optional_param('cal_m', 0, PARAM_INT); $mon = optional_param('cal_m', 0, PARAM_INT);
$yr = optional_param('cal_y', 0, PARAM_INT); $yr = optional_param('cal_y', 0, PARAM_INT);
$generateurl = optional_param('generateurl', 0, PARAM_BOOL);
if ($courseid != SITEID && !empty($courseid)) { if ($courseid != SITEID && !empty($courseid)) {
$course = $DB->get_record('course', array('id' => $courseid)); $course = $DB->get_record('course', array('id' => $courseid));
@ -93,6 +94,7 @@ $calendar = new calendar_information($day, $mon, $yr);
$calendar->prepare_for_view($course, $courses); $calendar->prepare_for_view($course, $courses);
$pagetitle = get_string('export', 'calendar'); $pagetitle = get_string('export', 'calendar');
$now = usergetdate(time());
// Print title and header // Print title and header
if ($issite) { if ($issite) {
@ -122,8 +124,8 @@ switch($action) {
if (isset($CFG->calendar_weekend)) { if (isset($CFG->calendar_weekend)) {
$weekend = intval($CFG->calendar_weekend); $weekend = intval($CFG->calendar_weekend);
} }
$username = $USER->username;
$authtoken = sha1($USER->username . $USER->password . $CFG->calendar_exportsalt); $authtoken = sha1($USER->id . $USER->password . $CFG->calendar_exportsalt);
// Let's populate some vars to let "common tasks" be somewhat smart... // Let's populate some vars to let "common tasks" be somewhat smart...
// If today it's weekend, give the "next week" option // If today it's weekend, give the "next week" option
$allownextweek = $weekend & (1 << $now['wday']); $allownextweek = $weekend & (1 << $now['wday']);
@ -131,9 +133,19 @@ switch($action) {
$allownextmonth = calendar_days_in_month($now['mon'], $now['year']) - $now['mday'] < 7; $allownextmonth = calendar_days_in_month($now['mon'], $now['year']) - $now['mday'] < 7;
// If today it's weekend but tomorrow it isn't, do NOT give the "this week" option // If today it's weekend but tomorrow it isn't, do NOT give the "this week" option
$allowthisweek = !(($weekend & (1 << $now['wday'])) && !($weekend & (1 << (($now['wday'] + 1) % 7)))); $allowthisweek = !(($weekend & (1 << $now['wday'])) && !($weekend & (1 << (($now['wday'] + 1) % 7))));
echo $renderer->basic_export_form($allowthisweek, $allownextweek, $allownextmonth, $username, $authtoken); echo $renderer->basic_export_form($allowthisweek, $allownextweek, $allownextmonth, $USER->id, $authtoken);
break; break;
} }
if (!empty($generateurl)) {
$params['userid'] = optional_param('userid', 0, PARAM_INT);
$params['authtoken'] = optional_param('authtoken', '', PARAM_ALPHANUM);
$params['preset_what'] = optional_param('preset_what', 'all', PARAM_ALPHA);
$params['preset_time'] = optional_param('preset_time', 'weeknow', PARAM_ALPHA);
$link = new moodle_url('/calendar/export_execute.php', $params);
print html_writer::tag('div', get_string('calendarurl', 'calendar', $link->out()), array('class' => 'generalbox calendarurl'));
}
echo $renderer->complete_layout(); echo $renderer->complete_layout();
echo $OUTPUT->footer(); echo $OUTPUT->footer();

28
calendar/export_execute.php
View file

@ -5,21 +5,29 @@ require_once('../config.php');
require_once($CFG->dirroot.'/calendar/lib.php'); require_once($CFG->dirroot.'/calendar/lib.php');
require_once($CFG->libdir.'/bennu/bennu.inc.php'); require_once($CFG->libdir.'/bennu/bennu.inc.php');
$username = required_param('username', PARAM_TEXT); $userid = optional_param('userid', 0, PARAM_INT);
$username = optional_param('username', '', PARAM_TEXT);
$authtoken = required_param('authtoken', PARAM_ALPHANUM); $authtoken = required_param('authtoken', PARAM_ALPHANUM);
$generateurl = optional_param('generateurl', '', PARAM_TEXT);
if (empty($CFG->enablecalendarexport)) { if (empty($CFG->enablecalendarexport)) {
die('no export'); die('no export');
} }
//Fetch user information //Fetch user information
if (!$user = $DB->get_record('user', array('username' => $username), 'id,password')) { $checkuserid = !empty($userid) && $user = $DB->get_record('user', array('id' => $userid), 'id,password');
//allowing for fallback check of old url - MDL-27542
$checkusername = !empty($username) && $user = $DB->get_record('user', array('username' => $username), 'id,password');
if (!$checkuserid && !$checkusername) {
//No such user //No such user
die('Invalid authentication'); die('Invalid authentication');
} }
//Check authentication token //Check authentication token
if ($authtoken != sha1($username . $user->password . $CFG->calendar_exportsalt)) { $authuserid = !empty($userid) && $authtoken == sha1($userid . $user->password . $CFG->calendar_exportsalt);
//allowing for fallback check of old url - MDL-27542
$authusername = !empty($username) && $authtoken == sha1($username . $user->password . $CFG->calendar_exportsalt);
if (!$authuserid && !$authusername) {
die('Invalid authentication'); die('Invalid authentication');
} }
@ -31,6 +39,20 @@ $now = usergetdate(time());
$allowed_what = array('all', 'courses'); $allowed_what = array('all', 'courses');
$allowed_time = array('weeknow', 'weeknext', 'monthnow', 'monthnext', 'recentupcoming'); $allowed_time = array('weeknow', 'weeknext', 'monthnow', 'monthnext', 'recentupcoming');
if (!empty($generateurl)) {
$authtoken = sha1($user->id . $user->password . $CFG->calendar_exportsalt);
$params = array();
$params['preset_what'] = $what;
$params['preset_time'] = $time;
$params['userid'] = $userid;
$params['authtoken'] = $authtoken;
$params['generateurl'] = true;
$link = new moodle_url('/calendar/export.php', $params);
redirect($link->out());
die;
}
if(!empty($what) && !empty($time)) { if(!empty($what) && !empty($time)) {
if(in_array($what, $allowed_what) && in_array($time, $allowed_time)) { if(in_array($what, $allowed_what) && in_array($time, $allowed_time)) {
$courses = enrol_get_users_courses($user->id, true, 'id, visible, shortname'); $courses = enrol_get_users_courses($user->id, true, 'id, visible, shortname');

2
calendar/lib.php
View file

@ -1806,7 +1806,7 @@ class calendar_event {
$group = $DB->get_record('groups', array('id'=>$data->groupid)); $group = $DB->get_record('groups', array('id'=>$data->groupid));
$context = get_context_instance(CONTEXT_COURSE, $group->courseid); $context = get_context_instance(CONTEXT_COURSE, $group->courseid);
} else if (isset($data->userid) && $data->userid > 0 && $data->userid == $USER->id) { } else if (isset($data->userid) && $data->userid > 0 && $data->userid == $USER->id) {
$context = get_context_instance(CONTEXT_USER); $context = get_context_instance(CONTEXT_USER, $data->userid);
} else if (isset($data->userid) && $data->userid > 0 && $data->userid != $USER->id && } else if (isset($data->userid) && $data->userid > 0 && $data->userid != $USER->id &&
isset($data->instance) && $data->instance > 0) { isset($data->instance) && $data->instance > 0) {
$cm = get_coursemodule_from_instance($data->modulename, $data->instance, 0, false, MUST_EXIST); $cm = get_coursemodule_from_instance($data->modulename, $data->instance, 0, false, MUST_EXIST);

10
calendar/renderer.php
View file

@ -34,11 +34,11 @@ class core_calendar_renderer extends plugin_renderer_base {
* @param bool $allowthisweek * @param bool $allowthisweek
* @param bool $allownextweek * @param bool $allownextweek
* @param bool $allownextmonth * @param bool $allownextmonth
* @param string $username * @param int $userid
* @param string $authtoken * @param string $authtoken
* @return string * @return string
*/ */
public function basic_export_form($allowthisweek, $allownextweek, $allownextmonth, $username, $authtoken) { public function basic_export_form($allowthisweek, $allownextweek, $allownextmonth, $userid, $authtoken) {
$output = html_writer::tag('div', get_string('export', 'calendar'), array('class'=>'header')); $output = html_writer::tag('div', get_string('export', 'calendar'), array('class'=>'header'));
$output .= html_writer::start_tag('fieldset'); $output .= html_writer::start_tag('fieldset');
@ -86,10 +86,10 @@ class core_calendar_renderer extends plugin_renderer_base {
$output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'cal_d', 'value'=>'')); $output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'cal_d', 'value'=>''));
$output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'cal_m', 'value'=>'')); $output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'cal_m', 'value'=>''));
$output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'cal_y', 'value'=>'')); $output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'cal_y', 'value'=>''));
$output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'username', 'value'=>$username)); $output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'userid', 'value'=>$userid));
$output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'authtoken', 'value'=>$authtoken)); $output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'authtoken', 'value'=>$authtoken));
$output .= html_writer::empty_tag('input', array('type'=>'button', 'id'=>'generateurl', 'value'=>get_string('generateurlbutton', 'calendar'))); $output .= html_writer::empty_tag('input', array('type'=>'submit', 'name' => 'generateurl', 'id'=>'generateurl', 'value'=>get_string('generateurlbutton', 'calendar')));
$output .= html_writer::empty_tag('input', array('type'=>'submit', 'value'=>get_string('exportbutton', 'calendar'))); $output .= html_writer::empty_tag('input', array('type'=>'submit', 'value'=>get_string('exportbutton', 'calendar')));
$output .= html_writer::end_tag('div'); $output .= html_writer::end_tag('div');
@ -102,8 +102,6 @@ class core_calendar_renderer extends plugin_renderer_base {
$output .= html_writer::tag('div', '', array('id'=>'url', 'style'=>'overflow:scroll;width:650px;')); $output .= html_writer::tag('div', '', array('id'=>'url', 'style'=>'overflow:scroll;width:650px;'));
$output .= html_writer::end_tag('div'); $output .= html_writer::end_tag('div');
$this->page->requires->yui_module('moodle-calendar-eventmanager', 'M.core_calendar.init_basic_export', array($allowthisweek, $allownextweek, $allownextmonth, $username, $authtoken));
return $output; return $output;
} }

4
calendar/view.php
View file

@ -150,8 +150,8 @@ echo $OUTPUT->container_start('bottom');
if (!empty($CFG->enablecalendarexport)) { if (!empty($CFG->enablecalendarexport)) {
echo $OUTPUT->single_button(new moodle_url('export.php', array('course'=>$courseid)), get_string('exportcalendar', 'calendar')); echo $OUTPUT->single_button(new moodle_url('export.php', array('course'=>$courseid)), get_string('exportcalendar', 'calendar'));
if (isloggedin()) { if (isloggedin()) {
$authtoken = sha1($USER->username . $USER->password . $CFG->calendar_exportsalt); $authtoken = sha1($USER->id . $USER->password . $CFG->calendar_exportsalt);
$link = new moodle_url('/calendar/export_execute.php', array('preset_what'=>'all', 'preset_time'=>'recentupcoming', 'username'=>$USER->username, 'authtoken'=>$authtoken)); $link = new moodle_url('/calendar/export_execute.php', array('preset_what'=>'all', 'preset_time'=>'recentupcoming', 'userid' => $USER->id, 'authtoken'=>$authtoken));
$icon = html_writer::empty_tag('img', array('src'=>$OUTPUT->pix_url('i/ical'), 'height'=>'14', 'width'=>'36', 'alt'=>get_string('ical', 'calendar'), 'title'=>get_string('quickdownloadcalendar', 'calendar'))); $icon = html_writer::empty_tag('img', array('src'=>$OUTPUT->pix_url('i/ical'), 'height'=>'14', 'width'=>'36', 'alt'=>get_string('ical', 'calendar'), 'title'=>get_string('quickdownloadcalendar', 'calendar')));
echo html_writer::tag('a', $icon, array('href'=>$link)); echo html_writer::tag('a', $icon, array('href'=>$link));
} }

20
calendar/yui/eventmanager/eventmanager.js vendored
View file

@ -120,26 +120,6 @@ YUI.add('moodle-calendar-eventmanager', function(Y) {
var EVENTMANAGER = { var EVENTMANAGER = {
add_event : function(config) { add_event : function(config) {
new EVENT(config); new EVENT(config);
},
init_basic_export : function(allowthisweek, allownextweek, allownextmonth, username, authtoken) {
var params = {
preset_what : (Y.one('#pw_course').get('checked'))?'courses':'all',
preset_time : 'recentupcoming',
username : username,
authtoken : authtoken
}
if (allowthisweek && Y.one('#pt_wknow').get('checked')) {
params.presettime = 'weeknow';
} else if (allownextweek && Y.one('#pt_wknext').get('checked')) {
params.presettime = 'weeknext';
} else if (allownextmonth && Y.one('#pt_monnext').get('checked')) {
params.presettime = 'monthnext';
} else if (Y.one('#pt_monnow').get('checked')) {
params.presettime = 'monthnow';
}
Y.one('#url').setContent(M.cfg.wwwroot+'/calendar/export_execute.php?'+build_querystring(params));
Y.one('#urlbox').setStyle('display', 'block');
} }
} }

1
lang/en/calendar.php
View file

@ -28,6 +28,7 @@ $string['allday'] = 'All day';
$string['calendar'] = 'Calendar'; $string['calendar'] = 'Calendar';
$string['calendarheading'] = '{$a} Calendar'; $string['calendarheading'] = '{$a} Calendar';
$string['calendarpreferences'] = 'Calendar preferences'; $string['calendarpreferences'] = 'Calendar preferences';
$string['calendarurl'] = 'Calendar URL: {$a}';
$string['clickhide'] = 'click to hide'; $string['clickhide'] = 'click to hide';
$string['clickshow'] = 'click to show'; $string['clickshow'] = 'click to show';
$string['commontasks'] = 'Options'; $string['commontasks'] = 'Options';