MDL-29844 Administration: Added new config for users to login for viewing profile image

admin/settings/security.php

@@ -16,6 +16,7 @@ if ($hassiteconfig) { // speedup for non-admins, add all caps used on this page
     $temp->add(new admin_setting_configcheckbox('protectusernames', get_string('protectusernames', 'admin'), get_string('configprotectusernames', 'admin'), 1));
     $temp->add(new admin_setting_configcheckbox('forcelogin', get_string('forcelogin', 'admin'), get_string('configforcelogin', 'admin'), 0));
     $temp->add(new admin_setting_configcheckbox('forceloginforprofiles', get_string('forceloginforprofiles', 'admin'), get_string('configforceloginforprofiles', 'admin'), 1));
+    $temp->add(new admin_setting_configcheckbox('forceloginforprofileimage', get_string('forceloginforprofileimage', 'admin'), get_string('forceloginforprofileimage_help', 'admin'), 0));
     $temp->add(new admin_setting_configcheckbox('opentogoogle', get_string('opentogoogle', 'admin'), get_string('configopentogoogle', 'admin'), 0));
     $temp->add(new admin_setting_pickroles('profileroles',
         get_string('profileroles','admin'),

lang/en/admin.php

@@ -516,6 +516,8 @@ $string['filtersettings'] = 'Manage filters';
 $string['filtersettingsgeneral'] = 'General filter settings';
 $string['filteruploadedfiles'] = 'Filter uploaded files';
 $string['forcelogin'] = 'Force users to login';
+$string['forceloginforprofileimage'] = 'Force users to login to view user pictures';
+$string['forceloginforprofileimage_help'] = 'If enabled, users must login in order to view user profile pictures and the default user picture will be used in all notification emails.';
 $string['forceloginforprofiles'] = 'Force users to login for profiles';
 $string['forcetimezone'] = 'Force default timezone';
 $string['frontpage'] = 'Front page';

lib/filelib.php

@@ -3404,8 +3404,10 @@ function file_pluginfile($relativepath, $forcedownload) {
                 $themename = array_shift($args);
                 $filename = array_shift($args);
             }
-            if ((!empty($CFG->forcelogin) and !isloggedin())) {
+            if ((!empty($CFG->forcelogin) and !isloggedin()) ||
+                    (!empty($CFG->forceloginforprofileimage) && (!isloggedin() || isguestuser()))) {
                 // protect images if login required and not logged in;
+                // also if login is required for profile images and is not logged in or guest
                 // do not use require_login() because it is expensive and not suitable here anyway
                 $redirect = true;
             }

lib/outputcomponents.php

@@ -276,8 +276,10 @@ class user_picture implements renderable {
             $renderer = $page->get_renderer('core');
         }
 
-        if (!empty($CFG->forcelogin) and !isloggedin()) {
+        if ((!empty($CFG->forcelogin) and !isloggedin()) ||
+                (!empty($CFG->forceloginforprofileimage) && (!isloggedin() || isguestuser()))) {
             // protect images if login required and not logged in;
+            // also if login is required for profile images and is not logged in or guest
             // do not use require_login() because it is expensive and not suitable here anyway
             return $renderer->pix_url('u/f1');
         }

version.php

@@ -30,7 +30,7 @@
 defined('MOODLE_INTERNAL') || die();
 
 
-$version  = 2011120500.04;              // 20111205      = branching date YYYYMMDD - do not modify!
+$version  = 2011120500.05;              // 20111205      = branching date YYYYMMDD - do not modify!
                                         //         RR    = release increments - 00 in DEV branches
                                         //           .XX = incremental changes