New feature: Site Policy Agreements.

If the admin specifies a Policy Agreement (via URL in the config variables)
then each user is required to see and agree to that document once before
continuing.

To get everyone to see it again (on an update, say) one just needs to issue:

   UPDATE user SET policyagreed = 0

diff --git a/admin/config.html b/admin/config.html
index abb3ac4c5f086e15911415696e0ac15bc06eee48..e11e41b75952a5648f352f812923df2328e0ca28 100644 (file)
--- a/admin/config.html
+++ b/admin/config.html
@@ -478,6 +478,14 @@
     <?php print_string("configallowunenroll") ?>
     </td>
 </tr>
+<tr valign="top">
+    <td align="right">sitepolicy:</td>
+    <td><input type="text" name="sitepolicy" size="30" value="<?php echo $config->sitepolicy ?>" alt="sitepolicy" /></td>
+    </td>
+    <td>
+    <?php print_string("configsitepolicy") ?>
+    </td>
+</tr>
 <tr valign="top">
     <td align="right">maxbytes:</td>
     <td>

diff --git a/lang/en/moodle.php b/lang/en/moodle.php
index f5d81d62237cfc0251c284e0fe4b29cd54564f81..78a9c1b384caa05cb5340a12157a41d533995e95 100644 (file)
--- a/lang/en/moodle.php
+++ b/lang/en/moodle.php
@@ -214,6 +214,7 @@ $string['configsecureforms'] = 'Moodle can use an additional level of security w
 $string['configsessioncookie'] = 'This setting customises the name of the cookie used for Moodle sessions.  This is optional, and only useful to avoid cookies being confused when there is more than one copy of Moodle running within the same web site.';
 $string['configsessiontimeout'] = 'If people logged in to this site are idle for a long time (without loading pages) then they are automatically logged out (their session is ended).  This variable specifies how long this time should be.';
 $string['configshowsiteparticipantslist'] = 'All of these site students and site teachers will be listed on the site participants list. Who shall be allowed to see this site participants list?';
+$string['configsitepolicy'] = 'If you have a site policy that all users must see and agree to before using this site, then specify the URL to it here, otherwise leave this field blank.  The URL can point to anywhere - one convenient place would be a file in the site files.  eg http://yoursite/file.php/1/policy.html';
 $string['configslasharguments'] = 'Files (images, uploads etc) are provided via a script using \'slash arguments\' (the second option here). This method allows files to be more easily cached in web browsers, proxy servers etc.  Unfortunately, some PHP servers don\'t allow this method, so if you have trouble viewing uploaded files or images (eg user pictures), set this variable to the first option';
 $string['configsmtphosts'] = 'Give the full name of one or more local SMTP servers that Moodle should use to send mail (eg \'mail.a.com\' or \'mail.a.com;mail.b.com\'). If you leave it blank, Moodle will use the PHP default method of sending mail.';
 $string['configsmtpuser'] = 'If you have specified an SMTP server above, and the server requires authentication, then enter the username and password here.';
@@ -830,6 +831,9 @@ $string['people'] = 'People';
 $string['personalprofile'] = 'Personal profile';
 $string['phone'] = 'Phone';
 $string['phpinfo'] = 'PHP info';
+$string['policyagree'] = 'You must agree to this policy to continue using this site.';
+$string['policyagreement'] = 'Site Policy Agreement';
+$string['policyagreementclick'] = 'Click here to read the Site Policy Agreement';
 $string['popupwindow'] = 'Open file in new window';
 $string['potentialadmins'] = 'Potential admins';
 $string['potentialcreators'] = 'Potential course creators';

diff --git a/lib/db/mysql.php b/lib/db/mysql.php
index b570656c7e6492907cfe52a22389241270c8059d..8725f4fd60257c315e6191e3bb64097f2ab5b4a2 100644 (file)
--- a/lib/db/mysql.php
+++ b/lib/db/mysql.php
@@ -1004,6 +1004,11 @@ function main_upgrade($oldversion=0) {
         modify_database('','ALTER TABLE prefix_user_teachers DROP INDEX courseuserid;');
         modify_database('','ALTER TABLE prefix_user_teachers ADD UNIQUE INDEX courseuserid(course,userid);');        
     } 
+
+    if ($oldversion < 2004112900) {
+        table_column('user', '', 'policyagreed', 'integer', '1', 'unsigned', '0', 'not null', 'confirmed');
+    }
+
        
     return $result;
 

diff --git a/lib/db/mysql.sql b/lib/db/mysql.sql
index f0cefade032f67cff21317c1e4f52dc1c0fcebbc..bf7326dd39b218fea5f1642a59c95b58912f0268 100644 (file)
--- a/lib/db/mysql.sql
+++ b/lib/db/mysql.sql
@@ -334,6 +334,7 @@ CREATE TABLE `prefix_user` (
   `id` int(10) unsigned NOT NULL auto_increment,
   `auth` varchar(20) NOT NULL default 'manual',
   `confirmed` tinyint(1) NOT NULL default '0',
+  `policyagreed` tinyint(1) NOT NULL default '0',
   `deleted` tinyint(1) NOT NULL default '0',
   `username` varchar(100) NOT NULL default '',
   `password` varchar(32) NOT NULL default '',

diff --git a/lib/db/postgres7.php b/lib/db/postgres7.php
index 2401f4185555f93a1008e7b8ce8bb1d3d5140720..c552dfeb4d9b0fdeabcaa7462f0ebdfd6073d799 100644 (file)
--- a/lib/db/postgres7.php
+++ b/lib/db/postgres7.php
@@ -773,6 +773,10 @@ function main_upgrade($oldversion=0) {
         modify_database('', "CREATE UNIQUE INDEX prefix_user_username_uk ON prefix_user (username);");
         
     } 
+
+    if ($oldversion < 2004112900) {
+        table_column('user', '', 'policyagreed', 'integer', '1', 'unsigned', '0', 'not null', 'confirmed');
+    }
     
     return $result;
 }

diff --git a/lib/db/postgres7.sql b/lib/db/postgres7.sql
index e928974090483122848f371da12e322f15136525..96f13a8b88e12d08870728accbc3b83bc139d7a3 100644 (file)
--- a/lib/db/postgres7.sql
+++ b/lib/db/postgres7.sql
@@ -223,6 +223,7 @@ CREATE TABLE prefix_user (
    id SERIAL PRIMARY KEY,
    auth varchar(20) NOT NULL default 'manual',
    confirmed integer NOT NULL default '0',
+   policyagreed integer NOT NULL default '0',
    deleted integer NOT NULL default '0',
    username varchar(100) NOT NULL default '',
    password varchar(32) NOT NULL default '',

diff --git a/lib/defaults.php b/lib/defaults.php
index 697222bb539dc8d8d7ed64931b244b16d23447f7..ac7c2a14d1da64e41e55d5ad98e690809a8e75e0 100644 (file)
--- a/lib/defaults.php
+++ b/lib/defaults.php
@@ -56,6 +56,7 @@
        'sessioncookie'            => '',
        'sessiontimeout'           =>  7200,
        'showsiteparticipantslist' =>  0,
+       'sitepolicy'               => '',
        'slasharguments'           =>  1,
        'smtphosts'                => '',
        'smtppass'                 => '',

diff --git a/lib/moodlelib.php b/lib/moodlelib.php
index 289ad938c89fd6dc80df0692cfd823a7175a88e7..08a5fd5138ec9b4c2bce79d6d13f4a1ea188f478 100644 (file)
--- a/lib/moodlelib.php
+++ b/lib/moodlelib.php
@@ -754,7 +754,7 @@ function require_login($courseid=0, $autologinguest=true) {
     }
 
     // check whether the user should be changing password
-    reload_user_preferences();
+    // reload_user_preferences();    // Why is this necessary?  Seems wasteful.  - MD
     if (!empty($USER->preference['auth_forcepasswordchange'])){
         if (is_internal_auth() || $CFG->{'auth_'.$USER->auth.'_stdchangepassword'}){
             redirect($CFG->wwwroot .'/login/change_password.php');
@@ -785,6 +785,14 @@ function require_login($courseid=0, $autologinguest=true) {
         $USER->sesskey = random_string(10);
     }
 
+    // Check that the user has agreed to a site policy if there is one
+    if (!empty($CFG->sitepolicy)) {
+        if (!$USER->policyagreed) {
+            redirect($CFG->wwwroot .'/user/policy.php');
+            die;
+        }
+    }
+
     // Next, check if the user can be in a particular course
     if ($courseid) {
         if ($courseid == SITEID) {

diff --git a/user/policy.php b/user/policy.php
new file mode 100644 (file)
index 0000000..82feded
--- /dev/null
+++ b/user/policy.php
@@ -0,0 +1,40 @@
+<?php // $Id$
+
+    require_once("../config.php");
+
+    optional_param('agree', 0, PARAM_INT);
+
+
+    if (!isset($USER->id)) {
+        require_login();
+    }
+
+    if ($agree == 1 and confirm_sesskey()) {        // User has agreed
+        if (!set_field('user', 'policyagreed', 1, 'id', $USER->id)) {
+            error('Could not save your agreement');
+        }
+        $USER->policyagreed = 1;
+        redirect($CFG->wwwroot);
+        exit;
+    }
+
+    $strpolicyagree = get_string('policyagree');
+    $strpolicyagreement = get_string('policyagreement');
+    $strpolicyagreementclick = get_string('policyagreementclick');
+
+    print_header($strpolicyagreement, $SITE->fullname, $strpolicyagreement);
+
+    print_heading($strpolicyagreement);
+
+    echo '<center>';
+    echo '<iframe align="center" width="80%" height="70%" src="'.$CFG->sitepolicy.'" />';
+    echo link_to_popup_window ($CFG->sitepolicy, 'agreement', $strpolicyagreementclick,
+                               500, 500, 'Popup window', 'none', true);
+    echo '</iframe>';
+    echo '</center>';
+
+    notice_yesno($strpolicyagree, "policy.php?agree=1&amp;sesskey=$USER->sesskey", $CFG->wwwroot);
+
+    print_footer();
+
+?>

diff --git a/version.php b/version.php
index 47286317b13e05a2eb3e0ac4ad7e711842dd0223..584af0fd6966e658ac87cb06a108330a4aaef855 100644 (file)
--- a/version.php
+++ b/version.php
@@ -6,7 +6,7 @@
 // This is compared against the values stored in the database to determine 
 // whether upgrades should be performed (see lib/db/*.php)
 
-   $version = 2004112400;  // YYYYMMDD = date of first major branch release 1.4
+   $version = 2004112900;  // YYYYMMDD = date of first major branch release 1.4
                            //       XY = increments within a single day
 
    $release = '1.5 UNSTABLE DEVELOPMENT';    // Human-friendly version name