$cm = get_coursemodule_from_instance('data', $data->id);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- $ratingsmenuused = false;
- if ($data->assessed and !empty($USER->id)) {
- if ($ratings->scale = make_grades_menu($data->scale)) {
- $ratings->allow = ($data->assessed and has_capability('mod/data:rate', $context));
- if ($ratings->allow) {
- echo '<div class="ratings" align="center">';
- echo '<form name="form" method="post" action="rate.php">';
- $useratings = true;
-
- if ($useratings) {
- if (has_capability('mod/data:rate', $context) and !data_isowner($record->id)) {
- data_print_ratings_mean($record->id, $ratings->scale, has_capability('mod/data:rate', $context));
- if (!empty($ratings->allow)) {
- echo ' ';
- data_print_rating_menu($record->id, $USER->id, $ratings->scale);
- $ratingsmenuused = true;
- }
+ if ($data->assessed and !empty($USER->id)
+ and (has_capability('mod/data:rate', $context) or has_capability('mod/data:viewrating', $context) or data_isowner($record->id))) {
+ if ($ratingsscale = make_grades_menu($data->scale)) {
+ $ratingsmenuused = false;
- } else if (data_isowner($record->id)) {
- data_print_ratings_mean($record->id, $ratings->scale, true);
+ echo '<div class="ratings" align="center">';
+ echo '<form name="form" method="post" action="rate.php">';
- } else if (!empty($ratings->allow) ) {
- data_print_rating_menu($record->id, $USER->id, $ratings->scale);
- $ratingsmenuused = true;
- }
- }
+ if (has_capability('mod/data:rate', $context) and !data_isowner($record->id)) {
+ data_print_ratings_mean($record->id, $ratingsscale, has_capability('mod/data:viewrating', $context));
+ echo ' ';
+ data_print_rating_menu($record->id, $USER->id, $ratingsscale);
+ $ratingsmenuused = true;
- if ($data->scale < 0) {
- if ($scale = get_record("scale", "id", abs($data->scale))) {
- print_scale_menu_helpbutton($data->course, $scale );
- }
- }
+ } else {
+ data_print_ratings_mean($record->id, $ratingsscale, true);
+ }
- if ($ratingsmenuused) {
- echo '<input type="hidden" name="id" value="'.$data->course.'" />';
- echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
- echo "<input type=\"submit\" value=\"".get_string("sendinratings", "data")."\" />";
+ if ($data->scale < 0) {
+ if ($scale = get_record('scale', 'id', abs($data->scale))) {
+ print_scale_menu_helpbutton($data->course, $scale );
}
- echo "</form>";
- echo '</div>';
}
+
+ if ($ratingsmenuused) {
+ echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
+ echo '<input type="submit" value="'.get_string('sendinratings', 'data').'" />';
+ }
+ echo '</form>';
+ echo '</div>';
}
}
}
<?php // $Id$
- require_once("../../config.php");
- require_once("lib.php");
+ require_once('../../config.php');
+ require_once('lib.php');
- $id = required_param('id',PARAM_INT); // The course these ratings are part of
-
- if (! $course = get_record("course", "id", $id)) {
- error("Course ID was incorrect");
+ if (!($data = data_submitted($CFG->wwwroot.'/mod/data/view.php')) or !confirm_sesskey()) {
+ error("This page was not accessed correctly");
}
- require_login($course->id);
+ $count = 0;
- if (isguest()) {
- error("Guests are not allowed to rate posts.", $_SERVER["HTTP_REFERER"]);
- }
+ foreach ((array)$data as $recordid => $rating) {
+ if (!is_numeric($recordid)) {
+ continue;
+ }
+
+ if (!$record = get_record('data_records', 'id', $recordid)) {
+ error("Record ID is incorrect");
+ }
+ if (!$data = get_record('data', 'id', $record->dataid)) {
+ error("Data ID is incorrect");
+ }
+ if (!$course = get_record('course', 'id', $data->course)) {
+ error("Course is misconfigured");
+ }
+ if (!$cm = get_coursemodule_from_instance('data', $data->id, $course->id)) {
+ error("Course Module ID was incorrect");
+ }
- $returntoview = false;
+ require_login($course->id, false, $cm);
- if (($data = data_submitted($CFG->wwwroot.'/mod/data/view.php')) and confirm_sesskey()) {
+ $context = get_context_instance(CONTEXT_MODULE, $cm->id);
- $lastrecordid = 0;
+ if (isguest()) {
+ error("Guests are not allowed to rate posts");
+ }
- foreach ((array)$data as $recordid => $rating) {
- if (($recordid == 'id') || ($recordid=='sesskey')) {
- continue;
- }
+ if (!$data->assessed or !has_capability('mod/data:rate', $context)) {
+ error("Not allowed to rate.");
+ }
- $recordid = (int)$recordid;
- $lastrecordid = $recordid;
- if ($oldrating = get_record("data_ratings", "userid", $USER->id, "recordid", $recordid)) {
- if ($rating != $oldrating->rating) {
- $oldrating->rating = $rating;
- if (! update_record("data_ratings", $oldrating)) {
- error("Could not update an old rating ($recordid = $rating)");
- }
- }
- } else if ($rating) {
- unset($newrating);
- $newrating->userid = $USER->id;
- $newrating->recordid = $recordid;
- $newrating->rating = $rating;
- if (! insert_record("data_ratings", $newrating)) {
- error("Could not insert a new rating ($recordid = $rating)");
+ if ($record->userid == $USER->id) {
+ error("You can not rate your own data");
+ }
+
+ if (!$scale = make_grades_menu($data->scale)) {
+ error("Icorrect scale");
+ }
+
+ if (!array_key_exists($rating, $scale)) {
+ error("Icorrect rating value");
+ }
+
+ // input validation ok
+
+ $count++;
+
+ if ($oldrating = get_record('data_ratings', 'userid', $USER->id, 'recordid', $record->id)) {
+ if ($rating != $oldrating->rating) {
+ $oldrating->rating = $rating;
+ if (! update_record('data_ratings', $oldrating)) {
+ error("Could not update an old rating ($record->id = $rating)");
}
}
+ } else if ($rating) {
+ $newrating = new object();
+ $newrating->userid = $USER->id;
+ $newrating->recordid = $record->id;
+ $newrating->rating = $rating;
+ if (! insert_record('data_ratings', $newrating)) {
+ error("Could not insert a new rating ($record->id = $rating)");
+ }
}
+ }
- redirect($_SERVER["HTTP_REFERER"], get_string("ratingssaved", "data"));
- } else {
- error("This page was not accessed correctly");
+ if ($count == 0) {
+ error("Incorrect submitted ratings data");
}
+ if (!empty($_SERVER['HTTP_REFERER'])) {
+ redirect($_SERVER['HTTP_REFERER'], get_string('ratingssaved', 'data'));
+ } else {
+ // try to guess where to return
+ if ($count == 1) {
+ redirect('view.php?mode=single&rid='.$record->id, get_string('ratingssaved', 'data'));
+ } else {
+ redirect('view.php?d='.$data->id, get_string('ratingssaved', 'data'));
+ }
+ }
?>
require_once("lib.php");
$id = required_param('id',PARAM_INT);
- $sort = optional_param('sort', '', PARAM_RAW);
+ $sort = optional_param('sort', '', PARAM_ALPHA);
- if (!$record = get_record('data_records','id',$id)) {
- error("rating ID was incorrect");
+ if (!$record = get_record('data_records', 'id', $id)) {
+ error("Record ID is incorrect");
}
-
- if (!$data = get_record('data','id',$record->dataid)) {
- error("rating ID was incorrect");
+ if (!$data = get_record('data', 'id', $record->dataid)) {
+ error("Data ID is incorrect");
+ }
+ if (!$course = get_record('course', 'id', $data->course)) {
+ error("Course is misconfigured");
+ }
+ if (!$cm = get_coursemodule_from_instance('data', $data->id, $course->id)) {
+ error("Course Module ID was incorrect");
+ }
+
+ require_login($course->id, false, $cm);
+
+ $context = get_context_instance(CONTEXT_MODULE, $cm->id);
+
+ if (!data_isowner($record->id) and !has_capability('mod/data:viewrating', $context) and !has_capability('mod/data:rate', $context)) {
+ error("You can not view ratings");
}
switch ($sort) {
projects / moodle.git / commitdiff