///////////////////////////////////////////////////////////////////////////
/**
- * Public API vs internals
+ * Public API vs internals
* -----------------------
- *
+ *
* General users probably only care about
*
* Context handling
* - get_context_instance_by_id()
* - get_parent_contexts()
* - get_child_contexts()
- *
+ *
* Whether the user can do something...
* - has_capability()
* - require_capability()
* Enrol/unenrol
* - enrol_into_course()
* - role_assign()/role_unassign()
- *
+ *
*
* Advanced use
* - load_all_capabilities()
*
* Name conventions
* ----------------
- *
+ *
* - "ctx" means context
*
* accessdata
*
* Access control data is held in the "accessdata" array
* which - for the logged-in user, will be in $USER->access
- *
+ *
* For other users can be generated and passed around (but see
* the $ACCESS global).
*
* $accessdata is a multidimensional array, holding
- * role assignments (RAs), role-capabilities-perm sets
+ * role assignments (RAs), role-capabilities-perm sets
* (role defs) and a list of courses we have loaded
* data for.
*
- * Things are keyed on "contextpaths" (the path field of
+ * Things are keyed on "contextpaths" (the path field of
* the context table) for fast walking up/down the tree.
- *
+ *
* $accessdata[ra][$contextpath]= array($roleid)
* [$contextpath]= array($roleid)
- * [$contextpath]= array($roleid)
+ * [$contextpath]= array($roleid)
*
* Role definitions are stored like this
* (no cap merge is done - so it's compact)
* rdef and ra down to the course level, but not below. This
* keeps accessdata small and compact. Below-the-course ra/rdef
* are loaded as needed. We keep track of which courses we
- * have loaded ra/rdef in
+ * have loaded ra/rdef in
*
- * $accessdata[loaded] = array($contextpath, $contextpath)
+ * $accessdata[loaded] = array($contextpath, $contextpath)
*
* Stale accessdata
* ----------------
* On each pageload we load $DIRTYPATHS which lists
* context paths affected by changes. Any check at-or-below
* a dirty context will trigger a transparent reload of accessdata.
- *
+ *
* Changes at the sytem level will force the reload for everyone.
*
* Default role caps
* -----------------
- * The default role assignment is not in the DB, so we
- * add it manually to accessdata.
+ * The default role assignment is not in the DB, so we
+ * add it manually to accessdata.
*
* This means that functions that work directly off the
* DB need to ensure that the default role caps
- * are dealt with appropriately.
+ * are dealt with appropriately.
*
*/
// rolename displays
define('ROLENAME_ORIGINAL', 0);// the name as defined in the role definition
-define('ROLENAME_ALIAS', 1); // the name as defined by a role alias
+define('ROLENAME_ALIAS', 1); // the name as defined by a role alias
define('ROLENAME_BOTH', 2); // Both, like this: Role alias (Original)
-require_once($CFG->dirroot.'/group/lib.php'); // TODO: verify and remove in 2.0
-
$context_cache = array(); // Cache of all used context objects for performance (by level and instance)
$context_cache_id = array(); // Index to above cache by id
}
/**
- * Gets the accessdata for role "sitewide"
+ * Gets the accessdata for role "sitewide"
* (system down to course)
*
* @return array
$k = "{$rd->path}:{$roleid}";
$accessdata['rdef'][$k][$rd->capability] = $rd->permission;
}
-
+
} else {
if ($rs = $DB->get_recordset_sql($sql, $params)) {
foreach ($rs as $rd) {
}
/**
- * Gets the accessdata for role "sitewide"
+ * Gets the accessdata for role "sitewide"
* (system down to course)
*
* @return array
function get_default_frontpage_role_access($roleid, $accessdata=NULL) {
global $CFG, $DB;
-
+
$frontpagecontext = get_context_instance(CONTEXT_COURSE, SITEID);
$base = '/'. SYSCONTEXTID .'/'. $frontpagecontext->id;
-
+
//
// Overrides for the role in any contexts related to the course
//
AND ctx.contextlevel <= ".CONTEXT_COURSE."
ORDER BY ctx.depth, ctx.path";
$params = array($roleid, "$base/%");
-
+
if ($rs = $DB->get_recordset_sql($sql, $params)) {
foreach ($rs as $rd) {
$k = "{$rd->path}:{$roleid}";
/// Some sanity checks
if (debugging('',DEBUG_DEVELOPER)) {
static $capsnames = null; // one request per page only
-
+
if (is_null($capsnames)) {
if ($caps = $DB->get_records('capabilities', null, '', 'id, name')) {
$capsnames = array();
$sql = "SELECT SUM(rc.permission)
FROM {role_capabilities} rc
- JOIN {context} ctx
+ JOIN {context} ctx
ON ctx.id=rc.contextid
JOIN {role_assignments} ra
ON ra.roleid=rc.roleid AND ra.contextid=ctx.id
WHERE ctx.contextlevel=10
AND ra.userid=?
- AND rc.capability IN ('moodle/site:config', 'moodle/legacy:admin', 'moodle/site:doanything')
+ AND rc.capability IN (?, ?, ?)
GROUP BY rc.capability
HAVING SUM(rc.permission) > 0";
- $params = array($userid);
+ $params = array($userid, 'moodle/site:config', 'moodle/legacy:admin', 'moodle/site:doanything');
$isadmin = $DB->record_exists_sql($sql, $params);
return $isadmin;
* capabilities, etc.
*
* The main feature of here is being FAST and with no
- * side effects.
+ * side effects.
*
* Notes:
*
// role-switches loop
//
if (isset($accessdata['rsw'])) {
- // check for isset() is fast
+ // check for isset() is fast
// empty() is slow...
if (empty($accessdata['rsw'])) {
unset($accessdata['rsw']); // keep things fast and unambiguous
}
}
// As we are dealing with a switchrole,
- // we return _here_, do _not_ walk up
+ // we return _here_, do _not_ walk up
// the hierarchy any further
if ($can < 1) {
if ($doanything) {
} else {
return true;
}
-
+
}
}
}
/**
* This is an easy to use function, combining has_capability() with require_course_login().
* And will call those where needed.
- *
+ *
* It checks for a capability assertion being true. If it isn't
* then the page is terminated neatly with a standard error message.
*
*
* - if the user has the cap systemwide, stupidly
* grab *every* course for a capcheck. This eats
- * a TON of bandwidth, specially on large sites
+ * a TON of bandwidth, specially on large sites
* with separate DBs...
*
* - otherwise, fetch "likely" courses with a wide net
FROM {course} c
JOIN {course_categories} cc
ON c.category=cc.id
- JOIN {context} ctx
+ JOIN {context} ctx
ON (c.id=ctx.instanceid AND ctx.contextlevel=".CONTEXT_COURSE.")
$sort ";
$rs = $DB->get_recordset_sql($sql);
// this will be a combination of
// - categories where we have the rights
// - courses where we have an explicit enrolment OR that have an override
- //
+ //
$sql = "SELECT ctx.*
FROM {context} ctx
WHERE ctx.contextlevel=".CONTEXT_COURSECAT."
$rs = $DB->get_recordset_sql($sql);
$catpaths = array();
foreach ($rs as $catctx) {
- if ($catctx->path != ''
+ if ($catctx->path != ''
&& has_capability_in_accessdata($cap, $catctx, $accessdata, $doanything)) {
$catpaths[] = $catctx->path;
}
}
$rs->close();
$catclause = '';
- $catparams = array();
+ $params = array();
if (count($catpaths)) {
$cc = count($catpaths);
for ($n=0;$n<$cc;$n++) {
- $catpaths[$n] = "ctx.path LIKE ?";
- $params[] = "{$catpaths[$n]}/%";
+ $name = 'cat.'.$n;
+ $catpaths[$n] = "ctx.path LIKE :$name";
+ $params[$name] = "{$catpaths[$n]}/%";
}
$catclause = 'OR (' . implode(' OR ', $catpaths) .')';
}
$capany = '';
if ($doanything) {
- $capany = " OR rc.capability='moodle/site:doanything'";
+ $capany = " OR rc.capability=:doany";
+ $params['doany'] = 'moodle/site:doanything';
}
//
// Note here that we *have* to have the compound clauses
FROM {course} c
JOIN {course_categories} cc
ON c.category=cc.id
- JOIN {context} ctx
+ JOIN {context} ctx
ON (c.id=ctx.instanceid AND ctx.contextlevel=".CONTEXT_COURSE.")
LEFT OUTER JOIN {role_assignments} ra
- ON (ra.contextid=ctx.id AND ra.userid=?)
+ ON (ra.contextid=ctx.id AND ra.userid=:userid)
LEFT OUTER JOIN {role_capabilities} rc
- ON (rc.contextid=ctx.id AND (rc.capability=? $capany))
+ ON (rc.contextid=ctx.id AND (rc.capability=:cap $capany))
WHERE ra.id IS NOT NULL
OR rc.id IS NOT NULL
$catclause
$sort ";
- $params = array($userid, $cap);
- $params = array_merge($params, $catparams);
+ $params['userid'] = $userid;
+ $params['cap'] = $cap;
$rs = $DB->get_recordset_sql($sql, $params);
}
$courses = array();
}
$rs->close();
}
-
+
return $courses;
}
JOIN {context} ctx
ON ra.contextid=ctx.id
JOIN {context} sctx
- ON (sctx.path LIKE " . sql_concat('ctx.path',"'/%'"). " )
+ ON (sctx.path LIKE " . $DB->sql_concat('ctx.path',"'/%'"). " )
JOIN {role_capabilities} rco
ON (rco.roleid=ra.roleid AND rco.contextid=sctx.id)
WHERE ra.userid = ?
// For course contexts, we _already_ have the RAs
// but the cost of re-fetching is minimal so we don't care.
//
- if ($context->contextlevel !== CONTEXT_COURSE
+ if ($context->contextlevel !== CONTEXT_COURSE
&& $context->path !== "$base/{$context->id}") {
// Case BLOCK/MODULE/GROUP hanging from a course
// Assumption: the course _must_ be our parent
$courses = explode('/',get_course_from_path($context->path));
$targetid = array_pop($courses);
$context = get_context_instance_by_id($targetid);
-
+
}
//
$params = array($userid, $context->path, $context->path."/%");
$rs = $DB->get_recordset_sql($sql, $params);
- //
+ //
// Read in the RAs
//
if ($rs) {
$contexts = substr($context->path, 1); // kill leading slash
$contexts = str_replace('/', ',', $contexts);
$localroleids = implode(',',$localroles);
- $wherelocalroles="OR (rc.roleid IN ({$localroleids})
+ $wherelocalroles="OR (rc.roleid IN ({$localroleids})
AND ctx.id IN ($contexts))" ;
}
$accessdata['rdef'] = array();
$accessdata['loaded'] = array();
}
-
+
$contexts = substr($context->path, 1); // kill leading slash
$contexts = str_replace('/', ',', $contexts);
JOIN {context} ctx
ON rc.contextid=ctx.id
WHERE rc.roleid=? AND
- ( ctx.id IN ($contexts) OR
+ ( ctx.id IN ($contexts) OR
ctx.path LIKE ? )
ORDER BY ctx.depth ASC, ctx.path DESC, rc.roleid ASC ";
$params = array($roleid, $context->path."/%");
* into the $ACCESS global
*
* Used by has_capability() - but feel free
- * to call it if you are about to run a BIG
+ * to call it if you are about to run a BIG
* cron run across a bazillion users.
*
- */
+ */
function load_user_accessdata($userid) {
global $ACCESS,$CFG;
$base = '/'.SYSCONTEXTID;
$accessdata = get_user_access_sitewide($userid);
- $frontpagecontext = get_context_instance(CONTEXT_COURSE, SITEID);
+ $frontpagecontext = get_context_instance(CONTEXT_COURSE, SITEID);
//
// provide "default role" & set 'dr'
//
}
/**
- * A convenience function to completely load all the capabilities
+ * A convenience function to completely load all the capabilities
* for the current user. This is what gets called from complete_user_login()
* for example. Call it only _after_ you've setup $USER and called
* check_enrolment_plugins();
} else {
array_push($accessdata['ra'][$base], $CFG->defaultfrontpageroleid);
}
- }
+ }
$USER->access = $accessdata;
-
+
} else if (!empty($CFG->notloggedinroleid)) {
$USER->access = get_role_access($CFG->notloggedinroleid);
$USER->access['ra'][$base] = array($CFG->notloggedinroleid);
}
/**
- * A convenience function to completely reload all the capabilities
+ * A convenience function to completely reload all the capabilities
* for the current user when roles have been updated in a relevant
- * context -- but PRESERVING switchroles and loginas.
+ * context -- but PRESERVING switchroles and loginas.
*
* That is - completely transparent to the user.
- *
+ *
* Note: rewrites $USER->access completely.
*
*/
unset($USER->access);
unset($USER->mycourses);
-
+
load_all_capabilities();
foreach ($sw as $path => $roleid) {
// - all the parents
// - and below - IOWs overrides...
//
-
+
// turn the path into a list of context ids
$contexts = substr($context->path, 1); // kill leading slash
$contexts = str_replace('/', ',', $contexts);
OR ctx.path LIKE ?)
AND rc.roleid = ?
ORDER BY ctx.depth, ctx.path";
- $params = array($context->path."/%", $roleid);
- if ($rs = get_recordset_sql($sql, $params)) {
+ $params = array($context->path."/%", $roleid);
+ if ($rs = $DB->get_recordset_sql($sql, $params)) {
foreach ($rs as $rd) {
$k = "{$rd->path}:{$roleid}";
$accessdata['rdef'][$k][$rd->capability] = $rd->permission;
*/
function create_context($contextlevel, $instanceid) {
- global $CFG;
+ global $CFG, $DB;
if ($contextlevel == CONTEXT_SYSTEM) {
return create_system_context();
switch ($contextlevel) {
case CONTEXT_COURSECAT:
- $sql = "SELECT ctx.path, ctx.depth
- FROM {$CFG->prefix}context ctx
- JOIN {$CFG->prefix}course_categories cc
- ON (cc.parent=ctx.instanceid AND ctx.contextlevel=".CONTEXT_COURSECAT.")
- WHERE cc.id={$instanceid}";
- if ($p = get_record_sql($sql)) {
+ $sql = "SELECT ctx.path, ctx.depth
+ FROM {context} ctx
+ JOIN {course_categories} cc
+ ON (cc.parent=ctx.instanceid AND ctx.contextlevel=".CONTEXT_COURSECAT.")
+ WHERE cc.id=?";
+ $params = array($instanceid);
+ if ($p = $DB->get_record_sql($sql, $params)) {
$basepath = $p->path;
$basedepth = $p->depth;
- } else if ($category = get_record('course_categories', 'id', $instanceid)) {
+ } else if ($category = $DB->get_record('course_categories', array('id'=>$instanceid))) {
if (empty($category->parent)) {
// ok - this is a top category
} else if ($parent = get_context_instance(CONTEXT_COURSECAT, $category->parent)) {
case CONTEXT_COURSE:
$sql = "SELECT ctx.path, ctx.depth
- FROM {$CFG->prefix}context ctx
- JOIN {$CFG->prefix}course c
- ON (c.category=ctx.instanceid AND ctx.contextlevel=".CONTEXT_COURSECAT.")
- WHERE c.id={$instanceid} AND c.id !=" . SITEID;
- if ($p = get_record_sql($sql)) {
+ FROM {context} ctx
+ JOIN {course} c
+ ON (c.category=ctx.instanceid AND ctx.contextlevel=".CONTEXT_COURSECAT.")
+ WHERE c.id=? AND c.id !=" . SITEID;
+ $params = array($instanceid);
+ if ($p = $DB->get_record_sql($sql, $params)) {
$basepath = $p->path;
$basedepth = $p->depth;
- } else if ($course = get_record('course', 'id', $instanceid)) {
+ } else if ($course = $DB->get_record('course', array('id'=>$instanceid))) {
if ($course->id == SITEID) {
//ok - no parent category
} else if ($parent = get_context_instance(CONTEXT_COURSECAT, $course->category)) {
case CONTEXT_MODULE:
$sql = "SELECT ctx.path, ctx.depth
- FROM {$CFG->prefix}context ctx
- JOIN {$CFG->prefix}course_modules cm
- ON (cm.course=ctx.instanceid AND ctx.contextlevel=".CONTEXT_COURSE.")
- WHERE cm.id={$instanceid}";
- if ($p = get_record_sql($sql)) {
+ FROM {context} ctx
+ JOIN {course_modules} cm
+ ON (cm.course=ctx.instanceid AND ctx.contextlevel=".CONTEXT_COURSE.")
+ WHERE cm.id=?";
+ $params = array($instanceid);
+ if ($p = $DB->get_record_sql($sql, $params)) {
$basepath = $p->path;
$basedepth = $p->depth;
- } else if ($cm = get_record('course_modules', 'id', $instanceid)) {
+ } else if ($cm = $DB->get_record('course_modules', array('id'=>$instanceid))) {
if ($parent = get_context_instance(CONTEXT_COURSE, $cm->course)) {
$basepath = $parent->path;
$basedepth = $parent->depth;
case CONTEXT_BLOCK:
// Only non-pinned & course-page based
$sql = "SELECT ctx.path, ctx.depth
- FROM {$CFG->prefix}context ctx
- JOIN {$CFG->prefix}block_instance bi
- ON (bi.pageid=ctx.instanceid AND ctx.contextlevel=".CONTEXT_COURSE.")
- WHERE bi.id={$instanceid} AND bi.pagetype='course-view'";
- if ($p = get_record_sql($sql)) {
+ FROM {context} ctx
+ JOIN {block_instance} bi
+ ON (bi.pageid=ctx.instanceid AND ctx.contextlevel=".CONTEXT_COURSE.")
+ WHERE bi.id=? AND bi.pagetype='course-view'";
+ $params = array($instanceid);
+ if ($p = $DB->get_record_sql($sql, $params)) {
$basepath = $p->path;
$basedepth = $p->depth;
- } else if ($bi = get_record('block_instance', 'id', $instanceid)) {
+ } else if ($bi = $DB->get_record('block_instance', array('id'=>$instanceid))) {
if ($bi->pagetype != 'course-view') {
// ok - not a course block
} else if ($parent = get_context_instance(CONTEXT_COURSE, $bi->pageid)) {
$context->depth = $basedepth+1;
}
- if ($result and $id = insert_record('context', $context)) {
+ if ($result and $id = $DB->insert_record('context', $context)) {
// can't set the full path till we know the id!
if ($basedepth != 0 and !empty($basepath)) {
- set_field('context', 'path', $basepath.'/'. $id, 'id', $id);
+ $DB->set_field('context', 'path', $basepath.'/'. $id, array('id'=>$id));
}
return get_context_instance_by_id($id);
* This hacky function is needed because we can not change system context instanceid using normal upgrade routine.
*/
function get_system_context($cache=true) {
+ global $DB;
+
static $cached = null;
if ($cache and defined('SYSCONTEXTID')) {
if (is_null($cached)) {
return $cached;
}
- if (!$context = get_record('context', 'contextlevel', CONTEXT_SYSTEM)) {
+ if (!$context = $DB->get_record('context', array('contextlevel'=>CONTEXT_SYSTEM))) {
$context = new object();
$context->contextlevel = CONTEXT_SYSTEM;
$context->instanceid = 0;
$context->depth = 1;
$context->path = NULL; //not known before insert
- if (!$context->id = insert_record('context', $context)) {
+ if (!$context->id = $DB->insert_record('context', $context)) {
// better something than nothing - let's hope it will work somehow
// DONT do it if we're cli because it's IMMUNTABLE. Doing it during web installer works because
// each step is a new request
$context->instanceid = 0;
$context->path = '/'.$context->id;
$context->depth = 1;
- update_record('context', $context);
+ $DB->update_record('context', $context);
}
if (!defined('SYSCONTEXTID')) {
* @return bool properly deleted
*/
function delete_context($contextlevel, $instanceid) {
- global $context_cache, $context_cache_id;
+ global $context_cache, $context_cache_id, $DB;
// do not use get_context_instance(), because the related object might not exist,
// or the context does not exist yet and it would be created now
- if ($context = get_record('context', 'contextlevel', $contextlevel, 'instanceid', $instanceid)) {
- $result = delete_records('role_assignments', 'contextid', $context->id) &&
- delete_records('role_capabilities', 'contextid', $context->id) &&
- delete_records('context', 'id', $context->id);
+ if ($context = $DB->get_record('context', array('contextlevel'=>$contextlevel, 'instanceid'=>$instanceid))) {
+ $result = delete_records('role_assignments', array('contextid'=>$context->id)) &&
+ delete_records('role_capabilities', array('contextid'=>$context->id)) &&
+ delete_records('context', array('id'=>$context->id));
// do not mark dirty contexts if parents unknown
if (!is_null($context->path) and $context->depth > 0) {
* Precreates all contexts including all parents
* @param int $contextlevel, empty means all
* @param bool $buildpaths update paths and depths
- * @param bool $feedback show sql feedback
* @return void
*/
-function create_contexts($contextlevel=null, $buildpaths=true, $feedback=false) {
- global $CFG;
+function create_contexts($contextlevel=null, $buildpaths=true) {
+ global $DB;
//make sure system context exists
$syscontext = get_system_context(false);
or $contextlevel == CONTEXT_COURSE
or $contextlevel == CONTEXT_MODULE
or $contextlevel == CONTEXT_BLOCK) {
- $sql = "INSERT INTO {$CFG->prefix}context (contextlevel, instanceid)
+ $sql = "INSERT INTO {context} (contextlevel, instanceid)
SELECT ".CONTEXT_COURSECAT.", cc.id
- FROM {$CFG->prefix}course_categories cc
+ FROM {course}_categories cc
WHERE NOT EXISTS (SELECT 'x'
- FROM {$CFG->prefix}context cx
+ FROM {context} cx
WHERE cc.id = cx.instanceid AND cx.contextlevel=".CONTEXT_COURSECAT.")";
- execute_sql($sql, $feedback);
+ $DB->execute($sql);
}
if (empty($contextlevel) or $contextlevel == CONTEXT_COURSE
or $contextlevel == CONTEXT_MODULE
or $contextlevel == CONTEXT_BLOCK) {
- $sql = "INSERT INTO {$CFG->prefix}context (contextlevel, instanceid)
+ $sql = "INSERT INTO {context} (contextlevel, instanceid)
SELECT ".CONTEXT_COURSE.", c.id
- FROM {$CFG->prefix}course c
+ FROM {course} c
WHERE NOT EXISTS (SELECT 'x'
- FROM {$CFG->prefix}context cx
+ FROM {context} cx
WHERE c.id = cx.instanceid AND cx.contextlevel=".CONTEXT_COURSE.")";
- execute_sql($sql, $feedback);
+ $DB->execute($sql);
}
if (empty($contextlevel) or $contextlevel == CONTEXT_MODULE) {
- $sql = "INSERT INTO {$CFG->prefix}context (contextlevel, instanceid)
+ $sql = "INSERT INTO {context} (contextlevel, instanceid)
SELECT ".CONTEXT_MODULE.", cm.id
- FROM {$CFG->prefix}course_modules cm
+ FROM {course}_modules cm
WHERE NOT EXISTS (SELECT 'x'
- FROM {$CFG->prefix}context cx
+ FROM {context} cx
WHERE cm.id = cx.instanceid AND cx.contextlevel=".CONTEXT_MODULE.")";
- execute_sql($sql, $feedback);
+ $DB->execute($sql);
}
if (empty($contextlevel) or $contextlevel == CONTEXT_BLOCK) {
- $sql = "INSERT INTO {$CFG->prefix}context (contextlevel, instanceid)
+ $sql = "INSERT INTO {context} (contextlevel, instanceid)
SELECT ".CONTEXT_BLOCK.", bi.id
- FROM {$CFG->prefix}block_instance bi
+ FROM {block_instance} bi
WHERE NOT EXISTS (SELECT 'x'
- FROM {$CFG->prefix}context cx
+ FROM {context} cx
WHERE bi.id = cx.instanceid AND cx.contextlevel=".CONTEXT_BLOCK.")";
- execute_sql($sql, $feedback);
+ $DB->execute($sql);
}
if (empty($contextlevel) or $contextlevel == CONTEXT_USER) {
- $sql = "INSERT INTO {$CFG->prefix}context (contextlevel, instanceid)
+ $sql = "INSERT INTO {context} (contextlevel, instanceid)
SELECT ".CONTEXT_USER.", u.id
- FROM {$CFG->prefix}user u
+ FROM {user} u
WHERE u.deleted=0
AND NOT EXISTS (SELECT 'x'
- FROM {$CFG->prefix}context cx
+ FROM {context} cx
WHERE u.id = cx.instanceid AND cx.contextlevel=".CONTEXT_USER.")";
- execute_sql($sql, $feedback);
+ $DB->execute($sql);
}
if ($buildpaths) {
- build_context_path(false, $feedback);
+ build_context_path(false);
}
}
* @return bool
*/
function cleanup_contexts() {
- global $CFG;
+ global $DB;
$sql = " SELECT c.contextlevel,
c.instanceid AS instanceid
- FROM {$CFG->prefix}context c
- LEFT OUTER JOIN {$CFG->prefix}course_categories t
- ON c.instanceid = t.id
- WHERE t.id IS NULL AND c.contextlevel = " . CONTEXT_COURSECAT . "
+ FROM {context} c
+ LEFT OUTER JOIN {course}_categories t
+ ON c.instanceid = t.id
+ WHERE t.id IS NULL AND c.contextlevel = ".CONTEXT_COURSECAT."
UNION
SELECT c.contextlevel,
c.instanceid
- FROM {$CFG->prefix}context c
- LEFT OUTER JOIN {$CFG->prefix}course t
- ON c.instanceid = t.id
- WHERE t.id IS NULL AND c.contextlevel = " . CONTEXT_COURSE . "
+ FROM {context} c
+ LEFT OUTER JOIN {course} t
+ ON c.instanceid = t.id
+ WHERE t.id IS NULL AND c.contextlevel = ".CONTEXT_COURSE."
UNION
SELECT c.contextlevel,
c.instanceid
- FROM {$CFG->prefix}context c
- LEFT OUTER JOIN {$CFG->prefix}course_modules t
- ON c.instanceid = t.id
- WHERE t.id IS NULL AND c.contextlevel = " . CONTEXT_MODULE . "
+ FROM {context} c
+ LEFT OUTER JOIN {course}_modules t
+ ON c.instanceid = t.id
+ WHERE t.id IS NULL AND c.contextlevel = ".CONTEXT_MODULE."
UNION
SELECT c.contextlevel,
c.instanceid
- FROM {$CFG->prefix}context c
- LEFT OUTER JOIN {$CFG->prefix}user t
- ON c.instanceid = t.id
- WHERE t.id IS NULL AND c.contextlevel = " . CONTEXT_USER . "
+ FROM {context} c
+ LEFT OUTER JOIN {user} t
+ ON c.instanceid = t.id
+ WHERE t.id IS NULL AND c.contextlevel = ".CONTEXT_USER."
UNION
SELECT c.contextlevel,
c.instanceid
- FROM {$CFG->prefix}context c
- LEFT OUTER JOIN {$CFG->prefix}block_instance t
- ON c.instanceid = t.id
- WHERE t.id IS NULL AND c.contextlevel = " . CONTEXT_BLOCK . "
+ FROM {context} c
+ LEFT OUTER JOIN {block_instance} t
+ ON c.instanceid = t.id
+ WHERE t.id IS NULL AND c.contextlevel = ".CONTEXT_BLOCK."
UNION
SELECT c.contextlevel,
c.instanceid
- FROM {$CFG->prefix}context c
- LEFT OUTER JOIN {$CFG->prefix}groups t
- ON c.instanceid = t.id
- WHERE t.id IS NULL AND c.contextlevel = " . CONTEXT_GROUP . "
+ FROM {context} c
+ LEFT OUTER JOIN {groups} t
+ ON c.instanceid = t.id
+ WHERE t.id IS NULL AND c.contextlevel = ".CONTEXT_GROUP."
";
- if ($rs = get_recordset_sql($sql)) {
- begin_sql();
- $tx = true;
- while ($tx && $ctx = rs_fetch_next_record($rs)) {
- $tx = $tx && delete_context($ctx->contextlevel, $ctx->instanceid);
+ if ($rs = $DB->get_recordset_sql($sql)) {
+ $DB->begin_sql();
+ $ok = true;
+ foreach ($rs as $ctx) {
+ if (!delete_context($ctx->contextlevel, $ctx->instanceid)) {
+ $ok = false;
+ break;
+ }
}
- rs_close($rs);
- if ($tx) {
- commit_sql();
+ $rs->close();
+ if ($ok) {
+ $DB->commit_sql();
return true;
+ } else {
+ $DB->rollback_sql();
+ return false;
}
- rollback_sql();
- return false;
- rs_close($rs);
}
return true;
}
*/
function get_context_instance($contextlevel, $instance=0) {
- global $context_cache, $context_cache_id, $CFG;
+ global $context_cache, $context_cache_id, $DB;
static $allowed_contexts = array(CONTEXT_SYSTEM, CONTEXT_USER, CONTEXT_COURSECAT, CONTEXT_COURSE, CONTEXT_GROUP, CONTEXT_MODULE, CONTEXT_BLOCK);
if ($contextlevel === 'clearcache') {
// TODO: Remove for v2.0
- // No longer needed, but we'll catch it to avoid erroring out on custom code.
- // This used to be a fix for MDL-9016
- // "Restoring into existing course, deleting first
+ // No longer needed, but we'll catch it to avoid erroring out on custom code.
+ // This used to be a fix for MDL-9016
+ // "Restoring into existing course, deleting first
// deletes context and doesn't recreate it"
return false;
}
}
/// Get it from the database, or create it
- if (!$context = get_record('context', 'contextlevel', $contextlevel, 'instanceid', $instance)) {
+ if (!$context = $DB->get_record('context', array('contextlevel'=>$contextlevel, 'instanceid'=>$instance))) {
$context = create_context($contextlevel, $instance);
}
}
if ($instances) {
- if (count($instances) > 1) {
- $instanceids = implode(',', $instances);
- $instanceids = "instanceid IN ($instanceids)";
- } else {
- $instance = reset($instances);
- $instanceids = "instanceid = $instance";
- }
-
- if (!$contexts = get_records_sql("SELECT instanceid, id, contextlevel, path, depth
- FROM {$CFG->prefix}context
- WHERE contextlevel=$contextlevel AND $instanceids")) {
+ list($instanceids, $params) = $DB->get_in_or_equal($instances, SQL_PARAMS_QM);
+ array_unshift($params, $contextlevel);
+ $sql = "SELECT instanceid, id, contextlevel, path, depth
+ FROM {context}
+ WHERE contextlevel=? AND instanceid $instanceids";
+
+ if (!$contexts = $DB->get_records_sql($sql, $params)) {
$contexts = array();
}
* @return mixed object or array of the context object.
*/
function get_context_instance_by_id($id) {
-
- global $context_cache, $context_cache_id;
+ global $context_cache, $context_cache_id, $DB;
if ($id == SYSCONTEXTID) {
return get_system_context();
return $context_cache_id[$id];
}
- if ($context = get_record('context', 'id', $id)) { // Update the cache and return
+ if ($context = $DB->get_record('context', array('id'=>$id))) { // Update the cache and return
$context_cache[$context->contextlevel][$context->instanceid] = $context;
$context_cache_id[$context->id] = $context;
return $context;
* @param $capability
*/
function get_local_override($roleid, $contextid, $capability) {
- return get_record('role_capabilities', 'roleid', $roleid, 'capability', $capability, 'contextid', $contextid);
+ global $DB;
+ return $DB->get_record('role_capabilities', array('roleid'=>$roleid, 'capability'=>$capability, 'contextid'=>$contextid));
}
// cleanup all references to this role, ignore errors
if ($success) {
-
- // MDL-10679 find all contexts where this role has an override
- $contexts = get_records_sql("SELECT contextid, contextid
- FROM {$CFG->prefix}role_capabilities
- WHERE roleid = $roleid");
-
- $DB->delete_records('role_capabilities', array('roleid'=>$roleid));
-
- $DB->delete_records('role_allow_assign', array('roleid'=>$roleid));
- $DB->delete_records('role_allow_assign', array('allowassign'=>$roleid));
+ $DB->delete_records('role_capabilities', array('roleid'=>$roleid));
+ $DB->delete_records('role_allow_assign', array('roleid'=>$roleid));
+ $DB->delete_records('role_allow_assign', array('allowassign'=>$roleid));
$DB->delete_records('role_allow_override', array('roleid'=>$roleid));
$DB->delete_records('role_allow_override', array('allowoverride'=>$roleid));
- $DB->delete_records('role_names', array('roleid'=>$roleid));
+ $DB->delete_records('role_names', array('roleid'=>$roleid));
}
// finally delete the role itself
// get this before the name is gone for logging
$rolename = $DB->get_field('role', 'name', array('id'=>$roleid));
-
+
if ($success and !$DB->delete_records('role', array('id'=>$roleid))) {
debugging("Could not delete role record with ID $roleid!");
$success = false;
}
-
+
if ($success) {
add_to_log(SITEID, 'role', 'delete', 'admin/roles/action=delete&roleid='.$roleid, $rolename, '', $USER->id);
}
global $CFG, $DB;
$params = array();
-
+
if ($context) {
if ($contexts = get_parent_contexts($context)) {
$listofcontexts = '('.implode(',', $contexts).')';
}
$selectroles = "SELECT r.*
- FROM {$CFG->prefix}role r,
- {$CFG->prefix}role_capabilities rc
+ FROM {role} r,
+ {role_capabilities} rc
WHERE rc.capability = ?
- AND rc.roleid = r.id $contextstr";
+ AND rc.roleid = r.id $contextstr";
array_unshift($params, $capability);
*/
function role_unassign($roleid=0, $userid=0, $groupid=0, $contextid=0, $enrol=NULL) {
- global $USER, $CFG;
+ global $USER, $CFG, $DB;
$success = true;
$args = array('roleid', 'userid', 'groupid', 'contextid');
$select = array();
+ $params = array();
+
foreach ($args as $arg) {
if ($$arg) {
- $select[] = $arg.' = '.$$arg;
+ $select[] = "$arg = ?";
+ $params[] = $$arg;
}
}
if (!empty($enrol)) {
- $select[] = "enrol='$enrol'";
+ $select[] = "enrol=?";
+ $params[] = $enrol;
}
if ($select) {
- if ($ras = get_records_select('role_assignments', implode(' AND ', $select))) {
+ if ($ras = $DB->get_records_select('role_assignments', implode(' AND ', $select), $params)) {
$mods = get_list_of_plugins('mod');
foreach($ras as $ra) {
/// infinite loop protection when deleting recursively
- if (!$ra = get_record('role_assignments', 'id', $ra->id)) {
+ if (!$ra = $DB->get_record('role_assignments', array('id'=>$ra->id))) {
continue;
}
- $success = delete_records('role_assignments', 'id', $ra->id) and $success;
+ $success = $DB->delete_records('role_assignments', array('id'=>$ra->id)) and $success;
if (!$context = get_context_instance_by_id($ra->contextid)) {
// strange error, not much to do
// remove from groups
if ($groups = groups_get_all_groups($context->instanceid)) {
foreach ($groups as $group) {
- delete_records('groups_members', 'groupid', $group->id, 'userid', $ra->userid);
+ $DB->delete_records('groups_members', array('groupid'=>$group->id, 'userid'=>$ra->userid));
}
}
// delete lastaccess records
- delete_records('user_lastaccess', 'userid', $ra->userid, 'courseid', $context->instanceid);
+ $DB->delete_records('user_lastaccess', array('userid'=>$ra->userid, 'courseid'=>$context->instanceid));
}
//unassign roles in metacourses if needed
- if ($parents = get_records('course_meta', 'child_course', $context->instanceid)) {
+ if ($parents = $DB->get_records('course_meta', array('child_course'=>$context->instanceid))) {
foreach ($parents as $parent) {
sync_metacourse($parent->parent_course);
}
* @return array of capabilities
*/
function get_cached_capabilities($component='moodle') {
+ global $DB;
+
if ($component == 'moodle') {
- $storedcaps = get_records_select('capabilities',
- "name LIKE 'moodle/%:%'");
+ $storedcaps = $DB->get_records_select('capabilities', "name LIKE ?", array('moodle/%:%'));
+
} else if ($component == 'local') {
- $storedcaps = get_records_select('capabilities',
- "name LIKE 'moodle/local:%'");
+ $storedcaps = $DB->get_records_select('capabilities', "name LIKE ?", array('moodle/local:%'));
+
} else {
- $storedcaps = get_records_select('capabilities',
- "name LIKE '$component:%'");
+ $storedcaps = $DB->get_records_select('capabilities', "name LIKE ?", array("$component:%"));
}
+
return $storedcaps;
}
* @return array
*/
function get_default_capabilities($legacyrole) {
- if (!$allcaps = get_records('capabilities')) {
+ global $DB;
+ if (!$allcaps = $DB->get_records('capabilities')) {
print_error('nocaps', 'debug');
}
$alldefs = array();
* @param int @roleid
*/
function reset_role_capabilities($roleid) {
+ global $DB;
+
$sitecontext = get_context_instance(CONTEXT_SYSTEM);
$legacyroles = get_legacy_roles();
}
}
- delete_records('role_capabilities', 'roleid', $roleid);
+ $DB->delete_records('role_capabilities', array('roleid'=>$roleid));
if (!empty($defaultcaps)) {
foreach($defaultcaps as $cap=>$permission) {
assign_capability($cap, $permission, $roleid, $sitecontext->id);
* @return boolean
*/
function update_capabilities($component='moodle') {
+ global $DB;
$storedcaps = array();
$updatecap = new object();
$updatecap->id = $cachedcap->id;
$updatecap->riskbitmask = $filecaps[$cachedcap->name]['riskbitmask'];
- if (!update_record('capabilities', $updatecap)) {
+ if (!$DB->update_record('capabilities', $updatecap)) {
return false;
}
}
$updatecap = new object();
$updatecap->id = $cachedcap->id;
$updatecap->contextlevel = $filecaps[$cachedcap->name]['contextlevel'];
- if (!update_record('capabilities', $updatecap)) {
+ if (!$DB->update_record('capabilities', $updatecap)) {
return false;
}
}
$capability->component = $component;
$capability->riskbitmask = $capdef['riskbitmask'];
- if (!insert_record('capabilities', $capability, false, 'id')) {
+ if (!$DB->insert_record('capabilities', $capability, false)) {
return false;
}
if (isset($capdef['clonepermissionsfrom']) && in_array($capdef['clonepermissionsfrom'], $storedcaps)){
- if ($rolecapabilities = get_records('role_capabilities', 'capability', $capdef['clonepermissionsfrom'])){
+ if ($rolecapabilities = $DB->get_records('role_capabilities', array('capability'=>$capdef['clonepermissionsfrom']))){
foreach ($rolecapabilities as $rolecapability){
//assign_capability will update rather than insert if capability exists
if (!assign_capability($capname, $rolecapability->permission,
* @return int - number of deprecated capabilities that have been removed
*/
function capabilities_cleanup($component, $newcapdef=NULL) {
+ global $DB;
$removedcount = 0;
array_key_exists($cachedcap->name, $newcapdef) === false) {
// Remove from capabilities cache.
- if (!delete_records('capabilities', 'name', $cachedcap->name)) {
+ if (!$DB->delete_records('capabilities', array('name'=>$cachedcap->name))) {
print_error('cannotdeletecap', '', '', $cachedcap->name);
} else {
$removedcount++;
}
// Delete from roles.
- if($roles = get_roles_with_capability($cachedcap->name)) {
+ if ($roles = get_roles_with_capability($cachedcap->name)) {
foreach($roles as $role) {
if (!unassign_capability($cachedcap->name, $role->id)) {
print_error('cannotunassigncap', '', '', array($cachedcap->name, $role->name));
* prints human readable context identifier.
*/
function print_context_name($context, $withprefix = true, $short = false) {
+ global $DB;
$name = '';
switch ($context->contextlevel) {
break;
case CONTEXT_USER:
- if ($user = get_record('user', 'id', $context->instanceid)) {
+ if ($user = $DB->get_record('user', array('id'=>$context->instanceid))) {
if ($withprefix){
$name = get_string('user').': ';
}
break;
case CONTEXT_COURSECAT: // Coursecat -> coursecat or site
- if ($category = get_record('course_categories', 'id', $context->instanceid)) {
+ if ($category = $DB->get_record('course_categories', array('id'=>$context->instanceid))) {
if ($withprefix){
$name = get_string('category').': ';
}
break;
case CONTEXT_COURSE: // 1 to 1 to course cat
- if ($course = get_record('course', 'id', $context->instanceid)) {
+ if ($course = $DB->get_record('course', array('id'=>$context->instanceid))) {
if ($withprefix){
if ($context->instanceid == SITEID) {
$name = get_string('site').': ';
break;
case CONTEXT_MODULE: // 1 to 1 to course
- if ($cm = get_record('course_modules','id',$context->instanceid)) {
- if ($module = get_record('modules','id',$cm->module)) {
- if ($mod = get_record($module->name, 'id', $cm->instance)) {
+ if ($cm = $DB->get_record('course_modules', array('id'=>$context->instanceid))) {
+ if ($module = $DB->get_record('modules', array('id'=>$cm->module))) {
+ if ($mod = $DB->get_record($module->name, array('id'=>$cm->instance))) {
if ($withprefix){
$name = get_string('activitymodule').': ';
}
break;
case CONTEXT_BLOCK: // not necessarily 1 to 1 to course
- if ($blockinstance = get_record('block_instance','id',$context->instanceid)) {
- if ($block = get_record('block','id',$blockinstance->blockid)) {
+ if ($blockinstance = $DB->get_record('block_instance', array('id'=>$context->instanceid))) {
+ if ($block = $DB->get_record('block', array('id'=>$blockinstance->blockid))) {
global $CFG;
require_once("$CFG->dirroot/blocks/moodleblock.class.php");
require_once("$CFG->dirroot/blocks/$block->name/block_$block->name.php");
* `component` varchar(100) NOT NULL,
*/
function fetch_context_capabilities($context) {
-
- global $CFG;
+ global $DB;
$sort = 'ORDER BY contextlevel,component,id'; // To group them sensibly for display
+ $params = null;
switch ($context->contextlevel) {
case CONTEXT_SYSTEM: // all
- $SQL = "select * from {$CFG->prefix}capabilities";
+ $sql = "SELECT * FROM {capabilities}";
break;
case CONTEXT_USER:
- $SQL = "SELECT *
- FROM {$CFG->prefix}capabilities
- WHERE contextlevel = ".CONTEXT_USER;
+ $sql = "SELECT *
+ FROM {capabilities}
+ WHERE contextlevel = ".CONTEXT_USER;
break;
case CONTEXT_COURSECAT: // all
- $SQL = "select * from {$CFG->prefix}capabilities";
+ $sql = "SELECT * FROM {capabilities}";
break;
case CONTEXT_COURSE: // all
- $SQL = "select * from {$CFG->prefix}capabilities";
+ $sql = "SELECT * FROM {capabilities}";
break;
case CONTEXT_GROUP: // group caps
break;
case CONTEXT_MODULE: // mod caps
- $cm = get_record('course_modules', 'id', $context->instanceid);
- $module = get_record('modules', 'id', $cm->module);
+ $cm = $DB->get_record('course_modules', array('id'=>$context->instanceid));
+ $module = $DB->get_record('modules', array('id'=>$cm->module));
- $SQL = "select * from {$CFG->prefix}capabilities where contextlevel = ".CONTEXT_MODULE."
- and component = 'mod/$module->name'";
+ $sql = "SELECT *
+ FROM {capabilities}
+ WHERE contextlevel = ".CONTEXT_MODULE." AND component = ?";
+ $params = "mod/$module->name";
break;
case CONTEXT_BLOCK: // block caps
- $cb = get_record('block_instance', 'id', $context->instanceid);
- $block = get_record('block', 'id', $cb->blockid);
+ $cb = $DB->get_record('block_instance', array('id'=>$context->instanceid));
+ $block = $DB->get_record('block', array('id'=>$cb->blockid));
- $SQL = "select * from {$CFG->prefix}capabilities where (contextlevel = ".CONTEXT_BLOCK." AND component = 'moodle')
- OR (component = 'block/$block->name')";
+ $sql = "SELECT *
+ FROM {capabilities}
+ WHERE (contextlevel = ".CONTEXT_BLOCK." AND component = 'moodle') OR (component = ?)";
+ $params = "block/$block->name";
break;
default:
return false;
}
- if (!$records = get_records_sql($SQL.' '.$sort)) {
- $records = array();
- }
+ $records = $DB->get_records_sql($sql.' '.$sort, $params);
/// the rest of code is a bit hacky, think twice before modifying it :-(
* @return array of capability records from the capabilities table.
*/
function fetch_context_independent_capabilities() {
+ global $DB;
//only CONTEXT_SYSTEM capabilities here or it will break the hack in fetch_context_capabilities()
$contextindependentcaps = array(
$records = array();
foreach ($contextindependentcaps as $capname) {
- $record = get_record('capabilities', 'name', $capname);
+ $record = $DB->get_record('capabilities', array('name'=>$capname));
array_push($records, $record);
}
return $records;
* @return array
*/
function role_context_capabilities($roleid, $context, $cap='') {
- global $CFG;
+ global $DB;
$contexts = get_parent_contexts($context);
$contexts[] = $context->id;
$contexts = '('.implode(',', $contexts).')';
+ $params = array($roleid);
+
if ($cap) {
- $search = " AND rc.capability = '$cap' ";
+ $search = " AND rc.capability = ? ";
+ $params[] = $cap;
} else {
$search = '';
}
- $SQL = "SELECT rc.*
- FROM {$CFG->prefix}role_capabilities rc,
- {$CFG->prefix}context c
- WHERE rc.contextid in $contexts
- AND rc.roleid = $roleid
- AND rc.contextid = c.id $search
- ORDER BY c.contextlevel DESC,
- rc.capability DESC";
+ $sql = "SELECT rc.*
+ FROM {role_capabilities} rc, {context} c
+ WHERE rc.contextid in $contexts
+ AND rc.roleid = ?
+ AND rc.contextid = c.id $search
+ ORDER BY c.contextlevel DESC, rc.capability DESC";
$capabilities = array();
- if ($records = get_records_sql($SQL)) {
+ if ($records = $DB->get_records_sql($sql, $params)) {
// We are traversing via reverse order.
foreach ($records as $record) {
// If not set yet (i.e. inherit or not set at all), or currently we have a prohibit
function get_parent_contextid($context) {
$parentcontexts = get_parent_contexts($context);
if (count($parentcontexts) == 0) {
- return false;
+ return false;
}
return array_shift($parentcontexts);
}
*/
function get_child_contexts($context) {
- global $CFG, $context_cache;
+ global $CFG, $context_cache, $DB;
// We *MUST* populate the context_cache as the callers
// will probably ask for the full record anyway soon after
// - blocks assigned to the course-view page explicitly - easy
// - blocks pinned (note! we get all of them here, regardless of vis)
$sql = " SELECT ctx.*
- FROM {$CFG->prefix}context ctx
- WHERE ctx.path LIKE '{$context->path}/%'
- AND ctx.contextlevel IN (".CONTEXT_MODULE.",".CONTEXT_BLOCK.")
+ FROM {context} ctx
+ WHERE ctx.path LIKE ?
+ AND ctx.contextlevel IN (".CONTEXT_MODULE.",".CONTEXT_BLOCK.")
UNION
SELECT ctx.*
- FROM {$CFG->prefix}context ctx
- JOIN {$CFG->prefix}groups g
- ON (ctx.instanceid=g.id AND ctx.contextlevel=".CONTEXT_GROUP.")
- WHERE g.courseid={$context->instanceid}
+ FROM {context} ctx
+ JOIN {groups} g ON (ctx.instanceid=g.id AND ctx.contextlevel=".CONTEXT_GROUP.")
+ WHERE g.courseid=?
UNION
SELECT ctx.*
- FROM {$CFG->prefix}context ctx
- JOIN {$CFG->prefix}block_pinned b
- ON (ctx.instanceid=b.blockid AND ctx.contextlevel=".CONTEXT_BLOCK.")
- WHERE b.pagetype='course-view'
- ";
- $rs = get_recordset_sql($sql);
+ FROM {context} ctx
+ JOIN {block_pinned} b ON (ctx.instanceid=b.blockid AND ctx.contextlevel=".CONTEXT_BLOCK.")
+ WHERE b.pagetype='course-view'";
+ $params = array("{$context->path}/%", $context->instanceid);
$records = array();
- while ($rec = rs_fetch_next_record($rs)) {
- $records[$rec->id] = $rec;
- $context_cache[$rec->contextlevel][$rec->instanceid] = $rec;
+ if ($rs = $DB->get_recordset_sql($sql, $params)) {
+ foreach ($rs as $rec) {
+ $records[$rec->id] = $rec;
+ $context_cache[$rec->contextlevel][$rec->instanceid] = $rec;
+ }
+ $rs->close();
}
- rs_close($rs);
return $records;
break;
// - categories
// - courses
$sql = " SELECT ctx.*
- FROM {$CFG->prefix}context ctx
- WHERE ctx.path LIKE '{$context->path}/%'
- AND ctx.contextlevel IN (".CONTEXT_COURSECAT.",".CONTEXT_COURSE.")
- ";
- $rs = get_recordset_sql($sql);
+ FROM {context} ctx
+ WHERE ctx.path LIKE ?
+ AND ctx.contextlevel IN (".CONTEXT_COURSECAT.",".CONTEXT_COURSE.")";
+ $params = array("{$context->path}/%");
$records = array();
- while ($rec = rs_fetch_next_record($rs)) {
- $records[$rec->id] = $rec;
- $context_cache[$rec->contextlevel][$rec->instanceid] = $rec;
+ if ($rs = $DB->get_recordset_sql($sql, $params)) {
+ foreach ($rs as $rec) {
+ $records[$rec->id] = $rec;
+ $context_cache[$rec->contextlevel][$rec->instanceid] = $rec;
+ }
+ $rs->close();
}
- rs_close($rs);
return $records;
break;
case CONTEXT_SYSTEM:
// Just get all the contexts except for CONTEXT_SYSTEM level
// and hope we don't OOM in the process - don't cache
- $sql = 'SELECT c.*'.
- 'FROM '.$CFG->prefix.'context c '.
- 'WHERE contextlevel != '.CONTEXT_SYSTEM;
+ $sql = "SELECT c.*
+ FROM {context} c
+ WHERE contextlevel != ".CONTEXT_SYSTEM;
- return get_records_sql($sql);
+ return $DB->get_records_sql($sql);
break;
default:
* @return array
*/
function get_roles_used_in_context($context, $view = false) {
-
- global $CFG;
+ global $DB;
// filter for roles with all hidden assignments
// no need to return when only pulling roles for reviewing
$hiddensql = ($view && !has_capability('moodle/role:viewhiddenassigns', $context))? ' AND ra.hidden = 0 ':'';
$contextlist = get_related_contexts_string($context);
- $sql = "SELECT DISTINCT r.id,
- r.name,
- r.shortname,
- r.sortorder
- FROM {$CFG->prefix}role_assignments ra,
- {$CFG->prefix}role r
+ $sql = "SELECT DISTINCT r.id, r.name, r.shortname, r.sortorder
+ FROM {role_assignments} ra, {role} r
WHERE r.id = ra.roleid
- AND ra.contextid $contextlist
+ AND ra.contextid $contextlist
$hiddensql
ORDER BY r.sortorder ASC";
- return get_records_sql($sql);
+ return $DB->get_records_sql($sql);
}
/**
global $CFG, $USER;
$rolestring = '';
- $SQL = 'select * from '.$CFG->prefix.'role_assignments ra, '.$CFG->prefix.'role r where ra.userid='.$userid.' and ra.contextid='.$context->id.' and ra.roleid = r.id';
+ $sql = "SELECT *
+ FROM {role_assignments} ra, {role} r
+ WHERE ra.userid = ? and ra.contextid = ? and ra.roleid = r.id";
+ $params = array($userid, $context->id);
$rolenames = array();
- if ($roles = get_records_sql($SQL)) {
+ if ($roles = $DB->get_records_sql($sql, $params)) {
foreach ($roles as $userrole) {
// MDL-12544, if we are in view mode and current user has no capability to view hidden assignment, skip it
if ($userrole->hidden && $view && !has_capability('moodle/role:viewhiddenassigns', $context)) {
* @return boolean
*/
function user_can_override($context, $targetroleid) {
+ global $DB;
// first check if user has override capability
// if not return false;
if (!has_capability('moodle/role:override', $context)) {
if ($userroles = get_user_roles($context)) {
foreach ($userroles as $userrole) {
// if any in the role_allow_override table, then it's ok
- if (get_record('role_allow_override', 'roleid', $userrole->roleid, 'allowoverride', $targetroleid)) {
+ if ($DB->get_record('role_allow_override', array('roleid'=>$userrole->roleid, 'allowoverride'=>$targetroleid))) {
return true;
}
}
* @return boolean
*/
function user_can_assign($context, $targetroleid) {
+ global $DB;
// first check if user has override capability
// if not return false;
if ($userroles = get_user_roles($context)) {
foreach ($userroles as $userrole) {
// if any in the role_allow_override table, then it's ok
- if (get_record('role_allow_assign', 'roleid', $userrole->roleid, 'allowassign', $targetroleid)) {
+ if ($DB->get_record('role_allow_assign', array('roleid'=>$userrole->roleid, 'allowassign'=>$targetroleid))) {
return true;
}
}
return false;
}
-/** Returns all site roles in correct sort order.
- *
+/**
+ * Returns all site roles in correct sort order.
+ * @return array
*/
function get_all_roles() {
- return get_records('role', '', '', 'sortorder ASC');
+ global $DB;
+ return $DB->get_records('role', null, 'sortorder ASC');
}
/**
* @return array
*/
function get_user_roles($context, $userid=0, $checkparentcontexts=true, $order='c.contextlevel DESC, r.sortorder ASC', $view=false) {
-
- global $USER, $CFG, $db;
+ global $USER, $DB;
if (empty($userid)) {
if (empty($USER->id)) {
$userid = $USER->id;
}
// set up hidden sql
- $hiddensql = ($view && !has_capability('moodle/role:viewhiddenassigns', $context))? ' AND ra.hidden = 0 ':'';
+ $hiddensql = ($view && !has_capability('moodle/role:viewhiddenassigns', $context)) ? "AND ra.hidden = 0" : "";
- if ($checkparentcontexts && ($parents = get_parent_contexts($context))) {
- $contexts = ' ra.contextid IN ('.implode(',' , $parents).','.$context->id.')';
+ if ($checkparentcontexts) {
+ $contextids = get_parent_contexts($context);
} else {
- $contexts = ' ra.contextid = \''.$context->id.'\'';
+ $contextids = array();
}
+ $contextids[] = $context->id;
- if (!$return = get_records_sql('SELECT ra.*, r.name, r.shortname
- FROM '.$CFG->prefix.'role_assignments ra,
- '.$CFG->prefix.'role r,
- '.$CFG->prefix.'context c
- WHERE ra.userid = '.$userid.'
- AND ra.roleid = r.id
- AND ra.contextid = c.id
- AND '.$contexts . $hiddensql .'
- ORDER BY '.$order)) {
- $return = array();
- }
+ list($contextids, $params) = $DB->get_in_or_equal($contextids, SQL_PARAMS_QM);
+
+ array_unshift($params, $userid);
+
+ $sql = "SELECT ra.*, r.name, r.shortname
+ FROM {role_assignments} ra, {role} r, {context} c
+ WHERE ra.userid = ?
+ AND ra.roleid = r.id
+ AND ra.contextid = c.id
+ AND ra.contextid $contextids
+ $hiddensql
+ ORDER BY $order";
- return $return;
+ return $DB->get_records_sql($sql ,$params);
}
/**
* @return int - id or false
*/
function allow_override($sroleid, $troleid) {
+ global $DB;
+
$record = new object();
- $record->roleid = $sroleid;
+ $record->roleid = $sroleid;
$record->allowoverride = $troleid;
- return insert_record('role_allow_override', $record);
+ return $DB->insert_record('role_allow_override', $record);
}
/**
* @return int - id or false
*/
function allow_assign($sroleid, $troleid) {
+ global $DB;
+
$record = new object;
- $record->roleid = $sroleid;
+ $record->roleid = $sroleid;
$record->allowassign = $troleid;
- return insert_record('role_allow_assign', $record);
+ return $DB->insert_record('role_allow_assign', $record);
}
/**
* @param string $field
* @return array
*/
-function get_assignable_roles ($context, $field='name', $rolenamedisplay=ROLENAME_ALIAS) {
-
- global $CFG;
+function get_assignable_roles($context, $field='name', $rolenamedisplay=ROLENAME_ALIAS) {
+ global $DB;
// this users RAs
$ras = get_user_roles($context);
return array();
}
- $roleids = implode(',',$roleids);
+ list($roleids, $params) = $DB->get_in_or_equal($roleids, SQL_PARAMS_QM);
// The subselect scopes the DISTINCT down to
// the role ids - a DISTINCT over the whole of
// the role table is much more expensive on some DBs
$sql = "SELECT r.id, r.$field
- FROM {$CFG->prefix}role r
- JOIN ( SELECT DISTINCT allowassign as allowedrole
- FROM {$CFG->prefix}role_allow_assign raa
- WHERE raa.roleid IN ($roleids) ) ar
+ FROM {role} r
+ JOIN ( SELECT DISTINCT allowassign as allowedrole
+ FROM {role_allow_assign} raa
+ WHERE raa.roleid $roleids ) ar
ON r.id=ar.allowedrole
- ORDER BY sortorder ASC";
+ ORDER BY sortorder ASC";
+
+ if (!$rs = $DB->get_recordset_sql($sql, $params)) {
+ return array();
+ }
- $rs = get_recordset_sql($sql);
$roles = array();
- while ($r = rs_fetch_next_record($rs)) {
+ foreach ($rs as $r) {
$roles[$r->id] = $r->{$field};
}
- rs_close($rs);
+ $rs->close();
return role_fix_names($roles, $context, $rolenamedisplay);
}
* @param string $field
* @return array
*/
-function get_assignable_roles_for_switchrole ($context, $field='name', $rolenamedisplay=ROLENAME_ALIAS) {
-
- global $CFG;
+function get_assignable_roles_for_switchrole($context, $field='name', $rolenamedisplay=ROLENAME_ALIAS) {
+ global $DB;
// this users RAs
$ras = get_user_roles($context);
return array();
}
- $roleids = implode(',',$roleids);
+ list($roleids, $params) = $DB->get_in_or_equal($roleids, SQL_PARAMS_QM);
// The subselect scopes the DISTINCT down to
// the role ids - a DISTINCT over the whole of
// the role table is much more expensive on some DBs
$sql = "SELECT r.id, r.$field
- FROM {$CFG->prefix}role r
- JOIN ( SELECT DISTINCT allowassign as allowedrole
- FROM {$CFG->prefix}role_allow_assign raa
- WHERE raa.roleid IN ($roleids) ) ar
- ON r.id=ar.allowedrole
- JOIN {$CFG->prefix}role_capabilities rc
- ON (r.id = rc.roleid AND rc.capability = 'moodle/course:view'
- AND rc.capability != 'moodle/site:doanything')
+ FROM {role} r
+ JOIN ( SELECT DISTINCT allowassign as allowedrole
+ FROM {role_allow_assign} raa
+ WHERE raa.roleid $roleids ) ar
+ ON r.id=ar.allowedrole
+ JOIN {role_capabilities} rc
+ ON (r.id = rc.roleid AND rc.capability = ?
+ AND rc.capability != ?)
ORDER BY sortorder ASC";
+ $params[] = 'moodle/course:view';
+ $params[] = 'moodle/site:doanything';
+
+ if (!$rs = $DB->get_recordset_sql($sql, $params)) {
+ return array();
+ }
- $rs = get_recordset_sql($sql);
$roles = array();
- while ($r = rs_fetch_next_record($rs)) {
+ foreach ($rs as $r) {
$roles[$r->id] = $r->{$field};
}
- rs_close($rs);
+ $rs->close();
return role_fix_names($roles, $context, $rolenamedisplay);
}
* @return object $role
*/
function get_default_course_role($course) {
- global $CFG;
+ global $DB, $CFG;
/// First let's take the default role the course may have
if (!empty($course->defaultrole)) {
- if ($role = get_record('role', 'id', $course->defaultrole)) {
+ if ($role = $DB->get_record('role', array('id'=>$course->defaultrole))) {
return $role;
}
}
/// Otherwise the site setting should tell us
if ($CFG->defaultcourseroleid) {
- if ($role = get_record('role', 'id', $CFG->defaultcourseroleid)) {
+ if ($role = $DB->get_record('role', array('id'=>$CFG->defaultcourseroleid))) {
return $role;
}
}
*
* This can be a very expensive call - use sparingly and keep
* the results if you are going to need them again soon.
- *
+ *
* Note if $fields is empty this function attempts to get u.*
* which can get rather large - and has a serious perf impact
* on some DBs.
function get_users_by_capability($context, $capability, $fields='', $sort='',
$limitfrom='', $limitnum='', $groups='', $exceptions='', $doanything=true,
$view=false, $useviewallgroups=false) {
- global $CFG;
+ global $CFG, $DB;
$ctxids = substr($context->path, 1); // kill leading slash
$ctxids = str_replace('/', ',', $ctxids);
}
// What roles/rolecaps are interesting?
- $caps = "'$capability'";
- if ($doanything===true) {
- $caps.=",'moodle/site:doanything'";
+ $caps = array($capability);
+ if ($doanything === true) {
+ $caps[] = 'moodle/site:doanything';
$doanything_join='';
$doanything_cond='';
+
} else {
// This is an outer join against
// admin-ish roleids. Any row that succeeds
// 'doanything' capabilities.
$doanything_join="LEFT OUTER JOIN (
SELECT DISTINCT rc.roleid
- FROM {$CFG->prefix}role_capabilities rc
- WHERE rc.capability='moodle/site:doanything'
+ FROM {role_capabilities} rc
+ WHERE rc.capability=:capany
AND rc.permission=".CAP_ALLOW."
AND rc.contextid IN ($ctxids)
) dar
$negperm = false; // has any negative (<0) permission?
$roleids = array();
+ list($caps, $params) = $DB->get_in_or_equal($caps, SQL_PARAMS_NAMED, 'cap0');
+ $params['capany'] = 'moodle/site:doanything';
+
$sql = "SELECT rc.id, rc.roleid, rc.permission, rc.capability,
ctx.depth AS ctxdepth, ctx.contextlevel AS ctxlevel
- FROM {$CFG->prefix}role_capabilities rc
- JOIN {$CFG->prefix}context ctx on rc.contextid = ctx.id
- $doanything_join
- WHERE rc.capability IN ($caps) AND ctx.id IN ($ctxids)
- $doanything_cond
- ORDER BY rc.roleid ASC, ctx.depth ASC";
- if ($capdefs = get_records_sql($sql)) {
+ FROM {role_capabilities} rc
+ JOIN {context} ctx on rc.contextid = ctx.id
+ $doanything_join
+ WHERE rc.capability $caps AND ctx.id IN ($ctxids)
+ $doanything_cond
+ ORDER BY rc.roleid ASC, ctx.depth ASC";
+
+ if ($capdefs = $DB->get_records_sql($sql, $params)) {
foreach ($capdefs AS $rcid=>$rc) {
$roleids[] = (int)$rc->roleid;
if ($rc->permission < 0) {
}
}
}
-
+
$roleids = array_unique($roleids);
if (count($roleids)===0) { // noone here!
if (is_array($groups)) {
$grouptest = 'gm.groupid IN (' . implode(',', $groups) . ')';
} else {
- $grouptest = 'gm.groupid = ' . $groups;
+ $grouptest = 'gm.groupid = ' . (int)$groups;
}
$grouptest = 'ra.userid IN (SELECT userid FROM ' .
- $CFG->prefix . 'groups_members gm WHERE ' . $grouptest . ')';
+ '{groups_members} gm WHERE ' . $grouptest . ')';
if ($useviewallgroups) {
$viewallgroupsusers = get_users_by_capability($context,
if ((strpos($sort, 'ul.timeaccess') === FALSE) and (strpos($fields, 'ul.timeaccess') === FALSE)) { // user_lastaccess is not required MDL-13810
$uljoin = '';
} else {
- $uljoin = "LEFT OUTER JOIN {$CFG->prefix}user_lastaccess ul
+ $uljoin = "LEFT OUTER JOIN {user_lastaccess} ul
ON (ul.userid = u.id AND ul.courseid = {$context->instanceid})";
}
//
// Simple cases - No negative permissions means we can take shortcuts
//
- if (!$negperm) {
+ if (!$negperm) {
// at the frontpage, and all site users have it - easy!
if ($isfrontpage && !empty($CFG->defaultfrontpageroleid)
&& in_array((int)$CFG->defaultfrontpageroleid, $roleids, true)) {
-
- return get_records_sql("SELECT $fields
- FROM {$CFG->prefix}user u
- ORDER BY $sort",
- $limitfrom, $limitnum);
+
+ return $DB->get_records_sql("SELECT $fields
+ FROM {user} u
+ ORDER BY $sort",
+ $limitfrom, $limitnum);
}
// all site users have it, anyway
// TODO: NOT ALWAYS! Check this case because this gets run for cases like this:
// 1) Default role has the permission for a module thing like mod/choice:choose
// 2) We are checking for an activity module context in a course
- // 3) Thus all users are returned even though course:view is also required
+ // 3) Thus all users are returned even though course:view is also required
if ($defaultroleinteresting) {
$sql = "SELECT $fields
- FROM {$CFG->prefix}user u
- $uljoin
+ FROM {user} u
+ $uljoin
$where
- ORDER BY $sort";
- return get_records_sql($sql, $limitfrom, $limitnum);
+ ORDER BY $sort";
+ return $DB->get_records_sql($sql, null, $limitfrom, $limitnum);
}
/// Simple SQL assuming no negative rolecaps.
/// ensuring only one row per user -- even if they
/// have many "relevant" role assignments.
$select = " SELECT $fields";
- $from = " FROM {$CFG->prefix}user u
+ $from = " FROM {user} u
JOIN (SELECT DISTINCT ssra.userid
- FROM {$CFG->prefix}role_assignments ssra
+ FROM {role_assignments} ssra
WHERE ssra.contextid IN ($ctxids)
AND ssra.roleid IN (".implode(',',$roleids) .")
$sscondhiddenra
if (count(array_keys($wherecond))) {
$where .= ' AND ' . implode(' AND ', array_values($wherecond));
}
- return get_records_sql($select.$from.$where.$sortby, $limitfrom, $limitnum);
+ return $DB->get_records_sql($select.$from.$where.$sortby, null, $limitfrom, $limitnum);
}
//
$roleperms[$rc->capability][$rid] = (object)array('perm' => $perm,
'rcdepth' => $rcdepth);
}
-
+
}
if ($context->contextlevel == CONTEXT_SYSTEM
// moves a ton of data across the wire.
$ss = "SELECT u.id as userid, ra.roleid,
ctx.depth
- FROM {$CFG->prefix}user u
- LEFT OUTER JOIN {$CFG->prefix}role_assignments ra
+ FROM {user} u
+ LEFT OUTER JOIN {role_assignments} ra
ON (ra.userid = u.id
AND ra.contextid IN ($ctxids)
AND ra.roleid IN (".implode(',',$roleids) .")
$condhiddenra)
- LEFT OUTER JOIN {$CFG->prefix}context ctx
+ LEFT OUTER JOIN {context} ctx
ON ra.contextid=ctx.id
WHERE u.deleted=0";
} else {
// be defined in a role assignment somewhere.
$ss = "SELECT ra.userid as userid, ra.roleid,
ctx.depth
- FROM {$CFG->prefix}role_assignments ra
- JOIN {$CFG->prefix}context ctx
+ FROM {role_assignments} ra
+ JOIN {context} ctx
ON ra.contextid=ctx.id
WHERE ra.contextid IN ($ctxids)
$condhiddenra
$select = "SELECT $fields ,ra.roleid, ra.depth ";
$from = "FROM ($ss) ra
- JOIN {$CFG->prefix}user u
+ JOIN {user} u
ON ra.userid=u.id
$uljoin ";
$where = "WHERE u.deleted = 0 ";
$sort .= ' , ra.userid ASC, ra.depth DESC';
$sortby .= ' , ra.userid ASC, ra.depth DESC ';
- $rs = get_recordset_sql($select.$from.$where.$sortby);
+ if (!$rs = $DB->get_recordset_sql($select.$from.$where.$sortby)) {
+ return array();
+ }
//
// Process the user accounts+RAs, folding repeats together...
// - if the user has permission, all is good, just $c++ (counter)
// - ...else, decrease the counter - so pagination is kept straight,
// and (if we are in the page) remove from the results
- //
+ //
$results = array();
// pagination controls
//
// Track our last user id so we know when we are dealing
- // with a new user...
+ // with a new user...
//
$lastuserid = 0;
//
- // In this loop, we
+ // In this loop, we
// $ras: role assignments, multidimensional array
// treat as a stack - going from local to general
// $ras = (( roleid=> x, $depth=>y) , ( roleid=> x, $depth=>y))
//
- while ($user = rs_fetch_next_record($rs)) {
+ foreach($rs as $user) {
//error_log(" Record: " . print_r($user,1));
//
- // Pagination controls
+ // Pagination controls
// Note that we might end up removing a user
// that ends up _not_ having the rights,
// therefore rolling back $c
}
} // end while(fetch)
+ $rs->close();
// Prune last entry if necessary
if ($lastuserid !=0) {
return $results;
}
-/*
+/**
* Fast (fast!) utility function to resolve if a capability is granted,
* based on Role Assignments and Role Capabilities.
*
* @param string $capability - name of the capability
* @param bool $doanything
* @return boolean
- *
+ *
*/
function has_capability_from_rarc($ras, $roleperms, $capability, $doanything) {
// Mini-state machine, using $hascap
// $hascap[ 'moodle/foo:bar' ]->radepth = depth of the role assignment that set it
// $hascap[ 'moodle/foo:bar' ]->rcdepth = depth of the rolecap that set it
// -- when resolving conflicts, we need to look into radepth first, if unresolved
-
+
$caps = array($capability);
if ($doanything) {
$caps[] = 'moodle/site:candoanything';
if ($rp->rcdepth > $hascap[$cap]->rcdepth) {
continue;
}
- // We match depth - add them
+ // We match depth - add them
$hascap[$cap]->perm += $rp->perm;
}
}
* @return array - sorted copy of the array
*/
function sort_by_roleassignment_authority($users, $context, $roles=array(), $sortpolicy='locality') {
- global $CFG;
+ global $DB;
$userswhere = ' ra.userid IN (' . implode(',',array_keys($users)) . ')';
- $contextwhere = ' ra.contextid IN ('.str_replace('/', ',',substr($context->path, 1)).')';
+ $contextwhere = 'AND ra.contextid IN ('.str_replace('/', ',',substr($context->path, 1)).')';
if (empty($roles)) {
$roleswhere = '';
} else {
}
$sql = "SELECT ra.userid
- FROM {$CFG->prefix}role_assignments ra
- JOIN {$CFG->prefix}role r
- ON ra.roleid=r.id
- JOIN {$CFG->prefix}context ctx
- ON ra.contextid=ctx.id
- WHERE
- $userswhere
- AND $contextwhere
- $roleswhere
- ";
+ FROM {role_assignments} ra
+ JOIN {role} r
+ ON ra.roleid=r.id
+ JOIN {context} ctx
+ ON ra.contextid=ctx.id
+ WHERE $userswhere
+ $contextwhere
+ $roleswhere";
// Default 'locality' policy -- read PHPDoc notes
// about sort policies...
- $orderby = 'ORDER BY
- ctx.depth DESC, /* locality wins */
- r.sortorder ASC, /* rolesorting 2nd criteria */
- ra.id /* role assignment order tie-breaker */';
+ $orderby = 'ORDER BY '
+ .'ctx.depth DESC, ' /* locality wins */
+ .'r.sortorder ASC, ' /* rolesorting 2nd criteria */
+ .'ra.id'; /* role assignment order tie-breaker */
if ($sortpolicy === 'sortorder') {
- $orderby = 'ORDER BY
- r.sortorder ASC, /* rolesorting 2nd criteria */
- ra.id /* role assignment order tie-breaker */';
+ $orderby = 'ORDER BY '
+ .'r.sortorder ASC, ' /* rolesorting 2nd criteria */
+ .'ra.id'; /* role assignment order tie-breaker */
}
- $sortedids = get_fieldset_sql($sql . $orderby);
+ $sortedids = $DB->get_fieldset_sql($sql . $orderby);
$sortedusers = array();
$seen = array();
* @return array()
*/
function get_role_users($roleid, $context, $parent=false, $fields='', $sort='u.lastname ASC', $gethidden=true, $group='', $limitfrom='', $limitnum='') {
- global $CFG;
+ global $DB;
if (empty($fields)) {
$fields = 'u.id, u.confirmed, u.username, u.firstname, u.lastname, '.
}
}
- if (is_array($roleid)) {
- $roleselect = ' AND ra.roleid IN (' . implode(',',$roleid) .')';
- } elseif (!empty($roleid)) { // should not test for int, because it can come in as a string
- $roleselect = "AND ra.roleid = $roleid";
+ if ($roleid) {
+ list($rids, $params) = $DB->get_in_or_equal($roleid, SQL_PARAMS_QM);
+ $roleselect = "AND ra.roleid $rids";
} else {
+ $params = array();
$roleselect = '';
}
if ($group) {
- $groupjoin = "JOIN {$CFG->prefix}groups_members gm
- ON gm.userid = u.id";
- $groupselect = " AND gm.groupid = $group ";
+ $groupjoin = "JOIN {groups_members} gm ON gm.userid = u.id";
+ $groupselect = " AND gm.groupid = ? ";
+ $params[] = $group;
} else {
$groupjoin = '';
$groupselect = '';
}
- $SQL = "SELECT $fields, ra.roleid
- FROM {$CFG->prefix}role_assignments ra
- JOIN {$CFG->prefix}user u
- ON u.id = ra.userid
- JOIN {$CFG->prefix}role r
- ON ra.roleid = r.id
- $groupjoin
- WHERE (ra.contextid = $context->id $parentcontexts)
- $roleselect
- $groupselect
- $hiddensql
- ORDER BY $sort
- "; // join now so that we can just use fullname() later
-
- return get_records_sql($SQL, $limitfrom, $limitnum);
+ array_unshift($params, $context->id);
+
+ $sql = "SELECT $fields, ra.roleid
+ FROM {role_assignments} ra
+ JOIN {user} u ON u.id = ra.userid
+ JOIN {role} r ON ra.roleid = r.id
+ $groupjoin
+ WHERE (ra.contextid = ? $parentcontexts)
+ $roleselect
+ $groupselect
+ $hiddensql
+ ORDER BY $sort"; // join now so that we can just use fullname() later
+
+ return $DB->get_records_sql($sql, $params, $limitfrom, $limitnum);
}
/**
* @param int roleid
* @param int contextid
* @param bool parent if true, get list of users assigned in higher context too
- * @return array()
+ * @return count
*/
function count_role_users($roleid, $context, $parent=false) {
- global $CFG;
+ global $DB;
if ($parent) {
if ($contexts = get_parent_contexts($context)) {
$parentcontexts = '';
}
- $SQL = "SELECT count(u.id)
- FROM {$CFG->prefix}role_assignments r
- JOIN {$CFG->prefix}user u
- ON u.id = r.userid
- WHERE (r.contextid = $context->id $parentcontexts)
- AND r.roleid = $roleid
- AND u.deleted = 0";
+ $sql = "SELECT count(u.id)
+ FROM {role_assignments} r
+ JOIN {user} u ON u.id = r.userid
+ WHERE (r.contextid = ? $parentcontexts)
+ AND r.roleid = ? AND u.deleted = 0";
+ $params = array($context->id, $roleid);
- return count_records_sql($SQL);
+ return $DB->count_records_sql($sql, $params);
}
/**
* table with sql modifiers (DESC) if needed
* @return array Array of courses, may have zero entries. Or false if query failed.
*/
-function get_user_capability_course($capability, $userid=NULL,$doanything=true,$fieldsexceptid='',$orderby='') {
+function get_user_capability_course($capability, $userid=NULL, $doanything=true, $fieldsexceptid='', $orderby='') {
+ global $DB;
+
// Convert fields list and ordering
- $fieldlist='';
- if($fieldsexceptid) {
- $fields=explode(',',$fieldsexceptid);
+ $fieldlist = '';
+ if ($fieldsexceptid) {
+ $fields = explode(',', $fieldsexceptid);
foreach($fields as $field) {
- $fieldlist.=',c.'.$field;
+ $fieldlist .= ',c.'.$field;
}
}
- if($orderby) {
- $fields=explode(',',$orderby);
- $orderby='';
+ if ($orderby) {
+ $fields = explode(',', $orderby);
+ $orderby = '';
foreach($fields as $field) {
if($orderby) {
- $orderby.=',';
+ $orderby .= ',';
}
- $orderby.='c.'.$field;
+ $orderby .= 'c.'.$field;
}
- $orderby='ORDER BY '.$orderby;
+ $orderby = 'ORDER BY '.$orderby;
}
// Obtain a list of everything relevant about all courses including context.
// Note the result can be used directly as a context (we are going to), the course
// fields are just appended.
- global $CFG;
- $rs=get_recordset_sql("
-SELECT
- x.*,c.id AS courseid$fieldlist
-FROM
- {$CFG->prefix}course c
- INNER JOIN {$CFG->prefix}context x ON c.id=x.instanceid AND x.contextlevel=".CONTEXT_COURSE."
-$orderby
-");
- if(!$rs) {
- return false;
+
+ if (!$rs = $DB->get_recordset_sql("SELECT x.*, c.id AS courseid $fieldlist
+ FROM {course} c
+ INNER JOIN {context} x
+ ON (c.id=x.instanceid AND x.contextlevel=".CONTEXT_COURSE.")
+ $orderby")) {
+ return false;
}
// Check capability for each course in turn
- $courses=array();
- while($coursecontext=rs_fetch_next_record($rs)) {
- if(has_capability($capability,$coursecontext,$userid,$doanything)) {
+ $courses = array();
+ foreach ($rs as $coursecontext) {
+ if(has_capability($capability, $coursecontext, $userid, $doanything)) {
// We've got the capability. Make the record look like a course record
// and store it
- $coursecontext->id=$coursecontext->courseid;
+ $coursecontext->id = $coursecontext->courseid;
unset($coursecontext->courseid);
unset($coursecontext->contextlevel);
unset($coursecontext->instanceid);
- $courses[]=$coursecontext;
+ $courses[] = $coursecontext;
}
}
+ $rs->close();
return $courses;
}
* @return array
*/
function get_roles_on_exact_context($context) {
+ global $DB;
- global $CFG;
-
- return get_records_sql("SELECT r.*
- FROM {$CFG->prefix}role_assignments ra,
- {$CFG->prefix}role r
- WHERE ra.roleid = r.id
- AND ra.contextid = $context->id");
+ return $DB->get_records_sql("SELECT r.*
+ FROM {role_assignments} ra, {role} r
+ WHERE ra.roleid = r.id AND ra.contextid = ?",
+ array($context->id));
}
* To "unswitch" pass 0 as the roleid.
*
* This function *will* modify $USER->access - beware
- *
+ *
* @param integer $roleid
* @param object $context
* @return bool
*/
function role_switch($roleid, $context) {
- global $USER, $CFG;
+ global $USER;
//
// Plan of action
// - When visiting subcontexts, our selective accessdata loading
// will still work fine - though those ra/rdefs will be ignored
// appropriately while the switch is in place
- //
- // - If a switcheroo happens at a category with tons of courses
+ //
+ // - If a switcheroo happens at a category with tons of courses
// (that have many overrides for switched-to role), the session
// will get... quite large. Sometimes you just can't win.
//
// To un-switch just unset($USER->access['rsw'][$path])
- //
+ //
+ // Note: it is not possible to switch to roles that do not have course:view
// Add the switch RA
if (!isset($USER->access['rsw'])) {
}
$USER->access['rsw'][$context->path]=$roleid;
-
+
// Load roledefs
$USER->access = get_role_access_bycontext($roleid, $context,
$USER->access);
- /* DO WE NEED THIS AT ALL???
- // Add some permissions we are really going
- // to always need, even if the role doesn't have them!
-
- $USER->capabilities[$context->id]['moodle/course:view'] = CAP_ALLOW;
- */
-
return true;
}
-// get any role that has an override on exact context
+/**
+ * Get any role that has an override on exact context
+ */
function get_roles_with_override_on_context($context) {
+ global $DB;
- global $CFG;
-
- return get_records_sql("SELECT r.*
- FROM {$CFG->prefix}role_capabilities rc,
- {$CFG->prefix}role r
- WHERE rc.roleid = r.id
- AND rc.contextid = $context->id");
+ return $DB->get_records_sql("SELECT r.*
+ FROM {role_capabilities} rc, {role} r
+ WHERE rc.roleid = r.id AND rc.contextid = ?",
+ array($context->id));
}
-// get all capabilities for this role on this context (overrids)
+/**
+ * Get all capabilities for this role on this context (overrids)
+ */
function get_capabilities_from_role_on_context($role, $context) {
+ global $DB;
- global $CFG;
-
- return get_records_sql("SELECT *
- FROM {$CFG->prefix}role_capabilities
- WHERE contextid = $context->id
- AND roleid = $role->id");
+ return $DB->get_records_sql("SELECT *
+ FROM {role_capabilities}
+ WHERE contextid = ? AND roleid = ?",
+ array($context->id, $role->id));
}
-// find out which roles has assignment on this context
+/**
+ * Find out which roles has assignment on this context
+ */
function get_roles_with_assignment_on_context($context) {
+ global $DB;
- global $CFG;
-
- return get_records_sql("SELECT r.*
- FROM {$CFG->prefix}role_assignments ra,
- {$CFG->prefix}role r
- WHERE ra.roleid = r.id
- AND ra.contextid = $context->id");
+ return $DB->get_records_sql("SELECT r.*
+ FROM {role_assignments} ra, {role} r
+ WHERE ra.roleid = r.id AND ra.contextid = ?",
+ array($context->id));
}
* Find all user assignemnt of users for this role, on this context
*/
function get_users_from_role_on_context($role, $context) {
+ global $DB;
- global $CFG;
-
- return get_records_sql("SELECT *
- FROM {$CFG->prefix}role_assignments
- WHERE contextid = $context->id
- AND roleid = $role->id");
+ return $DB->get_records_sql("SELECT *
+ FROM {role_assignments}
+ WHERE contextid = ? AND roleid = ?",
+ array($context->id, $role->id));
}
/**
* Simple function returning a boolean true if roles exist, otherwise false
*/
function user_has_role_assignment($userid, $roleid, $contextid=0) {
+ global $DB;
if ($contextid) {
- return record_exists('role_assignments', 'userid', $userid, 'roleid', $roleid, 'contextid', $contextid);
+ return $DB->record_exists('role_assignments', array('userid'=>$userid, 'roleid'=>$roleid, 'contextid'=>$contextid));
} else {
- return record_exists('role_assignments', 'userid', $userid, 'roleid', $roleid);
+ return $DB->record_exists('role_assignments', array('userid'=>$userid, 'roleid'=>$roleid));
}
}
* @return $string name of role in course context
*/
function role_get_name($role, $coursecontext) {
- if ($r = get_record('role_names','roleid', $role->id,'contextid', $coursecontext->id)) {
+ global $DB;
+
+ if ($r = $DB->get_record('role_names', array('roleid'=>$role->id, 'contextid'=>$coursecontext->id))) {
return strip_tags(format_string($r->name));
} else {
return strip_tags(format_string($role->name));
* @return array of role names
*/
function role_fix_names($roleoptions, $context, $rolenamedisplay=ROLENAME_ALIAS) {
+ global $DB;
if ($rolenamedisplay != ROLENAME_ORIGINAL && !empty($context->id)) {
if ($context->contextlevel == CONTEXT_MODULE || $context->contextlevel == CONTEXT_BLOCK) { // find the parent course context
if ($parentcontextid = array_shift(get_parent_contexts($context))) {
$context = get_context_instance_by_id($parentcontextid);
}
}
- if ($aliasnames = get_records('role_names', 'contextid', $context->id)) {
+ if ($aliasnames = $DB->get_records('role_names', array('contextid'=>$context->id))) {
if ($rolenamedisplay == ROLENAME_ALIAS) {
foreach ($aliasnames as $alias) {
if (isset($roleoptions[$alias->roleid])) {
/**
* Populate context.path and context.depth where missing.
* @param bool $force force a complete rebuild of the path and depth fields.
- * @param bool $feedback display feedback (during upgrade usually)
* @return void
*/
-function build_context_path($force=false, $feedback=false) {
- global $CFG;
+function build_context_path($force=false) {
+ global $CFG, $DB;
require_once($CFG->libdir.'/ddllib.php');
// System context
$base = '/'.$sitectx->id;
// Sitecourse
- $sitecoursectx = get_record('context',
- 'contextlevel', CONTEXT_COURSE,
- 'instanceid', SITEID);
+ $sitecoursectx = $DB->get_record('context', array('contextlevel'=>CONTEXT_COURSE, 'instanceid'=>SITEID));
if ($force || $sitecoursectx->path !== "$base/{$sitecoursectx->id}") {
- set_field('context', 'path', "$base/{$sitecoursectx->id}",
- 'id', $sitecoursectx->id);
- set_field('context', 'depth', 2,
- 'id', $sitecoursectx->id);
- $sitecoursectx = get_record('context',
- 'contextlevel', CONTEXT_COURSE,
- 'instanceid', SITEID);
+ $DB->set_field('context', 'path', "$base/{$sitecoursectx->id}", array('id'=>$sitecoursectx->id));
+ $DB->set_field('context', 'depth', 2, array('id'=>$sitecoursectx->id));
+ $sitecoursectx = $DB->get_record('context', array('contextlevel'=>CONTEXT_COURSE, 'instanceid'=>SITEID));
}
$ctxemptyclause = " AND (ctx.path IS NULL
OR ctx.depth=0) ";
- $emptyclause = " AND ({$CFG->prefix}context.path IS NULL
- OR {$CFG->prefix}context.depth=0) ";
+ $emptyclause = " AND ({context}.path IS NULL
+ OR {context}.depth=0) ";
if ($force) {
$ctxemptyclause = $emptyclause = '';
}
* - using table alias in UPDATE does not work in pg < 8.2
*/
if ($CFG->dbfamily == 'mysql') {
- $updatesql = "UPDATE {$CFG->prefix}context ct, {$CFG->prefix}context_temp temp
+ $updatesql = "UPDATE {context} ct, {context_temp} temp
SET ct.path = temp.path,
ct.depth = temp.depth
WHERE ct.id = temp.id";
} else if ($CFG->dbfamily == 'oracle') {
- $updatesql = "UPDATE {$CFG->prefix}context ct
+ $updatesql = "UPDATE {context} ct
SET (ct.path, ct.depth) =
(SELECT temp.path, temp.depth
- FROM {$CFG->prefix}context_temp temp
+ FROM {context_temp} temp
WHERE temp.id=ct.id)
WHERE EXISTS (SELECT 'x'
- FROM {$CFG->prefix}context_temp temp
+ FROM {context_temp} temp
WHERE temp.id = ct.id)";
} else {
- $updatesql = "UPDATE {$CFG->prefix}context
+ $updatesql = "UPDATE {context}
SET path = temp.path,
depth = temp.depth
- FROM {$CFG->prefix}context_temp temp
- WHERE temp.id={$CFG->prefix}context.id";
+ FROM {context_temp} temp
+ WHERE temp.id={context}.id";
}
- $udelsql = "TRUNCATE TABLE {$CFG->prefix}context_temp";
+ $udelsql = "TRUNCATE TABLE {context_temp}";
// Top level categories
- $sql = "UPDATE {$CFG->prefix}context
- SET depth=2, path=" . sql_concat("'$base/'", 'id') . "
+ $sql = "UPDATE {context}
+ SET depth=2, path=" . $DB->sql_concat("'$base/'", 'id') . "
WHERE contextlevel=".CONTEXT_COURSECAT."
AND EXISTS (SELECT 'x'
- FROM {$CFG->prefix}course_categories cc
- WHERE cc.id = {$CFG->prefix}context.instanceid
+ FROM {course_categories} cc
+ WHERE cc.id = {context}.instanceid
AND cc.depth=1)
$emptyclause";
- execute_sql($sql, $feedback);
-
- execute_sql($udelsql, $feedback);
+ $DB->execute($sql);
+ $DB->execute($udelsql);
// Deeper categories - one query per depthlevel
- $maxdepth = get_field_sql("SELECT MAX(depth)
- FROM {$CFG->prefix}course_categories");
- for ($n=2;$n<=$maxdepth;$n++) {
- $sql = "INSERT INTO {$CFG->prefix}context_temp (id, path, depth)
- SELECT ctx.id, ".sql_concat('pctx.path', "'/'", 'ctx.id').", $n+1
- FROM {$CFG->prefix}context ctx
- JOIN {$CFG->prefix}course_categories c ON ctx.instanceid=c.id
- JOIN {$CFG->prefix}context pctx ON c.parent=pctx.instanceid
+ $maxdepth = $DB->get_field_sql("SELECT MAX(depth)
+ FROM {course_categories}");
+ for ($n=2; $n<=$maxdepth; $n++) {
+ $sql = "INSERT INTO {context}_temp (id, path, depth)
+ SELECT ctx.id, ".$DB->sql_concat('pctx.path', "'/'", 'ctx.id').", $n+1
+ FROM {context} ctx
+ JOIN {course_categories} c ON ctx.instanceid=c.id
+ JOIN {context} pctx ON c.parent=pctx.instanceid
WHERE ctx.contextlevel=".CONTEXT_COURSECAT."
AND pctx.contextlevel=".CONTEXT_COURSECAT."
AND c.depth=$n
AND NOT EXISTS (SELECT 'x'
- FROM {$CFG->prefix}context_temp temp
+ FROM {context}_temp temp
WHERE temp.id = ctx.id)
$ctxemptyclause";
- execute_sql($sql, $feedback);
-
+ $DB->execute($sql);
+
// this is needed after every loop
// MDL-11532
- execute_sql($updatesql, $feedback);
- execute_sql($udelsql, $feedback);
+ $DB->execute($updatesql);
+ $DB->execute($udelsql);
}
// Courses -- except sitecourse
- $sql = "INSERT INTO {$CFG->prefix}context_temp (id, path, depth)
- SELECT ctx.id, ".sql_concat('pctx.path', "'/'", 'ctx.id').", pctx.depth+1
- FROM {$CFG->prefix}context ctx
- JOIN {$CFG->prefix}course c ON ctx.instanceid=c.id
- JOIN {$CFG->prefix}context pctx ON c.category=pctx.instanceid
+ $sql = "INSERT INTO {context}_temp (id, path, depth)
+ SELECT ctx.id, ".$DB->sql_concat('pctx.path', "'/'", 'ctx.id').", pctx.depth+1
+ FROM {context} ctx
+ JOIN {course} c ON ctx.instanceid=c.id
+ JOIN {context} pctx ON c.category=pctx.instanceid
WHERE ctx.contextlevel=".CONTEXT_COURSE."
AND c.id!=".SITEID."
AND pctx.contextlevel=".CONTEXT_COURSECAT."
AND NOT EXISTS (SELECT 'x'
- FROM {$CFG->prefix}context_temp temp
+ FROM {context}_temp temp
WHERE temp.id = ctx.id)
$ctxemptyclause";
- execute_sql($sql, $feedback);
+ $DB->execute($sql);
- execute_sql($updatesql, $feedback);
- execute_sql($udelsql, $feedback);
+ $DB->execute($updatesql);
+ $DB->execute($udelsql);
// Module instances
- $sql = "INSERT INTO {$CFG->prefix}context_temp (id, path, depth)
- SELECT ctx.id, ".sql_concat('pctx.path', "'/'", 'ctx.id').", pctx.depth+1
- FROM {$CFG->prefix}context ctx
- JOIN {$CFG->prefix}course_modules cm ON ctx.instanceid=cm.id
- JOIN {$CFG->prefix}context pctx ON cm.course=pctx.instanceid
+ $sql = "INSERT INTO {context}_temp (id, path, depth)
+ SELECT ctx.id, ".$DB->sql_concat('pctx.path', "'/'", 'ctx.id').", pctx.depth+1
+ FROM {context} ctx
+ JOIN {course_modules} cm ON ctx.instanceid=cm.id
+ JOIN {context} pctx ON cm.course=pctx.instanceid
WHERE ctx.contextlevel=".CONTEXT_MODULE."
AND pctx.contextlevel=".CONTEXT_COURSE."
AND NOT EXISTS (SELECT 'x'
- FROM {$CFG->prefix}context_temp temp
+ FROM {context}_temp temp
WHERE temp.id = ctx.id)
$ctxemptyclause";
- execute_sql($sql, $feedback);
+ $DB->execute($sql);
- execute_sql($updatesql, $feedback);
- execute_sql($udelsql, $feedback);
+ $DB->execute($updatesql);
+ $DB->execute($udelsql);
// Blocks - non-pinned course-view only
- $sql = "INSERT INTO {$CFG->prefix}context_temp (id, path, depth)
- SELECT ctx.id, ".sql_concat('pctx.path', "'/'", 'ctx.id').", pctx.depth+1
- FROM {$CFG->prefix}context ctx
- JOIN {$CFG->prefix}block_instance bi ON ctx.instanceid = bi.id
- JOIN {$CFG->prefix}context pctx ON bi.pageid=pctx.instanceid
+ $sql = "INSERT INTO {context}_temp (id, path, depth)
+ SELECT ctx.id, ".$DB->sql_concat('pctx.path', "'/'", 'ctx.id').", pctx.depth+1
+ FROM {context} ctx
+ JOIN {block_instance} bi ON ctx.instanceid = bi.id
+ JOIN {context} pctx ON bi.pageid=pctx.instanceid
WHERE ctx.contextlevel=".CONTEXT_BLOCK."
AND pctx.contextlevel=".CONTEXT_COURSE."
AND bi.pagetype='course-view'
AND NOT EXISTS (SELECT 'x'
- FROM {$CFG->prefix}context_temp temp
+ FROM {context}_temp temp
WHERE temp.id = ctx.id)
$ctxemptyclause";
- execute_sql($sql, $feedback);
+ $DB->execute($sql);
- execute_sql($updatesql, $feedback);
- execute_sql($udelsql, $feedback);
+ $DB->execute($updatesql);
+ $DB->execute($udelsql);
// Blocks - others
- $sql = "UPDATE {$CFG->prefix}context
- SET depth=2, path=".sql_concat("'$base/'", 'id')."
+ $sql = "UPDATE {context}
+ SET depth=2, path=".$DB->sql_concat("'$base/'", 'id')."
WHERE contextlevel=".CONTEXT_BLOCK."
AND EXISTS (SELECT 'x'
- FROM {$CFG->prefix}block_instance bi
- WHERE bi.id = {$CFG->prefix}context.instanceid
+ FROM {block_instance} bi
+ WHERE bi.id = {context}.instanceid
AND bi.pagetype!='course-view')
$emptyclause ";
- execute_sql($sql, $feedback);
+ $DB->execute($sql);
// User
- $sql = "UPDATE {$CFG->prefix}context
- SET depth=2, path=".sql_concat("'$base/'", 'id')."
+ $sql = "UPDATE {context}
+ SET depth=2, path=".$DB->sql_concat("'$base/'", 'id')."
WHERE contextlevel=".CONTEXT_USER."
AND EXISTS (SELECT 'x'
- FROM {$CFG->prefix}user u
- WHERE u.id = {$CFG->prefix}context.instanceid)
+ FROM {user} u
+ WHERE u.id = {context}.instanceid)
$emptyclause ";
- execute_sql($sql, $feedback);
-
- // Personal TODO
-
- //TODO: fix group contexts
+ $DB->execute($sql);
// reset static course cache - it might have incorrect cached data
global $context_cache, $context_cache_id;
/**
* Update the path field of the context and
* all the dependent subcontexts that follow
- * the move.
+ * the move.
*
* The most important thing here is to be as
* DB efficient as possible. This op can have a
*
*/
function context_moved($context, $newparent) {
- global $CFG;
+ global $DB;
$frompath = $context->path;
$newpath = $newparent->path . '/' . $context->id;
$setdepth = '';
if (($newparent->depth +1) != $context->depth) {
- $setdepth = ", depth= depth + ({$newparent->depth} - {$context->depth}) + 1";
+ $diff = $newparent->depth - $context->depth + 1;
+ $setdepth = ", depth = depth + $diff";
}
- $sql = "UPDATE {$CFG->prefix}context
- SET path='$newpath'
- $setdepth
- WHERE path='$frompath'";
- execute_sql($sql,false);
+ $sql = "UPDATE {context}
+ SET path = ?
+ $setdepth
+ WHERE path = ?";
+ $params = array($newpath, $frompath);
+ $DB->execute($sql, $params);
$len = strlen($frompath);
- $sql = "UPDATE {$CFG->prefix}context
- SET path = ".sql_concat("'$newpath'", 'SUBSTR(path, '.$len.' +1)')."
- $setdepth
- WHERE path LIKE '{$frompath}/%'";
- execute_sql($sql,false);
+ $sql = "UPDATE {context}
+ SET path = ".$DB->sql_concat("?", 'SUBSTR(path, '.$len.' +1)')."
+ $setdepth
+ WHERE path LIKE ?";
+ $params = array($newpath, "{$frompath}/%");
+ $DB->execute($sql, $params);
mark_context_dirty($frompath);
mark_context_dirty($newpath);
/**
* Turn the ctx* fields in an objectlike record
* into a context subobject. This allows
- * us to SELECT from major tables JOINing with
+ * us to SELECT from major tables JOINing with
* context at no cost, saving a ton of context
* lookups...
*/
}
/**
- *
+ *
* switch role order (used in admin/roles/manage.php)
*
* @param int $first id of role to move down
* @return bool success or failure
*/
function switch_roles($first, $second) {
+ global $DB;
+
$status = true;
//first find temorary sortorder number
- $tempsort = count_records('role') + 3;
- while (get_record('role','sortorder', $tempsort)) {
+ $tempsort = $DB->count_records('role') + 3;
+ while ($DB->get_record('role',array('sortorder'=>$tempsort))) {
$tempsort += 3;
}
$r1 = new object();
- $r1->id = $first->id;
+ $r1->id = $first->id;
$r1->sortorder = $tempsort;
$r2 = new object();
- $r2->id = $second->id;
+ $r2->id = $second->id;
$r2->sortorder = $first->sortorder;
- if (!update_record('role', $r1)) {
+ if (!$DB->update_record('role', $r1)) {
debugging("Can not update role with ID $r1->id!");
$status = false;
}
- if (!update_record('role', $r2)) {
+ if (!$DB->update_record('role', $r2)) {
debugging("Can not update role with ID $r2->id!");
$status = false;
}
$r1->sortorder = $second->sortorder;
- if (!update_record('role', $r1)) {
+ if (!$DB->update_record('role', $r1)) {
debugging("Can not update role with ID $r1->id!");
$status = false;
}
* @return void
*/
function role_cap_duplicate($sourcerole, $targetrole) {
- global $CFG;
+ global $DB;
+
$systemcontext = get_context_instance(CONTEXT_SYSTEM);
- $caps = get_records_sql("SELECT * FROM {$CFG->prefix}role_capabilities
- WHERE roleid = $sourcerole->id
- AND contextid = $systemcontext->id");
+ $caps = $DB->get_records_sql("SELECT *
+ FROM {role_capabilities}
+ WHERE roleid = ? AND contextid = ?",
+ array($grade_category->id, $systemcontext->id));
// adding capabilities
foreach ($caps as $cap) {
unset($cap->id);
$cap->roleid = $targetrole;
- insert_record('role_capabilities', $cap);
+ $DB->insert_record('role_capabilities', $cap);
}
-}?>
+}
+
+?>
\ No newline at end of file
projects / moodle.git / commitdiff