class grade_export_form extends moodleform {
function definition (){
- global $CFG;
- include_once($CFG->libdir.'/pear/HTML/QuickForm/advcheckbox.php');
+ global $CFG, $COURSE, $USER;
+
$mform =& $this->_form;
if (isset($this->_customdata['plugin'])) {
$plugin = $this->_customdata['plugin'];
$mform->setDefault('export_letters', 0);
$mform->setHelpButton('export_letters', array(false, get_string('exportletters', 'grades'), false, true, false, get_string("exportlettershelp", 'grades')));
- $mform->addElement('advcheckbox', 'publish', get_string('publish', 'grades'));
- $mform->setDefault('publish', 0);
- $mform->setHelpButton('publish', array(false, get_string('publish', 'grades'), false, true, false, get_string("publishhelp", 'grades')));
-
- $mform->addElement('textarea', 'iplist', get_string('iplist', 'grades'), array('cols' => 40, 'rows' => 5));
- $mform->setHelpButton('iplist', array(false, get_string('iplist', 'grades'), false, true, false, get_string("iplisthelp", 'grades')));
-
- $mform->addElement('password', 'password', get_string('password'));
- $mform->setHelpButton('password', array(false, get_string('password', 'grades'), false, true, false, get_string("passwordhelp", 'grades')));
+ $mform->addElement('header', 'publishing', get_string('publishing', 'grades'));
+ $options = array('no');
+ if ($keys = get_records_select('user_private_key', "script='grade/export' AND instance={$COURSE->id} AND userid={$USER->id}")) {
+ foreach ($keys as $key) {
+ $options[$key->value] = $key->value; // TODO: add ip, date, etc.??
+ }
+ }
+ $mform->addElement('select', 'key', get_string('userkey', 'grades'), $options);
+ $mform->addElement('static', 'justalink', get_string('key_manager'), '<a href="hmm_create_me">some link to key manager</a>');
$mform->addElement('header', 'general', get_string('gradeitemsinc', 'grades')); // TODO: localize
--- /dev/null
+<?php //$Id$
+
+$nomoodlecookie = true; // session not used here
+require '../../../config.php';
+
+$id = required_param('id', PARAM_INT); // course id
+
+require_user_key_login('grade/export', $id); // we want different keys for each course
+
+// use the same page parameters as export.php and append &key=sdhakjsahdksahdkjsahksadjksahdkjsadhksa
+require 'export.php';
+
+?>
\ No newline at end of file
// print the grades on screen for feedbacks
- $export = new grade_export($id, $data->itemids, $data->export_letters, $data->publish);
-
- if ($data->publish) {
- // Record an entry in the 'published' table: people can now access this data by URL
- }
+ $export = new grade_export($id, $data->itemids, $data->export_letters, !empty($data->key));
$export->display_grades($feedback, $data->previewrows);
// this redirect should trigger a download prompt
- redirect('export.php?id='.$id.'&itemids='.$itemidsurl.'&export_letters='.$data->export_letters);
+ if (empty($data->key)) {
+ print_continue('export.php?id='.$id.'&itemids='.$itemidsurl.'&export_letters='.$data->export_letters);
+
+ } else {
+ $link = $CFG->wwwroot.'/grade/export/xml/dump.php?id='.$id.'&itemids='.$itemidsurl.'&export_letters='.$data->export_letters.'&key='.$data->key;
+ echo "<a href=\"$link\">$link</a>";
+ }
exit;
}
<KEY NAME="userid" TYPE="foreign" FIELDS="userid" REFTABLE="user" REFFIELDS="id" PREVIOUS="groupid"/>
</KEYS>
</TABLE>
- <TABLE NAME="groupings_groups" COMMENT="Link a grouping to a group (note, groups can be in multiple groupings ONLY in a course). WAS: groups_groupings_groups" PREVIOUS="groups_members">
+ <TABLE NAME="groupings_groups" COMMENT="Link a grouping to a group (note, groups can be in multiple groupings ONLY in a course). WAS: groups_groupings_groups" PREVIOUS="groups_members" NEXT="user_private_key">
<FIELDS>
<FIELD NAME="id" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="false" SEQUENCE="true" ENUM="false" COMMENT="id of the table, please edit me" NEXT="groupingid"/>
<FIELD NAME="groupingid" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" DEFAULT="0" SEQUENCE="false" ENUM="false" PREVIOUS="id" NEXT="groupid"/>
<KEY NAME="groupid" TYPE="foreign" FIELDS="groupid" REFTABLE="groups" REFFIELDS="id" PREVIOUS="groupingid"/>
</KEYS>
</TABLE>
+ <TABLE NAME="user_private_key" COMMENT="access keys used in cookieless scripts - rss, etc." PREVIOUS="groupings_groups">
+ <FIELDS>
+ <FIELD NAME="id" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" SEQUENCE="true" ENUM="false" COMMENT="id of the table, please edit me" NEXT="script"/>
+ <FIELD NAME="script" TYPE="char" LENGTH="128" NOTNULL="true" SEQUENCE="false" ENUM="false" COMMENT="plugin, module - unique identifier" PREVIOUS="id" NEXT="value"/>
+ <FIELD NAME="value" TYPE="char" LENGTH="128" NOTNULL="true" SEQUENCE="false" ENUM="false" COMMENT="private access key value" PREVIOUS="script" NEXT="userid"/>
+ <FIELD NAME="userid" TYPE="int" LENGTH="10" NOTNULL="true" UNSIGNED="true" SEQUENCE="false" ENUM="false" COMMENT="owner" PREVIOUS="value" NEXT="instance"/>
+ <FIELD NAME="instance" TYPE="int" LENGTH="10" NOTNULL="false" UNSIGNED="true" SEQUENCE="false" ENUM="false" COMMENT="optional instance id" PREVIOUS="userid" NEXT="iprestriction"/>
+ <FIELD NAME="iprestriction" TYPE="char" LENGTH="255" NOTNULL="false" SEQUENCE="false" ENUM="false" COMMENT="ip restriction" PREVIOUS="instance" NEXT="validuntil"/>
+ <FIELD NAME="validuntil" TYPE="int" LENGTH="10" NOTNULL="false" UNSIGNED="true" SEQUENCE="false" ENUM="false" COMMENT="timestampt - valid until data" PREVIOUS="iprestriction" NEXT="timecreated"/>
+ <FIELD NAME="timecreated" TYPE="int" LENGTH="10" NOTNULL="false" UNSIGNED="true" SEQUENCE="false" ENUM="false" COMMENT="created timestamp" PREVIOUS="validuntil"/>
+ </FIELDS>
+ <KEYS>
+ <KEY NAME="primary" TYPE="primary" FIELDS="id" COMMENT="primary key of the table, please edit me" NEXT="userid"/>
+ <KEY NAME="userid" TYPE="foreign" FIELDS="userid" REFTABLE="user" REFFIELDS="id" COMMENT="id from user table" PREVIOUS="primary"/>
+ </KEYS>
+ <INDEXES>
+ <INDEX NAME="script-value" UNIQUE="false" FIELDS="script, value" COMMENT="index used for key validation"/>
+ </INDEXES>
+ </TABLE>
</TABLES>
<STATEMENTS>
<STATEMENT NAME="insert mnet_application" TYPE="insert" TABLE="mnet_application" COMMENT="Initial insert of records on table mnet_application" NEXT="insert log_display">
$result = $result && add_key($table, $key);
}
-
+
+
+ if ($result && $oldversion < 2007082801) {
+
+ /// Define table user_private_key to be created
+ $table = new XMLDBTable('user_private_key');
+
+ /// Adding fields to table user_private_key
+ $table->addFieldInfo('id', XMLDB_TYPE_INTEGER, '10', XMLDB_UNSIGNED, XMLDB_NOTNULL, XMLDB_SEQUENCE, null, null, null);
+ $table->addFieldInfo('script', XMLDB_TYPE_CHAR, '128', null, XMLDB_NOTNULL, null, null, null, null);
+ $table->addFieldInfo('value', XMLDB_TYPE_CHAR, '128', null, XMLDB_NOTNULL, null, null, null, null);
+ $table->addFieldInfo('userid', XMLDB_TYPE_INTEGER, '10', XMLDB_UNSIGNED, XMLDB_NOTNULL, null, null, null, null);
+ $table->addFieldInfo('instance', XMLDB_TYPE_INTEGER, '10', XMLDB_UNSIGNED, null, null, null, null, null);
+ $table->addFieldInfo('iprestriction', XMLDB_TYPE_CHAR, '255', null, null, null, null, null, null);
+ $table->addFieldInfo('validuntil', XMLDB_TYPE_INTEGER, '10', XMLDB_UNSIGNED, null, null, null, null, null);
+ $table->addFieldInfo('timecreated', XMLDB_TYPE_INTEGER, '10', XMLDB_UNSIGNED, null, null, null, null, null);
+
+ /// Adding keys to table user_private_key
+ $table->addKeyInfo('primary', XMLDB_KEY_PRIMARY, array('id'));
+ $table->addKeyInfo('userid', XMLDB_KEY_FOREIGN, array('userid'), 'user', array('id'));
+
+ /// Adding indexes to table user_private_key
+ $table->addIndexInfo('script-value', XMLDB_INDEX_NOTUNIQUE, array('script', 'value'));
+
+ /// Launch create table for user_private_key
+ $result = $result && create_table($table);
+ }
+
return $result;
}
}
}
+/**
+ * Require key login. Function terminates with error if key not found or incorrect.
+ * @param string $script unique script identifier
+ * @param int $instance optional instance id
+ */
+function require_user_key_login($script, $instance=null) {
+ global $nomoodlecookie, $USER, $SESSION;
+
+ if (empty($nomoodlecookie)) {
+ error('Incorrect use of require_key_login() - session cookies must be disabled!');
+ }
+
+/// extra safety
+ @session_write_close();
+
+ $keyvalue = required_param('key', PARAM_ALPHANUM);
+
+ if (!$key = get_record('user_private_key', 'script', $script, 'value', $keyvalue, 'instance', $instance)) {
+ error('Incorrect key');
+ }
+
+ if (!empty($key->validuntil) and $key->validuntil < time()) {
+ error('Expired key');
+ }
+
+ if (false) { // TODO
+ error('Client IP mismatch');
+ }
+
+ if (!$user = get_record('user', 'id', $key->userid)) {
+ error('Incorrect user record');
+ }
+
+/// emulate normal session
+ $SESSION = new object();
+ $USER = $user;
+
+/// return isntance id - it might be empty
+ return $key->instance;
+}
+
+/**
+ * Creates a new private user access key.
+ * @param string $script unique target identifier
+ * @param int $userid
+ * @param instance $int optional instance id
+ * @param string $iprestriction optional ip restricted access
+ * @param timestamp $validuntil key valid only until given data
+ * @return string access key value
+ */
+function create_user_key($script, $userid, $instance=null, $iprestriction=null, $validuntil=null) {
+ $key = new object();
+ $key->script = $script;
+ $key->userid = $userid;
+ $key->instance = $instance;
+ $key->iprestriction = $iprestriction;
+ $key->validuntil = $validuntil;
+ $key->timecreated = time();
+
+ $key->value = md5($userid.'_'.time().random_string(40)); // something long and unique
+ while (record_exists('user_private_key', 'value', $key->value)) {
+ // must be unique
+ $key->value = md5($userid.'_'.time().random_string(40));
+ }
+
+ if (!insert_record('user_private_key', $key)) {
+ error('Can not insert new key');
+ }
+
+ return $key->value;
+}
+
/**
* Modify the user table by setting the currently logged in user's
* last login to now.
// This is compared against the values stored in the database to determine
// whether upgrades should be performed (see lib/db/*.php)
- $version = 2007082800; // YYYYMMDD = date
+ $version = 2007082801; // YYYYMMDD = date
// XY = increments within a single day
$release = '1.9 Beta +'; // Human-friendly version name
projects / moodle.git / commitdiff