From: skodak Date: Sat, 27 Jan 2007 19:56:08 +0000 (+0000) Subject: MDL-8323 Add proper setup of course $CFG variables, fix use of global $COURSE X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=dcf6d93c9c767358137142168df4e1eb54090318;p=moodle.git MDL-8323 Add proper setup of course $CFG variables, fix use of global $COURSE new function course_setup() thats does proper $CFG-> , locale and themes setup much sooner than print_header() originally (needed for MDL-8067), cleanup of forgotten global $course issues MDL-8067 Fixed several $HTTPSREQUIRED issues - html editor now loads from https (the old hack did not wotk with IE7, new hack is uglier but works), fixed formlibs images (we can not set them in library global scope, we must wait for httpsrequired() and require_login() and od that in function), fixed links in meta.php, fixed help images fixed setting of new $USER values in user edit forms --- diff --git a/lib/editor/htmlarea/htmlarea.php b/lib/editor/htmlarea/htmlarea.php index be136994d9..d0f2247798 100644 --- a/lib/editor/htmlarea/htmlarea.php +++ b/lib/editor/htmlarea/htmlarea.php @@ -2,7 +2,8 @@ include("../../../config.php"); require_once($CFG->dirroot.'/lib/languages.php'); - $id = optional_param('id', 0, PARAM_INT); + $id = optional_param('id', 0, PARAM_INT); + $httpsrequired = optional_param('httpsrequired', 0, PARAM_BOOL);//flag indicating editor on page with required https $lastmodified = filemtime("htmlarea.php"); $lifetime = 1800; @@ -26,6 +27,14 @@ $lang = "en"; } + if ($httpsrequired) { + // this is an ugly hack to allow partial operation of editor on pages that require https when loginhttps enabled + // please note that some popups still show nonsecurre items and fullscreen may not function properly in IE + $url = preg_replace('|https?://[^/]+|', '', $CFG->wwwroot).'/lib/editor/htmlarea/'; + } else { + $url = $CFG->wwwroot.'/lib/editor/htmlarea/'; + } + $strheading = get_string("heading", "editor"); $strnormal = get_string("normal", "editor"); $straddress = get_string("address", "editor"); @@ -52,7 +61,7 @@ if (typeof _editor_url == "string") { _editor_url = _editor_url.replace(/\x2f*$/, '/'); } else { //alert("WARNING: _editor_url is not set! You should set this variable to the editor files path; it should preferably be an absolute path, like in '/htmlarea', but it can be relative if you prefer. Further we will try to load the editor files correctly but we'll probably fail."); - _editor_url = 'wwwroot); ?>/lib/editor/htmlarea/'; + _editor_url = '';// we need relative path to site root for editor in pages wit hrequired https } // make sure we have a language @@ -698,12 +707,7 @@ HTMLArea.prototype.generate = function () { // create the IFRAME var iframe = document.createElement("iframe"); - if (HTMLArea.is_ie) { // http://moodle.org/mod/forum/discuss.php?d=8555 - // tricky! set src to local url to turn off SSL security alert - iframe.src = _editor_url + this.config.popupURL+"blank.html"; - } else { - iframe.src = "about:blank"; - } + iframe.src = "about:blank"; iframe.className = "iframe"; diff --git a/lib/formslib.php b/lib/formslib.php index 0586ac3ac0..2b9051f2c2 100644 --- a/lib/formslib.php +++ b/lib/formslib.php @@ -31,9 +31,6 @@ require_once 'HTML/QuickForm/Renderer/Tableless.php'; require_once $CFG->libdir.'/uploadlib.php'; -define('FORM_ADVANCEDIMAGEURL', $CFG->pixpath.'/adv.gif'); -define('FORM_REQIMAGEURL', $CFG->pixpath.'/req.gif'); - /** * Callback called when PEAR throws an error * @@ -610,6 +607,8 @@ class MoodleQuickForm extends HTML_QuickForm_DHTMLRulesTableless { * @access public */ function MoodleQuickForm($formName, $method, $action, $target='', $attributes=null){ + global $CFG; + static $formcounter = 1; HTML_Common::HTML_Common($attributes); @@ -627,8 +626,8 @@ class MoodleQuickForm extends HTML_QuickForm_DHTMLRulesTableless { }else { $this->updateAttributes(array('class'=>'mform')); } - $this->_reqHTML = ''.get_string('requiredelement', 'form').''; - $this->_advancedHTML = ''.get_string('advancedelement', 'form').''; + $this->_reqHTML = ''.get_string('requiredelement', 'form').''; + $this->_advancedHTML = ''.get_string('advancedelement', 'form').''; $this->setRequiredNote(get_string('somefieldsrequired', 'form'). helpbutton('requiredelement', get_string('requiredelement', 'form'), 'moodle', true, false, '', true)); } diff --git a/lib/moodlelib.php b/lib/moodlelib.php index b2416c670b..f29fe60bfa 100644 --- a/lib/moodlelib.php +++ b/lib/moodlelib.php @@ -1547,6 +1547,58 @@ function confirm_sesskey($sesskey=NULL) { return ($USER->sesskey === $sesskey); } +/** + * Setup all global $CFG course variables, set locale and also + * @param mixed $courseorid id of the course or course object + */ +function course_setup($courseorid=0) { + global $COURSE, $HTTPSPAGEREQUIRED, $CFG; + +/// Redefine global $COURSE if needed + if (empty($courseorid)) { + // no change in global $COURSE - for backwards compatibiltiy + // if require_rogin() used after require_login($courseid); + } else if (is_object($courseorid)) { + $COURSE = clone($courseorid); + } else { + global $course; // used here only to prevent repeated fetching from DB - may be removed later + if ($course->id == $courseorid) { + $COURSE = clone($course); + } else { + if (!$COURSE = get_record('course', 'id', $courseorid)) { + error('Invalid course ID'); + } + } + } + +/// set locale - we should use $COURSE->lang directly in the future +/// $CFG->courselang is now used in cron and chat to override current language and locale + if ($COURSE->id == SITEID or empty($COURSE->lang)) { + unset($CFG->courselang); + } else { + $CFG->courselang = $COURSE->lang; + } + moodle_setlocale(); + +/// setup themes - $COURSE->theme should be used instead of $CFG->coursetheme soon + if ($COURSE->id == SITEID or empty($CFG->allowcoursethemes) or empty($COURSE->theme)) { + unset($CFG->coursetheme); + } else { + $CFG->coursetheme = $COURSE->theme; + } + theme_setup(); + +/// We have to change some URLs in styles if we are in a $HTTPSPAGEREQUIRED page +/// in case theme changed after call to httpsrequired(); + if (!empty($HTTPSPAGEREQUIRED)) { + $CFG->themewww = str_replace('http:', 'https:', $CFG->themewww); + $CFG->pixpath = str_replace('http:', 'https:', $CFG->pixpath); + $CFG->modpixpath = str_replace('http:', 'https:', $CFG->modpixpath); + foreach ($CFG->stylesheets as $key => $stylesheet) { + $CFG->stylesheets[$key] = str_replace('http:', 'https:', $stylesheet); + } + } +} /** * This function checks that the current user is logged in and has the @@ -1577,26 +1629,7 @@ function require_login($courseorid=0, $autologinguest=true, $cm=null) { global $CFG, $SESSION, $USER, $COURSE, $FULLME, $SITE; -/// Redefine global $COURSE if needed - if (empty($courseorid)) { - // keep previous value - usually $SITE - } else if (is_object($courseorid)) { - $COURSE = clone($courseorid); - } else { - global $course; // used here only to prevent repeated fetching from DB - if ($course->id == $courseorid) { - $COURSE = clone($course); - } else { - if (!$COURSE = get_record('course', 'id', $courseorid)) { - error('Invalid course ID'); - } - } - } - - if (!empty($COURSE->lang)) { - $CFG->courselang = $COURSE->lang; - moodle_setlocale(); - } + course_setup($courseorid); /// If the user is not even logged in yet then make sure they are if (! (isset($USER->loggedin) and $USER->confirmed and ($USER->site == $CFG->wwwroot)) ) { @@ -1605,8 +1638,7 @@ function require_login($courseorid=0, $autologinguest=true, $cm=null) { $SESSION->fromurl = $_SERVER['HTTP_REFERER']; } $USER = NULL; - if ($autologinguest && !empty($CFG->autologinguests) and - $COURSE->id and ($COURSE->id == SITEID or $COURSE->guest) ) { + if ($autologinguest and !empty($CFG->autologinguests) and ($COURSE->id == SITEID or $COURSE->guest) ) { $loginguest = '?loginguest=true'; } else { $loginguest = ''; @@ -3210,14 +3242,7 @@ function moodle_process_email($modargs,$body) { */ function email_to_user($user, $from, $subject, $messagetext, $messagehtml='', $attachment='', $attachname='', $usetrueaddress=true, $replyto='', $replytoname='') { - global $CFG, $FULLME, $COURSE; - - if (!empty($COURSE->lang)) { // Course language is defined - $CFG->courselang = $COURSE->lang; - } - if (!empty($COURSE->theme)) { // Course theme is defined - $CFG->coursetheme = $COURSE->theme; - } + global $CFG, $FULLME; include_once($CFG->libdir .'/phpmailer/class.phpmailer.php'); @@ -4140,13 +4165,6 @@ function get_string($identifier, $module='', $a=NULL, $extralocations=NULL) { global $CFG; - global $COURSE; - if (empty($CFG->courselang)) { - if (!empty($COURSE->lang)) { - $CFG->courselang = $COURSE->lang; - } - } - /// originally these special strings were stored in moodle.php now we are only in langconfig.php $langconfigstrs = array('alphabet', 'backupnameformat', 'firstdayofweek', 'locale', 'localewin', 'localewincharset', 'oldcharset', @@ -5856,6 +5874,14 @@ function httpsrequired() { $HTTPSPAGEREQUIRED = true; $CFG->httpswwwroot = str_replace('http:', 'https:', $CFG->wwwroot); $CFG->httpsthemewww = str_replace('http:', 'https:', $CFG->themewww); + + // change theme paths to pictures + $CFG->themewww = str_replace('http:', 'https:', $CFG->themewww); + $CFG->pixpath = str_replace('http:', 'https:', $CFG->pixpath); + $CFG->modpixpath = str_replace('http:', 'https:', $CFG->modpixpath); + foreach ($CFG->stylesheets as $key => $stylesheet) { + $CFG->stylesheets[$key] = str_replace('http:', 'https:', $stylesheet); + } } else { $CFG->httpswwwroot = $CFG->wwwroot; $CFG->httpsthemewww = $CFG->themewww; @@ -6517,6 +6543,8 @@ function check_dir_exists($dir, $create=false, $recursive=false) { function report_session_error() { global $CFG, $FULLME; + + theme_setup(); // Sets up theme global variables if (empty($CFG->lang)) { $CFG->lang = "en"; } diff --git a/lib/setup.php b/lib/setup.php index 43e294ce20..aa87eab233 100644 --- a/lib/setup.php +++ b/lib/setup.php @@ -540,8 +540,6 @@ global $HTTPSPAGEREQUIRED; $CFG->theme = 'standardwhite'; } - theme_setup(); // Sets up theme global variables - /// now do a session test to prevent random user switching - observed on some PHP/Apache combinations, /// disable checks when working in cookieless mode if (empty($CFG->usesid) || !empty($_COOKIE['MoodleSession'.$CFG->sessioncookie])) { @@ -577,8 +575,8 @@ global $HTTPSPAGEREQUIRED; } } - // set default locale - might be changed again later in require_login() - moodle_setlocale(); + // set default locale and themes - might be changed again later from require_login() + course_setup(); if (!empty($CFG->opentogoogle)) { if (empty($USER->id)) { // Ignore anyone logged in diff --git a/lib/weblib.php b/lib/weblib.php index 4a25077900..59de6d1cc4 100644 --- a/lib/weblib.php +++ b/lib/weblib.php @@ -1163,7 +1163,7 @@ function format_text_menu() { */ function format_text($text, $format=FORMAT_MOODLE, $options=NULL, $courseid=NULL) { - global $CFG, $course; + global $CFG, $COURSE; if ($text === '') { return ''; // no need to do any filters and cleaning @@ -1193,9 +1193,7 @@ function format_text($text, $format=FORMAT_MOODLE, $options=NULL, $courseid=NULL } if (empty($courseid)) { - if (!empty($course->id)) { // An ugly hack for better compatibility - $courseid = $course->id; - } + $courseid = $COURSE->id; } if (!empty($CFG->cachetext) and empty($options->nocache)) { @@ -1356,9 +1354,7 @@ function format_string ($string, $striplinks = false, $courseid=NULL ) { } if (empty($courseid)) { - if (!empty($COURSE->id)) { // An ugly hack for better compatibility - $courseid = $COURSE->id; // (copied from format_text) - } + $courseid = $COURSE->id; // (copied from format_text) } if (!empty($CFG->filterall)) { @@ -1432,7 +1428,11 @@ function format_text_email($text, $format) { * @todo Finish documenting this function */ function filter_text($text, $courseid=NULL) { - global $CFG; + global $CFG, $COURSE; + + if (empty($courseid)) { + $courseid = $COURSE->id; // (copied from format_text) + } require_once($CFG->libdir.'/filterlib.php'); if (!empty($CFG->textfilters)) { @@ -1942,7 +1942,7 @@ function print_header ($title='', $heading='', $navigation='', $focus='', $meta='', $cache=true, $button=' ', $menu='', $usexml=false, $bodytags='', $return=false) { - global $USER, $CFG, $THEME, $SESSION, $ME, $SITE, $HTTPSPAGEREQUIRED; + global $USER, $CFG, $THEME, $SESSION, $ME, $SITE, $COURSE; /// This makes sure that the header is never repeated twice on a page if (defined('HEADER_PRINTED')) { @@ -1952,28 +1952,6 @@ function print_header ($title='', $heading='', $navigation='', $focus='', define('HEADER_PRINTED', 'true'); - global $COURSE; - if (!empty($COURSE->lang)) { - $CFG->courselang = $COURSE->lang; - moodle_setlocale(); - } - if (!empty($COURSE->theme)) { - if (!empty($CFG->allowcoursethemes)) { - $CFG->coursetheme = $COURSE->theme; - theme_setup(); - } - } - -/// We have to change some URLs in styles if we are in a $HTTPSPAGEREQUIRED page - if (!empty($HTTPSPAGEREQUIRED)) { - $CFG->themewww = str_replace('http:', 'https:', $CFG->themewww); - $CFG->pixpath = str_replace('http:', 'https:', $CFG->pixpath); - $CFG->modpixpath = str_replace('http:', 'https:', $CFG->modpixpath); - foreach ($CFG->stylesheets as $key => $stylesheet) { - $CFG->stylesheets[$key] = str_replace('http:', 'https:', $stylesheet); - } - } - /// Add the required stylesheets $stylesheetshtml = ''; foreach ($CFG->stylesheets as $stylesheet) { @@ -2277,7 +2255,7 @@ function print_header_simple($title='', $heading='', $navigation='', $focus='', * @todo Finish documenting this function */ function print_footer($course=NULL, $usercourse=NULL, $return=false) { - global $USER, $CFG, $THEME; + global $USER, $CFG, $THEME, $COURSE; /// Course links if ($course) { @@ -2360,7 +2338,7 @@ function print_footer($course=NULL, $usercourse=NULL, $return=false) { * @return string */ function current_theme() { - global $CFG, $USER, $SESSION, $course; + global $CFG, $USER, $SESSION; if (!empty($CFG->pagetheme)) { // Page theme is for special page-only themes set by code return $CFG->pagetheme; @@ -3603,8 +3581,8 @@ function print_textarea($usehtmleditor, $rows, $cols, $width, $height, $name, $v /// $width and height are legacy fields and no longer used as pixels like they used to be. /// However, you can set them to zero to override the mincols and minrows values below. - global $CFG, $course; - static $scriptcount; // For loading the htmlarea script only once. + global $CFG, $COURSE, $HTTPSPAGEREQUIRED; + static $scriptcount = 0; // For loading the htmlarea script only once. $mincols = 65; $minrows = 10; @@ -3616,26 +3594,23 @@ function print_textarea($usehtmleditor, $rows, $cols, $width, $height, $name, $v if ( empty($CFG->editorsrc) ) { // for backward compatibility. if (empty($courseid)) { - if (!empty($course->id)) { // search for it in global context - $courseid = $course->id; - } - } - - if (empty($scriptcount)) { - $scriptcount = 0; + $courseid = $COURSE->id; } if ($usehtmleditor) { if (!empty($courseid) and has_capability('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $courseid))) { + $httpsrequired = empty($HTTPSPAGEREQUIRED) ? '' : '&httpsrequired=1'; // needed for course file area browsing in image insert plugin $str .= ($scriptcount < 1) ? ''."\n" : ''; + $CFG->httpswwwroot .'/lib/editor/htmlarea/htmlarea.php?id='.$courseid.$httpsrequired.'">'."\n" : ''; } else { + $httpsrequired = empty($HTTPSPAGEREQUIRED) ? '' : '?httpsrequired=1'; $str .= ($scriptcount < 1) ? ''."\n" : ''; + $CFG->httpswwwroot .'/lib/editor/htmlarea/htmlarea.php'.$httpsrequired.'">'."\n" : ''; + } $str .= ($scriptcount < 1) ? ''."\n" : ''; + $CFG->httpswwwroot .'/lib/editor/htmlarea/lang/en.php">'."\n" : ''; $scriptcount++; if ($height) { // Usually with legacy calls @@ -4737,7 +4712,7 @@ function emoticonhelpbutton($form, $field, $return = false) { function editorshortcutshelpbutton() { global $CFG; - $imagetext = ''. + $imagetext = '<img src=httpswwwroot . '/lib/editor/htmlarea/images/kbhelp.gif" alt="'. get_string('editorshortcutkeys').'" class="iconkbhelp" />'; return helpbutton('editorshortcuts', get_string('editorshortcutkeys'), 'moodle', true, false, '', true, $imagetext); @@ -5537,7 +5512,7 @@ function page_doc_link($text='', $iconpath='') { $str = ''; if (empty($iconpath)) { - $iconpath = $CFG->wwwroot . '/pix/docs.gif'; + $iconpath = $CFG->httpswwwroot . '/pix/docs.gif'; } // alt left blank intentionally to prevent repetition in screenreaders diff --git a/login/change_password.php b/login/change_password.php index 21340181d2..0840ef3e6d 100644 --- a/login/change_password.php +++ b/login/change_password.php @@ -5,11 +5,11 @@ $id = optional_param('id', SITEID, PARAM_INT); - $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID); - //HTTPS is potentially required in this page httpsrequired(); + $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID); + if (!$course = get_record('course', 'id', $id)) { error('No such course!'); } diff --git a/mod/forum/post.php b/mod/forum/post.php index 88c959fae5..6e53f6da34 100644 --- a/mod/forum/post.php +++ b/mod/forum/post.php @@ -238,20 +238,18 @@ } if (!$cm = get_coursemodule_from_instance("forum", $forum->id, $forum->course)) { error('Could not get the course module for the forum instance.'); - } else { - $modcontext = get_context_instance(CONTEXT_MODULE, $cm->id); } + if (!$course = get_record('course', 'id', $forum->course)) { + error('Incorrect course'); + } + + require_login($course, false, $cm); + $modcontext = get_context_instance(CONTEXT_MODULE, $cm->id); + if ( !(($post->userid == $USER->id && has_capability('mod/forum:deleteownpost', $modcontext)) || has_capability('mod/forum:deleteanypost', $modcontext)) ) { error("You can't delete this post!"); } - if (!empty($forum->course)) { - if ($course = get_record('course', 'id', $forum->course)) { - if (!empty($course->lang)) { - $CFG->courselang = $course->lang; - } - } - } $replycount = forum_count_replies($post); @@ -439,9 +437,7 @@ if ($fromform = $mform_post->get_data()) { - if (!empty($course->lang)) { // Override current language - $CFG->courselang = $course->lang; - } + require_login($course, false, $cm); if (empty($SESSION->fromurl)) { $errordestination = "$CFG->wwwroot/mod/forum/view.php?f=$forum->id"; diff --git a/mod/resource/type/file/resource.class.php b/mod/resource/type/file/resource.class.php index 89f9039268..2cba138013 100644 --- a/mod/resource/type/file/resource.class.php +++ b/mod/resource/type/file/resource.class.php @@ -27,10 +27,6 @@ var $maxparameters = 5; function set_parameters() { global $USER, $CFG; - if (! empty($this->course->lang)) { - $CFG->courselang = $this->course->lang; - } - $site = get_site(); diff --git a/mod/resource/type/repository/resource.class.php b/mod/resource/type/repository/resource.class.php index 7d3da0ac83..e095469378 100644 --- a/mod/resource/type/repository/resource.class.php +++ b/mod/resource/type/repository/resource.class.php @@ -27,10 +27,6 @@ var $maxparameters = 5; function set_parameters() { global $USER, $CFG; - if (! empty($this->course->lang)) { - $CFG->courselang = $this->course->lang; - } - if (empty($USER->id)) { // No need to set up parameters $this->parameters = array(); return; diff --git a/theme/standard/meta.php b/theme/standard/meta.php index 8f7e04395f..ba50b86ad4 100644 --- a/theme/standard/meta.php +++ b/theme/standard/meta.php @@ -1,6 +1,6 @@ diff --git a/user/edit.php b/user/edit.php index 4407b3f938..81adcbb434 100644 --- a/user/edit.php +++ b/user/edit.php @@ -6,6 +6,8 @@ require_once($CFG->dirroot.'/user/editlib.php'); require_once($CFG->dirroot.'/user/profile/lib.php'); + httpsrequired(); + $course = optional_param('course', SITEID, PARAM_INT); // course id (defaults to Site) if (!$course = get_record('course', 'id', $course)) { @@ -13,7 +15,6 @@ } require_login($course->id); - httpsrequired(); if (isguest()) { //TODO: add proper capability to edit own profile and change password too print_error('guestnoeditprofile'); @@ -77,7 +78,7 @@ profile_save_data($usernew); // Override old $USER session variable - $usernew = (array)get_record('user', 'id', $newuser->id); // reload from db + $usernew = (array)get_record('user', 'id', $usernew->id); // reload from db foreach ($usernew as $variable => $value) { $USER->$variable = $value; } diff --git a/user/editadvanced.php b/user/editadvanced.php index 5a2c1b5564..f159a31784 100644 --- a/user/editadvanced.php +++ b/user/editadvanced.php @@ -7,6 +7,8 @@ require_once($CFG->dirroot.'/user/editlib.php'); require_once($CFG->dirroot.'/user/profile/lib.php'); + httpsrequired(); + $id = optional_param('id', $USER->id, PARAM_INT); // user id; -1 if creating new user $course = optional_param('course', SITEID, PARAM_INT); // course id (defaults to Site) @@ -14,7 +16,6 @@ error('Course ID was incorrect'); } require_login($course->id); - httpsrequired(); // HTTPS is potentially required in this page because there are passwords if ($id == -1) { // creating new user @@ -126,7 +127,7 @@ if ($user->id == $USER->id) { // Override old $USER session variable - $usernew = (array)get_record('user', 'id', $newuser->id); // reload from db + $usernew = (array)get_record('user', 'id', $usernew->id); // reload from db foreach ($usernew as $variable => $value) { $USER->$variable = $value; }