From 9154b440009fae309cddd1a26853689ec4f70ef0 Mon Sep 17 00:00:00 2001 From: toyomoyo Date: Mon, 13 Mar 2006 06:05:44 +0000 Subject: [PATCH] some cleaning, not very clean yet --- blog/class.BlogEntry.php | 77 +++------------------------------------ blog/edit.html | 33 +---------------- blog/edit.php | 32 ++++++---------- blog/header.php | 49 +++++++++---------------- blog/index.php | 29 ++++++++------- blog/lib.php | 13 +++++-- blog/preferences.html | 14 ------- blog/preferences.php | 23 ++---------- blog/set_session_vars.php | 24 ++++++------ blog/tags.html | 24 +++++++----- blog/tags.php | 18 ++++++++- 11 files changed, 108 insertions(+), 228 deletions(-) diff --git a/blog/class.BlogEntry.php b/blog/class.BlogEntry.php index 0322385ff7..133a070302 100755 --- a/blog/class.BlogEntry.php +++ b/blog/class.BlogEntry.php @@ -170,71 +170,6 @@ class BlogEntry { } return true; } - - /** - * get_formatted_karma_link - * - * @return string If allowed a link to set karma for this entry will be returned - * @uses $USER - * @uses $CFG - */ - function get_formatted_karma_link() { - global $USER, $CFG; - $str = ''; - if (!empty($CFG->blog_ratename)) { - $str .= $CFG->blog_ratename .': '; - } - $str .= $this->entryKarma; - if ( !isguest() && blog_isLoggedIn()) { - $str .= ' ( + / - )'; - } - return $str; - } - - /** - * get_formatted_category_link - * - * @return string unordered list of categories this entry is associated with - * @uses $CFG - */ - function get_formatted_category_link() { - global $CFG; - $returnstring = ''; - - if (!empty($this->entryCategoryIds)) { - $count = count($this->entryCategoryIds); - foreach ($this->entryCategoryIds as $categoryid) { - $returnstring .= ''. $this->entryCategories[$categoryid] .''; - $count--; - if ($count != 0) { - $returnstring .= ', '; - } - $returnstring .= "\n"; - } - } - - return $returnstring.'' . "\n"; - } - - - /** - * get_formatted_course_link - * - * @return string Returns and unordered list of courses that this entry is associated with - * @uses $CFG - */ - function get_formatted_course_link() { - global $CFG; - $returnstring = ''; - $courseid = $this->entryCourseId; - if ( !empty($courseid) && !($courseid == 0 || $courseid == '' || ! is_numeric($courseid) )) { - if ($course = get_record('course', 'id', $courseid, '', '', '', '', 'fullname')) { - $returnstring .= ''. $course->fullname .'' . "\n"; - } - } - - return $returnstring.'' . "\n"; - } /** * get_formatted_entry_link @@ -263,7 +198,7 @@ class BlogEntry { return $str; } - + /** * get_blog_this_URL added by Daryl Hawes for moodle integration * @@ -284,12 +219,12 @@ class BlogEntry { } else { $blogThisString = get_string('blogthis', 'blog'); } - if (!$showImage) { - $str .= '('; + if (!$showImage) { + $str .= '('; } $str .= ''. $blogThisString .''; - if (!$showImage) { - $str .= ')'; + if (!$showImage) { + $str .= ')'; } } return $str; @@ -404,7 +339,7 @@ class BlogEntry { } return stripslashes_safe($this->entryBody); } - + /** * get_unformatted_entry_body * getter for ->entryBody diff --git a/blog/edit.html b/blog/edit.html index aaee0c7b67..09f2c34790 100755 --- a/blog/edit.html +++ b/blog/edit.html @@ -6,7 +6,7 @@ } // find all the tags this post uses - if (isset($post->id)) { + if (isset($post->postid)) { if ($tagsused = get_records('blog_tag_instance', 'entryid', $post->postid)) { foreach ($tagsused as $usedtag) { $usedtags[] = $usedtag -> tagid; @@ -16,11 +16,10 @@ ?> -
enctype="multipart/form-data"> - + @@ -78,7 +77,6 @@ - '; - print_string('sendpingback', 'blog'); - helpbutton('pingback', get_string('helppingback', 'blog'), 'blog'); - print '
'; - } - - if ($CFG->blog_enable_trackback_out) { - print ''; - print_string('sendtrackback', 'blog'); - helpbutton('trackback', get_string('helptrackback', 'blog'), 'blog'); - print '
'; - } - - print ''; - } - ?> diff --git a/blog/edit.php b/blog/edit.php index f3e9a268b9..94c4e0c16b 100755 --- a/blog/edit.php +++ b/blog/edit.php @@ -16,10 +16,8 @@ if (isguest()) { error(get_string('noguestpost', 'forum'), $referrer); } -optional_variable($userid, 0); -optional_variable($editid, ''); -optional_variable($sendpingbacks, 0); -optional_variable($sendtrackbacks, 0); +$userid = optional_param('userid', 0); +$editid = optional_param('editid', ''); global $USER, $CFG; @@ -41,14 +39,6 @@ $pageNavigation = 'edit'; include($CFG->dirroot .'/blog/header.php'); -if (!empty($course)) { - $courseid = $course->id; -} else if (!isadmin() && $CFG->blog_enable_moderation) { - // the user is not an admin, blog moderation is on and there is no course association - //Daryl Hawes note: possible bug here if editing a personal post that existed before blog moderation was enabled for the site. - error('Blog moderation is enabled. Your entries must be associated with a course.'); -} - //print_object($PAGE->bloginfo); //debug //check if user is in blog's acl @@ -79,9 +69,9 @@ if ($usehtmleditor = can_use_richtext_editor()) { $onsubmit = ''; } -if ($post = data_submitted( get_referer() ) ) { +if (($post = data_submitted( get_referer() )) && confirm_sesskey()) { if (!empty($post->editform)) { //make sure we're processing the edit form here - //print_object($post); //debug + print_object($post); //debug ///these varaibles needs to be changed because of the javascript hack ///post->courseid @@ -95,9 +85,9 @@ if ($post = data_submitted( get_referer() ) ) { $post->error = get_string('emptymessage', 'forum'); } if ($post->act == 'save') { - do_save($post, $PAGE->bloginfo, $sendpingbacks, $sendtrackbacks); + do_save($post, $PAGE->bloginfo); } else if ($post->act == 'update') { - do_update($post, $PAGE->bloginfo, $sendpingbacks, $sendtrackbacks); + do_update($post, $PAGE->bloginfo); } else if ($post->act == 'del') { require_variable($postid); do_delete($PAGE->bloginfo, $postid); @@ -141,7 +131,9 @@ if ($editid != '') { // User is editing a post } if (isset($post->postid) && ($post->postid != -1) ) { - $formHeading = get_string('updateentrywithid', 'blog', $post->postid); + + $formHeading = get_string('updateentrywithid', 'blog'); + } else { $formHeading = get_string('addnewentry', 'blog'); } @@ -202,7 +194,7 @@ function do_delete(&$bloginfo_arg, $postid) { * @param object $post argument is a reference to the post object which is used to store information for the form * @param object $bloginfo_arg argument is reference to a blogInfo object. */ -function do_save(&$post, &$bloginfo_arg, $sendpingbacks, $sendtrackbacks) { +function do_save(&$post, &$bloginfo_arg) { global $USER, $CFG; // echo 'Debug: Post object in do_save function of edit.php
'; //debug // print_object($post); //debug @@ -265,7 +257,7 @@ function do_save(&$post, &$bloginfo_arg, $sendpingbacks, $sendtrackbacks) { add_to_log($site->id, 'blog', 'add', 'archive.php?userid='. $bloginfo_arg->userid .'&postid='. $entryID, 'created new blog entry with entry id# '. $entryID); } //to debug this save function comment out the following redirect code - if ($courseid == 1 || $courseid == 0 || $courseid == '') { + if ($courseid == SITEID || $courseid == 0 || $courseid == '') { redirect($CFG->wwwroot .'/blog/index.php?userid='. $bloginfo_arg->userid); } else { redirect($CFG->wwwroot .'/course/view.php?id='. $courseid); @@ -278,7 +270,7 @@ function do_save(&$post, &$bloginfo_arg, $sendpingbacks, $sendtrackbacks) { * @param . $bloginfo_arg argument is reference to a blogInfo object. * @todo complete documenting this function. enable trackback and pingback between entries on the same server */ -function do_update(&$post, &$bloginfo, $sendpingbacks, $sendtrackbacks) { +function do_update(&$post, &$bloginfo) { global $CFG, $USER; diff --git a/blog/header.php b/blog/header.php index ffadacc182..6afb2492d4 100755 --- a/blog/header.php +++ b/blog/header.php @@ -8,26 +8,22 @@ require_once($CFG->dirroot .'/blog/blogpage.php'); require_once($CFG->libdir .'/blocklib.php'); require_once($CFG->dirroot .'/course/lib.php'); -optional_param('blockaction'); -optional_param('instanceid', 0, PARAM_INT); -optional_param('blockid', 0, PARAM_INT); -optional_param('groupid', 0, PARAM_INT); -optional_param('userid', 0, PARAM_INT); - -optional_variable($categoryid, ''); -optional_variable($groupid, ''); -optional_variable($pageTitle, ''); -optional_variable($pageHeading, ''/*$site->fullname*/); -optional_variable($pageFocus, ''); -optional_variable($pageMeta, ''); -optional_variable($pageNavigation, ''); +$blockaction = optional_param('blockaction'); +$instanceid = optional_param('instanceid', 0, PARAM_INT); +$blockid = optional_param('blockid', 0, PARAM_INT); +$groupid = optional_param('groupid', 0, PARAM_INT); +$userid = optional_param('userid', 0, PARAM_INT); + +$pageTitle = optional_param('pageTitle'); +$pageHeading = optional_param('pageHeading'/*$site->fullname*/); +$pageFocus = optional_param('pageFocus'); +$pageMeta = optional_param('pageMeta'); +$pageNavigation = optional_param('pageNavigation'); if (!isset($courseid)) { $courseid = optional_param('courseid', SITEID, PARAM_INT); } -//header('X-Pingback: '. $CFG->wwwroot .'/blog/api.php'."\n"); - if (!$site = get_site()) { redirect($CFG->wwwroot.'/index.php'); } @@ -44,14 +40,6 @@ if ($courseid != SITEID) { require_login($course->id); } -// ensure that if a group is specified that the user is in fact a member of that group -/* -if ($groupid) { - if (!ismember($groupid) && !isteacher($course->id)) { - error('You are not a member of the specified group. Group with id#('. $groupid .')'); - } -}*/ - // Bounds for block widths within this page define('BLOCK_L_MIN_WIDTH', 160); define('BLOCK_L_MAX_WIDTH', 210); @@ -86,6 +74,11 @@ if (!isset($filtertype)) { $filterselect = $USER->id; } +/// navigations +/// site blogs - sitefullname -> blogs -> (?tag) +/// course blogs - sitefullname -> course fullname ->blogs ->(?tag) +/// group blogs - sitefullname -> course fullname ->group ->(?tag) +/// user blogs - sitefullname -> (?coursefullname) -> participants -> blogs -> (?tag) $blogstring = get_string('blogs','blog'); $tagstring = get_string('tag','blog'); @@ -178,20 +171,14 @@ switch ($filtertype) { break; } - -/// site blogs - sitefullname -> blogs -> (?tag) -/// course blogs - sitefullname -> course fullname ->blogs ->(?tag) -/// group blogs - sitefullname -> course fullname ->group ->(?tag) -/// user blogs - sitefullname -> (?coursefullname) -> participants -> blogs -> (?tag) - $editing = false; if ($PAGE->user_allowed_editing()) { $editing = $PAGE->user_is_editing(); } // Calculate the preferred width for left, right and center (both center positions will use the same) -optional_variable($preferred_width_left, blocks_preferred_width($pageblocks[BLOCK_POS_LEFT])); -optional_variable($preferred_width_right, blocks_preferred_width($pageblocks[BLOCK_POS_RIGHT])); +$preferred_width_left = optional_param('preferred_width_left', blocks_preferred_width($pageblocks[BLOCK_POS_LEFT])); +$preferred_width_right = optional_param('preferred_width_right', blocks_preferred_width($pageblocks[BLOCK_POS_RIGHT])); $preferred_width_left = min($preferred_width_left, BLOCK_L_MAX_WIDTH); $preferred_width_left = max($preferred_width_left, BLOCK_L_MIN_WIDTH); $preferred_width_right = min($preferred_width_right, BLOCK_R_MAX_WIDTH); diff --git a/blog/index.php b/blog/index.php index e3460546f0..750c8a83fe 100755 --- a/blog/index.php +++ b/blog/index.php @@ -17,20 +17,21 @@ require_once($CFG->libdir .'/blocklib.php'); $id = optional_param('id'); $limit = optional_param('limit'); -optional_variable($formstart, 'none'); -optional_variable($m, ''); //month -optional_variable($y, ''); //year -optional_variable($d, ''); //day -optional_variable($limit, 'none'); -optional_variable($formstart, 'none'); +$formstart = optional_param('formstart', 'none'); +$m = optional_param('m', ''); //month +$y = optional_param('y', ''); //year +$d = optional_param('d', ''); //day +$limit = optional_param('limit', 'none'); +$formstart = optional_param('formstart', 'none'); $userid = optional_param('userid',0,PARAM_INT); $groupid = optional_param('groupid',0,PARAM_INT); $courseid = optional_param('courseid',0,PARAM_INT); $tag = optional_param('tag'); $tagid = optional_param('tagid'); -$filtertype = optional_param('filtertype','',PARAM_ALPHA); -$filterselect = optional_param('filterselect','',PARAM_NOTAGS); + +$filtertype = optional_param('filtertype', '', PARAM_ALPHA); +$filterselect = optional_param('filterselect', 0, PARAM_INT); /// overwrite filter code here /// the the following code does the rights checkings? @@ -95,14 +96,14 @@ if ($filtertype) { switch ($filtertype) { case 'site': - if ($CFG->bloglevel < 4) { + if ($CFG->bloglevel < BLOG_SITE_LEVEL) { error ('site blogs is not enabled'); - } else if ($CFG->bloglevel < 5) { + } else if ($CFG->bloglevel < BLOG_GLOBAL_LEVEL) { require_login(); } break; case 'course': - if ($CFG->bloglevel < 3) { + if ($CFG->bloglevel < BLOG_COURSE_LEVEL) { error ('course blogs is not enabled'); } @@ -112,7 +113,7 @@ switch ($filtertype) { /// check if viewer is student break; case 'group': - if ($CFG->bloglevel < 2) { + if ($CFG->bloglevel < BLOG_GROUP_LEVEL) { error ('group blogs is not enabled'); } if (!isteacheredit($course) and (groupmode($course) == SEPARATEGROUPS)) { @@ -123,7 +124,7 @@ switch ($filtertype) { /// check if user is editting teacher, or if spg, is member break; case 'user': - if ($CFG->bloglevel < 1) { + if ($CFG->bloglevel < BLOG_USER_LEVEL) { error ('Blogs is not enabled'); } $canview = 0; //bad start @@ -146,7 +147,7 @@ switch ($filtertype) { } } } - if (!$canview && $CFG->bloglevel < 4) { + if (!$canview && $CFG->bloglevel < BLOG_SITE_LEVEL) { error ('you can not view this user\'s blogs'); } /// check to see if the viewer is sharing no_group, visible group course. diff --git a/blog/lib.php b/blog/lib.php index 73fce314dc..06ba4be105 100755 --- a/blog/lib.php +++ b/blog/lib.php @@ -10,6 +10,13 @@ require_once($CFG->libdir .'/blocklib.php'); require_once($CFG->libdir .'/pagelib.php'); require_once($CFG->dirroot .'/blog/blogpage.php'); +/* blog access level constant declaration */ +define ('BLOG_USER_LEVEL', 1); +define ('BLOG_GROUP_LEVEL', 2); +define ('BLOG_COURSE_LEVEL', 3); +define ('BLOG_SITE_LEVEL', 4); +define ('BLOG_GLOBAL_LEVEL', 5); + /** * Definition of blogcourse page type (blog page with course id present). */ @@ -649,7 +656,7 @@ function blog_print_html_formatted_entries(&$blogFilter, $filtertype, $filtersel if (blog_isLoggedIn()) { $morelink = '
  '; - $morelink .= $blogFilter->get_complete_link('get_complete_link('get_complete_link($CFG->wwwroot .'/blog/edit.php', get_string('addentries', 'blog')); + $morelink .= $blogFilter->get_complete_link($CFG->wwwroot .'/blog/edit.php', get_string('addnewentry', 'blog')); } print $morelink.'
'."\n"; @@ -683,7 +690,7 @@ function blog_print_html_formatted_entries(&$blogFilter, $filtertype, $filtersel if (blog_isLoggedIn()) { //the user's blog is enabled and they are viewing their own blog - $output .= $blogFilter->get_complete_link($CFG->wwwroot .'/blog/edit.php', get_string('addentries', 'blog')); + $output .= $blogFilter->get_complete_link($CFG->wwwroot .'/blog/edit.php', get_string('addnewentry', 'blog')); } print $output; unset($blogFilter->filtered_entries); diff --git a/blog/preferences.html b/blog/preferences.html index 68d8369af3..7904d7036f 100755 --- a/blog/preferences.html +++ b/blog/preferences.html @@ -6,15 +6,6 @@ - - - - - - - - -
:
:
: @@ -34,11 +25,6 @@
- - - - - " />
diff --git a/blog/preferences.php b/blog/preferences.php index ac72d49105..72012a6305 100755 --- a/blog/preferences.php +++ b/blog/preferences.php @@ -16,11 +16,11 @@ //ensure that the logged in user is not using the guest account if (isguest()) { - error(get_string('noguestpost', 'forum'), $referrer); + error(get_string('noguestpost', 'blog'), $referrer); } if (!blog_isLoggedIn() ) { - error(get_string('noguestpost', 'forum'), $referrer); + error(get_string('noguestpost', 'blog'), $referrer); } $userid = $USER->id; $bloginfo =& new BlogInfo($userid); @@ -29,24 +29,7 @@ if ($post = data_submitted()) { print_header(); - if (!isset($post->blogtitle) || !isset($post->blogtagline) ) { - error(get_string('settingsupdatederror', 'blog'), $referrer); - } - if (! $bloginfo->set_blog_title($post->blogtitle)) { - error(get_string('settingsupdatederror', 'blog'), $referrer ); - } - - if (! $bloginfo->set_blog_tagline($post->blogtagline)) { - error(get_string('settingsupdatederror', 'blog'), $referrer ); - } - - if (isset($post->theme)) { - if (! $bloginfo->set_blog_theme($post->theme)) { - error(get_string('settingsupdatederror', 'blog'), $referrer ); - } - } - set_user_preference('blogpagesize', optional_param('pagesize')); redirect($referrer, get_string('changessaved'), 1); @@ -56,7 +39,7 @@ $site = get_site(); $pageMeta = '' . "\n"; - $strpreferences = get_string('preferences', 'calendar'); + $strpreferences = get_string('preferences','blog'); $navigation = ''. $bloginfo->get_blog_title() . ' -> '. $strpreferences; diff --git a/blog/set_session_vars.php b/blog/set_session_vars.php index f0315a8b9c..8af24efecd 100644 --- a/blog/set_session_vars.php +++ b/blog/set_session_vars.php @@ -4,19 +4,19 @@ require_once('../config.php'); require_once('lib.php'); - require_variable($_GET['referrer']); - require_variable($_GET['var']); - optional_variable($_GET['value']); - optional_variable($_GET['userid']); - optional_variable($_GET['courseid']); - optional_variable($_GET['categoryid']); - optional_variable($_GET['d']); - optional_variable($_GET['m']); - optional_variable($_GET['y']); + $referrer = required_param('referrer'); + $var = required_param('var'); + $value = optional_param('value'); + $userid = optional_param('userid'); + $courseid = optional_param('courseid'); + $d = optional_param('d'); + $m = optional_param('m'); + $y = optional_param('y'); + $id = optional_param('id'); - switch($_GET['var']) { + switch($var) { case 'setcourse': - $id = intval($_GET['id']); + $id = intval($id); if($id == 0) { $SESSION->cal_courses_shown = array(); calendar_set_referring_course(0); @@ -47,4 +47,4 @@ break; } redirect($referrer); -?> \ No newline at end of file +?> diff --git a/blog/tags.html b/blog/tags.html index 62ffb064b1..78ae29c8f9 100755 --- a/blog/tags.html +++ b/blog/tags.html @@ -1,16 +1,17 @@ - - + + @@ -57,9 +59,10 @@ print_heading(get_string('tagsmanagement','blog')); @@ -78,5 +82,5 @@ print_heading(get_string('tagsmanagement','blog'));
Official TagsUser Defined Tags
+
- + prefix.'tags WHERE type=\'official\' ORDER by text ASC'); @@ -36,6 +37,7 @@ print_heading(get_string('tagsmanagement','blog')); 		+
- +
- Add Official:
+ + :
- +
@@ -67,9 +70,10 @@ print_heading(get_string('tagsmanagement','blog'));
- Add Personal:
+ +
- +

- close this window +

diff --git a/blog/tags.php b/blog/tags.php index e539b9a49e..8be4d8f459 100755 --- a/blog/tags.php +++ b/blog/tags.php @@ -7,6 +7,11 @@ $mode = optional_param('mode','',PARAM_ALPHA); switch ($mode) { case 'addofficial': + + if (!isadmin() || !confirm_sesskey()) { + die('you can not add official tags'); + } + if (($otag = optional_param('otag')) && (!get_record('tags','text',$otag))) { $tag->userid = $USER->id; $tag->text = $otag; @@ -24,7 +29,11 @@ switch ($mode) { break; - case 'addpersonal': + case 'addpersonal': /// everyone can add + if (!confirm_sesskey() || isguest() || !isset($USER->id)) { + error ('you can not add tags'); + } + if (($ptag = optional_param('ptag')) && (!get_record('tags','text',$ptag))) { $tag->userid = $USER->id; $tag->text = $ptag; @@ -43,6 +52,10 @@ switch ($mode) { break; case 'delete': + if (!confirm_sesskey()) { + error('you can not delete tags'); + } + $tags = optional_param('tags'); print_object($tags); foreach ($tags as $tag) { @@ -54,6 +67,7 @@ switch ($mode) { continue; } + /// Only admin can delete tags that are referenced if (!isadmin() && get_records('blog_tag_instance','tagid', $tag)) { notify('tag is used by other users, can not delete!'); continue; @@ -62,7 +76,7 @@ switch ($mode) { delete_records('tags','id',$tag); delete_records('blog_tag_instance', 'tagid', $tag); - //remove parent window option + /// remove parent window option via javascript echo '