From bd1884fe6b41ed31b652176e3c5c3ea80b221ed2 Mon Sep 17 00:00:00 2001 From: tjhunt Date: Fri, 31 Oct 2008 08:25:19 +0000 Subject: [PATCH] ajax: MDL-17084 provide a way for JavaScript to update user preferences. --- lang/en_utf8/error.php | 2 ++ lib/ajax/setuserpref.php | 60 ++++++++++++++++++++++++++++++++++++++++ lib/javascript-static.js | 35 +++++++++++++++++++++++ lib/moodlelib.php | 17 +++++++++++- lib/weblib.php | 1 + 5 files changed, 114 insertions(+), 1 deletion(-) create mode 100644 lib/ajax/setuserpref.php diff --git a/lang/en_utf8/error.php b/lang/en_utf8/error.php index cf47e555cf..ae68bbcaa1 100644 --- a/lang/en_utf8/error.php +++ b/lang/en_utf8/error.php @@ -205,6 +205,7 @@ $string['errorcreatingfile'] = 'Error creating file \"$a\"'; $string['erroronline'] = 'Error on line $a'; $string['errorreadingfile'] = 'Error reading file \"$a\"'; $string['errorunzippingfiles'] = 'Error unzipping files'; +$string['errorsettinguserpref'] = 'Error setting user preference'; $string['expiredkey'] = 'Expired key'; $string['failtoloadblocks'] = 'One or more blocks are registered in the database, but they all failed to load!'; $string['fieldrequired'] = '\"$a\" is a required field'; @@ -354,6 +355,7 @@ $string['nosite'] = 'No sites'; $string['nositeid'] = 'No site ID'; $string['nofolder'] = 'Requested directory does not exist'; $string['nostatstodisplay'] = 'Sorry, there is no available data to display'; +$string['notallowedtoupdateprefremotely'] = 'You are not allowed to udpate this user preference remotely'; $string['notavailable'] = 'That is not currently available'; $string['notmemberofgroup'] = 'You are not a member of this course group'; $string['notownerofkey'] = 'You are not owner of this key'; diff --git a/lib/ajax/setuserpref.php b/lib/ajax/setuserpref.php new file mode 100644 index 0000000000..e112aeffc2 --- /dev/null +++ b/lib/ajax/setuserpref.php @@ -0,0 +1,60 @@ +ajax_updatable_user_prefs[$name])) { + print_error('notallowedtoupdateprefremotely'); +} + +// Get and the value. +$value = required_param('value', $USER->ajax_updatable_user_prefs[$name]); + +// Update +if (!set_user_preference($name, $value)) { + print_error('errorsettinguserpref'); +} + +echo 'OK'; +?> \ No newline at end of file diff --git a/lib/javascript-static.js b/lib/javascript-static.js index 8959784abd..88546bc435 100644 --- a/lib/javascript-static.js +++ b/lib/javascript-static.js @@ -553,4 +553,39 @@ emoticons_help = { } emoticons_help.inputarea.focus(); } +} + +/** + * Makes a best effort to connect back to Moodle to update a user preference, + * however, there is no mechanism for finding out if the update succeeded. + * + * Before you can use this function in your JavsScript, you must have called + * user_preference_allow_ajax_update from moodlelib.php to tell Moodle that + * the udpate is allowed, and how to safely clean and submitted values. + * + * @param String name the name of the setting to udpate. + * @param String the value to set it to. + */ +function set_user_preference(name, value) { + // Don't generate a script error if the library has not been loaded, + // unless we are a Developer, in which case we want the error. + if (YAHOO && YAHOO.util && YAHOO.util.Connect || moodle_cfg.developerdebug) { + var url = moodle_cfg.wwwroot + '/lib/ajax/setuserpref.php?sesskey=' + + moodle_cfg.sesskey + '&pref=' + encodeURI(name) + '&value=' + encodeURI(value); + + // If we are a developer, ensure that failures are reported. + var callback = {}; + if (moodle_cfg.developerdebug) { + callback.failure = function() { + var a = document.createElement('a'); + a.href = url; + a.classname = 'error'; + a.appendChild(document.createTextNode("Error updating user preference '" + name + "' using ajax. Clicking this link will repeat the Ajax call that failed so you can see the error.")); + document.body.insertBefore(a, document.body.firstChild); + } + } + + // Make the request. + YAHOO.util.Connect.asyncRequest('GET', url, callback); + } } \ No newline at end of file diff --git a/lib/moodlelib.php b/lib/moodlelib.php index 9f41bcf6b8..6fc69f94e0 100644 --- a/lib/moodlelib.php +++ b/lib/moodlelib.php @@ -1033,7 +1033,6 @@ function unset_user_preference($name, $otheruserid=NULL) { return $DB->delete_records('user_preferences', array('userid'=>$userid, 'name'=>$name)); } - /** * Sets a whole array of preferences for the current user * @param array $prefarray An array of key/value pairs to be set @@ -1103,6 +1102,22 @@ function get_user_preferences($name=NULL, $default=NULL, $otheruserid=NULL) { } } +/** + * You need to call this function if you wish to use the set_user_preference + * method in javascript_static.php, to white-list the preference you want to update + * from JavaScript, and to specify the type of cleaning you expect to be done on + * values. + * + * @param string $name the name of the user_perference we should allow to be + * updated by remote calls. + * @param integer $paramtype one of the PARAM_{TYPE} constants, user to clean + * submitted values before set_user_preference is called. + */ +function user_preference_allow_ajax_update($name, $paramtype) { + global $USER; + require_js(array('yui_yahoo', 'yui_connection')); + $USER->ajax_updatable_user_prefs[$name] = $paramtype; +} /// FUNCTIONS FOR HANDLING TIME //////////////////////////////////////////// diff --git a/lib/weblib.php b/lib/weblib.php index eeb0c69c4c..74362475e6 100644 --- a/lib/weblib.php +++ b/lib/weblib.php @@ -2811,6 +2811,7 @@ function standard_js_config() { 'wwwroot' => $CFG->httpswwwroot, // Yes, really. 'pixpath' => $CFG->pixpath, 'modpixpath' => $CFG->modpixpath, + 'sesskey' => sesskey(), ); if (debugging('', DEBUG_DEVELOPER)) { $config['developerdebug'] = true; -- 2.39.5