PageRenderTime 38ms CodeModel.GetById 12ms RepoModel.GetById 0ms app.codeStats 1ms

/htdocs/view/view.php

https://gitlab.com/mahara-contrib/janrain-auth
PHP | 297 lines | 221 code | 38 blank | 38 comment | 60 complexity | 4b9859928e6e4b96d4de52d701e87191 MD5 | raw file
Possible License(s): GPL-3.0, LGPL-2.1, MIT 
    

  1. <?php
    2. 

  2. /**
    3. 

  3.  * Mahara: Electronic portfolio, weblog, resume builder and social networking
    4. 

  4.  * Copyright (C) 2006-2009 Catalyst IT Ltd and others; see:
    5. 

  5.  *                         http://wiki.mahara.org/Contributors
    6. 

  6.  *
    7. 

  7.  * This program is free software: you can redistribute it and/or modify
    8. 

  8.  * it under the terms of the GNU General Public License as published by
    9. 

  9.  * the Free Software Foundation, either version 3 of the License, or
    10. 

  10.  * (at your option) any later version.
    11. 

  11.  *
    12. 

  12.  * This program is distributed in the hope that it will be useful,
    13. 

  13.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    14. 

  14.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    15. 

  15.  * GNU General Public License for more details.
    16. 

  16.  *
    17. 

  17.  * You should have received a copy of the GNU General Public License
    18. 

  18.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    19. 

  19.  *
    20. 

  20.  * @package    mahara
    21. 

  21.  * @subpackage core
    22. 

  22.  * @author     Catalyst IT Ltd
    23. 

  23.  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL
    24. 

  24.  * @copyright  (C) 2006-2009 Catalyst IT Ltd http://catalyst.net.nz
    25. 

  25.  *
    26. 

  26.  */
    27. 

  27. 

  28. define('INTERNAL', 1);
    29. 

  29. define('PUBLIC', 1);
    30. 

  30. define('SECTION_PLUGINTYPE', 'core');
    31. 

  31. define('SECTION_PLUGINNAME', 'view');
    32. 

  32. define('SECTION_PAGE', 'view');
    33. 

  33. 

  34. require(dirname(dirname(__FILE__)) . '/init.php');
    35. 

  35. 

  36. require_once(get_config('libroot') . 'view.php');
    37. 

  37. require_once(get_config('libroot') . 'collection.php');
    38. 

  38. require_once('group.php');
    39. 

  39. safe_require('artefact', 'comment');
    40. 

  40. 

  41. // access key for roaming teachers
    42. 

  42. $mnettoken = $SESSION->get('mnetuser') ? param_alphanum('mt', null) : null;
    43. 

  43. 

  44. // access key for logged out users
    45. 

  45. $usertoken = (is_null($mnettoken) && get_config('allowpublicviews')) ? param_alphanum('t', null) : null;
    46. 

  46. 

  47. if ($mnettoken) {
    48. 

  48.     if (!$viewid = get_view_from_token($mnettoken, false)) {
    49. 

  49.         throw new AccessDeniedException(get_string('accessdenied', 'error'));
    50. 

  50.     }
    51. 

  51. }
    52. 

  52. else if ($usertoken) {
    53. 

  53.     if (!$viewid = get_view_from_token($usertoken, true)) {
    54. 

  54.         throw new AccessDeniedException(get_string('accessdenied', 'error'));
    55. 

  55.     }
    56. 

  56. }
    57. 

  57. else {
    58. 

  58.     $viewid = param_integer('id');
    59. 

  59. }
    60. 

  60. 

  61. $new = param_boolean('new');
    62. 

  62. 

  63. if (!can_view_view($viewid)) {
    64. 

  64.     throw new AccessDeniedException(get_string('accessdenied', 'error'));
    65. 

  65. }
    66. 

  66. 

  67. // Feedback list pagination requires limit/offset params
    68. 

  68. $limit       = param_integer('limit', 10);
    69. 

  69. $offset      = param_integer('offset', 0);
    70. 

  70. $showcomment = param_integer('showcomment', null);
    71. 

  71. 

  72. $view = new View($viewid);
    73. 

  73. 

  74. // Create the "make feedback private form" now if it's been submitted
    75. 

  75. if (param_variable('make_public_submit', null)) {
    76. 

  76.     pieform(ArtefactTypeComment::make_public_form(param_integer('comment')));
    77. 

  77. }
    78. 

  78. else if (param_variable('delete_comment_submit', null)) {
    79. 

  79.     pieform(ArtefactTypeComment::delete_comment_form(param_integer('comment')));
    80. 

  80. }
    81. 

  81. 

  82. $owner    = $view->get('owner');
    83. 

  83. $viewtype = $view->get('type');
    84. 

  84. 

  85. if ($viewtype == 'profile' || $viewtype == 'dashboard' || $viewtype == 'grouphomepage') {
    86. 

  86.     redirect($view->get_url());
    87. 

  87. }
    88. 

  88. 

  89. define('TITLE', $view->get('title'));
    90. 

  90. 

  91. $submittedgroup = (int)$view->get('submittedgroup');
    92. 

  92. if ($USER->is_logged_in() && $submittedgroup && group_user_can_assess_submitted_views($submittedgroup, $USER->get('id'))) {
    93. 

  93.     // The user is a tutor of the group that this view has
    94. 

  94.     // been submitted to, and is entitled to release the view
    95. 

  95.     $submittedgroup = get_record('group', 'id', $submittedgroup);
    96. 

  96.     if ($view->get('submittedtime')) {
    97. 

  97.         $text = get_string('viewsubmittedtogroupon', 'view', get_config('wwwroot') . 'group/view.php?id=' . $submittedgroup->id, hsc($submittedgroup->name), format_date(strtotime($view->get('submittedtime'))));
    98. 

  98.     }
    99. 

  99.     else {
    100. 

  100.         $text = get_string('viewsubmittedtogroup', 'view', get_config('wwwroot') . 'group/view.php?id=' . $submittedgroup->id, hsc($submittedgroup->name));
    101. 

  101.     }
    102. 

  102.     $releaseform = pieform(array(
    103. 

  103.         'name'     => 'releaseview',
    104. 

  104.         'method'   => 'post',
    105. 

  105.         'plugintype' => 'core',
    106. 

  106.         'pluginname' => 'view',
    107. 

  107.         'autofocus' => false,
    108. 

  108.         'elements' => array(
    109. 

  109.             'submittedview' => array(
    110. 

  110.                 'type'  => 'html',
    111. 

  111.                 'value' => $text,
    112. 

  112.             ),
    113. 

  113.             'submit' => array(
    114. 

  114.                 'type'  => 'submit',
    115. 

  115.                 'value' => get_string('releaseview', 'group'),
    116. 

  116.             ),
    117. 

  117.         ),
    118. 

  118.     ));
    119. 

  119. }
    120. 

  120. else {
    121. 

  121.     $releaseform = '';
    122. 

  122. }
    123. 

  123. 

  124. 

  125. function releaseview_submit() {
    126. 

  126.     global $USER, $SESSION, $view;
    127. 

  127.     $groupid = $view->get('submittedgroup');
    128. 

  128.     $view->release($USER);
    129. 

  129.     $SESSION->add_ok_msg(get_string('viewreleasedsuccess', 'group'));
    130. 

  130.     if ($groupid) {
    131. 

  131.         // The tutor might not have access to the view any more; send
    132. 

  132.         // them back to the group page.
    133. 

  133.         redirect(get_config('wwwroot') . 'group/view.php?id='.$groupid);
    134. 

  134.     }
    135. 

  135.     redirect(get_config('wwwroot') . 'view/view.php?id='.$view->get('id'));
    136. 

  136. }
    137. 

  137. 

  138. $javascript = array('paginator', 'viewmenu', 'jquery', 'artefact/resume/resumeshowhide.js');
    139. 

  139. $javascript = array_merge($javascript, $view->get_blocktype_javascript());
    140. 

  140. 

  141. $extrastylesheets = array('style/views.css');
    142. 

  142.   
    143. 

  143. // If the view has comments turned off, tutors can still leave
    144. 

  144. // comments if the view is submitted to their group.
    145. 

  145. if (!empty($releaseform) || ($commenttype = $view->user_comments_allowed($USER))) {
    146. 

  146.     $defaultprivate = !empty($releaseform);
    147. 

  147.     $moderate = isset($commenttype) && $commenttype === 'private';
    148. 

  148.     $addfeedbackform = pieform(ArtefactTypeComment::add_comment_form($defaultprivate, $moderate));
    149. 

  149.     $extrastylesheets[] = 'style/jquery.rating.css';
    150. 

  150.     $javascript[] = 'jquery.rating';
    151. 

  151. }
    152. 

  152. if ($USER->is_logged_in()) {
    153. 

  153.     $objectionform = pieform(objection_form());
    154. 

  154.     if ($notrudeform = $view->notrude_form()) {
    155. 

  155.         $notrudeform = pieform($notrudeform);
    156. 

  156.     }
    157. 

  157. }
    158. 

  158. 

  159. $viewbeingwatched = (int)record_exists('usr_watchlist_view', 'usr', $USER->get('id'), 'view', $viewid);
    160. 

  160. 

  161. $feedback = ArtefactTypeComment::get_comments($limit, $offset, $showcomment, $view);
    162. 

  162. 

  163. // Set up theme
    164. 

  164. $viewtheme = $view->get('theme');
    165. 

  165. if ($viewtheme && $THEME->basename != $viewtheme) {
    166. 

  166.     $THEME = new Theme($viewtheme);
    167. 

  167. }
    168. 

  168. $stylesheets = array('<link rel="stylesheet" type="text/css" href="' . get_config('wwwroot') . 'theme/views.css">');
    169. 

  169. 

  170. $can_edit = $USER->can_edit_view($view) && !$submittedgroup && !$view->is_submitted();
    171. 

  171. 

  172. $smarty = smarty(
    173. 

  173.     $javascript,
    174. 

  174.     $stylesheets,
    175. 

  175.     array(),
    176. 

  176.     array(
    177. 

  177.         'stylesheets' => $extrastylesheets,
    178. 

  178.         'sidebars' => false,
    179. 

  179.     )
    180. 

  180. );
    181. 

  181. 

  182. $javascript = <<<EOF
    183. 

  183. var viewid = {$viewid};
    184. 

  184. addLoadEvent(function () {
    185. 

  185.     paginator = {$feedback->pagination_js}
    186. 

  186. });
    187. 

  187. EOF;
    188. 

  188. 

  189. // collection top navigation
    190. 

  190. if ($collection = $view->get('collection')) {
    191. 

  191.     $shownav = $collection->get('navigation');
    192. 

  192.     if ($shownav) {
    193. 

  193.         if ($views = $collection->get('views')) {
    194. 

  194.             if (count($views['views']) > 1) {
    195. 

  195.                 $smarty->assign_by_ref('collection', array_chunk($views['views'], 5));
    196. 

  196.             }
    197. 

  197.         }
    198. 

  198.     }
    199. 

  199. }
    200. 

  200. 

  201. $smarty->assign('INLINEJAVASCRIPT', $javascript);
    202. 

  202. $smarty->assign('new', $new);
    203. 

  203. $smarty->assign('viewid', $viewid);
    204. 

  204. $smarty->assign('viewtype', $viewtype);
    205. 

  205. $smarty->assign('feedback', $feedback);
    206. 

  206. $smarty->assign('owner', $owner);
    207. 

  207. $smarty->assign('tags', $view->get('tags'));
    208. 

  208. 

  209. if (get_config('viewmicroheaders')) {
    210. 

  210.     $smarty->assign('microheaders', true);
    211. 

  211.     $smarty->assign('microheadertitle', $collection ? hsc($collection->get('name')) : $view->display_title(true, false));
    212. 

  212. 

  213.     if ($can_edit) {
    214. 

  214.         $smarty->assign('visitstring', $view->visit_message());
    215. 

  215.         if ($new) {
    216. 

  216.             $microheaderlinks = array(
    217. 

  217.                 array(
    218. 

  218.                     'name' => get_string('back'),
    219. 

  219.                     'url' => get_config('wwwroot') . 'view/blocks.php?id=' . $viewid . '&new=1',
    220. 

  220.                     'type' => 'reply',
    221. 

  221.                 ),
    222. 

  222.             );
    223. 

  223.         }
    224. 

  224.         else {
    225. 

  225.             $microheaderlinks = array(
    226. 

  226.                 array(
    227. 

  227.                     'name' => get_string('editthisview', 'view'),
    228. 

  228.                     'image' => $THEME->get_url('images/edit.gif'),
    229. 

  229.                     'url' => get_config('wwwroot') . 'view/blocks.php?id=' . $viewid,
    230. 

  230.                 ),
    231. 

  231.             );
    232. 

  232.         }
    233. 

  233.         $smarty->assign('microheaderlinks', $microheaderlinks);
    234. 

  234.     }
    235. 

  235. 

  236.     if ($USER->is_logged_in()) {
    237. 

  237.         if (!empty($_SERVER['HTTP_REFERER'])) {
    238. 

  238.             $page = get_config('wwwroot') . 'view/view.php?id=' . $viewid . ($new ? '&new=1' : '');
    239. 

  239.             if ($_SERVER['HTTP_REFERER'] != $page) {
    240. 

  240.                 $smarty->assign('backurl', $_SERVER['HTTP_REFERER']);
    241. 

  241.             }
    242. 

  242.         }
    243. 

  243.     }
    244. 

  244. }
    245. 

  245. else if ($can_edit) {
    246. 

  246.     $smarty->assign('editurl', get_config('wwwroot') . 'view/blocks.php?id=' . $viewid . ($new ? '&new=1' : ''));
    247. 

  247. }
    248. 

  248. 

  249. $title = hsc(TITLE);
    250. 

  250. 

  251. if (!get_config('viewmicroheaders')) {
    252. 

  252.     $title = $collection ? hsc($collection->get('name')) : $view->display_title();
    253. 

  253.     $smarty->assign('maintitle', $title);
    254. 

  254. }
    255. 

  255. 

  256. // Provide a link for roaming teachers to return
    257. 

  257. if ($mnetviewlist = $SESSION->get('mnetviewaccess')) {
    258. 

  258.     if (isset($mnetviewlist[$view->get('id')])) {
    259. 

  259.         $returnurl = $SESSION->get('mnetuserfrom');
    260. 

  260.         require_once(get_config('docroot') . 'api/xmlrpc/lib.php');
    261. 

  261.         if ($peer = get_peer_from_instanceid($SESSION->get('authinstance'))) {
    262. 

  262.             $smarty->assign('mnethost', array(
    263. 

  263.                 'name'      => $peer->name,
    264. 

  264.                 'url'       => $returnurl ? $returnurl : $peer->wwwroot,
    265. 

  265.             ));
    266. 

  266.         }
    267. 

  267.     }
    268. 

  268. }
    269. 

  269. 

  270. $smarty->assign('viewdescription', $view->get('description'));
    271. 

  271. $smarty->assign('viewcontent', $view->build_columns());
    272. 

  272. $smarty->assign('releaseform', $releaseform);
    273. 

  273. if (isset($addfeedbackform)) {
    274. 

  274.     $smarty->assign('enablecomments', 1);
    275. 

  275.     $smarty->assign('addfeedbackform', $addfeedbackform);
    276. 

  276. }
    277. 

  277. if (isset($objectionform)) {
    278. 

  278.     $smarty->assign('objectionform', $objectionform);
    279. 

  279.     $smarty->assign('notrudeform', $notrudeform);
    280. 

  280. }
    281. 

  281. $smarty->assign('viewbeingwatched', $viewbeingwatched);
    282. 

  282. 

  283. if ($owner && $owner == $USER->get('id')) {
    284. 

  284.     if ($tutorgroupdata = group_get_user_course_groups()) {
    285. 

  285.         if (!$view->get('submittedgroup') && !$view->get('submittedhost')) {
    286. 

  286.             $smarty->assign(
    287. 

  287.                 'view_group_submission_form',
    288. 

  288.                 view_group_submission_form($view->get('id'), $tutorgroupdata, 'view')
    289. 

  289.             );
    290. 

  290.         }
    291. 

  291.     }
    292. 

  292. }
    293. 

  293. 

  294. $smarty->display('view/view.tpl');
    295. 

  295. 

  296. mahara_log('views', "$viewid"); // Log view visits
    297. 

  297. ?>
    298. 

  298.