.
/**
* Classes for Blogs.
*
* @package moodlecore
* @subpackage blog
* @copyright 2009 Nicolas Connault
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
require_once($CFG->libdir . '/filelib.php');
/**
* Blog_entry class. Represents an entry in a user's blog. Contains all methods for managing this entry.
* This class does not contain any HTML-generating code. See blog_listing sub-classes for such code.
* This class follows the Object Relational Mapping technique, its member variables being mapped to
* the fields of the post table.
*
* @package moodlecore
* @subpackage blog
* @copyright 2009 Nicolas Connault
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class blog_entry implements renderable {
// Public Database fields.
public $id;
public $userid;
public $subject;
public $summary;
public $rating = 0;
public $attachment;
public $publishstate;
// Locked Database fields (Don't touch these).
public $courseid = 0;
public $groupid = 0;
public $module = 'blog';
public $moduleid = 0;
public $coursemoduleid = 0;
public $content;
public $format = 1;
public $uniquehash = '';
public $lastmodified;
public $created;
public $usermodified;
// Other class variables.
public $form;
public $tags = array();
/** @var StdClass Data needed to render the entry */
public $renderable;
/**
* Constructor. If given an id, will fetch the corresponding record from the DB.
*
* @param mixed $idorparams A blog entry id if INT, or data for a new entry if array
*/
public function __construct($id=null, $params=null, $form=null) {
global $DB, $PAGE, $CFG;
if (!empty($id)) {
$object = $DB->get_record('post', array('id' => $id));
foreach ($object as $var => $val) {
$this->$var = $val;
}
} else if (!empty($params) && (is_array($params) || is_object($params))) {
foreach ($params as $var => $val) {
$this->$var = $val;
}
}
if (!empty($CFG->useblogassociations)) {
$associations = $DB->get_records('blog_association', array('blogid' => $this->id));
foreach ($associations as $association) {
$context = context::instance_by_id($association->contextid);
if ($context->contextlevel == CONTEXT_COURSE) {
$this->courseassoc = $association->contextid;
} else if ($context->contextlevel == CONTEXT_MODULE) {
$this->modassoc = $association->contextid;
}
}
}
$this->form = $form;
}
/**
* Gets the required data to print the entry
*/
public function prepare_render() {
global $DB, $CFG, $PAGE;
$this->renderable = new StdClass();
$this->renderable->user = $DB->get_record('user', array('id'=>$this->userid));
// Entry comments.
if (!empty($CFG->usecomments) and $CFG->blogusecomments) {
require_once($CFG->dirroot . '/comment/lib.php');
$cmt = new stdClass();
$cmt->context = context_user::instance($this->userid);
$cmt->courseid = $PAGE->course->id;
$cmt->area = 'format_blog';
$cmt->itemid = $this->id;
$cmt->showcount = $CFG->blogshowcommentscount;
$cmt->component = 'blog';
$this->renderable->comment = new comment($cmt);
}
$this->summary = file_rewrite_pluginfile_urls($this->summary, 'pluginfile.php', SYSCONTEXTID, 'blog', 'post', $this->id);
// External blog link.
if ($this->uniquehash && $this->content) {
if ($externalblog = $DB->get_record('blog_external', array('id' => $this->content))) {
$urlparts = parse_url($externalblog->url);
$this->renderable->externalblogtext = get_string('retrievedfrom', 'blog') . get_string('labelsep', 'langconfig');
$this->renderable->externalblogtext .= html_writer::link($urlparts['scheme'] . '://' . $urlparts['host'],
$externalblog->name);
}
}
// Retrieve associations.
$this->renderable->unassociatedentry = false;
if (!empty($CFG->useblogassociations)) {
// Adding the entry associations data.
if ($associations = $associations = $DB->get_records('blog_association', array('blogid' => $this->id))) {
// Check to see if the entry is unassociated with group/course level access.
if ($this->publishstate == 'group' || $this->publishstate == 'course') {
$this->renderable->unassociatedentry = true;
}
foreach ($associations as $key => $assocrec) {
if (!$context = context::instance_by_id($assocrec->contextid, IGNORE_MISSING)) {
unset($associations[$key]);
continue;
}
// The renderer will need the contextlevel of the association.
$associations[$key]->contextlevel = $context->contextlevel;
// Course associations.
if ($context->contextlevel == CONTEXT_COURSE) {
// TODO: performance!!!!
$instancename = $DB->get_field('course', 'shortname', array('id' => $context->instanceid));
$associations[$key]->url = $assocurl = new moodle_url('/course/view.php',
array('id' => $context->instanceid));
$associations[$key]->text = $instancename;
$associations[$key]->icon = new pix_icon('i/course', $associations[$key]->text);
}
// Mod associations.
if ($context->contextlevel == CONTEXT_MODULE) {
// Getting the activity type and the activity instance id.
$sql = 'SELECT cm.instance, m.name FROM {course_modules} cm
JOIN {modules} m ON m.id = cm.module
WHERE cm.id = :cmid';
$modinfo = $DB->get_record_sql($sql, array('cmid' => $context->instanceid));
// TODO: performance!!!!
$instancename = $DB->get_field($modinfo->name, 'name', array('id' => $modinfo->instance));
$associations[$key]->type = get_string('modulename', $modinfo->name);
$associations[$key]->url = new moodle_url('/mod/' . $modinfo->name . '/view.php',
array('id' => $context->instanceid));
$associations[$key]->text = $instancename;
$associations[$key]->icon = new pix_icon('icon', $associations[$key]->text, $modinfo->name);
}
}
}
$this->renderable->blogassociations = $associations;
}
// Entry attachments.
$this->renderable->attachments = $this->get_attachments();
$this->renderable->usercanedit = blog_user_can_edit_entry($this);
}
/**
* Gets the entry attachments list
* @return array List of blog_entry_attachment instances
*/
public function get_attachments() {
global $CFG;
require_once($CFG->libdir.'/filelib.php');
$syscontext = context_system::instance();
$fs = get_file_storage();
$files = $fs->get_area_files($syscontext->id, 'blog', 'attachment', $this->id);
// Adding a blog_entry_attachment for each non-directory file.
$attachments = array();
foreach ($files as $file) {
if ($file->is_directory()) {
continue;
}
$attachments[] = new blog_entry_attachment($file, $this->id);
}
return $attachments;
}
/**
* Inserts this entry in the database. Access control checks must be done by calling code.
*
* @param mform $form Used for attachments
* @return void
*/
public function process_attachment($form) {
$this->form = $form;
}
/**
* Inserts this entry in the database. Access control checks must be done by calling code.
* TODO Set the publishstate correctly
* @return void
*/
public function add() {
global $CFG, $USER, $DB;
unset($this->id);
$this->module = 'blog';
$this->userid = (empty($this->userid)) ? $USER->id : $this->userid;
$this->lastmodified = time();
$this->created = time();
// Insert the new blog entry.
$this->id = $DB->insert_record('post', $this);
// Update tags.
$this->add_tags_info();
if (!empty($CFG->useblogassociations)) {
$this->add_associations();
}
tag_set('post', $this->id, $this->tags, 'core', context_user::instance($this->userid)->id);
// Trigger an event for the new entry.
$event = \core\event\blog_entry_created::create(array(
'objectid' => $this->id,
'relateduserid' => $this->userid
));
$event->set_blog_entry($this);
$event->trigger();
}
/**
* Updates this entry in the database. Access control checks must be done by calling code.
*
* @param array $params Entry parameters.
* @param moodleform $form Used for attachments.
* @param array $summaryoptions Summary options.
* @param array $attachmentoptions Attachment options.
*
* @return void
*/
public function edit($params=array(), $form=null, $summaryoptions=array(), $attachmentoptions=array()) {
global $CFG, $DB;
$sitecontext = context_system::instance();
$entry = $this;
$this->form = $form;
foreach ($params as $var => $val) {
$entry->$var = $val;
}
$entry = file_postupdate_standard_editor($entry, 'summary', $summaryoptions, $sitecontext, 'blog', 'post', $entry->id);
$entry = file_postupdate_standard_filemanager($entry,
'attachment',
$attachmentoptions,
$sitecontext,
'blog',
'attachment',
$entry->id);
if (!empty($CFG->useblogassociations)) {
$entry->add_associations();
}
$entry->lastmodified = time();
// Update record.
$DB->update_record('post', $entry);
tag_set('post', $entry->id, $entry->tags, 'core', context_user::instance($this->userid)->id);
$event = \core\event\blog_entry_updated::create(array(
'objectid' => $entry->id,
'relateduserid' => $entry->userid
));
$event->set_blog_entry($entry);
$event->trigger();
}
/**
* Deletes this entry from the database. Access control checks must be done by calling code.
*
* @return void
*/
public function delete() {
global $DB;
$this->delete_attachments();
$this->remove_associations();
// Get record to pass onto the event.
$record = $DB->get_record('post', array('id' => $this->id));
$DB->delete_records('post', array('id' => $this->id));
tag_set('post', $this->id, array(), 'core', context_user::instance($this->userid)->id);
$event = \core\event\blog_entry_deleted::create(array(
'objectid' => $this->id,
'relateduserid' => $this->userid
));
$event->add_record_snapshot("post", $record);
$event->set_blog_entry($this);
$event->trigger();
}
/**
* Function to add all context associations to an entry.
* TODO : Remove $action in 2.9 (MDL-41330)
*
* @param string $action - This does nothing, do not use it. This is present only for Backward compatibility.
*/
public function add_associations($action = null) {
if (!empty($action)) {
debugging('blog_entry->add_associations() does not accept any argument', DEBUG_DEVELOPER);
}
$this->remove_associations();
if (!empty($this->courseassoc)) {
$this->add_association($this->courseassoc);
}
if (!empty($this->modassoc)) {
$this->add_association($this->modassoc);
}
}
/**
* Add a single association for a blog entry
* TODO : Remove $action in 2.9 (MDL-41330)
*
* @param int $contextid - id of context to associate with the blog entry.
* @param string $action - This does nothing, do not use it. This is present only for Backward compatibility.
*/
public function add_association($contextid, $action = null) {
global $DB;
if (!empty($action)) {
debugging('blog_entry->add_association() accepts only one argument', DEBUG_DEVELOPER);
}
$assocobject = new StdClass;
$assocobject->contextid = $contextid;
$assocobject->blogid = $this->id;
$id = $DB->insert_record('blog_association', $assocobject);
// Trigger an association created event.
$context = context::instance_by_id($contextid);
$eventparam = array(
'objectid' => $id,
'other' => array('associateid' => $context->instanceid, 'subject' => $this->subject, 'blogid' => $this->id),
'relateduserid' => $this->userid
);
if ($context->contextlevel == CONTEXT_COURSE) {
$eventparam['other']['associatetype'] = 'course';
} else if ($context->contextlevel == CONTEXT_MODULE) {
$eventparam['other']['associatetype'] = 'coursemodule';
}
$event = \core\event\blog_association_created::create($eventparam);
$event->trigger();
}
/**
* remove all associations for a blog entry
* @return voic
*/
public function remove_associations() {
global $DB;
$DB->delete_records('blog_association', array('blogid' => $this->id));
}
/**
* Deletes all the user files in the attachments area for an entry
*
* @return void
*/
public function delete_attachments() {
$fs = get_file_storage();
$fs->delete_area_files(SYSCONTEXTID, 'blog', 'attachment', $this->id);
$fs->delete_area_files(SYSCONTEXTID, 'blog', 'post', $this->id);
}
/**
* function to attach tags into an entry
* @return void
*/
public function add_tags_info() {
$tags = array();
if ($otags = optional_param('otags', '', PARAM_INT)) {
foreach ($otags as $tagid) {
// TODO : make this use the tag name in the form.
if ($tag = tag_get('id', $tagid)) {
$tags[] = $tag->name;
}
}
}
tag_set('post', $this->id, $tags, 'core', context_user::instance($this->userid)->id);
}
/**
* User can edit a blog entry if this is their own blog entry and they have
* the capability moodle/blog:create, or if they have the capability
* moodle/blog:manageentries.
* This also applies to deleting of entries.
*
* @param int $userid Optional. If not given, $USER is used
* @return boolean
*/
public function can_user_edit($userid=null) {
global $CFG, $USER;
if (empty($userid)) {
$userid = $USER->id;
}
$sitecontext = context_system::instance();
if (has_capability('moodle/blog:manageentries', $sitecontext)) {
return true; // Can edit any blog entry.
}
if ($this->userid == $userid && has_capability('moodle/blog:create', $sitecontext)) {
return true; // Can edit own when having blog:create capability.
}
return false;
}
/**
* Checks to see if a user can view the blogs of another user.
* Only blog level is checked here, the capabilities are enforced
* in blog/index.php
*
* @param int $targetuserid ID of the user we are checking
*
* @return bool
*/
public function can_user_view($targetuserid) {
global $CFG, $USER, $DB;
$sitecontext = context_system::instance();
if (empty($CFG->enableblogs) || !has_capability('moodle/blog:view', $sitecontext)) {
return false; // Blog system disabled or user has no blog view capability.
}
if (isloggedin() && $USER->id == $targetuserid) {
return true; // Can view own entries in any case.
}
if (has_capability('moodle/blog:manageentries', $sitecontext)) {
return true; // Can manage all entries.
}
// Coming for 1 entry, make sure it's not a draft.
if ($this->publishstate == 'draft' && !has_capability('moodle/blog:viewdrafts', $sitecontext)) {
return false; // Can not view draft of others.
}
// Coming for 1 entry, make sure user is logged in, if not a public blog.
if ($this->publishstate != 'public' && !isloggedin()) {
return false;
}
switch ($CFG->bloglevel) {
case BLOG_GLOBAL_LEVEL:
return true;
break;
case BLOG_SITE_LEVEL:
if (isloggedin()) { // Not logged in viewers forbidden.
return true;
}
return false;
break;
case BLOG_USER_LEVEL:
default:
$personalcontext = context_user::instance($targetuserid);
return has_capability('moodle/user:readuserblogs', $personalcontext);
break;
}
}
/**
* Use this function to retrieve a list of publish states available for
* the currently logged in user.
*
* @return array This function returns an array ideal for sending to moodles'
* choose_from_menu function.
*/
public static function get_applicable_publish_states() {
global $CFG;
$options = array();
// Everyone gets draft access.
if ($CFG->bloglevel >= BLOG_USER_LEVEL) {
$options['draft'] = get_string('publishtonoone', 'blog');
}
if ($CFG->bloglevel > BLOG_USER_LEVEL) {
$options['site'] = get_string('publishtosite', 'blog');
}
if ($CFG->bloglevel >= BLOG_GLOBAL_LEVEL) {
$options['public'] = get_string('publishtoworld', 'blog');
}
return $options;
}
}
/**
* Abstract Blog_Listing class: used to gather blog entries and output them as listings. One of the subclasses must be used.
*
* @package moodlecore
* @subpackage blog
* @copyright 2009 Nicolas Connault
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class blog_listing {
/**
* Array of blog_entry objects.
* @var array $entries
*/
public $entries = array();
/**
* An array of blog_filter_* objects
* @var array $filters
*/
public $filters = array();
/**
* Constructor
*
* @param array $filters An associative array of filtername => filterid
*/
public function __construct($filters=array()) {
// Unset filters overridden by more specific filters.
foreach ($filters as $type => $id) {
if (!empty($type) && !empty($id)) {
$this->filters[$type] = blog_filter::get_instance($id, $type);
}
}
foreach ($this->filters as $type => $filter) {
foreach ($filter->overrides as $override) {
if (array_key_exists($override, $this->filters)) {
unset($this->filters[$override]);
}
}
}
}
/**
* Fetches the array of blog entries.
*
* @return array
*/
public function get_entries($start=0, $limit=10) {
global $DB;
if (empty($this->entries)) {
if ($sqlarray = $this->get_entry_fetch_sql(false, 'created DESC')) {
$this->entries = $DB->get_records_sql($sqlarray['sql'], $sqlarray['params'], $start, $limit);
} else {
return false;
}
}
return $this->entries;
}
public function get_entry_fetch_sql($count=false, $sort='lastmodified DESC', $userid = false) {
global $DB, $USER, $CFG;
if (!$userid) {
$userid = $USER->id;
}
$allnamefields = get_all_user_name_fields(true, 'u');
// The query used to locate blog entries is complicated. It will be built from the following components:
$requiredfields = "p.*, $allnamefields, u.email"; // The SELECT clause.
$tables = array('p' => 'post', 'u' => 'user'); // Components of the FROM clause (table_id => table_name).
// Components of the WHERE clause (conjunction).
$conditions = array('u.deleted = 0', 'p.userid = u.id', '(p.module = \'blog\' OR p.module = \'blog_external\')');
// Build up a clause for permission constraints.
$params = array();
// Fix for MDL-9165, use with readuserblogs capability in a user context can read that user's private blogs.
// Admins can see all blogs regardless of publish states, as described on the help page.
if (has_capability('moodle/user:readuserblogs', context_system::instance())) {
// Don't add permission constraints.
} else if (!empty($this->filters['user'])
&& has_capability('moodle/user:readuserblogs',
context_user::instance((empty($this->filters['user']->id) ? 0 : $this->filters['user']->id)))) {
// Don't add permission constraints.
} else {
if (isloggedin() and !isguestuser()) {
// Dont check association records if there aren't any.
$assocexists = $DB->record_exists('blog_association', array());
// Begin permission sql clause.
$permissionsql = '(p.userid = ? ';
$params[] = $userid;
if ($CFG->bloglevel >= BLOG_SITE_LEVEL) { // Add permission to view site-level entries.
$permissionsql .= " OR p.publishstate = 'site' ";
}
if ($CFG->bloglevel >= BLOG_GLOBAL_LEVEL) { // Add permission to view global entries.
$permissionsql .= " OR p.publishstate = 'public' ";
}
$permissionsql .= ') '; // Close permissions sql clause.
} else { // Default is access to public entries.
$permissionsql = "p.publishstate = 'public'";
}
$conditions[] = $permissionsql; // Add permission constraints.
}
foreach ($this->filters as $type => $blogfilter) {
$conditions = array_merge($conditions, $blogfilter->conditions);
$params = array_merge($params, $blogfilter->params);
$tables = array_merge($tables, $blogfilter->tables);
}
$tablessql = ''; // Build up the FROM clause.
foreach ($tables as $tablename => $table) {
$tablessql .= ($tablessql ? ', ' : '').'{'.$table.'} '.$tablename;
}
$sql = ($count) ? 'SELECT COUNT(*)' : 'SELECT ' . $requiredfields;
$sql .= " FROM $tablessql WHERE " . implode(' AND ', $conditions);
$sql .= ($count) ? '' : " ORDER BY $sort";
return array('sql' => $sql, 'params' => $params);
}
/**
* Outputs all the blog entries aggregated by this blog listing.
*
* @return void
*/
public function print_entries() {
global $CFG, $USER, $DB, $OUTPUT, $PAGE;
$sitecontext = context_system::instance();
// Blog renderer.
$output = $PAGE->get_renderer('blog');
$page = optional_param('blogpage', 0, PARAM_INT);
$limit = optional_param('limit', get_user_preferences('blogpagesize', 10), PARAM_INT);
$start = $page * $limit;
$morelink = '
';
if ($sqlarray = $this->get_entry_fetch_sql(true)) {
$totalentries = $DB->count_records_sql($sqlarray['sql'], $sqlarray['params']);
} else {
$totalentries = 0;
}
$entries = $this->get_entries($start, $limit);
$pagingbar = new paging_bar($totalentries, $page, $limit, $this->get_baseurl());
$pagingbar->pagevar = 'blogpage';
$blogheaders = blog_get_headers();
echo $OUTPUT->render($pagingbar);
if (has_capability('moodle/blog:create', $sitecontext)) {
// The user's blog is enabled and they are viewing their own blog.
$userid = optional_param('userid', null, PARAM_INT);
if (empty($userid) || (!empty($userid) && $userid == $USER->id)) {
$courseid = optional_param('courseid', null, PARAM_INT);
$modid = optional_param('modid', null, PARAM_INT);
$addurl = new moodle_url("$CFG->wwwroot/blog/edit.php");
$urlparams = array('action' => 'add',
'userid' => $userid,
'courseid' => $courseid,
'groupid' => optional_param('groupid', null, PARAM_INT),
'modid' => $modid,
'tagid' => optional_param('tagid', null, PARAM_INT),
'tag' => optional_param('tag', null, PARAM_INT),
'search' => optional_param('search', null, PARAM_INT));
$urlparams = array_filter($urlparams);
$addurl->params($urlparams);
$addlink = '