[Summary view] [Print] [Text view]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * file index.php
  19   * index page to view blogs. if no blog is specified then site wide entries are shown
  20   * if a blog id is specified then the latest entries from that blog are shown
  21   */
  22  
  23  require_once(dirname(dirname(__FILE__)).'/config.php');
  24  require_once($CFG->dirroot .'/blog/lib.php');
  25  require_once($CFG->dirroot .'/blog/locallib.php');
  26  require_once($CFG->dirroot .'/course/lib.php');
  27  require_once($CFG->dirroot .'/tag/lib.php');
  28  require_once($CFG->dirroot .'/comment/lib.php');
  29  
  30  $id       = optional_param('id', null, PARAM_INT);
  31  $start    = optional_param('formstart', 0, PARAM_INT);
  32  $tag      = optional_param('tag', '', PARAM_NOTAGS);
  33  $userid   = optional_param('userid', null, PARAM_INT);
  34  $tagid    = optional_param('tagid', null, PARAM_INT);
  35  $modid    = optional_param('modid', null, PARAM_INT);
  36  $entryid  = optional_param('entryid', null, PARAM_INT);
  37  $groupid  = optional_param('groupid', null, PARAM_INT);
  38  $courseid = optional_param('courseid', null, PARAM_INT);
  39  $search   = optional_param('search', null, PARAM_RAW);
  40  
  41  comment::init();
  42  
  43  $url_params = compact('id', 'start', 'tag', 'userid', 'tagid', 'modid', 'entryid', 'groupid', 'courseid', 'search');
  44  foreach ($url_params as $var => $val) {
  45      if (empty($val)) {
  46          unset($url_params[$var]);
  47      }
  48  }
  49  $PAGE->set_url('/blog/index.php', $url_params);
  50  
  51  // Correct tagid if a text tag is provided as a param.
  52  if (!empty($tag)) {
  53      if ($tagrec = $DB->get_record('tag', array('name' => $tag))) {
  54          $tagid = $tagrec->id;
  55      } else {
  56          unset($tagid);
  57      }
  58  }
  59  
  60  $sitecontext = context_system::instance();
  61  // Blogs are always in system context.
  62  $PAGE->set_context($sitecontext);
  63  
  64  // Check basic permissions.
  65  if ($CFG->bloglevel == BLOG_GLOBAL_LEVEL) {
  66      // Everybody can see anything - no login required unless site is locked down using forcelogin.
  67      if ($CFG->forcelogin) {
  68          require_login();
  69      }
  70  
  71  } else if ($CFG->bloglevel == BLOG_SITE_LEVEL) {
  72      // Users must log in and can not be guests.
  73      require_login();
  74      if (isguestuser()) {
  75          // They must have entered the url manually.
  76          print_error('blogdisable', 'blog');
  77      }
  78  
  79  } else if ($CFG->bloglevel == BLOG_USER_LEVEL) {
  80      // Users can see own blogs only! with the exception of people with special cap.
  81      require_login();
  82  
  83  } else {
  84      // Weird!
  85      print_error('blogdisable', 'blog');
  86  }
  87  
  88  if (empty($CFG->enableblogs)) {
  89      print_error('blogdisable', 'blog');
  90  }
  91  
  92  // Add courseid if modid or groupid is specified: This is used for navigation and title.
  93  if (!empty($modid) && empty($courseid)) {
  94      $courseid = $DB->get_field('course_modules', 'course', array('id' => $modid));
  95  }
  96  
  97  if (!empty($groupid) && empty($courseid)) {
  98      $courseid = $DB->get_field('groups', 'courseid', array('id' => $groupid));
  99  }
 100  
 101  
 102  if (!$userid && has_capability('moodle/blog:view', $sitecontext) && $CFG->bloglevel > BLOG_USER_LEVEL) {
 103      if ($entryid) {
 104          if (!$entryobject = $DB->get_record('post', array('id'=>$entryid))) {
 105              print_error('nosuchentry', 'blog');
 106          }
 107          $userid = $entryobject->userid;
 108      }
 109  } else if (!$userid) {
 110      $userid = $USER->id;
 111  }
 112  
 113  if (!empty($modid)) {
 114      if ($CFG->bloglevel < BLOG_SITE_LEVEL) {
 115          print_error(get_string('nocourseblogs', 'blog'));
 116      }
 117      if (!$mod = $DB->get_record('course_modules', array('id' => $modid))) {
 118          print_error(get_string('invalidmodid', 'blog'));
 119      }
 120      $courseid = $mod->course;
 121  }
 122  
 123  if ((empty($courseid) ? true : $courseid == SITEID) && empty($userid)) {
 124      if ($CFG->bloglevel < BLOG_SITE_LEVEL) {
 125          print_error('siteblogdisable', 'blog');
 126      }
 127      if (!has_capability('moodle/blog:view', $sitecontext)) {
 128          print_error('cannotviewsiteblog', 'blog');
 129      }
 130  
 131      $COURSE = $DB->get_record('course', array('format'=>'site'));
 132      $courseid = $COURSE->id;
 133  }
 134  
 135  if (!empty($courseid)) {
 136      if (!$course = $DB->get_record('course', array('id'=>$courseid))) {
 137          print_error('invalidcourseid');
 138      }
 139  
 140      $courseid = $course->id;
 141      require_login($course);
 142  
 143      if (!has_capability('moodle/blog:view', $sitecontext)) {
 144          print_error('cannotviewcourseblog', 'blog');
 145      }
 146  } else {
 147      $coursecontext = context_course::instance(SITEID);
 148  }
 149  
 150  if (!empty($groupid)) {
 151      if ($CFG->bloglevel < BLOG_SITE_LEVEL) {
 152          print_error('groupblogdisable', 'blog');
 153      }
 154  
 155      if (! $group = groups_get_group($groupid)) {
 156          print_error(get_string('invalidgroupid', 'blog'));
 157      }
 158  
 159      if (!$course = $DB->get_record('course', array('id'=>$group->courseid))) {
 160          print_error('invalidcourseid');
 161      }
 162  
 163      $coursecontext = context_course::instance($course->id);
 164      $courseid = $course->id;
 165      require_login($course);
 166  
 167      if (!has_capability('moodle/blog:view', $sitecontext)) {
 168          print_error(get_string('cannotviewcourseorgroupblog', 'blog'));
 169      }
 170  
 171      if (groups_get_course_groupmode($course) == SEPARATEGROUPS && !has_capability('moodle/site:accessallgroups', $coursecontext)) {
 172          if (!groups_is_member($groupid)) {
 173              print_error('notmemberofgroup');
 174          }
 175      }
 176  }
 177  
 178  if (!empty($userid)) {
 179      if ($CFG->bloglevel < BLOG_USER_LEVEL) {
 180          print_error('blogdisable', 'blog');
 181      }
 182  
 183      if (!$user = $DB->get_record('user', array('id'=>$userid))) {
 184          print_error('invaliduserid');
 185      }
 186  
 187      if ($user->deleted) {
 188          echo $OUTPUT->header();
 189          echo $OUTPUT->heading(get_string('userdeleted'));
 190          echo $OUTPUT->footer();
 191          die;
 192      }
 193  
 194      if ($USER->id == $userid) {
 195          if (!has_capability('moodle/blog:create', $sitecontext)
 196            && !has_capability('moodle/blog:view', $sitecontext)) {
 197              print_error('donothaveblog', 'blog');
 198          }
 199      } else {
 200          if (!has_capability('moodle/blog:view', $sitecontext) || !blog_user_can_view_user_entry($userid)) {
 201              print_error('cannotviewcourseblog', 'blog');
 202          }
 203  
 204          $PAGE->navigation->extend_for_user($user);
 205      }
 206  }
 207  
 208  $courseid = (empty($courseid)) ? SITEID : $courseid;
 209  
 210  
 211  $blogheaders = blog_get_headers();
 212  
 213  if ($CFG->enablerssfeeds) {
 214      $rsscontext = null;
 215      $filtertype = null;
 216      $thingid = null;
 217      list($thingid, $rsscontext, $filtertype) = blog_rss_get_params($blogheaders['filters']);
 218      if (empty($rsscontext)) {
 219          $rsscontext = context_system::instance();
 220      }
 221      $rsstitle = $blogheaders['heading'];
 222  
 223      // Check we haven't started output by outputting an error message.
 224      if ($PAGE->state == moodle_page::STATE_BEFORE_HEADER) {
 225          blog_rss_add_http_header($rsscontext, $rsstitle, $filtertype, $thingid, $tagid);
 226      }
 227  }
 228  
 229  echo $OUTPUT->header();
 230  
 231  echo $OUTPUT->heading($blogheaders['heading'], 2);
 232  
 233  $bloglisting = new blog_listing($blogheaders['filters']);
 234  $bloglisting->print_entries();
 235  
 236  echo $OUTPUT->footer();
 237  $eventparams = array(
 238      'other' => array('entryid' => $entryid, 'tagid' => $tagid, 'userid' => $userid, 'modid' => $modid, 'groupid' => $groupid,
 239                       'search' => $search, 'fromstart' => $start)
 240  );
 241  if (!empty($userid)) {
 242      $eventparams['relateduserid'] = $userid;
 243  }
 244  $eventparams['other']['courseid'] = ($courseid === SITEID) ? 0 : $courseid;
 245  $event = \core\event\blog_entries_viewed::create($eventparams);
 246  $event->trigger();