weekly release 2.2dev
[moodle.git] / blocks / html / block_html.php
CommitLineData
4ca6cfbf 1<?php
86db09ef 2
64f93798
PS
3// This file is part of Moodle - http://moodle.org/
4//
5// Moodle is free software: you can redistribute it and/or modify
6// it under the terms of the GNU General Public License as published by
7// the Free Software Foundation, either version 3 of the License, or
8// (at your option) any later version.
9//
10// Moodle is distributed in the hope that it will be useful,
11// but WITHOUT ANY WARRANTY; without even the implied warranty of
12// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13// GNU General Public License for more details.
14//
15// You should have received a copy of the GNU General Public License
16// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17
18/**
19 * Form for editing HTML block instances.
20 *
21 * @package block_html
22 * @copyright 1999 onwards Martin Dougiamas (http://dougiamas.com)
23 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
24 */
25
86db09ef 26class block_html extends block_base {
27
28 function init() {
8c5bba16 29 $this->title = get_string('pluginname', 'block_html');
86db09ef 30 }
31
b959599b 32 function applicable_formats() {
33 return array('all' => true);
34 }
35
86db09ef 36 function specialization() {
f36acb35 37 $this->title = isset($this->config->title) ? format_string($this->config->title) : format_string(get_string('newhtmlblock', 'block_html'));
86db09ef 38 }
39
40 function instance_allow_multiple() {
41 return true;
42 }
43
44 function get_content() {
99d19c13
PS
45 global $CFG;
46
47 require_once($CFG->libdir . '/filelib.php');
48
86db09ef 49 if ($this->content !== NULL) {
50 return $this->content;
51 }
52
367a75fa
SH
53 $filteropt = new stdClass;
54 $filteropt->overflowdiv = true;
3179b000 55 if ($this->content_is_trusted()) {
e92c286c 56 // fancy html allowed only on course, category and system blocks.
e8a7edd7 57 $filteropt->noclean = true;
e8a7edd7 58 }
e345909c 59
86db09ef 60 $this->content = new stdClass;
86db09ef 61 $this->content->footer = '';
94ee9ae0 62 if (isset($this->config->text)) {
41976db3 63 // rewrite url
ce162914 64 $this->config->text = file_rewrite_pluginfile_urls($this->config->text, 'pluginfile.php', $this->context->id, 'block_html', 'content', NULL);
bd462476
SH
65 // Default to FORMAT_HTML which is what will have been used before the
66 // editor was properly implemented for the block.
67 $format = FORMAT_HTML;
68 // Check to see if the format has been properly set on the config
69 if (isset($this->config->format)) {
70 $format = $this->config->format;
71 }
72 $this->content->text = format_text($this->config->text, $format, $filteropt);
94ee9ae0
MD
73 } else {
74 $this->content->text = '';
75 }
86db09ef 76
e345909c 77 unset($filteropt); // memory footprint
78
86db09ef 79 return $this->content;
80 }
43457dc8 81
41976db3
DC
82
83 /**
84 * Serialize and store config data
85 */
86 function instance_config_save($data, $nolongerused = false) {
87 global $DB;
88
ce162914 89 $config = clone($data);
41976db3 90 // Move embedded files into a proper filearea and adjust HTML links to match
ce162914
DC
91 $config->text = file_save_draft_area_files($data->text['itemid'], $this->context->id, 'block_html', 'content', 0, array('subdirs'=>true), $data->text['text']);
92 $config->format = $data->text['format'];
41976db3 93
ce162914 94 parent::instance_config_save($config, $nolongerused);
41976db3
DC
95 }
96
af140288
DC
97 function instance_delete() {
98 global $DB;
99 $fs = get_file_storage();
64f93798 100 $fs->delete_area_files($this->context->id, 'block_html');
af140288
DC
101 return true;
102 }
41976db3 103
3179b000 104 function content_is_trusted() {
d449b246
PS
105 global $SCRIPT;
106
758bfdf6
PS
107 if (!$context = get_context_instance_by_id($this->instance->parentcontextid)) {
108 return false;
109 }
d449b246
PS
110 //find out if this block is on the profile page
111 if ($context->contextlevel == CONTEXT_USER) {
112 if ($SCRIPT === '/my/index.php') {
113 // this is exception - page is completely private, nobody else may see content there
114 // that is why we allow JS here
115 return true;
116 } else {
117 // no JS on public personal pages, it would be a big security issue
118 return false;
119 }
120 }
121
122 return true;
3179b000 123 }
86db09ef 124}