MDL-40266 improve emulate_bound_params() for mysqli
[moodle.git] / blog / edit.php
CommitLineData
cae83708 1<?php
2
3// This file is part of Moodle - http://moodle.org/
4//
5// Moodle is free software: you can redistribute it and/or modify
6// it under the terms of the GNU General Public License as published by
7// the Free Software Foundation, either version 3 of the License, or
8// (at your option) any later version.
9//
10// Moodle is distributed in the hope that it will be useful,
11// but WITHOUT ANY WARRANTY; without even the implied warranty of
12// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13// GNU General Public License for more details.
14//
15// You should have received a copy of the GNU General Public License
16// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
4a173181 17
cae83708 18
19/**
20 * Blog entry edit page
21 *
22 * @package moodlecore
23 * @subpackage blog
24 * @copyright 2009 Nicolas Connault
25 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
26 */
0a941490 27require_once(dirname(dirname(__FILE__)).'/config.php');
4a173181 28include_once('lib.php');
cae83708 29include_once('locallib.php');
eccfc1ca 30
e96f2a77 31$action = required_param('action', PARAM_ALPHA);
9366362a 32$id = optional_param('entryid', 0, PARAM_INT);
e96f2a77 33$confirm = optional_param('confirm', 0, PARAM_BOOL);
1c7b8b93
NC
34$modid = optional_param('modid', 0, PARAM_INT); // To associate the entry with a module instance
35$courseid = optional_param('courseid', 0, PARAM_INT); // To associate the entry with a course
e96f2a77 36
a6855934 37$PAGE->set_url('/blog/edit.php', array('action' => $action, 'entryid' => $id, 'confirm' => $confirm, 'modid' => $modid, 'courseid' => $courseid));
cae83708 38
1c7b8b93
NC
39// If action is add, we ignore $id to avoid any further problems
40if (!empty($id) && $action == 'add') {
41 $id = null;
42}
43
a6855934 44$returnurl = new moodle_url('/blog/index.php');
1c7b8b93
NC
45
46if (!empty($courseid) && empty($modid)) {
47 $returnurl->param('courseid', $courseid);
48 $PAGE->set_context(get_context_instance(CONTEXT_COURSE, $courseid));
49}
50
51// If a modid is given, guess courseid
52if (!empty($modid)) {
53 $returnurl->param('modid', $modid);
54 $courseid = $DB->get_field('course_modules', 'course', array('id' => $modid));
55 $returnurl->param('courseid', $courseid);
56 $PAGE->set_context(get_context_instance(CONTEXT_MODULE, $modid));
57}
58
45f22487
SH
59// If courseid is empty use the system context
60if (empty($courseid)) {
61 $PAGE->set_context(get_context_instance(CONTEXT_SYSTEM));
62}
63
1c7b8b93 64$blogheaders = blog_get_headers();
b0e90a0c 65
673bc55d 66require_login($courseid);
eccfc1ca 67
9366362a 68if ($action == 'edit') {
69 $id = required_param('entryid', PARAM_INT);
70}
71
ab2f17b0 72if (empty($CFG->bloglevel)) {
fae11dca 73 print_error('blogdisable', 'blog');
ab2f17b0 74}
75
ec7c4f11 76if (isguestuser()) {
cae83708 77 print_error('noguestentry', 'blog');
4a173181 78}
79
d9d16e56 80$sitecontext = get_context_instance(CONTEXT_SYSTEM);
cae83708 81if (!has_capability('moodle/blog:create', $sitecontext) && !has_capability('moodle/blog:manageentries', $sitecontext)) {
82 print_error('cannoteditentryorblog');
4a173181 83}
84
1c7b8b93 85// Make sure that the person trying to edit has access right
e96f2a77 86if ($id) {
1c7b8b93 87 if (!$entry = new blog_entry($id)) {
cae83708 88 print_error('wrongentryid', 'blog');
4a173181 89 }
6524adcf 90
1c7b8b93 91 if (!blog_user_can_edit_entry($entry)) {
5a2a5331 92 print_error('notallowedtoedit', 'blog');
e96f2a77 93 }
1c7b8b93 94 $userid = $entry->userid;
32148582
PS
95 $entry->subject = clean_text($entry->subject);
96 $entry->summary = clean_text($entry->summary, $entry->format);
64f93798 97
4a173181 98} else {
e96f2a77 99 if (!has_capability('moodle/blog:create', $sitecontext)) {
cae83708 100 print_error('noentry', 'blog'); // manageentries is not enough for adding
e96f2a77 101 }
1c7b8b93
NC
102 $entry = new stdClass();
103 $entry->id = null;
104 $userid = $USER->id;
cae83708 105}
1c7b8b93 106$returnurl->param('userid', $userid);
48e79fd1 107
e96f2a77 108$strblogs = get_string('blogs','blog');
4a173181 109
45df7de3 110if ($action === 'delete'){
1c7b8b93 111 if (empty($entry->id)) {
cae83708 112 print_error('wrongentryid', 'blog');
f07b9627 113 }
cae83708 114 if (data_submitted() && $confirm && confirm_sesskey()) {
1c7b8b93
NC
115 // Make sure the current user is the author of the blog entry, or has some deleteanyentry capability
116 if (!blog_user_can_edit_entry($entry)) {
117 print_error('nopermissionstodeleteentry', 'blog');
118 } else {
119 $entry->delete();
120 redirect($returnurl);
121 }
122 } else if (blog_user_can_edit_entry($entry)) {
9366362a 123 $optionsyes = array('entryid'=>$id, 'action'=>'delete', 'confirm'=>1, 'sesskey'=>sesskey(), 'courseid'=>$courseid);
1c7b8b93 124 $optionsno = array('userid'=>$entry->userid, 'courseid'=>$courseid);
e640790e 125 $PAGE->set_title("$SITE->shortname: $strblogs");
126 $PAGE->set_heading($SITE->fullname);
127 echo $OUTPUT->header();
1c7b8b93 128 $entry->print_html();
f07b9627 129 echo '<br />';
7d00c7bc 130 echo $OUTPUT->confirm(get_string('blogdeleteconfirm', 'blog'), new moodle_url('edit.php', $optionsyes),new moodle_url( 'index.php', $optionsno));
033e4aff 131 echo $OUTPUT->footer();
f07b9627 132 die;
133 }
1c7b8b93
NC
134} else if ($action == 'add') {
135 $PAGE->set_title("$SITE->shortname: $strblogs: " . get_string('addnewentry', 'blog'));
136 $PAGE->set_heading($SITE->shortname);
137} else if ($action == 'edit') {
138 $PAGE->set_title("$SITE->shortname: $strblogs: " . get_string('editentry', 'blog'));
139 $PAGE->set_heading($SITE->shortname);
f07b9627 140}
6524adcf 141
1c7b8b93
NC
142if (!empty($entry->id)) {
143 if ($CFG->useblogassociations && ($blogassociations = $DB->get_records('blog_association', array('blogid' => $entry->id)))) {
cae83708 144
145 foreach ($blogassociations as $assocrec) {
e922fe23 146 $context = get_context_instance_by_id($assocrec->contextid);
cae83708 147
e922fe23 148 switch ($context->contextlevel) {
cae83708 149 case CONTEXT_COURSE:
1c7b8b93 150 $entry->courseassoc = $assocrec->contextid;
cae83708 151 break;
152 case CONTEXT_MODULE:
1c7b8b93 153 $entry->modassoc = $assocrec->contextid;
cae83708 154 break;
155 }
156 }
157 }
158}
159
1c7b8b93
NC
160require_once('edit_form.php');
161$summaryoptions = array('subdirs'=>false, 'maxfiles'=> 99, 'maxbytes'=>$CFG->maxbytes, 'trusttext'=>true, 'context'=>$sitecontext);
162$attachmentoptions = array('subdirs'=>false, 'maxfiles'=> 99, 'maxbytes'=>$CFG->maxbytes);
163
164$blogeditform = new blog_edit_form(null, compact('entry', 'summaryoptions', 'attachmentoptions', 'sitecontext', 'courseid', 'modid'));
cae83708 165
64f93798
PS
166$entry = file_prepare_standard_editor($entry, 'summary', $summaryoptions, $sitecontext, 'blog', 'post', $entry->id);
167$entry = file_prepare_standard_filemanager($entry, 'attachment', $attachmentoptions, $sitecontext, 'blog', 'attachment', $entry->id);
1c7b8b93
NC
168
169if (!empty($CFG->usetags) && !empty($entry->id)) {
170 include_once($CFG->dirroot.'/tag/lib.php');
171 $entry->tags = tag_get_tags_array('post', $entry->id);
172}
b73d1ca4 173
1c7b8b93
NC
174$entry->action = $action;
175// set defaults
176$blogeditform->set_data($entry);
f07b9627 177
1c7b8b93 178if ($blogeditform->is_cancelled()) {
f07b9627 179 redirect($returnurl);
cae83708 180
1c7b8b93
NC
181} else if ($data = $blogeditform->get_data()){
182
f07b9627 183 switch ($action) {
184 case 'add':
1c7b8b93 185 $blogentry = new blog_entry(null, $data, $blogeditform);
b73d1ca4 186 $blogentry->add();
1c7b8b93 187 $blogentry->edit($data, $blogeditform, $summaryoptions, $attachmentoptions);
f07b9627 188 break;
189
190 case 'edit':
1c7b8b93 191 if (empty($entry->id)) {
cae83708 192 print_error('wrongentryid', 'blog');
e96f2a77 193 }
1c7b8b93
NC
194
195 $entry->edit($data, $blogeditform, $summaryoptions, $attachmentoptions);
f07b9627 196 break;
1c7b8b93 197
f07b9627 198 default :
fae11dca 199 print_error('invalidaction');
f07b9627 200 }
1c7b8b93 201
f07b9627 202 redirect($returnurl);
203}
48e79fd1 204
f07b9627 205
206// gui setup
207switch ($action) {
208 case 'add':
209 // prepare new empty form
cae83708 210 $entry->publishstate = 'site';
e96f2a77 211 $strformheading = get_string('addnewentry', 'blog');
cae83708 212 $entry->action = $action;
213
1c7b8b93
NC
214 if ($CFG->useblogassociations) {
215
216 //pre-select the course for associations
217 if ($courseid) {
218 $context = get_context_instance(CONTEXT_COURSE, $courseid);
219 $entry->courseassoc = $context->id;
220 }
cae83708 221
1c7b8b93
NC
222 //pre-select the mod for associations
223 if ($modid) {
224 $context = get_context_instance(CONTEXT_MODULE, $modid);
225 $entry->modassoc = $context->id;
226 }
cae83708 227 }
228 break;
4a173181 229
e96f2a77 230 case 'edit':
1c7b8b93 231 if (empty($entry->id)) {
cae83708 232 print_error('wrongentryid', 'blog');
e96f2a77 233 }
1c7b8b93 234 $entry->tags = tag_get_tags_array('post', $entry->id);
e96f2a77 235 $strformheading = get_string('updateentrywithid', 'blog');
4a173181 236
cae83708 237 break;
1c7b8b93 238
f07b9627 239 default :
fae11dca 240 print_error('unknowaction');
4a173181 241}
242
cae83708 243$entry->modid = $modid;
244$entry->courseid = $courseid;
e640790e 245
246echo $OUTPUT->header();
1d284fbd 247$blogeditform->display();
033e4aff 248echo $OUTPUT->footer();
e96f2a77 249
250die;