MDL-6805 Fix redirects in blog; MDL-6807 fix blog capability checks
[moodle.git] / blog / index.php
CommitLineData
4a173181 1<?php // $Id$
2
3/**
4 * file index.php
5 * index page to view blogs. if no blog is specified then site wide entries are shown
6 * if a blog id is specified then the latest entries from that blog are shown
7 */
8
9if (!file_exists('../config.php')) {
10 header('Location: ../install.php');
11 die;
12}
4a173181 13
eccfc1ca 14require_once('../config.php');
4a173181 15require_once($CFG->dirroot .'/blog/lib.php');
16require_once($CFG->libdir .'/blocklib.php');
17
5c625033 18$id = optional_param('id', 0, PARAM_INT);
19$limit = optional_param('limit', 0, PARAM_INT);
e17426ca 20$start = optional_param('formstart', 0, PARAM_INT);
4a173181 21$userid = optional_param('userid',0,PARAM_INT);
9fad492e 22$courseid = optional_param('courseid',SITEID,PARAM_INT);
03bfaba1 23$tag = optional_param('tag', '', PARAM_NOTAGS);
5c625033 24$tagid = optional_param('tagid', 0, PARAM_INT);
516194d0 25$postid = optional_param('postid',0,PARAM_INT);
9154b440 26$filtertype = optional_param('filtertype', '', PARAM_ALPHA);
27$filterselect = optional_param('filterselect', 0, PARAM_INT);
4a173181 28
ab2f17b0 29if (empty($CFG->bloglevel)) {
30 error('Blogging is disabled!');
31}
bbbf2d40 32
33
4a173181 34/// overwrite filter code here
4a173181 35
36if ($filtertype) {
37 switch ($filtertype) {
38
39 case 'site':
40 if ($filterselect) {
41 $userid = $filterselect;
42 } else {
43 $userid = 0;
44 }
45 $course = get_site();
46 $courseid = SITEID;
47 break;
48
49 case 'course':
50 if ($filterselect) {
51 $courseid = $filterselect;
52 $course = get_record('course','id',$courseid);
53 }
54 $userid =0;
55 $groupid = 0;
4a173181 56 break;
57
58 case 'group':
59 if ($filterselect) {
60 $groupid = $filterselect;
61 $group = get_record('groups','id',$groupid);
62 $course = get_record('course','id',$group->courseid);
63 $courseid = $course->id;
64 } else {
65 $groupid = 0;
66 }
67 $userid = 0;
4a173181 68 break;
69
70 case 'user':
71 if ($filterselect) {
72 $userid = $filterselect;
73 }
74 $groupid = 0;
4a173181 75 break;
76 default:
77 break;
78 }
79
bbbf2d40 80} else if ($userid) { // default to user
4a173181 81 $filtertype = 'user';
82 $filterselect = $userid;
83} else {
84 $filtertype = 'site';
85 $filterselect = '';
86}
87
bbbf2d40 88
89
90/// Rights checking.
4a173181 91
92switch ($filtertype) {
93 case 'site':
bbbf2d40 94 $context = get_context_instance(CONTEXT_SYSTEM, SITEID);
d7bf6d17 95 if ($CFG->bloglevel < BLOG_SITE_LEVEL) {
bbbf2d40 96 error('Site blogs is not enabled');
9154b440 97 } else if ($CFG->bloglevel < BLOG_GLOBAL_LEVEL) {
4a173181 98 require_login();
99 }
100 break;
101 case 'course':
bbbf2d40 102 $context = get_context_instance(CONTEXT_COURSE, $courseid);
d7bf6d17 103 if ($CFG->bloglevel < BLOG_COURSE_LEVEL) {
bbbf2d40 104 error('Course blogs is not enabled');
4a173181 105 }
4a173181 106 break;
107 case 'group':
d7bf6d17 108 $context = get_context_instance(CONTEXT_GROUP, $groupid);
109 if ($CFG->bloglevel < BLOG_GROUP_LEVEL) {
bbbf2d40 110 error ('Group blogs is not enabled');
4a173181 111 }
d7bf6d17 112 if (groupmode($course) == SEPARATEGROUPS &&
113 !has_capability('moodle/site:accessallgroups', $context)) {
4a173181 114 if (!ismember($filterselect)) {
bbbf2d40 115 error ('You are not a member of this group');
4a173181 116 }
117 }
118 /// check if user is editting teacher, or if spg, is member
119 break;
120 case 'user':
4b10f08b 121 $context = get_context_instance(CONTEXT_USER, $userid);
d7bf6d17 122 if ($CFG->bloglevel < BLOG_USER_LEVEL) {
4a173181 123 error ('Blogs is not enabled');
124 }
d7bf6d17 125 if ($CFG->bloglevel == BLOG_USER_LEVEL && $USER->id != $filterselect) {
f4c85f46 126 error ('Under this setting, you can only view your own blogs');
127 }
516194d0 128
4a173181 129 /// check to see if the viewer is sharing no_group, visible group course.
130 /// if not , check if the viewer is in any spg group as the user
f4c85f46 131 blog_user_can_view_user_post($filterselect);
132
4a173181 133 break;
134 default:
135 break;
136}
137
d7bf6d17 138if (!has_capability('moodle/blog:view', $context)) {
139 error('You do not have the required permissions to to view blogs');
140}
141
142
8c9814f9 143// first set the start and end day equal to the day argument passed in from the get vars
4a173181 144if ($limit == 'none') {
bbbf2d40 145 $limit = get_user_preferences('blogpagesize', 10);
4a173181 146}
f99fee6c 147
4a173181 148include($CFG->dirroot .'/blog/header.php');
149
bbbf2d40 150// prints the tabs
151$currenttab = 'blogs';
152$user = $USER;
153if (!$course) {
154 $course = get_record('course', 'id', optional_param('courseid', SITEID, PARAM_INT));
155}
bbbf2d40 156
157$blogpage = optional_param('blogpage', 0, PARAM_INT);
c2ee4e87 158
159blog_print_html_formatted_entries($userid, $postid, $limit, ($blogpage * $limit) ,$filtertype, $filterselect, $tagid, $tag, $filtertype, $filterselect);
4a173181 160
06622f92 161add_to_log($courseid, 'blog', 'view', 'index.php?filtertype='.$filtertype.'&amp;filterselect='.$filterselect.'&amp;postid='.$postid.'&amp;tagid='.$tagid.'&amp;tag='.$tag, 'view blog entry');
92a019ac 162
4a173181 163include($CFG->dirroot .'/blog/footer.php');
164
d7bf6d17 165
4b10f08b 166?>