MDL-24561 forum: require sesskey for the course-wide subscriptions
[moodle.git] / mod / forum / index.php
CommitLineData
cd4e6b17 1<?php
f93f848a 2
8f685009
SH
3// This file is part of Moodle - http://moodle.org/
4//
5// Moodle is free software: you can redistribute it and/or modify
6// it under the terms of the GNU General Public License as published by
7// the Free Software Foundation, either version 3 of the License, or
8// (at your option) any later version.
9//
10// Moodle is distributed in the hope that it will be useful,
11// but WITHOUT ANY WARRANTY; without even the implied warranty of
12// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13// GNU General Public License for more details.
14//
15// You should have received a copy of the GNU General Public License
16// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17
18/**
19 * @package mod-forum
20 * @copyright 1999 onwards Martin Dougiamas {@link http://moodle.com}
21 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
22 */
23
cd4e6b17 24require_once(dirname(__FILE__) . '/../../config.php');
25require_once($CFG->dirroot . '/course/lib.php');
26require_once($CFG->dirroot . '/mod/forum/lib.php');
27require_once($CFG->libdir . '/rsslib.php');
f93f848a 28
cd4e6b17 29$id = optional_param('id', 0, PARAM_INT); // Course id
30$subscribe = optional_param('subscribe', null, PARAM_INT); // Subscribe/Unsubscribe all forums
f93f848a 31
a6855934 32$url = new moodle_url('/mod/forum/index.php', array('id'=>$id));
cd4e6b17 33if ($subscribe !== null) {
c56ed7bb 34 require_sesskey();
cd4e6b17 35 $url->param('subscribe', $subscribe);
36}
37$PAGE->set_url($url);
38
39if ($id) {
40 if (! $course = $DB->get_record('course', array('id' => $id))) {
41 print_error('invalidcourseid');
42 }
43} else {
2a250a0b 44 $course = get_site();
cd4e6b17 45}
f93f848a 46
cd4e6b17 47require_course_login($course);
191b267b 48$PAGE->set_pagelayout('incourse');
cd4e6b17 49$coursecontext = get_context_instance(CONTEXT_COURSE, $course->id);
583b57b4 50
ecc8403e 51
cd4e6b17 52unset($SESSION->fromdiscussion);
f93f848a 53
cd4e6b17 54add_to_log($course->id, 'forum', 'view forums', "index.php?id=$course->id");
2f3f505f 55
cd4e6b17 56$strforums = get_string('forums', 'forum');
57$strforum = get_string('forum', 'forum');
58$strdescription = get_string('description');
59$strdiscussions = get_string('discussions', 'forum');
60$strsubscribed = get_string('subscribed', 'forum');
61$strunreadposts = get_string('unreadposts', 'forum');
62$strtracking = get_string('tracking', 'forum');
63$strmarkallread = get_string('markallread', 'forum');
64$strtrackforum = get_string('trackforum', 'forum');
65$strnotrackforum = get_string('notrackforum', 'forum');
66$strsubscribe = get_string('subscribe', 'forum');
67$strunsubscribe = get_string('unsubscribe', 'forum');
68$stryes = get_string('yes');
69$strno = get_string('no');
70$strrss = get_string('rss');
7487c856 71$strsectionname = get_string('sectionname', 'format_'.$course->format);
97485d07 72
cd4e6b17 73$searchform = forum_search_form($course);
f93f848a 74
f781b794 75
cd4e6b17 76// Start of the table for General Forums
f781b794 77
cd4e6b17 78$generaltable = new html_table();
79$generaltable->head = array ($strforum, $strdescription, $strdiscussions);
80$generaltable->align = array ('left', 'left', 'center');
f37da850 81
cd4e6b17 82if ($usetracking = forum_tp_can_track_forums()) {
83 $untracked = forum_tp_get_untracked_forums($USER->id, $course->id);
c2468824 84
cd4e6b17 85 $generaltable->head[] = $strunreadposts;
86 $generaltable->align[] = 'center';
38994d6f 87
cd4e6b17 88 $generaltable->head[] = $strtracking;
89 $generaltable->align[] = 'center';
90}
f93f848a 91
cd4e6b17 92$subscribed_forums = forum_get_subscribed_forums($course);
93
1cd8c399
AD
94$can_subscribe = is_enrolled($coursecontext);
95if ($can_subscribe) {
cd4e6b17 96 $generaltable->head[] = $strsubscribed;
97 $generaltable->align[] = 'center';
98}
99
100if ($show_rss = (($can_subscribe || $course->id == SITEID) &&
101 isset($CFG->enablerssfeeds) && isset($CFG->forum_enablerssfeeds) &&
102 $CFG->enablerssfeeds && $CFG->forum_enablerssfeeds)) {
103 $generaltable->head[] = $strrss;
104 $generaltable->align[] = 'center';
105}
90f4745c 106
7487c856
SH
107$usesections = course_format_uses_sections($course->format);
108$sections = get_all_sections($course->id);
109
110$table = new html_table();
f93f848a 111
cd4e6b17 112// Parse and organise all the forums. Most forums are course modules but
113// some special ones are not. These get placed in the general forums
114// category with the forums in section 0.
115
116$forums = $DB->get_records('forum', array('course' => $course->id));
117
118$generalforums = array();
119$learningforums = array();
120$modinfo =& get_fast_modinfo($course);
121
122if (!isset($modinfo->instances['forum'])) {
123 $modinfo->instances['forum'] = array();
124}
125
126foreach ($modinfo->instances['forum'] as $forumid=>$cm) {
127 if (!$cm->uservisible or !isset($forums[$forumid])) {
128 continue;
33f48f03 129 }
130
cd4e6b17 131 $forum = $forums[$forumid];
fa5a5b52 132
cd4e6b17 133 if (!$context = get_context_instance(CONTEXT_MODULE, $cm->id)) {
134 continue; // Shouldn't happen
135 }
136
137 if (!has_capability('mod/forum:viewdiscussion', $context)) {
138 continue;
139 }
ecc8403e 140
cd4e6b17 141 // fill two type array - order in modinfo is the same as in course
142 if ($forum->type == 'news' or $forum->type == 'social') {
143 $generalforums[$forum->id] = $forum;
dd97c328 144
cd4e6b17 145 } else if ($course->id == SITEID or empty($cm->sectionnum)) {
146 $generalforums[$forum->id] = $forum;
ecc8403e 147
cd4e6b17 148 } else {
149 $learningforums[$forum->id] = $forum;
2f3f505f 150 }
cd4e6b17 151}
2f3f505f 152
cd4e6b17 153/// Do course wide subscribe/unsubscribe
261c6ef0 154if (!is_null($subscribe) and !isguestuser()) {
2f3f505f 155 foreach ($modinfo->instances['forum'] as $forumid=>$cm) {
2f3f505f 156 $forum = $forums[$forumid];
cd4e6b17 157 $modcontext = get_context_instance(CONTEXT_MODULE, $cm->id);
158 $cansub = false;
dd97c328 159
cd4e6b17 160 if (has_capability('mod/forum:viewdiscussion', $modcontext)) {
161 $cansub = true;
2f3f505f 162 }
cd4e6b17 163 if ($cansub && $cm->visible == 0 &&
164 !has_capability('mod/forum:managesubscriptions', $modcontext))
165 {
166 $cansub = false;
2f3f505f 167 }
cd4e6b17 168 if (!forum_is_forcesubscribed($forum)) {
169 $subscribed = forum_is_subscribed($USER->id, $forum);
170 if ((has_capability('moodle/course:manageactivities', $coursecontext, $USER->id) || $forum->forcesubscribe != FORUM_DISALLOWSUBSCRIBE) && $subscribe && !$subscribed && $cansub) {
171 forum_subscribe($USER->id, $forumid);
172 } else if (!$subscribe && $subscribed) {
173 forum_unsubscribe($USER->id, $forumid);
174 }
175 }
176 }
177 $returnto = forum_go_back_to("index.php?id=$course->id");
178 if ($subscribe) {
179 add_to_log($course->id, 'forum', 'subscribeall', "index.php?id=$course->id", $course->id);
180 redirect($returnto, get_string('nowallsubscribed', 'forum', format_string($course->shortname)), 1);
181 } else {
182 add_to_log($course->id, 'forum', 'unsubscribeall', "index.php?id=$course->id", $course->id);
183 redirect($returnto, get_string('nowallunsubscribed', 'forum', format_string($course->shortname)), 1);
184 }
185}
dd97c328 186
cd4e6b17 187/// First, let's process the general forums and build up a display
188
189if ($generalforums) {
190 foreach ($generalforums as $forum) {
191 $cm = $modinfo->instances['forum'][$forum->id];
192 $context = get_context_instance(CONTEXT_MODULE, $cm->id);
193
194 $count = forum_count_discussions($forum, $cm, $course);
195
196 if ($usetracking) {
197 if ($forum->trackingtype == FORUM_TRACKING_OFF) {
198 $unreadlink = '-';
199 $trackedlink = '-';
200
201 } else {
202 if (isset($untracked[$forum->id])) {
203 $unreadlink = '-';
204 } else if ($unread = forum_tp_count_forum_unread_posts($cm, $course)) {
205 $unreadlink = '<span class="unread"><a href="view.php?f='.$forum->id.'">'.$unread.'</a>';
206 $unreadlink .= '<a title="'.$strmarkallread.'" href="markposts.php?f='.
b5d0cafc 207 $forum->id.'&amp;mark=read"><img src="'.$OUTPUT->pix_url('t/clear') . '" alt="'.$strmarkallread.'" /></a></span>';
cd4e6b17 208 } else {
209 $unreadlink = '<span class="read">0</span>';
210 }
2f3f505f 211
cd4e6b17 212 if ($forum->trackingtype == FORUM_TRACKING_ON) {
213 $trackedlink = $stryes;
2f3f505f 214
cd4e6b17 215 } else {
a6855934 216 $aurl = new moodle_url('/mod/forum/settracking.php', array('id'=>$forum->id));
cd4e6b17 217 if (!isset($untracked[$forum->id])) {
5c2ed7e2 218 $trackedlink = $OUTPUT->single_button($aurl, $stryes, 'post', array('title'=>$strnotrackforum));
cd4e6b17 219 } else {
5c2ed7e2 220 $trackedlink = $OUTPUT->single_button($aurl, $strno, 'post', array('title'=>$strtrackforum));
cd4e6b17 221 }
222 }
223 }
224 }
225
226 $forum->intro = shorten_text(format_module_intro('forum', $forum, $cm->id), $CFG->forum_shortpost);
227 $forumname = format_string($forum->name, true);;
228
229 if ($cm->visible) {
230 $style = '';
2f3f505f 231 } else {
cd4e6b17 232 $style = 'class="dimmed"';
37b15514 233 }
cd4e6b17 234 $forumlink = "<a href=\"view.php?f=$forum->id\" $style>".format_string($forum->name,true)."</a>";
235 $discussionlink = "<a href=\"view.php?f=$forum->id\" $style>".$count."</a>";
702dc57b 236
cd4e6b17 237 $row = array ($forumlink, $forum->intro, $discussionlink);
238 if ($usetracking) {
239 $row[] = $unreadlink;
240 $row[] = $trackedlink; // Tracking.
241 }
3b8b9b6a 242
cd4e6b17 243 if ($can_subscribe) {
244 if ($forum->forcesubscribe != FORUM_DISALLOWSUBSCRIBE) {
245 $row[] = forum_get_subscribe_link($forum, $context, array('subscribed' => $stryes,
246 'unsubscribed' => $strno, 'forcesubscribed' => $stryes,
247 'cantsubscribe' => '-'), false, false, true, $subscribed_forums);
248 } else {
249 $row[] = '-';
2c1363e6 250 }
cd4e6b17 251 }
252
253 //If this forum has RSS activated, calculate it
254 if ($show_rss) {
255 if ($forum->rsstype and $forum->rssarticles) {
9e86f2e7 256 //Calculate the tooltip text
cd4e6b17 257 if ($forum->rsstype == 1) {
9e86f2e7 258 $tooltiptext = get_string('rsssubscriberssdiscussions', 'forum');
cd4e6b17 259 } else {
9e86f2e7 260 $tooltiptext = get_string('rsssubscriberssposts', 'forum');
03877b04 261 }
cd4e6b17 262 //Get html code for RSS link
aa60291e 263 $row[] = rss_get_link($context->id, $USER->id, 'mod_forum', $forum->id, $tooltiptext);
cd4e6b17 264 } else {
265 $row[] = '&nbsp;';
03877b04 266 }
267 }
cd4e6b17 268
269 $generaltable->data[] = $row;
270 }
271}
272
273
274// Start of the table for Learning Forums
275$learningtable = new html_table();
276$learningtable->head = array ($strforum, $strdescription, $strdiscussions);
277$learningtable->align = array ('left', 'left', 'center');
278
279if ($usetracking) {
280 $learningtable->head[] = $strunreadposts;
281 $learningtable->align[] = 'center';
282
283 $learningtable->head[] = $strtracking;
284 $learningtable->align[] = 'center';
285}
286
287if ($can_subscribe) {
288 $learningtable->head[] = $strsubscribed;
289 $learningtable->align[] = 'center';
290}
291
292if ($show_rss = (($can_subscribe || $course->id == SITEID) &&
293 isset($CFG->enablerssfeeds) && isset($CFG->forum_enablerssfeeds) &&
294 $CFG->enablerssfeeds && $CFG->forum_enablerssfeeds)) {
295 $learningtable->head[] = $strrss;
296 $learningtable->align[] = 'center';
297}
298
299/// Now let's process the learning forums
300
301if ($course->id != SITEID) { // Only real courses have learning forums
302 // Add extra field for section number, at the front
7487c856 303 array_unshift($learningtable->head, $strsectionname);
cd4e6b17 304 array_unshift($learningtable->align, 'center');
03877b04 305
ecc8403e 306
cd4e6b17 307 if ($learningforums) {
308 $currentsection = '';
309 foreach ($learningforums as $forum) {
2f3f505f 310 $cm = $modinfo->instances['forum'][$forum->id];
311 $context = get_context_instance(CONTEXT_MODULE, $cm->id);
dd97c328 312
90f4745c 313 $count = forum_count_discussions($forum, $cm, $course);
8f0cd6ef 314
eaf50aef 315 if ($usetracking) {
a90e92a5 316 if ($forum->trackingtype == FORUM_TRACKING_OFF) {
317 $unreadlink = '-';
318 $trackedlink = '-';
90f4745c 319
320 } else {
321 if (isset($untracked[$forum->id])) {
cd4e6b17 322 $unreadlink = '-';
90f4745c 323 } else if ($unread = forum_tp_count_forum_unread_posts($cm, $course)) {
cd4e6b17 324 $unreadlink = '<span class="unread"><a href="view.php?f='.$forum->id.'">'.$unread.'</a>';
c39748f4 325 $unreadlink .= '<a title="'.$strmarkallread.'" href="markposts.php?f='.
b5d0cafc 326 $forum->id.'&amp;mark=read"><img src="'.$OUTPUT->pix_url('t/clear') . '" alt="'.$strmarkallread.'" /></a></span>';
38994d6f 327 } else {
90f4745c 328 $unreadlink = '<span class="read">0</span>';
38994d6f 329 }
630bd96b 330
90f4745c 331 if ($forum->trackingtype == FORUM_TRACKING_ON) {
332 $trackedlink = $stryes;
bbbf2d40 333
a90e92a5 334 } else {
a6855934 335 $aurl = new moodle_url('/mod/forum/settracking.php', array('id'=>$forum->id));
90f4745c 336 if (!isset($untracked[$forum->id])) {
5c2ed7e2 337 $trackedlink = $OUTPUT->single_button($aurl, $stryes, 'post', array('title'=>$strnotrackforum));
90f4745c 338 } else {
5c2ed7e2 339 $trackedlink = $OUTPUT->single_button($aurl, $strno, 'post', array('title'=>$strtrackforum));
90f4745c 340 }
630bd96b 341 }
f37da850 342 }
343 }
344
4ba2221a 345 $forum->intro = shorten_text(format_module_intro('forum', $forum, $cm->id), $CFG->forum_shortpost);
cd4e6b17 346
347 if ($cm->sectionnum != $currentsection) {
7487c856 348 $printsection = get_section_name($course, $sections[$cm->sectionnum]);
cd4e6b17 349 if ($currentsection) {
350 $learningtable->data[] = 'hr';
351 }
352 $currentsection = $cm->sectionnum;
353 } else {
354 $printsection = '';
355 }
356
357 $forumname = format_string($forum->name,true);;
ecc8403e 358
90f4745c 359 if ($cm->visible) {
360 $style = '';
ecc8403e 361 } else {
90f4745c 362 $style = 'class="dimmed"';
ecc8403e 363 }
90f4745c 364 $forumlink = "<a href=\"view.php?f=$forum->id\" $style>".format_string($forum->name,true)."</a>";
365 $discussionlink = "<a href=\"view.php?f=$forum->id\" $style>".$count."</a>";
ecc8403e 366
cd4e6b17 367 $row = array ($printsection, $forumlink, $forum->intro, $discussionlink);
49b53f26 368 if ($usetracking) {
369 $row[] = $unreadlink;
370 $row[] = $trackedlink; // Tracking.
f4646b44 371 }
372
ecc8403e 373 if ($can_subscribe) {
90f4745c 374 if ($forum->forcesubscribe != FORUM_DISALLOWSUBSCRIBE) {
375 $row[] = forum_get_subscribe_link($forum, $context, array('subscribed' => $stryes,
cd4e6b17 376 'unsubscribed' => $strno, 'forcesubscribed' => $stryes,
377 'cantsubscribe' => '-'), false, false, true, $subscribed_forums);
90f4745c 378 } else {
379 $row[] = '-';
380 }
49b53f26 381 }
382
383 //If this forum has RSS activated, calculate it
90f4745c 384 if ($show_rss) {
385 if ($forum->rsstype and $forum->rssarticles) {
386 //Calculate the tolltip text
387 if ($forum->rsstype == 1) {
9e86f2e7 388 $tooltiptext = get_string('rsssubscriberssdiscussions', 'forum');
90f4745c 389 } else {
9e86f2e7 390 $tooltiptext = get_string('rsssubscriberssposts', 'forum');
90f4745c 391 }
392 //Get html code for RSS link
aa60291e 393 $row[] = rss_get_link($context->id, $USER->id, 'mod_forum', $forum->id, $tooltiptext);
49b53f26 394 } else {
90f4745c 395 $row[] = '&nbsp;';
f4646b44 396 }
ecc8403e 397 }
49b53f26 398
cd4e6b17 399 $learningtable->data[] = $row;
ecc8403e 400 }
8f0cd6ef 401 }
cd4e6b17 402}
403
404
405/// Output the page
406$PAGE->navbar->add($strforums);
407$PAGE->set_title("$course->shortname: $strforums");
408$PAGE->set_heading($course->fullname);
409$PAGE->set_button($searchform);
410echo $OUTPUT->header();
411
261c6ef0 412if (!isguestuser()) {
cd4e6b17 413 echo $OUTPUT->box_start('subscription');
c56ed7bb
DM
414 echo html_writer::tag('div',
415 html_writer::link(new moodle_url('/mod/forum/index.php', array('id'=>$course->id, 'subscribe'=>1, 'sesskey'=>sesskey())),
416 get_string('allsubscribe', 'forum')),
417 array('class'=>'helplink'));
418 echo html_writer::tag('div',
419 html_writer::link(new moodle_url('/mod/forum/index.php', array('id'=>$course->id, 'subscribe'=>0, 'sesskey'=>sesskey())),
420 get_string('allunsubscribe', 'forum')),
421 array('class'=>'helplink'));
cd4e6b17 422 echo $OUTPUT->box_end();
423 echo $OUTPUT->box('&nbsp;', 'clearer');
424}
425
426if ($generalforums) {
427 echo $OUTPUT->heading(get_string('generalforums', 'forum'));
16be8974 428 echo html_writer::table($generaltable);
cd4e6b17 429}
430
431if ($learningforums) {
432 echo $OUTPUT->heading(get_string('learningforums', 'forum'));
16be8974 433 echo html_writer::table($learningtable);
cd4e6b17 434}
435
436echo $OUTPUT->footer();
437