MDL-22530 fixed regression in url module - missing encrypted parameter
[moodle.git] / mod / quiz / startattempt.php
CommitLineData
83192608 1<?php
78e7a3dd 2/**
3 * This page deals with starting a new attempt at a quiz.
4 *
5 * Normally, it will end up redirecting to attempt.php - unless a password form is displayed.
6 *
ccc45155 7 * This code used to be at the top of attempt.php, if you are looking for CVS history.
8 *
78e7a3dd 9 * @author Tim Hunt.
10 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
11 * @package quiz
12 */
13
14require_once(dirname(__FILE__) . '/../../config.php');
15require_once($CFG->dirroot . '/mod/quiz/locallib.php');
16
17/// Get submitted parameters.
18$id = required_param('cmid', PARAM_INT); // Course Module ID
19$forcenew = optional_param('forcenew', false, PARAM_BOOL); // Used to force a new preview
20
21if (!$cm = get_coursemodule_from_id('quiz', $id)) {
22 print_error('invalidcoursemodule');
23}
24if (!$course = $DB->get_record('course', array('id' => $cm->course))) {
25 print_error("coursemisconf");
26}
27if (!$quiz = $DB->get_record('quiz', array('id' => $cm->instance))) {
28 print_error('invalidcoursemodule');
29}
30
990650f9 31$quizobj = quiz::create($quiz->id, $USER->id);
78e7a3dd 32
b1103f2b 33/// Check login and sesskey.
78e7a3dd 34require_login($quizobj->get_courseid(), false, $quizobj->get_cm());
b1103f2b 35if (!confirm_sesskey()) {
36 throw new moodle_exception('confirmsesskeybad', 'error', $quizobj->view_url());
37}
78e7a3dd 38
39/// if no questions have been set up yet redirect to edit.php
40if (!$quizobj->get_question_ids() && $quizobj->has_capability('mod/quiz:manage')) {
41 redirect($quizobj->edit_url());
42}
43
44/// Create an object to manage all the other (non-roles) access rules.
45$accessmanager = $quizobj->get_access_manager(time());
46if ($quizobj->is_preview_user() && $forcenew) {
47 $accessmanager->clear_password_access();
48}
49
78e7a3dd 50
51/// Check capabilites.
52if (!$quizobj->is_preview_user()) {
53 $quizobj->require_capability('mod/quiz:attempt');
54}
55
56/// Check to see if a new preview was requested.
57if ($quizobj->is_preview_user() && $forcenew) {
58/// To force the creation of a new preview, we set a finish time on the
59/// current attempt (if any). It will then automatically be deleted below
60 $DB->set_field('quiz_attempts', 'timefinish', time(), array('quiz' => $quiz->id, 'userid' => $USER->id));
61}
62
63/// Look for an existing attempt.
64$lastattempt = quiz_get_latest_attempt_by_user($quiz->id, $USER->id);
65
66if ($lastattempt && !$lastattempt->timefinish) {
67/// Continuation of an attempt - check password then redirect.
68 $accessmanager->do_password_check($quizobj->is_preview_user());
69 redirect($quizobj->attempt_url($lastattempt->id));
70}
71
72/// Get number for the next or unfinished attempt
73if ($lastattempt && !$lastattempt->preview && !$quizobj->is_preview_user()) {
74 $lastattemptid = $lastattempt->id;
75 $attemptnumber = $lastattempt->attempt + 1;
76} else {
77 $lastattempt = false;
78 $lastattemptid = false;
79 $attemptnumber = 1;
80}
81
82/// Check access.
83$messages = $accessmanager->prevent_access() +
84 $accessmanager->prevent_new_attempt($attemptnumber - 1, $lastattempt);
85if (!$quizobj->is_preview_user() && $messages) {
86 print_error('attempterror', 'quiz', $quizobj->view_url(),
87 $accessmanager->print_messages($messages, true));
88}
89$accessmanager->do_password_check($quizobj->is_preview_user());
90
91/// Delete any previous preview attempts belonging to this user.
4299df1d 92quiz_delete_previews($quiz, $USER->id);
78e7a3dd 93
94/// Create the new attempt and initialize the question sessions
95$attempt = quiz_create_attempt($quiz, $attemptnumber, $lastattempt, time(), $quizobj->is_preview_user());
96
97/// Save the attempt in the database.
a8f3a651 98$attempt->id = $DB->insert_record('quiz_attempts', $attempt);
78e7a3dd 99
100/// Log the new attempt.
101if ($attempt->preview) {
b1103f2b 102 add_to_log($course->id, 'quiz', 'preview', 'view.php?id=' . $quizobj->get_cmid(),
103 $quizobj->get_quizid(), $quizobj->get_cmid());
78e7a3dd 104} else {
b1103f2b 105 add_to_log($course->id, 'quiz', 'attempt', 'review.php?attempt=' . $attempt->id,
106 $quizobj->get_quizid(), $quizobj->get_cmid());
78e7a3dd 107}
108
109/// Fully load all the questions in this quiz.
110$quizobj->preload_questions();
111$quizobj->load_questions();
112
113/// Create initial states for all questions in this quiz.
114if (!$states = get_question_states($quizobj->get_questions(), $quizobj->get_quiz(), $attempt, $lastattemptid)) {
115 print_error('cannotrestore', 'quiz');
116}
117
118/// Save all the newly created states.
119foreach ($quizobj->get_questions() as $i => $question) {
120 save_question_session($question, $states[$i]);
121}
122
123/// Redirect to the attempt page.
124redirect($quizobj->attempt_url($attempt->id));