MDL-10110 Adding validation for multichoice option single and multianswer
[moodle.git] / user / messageselect.php
CommitLineData
f09002ca 1<?php // $Id$
2
f19570d0 3 require_once('../config.php');
4 require_once($CFG->dirroot.'/message/lib.php');
5
fb2cf7eb 6 $id = required_param('id',PARAM_INT);
7 $messagebody = optional_param('messagebody','',PARAM_CLEANHTML);
9101efd3 8 $send = optional_param('send','',PARAM_BOOL);
9 $preview = optional_param('preview','',PARAM_BOOL);
10 $edit = optional_param('edit','',PARAM_BOOL);
fb2cf7eb 11 $returnto = optional_param('returnto','',PARAM_LOCALURL);
fb2cf7eb 12 $format = optional_param('format',FORMAT_MOODLE,PARAM_INT);
fb2cf7eb 13 $deluser = optional_param('deluser',0,PARAM_INT);
f19570d0 14
ce8c75ee 15 if (!$course = $DB->get_record('course', array('id'=>$id))) {
4e244ba8 16 print_error('invalidcourseid');
f19570d0 17 }
18
9c37662f 19 require_login();
0be6f678 20
bb9a123a 21 $coursecontext = get_context_instance(CONTEXT_COURSE, $id); // Course context
22 $systemcontext = get_context_instance(CONTEXT_SYSTEM); // SYSTEM context
23 require_capability('moodle/course:bulkmessaging', $coursecontext);
f19570d0 24
25 if (empty($SESSION->emailto)) {
26 $SESSION->emailto = array();
27 }
28 if (!array_key_exists($id,$SESSION->emailto)) {
29 $SESSION->emailto[$id] = array();
30 }
31
32 if ($deluser) {
33 if (array_key_exists($id,$SESSION->emailto) && array_key_exists($deluser,$SESSION->emailto[$id])) {
34 unset($SESSION->emailto[$id][$deluser]);
35 }
36 }
37
18c3baa2 38 if (empty($SESSION->emailselect[$id]) || $messagebody) {
39 $SESSION->emailselect[$id] = array('messagebody' => $messagebody);
40 }
41
42 $messagebody = $SESSION->emailselect[$id]['messagebody'];
43
f19570d0 44 $count = 0;
45
db0a8174 46 foreach ($_POST as $k => $v) {
9a0f8502 47 if (preg_match('/^(user|teacher)(\d+)$/',$k,$m)) {
48 if (!array_key_exists($m[2],$SESSION->emailto[$id])) {
ce8c75ee 49 if ($user = $DB->get_record_select('user', "id = ?", array($m[2]), 'id,firstname,lastname,idnumber,email,emailstop,mailformat,lastaccess')) {
9a0f8502 50 $SESSION->emailto[$id][$m[2]] = $user;
f19570d0 51 $count++;
52 }
53 }
54 }
55 }
56
57 $strtitle = get_string('coursemessage');
58
caa8363f 59 $link = null;
bb9a123a 60 if (has_capability('moodle/course:viewparticipants', $coursecontext) || has_capability('moodle/site:viewparticipants', $systemcontext)) {
caa8363f 61 $link = new moodle_url($CFG->wwwroot."/user/index.php", array('id'=>$course->id));
62 }
91152a35 63 $PAGE->navbar->add(get_string('participants'), $link);
caa8363f 64 $PAGE->navbar->add($strtitle);
65 $PAGE->set_title($strtitle);
66 $PAGE->set_heading($strtitle);
67 if (empty($messagebody)) {
68 $PAGE->set_focuscontrol('theform.messagebody');
bb9a123a 69 }
f19570d0 70
caa8363f 71 echo $OUTPUT->header();
576ad290 72 // if messaging is disabled on site, we can still allow users with capabilities to send emails instead
73 if (empty($CFG->messaging)) {
3aac07d8 74 echo $OUTPUT->notification(get_string('messagingdisabled','message'));
576ad290 75 }
f19570d0 76
77 if ($count) {
78 if ($count == 1) {
ce8c75ee 79 $heading = get_string('addedrecip','moodle',$count);
f19570d0 80 } else {
81 $heading = get_string('addedrecips','moodle',$count);
82 }
f24ca3ce 83 echo $OUTPUT->heading($heading);
f19570d0 84 }
85
18c3baa2 86 if (!empty($messagebody) && !$edit && !$deluser && ($preview || $send)) {
f19570d0 87 if (count($SESSION->emailto[$id])) {
f09002ca 88 if (!empty($preview)) {
f19570d0 89 echo '<form method="post" action="messageselect.php" style="margin: 0 20px;">
f09002ca 90<input type="hidden" name="returnto" value="'.s($returnto).'" />
60af2703 91<input type="hidden" name="id" value="'.$id.'" />
92<input type="hidden" name="format" value="'.$format.'" />
18c3baa2 93';
294ce987 94 echo "<h3>".get_string('previewhtml')."</h3><div class=\"messagepreview\">\n".format_text($messagebody,$format)."\n</div>\n";
5cbce21a 95 echo '<p align="center"><input type="submit" name="send" value="'.get_string('sendmessage', 'message').'" />'."\n";
f09002ca 96 echo '<input type="submit" name="edit" value="'.get_string('update').'" /></p>';
5cbce21a 97 echo "\n</form>";
f09002ca 98 } else if (!empty($send)) {
f19570d0 99 $good = 1;
100 foreach ($SESSION->emailto[$id] as $user) {
294ce987 101 $good = $good && message_post_message($USER,$user,$messagebody,$format,'direct');
f19570d0 102 }
f09002ca 103 if (!empty($good)) {
f24ca3ce 104 echo $OUTPUT->heading(get_string('messagedselectedusers'));
f19570d0 105 unset($SESSION->emailto[$id]);
18c3baa2 106 unset($SESSION->emailselect[$id]);
f19570d0 107 } else {
f24ca3ce 108 echo $OUTPUT->heading(get_string('messagedselectedusersfailed'));
f19570d0 109 }
110 echo '<p align="center"><a href="index.php?id='.$id.'">'.get_string('backtoparticipants').'</a></p>';
111 }
f24ca3ce 112 echo $OUTPUT->footer();
f19570d0 113 exit;
114 } else {
3aac07d8 115 echo $OUTPUT->notification(get_string('nousersyet'));
f19570d0 116 }
117 }
118
119 echo '<p align="center"><a href="'.$returnto.'">'.get_string("keepsearching").'</a>'.((count($SESSION->emailto[$id])) ? ', '.get_string('usemessageform') : '').'</p>';
120
121 if ((!empty($send) || !empty($preview) || !empty($edit)) && (empty($messagebody))) {
3aac07d8 122 echo $OUTPUT->notification(get_string('allfieldsrequired'));
f19570d0 123 }
124
125 if (count($SESSION->emailto[$id])) {
59fa45d0 126 $usehtmleditor = can_use_html_editor();
f19570d0 127 require("message.html");
f19570d0 128 }
129
f24ca3ce 130 echo $OUTPUT->footer();
f19570d0 131
f09002ca 132
f0cb18e6 133?>