MDL-41317 Set correct context to send bulk message page
[moodle.git] / user / messageselect.php
CommitLineData
ce221eb5 1<?php
2
3// This file is part of Moodle - http://moodle.org/
4//
5// Moodle is free software: you can redistribute it and/or modify
6// it under the terms of the GNU General Public License as published by
7// the Free Software Foundation, either version 3 of the License, or
8// (at your option) any later version.
9//
10// Moodle is distributed in the hope that it will be useful,
11// but WITHOUT ANY WARRANTY; without even the implied warranty of
12// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13// GNU General Public License for more details.
14//
15// You should have received a copy of the GNU General Public License
16// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17
18/**
19 * This file is part of the User section Moodle
20 *
21 * @copyright 1999 Martin Dougiamas http://dougiamas.com
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
23 * @package user
24 */
25
26require_once('../config.php');
27require_once($CFG->dirroot.'/message/lib.php');
28
29$id = required_param('id',PARAM_INT);
30$messagebody = optional_param('messagebody','',PARAM_CLEANHTML);
31$send = optional_param('send','',PARAM_BOOL);
32$preview = optional_param('preview','',PARAM_BOOL);
33$edit = optional_param('edit','',PARAM_BOOL);
34$returnto = optional_param('returnto','',PARAM_LOCALURL);
35$format = optional_param('format',FORMAT_MOODLE,PARAM_INT);
36$deluser = optional_param('deluser',0,PARAM_INT);
37
a6855934 38$url = new moodle_url('/user/messageselect.php', array('id'=>$id));
ce221eb5 39if ($messagebody !== '') {
40 $url->param('messagebody', $messagebody);
41}
42if ($send !== '') {
43 $url->param('send', $send);
44}
45if ($preview !== '') {
46 $url->param('preview', $preview);
47}
48if ($edit !== '') {
49 $url->param('edit', $edit);
50}
51if ($returnto !== '') {
52 $url->param('returnto', $returnto);
53}
54if ($format !== FORMAT_MOODLE) {
55 $url->param('format', $format);
56}
57if ($deluser !== 0) {
58 $url->param('deluser', $deluser);
59}
60$PAGE->set_url($url);
61
62if (!$course = $DB->get_record('course', array('id'=>$id))) {
63 print_error('invalidcourseid');
64}
65
b469e62a 66require_login($course);
ce221eb5 67
43731030
FM
68$coursecontext = context_course::instance($id); // Course context
69$systemcontext = context_system::instance(); // SYSTEM context
ce221eb5 70require_capability('moodle/course:bulkmessaging', $coursecontext);
71
72if (empty($SESSION->emailto)) {
73 $SESSION->emailto = array();
74}
75if (!array_key_exists($id,$SESSION->emailto)) {
76 $SESSION->emailto[$id] = array();
77}
78
79if ($deluser) {
80 if (array_key_exists($id,$SESSION->emailto) && array_key_exists($deluser,$SESSION->emailto[$id])) {
81 unset($SESSION->emailto[$id][$deluser]);
f19570d0 82 }
ce221eb5 83}
f19570d0 84
ce221eb5 85if (empty($SESSION->emailselect[$id]) || $messagebody) {
86 $SESSION->emailselect[$id] = array('messagebody' => $messagebody);
87}
0be6f678 88
ce221eb5 89$messagebody = $SESSION->emailselect[$id]['messagebody'];
f19570d0 90
ce221eb5 91$count = 0;
f19570d0 92
632f3eff
ARN
93if ($data = data_submitted()) {
94 require_sesskey();
a327f25e 95 $namefields = get_all_user_name_fields(true);
78fcdb5f
PS
96 foreach ($data as $k => $v) {
97 if (preg_match('/^(user|teacher)(\d+)$/',$k,$m)) {
98 if (!array_key_exists($m[2],$SESSION->emailto[$id])) {
a327f25e
AG
99 if ($user = $DB->get_record_select('user', "id = ?", array($m[2]), 'id,
100 ' . $namefields . ',idnumber,email,mailformat,lastaccess, lang, maildisplay')) {
78fcdb5f
PS
101 $SESSION->emailto[$id][$m[2]] = $user;
102 $count++;
103 }
f19570d0 104 }
105 }
106 }
ce221eb5 107}
108
109$strtitle = get_string('coursemessage');
110
111$link = null;
112if (has_capability('moodle/course:viewparticipants', $coursecontext) || has_capability('moodle/site:viewparticipants', $systemcontext)) {
a6855934 113 $link = new moodle_url("/user/index.php", array('id'=>$course->id));
ce221eb5 114}
115$PAGE->navbar->add(get_string('participants'), $link);
116$PAGE->navbar->add($strtitle);
117$PAGE->set_title($strtitle);
118$PAGE->set_heading($strtitle);
ce221eb5 119echo $OUTPUT->header();
120// if messaging is disabled on site, we can still allow users with capabilities to send emails instead
121if (empty($CFG->messaging)) {
122 echo $OUTPUT->notification(get_string('messagingdisabled','message'));
123}
124
125if ($count) {
126 if ($count == 1) {
127 $heading = get_string('addedrecip','moodle',$count);
128 } else {
129 $heading = get_string('addedrecips','moodle',$count);
f19570d0 130 }
ce221eb5 131 echo $OUTPUT->heading($heading);
132}
f19570d0 133
ce221eb5 134if (!empty($messagebody) && !$edit && !$deluser && ($preview || $send)) {
632f3eff 135 require_sesskey();
ce221eb5 136 if (count($SESSION->emailto[$id])) {
137 if (!empty($preview)) {
138 echo '<form method="post" action="messageselect.php" style="margin: 0 20px;">
f09002ca 139<input type="hidden" name="returnto" value="'.s($returnto).'" />
60af2703 140<input type="hidden" name="id" value="'.$id.'" />
141<input type="hidden" name="format" value="'.$format.'" />
60fb0ef8 142<input type="hidden" name="sesskey" value="' . sesskey() . '" />
18c3baa2 143';
ce221eb5 144 echo "<h3>".get_string('previewhtml')."</h3><div class=\"messagepreview\">\n".format_text($messagebody,$format)."\n</div>\n";
145 echo '<p align="center"><input type="submit" name="send" value="'.get_string('sendmessage', 'message').'" />'."\n";
146 echo '<input type="submit" name="edit" value="'.get_string('update').'" /></p>';
147 echo "\n</form>";
632f3eff 148 } else if (!empty($send)) {
ce221eb5 149 $good = 1;
150 foreach ($SESSION->emailto[$id] as $user) {
bcab42da 151 $good = $good && message_post_message($USER,$user,$messagebody,$format);
ce221eb5 152 }
153 if (!empty($good)) {
154 echo $OUTPUT->heading(get_string('messagedselectedusers'));
155 unset($SESSION->emailto[$id]);
156 unset($SESSION->emailselect[$id]);
157 } else {
158 echo $OUTPUT->heading(get_string('messagedselectedusersfailed'));
f19570d0 159 }
ce221eb5 160 echo '<p align="center"><a href="index.php?id='.$id.'">'.get_string('backtoparticipants').'</a></p>';
f19570d0 161 }
ce221eb5 162 echo $OUTPUT->footer();
163 exit;
164 } else {
165 echo $OUTPUT->notification(get_string('nousersyet'));
f19570d0 166 }
ce221eb5 167}
f19570d0 168
ce221eb5 169echo '<p align="center"><a href="'.$returnto.'">'.get_string("keepsearching").'</a>'.((count($SESSION->emailto[$id])) ? ', '.get_string('usemessageform') : '').'</p>';
f19570d0 170
ce221eb5 171if ((!empty($send) || !empty($preview) || !empty($edit)) && (empty($messagebody))) {
172 echo $OUTPUT->notification(get_string('allfieldsrequired'));
173}
f19570d0 174
ce221eb5 175if (count($SESSION->emailto[$id])) {
632f3eff 176 require_sesskey();
ce221eb5 177 $usehtmleditor = can_use_html_editor();
178 require("message.html");
179}
f19570d0 180
ce221eb5 181echo $OUTPUT->footer();
f19570d0 182
f09002ca 183