MDL-29440 calendar: iCal export don't allow html in description export
[moodle.git] / calendar / export_execute.php
1 <?php
3 require_once('../config.php');
4 //require_once($CFG->dirroot.'/course/lib.php');
5 require_once($CFG->dirroot.'/calendar/lib.php');
6 require_once($CFG->libdir.'/bennu/bennu.inc.php');
8 $userid = optional_param('userid', 0, PARAM_INT);
9 $username = optional_param('username', '', PARAM_TEXT);
10 $authtoken = required_param('authtoken', PARAM_ALPHANUM);
11 $generateurl = optional_param('generateurl', '', PARAM_TEXT);
13 if (empty($CFG->enablecalendarexport)) {
14     die('no export');
15 }
17 //Fetch user information
18 $checkuserid = !empty($userid) && $user = $DB->get_record('user', array('id' => $userid), 'id,password');
19 //allowing for fallback check of old url - MDL-27542
20 $checkusername = !empty($username) && $user = $DB->get_record('user', array('username' => $username), 'id,password');
21 if (!$checkuserid && !$checkusername) {
22     //No such user
23     die('Invalid authentication');
24 }
26 //Check authentication token
27 $authuserid = !empty($userid) && $authtoken == sha1($userid . $user->password . $CFG->calendar_exportsalt);
28 //allowing for fallback check of old url - MDL-27542
29 $authusername = !empty($username) && $authtoken == sha1($username . $user->password . $CFG->calendar_exportsalt);
30 if (!$authuserid && !$authusername) {
31     die('Invalid authentication');
32 }
34 $what = optional_param('preset_what', 'all', PARAM_ALPHA);
35 $time = optional_param('preset_time', 'weeknow', PARAM_ALPHA);
37 $now = usergetdate(time());
38 // Let's see if we have sufficient and correct data
39 $allowed_what = array('all', 'courses');
40 $allowed_time = array('weeknow', 'weeknext', 'monthnow', 'monthnext', 'recentupcoming');
42 if (!empty($generateurl)) {
43     $authtoken = sha1($user->id . $user->password . $CFG->calendar_exportsalt);
44     $params = array();
45     $params['preset_what'] = $what;
46     $params['preset_time'] = $time;
47     $params['userid'] = $userid;
48     $params['authtoken'] = $authtoken;
49     $params['generateurl'] = true;
51     $link = new moodle_url('/calendar/export.php', $params);
52     redirect($link->out());
53     die;
54 }
56 if(!empty($what) && !empty($time)) {
57     if(in_array($what, $allowed_what) && in_array($time, $allowed_time)) {
58         $courses = enrol_get_users_courses($user->id, true, 'id, visible, shortname');
60         if ($what == 'all') {
61             $users = $user->id;
62             $groups = array();
63             foreach ($courses as $course) {
64                 $course_groups = groups_get_all_groups($course->id, $user->id);
65                 $groups = array_merge($groups, array_keys($course_groups));
66             }
67             if (empty($groups)) {
68                 $groups = false;
69             }
70             $courses[SITEID] = new stdClass;
71             $courses[SITEID]->shortname = get_string('globalevents', 'calendar');
72         } else {
73             $users = false;
74             $groups = false;
75         }
77         switch($time) {
78             case 'weeknow':
79                 $startweekday  = get_user_preferences('calendar_startwday', calendar_get_starting_weekday());
80                 $startmonthday = find_day_in_month($now['mday'] - 6, $startweekday, $now['mon'], $now['year']);
81                 $startmonth    = $now['mon'];
82                 $startyear     = $now['year'];
83                 if($startmonthday > calendar_days_in_month($startmonth, $startyear)) {
84                     list($startmonth, $startyear) = calendar_add_month($startmonth, $startyear);
85                     $startmonthday = find_day_in_month(1, $startweekday, $startmonth, $startyear);
86                 }
87                 $timestart = make_timestamp($startyear, $startmonth, $startmonthday);
88                 $endmonthday = $startmonthday + 7;
89                 $endmonth    = $startmonth;
90                 $endyear     = $startyear;
91                 if($endmonthday > calendar_days_in_month($endmonth, $endyear)) {
92                     list($endmonth, $endyear) = calendar_add_month($endmonth, $endyear);
93                     $endmonthday = find_day_in_month(1, $startweekday, $endmonth, $endyear);
94                 }
95                 $timeend = make_timestamp($endyear, $endmonth, $endmonthday) - 1;
96             break;
97             case 'weeknext':
98                 $startweekday  = get_user_preferences('calendar_startwday', calendar_get_starting_weekday());
99                 $startmonthday = find_day_in_month($now['mday'] + 1, $startweekday, $now['mon'], $now['year']);
100                 $startmonth    = $now['mon'];
101                 $startyear     = $now['year'];
102                 if($startmonthday > calendar_days_in_month($startmonth, $startyear)) {
103                     list($startmonth, $startyear) = calendar_add_month($startmonth, $startyear);
104                     $startmonthday = find_day_in_month(1, $startweekday, $startmonth, $startyear);
105                 }
106                 $timestart = make_timestamp($startyear, $startmonth, $startmonthday);
107                 $endmonthday = $startmonthday + 7;
108                 $endmonth    = $startmonth;
109                 $endyear     = $startyear;
110                 if($endmonthday > calendar_days_in_month($endmonth, $endyear)) {
111                     list($endmonth, $endyear) = calendar_add_month($endmonth, $endyear);
112                     $endmonthday = find_day_in_month(1, $startweekday, $endmonth, $endyear);
113                 }
114                 $timeend = make_timestamp($endyear, $endmonth, $endmonthday) - 1;
115             break;
116             case 'monthnow':
117                 $timestart = make_timestamp($now['year'], $now['mon'], 1);
118                 $timeend   = make_timestamp($now['year'], $now['mon'], calendar_days_in_month($now['mon'], $now['year']), 23, 59, 59);
119             break;
120             case 'monthnext':
121                 list($nextmonth, $nextyear) = calendar_add_month($now['mon'], $now['year']);
122                 $timestart = make_timestamp($nextyear, $nextmonth, 1);
123                 $timeend   = make_timestamp($nextyear, $nextmonth, calendar_days_in_month($nextmonth, $nextyear), 23, 59, 59);
124             break;
125             case 'recentupcoming':
126                 //Events in the last 5 or next 60 days
127                 $timestart = time() - 432000;
128                 $timeend = time() + 5184000;
129             break;
130         }
131     }
132     else {
133         // Parameters given but incorrect, redirect back to export page
134         redirect($CFG->wwwroot.'/calendar/export.php');
135         die();
136     }
138 $events = calendar_get_events($timestart, $timeend, $users, $groups, array_keys($courses), false);
140 $ical = new iCalendar;
141 $ical->add_property('method', 'PUBLISH');
142 foreach($events as $event) {
143    if (!empty($event->modulename)) {
144         $cm = get_coursemodule_from_instance($event->modulename, $event->instance);
145         if (!groups_course_module_visible($cm)) {
146             continue;
147         }
148     }
149     $hostaddress = str_replace('http://', '', $CFG->wwwroot);
150     $hostaddress = str_replace('https://', '', $hostaddress);
152     $ev = new iCalendar_event;
153     $ev->add_property('uid', $event->id.'@'.$hostaddress);
154     $ev->add_property('summary', $event->name);
155     $ev->add_property('description', clean_param($event->description, PARAM_NOTAGS));
156     $ev->add_property('class', 'PUBLIC'); // PUBLIC / PRIVATE / CONFIDENTIAL
157     $ev->add_property('last-modified', Bennu::timestamp_to_datetime($event->timemodified));
158     $ev->add_property('dtstamp', Bennu::timestamp_to_datetime()); // now
159     $ev->add_property('dtstart', Bennu::timestamp_to_datetime($event->timestart)); // when event starts
160     if ($event->timeduration > 0) {
161         //dtend is better than duration, because it works in Microsoft Outlook and works better in Korganizer
162         $ev->add_property('dtend', Bennu::timestamp_to_datetime($event->timestart + $event->timeduration));
163     }
164     if ($event->courseid != 0) {
165         $coursecontext = get_context_instance(CONTEXT_COURSE, $event->courseid);
166         $ev->add_property('categories', format_string($courses[$event->courseid]->shortname, true, array('context' => $coursecontext)));
167     }
168     $ical->add_component($ev);
171 $serialized = $ical->serialize();
172 if(empty($serialized)) {
173     // TODO
174     die('bad serialization');
177 //IE compatibility HACK!
178 if (ini_get_bool('zlib.output_compression')) {
179     ini_set('zlib.output_compression', 'Off');
182 $filename = 'icalexport.ics';
184 header('Last-Modified: '. gmdate('D, d M Y H:i:s', time()) .' GMT');
185 header('Cache-Control: private, must-revalidate, pre-check=0, post-check=0, max-age=0');
186 header('Expires: '. gmdate('D, d M Y H:i:s', 0) .'GMT');
187 header('Pragma: no-cache');
188 header('Accept-Ranges: none'); // Comment out if PDFs do not work...
189 header('Content-disposition: attachment; filename='.$filename);
190 header('Content-length: '.strlen($serialized));
191 header('Content-type: text/calendar; charset=utf-8');
193 echo $serialized;