MDL-22388 Added some checks to kill these scripts dead with an unequivocal notice...
[moodle.git] / mod / glossary / edit_form.php
1 <?php
2 if (!defined('MOODLE_INTERNAL')) {
3     die('Direct access to this script is forbidden.');    ///  It must be included from a Moodle page
4 }
6 require_once ($CFG->dirroot.'/lib/formslib.php');
8 class mod_glossary_entry_form extends moodleform {
10     function definition() {
11         global $CFG, $DB;
13         $mform = $this->_form;
15         $currententry      = $this->_customdata['current'];
16         $glossary          = $this->_customdata['glossary'];
17         $cm                = $this->_customdata['cm'];
18         $definitionoptions = $this->_customdata['definitionoptions'];
19         $attachmentoptions = $this->_customdata['attachmentoptions'];
21 //-------------------------------------------------------------------------------
22         $mform->addElement('header', 'general', get_string('general', 'form'));
24         $mform->addElement('text', 'concept', get_string('concept', 'glossary'));
25         $mform->setType('concept', PARAM_TEXT);
26         $mform->addRule('concept', null, 'required', null, 'client');
28         $mform->addElement('editor', 'definition_editor', get_string('definition', 'glossary'), null, $definitionoptions);
29         $mform->setType('definition_editor', PARAM_RAW);
30         $mform->addRule('definition_editor', get_string('required'), 'required', null, 'client');
32         if ($categories = $DB->get_records_menu('glossary_categories', array('glossaryid'=>$glossary->id), 'name ASC', 'id, name')){
33             $categories = array(0 => get_string('notcategorised', 'glossary')) + $categories;
34             $categoriesEl = $mform->addElement('select', 'categories', get_string('categories', 'glossary'), $categories);
35             $categoriesEl->setMultiple(true);
36             $categoriesEl->setSize(5);
37         }
39         $mform->addElement('textarea', 'aliases', get_string('aliases', 'glossary'), 'rows="2" cols="40"');
40         $mform->setType('aliases', PARAM_TEXT);
41         $mform->addHelpButton('aliases', 'aliases', 'glossary');
43         $mform->addElement('filemanager', 'attachment_filemanager', get_string('attachment', 'glossary'), null, $attachmentoptions);
44         $mform->addHelpButton('attachment_filemanager', 'attachment', 'glossary');
46         if (!$glossary->usedynalink) {
47             $mform->addElement('hidden', 'usedynalink',   $CFG->glossary_linkentries);
48             $mform->setType('usedynalink', PARAM_INT);
49             $mform->addElement('hidden', 'casesensitive', $CFG->glossary_casesensitive);
50             $mform->setType('casesensitive', PARAM_INT);
51             $mform->addElement('hidden', 'fullmatch',     $CFG->glossary_fullmatch);
52             $mform->setType('fullmatch', PARAM_INT);
54         } else {
55 //-------------------------------------------------------------------------------
56             $mform->addElement('header', 'linkinghdr', get_string('linking', 'glossary'));
58             $mform->addElement('checkbox', 'usedynalink', get_string('entryusedynalink', 'glossary'));
59             $mform->addHelpButton('usedynalink', 'entryusedynalink', 'glossary');
60             $mform->setDefault('usedynalink', $CFG->glossary_linkentries);
62             $mform->addElement('checkbox', 'casesensitive', get_string('casesensitive', 'glossary'));
63             $mform->addHelpButton('casesensitive', 'casesensitive', 'glossary');
64             $mform->disabledIf('casesensitive', 'usedynalink');
65             $mform->setDefault('casesensitive', $CFG->glossary_casesensitive);
67             $mform->addElement('checkbox', 'fullmatch', get_string('fullmatch', 'glossary'));
68             $mform->addHelpButton('fullmatch', 'fullmatch', 'glossary');
69             $mform->disabledIf('fullmatch', 'usedynalink');
70             $mform->setDefault('fullmatch', $CFG->glossary_fullmatch);
71         }
73         $mform->addElement('hidden', 'id');
74         $mform->setType('id', PARAM_INT);
75         $mform->addElement('hidden', 'cmid');
76         $mform->setType('cmid', PARAM_INT);
78 //-------------------------------------------------------------------------------
79         $this->add_action_buttons();
81 //-------------------------------------------------------------------------------
82         $this->set_data($currententry);
83     }
85     function validation($data, $files) {
86         global $CFG, $USER, $DB;
87         $errors = parent::validation($data, $files);
89         $glossary = $this->_customdata['glossary'];
90         $cm       = $this->_customdata['cm'];
91         $context  = get_context_instance(CONTEXT_MODULE, $cm->id);
93         $id = (int)$data['id'];
94         $data['concept'] = trim($data['concept']);
96         if ($id) {
97             //We are updating an entry, so we compare current session user with
98             //existing entry user to avoid some potential problems if secureforms=off
99             //Perhaps too much security? Anyway thanks to skodak (Bug 1823)
100             $old = $DB->get_record('glossary_entries', array('id'=>$id));
101             $ineditperiod = ((time() - $old->timecreated <  $CFG->maxeditingtime) || $glossary->editalways);
102             if ((!$ineditperiod || $USER->id != $old->userid) and !has_capability('mod/glossary:manageentries', $context)) {
103                 if ($USER->id != $old->userid) {
104                     $errors['concept'] = get_string('errcannoteditothers', 'glossary');
105                 } elseif (!$ineditperiod) {
106                     $errors['concept'] = get_string('erredittimeexpired', 'glossary');
107                 }
108             }
109             if (!$glossary->allowduplicatedentries) {
110                 if ($dupentries = $DB->get_records('glossary_entries', array('LOWER(concept)'=>moodle_strtolower($data['concept'])))) {
111                     foreach ($dupentries as $curentry) {
112                         if ($glossary->id == $curentry->glossaryid) {
113                            if ($curentry->id != $id) {
114                                $errors['concept'] = get_string('errconceptalreadyexists', 'glossary');
115                                break;
116                            }
117                         }
118                     }
119                 }
120             }
122         } else {
123             if (!$glossary->allowduplicatedentries) {
124                 if ($dupentries = $DB->get_record('glossary_entries', array('LOWER(concept)'=>moodle_strtolower($data['concept']), 'glossaryid'=>$glossary->id))) {
125                     $errors['concept'] = get_string('errconceptalreadyexists', 'glossary');
126                 }
127             }
128         }
130         return $errors;
131     }