message MDL-24548 some emergency bug fixes to messaging

diff --git a/message/index.php b/message/index.php
index b7c238c..5d51b7d 100644 (file)
--- a/message/index.php
+++ b/message/index.php
@@ -73,25 +73,6 @@ if ($unblockcontact !== 0) {
 
 $PAGE->set_url($url);
 
-/// Process any contact maintenance requests there may be
-if ($addcontact and confirm_sesskey()) {
-    add_to_log(SITEID, 'message', 'add contact', 'history.php?user1='.$addcontact.'&user2='.$USER->id, $addcontact);
-    message_add_contact($addcontact);
-    redirect($CFG->wwwroot . '/message/index.php?usergroup=contacts&id='.$addcontact);
-}
-if ($removecontact and confirm_sesskey()) {
-    add_to_log(SITEID, 'message', 'remove contact', 'history.php?user1='.$removecontact.'&user2='.$USER->id, $removecontact);
-    message_remove_contact($removecontact);
-}
-if ($blockcontact and confirm_sesskey()) {
-    add_to_log(SITEID, 'message', 'block contact', 'history.php?user1='.$blockcontact.'&user2='.$USER->id, $blockcontact);
-    message_block_contact($blockcontact);
-}
-if ($unblockcontact and confirm_sesskey()) {
-    add_to_log(SITEID, 'message', 'unblock contact', 'history.php?user1='.$unblockcontact.'&user2='.$USER->id, $unblockcontact);
-    message_unblock_contact($unblockcontact);
-}
-
 $PAGE->set_context(get_context_instance(CONTEXT_USER, $USER->id));
 $PAGE->navigation->extend_for_user($USER);
 $PAGE->set_pagelayout('course');
@@ -122,6 +103,30 @@ if (!empty($user2id)) {
 }
 unset($user2id);
 
+//the current user isnt involved in this discussion at all
+if ($user1->id!=$USER->id && $user2->id!=$USER->id && !has_capability('moodle/site:readallmessages', $context)) {
+    print_error('accessdenied','admin');
+}
+
+/// Process any contact maintenance requests there may be
+if ($addcontact and confirm_sesskey()) {
+    add_to_log(SITEID, 'message', 'add contact', 'history.php?user1='.$addcontact.'&user2='.$USER->id, $addcontact);
+    message_add_contact($addcontact);
+    redirect($CFG->wwwroot . '/message/index.php?usergroup=contacts&id='.$addcontact);
+}
+if ($removecontact and confirm_sesskey()) {
+    add_to_log(SITEID, 'message', 'remove contact', 'history.php?user1='.$removecontact.'&user2='.$USER->id, $removecontact);
+    message_remove_contact($removecontact);
+}
+if ($blockcontact and confirm_sesskey()) {
+    add_to_log(SITEID, 'message', 'block contact', 'history.php?user1='.$blockcontact.'&user2='.$USER->id, $blockcontact);
+    message_block_contact($blockcontact);
+}
+if ($unblockcontact and confirm_sesskey()) {
+    add_to_log(SITEID, 'message', 'unblock contact', 'history.php?user1='.$unblockcontact.'&user2='.$USER->id, $unblockcontact);
+    message_unblock_contact($unblockcontact);
+}
+
 //was a message sent? Do NOT allow someone looking at someone else's messages to send them.
 $messageerror = null;
 if ($currentuser && !empty($user2) && has_capability('moodle/site:sendmessage', $context)) {

diff --git a/message/lib.php b/message/lib.php
index e85ec6b..664075a 100644 (file)
--- a/message/lib.php
+++ b/message/lib.php
@@ -1508,6 +1508,8 @@ function message_format_message(&$message, &$user, $format='', $keywords='', $cl
  * via other means if appropriate.
  */
 function message_post_message($userfrom, $userto, $message, $format, $messagetype) {
+    global $SITE, $CFG, $USER;
+    
     $eventdata = new stdClass();
     $eventdata->component        = 'moodle';
     $eventdata->name             = 'instantmessage';
@@ -1518,6 +1520,15 @@ function message_post_message($userfrom, $userto, $message, $format, $messagetyp
     $eventdata->fullmessageformat = $format;
     $eventdata->fullmessagehtml  = '';
     $eventdata->smallmessage     = '';
+
+    $s = new stdClass();
+    $s->sitename = $SITE->shortname;
+    $s->url = $CFG->wwwroot.'/message/index.php?id='.$userfrom->id;//.'&user='.$userto->id;
+
+    $emailtagline = get_string('emailtagline', 'message', $s);
+    $eventdata->footer = "\n\n---------------------------------------------------------------------\n".$emailtagline;
+    $eventdata->footerhtml = "<br /><br />---------------------------------------------------------------------<br />".$emailtagline;
+    
     $eventdata->timecreated     = time();
     return message_send($eventdata);
 }

diff --git a/message/output/email/message_output_email.php b/message/output/email/message_output_email.php
index 8a41483..c64712b 100644 (file)
--- a/message/output/email/message_output_email.php
+++ b/message/output/email/message_output_email.php
@@ -50,17 +50,19 @@ class message_output_email extends message_output {
             $userto->email = $usertoemailaddress;
         }
 
-        $emailtagline = get_string('emailtagline', 'message', $SITE->shortname);
+        //concatenating the footer on here so that it appears on emails but not within the saved message
+        $messagetosend = null;
         if (!empty($message->fullmessage)) {
-            $message->fullmessage .= "\n\n---------------------------------------------------------------------\n".$emailtagline;
+            $messagetosend = $message->fullmessage.$message->footer;
         }
+
+        $messagetosendhtml = null;
         if (!empty($message->fullmessagehtml)) {
-            //$message->fullmessagehtml .= "<br /><br />---------------------------------------------------------------------<br />".$emailtagline;
+            $messagetosendhtml = $message->fullmessagehtml.$message->footerhtml;
         }
 
         $result = email_to_user($userto, $userfrom,
-            $message->subject, $message->fullmessage,
-            $message->fullmessagehtml);
+            $message->subject, $messagetosend, $messagetosendhtml);
 
         return $result===true; //email_to_user() can return true, false or "emailstop"
         //return true;//do we want to report an error if email sending fails?