$day = optional_param('cal_d', 0, PARAM_INT);
$mon = optional_param('cal_m', 0, PARAM_INT);
$yr = optional_param('cal_y', 0, PARAM_INT);
+$generateurl = optional_param('generateurl', 0, PARAM_BOOL);
if ($courseid != SITEID && !empty($courseid)) {
$course = $DB->get_record('course', array('id' => $courseid));
$calendar->prepare_for_view($course, $courses);
$pagetitle = get_string('export', 'calendar');
+$now = usergetdate(time());
// Print title and header
if ($issite) {
if (isset($CFG->calendar_weekend)) {
$weekend = intval($CFG->calendar_weekend);
}
- $username = $USER->username;
- $authtoken = sha1($USER->username . $USER->password . $CFG->calendar_exportsalt);
+
+ $authtoken = sha1($USER->id . $USER->password . $CFG->calendar_exportsalt);
// Let's populate some vars to let "common tasks" be somewhat smart...
// If today it's weekend, give the "next week" option
$allownextweek = $weekend & (1 << $now['wday']);
$allownextmonth = calendar_days_in_month($now['mon'], $now['year']) - $now['mday'] < 7;
// If today it's weekend but tomorrow it isn't, do NOT give the "this week" option
$allowthisweek = !(($weekend & (1 << $now['wday'])) && !($weekend & (1 << (($now['wday'] + 1) % 7))));
- echo $renderer->basic_export_form($allowthisweek, $allownextweek, $allownextmonth, $username, $authtoken);
+ echo $renderer->basic_export_form($allowthisweek, $allownextweek, $allownextmonth, $USER->id, $authtoken);
break;
}
+if (!empty($generateurl)) {
+ $params['userid'] = optional_param('userid', 0, PARAM_INT);
+ $params['authtoken'] = optional_param('authtoken', '', PARAM_ALPHANUM);
+ $params['preset_what'] = optional_param('preset_what', 'all', PARAM_ALPHA);
+ $params['preset_time'] = optional_param('preset_time', 'weeknow', PARAM_ALPHA);
+
+ $link = new moodle_url('/calendar/export_execute.php', $params);
+ print html_writer::tag('div', get_string('calendarurl', 'calendar', $link->out()), array('class' => 'generalbox calendarurl'));
+}
+
echo $renderer->complete_layout();
echo $OUTPUT->footer();
require_once($CFG->dirroot.'/calendar/lib.php');
require_once($CFG->libdir.'/bennu/bennu.inc.php');
-$username = required_param('username', PARAM_TEXT);
+$userid = optional_param('userid', 0, PARAM_INT);
+$username = optional_param('username', '', PARAM_TEXT);
$authtoken = required_param('authtoken', PARAM_ALPHANUM);
+$generateurl = optional_param('generateurl', '', PARAM_TEXT);
if (empty($CFG->enablecalendarexport)) {
die('no export');
}
//Fetch user information
-if (!$user = $DB->get_record('user', array('username' => $username), 'id,password')) {
- //No such user
+$checkuserid = !empty($userid) && $user = $DB->get_record('user', array('id' => $userid), 'id,password');
+//allowing for fallback check of old url - MDL-27542
+$checkusername = !empty($username) && $user = $DB->get_record('user', array('username' => $username), 'id,password');
+if (!$checkuserid && !$checkusername) {
+ //No such user
die('Invalid authentication');
}
//Check authentication token
-if ($authtoken != sha1($username . $user->password . $CFG->calendar_exportsalt)) {
+$authuserid = !empty($userid) && $authtoken == sha1($userid . $user->password . $CFG->calendar_exportsalt);
+//allowing for fallback check of old url - MDL-27542
+$authusername = !empty($username) && $authtoken == sha1($username . $user->password . $CFG->calendar_exportsalt);
+if (!$authuserid && !$authusername) {
die('Invalid authentication');
}
$allowed_what = array('all', 'courses');
$allowed_time = array('weeknow', 'weeknext', 'monthnow', 'monthnext', 'recentupcoming');
+if (!empty($generateurl)) {
+ $authtoken = sha1($user->id . $user->password . $CFG->calendar_exportsalt);
+ $params = array();
+ $params['preset_what'] = $what;
+ $params['preset_time'] = $time;
+ $params['userid'] = $userid;
+ $params['authtoken'] = $authtoken;
+ $params['generateurl'] = true;
+
+ $link = new moodle_url('/calendar/export.php', $params);
+ redirect($link->out());
+ die;
+}
+
if(!empty($what) && !empty($time)) {
if(in_array($what, $allowed_what) && in_array($time, $allowed_time)) {
$courses = enrol_get_users_courses($user->id, true, 'id, visible, shortname');
$group = $DB->get_record('groups', array('id'=>$data->groupid));
$context = get_context_instance(CONTEXT_COURSE, $group->courseid);
} else if (isset($data->userid) && $data->userid > 0 && $data->userid == $USER->id) {
- $context = get_context_instance(CONTEXT_USER);
+ $context = get_context_instance(CONTEXT_USER, $data->userid);
} else if (isset($data->userid) && $data->userid > 0 && $data->userid != $USER->id &&
isset($data->instance) && $data->instance > 0) {
$cm = get_coursemodule_from_instance($data->modulename, $data->instance, 0, false, MUST_EXIST);
* @param bool $allowthisweek
* @param bool $allownextweek
* @param bool $allownextmonth
- * @param string $username
+ * @param int $userid
* @param string $authtoken
* @return string
*/
- public function basic_export_form($allowthisweek, $allownextweek, $allownextmonth, $username, $authtoken) {
+ public function basic_export_form($allowthisweek, $allownextweek, $allownextmonth, $userid, $authtoken) {
$output = html_writer::tag('div', get_string('export', 'calendar'), array('class'=>'header'));
$output .= html_writer::start_tag('fieldset');
$output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'cal_d', 'value'=>''));
$output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'cal_m', 'value'=>''));
$output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'cal_y', 'value'=>''));
- $output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'username', 'value'=>$username));
+ $output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'userid', 'value'=>$userid));
$output .= html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'authtoken', 'value'=>$authtoken));
- $output .= html_writer::empty_tag('input', array('type'=>'button', 'id'=>'generateurl', 'value'=>get_string('generateurlbutton', 'calendar')));
+ $output .= html_writer::empty_tag('input', array('type'=>'submit', 'name' => 'generateurl', 'id'=>'generateurl', 'value'=>get_string('generateurlbutton', 'calendar')));
$output .= html_writer::empty_tag('input', array('type'=>'submit', 'value'=>get_string('exportbutton', 'calendar')));
$output .= html_writer::end_tag('div');
$output .= html_writer::tag('div', '', array('id'=>'url', 'style'=>'overflow:scroll;width:650px;'));
$output .= html_writer::end_tag('div');
- $this->page->requires->yui_module('moodle-calendar-eventmanager', 'M.core_calendar.init_basic_export', array($allowthisweek, $allownextweek, $allownextmonth, $username, $authtoken));
-
return $output;
}
if (!empty($CFG->enablecalendarexport)) {
echo $OUTPUT->single_button(new moodle_url('export.php', array('course'=>$courseid)), get_string('exportcalendar', 'calendar'));
if (isloggedin()) {
- $authtoken = sha1($USER->username . $USER->password . $CFG->calendar_exportsalt);
- $link = new moodle_url('/calendar/export_execute.php', array('preset_what'=>'all', 'preset_time'=>'recentupcoming', 'username'=>$USER->username, 'authtoken'=>$authtoken));
+ $authtoken = sha1($USER->id . $USER->password . $CFG->calendar_exportsalt);
+ $link = new moodle_url('/calendar/export_execute.php', array('preset_what'=>'all', 'preset_time'=>'recentupcoming', 'userid' => $USER->id, 'authtoken'=>$authtoken));
$icon = html_writer::empty_tag('img', array('src'=>$OUTPUT->pix_url('i/ical'), 'height'=>'14', 'width'=>'36', 'alt'=>get_string('ical', 'calendar'), 'title'=>get_string('quickdownloadcalendar', 'calendar')));
echo html_writer::tag('a', $icon, array('href'=>$link));
}
var EVENTMANAGER = {
add_event : function(config) {
new EVENT(config);
- },
- init_basic_export : function(allowthisweek, allownextweek, allownextmonth, username, authtoken) {
- var params = {
- preset_what : (Y.one('#pw_course').get('checked'))?'courses':'all',
- preset_time : 'recentupcoming',
- username : username,
- authtoken : authtoken
-
- }
- if (allowthisweek && Y.one('#pt_wknow').get('checked')) {
- params.presettime = 'weeknow';
- } else if (allownextweek && Y.one('#pt_wknext').get('checked')) {
- params.presettime = 'weeknext';
- } else if (allownextmonth && Y.one('#pt_monnext').get('checked')) {
- params.presettime = 'monthnext';
- } else if (Y.one('#pt_monnow').get('checked')) {
- params.presettime = 'monthnow';
- }
- Y.one('#url').setContent(M.cfg.wwwroot+'/calendar/export_execute.php?'+build_querystring(params));
- Y.one('#urlbox').setStyle('display', 'block');
}
}
$string['calendar'] = 'Calendar';
$string['calendarheading'] = '{$a} Calendar';
$string['calendarpreferences'] = 'Calendar preferences';
+$string['calendarurl'] = 'Calendar URL: {$a}';
$string['clickhide'] = 'click to hide';
$string['clickshow'] = 'click to show';
$string['commontasks'] = 'Options';
