merged fix for MDL-10564, wrong userid used in get_my_courses() for blogs
[moodle-linuxchix.git] / blog / index.php
blobaeea0c71dfa32ccdff8d5714093f455334acae43
1 <?php // $Id$
3 /**
4 * file index.php
5 * index page to view blogs. if no blog is specified then site wide entries are shown
6 * if a blog id is specified then the latest entries from that blog are shown
7 */
9 require_once('../config.php');
10 require_once($CFG->dirroot .'/blog/lib.php');
11 require_once($CFG->libdir .'/blocklib.php');
13 $id = optional_param('id', 0, PARAM_INT);
14 $start = optional_param('formstart', 0, PARAM_INT);
15 $userid = optional_param('userid',0,PARAM_INT);
16 $tag = optional_param('tag', '', PARAM_NOTAGS);
17 $tagid = optional_param('tagid', 0, PARAM_INT);
18 $postid = optional_param('postid',0,PARAM_INT);
19 $filtertype = optional_param('filtertype', '', PARAM_ALPHA);
20 $filterselect = optional_param('filterselect', 0, PARAM_INT);
22 $edit = optional_param('edit', -1, PARAM_BOOL);
23 $courseid = optional_param('courseid', 0, PARAM_INT); // needed for user tabs and course tracking
26 if (empty($CFG->bloglevel)) {
27 error('Blogging is disabled!');
30 $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
33 // change block edit staus if not guest and logged in
34 if (isloggedin() and !isguest() and $edit != -1) {
35 $SESSION->blog_editing_enabled = $edit;
38 if (empty($filtertype)) {
39 if ($userid) { // default to user if specified
40 $filtertype = 'user';
41 $filterselect = $userid;
42 } else if (has_capability('moodle/blog:view', $sitecontext) and $CFG->bloglevel > BLOG_USER_LEVEL) {
43 $filtertype = 'site';
44 $filterselect = '';
45 } else {
46 // user might have capability to write blogs, but not read blogs at site level
47 // users might enter this url manually without parameters
48 $filtertype = 'user';
49 $filterselect = $USER->id;
52 /// check access and prepare filters
54 switch ($filtertype) {
56 case 'site':
57 if ($CFG->bloglevel < BLOG_SITE_LEVEL) {
58 error('Site blogs is not enabled');
60 if ($CFG->bloglevel < BLOG_GLOBAL_LEVEL) {
61 require_login();
63 if (!has_capability('moodle/blog:view', $sitecontext)) {
64 error('You do not have the required permissions to view all site blogs');
66 break;
68 case 'course':
69 if ($CFG->bloglevel < BLOG_COURSE_LEVEL) {
70 error('Course blogs is not enabled');
72 if (!$course = get_record('course', 'id', $filterselect)) {
73 error('Incorrect course id specified');
75 $courseid = $course->id;
76 $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id);
77 require_login($course->id);
78 if (!has_capability('moodle/blog:view', $coursecontext)) {
79 error('You do not have the required permissions to view blogs in this course');
81 break;
83 case 'group':
84 if ($CFG->bloglevel < BLOG_GROUP_LEVEL) {
85 error('Group blogs is not enabled');
88 // fix for MDL-9268
89 if (! $group = groups_get_group($filterselect)) { //TODO:check.
90 error('Incorrect group id specified');
92 if (!$course = get_record('course', 'id', $group->courseid)) {
93 error('Incorrect course id specified');
95 $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id);
96 $courseid = $course->id;
97 require_login($course->id);
98 if (!has_capability('moodle/blog:view', $coursecontext)) {
99 error('You do not have the required permissions to view blogs in this course/group');
101 if (groupmode($course) == SEPARATEGROUPS
102 and !has_capability('moodle/site:accessallgroups', $coursecontext)) {
103 if (!ismember($filterselect)) {
104 error ('You are not a member of this course group');
108 break;
110 case 'user':
111 if ($CFG->bloglevel < BLOG_USER_LEVEL) {
112 error('Blogs is not enabled');
114 if (!$user = get_record('user', 'id', $filterselect)) {
115 error('Incorrect user id');
117 if ($USER->id == $filterselect) {
118 if (!has_capability('moodle/blog:create', $sitecontext)
119 and !has_capability('moodle/blog:view', $sitecontext)) {
120 error('You do not have your own blog, sorry.');
122 } else {
123 $personalcontext = get_context_instance(CONTEXT_USER, $filterselect);
124 if (!has_capability('moodle/blog:view', $sitecontext)
125 and !has_capability('moodle/user:readuserblogs', $personalcontext)) {
126 error('You do not have the required permissions to read user blogs');
128 if (!blog_user_can_view_user_post($filterselect)) {
129 error('You can not view blog of this user, sorry.');
132 $userid = $filterselect;
134 break;
136 default:
137 error('Incorrect blog filter type specified');
138 break;
141 if (empty($courseid)) {
142 $courseid = SITEID;
145 include($CFG->dirroot .'/blog/header.php');
147 blog_print_html_formatted_entries($postid, $filtertype, $filterselect, $tagid, $tag);
149 add_to_log($courseid, 'blog', 'view', 'index.php?filtertype='.$filtertype.'&amp;filterselect='.$filterselect.'&amp;postid='.$postid.'&amp;tagid='.$tagid.'&amp;tag='.$tag, 'view blog entry');
151 include($CFG->dirroot .'/blog/footer.php');