MDL-15942 - separate data escaped for database entry from unescaped data
[moodle-linuxchix.git] / blog / blogpage.php
blob84e86553479481fc62e48df321a80cd79f64dc96
1 <?php // $Id$
3 if (!defined('MOODLE_INTERNAL')) {
4 die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
7 /**
8 * Definition of blog page type.
9 */
10 define('PAGE_BLOG_VIEW', 'blog-view');
12 // Blog class derived from moodle's page class
13 class page_blog extends page_base {
15 var $editing = false;
16 var $courserecord = NULL;
17 var $courseid = NULL;
18 var $filtertype = NULL;
19 var $filterselect = NULL;
20 var $tagid = NULL;
22 // Mandatory; should return our identifier.
23 function get_type() {
24 global $CFG;
25 require_once($CFG->dirroot .'/blog/lib.php');
26 return PAGE_BLOG_VIEW;
29 // we have no format type, use 'blog'
30 //I think it's a bug, but if this is left the default NULL value then pages can
31 //fail to load completely
32 function get_format_name() {
33 global $CFG;
34 require_once($CFG->dirroot .'/blog/lib.php');
35 return PAGE_BLOG_VIEW;
38 // Do any validation of the officially recognized bits of the data and forward to parent.
39 // Do NOT load up "expensive" resouces (e.g. SQL data) here!
40 function init_quick($data) {
41 parent::init_quick($data);
42 if (empty($data->pageid)) {
43 //if no pageid then the user is viewing a collection of blog entries
44 $this->id = 0; //set blog id to 0
48 // Here you should load up all heavy-duty data for your page. Basically everything that
49 // does not NEED to be loaded for the class to make basic decisions should NOT be loaded
50 // in init_quick() and instead deferred here. Of course this function had better recognize
51 // $this->full_init_done to prevent wasteful multiple-time data retrieval.
52 function init_full() {
53 if ($this->full_init_done) {
54 return;
56 // I need to determine how best to utilize this function. Most init
57 // is already done before we get here in blogFilter and blogInfo
59 if ($this->courseid == 0 || $this->courseid == 1 || !is_numeric($this->courseid) ) {
60 $this->courseid = '';
61 $courserecord = NULL;
62 } else {
63 if (! ($courserecord = get_record('course', 'id', $this->courseid)) ) {
64 error( 'You are tring to view an invalid course. Id: ('. $this->courseid .')' );
67 $this->full_init_done = true;
70 // For this test page, only admins are going to be allowed editing (for simplicity).
71 function user_allowed_editing() {
72 if (isloggedin() && !isguest()) {
73 return true;
75 return false;
78 // Also, admins are considered to have "always on" editing (I wanted to avoid duplicating
79 // the code that turns editing on/off here; you can roll your own or copy course/view.php).
80 function user_is_editing() {
81 global $SESSION;
83 if (isloggedin() && !isguest()) {
84 $this->editing = !empty($SESSION->blog_editing_enabled);
85 return $this->editing;
87 return false;
90 //over-ride parent method's print_header because blog already passes more than just the title along
91 function print_header($pageTitle='', $pageHeading='', $pageNavigation='', $pageFocus='', $pageMeta='') {
92 global $USER;
94 $this->init_full();
95 $extraheader = '';
96 if (!empty($USER) && !empty($USER->id)) {
97 $extraheader = $this->get_extra_header_string();
99 print_header($pageTitle, $pageHeading, $pageNavigation, $pageFocus, $pageMeta, true, $extraheader );
102 // This should point to the script that displays us
103 function url_get_path() {
104 global $CFG;
106 return $CFG->wwwroot .'/blog/index.php';
109 function url_get_parameters() {
111 $array = array();
112 if (!$this->full_init_done) {
113 $array['userid'] = $this->id;
114 return $array;
117 if (!empty($this->courseid)) {
118 $array['courseid'] = $this->courseid;
120 if (!empty($this->filtertype)) {
121 $array['filtertype'] = $this->filtertype;
123 if (!empty($this->filterselect)) {
124 $array['filterselect'] = $this->filterselect;
126 if (!empty($this->tagid)) {
127 $array['tagid'] = $this->tagid;
129 return $array;
133 // Having defined all identifiers we need, here we declare which block positions we are
134 // going to support.
135 function blocks_get_positions() {
136 return array(BLOCK_POS_LEFT, BLOCK_POS_RIGHT);
139 // When a new block is created in this page, which position should it go to?
140 function blocks_default_position() {
141 return BLOCK_POS_RIGHT;
144 // When we are creating a new page, use the data at your disposal to provide a textual representation of the
145 // blocks that are going to get added to this new page. Delimit block names with commas (,) and use double
146 // colons (:) to delimit between block positions in the page. See blocks_get_positions() for additional info.
147 function blocks_get_default() {
148 global $CFG;
150 $this->init_full();
152 // It's a normal blog page
153 if (!empty($CFG->{'defaultblocks_'. $this->get_type()})) {
154 $blocknames = $CFG->{'defaultblocks_'. $this->get_type()};
155 } else {
156 /// Failsafe - in case nothing was defined.
157 $blocknames = 'admin,calendar_month,online_users,blog_menu';
160 return $blocknames;
163 // And finally, a little block move logic. Given a block's previous position and where
164 // we want to move it to, return its new position. Pretty self-documenting.
165 function blocks_move_position(&$instance, $move) {
166 if ($instance->position == BLOCK_POS_LEFT && $move == BLOCK_MOVE_RIGHT) {
167 return BLOCK_POS_RIGHT;
168 } else if ($instance->position == BLOCK_POS_RIGHT && $move == BLOCK_MOVE_LEFT) {
169 return BLOCK_POS_LEFT;
171 return $instance->position;
174 /////////// Blog page specific functions
175 function get_extra_header_string() {
176 global $SESSION, $CFG, $USER;
178 $editformstring = '';
179 if ($this->user_allowed_editing()) {
180 if (!empty($SESSION->blog_editing_enabled)) {
181 $editingString = get_string('turneditingoff');
182 } else {
183 $editingString = get_string('turneditingon');
186 $params = $this->url_get_parameters();
187 $params['edit'] = empty($SESSION->blog_editing_enabled) ? 1 : 0;
188 $paramstring = '';
189 foreach ($params as $key=>$val) {
190 $paramstring .= '<input type="hidden" name="'.$key.'" value="'.s($val).'" />';
193 $editformstring = '<form '.$CFG->frametarget.' method="get" action="'.$this->url_get_path().'"><div>'
194 .$paramstring.'<input type="submit" value="'.$editingString.'" /></div></form>';
197 return $editformstring;