MDL-11515:
[moodle-linuxchix.git] / blog / lib.php
blob735b0336a0ca8c8d33343944692c1619bb99101a
1 <?php //$Id$
3 /**
4 * Library of functions and constants for blog
5 */
6 require_once($CFG->libdir .'/blocklib.php');
7 require_once($CFG->libdir .'/pagelib.php');
8 require_once($CFG->dirroot .'/blog/rsslib.php');
9 require_once($CFG->dirroot .'/blog/blogpage.php');
10 require_once($CFG->dirroot.'/tag/lib.php');
12 /**
13 * Definition of blogcourse page type (blog page with course id present).
15 //not used at the moment, and may not need to be
16 define('PAGE_BLOG_COURSE_VIEW', 'blog_course-view');
19 /**
20 * Checks to see if user has visited blogpages before, if not, install 2
21 * default blocks (blog_menu and blog_tags).
23 function blog_check_and_install_blocks() {
24 global $USER;
25 if (isloggedin() && !isguest()) {
26 // if this user has not visited this page before
27 if (!get_user_preferences('blogpagesize')) {
28 // find the correct ids for blog_menu and blog_from blocks
29 $menublock = get_record('block','name','blog_menu');
30 $tagsblock = get_record('block','name','blog_tags');
31 // add those 2 into block_instance page
33 // add blog_menu block
34 $newblock = new object();
35 $newblock->blockid = $menublock->id;
36 $newblock->pageid = $USER->id;
37 $newblock->pagetype = 'blog-view';
38 $newblock->position = 'r';
39 $newblock->weight = 0;
40 $newblock->visible = 1;
41 insert_record('block_instance', $newblock);
43 // add blog_tags menu
44 $newblock -> blockid = $tagsblock->id;
45 $newblock -> weight = 1;
46 insert_record('block_instance', $newblock);
48 // finally we set the page size pref
49 set_user_preference('blogpagesize', 10);
55 /**
56 * Adaptation of isediting in moodlelib.php for blog module
57 * @return bool
59 function blog_isediting() {
60 global $SESSION;
62 return !empty($SESSION->blog_editing_enabled);
66 /**
67 * This function is in lib and not in BlogInfo because entries being searched
68 * might be found in any number of blogs rather than just one.
70 * $@param ...
72 function blog_print_html_formatted_entries($postid, $filtertype, $filterselect, $tagid, $tag) {
74 global $CFG, $USER;
76 $blogpage = optional_param('blogpage', 0, PARAM_INT);
77 $bloglimit = optional_param('limit', get_user_preferences('blogpagesize', 10), PARAM_INT);
78 $start = $blogpage * $bloglimit;
80 $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
82 $morelink = '<br />&nbsp;&nbsp;';
84 $totalentries = get_viewable_entry_count($postid, $bloglimit, $start, $filtertype, $filterselect, $tagid, $tag, $sort='lastmodified DESC');
85 $blogEntries = blog_fetch_entries($postid, $bloglimit, $start, $filtertype, $filterselect, $tagid, $tag, $sort='lastmodified DESC', true);
87 print_paging_bar($totalentries, $blogpage, $bloglimit, get_baseurl($filtertype, $filterselect), 'blogpage');
89 if ($CFG->enablerssfeeds) {
90 blog_rss_print_link($filtertype, $filterselect, $tag);
93 if (has_capability('moodle/blog:create', $sitecontext)) {
94 //the user's blog is enabled and they are viewing their own blog
95 $addlink = '<div class="addbloglink">';
96 $addlink .= '<a href="'.$CFG->wwwroot .'/blog/edit.php?action=add'.'">'. get_string('addnewentry', 'blog').'</a>';
97 $addlink .= '</div>';
98 echo $addlink;
101 if ($blogEntries) {
103 $count = 0;
104 foreach ($blogEntries as $blogEntry) {
105 blog_print_entry($blogEntry, 'list', $filtertype, $filterselect); //print this entry.
106 $count++;
109 print_paging_bar($totalentries, $blogpage, $bloglimit, get_baseurl($filtertype, $filterselect), 'blogpage');
111 if (!$count) {
112 print '<br /><div style="text-align:center">'. get_string('noentriesyet', 'blog') .'</div><br />';
116 print $morelink.'<br />'."\n";
117 return;
120 $output = '<br /><div style="text-align:center">'. get_string('noentriesyet', 'blog') .'</div><br />';
122 print $output;
128 * This function is in lib and not in BlogInfo because entries being searched
129 * might be found in any number of blogs rather than just one.
131 * This function builds an array which can be used by the included
132 * template file, making predefined and nicely formatted variables available
133 * to the template. Template creators will not need to become intimate
134 * with the internal objects and vars of moodle blog nor will they need to worry
135 * about properly formatting their data
137 * @param BlogEntry blogEntry - a hopefully fully populated BlogEntry object
138 * @param string viewtype Default is 'full'. If 'full' then display this blog entry
139 * in its complete form (eg. archive page). If anything other than 'full'
140 * display the entry in its abbreviated format (eg. index page)
142 function blog_print_entry($blogEntry, $viewtype='full', $filtertype='', $filterselect='', $mode='loud') {
144 global $USER, $CFG, $COURSE, $ME;
146 $template['body'] = format_text($blogEntry->summary, $blogEntry->format);
147 //$template['title'] = '<a name="'. $blogEntry->subject .'"></a>';
148 //enclose the title in nolink tags so that moodle formatting doesn't autolink the text
149 $template['title'] = '<span class="nolink">'.$blogEntry->subject.'</span>';
150 $template['userid'] = $blogEntry->userid;
151 $template['author'] = fullname(get_record('user','id',$blogEntry->userid));
152 $template['lastmod'] = userdate($blogEntry->lastmodified);
153 $template['created'] = userdate($blogEntry->created);
154 $template['publishstate'] = $blogEntry->publishstate;
156 /// preventing user to browse blogs that they aren't supposed to see
157 /// This might not be too good since there are multiple calls per page
160 if (!blog_user_can_view_user_post($template['userid'])) {
161 error ('you can not view this post');
164 $stredit = get_string('edit');
165 $strdelete = get_string('delete');
167 $user = get_record('user','id',$template['userid']);
169 /// Start printing of the blog
171 echo '<table cellspacing="0" class="forumpost blogpost blog'.$template['publishstate'].'" width="100%">';
173 echo '<tr class="header"><td class="picture left">';
174 print_user_picture($template['userid'], SITEID, $user->picture);
175 echo '</td>';
177 echo '<td class="topic starter"><div class="subject">'.$template['title'].'</div><div class="author">';
178 $fullname = fullname($user, $template['userid']);
179 $by = new object();
180 $by->name = '<a href="'.$CFG->wwwroot.'/user/view.php?id='.
181 $user->id.'&amp;course='.$COURSE->id.'">'.$fullname.'</a>';
182 $by->date = $template['lastmod'];
183 print_string('bynameondate', 'forum', $by);
184 echo '</div></td></tr>';
186 echo '<tr><td class="left side">';
188 /// Actual content
190 echo '</td><td class="content">'."\n";
192 if ($blogEntry->attachment) {
193 echo '<div class="attachments">';
194 $attachedimages = blog_print_attachments($blogEntry);
195 echo '</div>';
196 } else {
197 $attachedimages = '';
200 switch ($template['publishstate']) {
201 case 'draft':
202 $blogtype = get_string('publishtonoone', 'blog');
203 break;
204 case 'site':
205 $blogtype = get_string('publishtosite', 'blog');
206 break;
207 case 'public':
208 $blogtype = get_string('publishtoworld', 'blog');
209 break;
210 default:
211 $blogtype = '';
212 break;
216 echo '<div class="audience">'.$blogtype.'</div>';
218 // Print whole message
219 echo format_text($template['body']);
221 /// Print attachments
222 echo $attachedimages;
223 /// Links to tags
226 if ($blogtags = get_records_sql('SELECT t.* FROM '.$CFG->prefix.'tags t, '.$CFG->prefix.'blog_tag_instance ti
227 WHERE t.id = ti.tagid
228 AND ti.entryid = '.$blogEntry->id)) {
230 if (!empty($CFG->usetags) && ($blogtags = get_item_tags('blog', $blogEntry->id))) {
231 echo '<div class="tags">';
232 if ($blogtags) {
233 print_string('tags');
234 echo ': ';
235 foreach ($blogtags as $key => $blogtag) {
236 //$taglist[] = '<a href="index.php?filtertype='.$filtertype.'&amp;filterselect='.$filterselect.'&amp;tagid='.$blogtag->id.'">'.tag_display_name($blogtag).'</a>'; // Blog tag only
237 $taglist[] = '<a href="'.$CFG->wwwroot.'/tag/index.php?id='.$blogtag->id.'">'.tag_display_name($blogtag).'</a>'; // General tag link
239 echo implode(', ', $taglist);
241 echo '</div>';
244 /// Commands
246 echo '<div class="commands">';
248 if (blog_user_can_edit_post($blogEntry)) {
249 echo '<a href="'.$CFG->wwwroot.'/blog/edit.php?action=edit&amp;id='.$blogEntry->id.'">'.$stredit.'</a>';
250 echo '| <a href="'.$CFG->wwwroot.'/blog/edit.php?action=delete&amp;id='.$blogEntry->id.'">'.$strdelete.'</a>';
253 echo '</div>';
255 echo '</td></tr></table>'."\n\n";
259 function blog_file_area_name($blogentry) {
260 // Creates a directory file name, suitable for make_upload_directory()
261 global $CFG;
262 // $CFG->dataroot/blog/attachments/xxxx/file.jpg
263 return "blog/attachments/$blogentry->id";
266 function blog_file_area($blogentry) {
267 return make_upload_directory( blog_file_area_name($blogentry) );
270 function blog_delete_old_attachments($post, $exception="") {
271 // Deletes all the user files in the attachments area for a post
272 // EXCEPT for any file named $exception
274 if ($basedir = blog_file_area($post)) {
275 if ($files = get_directory_list($basedir)) {
276 foreach ($files as $file) {
277 if ($file != $exception) {
278 unlink("$basedir/$file");
279 notify("Existing file '$file' has been deleted!");
283 if (!$exception) { // Delete directory as well, if empty
284 rmdir("$basedir");
289 function blog_print_attachments($blogentry, $return=NULL) {
290 // if return=html, then return a html string.
291 // if return=text, then return a text-only string.
292 // otherwise, print HTML for non-images, and return image HTML
294 global $CFG;
296 $filearea = blog_file_area_name($blogentry);
298 $imagereturn = "";
299 $output = "";
301 if ($basedir = blog_file_area($blogentry)) {
302 if ($files = get_directory_list($basedir)) {
303 $strattachment = get_string("attachment", "forum");
304 foreach ($files as $file) {
305 include_once($CFG->libdir.'/filelib.php');
306 $icon = mimeinfo("icon", $file);
307 $type = mimeinfo("type", $file);
308 if ($CFG->slasharguments) {
309 $ffurl = "$CFG->wwwroot/file.php/$filearea/$file";
310 } else {
311 $ffurl = "$CFG->wwwroot/file.php?file=/$filearea/$file";
313 $image = "<img src=\"$CFG->pixpath/f/$icon\" class=\"icon\" alt=\"\" />";
315 if ($return == "html") {
316 $output .= "<a href=\"$ffurl\">$image</a> ";
317 $output .= "<a href=\"$ffurl\">$file</a><br />";
319 } else if ($return == "text") {
320 $output .= "$strattachment $file:\n$ffurl\n";
322 } else {
323 if (in_array($type, array('image/gif', 'image/jpeg', 'image/png'))) { // Image attachments don't get printed as links
324 $imagereturn .= "<br /><img src=\"$ffurl\" alt=\"\" />";
325 } else {
326 echo "<a href=\"$ffurl\">$image</a> ";
327 echo filter_text("<a href=\"$ffurl\">$file</a><br />");
334 if ($return) {
335 return $output;
338 return $imagereturn;
343 * Use this function to retrieve a list of publish states available for
344 * the currently logged in user.
346 * @return array This function returns an array ideal for sending to moodles'
347 * choose_from_menu function.
349 function blog_applicable_publish_states($courseid='') {
351 global $CFG;
353 // everyone gets draft access
354 if ($CFG->bloglevel >= BLOG_USER_LEVEL) {
355 $options = array ( 'draft' => get_string('publishtonoone', 'blog') );
358 if ($CFG->bloglevel > BLOG_USER_LEVEL) {
359 $options['site'] = get_string('publishtosite', 'blog');
362 if ($CFG->bloglevel >= BLOG_GLOBAL_LEVEL) {
363 $options['public'] = get_string('publishtoworld', 'blog');
366 return $options;
371 * User can edit a blog entry if this is their own blog post and they have
372 * the capability moodle/blog:create, or if they have the capability
373 * moodle/blog:manageentries.
375 * This also applies to deleting of posts.
377 function blog_user_can_edit_post($blogEntry) {
379 global $CFG, $USER;
381 $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
383 if (has_capability('moodle/blog:manageentries', $sitecontext)) {
384 return true; // can edit any blog post
387 if ($blogEntry->userid == $USER->id
388 and has_capability('moodle/blog:create', $sitecontext)) {
389 return true; // can edit own when having blog:create capability
392 return false;
397 * Checks to see if a user can view the blogs of another user.
398 * Only blog level is checked here, the capabilities are enforced
399 * in blog/index.php
401 function blog_user_can_view_user_post($targetuserid, $blogEntry=null) {
402 global $CFG, $USER;
404 if (empty($CFG->bloglevel)) {
405 return false; // blog system disabled
408 if (!empty($USER->id) and $USER->id == $targetuserid) {
409 return true; // can view own posts in any case
412 $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
413 if (has_capability('moodle/blog:manageentries', $sitecontext)) {
414 return true; // can manage all posts
417 // coming for 1 post, make sure it's not a draft
418 if ($blogEntry and $blogEntry->publishstate == 'draft') {
419 return false; // can not view draft of others
422 // coming for 1 post, make sure user is logged in, if not a public blog
423 if ($blogEntry && $blogEntry->publishstate != 'public' && !isloggedin()) {
424 return false;
427 switch ($CFG->bloglevel) {
428 case BLOG_GLOBAL_LEVEL:
429 return true;
430 break;
432 case BLOG_SITE_LEVEL:
433 if (!empty($USER->id)) { // not logged in viewers forbidden
434 return true;
436 return false;
437 break;
439 case BLOG_COURSE_LEVEL:
440 $mycourses = array_keys(get_my_courses($USER->id));
441 $usercourses = array_keys(get_my_courses($targetuserid));
442 $shared = array_intersect($mycourses, $usercourses);
443 if (!empty($shared)) {
444 return true;
446 return false;
447 break;
449 case BLOG_GROUP_LEVEL:
450 $mycourses = array_keys(get_my_courses($USER->id));
451 $usercourses = array_keys(get_my_courses($targetuserid));
452 $shared = array_intersect($mycourses, $usercourses);
453 foreach ($shared as $courseid) {
454 $course = get_record('course', 'id', $courseid);
455 $coursecontext = get_context_instance(CONTEXT_COURSE, $courseid);
456 if (has_capability('moodle/site:accessallgroups', $coursecontext)
457 or groups_get_course_groupmode($course) != SEPARATEGROUPS) {
458 return true;
459 } else {
460 if ($usergroups = groups_get_all_groups($courseid, $targetuserid)) {
461 foreach ($usergroups as $usergroup) {
462 if (groups_is_member($usergroup->id)) {
463 return true;
469 return false;
470 break;
472 case BLOG_USER_LEVEL:
473 default:
474 $personalcontext = get_context_instance(CONTEXT_USER, $targetuserid);
475 return has_capability('moodle/user:readuserblogs', $personalcontext);
476 break;
483 * Main filter function.
485 function blog_fetch_entries($postid='', $fetchlimit=10, $fetchstart='', $filtertype='', $filterselect='', $tagid='', $tag ='', $sort='lastmodified DESC', $limit=true) {
487 global $CFG, $USER;
489 /// the post table will be used for other things too
490 $typesql = " AND p.module = 'blog' ";
492 /// set the tag id for searching
493 if ($tagid) {
494 $tag = $tagid;
495 } else if ($tag) {
496 if ($tagrec = get_record_sql('SELECT * FROM '.$CFG->prefix.'tag WHERE name LIKE "'.$tag.'"')) {
497 $tag = $tagrec->id;
498 } else {
499 $tag = -1; //no records found
503 // If we have specified an ID
504 // Just return 1 entry
506 if ($postid) {
508 if ($post = get_record('post', 'id', $postid)) {
510 if (blog_user_can_view_user_post($post->userid, $post)) {
512 if ($user = get_record('user', 'id', $post->userid)) {
513 $post->email = $user->email;
514 $post->firstname = $user->firstname;
515 $post->lastname = $user->lastname;
517 $retarray[] = $post;
518 return $retarray;
519 } else {
520 return null;
523 } else { // bad postid
524 return null;
528 if ($tag) {
529 $tagtablesql = $CFG->prefix.'tag_instance ti, ';
530 $tagquerysql = ' AND ti.itemid = p.id AND ti.tagid = '.$tag.' AND ti.itemtype = \'blog\' ';
531 } else {
532 $tagtablesql = '';
533 $tagquerysql = '';
536 if (isloggedin() && !has_capability('moodle/legacy:guest', get_context_instance(CONTEXT_SYSTEM, SITEID), $USER->id, false)) {
537 $permissionsql = 'AND (p.publishstate = \'site\' OR p.publishstate = \'public\' OR p.userid = '.$USER->id.')';
538 } else {
539 $permissionsql = 'AND p.publishstate = \'public\'';
542 // fix for MDL-9165, use with readuserblogs capability in a user context can read that user's private blogs
543 // admins can see all blogs regardless of publish states, as described on the help page
544 if (has_capability('moodle/user:readuserblogs', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
545 $permissionsql = '';
546 } else if ($filtertype=='user' && has_capability('moodle/user:readuserblogs', get_context_instance(CONTEXT_USER, $filterselect))) {
547 $permissionsql = '';
549 /****************************************
550 * depending on the type, there are 4 *
551 * different possible sqls *
552 ****************************************/
554 $requiredfields = 'p.*, u.firstname,u.lastname,u.email';
556 if ($filtertype == 'course' && $filterselect == SITEID) { // Really a site
557 $filtertype = 'site';
560 switch ($filtertype) {
562 case 'site':
564 $SQL = 'SELECT '.$requiredfields.' FROM '.$CFG->prefix.'post p, '.$tagtablesql
565 .$CFG->prefix.'user u
566 WHERE p.userid = u.id '.$tagquerysql.'
567 AND u.deleted = 0
568 '.$permissionsql.$typesql;
570 break;
572 case 'course':
573 // all users with a role assigned
574 $context = get_context_instance(CONTEXT_COURSE, $filterselect);
576 // MDL-10037, hidden users' blogs should not appear
577 if (has_capability('moodle/role:viewhiddenassigns', $context)) {
578 $hiddensql = '';
579 } else {
580 $hiddensql = ' AND ra.hidden = 0 ';
583 $SQL = 'SELECT '.$requiredfields.' FROM '.$CFG->prefix.'post p, '.$tagtablesql
584 .$CFG->prefix.'role_assignments ra, '.$CFG->prefix.'user u
585 WHERE p.userid = ra.userid '.$tagquerysql.'
586 AND ra.contextid '.get_related_contexts_string($context).'
587 AND u.id = p.userid
588 AND u.deleted = 0
589 '.$hiddensql.$permissionsql.$typesql;
591 break;
593 case 'group':
595 $SQL = 'SELECT '.$requiredfields.' FROM '.$CFG->prefix.'post p, '.$tagtablesql
596 .$CFG->prefix.'groups_members gm, '.$CFG->prefix.'user u
597 WHERE p.userid = gm.userid AND u.id = p.userid '.$tagquerysql.'
598 AND gm.groupid = '.$filterselect.'
599 AND u.deleted = 0
600 '.$permissionsql.$typesql;
601 break;
603 case 'user':
605 $SQL = 'SELECT '.$requiredfields.' FROM '.$CFG->prefix.'post p, '.$tagtablesql
606 .$CFG->prefix.'user u
607 WHERE p.userid = u.id '.$tagquerysql.'
608 AND u.id = '.$filterselect.'
609 AND u.deleted = 0
610 '.$permissionsql.$typesql;
611 break;
614 $limitfrom = 0;
615 $limitnum = 0;
617 if ($fetchstart !== '' && $limit) {
618 $limitfrom = $fetchstart;
619 $limitnum = $fetchlimit;
622 $orderby = ' ORDER BY '. $sort .' ';
624 //global $db; $db->debug = true;
625 $records = get_records_sql($SQL . $orderby, $limitfrom, $limitnum);
626 //$db->debug = false;
628 if (empty($records)) {
629 return array();
632 return $records;
637 * get the count of viewable entries, easiest way is to count blog_fetch_entries
638 * this is used for print_paging_bar
639 * this is not ideal, but because of the UNION in the sql in blog_fetch_entries,
640 * it is hard to use count_records_sql
642 function get_viewable_entry_count($postid='', $fetchlimit=10,
643 $fetchstart='', $filtertype='', $filterselect='', $tagid='',
644 $tag ='', $sort='lastmodified DESC') {
646 $blogEntries = blog_fetch_entries($postid, $fetchlimit,
647 $fetchstart, $filtertype, $filterselect, $tagid, $tag,
648 $sort='lastmodified DESC', false);
650 return count($blogEntries);
654 /// Find the base url from $_GET variables, for print_paging_bar
655 function get_baseurl($filtertype, $filterselect) {
657 $getcopy = $_GET;
659 unset($getcopy['blogpage']);
661 $strippedurl = strip_querystring(qualified_me());
662 if(!empty($getcopy)) {
663 $first = false;
664 $querystring = '';
665 foreach($getcopy as $var => $val) {
666 if(!$first) {
667 $first = true;
668 if ($var != 'filterselect' && $var != 'filtertype') {
669 $querystring .= '?'.$var.'='.$val;
670 $hasparam = true;
671 } else {
672 $querystring .= '?';
674 } else {
675 if ($var != 'filterselect' && $var != 'filtertype') {
676 $querystring .= '&amp;'.$var.'='.$val;
677 $hasparam = true;
681 if (isset($hasparam)) {
682 $querystring .= '&amp;';
683 } else {
684 $querystring = '?';
686 } else {
687 $querystring = '?';
690 return strip_querystring(qualified_me()) . $querystring. 'filtertype='.
691 $filtertype.'&amp;filterselect='.$filterselect.'&amp;';