-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathedit.php
444 lines (383 loc) · 19.2 KB
/
edit.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* This page opens the current instance of a diary entry for editing.
*
* @package mod_diary
* @copyright 2019 AL Rachels ([email protected])
* Thanks to Stephen Wallace regarding instant notifications to teachers.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
use mod_diary\local\results;
use mod_diary\local\diarystats;
use mod_diary\local\prompts;
use mod_diary\event\invalid_access_attempt;
require_once("../../config.php");
require_once('locallib.php'); // May not need this.
require_once('./edit_form.php');
global $DB;
$id = required_param('id', PARAM_INT); // Course Module ID.
$action = optional_param('action', 'currententry', PARAM_ALPHANUMEXT); // Action(default to current entry).
$firstkey = optional_param('firstkey', '', PARAM_INT); // Which diary_entries id to edit.
$promptid = optional_param('promptid', '', PARAM_INT); // The current one.
// ...print_object('Spacer in edit.php at line 39.');...
// ...print_object('Spacer in edit.php at line 40.');...
// ...print_object('Spacer in edit.php at line 41.');...
// ...print_object('Spacer in edit.php at line 42.');...
// ...print_object('Spacer in edit.php at line 43.');...
if (! $cm = get_coursemodule_from_id('diary', $id)) {
throw new moodle_exception(get_string('incorrectmodule', 'diary'));
}
if (! $course = $DB->get_record("course", ["id" => $cm->course])) {
throw new moodle_exception(get_string('incorrectcourseid', 'diary'));
}
$context = context_module::instance($cm->id);
require_login($course, false, $cm);
require_capability('mod/diary:addentries', $context);
if (! $diary = $DB->get_record('diary', ['id' => $cm->instance])) {
throw new moodle_exception(get_string('incorrectcourseid', 'diary'));
}
// 20221107 The $diary->intro gets overwritten by the current prompt and Notes, so keep a copy for later down in this file.
$tempintro = $diary->intro;
// 20240413 Check for existing promptid. DO NOT get current if editing entry already has one.
// Need to add - DO NOT get current if editing entry does not have a prompt id and it does not meet the time criteria.
if ((!$promptid) && ($diary->timeopen < time())) {
// 20240507 Added for testing and it appears to work for existing entry without a prompt.
if ($promptid > 0) {
// Need to call a prompt function that returns the current promptid, if there is one that is current.
$promptid = prompts::get_current_promptid($diary);
}
}
// 20210817 Add min/max info to the description so user can see them while editing an entry.
// 20240414 This also adds the prompt text to the $diary->intro.
diarystats::get_minmaxes($diary, $action, $promptid);
// 20210613 Added check to prevent direct access to create new entry when activity is closed.
if (($diary->timeclose) && (time() > $diary->timeclose)) {
// Trigger invalid_access_attempt with redirect to the view page.
$params = [
'objectid' => $id,
'context' => $context,
'other' => [
'file' => 'edit.php',
],
];
$event = invalid_access_attempt::create($params);
$event->trigger();
redirect('view.php?id='.$id, get_string('invalidaccessexp', 'diary'));
}
// Header.
$PAGE->set_url('/mod/diary/edit.php', ['id' => $id]);
$PAGE->navbar->add(get_string('edit'));
$PAGE->set_title(format_string($diary->name));
$PAGE->set_heading($course->fullname);
$data = new stdClass();
$parameters = [
'userid' => $USER->id,
'diary' => $diary->id,
'action' => $action,
'firstkey' => $firstkey,
];
// Get the single record specified by firstkey.
$entry = $DB->get_record('diary_entries',
[
'userid' => $USER->id,
'id' => $firstkey,
]
);
// This shows up upon save.
$debug['CP8-137 just got $entry from the mdl_diary_entries table: '] = $entry;
// 20230306 Added code that lists the tags on the edit_form page.
$data->tags = core_tag_tag::get_item_tags_array('mod_diary', 'diary_entries', $firstkey);
if ($action == 'currententry' && $entry) {
$data->entryid = $entry->id;
// 20240426 Trying to add the promptid here.
// 20240426 This lcation works for old promptid's but not for entries with NO promptid assigned. i.e. Does not work for 0.
$data->promptid = $entry->promptid;
$data->timecreated = $entry->timecreated;
$data->title = $entry->title;
$data->text = $entry->text;
$data->textformat = $entry->format;
$debug['CP9-146 just set $data based on ($action == currententry && $entry): '] = $data;
// Check the timecreated of the current entry to see if now is a new calendar day .
// 20210425 If can edit dates, just start a new entry.
if ((strtotime('today midnight') > $entry->timecreated) || ($action == 'currententry' && $diary->editdates)) {
$entry = '';
$data->entryid = null;
$data->timecreated = time();
$data->title = '';
$data->text = '';
$data->textformat = FORMAT_HTML;
$debug['CP10-158 just set more $data based on time and ($action == currententry && $entry): '] = $data;
}
} else if ($action == 'editentry' && $entry) {
$data->entryid = $entry->id;
// 20240426 Trying to add old promptid here.
$data->promptid = $entry->promptid;
$data->timecreated = $entry->timecreated;
$data->title = $entry->title;
$data->text = $entry->text;
$data->textformat = $entry->format;
$debug['CP11-176 just set $data based on ($action == editentry && $entry): '] = $data;
// Think I might need to add a check for currententry && !entry to justify starting a new entry, else error.
} else if ($action == 'currententry' && ! $entry) {
// There are no entries for this user, so start the first one.
$data->entryid = null;
$data->timecreated = time();
$data->title = '';
$data->text = '';
$data->textformat = FORMAT_HTML;
$debug['CP12-180 just set $data based on ($action == currententry && ! $entry): '] = $data;
} else {
throw new moodle_exception(get_string('generalerror', 'diary'));
}
$data->id = $cm->id;
// ...print_object('In edit.php at line 177.');...
list ($editoroptions, $attachmentoptions) = results::diary_get_editor_and_attachment_options($course,
$context,
$diary,
$entry,
$action,
$firstkey);
$data = file_prepare_standard_editor($data,
'text',
$editoroptions,
$context,
'mod_diary',
'entry',
$data->entryid);
$data = file_prepare_standard_filemanager($data,
'attachment',
$attachmentoptions,
$context,
'mod_diary',
'attachment',
$data->entryid);
// 20201119 Added $diary->editdates setting.
$form = new mod_diary_entry_form(null,
[
'current' => $data,
'cm' => $cm,
'diary' => $diary->editdates,
'editoroptions' => $editoroptions,
'attachmentoptions' => $attachmentoptions,
]
);
// ...print_object('In edit.php at line 210.');...
// ...print_object($editoroptions);...
// ///print_object($attachmentoptions);...
// Set existing data loaded from the database for this entry.
$form->set_data($data);
if ($form->is_cancelled()) {
redirect($CFG->wwwroot . '/mod/diary/view.php?id=' . $cm->id);
} else if ($fromform = $form->get_data()) {
// If data submitted, then process and store, contains text, format, and itemid.
// Prevent CSFR.
confirm_sesskey();
$timenow = time();
// This will be overwritten after we have the entryid.
$newentry = new stdClass();
// 20240426 Will try getting an old promptid inserted here.
$newentry->promptid = $fromform->promptid;
$newentry->timecreated = $fromform->timecreated;
$newentry->timemodified = $timenow;
$newentry->title = $fromform->title;
$newentry->text = $fromform->text_editor['text'];
$newentry->format = $fromform->text_editor['format'];
if (! $diary->editdates) {
// If editdates is NOT enabled do attempted cheat testing here.
// 20210619 Before we update, see if there is an entry in database with the same entryid.
$entry = $DB->get_record("diary_entries",
[
"userid" => $USER->id,
'id' => $fromform->entryid,
]
);
}
// 20210619 If user tries to change timecreated, prevent it.
// Need to move new code to up to just after getting $entry, to make a nested if.
// Currently not taking effect on the overall user grade unless the teacher rates it.
if ($fromform->entryid) {
$newentry->id = $fromform->entryid;
$debug['CP-274 just got $fromform->entryid just before checking for fake timecreated: '] = $fromform->entryid;
// 20240426 When I save the entry, this is undefined!
$newentry->promptid = $fromform->promptid;
$debug['CP-277 just got $fromform->promptid just before checking for fake timecreated: '] = $fromform->promptid;
if (($entry) && (!($entry->timecreated == $newentry->timecreated))) {
$debug['CP-281 checking $entry just before doing a bunch of newentry stuff: '] = $entry;
// 20210620 New code to prevent attempts to change timecreated.
$newentry->entrycomment = get_string('invalidtimechange', 'diary');
$newentry->entrycomment .= get_string('invalidtimechangeoriginal', 'diary', ['one' => userdate($entry->timecreated)]);
$newentry->entrycomment .= get_string('invalidtimechangenewtime', 'diary', ['one' => userdate($newentry->timecreated)]);
// Probably do not want to just arbitraily set a rating.
// Should leave it up to the teacher, otherwise will need to ascertain rating settings for the activity.
// phpcs:ignore
// $newentry->rating = 1;
$newentry->teacher = 2;
$newentry->timemodified = time();
$newentry->timemarked = time();
$newentry->timecreated = $entry->timecreated;
$fromform->timecreated = $entry->timecreated;
$newentry->entrycomment .= get_string('invalidtimeresettime', 'diary', ['one' => userdate($newentry->timecreated)]);
$debug['CP-298 checking $newentry just before doing a DB update_record: '] = $newentry;
$DB->update_record("diary_entries", $newentry);
// Trigger module entry updated event.
$event = \mod_diary\event\invalid_entry_attempt::create(
[
'objectid' => $diary->id,
'context' => $context,
]
);
$event->add_record_snapshot('course_modules', $cm);
$event->add_record_snapshot('course', $course);
$event->add_record_snapshot('diary', $diary);
$event->trigger();
redirect(new moodle_url('/mod/diary/view.php?id=' . $cm->id));
die();
}
$debug['CP-319 checking $newentry after completing the timecreated breakin attempt: '] = $newentry;
if (! $DB->update_record("diary_entries", $newentry)) {
throw new moodle_exception(get_string('generalerrorupdate', 'diary'));
}
} else {
$newentry->userid = $USER->id;
$newentry->diary = $diary->id;
$debug['CP-328 checking $newentry just before inserting a new DB insert_record: '] = $newentry;
if (! $newentry->id = $DB->insert_record("diary_entries", $newentry)) {
throw new moodle_exception(get_string('generalerrorinsert', 'diary'));
}
}
// Relink using the proper entryid.
// We need to do this as draft area didn't have an itemid associated when creating the entry.
$fromform = file_postupdate_standard_editor($fromform,
'text',
$editoroptions,
$editoroptions['context'],
'mod_diary',
'entry',
$newentry->id);
$newentry->promptid = $promptid;
$newentry->title = $fromform->title;
$newentry->text = $fromform->text;
$newentry->format = $fromform->textformat;
$newentry->timecreated = $fromform->timecreated;
$newentry->tags = $fromform->tags;
$DB->update_record('diary_entries', $newentry);
// Do some other processing here,
// If this is a new page (entry) you need to insert it in the DB and obtain id.
core_tag_tag::set_item_tags(
'mod_diary',
'diary_entries',
$newentry->id,
$context,
$newentry->tags
);
// Try adding autosave cleanup here.
// will need to search the mdl_editor_atto_autosave table
// will need to find a match with contextid and user id.
if ($entry) {
// Trigger module entry updated event.
$event = \mod_diary\event\entry_updated::create(
[
'objectid' => $diary->id,
'context' => $context,
]
);
} else {
// Trigger module entry created event.
$event = \mod_diary\event\entry_created::create(
[
'objectid' => $diary->id,
'context' => $context,
]
);
}
$event->add_record_snapshot('course_modules', $cm);
$event->add_record_snapshot('course', $course);
$event->add_record_snapshot('diary', $diary);
$event->trigger();
// Add confirmation of record being saved.
echo $OUTPUT->notification(get_string('entrysuccess', 'diary'), 'notifysuccess');
// Start new code to send teachers email note when diary entry is made.
// 20231105 Modified code so non-editing teachers get an email, too.
$role1 = $DB->get_record('role', ['shortname' => 'editingteacher']);
$role2 = $DB->get_record('role', ['shortname' => 'teacher']);
$contextcourse = context_course::instance($course->id);
$teachers1 = get_role_users($role1->id, $contextcourse);
$teachers2 = get_role_users($role2->id, $contextcourse);
$teachers = array_merge($teachers1, $teachers2);
$admin = get_admin();
// BEFORE we do any email creation, we need to see if we even need to do it!
// The foreach $teachers needs to be before the email wording creation.
// This move will allow me to use the diarymail and diarymailhtml greetings strings.
// Now send an email for each teacher in the course.
// First check to see if the actual data has changed by comparing before and after text fields.
// I think I might need to do some more debugging on the $data->text as I am receiving an email
// even when the user opens for edit, then saves without making any changes.
if ($data->text !== $newentry->text) {
// If data has changed, then send the email(s).
// 20230402 Since I added the two new fields to mdl_diary table, the following, if, check needs to be changed.
if ((get_config('mod_diary', 'teacheremail')) && ($diary->teacheremail || $diary->studentemail)) {
foreach ($teachers as $teacher) {
if (get_user_preferences('diary_emailpreference_'.$diary->id, null, $teacher->id) == 1) {
// Code for plain text Email.
$diaryinfo = new stdClass();
$diaryinfo->diary = format_string($diary->name, true);
$diaryinfo->url = "$CFG->wwwroot/mod/diary/reportsingle.php?id=$cm->id&user=$USER->id&action=currententry";
$modnamepl = get_string( 'modulenameplural', 'diary' );
$msubject = get_string( 'mailsubject', 'diary' );
$postsubject = fullname($USER)." has posted a diary entry in '$course->shortname'";
$posttext = "Hi, \n";
$posttext .= "$course->shortname -> $modnamepl -> ".format_string($diary->name, true)."\n";
$posttext .= "---------------------------------------------------------------------\n";
$posttext .= fullname($USER).' '.get_string("diarymailuser", "diary", $diaryinfo)."\n";
$posttext .= "---------------------------------------------------------------------\n";
// If user wants HTML format, use this code.
if ($USER->mailformat == 1) { // HTML.
$posthtml = "<p><font face=\"sans-serif\">".
"Hi there $teacher->firstname $teacher->lastname,<br>".
"<p>".fullname($USER).' '.get_string("diarymailhtmluser", "diary", $diaryinfo)."</p>".
"<p>The ".$SITE->shortname." Team</p>".
"<br /><hr /><font face=\"sans-serif\">".
"<p>".get_string("additionallinks", "diary")."</p>".
"<a href=\"$CFG->wwwroot/course/view.php?id=$course->id\">$course->shortname</a> ->".
"<a href=\"$CFG->wwwroot/mod/diary/index.php?id=$course->id\">diarys</a> ->".
"<a href=\"$CFG->wwwroot/mod/diary/view.php?id=$cm->id\">".format_string($diary->name, true).
"</a></font></p>".
"</font><hr />";
} else {
$posthtml = "";
}
$testemail = email_to_user($teacher, $admin, $postsubject, $posttext, $posthtml);
}
}
}
}
// End new code.
redirect(new moodle_url('/mod/diary/view.php?id=' . $cm->id));
die();
}
echo $OUTPUT->header();
if (($diary->intro) && ($CFG->branch < 400)) {
echo $OUTPUT->heading(format_string($diary->name));
$intro = $tempintro.'<br>'.format_module_intro('diary', $diary, $cm->id);
} else {
$intro = format_module_intro('diary', $diary, $cm->id);
}
echo $OUTPUT->box($intro);
// ...print_object($form);...
// Otherwise fill and print the form.
$form->display();
echo $OUTPUT->footer();