3 /// Shows current group, and allows editing of the group
4 /// icon and other settings related to that group
6 /// This script appears within a popup window
8 require_once('../config.php');
9 require_once('lib.php');
11 $id = required_param('id', PARAM_INT
); // Course id
12 $group = optional_param('group', 0, PARAM_INT
); // Optionally look at other groups
14 if (! $course = get_record('course', 'id', $id) ) {
15 error("That's an invalid course id");
18 require_login($course->id
);
20 if (!isteacheredit($course->id
)) {
24 if (! $group = get_record("groups", "id", $group, "courseid", $course->id
)) {
25 notice('Specified group could not be found!', "#");
26 close_window_button();
30 /// Print the headers of the page
32 print_header(get_string('groupinfoedit').' : '.$group->name
);
35 /// If data submitted, then process and store.
37 if ($form = data_submitted() and confirm_sesskey()) {
39 if (empty($form->name
)) {
40 $err['name'] = get_string("missingname");
43 require_once($CFG->dirroot
.'/lib/uploadlib.php');
45 $um = new upload_manager('imagefile',false,false,null,false,0,true,true);
46 if ($um->preprocess_files()) {
47 require_once("$CFG->libdir/gdlib.php");
49 if (save_profile_image($group->id
, $um, 'groups')) {
54 // Setting a new object in order to avoid updating other columns for the record,
55 // which could lead to SQL injection vulnerabilities.
57 // Be VERY sure to sanitize all parameters that go into $dataobj!
59 $dataobj = new stdClass
;
60 $dataobj->id
= $group->id
;
61 $dataobj->name
= clean_text($form->name
);
62 $dataobj->description
= clean_text($form->description
);
63 $dataobj->hidepicture
= empty($form->hidepicture
) ?
0 : 1;
64 $dataobj->password
= required_param('password', PARAM_ALPHANUM
);
65 $dataobj->picture
= $group->picture
;
66 if (!update_record('groups', $dataobj)) {
67 notify("A strange error occurred while trying to save");
69 notify(get_string('changessaved'));
76 $usehtmleditor = false;
78 include('group-edit.html');
80 echo "</body></html>";