search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
MDL-56989 boost: don't double-escape page titles
[moodle.git] / lib / messagelib.php
blob34e7c38ae927aece92e9b1924b6854916a96f2d4
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
13 //
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
16
17 /**
18 * Functions for interacting with the message system
19 *
20 * @package core_message
21 * @copyright 2008 Luis Rodrigues and Martin Dougiamas
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
23 */
24
25 defined('MOODLE_INTERNAL') || die();
26
27 require_once(__DIR__ . '/../message/lib.php');
28
29 /**
30 * Called when a message provider wants to send a message.
31 * This functions checks the message recipient's message processor configuration then
32 * sends the message to the configured processors
33 *
34 * Required parameters of the $eventdata object:
35 * component string component name. must exist in message_providers
36 * name string message type name. must exist in message_providers
37 * userfrom object|int the user sending the message
38 * userto object|int the message recipient
39 * subject string the message subject
40 * fullmessage string the full message in a given format
41 * fullmessageformat int the format if the full message (FORMAT_MOODLE, FORMAT_HTML, ..)
42 * fullmessagehtml string the full version (the message processor will choose with one to use)
43 * smallmessage string the small version of the message
44 *
45 * Optional parameters of the $eventdata object:
46 * notification bool should the message be considered as a notification rather than a personal message
47 * contexturl string if this is a notification then you can specify a url to view the event. For example the forum post the user is being notified of.
48 * contexturlname string the display text for contexturl
49 *
50 * Note: processor failure is is not reported as false return value,
51 * earlier versions did not do it consistently either.
52 *
53 * @todo MDL-55449 Drop support for stdClass in Moodle 3.6
54 * @category message
55 * @param \core\message\message $eventdata information about the message (component, userfrom, userto, ...)
56 * @return mixed the integer ID of the new message or false if there was a problem with submitted data
57 */
58 function message_send($eventdata) {
59 global $CFG, $DB;
60
61 // TODO MDL-55449 Drop support for stdClass in Moodle 3.6.
62 if ($eventdata instanceof \stdClass) {
63 if (!isset($eventdata->courseid)) {
64 $eventdata->courseid = null;
65 }
66
67 debugging('eventdata as \stdClass is deprecated. Please use core\message\message instead.', DEBUG_DEVELOPER);
68 }
69
70 //new message ID to return
71 $messageid = false;
72
73 // Fetch default (site) preferences
74 $defaultpreferences = get_message_output_default_preferences();
75 $preferencebase = $eventdata->component.'_'.$eventdata->name;
76 // If message provider is disabled then don't do any processing.
77 if (!empty($defaultpreferences->{$preferencebase.'_disable'})) {
78 return $messageid;
79 }
80
81 // By default a message is a notification. Only personal/private messages aren't notifications.
82 if (!isset($eventdata->notification)) {
83 $eventdata->notification = 1;
84 }
85
86 if (!is_object($eventdata->userto)) {
87 $eventdata->userto = core_user::get_user($eventdata->userto);
88 }
89 if (!is_object($eventdata->userfrom)) {
90 $eventdata->userfrom = core_user::get_user($eventdata->userfrom);
91 }
92 if (!$eventdata->userto) {
93 debugging('Attempt to send msg to unknown user', DEBUG_NORMAL);
94 return false;
95 }
96 if (!$eventdata->userfrom) {
97 debugging('Attempt to send msg from unknown user', DEBUG_NORMAL);
98 return false;
99 }
100
101 // Verify all necessary data fields are present.
102 if (!isset($eventdata->userto->auth) or !isset($eventdata->userto->suspended)
103 or !isset($eventdata->userto->deleted) or !isset($eventdata->userto->emailstop)) {
104
105 debugging('Necessary properties missing in userto object, fetching full record', DEBUG_DEVELOPER);
106 $eventdata->userto = core_user::get_user($eventdata->userto->id);
107 }
108
109 $usertoisrealuser = (core_user::is_real_user($eventdata->userto->id) != false);
110 // If recipient is internal user (noreply user), and emailstop is set then don't send any msg.
111 if (!$usertoisrealuser && !empty($eventdata->userto->emailstop)) {
112 debugging('Attempt to send msg to internal (noreply) user', DEBUG_NORMAL);
113 return false;
114 }
115
116 //after how long inactive should the user be considered logged off?
117 if (isset($CFG->block_online_users_timetosee)) {
118 $timetoshowusers = $CFG->block_online_users_timetosee * 60;
119 } else {
120 $timetoshowusers = 300;//5 minutes
121 }
122
123 // Work out if the user is logged in or not
124 if (!empty($eventdata->userto->lastaccess) && (time()-$timetoshowusers) < $eventdata->userto->lastaccess) {
125 $userstate = 'loggedin';
126 } else {
127 $userstate = 'loggedoff';
128 }
129
130 // Create the message object
131 $savemessage = new stdClass();
132 $savemessage->courseid = $eventdata->courseid;
133 $savemessage->useridfrom = $eventdata->userfrom->id;
134 $savemessage->useridto = $eventdata->userto->id;
135 $savemessage->subject = $eventdata->subject;
136 $savemessage->fullmessage = $eventdata->fullmessage;
137 $savemessage->fullmessageformat = $eventdata->fullmessageformat;
138 $savemessage->fullmessagehtml = $eventdata->fullmessagehtml;
139 $savemessage->smallmessage = $eventdata->smallmessage;
140 $savemessage->notification = $eventdata->notification;
141 $savemessage->eventtype = $eventdata->name;
142 $savemessage->component = $eventdata->component;
143
144 if (!empty($eventdata->contexturl)) {
145 $savemessage->contexturl = (string)$eventdata->contexturl;
146 } else {
147 $savemessage->contexturl = null;
148 }
149
150 if (!empty($eventdata->contexturlname)) {
151 $savemessage->contexturlname = (string)$eventdata->contexturlname;
152 } else {
153 $savemessage->contexturlname = null;
154 }
155
156 $savemessage->timecreated = time();
157
158 if (PHPUNIT_TEST and class_exists('phpunit_util')) {
159 // Add some more tests to make sure the normal code can actually work.
160 $componentdir = core_component::get_component_directory($eventdata->component);
161 if (!$componentdir or !is_dir($componentdir)) {
162 throw new coding_exception('Invalid component specified in message-send(): '.$eventdata->component);
163 }
164 if (!file_exists("$componentdir/db/messages.php")) {
165 throw new coding_exception("$eventdata->component does not contain db/messages.php necessary for message_send()");
166 }
167 $messageproviders = null;
168 include("$componentdir/db/messages.php");
169 if (!isset($messageproviders[$eventdata->name])) {
170 throw new coding_exception("Missing messaging defaults for event '$eventdata->name' in '$eventdata->component' messages.php file");
171 }
172 unset($componentdir);
173 unset($messageproviders);
174 // Now ask phpunit if it wants to catch this message.
175 if (phpunit_util::is_redirecting_messages()) {
176 $savemessage->timeread = time();
177 $messageid = $DB->insert_record('message_read', $savemessage);
178 $message = $DB->get_record('message_read', array('id'=>$messageid));
179 phpunit_util::message_sent($message);
180 return $messageid;
181 }
182 }
183
184 // Fetch enabled processors
185 $processors = get_message_processors(true);
186
187 // Preset variables
188 $processorlist = array();
189 // Fill in the array of processors to be used based on default and user preferences
190 foreach ($processors as $processor) {
191 // Skip adding processors for internal user, if processor doesn't support sending message to internal user.
192 if (!$usertoisrealuser && !$processor->object->can_send_to_any_users()) {
193 continue;
194 }
195
196 // First find out permissions
197 $defaultpreference = $processor->name.'_provider_'.$preferencebase.'_permitted';
198 if (isset($defaultpreferences->{$defaultpreference})) {
199 $permitted = $defaultpreferences->{$defaultpreference};
200 } else {
201 // MDL-25114 They supplied an $eventdata->component $eventdata->name combination which doesn't
202 // exist in the message_provider table (thus there is no default settings for them).
203 $preferrormsg = "Could not load preference $defaultpreference. Make sure the component and name you supplied
204 to message_send() are valid.";
205 throw new coding_exception($preferrormsg);
206 }
207
208 // Find out if user has configured this output
209 // Some processors cannot function without settings from the user
210 $userisconfigured = $processor->object->is_user_configured($eventdata->userto);
211
212 // DEBUG: notify if we are forcing unconfigured output
213 if ($permitted == 'forced' && !$userisconfigured) {
214 debugging('Attempt to force message delivery to user who has "'.$processor->name.'" output unconfigured', DEBUG_NORMAL);
215 }
216
217 // Populate the list of processors we will be using
218 if ($permitted == 'forced' && $userisconfigured) {
219 // An admin is forcing users to use this message processor. Use this processor unconditionally.
220 $processorlist[] = $processor->name;
221 } else if ($permitted == 'permitted' && $userisconfigured && !$eventdata->userto->emailstop) {
222 // User has not disabled notifications
223 // See if user set any notification preferences, otherwise use site default ones
224 $userpreferencename = 'message_provider_'.$preferencebase.'_'.$userstate;
225 if ($userpreference = get_user_preferences($userpreferencename, null, $eventdata->userto)) {
226 if (in_array($processor->name, explode(',', $userpreference))) {
227 $processorlist[] = $processor->name;
228 }
229 } else if (isset($defaultpreferences->{$userpreferencename})) {
230 if (in_array($processor->name, explode(',', $defaultpreferences->{$userpreferencename}))) {
231 $processorlist[] = $processor->name;
232 }
233 }
234 }
235 }
236
237 // Store unread message just in case we get a fatal error any time later.
238 $savemessage->id = $DB->insert_record('message', $savemessage);
239 $eventdata->savedmessageid = $savemessage->id;
240
241 // Let the manager do the sending or buffering when db transaction in progress.
242 return \core\message\manager::send_message($eventdata, $savemessage, $processorlist);
243 }
244
245
246 /**
247 * Updates the message_providers table with the current set of message providers
248 *
249 * @param string $component For example 'moodle', 'mod_forum' or 'block_quiz_results'
250 * @return boolean True on success
251 */
252 function message_update_providers($component='moodle') {
253 global $DB;
254
255 // load message providers from files
256 $fileproviders = message_get_providers_from_file($component);
257
258 // load message providers from the database
259 $dbproviders = message_get_providers_from_db($component);
260
261 foreach ($fileproviders as $messagename => $fileprovider) {
262
263 if (!empty($dbproviders[$messagename])) { // Already exists in the database
264 // check if capability has changed
265 if ($dbproviders[$messagename]->capability == $fileprovider['capability']) { // Same, so ignore
266 // exact same message provider already present in db, ignore this entry
267 unset($dbproviders[$messagename]);
268 continue;
269
270 } else { // Update existing one
271 $provider = new stdClass();
272 $provider->id = $dbproviders[$messagename]->id;
273 $provider->capability = $fileprovider['capability'];
274 $DB->update_record('message_providers', $provider);
275 unset($dbproviders[$messagename]);
276 continue;
277 }
278
279 } else { // New message provider, add it
280
281 $provider = new stdClass();
282 $provider->name = $messagename;
283 $provider->component = $component;
284 $provider->capability = $fileprovider['capability'];
285
286 $transaction = $DB->start_delegated_transaction();
287 $DB->insert_record('message_providers', $provider);
288 message_set_default_message_preference($component, $messagename, $fileprovider);
289 $transaction->allow_commit();
290 }
291 }
292
293 foreach ($dbproviders as $dbprovider) { // Delete old ones
294 $DB->delete_records('message_providers', array('id' => $dbprovider->id));
295 $DB->delete_records_select('config_plugins', "plugin = 'message' AND ".$DB->sql_like('name', '?', false), array("%_provider_{$component}_{$dbprovider->name}_%"));
296 $DB->delete_records_select('user_preferences', $DB->sql_like('name', '?', false), array("message_provider_{$component}_{$dbprovider->name}_%"));
297 cache_helper::invalidate_by_definition('core', 'config', array(), 'message');
298 }
299
300 return true;
301 }
302
303 /**
304 * This function populates default message preferences for all existing providers
305 * when the new message processor is added.
306 *
307 * @param string $processorname The name of message processor plugin (e.g. 'email', 'jabber')
308 * @throws invalid_parameter_exception if $processorname does not exist in the database
309 */
310 function message_update_processors($processorname) {
311 global $DB;
312
313 // validate if our processor exists
314 $processor = $DB->get_records('message_processors', array('name' => $processorname));
315 if (empty($processor)) {
316 throw new invalid_parameter_exception();
317 }
318
319 $providers = $DB->get_records_sql('SELECT DISTINCT component FROM {message_providers}');
320
321 $transaction = $DB->start_delegated_transaction();
322 foreach ($providers as $provider) {
323 // load message providers from files
324 $fileproviders = message_get_providers_from_file($provider->component);
325 foreach ($fileproviders as $messagename => $fileprovider) {
326 message_set_default_message_preference($provider->component, $messagename, $fileprovider, $processorname);
327 }
328 }
329 $transaction->allow_commit();
330 }
331
332 /**
333 * Setting default messaging preferences for particular message provider
334 *
335 * @param string $component The name of component (e.g. moodle, mod_forum, etc.)
336 * @param string $messagename The name of message provider
337 * @param array $fileprovider The value of $messagename key in the array defined in plugin messages.php
338 * @param string $processorname The optional name of message processor
339 */
340 function message_set_default_message_preference($component, $messagename, $fileprovider, $processorname='') {
341 global $DB;
342
343 // Fetch message processors
344 $condition = null;
345 // If we need to process a particular processor, set the select condition
346 if (!empty($processorname)) {
347 $condition = array('name' => $processorname);
348 }
349 $processors = $DB->get_records('message_processors', $condition);
350
351 // load default messaging preferences
352 $defaultpreferences = get_message_output_default_preferences();
353
354 // Setting default preference
355 $componentproviderbase = $component.'_'.$messagename;
356 $loggedinpref = array();
357 $loggedoffpref = array();
358 // set 'permitted' preference first for each messaging processor
359 foreach ($processors as $processor) {
360 $preferencename = $processor->name.'_provider_'.$componentproviderbase.'_permitted';
361 // if we do not have this setting yet, set it
362 if (!isset($defaultpreferences->{$preferencename})) {
363 // determine plugin default settings
364 $plugindefault = 0;
365 if (isset($fileprovider['defaults'][$processor->name])) {
366 $plugindefault = $fileprovider['defaults'][$processor->name];
367 }
368 // get string values of the settings
369 list($permitted, $loggedin, $loggedoff) = translate_message_default_setting($plugindefault, $processor->name);
370 // store default preferences for current processor
371 set_config($preferencename, $permitted, 'message');
372 // save loggedin/loggedoff settings
373 if ($loggedin) {
374 $loggedinpref[] = $processor->name;
375 }
376 if ($loggedoff) {
377 $loggedoffpref[] = $processor->name;
378 }
379 }
380 }
381 // now set loggedin/loggedoff preferences
382 if (!empty($loggedinpref)) {
383 $preferencename = 'message_provider_'.$componentproviderbase.'_loggedin';
384 if (isset($defaultpreferences->{$preferencename})) {
385 // We have the default preferences for this message provider, which
386 // likely means that we have been adding a new processor. Add defaults
387 // to exisitng preferences.
388 $loggedinpref = array_merge($loggedinpref, explode(',', $defaultpreferences->{$preferencename}));
389 }
390 set_config($preferencename, join(',', $loggedinpref), 'message');
391 }
392 if (!empty($loggedoffpref)) {
393 $preferencename = 'message_provider_'.$componentproviderbase.'_loggedoff';
394 if (isset($defaultpreferences->{$preferencename})) {
395 // We have the default preferences for this message provider, which
396 // likely means that we have been adding a new processor. Add defaults
397 // to exisitng preferences.
398 $loggedoffpref = array_merge($loggedoffpref, explode(',', $defaultpreferences->{$preferencename}));
399 }
400 set_config($preferencename, join(',', $loggedoffpref), 'message');
401 }
402 }
403
404 /**
405 * Returns the active providers for the user specified, based on capability
406 *
407 * @param int $userid id of user
408 * @return array An array of message providers
409 */
410 function message_get_providers_for_user($userid) {
411 global $DB, $CFG;
412
413 $providers = get_message_providers();
414
415 // Ensure user is not allowed to configure instantmessage if it is globally disabled.
416 if (!$CFG->messaging) {
417 foreach ($providers as $providerid => $provider) {
418 if ($provider->name == 'instantmessage') {
419 unset($providers[$providerid]);
420 break;
421 }
422 }
423 }
424
425 // If the component is an enrolment plugin, check it is enabled
426 foreach ($providers as $providerid => $provider) {
427 list($type, $name) = core_component::normalize_component($provider->component);
428 if ($type == 'enrol' && !enrol_is_enabled($name)) {
429 unset($providers[$providerid]);
430 }
431 }
432
433 // Now we need to check capabilities. We need to eliminate the providers
434 // where the user does not have the corresponding capability anywhere.
435 // Here we deal with the common simple case of the user having the
436 // capability in the system context. That handles $CFG->defaultuserroleid.
437 // For the remaining providers/capabilities, we need to do a more complex
438 // query involving all overrides everywhere.
439 $unsureproviders = array();
440 $unsurecapabilities = array();
441 $systemcontext = context_system::instance();
442 foreach ($providers as $providerid => $provider) {
443 if (empty($provider->capability) || has_capability($provider->capability, $systemcontext, $userid)) {
444 // The provider is relevant to this user.
445 continue;
446 }
447
448 $unsureproviders[$providerid] = $provider;
449 $unsurecapabilities[$provider->capability] = 1;
450 unset($providers[$providerid]);
451 }
452
453 if (empty($unsureproviders)) {
454 // More complex checks are not required.
455 return $providers;
456 }
457
458 // Now check the unsure capabilities.
459 list($capcondition, $params) = $DB->get_in_or_equal(
460 array_keys($unsurecapabilities), SQL_PARAMS_NAMED);
461 $params['userid'] = $userid;
462
463 $sql = "SELECT DISTINCT rc.capability, 1
464
465 FROM {role_assignments} ra
466 JOIN {context} actx ON actx.id = ra.contextid
467 JOIN {role_capabilities} rc ON rc.roleid = ra.roleid
468 JOIN {context} cctx ON cctx.id = rc.contextid
469
470 WHERE ra.userid = :userid
471 AND rc.capability $capcondition
472 AND rc.permission > 0
473 AND (".$DB->sql_concat('actx.path', "'/'")." LIKE ".$DB->sql_concat('cctx.path', "'/%'").
474 " OR ".$DB->sql_concat('cctx.path', "'/'")." LIKE ".$DB->sql_concat('actx.path', "'/%'").")";
475
476 if (!empty($CFG->defaultfrontpageroleid)) {
477 $frontpagecontext = context_course::instance(SITEID);
478
479 list($capcondition2, $params2) = $DB->get_in_or_equal(
480 array_keys($unsurecapabilities), SQL_PARAMS_NAMED);
481 $params = array_merge($params, $params2);
482 $params['frontpageroleid'] = $CFG->defaultfrontpageroleid;
483 $params['frontpagepathpattern'] = $frontpagecontext->path . '/';
484
485 $sql .= "
486 UNION
487
488 SELECT DISTINCT rc.capability, 1
489
490 FROM {role_capabilities} rc
491 JOIN {context} cctx ON cctx.id = rc.contextid
492
493 WHERE rc.roleid = :frontpageroleid
494 AND rc.capability $capcondition2
495 AND rc.permission > 0
496 AND ".$DB->sql_concat('cctx.path', "'/'")." LIKE :frontpagepathpattern";
497 }
498
499 $relevantcapabilities = $DB->get_records_sql_menu($sql, $params);
500
501 // Add back any providers based on the detailed capability check.
502 foreach ($unsureproviders as $providerid => $provider) {
503 if (array_key_exists($provider->capability, $relevantcapabilities)) {
504 $providers[$providerid] = $provider;
505 }
506 }
507
508 return $providers;
509 }
510
511 /**
512 * Gets the message providers that are in the database for this component.
513 *
514 * This is an internal function used within messagelib.php
515 *
516 * @see message_update_providers()
517 * @param string $component A moodle component like 'moodle', 'mod_forum', 'block_quiz_results'
518 * @return array An array of message providers
519 */
520 function message_get_providers_from_db($component) {
521 global $DB;
522
523 return $DB->get_records('message_providers', array('component'=>$component), '', 'name, id, component, capability'); // Name is unique per component
524 }
525
526 /**
527 * Loads the messages definitions for a component from file
528 *
529 * If no messages are defined for the component, return an empty array.
530 * This is an internal function used within messagelib.php
531 *
532 * @see message_update_providers()
533 * @see message_update_processors()
534 * @param string $component A moodle component like 'moodle', 'mod_forum', 'block_quiz_results'
535 * @return array An array of message providers or empty array if not exists
536 */
537 function message_get_providers_from_file($component) {
538 $defpath = core_component::get_component_directory($component).'/db/messages.php';
539
540 $messageproviders = array();
541
542 if (file_exists($defpath)) {
543 require($defpath);
544 }
545
546 foreach ($messageproviders as $name => $messageprovider) { // Fix up missing values if required
547 if (empty($messageprovider['capability'])) {
548 $messageproviders[$name]['capability'] = NULL;
549 }
550 if (empty($messageprovider['defaults'])) {
551 $messageproviders[$name]['defaults'] = array();
552 }
553 }
554
555 return $messageproviders;
556 }
557
558 /**
559 * Remove all message providers for particular component and corresponding settings
560 *
561 * @param string $component A moodle component like 'moodle', 'mod_forum', 'block_quiz_results'
562 * @return void
563 */
564 function message_provider_uninstall($component) {
565 global $DB;
566
567 $transaction = $DB->start_delegated_transaction();
568 $DB->delete_records('message_providers', array('component' => $component));
569 $DB->delete_records_select('config_plugins', "plugin = 'message' AND ".$DB->sql_like('name', '?', false), array("%_provider_{$component}_%"));
570 $DB->delete_records_select('user_preferences', $DB->sql_like('name', '?', false), array("message_provider_{$component}_%"));
571 $transaction->allow_commit();
572 // Purge all messaging settings from the caches. They are stored by plugin so we have to clear all message settings.
573 cache_helper::invalidate_by_definition('core', 'config', array(), 'message');
574 }
575
576 /**
577 * Uninstall a message processor
578 *
579 * @param string $name A message processor name like 'email', 'jabber'
580 */
581 function message_processor_uninstall($name) {
582 global $DB;
583
584 $transaction = $DB->start_delegated_transaction();
585 $DB->delete_records('message_processors', array('name' => $name));
586 $DB->delete_records_select('config_plugins', "plugin = ?", array("message_{$name}"));
587 // delete permission preferences only, we do not care about loggedin/loggedoff
588 // defaults, they will be removed on the next attempt to update the preferences
589 $DB->delete_records_select('config_plugins', "plugin = 'message' AND ".$DB->sql_like('name', '?', false), array("{$name}_provider_%"));
590 $transaction->allow_commit();
591 // Purge all messaging settings from the caches. They are stored by plugin so we have to clear all message settings.
592 cache_helper::invalidate_by_definition('core', 'config', array(), array('message', "message_{$name}"));
593 }
Read-only mirror of the Moodle CVS