| blob | 9229f23dbe47b1a6be6414d19184cf4af68714ff |
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
13 //
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17 /**
18 * moodlelib.php - Moodle main library
19 *
20 * Main library file of miscellaneous general-purpose Moodle functions.
21 * Other main libraries:
22 * - weblib.php - functions that produce web output
23 * - datalib.php - functions that access the database
24 *
25 * @package core
26 * @subpackage lib
27 * @copyright 1999 onwards Martin Dougiamas http://dougiamas.com
28 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
29 */
33 // CONSTANTS (Encased in phpdoc proper comments).
35 // Date and time constants.
36 /**
37 * Time constant - the number of seconds in a year
38 */
41 /**
42 * Time constant - the number of seconds in a week
43 */
46 /**
47 * Time constant - the number of seconds in a day
48 */
51 /**
52 * Time constant - the number of seconds in an hour
53 */
56 /**
57 * Time constant - the number of seconds in a minute
58 */
61 /**
62 * Time constant - the number of minutes in a day
63 */
66 /**
67 * Time constant - the number of minutes in an hour
68 */
71 // Parameter constants - every call to optional_param(), required_param()
72 // or clean_param() should have a specified type of parameter.
74 /**
75 * PARAM_ALPHA - contains only English ascii letters [a-zA-Z].
76 */
79 /**
80 * PARAM_ALPHAEXT the same contents as PARAM_ALPHA (English ascii letters [a-zA-Z]) plus the chars in quotes: "_-" allowed
81 * NOTE: originally this allowed "/" too, please use PARAM_SAFEPATH if "/" needed
82 */
85 /**
86 * PARAM_ALPHANUM - expected numbers 0-9 and English ascii letters [a-zA-Z] only.
87 */
90 /**
91 * PARAM_ALPHANUMEXT - expected numbers 0-9, letters (English ascii letters [a-zA-Z]) and _- only.
92 */
95 /**
96 * PARAM_AUTH - actually checks to make sure the string is a valid auth plugin
97 */
100 /**
101 * PARAM_BASE64 - Base 64 encoded format
102 */
105 /**
106 * PARAM_BOOL - converts input into 0 or 1, use for switches in forms and urls.
107 */
110 /**
111 * PARAM_CAPABILITY - A capability name, like 'moodle/role:manage'. Actually
112 * checked against the list of capabilities in the database.
113 */
116 /**
117 * PARAM_CLEANHTML - cleans submitted HTML code. Note that you almost never want
118 * to use this. The normal mode of operation is to use PARAM_RAW when receiving
119 * the input (required/optional_param or formslib) and then sanitise the HTML
120 * using format_text on output. This is for the rare cases when you want to
121 * sanitise the HTML on input. This cleaning may also fix xhtml strictness.
122 */
125 /**
126 * PARAM_EMAIL - an email address following the RFC
127 */
130 /**
131 * PARAM_FILE - safe file name, all dangerous chars are stripped, protects against XSS, SQL injections and directory traversals
132 */
135 /**
136 * PARAM_FLOAT - a real/floating point number.
137 *
138 * Note that you should not use PARAM_FLOAT for numbers typed in by the user.
139 * It does not work for languages that use , as a decimal separator.
140 * Use PARAM_LOCALISEDFLOAT instead.
141 */
144 /**
145 * PARAM_LOCALISEDFLOAT - a localised real/floating point number.
146 * This is preferred over PARAM_FLOAT for numbers typed in by the user.
147 * Cleans localised numbers to computer readable numbers; false for invalid numbers.
148 */
151 /**
152 * PARAM_HOST - expected fully qualified domain name (FQDN) or an IPv4 dotted quad (IP address)
153 */
156 /**
157 * PARAM_INT - integers only, use when expecting only numbers.
158 */
161 /**
162 * PARAM_LANG - checks to see if the string is a valid installed language in the current site.
163 */
166 /**
167 * PARAM_LOCALURL - expected properly formatted URL as well as one that refers to the local server itself. (NOT orthogonal to the
168 * others! Implies PARAM_URL!)
169 */
172 /**
173 * PARAM_NOTAGS - all html tags are stripped from the text. Do not abuse this type.
174 */
177 /**
178 * PARAM_PATH - safe relative path name, all dangerous chars are stripped, protects against XSS, SQL injections and directory
179 * traversals note: the leading slash is not removed, window drive letter is not allowed
180 */
183 /**
184 * PARAM_PEM - Privacy Enhanced Mail format
185 */
188 /**
189 * PARAM_PERMISSION - A permission, one of CAP_INHERIT, CAP_ALLOW, CAP_PREVENT or CAP_PROHIBIT.
190 */
193 /**
194 * PARAM_RAW specifies a parameter that is not cleaned/processed in any way except the discarding of the invalid utf-8 characters
195 */
198 /**
199 * PARAM_RAW_TRIMMED like PARAM_RAW but leading and trailing whitespace is stripped.
200 */
203 /**
204 * PARAM_SAFEDIR - safe directory name, suitable for include() and require()
205 */
208 /**
209 * PARAM_SAFEPATH - several PARAM_SAFEDIR joined by "/", suitable for include() and require(), plugin paths
210 * and other references to Moodle code files.
211 *
212 * This is NOT intended to be used for absolute paths or any user uploaded files.
213 */
216 /**
217 * PARAM_SEQUENCE - expects a sequence of numbers like 8 to 1,5,6,4,6,8,9. Numbers and comma only.
218 */
221 /**
222 * PARAM_TAG - one tag (interests, blogs, etc.) - mostly international characters and space, <> not supported
223 */
226 /**
227 * PARAM_TAGLIST - list of tags separated by commas (interests, blogs, etc.)
228 */
231 /**
232 * PARAM_TEXT - general plain text compatible with multilang filter, no other html tags. Please note '<', or '>' are allowed here.
233 */
236 /**
237 * PARAM_THEME - Checks to see if the string is a valid theme name in the current site
238 */
241 /**
242 * PARAM_URL - expected properly formatted URL. Please note that domain part is required, http://localhost/ is not accepted but
243 * http://localhost.localdomain/ is ok.
244 */
247 /**
248 * PARAM_USERNAME - Clean username to only contains allowed characters. This is to be used ONLY when manually creating user
249 * accounts, do NOT use when syncing with external systems!!
250 */
253 /**
254 * PARAM_STRINGID - used to check if the given string is valid string identifier for get_string()
255 */
258 // DEPRECATED PARAM TYPES OR ALIASES - DO NOT USE FOR NEW CODE.
259 /**
260 * PARAM_CLEAN - obsoleted, please use a more specific type of parameter.
261 * It was one of the first types, that is why it is abused so much ;-)
262 * @deprecated since 2.0
263 */
266 /**
267 * PARAM_INTEGER - deprecated alias for PARAM_INT
268 * @deprecated since 2.0
269 */
272 /**
273 * PARAM_NUMBER - deprecated alias of PARAM_FLOAT
274 * @deprecated since 2.0
275 */
278 /**
279 * PARAM_ACTION - deprecated alias for PARAM_ALPHANUMEXT, use for various actions in forms and urls
280 * NOTE: originally alias for PARAM_APLHA
281 * @deprecated since 2.0
282 */
285 /**
286 * PARAM_FORMAT - deprecated alias for PARAM_ALPHANUMEXT, use for names of plugins, formats, etc.
287 * NOTE: originally alias for PARAM_APLHA
288 * @deprecated since 2.0
289 */
292 /**
293 * PARAM_MULTILANG - deprecated alias of PARAM_TEXT.
294 * @deprecated since 2.0
295 */
298 /**
299 * PARAM_TIMEZONE - expected timezone. Timezone can be int +-(0-13) or float +-(0.5-12.5) or
300 * string separated by '/' and can have '-' &/ '_' (eg. America/North_Dakota/New_Salem
301 * America/Port-au-Prince)
302 */
305 /**
306 * PARAM_CLEANFILE - deprecated alias of PARAM_FILE; originally was removing regional chars too
307 */
310 /**
311 * PARAM_COMPONENT is used for full component names (aka frankenstyle) such as 'mod_forum', 'core_rating', 'auth_ldap'.
312 * Short legacy subsystem names and module names are accepted too ex: 'forum', 'rating', 'user'.
313 * Only lowercase ascii letters, numbers and underscores are allowed, it has to start with a letter.
314 * NOTE: numbers and underscores are strongly discouraged in plugin names!
315 */
318 /**
319 * PARAM_AREA is a name of area used when addressing files, comments, ratings, etc.
320 * It is usually used together with context id and component.
321 * Only lowercase ascii letters, numbers and underscores are allowed, it has to start with a letter.
322 */
325 /**
326 * PARAM_PLUGIN is used for plugin names such as 'forum', 'glossary', 'ldap', 'paypal', 'completionstatus'.
327 * Only lowercase ascii letters, numbers and underscores are allowed, it has to start with a letter.
328 * NOTE: numbers and underscores are strongly discouraged in plugin names! Underscores are forbidden in module names.
329 */
333 // Web Services.
335 /**
336 * VALUE_REQUIRED - if the parameter is not supplied, there is an error
337 */
340 /**
341 * VALUE_OPTIONAL - if the parameter is not supplied, then the param has no value
342 */
345 /**
346 * VALUE_DEFAULT - if the parameter is not supplied, then the default value is used
347 */
350 /**
351 * NULL_NOT_ALLOWED - the parameter can not be set to null in the database
352 */
355 /**
356 * NULL_ALLOWED - the parameter can be set to null in the database
357 */
360 // Page types.
362 /**
363 * PAGE_COURSE_VIEW is a definition of a page type. For more information on the page class see moodle/lib/pagelib.php.
364 */
367 /** Get remote addr constant */
369 /** Get remote addr constant */
371 /**
372 * GETREMOTEADDR_SKIP_DEFAULT defines the default behavior remote IP address validation.
373 */
374 define('GETREMOTEADDR_SKIP_DEFAULT', GETREMOTEADDR_SKIP_HTTP_X_FORWARDED_FOR|GETREMOTEADDR_SKIP_HTTP_CLIENT_IP);
376 // Blog access level constant declaration.
384 // Tag constants.
385 /**
386 * To prevent problems with multibytes strings,Flag updating in nav not working on the review page. this should not exceed the
387 * length of "varchar(255) / 3 (bytes / utf-8 character) = 85".
388 * TODO: this is not correct, varchar(255) are 255 unicode chars ;-)
389 *
390 * @todo define(TAG_MAX_LENGTH) this is not correct, varchar(255) are 255 unicode chars ;-)
391 */
394 // Password policy constants.
400 // Feature constants.
401 // Used for plugin_supports() to report features that are, or are not, supported by a module.
403 /** True if module can provide a grade */
405 /** True if module supports outcomes */
407 /** True if module supports advanced grading methods */
409 /** True if module controls the grade visibility over the gradebook */
411 /** True if module supports plagiarism plugins */
414 /** True if module has code to track whether somebody viewed it */
416 /** True if module has custom completion rules */
419 /** True if module has no 'view' page (like label) */
421 /** True (which is default) if the module wants support for setting the ID number for grade calculation purposes. */
423 /** True if module supports groups */
425 /** True if module supports groupings */
427 /**
428 * True if module supports groupmembersonly (which no longer exists)
429 * @deprecated Since Moodle 2.8
430 */
433 /** Type of module */
435 /** True if module supports intro editor */
437 /** True if module has default completion */
443 /** True if module supports backup/restore of moodle2 format */
446 /** True if module can show description on course main page */
449 /** True if module uses the question bank */
452 /**
453 * Maximum filename char size
454 */
457 /** Unspecified module archetype */
459 /** Resource-like type module */
461 /** Assignment module archetype */
463 /** System (not user-addable) module archetype */
466 /** Type of module */
468 /** Module purpose administration */
470 /** Module purpose assessment */
472 /** Module purpose communication */
474 /** Module purpose communication */
476 /** Module purpose content */
478 /** Module purpose interface */
480 /** Module purpose other */
483 /**
484 * Security token used for allowing access
485 * from external application such as web services.
486 * Scripts do not use any session, performance is relatively
487 * low because we need to load access info in each request.
488 * Scripts are executed in parallel.
489 */
492 /**
493 * Security token used for allowing access
494 * of embedded applications, the code is executed in the
495 * active user session. Token is invalidated after user logs out.
496 * Scripts are executed serially - normal session locking is used.
497 */
500 /**
501 * The home page should be the site home
502 */
504 /**
505 * The home page should be the users my page
506 */
508 /**
509 * The home page can be chosen by the user
510 */
512 /**
513 * The home page should be the users my courses page
514 */
517 /**
518 * URL of the Moodle sites registration portal.
519 */
522 /**
523 * URL of the statistic server public key.
524 */
525 defined('HUB_STATSPUBLICKEY') || define('HUB_STATSPUBLICKEY', 'https://moodle.org/static/statspubkey.pem');
527 /**
528 * Moodle mobile app service name
529 */
532 /**
533 * Indicates the user has the capabilities required to ignore activity and course file size restrictions
534 */
537 /**
538 * Course display settings: display all sections on one page.
539 */
541 /**
542 * Course display settings: split pages into a page per section.
543 */
546 /**
547 * Authentication constant: String used in password field when password is not stored.
548 */
551 /**
552 * Email from header to never include via information.
553 */
556 /**
557 * Email from header to always include via information.
558 */
561 /**
562 * Email from header to only include via information if the address is no-reply.
563 */
566 /**
567 * Contact site support form/link disabled.
568 */
571 /**
572 * Contact site support form/link only available to authenticated users.
573 */
576 /**
577 * Contact site support form/link available to anyone visiting the site.
578 */
581 // PARAMETER HANDLING.
583 /**
584 * Returns a particular value for the named variable, taken from
585 * POST or GET. If the parameter doesn't exist then an error is
586 * thrown because we require this variable.
587 *
588 * This function should be used to initialise all required values
589 * in a script that are based on parameters. Usually it will be
590 * used like this:
591 * $id = required_param('id', PARAM_INT);
592 *
593 * Please note the $type parameter is now required and the value can not be array.
594 *
595 * @param string $parname the name of the page parameter we want
596 * @param string $type expected type of parameter
597 * @return mixed
598 * @throws coding_exception
599 */
602 throw new coding_exception('required_param() requires $parname and $type to be specified (parameter: '.$parname.')');
603 }
604 // POST has precedence.
611 }
615 // TODO: switch to fatal error in Moodle 2.3.
617 }
620 }
622 /**
623 * Returns a particular array value for the named variable, taken from
624 * POST or GET. If the parameter doesn't exist then an error is
625 * thrown because we require this variable.
626 *
627 * This function should be used to initialise all required values
628 * in a script that are based on parameters. Usually it will be
629 * used like this:
630 * $ids = required_param_array('ids', PARAM_INT);
631 *
632 * Note: arrays of arrays are not supported, only alphanumeric keys with _ and - are supported
633 *
634 * @param string $parname the name of the page parameter we want
635 * @param string $type expected type of parameter
636 * @return array
637 * @throws coding_exception
638 */
641 throw new coding_exception('required_param_array() requires $parname and $type to be specified (parameter: '.$parname.')');
642 }
643 // POST has precedence.
650 }
653 }
658 debugging('Invalid key name in required_param_array() detected: '.$key.', parameter: '.$parname);
660 }
662 }
665 }
667 /**
668 * Returns a particular value for the named variable, taken from
669 * POST or GET, otherwise returning a given default.
670 *
671 * This function should be used to initialise all optional values
672 * in a script that are based on parameters. Usually it will be
673 * used like this:
674 * $name = optional_param('name', 'Fred', PARAM_TEXT);
675 *
676 * Please note the $type parameter is now required and the value can not be array.
677 *
678 * @param string $parname the name of the page parameter we want
679 * @param mixed $default the default value to return if nothing is found
680 * @param string $type expected type of parameter
681 * @return mixed
682 * @throws coding_exception
683 */
686 throw new coding_exception('optional_param requires $parname, $default + $type to be specified (parameter: '.$parname.')');
687 }
689 // POST has precedence.
696 }
700 // TODO: switch to $default in Moodle 2.3.
702 }
705 }
707 /**
708 * Returns a particular array value for the named variable, taken from
709 * POST or GET, otherwise returning a given default.
710 *
711 * This function should be used to initialise all optional values
712 * in a script that are based on parameters. Usually it will be
713 * used like this:
714 * $ids = optional_param('id', array(), PARAM_INT);
715 *
716 * Note: arrays of arrays are not supported, only alphanumeric keys with _ and - are supported
717 *
718 * @param string $parname the name of the page parameter we want
719 * @param mixed $default the default value to return if nothing is found
720 * @param string $type expected type of parameter
721 * @return array
722 * @throws coding_exception
723 */
726 throw new coding_exception('optional_param_array requires $parname, $default + $type to be specified (parameter: '.$parname.')');
727 }
729 // POST has precedence.
736 }
740 }
745 debugging('Invalid key name in optional_param_array() detected: '.$key.', parameter: '.$parname);
747 }
749 }
752 }
754 /**
755 * Strict validation of parameter values, the values are only converted
756 * to requested PHP type. Internally it is using clean_param, the values
757 * before and after cleaning must be equal - otherwise
758 * an invalid_parameter_exception is thrown.
759 * Objects and classes are not accepted.
760 *
761 * @param mixed $param
762 * @param string $type PARAM_ constant
763 * @param bool $allownull are nulls valid value?
764 * @param string $debuginfo optional debug information
765 * @return mixed the $param value converted to PHP type
766 * @throws invalid_parameter_exception if $param is not of given type
767 */
774 }
775 }
778 }
783 // Do not detect precision loss here.
785 // These always fit.
786 } else if (!is_numeric($param) or !preg_match('/^[\+-]?[0-9]*\.?[0-9]*(e[-+]?[0-9]+)?$/i', (string)$param)) {
788 }
790 // Conversion to string is usually lossless.
792 }
795 }
797 /**
798 * Makes sure array contains only the allowed types, this function does not validate array key names!
799 *
800 * <code>
801 * $options = clean_param($options, PARAM_INT);
802 * </code>
803 *
804 * @param array|null $param the variable array we are cleaning
805 * @param string $type expected format of param after cleaning.
806 * @param bool $recursive clean recursive arrays
807 * @return array
808 * @throws coding_exception
809 */
811 // Convert null to empty array.
818 throw new coding_exception('clean_param_array can not process multidimensional arrays when $recursive is false.');
819 }
822 }
823 }
825 }
827 /**
828 * Used by {@link optional_param()} and {@link required_param()} to
829 * clean the variables and/or cast to specific types, based on
830 * an options field.
831 * <code>
832 * $course->format = clean_param($course->format, PARAM_ALPHA);
833 * $selectedgradeitem = clean_param($selectedgradeitem, PARAM_INT);
834 * </code>
835 *
836 * @param mixed $param the variable we are cleaning
837 * @param string $type expected format of param after cleaning.
838 * @return mixed
839 * @throws coding_exception
840 */
845 throw new coding_exception('clean_param() can not process arrays, please use clean_param_array() instead.');
850 throw new coding_exception('clean_param() can not process objects, please use clean_param_array() instead.');
851 }
852 }
856 // No cleaning at all.
861 // No cleaning, but strip leading and trailing whitespace.
866 // General HTML cleaning, try to use more specific type if possible this is deprecated!
867 // Please use more specific type instead.
870 }
872 // Sweep for scripts, etc.
876 // Clean html fragment.
878 // Sweep for scripts, etc.
883 // Convert to integer.
887 // Convert to float.
891 // Convert to float.
895 // Remove everything not `a-z`.
899 // Remove everything not `a-zA-Z_-` (originally allowed "/" too).
903 // Remove everything not `a-zA-Z0-9`.
907 // Remove everything not `a-zA-Z0-9_-`.
911 // Remove everything not `0-9,`.
915 // Convert to 1 or 0.
923 }
927 // Strip all tags.
932 // Leave only tags needed for multilang.
934 // If the multilang syntax is not correct we strip all tags because it would break xhtml strict which is required
935 // for accessibility standards please note this cleaning does not strip unbalanced '>' for BC compatibility reasons.
938 // Old and future mutilang syntax.
942 }
951 }
952 }
957 }
958 }
961 }
965 // Current problematic multilang syntax.
969 }
978 }
979 }
984 }
985 }
988 }
990 }
992 // Easy, just strip all tags, if we ever want to fix orphaned '&' we have to do that in format_string().
996 // We do not want any guessing here, either the name is correct or not
997 // please note only normalised component names are accepted.
1001 }
1004 }
1006 // Module names must not contain underscores because we need to differentiate them from invalid plugin types.
1009 }
1010 }
1015 // We do not want any guessing here, either the name is correct or not.
1018 }
1022 // Remove everything not a-zA-Z0-9_- .
1026 // Remove everything not a-zA-Z0-9/_- .
1030 // Strip all suspicious characters from filename.
1035 }
1039 // Strip all suspicious characters from file path.
1043 // Explode the path and clean each element using the PARAM_FILE rules.
1047 // Special condition to allow for relative current path such as ./currentdirfile.txt.
1050 }
1052 }
1055 // Remove multiple current path (./././) and multiple slashes (///).
1061 // Allow FQDN or IPv4 dotted quad.
1063 // Match ipv4 dotted quad.
1065 // Confirm values are ok.
1070 // Hmmm, what kind of dotted quad is this?
1072 }
1076 ) {
1077 // All is ok - $param is respected.
1079 // All is not ok...
1081 }
1085 // Allow safe urls.
1089 // All is ok, param is respected.
1091 // Not really ok.
1093 }
1097 // Allow http absolute, root relative and relative URLs within wwwroot.
1102 // Exact match;
1104 // Root-relative, ok!
1106 // Absolute, and matches our wwwroot.
1109 // Relative - let's make sure there are no tricks.
1110 if (validateUrlSyntax('/' . $param, 's-u-P-a-p-f+q?r?') && !preg_match('/javascript:/i', $param)) {
1111 // Looks ok.
1114 }
1115 }
1116 }
1121 // PEM formatted strings may contain letters/numbers and the symbols:
1122 // forward slash: /
1123 // plus sign: +
1124 // equal sign: =
1125 // , surrounded by BEGIN and END CERTIFICATE prefix and suffixes.
1126 if (preg_match('/^-----BEGIN CERTIFICATE-----([\s\w\/\+=]+)-----END CERTIFICATE-----$/', trim($param), $matches)) {
1134 }
1135 }
1140 // PEM formatted strings may contain letters/numbers and the symbols
1141 // forward slash: /
1142 // plus sign: +
1143 // equal sign: =.
1146 }
1148 // Each line of base64 encoded data must be 64 characters in length, except for the last line which may be less
1149 // than (or equal to) 64 characters long.
1154 }
1156 }
1160 }
1161 }
1165 }
1169 // Please note it is not safe to use the tag name directly anywhere,
1170 // it must be processed with s(), urlencode() before embedding anywhere.
1171 // Remove some nasties.
1173 // Convert many whitespace chars into one.
1186 }
1187 }
1192 }
1199 }
1207 }
1217 }
1224 // Specified language is not installed or param malformed.
1226 }
1237 // Specified theme is not installed.
1239 }
1244 // Convert uppercase to lowercase MDL-16919.
1248 // Regular expression, eliminate all chars EXCEPT:
1249 // alphanum, dash (-), underscore (_), at sign (@) and period (.) characters.
1251 }
1260 }
1267 }
1270 // Can be int, float(with .5 or .0) or string seperated by '/' and can have '-_'.
1272 $timezonepattern = '/^(([+-]?(0?[0-9](\.[5|0])?|1[0-3](\.0)?|1[0-2]\.5))|(99)|[[:alnum:]]+(\/?[[:alpha:]_-])+)$/';
1277 }
1280 // Doh! throw error, switched parameters in optional_param or another serious problem.
1282 }
1283 }
1285 /**
1286 * Whether the PARAM_* type is compatible in RTL.
1287 *
1288 * Being compatible with RTL means that the data they contain can flow
1289 * from right-to-left or left-to-right without compromising the user experience.
1290 *
1291 * Take URLs for example, they are not RTL compatible as they should always
1292 * flow from the left to the right. This also applies to numbers, email addresses,
1293 * configuration snippets, base64 strings, etc...
1294 *
1295 * This function tries to best guess which parameters can contain localised strings.
1296 *
1297 * @param string $paramtype Constant PARAM_*.
1298 * @return bool
1299 */
1302 }
1304 /**
1305 * Makes sure the data is using valid utf8, invalid characters are discarded.
1306 *
1307 * Note: this function is not intended for full objects with methods and private properties.
1308 *
1309 * @param mixed $value
1310 * @return mixed with proper utf-8 encoding
1311 */
1318 // Shortcut.
1320 }
1322 // Remove null bytes or invalid Unicode sequences from value.
1325 // Note: this duplicates min_fix_utf8() intentionally.
1328 $buggyiconv = (!function_exists('iconv') or @iconv('UTF-8', 'UTF-8//IGNORE', '100'.chr(130).'€') !== '100€');
1329 }
1339 // Warn admins on admin/index.php page.
1341 }
1345 }
1352 }
1356 // Do not modify original.
1360 }
1364 // This is some other type, no utf-8 here.
1366 }
1367 }
1369 /**
1370 * Return true if given value is integer or string with integer value
1371 *
1372 * @param mixed $value String or Int
1373 * @return bool true if number, false if not
1374 */
1382 }
1383 }
1385 /**
1386 * Returns host part from url.
1387 *
1388 * @param string $url full url
1389 * @return string host, null if not found
1390 */
1395 }
1397 }
1399 /**
1400 * Tests whether anything was returned by text editor
1401 *
1402 * This function is useful for testing whether something you got back from
1403 * the HTML editor actually contains anything. Sometimes the HTML editor
1404 * appear to be empty, but actually you get back a <br> tag or something.
1405 *
1406 * @param string $string a string containing HTML.
1407 * @return boolean does the string contain any actual content - that is text,
1408 * images, objects, etc.
1409 */
1411 return trim(strip_tags((string)$string, '<img><object><applet><input><select><textarea><hr>')) == '';
1412 }
1414 /**
1415 * Set a key in global configuration
1416 *
1417 * Set a key/value pair in both this session's {@link $CFG} global variable
1418 * and in the 'config' database table for future sessions.
1419 *
1420 * Can also be used to update keys for plugin-scoped configs in config_plugin table.
1421 * In that case it doesn't affect $CFG.
1422 *
1423 * A NULL value will delete the entry.
1424 *
1425 * NOTE: this function is called from lib/db/upgrade.php
1426 *
1427 * @param string $name the key to set
1428 * @param string $value the value to set (without magic quotes)
1429 * @param string $plugin (optional) the plugin scope, default null
1430 * @return bool true or exception
1431 */
1435 // Redirect to appropriate handler when value is null.
1438 }
1440 // Set variables determining conditions and where to store the new config.
1441 // Plugin config goes to {config_plugins}, core config goes to {config}.
1444 // If it's for core config.
1449 // If it's a plugin.
1453 }
1455 // DB handling - checks for existing config, updating or inserting only if necessary.
1460 // Inserts a new config record.
1466 }
1469 // Record exists - Check and only set new value if it has changed.
1471 }
1474 // So it's defined for this invocation at least.
1475 // Settings from db are always strings.
1477 }
1479 // When setting config during a Behat test (in the CLI script, not in the web browser
1480 // requests), remember which ones are set so that we can clear them later.
1483 }
1485 // Update siteidentifier cache, if required.
1488 }
1490 // Invalidate cache, if required.
1493 }
1496 }
1498 /**
1499 * Get configuration values from the global config table
1500 * or the config_plugins table.
1501 *
1502 * If called with one parameter, it will load all the config
1503 * variables for one plugin, and return them as an object.
1504 *
1505 * If called with 2 parameters it will return a string single
1506 * value or false if the value is not found.
1507 *
1508 * NOTE: this function is called from lib/db/upgrade.php
1509 *
1510 * @param string $plugin full component name
1511 * @param string $name default null
1512 * @return mixed hash-like object or single value, return false no config found
1513 * @throws dml_exception
1514 */
1527 }
1529 }
1533 // This may throw an exception during installation, which is how we detect the
1534 // need to install the database. For more details see {@see initialise_cfg()}.
1537 // Set siteidentifier to false. We don't want to trip this continually.
1540 }
1541 }
1548 }
1549 }
1554 // The user is after a recordset.
1556 $result = $DB->get_records_menu('config_plugins', array('plugin' => $plugin), '', 'name,value');
1558 // This part is not really used any more, but anyway...
1560 }
1562 }
1567 }
1569 }
1573 }
1577 // We do not want any extra mess here, just real settings that could be saved in db.
1580 // Convert to string as if it went through the DB.
1582 }
1583 }
1586 }
1588 /**
1589 * Removes a key from global configuration.
1590 *
1591 * NOTE: this function is called from lib/db/upgrade.php
1592 *
1593 * @param string $name the key to set
1594 * @param string $plugin (optional) the plugin scope
1595 * @return boolean whether the operation succeeded.
1596 */
1607 }
1610 }
1612 /**
1613 * Remove all the config variables for a given plugin.
1614 *
1615 * NOTE: this function is called from lib/db/upgrade.php
1616 *
1617 * @param string $plugin a plugin, for example 'quiz' or 'qtype_multichoice';
1618 * @return boolean whether the operation succeeded.
1619 */
1622 // Delete from the obvious config_plugins first.
1624 // Next delete any suspect settings from config.
1628 // Finally clear both the plugin cache and the core cache (suspect settings now removed from core).
1632 }
1634 /**
1635 * Use this function to get a list of users from a config setting of type admin_setting_users_with_capability.
1636 *
1637 * All users are verified if they still have the necessary capability.
1638 *
1639 * @param string $value the value of the config setting.
1640 * @param string $capability the capability - must match the one passed to the admin_setting_users_with_capability constructor.
1641 * @param bool $includeadmins include administrators.
1642 * @return array of user objects.
1643 */
1647 }
1649 // We have to make sure that users still have the necessary capability,
1650 // it should be faster to fetch them all first and then test if they are present
1651 // instead of validating them one-by-one.
1657 }
1658 }
1662 }
1670 }
1671 }
1674 }
1677 /**
1678 * Invalidates browser caches and cached data in temp.
1679 *
1680 * @return void
1681 */
1684 }
1686 /**
1687 * Selectively invalidate different types of cache.
1688 *
1689 * Purges the cache areas specified. By default, this will purge all caches but can selectively purge specific
1690 * areas alone or in combination.
1691 *
1692 * @param bool[] $options Specific parts of the cache to purge. Valid options are:
1693 * 'muc' Purge MUC caches?
1694 * 'theme' Purge theme cache?
1695 * 'lang' Purge language string cache?
1696 * 'js' Purge javascript cache?
1697 * 'filter' Purge text filter cache?
1698 * 'other' Purge all other caches?
1699 */
1701 $defaults = array_fill_keys(['muc', 'theme', 'lang', 'js', 'template', 'filter', 'other'], false);
1705 $options = array_merge($defaults, array_intersect_key($options, $defaults)); // Override defaults with specified options.
1706 }
1709 }
1712 }
1715 }
1718 }
1721 }
1724 }
1727 }
1728 }
1730 /**
1731 * Purge all non-MUC caches not otherwise purged in purge_caches.
1732 *
1733 * IMPORTANT - If you are adding anything here to do with the cache directory you should also have a look at
1734 * {@link phpunit_util::reset_dataroot()}
1735 */
1740 }
1742 // Bump up cacherev field for all courses.
1746 // Ignore exception since this function is also called before upgrade script when field course.cacherev does not exist yet.
1747 }
1751 // Purge all other caches: rss, simplepie, etc.
1755 // Make sure cache dir is writable, throws exception if not.
1758 // This is the only place where we purge local caches, we are only adding files there.
1759 // The $CFG->localcachedirpurged flag forces local directories to be purged on cluster nodes.
1764 }
1766 /**
1767 * Get volatile flags
1768 *
1769 * @param string $type
1770 * @param int $changedsince default null
1771 * @return array records array
1772 */
1781 }
1786 }
1787 }
1789 }
1791 /**
1792 * Get volatile flags
1793 *
1794 * @param string $type
1795 * @param string $name
1796 * @param int $changedsince default null
1797 * @return string|false The cache flag value or false
1798 */
1808 }
1811 }
1813 /**
1814 * Set a volatile flag
1815 *
1816 * @param string $type the "type" namespace for the key
1817 * @param string $name the key to set
1818 * @param string $value the value to set (without magic quotes) - null will remove the flag
1819 * @param int $expiry (optional) epoch indicating expiry - defaults to now()+ 24hs
1820 * @return bool Always returns true
1821 */
1830 }
1835 }
1837 if ($f = $DB->get_record('cache_flags', array('name' => $name, 'flagtype' => $type), '*', IGNORE_MULTIPLE)) {
1838 // This is a potential problem in DEBUG_DEVELOPER.
1841 }
1854 }
1856 }
1858 /**
1859 * Removes a single volatile flag
1860 *
1861 * @param string $type the "type" namespace for the key
1862 * @param string $name the key to set
1863 * @return bool
1864 */
1869 }
1871 /**
1872 * Garbage-collect volatile flags
1873 *
1874 * @return bool Always returns true
1875 */
1880 }
1882 // USER PREFERENCE API.
1884 /**
1885 * Refresh user preference cache. This is used most often for $USER
1886 * object that is stored in session, but it also helps with performance in cron script.
1887 *
1888 * Preferences for each user are loaded on first use on every page, then again after the timeout expires.
1889 *
1890 * @package core
1891 * @category preference
1892 * @access public
1893 * @param stdClass $user User object. Preferences are preloaded into 'preference' property
1894 * @param int $cachelifetime Cache life time on the current page (in seconds)
1895 * @throws coding_exception
1896 * @return null
1897 */
1900 // Static cache, we need to check on each page load, not only every 2 minutes.
1904 throw new coding_exception('Invalid $user parameter in check_user_preferences_loaded() call, missing id field');
1905 }
1908 // No permanent storage for not-logged-in users and guest.
1911 }
1913 }
1917 if (isset($loadedusers[$user->id]) and isset($user->preference) and isset($user->preference['_lastloaded'])) {
1918 // Already loaded at least once on this page. Are we up to date?
1920 // No need to reload - we are on the same page and we loaded prefs just a moment ago.
1923 } else if (!get_cache_flag('userpreferenceschanged', $user->id, $user->preference['_lastloaded'])) {
1924 // No change since the lastcheck on this page.
1927 }
1928 }
1930 // OK, so we have to reload all preferences.
1932 $user->preference = $DB->get_records_menu('user_preferences', array('userid' => $user->id), '', 'name,value'); // All values.
1934 }
1936 /**
1937 * Called from set/unset_user_preferences, so that the prefs can be correctly reloaded in different sessions.
1938 *
1939 * NOTE: internal function, do not call from other code.
1940 *
1941 * @package core
1942 * @access private
1943 * @param integer $userid the user whose prefs were changed.
1944 */
1949 // No cache flags for guest and not-logged-in users.
1951 }
1954 }
1956 /**
1957 * Sets a preference for the specified user.
1958 *
1959 * If a $user object is submitted it's 'preference' property is used for the preferences cache.
1960 *
1961 * When additional validation/permission check is needed it is better to use {@see useredit_update_user_preference()}
1962 *
1963 * @package core
1964 * @category preference
1965 * @access public
1966 * @param string $name The key to set as preference for the specified user
1967 * @param string $value The value to set for the $name key in the specified user's
1968 * record, null means delete current value.
1969 * @param stdClass|int|null $user A moodle user object or id, null means current user
1970 * @throws coding_exception
1971 * @return bool Always true or exception
1972 */
1978 }
1981 // Null means delete current.
1984 throw new coding_exception('Invalid value in set_user_preference() call, objects are not allowed');
1986 throw new coding_exception('Invalid value in set_user_preference() call, arrays are not allowed');
1987 }
1988 // Value column maximum length is 1333 characters.
1991 throw new coding_exception('Invalid value in set_user_preference() call, value is is too long for the value column');
1992 }
1997 // It is a valid object.
2002 }
2007 // No permanent storage for not-logged-in users and guest.
2010 }
2012 if ($preference = $DB->get_record('user_preferences', array('userid' => $user->id, 'name' => $name))) {
2013 if ($preference->value === $value and isset($user->preference[$name]) and $user->preference[$name] === $value) {
2014 // Preference already set to this value.
2016 }
2025 }
2027 // Update value in cache.
2029 // Update the $USER in case where we've not a direct reference to $USER.
2032 }
2034 // Set reload flag for other sessions.
2038 }
2040 /**
2041 * Sets a whole array of preferences for the current user
2042 *
2043 * If a $user object is submitted it's 'preference' property is used for the preferences cache.
2044 *
2045 * @package core
2046 * @category preference
2047 * @access public
2048 * @param array $prefarray An array of key/value pairs to be set
2049 * @param stdClass|int|null $user A moodle user object or id, null means current user
2050 * @return bool Always true or exception
2051 */
2055 }
2057 }
2059 /**
2060 * Unsets a preference completely by deleting it from the database
2061 *
2062 * If a $user object is submitted it's 'preference' property is used for the preferences cache.
2063 *
2064 * @package core
2065 * @category preference
2066 * @access public
2067 * @param string $name The key to unset as preference for the specified user
2068 * @param stdClass|int|null $user A moodle user object or id, null means current user
2069 * @throws coding_exception
2070 * @return bool Always true or exception
2071 */
2077 }
2082 // It is a valid object.
2087 }
2092 // No permanent storage for not-logged-in user and guest.
2095 }
2097 // Delete from DB.
2100 // Delete the preference from cache.
2102 // Update the $USER in case where we've not a direct reference to $USER.
2105 }
2107 // Set reload flag for other sessions.
2111 }
2113 /**
2114 * Used to fetch user preference(s)
2115 *
2116 * If no arguments are supplied this function will return
2117 * all of the current user preferences as an array.
2118 *
2119 * If a name is specified then this function
2120 * attempts to return that particular preference value. If
2121 * none is found, then the optional value $default is returned,
2122 * otherwise null.
2123 *
2124 * If a $user object is submitted it's 'preference' property is used for the preferences cache.
2125 *
2126 * @package core
2127 * @category preference
2128 * @access public
2129 * @param string $name Name of the key to use in finding a preference value
2130 * @param mixed|null $default Value to be returned if the $name key is not set in the user preferences
2131 * @param stdClass|int|null $user A moodle user object or id, null means current user
2132 * @throws coding_exception
2133 * @return string|mixed|null A string containing the value of a single preference. An
2134 * array with all of the preferences or null
2135 */
2140 // All prefs.
2143 }
2148 // Is a valid object.
2154 }
2157 }
2162 // All values.
2165 // The single string value.
2168 // Default value (null if not specified).
2170 }
2171 }
2173 // FUNCTIONS FOR HANDLING TIME.
2175 /**
2176 * Given Gregorian date parts in user time produce a GMT timestamp.
2177 *
2178 * @package core
2179 * @category time
2180 * @param int $year The year part to create timestamp of
2181 * @param int $month The month part to create timestamp of
2182 * @param int $day The day part to create timestamp of
2183 * @param int $hour The hour part to create timestamp of
2184 * @param int $minute The minute part to create timestamp of
2185 * @param int $second The second part to create timestamp of
2186 * @param int|float|string $timezone Timezone modifier, used to calculate GMT time offset.
2187 * if 99 then default user's timezone is used {@link http://docs.moodle.org/dev/Time_API#Timezone}
2188 * @param bool $applydst Toggle Daylight Saving Time, default true, will be
2189 * applied only if timezone is 99 or string.
2190 * @return int GMT timestamp
2191 */
2192 function make_timestamp($year, $month=1, $day=1, $hour=0, $minute=0, $second=0, $timezone=99, $applydst=true) {
2200 throw new coding_exception('getTimestamp() returned false, please ensure you have passed correct values.'.
2202 }
2204 // Moodle BC DST stuff.
2207 }
2211 }
2213 /**
2214 * Format a date/time (seconds) as weeks, days, hours etc as needed
2215 *
2216 * Given an amount of time in seconds, returns string
2217 * formatted nicely as years, days, hours etc as needed
2218 *
2219 * @package core
2220 * @category time
2221 * @uses MINSECS
2222 * @uses HOURSECS
2223 * @uses DAYSECS
2224 * @uses YEARSECS
2225 * @param int $totalsecs Time in seconds
2226 * @param stdClass $str Should be a time object
2227 * @return string A nicely formatted date/time string
2228 */
2234 // Create the str structure the slow way.
2246 }
2271 }
2274 }
2277 }
2280 }
2283 }
2287 }
2290 }
2293 }
2296 }
2299 }
2301 }
2303 /**
2304 * Returns a formatted string that represents a date in user time.
2305 *
2306 * @package core
2307 * @category time
2308 * @param int $date the timestamp in UTC, as obtained from the database.
2309 * @param string $format strftime format. You should probably get this using
2310 * get_string('strftime...', 'langconfig');
2311 * @param int|float|string $timezone by default, uses the user's time zone. if numeric and
2312 * not 99 then daylight saving will not be added.
2313 * {@link http://docs.moodle.org/dev/Time_API#Timezone}
2314 * @param bool $fixday If true (default) then the leading zero from %d is removed.
2315 * If false then the leading zero is maintained.
2316 * @param bool $fixhour If true (default) then the leading zero from %I is removed.
2317 * @return string the formatted date/time.
2318 */
2322 }
2324 /**
2325 * Returns a html "time" tag with both the exact user date with timezone information
2326 * as a datetime attribute in the W3C format, and the user readable date and time as text.
2327 *
2328 * @package core
2329 * @category time
2330 * @param int $date the timestamp in UTC, as obtained from the database.
2331 * @param string $format strftime format. You should probably get this using
2332 * get_string('strftime...', 'langconfig');
2333 * @param int|float|string $timezone by default, uses the user's time zone. if numeric and
2334 * not 99 then daylight saving will not be added.
2335 * {@link http://docs.moodle.org/dev/Time_API#Timezone}
2336 * @param bool $fixday If true (default) then the leading zero from %d is removed.
2337 * If false then the leading zero is maintained.
2338 * @param bool $fixhour If true (default) then the leading zero from %I is removed.
2339 * @return string the formatted date/time.
2340 */
2341 function userdate_htmltime($date, $format = '', $timezone = 99, $fixday = true, $fixhour = true) {
2345 }
2350 return html_writer::tag('time', $userdatestr, ['datetime' => $machinedate->format(DateTime::W3C)]);
2351 }
2353 /**
2354 * Returns a formatted date ensuring it is UTF-8.
2355 *
2356 * If we are running under Windows convert to Windows encoding and then back to UTF-8
2357 * (because it's impossible to specify UTF-8 to fetch locale info in Win32).
2358 *
2359 * @param int $date the timestamp - since Moodle 2.9 this is a real UTC timestamp
2360 * @param string $format strftime format.
2361 * @param int|float|string $tz the user timezone
2362 * @return string the formatted date/time.
2363 * @since Moodle 2.3.3
2364 */
2374 ], [
2376 $datearray['hours'] < 12 ? get_string('amcaps', 'langconfig') : get_string('pmcaps', 'langconfig'),
2378 }
2384 }
2386 /**
2387 * Given a $time timestamp in GMT (seconds since epoch),
2388 * returns an array that represents the Gregorian date in user time
2389 *
2390 * @package core
2391 * @category time
2392 * @param int $time Timestamp in GMT
2393 * @param float|int|string $timezone user timezone
2394 * @return array An array that represents the date in user time
2395 */
2398 // PHP8 and PHP7 return different results when getdate(null) is called.
2399 // Display warning and cast to 0 to make sure the usergetdate() behaves consistently on all versions of PHP.
2400 // In the future versions of Moodle we may consider adding a strict typehint.
2403 }
2410 }
2412 /**
2413 * Given a GMT timestamp (seconds since epoch), offsets it by
2414 * the timezone. eg 3pm in India is 3pm GMT - 7 * 3600 seconds
2415 *
2416 * NOTE: this function does not include DST properly,
2417 * you should use the PHP date stuff instead!
2418 *
2419 * @package core
2420 * @category time
2421 * @param int $date Timestamp in GMT
2422 * @param float|int|string $timezone user timezone
2423 * @return int
2424 */
2431 }
2433 /**
2434 * Get a formatted string representation of an interval between two unix timestamps.
2435 *
2436 * E.g.
2437 * $intervalstring = get_time_interval_string(12345600, 12345660);
2438 * Will produce the string:
2439 * '0d 0h 1m'
2440 *
2441 * @param int $time1 unix timestamp
2442 * @param int $time2 unix timestamp
2443 * @param string $format string (can be lang string) containing format chars: https://www.php.net/manual/en/dateinterval.format.php.
2444 * @return string the formatted string describing the time difference, e.g. '10d 11h 45m'.
2445 */
2454 }
2456 /**
2457 * Given a time, return the GMT timestamp of the most recent midnight
2458 * for the current user.
2459 *
2460 * @package core
2461 * @category time
2462 * @param int $date Timestamp in GMT
2463 * @param float|int|string $timezone user timezone
2464 * @return int Returns a GMT timestamp
2465 */
2470 // Time of midnight of this user's day, in GMT.
2471 return make_timestamp($userdate['year'], $userdate['mon'], $userdate['mday'], 0, 0, 0, $timezone);
2473 }
2475 /**
2476 * Returns a string that prints the user's timezone
2477 *
2478 * @package core
2479 * @category time
2480 * @param float|int|string $timezone user timezone
2481 * @return string
2482 */
2486 }
2488 /**
2489 * Returns a float or a string which denotes the user's timezone
2490 * A float value means that a simple offset from GMT is used, while a string (it will be the name of a timezone in the database)
2491 * means that for this timezone there are also DST rules to be taken into account
2492 * Checks various settings and picks the most dominant of those which have a value
2493 *
2494 * @package core
2495 * @category time
2496 * @param float|int|string $tz timezone to calculate GMT time offset before
2497 * calculating user timezone, 99 is default user timezone
2498 * {@link http://docs.moodle.org/dev/Time_API#Timezone}
2499 * @return float|string
2500 */
2509 );
2513 // Loop while $tz is, empty but not zero, or 99, and there is another timezone is the array.
2517 }
2518 }
2520 }
2522 /**
2523 * Calculates the Daylight Saving Offset for a given date/time (timestamp)
2524 * - Note: Daylight saving only works for string timezones and not for float.
2525 *
2526 * @package core
2527 * @category time
2528 * @param int $time must NOT be compensated at all, it has to be a pure timestamp
2529 * @param int|float|string $strtimezone user timezone
2530 * @return int
2531 */
2539 }
2541 }
2543 }
2545 /**
2546 * Calculates when the day appears in specific month
2547 *
2548 * @package core
2549 * @category time
2550 * @param int $startday starting day of the month
2551 * @param int $weekday The day when week starts (normally taken from user preferences)
2552 * @param int $month The month whose day is sought
2553 * @param int $year The year of the month whose day is sought
2554 * @return int
2555 */
2563 // Don't care about weekday, so return:
2564 // abs($startday) if $startday != -1
2565 // $daysinmonth otherwise.
2567 }
2569 // From now on we 're looking for a specific weekday.
2570 // Give "end of month" its actual value, since we know it.
2573 }
2575 // Starting from day $startday, the sign is the direction.
2580 // This is the last such weekday of the month.
2584 }
2586 // Find the first such weekday <= $startday.
2589 }
2598 }
2600 // This is the first such weekday of the month equal to or after $startday.
2604 }
2605 }
2607 /**
2608 * Calculate the number of days in a given month
2609 *
2610 * @package core
2611 * @category time
2612 * @param int $month The month whose day count is sought
2613 * @param int $year The year of the month whose day count is sought
2614 * @return int
2615 */
2619 }
2621 /**
2622 * Calculate the position in the week of a specific calendar day
2623 *
2624 * @package core
2625 * @category time
2626 * @param int $day The day of the date whose position in the week is sought
2627 * @param int $month The month of the date whose position in the week is sought
2628 * @param int $year The year of the date whose position in the week is sought
2629 * @return int
2630 */
2634 }
2636 // USER AUTHENTICATION AND LOGIN.
2638 /**
2639 * Returns full login url.
2640 *
2641 * Any form submissions for authentication to this URL must include username,
2642 * password as well as a logintoken generated by \core\session\manager::get_login_token().
2643 *
2644 * @return string login url
2645 */
2650 }
2652 /**
2653 * This function checks that the current user is logged in and has the
2654 * required privileges
2655 *
2656 * This function checks that the current user is logged in, and optionally
2657 * whether they are allowed to be in a particular course and view a particular
2658 * course module.
2659 * If they are not logged in, then it redirects them to the site login unless
2660 * $autologinguest is set and {@link $CFG}->autologinguests is set to 1 in which
2661 * case they are automatically logged in as guests.
2662 * If $courseid is given and the user is not enrolled in that course then the
2663 * user is redirected to the course enrolment page.
2664 * If $cm is given and the course module is hidden and the user is not a teacher
2665 * in the course then the user is redirected to the course home page.
2666 *
2667 * When $cm parameter specified, this function sets page layout to 'module'.
2668 * You need to change it manually later if some other layout needed.
2669 *
2670 * @package core_access
2671 * @category access
2672 *
2673 * @param mixed $courseorid id of the course or course object
2674 * @param bool $autologinguest default true
2675 * @param object $cm course module object
2676 * @param bool $setwantsurltome Define if we want to set $SESSION->wantsurl, defaults to
2677 * true. Used to avoid (=false) some scripts (file.php...) to set that variable,
2678 * in order to keep redirects working properly. MDL-14495
2679 * @param bool $preventredirect set to true in scripts that can not redirect (CLI, rss feeds, etc.), throws exceptions
2680 * @return mixed Void, exit, and die depending on path
2681 * @throws coding_exception
2682 * @throws require_login_exception
2683 * @throws moodle_exception
2684 */
2685 function require_login($courseorid = null, $autologinguest = true, $cm = null, $setwantsurltome = true, $preventredirect = false) {
2688 // Must not redirect when byteserving already started.
2691 }
2694 // We cannot redirect for AJAX scripts either.
2696 }
2698 // Setup global $COURSE, themes, language and locale.
2706 }
2710 }
2711 // Make sure we have a $cm from get_fast_modinfo as this contains activity access details.
2713 // Note: nearly all pages call get_fast_modinfo anyway and it does not make any
2714 // db queries so this is not really a performance concern, however it is obviously
2715 // better if you use get_fast_modinfo to get the cm before calling this.
2718 }
2719 }
2721 // Do not touch global $COURSE via $PAGE->set_course(),
2722 // the reasons is we need to be able to call require_login() at any time!!
2725 throw new coding_exception('cm parameter in require_login() requires valid course parameter!');
2726 }
2727 }
2729 // If this is an AJAX request and $setwantsurltome is true then we need to override it and set it to false.
2730 // Otherwise the AJAX request URL will be set to $SESSION->wantsurl and events such as self enrolment in the future
2731 // risk leading the user back to the AJAX request URL.
2734 }
2736 // Redirect to the login page if session has expired, only with dbsessions enabled (MDL-35029) to maintain current behaviour.
2737 if ((!isloggedin() or isguestuser()) && !empty($SESSION->has_timed_out) && !empty($CFG->dbsessions)) {
2743 }
2745 }
2746 }
2748 // If the user is not even logged in yet then make sure they are.
2752 // Misconfigured site guest, just redirect to login page.
2755 }
2761 // NOTE: $USER->site check was obsoleted by session test cookie, $USER->confirmed test is in login/index.php.
2764 }
2768 }
2770 // Give auth plugins an opportunity to authenticate or redirect to an external login page
2779 }
2782 }
2783 }
2785 // If we're still not logged in then go to the login page
2789 }
2790 }
2791 }
2793 // Loginas as redirection if needed.
2799 }
2800 }
2801 }
2803 // Check whether the user should be changing password (but only if it is REALLY them).
2804 if (get_user_preferences('auth_forcepasswordchange') && !\core\session\manager::is_loggedinas()) {
2809 }
2811 // Use plugin custom url.
2814 // Use moodle internal method.
2816 }
2821 }
2822 }
2824 // Check that the user account is properly set up. If we can't redirect to
2825 // edit their profile and this is not a WS request, perform just the lax check.
2826 // It will allow them to use filepicker on the profile edit page.
2832 }
2837 }
2840 }
2842 }
2844 // Make sure the USER has a sesskey set up. Used for CSRF protection.
2848 // During a "logged in as" session we should force all content to be cleaned because the
2849 // logged in user will be viewing potentially malicious user generated content.
2850 // See MDL-63786 for more details.
2852 }
2856 // Do not bother admins with any formalities, except for activities pending deletion.
2858 // Set the global $COURSE.
2864 }
2865 // Set accesstime or the user will appear offline which messes up messaging.
2866 // Do not update access time for webservice or ajax requests.
2869 }
2874 }
2875 }
2877 }
2879 // Scripts have a chance to declare that $USER->policyagreed should not be checked.
2880 // This is mostly for places where users are actually accepting the policies, to avoid the redirect loop.
2883 }
2885 // Check that the user has agreed to a site policy if there is one - do not test in case of admins.
2886 // Do not test if the script explicitly asked for skipping the site policies check.
2887 // Or if the user auth type is webservice.
2888 if (!$USER->policyagreed && !is_siteadmin() && !NO_SITEPOLICY_CHECK && $USER->auth !== 'webservice') {
2893 }
2896 }
2898 }
2899 }
2901 // Fetch the system context, the course context, and prefetch its child contexts.
2908 }
2910 // If the site is currently under maintenance, then print a message.
2911 if (!empty($CFG->maintenance_enabled) and !has_capability('moodle/site:maintenanceaccess', $sysctx)) {
2914 }
2917 }
2919 // Make sure the course itself is not hidden.
2921 // Frontpage can not be hidden.
2924 // When switching roles ignore the hidden flag - user had to be in course to do the switch.
2926 if (!$course->visible and !has_capability('moodle/course:viewhiddencourses', $coursecontext)) {
2927 // Originally there was also test of parent category visibility, BUT is was very slow in complex queries
2928 // involving "my courses" now it is also possible to simply hide all courses user is not enrolled in :-).
2931 }
2933 // We need to override the navigation URL as the course won't have been added to the navigation and thus
2934 // the navigation will mess up when trying to find it.
2937 }
2938 }
2939 }
2941 // Is the user enrolled?
2943 // Everybody is enrolled on the frontpage.
2946 // Make sure the REAL person can access this course first.
2952 }
2956 }
2957 }
2962 // Ok, user had to be inside this course before the switch.
2966 // Ok, no need to mess with enrol.
2976 }
2978 // Expired.
2980 }
2981 }
2988 // Expired.
2991 }
2992 }
2995 // Cache not ok.
2998 // Active participants may always access, a timestamp in the future, 0 (always) or false.
3001 }
3009 // First ask all enabled enrol instances in course if they want to auto enrol user.
3013 }
3014 // Get a duration for the enrolment, a timestamp in the future, 0 (always) or false.
3019 }
3023 }
3024 }
3025 // If not enrolled yet try to gain temporary guest access.
3030 }
3031 // Get a duration for the guest access, a timestamp in the future or false.
3037 }
3038 }
3039 }
3041 // User is not enrolled and is not allowed to browse courses here.
3044 }
3046 // We need to override the navigation URL as the course won't have been added to the navigation and thus
3047 // the navigation will mess up when trying to find it.
3050 }
3051 }
3052 }
3057 }
3060 }
3062 }
3063 }
3065 // Check whether the activity has been scheduled for deletion. If so, then deny access, even for admins.
3069 }
3072 }
3074 // Check visibility of activity to current user; includes visible flag, conditional availability, etc.
3078 }
3079 // Get the error message that activity is not available and why (if explanation can be shown to the user).
3084 }
3086 // Set the global $COURSE.
3092 }
3097 }
3098 }
3100 // Finally access granted, update lastaccess times.
3101 // Do not update access time for webservice or ajax requests.
3104 }
3105 }
3107 /**
3108 * A convenience function for where we must be logged in as admin
3109 * @return void
3110 */
3114 }
3116 /**
3117 * This function just makes sure a user is logged out.
3118 *
3119 * @package core_access
3120 * @category access
3121 */
3126 // This should not happen often, no need for hooks or events here.
3129 }
3131 // Execute hooks before action.
3137 }
3139 // Store info that gets removed during logout.
3146 )
3147 );
3150 }
3152 // Clone of $USER object to be used by auth plugins.
3155 // Delete session record and drop $_SESSION content.
3158 // Trigger event AFTER action.
3161 // Hook to execute auth plugins redirection after event trigger.
3164 }
3165 }
3167 /**
3168 * Weaker version of require_login()
3169 *
3170 * This is a weaker version of {@link require_login()} which only requires login
3171 * when called from within a course rather than the site page, unless
3172 * the forcelogin option is turned on.
3173 * @see require_login()
3174 *
3175 * @package core_access
3176 * @category access
3177 *
3178 * @param mixed $courseorid The course object or id in question
3179 * @param bool $autologinguest Allow autologin guests if that is wanted
3180 * @param object $cm Course activity module if known
3181 * @param bool $setwantsurltome Define if we want to set $SESSION->wantsurl, defaults to
3182 * true. Used to avoid (=false) some scripts (file.php...) to set that variable,
3183 * in order to keep redirects working properly. MDL-14495
3184 * @param bool $preventredirect set to true in scripts that can not redirect (CLI, rss feeds, etc.), throws exceptions
3185 * @return void
3186 * @throws coding_exception
3187 */
3188 function require_course_login($courseorid, $autologinguest = true, $cm = null, $setwantsurltome = true, $preventredirect = false) {
3193 // Note: nearly all pages call get_fast_modinfo anyway and it does not make any
3194 // db queries so this is not really a performance concern, however it is obviously
3195 // better if you use get_fast_modinfo to get the cm before calling this.
3200 }
3203 }
3205 // Login required for both SITE and courses.
3209 // Always login for hidden activities.
3213 // User is already logged in. Make sure the login is complete (user is fully setup, policies agreed).
3217 // Login for SITE not required.
3218 // We still need to instatiate PAGE vars properly so that things that rely on it like navigation function correctly.
3224 }
3227 throw new coding_exception('course and cm parameters in require_course_login() call do not match!!');
3228 }
3233 }
3235 // If $PAGE->course, and hence $PAGE->context, have not already been set up properly, set them up now.
3237 }
3238 // Do not update access time for webservice or ajax requests.
3241 }
3245 // Course login always required.
3247 }
3248 }
3250 /**
3251 * Validates a user key, checking if the key exists, is not expired and the remote ip is correct.
3252 *
3253 * @param string $keyvalue the key value
3254 * @param string $script unique script identifier
3255 * @param int $instance instance id
3256 * @return stdClass the key entry in the user_private_key table
3257 * @since Moodle 3.2
3258 * @throws moodle_exception
3259 */
3263 if (!$key = $DB->get_record('user_private_key', array('script' => $script, 'value' => $keyvalue, 'instance' => $instance))) {
3265 }
3269 }
3275 }
3276 }
3278 }
3280 /**
3281 * Require key login. Function terminates with error if key not found or incorrect.
3282 *
3283 * @uses NO_MOODLE_COOKIES
3284 * @uses PARAM_ALPHANUM
3285 * @param string $script unique script identifier
3286 * @param int $instance optional instance id
3287 * @param string $keyvalue The key. If not supplied, this will be fetched from the current session.
3288 * @return int Instance ID
3289 */
3295 }
3297 // Extra safety.
3302 }
3308 }
3312 // Emulate normal session.
3316 // Note we are not using normal login.
3319 }
3321 // Return instance id - it might be empty.
3323 }
3325 /**
3326 * Creates a new private user access key.
3327 *
3328 * @param string $script unique target identifier
3329 * @param int $userid
3330 * @param int $instance optional instance id
3331 * @param string $iprestriction optional ip restricted access
3332 * @param int $validuntil key valid only until given data
3333 * @return string access key value
3334 */
3335 function create_user_key($script, $userid, $instance=null, $iprestriction=null, $validuntil=null) {
3346 // Something long and unique.
3349 // Must be unique.
3351 }
3354 }
3356 /**
3357 * Delete the user's new private user access keys for a particular script.
3358 *
3359 * @param string $script unique target identifier
3360 * @param int $userid
3361 * @return void
3362 */
3366 }
3368 /**
3369 * Gets a private user access key (and creates one if one doesn't exist).
3370 *
3371 * @param string $script unique target identifier
3372 * @param int $userid
3373 * @param int $instance optional instance id
3374 * @param string $iprestriction optional ip restricted access
3375 * @param int $validuntil key valid only until given date
3376 * @return string access key value
3377 */
3378 function get_user_key($script, $userid, $instance=null, $iprestriction=null, $validuntil=null) {
3387 }
3388 }
3391 /**
3392 * Modify the user table by setting the currently logged in user's last login to now.
3393 *
3394 * @return bool Always returns true
3395 */
3400 // Do not update guest access times/ips for performance.
3402 }
3405 // Do not update user login time when using user key login.
3407 }
3414 // Make sure all users that logged in have some firstaccess.
3417 }
3419 // Store the previous current as lastlogin.
3424 // Function user_accesstime_log() may not update immediately, better do it here.
3429 // Note: do not call user_update_user() here because this is part of the login process,
3430 // the login event means that these fields were updated.
3433 }
3435 /**
3436 * Determines if a user has completed setting up their account.
3437 *
3438 * The lax mode (with $strict = false) has been introduced for special cases
3439 * only where we want to skip certain checks intentionally. This is valid in
3440 * certain mnet or ajax scenarios when the user cannot / should not be
3441 * redirected to edit their profile. In most cases, you should perform the
3442 * strict check.
3443 *
3444 * @param stdClass $user A {@link $USER} object to test for the existence of a valid name and email
3445 * @param bool $strict Be more strict and assert id and custom profile fields set, too
3446 * @return bool
3447 */
3452 // If the user is setup then store this in the session to avoid re-checking.
3453 // Some edge cases are when the users email starts to bounce or the
3454 // configuration for custom fields has changed while they are logged in so
3455 // we re-check this fully every hour for the rare cases it has changed.
3459 }
3463 }
3465 if (empty($user->firstname) or empty($user->lastname) or empty($user->email) or over_bounce_threshold($user)) {
3467 }
3471 // Strict mode can be used with existing accounts only.
3473 }
3476 }
3479 }
3480 }
3483 }
3485 /**
3486 * Check whether the user has exceeded the bounce threshold
3487 *
3488 * @param stdClass $user A {@link $USER} object
3489 * @return bool true => User has exceeded bounce threshold
3490 */
3496 }
3499 // No real (DB) user, nothing to do here.
3501 }
3503 // Set sensible defaults.
3506 }
3509 }
3512 if ($bounce = $DB->get_record('user_preferences', array ('userid' => $user->id, 'name' => 'email_bounce_count'))) {
3514 }
3515 if ($send = $DB->get_record('user_preferences', array('userid' => $user->id, 'name' => 'email_send_count'))) {
3517 }
3519 }
3521 /**
3522 * Used to increment or reset email sent count
3523 *
3524 * @param stdClass $user object containing an id
3525 * @param bool $reset will reset the count to 0
3526 * @return void
3527 */
3532 // No real (DB) user, nothing to do here.
3534 }
3536 if ($pref = $DB->get_record('user_preferences', array('userid' => $user->id, 'name' => 'email_send_count'))) {
3540 // If it's not there and we're resetting, don't bother. Make a new one.
3546 }
3547 }
3549 /**
3550 * Increment or reset user's email bounce count
3551 *
3552 * @param stdClass $user object containing an id
3553 * @param bool $reset will reset the count to 0
3554 */
3558 if ($pref = $DB->get_record('user_preferences', array('userid' => $user->id, 'name' => 'email_bounce_count'))) {
3562 // If it's not there and we're resetting, don't bother. Make a new one.
3568 }
3569 }
3571 /**
3572 * Determines if the logged in user is currently moving an activity
3573 *
3574 * @param int $courseid The id of the course being tested
3575 * @return bool
3576 */
3582 }
3584 }
3586 /**
3587 * Returns a persons full name
3588 *
3589 * Given an object containing all of the users name values, this function returns a string with the full name of the person.
3590 * The result may depend on system settings or language. 'override' will force the alternativefullnameformat to be used. In
3591 * English, fullname as well as alternativefullnameformat is set to 'firstname lastname' by default. But you could have
3592 * fullname set to 'firstname lastname' and alternativefullnameformat set to 'firstname middlename alternatename lastname'.
3593 *
3594 * @param stdClass $user A {@link $USER} object to get full name of.
3595 * @param bool $override If true then the alternativefullnameformat format rather than fullnamedisplay format will be used.
3596 * @return string
3597 */
3599 // Note: We do not intend to deprecate this function any time soon as it is too widely used at this time.
3600 // Uses of it should be updated to use the new API and pass updated arguments.
3602 // Return an empty string if there is no user.
3605 }
3609 }
3611 /**
3612 * Reduces lines of duplicated code for getting user name fields.
3613 *
3614 * See also {@link user_picture::unalias()}
3615 *
3616 * @param object $addtoobject Object to add user name fields to.
3617 * @param object $secondobject Object that contains user name field information.
3618 * @param string $prefix prefix to be added to all fields (including $additionalfields) e.g. authorfirstname.
3619 * @param array $additionalfields Additional fields to be matched with data in the second object.
3620 * The key can be set to the user table field name.
3621 * @return object User name fields.
3622 */
3623 function username_load_fields_from_object($addtoobject, $secondobject, $prefix = null, $additionalfields = null) {
3627 }
3629 // Additional fields can specify their own 'alias' such as 'id' => 'userid'. This checks to see if
3630 // the key is a number and then sets the key to the array value.
3637 }
3638 }
3640 }
3642 // Important that we have all of the user name fields present in the object that we are sending back.
3646 }
3647 }
3649 }
3651 /**
3652 * Returns an array of values in order of occurance in a provided string.
3653 * The key in the result is the character postion in the string.
3654 *
3655 * @param array $values Values to be found in the string format
3656 * @param string $stringformat The string which may contain values being searched for.
3657 * @return array An array of values in order according to placement in the string format.
3658 */
3663 // Using preg_match as strpos() may match values that are similar e.g. firstname and firstnamephonetic.
3666 // Replace the value with something more unique to ensure we get the right position when using strpos().
3670 }
3671 }
3674 }
3676 /**
3677 * Returns whether a given authentication plugin exists.
3678 *
3679 * @param string $auth Form of authentication to check for. Defaults to the global setting in {@link $CFG}.
3680 * @return boolean Whether the plugin is available.
3681 */
3687 }
3689 }
3691 /**
3692 * Checks if a given plugin is in the list of enabled authentication plugins.
3693 *
3694 * @param string $auth Authentication plugin.
3695 * @return boolean Whether the plugin is enabled.
3696 */
3700 }
3705 }
3707 /**
3708 * Returns an authentication plugin instance.
3709 *
3710 * @param string $auth name of authentication plugin
3711 * @return auth_plugin_base An instance of the required authentication plugin.
3712 */
3716 // Check the plugin exists first.
3719 }
3721 // Return auth plugin instance.
3725 }
3727 /**
3728 * Returns array of active auth plugins.
3729 *
3730 * @param bool $fix fix $CFG->auth if needed. Only set if logged in as admin.
3731 * @return array
3732 */
3742 }
3748 // The manual and nologin plugin never need to be stored.
3753 }
3754 }
3756 // Ideally only explicit interaction from a human admin should trigger a
3757 // change in auth config, see MDL-70424 for details.
3763 }
3764 }
3767 }
3769 /**
3770 * Returns true if an internal authentication method is being used.
3771 * if method not specified then, global default is assumed
3772 *
3773 * @param string $auth Form of authentication required
3774 * @return bool
3775 */
3777 // Throws error if bad $auth.
3780 }
3782 /**
3783 * Returns true if the user is a 'restored' one.
3784 *
3785 * Used in the login process to inform the user and allow him/her to reset the password
3786 *
3787 * @param string $username username to be checked
3788 * @return bool
3789 */
3793 return $DB->record_exists('user', array('username' => $username, 'mnethostid' => $CFG->mnet_localhost_id, 'password' => 'restored'));
3794 }
3796 /**
3797 * Returns an array of user fields
3798 *
3799 * @return array User field/column names
3800 */
3809 }
3811 /**
3812 * Returns the string of the language for the new user.
3813 *
3814 * @return string language for the new user
3815 */
3818 return (!empty($CFG->autolangusercreation) && !empty($SESSION->lang)) ? $SESSION->lang : $CFG->lang;
3819 }
3821 /**
3822 * Creates a bare-bones user record
3823 *
3824 * @todo Outline auth types and provide code example
3825 *
3826 * @param string $username New user's username to add to record
3827 * @param string $password New user's password to add to record
3828 * @param string $auth Form of authentication required
3829 * @return stdClass A complete user object
3830 */
3836 // Just in case check text case.
3847 }
3848 }
3849 }
3854 }
3855 }
3860 // Fix for MDL-8480
3861 // user CFG lang for user if $newuser->lang is empty
3862 // or $user->lang is not an installed language.
3865 }
3874 // Save user profile data.
3880 }
3881 // Set the password.
3884 // Trigger event.
3888 }
3890 /**
3891 * Will update a local user record from an external source (MNET users can not be updated using this method!).
3892 *
3893 * @param string $username user's username to update the record
3894 * @return stdClass A complete user object
3895 */
3898 // Just in case check text case.
3901 $oldinfo = $DB->get_record('user', array('username' => $username, 'mnethostid' => $CFG->mnet_localhost_id), '*', MUST_EXIST);
3903 }
3905 /**
3906 * Will update a local user record from an external source (MNET users can not be updated using this method!).
3907 *
3908 * @param int $id user id
3909 * @return stdClass A complete user object
3910 */
3930 }
3933 // Unknown or must not be changed.
3935 }
3936 if (empty($userauth->config->{'field_updatelocal_' . $key}) || empty($userauth->config->{'field_lock_' . $key})) {
3938 }
3942 // MDL-4207 Don't overwrite modified user profile values with
3943 // empty LDAP values when 'unlocked if empty' is set. The purpose
3944 // of the setting 'unlocked if empty' is to allow the user to fill
3945 // in a value for the selected field _if LDAP is giving
3946 // nothing_ for this field. Thus it makes sense to let this value
3947 // stand in until LDAP is giving a value for this field.
3952 }
3953 }
3954 }
3955 }
3961 // Save user profile data.
3964 // Trigger event.
3966 }
3967 }
3970 }
3972 /**
3973 * Will truncate userinfo as it comes from auth_get_userinfo (from external auth) which may have large fields.
3974 *
3975 * @param array $info Array of user properties to truncate if needed
3976 * @return array The now truncated information that was passed in
3977 */
3979 // Define the limits.
3993 );
3995 // Apply where needed.
3999 }
4000 }
4003 }
4005 /**
4006 * Marks user deleted in internal user database and notifies the auth plugin.
4007 * Also unenrols user from all roles and does other cleanup.
4008 *
4009 * Any plugin that needs to purge user data should register the 'user_deleted' event.
4010 *
4011 * @param stdClass $user full user object before delete
4012 * @return boolean success
4013 * @throws coding_exception if invalid $user parameter detected
4014 */
4022 // Make sure nobody sends bogus record type as parameter.
4025 }
4027 // Better not trust the parameter and fetch the latest info this will be very expensive anyway.
4031 }
4033 // There must be always exactly one guest record, originally the guest account was identified by username only,
4034 // now we use $CFG->siteguest for performance reasons.
4038 }
4040 // Admin can be theoretically from different auth plugin, but we want to prevent deletion of internal accoutns only,
4041 // if anything goes wrong ppl may force somebody to be admin via config.php setting $CFG->siteadmins.
4045 }
4047 // Allow plugins to use this user object before we completely delete it.
4052 }
4053 }
4054 }
4056 // Keep user record before updating it, as we have to pass this to user_deleted event.
4059 // Keep a copy of user context, we need it for event.
4062 // Remove user from communication rooms immediately.
4069 );
4072 }
4073 }
4075 // Delete all grades - backup is kept in grade_grades_history table.
4078 // TODO: remove from cohorts using standard API here.
4080 // Remove user tags.
4083 // Unconditionally unenrol from all courses.
4086 // Unenrol from all roles in all contexts.
4087 // This might be slow but it is really needed - modules might do some extra cleanup!
4090 // Notify the competency subsystem.
4093 // Now do a brute force cleanup.
4095 // Delete all user events and subscription events.
4096 $DB->delete_records_select('event', 'userid = :userid AND subscriptionid IS NOT NULL', ['userid' => $user->id]);
4098 // Now, delete all calendar subscription from the user.
4101 // Remove from all cohorts.
4104 // Remove from all groups.
4107 // Brute force unenrol from all courses.
4110 // Purge user preferences.
4113 // Purge user extra profile info.
4116 // Purge log of previous password hashes.
4119 // Last course access not necessary either.
4121 // Remove all user tokens.
4124 // Unauthorise the user for all services.
4127 // Remove users private keys.
4130 // Remove users customised pages.
4133 // Remove user's oauth2 refresh tokens, if present.
4136 // Delete user from $SESSION->bulk_users.
4139 }
4141 // Force logout - may fail if file based sessions used, sorry.
4144 // Generate username from email address, or a fake email.
4145 $delemail = !empty($user->email) ? $user->email : $user->username . '.' . $user->id . '@unknownemail.invalid';
4150 // Max username length is 100 chars. Select up to limit - (length of current time + 1 [period character]) from users email.
4154 // Workaround for bulk deletes of users with the same email address.
4155 while ($DB->record_exists('user', array('username' => $delname))) { // No need to use mnethostid here.
4157 }
4159 // Mark internal user record as "deleted".
4164 $updateuser->email = md5($user->username);// Store hash of username, useful importing/restoring users.
4169 // Don't trigger update event, as user is being deleted.
4172 // Delete all content associated with the user context, but not the context itself.
4175 // Delete any search data.
4178 // Any plugin that needs to cleanup should register this event.
4179 // Trigger event.
4191 )
4192 )
4193 );
4197 // We will update the user's timemodified, as it will be passed to the user_deleted event, which
4198 // should know about this updated property persisted to the user's table.
4201 // Notify auth plugin - do not block the delete even when plugin fails.
4206 }
4208 /**
4209 * Retrieve the guest user object.
4210 *
4211 * @return stdClass A {@link $USER} object
4212 */
4220 }
4223 }
4225 /**
4226 * Authenticates a user against the chosen authentication mechanism
4227 *
4228 * Given a username and password, this function looks them
4229 * up using the currently selected authentication mechanism,
4230 * and if the authentication is successful, it returns a
4231 * valid $user object from the 'user' table.
4232 *
4233 * Uses auth_ functions from the currently active auth module
4234 *
4235 * After authenticate_user_login() returns success, you will need to
4236 * log that the user has logged in, and call complete_user_login() to set
4237 * the session up.
4238 *
4239 * Note: this function works only with non-mnet accounts!
4240 *
4241 * @param string $username User's username (or also email if $CFG->authloginviaemail enabled)
4242 * @param string $password User's password
4243 * @param bool $ignorelockout useful when guessing is prevented by other mechanism such as captcha or SSO
4244 * @param int $failurereason login failure reason, can be used in renderers (it may disclose if account exists)
4245 * @param mixed logintoken If this is set to a string it is validated against the login token for the session.
4246 * @return stdClass|false A {@link $USER} object or false if error
4247 */
4248 function authenticate_user_login($username, $password, $ignorelockout=false, &$failurereason=null, $logintoken=false) {
4253 // we have found the user
4261 // Use email for login only if unique.
4265 }
4267 }
4268 }
4270 // Make sure this request came from the login form.
4274 // Trigger login failed event (specifying the ID of the found user, if available).
4280 ],
4283 error_log('[client '.getremoteaddr()."] $CFG->wwwroot Invalid Login Token: $username ".$_SERVER['HTTP_USER_AGENT']);
4285 }
4290 // Use manual if auth not set.
4296 }
4301 // Trigger login failed event.
4305 error_log('[client '.getremoteaddr()."] $CFG->wwwroot Suspended Login: $username ".$_SERVER['HTTP_USER_AGENT']);
4307 }
4309 // Legacy way to suspend user.
4312 // Trigger login failed event.
4316 error_log('[client '.getremoteaddr()."] $CFG->wwwroot Disabled Login: $username ".$_SERVER['HTTP_USER_AGENT']);
4318 }
4322 // Check if there's a deleted record (cheaply), this should not happen because we mangle usernames in delete_user().
4323 if ($DB->get_field('user', 'id', array('username' => $username, 'mnethostid' => $CFG->mnet_localhost_id, 'deleted' => 1))) {
4326 // Trigger login failed event.
4330 error_log('[client '.getremoteaddr()."] $CFG->wwwroot Deleted Login: $username ".$_SERVER['HTTP_USER_AGENT']);
4332 }
4334 // User does not exist.
4338 }
4341 // Some other mechanism protects against brute force password guessing, for example login form might include reCAPTCHA
4342 // or this function is called from a SSO script.
4344 // Verify login lockout after other ways that may prevent user login.
4348 // Trigger login failed event.
4353 error_log('[client '.getremoteaddr()."] $CFG->wwwroot Login lockout: $username ".$_SERVER['HTTP_USER_AGENT']);
4355 }
4357 // We can not lockout non-existing accounts.
4358 }
4363 // On auth fail fall through to the next plugin.
4366 }
4368 // Before performing login actions, check if user still passes password policy, if admin setting is enabled.
4373 // First trigger event for failure.
4377 // If able to change password, set flag and move on.
4379 // Check if we are on internal change password page, or service is external, don't show notification.
4381 if (!($PAGE->has_set_url() && $internalchangeurl->compare($PAGE->url)) && $authplugin->is_internal()) {
4383 }
4386 // Else force a reset if possible.
4391 // If support page is set, add link for help.
4396 }
4398 // If no change or reset is possible, add a notification for user.
4400 }
4401 }
4402 }
4404 // Successful authentication.
4406 // User already exists in database.
4408 // For some reason auth isn't set yet.
4411 }
4413 // If the existing hash is using an out-of-date algorithm (or the legacy md5 algorithm), then we should update to
4414 // the current hash algorithm while we have access to the user's password.
4418 // Update user record from external DB.
4420 }
4422 // The user is authenticated but user creation may be disabled.
4426 // Trigger login failed event.
4431 error_log('[client '.getremoteaddr()."] $CFG->wwwroot Unknown user, can not create new accounts: $username ".
4436 }
4437 }
4444 }
4448 // Trigger login failed event.
4453 }
4456 // Just in case some auth plugin suspended account.
4458 // Trigger login failed event.
4462 error_log('[client '.getremoteaddr()."] $CFG->wwwroot Suspended Login: $username ".$_SERVER['HTTP_USER_AGENT']);
4464 }
4469 }
4471 // Failed if all the plugins have failed.
4473 error_log('[client '.getremoteaddr()."] $CFG->wwwroot Failed Login: $username ".$_SERVER['HTTP_USER_AGENT']);
4474 }
4479 // Trigger login failed event.
4485 // Trigger login failed event.
4489 }
4492 }
4494 /**
4495 * Call to complete the user login process after authenticate_user_login()
4496 * has succeeded. It will setup the $USER variable and other required bits
4497 * and pieces.
4498 *
4499 * NOTE:
4500 * - It will NOT log anything -- up to the caller to decide what to log.
4501 * - this function does not set any cookies any more!
4502 *
4503 * @param stdClass $user
4504 * @param array $extrauserinfo
4505 * @return stdClass A {@link $USER} object - BC only, do not use
4506 */
4512 // Reload preferences from DB.
4516 // Update login times.
4519 // Extra session prefs init.
4522 // Trigger login event.
4530 ]
4531 )
4532 );
4535 // Check if the user is using a new browser or session (a new MoodleSession cookie is set in that case).
4536 // If the user is accessing from the same IP, ignore everything (most of the time will be a new session in the same browser).
4537 // Skip Web Service requests, CLI scripts, AJAX scripts, and request from the mobile app itself.
4542 if (!empty($SESSION->isnewsessioncookie) && $isnewip && $isvalidenv && !\core_useragent::is_moodle_app()) {
4548 // Schedule adhoc task to sent a login notification to the user.
4554 }
4556 // Queue migrating the messaging data, if we need to.
4558 // Check if there are any legacy messages to migrate.
4563 }
4564 }
4567 // No need to continue when user is THE guest.
4569 }
4572 // We can redirect to password change URL only in browser.
4574 }
4576 // Select password change url.
4579 // Check whether the user should be changing password.
4588 }
4591 }
4592 }
4594 }
4596 /**
4597 * Check a password hash to see if it was hashed using the legacy hash algorithm (md5).
4598 *
4599 * @param string $password String to check.
4600 * @return boolean True if the $password matches the format of an md5 sum.
4601 */
4604 }
4606 /**
4607 * Compare password against hash stored in user object to determine if it is valid.
4608 *
4609 * If necessary it also updates the stored hash to the current format.
4610 *
4611 * @param stdClass $user (Password property may be updated).
4612 * @param string $password Plain text password.
4613 * @return bool True if password is valid.
4614 */
4619 // Internal password is not used at all, it can not validate.
4621 }
4623 // If hash isn't a legacy (md5) hash, validate using the library function.
4626 }
4628 // Otherwise we need to check for a legacy (md5) hash instead. If the hash
4629 // is valid we can then update it to the new algorithm.
4638 // Note: we are intentionally using the addslashes() here because we
4639 // need to accept old password hashes of passwords with magic quotes.
4646 if ($user->password === md5($password.$CFG->$alt) or $user->password === md5(addslashes($password).$CFG->$alt)) {
4649 }
4650 }
4651 }
4652 }
4655 // If the password matches the existing md5 hash, update to the
4656 // current hash algorithm while we have access to the user's password.
4658 }
4661 }
4663 /**
4664 * Calculate hash for a plain text password.
4665 *
4666 * @param string $password Plain text password to be hashed.
4667 * @param bool $fasthash If true, use a low cost factor when generating the hash
4668 * This is much faster to generate but makes the hash
4669 * less secure. It is used when lots of hashes need to
4670 * be generated quickly.
4671 * @return string The hashed password.
4672 *
4673 * @throws moodle_exception If a problem occurs while generating the hash.
4674 */
4678 // Set the cost factor to 4 for fast hashing, otherwise use default cost.
4685 }
4688 }
4690 /**
4691 * Update password hash in user object (if necessary).
4692 *
4693 * The password is updated if:
4694 * 1. The password has changed (the hash of $user->password is different
4695 * to the hash of $password).
4696 * 2. The existing hash is using an out-of-date algorithm (or the legacy
4697 * md5 algorithm).
4698 *
4699 * Updating the password will modify the $user object and the database
4700 * record to use the current hashing algorithm.
4701 * It will remove Web Services user tokens too.
4702 *
4703 * @param stdClass $user User object (password property may be updated).
4704 * @param string $password Plain text password.
4705 * @param bool $fasthash If true, use a low cost factor when generating the hash
4706 * This is much faster to generate but makes the hash
4707 * less secure. It is used when lots of hashes need to
4708 * be generated quickly.
4709 * @return bool Always returns true.
4710 */
4714 // Figure out what the hashed password should be.
4717 DEBUG_DEVELOPER);
4719 }
4725 }
4730 // Password is not cached, update it if not set to AUTH_PASSWORD_NOT_CACHED.
4734 // If verification fails then it means the password has changed.
4738 // While creating new user, password in unset in $user object, to avoid
4739 // saving it with user_create()
4741 }
4747 // Trigger event.
4751 // Remove WS user tokens.
4755 }
4756 }
4759 }
4761 /**
4762 * Get a complete user record, which includes all the info in the user record.
4763 *
4764 * Intended for setting as $USER session variable
4765 *
4766 * @param string $field The user field to be checked for a given value.
4767 * @param string $value The value to match for $field.
4768 * @param int $mnethostid
4769 * @param bool $throwexception If true, it will throw an exception when there's no record found or when there are multiple records
4770 * found. Otherwise, it will just return false.
4771 * @return mixed False, or A {@link $USER} object.
4772 */
4778 }
4780 // Change the field to lowercase.
4783 // List of case insensitive fields.
4786 // Username input is forced to lowercase and should be case sensitive.
4789 }
4791 // Build the WHERE clause for an SQL query.
4794 // Do a case-insensitive query, if necessary. These are generally very expensive. The performance can be improved on some DBs
4795 // such as MySQL by pre-filtering users with accent-insensitive subselect.
4803 }
4806 // If we are loading user data based on anything other than id,
4807 // we must also restrict our search based on mnet host.
4810 // If empty, we restrict to local users.
4812 }
4813 }
4817 }
4821 }
4823 // Get all the basic user data.
4825 // Make sure that there's only a single record that matches our query.
4826 // For example, when fetching by email, multiple records might match the query as there's no guarantee that email addresses
4827 // are unique. Therefore we can't reliably tell whether the user profile data that we're fetching is the correct one.
4833 // Return false when no records or multiple records were found.
4835 }
4836 }
4838 // Get various settings and preferences.
4840 // Preload preference cache.
4843 // Load course enrolment related stuff.
4849 }
4850 }
4852 // Add cohort theme.
4857 }
4858 }
4860 // Add the custom profile fields to the user record.
4865 }
4867 // Rewrite some variables if necessary.
4869 // No need to cart all of it around.
4871 }
4873 // Guest language always same as site.
4875 // Name always in current language.
4878 }
4881 }
4883 /**
4884 * Validate a password against the configured password policy
4885 *
4886 * @param string $password the password to be checked against the password policy
4887 * @param string $errmsg the error message to display when the password doesn't comply with the policy.
4888 * @param stdClass $user the user object to perform password validation against. Defaults to null if not provided.
4889 *
4890 * @return bool true if the password is valid according to the policy. false otherwise.
4891 */
4898 $errmsg .= '<div>'. get_string('errorminpasswordlength', 'auth', $CFG->minpasswordlength) .'</div>';
4899 }
4901 $errmsg .= '<div>'. get_string('errorminpassworddigits', 'auth', $CFG->minpassworddigits) .'</div>';
4902 }
4904 $errmsg .= '<div>'. get_string('errorminpasswordlower', 'auth', $CFG->minpasswordlower) .'</div>';
4905 }
4907 $errmsg .= '<div>'. get_string('errorminpasswordupper', 'auth', $CFG->minpasswordupper) .'</div>';
4908 }
4909 if (preg_match_all('/[^[:upper:][:lower:][:digit:]]/u', $password, $matches) < $CFG->minpasswordnonalphanum) {
4910 $errmsg .= '<div>'. get_string('errorminpasswordnonalphanum', 'auth', $CFG->minpasswordnonalphanum) .'</div>';
4911 }
4913 $errmsg .= '<div>'. get_string('errormaxconsecutiveidentchars', 'auth', $CFG->maxconsecutiveidentchars) .'</div>';
4914 }
4916 // Fire any additional password policy functions from plugins.
4917 // Plugin functions should output an error message string or empty string for success.
4924 }
4925 }
4926 }
4927 }
4933 }
4934 }
4937 /**
4938 * When logging in, this function is run to set certain preferences for the current SESSION.
4939 */
4948 }
4951 /**
4952 * Delete a course, including all related data from the database, and any associated files.
4953 *
4954 * @param mixed $courseorid The id of the course or course object to delete.
4955 * @param bool $showfeedback Whether to display notifications of each action the function performs.
4956 * @return bool true if all the removals succeeded. false if there were any failures. If this
4957 * method returns false, some of the removals will probably have succeeded, and others
4958 * failed, but you have no way of knowing which.
4959 */
4970 }
4971 }
4974 // Frontpage course can not be deleted!!
4977 }
4979 // Allow plugins to use this course before we completely delete it.
4984 }
4985 }
4986 }
4988 // Tell the search manager we are about to delete a course. This prevents us sending updates
4989 // for each individual context being deleted.
4995 // Make the course completely empty.
4998 // Delete the course and related context instance.
5001 // Communication provider delete associated information.
5006 );
5008 // Update communication room membership of enrolled users.
5015 }
5024 // Reset all course related caches here.
5027 // Tell search that we have deleted the course so it can delete course data from the index.
5030 // Trigger a course deleted event.
5038 )
5039 ));
5044 }
5046 /**
5047 * Clear a course out completely, deleting all content but don't delete the course itself.
5048 *
5049 * This function does not verify any permissions.
5050 *
5051 * Please note this function also deletes all user enrolments,
5052 * enrolment instances and role assignments by default.
5053 *
5054 * $options:
5055 * - 'keep_roles_and_enrolments' - false by default
5056 * - 'keep_groups_and_groupings' - false by default
5057 *
5058 * @param int $courseid The id of the course that is being deleted
5059 * @param bool $showfeedback Whether to display notifications of each action the function performs.
5060 * @param array $options extra options
5061 * @return bool true if all the removals succeeded. false if there were any failures. If this
5062 * method returns false, some of the removals will probably have succeeded, and others
5063 * failed, but you have no way of knowing which.
5064 */
5077 // Handle course badges.
5080 // NOTE: these concatenated strings are suboptimal, but it is just extra info...
5083 // Some crazy wishlist of stuff we should skip during purging of course content.
5090 // Delete course completion information, this has to be done before grades and enrols.
5094 echo $OUTPUT->notification($strdeleted.get_string('completion', 'completion'), 'notifysuccess');
5095 }
5097 // Remove all data from gradebook - this needs to be done before course modules
5098 // because while deleting this information, the system may need to reference
5099 // the course modules that own the grades.
5103 // Delete course blocks in any all child contexts,
5104 // they may depend on modules so delete them first.
5108 }
5112 echo $OUTPUT->notification($strdeleted.get_string('type_block_plural', 'plugin'), 'notifysuccess');
5113 }
5118 // Get the list of all modules that are properly installed.
5121 // Delete every instance of every module,
5122 // this has to be done before deleting of course level stuff.
5127 }
5131 LEFT JOIN {course_modules} cm ON cm.instance = m.id AND cm.module = :moduleid
5142 // Delete activity context questions and question categories.
5144 // Notify the competency subsystem.
5147 // Delete all tag instances associated with the instance of this module.
5150 }
5152 // This purges all module data in related tables, extra user prefs, settings, etc.
5155 // NOTE: we should not allow installation of modules with missing delete support!
5156 debugging("Defective module '$modname' detected when deleting course contents: missing function $moddelete()!");
5158 }
5161 // Delete cm and its context - orphaned contexts are purged in cron in case of any race condition.
5167 }
5168 }
5169 }
5172 }
5174 // Ooops, this module is not properly installed, force-delete it in the next block.
5175 }
5176 }
5178 // We have tried to delete everything the nice way - now let's force-delete any remaining module data.
5180 // Delete completion defaults.
5183 // Remove all data from availability and completion tables that is associated
5184 // with course-modules belonging to this course. Note this is done even if the
5185 // features are not enabled now, in case they were enabled previously.
5191 // Remove course-module data that has not been removed in modules' _delete_instance callbacks.
5199 // Ignore weird or missing table problems.
5200 }
5201 }
5205 }
5208 echo $OUTPUT->notification($strdeleted.get_string('type_mod_plural', 'plugin'), 'notifysuccess');
5209 }
5211 // Delete questions and question categories.
5215 }
5217 // Delete content bank contents.
5221 echo $OUTPUT->notification($strdeleted.get_string('contentbank', 'contentbank'), 'notifysuccess');
5222 }
5224 // Make sure there are no subcontexts left - all valid blocks and modules should be already gone.
5228 }
5231 // Remove roles and enrolments by default.
5233 // This hack is used in restore when deleting contents of existing course.
5234 // During restore, we should remove only enrolment related data that the user performing the restore has a
5235 // permission to remove.
5240 echo $OUTPUT->notification($strdeleted.get_string('type_enrol_plural', 'plugin'), 'notifysuccess');
5241 }
5242 }
5244 // Delete any groups, removing members and grouping/course links first.
5248 }
5250 // Filters be gone!
5253 // Notes, you shall not pass!
5256 // Die comments!
5259 // Ratings are history too.
5265 // Delete course tags.
5268 // Give the course format the opportunity to remove its obscure data.
5272 // Notify the competency subsystem.
5275 // Delete calendar events.
5279 // Delete all related records in other core tables that may have a courseid
5280 // This array stores the tables that need to be cleared, as
5281 // table_name => column_name that contains the course id.
5285 );
5288 }
5290 // Delete all course backup files.
5293 // Cleanup course record - remove links to deleted stuff.
5301 }
5304 // Delete course sections.
5307 // Delete legacy, section and any other course files.
5310 // Delete all remaining stuff linked to context such as files, comments, ratings, etc.
5311 if (empty($options['keep_roles_and_enrolments']) and empty($options['keep_groups_and_groupings'])) {
5312 // Easy, do not delete the context itself...
5315 // Hack alert!!!!
5316 // We can not drop all context stuff because it would bork enrolments and roles,
5317 // there might be also files used by enrol plugins...
5318 }
5320 // Delete legacy files - just in case some files are still left there after conversion to new file api,
5321 // also some non-standard unsupported plugins may try to store something there.
5324 // Delete from cache to reduce the cache size especially makes sense in case of bulk course deletion.
5327 // Trigger a course content deleted event.
5334 ));
5339 }
5341 /**
5342 * Change dates in module - used from course reset.
5343 *
5344 * @param string $modname forum, assignment, etc
5345 * @param array $fields array of date fields from mod table
5346 * @param int $timeshift time difference
5347 * @param int $courseid
5348 * @param int $modid (Optional) passed if specific mod instance in course needs to be updated.
5349 * @return bool success
5350 */
5364 }
5366 }
5369 }
5371 /**
5372 * This function will empty a course of user data.
5373 * It will retain the activities and the structure of the course.
5374 *
5375 * @param object $data an object containing all the settings including courseid (without magic quotes)
5376 * @return array status array of array component, item, error
5377 */
5393 )
5394 );
5398 // Calculate the time shift of dates.
5400 // Time part of course startdate should be zero.
5404 }
5406 // Result array: component, item, error.
5409 // Start the resetting.
5412 // Move the course start time.
5414 // Change course start data.
5415 $DB->set_field('course', 'startdate', $data->reset_start_date, array('id' => $data->courseid));
5416 // Update all course and group events - do not move activity events.
5418 SET timestart = timestart + ?
5422 // Update any date activity restrictions.
5425 }
5427 // Update completion expected dates.
5433 $DB->set_field('course_modules', 'completionexpected', $cm->completionexpected + $data->timeshift,
5436 }
5437 }
5439 // Clear course cache if changes made.
5442 }
5444 // Update course date completion criteria.
5446 }
5448 $status[] = array('component' => $componentstr, 'item' => get_string('datechanged'), 'error' => false);
5449 }
5452 // If the user set a end date value respect it.
5455 // If there is a time shift apply it to the end date as well.
5458 }
5462 $status[] = array('component' => $componentstr, 'item' => get_string('deleteevents', 'calendar'), 'error' => false);
5463 }
5468 $status[] = array('component' => $componentstr, 'item' => get_string('deletenotes', 'notes'), 'error' => false);
5469 }
5474 $status[] = array('component' => $componentstr, 'item' => get_string('deleteblogassociations', 'blog'), 'error' => false);
5475 }
5478 // Delete course and activity completion information.
5484 }
5490 }
5498 }
5500 $status[] = array('component' => $componentstr, 'item' => get_string('deletecourseoverrides', 'role'), 'error' => false);
5501 }
5507 }
5508 $status[] = array('component' => $componentstr, 'item' => get_string('deletelocalroles', 'role'), 'error' => false);
5509 }
5511 // First unenrol users - this cleans some of related user data too, such as forum subscriptions, tracking, etc.
5520 }
5521 }
5527 FROM {user_enrolments} ue
5528 JOIN {enrol} e ON (e.id = ue.enrolid AND e.courseid = :courseid)
5529 JOIN {context} c ON (c.contextlevel = :courselevel AND c.instanceid = e.courseid)
5530 JOIN {role_assignments} ra ON (ra.contextid = c.id AND ra.roleid = :roleid AND ra.userid = ue.userid)";
5531 $params = array('courseid' => $data->courseid, 'roleid' => $withroleid, 'courselevel' => CONTEXT_COURSE);
5534 // Without any role assigned at course context.
5536 FROM {user_enrolments} ue
5537 JOIN {enrol} e ON (e.id = ue.enrolid AND e.courseid = :courseid)
5538 JOIN {context} c ON (c.contextlevel = :courselevel AND c.instanceid = e.courseid)
5539 LEFT JOIN {role_assignments} ra ON (ra.contextid = c.id AND ra.userid = ue.userid)
5542 }
5548 }
5553 }
5556 // If we don't remove all roles and user has more than one role, just remove this role.
5561 // If we remove all roles or user has only one role, unenrol user from course.
5563 }
5565 }
5567 }
5568 }
5574 );
5575 }
5579 // Remove all group members.
5582 $status[] = array('component' => $componentstr, 'item' => get_string('removegroupsmembers', 'group'), 'error' => false);
5583 }
5585 // Remove all groups.
5588 $status[] = array('component' => $componentstr, 'item' => get_string('deleteallgroups', 'group'), 'error' => false);
5589 }
5591 // Remove all grouping members.
5594 $status[] = array('component' => $componentstr, 'item' => get_string('removegroupingsmembers', 'group'), 'error' => false);
5595 }
5597 // Remove all groupings.
5600 $status[] = array('component' => $componentstr, 'item' => get_string('deleteallgroupings', 'group'), 'error' => false);
5601 }
5603 // Look in every instance of every module for data to delete.
5613 }
5621 }
5624 }
5627 }
5628 // Update calendar events for all modules.
5630 }
5631 // Purge the course cache after resetting course start date. MDL-76936
5634 }
5635 }
5637 // Mention unsupported mods.
5644 );
5645 }
5646 }
5649 // Reset gradebook,.
5654 $status[] = array('component' => $componentstr, 'item' => get_string('removeallcourseitems', 'grades'), 'error' => false);
5658 $status[] = array('component' => $componentstr, 'item' => get_string('removeallcoursegrades', 'grades'), 'error' => false);
5659 }
5660 // Reset comments.
5664 }
5670 }
5672 /**
5673 * Generate an email processing address.
5674 *
5675 * @param int $modid
5676 * @param string $modargs
5677 * @return string Returns email processing address
5678 */
5684 }
5686 /**
5687 * ?
5688 *
5689 * @todo Finish documenting this function
5690 *
5691 * @param string $modargs
5692 * @param string $body Currently unused
5693 */
5697 // The first char should be an unencoded letter. We'll take this as an action.
5702 // Check the half md5 of their email.
5706 }
5707 // Else maybe they've already changed it?
5708 }
5709 }
5711 // Maybe more later?
5712 }
5713 }
5715 // CORRESPONDENCE.
5717 /**
5718 * Get mailer instance, enable buffering, flush buffer or disable buffering.
5719 *
5720 * @param string $action 'get', 'buffer', 'close' or 'flush'
5721 * @return moodle_phpmailer|null mailer instance if 'get' used or nothing
5722 */
5726 /** @var moodle_phpmailer $mailer */
5732 }
5740 // Reset the mailer.
5758 }
5762 }
5770 // Use Qmail system.
5774 // Use PHP mail() = sendmail.
5778 // Use SMTP directly.
5782 }
5783 // Specify main and backup servers.
5785 // Specify secure connection protocol.
5787 // Use previous keepalive.
5791 // Use SMTP authentication.
5795 }
5796 }
5799 }
5803 // Keep smtp session open after sending.
5810 }
5811 }
5813 }
5815 // Close smtp session, but continue buffering.
5820 }
5824 }
5825 }
5827 }
5829 // Close smtp session, do not buffer anymore.
5834 }
5837 }
5838 }
5840 /**
5841 * A helper function to test for email diversion
5842 *
5843 * @param string $email
5844 * @return bool Returns true if the email should be diverted
5845 */
5851 }
5855 }
5857 $patterns = array_map('trim', preg_split("/[\s,]+/", $CFG->divertallemailsexcept, -1, PREG_SPLIT_NO_EMPTY));
5861 }
5862 }
5865 }
5867 /**
5868 * Generate a unique email Message-ID using the moodle domain and install path
5869 *
5870 * @param string $localpart An optional unique message id prefix.
5871 * @return string The formatted ID ready for appending to the email headers.
5872 */
5879 // If multiple moodles are on the same domain we want to tell them
5880 // apart so we add the install path to the local part. This means
5881 // that the id local part should never contain a / character so
5882 // we can correctly parse the id to reassemble the wwwroot.
5885 }
5889 }
5891 // Because we may have an option /installpath suffix to the local part
5892 // of the id we need to escape any / chars which are in the $localpart.
5896 }
5898 /**
5899 * Send an email to a specified user
5900 *
5901 * @param stdClass $user A {@link $USER} object
5902 * @param stdClass $from A {@link $USER} object
5903 * @param string $subject plain text subject line of the email
5904 * @param string $messagetext plain text version of the message
5905 * @param string $messagehtml complete html version of the message (optional)
5906 * @param string $attachment a file on the filesystem, either relative to $CFG->dataroot or a full path to a file in one of
5907 * the following directories: $CFG->cachedir, $CFG->dataroot, $CFG->dirroot, $CFG->localcachedir, $CFG->tempdir
5908 * @param string $attachname the name of the file (extension indicates MIME)
5909 * @param bool $usetrueaddress determines whether $from email address should
5910 * be sent out. Will be overruled by user profile setting for maildisplay
5911 * @param string $replyto Email address to reply to
5912 * @param string $replytoname Name of reply to recipient
5913 * @param int $wordwrapwidth custom word wrap width, default 79
5914 * @return bool Returns true if mail was sent OK and false if there was an error.
5915 */
5916 function email_to_user($user, $from, $subject, $messagetext, $messagehtml = '', $attachment = '', $attachname = '',
5924 }
5929 }
5934 }
5937 // Fake email sending in behat.
5939 }
5942 // Hidden setting for development sites, set in config.php if needed.
5945 }
5951 }
5953 // Skip mail to suspended users.
5954 if ((isset($user->auth) && $user->auth=='nologin') or (isset($user->suspended) && $user->suspended)) {
5956 }
5959 // We can not send emails to invalid addresses - it might create security issue or confuse the mailer.
5960 debugging("email_to_user: User $user->id (".fullname($user).") email ($user->email) is invalid! Not sending.");
5962 }
5965 debugging("email_to_user: User $user->id (".fullname($user).") is over bounce threshold! Not sending.");
5967 }
5969 // TLD .invalid is specifically reserved for invalid domain names.
5970 // For More information, see {@link http://tools.ietf.org/html/rfc2606#section-2}.
5972 debugging("email_to_user: User $user->id (".fullname($user).") email domain ($user->email) is invalid! Not sending.");
5974 }
5976 // If the user is a remote mnet user, parse the email text for URL to the
5977 // wwwroot and modify the url to direct the user's browser to login at their
5978 // home site (identity provider - idp) before hitting the link itself.
5991 }
5996 }
6001 // Make sure that we fall back onto some reasonable no-reply address.
6008 }
6010 // Make up an email address for handling bounces.
6016 }
6018 // Make sure that the explicit replyto is valid, fall back to the implicit one.
6022 }
6027 // Check if using the true address is true, and the email is in the list of allowed domains for sending email,
6028 // and that the senders email setting is either displayed to everyone, or display to only other users that are enrolled
6029 // in a course with the sender.
6033 // Better not to use $noreplyaddress in this case.
6035 }
6044 }
6048 }
6058 }
6062 }
6063 }
6067 }
6071 // Set word wrap.
6075 // Add custom headers.
6079 }
6082 }
6083 }
6085 // If the X-PHP-Originating-Script email header is on then also add an additional
6086 // header with details of where exactly in moodle the email was triggered from,
6087 // either a call to message_send() or to email_to_user().
6096 }
6097 }
6102 }
6109 }
6110 }
6111 }
6115 }
6128 );
6132 }
6136 }
6139 // Only process html templates if the user preferences allow html email.
6142 // If no html has been given, BUT there is an html wrapping template then
6143 // auto convert the text to html and then wrap it.
6145 }
6148 }
6155 // Autogenerate a MessageID if it's missing.
6158 }
6161 // Don't ever send HTML to users who don't want it.
6169 }
6173 // Security check for ".." in dir path.
6176 $mail->addStringAttachment('Error in attachment. User attempted to attach a filename with a unsafe name.', 'error.txt', '8bit', 'text/plain');
6181 // Before doing the comparison, make sure that the paths are correct (Windows uses slashes in the other direction).
6182 // The absolute (real) path is also fetched to ensure that comparisons to allowed paths are compared equally.
6185 // Build an array of all filepaths from which attachments can be added (normalised slashes, absolute/real path).
6188 }, [
6195 ]);
6197 // Set addpath to true.
6200 // Check if attachment includes one of the allowed paths.
6202 // Set addpath to false if the attachment includes one of the allowed paths.
6206 }
6207 }
6209 // If the attachment is a full path to a file in the multiple allowed paths, use it as is,
6210 // otherwise assume it is a relative path from the dataroot (for backwards compatibility reasons).
6213 }
6216 }
6217 }
6219 // Check if the email should be sent in an other charset then the default UTF-8.
6222 // Use the defined site mail charset or eventually the one preferred by the recipient.
6227 }
6228 }
6230 // Convert all the necessary strings if the charset is supported.
6242 }
6245 }
6246 }
6247 }
6251 }
6254 }
6265 debugging("Email DKIM selector chosen due to {$mail->From} but no certificate found at $pempath", DEBUG_DEVELOPER);
6266 }
6267 }
6273 }
6276 // Trigger event for failing to send email.
6285 )
6286 ));
6290 }
6293 }
6295 }
6296 }
6298 /**
6299 * Check to see if a user's real email address should be used for the "From" field.
6300 *
6301 * @param object $from The user object for the user we are sending the email from.
6302 * @param object $user The user object that we are sending the email to.
6303 * @param array $unused No longer used.
6304 * @return bool Returns true if we can use the from user's email adress in the "From" field.
6305 */
6310 }
6312 // Email is in the list of allowed domains for sending email,
6313 // and the senders email setting is either displayed to everyone, or display to only other users that are enrolled
6314 // in a course with the sender.
6315 if (\core\ip_utils::is_domain_in_allowed_list(substr($from->email, strpos($from->email, '@') + 1), $alloweddomains)
6320 }
6322 }
6324 /**
6325 * Generate a signoff for emails based on support settings
6326 *
6327 * @return string
6328 */
6335 }
6341 }
6344 }
6346 /**
6347 * Sets specified user's password and send the new password to the user via email.
6348 *
6349 * @param stdClass $user A {@link $USER} object
6350 * @param bool $fasthash If true, use a low cost factor when generating the hash for speed.
6351 * @return bool|string Returns "true" if mail was sent OK and "false" if there was an error
6352 */
6356 // We try to send the mail in language the user understands,
6357 // unfortunately the filter_string() does not support alternative langs yet
6358 // so multilang will not work properly for site->fullname.
6379 $subject = format_string($site->fullname) .': '. (string)new lang_string('newusernewpasswordsubj', '', $a, $lang);
6381 // Directly email rather than using the messaging system to ensure its not routed to a popup or jabber.
6384 }
6386 /**
6387 * Resets specified user's password and send the new password to the user via email.
6388 *
6389 * @param stdClass $user A {@link $USER} object
6390 * @return bool Returns true if mail was sent OK and false if there was an error.
6391 */
6400 trigger_error("Attempt to reset user password for user $user->username with Auth $user->auth.");
6402 }
6408 }
6425 // Directly email rather than using the messaging system to ensure its not routed to a popup or jabber.
6427 }
6429 /**
6430 * Send email to specified user with confirmation text and activation link.
6431 *
6432 * @param stdClass $user A {@link $USER} object
6433 * @param string $confirmationurl user confirmation URL
6434 * @return bool Returns true if mail was sent OK and false if there was an error.
6435 */
6450 }
6453 // Remove data parameter just in case it was included in the confirmation so we can add it manually later.
6457 // We need to custom encode the username to include trailing dots in the link.
6458 // Because of this custom encoding we can't use moodle_url directly.
6459 // Determine if a query string is present in the confirmation url.
6461 // Perform normal url encoding of the username first.
6463 // Prevent problems with trailing dots not being included as part of link in some mail clients.
6466 $data->link = $confirmationpath . ( $hasquerystring ? '&' : '?') . 'data='. $user->secret .'/'. $username;
6471 // Directly email rather than using the messaging system to ensure its not routed to a popup or jabber.
6473 }
6475 /**
6476 * Sends a password change confirmation email.
6477 *
6478 * @param stdClass $user A {@link $USER} object
6479 * @param stdClass $resetrecord An object tracking metadata regarding password reset request
6480 * @return bool Returns true if mail was sent OK and false if there was an error.
6481 */
6501 // Directly email rather than using the messaging system to ensure its not routed to a popup or jabber.
6504 }
6506 /**
6507 * Sends an email containing information on how to change your password.
6508 *
6509 * @param stdClass $user A {@link $USER} object
6510 * @return bool Returns true if mail was sent OK and false if there was an error.
6511 */
6526 // Directly email rather than using the messaging system to ensure its not routed to a popup or jabber.
6528 }
6533 // Directly email rather than using the messaging system to ensure its not routed to a popup or jabber.
6535 }
6537 /**
6538 * Check that an email is allowed. It returns an error message if there was a problem.
6539 *
6540 * @param string $email Content of email
6541 * @return string|false
6542 */
6546 // Comparing lowercase domains.
6554 }
6557 // Subdomains are in a form ".example.com" - matches "xxx@anything.example.com".
6559 }
6563 }
6564 }
6573 }
6576 // Subdomains are in a form ".example.com" - matches "xxx@anything.example.com".
6578 }
6582 }
6583 }
6584 }
6587 }
6589 // FILE HANDLING.
6591 /**
6592 * Returns local file storage instance
6593 *
6594 * @return file_storage
6595 */
6604 }
6608 }
6615 }
6617 /**
6618 * Returns local file storage instance
6619 *
6620 * @return file_browser
6621 */
6629 }
6636 }
6638 /**
6639 * Returns file packer
6640 *
6641 * @param string $mimetype default application/zip
6642 * @return file_packer
6643 */
6651 }
6669 }
6675 }
6677 /**
6678 * Returns current name of file on disk if it exists.
6679 *
6680 * @param string $newfile File to be verified
6681 * @return string Current name of file on disk if true
6682 */
6686 }
6691 }
6692 }
6694 /**
6695 * Returns the maximum size for uploading files.
6696 *
6697 * There are seven possible upload limits:
6698 * 1. in Apache using LimitRequestBody (no way of checking or changing this)
6699 * 2. in php.ini for 'upload_max_filesize' (can not be changed inside PHP)
6700 * 3. in .htaccess for 'upload_max_filesize' (can not be changed inside PHP)
6701 * 4. in php.ini for 'post_max_size' (can not be changed inside PHP)
6702 * 5. by the Moodle admin in $CFG->maxbytes
6703 * 6. by the teacher in the current course $course->maxbytes
6704 * 7. by the teacher for the current module, eg $assignment->maxbytes
6705 *
6706 * These last two are passed to this function as arguments (in bytes).
6707 * Anything defined as 0 is ignored.
6708 * The smallest of all the non-zero numbers is returned.
6709 *
6710 * @todo Finish documenting this function
6711 *
6712 * @param int $sitebytes Set maximum size
6713 * @param int $coursebytes Current course $course->maxbytes (in bytes)
6714 * @param int $modulebytes Current module ->maxbytes (in bytes)
6715 * @param bool $unused This parameter has been deprecated and is not used any more.
6716 * @return int The maximum size for uploading files.
6717 */
6718 function get_max_upload_file_size($sitebytes=0, $coursebytes=0, $modulebytes=0, $unused = false) {
6722 }
6729 }
6730 }
6734 }
6738 }
6742 }
6745 }
6747 /**
6748 * Returns the maximum size for uploading files for the current user
6749 *
6750 * This function takes in account {@link get_max_upload_file_size()} the user's capabilities
6751 *
6752 * @param context $context The context in which to check user capabilities
6753 * @param int $sitebytes Set maximum size
6754 * @param int $coursebytes Current course $course->maxbytes (in bytes)
6755 * @param int $modulebytes Current module ->maxbytes (in bytes)
6756 * @param stdClass $user The user
6757 * @param bool $unused This parameter has been deprecated and is not used any more.
6758 * @return int The maximum size for uploading files.
6759 */
6760 function get_user_max_upload_file_size($context, $sitebytes = 0, $coursebytes = 0, $modulebytes = 0, $user = null,
6766 }
6770 }
6773 }
6775 /**
6776 * Returns an array of possible sizes in local language
6777 *
6778 * Related to {@link get_max_upload_file_size()} - this function returns an
6779 * array of possible sizes in an array, translated to the
6780 * local language.
6781 *
6782 * The list of options will go up to the minimum of $sitebytes, $coursebytes or $modulebytes.
6783 *
6784 * If $coursebytes or $sitebytes is not 0, an option will be included for "Course/Site upload limit (X)"
6785 * with the value set to 0. This option will be the first in the list.
6786 *
6787 * @uses SORT_NUMERIC
6788 * @param int $sitebytes Set maximum size
6789 * @param int $coursebytes Current course $course->maxbytes (in bytes)
6790 * @param int $modulebytes Current module ->maxbytes (in bytes)
6791 * @param int|array $custombytes custom upload size/s which will be added to list,
6792 * Only value/s smaller then maxsize will be added to list.
6793 * @return array
6794 */
6795 function get_max_upload_sizes($sitebytes = 0, $coursebytes = 0, $modulebytes = 0, $custombytes = null) {
6800 }
6803 // Will get the minimum of upload_max_filesize or post_max_size.
6805 }
6813 // If custombytes is given and is valid then add it to the list.
6818 }
6821 }
6823 // Allow maxbytes to be selected if it falls outside the above boundaries.
6825 // Note: get_real_size() is used in order to prevent problems with invalid values.
6827 }
6832 }
6833 }
6853 }
6859 }
6862 }
6864 /**
6865 * Returns an array with all the filenames in all subdirectories, relative to the given rootdir.
6866 *
6867 * If excludefiles is defined, then that file/directory is ignored
6868 * If getdirs is true, then (sub)directories are included in the output
6869 * If getfiles is true, then files are included in the output
6870 * (at least one of these must be true!)
6871 *
6872 * @todo Finish documenting this function. Add examples of $excludefile usage.
6873 *
6874 * @param string $rootdir A given root directory to start from
6875 * @param string|array $excludefiles If defined then the specified file/directory is ignored
6876 * @param bool $descend If true then subdirectories are recursed as well
6877 * @param bool $getdirs If true then (sub)directories are included in the output
6878 * @param bool $getfiles If true then files are included in the output
6879 * @return array An array with all the filenames in all subdirectories, relative to the given rootdir
6880 */
6881 function get_directory_list($rootdir, $excludefiles='', $descend=true, $getdirs=false, $getfiles=true) {
6887 }
6891 }
6895 }
6899 }
6905 }
6910 }
6915 }
6916 }
6919 }
6920 }
6926 }
6929 /**
6930 * Adds up all the files in a directory and works out the size.
6931 *
6932 * @param string $rootdir The directory to start from
6933 * @param string $excludefile A file to exclude when summing directory size
6934 * @return int The summed size of all files and subfiles within the root directory
6935 */
6939 // Do it this way if we can, it's much faster.
6946 // We told it to return k.
6948 }
6949 }
6952 // Must be a directory.
6954 }
6957 // Can't open it for some reason.
6959 }
6967 }
6973 }
6974 }
6978 }
6980 /**
6981 * Converts bytes into display form
6982 *
6983 * @param int $size The size to convert to human readable form
6984 * @param int $decimalplaces If specified, uses fixed number of decimal places
6985 * @param string $fixedunits If specified, uses fixed units (e.g. 'KB')
6986 * @return string Display version of size
6987 */
6994 }
7003 }
7030 }
7032 // Special case for magnitude 0 (bytes) - never use decimal places.
7036 }
7038 // Convert to specified units.
7041 // Fixed decimal places.
7043 }
7045 /**
7046 * Cleans a given filename by removing suspicious or troublesome characters
7047 *
7048 * @see clean_param()
7049 * @param string $string file name
7050 * @return string cleaned file name
7051 */
7054 }
7056 // STRING TRANSLATION.
7058 /**
7059 * Returns the code for the current language
7060 *
7061 * @category string
7062 * @return string
7063 */
7068 // Allows overriding course-forced language (useful for admins to check
7069 // issues in courses whose language they don't understand).
7070 // Also used by some code to temporarily get language-related information in a
7071 // specific language (see force_current_language()).
7075 // Activity language, if set.
7078 } else if (!empty($PAGE->course->id) && $PAGE->course->id != SITEID && !empty($PAGE->course->lang)) {
7079 // Course language can override all other settings for this page.
7083 // Session language can override other settings.
7094 }
7096 // Just in case this slipped in from somewhere by accident.
7100 }
7102 /**
7103 * Fix the current language to the given language code.
7104 *
7105 * @param string $lang The language code to use.
7106 * @return void
7107 */
7113 }
7128 }
7132 }
7133 }
7135 /**
7136 * Returns parent language of current active language if defined
7137 *
7138 * @category string
7139 * @param string $lang null means current language
7140 * @return string
7141 */
7148 }
7151 }
7153 /**
7154 * Force the current language to get strings and dates localised in the given language.
7155 *
7156 * After calling this function, all strings will be provided in the given language
7157 * until this function is called again, or equivalent code is run.
7158 *
7159 * @param string $language
7160 * @return string previous $SESSION->forcelang value
7161 */
7166 // Setting forcelang to null or an empty string disables its effect.
7170 }
7171 }
7173 }
7175 /**
7176 * Returns current string_manager instance.
7177 *
7178 * The param $forcereload is needed for CLI installer only where the string_manager instance
7179 * must be replaced during the install.php script life time.
7180 *
7181 * @category string
7182 * @param bool $forcereload shall the singleton be released and new instance created instead?
7183 * @return core_string_manager
7184 */
7192 }
7202 // Each language in the $CFG->langlist can has an "alias" that would substitute the default language name.
7208 }
7209 }
7210 }
7219 $singleton = new $classname($CFG->langotherroot, $CFG->langlocalroot, $translist, $transaliases);
7225 }
7228 debugging('Unable to instantiate custom string manager: class '.$classname.' can not be found.');
7229 }
7230 }
7232 $singleton = new core_string_manager_standard($CFG->langotherroot, $CFG->langlocalroot, $translist, $transaliases);
7236 }
7237 }
7240 }
7242 /**
7243 * Returns a localized string.
7244 *
7245 * Returns the translated string specified by $identifier as
7246 * for $module. Uses the same format files as STphp.
7247 * $a is an object, string or number that can be used
7248 * within translation strings
7249 *
7250 * eg 'hello {$a->firstname} {$a->lastname}'
7251 * or 'hello {$a}'
7252 *
7253 * If you would like to directly echo the localized string use
7254 * the function {@link print_string()}
7255 *
7256 * Example usage of this function involves finding the string you would
7257 * like a local equivalent of and using its identifier and module information
7258 * to retrieve it.<br/>
7259 * If you open moodle/lang/en/moodle.php and look near line 278
7260 * you will find a string to prompt a user for their word for 'course'
7261 * <code>
7262 * $string['course'] = 'Course';
7263 * </code>
7264 * So if you want to display the string 'Course'
7265 * in any language that supports it on your site
7266 * you just need to use the identifier 'course'
7267 * <code>
7268 * $mystring = '<strong>'. get_string('course') .'</strong>';
7269 * or
7270 * </code>
7271 * If the string you want is in another file you'd take a slightly
7272 * different approach. Looking in moodle/lang/en/calendar.php you find
7273 * around line 75:
7274 * <code>
7275 * $string['typecourse'] = 'Course event';
7276 * </code>
7277 * If you want to display the string "Course event" in any language
7278 * supported you would use the identifier 'typecourse' and the module 'calendar'
7279 * (because it is in the file calendar.php):
7280 * <code>
7281 * $mystring = '<h1>'. get_string('typecourse', 'calendar') .'</h1>';
7282 * </code>
7283 *
7284 * As a last resort, should the identifier fail to map to a string
7285 * the returned string will be [[ $identifier ]]
7286 *
7287 * In Moodle 2.3 there is a new argument to this function $lazyload.
7288 * Setting $lazyload to true causes get_string to return a lang_string object
7289 * rather than the string itself. The fetching of the string is then put off until
7290 * the string object is first used. The object can be used by calling it's out
7291 * method or by casting the object to a string, either directly e.g.
7292 * (string)$stringobject
7293 * or indirectly by using the string within another string or echoing it out e.g.
7294 * echo $stringobject
7295 * return "<p>{$stringobject}</p>";
7296 * It is worth noting that using $lazyload and attempting to use the string as an
7297 * array key will cause a fatal error as objects cannot be used as array keys.
7298 * But you should never do that anyway!
7299 * For more information {@link lang_string}
7300 *
7301 * @category string
7302 * @param string $identifier The key identifier for the localized string
7303 * @param string $component The module where the key identifier is stored,
7304 * usually expressed as the filename in the language pack without the
7305 * .php on the end but can also be written as mod/forum or grade/export/xls.
7306 * If none is specified then moodle.php is used.
7307 * @param string|object|array|int $a An object, string or number that can be used
7308 * within translation strings
7309 * @param bool $lazyload If set to true a string object is returned instead of
7310 * the string itself. The string then isn't calculated until it is first used.
7311 * @return string The localized string.
7312 * @throws coding_exception
7313 */
7317 // If the lazy load argument has been supplied return a lang_string object
7318 // instead.
7319 // We need to make sure it is true (and a bool) as you will see below there
7320 // used to be a forth argument at one point.
7323 }
7326 throw new coding_exception('Invalid string identifier. The identifier cannot be empty. Please fix your get_string() call.', DEBUG_DEVELOPER);
7327 }
7329 // There is now a forth argument again, this time it is a boolean however so
7330 // we can still check for the old extralocations parameter.
7332 debugging('extralocations parameter in get_string() is not supported any more, please use standard lang locations only.');
7333 }
7337 'like mod/mymod or block/myblock. The correct form looks like mymod, or block_myblock.' , DEBUG_DEVELOPER);
7357 }
7358 }
7362 // Debugging feature lets you display string identifier and component.
7363 if (isset($CFG->debugstringids) && $CFG->debugstringids && optional_param('strings', 0, PARAM_INT)) {
7365 }
7367 }
7369 /**
7370 * Converts an array of strings to their localized value.
7371 *
7372 * @param array $array An array of strings
7373 * @param string $component The language module that these strings can be found in.
7374 * @return stdClass translated strings.
7375 */
7380 }
7382 }
7384 /**
7385 * Prints out a translated string.
7386 *
7387 * Prints out a translated string using the return value from the {@link get_string()} function.
7388 *
7389 * Example usage of this function when the string is in the moodle.php file:<br/>
7390 * <code>
7391 * echo '<strong>';
7392 * print_string('course');
7393 * echo '</strong>';
7394 * </code>
7395 *
7396 * Example usage of this function when the string is not in the moodle.php file:<br/>
7397 * <code>
7398 * echo '<h1>';
7399 * print_string('typecourse', 'calendar');
7400 * echo '</h1>';
7401 * </code>
7402 *
7403 * @category string
7404 * @param string $identifier The key identifier for the localized string
7405 * @param string $component The module where the key identifier is stored. If none is specified then moodle.php is used.
7406 * @param string|object|array $a An object, string or number that can be used within translation strings
7407 */
7410 }
7412 /**
7413 * Returns a list of charset codes
7414 *
7415 * Returns a list of charset codes. It's hardcoded, so they should be added manually
7416 * (checking that such charset is supported by the texlib library!)
7417 *
7418 * @return array And associative array with contents in the form of charset => charset
7419 */
7434 }
7436 /**
7437 * Returns a list of valid and compatible themes
7438 *
7439 * @return array
7440 */
7450 }
7455 }
7460 }
7462 /**
7463 * Factory function for emoticon_manager
7464 *
7465 * @return emoticon_manager singleton
7466 */
7472 }
7475 }
7477 /**
7478 * Provides core support for plugins that have to deal with emoticons (like HTML editor or emoticon filter).
7479 *
7480 * Whenever this manager mentiones 'emoticon object', the following data
7481 * structure is expected: stdClass with properties text, imagename, imagecomponent,
7482 * altidentifier and altcomponent
7483 *
7484 * @see admin_setting_emoticons
7485 *
7486 * @copyright 2010 David Mudrak
7487 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
7488 */
7491 /**
7492 * Returns the currently enabled emoticons
7493 *
7494 * @param boolean $selectable - If true, only return emoticons that should be selectable from a list.
7495 * @return array of emoticon objects
7496 */
7503 }
7508 // Something is wrong with the format of stored setting.
7509 debugging('Invalid format of emoticons setting, please resave the emoticons settings form', DEBUG_NORMAL);
7511 }
7515 // Skip this one.
7517 }
7518 }
7519 }
7522 }
7524 /**
7525 * Converts emoticon object into renderable pix_emoticon object
7526 *
7527 * @param stdClass $emoticon emoticon object
7528 * @param array $attributes explicit HTML attributes to set
7529 * @return pix_emoticon
7530 */
7537 }
7539 }
7541 /**
7542 * Encodes the array of emoticon objects into a string storable in config table
7543 *
7544 * @see self::decode_stored_config()
7545 * @param array $emoticons array of emtocion objects
7546 * @return string
7547 */
7550 }
7552 /**
7553 * Decodes the string into an array of emoticon objects
7554 *
7555 * @see self::encode_stored_config()
7556 * @param string $encoded
7557 * @return array|null
7558 */
7563 }
7565 }
7567 /**
7568 * Returns default set of emoticons supported by Moodle
7569 *
7570 * @return array of sdtClasses
7571 */
7604 );
7605 }
7607 /**
7608 * Helper method preparing the stdClass with the emoticon properties
7609 *
7610 * @param string|array $text or array of strings
7611 * @param string $imagename to be used by {@link pix_emoticon}
7612 * @param string $altidentifier alternative string identifier, null for no alt
7613 * @param string $altcomponent where the alternative string is defined
7614 * @param string $imagecomponent to be used by {@link pix_emoticon}
7615 * @return stdClass
7616 */
7625 );
7626 }
7627 }
7629 // ENCRYPTION.
7631 /**
7632 * rc4encrypt
7633 *
7634 * @param string $data Data to encrypt.
7635 * @return string The now encrypted data.
7636 */
7639 }
7641 /**
7642 * rc4decrypt
7643 *
7644 * @param string $data Data to decrypt.
7645 * @return string The now decrypted data.
7646 */
7649 }
7651 /**
7652 * Based on a class by Mukul Sabharwal [mukulsabharwal @ yahoo.com]
7653 *
7654 * @todo Finish documenting this function
7655 *
7656 * @param string $pwd The password to use when encrypting or decrypting
7657 * @param string $data The data to be decrypted/encrypted
7658 * @param string $case Either 'de' for decrypt or '' for encrypt
7659 * @return string
7660 */
7665 }
7674 }
7683 }
7699 }
7705 }
7708 }
7710 // ENVIRONMENT CHECKING.
7712 /**
7713 * This method validates a plug name. It is much faster than calling clean_param.
7714 *
7715 * @param string $name a string that might be a plugin name.
7716 * @return bool if this string is a valid plugin name.
7717 */
7719 // This does not work for 'mod', bad luck, use any other type.
7721 }
7723 /**
7724 * Get a list of all the plugins of a given type that define a certain API function
7725 * in a certain file. The plugin component names and function names are returned.
7726 *
7727 * @param string $plugintype the type of plugin, e.g. 'mod' or 'report'.
7728 * @param string $function the part of the name of the function after the
7729 * frankenstyle prefix. e.g 'hook' if you are looking for functions with
7730 * names like report_courselist_hook.
7731 * @param string $file the name of file within the plugin that defines the
7732 * function. Defaults to lib.php.
7733 * @return array with frankenstyle plugin names as keys (e.g. 'report_courselist', 'mod_forum')
7734 * and the function names as values (e.g. 'report_courselist_hook', 'forum_hook').
7735 */
7739 // We don't include here as all plugin types files would be included.
7744 }
7748 // Reformat the array and include the files.
7752 // Check that it has not been removed and the file is still available.
7759 // Now that the file is loaded, we must verify the function still exists.
7763 // Invalidate the cache for next run.
7765 }
7766 }
7767 }
7768 }
7771 }
7773 /**
7774 * Get a list of all the plugins that define a certain API function in a certain file.
7775 *
7776 * @param string $function the part of the name of the function after the
7777 * frankenstyle prefix. e.g 'hook' if you are looking for functions with
7778 * names like report_courselist_hook.
7779 * @param string $file the name of file within the plugin that defines the
7780 * function. Defaults to lib.php.
7781 * @param bool $include Whether to include the files that contain the functions or not.
7782 * @param bool $migratedtohook if true this is a deprecated lib.php callback, if hook callback is present then do nothing
7783 * @return array with [plugintype][plugin] = functionname
7784 */
7785 function get_plugins_with_function($function, $file = 'lib.php', $include = true, bool $migratedtohook = false) {
7789 // API functions _must not_ be called during an installation or upgrade.
7791 }
7799 if (\core\hook\manager::get_instance()->is_deprecating_hook_present($component, $plugincallback)) {
7800 // Ignore the old callback, it is there only for older Moodle versions.
7803 debugging("Callback $plugincallback in $component component should be migrated to new hook callback",
7804 DEBUG_DEVELOPER);
7805 }
7806 }
7807 }
7808 }
7810 };
7814 // Including both although I doubt that we will find two functions definitions with the same name.
7815 // Clean the filename as cache_helper::hash_key only allows a-zA-Z0-9_.
7820 }
7823 // Use the plugin manager to check that plugins are currently installed.
7828 // Checking that the files are still available.
7835 // Plugin code is still present on disk but it is not installed.
7838 }
7840 // Cache might be out of sync with the codebase, skip the plugin if it is not available.
7844 }
7848 // Include the files if it was requested.
7851 // If the file is not available any more it should not be returned.
7854 }
7856 // Check if the function still exists in the file.
7860 }
7861 }
7862 }
7864 // If the cache is dirty, we should fall through and let it rebuild.
7868 }
7870 }
7871 }
7875 // To fill the cached. Also, everything should continue working with cache disabled.
7879 // We need to include files here.
7886 }
7892 // Function exists with standard name. Store, indexed by frankenstyle name of plugin.
7896 // For modules, we also allow plugin without full frankenstyle but just starting with the module name.
7900 }
7901 }
7906 }
7908 }
7910 }
7911 }
7914 }
7918 }
7922 }
7924 /**
7925 * Lists plugin-like directories within specified directory
7926 *
7927 * This function was originally used for standard Moodle plugins, please use
7928 * new core_component::get_plugin_list() now.
7929 *
7930 * This function is used for general directory listing and backwards compatility.
7931 *
7932 * @param string $directory relative directory from root
7933 * @param string $exclude dir name to exclude from the list (defaults to none)
7934 * @param string $basedir full path to the base dir where $plugin resides (defaults to $CFG->dirroot)
7935 * @return array Sorted array of directory names found under the requested parameters
7936 */
7947 }
7950 // Make sure devs do not use this to list normal plugins,
7951 // this is intended for general directories that are not plugins!
7955 debugging('get_list_of_plugins() should not be used to list real plugins, use core_component::get_plugin_list() instead!', DEBUG_DEVELOPER);
7956 }
7958 }
7970 ]));
7974 debugging("Directory permission error for plugin ({$directory}). Directory exists but cannot be read.", DEBUG_DEVELOPER);
7976 }
7979 // Ignore directories starting with .
7980 // These are treated as hidden directories.
7982 }
7984 // This directory features on the ignore list.
7986 }
7989 }
7991 }
7993 }
7996 }
7998 }
8000 /**
8001 * Invoke plugin's callback functions
8002 *
8003 * @param string $type plugin type e.g. 'mod'
8004 * @param string $name plugin name
8005 * @param string $feature feature name
8006 * @param string $action feature's action
8007 * @param array $params parameters of callback function, should be an array
8008 * @param mixed $default default value if callback function hasn't been defined, or if it retursn null.
8009 * @param bool $migratedtohook if true this is a deprecated callback, if hook callback is present then do nothing
8010 * @return mixed
8011 *
8012 * @todo Decide about to deprecate and drop plugin_callback() - MDL-30743
8013 */
8014 function plugin_callback($type, $name, $feature, $action, $params = null, $default = null, bool $migratedtohook = false) {
8015 return component_callback($type . '_' . $name, $feature . '_' . $action, (array) $params, $default, $migratedtohook);
8016 }
8018 /**
8019 * Invoke component's callback functions
8020 *
8021 * @param string $component frankenstyle component name, e.g. 'mod_quiz'
8022 * @param string $function the rest of the function name, e.g. 'cron' will end up calling 'mod_quiz_cron'
8023 * @param array $params parameters of callback function
8024 * @param mixed $default default value if callback function hasn't been defined, or if it retursn null.
8025 * @param bool $migratedtohook if true this is a deprecated callback, if hook callback is present then do nothing
8026 * @return mixed
8027 */
8028 function component_callback($component, $function, array $params = array(), $default = null, bool $migratedtohook = false) {
8033 // PHP 8 allows to have associative arrays in the call_user_func_array() parameters but
8034 // PHP 7 does not. Using associative arrays can result in different behavior in different PHP versions.
8035 // See https://php.watch/versions/8.0/named-parameters#named-params-call_user_func_array
8036 // This check can be removed when minimum PHP version for Moodle is raised to 8.
8037 debugging('Parameters array can not be an associative array while Moodle supports both PHP 7 and PHP 8.',
8038 DEBUG_DEVELOPER);
8040 }
8046 // Do not call the old lib.php callback,
8047 // it is there for compatibility with older Moodle versions only.
8050 debugging("Callback $function in $component component should be migrated to new hook callback",
8051 DEBUG_DEVELOPER);
8052 }
8053 }
8054 }
8056 // Function exists, so just return function result.
8062 }
8063 }
8065 }
8067 /**
8068 * Determine if a component callback exists and return the function name to call. Note that this
8069 * function will include the required library files so that the functioname returned can be
8070 * called directly.
8071 *
8072 * @param string $component frankenstyle component name, e.g. 'mod_quiz'
8073 * @param string $function the rest of the function name, e.g. 'cron' will end up calling 'mod_quiz_cron'
8074 * @return mixed Complete function name to call if the callback exists or false if it doesn't.
8075 * @throws coding_exception if invalid component specfied
8076 */
8082 throw new coding_exception('Invalid component used in plugin/component_callback():' . $component);
8083 }
8094 throw new coding_exception('Invalid component used in plugin/component_callback():' . $component);
8095 }
8097 // Load library and look for function.
8100 }
8104 debugging("Please use new function name $function instead of legacy $oldfunction", DEBUG_DEVELOPER);
8105 }
8107 }
8111 }
8113 }
8115 /**
8116 * Call the specified callback method on the provided class.
8117 *
8118 * If the callback returns null, then the default value is returned instead.
8119 * If the class does not exist, then the default value is returned.
8120 *
8121 * @param string $classname The name of the class to call upon.
8122 * @param string $methodname The name of the staticically defined method on the class.
8123 * @param array $params The arguments to pass into the method.
8124 * @param mixed $default The default value.
8125 * @return mixed The return value.
8126 */
8130 }
8134 }
8143 }
8144 }
8146 /**
8147 * Checks whether a plugin supports a specified feature.
8148 *
8149 * @param string $type Plugin type e.g. 'mod'
8150 * @param string $name Plugin name e.g. 'forum'
8151 * @param string $feature Feature code (FEATURE_xx constant)
8152 * @param mixed $default default value if feature support unknown
8153 * @return mixed Feature result (false if not supported, null if feature is unknown,
8154 * otherwise usually true but may have other feature-specific value such as array)
8155 * @throws coding_exception
8156 */
8161 // Somebody forgot to rename the module template.
8163 }
8167 throw new coding_exception('Invalid component used in plugin_supports():' . $type . '_' . $name);
8168 }
8173 // We need this special case because we support subplugins in modules,
8174 // otherwise it would end up in infinite loop.
8179 // Legacy non-frankenstyle function name.
8181 }
8182 }
8186 // Non existent plugin type.
8188 }
8192 }
8193 }
8198 // Plugin does not know - use default.
8202 }
8203 }
8205 // Plugin does not care, so use default.
8207 }
8209 /**
8210 * Returns true if the current version of PHP is greater that the specified one.
8211 *
8212 * @todo Check PHP version being required here is it too low?
8213 *
8214 * @param string $version The version of php being tested.
8215 * @return bool
8216 */
8219 }
8221 /**
8222 * Determine if moodle installation requires update.
8223 *
8224 * Checks version numbers of main code and all plugins to see
8225 * if there are any mismatches.
8226 *
8227 * @param bool $checkupgradeflag check the outagelessupgrade flag to see if an upgrade is running.
8228 * @return bool
8229 */
8233 // Say no if there is already an upgrade running.
8237 // If we ARE locked, but this PHP process is NOT the process running the upgrade,
8238 // We should always return false.
8239 // This means the upgrade is running from CLI somewhere, or about to.
8242 }
8243 }
8247 }
8249 // There is no need to purge plugininfo caches here because
8250 // these caches are not used during upgrade and they are purged after
8251 // every upgrade.
8255 }
8260 }
8262 /**
8263 * Returns the major version of this site
8264 *
8265 * Moodle version numbers consist of three numbers separated by a dot, for
8266 * example 1.9.11 or 2.0.2. The first two numbers, like 1.9 or 2.0, represent so
8267 * called major version. This function extracts the major version from either
8268 * $CFG->release (default) or eventually from the $release variable defined in
8269 * the main version.php.
8270 *
8271 * @param bool $fromdisk should the version if source code files be used
8272 * @return string|false the major version like '2.3', false if could not be determined
8273 */
8282 }
8287 }
8289 }
8295 }
8296 }
8298 // MISCELLANEOUS.
8300 /**
8301 * Gets the system locale
8302 *
8303 * @return string Retuns the current locale.
8304 */
8308 // Fetch the correct locale based on ostype.
8313 }
8317 }
8320 }
8322 /**
8323 * Sets the system locale
8324 *
8325 * @category string
8326 * @param string $locale Can be used to force a locale
8327 */
8335 // The priority is the same as in get_string() - parameter, config, course, session, user, global language.
8340 }
8342 // Do nothing if locale already set up.
8345 }
8347 // Due to some strange BUG we cannot set the LC_TIME directly, so we fetch current values,
8348 // set LC_ALL and then set values again. Just wondering why we cannot set LC_ALL only??? - stronk7
8349 // Some day, numeric, monetary and other categories should be set too, I think. :-/.
8351 // Get current values.
8357 }
8358 // Set locale to all.
8360 // If setting of locale fails try the other utf8 or utf-8 variant,
8361 // some operating systems support both (Debian), others just one (OSX).
8369 }
8370 }
8371 // Set old values.
8376 }
8378 // To workaround a well-known PHP problem with Turkish letter Ii.
8380 }
8381 }
8383 /**
8384 * Count words in a string.
8385 *
8386 * Words are defined as things between whitespace.
8387 *
8388 * @category string
8389 * @param string $string The text to be searched for words. May be HTML.
8390 * @param int|null $format
8391 * @return int The count of words in the specified string
8392 */
8394 // Before stripping tags, add a space after the close tag of anything that is not obviously inline.
8395 // Also, br is a special case because it definitely delimits a word, but has no close tag.
8397 ( # Capture the tag we match.
8398 </ # Start of close tag.
8399 (?! # Do not match any of these specific close tag names.
8400 a> | b> | del> | em> | i> |
8401 ins> | s> | small> | span> |
8402 strong> | sub> | sup> | u>
8403 )
8404 \w+ # But, apart from those execptions, match any tag name.
8405 > # End of close tag.
8406 |
8407 <br> | <br\s*/> # Special cases that are not close tags.
8408 )
8411 // Match the usual text cleaning before display.
8412 // Ideally we should apply multilang filter only here, other filters might add extra text.
8413 $string = format_text($string, $format, ['filter' => false, 'noclean' => false, 'para' => false]);
8414 }
8415 // Now remove HTML tags.
8417 // Decode HTML entities.
8420 // Now, the word count is the number of blocks of characters separated
8421 // by any sort of space. That seems to be the definition used by all other systems.
8422 // To be precise about what is considered to separate words:
8423 // * Anything that Unicode considers a 'Separator'
8424 // * Anything that Unicode considers a 'Control character'
8425 // * An em- or en- dash.
8427 }
8429 /**
8430 * Count letters in a string.
8431 *
8432 * Letters are defined as chars not in tags and different from whitespace.
8433 *
8434 * @category string
8435 * @param string $string The text to be searched for letters. May be HTML.
8436 * @param int|null $format
8437 * @return int The count of letters in the specified text.
8438 */
8441 // Match the usual text cleaning before display.
8442 // Ideally we should apply multilang filter only here, other filters might add extra text.
8443 $string = format_text($string, $format, ['filter' => false, 'noclean' => false, 'para' => false]);
8444 }
8450 }
8452 /**
8453 * Generate and return a random string of the specified length.
8454 *
8455 * @param int $length The length of the string to be created.
8456 * @return string
8457 */
8468 }
8470 }
8472 /**
8473 * Generate a complex random string (useful for md5 salts)
8474 *
8475 * This function is based on the above {@link random_string()} however it uses a
8476 * larger pool of characters and generates a string between 24 and 32 characters
8477 *
8478 * @param int $length Optional if set generates a string to exactly this length
8479 * @return string
8480 */
8487 }
8493 }
8495 }
8497 /**
8498 * Try to generates cryptographically secure pseudo-random bytes.
8499 *
8500 * Note this is achieved by fallbacking between:
8501 * - PHP 7 random_bytes().
8502 * - OpenSSL openssl_random_pseudo_bytes().
8503 * - In house random generator getting its entropy from various, hard to guess, pseudo-random sources.
8504 *
8505 * @param int $length requested length in bytes
8506 * @return string binary data
8507 */
8513 }
8515 // Use PHP 7 goodness.
8519 }
8520 }
8522 // If you have the openssl extension enabled.
8526 }
8527 }
8529 // Bad luck, there is no reliable random generator, let's just slowly hash some unique stuff that is hard to guess.
8537 }
8539 /**
8540 * Given some text (which may contain HTML) and an ideal length,
8541 * this function truncates the text neatly on a word boundary if possible
8542 *
8543 * @category string
8544 * @param string $text text to be shortened
8545 * @param int $ideal ideal string length
8546 * @param boolean $exact if false, $text will not be cut mid-word
8547 * @param string $ending The string to append if the passed string is truncated
8548 * @return string $truncate shortened string
8549 */
8551 // If the plain text is shorter than the maximum length, return the whole text.
8554 }
8556 // Splits on HTML tags. Each open/close/empty tag will be the first thing
8557 // and only tag in its 'line'.
8563 // This array stores information about open and close tags and their position
8564 // in the truncated string. Each item in the array is an object with fields
8565 // ->open (true if open), ->tag (tag name in lower case), and ->pos
8566 // (byte position in truncated text).
8570 // If there is any html-tag in this line, handle it and add it (uncounted) to the output.
8572 // If it's an "empty element" with or without xhtml-conform closing slash (f.e. <br/>).
8573 if (!preg_match('/^<(\s*.+?\/\s*|\s*(img|br|input|hr|area|base|basefont|col|frame|isindex|link|meta|param)(\s.+?)?)>$/is', $linematchings[1])) {
8575 // Record closing tag.
8580 );
8583 // Record opening tag.
8588 );
8594 );
8600 );
8601 }
8602 }
8603 // Add html-tag to $truncate'd text.
8605 }
8607 // Calculate the length of the plain text part of the line; handle entities as one character.
8608 $contentlength = core_text::strlen(preg_replace('/&[0-9a-z]{2,8};|&#[0-9]{1,7};|&#x[0-9a-f]{1,6};/i', ' ', $linematchings[2]));
8610 // The number of characters which are left.
8613 // Search for html entities.
8614 if (preg_match_all('/&[0-9a-z]{2,8};|&#[0-9]{1,7};|&#x[0-9a-f]{1,6};/i', $linematchings[2], $entities, PREG_OFFSET_CAPTURE)) {
8615 // Calculate the real length of all entities in the legal range.
8621 // No more characters left.
8623 }
8624 }
8625 }
8628 // If the words shouldn't be cut in the middle...
8630 // Search the last occurence of a space.
8637 // Chinese/Japanese/Korean text can be truncated at any UTF-8 character boundary.
8640 }
8641 }
8642 }
8643 }
8645 // This deals with the test_shorten_text_no_spaces case.
8648 // This deals with the previous for loop breaking on the first char.
8650 }
8653 // Maximum length is reached, so get off the loop.
8658 }
8660 // If the maximum length is reached, get off the loop.
8663 }
8664 }
8666 // Add the defined ending to the text.
8669 // Now calculate the list of open html tags based on the truncate position.
8673 // Add tag to the beginning of $opentags list.
8676 // Can have multiple exact same open tags, close the last one.
8680 }
8681 }
8682 }
8684 // Close all unclosed html-tags.
8690 }
8691 }
8694 }
8696 /**
8697 * Shortens a given filename by removing characters positioned after the ideal string length.
8698 * When the filename is too long, the file cannot be created on the filesystem due to exceeding max byte size.
8699 * Limiting the filename to a certain size (considering multibyte characters) will prevent this.
8700 *
8701 * @param string $filename file name
8702 * @param int $length ideal string length
8703 * @param bool $includehash Whether to include a file hash in the shortened version. This ensures uniqueness.
8704 * @return string $shortened shortened file name
8705 */
8708 // Extract a part of the filename if it's char size exceeds the ideal string length.
8710 // Exclude extension if present in filename.
8721 }
8722 }
8724 }
8726 /**
8727 * Shortens a given array of filenames by removing characters positioned after the ideal string length.
8728 *
8729 * @param array $path The paths to reduce the length.
8730 * @param int $length Ideal string length
8731 * @param bool $includehash Whether to include a file hash in the shortened version. This ensures uniqueness.
8732 * @return array $result Shortened paths in array.
8733 */
8740 }, []);
8743 }
8745 /**
8746 * Given dates in seconds, how many weeks is the date from startdate
8747 * The first week is 1, the second 2 etc ...
8748 *
8749 * @param int $startdate Timestamp for the start date
8750 * @param int $thedate Timestamp for the end date
8751 * @return string
8752 */
8756 }
8759 }
8761 /**
8762 * Returns a randomly generated password of length $maxlen. inspired by
8763 *
8764 * {@link http://www.phpbuilder.com/columns/jesus19990502.php3} and
8765 * {@link http://es2.php.net/manual/en/function.str-shuffle.php#73254}
8766 *
8767 * @param int $maxlen The maximum size of the password being generated.
8768 * @return string
8769 */
8787 // Var minlength should be the greater one of the two ( $minlen and $total ).
8789 // Var maxlen can never be smaller than minlen.
8793 // Make sure we have enough characters to fulfill
8794 // complexity requirements.
8798 }
8802 }
8806 }
8810 }
8812 // Now mix and shuffle it all.
8821 }
8824 }
8826 /**
8827 * Given a float, prints it nicely.
8828 * Localized floats must not be used in calculations!
8829 *
8830 * The stripzeros feature is intended for making numbers look nicer in small
8831 * areas where it is not necessary to indicate the degree of accuracy by showing
8832 * ending zeros. If you turn it on with $decimalpoints set to 3, for example,
8833 * then it will display '5.4' instead of '5.400' or '5' instead of '5.000'.
8834 *
8835 * @param float $float The float to print
8836 * @param int $decimalpoints The number of decimal places to print. -1 is a special value for auto detect (full precision).
8837 * @param bool $localized use localized decimal separator
8838 * @param bool $stripzeros If true, removes final zeros after decimal point. It will be ignored and the trailing zeros after
8839 * the decimal point are always striped if $decimalpoints is -1.
8840 * @return string locale float
8841 */
8845 }
8850 }
8852 // The following counts the number of decimals.
8853 // It is safe as both floatval() and round() functions have same behaviour when non-numeric values are provided.
8856 }
8860 // Remove zeros and final dot if not needed.
8861 // However, only do this if there is a decimal point!
8863 }
8865 }
8867 /**
8868 * Converts locale specific floating point/comma number back to standard PHP float value
8869 * Do NOT try to do any math operations before this conversion on any user submitted floats!
8870 *
8871 * @param string $localefloat locale aware float representation
8872 * @param bool $strict If true, then check the input and return false if it is not a valid number.
8873 * @return mixed float|bool - false or the parsed float.
8874 */
8880 }
8882 $localefloat = str_replace(' ', '', $localefloat); // No spaces - those might be used as thousand separators.
8887 }
8890 }
8892 /**
8893 * Given a simple array, this shuffles it up just like shuffle()
8894 * Unlike PHP's shuffle() this function works on any machine.
8895 *
8896 * @param array $array The array to be rearranged
8897 * @return array
8898 */
8907 }
8909 }
8911 /**
8912 * Like {@link swapshuffle()}, but works on associative arrays
8913 *
8914 * @param array $array The associative array to be rearranged
8915 * @return array
8916 */
8924 }
8926 }
8928 /**
8929 * Given an arbitrary array, and a number of draws,
8930 * this function returns an array with that amount
8931 * of items. The indexes are retained.
8932 *
8933 * @todo Finish documenting this function
8934 *
8935 * @param array $array
8936 * @param int $draws
8937 * @return array
8938 */
8947 }
8959 }
8962 }
8964 /**
8965 * Calculate the difference between two microtimes
8966 *
8967 * @param string $a The first Microtime
8968 * @param string $b The second Microtime
8969 * @return string
8970 */
8975 }
8977 /**
8978 * Given a list (eg a,b,c,d,e) this function returns
8979 * an array of 1->a, 2->b, 3->c etc
8980 *
8981 * @param string $list The string to explode into array bits
8982 * @param string $separator The separator used within the list string
8983 * @return array The now assembled array
8984 */
8990 }
8992 }
8994 /**
8995 * Creates an array that represents all the current grades that
8996 * can be chosen using the given grading type.
8997 *
8998 * Negative numbers
8999 * are scales, zero is no grade, and positive numbers are maximum
9000 * grades.
9001 *
9002 * @todo Finish documenting this function or better deprecated this completely!
9003 *
9004 * @param int $gradingtype
9005 * @return array
9006 */
9014 }
9018 }
9020 }
9022 }
9024 /**
9025 * make_unique_id_code
9026 *
9027 * @todo Finish documenting this function
9028 *
9029 * @uses $_SERVER
9030 * @param string $extra Extra string to append to the end of the code
9031 * @return string
9032 */
9044 }
9054 }
9055 }
9058 /**
9059 * Function to check the passed address is within the passed subnet
9060 *
9061 * The parameter is a comma separated string of subnet definitions.
9062 * Subnet strings can be in one of three formats:
9063 * 1: xxx.xxx.xxx.xxx/nn or xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/nnn (number of bits in net mask)
9064 * 2: xxx.xxx.xxx.xxx-yyy or xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx::xxxx-yyyy (a range of IP addresses in the last group)
9065 * 3: xxx.xxx or xxx.xxx. or xxx:xxx:xxxx or xxx:xxx:xxxx. (incomplete address, a bit non-technical ;-)
9066 * Code for type 1 modified from user posted comments by mediator at
9067 * {@link http://au.php.net/manual/en/function.ip2long.php}
9068 *
9069 * @param string $addr The address you are checking
9070 * @param string $subnetstr The string of subnet addresses
9071 * @param bool $checkallzeros The state to whether check for 0.0.0.0
9072 * @return bool
9073 */
9078 }
9085 }
9094 }
9097 // 1: xxx.xxx.xxx.xxx/nn or xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/nnn.
9102 }
9106 }
9108 // IPv6.
9111 }
9114 }
9117 }
9121 }
9123 }
9131 }
9138 }
9139 }
9142 // IPv4.
9145 }
9148 }
9151 }
9155 }
9157 }
9161 }
9162 }
9165 // 2: xxx.xxx.xxx.xxx-yyy or xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx::xxxx-yyyy. A range of IP addresses in the last group.
9169 }
9172 // IPv6.
9175 }
9179 }
9186 }
9191 }
9199 }
9202 // IPv4.
9205 }
9209 }
9215 }
9219 }
9220 }
9223 // 3: xxx.xxx or xxx.xxx. or xxx:xxx:xxxx or xxx:xxx:xxxx.
9225 // IPv6.
9228 }
9235 }
9240 }
9244 }
9249 }
9252 // IPv4.
9255 }
9262 }
9267 }
9271 }
9276 }
9277 }
9278 }
9279 }
9282 }
9284 /**
9285 * For outputting debugging info
9286 *
9287 * @param string $string The string to write
9288 * @param string $eol The end of line char(s) to use
9289 * @param string $sleep Period to make the application sleep
9290 * This ensures any messages have time to display before redirect
9291 */
9300 // We must explicitly call the add_line function here.
9301 // Uses of fwrite to STDOUT are not picked up by ob_start.
9304 }
9307 }
9309 // Flush again.
9312 // Delay to keep message on user's screen in case of subsequent redirect.
9315 }
9316 }
9318 /**
9319 * Helper to {@see mtrace()} an exception or throwable, including all relevant information.
9320 *
9321 * @param Throwable $e the error to ouptput.
9322 */
9329 }
9332 }
9335 }
9337 /**
9338 * Replace 1 or more slashes or backslashes to 1 slash
9339 *
9340 * @param string $path The path to strip
9341 * @return string the path with double slashes removed
9342 */
9345 }
9347 /**
9348 * Is the current ip in a given list?
9349 *
9350 * @param string $list
9351 * @return bool
9352 */
9357 // Ensure access on cli.
9359 }
9361 }
9363 /**
9364 * Returns most reliable client address
9365 *
9366 * @param string $default If an address can't be determined, then return this
9367 * @return string The remote IP address
9368 */
9373 // This will happen, for example, before just after the upgrade, as the
9374 // user is redirected to the admin screen.
9378 }
9383 }
9384 }
9392 });
9394 // Multiple proxies can append values to this header including an
9395 // untrusted original request header so we must only trust the last ip.
9399 // Remove port and brackets from IPv6.
9402 }
9404 // Remove port from IPv4.
9408 }
9409 }
9413 }
9414 }
9420 }
9421 }
9423 /**
9424 * Cleans an ip address. Internal addresses are now allowed.
9425 * (Originally local addresses were not allowed.)
9426 *
9427 * @param string $addr IPv4 or IPv6 address
9428 * @param bool $compress use IPv6 address compression
9429 * @return string normalised ip address string, null if error
9430 */
9435 // Can be only IPv6.
9440 // Legacy ipv4 notation.
9445 }
9451 }
9455 }
9460 }
9461 // Uncompress.
9468 }
9469 }
9470 }
9475 }
9477 // Normalise 0s and case.
9485 }
9489 }
9494 }
9499 }
9504 }
9507 }
9509 // First get all things that look like IPv4 addresses.
9513 }
9519 }
9521 }
9524 }
9527 /**
9528 * Is IP address a public address?
9529 *
9530 * @param string $ip The ip to check
9531 * @return bool true if the ip is public
9532 */
9534 return (bool) filter_var($ip, FILTER_VALIDATE_IP, (FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE));
9535 }
9537 /**
9538 * This function will make a complete copy of anything it's given,
9539 * regardless of whether it's an object or not.
9540 *
9541 * @param mixed $thing Something you want cloned
9542 * @return mixed What ever it is you passed it
9543 */
9546 }
9548 /**
9549 * Used to make sure that $min <= $value <= $max
9550 *
9551 * Make sure that value is between min, and max
9552 *
9553 * @param int $min The minimum value
9554 * @param int $value The value to check
9555 * @param int $max The maximum value
9556 * @return int
9557 */
9561 }
9564 }
9566 }
9568 /**
9569 * Check if there is a nested array within the passed array
9570 *
9571 * @param array $array
9572 * @return bool true if there is a nested array false otherwise
9573 */
9578 }
9579 }
9581 }
9583 /**
9584 * get_performance_info() pairs up with init_performance_info()
9585 * loaded in setup.php. Returns an array with 'html' and 'txt'
9586 * values ready for use, and each of the individual stats provided
9587 * separately as well.
9588 *
9589 * @return array
9590 */
9599 // Attempt to avoid devs debugging peformance issues, when its caused by css building and so on.
9601 }
9602 $info['html'] .= '<ul class="list-unstyled row mx-md-0">'; // Holds userfriendly HTML representation.
9609 // GET/POST (or NULL if $_SERVER['REQUEST_METHOD'] is undefined) is useful for txt logged information.
9615 $info['html'] .= '<li class="memoryused col-sm-4">RAM: '.display_size($info['memory_total']).'</li> ';
9616 $info['txt'] .= 'memory_total: '.$info['memory_total'].'B (' . display_size($info['memory_total']).') memory_growth: '.
9618 }
9622 $info['html'] .= '<li class="memoryused col-sm-4">RAM peak: '.display_size($info['memory_peak']).'</li> ';
9623 $info['txt'] .= 'memory_peak: '.$info['memory_peak'].'B (' . display_size($info['memory_peak']).') ';
9624 }
9629 $info['html'] .= '<li class="included col-sm-4">Included '.$info['includecount'].' files</li> ';
9633 // We can not track more performance before installation or before PAGE init, sorry.
9635 }
9644 }
9645 }
9654 }
9655 }
9658 $info['html'] .= '<li class="dbqueries col-sm-4">DB reads/writes: '.$info['dbqueries'].'</li> ';
9663 $info['html'] .= '<li class="dbqueries col-sm-4">DB reads from slave: '.$info['dbreads_slave'].'</li> ';
9665 }
9668 $info['html'] .= '<li class="dbtime col-sm-4">DB queries time: '.$info['dbtime'].' secs</li> ';
9676 }
9679 $info['txt'] .= "ticks: $info[ticks] user: $info[utime] sys: $info[stime] cuser: $info[cutime] csys: $info[cstime] ";
9680 }
9681 }
9683 // Grab the load average for the last minute.
9684 // /proc will only work under some linux configurations
9685 // while uptime is there under MacOSX/Darwin and other unices.
9689 } else if ( function_exists('is_executable') && is_executable('/usr/bin/uptime') && $loadavg = `/usr/bin/uptime` ) {
9694 }
9695 }
9698 $info['html'] .= '<li class="serverload col-sm-4">Load average: '.$info['serverload'].'</li> ';
9700 }
9702 // Display size of session if session started.
9707 }
9709 // Display time waiting for session if applicable.
9714 ]);
9716 }
9724 $table->head = ['Mode', 'Cache item', 'Static', 'H', 'M', get_string('mappingprimary', 'cache'), 'H', 'M', 'S', 'I/O'];
9726 $table->align = ['left', 'left', 'left', 'right', 'right', 'left', 'right', 'right', 'right', 'right'];
9734 // We want to align static caches into their own column.
9741 }
9743 }
9752 }
9762 }
9780 }
9793 }
9804 }
9817 // The static cache is never set.
9829 }
9830 }
9833 }
9837 }
9839 }
9846 }
9850 }
9854 // Now lets also show sub totals for each cache store.
9861 }
9872 }
9873 }
9874 }
9878 $table->head = [get_string('storename', 'cache'), get_string('type_cachestore', 'plugin'), 'H', 'M', 'S', 'I/O'];
9892 }
9913 }
9916 }
9921 }
9928 }
9936 ];
9948 }
9950 // Display lock information if any.
9963 // The time we had to wait to get the lock.
9968 }
9972 // Show a tick or cross for success.
9976 // If applicable, show how long we held the lock before releasing it.
9982 }
9988 }
9992 }
9995 }
9997 $info['html'] = '<div class="performanceinfo siteinfo container-fluid px-md-0 overflow-auto pt-3">'.$info['html'].'</div>';
9999 }
10001 /**
10002 * Renames a file or directory to a unique name within the same directory.
10003 *
10004 * This function is designed to avoid any potential race conditions, and select an unused name.
10005 *
10006 * @param string $filepath Original filepath
10007 * @param string $prefix Prefix to use for the temporary name
10008 * @return string|bool New file path or false if failed
10009 * @since Moodle 3.10
10010 */
10016 // Select a new name based on a random number.
10019 // Attempt a rename to that new name.
10022 }
10024 // The first time, do some sanity checks, maybe it is failing for a good reason and there
10025 // is no point trying 100 times if so.
10028 }
10030 }
10032 }
10034 /**
10035 * Delete directory or only its content
10036 *
10037 * @param string $dir directory path
10038 * @param bool $contentonly
10039 * @return bool success, true also if dir does not exist
10040 */
10043 // Nothing to do.
10045 }
10048 // Start by renaming the directory; this will guarantee that other processes don't write to it
10049 // while it is in the process of being deleted.
10052 // If the rename was successful then delete the $tempdir instead.
10054 }
10055 // If the rename fails, we will continue through and attempt to delete the directory
10056 // without renaming it since that is likely to at least delete most of the files.
10057 }
10061 }
10069 }
10070 }
10071 }
10076 }
10080 }
10082 /**
10083 * Detect if an object or a class contains a given property
10084 * will take an actual object or the name of a class
10085 *
10086 * @param mixed $obj Name of class or real object to test
10087 * @param string $property name of property to find
10088 * @return bool true if property exists
10089 */
10095 }
10097 }
10099 /**
10100 * Converts an object into an associative array
10101 *
10102 * This function converts an object into an associative array by iterating
10103 * over its public properties. Because this function uses the foreach
10104 * construct, Iterators are respected. It works recursively on arrays of objects.
10105 * Arrays and simple values are returned as is.
10106 *
10107 * If class has magic properties, it can implement IteratorAggregate
10108 * and return all available properties in getIterator()
10109 *
10110 * @param mixed $var
10111 * @return array
10112 */
10116 // Loop over elements/properties.
10118 // Recursively convert objects.
10122 // Simple values are untouched.
10124 }
10125 }
10127 }
10129 /**
10130 * Detect a custom script replacement in the data directory that will
10131 * replace an existing moodle script
10132 *
10133 * @return string|bool full path name if a custom script exists, false if no custom script exists
10134 */
10139 // Probably some weird external script.
10141 }
10145 // Check the custom script exists.
10150 }
10151 }
10153 /**
10154 * Returns whether or not the user object is a remote MNET user. This function
10155 * is in moodlelib because it does not rely on loading any of the MNET code.
10156 *
10157 * @param object $user A valid user object
10158 * @return bool True if the user is from a remote Moodle.
10159 */
10168 }
10171 }
10173 /**
10174 * This function will search for browser prefereed languages, setting Moodle
10175 * to use the best one available if $SESSION->lang is undefined
10176 */
10181 // Lang is defined in session or user profile, nothing to do.
10183 }
10185 if (!isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { // There isn't list of browser langs, nothing to do.
10187 }
10189 // Extract and clean langs from headers.
10204 }
10205 }
10208 // Look for such langs under standard locations.
10210 // Clean it properly for include.
10213 // Lang exists, set it in session.
10215 // We have finished. Go out.
10217 }
10218 }
10220 }
10222 /**
10223 * Check if $url matches anything in proxybypass list
10224 *
10225 * Any errors just result in the proxy being used (least bad)
10226 *
10227 * @param string $url url to check
10228 * @return boolean true if we should bypass the proxy
10229 */
10233 // Sanity check.
10236 }
10238 // Get the host part out of the url.
10241 }
10243 // Get the possible bypass hosts into an array.
10246 // Check for a match.
10247 // (IPs need to match the left hand side and hosts the right of the url,
10248 // but we can recklessly check both as there can't be a false +ve).
10252 // Try for IP match (Left side).
10256 }
10258 // Try for host match (Right side).
10262 }
10263 }
10265 // Nothing matched.
10267 }
10269 /**
10270 * Check if the passed navigation is of the new style
10271 *
10272 * @param mixed $navigation
10273 * @return bool true for yes false for no
10274 */
10280 }
10281 }
10283 /**
10284 * Checks whether the given variable name is defined as a variable within the given object.
10285 *
10286 * This will NOT work with stdClass objects, which have no class variables.
10287 *
10288 * @param string $var The variable name
10289 * @param object $object The object to check
10290 * @return boolean
10291 */
10296 }
10298 /**
10299 * Returns an array without repeated objects.
10300 * This function is similar to array_unique, but for arrays that have objects as values
10301 *
10302 * @param array $array
10303 * @param bool $keepkeyassoc
10304 * @return array
10305 */
10311 // Convert objects to arrays, in_array() does not support objects.
10314 }
10320 }
10321 }
10325 }
10328 }
10330 /**
10331 * Is a userid the primary administrator?
10332 *
10333 * @param int $userid int id of user to check
10334 * @return boolean
10335 */
10343 }
10344 }
10346 /**
10347 * Returns the site identifier
10348 *
10349 * @return string $CFG->siteidentifier, first making sure it is properly initialised.
10350 */
10353 // Check to see if it is missing. If so, initialise it.
10356 }
10357 // Return it.
10359 }
10361 /**
10362 * Check whether the given password has no more than the specified
10363 * number of consecutive identical characters.
10364 *
10365 * @param string $password password to be checked against the password policy
10366 * @param integer $maxchars maximum number of consecutive identical characters
10367 * @return bool
10368 */
10373 }
10376 }
10387 }
10388 }
10391 }
10394 }
10396 /**
10397 * Helper function to do partial function binding.
10398 * so we can use it for preg_replace_callback, for example
10399 * this works with php functions, user functions, static methods and class methods
10400 * it returns you a callback that you can pass on like so:
10401 *
10402 * $callback = partial('somefunction', $arg1, $arg2);
10403 * or
10404 * $callback = partial(array('someclass', 'somestaticmethod'), $arg1, $arg2);
10405 * or even
10406 * $obj = new someclass();
10407 * $callback = partial(array($obj, 'somemethod'), $arg1, $arg2);
10408 *
10409 * and then the arguments that are passed through at calltime are appended to the argument list.
10410 *
10411 * @param mixed $function a php callback
10412 * @param mixed $arg1,... $argv arguments to partially bind with
10413 * @return array Array callback
10414 */
10417 /**
10418 * Used to manage function binding.
10419 * @copyright 2009 Penny Leach
10420 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
10421 */
10423 /** @var array */
10425 /** @var string The function to call as a callback. */
10427 /**
10428 * Constructor
10429 * @param string $func
10430 * @param array $args
10431 */
10435 }
10436 /**
10437 * Calls the callback function.
10438 * @return mixed
10439 */
10443 }
10444 }
10445 }
10450 }
10452 /**
10453 * helper function to load up and initialise the mnet environment
10454 * this must be called before you use mnet functions.
10455 *
10456 * @return mnet_environment the equivalent of old $MNET global
10457 */
10465 }
10467 }
10469 /**
10470 * during xmlrpc server code execution, any code wishing to access
10471 * information about the remote peer must use this to get it.
10472 *
10473 * @return mnet_remote_client the equivalent of old $MNETREMOTE_CLIENT global
10474 */
10479 }
10483 }
10485 }
10487 /**
10488 * during the xmlrpc server code execution, this will be called
10489 * to setup the object returned by {@link get_mnet_remote_client}
10490 *
10491 * @param mnet_remote_client $client the client to set up
10492 * @throws moodle_exception
10493 */
10497 }
10500 }
10502 /**
10503 * return the jump url for a given remote user
10504 * this is used for rewriting forum post links in emails, etc
10505 *
10506 * @param stdclass $user the user to get the idp url for
10507 */
10515 $mnetjumps[$user->mnethostid] = $idp->wwwroot . $idpjumppath . '?hostwwwroot=' . $CFG->wwwroot . '&wantsurl=';
10516 }
10518 }
10520 /**
10521 * Gets the homepage to use for the current user
10522 *
10523 * @return int One of HOMEPAGE_*
10524 */
10529 // If dashboard is disabled, home will be set to default page.
10536 }
10542 // If the user was using the dashboard but it's disabled, return the default home page.
10544 }
10546 }
10547 }
10549 }
10551 /**
10552 * Returns the default home page to display if current one is not defined or can't be applied.
10553 * The default behaviour is to return Dashboard if it's enabled or My courses page if it isn't.
10554 *
10555 * @return int The default home page.
10556 */
10561 }
10563 /**
10564 * Gets the name of a course to be displayed when showing a list of courses.
10565 * By default this is just $course->fullname but user can configure it. The
10566 * result of this function should be passed through print_string.
10567 * @param stdClass|core_course_list_element $course Moodle course object
10568 * @return string Display name of course (either fullname or short + fullname)
10569 */
10575 }
10579 }
10580 }
10582 /**
10583 * Safe analogue of unserialize() that can only parse arrays
10584 *
10585 * Arrays may contain only integers or strings as both keys and values. Nested arrays are allowed.
10586 * Note: If any string (key or value) has semicolon (;) as part of the string parsing will fail.
10587 * This is a simple method to substitute unnecessary unserialize() in code and not intended to cover all possible cases.
10588 *
10589 * @param string $expression
10590 * @return array|bool either parsed array or false if parsing was impossible.
10591 */
10594 // Find nested arrays, parse them and store in $subs , substitute with special string.
10595 while (preg_match('/([\^;\}])(a:\d+:\{[^\{\}]*\})/', $expression, $matches) && strlen($matches[2]) < strlen($expression)) {
10600 }
10602 }
10604 // Check the expression is an array.
10607 }
10608 // Get the size and elements of an array (key;value;key;value;....).
10613 }
10614 // Analyze each part and make sure it is an integer or string or a substitute.
10619 } else if (preg_match('/^s:(\d+):"(.*)"$/', $parts[$i], $matches3) && strlen($matches3[2]) == (int)$matches3[1]) {
10625 }
10626 }
10627 // Combine keys and values.
10630 }
10632 }
10634 /**
10635 * Safe method for unserializing given input that is expected to contain only a serialized instance of an stdClass object
10636 *
10637 * If any class type other than stdClass is included in the input string, it will not be instantiated and will be cast to an
10638 * stdClass object. The initial cast to array, then back to object is to ensure we are always returning the correct type,
10639 * otherwise we would return an instances of {@see __PHP_Incomplete_class} for malformed strings
10640 *
10641 * @param string $input
10642 * @return stdClass
10643 */
10647 }
10649 /**
10650 * The lang_string class
10651 *
10652 * This special class is used to create an object representation of a string request.
10653 * It is special because processing doesn't occur until the object is first used.
10654 * The class was created especially to aid performance in areas where strings were
10655 * required to be generated but were not necessarily used.
10656 * As an example the admin tree when generated uses over 1500 strings, of which
10657 * normally only 1/3 are ever actually printed at any time.
10658 * The performance advantage is achieved by not actually processing strings that
10659 * arn't being used, as such reducing the processing required for the page.
10660 *
10661 * How to use the lang_string class?
10662 * There are two methods of using the lang_string class, first through the
10663 * forth argument of the get_string function, and secondly directly.
10664 * The following are examples of both.
10665 * 1. Through get_string calls e.g.
10666 * $string = get_string($identifier, $component, $a, true);
10667 * $string = get_string('yes', 'moodle', null, true);
10668 * 2. Direct instantiation
10669 * $string = new lang_string($identifier, $component, $a, $lang);
10670 * $string = new lang_string('yes');
10671 *
10672 * How do I use a lang_string object?
10673 * The lang_string object makes use of a magic __toString method so that you
10674 * are able to use the object exactly as you would use a string in most cases.
10675 * This means you are able to collect it into a variable and then directly
10676 * echo it, or concatenate it into another string, or similar.
10677 * The other thing you can do is manually get the string by calling the
10678 * lang_strings out method e.g.
10679 * $string = new lang_string('yes');
10680 * $string->out();
10681 * Also worth noting is that the out method can take one argument, $lang which
10682 * allows the developer to change the language on the fly.
10683 *
10684 * When should I use a lang_string object?
10685 * The lang_string object is designed to be used in any situation where a
10686 * string may not be needed, but needs to be generated.
10687 * The admin tree is a good example of where lang_string objects should be
10688 * used.
10689 * A more practical example would be any class that requries strings that may
10690 * not be printed (after all classes get renderer by renderers and who knows
10691 * what they will do ;))
10692 *
10693 * When should I not use a lang_string object?
10694 * Don't use lang_strings when you are going to use a string immediately.
10695 * There is no need as it will be processed immediately and there will be no
10696 * advantage, and in fact perhaps a negative hit as a class has to be
10697 * instantiated for a lang_string object, however get_string won't require
10698 * that.
10699 *
10700 * Limitations:
10701 * 1. You cannot use a lang_string object as an array offset. Doing so will
10702 * result in PHP throwing an error. (You can use it as an object property!)
10703 *
10704 * @package core
10705 * @category string
10706 * @copyright 2011 Sam Hemelryk
10707 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
10708 */
10711 /** @var string The strings identifier */
10713 /** @var string The strings component. Default '' */
10715 /** @var array|stdClass Any arguments required for the string. Default null */
10717 /** @var string The language to use when processing the string. Default null */
10720 /** @var string The processed string (once processed) */
10723 /**
10724 * A special boolean. If set to true then the object has been woken up and
10725 * cannot be regenerated. If this is set then $this->string MUST be used.
10726 * @var bool
10727 */
10730 /**
10731 * Constructs a lang_string object
10732 *
10733 * This function should do as little processing as possible to ensure the best
10734 * performance for strings that won't be used.
10735 *
10736 * @param string $identifier The strings identifier
10737 * @param string $component The strings component
10738 * @param stdClass|array|mixed $a Any arguments the string requires
10739 * @param string $lang The language to use when processing the string.
10740 * @throws coding_exception
10741 */
10745 }
10751 // We MUST duplicate $a to ensure that it if it changes by reference those
10752 // changes are not carried across.
10753 // To do this we always ensure $a or its properties/values are strings
10754 // and that any properties/values that arn't convertable are forgotten.
10764 // Make sure conversion errors don't get displayed (results in '').
10772 }
10775 }
10776 }
10777 }
10778 }
10782 throw new coding_exception('Invalid string identifier. Most probably some illegal character is part of the string identifier. Please check your string definition');
10783 }
10786 }
10788 debugging('String does not exist. Please check your string definition for '.$this->identifier.'/'.$this->component, DEBUG_DEVELOPER);
10789 }
10790 }
10791 }
10793 /**
10794 * Processes the string.
10795 *
10796 * This function actually processes the string, stores it in the string property
10797 * and then returns it.
10798 * You will notice that this function is VERY similar to the get_string method.
10799 * That is because it is pretty much doing the same thing.
10800 * However as this function is an upgrade it isn't as tolerant to backwards
10801 * compatibility.
10802 *
10803 * @return string
10804 * @throws coding_exception
10805 */
10809 // Check if we need to process the string.
10811 // Check the quality of the identifier.
10813 throw new coding_exception('Invalid string identifier. Most probably some illegal character is part of the string identifier. Please check your string definition', DEBUG_DEVELOPER);
10814 }
10816 // Process the string.
10817 $this->string = get_string_manager()->get_string($this->identifier, $this->component, $this->a, $this->lang);
10818 // Debugging feature lets you display string identifier and component.
10819 if (isset($CFG->debugstringids) && $CFG->debugstringids && optional_param('strings', 0, PARAM_INT)) {
10821 }
10822 }
10823 // Return the string.
10825 }
10827 /**
10828 * Returns the string
10829 *
10830 * @param string $lang The langauge to use when processing the string
10831 * @return string
10832 */
10834 if ($lang !== null && $lang != $this->lang && ($this->lang == null && $lang != current_language())) {
10836 debugging('lang_string objects that have been used cannot be printed in another language. ('.$this->lang.' used)', DEBUG_DEVELOPER);
10838 }
10841 }
10843 }
10845 /**
10846 * Magic __toString method for printing a string
10847 *
10848 * @return string
10849 */
10852 }
10854 /**
10855 * Magic __set_state method used for var_export
10856 *
10857 * @param array $array
10858 * @return self
10859 */
10861 $tmp = new lang_string($array['identifier'], $array['component'], $array['a'], $array['lang']);
10865 }
10867 /**
10868 * Prepares the lang_string for sleep and stores only the forcedstring and
10869 * string properties... the string cannot be regenerated so we need to ensure
10870 * it is generated for this.
10871 *
10872 * @return string
10873 */
10878 }
10880 /**
10881 * Returns the identifier.
10882 *
10883 * @return string
10884 */
10887 }
10889 /**
10890 * Returns the component.
10891 *
10892 * @return string
10893 */
10896 }
10897 }
10899 /**
10900 * Get human readable name describing the given callable.
10901 *
10902 * This performs syntax check only to see if the given param looks like a valid function, method or closure.
10903 * It does not check if the callable actually exists.
10904 *
10905 * @param callable|string|array $callable
10906 * @return string|bool Human readable name of callable, or false if not a valid callable.
10907 */
10915 }
10916 }
10918 /**
10919 * Tries to guess if $CFG->wwwroot is publicly accessible or not.
10920 * Never put your faith on this function and rely on its accuracy as there might be false positives.
10921 * It just performs some simple checks, and mainly is used for places where we want to hide some options
10922 * such as site registration when $CFG->wwwroot is not publicly accessible.
10923 * Good thing is there is no false negative.
10924 * Note that it's possible to force the result of this check by specifying $CFG->site_is_public in config.php
10925 *
10926 * @return bool
10927 */
10931 // Return early if site admin has forced this setting.
10934 }
10946 }
10949 }