| blob | cac07859b17c6faf842919e3e14bf9a3223c46d7 |
3 ///////////////////////////////////////////////////////////////////////////
4 // //
5 // NOTICE OF COPYRIGHT //
6 // //
7 // Moodle - Modular Object-Oriented Dynamic Learning Environment //
8 // http://moodle.org //
9 // //
10 // Copyright (C) 1999 onwards Martin Dougiamas http://dougiamas.com //
11 // //
12 // This program is free software; you can redistribute it and/or modify //
13 // it under the terms of the GNU General Public License as published by //
14 // the Free Software Foundation; either version 2 of the License, or //
15 // (at your option) any later version. //
16 // //
17 // This program is distributed in the hope that it will be useful, //
18 // but WITHOUT ANY WARRANTY; without even the implied warranty of //
19 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
20 // GNU General Public License for more details: //
21 // //
22 // http://www.gnu.org/copyleft/gpl.html //
23 // //
24 ///////////////////////////////////////////////////////////////////////////
26 /**
27 * moodlelib.php - Moodle main library
28 *
29 * Main library file of miscellaneous general-purpose Moodle functions.
30 * Other main libraries:
31 * - weblib.php - functions that produce web output
32 * - datalib.php - functions that access the database
33 * @author Martin Dougiamas
34 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
35 * @package moodlecore
36 */
38 /// CONSTANTS (Encased in phpdoc proper comments)/////////////////////////
40 /**
41 * Used by some scripts to check they are being called by Moodle
42 */
45 /// Date and time constants ///
46 /**
47 * Time constant - the number of seconds in a year
48 */
52 /**
53 * Time constant - the number of seconds in a week
54 */
57 /**
58 * Time constant - the number of seconds in a day
59 */
62 /**
63 * Time constant - the number of seconds in an hour
64 */
67 /**
68 * Time constant - the number of seconds in a minute
69 */
72 /**
73 * Time constant - the number of minutes in a day
74 */
77 /**
78 * Time constant - the number of minutes in an hour
79 */
82 /// Parameter constants - every call to optional_param(), required_param() ///
83 /// or clean_param() should have a specified type of parameter. //////////////
85 /**
86 * PARAM_RAW specifies a parameter that is not cleaned/processed in any way;
87 * originally was 0, but changed because we need to detect unknown
88 * parameter types and swiched order in clean_param().
89 */
92 /**
93 * PARAM_CLEAN - obsoleted, please try to use more specific type of parameter.
94 * It was one of the first types, that is why it is abused so much ;-)
95 */
98 /**
99 * PARAM_INT - integers only, use when expecting only numbers.
100 */
103 /**
104 * PARAM_INTEGER - an alias for PARAM_INT
105 */
108 /**
109 * PARAM_NUMBER - a real/floating point number.
110 */
113 /**
114 * PARAM_ALPHA - contains only english letters.
115 */
118 /**
119 * PARAM_ACTION - an alias for PARAM_ALPHA, use for various actions in formas and urls
120 * @TODO: should we alias it to PARAM_ALPHANUM ?
121 */
124 /**
125 * PARAM_FORMAT - an alias for PARAM_ALPHA, use for names of plugins, formats, etc.
126 * @TODO: should we alias it to PARAM_ALPHANUM ?
127 */
130 /**
131 * PARAM_NOTAGS - all html tags are stripped from the text. Do not abuse this type.
132 */
135 /**
136 * PARAM_MULTILANG - alias of PARAM_TEXT.
137 */
140 /**
141 * PARAM_TEXT - general plain text compatible with multilang filter, no other html tags.
142 */
145 /**
146 * PARAM_FILE - safe file name, all dangerous chars are stripped, protects against XSS, SQL injections and directory traversals
147 */
150 /**
151 * PARAM_TAG - one tag (interests, blogs, etc.) - mostly international alphanumeric with spaces
152 */
155 /**
156 * PARAM_TAGLIST - list of tags separated by commas (interests, blogs, etc.)
157 */
160 /**
161 * PARAM_PATH - safe relative path name, all dangerous chars are stripped, protects against XSS, SQL injections and directory traversals
162 * note: the leading slash is not removed, window drive letter is not allowed
163 */
166 /**
167 * PARAM_HOST - expected fully qualified domain name (FQDN) or an IPv4 dotted quad (IP address)
168 */
171 /**
172 * PARAM_URL - expected properly formatted URL. Please note that domain part is required, http://localhost/ is not acceppted but http://localhost.localdomain/ is ok.
173 */
176 /**
177 * PARAM_LOCALURL - expected properly formatted URL as well as one that refers to the local server itself. (NOT orthogonal to the others! Implies PARAM_URL!)
178 */
181 /**
182 * PARAM_CLEANFILE - safe file name, all dangerous and regional chars are removed,
183 * use when you want to store a new file submitted by students
184 */
187 /**
188 * PARAM_ALPHANUM - expected numbers and letters only.
189 */
192 /**
193 * PARAM_BOOL - converts input into 0 or 1, use for switches in forms and urls.
194 */
197 /**
198 * PARAM_CLEANHTML - cleans submitted HTML code and removes slashes
199 * note: do not forget to addslashes() before storing into database!
200 */
203 /**
204 * PARAM_ALPHAEXT the same contents as PARAM_ALPHA plus the chars in quotes: "/-_" allowed,
205 * suitable for include() and require()
206 * @TODO: should we rename this function to PARAM_SAFEDIRS??
207 */
210 /**
211 * PARAM_SAFEDIR - safe directory name, suitable for include() and require()
212 */
215 /**
216 * PARAM_SEQUENCE - expects a sequence of numbers like 8 to 1,5,6,4,6,8,9. Numbers and comma only.
217 */
220 /**
221 * PARAM_PEM - Privacy Enhanced Mail format
222 */
225 /**
226 * PARAM_BASE64 - Base 64 encoded format
227 */
231 /// Page types ///
232 /**
233 * PAGE_COURSE_VIEW is a definition of a page type. For more information on the page class see moodle/lib/pagelib.php.
234 */
237 /// Debug levels ///
238 /** no warnings at all */
240 /** E_ERROR | E_PARSE */
242 /** E_ERROR | E_PARSE | E_WARNING | E_NOTICE */
244 /** E_ALL without E_STRICT for now, do show recoverable fatal errors */
246 /** DEBUG_ALL with extra Moodle debug messages - (DEBUG_ALL | 32768) */
249 /**
250 * Blog access level constant declaration
251 */
258 /**
259 * Tag constanst
260 */
261 //To prevent problems with multibytes strings, this should not exceed the
262 //length of "varchar(255) / 3 (bytes / utf-8 character) = 85".
265 /**
266 * Password policy constants
267 */
275 }
278 /// PARAMETER HANDLING ////////////////////////////////////////////////////
280 /**
281 * Returns a particular value for the named variable, taken from
282 * POST or GET. If the parameter doesn't exist then an error is
283 * thrown because we require this variable.
284 *
285 * This function should be used to initialise all required values
286 * in a script that are based on parameters. Usually it will be
287 * used like this:
288 * $id = required_param('id');
289 *
290 * @param string $parname the name of the page parameter we want
291 * @param int $type expected type of parameter
292 * @return mixed
293 */
296 // detect_unchecked_vars addition
301 }
309 }
312 }
314 /**
315 * Returns a particular value for the named variable, taken from
316 * POST or GET, otherwise returning a given default.
317 *
318 * This function should be used to initialise all optional values
319 * in a script that are based on parameters. Usually it will be
320 * used like this:
321 * $name = optional_param('name', 'Fred');
322 *
323 * @param string $parname the name of the page parameter we want
324 * @param mixed $default the default value to return if nothing is found
325 * @param int $type expected type of parameter
326 * @return mixed
327 */
330 // detect_unchecked_vars addition
335 }
343 }
346 }
348 /**
349 * Used by {@link optional_param()} and {@link required_param()} to
350 * clean the variables and/or cast to specific types, based on
351 * an options field.
352 * <code>
353 * $course->format = clean_param($course->format, PARAM_ALPHA);
354 * $selectedgrade_item = clean_param($selectedgrade_item, PARAM_CLEAN);
355 * </code>
356 *
357 * @uses $CFG
358 * @uses PARAM_RAW
359 * @uses PARAM_CLEAN
360 * @uses PARAM_CLEANHTML
361 * @uses PARAM_INT
362 * @uses PARAM_NUMBER
363 * @uses PARAM_ALPHA
364 * @uses PARAM_ALPHANUM
365 * @uses PARAM_ALPHAEXT
366 * @uses PARAM_SEQUENCE
367 * @uses PARAM_BOOL
368 * @uses PARAM_NOTAGS
369 * @uses PARAM_TEXT
370 * @uses PARAM_SAFEDIR
371 * @uses PARAM_CLEANFILE
372 * @uses PARAM_FILE
373 * @uses PARAM_PATH
374 * @uses PARAM_HOST
375 * @uses PARAM_URL
376 * @uses PARAM_LOCALURL
377 * @uses PARAM_PEM
378 * @uses PARAM_BASE64
379 * @uses PARAM_TAG
380 * @uses PARAM_SEQUENCE
381 * @param mixed $param the variable we are cleaning
382 * @param int $type expected format of param after cleaning.
383 * @return mixed
384 */
393 }
395 }
404 }
440 }
460 }
472 // match ipv4 dotted quad
474 // confirm values are ok
479 // hmmm, what kind of dotted quad is this?
481 }
485 ) {
486 // all is ok - $param is respected
488 // all is not ok...
490 }
496 // all is ok, param is respected
499 }
506 // root-relative, ok!
508 // absolute, and matches our wwwroot
510 // relative - let's make sure there are no tricks
512 // looks ok.
515 }
516 }
517 }
522 // PEM formatted strings may contain letters/numbers and the symbols
523 // forward slash: /
524 // plus sign: +
525 // equal sign: =
526 // , surrounded by BEGIN and END CERTIFICATE prefix and suffixes
527 if (preg_match('/^-----BEGIN CERTIFICATE-----([\s\w\/\+=]+)-----END CERTIFICATE-----$/', trim($param), $matches)) {
535 }
536 }
541 // PEM formatted strings may contain letters/numbers and the symbols
542 // forward slash: /
543 // plus sign: +
544 // equal sign: =
547 }
549 // Each line of base64 encoded data must be 64 characters in
550 // length, except for the last line which may be less than (or
551 // equal to) 64 characters long.
556 }
558 }
562 }
563 }
567 }
570 // Please note it is not safe to use the tag name directly anywhere,
571 // it must be processed with s(), urlencode() before embedding anywhere.
572 // remove some nasties
574 //as long as magic_quotes_gpc is used, a backslash will be a
575 //problem, so remove *all* backslash - BUT watch out for SQL injections caused by this sloppy design (skodak)
577 //convert many whitespace chars into one
590 }
591 }
596 }
600 }
601 }
603 /**
604 * Return true if given value is integer or string with integer value
605 *
606 * @param mixed $value String or Int
607 * @return bool true if number, false if not
608 */
616 }
617 }
619 /**
620 * This function is useful for testing whether something you got back from
621 * the HTML editor actually contains anything. Sometimes the HTML editor
622 * appear to be empty, but actually you get back a <br> tag or something.
623 *
624 * @param string $string a string containing HTML.
625 * @return boolean does the string contain any actual content - that is text,
626 * images, objcts, etc.
627 */
630 }
632 /**
633 * Set a key in global configuration
634 *
635 * Set a key/value pair in both this session's {@link $CFG} global variable
636 * and in the 'config' database table for future sessions.
637 *
638 * Can also be used to update keys for plugin-scoped configs in config_plugin table.
639 * In that case it doesn't affect $CFG.
640 *
641 * A NULL value will delete the entry.
642 *
643 * @param string $name the key to set
644 * @param string $value the value to set (without magic quotes)
645 * @param string $plugin (optional) the plugin scope
646 * @uses $CFG
647 * @return bool
648 */
650 /// No need for get_config because they are usually always available in $CFG
656 // So it's defined for this invocation at least
661 }
662 }
669 }
673 }
678 }
685 }
689 }
695 }
696 }
697 }
699 /**
700 * Get configuration values from the global config table
701 * or the config_plugins table.
702 *
703 * If called with no parameters it will do the right thing
704 * generating $CFG safely from the database without overwriting
705 * existing values.
706 *
707 * If called with 2 parameters it will return a $string single
708 * value or false of the value is not found.
709 *
710 * @param string $plugin
711 * @param string $name
712 * @uses $CFG
713 * @return hash-like object or single value
714 *
715 */
725 }
726 }
728 // the user is after a recordset
735 }
739 }
741 // this was originally in setup.php
747 }
748 // do not complain anymore if config.php overrides settings from db
749 }
754 // preserve $CFG if DB returns nothing or error
756 }
758 }
759 }
761 /**
762 * Removes a key from global configuration
763 *
764 * @param string $name the key to set
765 * @param string $plugin (optional) the plugin scope
766 * @uses $CFG
767 * @return bool
768 */
779 }
780 }
782 /**
783 * Get volatile flags
784 *
785 * @param string $type
786 * @param int $changedsince
787 * @return records array
788 *
789 */
798 }
803 }
804 }
806 }
808 /**
809 * Use this funciton to get a list of users from a config setting of type admin_setting_users_with_capability.
810 * @param string $value the value of the config setting.
811 * @param string $capability the capability - must match the one passed to the admin_setting_users_with_capability constructor.
812 * @return array of user objects.
813 */
820 $users = get_records_select('user', "username IN ('" . implode("','", $usernames) . "') AND mnethostid = " . $CFG->mnet_localhost_id);
823 }
825 }
827 /**
828 * Get volatile flags
829 *
830 * @param string $type
831 * @param string $name
832 * @param int $changedsince
833 * @return records array
834 *
835 */
845 }
847 }
849 /**
850 * Set a volatile flag
851 *
852 * @param string $type the "type" namespace for the key
853 * @param string $name the key to set
854 * @param string $value the value to set (without magic quotes) - NULL will remove the flag
855 * @param int $expiry (optional) epoch indicating expiry - defaults to now()+ 24hs
856 * @return bool
857 */
866 }
870 }
874 if ($f = get_record('cache_flags', 'name', $name, 'flagtype', $type)) { // this is a potentail problem in DEBUG_DEVELOPER
877 }
890 }
891 }
893 /**
894 * Removes a single volatile flag
895 *
896 * @param string $type the "type" namespace for the key
897 * @param string $name the key to set
898 * @uses $CFG
899 * @return bool
900 */
906 }
908 /**
909 * Garbage-collect volatile flags
910 *
911 */
914 }
916 /**
917 * Refresh current $USER session global variable with all their current preferences.
918 * @uses $USER
919 */
924 //reset preference
928 // no permanent storage for not-logged-in user and guest
933 }
934 }
937 }
939 /**
940 * Sets a preference for the current user
941 * Optionally, can set a preference for a different user object
942 * @uses $USER
943 * @todo Add a better description and include usage examples. Add inline links to $USER and user functions in above line.
945 * @param string $name The key to set as preference for the specified user
946 * @param string $value The value to set forthe $name key in the specified user's record
947 * @param int $otheruserid A moodle user ID
948 * @return bool
949 */
956 }
960 }
967 }
972 }
974 }
978 // no permanent storage for not-logged-in user and guest
980 } else if ($preference = get_record('user_preferences', 'userid', $userid, 'name', addslashes($name))) {
983 }
984 if (!set_field('user_preferences', 'value', addslashes((string)$value), 'id', $preference->id)) {
986 }
995 }
996 }
998 // update value in USER session if needed
1001 }
1004 }
1006 /**
1007 * Unsets a preference completely by deleting it from the database
1008 * Optionally, can set a preference for a different user id
1009 * @uses $USER
1010 * @param string $name The key to unset as preference for the specified user
1011 * @param int $otheruserid A moodle user ID
1012 */
1019 }
1025 }
1027 //Delete the preference from $USER if needed
1030 }
1032 //Then from DB
1034 }
1037 /**
1038 * Sets a whole array of preferences for the current user
1039 * @param array $prefarray An array of key/value pairs to be set
1040 * @param int $otheruserid A moodle user ID
1041 * @return bool
1042 */
1047 }
1051 // The order is important; test for return is done first
1053 }
1055 }
1057 /**
1058 * If no arguments are supplied this function will return
1059 * all of the current user preferences as an array.
1060 * If a name is specified then this function
1061 * attempts to return that particular preference value. If
1062 * none is found, then the optional value $default is returned,
1063 * otherwise NULL.
1064 * @param string $name Name of the key to use in finding a preference value
1065 * @param string $default Value to be returned if the $name key is not set in the user preferences
1066 * @param int $otheruserid A moodle user ID
1067 * @uses $USER
1068 * @return string
1069 */
1075 }
1081 }
1091 }
1092 }
1093 }
1103 }
1104 }
1107 /// FUNCTIONS FOR HANDLING TIME ////////////////////////////////////////////
1109 /**
1110 * Given date parts in user time produce a GMT timestamp.
1111 *
1112 * @param int $year The year part to create timestamp of
1113 * @param int $month The month part to create timestamp of
1114 * @param int $day The day part to create timestamp of
1115 * @param int $hour The hour part to create timestamp of
1116 * @param int $minute The minute part to create timestamp of
1117 * @param int $second The second part to create timestamp of
1118 * @param mixed $timezone Timezone modifier, if 99 then use default user's timezone
1119 * @param bool $applydst Toggle Daylight Saving Time, default true, will be
1120 * applied only if timezone is 99 or string.
1121 * @return int timestamp
1122 * @todo Finish documenting this function
1123 */
1124 function make_timestamp($year, $month=1, $day=1, $hour=0, $minute=0, $second=0, $timezone=99, $applydst=true) {
1126 //save input timezone, required for dst offset check.
1137 //Apply dst for string timezones or if 99 then try dst offset with user's default timezone
1140 }
1141 }
1145 }
1147 /**
1148 * Given an amount of time in seconds, returns string
1149 * formatted nicely as weeks, days, hours etc as needed
1150 *
1151 * @uses MINSECS
1152 * @uses HOURSECS
1153 * @uses DAYSECS
1154 * @uses YEARSECS
1155 * @param int $totalsecs ?
1156 * @param array $str ?
1157 * @return string
1158 */
1174 }
1210 }
1212 /**
1213 * Returns a formatted string that represents a date in user time
1214 * <b>WARNING: note that the format is for strftime(), not date().</b>
1215 * Because of a bug in most Windows time libraries, we can't use
1216 * the nicer %e, so we have to use %d which has leading zeroes.
1217 * A lot of the fuss in the function is just getting rid of these leading
1218 * zeroes as efficiently as possible.
1219 *
1220 * If parameter fixday = true (default), then take off leading
1221 * zero from %d, else mantain it.
1222 *
1223 * @uses HOURSECS
1224 * @param int $date timestamp in GMT
1225 * @param string $format strftime format
1226 * @param mixed $timezone by default, uses the user's time zone. if numeric and
1227 * not 99 then daylight saving will not be added.
1228 * @param bool $fixday If true (default) then the leading
1229 * zero from %d is removed. If false then the leading zero is mantained.
1230 * @return string
1231 */
1238 }
1245 }
1247 //add daylight saving offset for string timezones only, as we can't get dst for
1248 //float values. if timezone is 99 (user default timezone), then try update dst.
1251 }
1262 }
1271 }
1272 }
1274 /// If we are running under Windows convert from windows encoding to UTF-8
1275 /// (because it's impossible to specify UTF-8 to fetch locale info in Win32)
1281 }
1282 }
1285 }
1287 /**
1288 * Given a $time timestamp in GMT (seconds since epoch),
1289 * returns an array that represents the date in user time
1290 *
1291 * @uses HOURSECS
1292 * @param int $time Timestamp in GMT
1293 * @param mixed $timezone offset time with timezone, if float and not 99, then no
1294 * dst offset is applyed
1295 * @return array An array that represents the date in user time
1296 * @todo Finish documenting this function
1297 */
1300 //save input timezone, required for dst offset check.
1307 }
1309 //add daylight saving offset for string timezones only, as we can't get dst for
1310 //float values. if timezone is 99 (user default timezone), then try update dst.
1313 }
1319 //be careful to ensure the returned array matches that produced by getdate() above
1334 }
1336 /**
1337 * Given a GMT timestamp (seconds since epoch), offsets it by
1338 * the timezone. eg 3pm in India is 3pm GMT - 7 * 3600 seconds
1339 *
1340 * @uses HOURSECS
1341 * @param int $date Timestamp in GMT
1342 * @param float $timezone
1343 * @return int
1344 */
1351 }
1353 }
1355 /**
1356 * Given a time, return the GMT timestamp of the most recent midnight
1357 * for the current user.
1358 *
1359 * @param int $date Timestamp in GMT
1360 * @param float $timezone ?
1361 * @return ?
1362 */
1367 // Time of midnight of this user's day, in GMT
1368 return make_timestamp($userdate['year'], $userdate['mon'], $userdate['mday'], 0, 0, 0, $timezone);
1370 }
1372 /**
1373 * Returns a string that prints the user's timezone
1374 *
1375 * @param float $timezone The user's timezone
1376 * @return string
1377 */
1384 }
1388 }
1391 // Don't show .0 for whole hours
1393 }
1397 }
1400 }
1403 }
1405 }
1407 /**
1408 * Returns a float which represents the user's timezone difference from GMT in hours
1409 * Checks various settings and picks the most dominant of those which have a value
1410 *
1411 * @uses $CFG
1412 * @uses $USER
1413 * @param float $tz If this value is provided and not equal to 99, it will be returned as is and no other settings will be checked
1414 * @return int
1415 */
1428 }
1430 }
1431 }
1433 /**
1434 * Returns an int which represents the systems's timezone difference from GMT in seconds
1435 * @param mixed $tz timezone
1436 * @return int if found, false is timezone 99 or error
1437 */
1443 }
1447 }
1451 }
1453 }
1455 /**
1456 * Returns a float or a string which denotes the user's timezone
1457 * A float value means that a simple offset from GMT is used, while a string (it will be the name of a timezone in the database)
1458 * means that for this timezone there are also DST rules to be taken into account
1459 * Checks various settings and picks the most dominant of those which have a value
1460 *
1461 * @uses $USER
1462 * @uses $CFG
1463 * @param mixed $tz If this value is provided and not equal to 99, it will be returned as is and no other settings will be checked
1464 * @return mixed
1465 */
1474 );
1480 }
1483 }
1485 /**
1486 * ?
1487 *
1488 * @uses $CFG
1489 * @uses $db
1490 * @param string $timezonename ?
1491 * @return object
1492 */
1499 }
1503 }
1507 }
1509 /**
1510 * ?
1511 *
1512 * @uses $CFG
1513 * @uses $USER
1514 * @param ? $fromyear ?
1515 * @param ? $to_year ?
1516 * @return bool
1517 */
1524 // Trivial timezone, no DST
1526 }
1529 // We have precalculated values, but the user's effective TZ has changed in the meantime, so reset
1532 }
1535 // Repeat calls which do not request specific year ranges stop here, we have already calculated the table
1536 // This will be the return path most of the time, pretty light computationally
1538 }
1540 // Reaching here means we either need to extend our table or create it from scratch
1542 // Remember which TZ we calculated these changes for
1546 // If we 're creating from scratch, put the two guard elements in there
1548 }
1550 // If creating from scratch
1554 // Fill in the array with the extra years we need to process
1558 }
1560 // Take note of which years we have processed for future calls
1562 }
1564 // If needing to extend the table, do the same
1571 // Take note of which years we need to process and then note that we have processed them for future calls
1574 }
1576 }
1578 // Take note of which years we need to process and then note that we have processed them for future calls
1581 }
1583 }
1584 }
1587 // This means that there was a call requesting a SMALLER range than we have already calculated
1589 }
1591 // From now on, we know that the array has at least the two guard elements, and $yearstoprocess has the years we need
1592 // Also, the array is sorted in descending timestamp order!
1594 // Get DB data
1598 $presets_cache[$usertz] = get_records('timezone', 'name', $usertz, 'year DESC', 'year, gmtoff, dstoff, dst_month, dst_startday, dst_weekday, dst_skipweeks, dst_time, std_month, std_startday, std_weekday, std_skipweeks, std_time');
1599 }
1602 }
1604 // Remove ending guard (first element of the array)
1608 // Add all required change timestamps
1610 // Find the record which is in effect for the year $y
1614 }
1615 }
1621 }
1624 }
1627 }
1628 }
1630 // Put in a guard element at the top
1632 $SESSION->dst_offsets[($maxtimestamp + DAYSECS)] = NULL; // DAYSECS is arbitrary, any "small" number will do
1634 // Sort again
1638 }
1642 if($timezone->dst_startday == 0 && $timezone->dst_weekday == 0 && $timezone->std_startday == 0 && $timezone->std_weekday == 0) {
1644 }
1646 $monthdaydst = find_day_in_month($timezone->dst_startday, $timezone->dst_weekday, $timezone->dst_month, $year);
1647 $monthdaystd = find_day_in_month($timezone->std_startday, $timezone->std_weekday, $timezone->std_month, $year);
1655 // Instead of putting hour and minute in make_timestamp(), we add them afterwards.
1656 // This has the advantage of being able to have negative values for hour, i.e. for timezones
1657 // where GMT time would be in the PREVIOUS day than the local one on which DST changes.
1663 }
1665 // $time must NOT be compensated at all, it has to be a pure timestamp
1671 }
1677 }
1678 }
1680 // This is the normal return path
1683 }
1685 // Reaching this point means we haven't calculated far enough, do it now:
1686 // Calculate extra DST changes if needed and recurse. The recursion always
1687 // moves toward the stopping condition, so will always end.
1690 // We need a year smaller than $SESSION->dst_range[0]
1693 }
1696 }
1698 // We need a year larger than $SESSION->dst_range[1]
1701 }
1704 }
1705 }
1712 // Don't care about weekday, so return:
1713 // abs($startday) if $startday != -1
1714 // $daysinmonth otherwise
1716 }
1718 // From now on we 're looking for a specific weekday
1720 // Give "end of month" its actual value, since we know it
1723 }
1725 // Starting from day $startday, the sign is the direction
1732 // This is the last such weekday of the month
1736 }
1738 // Find the first such weekday <= $startday
1741 }
1745 }
1753 }
1755 // This is the first such weekday of the month equal to or after $startday
1760 }
1761 }
1763 /**
1764 * Calculate the number of days in a given month
1765 *
1766 * @param int $month The month whose day count is sought
1767 * @param int $year The year of the month whose day count is sought
1768 * @return int
1769 */
1772 }
1774 /**
1775 * Calculate the position in the week of a specific calendar day
1776 *
1777 * @param int $day The day of the date whose position in the week is sought
1778 * @param int $month The month of the date whose position in the week is sought
1779 * @param int $year The year of the date whose position in the week is sought
1780 * @return int
1781 */
1783 // I wonder if this is any different from
1784 // strftime('%w', mktime(12, 0, 0, $month, $daysinmonth, $year, 0));
1786 }
1788 /// USER AUTHENTICATION AND LOGIN ////////////////////////////////////////
1790 /**
1791 * Makes sure that $USER->sesskey exists, if $USER itself exists. It sets a new sesskey
1792 * if one does not already exist, but does not overwrite existing sesskeys. Returns the
1793 * sesskey string if $USER exists, or boolean false if not.
1794 *
1795 * @uses $USER
1796 * @return string
1797 */
1803 }
1807 }
1810 }
1813 /**
1814 * For security purposes, this function will check that the currently
1815 * given sesskey (passed as a parameter to the script or this function)
1816 * matches that of the current user.
1817 *
1818 * @param string $sesskey optionally provided sesskey
1819 * @return bool
1820 */
1826 }
1830 }
1834 }
1837 }
1839 /**
1840 * Check the session key using {@link confirm_sesskey()},
1841 * and cause a fatal error if it does not match.
1842 */
1846 }
1847 }
1849 /**
1850 * Setup all global $CFG course variables, set locale and also themes
1851 * This function can be used on pages that do not require login instead of require_login()
1852 *
1853 * @param mixed $courseorid id of the course or course object
1854 */
1858 /// Redefine global $COURSE if needed
1860 // no change in global $COURSE - for backwards compatibiltiy
1861 // if require_rogin() used after require_login($courseid);
1873 }
1874 }
1875 }
1877 /// set locale and themes
1881 }
1883 /**
1884 * This function checks that the current user is logged in and has the
1885 * required privileges
1886 *
1887 * This function checks that the current user is logged in, and optionally
1888 * whether they are allowed to be in a particular course and view a particular
1889 * course module.
1890 * If they are not logged in, then it redirects them to the site login unless
1891 * $autologinguest is set and {@link $CFG}->autologinguests is set to 1 in which
1892 * case they are automatically logged in as guests.
1893 * If $courseid is given and the user is not enrolled in that course then the
1894 * user is redirected to the course enrolment page.
1895 * If $cm is given and the coursemodule is hidden and the user is not a teacher
1896 * in the course then the user is redirected to the course home page.
1897 *
1898 * @uses $CFG
1899 * @uses $SESSION
1900 * @uses $USER
1901 * @uses $FULLME
1902 * @uses SITEID
1903 * @uses $COURSE
1904 * @param mixed $courseorid id of the course or course object
1905 * @param bool $autologinguest
1906 * @param object $cm course module object
1907 * @param bool $setwantsurltome Define if we want to set $SESSION->wantsurl, defaults to
1908 * true. Used to avoid (=false) some scripts (file.php...) to set that variable,
1909 * in order to keep redirects working properly. MDL-14495
1910 */
1915 /// setup global $COURSE, themes, language and locale
1918 /// If the user is not even logged in yet then make sure they are
1920 //NOTE: $USER->site check was obsoleted by session test cookie,
1921 // $USER->confirmed test is in login/index.php
1924 }
1927 }
1928 if ($autologinguest and !empty($CFG->guestloginbutton) and !empty($CFG->autologinguests) and ($COURSE->id == SITEID or $COURSE->guest) ) {
1932 }
1938 }
1940 }
1942 /// loginas as redirection if needed
1946 print_error('loginasonecourse', '', $CFG->wwwroot.'/course/view.php?id='.$USER->loginascontext->instanceid);
1947 }
1948 }
1949 }
1951 /// check whether the user should be changing password (but only if it is REALLY them)
1957 //use plugin custom url
1960 //use moodle internal method
1966 }
1967 }
1970 }
1971 }
1973 /// Check that the user account is properly set up
1977 }
1979 /// Make sure current IP matches the one for this session (if required)
1983 }
1984 }
1986 /// Make sure the USER has a sesskey set up. Used for checking script parameters.
1989 // Check that the user has agreed to a site policy if there is one
1994 }
1995 }
1997 // Fetch the system context, we are going to use it a lot.
2000 /// If the site is currently under maintenance, then print a message
2005 }
2006 }
2008 /// groupmembersonly access control
2009 if (!empty($CFG->enablegroupings) and $cm and $cm->groupmembersonly and !has_capability('moodle/site:accessallgroups', get_context_instance(CONTEXT_MODULE, $cm->id))) {
2011 print_error('groupmembersonlyerror', 'group', $CFG->wwwroot.'/course/view.php?id='.$cm->course);
2012 }
2013 }
2015 // Fetch the course context, and prefetch its child contexts
2019 }
2020 }
2024 }
2025 }
2027 /// Eliminate hidden site activities straight away
2031 }
2037 /// Check if the user can be in a particular course
2039 //
2040 // MDL-13900 - If the course or the parent category are hidden
2041 // and the user hasn't the 'course:viewhiddencourses' capability, prevent access
2042 //
2047 }
2048 }
2050 /// Non-guests who don't currently have access, check if they can be allowed in as a guest
2054 // Temporarily assign them guest role for this context, if it fails later user is asked to enrol
2056 }
2057 }
2059 /// If the user is a guest then treat them according to the course policy about guests
2063 // administrators must be able to access any course - even if somebody gives them guest access
2066 }
2073 notice(get_string('guestsnotallowed', '', format_string($COURSE->fullname)), "$CFG->wwwroot/login/index.php");
2074 }
2078 }
2089 }
2090 // otherwise drop through to logic below (--> enrol.php)
2096 build_navigation(array(array('name' => $strloggedinasguest, 'link' => null, 'type' => 'misc'))));
2101 }
2108 }
2110 }
2112 /// For non-guests, check if they have course view access
2119 }
2120 }
2122 /// Make sure they can read this activity too, if specified
2124 if (!empty($cm) && !$cm->visible && !has_capability('moodle/course:viewhiddenactivities', $cm->context)) {
2125 redirect($CFG->wwwroot.'/course/view.php?id='.$cm->course, get_string('activityiscurrentlyhidden'));
2126 }
2130 }
2133 /// Currently not enrolled in the course, so see if they want to enrol
2137 }
2138 }
2142 /**
2143 * This function just makes sure a user is logged out.
2144 *
2145 * @uses $CFG
2146 * @uses $USER
2147 */
2153 add_to_log(SITEID, "user", "logout", "view.php?id=$USER->id&course=".SITEID, $USER->id, 0, $USER->id);
2159 }
2160 }
2163 // This method is just to try to avoid silly warnings from PHP 4.3.0
2166 }
2168 // Initialize variable to pass-by-reference to headers_sent(&$file, &$line)
2175 setcookie('MoodleSessionTest'.$CFG->sessioncookie, '', time() - 3600, $CFG->sessioncookiepath, $CFG->sessioncookiedomain, $CFG->cookiesecure, $CFG->cookiehttponly);
2177 setcookie('MoodleSessionTest'.$CFG->sessioncookie, '', time() - 3600, $CFG->sessioncookiepath, $CFG->sessioncookiedomain, $CFG->cookiesecure);
2178 }
2179 }
2187 }
2189 /**
2190 * This is a weaker version of {@link require_login()} which only requires login
2191 * when called from within a course rather than the site page, unless
2192 * the forcelogin option is turned on.
2193 *
2194 * @uses $CFG
2195 * @param mixed $courseorid The course object or id in question
2196 * @param bool $autologinguest Allow autologin guests if that is wanted
2197 * @param object $cm Course activity module if known
2198 * @param bool $setwantsurltome Define if we want to set $SESSION->wantsurl, defaults to
2199 * true. Used to avoid (=false) some scripts (file.php...) to set that variable,
2200 * in order to keep redirects working properly. MDL-14495
2201 */
2202 function require_course_login($courseorid, $autologinguest=true, $cm=null, $setwantsurltome=true) {
2205 // login required for both SITE and courses
2209 // always login for hidden activities
2214 //login for SITE not required
2216 // hidden activities are not accessible without login
2219 // not-logged-in users do not have any group membership
2224 }
2227 // course login always required
2229 }
2230 }
2232 /**
2233 * Require key login. Function terminates with error if key not found or incorrect.
2234 * @param string $script unique script identifier
2235 * @param int $instance optional instance id
2236 */
2242 }
2244 /// extra safety
2245 @session_write_close();
2249 if (!$key = get_record('user_private_key', 'script', $script, 'value', $keyvalue, 'instance', $instance)) {
2251 }
2255 }
2261 }
2262 }
2266 }
2268 /// emulate normal session
2272 /// note we are not using normal login
2275 }
2279 /// return isntance id - it might be empty
2281 }
2283 /**
2284 * Creates a new private user access key.
2285 * @param string $script unique target identifier
2286 * @param int $userid
2287 * @param instance $int optional instance id
2288 * @param string $iprestriction optional ip restricted access
2289 * @param timestamp $validuntil key valid only until given data
2290 * @return string access key value
2291 */
2292 function create_user_key($script, $userid, $instance=null, $iprestriction=null, $validuntil=null) {
2303 // must be unique
2305 }
2309 }
2312 }
2314 /**
2315 * Modify the user table by setting the currently logged in user's
2316 * last login to now.
2317 *
2318 * @uses $USER
2319 * @return bool
2320 */
2331 }
2333 /**
2334 * Determines if a user has completed setting up their account.
2335 *
2336 * @param user $user A {@link $USER} object to test for the existance of a valid name and email
2337 * @return bool
2338 */
2340 return ($user->username != 'guest' and (empty($user->firstname) or empty($user->lastname) or empty($user->email) or over_bounce_threshold($user)));
2341 }
2349 }
2353 }
2355 // set sensible defaults
2358 }
2361 }
2366 }
2369 }
2371 }
2373 /**
2374 * @param $user - object containing an id
2375 * @param $reset - will reset the count to 0
2376 */
2381 }
2386 }
2388 // make a new one
2393 }
2394 }
2396 /**
2397 * @param $user - object containing an id
2398 * @param $reset - will reset the count to 0
2399 */
2404 }
2406 // make a new one
2411 }
2412 }
2414 /**
2415 * Keeps track of login attempts
2416 *
2417 * @uses $SESSION
2418 */
2429 }
2434 }
2435 }
2437 /**
2438 * Resets login attempts
2439 *
2440 * @uses $SESSION
2441 */
2446 }
2454 }
2458 }
2459 }
2461 /**
2462 * Goes through all enrolment records for the courses inside the metacourse and sync with them.
2463 *
2464 * @param mixed $course the metacourse to synch. Either the course object itself, or the courseid.
2465 */
2469 // Check the course is valid.
2473 }
2474 }
2476 // Check that we actually have a metacourse.
2479 }
2481 // Get a list of roles that should not be synced.
2486 }
2488 // Get the context of the metacourse.
2489 $context = get_context_instance(CONTEXT_COURSE, $course->id); // SITEID can not be a metacourse
2491 // We do not ever want to unassign the list of metacourse manager, so get a list of them.
2496 }
2498 // Get assignments of a user to a role that exist in a child course, but
2499 // not in the meta coure. That is, get a list of the assignments that need to be made.
2501 SELECT
2502 ra.id, ra.roleid, ra.userid, ra.hidden
2503 FROM
2507 WHERE
2508 ra.contextid = con.id AND
2510 con.instanceid = cm.child_course AND
2512 $roleexclusions
2513 NOT EXISTS (
2514 SELECT 1 FROM
2516 WHERE
2517 ra2.userid = ra.userid AND
2518 ra2.roleid = ra.roleid AND
2520 )
2523 }
2525 // Get assignments of a user to a role that exist in the meta course, but
2526 // not in any child courses. That is, get a list of the unassignments that need to be made.
2528 SELECT
2529 ra.id, ra.roleid, ra.userid
2530 FROM
2532 WHERE
2534 $roleexclusions
2535 NOT EXISTS (
2536 SELECT 1 FROM
2540 WHERE
2541 ra2.userid = ra.userid AND
2542 ra2.roleid = ra.roleid AND
2543 ra2.contextid = con2.id AND
2545 con2.instanceid = cm.child_course AND
2547 )
2550 }
2554 // Make the unassignments, if they are not managers.
2557 $success = role_unassign($unassignment->roleid, $unassignment->userid, 0, $context->id) && $success;
2558 }
2559 }
2561 // Make the assignments.
2563 $success = role_assign($assignment->roleid, $assignment->userid, 0, $context->id, 0, 0, $assignment->hidden) && $success;
2564 }
2568 // TODO: finish timeend and timestart
2569 // maybe we could rely on cron job to do the cleaning from time to time
2570 }
2572 /**
2573 * Adds a record to the metacourse table and calls sync_metacoures
2574 */
2579 }
2583 }
2585 if (!$record = get_record("course_meta","parent_course",$metacourseid,"child_course",$courseid)) {
2591 }
2593 }
2596 }
2598 /**
2599 * Removes the record from the metacourse table and calls sync_metacourse
2600 */
2605 }
2607 }
2610 /**
2611 * Determines if a user is currently logged in
2612 *
2613 * @uses $USER
2614 * @return bool
2615 */
2620 }
2622 /**
2623 * Determines if a user is logged in as real guest user with username 'guest'.
2624 * This function is similar to original isguest() in 1.6 and earlier.
2625 * Current isguest() is deprecated - do not use it anymore.
2626 *
2627 * @param $user mixed user object or id, $USER if not specified
2628 * @return bool true if user is the real guest user, false if not logged in or other user
2629 */
2636 }
2640 }
2643 }
2645 /**
2646 * Determines if the currently logged in user is in editing mode.
2647 * Note: originally this function had $userid parameter - it was not usable anyway
2648 *
2649 * @uses $USER, $PAGE
2650 * @return bool
2651 */
2659 }
2661 }
2663 /**
2664 * Determines if the logged in user is currently moving an activity
2665 *
2666 * @uses $USER
2667 * @param int $courseid The id of the course being tested
2668 * @return bool
2669 */
2675 }
2677 }
2679 /**
2680 * Given an object containing firstname and lastname
2681 * values, this function returns a string with the
2682 * full name of the person.
2683 * The result may depend on system settings
2684 * or language. 'override' will force both names
2685 * to be used even if system settings specify one.
2686 *
2687 * @uses $CFG
2688 * @uses $SESSION
2689 * @param object $user A {@link $USER} object to get full name of
2690 * @param bool $override If true then the name will be first name followed by last name rather than adhering to fullnamedisplay setting.
2691 */
2697 }
2702 }
2705 }
2706 }
2710 }
2723 }
2724 }
2727 }
2729 /**
2730 * Sets a moodle cookie with an encrypted string
2731 *
2732 * @uses $CFG
2733 * @uses DAYSECS
2734 * @uses HOURSECS
2735 * @param string $thing The string to encrypt and place in a cookie
2736 */
2742 }
2749 setCookie($cookiename, '', time() - HOURSECS, $CFG->sessioncookiepath, $CFG->sessioncookiedomain, $CFG->cookiesecure);
2750 setCookie($cookiename, rc4encrypt($thing), time()+$seconds, $CFG->sessioncookiepath, $CFG->sessioncookiedomain, $CFG->cookiesecure);
2751 }
2753 /**
2754 * Gets a moodle cookie with an encrypted string
2755 *
2756 * @uses $CFG
2757 * @return string
2758 */
2769 }
2770 }
2772 /**
2773 * Returns whether a given authentication plugin exists.
2774 *
2775 * @uses $CFG
2776 * @param string $auth Form of authentication to check for. Defaults to the
2777 * global setting in {@link $CFG}.
2778 * @return boolean Whether the plugin is available.
2779 */
2785 }
2787 }
2789 /**
2790 * Checks if a given plugin is in the list of enabled authentication plugins.
2791 *
2792 * @param string $auth Authentication plugin.
2793 * @return boolean Whether the plugin is enabled.
2794 */
2798 }
2803 }
2805 /**
2806 * Returns an authentication plugin instance.
2807 *
2808 * @uses $CFG
2809 * @param string $auth name of authentication plugin
2810 * @return object An instance of the required authentication plugin.
2811 */
2815 // check the plugin exists first
2818 }
2820 // return auth plugin instance
2824 }
2826 /**
2827 * Returns array of active auth plugins.
2828 *
2829 * @param bool $fix fix $CFG->auth if needed
2830 * @return array
2831 */
2841 }
2848 }
2849 }
2853 }
2854 }
2857 }
2859 /**
2860 * Returns true if an internal authentication method is being used.
2861 * if method not specified then, global default is assumed
2862 *
2863 * @uses $CFG
2864 * @param string $auth Form of authentication required
2865 * @return bool
2866 */
2870 }
2872 /**
2873 * Returns true if the user is a 'restored' one
2874 *
2875 * Used in the login process to inform the user
2876 * and allow him/her to reset the password
2877 *
2878 * @uses $CFG
2879 * @param string $username username to be checked
2880 * @return bool
2881 */
2885 return record_exists('user', 'username', $username, 'mnethostid', $CFG->mnet_localhost_id, 'password', 'restored');
2886 }
2888 /**
2889 * Returns an array of user fields
2890 *
2891 * @uses $CFG
2892 * @uses $db
2893 * @return array User field/column names
2894 */
2903 }
2905 /**
2906 * Creates the default "guest" user. Used both from
2907 * admin/index.php and login/index.php
2908 * @return mixed user object created or boolean false if the creation has failed
2909 */
2929 }
2932 }
2934 /**
2935 * Creates a bare-bones user record
2936 *
2937 * @uses $CFG
2938 * @param string $username New user's username to add to record
2939 * @param string $password New user's password to add to record
2940 * @param string $auth Form of authentication required
2941 * @return object A {@link $USER} object
2942 * @todo Outline auth types and provide code example
2943 */
2947 //just in case check text case
2956 }
2957 }
2962 }
2963 }
2967 }
2972 // fix for MDL-8480
2973 // user CFG lang for user if $newuser->lang is empty
2974 // or $user->lang is not an installed language
2978 }
2983 }
2991 }
2994 }
2996 }
2998 /**
2999 * Will update a local user record from an external source
3000 *
3001 * @uses $CFG
3002 * @param string $username New user's username to add to record
3003 * @return user A {@link $USER} object
3004 */
3010 $oldinfo = get_record('user', 'username', $username, 'mnethostid', $CFG->mnet_localhost_id, '','', 'id, username, auth');
3016 if ($key === 'username' or $key === 'id' or $key === 'auth' or $key === 'mnethostid' or $key === 'deleted') {
3017 // these fields must not be changed
3019 }
3024 }
3027 // MDL-4207 Don't overwrite modified user profile values with
3028 // empty LDAP values when 'unlocked if empty' is set. The purpose
3029 // of the setting 'unlocked if empty' is to allow the user to fill
3030 // in a value for the selected field _if LDAP is giving
3031 // nothing_ for this field. Thus it makes sense to let this value
3032 // stand in until LDAP is giving a value for this field.
3036 }
3037 }
3038 }
3039 }
3042 }
3045 /// will truncate userinfo as it comes from auth_get_userinfo (from external auth)
3046 /// which may have large fields
3048 // define the limits
3064 );
3066 // apply where needed
3071 }
3072 }
3075 }
3077 /**
3078 * Marks user deleted in internal user database and notifies the auth plugin.
3079 * Also unenrols user from all roles and does other cleanup.
3080 * @param object $user Userobject before delete (without system magic quotes)
3081 * @return boolean success
3082 */
3091 // delete all grades - backup is kept in grade_grades_history table
3095 }
3096 }
3098 //move unread messages from this user to read
3101 // remove from all groups
3104 // unenrol from all roles in all contexts
3105 role_unassign(0, $user->id); // this might be slow but it is really needed - modules might do some extra cleanup!
3107 // now do a final accesslib cleanup - removes all role assingments in user context and context itself
3113 // workaround for bulk deletes of users with the same email address
3117 }
3119 // mark internal user record as "deleted"
3124 $updateuser->email = md5($user->username);// Store hash of username, useful importing/restoring users
3130 // notify auth plugin - do not block the delete even when plugin fails
3140 }
3141 }
3143 /**
3144 * Retrieve the guest user object
3145 *
3146 * @uses $CFG
3147 * @return user A {@link $USER} object
3148 */
3152 if ($newuser = get_record('user', 'username', 'guest', 'mnethostid', $CFG->mnet_localhost_id)) {
3158 }
3159 }
3162 }
3164 /**
3165 * Given a username and password, this function looks them
3166 * up using the currently selected authentication mechanism,
3167 * and if the authentication is successful, it returns a
3168 * valid $user object from the 'user' table.
3169 *
3170 * Uses auth_ functions from the currently active auth module
3171 *
3172 * After authenticate_user_login() returns success, you will need to
3173 * log that the user has logged in, and call complete_user_login() to set
3174 * the session up.
3175 *
3176 * @uses $CFG
3177 * @param string $username User's username (with system magic quotes)
3178 * @param string $password User's password (with system magic quotes)
3179 * @return user|flase A {@link $USER} object or false if error
3180 */
3191 error_log('[client '.getremoteaddr()."] $CFG->wwwroot Disabled Login: $username ".$_SERVER['HTTP_USER_AGENT']);
3193 }
3197 // check if there's a deleted record (cheaply)
3199 error_log('[client '.$_SERVER['REMOTE_ADDR']."] $CFG->wwwroot Deleted Login: $username ".$_SERVER['HTTP_USER_AGENT']);
3201 }
3206 }
3211 // on auth fail fall through to the next plugin
3214 }
3216 // successful authentication
3221 }
3222 if (empty($user->firstaccess)) { //prevent firstaccess from remaining 0 for manual account that never required confirmation
3225 }
3227 update_internal_user_password($user, $password); // just in case salt or encoding were changed (magic quotes too one day)
3231 }
3233 // if user not found, create him
3235 }
3242 }
3244 /// Log in to a second system if necessary
3245 /// NOTICE: /sso/ will be moved to auth and deprecated soon; use user_authenticated_hook() instead
3251 }
3252 }
3253 }
3257 }
3259 }
3261 // failed if all the plugins have failed
3264 error_log('[client '.getremoteaddr()."] $CFG->wwwroot Failed Login: $username ".$_SERVER['HTTP_USER_AGENT']);
3265 }
3267 }
3269 /**
3270 * Call to complete the user login process after authenticate_user_login()
3271 * has succeeded. It will setup the $USER variable and other required bits
3272 * and pieces.
3273 *
3274 * NOTE:
3275 * - It will NOT log anything -- up to the caller to decide what to log.
3276 *
3277 *
3278 *
3279 * @uses $CFG, $USER
3280 * @param string $user obj
3281 * @return user|flase A {@link $USER} object or false if error
3282 */
3289 // please note this setting may break some auth plugins
3291 }
3299 // do not store last logged in user in cookie
3300 // auth plugins can temporarily override this from loginpage_hook()
3301 // do not save $CFG->nolastloggedin in database!
3303 }
3306 // Call enrolment plugins
3309 /// This is what lets the user do anything on the site :-)
3312 /// Select password change url
3315 /// check whether the user should be changing password
3322 }
3325 }
3326 }
3328 }
3330 /**
3331 * Compare password against hash stored in internal user table.
3332 * If necessary it also updates the stored hash to new format.
3333 *
3334 * @param object user
3335 * @param string plain text password
3336 * @return bool is password valid?
3337 */
3343 }
3347 // get password original encoding in case it was not updated to unicode yet
3351 if ($user->password == md5($password.$CFG->passwordsaltmain) or $user->password == md5($password)
3352 or $user->password == md5($convpassword.$CFG->passwordsaltmain) or $user->password == md5($convpassword)) {
3358 if ($user->password == md5($password.$CFG->$alt) or $user->password == md5($convpassword.$CFG->$alt)) {
3361 }
3362 }
3363 }
3364 }
3367 // force update of password hash using latest main password salt and encoding if needed
3369 }
3372 }
3374 /**
3375 * Calculate hashed value from password using current hash mechanism.
3376 *
3377 * @param string password
3378 * @return string password hash
3379 */
3387 }
3388 }
3390 /**
3391 * Update pssword hash in user object.
3392 *
3393 * @param object user
3394 * @param string plain text password
3395 * @param bool store changes also in db, default true
3396 * @return true if hash changed
3397 */
3406 }
3409 }
3411 /**
3412 * Get a complete user record, which includes all the info
3413 * in the user record
3414 * Intended for setting as $USER session variable
3415 *
3416 * @uses $CFG
3417 * @uses SITEID
3418 * @param string $field The user field to be checked for a given value.
3419 * @param string $value The value to match for $field.
3420 * @return user A {@link $USER} object.
3421 */
3428 }
3430 /// Build the WHERE clause for an SQL query
3434 // If we are loading user data based on anything other than id,
3435 // we must also restrict our search based on mnet host.
3438 // if empty, we restrict to local users
3440 }
3441 }
3445 }
3447 /// Get all the basic user data
3451 }
3453 /// Get various settings and preferences
3458 }
3459 }
3468 }
3469 }
3475 // this is a special hack to speedup calendar display
3481 }
3483 }
3484 }
3486 /// Add the custom profile fields to the user record
3492 }
3493 }
3495 /// Rewrite some variables if necessary
3498 }
3503 }
3508 }
3511 }
3513 /**
3514 * @uses $CFG
3515 * @param string $password the password to be checked agains the password policy
3516 * @param string $errmsg the error message to display when the password doesn't comply with the policy.
3517 * @return bool true if the password is valid according to the policy. false otherwise.
3518 */
3524 }
3529 $errmsg .= '<div>'. get_string('errorminpasswordlength', 'auth', $CFG->minpasswordlength) .'</div>';
3531 }
3533 $errmsg .= '<div>'. get_string('errorminpassworddigits', 'auth', $CFG->minpassworddigits) .'</div>';
3535 }
3537 $errmsg .= '<div>'. get_string('errorminpasswordlower', 'auth', $CFG->minpasswordlower) .'</div>';
3539 }
3541 $errmsg .= '<div>'. get_string('errorminpasswordupper', 'auth', $CFG->minpasswordupper) .'</div>';
3543 }
3544 if (preg_match_all('/[^[:upper:][:lower:][:digit:]]/u', $password, $matches) < $CFG->minpasswordnonalphanum) {
3545 $errmsg .= '<div>'. get_string('errorminpasswordnonalphanum', 'auth', $CFG->minpasswordnonalphanum) .'</div>';
3546 }
3552 }
3553 }
3556 /**
3557 * When logging in, this function is run to set certain preferences
3558 * for the current SESSION
3559 */
3567 // Restore the calendar filters, if saved
3571 }
3572 }
3575 /**
3576 * Delete a course, including all related data from the database,
3577 * and any associated files from the moodledata folder.
3578 *
3579 * @param mixed $courseorid The id of the course or course object to delete.
3580 * @param bool $showfeedback Whether to display notifications of each action the function performs.
3581 * @return bool true if all the removals succeeded. false if there were any failures. If this
3582 * method returns false, some of the removals will probably have succeeded, and others
3583 * failed, but you have no way of knowing which.
3584 */
3596 }
3597 }
3599 // frontpage course can not be deleted!!
3602 }
3607 }
3609 }
3614 }
3616 }
3618 /// Delete all roles and overiddes in the course context
3622 }
3624 }
3629 }
3631 }
3634 //trigger events
3636 }
3639 }
3641 /**
3642 * Clear a course out completely, deleting all content
3643 * but don't delete the course itself
3644 *
3645 * @uses $CFG
3646 * @param int $courseid The id of the course that is being deleted
3647 * @param bool $showfeedback Whether to display notifications of each action the function performs.
3648 * @return bool true if all the removals succeeded. false if there were any failures. If this
3649 * method returns false, some of the removals will probably have succeeded, and others
3650 * failed, but you have no way of knowing which.
3651 */
3662 }
3666 /// Clean up course formats (iterate through all formats in the even the course format was ever changed)
3676 }
3678 }
3679 }
3680 }
3682 /// Delete every instance of every module
3697 /// Delete activity context questions and question categories
3699 }
3704 notify('Could not delete '. $modname .' instance '. $instance->id .' ('. format_string($instance->name) .')');
3706 }
3708 // delete cm and its context in correct order
3711 }
3712 }
3713 }
3717 }
3721 }
3722 }
3725 }
3726 }
3729 }
3731 /// Give local code a chance to delete its references to this course.
3735 /// Delete course blocks
3744 }
3751 // fix for MDL-7164
3752 // Get the block object and call instance_delete()
3756 }
3760 }
3761 // Return value ignored, in core mods this does not do anything, but just in case
3762 // third party blocks might have stuff to clean up
3763 // we execute this anyway
3766 }
3769 }
3770 }
3772 /// Delete any groups, removing members and grouping/course links first.
3777 /// Delete all related records in other tables that may have a courseid
3778 /// This array stores the tables that need to be cleared, as
3779 /// table_name => column_name that contains the course id.
3789 );
3794 }
3797 }
3798 }
3801 /// Clean up metacourse stuff
3805 sync_metacourse($course->id); // have to do it here so the enrolments get nuked. sync_metacourses won't find it without the id.
3808 }
3812 remove_from_metacourse($parent->parent_course,$parent->child_course); // this will do the unenrolments as well.
3813 }
3816 }
3817 }
3818 }
3820 /// Delete questions and question categories
3823 /// Remove all data from gradebook
3829 }
3831 /**
3832 * Change dates in module - used from course reset.
3833 * @param strin $modname forum, assignent, etc
3834 * @param array $fields array of date fields from mod table
3835 * @param int $timeshift time difference
3836 * @return success
3837 */
3848 }
3853 }
3856 }
3858 /**
3859 * This function will empty a course of user data.
3860 * It will retain the activities and the structure of the course.
3861 * @param object $data an object containing all the settings including courseid (without magic quotes)
3862 * @return array status array of array component, item, error
3863 */
3872 // calculate the time shift of dates
3874 // time part of course startdate should be zero
3878 }
3880 // result array: component, item, error
3883 // start the resetting
3886 // move the course start time
3888 // change course start data
3890 // update all course and group events - do not move activity events
3896 $status[] = array('component'=>$componentstr, 'item'=>get_string('datechanged'), 'error'=>false);
3897 }
3901 $status[] = array('component'=>$componentstr, 'item'=>get_string('deletelogs'), 'error'=>false);
3902 }
3906 $status[] = array('component'=>$componentstr, 'item'=>get_string('deleteevents', 'calendar'), 'error'=>false);
3907 }
3912 $status[] = array('component'=>$componentstr, 'item'=>get_string('deletenotes', 'notes'), 'error'=>false);
3913 }
3921 }
3923 //force refresh for logged in users
3925 $status[] = array('component'=>$componentstr, 'item'=>get_string('deletecourseoverrides', 'role'), 'error'=>false);
3926 }
3932 }
3933 //force refresh for logged in users
3935 $status[] = array('component'=>$componentstr, 'item'=>get_string('deletelocalroles', 'role'), 'error'=>false);
3936 }
3938 // First unenrol users - this cleans some of related user data too, such as forum subscriptions, tracking, etc.
3947 }
3948 }
3949 }
3950 }
3951 }
3953 $status[] = array('component'=>$componentstr, 'item'=>get_string('unenrol').' ('.count($data->unenrolled).')', 'error'=>false);
3954 }
3959 // remove all group members
3962 $status[] = array('component'=>$componentstr, 'item'=>get_string('removegroupsmembers', 'group'), 'error'=>false);
3963 }
3965 // remove all groups
3968 $status[] = array('component'=>$componentstr, 'item'=>get_string('deleteallgroups', 'group'), 'error'=>false);
3969 }
3971 // remove all grouping members
3974 $status[] = array('component'=>$componentstr, 'item'=>get_string('removegroupingsmembers', 'group'), 'error'=>false);
3975 }
3977 // remove all groupings
3980 $status[] = array('component'=>$componentstr, 'item'=>get_string('deleteallgroupings', 'group'), 'error'=>false);
3981 }
3983 // Look in every instance of every module for data to delete
3990 }
4001 }
4004 }
4007 }
4008 }
4009 }
4011 // mention unsupported mods
4014 $status[] = array('component'=>get_string('modulenameplural', $mod->name), 'item'=>'', 'error'=>get_string('resetnotimplemented'));
4015 }
4016 }
4020 // reset gradebook
4025 $status[] = array('component'=>$componentstr, 'item'=>get_string('removeallcourseitems', 'grades'), 'error'=>false);
4029 $status[] = array('component'=>$componentstr, 'item'=>get_string('removeallcoursegrades', 'grades'), 'error'=>false);
4030 }
4033 }
4040 }
4043 // the first char should be an unencoded letter. We'll take this as an action
4048 // check the half md5 of their email
4052 }
4053 // else maybe they've already changed it?
4054 }
4055 }
4057 // maybe more later?
4058 }
4059 }
4061 /// CORRESPONDENCE ////////////////////////////////////////////////
4063 /**
4064 * Get mailer instance, enable buffering, flush buffer or disable buffering.
4065 * @param $action string 'get', 'buffer', 'close' or 'flush'
4066 * @return reference to mailer instance if 'get' used or nothing
4067 */
4076 }
4084 // reset the mailer
4102 }
4106 }
4117 // some MTAs may do double conversion of LF if CRLF used, CRLF is required line ending in RFC 822bis
4118 // hmm, this is a bit hacky because LE should be private
4123 }
4135 }
4143 }
4144 }
4147 }
4151 // keep smtp session open after sending
4158 }
4159 }
4161 }
4163 // close smtp session, but continue buffering
4168 }
4172 }
4173 }
4175 }
4177 // close smtp session, do not buffer anymore
4182 }
4185 }
4186 }
4188 /**
4189 * Send an email to a specified user
4190 *
4191 * @uses $CFG
4192 * @uses $FULLME
4193 * @uses $MNETIDPJUMPURL IdentityProvider(IDP) URL user hits to jump to mnet peer.
4194 * @uses SITEID
4195 * @param user $user A {@link $USER} object
4196 * @param user $from A {@link $USER} object
4197 * @param string $subject plain text subject line of the email
4198 * @param string $messagetext plain text version of the message
4199 * @param string $messagehtml complete html version of the message (optional)
4200 * @param string $attachment a file on the filesystem, relative to $CFG->dataroot
4201 * @param string $attachname the name of the file (extension indicates MIME)
4202 * @param bool $usetrueaddress determines whether $from email address should
4203 * be sent out. Will be overruled by user profile setting for maildisplay
4204 * @param int $wordwrapwidth custom word wrap width
4205 * @return bool|string Returns "true" if mail was sent OK, "emailstop" if email
4206 * was blocked by user and "false" if there was another sort of error.
4207 */
4208 function email_to_user($user, $from, $subject, $messagetext, $messagehtml='', $attachment='', $attachname='', $usetrueaddress=true, $replyto='', $replytoname='', $wordwrapwidth=79) {
4215 }
4218 // do not mail delted users
4220 }
4223 // hidden setting for development sites, set in config.php if needed
4225 }
4231 }
4233 // skip mail to suspended users
4236 }
4240 }
4245 }
4247 // If the user is a remote mnet user, parse the email text for URL to the
4248 // wwwroot and modify the url to direct the user's browser to login at their
4249 // home site (identity provider - idp) before hitting the link itself
4252 // Form the request url to hit the idp's jump.php
4258 $MNETIDPJUMPURL = $idp->wwwroot . $idpjumppath . '?hostwwwroot=' . $CFG->wwwroot . '&wantsurl=';
4260 }
4268 }
4273 }
4275 /// We are going to use textlib services here
4280 // make up an email address for handling bounces
4286 }
4299 }
4300 }
4304 }
4316 }
4319 }
4320 }
4324 }
4326 if ($messagehtml && $user->mailformat == 1) { // Don't ever send HTML to users who don't want it
4334 }
4339 $mail->AddStringAttachment('Error in attachment. User attempted to attach a filename with a unsafe name.', 'error.txt', '8bit', 'text/plain');
4344 }
4345 }
4349 /// If we are running under Unicode and sitemailcharset or allowusermailcharset are set, convert the email
4350 /// encoding to the specified one
4352 /// Set it to site mail charset
4354 /// Overwrite it with the user mail charset
4358 }
4359 }
4360 /// If it has changed, convert all the necessary strings
4364 /// Save the new mail charset
4366 /// And convert some strings
4370 }
4374 }
4377 }
4378 }
4385 }
4392 }
4394 }
4395 }
4397 /**
4398 * Generate a signoff for emails based on support settings
4399 *
4400 */
4407 }
4410 }
4413 }
4415 }
4417 /**
4418 * Generate a fake user for emails based on support settings
4419 *
4420 */
4429 }
4438 }
4441 /**
4442 * Sets specified user's password and send the new password to the user via email.
4443 *
4444 * @uses $CFG
4445 * @param user $user A {@link $USER} object
4446 * @return boolean|string Returns "true" if mail was sent OK, "emailstop" if email
4447 * was blocked by user and "false" if there was another sort of error.
4448 */
4459 if (! set_field('user', 'password', hash_internal_user_password($newpassword), 'id', $user->id) ) {
4462 }
4478 }
4480 /**
4481 * Resets specified user's password and send the new password to the user via email.
4482 *
4483 * @uses $CFG
4484 * @param user $user A {@link $USER} object
4485 * @return bool|string Returns "true" if mail was sent OK, "emailstop" if email
4486 * was blocked by user and "false" if there was another sort of error.
4487 */
4497 trigger_error("Attempt to reset user password for user $user->username with Auth $user->auth.");
4499 }
4505 }
4522 }
4524 /**
4525 * Send email to specified user with confirmation text and activation link.
4526 *
4527 * @uses $CFG
4528 * @param user $user A {@link $USER} object
4529 * @return bool|string Returns "true" if mail was sent OK, "emailstop" if email
4530 * was blocked by user and "false" if there was another sort of error.
4531 */
4546 $data->link = $CFG->wwwroot .'/login/confirm.php?data='. $user->secret .'/'. urlencode($user->username);
4554 }
4556 /**
4557 * send_password_change_confirmation_email.
4558 *
4559 * @uses $CFG
4560 * @param user $user A {@link $USER} object
4561 * @return bool|string Returns "true" if mail was sent OK, "emailstop" if email
4562 * was blocked by user and "false" if there was another sort of error.
4563 */
4575 $data->link = $CFG->httpswwwroot .'/login/forgot_password.php?p='. $user->secret .'&s='. urlencode($user->username);
4583 }
4585 /**
4586 * send_password_change_info.
4587 *
4588 * @uses $CFG
4589 * @param user $user A {@link $USER} object
4590 * @return bool|string Returns "true" if mail was sent OK, "emailstop" if email
4591 * was blocked by user and "false" if there was another sort of error.
4592 */
4613 }
4616 // we have some external url for password changing
4620 //no way to change password, sorry
4622 }
4624 if (!empty($data->link) and has_capability('moodle/user:changeownpassword', $systemcontext, $user->id)) {
4630 }
4634 }
4636 /**
4637 * Check that an email is allowed. It returns an error message if there
4638 * was a problem.
4639 *
4640 * @uses $CFG
4641 * @param string $email Content of email
4642 * @return string|false
4643 */
4654 }
4657 // subdomains are in a form ".example.com" - matches "xxx@anything.example.com"
4659 }
4663 }
4664 }
4673 }
4676 // subdomains are in a form ".example.com" - matches "xxx@anything.example.com"
4678 }
4682 }
4683 }
4684 }
4687 }
4694 }
4699 }
4701 }
4710 }
4712 /// If you don't want a welcome message sent, then make the message string blank.
4718 }
4720 }
4721 }
4723 /// FILE HANDLING /////////////////////////////////////////////
4726 /**
4727 * Makes an upload directory for a particular module.
4728 *
4729 * @uses $CFG
4730 * @param int $courseid The id of the course in question - maps to id field of 'course' table.
4731 * @return string|false Returns full path to directory if successful, false if not
4732 */
4738 }
4743 copy($CFG->dirroot .'/lang/'. $CFG->lang .'/docs/module_files.txt', $moddata .'/'. $strreadme .'.txt');
4746 }
4748 }
4750 /**
4751 * Makes a directory for a particular user.
4752 *
4753 * @uses $CFG
4754 * @param int $userid The id of the user in question - maps to id field of 'user' table.
4755 * @param bool $test Whether we are only testing the return value (do not create the directory)
4756 * @return string|false Returns full path to directory if successful, false if not
4757 */
4761 if (is_bool($userid) || $userid < 0 || !ereg('^[0-9]{1,10}$', $userid) || $userid > 2147483647) {
4764 }
4766 }
4768 // Generate a two-level path for the userid. First level groups them by slices of 1000 users, second level is userid
4776 }
4777 }
4779 /**
4780 * Returns an array of full paths to user directories, indexed by their userids.
4781 *
4782 * @param bool $only_non_empty Only return directories that contain files
4783 * @param bool $legacy Search for user directories in legacy location (dataroot/users/userid) instead of (dataroot/user/section/userid)
4784 * @return array An associative array: userid=>array(basedir => $basedir, userfolder => $userfolder)
4785 */
4793 }
4796 //Check if directory exists
4802 }
4805 }
4807 if ($grouplist =get_directory_list($rootdir, '', true, true, false)) { // directories will be in the form 0, 1000, 2000 etc...
4812 }
4813 }
4814 }
4815 }
4816 }
4820 }
4822 }
4824 /**
4825 * Returns current name of file on disk if it exists.
4826 *
4827 * @param string $newfile File to be verified
4828 * @return string Current name of file on disk if true
4829 */
4833 }
4838 }
4839 }
4841 /**
4842 * Returns the maximum size for uploading files.
4843 *
4844 * There are seven possible upload limits:
4845 * 1. in Apache using LimitRequestBody (no way of checking or changing this)
4846 * 2. in php.ini for 'upload_max_filesize' (can not be changed inside PHP)
4847 * 3. in .htaccess for 'upload_max_filesize' (can not be changed inside PHP)
4848 * 4. in php.ini for 'post_max_size' (can not be changed inside PHP)
4849 * 5. by the Moodle admin in $CFG->maxbytes
4850 * 6. by the teacher in the current course $course->maxbytes
4851 * 7. by the teacher for the current module, eg $assignment->maxbytes
4852 *
4853 * These last two are passed to this function as arguments (in bytes).
4854 * Anything defined as 0 is ignored.
4855 * The smallest of all the non-zero numbers is returned.
4856 *
4857 * @param int $sizebytes ?
4858 * @param int $coursebytes Current course $course->maxbytes (in bytes)
4859 * @param int $modulebytes Current module ->maxbytes (in bytes)
4860 * @return int The maximum size for uploading files.
4861 * @todo Finish documenting this function
4862 */
4867 }
4874 }
4875 }
4879 }
4883 }
4887 }
4890 }
4892 /**
4893 * Related to {@link get_max_upload_file_size()} - this function returns an
4894 * array of possible sizes in an array, translated to the
4895 * local language.
4896 *
4897 * @uses SORT_NUMERIC
4898 * @param int $sizebytes ?
4899 * @param int $coursebytes Current course $course->maxbytes (in bytes)
4900 * @param int $modulebytes Current module ->maxbytes (in bytes)
4901 * @return int
4902 * @todo Finish documenting this function
4903 */
4909 }
4916 // Allow maxbytes to be selected if it falls outside the above boundaries
4919 }
4924 }
4925 }
4930 }
4932 /**
4933 * If there has been an error uploading a file, print the appropriate error message
4934 * Numerical constants used as constant definitions not added until PHP version 4.2.0
4935 *
4936 * $filearray is a 1-dimensional sub-array of the $_FILES array
4937 * eg $filearray = $_FILES['userfile1']
4938 * If left empty then the first element of the $_FILES array will be used
4939 *
4940 * @uses $_FILES
4941 * @param array $filearray A 1-dimensional sub-array of the $_FILES array
4942 * @param bool $returnerror If true then a string error message will be returned. Otherwise the user will be notified of the error in a notify() call.
4943 * @return bool|string
4944 */
4953 }
4962 }
4983 }
4990 }
4992 }
4994 /**
4995 * handy function to loop through an array of files and resolve any filename conflicts
4996 * both in the array of filenames and for what is already on disk.
4997 * not really compatible with the similar function in uploadlib.php
4998 * but this could be used for files/index.php for moving files around.
4999 */
5010 }
5011 }
5012 }
5013 }
5015 }
5017 /**
5018 * @used by resolve_filename_collisions
5019 */
5023 }
5026 }
5028 }
5031 /**
5032 * Returns an array with all the filenames in
5033 * all subdirectories, relative to the given rootdir.
5034 * If excludefile is defined, then that file/directory is ignored
5035 * If getdirs is true, then (sub)directories are included in the output
5036 * If getfiles is true, then files are included in the output
5037 * (at least one of these must be true!)
5038 *
5039 * @param string $rootdir ?
5040 * @param string $excludefile If defined then the specified file/directory is ignored
5041 * @param bool $descend ?
5042 * @param bool $getdirs If true then (sub)directories are included in the output
5043 * @param bool $getfiles If true then files are included in the output
5044 * @return array An array with all the filenames in
5045 * all subdirectories, relative to the given rootdir
5046 * @todo Finish documenting this function. Add examples of $excludefile usage.
5047 */
5048 function get_directory_list($rootdir, $excludefiles='', $descend=true, $getdirs=false, $getfiles=true) {
5054 }
5058 }
5062 }
5066 }
5072 }
5077 }
5082 }
5083 }
5086 }
5087 }
5093 }
5096 /**
5097 * Adds up all the files in a directory and works out the size.
5098 *
5099 * @param string $rootdir ?
5100 * @param string $excludefile ?
5101 * @return array
5102 * @todo Finish documenting this function
5103 */
5108 // do it this way if we can, it's much faster
5116 }
5117 }
5121 }
5125 }
5133 }
5139 }
5140 }
5144 }
5146 /**
5147 * Converts bytes into display form
5148 *
5149 * @param string $size ?
5150 * @return string
5151 * @staticvar string $gb Localized string for size in gigabytes
5152 * @staticvar string $mb Localized string for size in megabytes
5153 * @staticvar string $kb Localized string for size in kilobytes
5154 * @staticvar string $b Localized string for size in bytes
5155 * @todo Finish documenting this function. Verify return type.
5156 */
5166 }
5176 }
5178 }
5180 /**
5181 * Cleans a given filename by removing suspicious or troublesome characters
5182 * Only these are allowed: alphanumeric _ - .
5183 * Unicode characters can be enabled by setting $CFG->unicodecleanfilename = true in config.php
5184 *
5185 * WARNING: unicode characters may not be compatible with zip compression in backup/restore,
5186 * because native zip binaries do weird character conversions. Use PHP zipping instead.
5187 *
5188 * @param string $string file name
5189 * @return string cleaned file name
5190 */
5198 //clean only ascii range
5199 $string = preg_replace("/[\\000-\\x2c\\x2f\\x3a-\\x40\\x5b-\\x5e\\x60\\x7b-\\177]/s", '_', $string);
5200 }
5204 }
5207 /// STRING TRANSLATION ////////////////////////////////////////
5209 /**
5210 * Returns the code for the current language
5211 *
5212 * @uses $CFG
5213 * @param $USER
5214 * @param $SESSION
5215 * @return string
5216 */
5220 if (!empty($COURSE->id) and $COURSE->id != SITEID and !empty($COURSE->lang)) { // Course language can override all other settings for this page
5231 }
5235 }
5238 }
5240 /**
5241 * Prints out a translated string.
5242 *
5243 * Prints out a translated string using the return value from the {@link get_string()} function.
5244 *
5245 * Example usage of this function when the string is in the moodle.php file:<br/>
5246 * <code>
5247 * echo '<strong>';
5248 * print_string('wordforstudent');
5249 * echo '</strong>';
5250 * </code>
5251 *
5252 * Example usage of this function when the string is not in the moodle.php file:<br/>
5253 * <code>
5254 * echo '<h1>';
5255 * print_string('typecourse', 'calendar');
5256 * echo '</h1>';
5257 * </code>
5258 *
5259 * @param string $identifier The key identifier for the localized string
5260 * @param string $module The module where the key identifier is stored. If none is specified then moodle.php is used.
5261 * @param mixed $a An object, string or number that can be used
5262 * within translation strings
5263 */
5266 }
5268 /**
5269 * fix up the optional data in get_string()/print_string() etc
5270 * ensure possible sprintf() format characters are escaped correctly
5271 * needs to handle arbitrary strings and objects
5272 * @param mixed $a An object, string or number that can be used
5273 * @return mixed the supplied parameter 'cleaned'
5274 */
5278 }
5284 }
5286 }
5289 }
5290 }
5292 /**
5293 * @return array places to look for lang strings based on the prefix to the
5294 * module name. For example qtype_ in question/type. Used by get_string and
5295 * help.php.
5296 */
5319 );
5320 }
5322 /**
5323 * Returns a localized string.
5324 *
5325 * Returns the translated string specified by $identifier as
5326 * for $module. Uses the same format files as STphp.
5327 * $a is an object, string or number that can be used
5328 * within translation strings
5329 *
5330 * eg "hello \$a->firstname \$a->lastname"
5331 * or "hello \$a"
5332 *
5333 * If you would like to directly echo the localized string use
5334 * the function {@link print_string()}
5335 *
5336 * Example usage of this function involves finding the string you would
5337 * like a local equivalent of and using its identifier and module information
5338 * to retrive it.<br/>
5339 * If you open moodle/lang/en/moodle.php and look near line 1031
5340 * you will find a string to prompt a user for their word for student
5341 * <code>
5342 * $string['wordforstudent'] = 'Your word for Student';
5343 * </code>
5344 * So if you want to display the string 'Your word for student'
5345 * in any language that supports it on your site
5346 * you just need to use the identifier 'wordforstudent'
5347 * <code>
5348 * $mystring = '<strong>'. get_string('wordforstudent') .'</strong>';
5349 or
5350 * </code>
5351 * If the string you want is in another file you'd take a slightly
5352 * different approach. Looking in moodle/lang/en/calendar.php you find
5353 * around line 75:
5354 * <code>
5355 * $string['typecourse'] = 'Course event';
5356 * </code>
5357 * If you want to display the string "Course event" in any language
5358 * supported you would use the identifier 'typecourse' and the module 'calendar'
5359 * (because it is in the file calendar.php):
5360 * <code>
5361 * $mystring = '<h1>'. get_string('typecourse', 'calendar') .'</h1>';
5362 * </code>
5363 *
5364 * As a last resort, should the identifier fail to map to a string
5365 * the returned string will be [[ $identifier ]]
5366 *
5367 * @uses $CFG
5368 * @param string $identifier The key identifier for the localized string
5369 * @param string $module The module where the key identifier is stored, usually expressed as the filename in the language pack without the .php on the end but can also be written as mod/forum or grade/export/xls. If none is specified then moodle.php is used.
5370 * @param mixed $a An object, string or number that can be used
5371 * within translation strings
5372 * @param array $extralocations An array of strings with other locations to look for string files
5373 * @return string The localized string.
5374 */
5379 /// originally these special strings were stored in moodle.php now we are only in langconfig.php
5380 $langconfigstrs = array('alphabet', 'backupnameformat', 'decsep', 'firstdayofweek', 'listsep', 'locale',
5391 }
5397 }
5399 /// If the "module" is actually a pathname, then automatically derive the proper module name
5425 }
5426 }
5428 /// if $a happens to have % in it, double it so sprintf() doesn't break
5431 }
5433 /// Define the two or three major locations of language strings for this module
5443 }
5444 }
5456 }
5458 /// Add extra places to look for strings for particular plugin types.
5471 }
5477 }
5478 }
5479 }
5481 /// First check all the normal locations for the string in the current language
5484 $locallangfile = $location.$lang.'_local'.'/'.$module.'.php'; //first, see if there's a local file
5489 }
5491 }
5492 }
5493 //if local directory not found, or particular string does not exist in local direcotry
5499 }
5501 }
5502 }
5503 }
5505 /// If the preferred language was English (utf8) we can abort now
5506 /// saving some checks beacuse it's the only "root" lang
5509 }
5511 /// Is a parent language defined? If so, try to find this string in a parent language file
5519 }
5522 //first, see if there's a local file for parent
5528 }
5530 }
5531 }
5533 //if local directory not found, or particular string does not exist in local direcotry
5539 }
5540 }
5541 }
5542 }
5543 }
5544 }
5546 /// Our only remaining option is to try English
5549 $locallangfile = $location.$defaultlang.'_local/'.$module.'.php'; //first, see if there's a local file
5554 }
5555 }
5557 //if local_en not found, or string not found in local_en
5564 }
5565 }
5566 }
5568 /// And, because under 1.6 en is defined as en_utf8 child, me must try
5569 /// if it hasn't been queried before.
5573 $locallangfile = $location.$defaultlang.'_local/'.$module.'.php'; //first, see if there's a local file
5578 }
5579 }
5581 //if local_en not found, or string not found in local_en
5588 }
5589 }
5590 }
5591 }
5594 }
5596 /**
5597 * This function is only used from {@link get_string()}.
5598 *
5599 * @internal Only used from get_string, not meant to be public API
5600 * @param string $identifier ?
5601 * @param string $langfile ?
5602 * @param string $destination ?
5603 * @return string|false ?
5604 * @staticvar array $strings Localized strings
5605 * @access private
5606 * @todo Finish documenting this function.
5607 */
5618 }
5622 }
5625 }
5627 /**
5628 * Converts an array of strings to their localized value.
5629 *
5630 * @param array $array An array of strings
5631 * @param string $module The language module that these strings can be found in.
5632 * @return string
5633 */
5639 }
5641 }
5643 /**
5644 * Returns a list of language codes and their full names
5645 * hides the _local files from everyone.
5646 * @param bool refreshcache force refreshing of lang cache
5647 * @param bool returnall ignore langlist, return all languages available
5648 * @return array An associative array with contents in the form of LanguageCode => LanguageName
5649 */
5658 if (!$refreshcache && !$returnall && !empty($CFG->langcache) && file_exists($CFG->dataroot .'/cache/languages')) {
5659 /// read available langs from cache
5666 }
5667 }
5670 }
5673 /// return only languages allowed in langlist admin setting
5676 // fix short lang names first - non existing langs are skipped anyway...
5680 }
5681 }
5682 // find existing langs from langlist
5687 }
5692 }
5693 /// Search under dirroot/lang
5698 }
5700 }
5701 /// And moodledata/lang
5706 }
5708 }
5709 }
5712 /// return all languages available in system
5713 /// Fetch langs from moodle/lang directory
5715 /// Fetch langs from moodledata/lang directory
5717 /// Merge both lists of langs
5719 /// Sort all
5721 /// Get some info from each lang (first from moodledata, then from moodle)
5725 }
5730 }
5731 /// Search under moodledata/lang
5736 }
5738 }
5739 /// And dirroot/lang
5744 }
5746 }
5747 }
5748 }
5752 // we have a list of all langs only, just delete old cache
5756 // store the list of allowed languages
5760 }
5762 }
5763 }
5764 }
5767 }
5769 /**
5770 * Returns a list of charset codes. It's hardcoded, so they should be added manually
5771 * (cheking that such charset is supported by the texlib library!)
5772 *
5773 * @return array And associative array with contents in the form of charset => charset
5774 */
5789 }
5791 /**
5792 * For internal use only.
5793 * @return array with two elements, the path to use and the name of the lang.
5794 */
5801 }
5804 }
5808 }
5814 }
5817 }
5821 }
5822 }
5826 }
5829 }
5832 }
5834 /**
5835 * Returns a list of country names in the current language
5836 *
5837 * @uses $CFG
5838 * @uses $USER
5839 * @return array
5840 */
5848 }
5850 // Load all the strings into $string.
5853 // See if there are local overrides to countries.php.
5854 // If so, override those elements of $string.
5857 }
5860 }
5864 }
5868 }
5870 /**
5871 * Returns a list of valid and compatible themes
5872 *
5873 * @uses $CFG
5874 * @return array
5875 */
5886 }
5891 }
5896 }
5898 }
5902 }
5905 /**
5906 * Returns a list of picture names in the current or specified language
5907 *
5908 * @uses $CFG
5909 * @return array
5910 */
5916 }
5931 } else if ($parentlang = get_string('parentlanguage') and $parentlang != '[[parentlanguage]]') {
5933 }
5938 }
5940 /**
5941 * Returns a list of timezones in the current language
5942 *
5943 * @uses $CFG
5944 * @return array
5945 */
5953 }
5957 if ($rawtimezones = get_records_sql('SELECT MAX(id), name FROM '.$CFG->prefix.'timezone GROUP BY name')) {
5963 }
5964 }
5965 }
5966 }
5978 }
5979 }
5982 }
5984 /**
5985 * Returns a list of currencies in the current language
5986 *
5987 * @uses $CFG
5988 * @uses $USER
5989 * @return array
5990 */
6002 }
6005 }
6006 }
6012 }
6016 }
6019 }
6022 /// ENCRYPTION ////////////////////////////////////////////////
6024 /**
6025 * rc4encrypt
6026 *
6027 * @param string $data ?
6028 * @return string
6029 * @todo Finish documenting this function
6030 */
6034 }
6036 /**
6037 * rc4decrypt
6038 *
6039 * @param string $data ?
6040 * @return string
6041 * @todo Finish documenting this function
6042 */
6046 }
6048 /**
6049 * Based on a class by Mukul Sabharwal [mukulsabharwal @ yahoo.com]
6050 *
6051 * @param string $pwd ?
6052 * @param string $data ?
6053 * @param string $case ?
6054 * @return string
6055 * @todo Finish documenting this function
6056 */
6061 }
6073 }
6082 }
6102 }
6108 }
6111 }
6114 /// CALENDAR MANAGEMENT ////////////////////////////////////////////////////////////////
6117 /**
6118 * Call this function to add an event to the calendar table
6119 * and to call any calendar plugins
6120 *
6121 * @uses $CFG
6122 * @param array $event An associative array representing an event from the calendar table. The event will be identified by the id field. The object event should include the following:
6123 * <ul>
6124 * <li><b>$event->name</b> - Name for the event
6125 * <li><b>$event->description</b> - Description of the event (defaults to '')
6126 * <li><b>$event->format</b> - Format for the description (using formatting types defined at the top of weblib.php)
6127 * <li><b>$event->courseid</b> - The id of the course this event belongs to (0 = all courses)
6128 * <li><b>$event->groupid</b> - The id of the group this event belongs to (0 = no group)
6129 * <li><b>$event->userid</b> - The id of the user this event belongs to (0 = no user)
6130 * <li><b>$event->modulename</b> - Name of the module that creates this event
6131 * <li><b>$event->instance</b> - Instance of the module that owns this event
6132 * <li><b>$event->eventtype</b> - The type info together with the module info could
6133 * be used by calendar plugins to decide how to display event
6134 * <li><b>$event->timestart</b>- Timestamp for start of event
6135 * <li><b>$event->timeduration</b> - Duration (defaults to zero)
6136 * <li><b>$event->visible</b> - 0 if the event should be hidden (e.g. because the activity that created it is hidden)
6137 * </ul>
6138 * @return int The id number of the resulting record
6139 */
6148 }
6156 }
6157 }
6158 }
6161 }
6163 /**
6164 * Call this function to update an event in the calendar table
6165 * the event will be identified by the id field of the $event object.
6166 *
6167 * @uses $CFG
6168 * @param array $event An associative array representing an event from the calendar table. The event will be identified by the id field.
6169 * @return bool
6170 */
6183 }
6184 }
6185 }
6187 }
6189 /**
6190 * Call this function to delete the event with id $id from calendar table.
6191 *
6192 * @uses $CFG
6193 * @param int $id The id of an event from the 'calendar' table.
6194 * @return array An associative array with the results from the SQL call.
6195 * @todo Verify return type
6196 */
6207 }
6208 }
6209 }
6211 }
6213 /**
6214 * Call this function to hide an event in the calendar table
6215 * the event will be identified by the id field of the $event object.
6216 *
6217 * @uses $CFG
6218 * @param array $event An associative array representing an event from the calendar table. The event will be identified by the id field.
6219 * @return array An associative array with the results from the SQL call.
6220 * @todo Verify return type
6221 */
6231 }
6232 }
6233 }
6235 }
6237 /**
6238 * Call this function to unhide an event in the calendar table
6239 * the event will be identified by the id field of the $event object.
6240 *
6241 * @uses $CFG
6242 * @param array $event An associative array representing an event from the calendar table. The event will be identified by the id field.
6243 * @return array An associative array with the results from the SQL call.
6244 * @todo Verify return type
6245 */
6255 }
6256 }
6257 }
6259 }
6262 /// ENVIRONMENT CHECKING ////////////////////////////////////////////////////////////
6264 /**
6265 * Lists plugin directories within some directory
6266 *
6267 * @uses $CFG
6268 * @param string $plugin dir under we'll look for plugins (defaults to 'mod')
6269 * @param string $exclude dir name to exclude from the list (defaults to none)
6270 * @param string $basedir full path to the base dir where $plugin resides (defaults to $CFG->dirroot)
6271 * @return array of plugins found under the requested parameters
6272 */
6281 # This switch allows us to use the appropiate theme directory - and potentialy alternatives for other plugins
6289 }
6293 }
6299 if ($firstchar == '.' or $dir == 'CVS' or $dir == '_vti_cnf' or $dir == 'simpletest' or $dir == $exclude) {
6301 }
6304 }
6306 }
6308 }
6311 }
6313 }
6315 /**
6316 * Returns true if the current version of PHP is greater that the specified one.
6317 *
6318 * @param string $version The version of php being tested.
6319 * @return bool
6320 */
6323 }
6325 /**
6326 * Checks to see if is the browser operating system matches the specified
6327 * brand.
6328 *
6329 * Known brand: 'Windows','Linux','Macintosh','SGI','SunOS','HP-UX'
6330 *
6331 * @uses $_SERVER
6332 * @param string $brand The operating system identifier being tested
6333 * @return bool true if the given brand below to the detected operating system
6334 */
6338 }
6342 }
6345 }
6347 /**
6348 * Checks to see if is a browser matches the specified
6349 * brand and is equal or better version.
6350 *
6351 * @uses $_SERVER
6352 * @param string $brand The browser identifier being tested
6353 * @param int $version The version of the browser
6354 * @return bool true if the given version is below that of the detected browser
6355 */
6359 }
6370 }
6371 }
6380 }
6381 }
6388 // MacOS X Camino support
6390 }
6392 // the proper string - Gecko/CCYYMMDD Vendor/Version
6393 // Faster version and work-a-round No IDN problem.
6397 }
6398 }
6406 }
6410 }
6414 }
6417 }
6425 }
6426 }
6433 }
6434 }
6438 // Look for AppleWebKit, excluding strings with OmniWeb, Shiira and SymbianOS
6445 }
6447 // No Apple mobile devices here - editor does not work, course ajax is not touch compatible, etc.
6449 }
6454 }
6455 }
6459 }
6462 }
6464 /**
6465 * Returns one or several CSS class names that match the user's browser. These can be put
6466 * in the body tag of the page to apply browser-specific rules without relying on CSS hacks
6467 */
6478 }
6479 } elseif (check_browser_version("Firefox", 0) || check_browser_version("Gecko", 0) || check_browser_version("Camino", 0)) {
6484 }
6492 }
6495 }
6497 /**
6498 * This function makes the return value of ini_get consistent if you are
6499 * setting server directives through the .htaccess file in apache.
6500 * Current behavior for value set from php.ini On = 1, Off = [blank]
6501 * Current behavior for value set from .htaccess On = On, Off = Off
6502 * Contributed by jdell @ unr.edu
6503 *
6504 * @param string $ini_get_arg ?
6505 * @return bool
6506 * @todo Finish documenting this function
6507 */
6513 }
6515 }
6517 /**
6518 * Compatibility stub to provide backward compatibility
6519 *
6520 * Determines if the HTML editor is enabled.
6521 * @deprecated Use {@link can_use_html_editor()} instead.
6522 */
6525 }
6527 /**
6528 * Determines if the HTML editor is enabled.
6529 *
6530 * This depends on site and user
6531 * settings, as well as the current browser being used.
6532 *
6533 * @return string|false Returns false if editor is not being used, otherwise
6534 * returns 'MSIE' or 'Gecko'.
6535 */
6546 }
6547 }
6549 }
6551 /**
6552 * Hack to find out the GD version by parsing phpinfo output
6553 *
6554 * @return int GD version (1, 2, or 0)
6555 */
6565 }
6580 }
6584 }
6586 }
6587 }
6588 }
6591 }
6593 /**
6594 * Determine if moodle installation requires update
6595 *
6596 * Checks version numbers of main code and all modules to see
6597 * if there are any mismatches
6598 *
6599 * @uses $CFG
6600 * @return bool
6601 */
6610 }
6618 }
6623 }
6624 }
6625 }
6626 }
6629 }
6631 }
6634 /// MISCELLANEOUS ////////////////////////////////////////////////////////////////////
6636 /**
6637 * Notify admin users or admin user of any failed logins (since last notification).
6638 *
6639 * Note that this function must be only executed from the cron script
6640 * It uses the cache_flags system to store temporary records, deleting them
6641 * by name before finishing
6642 *
6643 * @uses $CFG
6644 * @uses $db
6645 * @uses HOURSECS
6646 */
6657 }
6661 }
6663 // we need to deal with the threshold stuff first.
6666 }
6668 /// Get all the IPs with more than notifyloginthreshold failures since lastnotifyfailure
6669 /// and insert them into the cache_flags temp table
6672 WHERE module = 'login'
6673 AND action = 'error'
6675 GROUP BY ip
6680 }
6681 }
6684 /// Get all the INFOs with more than notifyloginthreshold failures since lastnotifyfailure
6685 /// and insert them into the cache_flags temp table
6688 WHERE module = 'login'
6689 AND action = 'error'
6691 GROUP BY info
6696 }
6697 }
6700 /// Now, select all the login error logged records belonging to the ips and infos
6701 /// since lastnotifyfailure, that we have stored in the cache_flags table
6706 WHERE l.module = 'login'
6707 AND l.action = 'error'
6709 AND cf.flagtype = 'login_failure_by_ip'
6710 UNION ALL
6711 SELECT l.*, u.firstname, u.lastname
6715 WHERE l.module = 'login'
6716 AND l.action = 'error'
6718 AND cf.flagtype = 'login_failure_by_info'
6721 /// Init some variables
6724 /// Iterate over the logs recordset
6729 }
6732 /// If we haven't run in the last hour and
6733 /// we have something useful to report and we
6734 /// are actually supposed to be reporting to somebody
6735 if ((time() - HOURSECS) > $CFG->lastnotifyfailure && $count > 0 && is_array($recip) && count($recip) > 0) {
6738 /// Calculate the complete body of notification (start + messages + end)
6744 /// For each destination, send mail
6748 }
6750 /// Update lastnotifyfailure with current time
6752 }
6754 /// Finally, delete all the temp records we have created in cache_flags
6755 delete_records_select('cache_flags', "flagtype IN ('login_failure_by_ip', 'login_failure_by_info')");
6756 }
6758 /**
6759 * moodle_setlocale
6760 *
6761 * @uses $CFG
6762 * @param string $locale ?
6763 * @todo Finish documenting this function
6764 */
6773 /// Fetch the correct locale based on ostype
6778 }
6780 /// the priority is the same as in get_string() - parameter, config, course, session, user, global language
6787 }
6789 /// do nothing if locale already set up
6792 }
6794 /// Due to some strange BUG we cannot set the LC_TIME directly, so we fetch current values,
6795 /// set LC_ALL and then set values again. Just wondering why we cannot set LC_ALL only??? - stronk7
6796 /// Some day, numeric, monetary and other categories should be set too, I think. :-/
6798 /// Get current values
6804 }
6805 /// Set locale to all
6807 /// Set old values
6812 }
6813 if ($currentlocale == 'tr_TR' or $currentlocale == 'tr_TR.UTF-8') { // To workaround a well-known PHP problem with Turkish letter Ii
6815 }
6816 }
6818 /**
6819 * Converts string to lowercase using most compatible function available.
6820 *
6821 * @param string $string The string to convert to all lowercase characters.
6822 * @param string $encoding The encoding on the string.
6823 * @return string
6824 * @todo Add examples of calling this function with/without encoding types
6825 * @deprecated Use textlib->strtolower($text) instead.
6826 */
6829 //If not specified use utf8
6832 }
6833 //Use text services
6837 }
6839 /**
6840 * Count words in a string.
6841 *
6842 * Words are defined as things between whitespace.
6843 *
6844 * @param string $string The text to be searched for words.
6845 * @return int The count of words in the specified string
6846 */
6850 }
6852 /** Count letters in a string.
6853 *
6854 * Letters are defined as chars not in tags and different from whitespace.
6855 *
6856 * @param string $string The text to be searched for letters.
6857 * @return int The count of letters in the specified text.
6858 */
6860 /// Loading the textlib singleton instance. We are going to need it.
6867 }
6869 /**
6870 * Generate and return a random string of the specified length.
6871 *
6872 * @param int $length The length of the string to be created.
6873 * @return string
6874 */
6884 }
6886 }
6888 /**
6889 * Generate a complex random string (usefull for md5 salts)
6890 *
6891 * This function is based on the above {@link random_string()} however it uses a
6892 * larger pool of characters and generates a string between 24 and 32 characters
6893 *
6894 * @param int $length Optional if set generates a string to exactly this length
6895 * @return string
6896 */
6904 }
6908 }
6910 }
6912 /*
6913 * Given some text (which may contain HTML) and an ideal length,
6914 * this function truncates the text neatly on a word boundary if possible
6915 * @param string $text - text to be shortened
6916 * @param int $ideal - ideal string length
6917 * @param boolean $exact if false, $text will not be cut mid-word
6918 * @return string $truncate - shortened string
6919 */
6926 // if the plain text is shorter than the maximum length, return the whole text
6929 }
6931 // Splits on HTML tags. Each open/close/empty tag will be the first thing
6932 // and only tag in its 'line'
6938 // This array stores information about open and close tags and their position
6939 // in the truncated string. Each item in the array is an object with fields
6940 // ->open (true if open), ->tag (tag name in lower case), and ->pos
6941 // (byte position in truncated text)
6945 // if there is any html-tag in this line, handle it and add it (uncounted) to the output
6947 // if it's an "empty element" with or without xhtml-conform closing slash (f.e. <br/>)
6948 if (preg_match('/^<(\s*.+?\/\s*|\s*(img|br|input|hr|area|base|basefont|col|frame|isindex|link|meta|param)(\s.+?)?)>$/is', $line_matchings[1])) {
6949 // do nothing
6950 // if tag is a closing tag (f.e. </b>)
6952 // record closing tag
6955 // if tag is an opening tag (f.e. <b>)
6957 // record opening tag
6960 }
6961 // add html-tag to $truncate'd text
6963 }
6965 // calculate the length of the plain text part of the line; handle entities as one character
6966 $content_length = strlen(preg_replace('/&[0-9a-z]{2,8};|&#[0-9]{1,7};|&#x[0-9a-f]{1,6};/i', ' ', $line_matchings[2]));
6968 // the number of characters which are left
6971 // search for html entities
6972 if (preg_match_all('/&[0-9a-z]{2,8};|&#[0-9]{1,7};|&#x[0-9a-f]{1,6};/i', $line_matchings[2], $entities, PREG_OFFSET_CAPTURE)) {
6973 // calculate the real length of all entities in the legal range
6979 // no more characters left
6981 }
6982 }
6983 }
6985 // maximum lenght is reached, so get off the loop
6990 }
6992 // if the maximum length is reached, get off the loop
6995 }
6996 }
6998 // if the words shouldn't be cut in the middle...
7000 // ...search the last occurance of a space...
7009 }
7010 }
7011 }
7014 // ...and cut the text in this position
7016 }
7017 }
7019 // add the defined ending to the text
7022 // Now calculate the list of open html tags based on the truncate position
7026 // Don't include tags after we made the break!
7028 }
7030 // add tag to the beginning of $open_tags list
7033 $pos = array_search($taginfo->tag, array_reverse($open_tags, true)); // can have multiple exact same open tags, close the last one
7036 }
7037 }
7038 }
7040 // close all unclosed html-tags
7043 }
7046 }
7049 /**
7050 * Given dates in seconds, how many weeks is the date from startdate
7051 * The first week is 1, the second 2 etc ...
7052 *
7053 * @uses WEEKSECS
7054 * @param ? $startdate ?
7055 * @param ? $thedate ?
7056 * @return string
7057 * @todo Finish documenting this function
7058 */
7062 }
7065 }
7067 /**
7068 * returns a randomly generated password of length $maxlen. inspired by
7069 * {@link http://www.phpbuilder.com/columns/jesus19990502.php3} and
7070 * {@link http://es2.php.net/manual/en/function.str-shuffle.php#73254}
7071 *
7072 * @param int $maxlen The maximum size of the password being generated.
7073 * @return string
7074 */
7093 // Make sure we have enough characters to fulfill
7094 // complexity requirements
7098 }
7102 }
7106 }
7110 }
7112 // Now mix and shuffle it all
7121 }
7124 }
7126 /**
7127 * Given a float, prints it nicely.
7128 * Localized floats must not be used in calculations!
7129 *
7130 * @param float $flaot The float to print
7131 * @param int $places The number of decimal places to print.
7132 * @param bool $localized use localized decimal separator
7133 * @return string locale float
7134 */
7138 }
7143 }
7144 }
7146 /**
7147 * Converts locale specific floating point/comma number back to standard PHP float value
7148 * Do NOT try to do any math operations before this conversion on any user submitted floats!
7149 *
7150 * @param string $locale_float locale aware float representation
7151 */
7157 }
7159 $locale_float = str_replace(' ', '', $locale_float); // no spaces - those might be used as thousand separators
7162 }
7164 /**
7165 * Given a simple array, this shuffles it up just like shuffle()
7166 * Unlike PHP's shuffle() this function works on any machine.
7167 *
7168 * @param array $array The array to be rearranged
7169 * @return array
7170 */
7180 }
7182 }
7184 /**
7185 * Like {@link swapshuffle()}, but works on associative arrays
7186 *
7187 * @param array $array The associative array to be rearranged
7188 * @return array
7189 */
7197 }
7199 }
7201 /**
7202 * Given an arbitrary array, and a number of draws,
7203 * this function returns an array with that amount
7204 * of items. The indexes are retained.
7205 *
7206 * @param array $array ?
7207 * @param ? $draws ?
7208 * @return ?
7209 * @todo Finish documenting this function
7210 */
7220 }
7232 }
7235 }
7237 /**
7238 * microtime_diff
7239 *
7240 * @param string $a ?
7241 * @param string $b ?
7242 * @return string
7243 * @todo Finish documenting this function
7244 */
7249 }
7251 /**
7252 * Given a list (eg a,b,c,d,e) this function returns
7253 * an array of 1->a, 2->b, 3->c etc
7254 *
7255 * @param array $list ?
7256 * @param string $separator ?
7257 * @todo Finish documenting this function
7258 */
7264 }
7266 }
7268 /**
7269 * Creates an array that represents all the current grades that
7270 * can be chosen using the given grading type. Negative numbers
7271 * are scales, zero is no grade, and positive numbers are maximum
7272 * grades.
7273 *
7274 * @param int $gradingtype ?
7275 * return int
7276 * @todo Finish documenting this function
7277 */
7283 }
7287 }
7289 }
7291 }
7293 /**
7294 * This function returns the nummber of activities
7295 * using scaleid in a courseid
7296 *
7297 * @param int $courseid ?
7298 * @param int $scaleid ?
7299 * @return int
7300 * @todo Finish documenting this function
7301 */
7311 //Check cm->name/lib.php exists
7318 }
7319 }
7320 }
7321 }
7322 }
7324 // check if any course grade item makes use of the scale
7327 // check if any outcome in the course makes use of the scale
7331 WHERE go.id = goc.outcomeid
7334 }
7336 }
7338 /**
7339 * This function returns the nummber of activities
7340 * using scaleid in the entire site
7341 *
7342 * @param int $scaleid ?
7343 * @return int
7344 * @todo Finish documenting this function. Is return type correct?
7345 */
7354 }
7360 }
7361 }
7362 }
7364 }
7366 /**
7367 * make_unique_id_code
7368 *
7369 * @param string $extra ?
7370 * @return string
7371 * @todo Finish documenting this function
7372 */
7384 }
7394 }
7395 }
7398 /**
7399 * Function to check the passed address is within the passed subnet
7400 *
7401 * The parameter is a comma separated string of subnet definitions.
7402 * Subnet strings can be in one of three formats:
7403 * 1: xxx.xxx.xxx.xxx/xx
7404 * 2: xxx.xxx
7405 * 3: xxx.xxx.xxx.xxx-xxx //a range of IP addresses in the last group.
7406 * Code for type 1 modified from user posted comments by mediator at
7407 * {@link http://au.php.net/manual/en/function.ip2long.php}
7408 *
7409 * TODO one day we will have to make this work with IP6.
7410 *
7411 * @param string $addr The address you are checking
7412 * @param string $subnetstr The string of subnet addresses
7413 * @return bool
7414 */
7427 }
7430 }
7434 }
7436 }
7447 }
7451 }
7453 }
7457 }
7458 }
7460 }
7462 /**
7463 * This function sets the $HTTPSPAGEREQUIRED global
7464 * (used in some parts of moodle to change some links)
7465 * and calculate the proper wwwroot to be used
7466 *
7467 * By using this function properly, we can ensure 100% https-ized pages
7468 * at our entire discretion (login, forgot_password, change_password)
7469 */
7479 // change theme URLs to https
7485 }
7486 }
7488 /**
7489 * For outputting debugging info
7490 *
7491 * @uses STDOUT
7492 * @param string $string ?
7493 * @param string $eol ?
7494 * @todo Finish documenting this function
7495 */
7502 }
7506 //delay to keep message on user's screen in case of subsequent redirect
7509 }
7510 }
7512 //Replace 1 or more slashes or backslashes to 1 slash
7515 }
7518 //Zip an array of files/dirs to a destination zip file
7519 //Both parameters must be FULL paths to the files/dirs
7523 //Extract everything from destination
7529 //If no file, error
7532 }
7534 //If no extension, add it
7538 }
7540 //Check destination path exists
7543 }
7545 //Check destination path is writable. TODO!!
7547 //Clean destination filename
7550 //Now check and prepare every file
7555 //Check for every file
7557 //Calculate the base path for all files if it isn't set
7560 }
7561 //See if the file is readable
7564 }
7565 //See if the file/dir is in the same directory than the rest
7568 }
7569 //Add the file to the array
7571 }
7573 //Everything is ready:
7574 // -$origpath is the path where ALL the files to be compressed reside (dir).
7575 // -$destpath is the destination path where the zip file will go (dir).
7576 // -$files is an array of files/dirs to compress (fullpath)
7577 // -$destfilename is the name of the zip file (without path)
7579 //print_object($files); //Debug
7584 //rewrite filenames because the old method with PCLZIP_OPT_REMOVE_PATH does not work under win32
7592 }
7593 //create the archive
7598 }
7606 }
7607 //Construct the command
7612 //All converted to backslashes in WIN
7615 }
7617 }
7619 }
7622 //Unzip one zip file to a destination dir
7623 //Both parameters must be FULL paths
7624 //If destination isn't specified, it will be the
7625 //SAME directory where the zip file resides.
7629 //Extract everything from zipfile
7635 //If no file, error
7638 }
7640 //If no extension, error
7643 }
7645 //Clear $zipfile
7648 //Check zipfile exists
7651 }
7653 //If no destination, passed let's go with the same directory
7656 }
7658 //Clear $destination
7661 //Check destination path exists
7664 }
7666 //Check destination path is writable. TODO!!
7668 //Everything is ready:
7669 // -$zippath is the path where the zip file resides (dir)
7670 // -$zipfilename is the name of the zip file (without path)
7671 // -$destpath is the destination path where the zip file will uncompressed (dir)
7682 }
7693 }
7695 }
7706 //All converted to backslashes in WIN
7709 }
7711 }
7716 //Display some info about the unzip execution
7719 }
7722 }
7724 /**
7725 * Sanitize temporary unzipped files and move to target dir.
7726 * @param string $temppath path to temporary dir with unzip output
7727 * @param string $destpath destination path
7728 * @return void
7729 */
7741 //somebody tries to sneak in symbolik link - no way!
7743 }
7746 // invalid file name
7748 }
7750 // eh, weird chars collision detected
7752 }
7755 // recurse into subdirs
7757 }
7759 // rename and move the file
7761 //override existing files
7763 }
7766 }
7767 }
7768 }
7770 }
7771 }
7774 //This function is used as callback in unzip_file() function
7775 //to clean illegal characters for given platform and to prevent directory traversal.
7776 //Produces the same result as info-zip unzip.
7777 $p_header['filename'] = ereg_replace('[[:cntrl:]]', '', $p_header['filename']); //strip control chars first!
7778 $p_header['filename'] = ereg_replace('\.\.+', '', $p_header['filename']); //directory traversal protection
7780 $p_header['filename'] = ereg_replace('[:*"?<>|]', '_', $p_header['filename']); //replace illegal chars
7781 $p_header['filename'] = ereg_replace('^([a-zA-Z])_', '\1:', $p_header['filename']); //repair drive letter
7783 //Add filtering for other systems here
7784 // BSD: none (tested)
7785 // Linux: ??
7786 // MacosX: ??
7787 }
7788 $p_header['filename'] = cleardoubleslashes($p_header['filename']); //normalize the slashes/backslashes
7790 }
7793 //This function shows the results of the unzip execution
7794 //depending of the value of the $CFG->zip, results will be
7795 //text or an array of files.
7813 echo '<td align="left" style="white-space:nowrap ">'.s(clean_param($item['filename'], PARAM_PATH)).'</td>';
7818 }
7823 }
7833 }
7836 }
7837 }
7839 /**
7840 * Returns most reliable client address
7841 *
7842 * @return string The remote IP address
7843 */
7850 // This will happen, for example, before just after the upgrade, as the
7851 // user is redirected to the admin screen.
7855 }
7859 }
7860 }
7864 }
7865 }
7870 }
7871 }
7873 /**
7874 * Cleans a remote address ready to put into the log table
7875 */
7879 // first get all things that look like IP addresses.
7882 }
7886 // print_r($match);
7887 // check to make sure it's not an internal address.
7888 // the following are reserved for private lans...
7889 // 10.0.0.0 - 10.255.255.255
7890 // 172.16.0.0 - 172.31.255.255
7891 // 192.168.0.0 - 192.168.255.255
7892 // 169.254.0.0 -169.254.255.255
7895 // weird, preg match shouldn't give us it.
7897 }
7904 }
7905 // finally, it's ok
7907 }
7909 // perhaps we have a lan match, it's probably better to return that.
7914 }
7915 }
7918 }
7919 //Commented out following because there are so many, and it clogs the logs MDL-13544
7920 //error_log("NOTICE: cleanremoteaddr gives us something funny: $originaladdr had ".count($goodmatches)." matches");
7922 // We need to return something, so return the first
7924 }
7926 /**
7927 * file_put_contents is only supported by php 5.0 and higher
7928 * so if it is not predefined, define it here
7929 *
7930 * @param $file full path of the file to write
7931 * @param $contents contents to be sent
7932 * @return number of bytes written (false on error)
7933 */
7940 }
7942 }
7943 }
7945 /**
7946 * The clone keyword is only supported from PHP 5 onwards.
7947 * The behaviour of $obj2 = $obj1 differs fundamentally
7948 * between PHP 4 and PHP 5. In PHP 4 a copy of $obj1 was
7949 * created, in PHP 5 $obj1 is referenced. To create a copy
7950 * in PHP 5 the clone keyword was introduced. This function
7951 * simulates this behaviour for PHP < 5.0.0.
7952 * See also: http://mjtsai.com/blog/2004/07/15/php-5-object-references/
7953 *
7954 * Modified 2005-09-29 by Eloy (from Julian Sedding proposal)
7955 * Found a better implementation (more checks and possibilities) from PEAR:
7956 * http://cvs.php.net/co.php/pear/PHP_Compat/Compat/Function/clone.php
7957 *
7958 * @param object $obj
7959 * @return object
7960 */
7962 // the eval is needed to prevent PHP 5 from getting a parse error!
7965 /// Sanity check
7968 return;
7969 }
7971 /// Use serialize/unserialize trick to deep copy the object
7974 /// If there is a __clone method call it on the "new" class
7977 }
7980 }
7982 // Supply the PHP5 function scandir() to older versions.
7988 }
7990 }
7992 }
7994 // Supply the PHP5 function array_combine() to older versions.
7997 return false;
7998 }
8004 }
8006 }
8008 }
8010 /**
8011 * This function will make a complete copy of anything it's given,
8012 * regardless of whether it's an object or not.
8013 * @param mixed $thing
8014 * @return mixed
8015 */
8018 }
8021 /*
8022 * This function expects to called during shutdown
8023 * should be set via register_shutdown_function()
8024 * in lib/setup.php .
8025 *
8026 * Right now we do it only if we are under apache, to
8027 * make sure apache children that hog too much mem are
8028 * killed.
8029 *
8030 */
8035 // initially, we are only ever called under apache
8036 // but check just in case
8042 }
8045 @apache_child_terminate();
8046 }
8047 }
8052 }
8065 }
8066 }
8070 }
8071 }
8072 }
8073 }
8075 /**
8076 * If new messages are waiting for the current user, then return
8077 * Javascript code to create a popup window
8078 *
8079 * @return string Javascript code
8080 */
8090 }
8093 if (count_records_select('message', 'useridto = \''.$USER->id.'\' AND timecreated > \''.$USER->message_lastpopup.'\'')) {
8095 return '<script type="text/javascript">'."\n//<![CDATA[\n openpopup('/message/index.php', 'message',
8096 'menubar=0,location=0,scrollbars,status,resizable,width=400,height=500', 0);\n//]]>\n</script>";
8097 }
8098 }
8099 }
8100 }
8101 }
8104 }
8106 // Used to make sure that $min <= $value <= $max
8110 }
8113 }
8115 }
8121 }
8122 }
8124 }
8126 /**
8127 *** get_performance_info() pairs up with init_performance_info()
8128 *** loaded in setup.php. Returns an array with 'html' and 'txt'
8129 *** values ready for use, and each of the individual stats provided
8130 *** separately as well.
8131 ***
8132 **/
8148 $info['html'] .= '<span class="memoryused">RAM: '.display_size($info['memory_total']).'</span> ';
8149 $info['txt'] .= 'memory_total: '.$info['memory_total'].'B (' . display_size($info['memory_total']).') memory_growth: '.$info['memory_growth'].'B ('.display_size($info['memory_growth']).') ';
8150 }
8154 $info['html'] .= '<span class="memoryused">RAM peak: '.display_size($info['memory_peak']).'</span> ';
8155 $info['txt'] .= 'memory_peak: '.$info['memory_peak'].'B (' . display_size($info['memory_peak']).') ';
8156 }
8159 //error_log(print_r($inc,1));
8168 }
8174 }
8178 $info['html'] .= '<span class="profilinginfo">'.Profiler::get_profiling(array('-R')).'</span>';
8179 }
8186 }
8187 $info['html'] .= "<span class=\"posixtimes\">ticks: $info[ticks] user: $info[utime] sys: $info[stime] cuser: $info[cutime] csys: $info[cstime]</span> ";
8188 $info['txt'] .= "ticks: $info[ticks] user: $info[utime] sys: $info[stime] cuser: $info[cutime] csys: $info[cstime] ";
8189 }
8190 }
8192 // Grab the load average for the last minute
8193 // /proc will only work under some linux configurations
8194 // while uptime is there under MacOSX/Darwin and other unices
8198 } else if ( function_exists('is_executable') && is_executable('/usr/bin/uptime') && $loadavg = `/usr/bin/uptime` ) {
8203 }
8204 }
8209 }
8218 }
8221 }
8225 }
8227 /**
8228 * Delete directory or only it's content
8229 * @param string $dir directory path
8230 * @param bool $content_only
8231 * @return bool success, true also if dir does not exist
8232 */
8235 // nothing to do
8237 }
8246 }
8247 }
8248 }
8252 }
8254 }
8256 /**
8257 * Function to check if a directory exists and optionally create it.
8258 *
8259 * @param string absolute directory path (must be under $CFG->dataroot)
8260 * @param boolean create directory if does not exist
8261 * @param boolean create directory recursively
8262 *
8263 * @return boolean true if directory exists or created
8264 */
8270 debugging('Warning. Wrong call to check_dir_exists(). $dir must be an absolute path under $CFG->dataroot ("' . $dir . '" is incorrect)', DEBUG_DEVELOPER);
8271 }
8281 /// We are going to make it recursive under $CFG->dataroot only
8282 /// (will help sites running open_basedir security and others)
8284 /// PHP 5.0 has recursive mkdir parameter, but 4.x does not :-(
8286 /// Iterate over each part with start point $CFG->dataroot
8291 }
8297 }
8298 }
8299 }
8302 }
8303 }
8304 }
8306 }
8313 }
8314 // Set up default theme and locale
8318 //clear session cookies
8320 //PHP 5.2.0
8321 setcookie('MoodleSession'.$CFG->sessioncookie, '', time() - 3600, $CFG->sessioncookiepath, $CFG->sessioncookiedomain, $CFG->cookiesecure, $CFG->cookiehttponly);
8322 setcookie('MoodleSessionTest'.$CFG->sessioncookie, '', time() - 3600, $CFG->sessioncookiepath, $CFG->sessioncookiedomain, $CFG->cookiesecure, $CFG->cookiehttponly);
8324 setcookie('MoodleSession'.$CFG->sessioncookie, '', time() - 3600, $CFG->sessioncookiepath, $CFG->sessioncookiedomain, $CFG->cookiesecure);
8325 setcookie('MoodleSessionTest'.$CFG->sessioncookie, '', time() - 3600, $CFG->sessioncookiepath, $CFG->sessioncookiedomain, $CFG->cookiesecure);
8326 }
8327 //increment database error counters
8332 }
8334 }
8337 /**
8338 * Detect if an object or a class contains a given property
8339 * will take an actual object or the name of a class
8340 * @param mix $obj Name of class or real object to test
8341 * @param string $property name of property to find
8342 * @return bool true if property exists
8343 */
8347 }
8350 }
8352 }
8355 /**
8356 * Detect a custom script replacement in the data directory that will
8357 * replace an existing moodle script
8358 * @param string $urlpath path to the original script
8359 * @return string full path name if a custom script exists
8360 * @return bool false if no custom script exists
8361 */
8365 // set default $urlpath, if necessary
8368 }
8370 // $urlpath is invalid if it is empty or does not start with the Moodle wwwroot
8373 }
8375 // replace wwwroot with the path to the customscripts folder and clean path
8376 $scriptpath = $CFG->customscripts . clean_param(substr($urlpath, strlen($CFG->wwwroot)), PARAM_PATH);
8378 // remove the query string, if any
8381 }
8383 // remove trailing slashes, if any
8386 // append index.php, if necessary
8389 }
8391 // check the custom script exists
8396 }
8397 }
8399 /**
8400 * Wrapper function to load necessary editor scripts
8401 * to $CFG->editorsrc array. Params can be coursei id
8402 * or associative array('courseid' => value, 'name' => 'editorname').
8403 * @uses $CFG
8404 * @param mixed $args Courseid or associative array.
8405 */
8410 }
8412 /**
8413 * Returns whether or not the user object is a remote MNET user. This function
8414 * is in moodlelib because it does not rely on loading any of the MNET code.
8415 *
8416 * @param object $user A valid user object
8417 * @return bool True if the user is from a remote Moodle.
8418 */
8427 }
8430 }
8432 /**
8433 * Checks if a given plugin is in the list of enabled enrolment plugins.
8434 *
8435 * @param string $auth Enrolment plugin.
8436 * @return boolean Whether the plugin is enabled.
8437 */
8441 // use the global default if not specified
8444 }
8446 }
8448 /**
8449 * This function will search for browser prefereed languages, setting Moodle
8450 * to use the best one available if $SESSION->lang is undefined
8451 */
8457 // Lang is defined in session or user profile, nothing to do
8459 }
8461 if (!isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { // There isn't list of browser langs, nothing to do
8463 }
8465 /// Extract and clean langs from headers
8480 }
8481 }
8486 /// Look for such langs under standard locations
8488 $lang = strtolower(clean_param($lang.'_utf8', PARAM_SAFEDIR)); // clean it properly for include
8491 }
8492 if (file_exists($CFG->dataroot .'/lang/'. $lang) or file_exists($CFG->dirroot .'/lang/'. $lang)) {
8495 }
8496 }
8498 }
8501 ////////////////////////////////////////////////////////////////////////////////
8508 }
8509 }
8511 /**
8512 * Checks whether the given variable name is defined as a variable within the given object.
8513 * @note This will NOT work with stdClass objects, which have no class variables.
8514 * @param string $var The variable name
8515 * @param object $object The object to check
8516 * @return boolean
8517 */
8522 }
8524 /**
8525 * Returns an array without repeated objects.
8526 * This function is similar to array_unique, but for arrays that have objects as values
8527 *
8528 * @param unknown_type $array
8529 * @param unknown_type $keep_key_assoc
8530 * @return unknown
8531 */
8537 // convert objects to arrays, in_array() does not support objects
8540 }
8546 }
8547 }
8551 }
8554 }
8556 /**
8557 * Returns the language string for the given plugin.
8558 *
8559 * @param string $plugin the plugin code name
8560 * @param string $type the type of plugin (mod, block, filter)
8561 * @return string The plugin language string
8562 */
8577 }
8578 }
8585 }
8590 }
8593 }
8595 /**
8596 * Is a userid the primary administrator?
8597 *
8598 * @param $userid int id of user to check
8599 * @return boolean
8600 */
8608 }
8609 }
8611 /**
8612 * @return string $CFG->siteidentifier, first making sure it is properly initialised.
8613 */
8616 // Check to see if it is missing. If so, initialise it.
8619 }
8620 // Return it.
8622 }
8624 // vim:autoindent:expandtab:shiftwidth=4:tabstop=4:tw=140:
8625 ?>