2 // config.php - allows admin to edit all configuration variables
4 require_once("../config.php");
6 if ($site = get_site()) { // If false then this is a new installation
9 error("Only the admin can use this page");
13 /// This is to overcome the "insecure forms paradox"
14 if (isset($secureforms) and $secureforms == 0) {
20 /// If data submitted, then process and store.
22 if ($config = data_submitted($match)) {
24 if (!empty($USER->id
)) { // Additional identity check
25 if (!confirm_sesskey()) {
26 error(get_string('confirmsesskeybad', 'error'));
30 validate_form($config, $err);
32 if (count($err) == 0) {
34 foreach ($config as $name => $value) {
35 if ($name == "sessioncookie") {
36 $value = eregi_replace("[^a-zA-Z]", "", $value);
40 $conf->value
= $value;
41 if ($current = get_record("config", "name", $name)) {
42 $conf->id
= $current->id
;
43 if (! update_record("config", $conf)) {
44 notify("Could not update $name to $value");
47 if (! insert_record("config", $conf)) {
48 notify("Error: could not add new variable $name !");
52 redirect("index.php", get_string("changessaved"), 1);
56 foreach ($err as $key => $value) {
62 /// Otherwise fill and print the form.
66 if (!$config->locale
= get_field("config", "value", "name", "locale")) {
67 $config->locale
= $CFG->lang
;
74 $stradmin = get_string("administration");
75 $strconfiguration = get_string("configuration");
76 $strconfigvariables = get_string("configvariables");
79 print_header("$site->shortname: $strconfigvariables", $site->fullname
,
80 "<a href=\"index.php\">$stradmin</a> -> ".
81 "<a href=\"configure.php\">$strconfiguration</a> -> $strconfigvariables", $focus);
82 print_heading($strconfigvariables);
85 print_heading($strconfigvariables);
86 print_simple_box(get_string("configintro"), "center", "50%");
90 $sesskey = !empty($USER->id
) ?
$USER->sesskey
: '';
92 print_simple_box_start("center", "", "$THEME->cellheading");
93 include("config.html");
94 print_simple_box_end();
98 $httpsurl = str_replace('http://', 'https://', $CFG->wwwroot
);
99 if ($httpsurl != $CFG->wwwroot
) {
100 if ((($fh = @fopen
($httpsurl, 'r')) == false) and ($config->loginhttps
== 0)) {
101 echo '<script>'."\n";
103 echo "eval('document.form.loginhttps.disabled=true');\n";
105 echo '</script>'."\n";
116 /// Functions /////////////////////////////////////////////////////////////////
118 function validate_form(&$form, &$err) {
120 // Currently no checks are needed ...