MDL-48430 custom_menu: Malformed url in custom menu cannot break the platform
[moodle.git] / admin / settings.php
blob323644467b652bac51b4ad3cc5160ec9862f80f1
1 <?php
3 require_once('../config.php');
4 require_once($CFG->libdir.'/adminlib.php');
6 $section = required_param('section', PARAM_SAFEDIR);
7 $return = optional_param('return','', PARAM_ALPHA);
8 $adminediting = optional_param('adminedit', -1, PARAM_BOOL);
10 /// no guest autologin
11 require_login(0, false);
12 $PAGE->set_context(context_system::instance());
13 $PAGE->set_url('/admin/settings.php', array('section' => $section));
14 $PAGE->set_pagetype('admin-setting-' . $section);
15 $PAGE->set_pagelayout('admin');
16 $PAGE->navigation->clear_cache();
17 navigation_node::require_admin_tree();
19 $adminroot = admin_get_root(); // need all settings
20 $settingspage = $adminroot->locate($section, true);
22 if (empty($settingspage) or !($settingspage instanceof admin_settingpage)) {
23 print_error('sectionerror', 'admin', "$CFG->wwwroot/$CFG->admin/");
24 die;
27 if (!($settingspage->check_access())) {
28 print_error('accessdenied', 'admin');
29 die;
32 /// WRITING SUBMITTED DATA (IF ANY) -------------------------------------------------------------------------------
34 $statusmsg = '';
35 $errormsg = '';
37 if ($data = data_submitted() and confirm_sesskey()) {
38 if (admin_write_settings($data)) {
39 $statusmsg = get_string('changessaved');
42 if (empty($adminroot->errors)) {
43 switch ($return) {
44 case 'site': redirect("$CFG->wwwroot/");
45 case 'admin': redirect("$CFG->wwwroot/$CFG->admin/");
47 } else {
48 $errormsg = get_string('errorwithsettings', 'admin');
49 $firsterror = reset($adminroot->errors);
51 $adminroot = admin_get_root(true); //reload tree
52 $settingspage = $adminroot->locate($section, true);
55 if ($PAGE->user_allowed_editing() && $adminediting != -1) {
56 $USER->editing = $adminediting;
59 /// print header stuff ------------------------------------------------------------
60 if (empty($SITE->fullname)) {
61 $PAGE->set_title($settingspage->visiblename);
62 $PAGE->set_heading($settingspage->visiblename);
64 echo $OUTPUT->header();
65 echo $OUTPUT->box(get_string('configintrosite', 'admin'));
67 if ($errormsg !== '') {
68 echo $OUTPUT->notification($errormsg);
70 } else if ($statusmsg !== '') {
71 echo $OUTPUT->notification($statusmsg, 'notifysuccess');
74 // ---------------------------------------------------------------------------------------------------------------
76 echo '<form action="settings.php" method="post" id="adminsettings">';
77 echo '<div class="settingsform clearfix">';
78 echo html_writer::input_hidden_params($PAGE->url);
79 echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
80 echo '<input type="hidden" name="return" value="'.$return.'" />';
82 echo $settingspage->output_html();
84 echo '<div class="form-buttons"><input class="form-submit" type="submit" value="'.get_string('savechanges','admin').'" /></div>';
86 echo '</div>';
87 echo '</form>';
89 } else {
90 if ($PAGE->user_allowed_editing()) {
91 $url = clone($PAGE->url);
92 if ($PAGE->user_is_editing()) {
93 $caption = get_string('blockseditoff');
94 $url->param('adminedit', 'off');
95 } else {
96 $caption = get_string('blocksediton');
97 $url->param('adminedit', 'on');
99 $buttons = $OUTPUT->single_button($url, $caption, 'get');
100 $PAGE->set_button($buttons);
103 $visiblepathtosection = array_reverse($settingspage->visiblepath);
105 $PAGE->set_title("$SITE->shortname: " . implode(": ",$visiblepathtosection));
106 $PAGE->set_heading($SITE->fullname);
107 echo $OUTPUT->header();
109 if ($errormsg !== '') {
110 echo $OUTPUT->notification($errormsg);
112 } else if ($statusmsg !== '') {
113 echo $OUTPUT->notification($statusmsg, 'notifysuccess');
116 // ---------------------------------------------------------------------------------------------------------------
118 echo '<form action="settings.php" method="post" id="adminsettings">';
119 echo '<div class="settingsform clearfix">';
120 echo html_writer::input_hidden_params($PAGE->url);
121 echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
122 echo '<input type="hidden" name="return" value="'.$return.'" />';
123 echo $OUTPUT->heading($settingspage->visiblename);
125 echo $settingspage->output_html();
127 if ($settingspage->show_save()) {
128 echo '<div class="form-buttons"><input class="form-submit" type="submit" value="'.get_string('savechanges','admin').'" /></div>';
131 echo '</div>';
132 echo '</form>';
135 $PAGE->requires->yui_module('moodle-core-formchangechecker',
136 'M.core_formchangechecker.init',
137 array(array(
138 'formid' => 'adminsettings'
141 $PAGE->requires->string_for_js('changesmadereallygoaway', 'moodle');
143 echo $OUTPUT->footer();