MDL-35472: Prevent html tags appearing in page titles
[moodle.git] / admin / category.php
blob1d68207221cf6d677e4632d1205955864a5fe180
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17 /**
18 * This file is used to display a categories sub categories, external pages, and settings.
20 * @since 2.3
21 * @package admin
22 * @copyright 2011 Sam Hemelryk
23 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
26 require_once('../config.php');
27 require_once($CFG->libdir.'/adminlib.php');
29 $category = required_param('category', PARAM_SAFEDIR);
30 $return = optional_param('return','', PARAM_ALPHA);
31 $adminediting = optional_param('adminedit', -1, PARAM_BOOL);
33 /// no guest autologin
34 require_login(0, false);
35 $PAGE->set_context(context_system::instance());
36 $PAGE->set_url('/admin/category.php', array('category' => $category));
37 $PAGE->set_pagetype('admin-setting-' . $category);
38 $PAGE->set_pagelayout('admin');
39 $PAGE->navigation->clear_cache();
41 $adminroot = admin_get_root(); // need all settings
42 $settingspage = $adminroot->locate($category, true);
44 if (empty($settingspage) or !($settingspage instanceof admin_category)) {
45 print_error('categoryerror', 'admin', "$CFG->wwwroot/$CFG->admin/");
48 if (!($settingspage->check_access())) {
49 print_error('accessdenied', 'admin');
53 $statusmsg = '';
54 $errormsg = '';
56 if ($data = data_submitted() and confirm_sesskey()) {
57 if (admin_write_settings($data)) {
58 $statusmsg = get_string('changessaved');
61 if (empty($adminroot->errors)) {
62 switch ($return) {
63 case 'site': redirect("$CFG->wwwroot/");
64 case 'admin': redirect("$CFG->wwwroot/$CFG->admin/");
66 } else {
67 $errormsg = get_string('errorwithsettings', 'admin');
68 $firsterror = reset($adminroot->errors);
70 $adminroot = admin_get_root(true); //reload tree
71 $settingspage = $adminroot->locate($category, true);
74 if ($PAGE->user_allowed_editing() && $adminediting != -1) {
75 $USER->editing = $adminediting;
78 if ($PAGE->user_allowed_editing()) {
79 $url = clone($PAGE->url);
80 if ($PAGE->user_is_editing()) {
81 $caption = get_string('blockseditoff');
82 $url->param('adminedit', 'off');
83 } else {
84 $caption = get_string('blocksediton');
85 $url->param('adminedit', 'on');
87 $buttons = $OUTPUT->single_button($url, $caption, 'get');
90 $savebutton = false;
91 $outputhtml = '';
92 foreach ($settingspage->children as $childpage) {
93 if ($childpage->is_hidden()) {
94 continue;
96 if ($childpage instanceof admin_externalpage) {
97 $outputhtml .= $OUTPUT->heading(html_writer::link($childpage->url, $childpage->visiblename), 3);
98 } else if ($childpage instanceof admin_settingpage) {
99 $outputhtml .= $OUTPUT->heading(html_writer::link(new moodle_url('/'.$CFG->admin.'/settings.php', array('section' => $childpage->name)), $childpage->visiblename), 3);
100 } else if ($childpage instanceof admin_category) {
101 $outputhtml .= $OUTPUT->heading(html_writer::link(new moodle_url('/'.$CFG->admin.'/category.php', array('category' => $childpage->name)), get_string('admincategory', 'admin', $childpage->visiblename)), 3);
102 } else {
103 continue;
105 if (!empty($childpage->settings)) {
106 $outputhtml .= html_writer::start_tag('fieldset', array('class' => 'adminsettings'));
107 foreach ($childpage->settings as $setting) {
108 if (empty($setting->nosave)) {
109 $savebutton = true;
111 $fullname = $setting->get_full_name();
112 if (array_key_exists($fullname, $adminroot->errors)) {
113 $data = $adminroot->errors[$fullname]->data;
114 } else {
115 $data = $setting->get_setting();
117 $outputhtml .= html_writer::tag('div', '<!-- -->', array('class' => 'clearer'));
118 $outputhtml .= $setting->output_html($data);
120 $outputhtml .= html_writer::end_tag('fieldset');
123 if ($savebutton) {
124 $outputhtml .= html_writer::start_tag('div', array('class' => 'form-buttons'));
125 $outputhtml .= html_writer::empty_tag('input', array('class' => 'form-submit', 'type' => 'submit', 'value' => get_string('savechanges','admin')));
126 $outputhtml .= html_writer::end_tag('div');
129 $visiblepathtosection = array_reverse($settingspage->visiblepath);
130 $PAGE->set_title("$SITE->shortname: " . implode(": ",$visiblepathtosection));
131 $PAGE->set_heading($SITE->fullname);
132 $PAGE->set_button($buttons);
134 echo $OUTPUT->header();
136 if ($errormsg !== '') {
137 echo $OUTPUT->notification($errormsg);
138 } else if ($statusmsg !== '') {
139 echo $OUTPUT->notification($statusmsg, 'notifysuccess');
142 $path = array_reverse($settingspage->visiblepath);
143 if (is_array($path)) {
144 $visiblename = join(' / ', $path);
145 } else {
146 $visiblename = $path;
148 echo $OUTPUT->heading(get_string('admincategory', 'admin', $visiblename), 2);
150 echo html_writer::start_tag('form', array('action' => '', 'method' => 'post', 'id' => 'adminsettings'));
151 echo html_writer::start_tag('div');
152 echo html_writer::input_hidden_params(new moodle_url($PAGE->url, array('sesskey' => sesskey(), 'return' => $return)));
153 echo html_writer::end_tag('div');
154 echo html_writer::start_tag('fieldset');
155 echo html_writer::tag('div', '<!-- -->', array('class' => 'clearer'));
156 echo $outputhtml;
157 echo html_writer::end_tag('fieldset');
158 echo html_writer::end_tag('form');
160 echo $OUTPUT->footer();