Commit 63625276 authored by Thomas Fradet's avatar Thomas Fradet
Browse files

fix capacities and param names

parent ca7d1cff
......@@ -65,3 +65,10 @@ Ajout d'un lien pour revenir au cours, visible par l'étudiant et l'enseignant.
#### Lien vers l'édition
Ajout d'un bouton en haut de page pour éditer le parcours, visible uniquement par l'enseignant.
### Gestion des droits
Ajout de vérification du droit d'éditer le cours pour les interfaces d'édition de parcours. Modification de noms de paramètres.
......@@ -52,9 +52,7 @@ class block_career extends block_base
*/
public function get_content()
{
global $CFG;
global $COURSE;
global $DB;
global $CFG, $COURSE, $DB, $USER;
if ($this->content !== null) {
return $this->content;
......@@ -97,8 +95,11 @@ class block_career extends block_base
if (empty($request)) {
$this->content->text .= "<p>" . get_string('any_carrer', 'block_career') . "</p>";
}
if (has_capability('moodle/course:update', $context = context_course::instance($COURSE->id), $USER->id)) {
$this->content->text .= '<a href="' . $CFG->wwwroot . '/blocks/career/career_list.php?courseid=' . $COURSE->id . '" type="button " class="btn btn-primary btn-career-block mt-3">Gérer les parcours</a>';
}
$this->content->text .= '<a href="' . $CFG->wwwroot . '/blocks/career/career_list.php?course=' . $COURSE->id . '" type="button " class="btn btn-primary btn-career-block mt-3">Gérer les parcours</a>';
// $this->content->text .= "<p></p>";
......
<?php
define('NO_OUTPUT_BUFFERING', true);
require_once('../../config.php');
require_once('entity/block_career_ressource.php');
require_once('entity/block_career_section.php');
require_once('view/view_career_list.php');
global $COURSE;
global $USER;
global $DB;
global $CFG;
require_once($CFG->libdir . '/adminlib.php');
$id_course = required_param('course', PARAM_INT);
$url = new moodle_url('/blocks/career/career_list.php', array('course' => $id_course));
// define('NO_OUTPUT_BUFFERING', true);
require_once('../../config.php');
require_once('entity/block_career_ressource.php');
require_once('entity/block_career_section.php');
require_once('view/view_career_list.php');
global $USER, $DB, $CFG;
require_once($CFG->libdir . '/adminlib.php');
$id_course = required_param('courseid', PARAM_INT);
$url = new moodle_url('/blocks/career/career_list.php', array('courseid' => $id_course));
//Check if the user has capability to update course
if (!has_capability('moodle/course:update', $context = context_course::instance($id_course), $USER->id)) {
header("Location: {$_SERVER['HTTP_REFERER']}");
exit;
}
$PAGE->set_url($url);
$PAGE->set_pagelayout('admin');
$course = $DB->get_record('course', array('id' => $id_course), '*', MUST_EXIST);
require_login($course, false, NULL);
$PAGE->set_title(get_string('title_plugin', 'block_career'));
$PAGE->set_heading($OUTPUT->heading($COURSE->fullname, 2, 'headingblock header outline'));
$ressource = new block_career_ressource();
$section = new block_career_section();
echo $OUTPUT->header();
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"styles.css\">";
$content = new view_career_list();
echo $content->get_content();
echo $OUTPUT->footer();
\ No newline at end of file
if (!has_capability('moodle/course:update', $context = context_course::instance($id_course), $USER->id)) {
$link = $CFG->wwwroot . '/course/view.php?id=' . $id_course;
header("Location: {$link}");
exit;
}
$PAGE->set_url($url);
$PAGE->set_pagelayout('admin');
$course = $DB->get_record('course', array('id' => $id_course), '*', MUST_EXIST);
require_login($course, false, NULL);
$PAGE->set_title(get_string('title_plugin', 'block_career'));
$PAGE->set_heading($OUTPUT->heading($COURSE->fullname, 2, 'headingblock header outline'));
// $ressource = new block_career_ressource();
// $section = new block_career_section();
echo $OUTPUT->header();
// echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"styles.css\">";
$content = new view_career_list();
echo $content->get_content();
echo $OUTPUT->footer();
\ No newline at end of file
<?php
ob_start();
require_once('../../config.php');
global $COURSE, $DB, $CFG;
require_once("$CFG->libdir/formslib.php");
require_once('entity/block_career_ressource.php');
require_once('entity/block_career_section.php');
require_once('view/view_career_setting.php');
$id_course = required_param('course', PARAM_INT);
$url = new moodle_url('/blocks/career/career_setting.php', array('course' => $id_course));
$PAGE->set_pagelayout('course');
$PAGE->set_url($url);
$course = $DB->get_record('course', array('id' => $id_course), '*', MUST_EXIST);
require_login($course, false, NULL);
$PAGE->set_title(get_string('title_plugin', 'block_career'));
$PAGE->set_heading($OUTPUT->heading($COURSE->fullname, 2, 'headingblock header outline'));
echo $OUTPUT->header();
$PAGE->requires->js("/blocks/career/js/jquery.min.js");
$PAGE->requires->js("/blocks/career/js/file.js");
ob_start();
require_once('../../config.php');
global $COURSE, $DB, $CFG, $USER;
require_once("$CFG->libdir/formslib.php");
require_once('entity/block_career_ressource.php');
require_once('entity/block_career_section.php');
require_once('view/view_career_setting.php');
$id_course = required_param('courseid', PARAM_INT);
$url = new moodle_url('/blocks/career/career_setting.php', array('courseid' => $id_course));
$PAGE->set_pagelayout('course');
$PAGE->set_url($url);
// $course = $DB->get_record('course', array('id' => $id_course), '*', MUST_EXIST);
require_login($id_course, false, NULL);
// $COURSE is === "1" before require_login !!!
if (!has_capability('moodle/course:update', $context = context_course::instance($COURSE->id), $USER->id)) {
$link = $CFG->wwwroot . '/course/view.php?id=' . $COURSE->id;
header("Location: {$link}");
exit;
}
$PAGE->set_title(get_string('title_plugin', 'block_career'));
$PAGE->set_heading($OUTPUT->heading($COURSE->fullname, 2, 'headingblock header outline'));
echo $OUTPUT->header();
$PAGE->requires->js("/blocks/career/js/jquery.min.js");
$PAGE->requires->js("/blocks/career/js/file.js");
// echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"styles.css\">";
$content = new view_career_setting();
echo $content->get_content();
$content = new view_career_setting();
echo $content->get_content();
// Delete career
if (isset($_GET["delete"]) && $_GET["delete"] == 1) {
$DB->execute("DELETE FROM {block_career} WHERE id = ?", array($_GET["id"]));
header("Location: $CFG->wwwroot/blocks/career/career_list.php?course=" . $_GET["course"]);
}
if (!empty($_POST["careerName"])) {
$ressourses = "";
foreach ($_POST["ressource"] as $value) {
if ($value === end($_POST["ressource"])) {
$ressourses .= "$value";
} else {
$ressourses .= "$value,";
}
if (isset($_GET["delete"]) && $_GET["delete"] == 1) {
$DB->execute("DELETE FROM {block_career} WHERE id = ?", array($_GET["id"]));
header("Location: $CFG->wwwroot/blocks/career/career_list.php?courseid=" . $_GET["courseid"]);
}
if (!empty($_POST["careerName"])) {
$ressourses = "";
foreach ($_POST["ressource"] as $value) {
if ($value === end($_POST["ressource"])) {
$ressourses .= "$value";
} else {
$ressourses .= "$value,";
}
}
//$record is use for insert/update in database
$record = new stdClass();
$record->course = intval($_GET["course"]);
$record->name = $_POST["careerName"];
$record->description = $_POST["descriptionName"]["text"];
$record = new stdClass();
$record->course = intval($_GET["courseid"]);
$record->name = $_POST["careerName"];
$record->description = $_POST["descriptionName"]["text"];
// if (isset($_FILES['imageName']['tmp_name'])) {
// $pathDir = "img/";
// $pathFile = $pathDir . basename($_FILES["imageName"]["name"]);
......@@ -61,22 +68,22 @@
// } else {
// $record->image = $_POST["imagePath"];
// }
$record->image = "";
$record->ressources = $ressourses;
if ($_POST["careerId"] != 0) {
$record->id = intval($_POST["careerId"]);
$lastinsertid = $DB->update_record('block_career', $record);
} else {
$lastinsertid = $DB->insert_record('block_career', $record);
}
if ($lastinsertid != 0) {
header("Location: $CFG->wwwroot/blocks/career/career_list.php?course=" . $_GET["course"]);
}
$record->image = "";
$record->ressources = $ressourses;
if ($_POST["careerId"] != 0) {
$record->id = intval($_POST["careerId"]);
$lastinsertid = $DB->update_record('block_career', $record);
} else {
$lastinsertid = $DB->insert_record('block_career', $record);
}
if ($lastinsertid != 0) {
header("Location: $CFG->wwwroot/blocks/career/career_list.php?courseid=" . $_GET["courseid"]);
}
echo $OUTPUT->footer();
}
echo $OUTPUT->footer();
<?php
class view_career_list
{
/**
* @return string
*/
public function get_content()
{
global $DB, $CFG;
$content = "<h2>" . get_string('title_plugin', 'block_career') . "</h2>";
$content .= "<div class='alert alert-info'>" . get_string('heading_plugin', 'block_career') . "</div>";
$request = $DB->get_records_sql('SELECT * FROM {block_career} WHERE course = ?', array($_GET["course"]));
class view_career_list
{
/**
* @return string
*/
public function get_content()
{
global $DB, $CFG, $COURSE, $USER;
if (!has_capability('moodle/course:update', $context = context_course::instance($COURSE->id), $USER->id)) {
$link = $CFG->wwwroot . '/course/view.php?id=' . $COURSE->id;
header("Location: {$link}");
exit;
}
$content = "<h2>" . get_string('title_plugin', 'block_career') . "</h2>";
$content .= "<div class='alert alert-info'>" . get_string('heading_plugin', 'block_career') . "</div>";
$request = $DB->get_records_sql('SELECT * FROM {block_career} WHERE course = ?', array($_GET["courseid"]));
// $image = "";
foreach ($request as $value) {
foreach ($request as $value) {
// if (file_get_contents($value->image) != null) {
// $image = "<img src='$value->image' class='img_moodle_course'/>";
// }
$content .= "<div class='card card-block mb-3'>
<div class='card-body'>
<h2 class='card-title'>$value->name</h2>
<p class='card-text'>$value->description</p>
<a href='$CFG->wwwroot/blocks/career/career_setting.php?course=" . $_GET["course"] . "&id=$value->id' class='btn btn-primary btn-sm path-list-edit-link'>Modifier</a>
</div>
</div>";
$content .= "<div class='card card-block mb-3'>
<div class='card-body'>
<h2 class='card-title'>$value->name</h2>
<p class='card-text'>$value->description</p>
<a href='$CFG->wwwroot/blocks/career/career_setting.php?courseid=" . $_GET["courseid"] . "&pathid=$value->id' class='btn btn-primary btn-sm path-list-edit-link'>Modifier</a>
</div>
</div>";
// $content .= "<div class='card card_block'>
// <div class='row'>
......@@ -39,17 +45,17 @@
// <div class='col-lg-1 col-md-1 padding_column'><a style='color:black' href='$CFG->wwwroot/blocks/career/career_setting.php?course=" . $_GET["course"] . "&id=$value->id'><i class=\"fa fa-cog fa-2x\"></a></i></div>
// </div>
// </div>";
}
if (empty($request)) {
$content .= "<p>" . get_string('any_carrer', 'block_career') . "</p>";
}
}
if (empty($request)) {
$content .= "<p>" . get_string('any_carrer', 'block_career') . "</p>";
}
// Button for adding course to the list
$content .= "<a href='$CFG->wwwroot/blocks/career/career_setting.php?course=" . $_GET["course"] . "' class='btn btn-primary'>" . get_string('add_path', 'block_career') . "</a>";
return $content;
}
}
\ No newline at end of file
$content .= "<a href='$CFG->wwwroot/blocks/career/career_setting.php?courseid=" . $COURSE->id . "' class='btn btn-primary'>" . get_string('add_path', 'block_career') . "</a>";
return $content;
}
}
\ No newline at end of file
......@@ -28,8 +28,8 @@ class view_career_setting extends moodleform
global $DB, $CFG;
$mform = $this->_form;
$careerId = optional_param('id', NULL, PARAM_INT);
$course = required_param('course', PARAM_INT);
$careerId = optional_param('pathid', NULL, PARAM_INT);
$course = required_param('courseid', PARAM_INT);
$name = "";
$description = "";
......@@ -74,7 +74,7 @@ class view_career_setting extends moodleform
$sections = block_career_section::get_sections_by_id_course($course);
$content .= '<div class="row"><form class="col-12" action="career_setting.php?course=' . $course . '" method="post" enctype="multipart/form-data">';
$content .= '<div class="row"><form class="col-12" action="career_setting.php?courseid=' . $course . '" method="post" enctype="multipart/form-data">';
$content .= $temp;
......@@ -173,12 +173,12 @@ class view_career_setting extends moodleform
<div class="row mt-3">
<div class="col">
<input type="hidden" name="careerId" value="'.$careerId.'">
<a href=' . $CFG->wwwroot . "/blocks/career/career_list.php?course=" . $course . ' class="btn btn-secondary">Annuler</a> ';
<a href=' . $CFG->wwwroot . "/blocks/career/career_list.php?courseid=" . $course . ' class="btn btn-secondary">Annuler</a> ';
if ($careerId != 0) {
$content .= "<a href='$CFG->wwwroot/blocks/career/career_setting.php?course=$course&delete=1&id=$careerId' class='btn btn-danger'>Supprimer</a> ";
$content .= "<a href='$CFG->wwwroot/blocks/career/career_setting.php?courseid=$course&delete=1&id=$careerId' class='btn btn-danger'>Supprimer</a> ";
}
$content .= '
......
......@@ -52,7 +52,7 @@ $sections = array_combine($keys,$sections);
ksort($sections);
$cours_url = $CFG->wwwroot . "/course/view.php?id=" . $COURSE->id;
$edit_url = $CFG->wwwroot . "/blocks/career/career_setting.php?course=" . $COURSE->id . "&id=" . $careerId;
$edit_url = $CFG->wwwroot . "/blocks/career/career_setting.php?courseid=" . $COURSE->id . "&pathid=" . $careerId;
?>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment