AutorÃa | Ultima modificación | Ver Log |
<?php// This file is part of Moodle - http://moodle.org///// Moodle is free software: you can redistribute it and/or modify// it under the terms of the GNU General Public License as published by// the Free Software Foundation, either version 3 of the License, or// (at your option) any later version.//// Moodle is distributed in the hope that it will be useful,// but WITHOUT ANY WARRANTY; without even the implied warranty of// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the// GNU General Public License for more details.//// You should have received a copy of the GNU General Public License// along with Moodle. If not, see <http://www.gnu.org/licenses/>./*** This file is the main controller to do with the portfolio export wizard.** @package core_portfolio* @copyright 2008 Penny Leach <penny@catalyst.net.nz>,* Martin Dougiamas <http://dougiamas.com>* @license http://www.gnu.org/copyleft/gpl.html GNU GPL*/require_once(__DIR__ . '/../config.php');if (empty($CFG->enableportfolios)) {throw new \moodle_exception('disabled', 'portfolio');}require_once($CFG->libdir . '/portfoliolib.php');require_once($CFG->libdir . '/portfolio/exporter.php');require_once($CFG->libdir . '/portfolio/caller.php');require_once($CFG->libdir . '/portfolio/plugin.php');$dataid = optional_param('id', 0, PARAM_INT); // The ID of partially completed export, corresponds to a record in portfolio_tempdata.$type = optional_param('type', null, PARAM_SAFEDIR); // If we're returning from an external system (postcontrol) for a single-export only plugin.$cancel = optional_param('cancel', 0, PARAM_RAW); // User has cancelled the request.$cancelsure = optional_param('cancelsure', 0, PARAM_BOOL); // Make sure they confirm first.$logreturn = optional_param('logreturn', 0, PARAM_BOOL); // When cancelling, we can also come from the log page, rather than the caller.$instanceid = optional_param('instance', 0, PARAM_INT); // The instance of configured portfolio plugin.$courseid = optional_param('course', 0, PARAM_INT); // The courseid the data being exported belongs to (caller object should provide this later).$stage = optional_param('stage', PORTFOLIO_STAGE_CONFIG, PARAM_INT); // Stage of the export we're at (stored in the exporter).$postcontrol = optional_param('postcontrol', 0, PARAM_INT); // When returning from some bounce to an external system, this gets passed.$callbackcomponent = optional_param('callbackcomponent', null, PARAM_PATH); // Callback component eg mod_forum - the component of the exporting content.$callbackclass = optional_param('callbackclass', null, PARAM_ALPHAEXT); // Callback class eg forum_portfolio_caller - the class to handle the exporting content.$callerformats = optional_param('callerformats', null, PARAM_TAGLIST); // Comma separated list of formats the specific place exporting content supports.require_login(); // this is selectively called again with $course later when we know for sure which one we're in.$PAGE->set_context(context_system::instance());$PAGE->set_url('/portfolio/add.php', array('id' => $dataid, 'sesskey' => sesskey()));$PAGE->set_pagelayout('admin');$exporter = null;if ($postcontrol && $type && !$dataid) {// we're returning from an external system that can't construct dynamic return urls// this is a special "one export of this type only per session" caseif (portfolio_static_function($type, 'allows_multiple_exports')) {throw new portfolio_exception('multiplesingleresume', 'portfolio');}if (!$dataid = portfolio_export_type_to_id($type, $USER->id)) {throw new portfolio_exception('invalidtempid', 'portfolio');}} else {// we can't do this in the above case, because we're redirecting straight back from an external system// this is not really ideal, but since we're in a "staged" wizard, the session key is checked in other stages.require_sesskey(); // pretty much everything in this page is a write that could be hijacked, so just do this at the top here}// if we have a dataid, it means we're in the middle of an export,// so rewaken it and continue.if (!empty($dataid)) {try {$exporter = portfolio_exporter::rewaken_object($dataid);} catch (portfolio_exception $e) {// this can happen in some cases, a cancel request is sent when something is already broken// so process it elegantly and move on.if ($cancel) {if ($logreturn) {redirect($CFG->wwwroot . '/user/portfoliologs.php');}redirect($CFG->wwwroot);} else {throw $e;}}// we have to wake it up first before we can cancel it// so temporary directories etc get cleaned up.if ($cancel) {if ($cancelsure) {$exporter->cancel_request($logreturn);} else {portfolio_export_pagesetup($PAGE, $exporter->get('caller'));$exporter->print_header(get_string('confirmcancel', 'portfolio'));echo $OUTPUT->box_start();$yesbutton = new single_button(new moodle_url('/portfolio/add.php', array('id' => $dataid, 'cancel' => 1, 'cancelsure' => 1, 'logreturn' => $logreturn)), get_string('yes'));if ($logreturn) {$nobutton = new single_button(new moodle_url('/user/portfoliologs.php'), get_string('no'));} else {$nobutton = new single_button(new moodle_url('/portfolio/add.php', array('id' => $dataid)), get_string('no'));}echo $OUTPUT->confirm(get_string('confirmcancel', 'portfolio'), $yesbutton, $nobutton);echo $OUTPUT->box_end();echo $OUTPUT->footer();exit;}}// verify we still belong to the correct user and permissions are still ok$exporter->verify_rewaken();// if we don't have an instanceid in the exporter// it means we've just posted from the 'choose portfolio instance' page// so process that and start up the portfolio pluginif (!$exporter->get('instance')) {if ($instanceid) {try {$instance = portfolio_instance($instanceid);} catch (portfolio_exception $e) {portfolio_export_rethrow_exception($exporter, $e);}// this technically shouldn't happen but make sure anywayif ($broken = portfolio_instance_sanity_check($instance)) {throw new portfolio_export_exception($exporter, $broken[$instance->get('id')], 'portfolio_' . $instance->get('plugin'));}// now we're all set up, ready to go$instance->set('user', $USER);$exporter->set('instance', $instance);$exporter->save();}}portfolio_export_pagesetup($PAGE, $exporter->get('caller')); // this calls require_login($course) if it can..// completely new request, look to see what information we've been passed and set up the exporter object.} else {// you cannot get here with no information for us, we must at least have the caller.if (empty($_GET) && empty($_POST)) {portfolio_exporter::print_expired_export();}// we'e just posted here for the first time and have might the instance alreadyif ($instanceid) {// this can throw exceptions but there's no point catching and rethrowing here// as the exporter isn't created yet.$instance = portfolio_instance($instanceid);if ($broken = portfolio_instance_sanity_check($instance)) {throw new portfolio_exception($broken[$instance->get('id')], 'portfolio_' . $instance->get('plugin'));}$instance->set('user', $USER);} else {$instance = null;}// we must be passed this from the caller, we cannot start a new export// without knowing information about what part of moodle we come from.if (empty($callbackcomponent) || empty($callbackclass)) {debugging('no callback file or class');portfolio_exporter::print_expired_export();}// so each place in moodle can pass callback args here// process the entire request looking for ca_*// be as lenient as possible while still being secure// so only accept certain parameter types.$callbackargs = array();foreach (array_keys(array_merge($_GET, $_POST)) as $key) {if (strpos($key, 'ca_') === 0) {if (!$value = optional_param($key, false, PARAM_ALPHAEXT)) {if (!$value = optional_param($key, false, PARAM_FLOAT)) {$value = optional_param($key, false, PARAM_PATH);}}// strip off ca_ for niceness$callbackargs[substr($key, 3)] = $value;}}// Ensure that we found a file we can use, if not throw an exception.portfolio_include_callback_file($callbackcomponent, $callbackclass);$caller = new $callbackclass($callbackargs);$caller->set('user', $USER);if ($formats = explode(',', $callerformats)) {$caller->set_formats_from_button($formats);}$caller->load_data();// this must check capabilities and either throw an exception or return false.if (!$caller->check_permissions()) {throw new portfolio_caller_exception('nopermissions', 'portfolio', $caller->get_return_url());}portfolio_export_pagesetup($PAGE, $caller); // this calls require_login($course) if it can..// finally! set up the exporter object with the portfolio instance, and caller information elements$exporter = new portfolio_exporter($instance, $caller, $callbackcomponent);// set the export-specific variables, and save.$exporter->set('user', $USER);$exporter->save();}if (!$exporter->get('instance')) {// we've just arrived but have no instance// in this case the exporter object and the caller object have been set up above// so just make a little form to select the portfolio plugin instance,// which is the last thing to do before starting the export.//// first check to make sure there is actually a point$options = portfolio_instance_select(portfolio_instances(),$exporter->get('caller')->supported_formats(),get_class($exporter->get('caller')),$exporter->get('caller')->get_mimetype(),'instance',true,true);if (empty($options)) {throw new portfolio_export_exception($exporter, 'noavailableplugins', 'portfolio');} else if (count($options) == 1) {// no point displaying a form, just redirect.$optionskeys = array_keys($options);$instance = array_shift($optionskeys);redirect($CFG->wwwroot . '/portfolio/add.php?id= ' . $exporter->get('id') . '&instance=' . $instance . '&sesskey=' . sesskey());}// be very selective about not including this unless we really need torequire_once($CFG->libdir . '/portfolio/forms.php');$mform = new portfolio_instance_select('', array('id' => $exporter->get('id'), 'caller' => $exporter->get('caller'), 'options' => $options));if ($mform->is_cancelled()) {$exporter->cancel_request();} else if ($fromform = $mform->get_data()){redirect($CFG->wwwroot . '/portfolio/add.php?instance=' . $fromform->instance . '&id=' . $exporter->get('id'));exit;}else {$exporter->print_header(get_string('selectplugin', 'portfolio'));echo $OUTPUT->box_start();$mform->display();echo $OUTPUT->box_end();echo $OUTPUT->footer();exit;}}// if we haven't been passed &stage= grab it from the exporter.if (!$stage) {$stage = $exporter->get('stage');}// for places returning control to pass (rather than PORTFOLIO_STAGE_PACKAGE// which is unstable if they can't get to the constant (eg external system)$alreadystolen = false;if ($postcontrol) { // the magic request variable plugins must pass on returning heretry {// allow it to read whatever gets sent back in the request// this is useful for plugins that redirect away and back again// adding a token to the end of the url, for example box.net$exporter->instance()->post_control($stage, array_merge($_GET, $_POST));} catch (portfolio_plugin_exception $e) {portfolio_export_rethrow_exception($exporter, $e);}$alreadystolen = true; // remember this so we don't get caught in a steal control loop!}// actually do the work now..$exporter->process_stage($stage, $alreadystolen);