moodle/admin/config.php

<?php  // $Id$
       // config.php - allows admin to edit all configuration variables

    require_once('../config.php');

    $focus = '';

    if ($site = get_site()) {   // If false then this is a new installation
        require_login();
        if (!isadmin()) {
            error('Only the admin can use this page');
        }
    }

/// This is to overcome the "insecure forms paradox"
    if (isset($secureforms) and $secureforms == 0) {
        $match = 'nomatch';
    } else {
        $match = '';
    }

/// If data submitted, then process and store.

    if ($config = data_submitted($match)) {  

        if (!empty($USER->id)) {             // Additional identity check
            if (!confirm_sesskey()) {
                error(get_string('confirmsesskeybad', 'error'));
            }
        }

        validate_form($config, $err);

        if (count($err) == 0) {
            foreach ($config as $name => $value) {
                if ($name == "sessioncookie") {
                    $value = eregi_replace("[^a-zA-Z]", "", $value);
                }
                if ($name == "defaultallowedmodules") {
                    $value = implode(',',$value);
                }
                if ($name == 'hiddenuserfields') {
                    if (in_array('none', $value)) {
                        $value = '';
                    } else {
                        $value = implode(',',$value);
                    }
                }
                unset($conf);
                $conf->name  = $name;
                $conf->value = $value;
                if ($current = get_record('config', 'name', $name)) {
                    $conf->id = $current->id;
                    if (! update_record('config', $conf)) {
                        notify("Could not update $name to $value");
                    }
                } else {
                    if (! insert_record('config', $conf)) {
                        notify("Error: could not add new variable $name !");
                    }
                }
            }
            redirect('index.php', get_string('changessaved'), 1);
            exit;

        } else {
            foreach ($err as $key => $value) {
                $focus = "form.$key";
            }
        }
    }

/// Otherwise fill and print the form.

    if (empty($config)) {
        $config = $CFG;
        if (!$config->locale = get_field('config', 'value', 'name', 'locale')) {
            $config->locale = $CFG->lang;
        }
    }

    $sesskey = !empty($USER->id) ? $USER->sesskey : '';


    $stradmin = get_string('administration');
    $strconfiguration = get_string('configuration');
    $strconfigvariables = get_string('configvariables', 'admin');

    if ($site) {
        print_header("$site->shortname: $strconfigvariables", $site->fullname,
                      "<a href=\"index.php\">$stradmin</a> -> ".
                      "<a href=\"configure.php\">$strconfiguration</a> -> $strconfigvariables", $focus);
        print_heading($strconfigvariables);
    } else {
        print_header();
        print_heading($strconfigvariables);
        print_simple_box(get_string('configintro', 'admin'), 'center', "50%");
        echo '<br />';
    }


/// Get all the configuration fields and helptext
    require('configvars.php');

/// Cycle through the sections to get the sectionnames
    $linktext = '';
    foreach($configvars as $sectionname=>$section) {
        if ($linktext !== '') {
            $linktext .= ' | ';
        }
        $linktext .= '<a href="#configsection'.$sectionname.'">'.get_string('configsection'.$sectionname, 'admin').'</a>';
    }
        
    echo "<center>$linktext</center>\n";

    print_simple_box_start('center');
    
    echo '<form method="post" action="config.php" name="form">';
    echo '<center><input type="submit" value="'.get_string('savechanges').'" /></center>';

/// Cycle through each section of the configuration
    foreach ($configvars as $sectionname=>$section) {

        print_heading('<a name="configsection'.$sectionname.'"></a>'.get_string('configsection'.$sectionname, 'admin'));

        $table = NULL;
        $table->data = array();
        foreach ($section as $configvariable=>$configobject) {
            $table->data[] = array ( $configvariable.': ',
                                     $configobject->field
                                   );
            if ($configobject->display_warning()) {
                $table->data[] = array ( '&nbsp;',
                                         '<span class="configwarning">'.$configobject->warning.'</span>'
                                       );
            }
            $table->data[] = array ( '&nbsp;',
                                     '<span class="confighelp">'.$configobject->help.'</span>'
                                   );
            $table->align = array ('right', 'left');
        }
        print_table($table);

    }
    echo '<center>';
    echo '<input type="hidden" name="sesskey" value="'.$sesskey.'" />';
    echo '<input type="submit" value="'.get_string('savechanges').'" />';
    echo '</center>';
                
    echo '</form>';
    
    print_simple_box_end();


    /// Lock some options

    $httpsurl = str_replace('http://', 'https://', $CFG->wwwroot);
    if ($httpsurl != $CFG->wwwroot) {
        if (ini_get('allow_url_fopen')) {
            if ((($fh = @fopen($httpsurl, 'r')) == false) and ($config->loginhttps == 0)) {
                echo '<script type="text/javascript">'."\n";
                echo '<!--'."\n";
                echo "eval('document.form.loginhttps.disabled=true');\n";
                echo '-->'."\n";
                echo '</script>'."\n";
            }
        }
    }


    if ($site) {
        print_footer();
    }

    exit;

/// Functions /////////////////////////////////////////////////////////////////

function validate_form(&$form, &$err) {

    // Currently no checks are needed ...

    return true;
}

?>
Now sesskey is working fine at installation time. Bug 2049 (http://moodle.org/bugs/bug.php?op=show&bugid=2049) Merged from MOODLE_14_STABLE 2004-10-06 00:08:08 +00:00			`<?php // $Id$`
Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00			`// config.php - allows admin to edit all configuration variables`

quotes update 2005-01-24 01:21:16 +00:00			`require_once('../config.php');`
Allow phpinfo() debugging to occur even if Moodle isn't configured yet (to help with configuration problems!). 2003-01-02 07:37:28 +00:00
parameter cleaup - round 1 2006-03-06 10:02:59 +00:00			`$focus = '';`

Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00			`if ($site = get_site()) { // If false then this is a new installation`
			`require_login();`
			`if (!isadmin()) {`
quotes update 2005-01-24 01:21:16 +00:00			`error('Only the admin can use this page');`
Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00			`}`
			`}`

New configuration variable: secureforms (defaults to 'true') Replaces the old $CFG->buggy_referer (reverses it, in fact) and can now be set in the configuration page (no need for it in config.php). 2003-05-15 15:59:52 +00:00			`/// This is to overcome the "insecure forms paradox"`
			`if (isset($secureforms) and $secureforms == 0) {`
quotes update 2005-01-24 01:21:16 +00:00			`$match = 'nomatch';`
New configuration variable: secureforms (defaults to 'true') Replaces the old $CFG->buggy_referer (reverses it, in fact) and can now be set in the configuration page (no need for it in config.php). 2003-05-15 15:59:52 +00:00			`} else {`
quotes update 2005-01-24 01:21:16 +00:00			`$match = '';`
New configuration variable: secureforms (defaults to 'true') Replaces the old $CFG->buggy_referer (reverses it, in fact) and can now be set in the configuration page (no need for it in config.php). 2003-05-15 15:59:52 +00:00			`}`

Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00			`/// If data submitted, then process and store.`

Updated calls to get_string() for some strings that were moved to lang/en/admin.php 2005-02-24 08:49:32 +00:00			`if ($config = data_submitted($match)) {`
Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00
Now sesskey is working fine at installation time. Bug 2049 (http://moodle.org/bugs/bug.php?op=show&bugid=2049) Merged from MOODLE_14_STABLE 2004-10-06 00:08:08 +00:00			`if (!empty($USER->id)) { // Additional identity check`
Merged sesskey fixes from STABLE 2004-10-04 13:50:37 +00:00			`if (!confirm_sesskey()) {`
			`error(get_string('confirmsesskeybad', 'error'));`
			`}`
			`}`

Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00			`validate_form($config, $err);`

			`if (count($err) == 0) {`
			`foreach ($config as $name => $value) {`
Clean sessioncookie variable 2003-12-18 16:46:34 +00:00			`if ($name == "sessioncookie") {`
Get tough on possible sessioncookies to avoid possible lockout problems caused by some characters in the cookie name 2004-03-31 04:14:13 +00:00			`$value = eregi_replace("[^a-zA-Z]", "", $value);`
Clean sessioncookie variable 2003-12-18 16:46:34 +00:00			`}`
Course request feature. Allows normal users to 'request' courses they would like created, and admins can approve or reject pending courses. Also, contains the ability to restrict activity modules on a per course basic. Strict config options: enable restricting modules at ALL (for all courses, no courses, requested courses), what to do by default for newly created courses as well as what modules to enable for above category by default. This feature was created for the aim of building a community side to moodle - for institutes that have strict courses and enrolments, allowing normal users to request interest courses is a good feature, but some modules may be redundant (assignment, lesson, quiz etc) Please test! 2005-08-16 06:15:49 +00:00			`if ($name == "defaultallowedmodules") {`
			`$value = implode(',',$value);`
			`}`
New feature: Configureable visibility of fields in Participants page A new configuration variable is avaliable to limit which fields normal user can see about other users. Teachers/admins can still see the full info. This provides some degree of privacy for students. 2005-11-20 21:29:59 +00:00			`if ($name == 'hiddenuserfields') {`
			`if (in_array('none', $value)) {`
			`$value = '';`
			`} else {`
			`$value = implode(',',$value);`
			`}`
			`}`
Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00			`unset($conf);`
			`$conf->name = $name;`
			`$conf->value = $value;`
quotes update 2005-01-24 01:21:16 +00:00			`if ($current = get_record('config', 'name', $name)) {`
Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00			`$conf->id = $current->id;`
quotes update 2005-01-24 01:21:16 +00:00			`if (! update_record('config', $conf)) {`
Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00			`notify("Could not update $name to $value");`
			`}`
			`} else {`
quotes update 2005-01-24 01:21:16 +00:00			`if (! insert_record('config', $conf)) {`
Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00			`notify("Error: could not add new variable $name !");`
			`}`
			`}`
			`}`
quotes update 2005-01-24 01:21:16 +00:00			`redirect('index.php', get_string('changessaved'), 1);`
Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00			`exit;`

			`} else {`
			`foreach ($err as $key => $value) {`
			`$focus = "form.$key";`
			`}`
			`}`
Updated calls to get_string() for some strings that were moved to lang/en/admin.php 2005-02-24 08:49:32 +00:00			`}`
Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00
			`/// Otherwise fill and print the form.`

Some little fixes 2003-01-02 15:25:51 +00:00			`if (empty($config)) {`
Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00			`$config = $CFG;`
quotes update 2005-01-24 01:21:16 +00:00			`if (!$config->locale = get_field('config', 'value', 'name', 'locale')) {`
Fixed locale problem (being overwritten by current locale) 2003-08-25 17:30:08 +00:00			`$config->locale = $CFG->lang;`
			`}`
Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00			`}`

Some cleaning up of configuration interfaces 2005-02-09 13:04:04 +00:00			`$sesskey = !empty($USER->id) ? $USER->sesskey : '';`


quotes update 2005-01-24 01:21:16 +00:00			`$stradmin = get_string('administration');`
			`$strconfiguration = get_string('configuration');`
Some cleaning up of configuration interfaces 2005-02-09 13:04:04 +00:00			`$strconfigvariables = get_string('configvariables', 'admin');`
Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00
			`if ($site) {`
Various little fixes to remove warnings (usually about empty variables) when error_reporting is turned up to 15 or so ... more of these to come ... 2002-12-29 17:32:32 +00:00			`print_header("$site->shortname: $strconfigvariables", $site->fullname,`
Trying something different with the admin links ... even I was starting to get a bit lost occasionally. 2003-08-18 16:40:27 +00:00			`"<a href=\"index.php\">$stradmin</a> -> ".`
			`"<a href=\"configure.php\">$strconfiguration</a> -> $strconfigvariables", $focus);`
Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00			`print_heading($strconfigvariables);`
			`} else {`
			`print_header();`
			`print_heading($strconfigvariables);`
Updated calls to get_string() for some strings that were moved to lang/en/admin.php 2005-02-24 08:49:32 +00:00			`print_simple_box(get_string('configintro', 'admin'), 'center', "50%");`
Some cleaning up of configuration interfaces 2005-02-09 13:04:04 +00:00			`echo '<br />';`
Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00			`}`

Some cleaning up of configuration interfaces 2005-02-09 13:04:04 +00:00

			`/// Get all the configuration fields and helptext`
parameter cleaup - round 1 2006-03-06 10:02:59 +00:00			`require('configvars.php');`
Some cleaning up of configuration interfaces 2005-02-09 13:04:04 +00:00
			`/// Cycle through the sections to get the sectionnames`
			`$linktext = '';`
			`foreach($configvars as $sectionname=>$section) {`
			`if ($linktext !== '') {`
			`$linktext .= ' \| ';`
			`}`
			`$linktext .= '<a href="#configsection'.$sectionname.'">'.get_string('configsection'.$sectionname, 'admin').'</a>';`
			`}`

			`echo "<center>$linktext</center>\n";`
Merged sesskey fixes from STABLE 2004-10-04 13:50:37 +00:00
Removed $THEME from admin pages 2005-01-25 17:08:05 +00:00			`print_simple_box_start('center');`
Some cleaning up of configuration interfaces 2005-02-09 13:04:04 +00:00
			`echo '<form method="post" action="config.php" name="form">';`
Merged from MOODLE_15_STABLE. 2005-06-06 03:36:44 +00:00			`echo '<center><input type="submit" value="'.get_string('savechanges').'" /></center>';`
Some cleaning up of configuration interfaces 2005-02-09 13:04:04 +00:00
			`/// Cycle through each section of the configuration`
			`foreach ($configvars as $sectionname=>$section) {`

			`print_heading('<a name="configsection'.$sectionname.'"></a>'.get_string('configsection'.$sectionname, 'admin'));`

			`$table = NULL;`
			`$table->data = array();`
			`foreach ($section as $configvariable=>$configobject) {`
			`$table->data[] = array ( $configvariable.': ',`
			`$configobject->field`
			`);`
			`if ($configobject->display_warning()) {`
			`$table->data[] = array ( ' ',`
			`'<span class="configwarning">'.$configobject->warning.'</span>'`
			`);`
			`}`
			`$table->data[] = array ( ' ',`
			`'<span class="confighelp">'.$configobject->help.'</span>'`
			`);`
			`$table->align = array ('right', 'left');`
			`}`
			`print_table($table);`

			`}`
			`echo '<center>';`
			`echo '<input type="hidden" name="sesskey" value="'.$sesskey.'" />';`
			`echo '<input type="submit" value="'.get_string('savechanges').'" />';`
			`echo '</center>';`

			`echo '</form>';`

Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00			`print_simple_box_end();`
Cleaned up the initial setup process. It looks a bit smoother now. Hopefully this is also the end of the occasional errors we keep hearing about to do with never getting to setup the admin user. (I think admin/site.php had a redirect that didn't always work). The setup process is now much better at "trapping" you until it's all done. 2003-05-06 15:58:20 +00:00
Some cleaning up of configuration interfaces 2005-02-09 13:04:04 +00:00


Merged loginhttps config from stable 2004-08-31 08:41:26 +00:00			`/// Lock some options`

			`$httpsurl = str_replace('http://', 'https://', $CFG->wwwroot);`
			`if ($httpsurl != $CFG->wwwroot) {`
Added checks for allow_fopen_url in two more places! 2005-02-23 15:40:53 +00:00			`if (ini_get('allow_url_fopen')) {`
			`if ((($fh = @fopen($httpsurl, 'r')) == false) and ($config->loginhttps == 0)) {`
			`echo '<script type="text/javascript">'."\n";`
			`echo '<!--'."\n";`
			`echo "eval('document.form.loginhttps.disabled=true');\n";`
			`echo '-->'."\n";`
			`echo '</script>'."\n";`
			`}`
Merged loginhttps config from stable 2004-08-31 08:41:26 +00:00			`}`
			`}`


Cleaned up the initial setup process. It looks a bit smoother now. Hopefully this is also the end of the occasional errors we keep hearing about to do with never getting to setup the admin user. (I think admin/site.php had a redirect that didn't always work). The setup process is now much better at "trapping" you until it's all done. 2003-05-06 15:58:20 +00:00			`if ($site) {`
			`print_footer();`
			`}`
Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00
			`exit;`

			`/// Functions /////////////////////////////////////////////////////////////////`

			`function validate_form(&$form, &$err) {`

Merged sesskey fixes from STABLE 2004-10-04 13:50:37 +00:00			`// Currently no checks are needed ...`
Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00
Merged sesskey fixes from STABLE 2004-10-04 13:50:37 +00:00			`return true;`
Most of the configuration variables have been moved out of the config.php file and into a database, where they can be edited using a new admin form called "Configure variables". 2002-09-19 12:01:55 +00:00			`}`

Removed $THEME from admin pages 2005-01-25 17:08:05 +00:00			`?>`