MDL-8840 Loginas cleanup, some more improvements; merged from MOODLE_18_STABLE

+ merging of format_string fixes

course/enrol.php

@@ -27,6 +27,11 @@
         error("That's an invalid course id");
     }
 
+/// do not use when in course login as
+    if (!empty($USER->realuser) and $USER->loginascontext->contextlevel == CONTEXT_COURSE) {
+        print_error('loginasnoenrol', '', $CFG->wwwroot.'/course/view.php?id='.$USER->loginascontext->instanceid);
+    }
+
     $enrol = enrolment_factory::factory($course->enrol); // do not use if (!$enrol... here, it can not work in PHP4 - see MDL-7529 
 
 /// Refreshing all current role assignments for the current user

lang/en_utf8/error.php

@@ -39,7 +39,8 @@ $string['invalidfiletype'] = '\"$a\" is not a valid file type';
 $string['invalidmd5'] = 'Invalid md5';
 $string['invalidrole'] = 'Invalid role';
 $string['invalidxmlfile'] = '\"$a\" is not a valid XML file';
-$string['loginascourseredir'] = 'You can not enter this course.<br /> You have to terminate the \"Login as\" session before entering any other course.';
+$string['loginasonecourse'] = 'You can not enter this course.<br /> You have to terminate the \"Login as\" session before entering any other course.';
+$string['loginasnoenrol'] = 'You can not use enrol or unenrol when in course \"Login as\" session.';
 $string['missingfield'] = 'Field \"$a\" is missing';
 $string['missingrequiredfield'] = 'Some required field is missing';
 $string['modulemissingcode'] = 'Module $a is missing the code needed to perform this function';

lib/accesslib.php

@@ -1118,27 +1118,21 @@ function load_all_capabilities() {
             $defcaps = load_defaultuser_role(true);
         }
 
-        if (empty($USER->realuser)) {
-            load_user_capability();
-        } else {
-            if ($USER->loginascontext->contextlevel != CONTEXT_SYSTEM) {
-                // load only course caqpabilitites - it may not always work as expected
-                load_user_capability('', $USER->loginascontext);
-                // find all child contexts and unset the rest
-                $children = get_child_contexts($USER->loginascontext);
-                $children[] = $USER->loginascontext->id;
-                foreach ($USER->capabilities as $conid => $caps) {
-                    if (!in_array($conid, $children)) {
-                        unset($USER->capabilities[$conid]);
-                    }
+        load_user_capability();
+
+        // when in "course login as" - load only course caqpabilitites (it may not always work as expected)
+        if (!empty($USER->realuser) and $USER->loginascontext->contextlevel != CONTEXT_SYSTEM) {
+            $children = get_child_contexts($USER->loginascontext);
+            $children[] = $USER->loginascontext->id;
+            foreach ($USER->capabilities as $conid => $caps) {
+                if (!in_array($conid, $children)) {
+                    unset($USER->capabilities[$conid]);
                 }
-            } else {
-                load_user_capability();
             }
         }
 
+        // handle role switching in courses
         if (!empty($USER->switchrole)) {
-
             foreach ($USER->switchrole as $contextid => $roleid) {
                 $context = get_context_instance_by_id($contextid);
 

lib/moodlelib.php

@@ -1662,7 +1662,7 @@ function require_login($courseorid=0, $autologinguest=true, $cm=null) {
     if ($COURSE->id != SITEID and !empty($USER->realuser)) {
         if ($USER->loginascontext->contextlevel == CONTEXT_COURSE) {
             if ($USER->loginascontext->instanceid != $COURSE->id) {
-                print_error('loginascourseredir', '', $CFG->wwwroot.'/course/view.php?id='.$USER->loginascontext->instanceid);
+                print_error('loginasonecourse', '', $CFG->wwwroot.'/course/view.php?id='.$USER->loginascontext->instanceid);
             } 
         }
     }
@@ -3470,7 +3470,7 @@ function setnew_password_and_mail($user) {
 
     $a = new object();
     $a->firstname   = $user->firstname;
-    $a->sitename    = $site->fullname;
+    $a->sitename    = format_string($site->fullname);
     $a->username    = $user->username;
     $a->newpassword = $newpassword;
     $a->link        = $CFG->wwwroot .'/login/';
@@ -3478,7 +3478,7 @@ function setnew_password_and_mail($user) {
 
     $message = get_string('newusernewpasswordtext', '', $a);
 
-    $subject  = $site->fullname .': '. get_string('newusernewpasswordsubj');
+    $subject  = format_string($site->fullname) .': '. get_string('newusernewpasswordsubj');
 
     return email_to_user($user, $from, $subject, $message);
 
@@ -3513,7 +3513,7 @@ function reset_password_and_mail($user) {
 
     $a = new object();
     $a->firstname = $user->firstname;
-    $a->sitename = $site->fullname;
+    $a->sitename = format_string($site->fullname);
     $a->username = $user->username;
     $a->newpassword = $newpassword;
     $a->link = $CFG->httpswwwroot .'/login/change_password.php';
@@ -3521,7 +3521,7 @@ function reset_password_and_mail($user) {
 
     $message = get_string('newpasswordtext', '', $a);
 
-    $subject  = $site->fullname .': '. get_string('changedpassword');
+    $subject  = format_string($site->fullname) .': '. get_string('changedpassword');
 
     return email_to_user($user, $from, $subject, $message);
 
@@ -3544,10 +3544,10 @@ function reset_password_and_mail($user) {
 
     $data = new object();
     $data->firstname = fullname($user);
-    $data->sitename = $site->fullname;
+    $data->sitename = format_string($site->fullname);
     $data->admin = fullname($from) .' ('. $from->email .')';
 
-    $subject = get_string('emailconfirmationsubject', '', $site->fullname);
+    $subject = get_string('emailconfirmationsubject', '', format_string($site->fullname));
 
     $data->link = $CFG->wwwroot .'/login/confirm.php?data='. $user->secret .'/'. $user->username;
     $message     = get_string('emailconfirmation', '', $data);
@@ -3576,12 +3576,12 @@ function send_password_change_confirmation_email($user) {
 
     $data = new object();
     $data->firstname = $user->firstname;
-    $data->sitename = $site->fullname;
+    $data->sitename = format_string($site->fullname);
     $data->link = $CFG->httpswwwroot .'/login/forgot_password.php?p='. $user->secret .'&s='. $user->username;
     $data->admin = fullname($from).' ('. $from->email .')';
 
     $message = get_string('emailpasswordconfirmation', '', $data);
-    $subject = get_string('emailpasswordconfirmationsubject', '', $site->fullname);
+    $subject = get_string('emailpasswordconfirmationsubject', '', format_string($site->fullname));
 
     return email_to_user($user, $from, $subject, $message);
 
@@ -3604,7 +3604,7 @@ function send_password_change_info($user) {
 
     $data = new object();
     $data->firstname = $user->firstname;
-    $data->sitename = $site->fullname;
+    $data->sitename = format_string($site->fullname);
     $data->admin = fullname($from).' ('. $from->email .')';
 
      $userauth = get_auth_plugin($user->auth);
@@ -3619,10 +3619,10 @@ function send_password_change_info($user) {
 
     if (!empty($data->link)) {
         $message = get_string('emailpasswordchangeinfo', '', $data);
-        $subject = get_string('emailpasswordchangeinfosubject', '', $site->fullname);
+        $subject = get_string('emailpasswordchangeinfosubject', '', format_string($site->fullname));
     } else {
         $message = get_string('emailpasswordchangeinfofail', '', $data);
-        $subject = get_string('emailpasswordchangeinfosubject', '', $site->fullname);
+        $subject = get_string('emailpasswordchangeinfosubject', '', format_string($site->fullname));
     }
 
     return email_to_user($user, $from, $subject, $message);
@@ -5450,7 +5450,7 @@ function notify_login_failures() {
 
             $message = '';
             $site = get_site();
-            $subject = get_string('notifyloginfailuressubject', '', $site->fullname);
+            $subject = get_string('notifyloginfailuressubject', '', format_string($site->fullname));
             $message .= get_string('notifyloginfailuresmessagestart', '', $CFG->wwwroot)
                  .(($CFG->lastnotifyfailure != 0) ? '('.userdate($CFG->lastnotifyfailure).')' : '')."\n\n";
             foreach ($logs as $log) {