diff --git a/admin/repository.php b/admin/repository.php
index 735cbdbca26..5b950594b74 100644
--- a/admin/repository.php
+++ b/admin/repository.php
@@ -49,26 +49,11 @@ if ($action == 'newon') {
admin_externalpage_setup($pagename);
-$sesskeyurl = $CFG->wwwroot.'/'.$CFG->admin.'/repository.php?sesskey=' . sesskey();
-$baseurl = $CFG->wwwroot.'/'.$CFG->admin.'/repository.php';
-
-$configstr = get_string('manage', 'repository');
+// The URL used for redirection, and that all edit related URLs will be based off.
+$baseurl = new moodle_url('/admin/repository.php');
$return = true;
-if (!empty($action)) {
- require_sesskey();
-}
-
-/**
- * Helper function that generates a moodle_url object
- * relevant to the repository
- */
-function repository_action_url($repository) {
- global $baseurl;
- return new moodle_url($baseurl, array('sesskey'=>sesskey(), 'repos'=>$repository));
-}
-
if (($action == 'edit') || ($action == 'new')) {
$pluginname = '';
if ($action == 'edit') {
@@ -182,16 +167,12 @@ if (($action == 'edit') || ($action == 'new')) {
}
}
} else if ($action == 'show') {
- if (!confirm_sesskey()) {
- throw new \moodle_exception('confirmsesskeybad', '', $baseurl);
- }
+ require_sesskey();
$class = \core_plugin_manager::resolve_plugininfo_class('repository');
$class::enable_plugin($repository, 1);
$return = true;
} else if ($action == 'hide') {
- if (!confirm_sesskey()) {
- throw new \moodle_exception('confirmsesskeybad', '', $baseurl);
- }
+ require_sesskey();
$class = \core_plugin_manager::resolve_plugininfo_class('repository');
$class::enable_plugin($repository, 0);
$return = true;
@@ -199,9 +180,7 @@ if (($action == 'edit') || ($action == 'new')) {
$repositorytype = repository::get_type_by_typename($repository);
if ($sure) {
$PAGE->set_pagetype('admin-repository-' . $repository);
- if (!confirm_sesskey()) {
- throw new \moodle_exception('confirmsesskeybad', '', $baseurl);
- }
+ require_sesskey();
if ($repositorytype->delete($downloadcontents)) {
// Include this information into config changes table.
@@ -220,20 +199,15 @@ if (($action == 'edit') || ($action == 'new')) {
$output = $OUTPUT->box_start('generalbox', 'notice');
$output .= html_writer::tag('p', $message);
- $removeurl = new moodle_url($sesskeyurl);
- $removeurl->params(array(
+ $removeurl = new moodle_url($baseurl, [
'action' =>'delete',
'repos' => $repository,
'sure' => 'yes',
- ));
+ ]);
- $removeanddownloadurl = new moodle_url($sesskeyurl);
- $removeanddownloadurl->params(array(
- 'action' =>'delete',
- 'repos'=> $repository,
- 'sure' => 'yes',
+ $removeanddownloadurl = new moodle_url($removeurl, [
'downloadcontents' => 1,
- ));
+ ]);
$output .= $OUTPUT->single_button($removeurl, get_string('continueuninstall', 'repository'));
$output .= $OUTPUT->single_button($removeanddownloadurl, get_string('continueuninstallanddownload', 'repository'));
@@ -245,9 +219,11 @@ if (($action == 'edit') || ($action == 'new')) {
$return = false;
}
} else if ($action == 'moveup') {
+ require_sesskey();
$repositorytype = repository::get_type_by_typename($repository);
$repositorytype->move_order('up');
} else if ($action == 'movedown') {
+ require_sesskey();
$repositorytype = repository::get_type_by_typename($repository);
$repositorytype->move_order('down');
} else {
@@ -339,8 +315,7 @@ if (($action == 'edit') || ($action == 'new')) {
$userinstancenumbertext = "";
}
- $settings .= '' . $settingsstr .'';
-
+ $settings = html_writer::link(new moodle_url($baseurl, ['action' => 'edit', 'repos' => $typename]), $settingsstr);
$settings .= $OUTPUT->container_start('mdl-left');
$settings .= '
';
$settings .= $admininstancenumbertext;
@@ -357,22 +332,34 @@ if (($action == 'edit') || ($action == 'new')) {
$currentaction = 'hide';
}
- $select = new single_select(repository_action_url($typename, 'repos'), 'action', $actionchoicesforexisting, $currentaction, null, 'applyto' . basename($typename));
+ // Active toggle.
+ $selectaction = new moodle_url($baseurl, ['sesskey' => sesskey(), 'repos' => $typename]);
+ $select = new single_select($selectaction, 'action', $actionchoicesforexisting, $currentaction, null,
+ 'applyto' . basename($typename));
$select->set_label(get_string('action'), array('class' => 'accesshide'));
+
// Display up/down link
$updown = '';
$spacer = $OUTPUT->spacer(array('height'=>15, 'width'=>15)); // should be done with CSS instead
if ($updowncount > 1) {
- $updown .= "";
- $updown .= $OUTPUT->pix_icon('t/up', get_string('moveup')) . " ";
+ $moveupaction = new moodle_url($baseurl, [
+ 'sesskey' => sesskey(),
+ 'action' => 'moveup',
+ 'repos' => $typename,
+ ]);
+ $updown .= html_writer::link($moveupaction, $OUTPUT->pix_icon('t/up', get_string('moveup'))) . ' ';
}
else {
$updown .= $spacer;
}
if ($updowncount < $totalrepositorytypes) {
- $updown .= "";
- $updown .= $OUTPUT->pix_icon('t/down', get_string('movedown')) . " ";
+ $movedownaction = new moodle_url($baseurl, [
+ 'sesskey' => sesskey(),
+ 'action' => 'movedown',
+ 'repos' => $typename,
+ ]);
+ $updown .= html_writer::link($movedownaction, $OUTPUT->pix_icon('t/down', get_string('movedown'))) . ' ';
}
else {
$updown .= $spacer;
@@ -400,7 +387,9 @@ if (($action == 'edit') || ($action == 'new')) {
foreach ($plugins as $plugin => $dir) {
// Check that it has not already been listed
if (!in_array($plugin, $alreadyplugins)) {
- $select = new single_select(repository_action_url($plugin, 'repos'), 'action', $actionchoicesfornew, 'delete', null, 'applyto' . basename($plugin));
+ $selectaction = new moodle_url($baseurl, ['sesskey' => sesskey(), 'repos' => $plugin]);
+ $select = new single_select($selectaction, 'action', $actionchoicesfornew, 'delete', null,
+ 'applyto' . basename($plugin));
$select->set_label(get_string('action'), array('class' => 'accesshide'));
$uninstall = '';
if ($uninstallurl = core_plugin_manager::instance()->get_uninstall_url('repository_' . $plugin, 'manage')) {
diff --git a/admin/repositoryinstance.php b/admin/repositoryinstance.php
index e7b9c77ed1e..cd8f2096b2d 100644
--- a/admin/repositoryinstance.php
+++ b/admin/repositoryinstance.php
@@ -18,8 +18,6 @@ require_once(__DIR__ . '/../config.php');
require_once($CFG->dirroot . '/repository/lib.php');
require_once($CFG->libdir . '/adminlib.php');
-require_sesskey();
-
// id of repository
$edit = optional_param('edit', 0, PARAM_INT);
$new = optional_param('new', '', PARAM_PLUGIN);
@@ -43,12 +41,8 @@ if ($edit){
admin_externalpage_setup($pagename, '', null, new moodle_url('/admin/repositoryinstance.php'));
-$baseurl = new moodle_url("/$CFG->admin/repositoryinstance.php", array('sesskey'=>sesskey()));
-
-$parenturl = new moodle_url("/$CFG->admin/repository.php", array(
- 'sesskey'=>sesskey(),
- 'action'=>'edit',
-));
+// The URL used for redirection, and that all edit related URLs will be based off.
+$parenturl = new moodle_url('/admin/repository.php', ['action' => 'edit']);
if ($new) {
$parenturl->param('repos', $new);
@@ -116,6 +110,7 @@ if (!empty($edit) || !empty($new)) {
$return = false;
}
} else if (!empty($hide)) {
+ require_sesskey();
$instance = repository::get_type_by_typename($hide);
$instance->hide();
core_plugin_manager::reset_caches();
@@ -129,6 +124,7 @@ if (!empty($edit) || !empty($new)) {
throw new repository_exception('nopermissiontoaccess', 'repository');
}
if ($sure) {
+ require_sesskey();
if ($instance->delete($downloadcontents)) {
$deletedstr = get_string('instancedeleted', 'repository');
core_plugin_manager::reset_caches();
@@ -141,14 +137,17 @@ if (!empty($edit) || !empty($new)) {
echo $OUTPUT->header();
echo $OUTPUT->box_start('generalbox', 'notice');
- $continueurl = new moodle_url($baseurl, array(
+
+ $continueurl = new moodle_url($PAGE->url, [
'type' => $type,
'delete' => $delete,
'sure' => 'yes',
- ));
+ ]);
+
$continueanddownloadurl = new moodle_url($continueurl, array(
'downloadcontents' => 1
));
+
$message = get_string('confirmdelete', 'repository', $instance->name);
echo html_writer::tag('p', $message);
diff --git a/lib/classes/plugininfo/repository.php b/lib/classes/plugininfo/repository.php
index cc5283539a7..9ddc2c2ef93 100644
--- a/lib/classes/plugininfo/repository.php
+++ b/lib/classes/plugininfo/repository.php
@@ -144,10 +144,8 @@ class repository extends base {
if ($hassiteconfig && $this->is_enabled()) {
// Completely no access to repository setting when it is not enabled.
$sectionname = $this->get_settings_section_name();
- $settingsurl = new moodle_url('/admin/repository.php',
- array('sesskey' => sesskey(), 'action' => 'edit', 'repos' => $this->name));
$settings = new admin_externalpage($sectionname, $this->displayname,
- $settingsurl, 'moodle/site:config', false);
+ new moodle_url('/admin/repository.php', ['action' => 'edit', 'repos' => $this->name]), 'moodle/site:config', false);
$adminroot->add($parentnodename, $settings);
}
}
diff --git a/repository/lib.php b/repository/lib.php
index 9a510827059..28326e7d720 100644
--- a/repository/lib.php
+++ b/repository/lib.php
@@ -1497,10 +1497,10 @@ abstract class repository implements cacheable_object {
//if the context is SYSTEM, so we call it from administration page
$admin = ($context->id == SYSCONTEXTID) ? true : false;
if ($admin) {
- $baseurl = new moodle_url('/'.$CFG->admin.'/repositoryinstance.php', array('sesskey'=>sesskey()));
+ $baseurl = new moodle_url('/admin/repositoryinstance.php');
$output .= $OUTPUT->heading(get_string('siteinstances', 'repository'));
} else {
- $baseurl = new moodle_url('/repository/manage_instances.php', array('contextid'=>$context->id, 'sesskey'=>sesskey()));
+ $baseurl = new moodle_url('/repository/manage_instances.php', ['contextid' => $context->id]);
}
$namestr = get_string('name');
diff --git a/repository/manage_instances.php b/repository/manage_instances.php
index 631127feb11..c3d22021ee0 100644
--- a/repository/manage_instances.php
+++ b/repository/manage_instances.php
@@ -37,9 +37,7 @@ $contextid = optional_param('contextid', 0, PARAM_INT);
$usercourseid = optional_param('usercourseid', SITEID, PARAM_INT); // Extra: used for user context only
$url = new moodle_url('/repository/manage_instances.php');
-
$baseurl = new moodle_url('/repository/manage_instances.php');
-$baseurl->param('sesskey', sesskey());
if ($edit){
$url->param('edit', $edit);
@@ -168,9 +166,6 @@ if (!empty($edit) || !empty($new)) {
exit;
} else if ($fromform = $mform->get_data()){
- if (!confirm_sesskey()) {
- throw new \moodle_exception('confirmsesskeybad', '', $baseurl);
- }
if ($edit) {
$settings = array();
$settings['name'] = $fromform->name;
@@ -199,9 +194,7 @@ if (!empty($edit) || !empty($new)) {
}
} else if (!empty($delete)) {
if ($sure) {
- if (!confirm_sesskey()) {
- throw new \moodle_exception('confirmsesskeybad', '', $baseurl);
- }
+ require_sesskey();
if ($instance->delete()) {
$deletedstr = get_string('instancedeleted', 'repository');
redirect($baseurl, $deletedstr, 3);