diff --git a/lib/form/filepicker.php b/lib/form/filepicker.php index 564cb0d2b33..ab699f461c7 100644 --- a/lib/form/filepicker.php +++ b/lib/form/filepicker.php @@ -40,13 +40,18 @@ class MoodleQuickForm_filepicker extends HTML_QuickForm_button } } function toHtml() { - global $CFG; + global $CFG, $COURSE; if ($this->_flagFrozen) { return $this->getFrozenHtml(); } else { $strsaved = get_string('filesaved', 'repository'); $itemid = substr(hexdec(uniqid()), 0, 9)+rand(1,100); - $ret = get_repository_client(); + if(empty($COURSE->context)) { + $ctx = get_context_instance(CONTEXT_SYSTEM); + } else { + $ctx = $COURSE->context; + } + $ret = get_repository_client($ctx); $suffix = $ret['suffix']; $str = $this->_getTabs(); $str .= ''; diff --git a/lib/weblib.php b/lib/weblib.php index f5faac4d6f8..e1a437330d5 100644 --- a/lib/weblib.php +++ b/lib/weblib.php @@ -4811,6 +4811,7 @@ function print_textarea($usehtmleditor, $rows, $cols, $width, $height, $name, $v global $CFG, $COURSE, $HTTPSPAGEREQUIRED, $THEME; //static $scriptcount = 0; // For loading the htmlarea script only once. + //var_dump(unserialize($COURSE->modinfo)); $mincols = 65; $minrows = 10; $str = ''; @@ -4872,7 +4873,12 @@ function print_textarea($usehtmleditor, $rows, $cols, $width, $height, $name, $v require_once("$CFG->dirroot/repository/lib.php"); $str_toggle = ''. get_string('editortoggle') .''; // Show shortcuts button if HTML editor is in use, but only if JavaScript is enabled (MDL-9556) - $ret = get_repository_client(); + if(empty($COURSE->context)) { + $ctx = get_context_instance(CONTEXT_SYSTEM); + } else { + $ctx = $COURSE->context; + } + $ret = get_repository_client($ctx); $str .= $ret['html'].$ret['js']; $suffix = $ret['suffix']; $str .= '
'; diff --git a/repository/lib.php b/repository/lib.php index 5381aa2a09f..e7c407a0ecc 100644 --- a/repository/lib.php +++ b/repository/lib.php @@ -69,9 +69,9 @@ abstract class repository { * @param string $search The text will be searched. * @return array the list of files, including meta infomation */ - public function __construct($repositoryid, $context = SITEID, $options = array()){ - $this->context = $context; + public function __construct($repositoryid, $contextid = SITEID, $options = array()){ $this->repositoryid = $repositoryid; + $this->context = get_context_instance_by_id($contextid); $this->options = array(); if (is_array($options)) { foreach ($options as $n => $v) { @@ -211,7 +211,7 @@ abstract class repository { * @param string $userid The id of specific user * @return array the list of files, including meta infomation */ - public function store_login($username = '', $password = '', $userid = 1, $contextid = SITEID) { + public function store_login($username = '', $password = '', $userid = 1) { global $DB; $repository = new stdclass; @@ -220,7 +220,7 @@ abstract class repository { } else { $repository->userid = $userid; $repository->repositorytype = $this->type; - $repository->contextid = $contextid; + $repository->contextid = $this->context->id; } if ($entry = $DB->get_record('repository', $repository)) { $repository->id = $entry->id; @@ -282,19 +282,19 @@ function repository_get_option($id, $position){ $ret = (array)unserialize($entry->$option); return $ret; } -function repository_instances($contextid = SITEID){ +function repository_instances($context){ global $DB, $CFG, $USER; $params = array(); $sql = 'SELECT * FROM {repository} r WHERE '; $sql .= ' (r.userid = 0 or r.userid = ?) '; $params[] = $USER->id; - if($contextid == SITEID) { + if($context->id == SITEID) { $sql .= 'AND (r.contextid = ?)'; $params[] = SITEID; } else { $sql .= 'AND (r.contextid = ? or r.contextid = ?)'; $params[] = SITEID; - $params[] = $contextid; + $params[] = $context->id; } if(!$repos = $DB->get_records_sql($sql, $params)) { $repos = array(); @@ -361,7 +361,7 @@ function move_to_filepool($path, $name, $itemid) { // TODO // Need to pass contextid and contextlevel here -function get_repository_client(){ +function get_repository_client($context){ global $CFG, $USER; $suffix = uniqid(); $strsubmit = get_string('submit', 'repository'); @@ -670,7 +670,7 @@ function get_repository_client(){ } _client.loading(); var trans = YAHOO.util.Connect.asyncRequest('POST', - '$CFG->wwwroot/repository/ws.php?repo_id='+_client.repositoryid+ + '$CFG->wwwroot/repository/ws.php?ctx_id=$context->id&repo_id='+_client.repositoryid+ '&action=download', _client.dlfile, _client.postdata({'itemid': itemid, 'env':_client.env, 'file':file, 'title':title})); } @@ -687,6 +687,7 @@ function get_repository_client(){ } } obj['env'] = _client.env; + obj['ctx_id'] = $context->id; _client.loading(); var trans = YAHOO.util.Connect.asyncRequest('POST', '$CFG->wwwroot/repository/ws.php', _client.callback, @@ -744,7 +745,7 @@ function get_repository_client(){ _client.viewbar.set('disabled', false); _client.loading(); _client.repositoryid = id; - var trans = YAHOO.util.Connect.asyncRequest('GET', '$CFG->wwwroot/repository/ws.php?repo_id='+id+'&p='+path+'&reset='+reset+'&env='+_client.env, _client.callback); + var trans = YAHOO.util.Connect.asyncRequest('GET', '$CFG->wwwroot/repository/ws.php?ctx_id=$context->id&repo_id='+id+'&p='+path+'&reset='+reset+'&env='+_client.env, _client.callback); } _client.search = function(id){ var data = window.prompt("What are you searching for?"); @@ -754,13 +755,13 @@ function get_repository_client(){ } _client.viewbar.set('disabled', false); _client.loading(); - var trans = YAHOO.util.Connect.asyncRequest('GET', '$CFG->wwwroot/repository/ws.php?repo_id='+id+'&s='+data+'&env='+_client.env, _client.callback); + var trans = YAHOO.util.Connect.asyncRequest('GET', '$CFG->wwwroot/repository/ws.php?ctx_id=$context->id&repo_id='+id+'&s='+data+'&env='+_client.env, _client.callback); } return _client; })(); EOD; - $repos = repository_instances(); + $repos = repository_instances($context); foreach($repos as $repo) { $js .= "\r\n"; $js .= 'repository_client_'.$suffix.'.repos.push('.json_encode($repo).');'."\n"; diff --git a/repository/ws.php b/repository/ws.php index 45cb6b79b20..9cde46dab65 100644 --- a/repository/ws.php +++ b/repository/ws.php @@ -6,18 +6,20 @@ require_once('lib.php'); // set one hour here $CFG->repository_cache_expire = 60*60; // page -$p = optional_param('p', '', PARAM_RAW); +$p = optional_param('p', '', PARAM_INT); // opened in editor or moodleform -$env = optional_param('env', 'form', PARAM_RAW); +$env = optional_param('env', 'form', PARAM_ALPHA); // file to download -$file = optional_param('file', '', PARAM_RAW); +$file = optional_param('file', '', PARAM_URL); // rename the file name -$title = optional_param('title', '', PARAM_RAW); -$action = optional_param('action', '', PARAM_RAW); -$search = optional_param('s', '', PARAM_RAW); +$title = optional_param('title', '', PARAM_FILE); +$action = optional_param('action', '', PARAM_ALPHA); +$search = optional_param('s', '', PARAM_CLEANHTML); // id of repository $repo_id = optional_param('repo_id', 1, PARAM_INT); -// context id +// TODO +// what will happen if user use a fake ctx_id? +// Think about using $SESSION save it $ctx_id = optional_param('ctx_id', SITEID, PARAM_INT); $itemid = optional_param('itemid', 0, PARAM_INT); $userid = $USER->id; @@ -36,7 +38,7 @@ if(file_exists($CFG->dirroot.'/repository/'. $repository->repositorytype.'/repository.class.php'); $classname = 'repository_' . $repository->repositorytype; try{ - $repo = new $classname($repo_id, SITEID, array('ajax'=>true)); + $repo = new $classname($repo_id, $ctx_id, array('ajax'=>true)); } catch (repository_exception $e){ $err = new stdclass; $err->e = $e->getMessage();