Browse files

backported to 1.5 stable from HEAD - bugfix for bug 3980

  • Loading branch information...
1 parent dd7a3aa commit 24f9eb47b1f6a9adf6635bd201897a2e0bafbf00 dhawes committed Oct 3, 2005
Showing with 24 additions and 30 deletions.
  1. +24 −30 blocks/rss_client/block_rss_client_action.php
View
54 blocks/rss_client/block_rss_client_action.php
@@ -27,12 +27,11 @@
error(get_string('noguestpost', 'forum'), $referrer);
}
-$act = optional_param('act', 'none' );
-$rssid = optional_param('rssid', 'none' );
+$act = optional_param('act', NULL, PARAM_ALPHA);
+$rssid = optional_param('rssid', NULL, PARAM_INT);
$id = optional_param('id', SITEID, PARAM_INT);
-$url = optional_param('url');
-$preferredtitle = optional_param('preferredtitle', '');
-$item = optional_param('item');
+$url = optional_param('url', NULL, PARAM_URL);
+$preferredtitle = optional_param('preferredtitle', '', PARAM_ALPHA);
if (!defined('MAGPIE_OUTPUT_ENCODING')) {
define('MAGPIE_OUTPUT_ENCODING', get_string('thischarset')); // see bug 3107
@@ -46,42 +45,40 @@
$straddedit = get_string('feedsaddedit', 'block_rss_client');
if ( isadmin() ) {
- $stradmin = get_string('administration');
- $strconfiguration = get_string('configuration');
- $navigation = "<a href=\"$CFG->wwwroot/$CFG->admin/index.php\">$stradmin</a> -> ".
- "<a href=\"$CFG->wwwroot/$CFG->admin/configure.php\">$strconfiguration</a> -> $straddedit";
+ $navigation = '<a href="'.$CFG->wwwroot.'/'.$CFG->admin.'/index.php">'.get_string('administration').'</a> -> '.
+ '<a href="'.$CFG->wwwroot.'/'.$CFG->admin.'/configure.php">'.get_string('configuration').'</a> -> '.$straddedit;
} else if (!empty($course)) {
- $navigation = "<a href=\"$CFG->wwwroot/course/view.php?id=$id\">$course->shortname</a> -> $straddedit";
+ $navigation = '<a href="'.$CFG->wwwroot.'/course/view.php?id='.$id.'">'.$course->shortname.'</a> -> '.$straddedit;
} else {
$navigation = $straddedit;
}
-print_header(get_string('feedsaddedit', 'block_rss_client'),
- get_string('feedsaddedit', 'block_rss_client'),
- $navigation );
+print_header($straddedit, $straddedit, $navigation);
//check to make sure that the user is allowed to post new feeds
$submitters = $CFG->block_rss_client_submitters;
-$isteacher = false;
-if (!empty($course)) {
- $isteacher = isteacher($id);
+$isteacher = empty($course) ? false : isteacher($id);
+
+if ( !isset($act) ) {
+ rss_display_feeds($id);
+ rss_print_form($act, $url, $rssid, $preferredtitle, $id);
+ print_footer();
+ die();
}
-$rss_record = get_record('block_rss_client', 'id', $rssid);
+if ( isset($rssid) ) {
+ $rss_record = get_record('block_rss_client', 'id', $rssid);
+}
//if the user is an admin or course teacher then allow the user to
//assign categories to other uses than personal
-if (!( isadmin() || $submitters == SUBMITTERS_ALL_ACCOUNT_HOLDERS ||
+if (isset($rss_record) && !( isadmin() || $submitters == SUBMITTERS_ALL_ACCOUNT_HOLDERS ||
($submitters == SUBMITTERS_ADMIN_AND_TEACHER && $isteacher) ||
- ( ($act == 'rss_edit' || $act == 'delfeed') && $USER->id == $rss_record->userid) ) ) {
+ ( ($act == 'rss_edit' || $act == 'delfeed' || $act == 'updfeed') && $USER->id == $rss_record->userid) ) ) {
error(get_string('noguestpost', 'forum').' You are not allowed to make modifications to this RSS feed at this time.', $referrer);
}
-if ($act == 'none') {
- rss_display_feeds($id);
- rss_print_form($act, $url, $rssid, $preferredtitle, $id);
-
-} else if ($act == 'updfeed') {
+if ($act == 'updfeed') {
if (empty($url)) {
error( 'url not defined for rss feed' );
}
@@ -164,7 +161,7 @@
rss_display_feeds($id);
rss_print_form($act, $dataobject->url, $dataobject->id, $dataobject->preferredtitle, $id);
*/
-} else if ( $act == 'rss_edit') {
+} else if ( isset($rss_record) && $act == 'rss_edit' ) {
$preferredtitle = stripslashes_safe($rss_record->preferredtitle);
if (empty($preferredtitle)) {
@@ -182,13 +179,11 @@
}
// echo "DEBUG: act = delfeed"; //debug
- //Daryl Hawes note: convert this sql statement to a moodle function call
- $sql = 'DELETE FROM '. $CFG->prefix .'block_rss_client WHERE id='. $rssid;
- $res= $db->Execute($sql);
+ delete_records('block_rss_client', 'id', $rssid);
redirect($referrer, get_string('feeddeleted', 'block_rss_client') );
-} else if ($act == 'view') {
+} else if ( isset($rss_record) && $act == 'view' ) {
// echo $sql; //debug
// print_object($res); //debug
if (!$rss_record->id) {
@@ -241,6 +236,5 @@
rss_display_feeds($id);
rss_print_form($act, $url, $rssid, $preferredtitle, $id);
}
-
print_footer();
?>

0 comments on commit 24f9eb4

Please sign in to comment.