Skip to content
Browse files

Merge branch 'MDL-19575-m20' of git://github.com/ankitagarwal/moodle …

…into MOODLE_20_STABLE
  • Loading branch information...
2 parents 019e897 + 4ca2488 commit 33091e7e582a48eb38728a4397b3678309371f46 @stronk7 stronk7 committed Oct 4, 2011
Showing with 39 additions and 9 deletions.
  1. +1 −0 blocks/search/block_search.php
  2. +1 −0 lang/en/search.php
  3. +20 −6 search/query.php
  4. +17 −3 search/stats.php
View
1 blocks/search/block_search.php
@@ -46,6 +46,7 @@ function get_content() {
'<form id="searchquery" method="get" action="'. $CFG->wwwroot .'/search/query.php"><div>'
. '<label for="block_search_q">' . get_string('searchmoodle', 'block_search') . '</label>'
. '<input id="block_search_q" type="text" name="query_string" />'
+ . '<input id="block_instance_id" type="hidden" name="block_instanceid" value="' . $this->instance->id . '"/>'
. '<input type="submit" value="' . s(get_string('go', 'block_search')) . '" />'
. '</div></form>';
View
1 lang/en/search.php
@@ -63,6 +63,7 @@
$string['score'] = 'Score';
$string['search'] = 'Search';
$string['searching'] = 'Searching in ...';
+$string['searchnotpermitted'] = 'You are not allowed to do a search';
$string['seconds'] = 'seconds';
$string['solutions'] = 'Solutions';
$string['statistics'] = 'Statistics';
View
26 search/query.php
@@ -37,13 +37,24 @@
require_once('../config.php');
require_once($CFG->dirroot.'/search/lib.php');
+ $block_instanceid = required_param('block_instanceid', PARAM_INT);// Block Instance ID
+
if ($CFG->forcelogin) {
require_login();
}
if (empty($CFG->enableglobalsearch)) {
print_error('globalsearchdisabled', 'search');
}
+ //Check user's permissions against the block instance from which the user came
+ if (empty($block_instanceid)) {
+ print_error('searchnotpermitted', 'search');
+ }
+ if (!$DB->record_exists('block_instances', array('id' => $block_instanceid, 'blockname' => 'search'))) {
+ print_error('searchnotpermitted', 'search');
+ }
+ $contextblock = get_context_instance(CONTEXT_BLOCK, $block_instanceid);
+ require_capability('moodle/block:view', $contextblock);
$adv = new stdClass();
@@ -63,6 +74,7 @@
if ($advanced) {
$url->param('a', '1');
}
+ $url->param('block_instanceid', $block_instanceid);
$PAGE->set_url($url);
/// discard harmfull searches
@@ -166,8 +178,8 @@
// print the header
$site = get_site();
$PAGE->set_context(get_context_instance(CONTEXT_SYSTEM));
- $PAGE->navbar->add($strsearch, new moodle_url('/search/index.php'));
- $PAGE->navbar->add($strquery, new moodle_url('/search/stats.php'));
+ $PAGE->navbar->add($strsearch, new moodle_url('/search/query.php?block_instanceid=' . $block_instanceid));
+ $PAGE->navbar->add($strquery, new moodle_url('/search/stats.php?block_instanceid=' . $block_instanceid));
$PAGE->set_title($strsearch);
$PAGE->set_heading($site->fullname);
echo $OUTPUT->header();
@@ -195,16 +207,18 @@
<?php
if (!$advanced) {
?>
+ <input type="hidden" name="block_instanceid" value="<?php p($block_instanceid) ?>" />&nbsp;
<input type="text" name="query_string" length="50" value="<?php p($query_string) ?>" />&nbsp;
<input type="submit" value="<?php print_string('search', 'search') ?>" /> &nbsp;
- <a href="query.php?a=1"><?php print_string('advancedsearch', 'search') ?></a> |
- <a href="stats.php"><?php print_string('statistics', 'search') ?></a>
+ <a href="query.php?a=1&block_instanceid=<?php p($block_instanceid) ?>" ><?php print_string('advancedsearch', 'search') ?></a> |
+ <a href="stats.php?block_instanceid=<?php p($block_instanceid) ?>"><?php print_string('statistics', 'search') ?></a>
<?php
}
else {
echo $OUTPUT->box_start();
?>
<input type="hidden" name="a" value="<?php p($advanced); ?>"/>
+ <input type="hidden" name="block_instanceid" value="<?php p($block_instanceid) ?>" />
<table border="0" cellpadding="3" cellspacing="3">
@@ -269,8 +283,8 @@
<td colspan="3" align="center">
<table border="0" cellpadding="0" cellspacing="0">
<tr>
- <td><a href="query.php"><?php print_string('normalsearch', 'search') ?></a> |</td>
- <td>&nbsp;<a href="stats.php"><?php print_string('statistics', 'search') ?></a></td>
+ <td><a href="query.php?block_instanceid=<?php p($block_instanceid) ?>"><?php print_string('normalsearch', 'search') ?></a> |</td>
+ <td>&nbsp;<a href="stats.php?block_instanceid=<?php p($block_instanceid) ?>"><?php print_string('statistics', 'search') ?></a></td>
</tr>
</table>
</td>
View
20 search/stats.php
@@ -21,6 +21,8 @@
require_once('../config.php');
require_once($CFG->dirroot.'/search/lib.php');
+$block_instanceid = required_param('block_instanceid', PARAM_INT);// Block Instance ID
+
/// checks global search is enabled
if ($CFG->forcelogin) {
@@ -30,6 +32,15 @@
if (empty($CFG->enableglobalsearch)) {
print_error('globalsearchdisabled', 'search');
}
+ //Check user's permissions against the block instance from which the user came
+ if (empty($block_instanceid)) {
+ print_error('searchnotpermitted', 'search');
+ }
+ if (!$DB->record_exists('block_instances', array('id' => $block_instanceid, 'blockname' => 'search'))) {
+ print_error('searchnotpermitted', 'search');
+ }
+ $contextblock = get_context_instance(CONTEXT_BLOCK, $block_instanceid);
+ require_capability('moodle/block:view', $contextblock);
/// check for php5, but don't die yet
@@ -44,10 +55,13 @@
$site = get_site();
- $PAGE->set_url('/search/stats.php');
+ $url = new moodle_url('/search/stats.php');
+ $url->param('block_instanceid', $block_instanceid);
+ $PAGE->set_url($url);
+
$PAGE->set_context(get_context_instance(CONTEXT_SYSTEM));
- $PAGE->navbar->add($strsearch, new moodle_url('/search/index.php'));
- $PAGE->navbar->add($strquery, new moodle_url('/search/stats.php'));
+ $PAGE->navbar->add($strsearch, new moodle_url('/search/query.php?block_instanceid=' . $block_instanceid));
+ $PAGE->navbar->add($strquery, new moodle_url('/search/stats.php?block_instanceid=' . $block_instanceid));
$PAGE->set_title($strsearch);
$PAGE->set_heading($site->fullname);
echo $OUTPUT->header();

0 comments on commit 33091e7

Please sign in to comment.
Something went wrong with that request. Please try again.