Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

MDL-23532 enrol - fixed up SQL indenting and added missing sesskey ca…

…lls that were removed after refactoring
  • Loading branch information...
commit 884faffda328e397c0950a0031650e846355462b 1 parent d4c98cf
Sam Hemelryk authored April 18, 2011
8  enrol/cohort/locallib.php
@@ -219,13 +219,13 @@ function enrol_cohort_enrol_all_users(course_enrolment_manager $manager, $cohort
219 219
         return false;
220 220
     }
221 221
     $sql = "SELECT com.userid
222  
-            FROM {cohort_members} com
223  
-            LEFT JOIN (
  222
+              FROM {cohort_members} com
  223
+         LEFT JOIN (
224 224
                 SELECT *
225 225
                 FROM {user_enrolments} ue
226 226
                 WHERE ue.enrolid = :enrolid
227  
-            ) ue ON ue.userid=com.userid
228  
-            WHERE com.cohortid = :cohortid AND ue.id IS NULL";
  227
+                 ) ue ON ue.userid=com.userid
  228
+             WHERE com.cohortid = :cohortid AND ue.id IS NULL";
229 229
     $params = array('cohortid' => $cohortid, 'enrolid' => $instance->id);
230 230
     $rs = $DB->get_recordset_sql($sql, $params);
231 231
     $count = 0;
46  enrol/locallib.php
@@ -160,18 +160,17 @@ public function get_total_other_users() {
160 160
             list($ctxcondition, $params) = $DB->get_in_or_equal(get_parent_contexts($this->context, true), SQL_PARAMS_NAMED, 'ctx');
161 161
             $params['courseid'] = $this->course->id;
162 162
             $sql = "SELECT COUNT(DISTINCT u.id)
163  
-                    FROM {role_assignments} ra
164  
-                    JOIN {user} u ON u.id = ra.userid
165  
-                    JOIN {context} ctx ON ra.contextid = ctx.id
166  
-                    LEFT JOIN (
167  
-                        SELECT ue.id, ue.userid
168  
-                        FROM {user_enrolments} ue
  163
+                      FROM {role_assignments} ra
  164
+                      JOIN {user} u ON u.id = ra.userid
  165
+                      JOIN {context} ctx ON ra.contextid = ctx.id
  166
+                 LEFT JOIN (
  167
+                           SELECT ue.id, ue.userid
  168
+                             FROM {user_enrolments} ue
169 169
                         LEFT JOIN {enrol} e ON e.id=ue.enrolid
170  
-                        WHERE e.courseid = :courseid
171  
-                    ) ue ON ue.userid=u.id
172  
-                    WHERE
173  
-                        ctx.id $ctxcondition AND
174  
-                        ue.id IS NULL";
  170
+                            WHERE e.courseid = :courseid
  171
+                         ) ue ON ue.userid=u.id
  172
+                     WHERE ctx.id $ctxcondition AND
  173
+                           ue.id IS NULL";
175 174
             $this->totalotherusers = (int)$DB->count_records_sql($sql, $params);
176 175
         }
177 176
         return $this->totalotherusers;
@@ -245,17 +244,16 @@ public function get_other_users($sort, $direction='ASC', $page=0, $perpage=25) {
245 244
                     FROM {role_assignments} ra
246 245
                     JOIN {user} u ON u.id = ra.userid
247 246
                     JOIN {context} ctx ON ra.contextid = ctx.id
248  
-                    LEFT JOIN (
249  
-                        SELECT ue.id, ue.userid, ul.timeaccess AS lastseen
250  
-                        FROM {user_enrolments} ue
251  
-                        LEFT JOIN {enrol} e ON e.id=ue.enrolid
252  
-                        LEFT JOIN {user_lastaccess} ul ON (ul.courseid = e.courseid AND ul.userid = ue.userid)
  247
+               LEFT JOIN (
  248
+                       SELECT ue.id, ue.userid, ul.timeaccess AS lastseen
  249
+                         FROM {user_enrolments} ue
  250
+                    LEFT JOIN {enrol} e ON e.id=ue.enrolid
  251
+                    LEFT JOIN {user_lastaccess} ul ON (ul.courseid = e.courseid AND ul.userid = ue.userid)
253 252
                         WHERE e.courseid = :courseid
254  
-                    ) ue ON ue.userid=u.id
255  
-                    WHERE
256  
-                        ctx.id $ctxcondition AND
257  
-                        ue.id IS NULL
258  
-                    ORDER BY u.$sort $direction, ctx.depth DESC";
  253
+                       ) ue ON ue.userid=u.id
  254
+                   WHERE ctx.id $ctxcondition AND
  255
+                         ue.id IS NULL
  256
+                ORDER BY u.$sort $direction, ctx.depth DESC";
259 257
             $this->otherusers[$key] = $DB->get_records_sql($sql, $params, $page*$perpage, $perpage);
260 258
         }
261 259
         return $this->otherusers[$key];
@@ -351,11 +349,11 @@ public function search_other_users($search='', $searchanywhere=false, $page=0, $
351 349
         $countfields = 'SELECT COUNT(u.id)';
352 350
         $sql   = " FROM {user} u
353 351
                   WHERE $wherecondition
354  
-                        AND u.id NOT IN (
  352
+                    AND u.id NOT IN (
355 353
                            SELECT u.id
356 354
                              FROM {role_assignments} r, {user} u
357  
-                            WHERE r.contextid = :contextid
358  
-                                  AND u.id = r.userid)";
  355
+                            WHERE r.contextid = :contextid AND
  356
+                                  u.id = r.userid)";
359 357
         $order = ' ORDER BY lastname ASC, firstname ASC';
360 358
 
361 359
         $params['contextid'] = $this->context->id;
11  enrol/manual/editenrolment.php
@@ -84,9 +84,16 @@
84 84
 
85 85
 $mform = new enrol_manual_user_enrolment_form($url, array('user'=>$user, 'course'=>$course, 'ue'=>$ue));
86 86
 $mform->set_data($PAGE->url->params());
87  
-$data = $mform->get_data();
88  
-if ($mform->is_cancelled() || ($data && $manager->edit_enrolment($ue, $data))) {
  87
+
  88
+// Check the form hasn't been cancelled
  89
+if ($mform->is_cancelled()) {
89 90
     redirect($returnurl);
  91
+} else if ($mform->is_submitted() && $mform->is_validated() && confirm_sesskey()) {
  92
+    // The forms been submit, validated and the sesskey has been checked ... edit the enrolment.
  93
+    $data = $mform->get_data();
  94
+    if ($manager->edit_enrolment($ue, $data)) {
  95
+        redirect($returnurl);
  96
+    }
90 97
 }
91 98
 
92 99
 $fullname = fullname($user);
10  enrol/manual/locallib.php
@@ -53,11 +53,11 @@ public function find_users($search) {
53 53
         $countfields = 'SELECT COUNT(1)';
54 54
 
55 55
         $sql = " FROM {user} u
56  
-                WHERE $wherecondition
57  
-                      AND u.id NOT IN (SELECT ue.userid
58  
-                                         FROM {user_enrolments} ue
59  
-                                         JOIN {enrol} e ON (e.id = ue.enrolid AND e.id = :enrolid))";
60  
-
  56
+                WHERE $wherecondition AND 
  57
+                      u.id NOT IN (
  58
+                          SELECT ue.userid
  59
+                            FROM {user_enrolments} ue
  60
+                            JOIN {enrol} e ON (e.id = ue.enrolid AND e.id = :enrolid))";
61 61
         $order = ' ORDER BY u.lastname ASC, u.firstname ASC';
62 62
 
63 63
         if (!$this->is_validating()) {
3  enrol/manual/unenroluser.php
@@ -75,7 +75,8 @@
75 75
     print_error('erroreditenrolment', 'enrol');
76 76
 }
77 77
 
78  
-if ($confirm && $manager->unenrol_user($ue)) {
  78
+// If the unenrolment has been confirmed and the sesskey is valid unenrol the user.
  79
+if ($confirm && confirm_sesskey() && $manager->unenrol_user($ue)) {
79 80
     redirect($returnurl);
80 81
 }
81 82
 
12  enrol/self/editenrolment.php
@@ -87,10 +87,16 @@
87 87
 // Get the self enrolment edit form
88 88
 $mform = new enrol_self_user_enrolment_form($url, array('user'=>$user, 'course'=>$course, 'ue'=>$ue));
89 89
 $mform->set_data($PAGE->url->params());
90  
-$data = $mform->get_data();
91  
-// Process the form and edit the enrolment if required.
92  
-if ($mform->is_cancelled() || ($data && $manager->edit_enrolment($ue, $data))) {
  90
+
  91
+// Check the form hasn't been cancelled
  92
+if ($mform->is_cancelled()) {
93 93
     redirect($returnurl);
  94
+} else if ($mform->is_submitted() && $mform->is_validated() && confirm_sesskey()) {
  95
+    // The forms been submit, validated and the sesskey has been checked ... edit the enrolment.
  96
+    $data = $mform->get_data();
  97
+    if ($manager->edit_enrolment($ue, $data)) {
  98
+        redirect($returnurl);
  99
+    }
94 100
 }
95 101
 
96 102
 $fullname = fullname($user);
3  enrol/self/unenroluser.php
@@ -80,7 +80,8 @@
80 80
     print_error('erroreditenrolment', 'enrol');
81 81
 }
82 82
 
83  
-if ($confirm && $manager->unenrol_user($ue)) {
  83
+// If the unenrolment has been confirmed and the sesskey is valid unenrol the user.
  84
+if ($confirm && confirm_sesskey() && $manager->unenrol_user($ue)) {
84 85
     redirect($returnurl);
85 86
 }
86 87
 

0 notes on commit 884faff

Please sign in to comment.
Something went wrong with that request. Please try again.