backup/restore_check.html

<?php

    //This page receive all the restore_form data. Then, if existing course
    //has been selected, shows a list of courses to select one.
    //It cheks that the parammeter from restore_form are coherent.
    //It puts all the restore info in the session.
    //Finally, it calls restore_execute to do the hard work
    //Get objects from session

    global $DB, $OUTPUT;

    if ($SESSION) {
        $info = $SESSION->info;
        $course_header = $SESSION->course_header;
        if (isset($SESSION->restore)) {
            $restore = $SESSION->restore;
        }
    }

    //Detect if we are coming from the restore form
    $fromform = optional_param ('fromform', 0, PARAM_INT);

    if ($form1 = data_submitted()) {
        $currentcourseshortname = $course_header->course_shortname; //"store_ShortName";
        $course_header->course_shortname = !empty($form1->shortname) ? $form1->shortname : '';  //"update_ShortName";
        $course_header->course_fullname  = !empty($form1->fullname) ? $form1->fullname : '';   //"update_FullName";
    /// Roll dates only if the backup course has a start date
    /// (some formats like main page, social..., haven't it and rolling dates
    /// from 0 produces crazy dates. MDL-10125 and we have passed some custom startyear/month/day. MDL-12922
        if ($course_header->course_startdate && !empty($form1->startyear)) {
            $form1->startdate = make_timestamp($form1->startyear, $form1->startmonth, $form1->startday);
            $currentcoursestartdate = $course_header->course_startdate;
            $coursestartdatedateoffset = $form1->startdate - $currentcoursestartdate;
            $restore->course_startdateoffset = $coursestartdatedateoffset; //change to restore
            // Only apply rolling of dates if differences are bigger than one day
            // that should solve current problems with daylight changes between
            // backup and restore
            if (abs($restore->course_startdateoffset) < 24 * 60 * 60) {
                $coursestartdatedateoffset = 0;
                $restore->course_startdateoffset = 0;
            }
        } else { // don't roll if the course hasn't start date
            $coursestartdatedateoffset = 0;
            $restore->course_startdateoffset = 0;
        }
    }

    ///Enforce SESSION->course_header rewrite (PHP 4.x needed because assigns are by value) MDL-8298
    $SESSION->course_header = $course_header;

    //If restore session info exists, but we are coming from the form
    //it has prioriry
    if (isset($restore) and !empty($fromform)) {
        unset($restore);
    }

    // check for session objects
    if (empty($info) or empty($course_header)) {
      print_error('sessionmissing', 'debug', '',
              'info and course_header');
    }


    //If the restore object doesn't exist, we are going
    //to check every variable individually and create it

    if (!isset($restore)) {
        //Check that we have all we need
        //backup_unique_code
        $backup_unique_code = required_param('backup_unique_code', PARAM_INT);
        //file
        $file = required_param('file', PARAM_PATH);
        //Checks for the required restoremod parameters
        if ($allmods = $DB->get_records("modules")) {
            foreach ($allmods as $mod) {
                $modname = $mod->name;
                $var = "restore_".$modname;
                $$var = optional_param( $var,0, PARAM_CLEAN);
                $var = "restore_user_info_".$modname;
                $$var = optional_param( $var,0, PARAM_CLEAN);
                $instances = !empty($info->mods[$mod->name]->instances) ? $info->mods[$mod->name]->instances : NULL;
                if ($instances === NULL) {
                    continue;
                }
                foreach ($instances as $instance) {
                    $var = 'restore_'.$modname.'_instance_'.$instance->id;
                    $$var = optional_param($var,0,PARAM_INT);
                    $var = 'restore_user_info_'.$modname.'_instance_'.$instance->id;
                    $$var = optional_param($var,0,PARAM_INT);
                }
            }
        }
        //restoreto
        $restore_restoreto = required_param('restore_restoreto', PARAM_INT);
        //restore_users
        $restore_users = required_param('restore_users', PARAM_INT);

        $restore_groups = required_param('restore_groups', PARAM_INT);
        //restore_logs
        $restore_logs = required_param('restore_logs', PARAM_INT);
        //restore_user_files
        $restore_user_files = required_param('restore_user_files', PARAM_INT);
        //restore_course_files
        $restore_course_files = required_param('restore_course_files', PARAM_INT);
        //restore_site_files
        $restore_site_files = required_param('restore_site_files', PARAM_INT);
        //restore_gradebook_history
        $restore_gradebook_history = required_param('restore_gradebook_history', PARAM_INT);
        //restore_messages
        $restore_messages = required_param('restore_messages', PARAM_INT);
        //restore_blogs
        $restore_blogs = required_param('restore_blogs', PARAM_INT);

        //Check we've selected a course to restore to
        $course_id = optional_param('course_id', 0, PARAM_INT);

        //We are here, having all we need !!
        //Create the restore object and put it in the session
        $restore->backup_unique_code = $backup_unique_code;
        $restore->file = $file;
        if ($allmods = $DB->get_records("modules")) {
            foreach ($allmods as $mod) {
                $modname = $mod->name;
                $var = "restore_".$modname;
                $restore->mods[$modname]->restore=$$var;
                $var = "restore_user_info_".$modname;
                $restore->mods[$modname]->userinfo=$$var;
                $instances = !empty($info->mods[$mod->name]->instances) ? $info->mods[$mod->name]->instances : NULL;
                if ($instances === NULL) {
                    continue;
                }
                foreach ($instances as $instance) {
                    $var = 'restore_'.$modname.'_instance_'.$instance->id;
                    $restore->mods[$modname]->instances[$instance->id]->restore = $$var;
                    $var = 'restore_user_info_'.$modname.'_instance_'.$instance->id;
                    $restore->mods[$modname]->instances[$instance->id]->userinfo = $$var;
                }
            }
        }
        $restore->restoreto=$restore_restoreto;
        $restore->users=$restore_users;
        $restore->groups=$restore_groups;
        $restore->logs=$restore_logs;
        $restore->user_files=$restore_user_files;
        $restore->course_files=$restore_course_files;
        $restore->site_files=$restore_site_files;
        $restore->messages=$restore_messages;
        $restore->blogs=$restore_blogs;
        $restore->restore_gradebook_history=$restore_gradebook_history;
        $restore->course_id=$course_id;
        //add new vars to restore object
        $restore->course_startdateoffset = $coursestartdatedateoffset;
        $restore->course_shortname = $currentcourseshortname;

        // create role mappings, not sure all should be here
        if ($data2 = data_submitted()) {
            foreach ($data2 as $tempname=>$tempdata) {
                if (strstr($tempname, 'roles_')) {
                    $temprole = explode('_', $tempname);
                    $oldroleid = $temprole[1];
                    $newroleid = $tempdata;
                    $restore->rolesmapping[$oldroleid] = $newroleid;
                }
            }
        }

        // default role mapping for moodle < 1.7
        if ($defaultteacheredit = optional_param('defaultteacheredit', 0, PARAM_INT)) {
            $restore->rolesmapping['defaultteacheredit'] = $defaultteacheredit;
        }
        if ($defaultteacher = optional_param('defaultteacher', 0, PARAM_INT)) {
            $restore->rolesmapping['defaultteacher'] = $defaultteacher;
        }
        if ($defaultstudent = optional_param('defaultstudent', 0, PARAM_INT)) {
            $restore->rolesmapping['defaultstudent'] = $defaultstudent;
        }

    } else {
        //We have the object, so check if we have a new course_id
        //passed as parammeter
        $course_id = optional_param('course_id', 0, PARAM_INT);
        if ($course_id) {
            $restore->course_id=$course_id;
        }
    }

    // pass in the course category param
    $restore->restore_restorecatto = optional_param('restore_restorecatto', 0, PARAM_INT);

    //We have the object with data, put it in the session
    $SESSION->restore = $restore;

    //From here to the end of the script, only use the $restore object

    //Check login
    require_login();

    $loginurl = get_login_url();

    //Init restoreuserinfo
    $restoreuserinfo = false;


    //Check admin
    if (!empty($id)) {
        if (!has_capability('moodle/restore:restorecourse', get_context_instance(CONTEXT_COURSE, $id))) {
            print_error("cannotuseadminadminorteacher", '', $loginurl);
        }
        $restoreuserinfo = has_capability('moodle/restore:userinfo', get_context_instance(CONTEXT_COURSE, $id));
    } else {
        if (!has_capability('moodle/restore:restorecourse', get_context_instance(CONTEXT_SYSTEM))) {
            print_error("cannotuseadmin", '', $loginurl);
        }
        $restoreuserinfo = has_capability('moodle/restore:userinfo', get_context_instance(CONTEXT_SYSTEM));
    }

    //Check site
    $site = get_site();

    // Get all the courses the user is able to restore to
    //TODO: use better function which includes all courses for admins
    $mycourses = get_user_courses_bycap($USER->id, 'moodle/restore:restorecourse');

    // Calculate if the user can create courses
    $cancreatecourses = user_can_create_courses();

    if (empty($restore->course_id) && ($restore->restoreto == RESTORETO_CURRENT_DELETING || $restore->restoreto == RESTORETO_CURRENT_ADDING)) {
        $restore->course_id = $id; /// Force restore to current course, disabling pick course from list
    }

    //Set restore->deleting as needed
    if ($restore->restoreto == RESTORETO_CURRENT_DELETING || $restore->restoreto == RESTORETO_EXISTING_DELETING) {
        $restore->deleting = true;
    } else {
        $restore->deleting = false;
    }

    //Now, select the course if needed
    if (empty($restore->course_id) && ($restore->restoreto == RESTORETO_EXISTING_DELETING || $restore->restoreto == RESTORETO_EXISTING_ADDING)) {

        if ($courses = $mycourses) {
            echo $OUTPUT->heading(get_string("choosecourse"));
            echo $OUTPUT->box_start();
            foreach ($courses as $course) {
                if (!has_capability('moodle/restore:restorecourse', get_context_instance(CONTEXT_COURSE, $course->id))) {
                    continue;
                }
                if (empty($course->visible)) {
                    $optdimmed = ' class="dimmed" ';
                } else {
                    $optdimmed = '';
                }
                echo "<a $optdimmed href=\"restore.php?course_id=$course->id&amp;launch=check&amp;id=$id&amp;file=$file\">".format_string($course->fullname).' ('.format_string($course->shortname).')</a><br />'."\n";
            }
            echo $OUTPUT->box_end();
        } else {
            echo $OUTPUT->heading(get_string("nocoursesyet"));
            echo $OUTPUT->continue_button("$CFG->wwwroot/$CFG->admin/index.php");
        }
    //Checks everything and execute restore
    } else if (($restore->restoreto != RESTORETO_NEW_COURSE and !empty($restore->course_id)) or ($restore->restoreto == RESTORETO_NEW_COURSE)) {
        //Final access control check
        if (empty($restore->course_id) and !$cancreatecourses) {
            print_error("cannotrestoreadminorcreator");
        } else if (!empty($restore->course_id) and !has_capability('moodle/restore:restorecourse', get_context_instance(CONTEXT_COURSE, $restore->course_id))) {
            print_error("cannotrestoreadminoredit");
        }
        $show_continue_button = true;
        $messages = array();

        //Check and warn if we are restoring over frontpage (SITEID) course. MDL-19163
        if ($restore->course_id == SITEID) {
            if ($restore->restoreto == RESTORETO_CURRENT_DELETING) {
                $messages[] = get_string ('restoretositedeleting');
            } else if ($restore->restoreto == RESTORETO_CURRENT_ADDING) {
                $messages[] = get_string ('restoretositeadding');
            }
        }

        // If we have selected to roll dates on restore and the user is missing
        // such capability (moodle/restore:rolldates) in the target course/category,
        // disable roll of dates and warn
        if ($restore->course_startdateoffset != 0) {
            $canrolldates = false; // init to false

            // if we know the target course, check the capability on it
            if (!empty($restore->course_id)) {
                $canrolldates = has_capability('moodle/restore:rolldates', get_context_instance(CONTEXT_COURSE, $restore->course_id));
            // if we know the target category, check capability on it
            } else if (!empty($restore->restore_restorecatto)) {
                $canrolldates = has_capability('moodle/restore:rolldates', get_context_instance(CONTEXT_COURSECAT, $restore->restore_restorecatto));
            }

            if (!$canrolldates) {
                $messages[] = get_string ("noteusercannotrolldatesoncontext");
                $restore->course_startdateoffset = 0;
            }
        }

        //Check if we've selected any mod's user info and restore->users
        //is set to none. Change it to course and inform.
        if ($restore->users == 2) {
            $changed = false;
            $mods = $restore->mods;
            foreach ($mods as $mod) {
                if ($mod->userinfo) {
                    $changed = true;
                }
            }
            //If we have selected user files or messages or blogs, then users must be restored too
            if ($restore->user_files || $restore->messages || $restore->blogs) {
                $changed = 1;
            }
            if ($changed) {
                $messages[] = get_string ("noteuserschangednonetocourse");
                $restore->users = 1;
            }
        }

        // Re-enforce 'moodle/restore:restorecourse' at system context to be able to restore all users
        if ($restore->users == 0 and !has_capability('moodle/restore:restorecourse', get_context_instance(CONTEXT_SYSTEM))) {
            $restore->users = 1; // users => course
        }

        // Re-enforce moodle/restore:userinfo capability
        if (!$restoreuserinfo) {
            $userinfocheck = true;
            // Confirm that all the settings are properly set to no users
            // if anything is wrong, message and stop
            // First global settings
            if ($restore->users != 2 or $restore->user_files or $restore->messages or $restore->blogs) {
                $userinfocheck = false;

            // Now all modules userinfo flag
            } else {
                $mods = $restore->mods;
                foreach ($mods as $mod) {
                    if ($mod->userinfo) {
                        $userinfocheck = false;
                    }
                }
            }

            if (!$userinfocheck) { // Something was wrong
                $messages[] = get_string('restoreuserinfofailed');
                $show_continue_button = false;
            }
        }

        // Re-check all the roles creation/mapping stuff
        if (!empty($restore->course_id)) {
            $contexttosearch = get_context_instance(CONTEXT_COURSE, $restore->course_id);
        // if we know the target category, check capability on it
        } else if (!empty($restore->restore_restorecatto)) {
            $contexttosearch = get_context_instance(CONTEXT_COURSECAT, $restore->restore_restorecatto);
        } else {
            $contexttosearch = get_context_instance(CONTEXT_SYSTEM);
        }
        $cancreateroles = has_capability('moodle/role:manage', get_context_instance(CONTEXT_SYSTEM));
        $canassignroles = has_capability('moodle/role:assign', $contexttosearch);
        $canoverridecaps= has_capability('moodle/role:override', $contexttosearch) || has_capability('moodle/role:safeoverride', $contexttosearch);
        if (!empty($restore->rolesmapping)) {
            foreach ($restore->rolesmapping as $originalrole => $targetrole) {
                // First, if new role is selected, check used really can do that
                if (empty($targetrole) && !$cancreateroles) {
                    $messages[] = get_string('restorecannotcreateorassignroles');
                    $show_continue_button = false;
                    break;
                }
                // Now, check that the target role is available for role assignments
                if (!empty($targetrole) && !$canassignroles) {
                    $messages[] = get_string('restorecannotassignroles');
                    $show_continue_button = false;
                    break;
                }
                // Now, check that the target role is available for capability overrides
                if (!empty($targetrole) && !$canoverridecaps) {
                    $messages[] = get_string('restorecannotoverrideperms');
                    $show_continue_button = false;
                    break;
                }
            }
        }

    /// If restoring users and backup has mnet remote users and we are restoring to different site, forbid restore to non-admins. MDL-17009
        if ($restore->users != 2 &&                                                   /// If restoring users
            !empty($info->mnet_remoteusers) && $info->mnet_remoteusers === 'true'  && /// and backup contains remote users
            !backup_is_same_site($info)) {                              /// and backup is being restored to different site

        /// If user is admin (by 'moodle/user:create' cap), warn about conversion to local auth if missing mnet hosts and continue restore
            if (has_capability('moodle/user:create', get_context_instance(CONTEXT_SYSTEM))) {
                $messages[] = get_string('mnetrestore_extusers_admin', 'admin');
                $show_continue_button = true;

        /// else, notify about the thing (suggesting to ask admin) and stop restore
            } else {
                $messages[] = get_string('mnetrestore_extusers_noadmin', 'admin');
                $show_continue_button = false;
            }
        }

        //Save the restore session object
        $SESSION->restore = $restore;

        // Calculate all session objects checksum and store them in session too
        // so restore_execute.html (used by manual restore and import) will be
        // able to detect any problem in session info.
        restore_save_session_object_checksums($restore, $info, $course_header);

        echo "<div style='text-align:center'>";

    /// Printout messages
        foreach ($messages as $message) {
            echo '<p>' . $message . '</p>';
        }

    /// Warning and button
        if ($show_continue_button) {
            //Print the continue button to execute the restore NOW !!!!
            //All is prepared !!!
            $hidden["launch"]             = "execute";
            $hidden["file"]               =  $file;
            $hidden["id"]                 =  $id;
            $hidden["sesskey"]            =  sesskey();
            print_string('longtimewarning','admin');


        /// Restore button
            echo $OUTPUT->single_button(new moodle_url("restore.php", $hidden), get_string("restorecoursenow"));
        }
        echo "</div>";

    //If we are here. Something must be wrong. Debug !!!
    } else {
        print_object($restore);
        print_object($info);
        print_object($course_header);
        print_error('error');
    }