Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-46553

Allow the user policy to be set through an HTML editor

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide
      1. Enable email-based self-registration
      2. Set external urls for site policy and guest site policies
      3. Install patch and run notifications
      4. Go to new settings page (security->sitepolicy)
      5. Source for site policy should be set to external url for both logged in users and guests
      6. Policy should be displayed in iframe to users who have not accepted it
      7. Log in as guest and go to a course and the policy should display
      8. Sign up. The policy should display
      9. Remove the values from site policy url settigns
      10. Users should not have to accept a policy
      11. Log in as guest and go to a course and the policy should not display
      12. Sign up. No policy should display
      13. set the policy urls again and the sources to none
      14. Users should not have to accept a policy
      15. Log in as guest and go to a course and the policy should not display
      16. Sign up. Nothing should display
      17. Provide text in the site policy text boxes
      18. Set policy sources to Text
      19. When the user is shown a policy to accept it should be the policy added in the text box
      20. Log in as guest and go to a course and the policy should be displayed
      21. Sign up. The policy should display
      22. Select None as a policy source
      23. Enter a URL in the external source
      24. Log in as a user, make sure it shows
      25. Log in as a guest and go to a course. It should show nothing and work as expected
      26. Sign up. No policy should display
      Show
      Enable email-based self-registration Set external urls for site policy and guest site policies Install patch and run notifications Go to new settings page (security->sitepolicy) Source for site policy should be set to external url for both logged in users and guests Policy should be displayed in iframe to users who have not accepted it Log in as guest and go to a course and the policy should display Sign up. The policy should display Remove the values from site policy url settigns Users should not have to accept a policy Log in as guest and go to a course and the policy should not display Sign up. No policy should display set the policy urls again and the sources to none Users should not have to accept a policy Log in as guest and go to a course and the policy should not display Sign up. Nothing should display Provide text in the site policy text boxes Set policy sources to Text When the user is shown a policy to accept it should be the policy added in the text box Log in as guest and go to a course and the policy should be displayed Sign up. The policy should display Select None as a policy source Enter a URL in the external source Log in as a user, make sure it shows Log in as a guest and go to a course. It should show nothing and work as expected Sign up. No policy should display
    • Affected Branches:
      MOODLE_25_STABLE, MOODLE_26_STABLE, MOODLE_27_STABLE, MOODLE_28_STABLE, MOODLE_29_STABLE
    • Pull Master Branch:

      Description

      The user policy, which is configured in Moodle with a full URL, is displayed in an iframe after an user has logged in for the first time.

      Using an iframe has some downsides:

      • Downside for usability: For long policy texts and small screens, there may appear two scrollbars.
      • Downside for themes: The content of the iframe has to be styled separately and is not controlled implicitly be the theme's styles (at least that's what we experienced, maybe I am talking rubbish here)
      • Downsides for impaired users: Inline text is always better than iframes for screenreaders

      Therefore, we propose to display the policy text directly within the HTML code of the /user/policy.php file.

      To prevent that existing policy file settings have to be changed, we have developed a replacement which uses CURL for fetching the policy file.

      diff --git a/user/policy.php b/user/policy.php
      index 5186868..f1556e3 100644
      --- a/user/policy.php
      +++ b/user/policy.php
      @@ -73,6 +73,97 @@ $PAGE->navbar->add($strpolicyagreement);
       echo $OUTPUT->header();
       echo $OUTPUT->heading($strpolicyagreement);
       
      +/* KIZ MODIFICATION START
      +   REASON: We want to display the user policy directly instead of using an iframe */
      +	// Set xml error handling
      +	$errorSetting = libxml_use_internal_errors(true);
      +	libxml_clear_errors();
      +
      +	// Init curl
      +	$ch = curl_init();
      +
      +	// Fetch policy HTML Page
      +	curl_setopt ($ch, CURLOPT_URL, $sitepolicy);
      +	curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
      +	$curldoc = curl_exec($ch);
      +
      +	// Was server unreachable?
      +	if ($curldoc == false) {
      +		// Inform admin directly by mail rather than using messaging
      +		@mail(get_admin()->email,
      +			'WARNING: cURL error (Connection failed)',
      +			'cURL error when displaying user policy (Connection failed): '.$sitepolicy);
      +
      +		// Quit with error message
      +		print_error('serverconnection','core_error');
      +	}
      +
      +	// Or was there an http error?
      +	else if (curl_getinfo($ch,CURLINFO_HTTP_CODE) > 200) {
      +		// Inform admin directly by mail rather than using messaging
      +		@mail(get_admin()->email,
      +			'WARNING: cURL error (HTTP Code '.curl_getinfo($ch,CURLINFO_HTTP_CODE).')',
      +			'cURL error when displaying user policy (HTTP Code '.curl_getinfo($ch,CURLINFO_HTTP_CODE).'): '.$sitepolicy);
      +
      +		// Quit with error message
      +		print_error('serverconnection','core_error');
      +	}
      +
      +	// Otherwise the document should have arrived
      +	else {
      +		// load dom
      +		$policydoc = new DOMDocument();
      +		$policydoc->loadHTML($curldoc);
      +
      +		// extract body node
      +		$bodynode = $policydoc->getElementsByTagName('body')->item(0);
      +
      +		// Build new dom tree with content of body node
      +		$html = new DOMDocument();
      +		foreach ($bodynode->childNodes as $child) {
      +			// If node is DOMComment, remove node
      +			if (get_class($child) == 'DOMComment')
      +				continue;
      +			else {
      +				// Add element to html code
      +				$html->appendChild($html->importNode($child, true));
      +			}
      +		}
      +
      +		// Clean html code
      +		$nodes = $html->getElementsByTagName('*');
      +		foreach ($nodes as $node) {
      +			// Remove class attribute
      +			if ($node->hasAttribute('class'))
      +				$node->removeAttribute('class');
      +			// Remove id attribute
      +			if ($node->hasAttribute('id'))
      +				$node->removeAttribute('id');
      +			// Remove style attribute
      +			if ($node->hasAttribute('style'))
      +				$node->removeAttribute('style');
      +		}
      +
      +		// Print html code
      +		echo '<div id="policybox">';
      +		echo $html->saveHTML();
      +		echo '</div>';
      +	}
      +
      +	// Curl close
      +	curl_close($ch);
      +
      +	// Reset xml error handling
      +	libxml_clear_errors();
      +	libxml_use_internal_errors($errorSetting);
      +
      +/* KIZ MODIFICATION END */
      +/* ORIGINAL START
       $mimetype = mimeinfo('type', $sitepolicy);
       if ($mimetype == 'document/unknown') {
           // Fallback for missing index.php, index.html.
      @@ -85,6 +176,7 @@ $clicktoopen = '<a href="'.$sitepolicy.'" onclick="this.target=\'_blank\'">'.$st
       echo '<div class="noticebox">';
       echo resourcelib_embed_general($sitepolicy, $strpolicyagreement, $clicktoopen, $mimetype);
       echo '</div>';
      +   ORIGINAL END */
       
       $formcontinue = new single_button(new moodle_url('policy.php', array('agree' => 1)), get_string('yes'));
       $formcancel = new single_button(new moodle_url($CFG->wwwroot.'/login/logout.php', array('agree' => 0)), get_string('no'));
      

      If the CURL solution is too big for you, a simple rich text configuration box where admins can input the policy text, may suffice for most installations. This would also solve the problem that the policy text has to be hosted separately.

        Attachments

        1. drupal signup.png
          drupal signup.png
          9 kB
        2. facebook signup.png
          facebook signup.png
          11 kB
        3. open2study signup.png
          open2study signup.png
          6 kB
        4. OU online signup.png
          OU online signup.png
          9 kB
        5. Screenshot 2016-01-28 09.52.48.png
          Screenshot 2016-01-28 09.52.48.png
          95 kB
        6. Screenshot 2016-01-28 09.53.22.png
          Screenshot 2016-01-28 09.53.22.png
          13 kB

          Issue Links

            Activity

              People

              • Votes:
                6 Vote for this issue
                Watchers:
                11 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: