Totara Release Notes

Totara Learn Evergreen-20180419, 11.2, 10.8, 9.19, 2.9.31, 2.7.39, 2.6.56, 2.5.63, 2.4.62, and 2.2.66

 
Sam Hemelryk
Totara Learn Evergreen-20180419, 11.2, 10.8, 9.19, 2.9.31, 2.7.39, 2.6.56, 2.5.63, 2.4.62, and 2.2.66
par Sam Hemelryk, Wednesday 18 April 2018, 22:39
Groupe Totara

Hello everyone,

The following versions of Totara Learn have now been released:

A big thanks to the following people for their contributions to this release:

  • Andrew Davidson at Synergy Learning - TL-17344
  • James Voong from Catalyst - TL-17357
  • Martin Sandberg at Xtractor - TL-17264

Evergreen users please be aware that due to a mistake during tagging the Evergreen release this month will identify itself as Alpha.
It is in fact an Evergreen release, we will fix this mistake with the next release.

Kind regards
Sam Hemelryk

Release 11.2 (19th April 2018):

Important:
TL-17097Merged patches from Moodle releases 3.2.6, 3.2.7, and 3.2.8

Improvements:
TL-10295Added link validation for report builder rb_display functions

In some cases if a param value in rb_display function is empty the function returns the HTML link with empty text which breaks a page's accessibility.
TL-14282Imported ADOdb library v5.20.12

TL-15739Imported HTMLPurifier library v4.10.0

TL-16255Added a "readonly" state to the Totara reserved custom fields to prevent users from changing the pre-existing seminar custom fields

TL-16327Implemented user data items for Report Builder

Added items that allow exporting and purging of user-made saved searches (private and public), scheduled reports, and their participation in global report restriction.
TL-16332Implemented user data items for Audience memberships

Items for exporting and purging a user's audience membership has been added. This is split into two items: Set audience membership and dynamic audience membership.
TL-16334Implemented user data items for component and plugin user preference data

It is now possible to export and purge user preference data being used by all parts of the system.
These preferences store a range of information, all pertaining to the user, and the state of things that they have interacted with on the site, or the decisions that they have made.
Some examples are:
* What user tours the user has completed, and when.
* The admin bookmarks that they have saved.
* Their preferences for the course overview block.
* Whether they have docked the admin and navigation blocks.
* Their preferred display mode for forums.
* What regions within a workshop activity they have collapsed.
TL-16345Implemented user data item for event monitor subscriptions

Implemented user data item for event monitor subscriptions to allow the exporting and purging of user data kept in relation to event monitoring.
TL-16346Implemented user data items for Feedback360

Feedback360 has two user data items, both implementing export and purge:
* The user assignments item, this covers all of a user's assignments to a Feedback360 and all responses to their requests.
* The response assignments item, this covers all of a user's responses to other user's Feedback360 requests.

It is worth noting that self evaluation responses will be included in both user data items.
TL-16349Implemented user data items for Learning Plans and Evidence

This allows user data for Learning Plans and Evidence items to be purged and exported.
TL-16350Implemented user data items for Appraisals

Added five user data items:
* "Appraisals" - purge all appraisal data where the user is a learner
* "As the learner, excluding hidden answers from other roles" - export all appraisal content that the user can see as a learner
* "As the learner, including hidden answers from other roles" - export all appraisal content, including all answers from other roles, regardless of visibility settings, where the user is the learner
* "Participation in other users' appraisals" - export all other users' appraisals that the user is currently participating in
* "Participation history" - export the history of participation in other users' appraisals
TL-16357Implemented user data item for LTI submissions

TL-16360Implemented user data item for glossary entries, comments and ratings

TL-16365Implemented user data items for the Wiki module

The following user data items have been introduced:
* Individual wiki as a whole.
* Collaborative wiki files export files uploaded by the user to the collaborative wiki.
* Collaborative wiki comments exports\purges user's comments for collaborative wiki pages.
* Collaborative wiki versions exports collaborative wiki page versions submitted by the user.
TL-16367Implemented user data items for standard and legacy logs

TL-16582Updated language contextual help strings to use terminology consistent with the rest of Totara

This change updates the contextual help information displayed against form labels. For example this includes references to System roles, such as student and teacher, have been replaced with learner and trainer.

In addition, HTML mark-up has been removed in the affected strings and replaced with Markdown.
TL-16736Implemented user data items for course enrolments

Added two user data items that allow exporting and purging:
* An item for course enrolment data.
* An item for pending enrolments that belong to the Flat file enrolment plugin.
TL-16739Implemented user data items for program and certification completion

This includes exporting and purging of program and certification assignments, completion records (including completion history and logs). It also includes exceptions, program extensions and the log of program messages sent to the user.

Users are unassigned from any program or certification regardless of the assignment type. If users were assigned via audience, position or organisation it's possible that they will be reassigned automatically as soon as the next scheduled task for dynamic user assignment is triggered.
TL-16773Implemented user data item for the Community Block

TL-16775Implemented user data item for RSS client

TL-16777Implemented user data item for the Featured links block

TL-16840Implemented user data item for user data export requests

TL-16848Renamed the "Site policies" side menu item in the "Security" section

The Security > "Site policies" side menu item has been renamed to "Security settings" to avoid confusion with the new "Site policies" item when GDPR site policies are enabled.
TL-16877Implemented user data items for comments and HTML blocks

Now it is possible to purge, export and audit the data stored in the comments and HTML blocks.

In case of the comments block item, all comments made by users in all created comment blocks are purged or exported. This affects the front page, personal dashboards and courses.

In case of the HTML block item, all blocks created by the users in their personal dashboards are purged and exported. HTML blocks in other contexts (front page, courses) are not affected as they are related to the course or the site and not personal to the user.
TL-16936Implemented user data item for Competency progress

The competency progress item is specifically for the comp_criteria_record table; other competency tables are handled by the competency status item.
TL-17024Added detection of pending upgrades to admin settings related pages

TL-17137The site policy user consent report now appears in the settings block

A user consent report exists for the new site policy tool, however it was never linked to from the current navigation. This user consent report is now linked to from the Settings block, you can find it by navigating to Security > Site policies > User consent report.
TL-17170Included hidden items while updating the sort order of Programs and Certifications

TL-17227Implemented user data item for role assignments

TL-17268Upgraded Node.js requirements to v8 LTS

TL-17280Improved compatibility for browsers with disabled HTTP referrers

TL-17321Added visibility checks to the Program deletion page

Previously the deletion of hidden programs was being stopped by an exception in the deletion code, we've fixed the exception and added an explicit check to only allow deletion of programs the user can see. If you have users or roles with the totara/program:deleteprogram capability you might want to consider allowing totara/program:viewhiddenprograms as well.
TL-17352PHPUnit and Behat do not show composer suggestions any more to minimise developer confusion

TL-17354Ordered all user data item groups alphabetically

TL-17357Unsupported symlinks are now ignored in phpunit tests

TL-17362Implemented user data item for portfolios

Implemented user data elements for portfolios. This allows the exporting and purging of user data kept in relation to exporting of data to portfolios.
TL-17373Implemented user data item for external blogs

This user data items takes care of the exporting and purging of external blogs. It includes all external blogs created by the user, including tags assigned to it, all synced posts, and all comments made on the blogs.
TL-17374Implemented user data item for Course requests

TL-17378Implemented user data item for the transaction information of the PayPal enrolment plugin

When the user enrols via PayPal the transaction details are sent to the IPN endpoint in Totara which records the information in the enrol_paypal table. The user data item takes care of purging, exporting and counting this transaction information.
TL-17384composer.json now includes PHP version and extension requirements

TL-17390Enabled the "Force users to log in to view user pictures" setting by default for new installations to improve privacy

TL-17403Removed calls to deprecated table() and cellpadding() functions within forum ratings and external blogs

Bug fixes:
TL-14364Disabled the option to issue a certificate based on the time spent on the course when tracking data is not available

The certificate activity has an option which requires a certain amount of time to be spent on a course to receive a certificate. This time is calculated on user actions recorded in the standard log. When the standard log is disabled, the legacy log will be used instead. If both logs are disabled, the option will also be disabled.

Please note, if the logs are disabled, and then re-enabled, user actions in the time the logs were disabled will not be recorded. Consequently, actions in this period will not be counted towards time spent on the course.
TL-16122Added the 'Enrolments displayed on course page' setting for the Seminar direct enrolment plugin and method

Previously the amount of enrolments on the course page was controlled by the 'Events displayed on course page' course setting. Now there are two new settings, one is under "Site administration > Plugins > Enrolments > Seminar direct enrolment plugin" where the admin can set a default value for all courses with the Seminar direct enrolment method. The other is under the Course seminar direct enrolment method where the admin can set a different value. The available options are "All(default), 2, 4, 8, 16" for both settings.
TL-16461Fixed the date offset being applied to user completion dates when restoring a course

TL-16724Fixed an error while backing up a course containing a deleted glossary

This error occurred while attempting to backup a course that contained a URL pointing to a glossary activity that had been deleted in the course description. Deleted glossary items are now skipped during the backup process.
TL-16821Removed an error that was stopping redisplay questions in Appraisals from displaying the same question twice

TL-16839Ensured that the names of deleted users are not shown in forum ratings

TL-16853Fixed bug in DomPDF when using a css file without a @page tag

TL-16894Fixed HR import ignoring the default user email preferences when creating new users

TL-16898Fixed the seminar booking email with iCal invitation not containing the booking text in some email clients.

Some email clients only display the iCal invitation and do not show the email text if the email contains a valid iCal invitation. To handle this the iCal description will now include the booking email text as well as Seminar and Seminar session description.
TL-16926Limited the maximum number of selected users in the Report builder job assignment filter

Added 'selectionlimit' option to manager field filters, also introduced "$CFG->totara_reportbuilder_filter_selected_managers_limit" to limit the number of selected managers in the report builder job assignment filter dialog. The default value is 25, to make it unlimited, set it to 0.

This patch also removed the equals and not-equals options from the job assignment filter when multiple job assignments are not enabled.
TL-17131Fixed the user's appraisal snapshots not being deleted when the user is deleted

Previously, when an appraisal belonging to a user was deleted (such as when the user was deleted), any related snapshots that had been generated were inadvertently being kept. While these orphaned snapshots could not be accessed through the Totara front end, they could still potentially be accessed through the server's file system.

This patch ensures that appraisal snapshots are deleted when the appraisals they belong to are deleted. During upgrade, it also deletes all appraisal snapshots which belong to user appraisal assignments which no longer exist.
TL-17151Fixed the positioning of filters and search options in the dropdown selector on the Report builder edit filters page

When a filter option or search column was added in an embedded report, and then removed by clicking the delete button, it was not being added back into the right heading within the selectbox. Instead it was added at the end of the selectbox with an untranslated key as a heading, it is now placed back at the end of the correct heading.
TL-17167Fixed the 'show blank date records' filter option remaining selected after clearing search in reports

TL-17226Ensure that menu items are correctly being marked as selected in the Totara menu

Totara menu items are not always being identified as selected when the URL contains query strings. This change insures that they are by comparing against the full URL.
TL-17231Fixed the display of RPL course completion data after being restored from the recycle bin

Added cache cleaning into the course completion restore step to reflect database changes that were not displayed immediately after course restoration.
TL-17235Changed the cancellation string when cancelling a Seminar session to be consistent with other occurrences

TL-17254Fixed a custom field error for appraisals when goal review question was set up with "Multiple fields" option

TL-17264Stopped a mustache template escaping Identity Providers (IDP) URLs

Identity Provider URLs that contained query strings were not linking correctly as html entities were being introduced. Removing the escaping within the mustache template fixes this.
TL-17267Fixed the resetting of the 'Automatically cancel reservations' checkbox when updating a Seminar

TL-17295Re-implemented the toggle class 'collapsed' functionality for site admin navigation

TL-17344Added missing closing dl tag when auditing a user's data

TL-17351Removed unwanted line breaks in the manage repositories table

TL-17358Fixed notification preference override during Totara Connect sync

Changes made to a user's notification preferences on a Totara Connect client site will no longer be overridden during sync.
TL-17366Cleaned up several small bugs within the site policy tool

Several small bugs and coding style cleanups have been made within the site policy tool. None of these affect the behaviour of the tool, but they will remove a few harmless notices when working with custom translations.
TL-17386Fixed the syncing of the suspended flag in Totara Connect

When users are synced between a Totara Connect server and client, a user's suspended flag is only changed on the client when a previously deleted/suspended user is restored on the server and then re-synced to the client with the "auth_connect/removeuser" configuration setting set to "Suspend internal user"
TL-17392Fixed the seminar events report visibility records when Audience-based visibility is enabled

When a course had audience-based visibility enabled and the course visibility was set to anything other than "All users", the seminar events report was still displaying the course to users even when they didn't match the visibility criteria. This has been corrected.
TL-17406Fixed the site policy page being displayed if the admin was logged in as a learner

Previously if "Site policy" was enabled, the admin user could log in as a learner and be able to consent to the policy instead of the actual user. This patch will stop the display of the site policy page if the admin user logs in as a learner.
TL-17407Fixed the message bar disappearing for the admin user when site policy is enabled

TL-17415Stopped updating calendar entries for cancelled events when updating the seminar information

Previously the system re-created the site, course, and user calendar entries when updating seminar information. This patch added validation to calendar updates for cancelled events.
Miscellaneous Moodle fixes:
TL-16994MDL-55849: Fixed an issue where reopening a group assignment was creating additional attempts for each group member

TL-16995MDL-35849: Added "alert" role HTML attribute to the log in errors

This allows screen readers to identify when a user has not logged in correctly
TL-16996MDL-60025: Fixed editing a book's chapter did not update timemodified returned by core_course_get_contents

TL-16997MDL-59808: Fixed REST simpleserver ignoring the moodlewsrestformat parameter

TL-16999MDL-59867: Removed a chance of autocomplete fields using duplicate IDs

When there were multiple uses of autocomplete fields, there was a chance that the generated HTML ids were not unique.
TL-17000MDL-59399: Advanced settings when adding media to an assignment submission works as expected

TL-17002MDL-59929: Improved usability when duplicate email entered during user registration

TL-17003MDL-60039: Fixed messaging search areas using 'timecreated' instead of 'timeread' to index search

TL-17006MDL-37810: Made sure all roles are displayed in profile and courses if a user has moodle/role:assign capability

Users with 'moodle/role:assign' capability now see all roles in user profiles, course participants list and Auto-create group.
TL-17007MDL-52131: Made sure question manual comment is respecting comment format in Plain text area editor

TL-17008MDL-60105: Fixed global search fatal error when a file in Folder activity is renamed

TL-17009MDL-60018: Fixed chatmethod field type in get_chats_by_courses() web services method

TL-17012MDL-60167: Fixed hubs registration issues

TL-17013MDL-54540: Added allowfullscreen attribute to LTI iFrames to ensure the full screen can be used

This change adds attributes to the LTI iframe allowing the content to be viewed in full screen.
TL-17015MDL-60121: Fixed enrol plugin backup

TL-17017MDL-59645: Fixed Flickr integration

TL-17019MDL-59931: Fixed incorrect pagination on Quiz grades results report

TL-17023MDL-58790: Replaced a hard coded heading with a language string when editing a quiz

TL-17025MDL-60198: Added missing MOODLE_INTERNAL checks in the external functions

TL-17027MDL-57228: Fixed error when adding a questions to a quiz with section headings

When adding questions to a quiz that has section headings a unique key violation can cause an error to occur if you have a section with a single question in it.
TL-17028MDL-60317: Fixed errors in quiz attempts reports

TL-17030MDL-60346: Fixed an issue where Solr connection ignored proxy settings

TL-17032MDL-60276: Fixed LTI content item so it correctly populates the tool URL when using https

TL-17033MDL-60357: Fixed an issue where future modified times of the documents caused search indexing problems

TL-17034MDL-59854: Fixed creation of the duplicate forum subscriptions due to the database query race conditions

TL-17037MDL-60335: Fixed encoding of non-ASCII site names in blocked hosts

TL-17038MDL-60247: Fixed an issue where multilang was not displayed correctly in Random glossary and in HTML block titles

TL-17040MDL-60182: Improved location of print icon in glossary in RTL languages

TL-17041MDL-60233: Added the use of the s() function to ensure Assignment module web services warnings adhere to the param type PARAM_TEXT

TL-17042MDL-58915: Fixed an issue where Solr connection was blocked by cURL restrictions

TL-17043MDL-60449: Various language strings improvements in courses and administration

TL-17044MDL-60314: Fixed an issue with variable being overridden causing capability not found errors

TL-17046MDL-60123: Fixed an issue where assignment grading annotations could not be deselected

TL-17048MDL-52653: Fixed increment number of attempts for SCORM 2004 activity

Added tracking of 'cmi.completion_status' element that is sent by SCORM 2004 activities.
TL-17050MDL-60489: Content height changes when using the modal library are now smooth transitions

TL-17053MDL-36580: Added encryption of secrets in backup and restore functionality

LTI (external tool) activity secret and key are encrypted during backup and decrypted during restore using aes-256-cbc encryption algorithm. Encryption key is stored in the site configuration so backup made with encryption will be restored with lti key and secret on the same site, and without these values on different site.
TL-17054MDL-60538: Added new language string in the Lesson module displayed on the final wrong answer

TL-17055MDL-60571: Styled "Save and go to next page" as a primary button when manually grading quiz questions

TL-17057MDL-51892: Added a proper description of the login errors

TL-17058MDL-60535: Improved style of button when adding questions from a question bank to a quiz

TL-17059MDL-60162: Fixed an error when downloading quiz attempts reports

TL-17065MDL-60360: Improved the help text for the search indicating that changes to the Solr setting requires a full re-index

TL-17067MDL-59606: Fixed edge cases in the Quiz reports

TL-17068MDL-60377: Made sure text returned by web services is formatted correctly

TL-17069MDL-52037: Background of the tooltip for embedded question answer is now the correct size

TL-17071MDL-60522: Fixed duplicate tooltips in notifications and messages popovers

TL-17074MDL-60607: Fixed message displayed when viewing quiz attempts using separate groups setting

This issue occurs when a trainer who is not part of a group is viewing quiz attempts and the "Group Mode" setting is set to "Separate groups". A message was showing "No students enrolled in this course yet", now the message shown is "Sorry, but you need to be part of a group to see this activity". Being part of a group is an existing requirement when separate groups is set.
TL-17076MDL-60007: Corrected LTI so delete action without a content type is considered valid.

A DELETE operation does not contain any data in the body, and so should not need to have a Content-Type header as no data is sent. However the current LTI Service routing stack will consider a non GET incoming request incorrect if it does not contain a Content-Type. This patch corrects this behaviour.
TL-17077MDL-53501: Fixed get_site_info in Webservices failing if usermaxuploadfilesize setting overflows PARAM_INT

TL-17080MDL-51945: Fixed update_users web service to stop duplicate emails being sent

When updating users using the core_user_update_users webservice duplicate emails for users were being allowed no matter what the "Allow accounts with same email" setting was set to. After this change duplicate emails are only allowed if this setting is turned on.
TL-17081MDL-58047: Fixed an issue where sort by last modified (submission) was not sorting as expected in grading of assignments

TL-17082MDL-60437: Fixed multilingual HTML block title

TL-17083MDL-59858: After closing a modal factory modal, focus goes back to the element that triggered it.

TL-17084MDL-60424: Updated the web services upload to allow cross-origin requests (CORS)

TL-17085MDL-60671: Switched cron output to use mtrace() function

TL-17086MDL-57772: Chat beep doesn't make an audible sound

TL-17087MDL-60717: Minor language string improvements in LDAP authentication method

TL-17088MDL-60733: Fixed an issue with google_oauth which led to a broken Picasa repository

TL-17089MDL-58699: Improved the security of the quiz module while using browser security settings

When the "Browser Security" setting is set to "Full screen pop-up with some JavaScript security", the "Attempt quiz" button is no longer visible if a user has JavaScript disabled.
TL-17092MDL-60615: Fixed course restore in IMSCC format

TL-17093MDL-60550: Added more restrictions in keyword user searches

TL-17094MDL-52838: Fixed an undefined variable warning and improved form validation in the Workshop module assessment form

TL-17095MDL-60749: Fixed display issue when exporting SCORM interaction report

When downloading a SCORM interaction report " " is shown instead of empty string when there is no value.
TL-17096MDL-60771: Typecasted scorm score to an integer to avoid debugging error in scorm reports

TL-17326MDL-60436: Improved the performance of block loading

TL-17335MDL-61269: Set composer license to GPL-3.0-or-later

TL-17337MDL-61392: Improved the IPN notifications handling in Paypal enrollment plugin

Contributions:
Andrew Davidson at Synergy Learning - TL-17344
James Voong from Catalyst - TL-17357
Martin Sandberg at Xtractor - TL-17264

Release 10.8 (19th April 2018):

Important:
TL-17097Merged patches from Moodle releases 3.2.6, 3.2.7, and 3.2.8

Improvements:
TL-10295Added link validation for report builder rb_display functions

In some cases if a param value in rb_display function is empty the function returns the HTML link with empty text which breaks a page's accessibility.
TL-14282Imported ADOdb library v5.20.12

TL-15739Imported HTMLPurifier library v4.10.0

TL-16582Updated language contextual help strings to use terminology consistent with the rest of Totara

This change updates the contextual help information displayed against form labels. For example this includes references to System roles, such as student and teacher, have been replaced with learner and trainer.

In addition, HTML mark-up has been removed in the affected strings and replaced with Markdown.
TL-17024Added detection of pending upgrades to admin settings related pages

TL-17170Included hidden items while updating the sort order of Programs and Certifications

TL-17268Upgraded Node.js requirements to v8 LTS

TL-17280Improved compatibility for browsers with disabled HTTP referrers

TL-17321Added visibility checks to the Program deletion page

Previously the deletion of hidden programs was being stopped by an exception in the deletion code, we've fixed the exception and added an explicit check to only allow deletion of programs the user can see. If you have users or roles with the totara/program:deleteprogram capability you might want to consider allowing totara/program:viewhiddenprograms as well.
TL-17352PHPUnit and Behat do not show composer suggestions any more to minimise developer confusion

TL-17357Unsupported symlinks are now ignored in phpunit tests

TL-17384composer.json now includes PHP version and extension requirements

TL-17403Removed calls to deprecated table() and cellpadding() functions within forum ratings and external blogs

Bug fixes:
TL-14364Disabled the option to issue a certificate based on the time spent on the course when tracking data is not available

The certificate activity has an option which requires a certain amount of time to be spent on a course to receive a certificate. This time is calculated on user actions recorded in the standard log. When the standard log is disabled, the legacy log will be used instead. If both logs are disabled, the option will also be disabled.

Please note, if the logs are disabled, and then re-enabled, user actions in the time the logs were disabled will not be recorded. Consequently, actions in this period will not be counted towards time spent on the course.
TL-16122Added the 'Enrolments displayed on course page' setting for the Seminar direct enrolment plugin and method

Previously the amount of enrolments on the course page was controlled by the 'Events displayed on course page' course setting. Now there are two new settings, one is under "Site administration > Plugins > Enrolments > Seminar direct enrolment plugin" where the admin can set a default value for all courses with the Seminar direct enrolment method. The other is under the Course seminar direct enrolment method where the admin can set a different value. The available options are "All(default), 2, 4, 8, 16" for both settings.
TL-16724Fixed an error while backing up a course containing a deleted glossary

This error occurred while attempting to backup a course that contained a URL pointing to a glossary activity that had been deleted in the course description. Deleted glossary items are now skipped during the backup process.
TL-16821Removed an error that was stopping redisplay questions in Appraisals from displaying the same question twice

TL-16853Fixed bug in DomPDF when using a css file without a @page tag

TL-16894Fixed HR import ignoring the default user email preferences when creating new users

TL-16898Fixed the seminar booking email with iCal invitation not containing the booking text in some email clients.

Some email clients only display the iCal invitation and do not show the email text if the email contains a valid iCal invitation. To handle this the iCal description will now include the booking email text as well as Seminar and Seminar session description.
TL-16926Limited the maximum number of selected users in the Report builder job assignment filter

Added 'selectionlimit' option to manager field filters, also introduced "$CFG->totara_reportbuilder_filter_selected_managers_limit" to limit the number of selected managers in the report builder job assignment filter dialog. The default value is 25, to make it unlimited, set it to 0.

This patch also removed the equals and not-equals options from the job assignment filter when multiple job assignments are not enabled.
TL-17151Fixed the positioning of filters and search options in the dropdown selector on the Report builder edit filters page

When a filter option or search column was added in an embedded report, and then removed by clicking the delete button, it was not being added back into the right heading within the selectbox. Instead it was added at the end of the selectbox with an untranslated key as a heading, it is now placed back at the end of the correct heading.
TL-17167Fixed the 'show blank date records' filter option remaining selected after clearing search in reports

TL-17226Ensure that menu items are correctly being marked as selected in the Totara menu

Totara menu items are not always being identified as selected when the URL contains query strings. This change insures that they are by comparing against the full URL.
TL-17231Fixed the display of RPL course completion data after being restored from the recycle bin

Added cache cleaning into the course completion restore step to reflect database changes that were not displayed immediately after course restoration.
TL-17235Changed the cancellation string when cancelling a Seminar session to be consistent with other occurrences

TL-17254Fixed a custom field error for appraisals when goal review question was set up with "Multiple fields" option

TL-17264Stopped a mustache template escaping Identity Providers (IDP) URLs

Identity Provider URLs that contained query strings were not linking correctly as html entities were being introduced. Removing the escaping within the mustache template fixes this.
TL-17267Fixed the resetting of the 'Automatically cancel reservations' checkbox when updating a Seminar

TL-17295Re-implemented the toggle class 'collapsed' functionality for site admin navigation

TL-17351Removed unwanted line breaks in the manage repositories table

TL-17358Fixed notification preference override during Totara Connect sync

Changes made to a user's notification preferences on a Totara Connect client site will no longer be overridden during sync.
TL-17386Fixed the syncing of the suspended flag in Totara Connect

When users are synced between a Totara Connect server and client, a user's suspended flag is only changed on the client when a previously deleted/suspended user is restored on the server and then re-synced to the client with the "auth_connect/removeuser" configuration setting set to "Suspend internal user"
TL-17392Fixed the seminar events report visibility records when Audience-based visibility is enabled

When a course had audience-based visibility enabled and the course visibility was set to anything other than "All users", the seminar events report was still displaying the course to users even when they didn't match the visibility criteria. This has been corrected.
TL-17415Stopped updating calendar entries for cancelled events when updating the seminar information

Previously the system re-created the site, course, and user calendar entries when updating seminar information. This patch added validation to calendar updates for cancelled events.
Miscellaneous Moodle fixes:
TL-16994MDL-55849: Fixed an issue where reopening a group assignment was creating additional attempts for each group member

TL-16995MDL-35849: Added "alert" role HTML attribute to the log in errors

This allows screen readers to identify when a user has not logged in correctly
TL-16996MDL-60025: Fixed editing a book's chapter did not update timemodified returned by core_course_get_contents

TL-16997MDL-59808: Fixed REST simpleserver ignoring the moodlewsrestformat parameter

TL-16999MDL-59867: Removed a chance of autocomplete fields using duplicate IDs

When there were multiple uses of autocomplete fields, there was a chance that the generated HTML ids were not unique.
TL-17000MDL-59399: Advanced settings when adding media to an assignment submission works as expected

TL-17002MDL-59929: Improved usability when duplicate email entered during user registration

TL-17003MDL-60039: Fixed messaging search areas using 'timecreated' instead of 'timeread' to index search

TL-17006MDL-37810: Made sure all roles are displayed in profile and courses if a user has moodle/role:assign capability

Users with 'moodle/role:assign' capability now see all roles in user profiles, course participants list and Auto-create group.
TL-17007MDL-52131: Made sure question manual comment is respecting comment format in Plain text area editor

TL-17008MDL-60105: Fixed global search fatal error when a file in Folder activity is renamed

TL-17009MDL-60018: Fixed chatmethod field type in get_chats_by_courses() web services method

TL-17012MDL-60167: Fixed hubs registration issues

TL-17013MDL-54540: Added allowfullscreen attribute to LTI iFrames to ensure the full screen can be used

This change adds attributes to the LTI iframe allowing the content to be viewed in full screen.
TL-17015MDL-60121: Fixed enrol plugin backup

TL-17017MDL-59645: Fixed Flickr integration

TL-17019MDL-59931: Fixed incorrect pagination on Quiz grades results report

TL-17023MDL-58790: Replaced a hard coded heading with a language string when editing a quiz

TL-17025MDL-60198: Added missing MOODLE_INTERNAL checks in the external functions

TL-17027MDL-57228: Fixed error when adding a questions to a quiz with section headings

When adding questions to a quiz that has section headings a unique key violation can cause an error to occur if you have a section with a single question in it.
TL-17028MDL-60317: Fixed errors in quiz attempts reports

TL-17030MDL-60346: Fixed an issue where Solr connection ignored proxy settings

TL-17032MDL-60276: Fixed LTI content item so it correctly populates the tool URL when using https

TL-17033MDL-60357: Fixed an issue where future modified times of the documents caused search indexing problems

TL-17034MDL-59854: Fixed creation of the duplicate forum subscriptions due to the database query race conditions

TL-17037MDL-60335: Fixed encoding of non-ASCII site names in blocked hosts

TL-17038MDL-60247: Fixed an issue where multilang was not displayed correctly in Random glossary and in HTML block titles

TL-17040MDL-60182: Improved location of print icon in glossary in RTL languages

TL-17041MDL-60233: Added the use of the s() function to ensure Assignment module web services warnings adhere to the param type PARAM_TEXT

TL-17042MDL-58915: Fixed an issue where Solr connection was blocked by cURL restrictions

TL-17043MDL-60449: Various language strings improvements in courses and administration

TL-17044MDL-60314: Fixed an issue with variable being overridden causing capability not found errors

TL-17046MDL-60123: Fixed an issue where assignment grading annotations could not be deselected

TL-17048MDL-52653: Fixed increment number of attempts for SCORM 2004 activity

Added tracking of 'cmi.completion_status' element that is sent by SCORM 2004 activities.
TL-17050MDL-60489: Content height changes when using the modal library are now smooth transitions

TL-17053MDL-36580: Added encryption of secrets in backup and restore functionality

LTI (external tool) activity secret and key are encrypted during backup and decrypted during restore using aes-256-cbc encryption algorithm. Encryption key is stored in the site configuration so backup made with encryption will be restored with lti key and secret on the same site, and without these values on different site.
TL-17054MDL-60538: Added new language string in the Lesson module displayed on the final wrong answer

TL-17055MDL-60571: Styled "Save and go to next page" as a primary button when manually grading quiz questions

TL-17057MDL-51892: Added a proper description of the login errors

TL-17058MDL-60535: Improved style of button when adding questions from a question bank to a quiz

TL-17059MDL-60162: Fixed an error when downloading quiz attempts reports

TL-17065MDL-60360: Improved the help text for the search indicating that changes to the Solr setting requires a full re-index

TL-17067MDL-59606: Fixed edge cases in the Quiz reports

TL-17068MDL-60377: Made sure text returned by web services is formatted correctly

TL-17069MDL-52037: Background of the tooltip for embedded question answer is now the correct size

TL-17071MDL-60522: Fixed duplicate tooltips in notifications and messages popovers

TL-17074MDL-60607: Fixed message displayed when viewing quiz attempts using separate groups setting

This issue occurs when a trainer who is not part of a group is viewing quiz attempts and the "Group Mode" setting is set to "Separate groups". A message was showing "No students enrolled in this course yet", now the message shown is "Sorry, but you need to be part of a group to see this activity". Being part of a group is an existing requirement when separate groups is set.
TL-17076MDL-60007: Corrected LTI so delete action without a content type is considered valid.

A DELETE operation does not contain any data in the body, and so should not need to have a Content-Type header as no data is sent. However the current LTI Service routing stack will consider a non GET incoming request incorrect if it does not contain a Content-Type. This patch corrects this behaviour.
TL-17077MDL-53501: Fixed get_site_info in Webservices failing if usermaxuploadfilesize setting overflows PARAM_INT

TL-17080MDL-51945: Fixed update_users web service to stop duplicate emails being sent

When updating users using the core_user_update_users webservice duplicate emails for users were being allowed no matter what the "Allow accounts with same email" setting was set to. After this change duplicate emails are only allowed if this setting is turned on.
TL-17081MDL-58047: Fixed an issue where sort by last modified (submission) was not sorting as expected in grading of assignments

TL-17082MDL-60437: Fixed multilingual HTML block title

TL-17083MDL-59858: After closing a modal factory modal, focus goes back to the element that triggered it.

TL-17084MDL-60424: Updated the web services upload to allow cross-origin requests (CORS)

TL-17085MDL-60671: Switched cron output to use mtrace() function

TL-17086MDL-57772: Chat beep doesn't make an audible sound

TL-17087MDL-60717: Minor language string improvements in LDAP authentication method

TL-17088MDL-60733: Fixed an issue with google_oauth which led to a broken Picasa repository

TL-17089MDL-58699: Improved the security of the quiz module while using browser security settings

When the "Browser Security" setting is set to "Full screen pop-up with some JavaScript security", the "Attempt quiz" button is no longer visible if a user has JavaScript disabled.
TL-17092MDL-60615: Fixed course restore in IMSCC format

TL-17093MDL-60550: Added more restrictions in keyword user searches

TL-17094MDL-52838: Fixed an undefined variable warning and improved form validation in the Workshop module assessment form

TL-17095MDL-60749: Fixed display issue when exporting SCORM interaction report

When downloading a SCORM interaction report " " is shown instead of empty string when there is no value.
TL-17096MDL-60771: Typecasted scorm score to an integer to avoid debugging error in scorm reports

TL-17326MDL-60436: Improved the performance of block loading

TL-17335MDL-61269: Set composer license to GPL-3.0-or-later

TL-17337MDL-61392: Improved the IPN notifications handling in Paypal enrollment plugin

Contributions:
James Voong from Catalyst - TL-17357
Martin Sandberg at Xtractor - TL-17264

Release 9.19 (19th April 2018):

Improvements:
TL-10295Added link validation for report builder rb_display functions

In some cases if a param value in rb_display function is empty the function returns the HTML link with empty text which breaks a page's accessibility.
TL-16582Updated language contextual help strings to use terminology consistent with the rest of Totara

This change updates the contextual help information displayed against form labels. For example this includes references to System roles, such as student and teacher, have been replaced with learner and trainer.

In addition, HTML mark-up has been removed in the affected strings and replaced with Markdown.
TL-17170Included hidden items while updating the sort order of Programs and Certifications

TL-17268Upgraded Node.js requirements to v8 LTS

TL-17280Improved compatibility for browsers with disabled HTTP referrers

TL-17321Added visibility checks to the Program deletion page

Previously the deletion of hidden programs was being stopped by an exception in the deletion code, we've fixed the exception and added an explicit check to only allow deletion of programs the user can see. If you have users or roles with the totara/program:deleteprogram capability you might want to consider allowing totara/program:viewhiddenprograms as well.
TL-17352PHPUnit and Behat do not show composer suggestions any more to minimise developer confusion

TL-17384composer.json now includes PHP version and extension requirements

Bug fixes:
TL-14364Disabled the option to issue a certificate based on the time spent on the course when tracking data is not available

The certificate activity has an option which requires a certain amount of time to be spent on a course to receive a certificate. This time is calculated on user actions recorded in the standard log. When the standard log is disabled, the legacy log will be used instead. If both logs are disabled, the option will also be disabled.

Please note, if the logs are disabled, and then re-enabled, user actions in the time the logs were disabled will not be recorded. Consequently, actions in this period will not be counted towards time spent on the course.
TL-16122Added the 'Enrolments displayed on course page' setting for the Seminar direct enrolment plugin and method

Previously the amount of enrolments on the course page was controlled by the 'Events displayed on course page' course setting. Now there are two new settings, one is under "Site administration > Plugins > Enrolments > Seminar direct enrolment plugin" where the admin can set a default value for all courses with the Seminar direct enrolment method. The other is under the Course seminar direct enrolment method where the admin can set a different value. The available options are "All(default), 2, 4, 8, 16" for both settings.
TL-16724Fixed an error while backing up a course containing a deleted glossary

This error occurred while attempting to backup a course that contained a URL pointing to a glossary activity that had been deleted in the course description. Deleted glossary items are now skipped during the backup process.
TL-16821Removed an error that was stopping redisplay questions in Appraisals from displaying the same question twice

TL-16898Fixed the seminar booking email with iCal invitation not containing the booking text in some email clients.

Some email clients only display the iCal invitation and do not show the email text if the email contains a valid iCal invitation. To handle this the iCal description will now include the booking email text as well as Seminar and Seminar session description.
TL-16926Limited the maximum number of selected users in the Report builder job assignment filter

Added 'selectionlimit' option to manager field filters, also introduced "$CFG->totara_reportbuilder_filter_selected_managers_limit" to limit the number of selected managers in the report builder job assignment filter dialog. The default value is 25, to make it unlimited, set it to 0.

This patch also removed the equals and not-equals options from the job assignment filter when multiple job assignments are not enabled.
TL-17254Fixed a custom field error for appraisals when goal review question was set up with "Multiple fields" option

TL-17267Fixed the resetting of the 'Automatically cancel reservations' checkbox when updating a Seminar

TL-17358Fixed notification preference override during Totara Connect sync

Changes made to a user's notification preferences on a Totara Connect client site will no longer be overridden during sync.
TL-17386Fixed the syncing of the suspended flag in Totara Connect

When users are synced between a Totara Connect server and client, a user's suspended flag is only changed on the client when a previously deleted/suspended user is restored on the server and then re-synced to the client with the "auth_connect/removeuser" configuration setting set to "Suspend internal user"
TL-17392Fixed the seminar events report visibility records when Audience-based visibility is enabled

When a course had audience-based visibility enabled and the course visibility was set to anything other than "All users", the seminar events report was still displaying the course to users even when they didn't match the visibility criteria. This has been corrected.
TL-17415Stopped updating calendar entries for cancelled events when updating the seminar information

Previously the system re-created the site, course, and user calendar entries when updating seminar information. This patch added validation to calendar updates for cancelled events.

Release 2.9.31 (19th April 2018):

Improvements:
TL-16582Updated language contextual help strings to use terminology consistent with the rest of Totara

This change updates the contextual help information displayed against form labels. For example this includes references to System roles, such as student and teacher, have been replaced with learner and trainer.

In addition, HTML mark-up has been removed in the affected strings and replaced with Markdown.
TL-17170Included hidden items while updating the sort order of Programs and Certifications

TL-17268Upgraded Node.js requirements to v8 LTS

TL-17280Improved compatibility for browsers with disabled HTTP referrers

TL-17321Added visibility checks to the Program deletion page

Previously the deletion of hidden programs was being stopped by an exception in the deletion code, we've fixed the exception and added an explicit check to only allow deletion of programs the user can see. If you have users or roles with the totara/program:deleteprogram capability you might want to consider allowing totara/program:viewhiddenprograms as well.
TL-17352PHPUnit and Behat do not show composer suggestions any more to minimise developer confusion

TL-17384composer.json now includes PHP version and extension requirements

Bug fixes:
TL-14364Disabled the option to issue a certificate based on the time spent on the course when tracking data is not available

The certificate activity has an option which requires a certain amount of time to be spent on a course to receive a certificate. This time is calculated on user actions recorded in the standard log. When the standard log is disabled, the legacy log will be used instead. If both logs are disabled, the option will also be disabled.

Please note, if the logs are disabled, and then re-enabled, user actions in the time the logs were disabled will not be recorded. Consequently, actions in this period will not be counted towards time spent on the course.
TL-16724Fixed an error while backing up a course containing a deleted glossary

This error occurred while attempting to backup a course that contained a URL pointing to a glossary activity that had been deleted in the course description. Deleted glossary items are now skipped during the backup process.

Release 2.7.39 (19th April 2018):

Improvements:
TL-17268Upgraded Node.js requirements to v8 LTS

TL-17280Improved compatibility for browsers with disabled HTTP referrers

TL-17321Added visibility checks to the Program deletion page

Previously the deletion of hidden programs was being stopped by an exception in the deletion code, we've fixed the exception and added an explicit check to only allow deletion of programs the user can see. If you have users or roles with the totara/program:deleteprogram capability you might want to consider allowing totara/program:viewhiddenprograms as well.
TL-17352PHPUnit and Behat do not show composer suggestions any more to minimise developer confusion

TL-17384composer.json now includes PHP version and extension requirements

Release 2.6.56 (19th April 2018):

Improvements:
TL-17268Upgraded Node.js requirements to v8 LTS

TL-17321Added visibility checks to the Program deletion page

Previously the deletion of hidden programs was being stopped by an exception in the deletion code, we've fixed the exception and added an explicit check to only allow deletion of programs the user can see. If you have users or roles with the totara/program:deleteprogram capability you might want to consider allowing totara/program:viewhiddenprograms as well.
TL-17352PHPUnit and Behat do not show composer suggestions any more to minimise developer confusion

TL-17384composer.json now includes PHP version and extension requirements

Release 2.5.63 (19th April 2018):

Improvements:
TL-17268Upgraded Node.js requirements to v8 LTS

TL-17321Added visibility checks to the Program deletion page

Previously the deletion of hidden programs was being stopped by an exception in the deletion code, we've fixed the exception and added an explicit check to only allow deletion of programs the user can see. If you have users or roles with the totara/program:deleteprogram capability you might want to consider allowing totara/program:viewhiddenprograms as well.
TL-17352PHPUnit and Behat do not show composer suggestions any more to minimise developer confusion

TL-17384composer.json now includes PHP version and extension requirements

Release 2.4.62 (19th April 2018):

Improvements:
TL-17384composer.json now includes PHP version and extension requirements

Release 2.2.66 (19th April 2018):

Improvements:
TL-17384composer.json now includes PHP version and extension requirements

Bug fixes:
TL-17274Fixed the handling of default values for PostgreSQL version 9.5 and higher

PostgreSQL 9.5 and higher handles the default value a bit differently and uses the 'x':integer notation for the values. This is now reflected and it is now compatible for older PostgreSQL versions as well with the newer ones.
David Curry (Core Developer)
Re: Totara Learn Evergreen-20180419, 11.2, 10.8, 9.19, 2.9.31, 2.7.39, 2.6.56, 2.5.63, 2.4.62, and 2.2.66
par David Curry (Core Developer), Thursday 19 April 2018, 13:44
Groupe Totara

Hey Everyone,

The evergreen changelogs for yesterdays release didn't get included in the post above, they are included below.

Cheers,
David


Release Evergreen (19th April 2018):

Key:           + Evergreen only

Important:

    TL-17097       Merged patches from Moodle releases 3.2.6, 3.2.7, and 3.2.8

Improvements:

    TL-4186    +   Improved the calculation and display of Program and Certification progress

                   The calculation of a user's progress towards completion of a program or
                   certification has been improved to take progress of all involved courses
                   into consideration. This progress is now displayed as a true percentage in
                   a progress bar.

    TL-10295       Added link validation for report builder rb_display functions

                   In some cases if a param value in rb_display function is empty the function
                   returns the HTML link with empty text which breaks a page's accessibility.

    TL-14282       Imported ADOdb library v5.20.12
    TL-15739       Imported HTMLPurifier library v4.10.0
    TL-16171   +   Improved the warning notification in the Assignments module

                   When grading and viewing an assignment, the CSS classes alert and
                   alert-error were being used. These have been removed in favour of adding a
                   warning icon before the message.

    TL-16255       Added a "readonly" state to the Totara reserved custom fields to prevent users from changing the pre-existing seminar custom fields  
    TL-16327       Implemented user data items for Report Builder

                   Added items that allow exporting and purging of user-made saved searches
                   (private and public), scheduled reports, and their participation in global
                   report restriction.

    TL-16332       Implemented user data items for Audience memberships

                   Items for exporting and purging a user's audience membership has been
                   added. This is split into two items: Set audience membership and dynamic
                   audience membership.

    TL-16334       Implemented user data items for component and plugin user preference data

                   It is now possible to export and purge user preference data being used by
                   all parts of the system.
                   These preferences store a range of information, all pertaining to the user,
                   and the state of things that they have interacted with on the site, or the
                   decisions that they have made.
                   Some examples are:
                   * What user tours the user has completed, and when.
                   * The admin bookmarks that they have saved.
                   * Their preferences for the course overview block.
                   * Whether they have docked the admin and navigation blocks.
                   * Their preferred display mode for forums.
                   * What regions within a workshop activity they have collapsed.

    TL-16345       Implemented user data item for event monitor subscriptions

                   Implemented user data item for event monitor subscriptions to allow the
                   exporting and purging of user data kept in relation to event monitoring.

    TL-16346       Implemented user data items for Feedback360

                   Feedback360 has two user data items, both implementing export and purge:
                   * The user assignments item, this covers all of a user's assignments to a
                   Feedback360 and all responses to their requests.
                   * The response assignments item, this covers all of a user's responses to
                   other user's Feedback360 requests.
                   
                   It is worth noting that self evaluation responses will be included in both
                   user data items.

    TL-16349       Implemented user data items for Learning Plans and Evidence

                   This allows user data for Learning Plans and Evidence items to be purged
                   and exported.

    TL-16350       Implemented user data items for Appraisals

                   Added five user data items:
                    * "Appraisals" - purge all appraisal data where the user is a learner
                    * "As the learner, excluding hidden answers from other roles" - export all
                   appraisal content that the user can see as a learner
                    * "As the learner, including hidden answers from other roles" - export all
                   appraisal content, including all answers from other roles, regardless of
                   visibility settings, where the user is the learner
                    * "Participation in other users' appraisals" - export all other users'
                   appraisals that the user is currently participating in
                    * "Participation history" - export the history of participation in other
                   users' appraisals

    TL-16357       Implemented user data item for LTI submissions
    TL-16360       Implemented user data item for glossary entries, comments and ratings
    TL-16365       Implemented user data items for the Wiki module

                   The following user data items have been introduced:
                    * Individual wiki as a whole.
                    * Collaborative wiki files export files uploaded by the user to the
                   collaborative wiki.
                    * Collaborative wiki comments exports\purges user's comments for
                   collaborative wiki pages.
                    * Collaborative wiki versions exports collaborative wiki page versions
                   submitted by the user.

    TL-16367       Implemented user data items for standard and legacy logs
    TL-16582       Updated language contextual help strings to use terminology consistent with the rest of Totara

                   This change updates the contextual help information displayed against form
                   labels. For example this includes references to System roles, such as
                   student and teacher, have been replaced with learner and trainer.
                   
                   In addition, HTML mark-up has been removed in the affected strings and
                   replaced with Markdown.

    TL-16736       Implemented user data items for course enrolments

                   Added two user data items that allow exporting and purging:
                   * An item for course enrolment data.
                   * An item for pending enrolments that belong to the Flat file enrolment
                   plugin.

    TL-16739       Implemented user data items for program and certification completion

                   This includes exporting and purging of program and certification
                   assignments, completion records (including completion history and logs). It
                   also includes exceptions, program extensions and the log of program
                   messages sent to the user.
                   
                   Users are unassigned from any program or certification regardless of the
                   assignment type. If users were assigned via audience, position or
                   organisation it's possible that they will be reassigned automatically as
                   soon as the next scheduled task for dynamic user assignment is triggered.

    TL-16775       Implemented user data item for RSS client
    TL-16777       Implemented user data item for the Featured links block
    TL-16840       Implemented user data item for user data export requests
    TL-16848       Renamed the "Site policies" side menu item in the "Security" section

                   The Security > "Site policies" side menu item has been renamed to "Security
                   settings" to avoid confusion with the new "Site policies" item when GDPR
                   site policies are enabled.

    TL-16877       Implemented user data items for comments and HTML blocks

                   Now it is possible to purge, export and audit the data stored in the
                   comments and HTML blocks.
                   
                   In case of the comments block item, all comments made by users in all
                   created comment blocks are purged or exported. This affects the front page,
                   personal dashboards and courses.
                   
                   In case of the HTML block item, all blocks created by the users in their
                   personal dashboards are purged and exported. HTML blocks in other contexts
                   (front page, courses) are not affected as they are related to the course or
                   the site and not personal to the user.

    TL-16936       Implemented user data item for Competency progress

                   The competency progress item is specifically for the comp_criteria_record
                   table; other competency tables are handled by the competency status item.

    TL-17024       Added detection of pending upgrades to admin settings related pages
    TL-17137       The site policy user consent report now appears in the settings block

                   A user consent report exists for the new site policy tool, however it was
                   never linked to from the current navigation. This user consent report is
                   now linked to from the Settings block, you can find it by navigating to
                   Security > Site policies > User consent report.

    TL-17170       Included hidden items while updating the sort order of Programs and Certifications
    TL-17227       Implemented user data item for role assignments
    TL-17261   +   Multiple improvements in the authentication plugins

                   * Authentication plugins are now required to use new settings.php for
                   plugin configuration.
                   * CLI sync scripts were converted to scheduled tasks.
                   * External Database authentication supports PDO.
                   * Shibboleth user may change their passwords.

    TL-17268       Upgraded Node.js requirements to v8 LTS
    TL-17280       Improved compatibility for browsers with disabled HTTP referrers
    TL-17352       PHPUnit and Behat do not show composer suggestions any more to minimise developer confusion
    TL-17354       Ordered all user data item groups alphabetically
    TL-17357       Unsupported symlinks are now ignored in phpunit tests
    TL-17362       Implemented user data item for portfolios

                   Implemented user data elements for portfolios. This allows the exporting
                   and purging of user data kept in relation to exporting of data to
                   portfolios.

    TL-17373       Implemented user data item for external blogs

                   This user data items takes care of the exporting and purging of external
                   blogs. It includes all external blogs created by the user, including tags
                   assigned to it, all synced posts, and all comments made on the blogs.

    TL-17374       Implemented user data item for Course requests
    TL-17378       Implemented user data item for the transaction information of the PayPal enrolment plugin

                   When the user enrols via PayPal the transaction details are sent to the IPN
                   endpoint in Totara which records the information in the enrol_paypal
                   table. The user data item takes care of purging, exporting and counting
                   this transaction information.

    TL-17384       composer.json now includes PHP version and extension requirements
    TL-17390       Enabled the "Force users to log in to view user pictures" setting by default for new installations to improve privacy
    TL-17403       Removed calls to deprecated table() and cellpadding() functions within forum ratings and external blogs

Bug fixes:

    TL-14364       Disabled the option to issue a certificate based on the time spent on the course when tracking data is not available

                   The certificate activity has an option which requires a certain amount of
                   time to be spent on a course to receive a certificate. This time is
                   calculated on user actions recorded in the standard log. When the standard
                   log is disabled, the legacy log will be used instead. If both logs are
                   disabled, the option will also be disabled.
                   
                   Please note, if the logs are disabled, and then re-enabled, user actions in
                   the time the logs were disabled will not be recorded. Consequently, actions
                   in this period will not be counted towards time spent on the course.

    TL-16122       Added the 'Enrolments displayed on course page' setting for the Seminar direct enrolment plugin and method

                   Previously the amount of enrolments on the course page was controlled by
                   the 'Events displayed on course page' course setting. Now there are two new
                   settings, one is under "Site administration > Plugins > Enrolments >
                   Seminar direct enrolment plugin" where the admin can set a default value
                   for all courses with the Seminar direct enrolment method. The other is
                   under the Course seminar direct enrolment method where the admin can set a
                   different value. The available options are "All(default), 2, 4, 8, 16" for
                   both settings.

    TL-16461       Fixed the date offset being applied to user completion dates when restoring a course
    TL-16724       Fixed an error while backing up a course containing a deleted glossary

                   This error occurred while attempting to backup a course that contained a
                   URL pointing to a glossary activity that had been deleted in the course
                   description. Deleted glossary items are now skipped during the backup
                   process.

    TL-16821       Removed an error that was stopping redisplay questions in Appraisals from displaying the same question twice
    TL-16839       Ensured that the names of deleted users are not shown in forum ratings
    TL-16853       Fixed bug in DomPDF when using a css file without a @page tag
    TL-16894       Fixed HR import ignoring the default user email preferences when creating new users
    TL-16898       Fixed the seminar booking email with iCal invitation not containing the booking text in some email clients.

                   Some email clients only display the iCal invitation and do not show the
                   email text if the email contains a valid iCal invitation. To handle this
                   the iCal description will now include the booking email text as well as
                   Seminar and Seminar session description.

    TL-16926       Limited the maximum number of selected users in the Report builder job assignment filter

                   Added 'selectionlimit' option to manager field filters, also introduced
                   "$CFG->totara_reportbuilder_filter_selected_managers_limit" to limit the
                   number of selected managers in the report builder job assignment filter
                   dialog. The default value is 25, to make it unlimited, set it to 0.
                   
                   This patch also removed the equals and not-equals options from the job
                   assignment filter when multiple job assignments are not enabled.

    TL-17131       Fixed the user's appraisal snapshots not being deleted when the user is deleted

                   Previously, when an appraisal belonging to a user was deleted (such as when
                   the user was deleted), any related snapshots that had been generated were
                   inadvertently being kept. While these orphaned snapshots could not be
                   accessed through the Totara front end, they could still potentially be
                   accessed through the server's file system.
                   
                   This patch ensures that appraisal snapshots are deleted when the appraisals
                   they belong to are deleted. During upgrade, it also deletes all appraisal
                   snapshots which belong to user appraisal assignments which no longer exist.

    TL-17151       Fixed the positioning of filters and search options in the dropdown selector on the Report builder edit filters page

                   When a filter option or search column was added in an embedded report, and
                   then removed by clicking the delete button, it was not being added back
                   into the right heading within the selectbox. Instead it was added at the
                   end of the selectbox with an untranslated key as a heading, it is now
                   placed back at the end of the correct heading.

    TL-17167       Fixed the 'show blank date records' filter option remaining selected after clearing search in reports
    TL-17226       Ensure that menu items are correctly being marked as selected in the Totara menu

                   Totara menu items are not always being identified as selected when the URL
                   contains query strings. This change insures that they are by comparing
                   against the full URL.

    TL-17231       Fixed the display of RPL course completion data after being restored from the recycle bin

                   Added cache cleaning into the course completion restore step to reflect
                   database changes that were not displayed immediately after course
                   restoration.

    TL-17235       Changed the cancellation string when cancelling a Seminar session to be consistent with other occurrences
    TL-17254       Fixed a custom field error for appraisals when goal review question was set up with "Multiple fields" option
    TL-17264       Stopped a mustache template escaping Identity Providers (IDP) URLs

                   Identity Provider URLs that contained query strings were not linking
                   correctly as html entities were being introduced. Removing the escaping
                   within the mustache template fixes this.

    TL-17267       Fixed the resetting of the 'Automatically cancel reservations' checkbox when updating a Seminar
    TL-17295       Re-implemented the toggle class 'collapsed' functionality for site admin navigation
    TL-17344       Added missing closing dl tag when auditing a user's data
    TL-17351       Removed unwanted line breaks in the manage repositories table
    TL-17358       Fixed notification preference override during Totara Connect sync

                   Changes made to a user's notification preferences on a Totara Connect
                   client site will no longer be overridden during sync.

    TL-17366       Cleaned up several small bugs within the site policy tool

                   Several small bugs and coding style cleanups have been made within the site
                   policy tool. None of these affect the behaviour of the tool, but they will
                   remove a few harmless notices when working with custom translations.

    TL-17386       Fixed the syncing of the suspended flag in Totara Connect

                   When users are synced between a Totara Connect server and client, a user's
                   suspended flag is only changed on the client when a previously
                   deleted/suspended user is restored on the server and then re-synced to the
                   client with the "auth_connect/removeuser" configuration setting set to
                   "Suspend internal user"

    TL-17392       Fixed the seminar events report visibility records when Audience-based visibility is enabled

                   When a course had audience-based visibility enabled and the course
                   visibility was set to anything other than "All users", the seminar events
                   report was still displaying the course to users even when they didn't match
                   the visibility criteria. This has been corrected.

    TL-17406       Fixed the site policy page being displayed if the admin was logged in as a learner

                   Previously if "Site policy" was enabled, the admin user could log in as a
                   learner and be able to consent to the policy instead of the actual user.
                   This patch will stop the display of the site policy page if the admin user
                   logs in as a learner.

    TL-17407       Fixed the message bar disappearing for the admin user when site policy is enabled
    TL-17415       Stopped updating calendar entries for cancelled events when updating the seminar information

                   Previously the system re-created the site, course, and user calendar
                   entries when updating seminar information. This patch added validation to
                   calendar updates for cancelled events.


API changes:

    TL-17347   +   Code related to previously disabled $CFG->loginhttps setting was removed and public API was deprecated
    TL-17372   +   Deprecated footer navigation in the Basis theme

                   The footer menu no longer shows when using Basis as your theme (and themes
                   that include "theme/basis/layout/partials/footer.php"). The functionality
                   that provides this has been deprecated and will be removed in a future
                   version of Totara. 
                   
                   If you would like to keep this functionality beyond Totara 12, we recommend
                   you copy the following files into a custom theme that inherits Basis:
                    * theme/basis/templates/page_footer_nav.mustache
                    * theme/basis/classes/renderer.php (2 functions that have been
                   deprecated)
                    * theme/basis/classes/output/page_footer_nav.php
                    * theme/basis/less/totara/page-footer.less


Miscellaneous Moodle fixes:

    TL-16994       MDL-55849: Fixed an issue where reopening a group assignment was creating additional attempts for each group member
    TL-16995       MDL-35849: Added "alert" role HTML attribute to the log in errors

                   This allows screen readers to identify when a user has not logged in
                   correctly

    TL-16996       MDL-60025: Fixed editing a book's chapter did not update timemodified returned by core_course_get_contents
    TL-16997       MDL-59808: Fixed REST simpleserver ignoring the moodlewsrestformat parameter
    TL-16999       MDL-59867: Removed a chance of autocomplete fields using duplicate IDs

                   When there were multiple uses of autocomplete fields, there was a chance
                   that the generated HTML ids were not unique.

    TL-17000       MDL-59399: Advanced settings when adding media to an assignment submission works as expected
    TL-17002       MDL-59929: Improved usability when duplicate email entered during user registration
    TL-17003       MDL-60039: Fixed messaging search areas using 'timecreated' instead of 'timeread' to index search
    TL-17006       MDL-37810: Made sure all roles are displayed in profile and courses if a user has moodle/role:assign capability

                   Users with 'moodle/role:assign' capability now see all roles in user
                   profiles, course participants list and Auto-create group.

    TL-17007       MDL-52131: Made sure question manual comment is respecting comment format in Plain text area editor
    TL-17008       MDL-60105: Fixed global search fatal error when a file in Folder activity is renamed
    TL-17009       MDL-60018: Fixed chatmethod field type in get_chats_by_courses() web services method
    TL-17012       MDL-60167: Fixed hubs registration issues
    TL-17013       MDL-54540: Added allowfullscreen attribute to LTI iFrames to ensure the full screen can be used

                   This change adds attributes to the LTI iframe allowing the content to be
                   viewed in full screen.

    TL-17015       MDL-60121: Fixed enrol plugin backup
    TL-17017       MDL-59645: Fixed Flickr integration
    TL-17019       MDL-59931: Fixed incorrect pagination on Quiz grades results report
    TL-17023       MDL-58790: Replaced a hard coded heading with a language string when editing a quiz
    TL-17025       MDL-60198: Added missing MOODLE_INTERNAL checks in the external functions
    TL-17027       MDL-57228: Fixed error when adding a questions to a quiz with section headings 

                   When adding questions to a quiz that has section headings a unique key
                   violation can cause an error to occur if you have a section with a single
                   question in it.

    TL-17028       MDL-60317: Fixed errors in quiz attempts reports
    TL-17030       MDL-60346: Fixed an issue where Solr connection ignored proxy settings
    TL-17032       MDL-60276: Fixed LTI content item so it correctly populates the tool URL when using https
    TL-17033       MDL-60357: Fixed an issue where future modified times of the documents caused search indexing problems
    TL-17034       MDL-59854: Fixed creation of the duplicate forum subscriptions due to the database query race conditions
    TL-17037       MDL-60335: Fixed encoding of non-ASCII site names in blocked hosts
    TL-17038       MDL-60247: Fixed an issue where multilang was not displayed correctly in Random glossary and in HTML block titles
    TL-17040       MDL-60182: Improved location of print icon in glossary in RTL languages
    TL-17041       MDL-60233: Added the use of the s() function to ensure Assignment module web services warnings adhere to the param type PARAM_TEXT
    TL-17042       MDL-58915: Fixed an issue where Solr connection was blocked by cURL restrictions
    TL-17043       MDL-60449: Various language strings improvements in courses and administration
    TL-17044       MDL-60314: Fixed an issue with variable being overridden causing capability not found errors
    TL-17046       MDL-60123: Fixed an issue where assignment grading annotations could not be deselected
    TL-17048       MDL-52653: Fixed increment number of attempts for SCORM 2004 activity

                   Added tracking of 'cmi.completion_status' element that is sent by SCORM
                   2004 activities.

    TL-17050       MDL-60489: Content height changes when using the modal library are now smooth transitions
    TL-17053       MDL-36580: Added encryption of secrets in backup and restore functionality

                   LTI (external tool) activity secret and key are encrypted during backup and
                   decrypted during restore using aes-256-cbc encryption algorithm.
                   Encryption key is stored in the site configuration so backup made with
                   encryption will be restored with lti key and secret on the same site, and
                   without these values on different site.

    TL-17054       MDL-60538: Added new language string in the Lesson module displayed on the final wrong answer
    TL-17055       MDL-60571: Styled "Save and go to next page" as a primary button when manually grading quiz questions
    TL-17057       MDL-51892: Added a proper description of the login errors
    TL-17058       MDL-60535: Improved style of button when adding questions from a question bank to a quiz
    TL-17059       MDL-60162: Fixed an error when downloading quiz attempts reports
    TL-17065       MDL-60360: Improved the help text for the search indicating that changes to the Solr setting requires a full re-index
    TL-17067       MDL-59606: Fixed edge cases in the Quiz reports
    TL-17068       MDL-60377: Made sure text returned by web services is formatted correctly
    TL-17069       MDL-52037: Background of the tooltip for embedded question answer is now the correct size
    TL-17071       MDL-60522: Fixed duplicate tooltips in notifications and messages popovers
    TL-17074       MDL-60607: Fixed message displayed when viewing quiz attempts using separate groups setting

                   This issue occurs when a trainer who is not part of a group is viewing quiz
                   attempts and the "Group Mode" setting is set to "Separate groups". A
                   message was showing "No students enrolled in this course yet", now the
                   message shown is "Sorry, but you need to be part of a group to see this
                   activity". Being part of a group is an existing requirement when separate
                   groups is set.

    TL-17076       MDL-60007: Corrected LTI so delete action without a content type is considered valid.

                   A DELETE operation does not contain any data in the body, and so should not
                   need to have a Content-Type header as no data is sent. However the current
                   LTI Service routing stack will consider a non GET incoming request
                   incorrect if it does not contain a Content-Type. This patch corrects this
                   behaviour.

    TL-17077       MDL-53501: Fixed get_site_info in Webservices failing if usermaxuploadfilesize setting overflows PARAM_INT
    TL-17080       MDL-51945: Fixed update_users web service to stop duplicate emails being sent

                   When updating users using the core_user_update_users webservice duplicate
                   emails for users were being allowed no matter what the "Allow accounts with
                   same email" setting was set to. After this change duplicate emails are only
                   allowed if this setting is turned on.

    TL-17081       MDL-58047: Fixed an issue where sort by last modified (submission) was not sorting as expected in grading of assignments
    TL-17082       MDL-60437: Fixed multilingual HTML block title
    TL-17083       MDL-59858: After closing a modal factory modal, focus goes back to the element that triggered it.
    TL-17084       MDL-60424: Updated the web services upload to allow cross-origin requests (CORS)
    TL-17085       MDL-60671: Switched cron output to use mtrace() function
    TL-17086       MDL-57772: Chat beep doesn't make an audible sound
    TL-17087       MDL-60717: Minor language string improvements in LDAP authentication method
    TL-17088       MDL-60733: Fixed an issue with google_oauth which led to a broken Picasa repository
    TL-17089       MDL-58699: Improved the security of the quiz module while using browser security settings

                   When the "Browser Security" setting is set to "Full screen pop-up with some
                   JavaScript security", the "Attempt quiz" button is no longer visible if a
                   user has JavaScript disabled.

    TL-17092       MDL-60615: Fixed course restore in IMSCC format
    TL-17093       MDL-60550: Added more restrictions in keyword user searches
    TL-17094       MDL-52838: Fixed an undefined variable warning and improved form validation in the Workshop module assessment form
    TL-17095       MDL-60749: Fixed display issue when exporting SCORM interaction report

                   When downloading a SCORM interaction report " " is shown instead of
                   empty string when there is no value.

    TL-17096       MDL-60771: Typecasted scorm score to an integer to avoid debugging error in scorm reports
    TL-17326       MDL-60436: Improved the performance of block loading
    TL-17335       MDL-61269: Set composer license to GPL-3.0-or-later
    TL-17337       MDL-61392: Improved the IPN notifications handling in Paypal enrollment plugin

Contributions:

    * Andrew Davidson at Synergy Learning - TL-17344
    * James Voong from Catalyst - TL-17357
    * Martin Sandberg at Xtractor - TL-17264