chamilo-lms/main/admin/access_urls.php

<?php
/* For licensing terms, see /license.txt */
/**
*	@package chamilo.admin
*	@author Julio Montoya <gugli100@gmail.com>
*/

// name of the language file that needs to be included
$language_file = 'admin';
$cidReset = true;
require_once '../inc/global.inc.php';
require_once api_get_path(LIBRARY_PATH).'sortabletable.class.php';
$this_section = SECTION_PLATFORM_ADMIN;

//api_protect_admin_script();
api_protect_global_admin_script();

if (!$_configuration['multiple_access_urls']) {
	header('Location: index.php');
	exit;
}

$interbreadcrumb[] = array ("url" => 'index.php', 'name' => get_lang('PlatformAdmin'));
$tool_name = get_lang('MultipleAccessURLs');
Display :: display_header($tool_name);

require_once api_get_path(LIBRARY_PATH).'sortabletable.class.php';
require_once api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php';
require_once api_get_path(LIBRARY_PATH).'security.lib.php';
require_once api_get_path(LIBRARY_PATH).'urlmanager.lib.php';

$my_user_url_list = api_get_access_url_from_user(api_get_user_id());
$current_access_url_id = api_get_current_access_url_id();
$url_list = UrlManager::get_url_data();

// Actions
if (isset ($_GET['action'])) {
	if ($_GET['action'] == 'show_message')
		Display :: display_normal_message(Security::remove_XSS(stripslashes($_GET['message'])));

	$check = Security::check_token('get');
	if ($check) {
		$url_id=Database::escape_string($_GET['url_id']);

		switch ($_GET['action']) {
			case 'delete_url' :
				$result = UrlManager::delete($url_id);
				if ($result) {
					Display :: display_normal_message(get_lang('URLDeleted'));
				} else {
					Display :: display_error_message(get_lang('CannotDeleteURL'));
				}
				break;
			case 'lock' :
				UrlManager::set_url_status('lock',$url_id);
				Display :: display_normal_message(get_lang('URLInactive'));
				break;
			case 'unlock';
				UrlManager::set_url_status('unlock',$url_id);
				Display :: display_normal_message(get_lang('URLActive'));
				break;
			case 'register';
				// we are going to register the admin
				if(api_is_platform_admin()) {
					if($current_access_url_id!=-1) {
						$url_str = '';
						foreach($url_list as $my_url) {
							if (!in_array($my_url['id'],$my_user_url_list)){
								UrlManager::add_user_to_url(api_get_user_id(),$my_url['id']);
									$url_str.=$my_url['url'].' <br />';
							}
						}
						Display :: display_normal_message(get_lang('AdminUserRegisteredToThisURL').': '.$url_str.'<br />',false);
					}
				}
				break;
			}

		}
		Security::clear_token();
}

$parameters['sec_token'] = Security::get_token();

// checking if the admin is registered in all sites

$url_string='';
$my_user_url_list = api_get_access_url_from_user(api_get_user_id());
foreach($url_list as $my_url) {
	if (!in_array($my_url['id'],$my_user_url_list)){
		$url_string.=$my_url['url'].' <br />';
	}
}
if(!empty($url_string)) {
	Display :: display_warning_message(get_lang('AdminShouldBeRegisterInSite').'<br />'.$url_string,false);
}

// checking the current installation
if ($current_access_url_id==-1) {
	Display :: display_warning_message(get_lang('URLNotConfiguredPleaseChangedTo').': '.api_get_path(WEB_PATH));
} elseif(api_is_platform_admin()) {
	$quant= UrlManager::relation_url_user_exist(api_get_user_id(),$current_access_url_id);
	if ($quant==0) {
		Display :: display_warning_message('<a href="'.api_get_self().'?action=register&sec_token='.$parameters['sec_token'].'">'.get_lang('ClickToRegisterAdmin').'</a>',false);
	}
}

// action menu
echo '<div class="actions">';
echo Display::url(Display::return_icon('new_link.png',  get_lang('AddUrl'), array(), 32),          api_get_path(WEB_CODE_PATH).'admin/access_url_edit.php');
echo Display::url(Display::return_icon('user.png',      get_lang('ManageUsers'), array(), 32),     api_get_path(WEB_CODE_PATH).'admin/access_url_edit_users_to_url.php');
echo Display::url(Display::return_icon('course.png',    get_lang('ManageCourses'), array(), 32),   api_get_path(WEB_CODE_PATH).'admin/access_url_edit_courses_to_url.php');
echo Display::url(Display::return_icon('session.png',   get_lang('ManageSessions'), array(), 32),          api_get_path(WEB_CODE_PATH).'admin/access_url_edit_sessions_to_url.php');
echo '</div>';

//$table = new SortableTable('urls', 'url_count_mask', 'get_url_data_mask',2);
$sortable_data = UrlManager::get_url_data();
$urls = array();
foreach($sortable_data as $row)  {
    //title
    $url = Display::url($row['url'], $row['url'], array('target'=>'_blank'));    
    $description = $row['description'];
    
    //Status
    $active = $row['active'];
    if ($active=='1') {
        $action='lock';
        $image='right';
    }
    if ($active=='0') {
        $action='unlock';
        $image='wrong';
    }
    // you cannot lock the default
    if ($row['id']=='1') {
        $status = Display::return_icon($image.'.gif', get_lang(ucfirst($action)));
    } else {
        $status = '<a href="access_urls.php?action='.$action.'&amp;url_id='.$row['id'].'&amp;sec_token='.$_SESSION['sec_token'].'">'.Display::return_icon($image.'.gif', get_lang(ucfirst($action))).'</a>';
    }    
    //Actions
    $url_id = $row['id'];
    $actions = '<a href="access_url_edit.php?url_id='.$url_id.'">'.Display::return_icon('edit.png', get_lang('Edit'), array(), 22).'</a>&nbsp;';
    if ($url_id != '1') {
        $actions = '<a href="access_urls.php?action=delete_url&amp;url_id='.$url_id.'&amp;sec_token='.$_SESSION['sec_token'].'" onclick="javascript:if(!confirm('."'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES,$charset))."'".')) return false;">'.Display::return_icon('delete.png', get_lang('Delete'), array(), 22).'</a>';
    }    
    $urls[] = array($url, $description, $status, $actions);
}

$table = new SortableTableFromArrayConfig($urls, 2, 50, 'urls');
$table->set_additional_parameters($parameters);

//$table->set_header(0, '');
$table->set_header(0, get_lang('URL'));
$table->set_header(1, get_lang('Description'));
$table->set_header(2, get_lang('Active'));
$table->set_header(3, get_lang('Modify'), false);
$table->display();

/*		FOOTER	*/
Display :: display_footer();
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 16 years ago			`<?php`
Minor - cleaning code 16 years ago			`/* For licensing terms, see /license.txt */`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 16 years ago			`/**`
Minor - cleaning code 16 years ago			`* @package chamilo.admin`
Cleaning code, adding headers, adding security::remove_XSS 16 years ago			`* @author Julio Montoya <gugli100@gmail.com>`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 16 years ago			`*/`

			`// name of the language file that needs to be included`
			`$language_file = 'admin';`
			`$cidReset = true;`
Minor - cosmetic changes (cleaning header, changing require to require_once) 16 years ago			`require_once '../inc/global.inc.php';`
Feature #272 - Changes that lead loading the file sortabletable.class.php (and the tree of related files) only when it is necessary, on explicit statement require_once. Previously this file loaded on every page, which is waste of computing resource. 16 years ago			`require_once api_get_path(LIBRARY_PATH).'sortabletable.class.php';`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 16 years ago			`$this_section = SECTION_PLATFORM_ADMIN;`

Adding the notion of Global admins. Functions added to main_api: api_is_global_platform_admin() api_protect_global_admin_script(); Blocking the access to the NO global admin users in the multiple URLs configuration See CT#1308 16 years ago			`//api_protect_admin_script();`
			`api_protect_global_admin_script();`

Cleaning code, adding headers, adding security::remove_XSS 16 years ago			`if (!$_configuration['multiple_access_urls']) {`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 16 years ago			`header('Location: index.php');`
Cleaning code, adding headers, adding security::remove_XSS 16 years ago			`exit;`
			`}`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 16 years ago
Cleaning code, adding headers, adding security::remove_XSS 16 years ago			`$interbreadcrumb[] = array ("url" => 'index.php', 'name' => get_lang('PlatformAdmin'));`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 16 years ago			`$tool_name = get_lang('MultipleAccessURLs');`
			`Display :: display_header($tool_name);`

Minor - cleaning code 16 years ago			`require_once api_get_path(LIBRARY_PATH).'sortabletable.class.php';`
			`require_once api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php';`
			`require_once api_get_path(LIBRARY_PATH).'security.lib.php';`
			`require_once api_get_path(LIBRARY_PATH).'urlmanager.lib.php';`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 16 years ago
			`$my_user_url_list = api_get_access_url_from_user(api_get_user_id());`
			`$current_access_url_id = api_get_current_access_url_id();`
			`$url_list = UrlManager::get_url_data();`

			`// Actions`
			`if (isset ($_GET['action'])) {`
			`if ($_GET['action'] == 'show_message')`
			`Display :: display_normal_message(Security::remove_XSS(stripslashes($_GET['message'])));`

			`$check = Security::check_token('get');`
			`if ($check) {`
			`$url_id=Database::escape_string($_GET['url_id']);`

			`switch ($_GET['action']) {`
			`case 'delete_url' :`
			`$result = UrlManager::delete($url_id);`
			`if ($result) {`
			`Display :: display_normal_message(get_lang('URLDeleted'));`
			`} else {`
			`Display :: display_error_message(get_lang('CannotDeleteURL'));`
			`}`
			`break;`
			`case 'lock' :`
			`UrlManager::set_url_status('lock',$url_id);`
			`Display :: display_normal_message(get_lang('URLInactive'));`
			`break;`
			`case 'unlock';`
			`UrlManager::set_url_status('unlock',$url_id);`
			`Display :: display_normal_message(get_lang('URLActive'));`
			`break;`
			`case 'register';`
			`// we are going to register the admin`
			`if(api_is_platform_admin()) {`
			`if($current_access_url_id!=-1) {`
			`$url_str = '';`
			`foreach($url_list as $my_url) {`
			`if (!in_array($my_url['id'],$my_user_url_list)){`
			`UrlManager::add_user_to_url(api_get_user_id(),$my_url['id']);`
Minor - cosmetic changes (cleaning header, changing require to require_once) 16 years ago			`$url_str.=$my_url['url'].' <br />';`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 16 years ago			`}`
			`}`
			`Display :: display_normal_message(get_lang('AdminUserRegisteredToThisURL').': '.$url_str.'<br />',false);`
			`}`
			`}`
			`break;`
			`}`

			`}`
			`Security::clear_token();`
			`}`

			`$parameters['sec_token'] = Security::get_token();`

			`// checking if the admin is registered in all sites`

			`$url_string='';`
			`$my_user_url_list = api_get_access_url_from_user(api_get_user_id());`
			`foreach($url_list as $my_url) {`
			`if (!in_array($my_url['id'],$my_user_url_list)){`
Minor - cosmetic changes (cleaning header, changing require to require_once) 16 years ago			`$url_string.=$my_url['url'].' <br />';`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 16 years ago			`}`
			`}`
			`if(!empty($url_string)) {`
Minor - cosmetic changes (cleaning header, changing require to require_once) 16 years ago			`Display :: display_warning_message(get_lang('AdminShouldBeRegisterInSite').'<br />'.$url_string,false);`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 16 years ago			`}`

			`// checking the current installation`
			`if ($current_access_url_id==-1) {`
			`Display :: display_warning_message(get_lang('URLNotConfiguredPleaseChangedTo').': '.api_get_path(WEB_PATH));`
			`} elseif(api_is_platform_admin()) {`
			`$quant= UrlManager::relation_url_user_exist(api_get_user_id(),$current_access_url_id);`
			`if ($quant==0) {`
			`Display :: display_warning_message('<a href="'.api_get_self().'?action=register&sec_token='.$parameters['sec_token'].'">'.get_lang('ClickToRegisterAdmin').'</a>',false);`
			`}`
			`}`

			`// action menu`
Cleaning the menu in the access url settings 15 years ago			`echo '<div class="actions">';`
			`echo Display::url(Display::return_icon('new_link.png', get_lang('AddUrl'), array(), 32), api_get_path(WEB_CODE_PATH).'admin/access_url_edit.php');`
			`echo Display::url(Display::return_icon('user.png', get_lang('ManageUsers'), array(), 32), api_get_path(WEB_CODE_PATH).'admin/access_url_edit_users_to_url.php');`
			`echo Display::url(Display::return_icon('course.png', get_lang('ManageCourses'), array(), 32), api_get_path(WEB_CODE_PATH).'admin/access_url_edit_courses_to_url.php');`
			`echo Display::url(Display::return_icon('session.png', get_lang('ManageSessions'), array(), 32), api_get_path(WEB_CODE_PATH).'admin/access_url_edit_sessions_to_url.php');`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 16 years ago			`echo '</div>';`

Fixing multiple URL list see BT#1555 15 years ago			`//$table = new SortableTable('urls', 'url_count_mask', 'get_url_data_mask',2);`
			`$sortable_data = UrlManager::get_url_data();`
			`$urls = array();`
			`foreach($sortable_data as $row) {`
			`//title`
			`$url = Display::url($row['url'], $row['url'], array('target'=>'_blank'));`
			`$description = $row['description'];`

			`//Status`
			`$active = $row['active'];`
			`if ($active=='1') {`
			`$action='lock';`
			`$image='right';`
			`}`
			`if ($active=='0') {`
			`$action='unlock';`
			`$image='wrong';`
			`}`
			`// you cannot lock the default`
			`if ($row['id']=='1') {`
			`$status = Display::return_icon($image.'.gif', get_lang(ucfirst($action)));`
			`} else {`
			`$status = '<a href="access_urls.php?action='.$action.'&url_id='.$row['id'].'&sec_token='.$_SESSION['sec_token'].'">'.Display::return_icon($image.'.gif', get_lang(ucfirst($action))).'</a>';`
			`}`
			`//Actions`
			`$url_id = $row['id'];`
			`$actions = '<a href="access_url_edit.php?url_id='.$url_id.'">'.Display::return_icon('edit.png', get_lang('Edit'), array(), 22).'</a> ';`
			`if ($url_id != '1') {`
			`$actions = '<a href="access_urls.php?action=delete_url&url_id='.$url_id.'&sec_token='.$_SESSION['sec_token'].'" onclick="javascript:if(!confirm('."'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES,$charset))."'".')) return false;">'.Display::return_icon('delete.png', get_lang('Delete'), array(), 22).'</a>';`
			`}`
			`$urls[] = array($url, $description, $status, $actions);`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 16 years ago			`}`

Fixing multiple URL list see BT#1555 15 years ago			`$table = new SortableTableFromArrayConfig($urls, 2, 50, 'urls');`
			`$table->set_additional_parameters($parameters);`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 16 years ago
Fixing multiple URL list see BT#1555 15 years ago			`//$table->set_header(0, '');`
			`$table->set_header(0, get_lang('URL'));`
			`$table->set_header(1, get_lang('Description'));`
			`$table->set_header(2, get_lang('Active'));`
			`$table->set_header(3, get_lang('Modify'), false);`
			`$table->display();`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 16 years ago
Cleaning code, adding headers, adding security::remove_XSS 16 years ago			`/* FOOTER */`
Minor - Making textareas more big 15 years ago			`Display :: display_footer();`