chamilo-lms/main/admin/access_url_edit.php

<?php
/* For licensing terms, see /license.txt */
/**
 * @package chamilo.admin
 * @author Julio Montoya <gugli100@gmail.com>
 */
$cidReset = true;
require_once __DIR__.'/../inc/global.inc.php';
$this_section = SECTION_PLATFORM_ADMIN;

api_protect_global_admin_script();

if (!api_get_multiple_access_url()) {
    header('Location: index.php');
    exit;
}

// Create the form
$form = new FormValidator('add_url');

if ($form->validate()) {
    $check = Security::check_token('post');
    if ($check) {
        $url_array = $form->getSubmitValues();
        $url = Security::remove_XSS($url_array['url']);
        $description = Security::remove_XSS($url_array['description']);
        $active = isset($url_array['active']) ? intval($url_array['active']) : 0;
        $url_id = isset($url_array['id']) ? intval($url_array['id']) : 0;
        $url_to_go = 'access_urls.php';
        if (!empty($url_id)) {
            //we can't change the status of the url with id=1
            if ($url_id == 1) {
                $active = 1;
            }
            //checking url
            if (substr($url, strlen($url) - 1, strlen($url)) == '/') {
                UrlManager::update($url_id, $url, $description, $active);
            } else {
                UrlManager::update($url_id, $url.'/', $description, $active);
            }
            // URL Images
            $url_images_dir = api_get_path(SYS_PATH).'custompages/url-images/';
            $image_fields = array("url_image_1", "url_image_2", "url_image_3");
            foreach ($image_fields as $image_field) {
                if ($_FILES[$image_field]['error'] == 0) {
                    // Hardcoded: only PNG files allowed
                    $fileFields = explode('.', $_FILES[$image_field]['name']);
                    if (end($fileFields) == 'png') {
                        if (file_exists($url_images_dir.$url_id.'_'.$image_field.'.png')) {
                            // if the file exists, we have to remove it before move_uploaded_file
                            unlink($url_images_dir.$url_id.'_'.$image_field.'.png');
                        }
                        move_uploaded_file(
                            $_FILES[$image_field]['tmp_name'],
                            $url_images_dir.$url_id.'_'.$image_field.'.png'
                        );
                    }
                    // else fail silently
                }
                // else fail silently
            }
            $url_to_go = 'access_urls.php';
            $message = get_lang('URLEdited');
        } else {
            $num = UrlManager::url_exist($url);
            if ($num == 0) {
                // checking url
                if (substr($url, strlen($url) - 1, strlen($url)) == '/') {
                    UrlManager::add($url, $description, $active);
                } else {
                    //create
                    UrlManager::add($url.'/', $description, $active);
                }
                $message = get_lang('URLAdded');
                $url_to_go = 'access_urls.php';
            } else {
                $url_to_go = 'access_url_edit.php';
                $message = get_lang('URLAlreadyAdded');
            }
            // URL Images
            $url .= (substr($url, strlen($url) - 1, strlen($url)) == '/') ? '' : '/';
            $url_id = UrlManager::get_url_id($url);
            $url_images_dir = api_get_path(SYS_PATH).'custompages/url-images/';
            $image_fields = array("url_image_1", "url_image_2", "url_image_3");
            foreach ($image_fields as $image_field) {
                if ($_FILES[$image_field]['error'] == 0) {
                    // Hardcoded: only PNG files allowed
                    $fileFields = explode('.', $_FILES[$image_field]['name']);
                    if (end($fileFields) == 'png') {
                        move_uploaded_file($_FILES[$image_field]['tmp_name'], $url_images_dir.$url_id.'_'.$image_field.'.png');
                    }
                    // else fail silently
                }
                // else fail silently
            }
        }
        Security::clear_token();
        $tok = Security::get_token();
        Display::addFlash(Display::return_message($message));
        header('Location: '.$url_to_go.'?sec_token='.$tok);
        exit();
    }
} else {
    if (isset($_POST['submit'])) {
        Security::clear_token();
    }
    $token = Security::get_token();
    $form->addElement('hidden', 'sec_token');
    $form->setConstants(array('sec_token' => $token));
}

$form->addElement('text', 'url', 'URL');
$form->addRule('url', get_lang('ThisFieldIsRequired'), 'required');
$form->addRule('url', '', 'maxlength', 254);
$form->addElement('textarea', 'description', get_lang('Description'));

//the first url with id = 1 will be always active
if (isset($_GET['url_id']) && $_GET['url_id'] != 1) {
    $form->addElement('checkbox', 'active', null, get_lang('Active'));
}

$defaults['url'] = 'http://';
$form->setDefaults($defaults);

$submit_name = get_lang('AddUrl');
if (isset($_GET['url_id'])) {
    $url_id = intval($_GET['url_id']);
    $num_url_id = UrlManager::url_id_exist($url_id);
    if ($num_url_id != 1) {
        header('Location: access_urls.php');
        exit();
    }
    $url_data = UrlManager::get_url_data_from_id($url_id);
    $form->addElement('hidden', 'id', $url_data['id']);
    $form->setDefaults($url_data);
    $submit_name = get_lang('AddUrl');
}

if (!api_is_multiple_url_enabled()) {
    header('Location: index.php');
    exit;
}

$tool_name = get_lang('AddUrl');
$interbreadcrumb[] = array("url" => 'index.php', "name" => get_lang('PlatformAdmin'));
$interbreadcrumb[] = array("url" => 'access_urls.php', "name" => get_lang('MultipleAccessURLs'));

Display :: display_header($tool_name);

// URL Images
$form->addElement('file', 'url_image_1', 'URL Image 1 (PNG)');
$form->addElement('file', 'url_image_2', 'URL Image 2 (PNG)');
$form->addElement('file', 'url_image_3', 'URL Image 3 (PNG)');

// Submit button
$form->addButtonCreate($submit_name);
$form->display();

Display::display_footer();
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 15 years ago			`<?php`
Fixing Quickform error 15 years ago			`/* For licensing terms, see /license.txt */`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 15 years ago			`/**`
Minor - Format code 8 years ago			`* @package chamilo.admin`
			`* @author Julio Montoya <gugli100@gmail.com>`
format code with psr standards 9 years ago			`*/`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 15 years ago			`$cidReset = true;`
Use __DIR__ when calling global.inc.php This is needed for an easy migration to chamilo v2 8 years ago			`require_once __DIR__.'/../inc/global.inc.php';`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 15 years ago			`$this_section = SECTION_PLATFORM_ADMIN;`

Adding the notion of Global admins. Functions added to main_api: api_is_global_platform_admin() api_protect_global_admin_script(); Blocking the access to the NO global admin users in the multiple URLs configuration See CT#1308 15 years ago			`api_protect_global_admin_script();`
Fixing mark/unmark settings, only can be configured in the main portal by the global admin 13 years ago
Minor - Fixing HTML warnings 14 years ago			`if (!api_get_multiple_access_url()) {`
Minor - Formatting code. 11 years ago			`header('Location: index.php');`
			`exit;`
Cleaning code, adding headers, adding security::remove_XSS 15 years ago			`}`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 15 years ago
			`// Create the form`
			`$form = new FormValidator('add_url');`

Minor - Formatting code. 11 years ago			`if ($form->validate()) {`
			`$check = Security::check_token('post');`
			`if ($check) {`
			`$url_array = $form->getSubmitValues();`
			`$url = Security::remove_XSS($url_array['url']);`
			`$description = Security::remove_XSS($url_array['description']);`
Fix create/edit access url - refs BT#11414 8 years ago			`$active = isset($url_array['active']) ? intval($url_array['active']) : 0;`
			`$url_id = isset($url_array['id']) ? intval($url_array['id']) : 0;`
format code with psr standards 9 years ago			`$url_to_go = 'access_urls.php';`
Fix create/edit access url - refs BT#11414 8 years ago			`if (!empty($url_id)) {`
Minor - Formatting code. 11 years ago			`//we can't change the status of the url with id=1`
			`if ($url_id == 1) {`
			`$active = 1;`
			`}`
			`//checking url`
format code with psr standards 9 years ago			`if (substr($url, strlen($url) - 1, strlen($url)) == '/') {`
Fixing typo. 11 years ago			`UrlManager::update($url_id, $url, $description, $active);`
Minor - Formatting code. 11 years ago			`} else {`
Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 8 years ago			`UrlManager::update($url_id, $url.'/', $description, $active);`
Minor - Formatting code. 11 years ago			`}`
			`// URL Images`
Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 8 years ago			`$url_images_dir = api_get_path(SYS_PATH).'custompages/url-images/';`
Minor - Formatting code. 11 years ago			`$image_fields = array("url_image_1", "url_image_2", "url_image_3");`
			`foreach ($image_fields as $image_field) {`
			`if ($_FILES[$image_field]['error'] == 0) {`
			`// Hardcoded: only PNG files allowed`
Improve code precision as suggested by #scrutinizer 8 years ago			`$fileFields = explode('.', $_FILES[$image_field]['name']);`
			`if (end($fileFields) == 'png') {`
Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 8 years ago			`if (file_exists($url_images_dir.$url_id.'_'.$image_field.'.png')) {`
format code with psr standards 9 years ago			`// if the file exists, we have to remove it before move_uploaded_file`
Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 8 years ago			`unlink($url_images_dir.$url_id.'_'.$image_field.'.png');`
format code with psr standards 9 years ago			`}`
Minor - Formatting code. 11 years ago			`move_uploaded_file(`
Minor - Format code 8 years ago			`$_FILES[$image_field]['tmp_name'],`
			`$url_images_dir.$url_id.'_'.$image_field.'.png'`
Minor - Formatting code. 11 years ago			`);`
			`}`
			`// else fail silently`
			`}`
			`// else fail silently`
			`}`
format code with psr standards 9 years ago			`$url_to_go = 'access_urls.php';`
			`$message = get_lang('URLEdited');`
			`} else {`
			`$num = UrlManager::url_exist($url);`
			`if ($num == 0) {`
Minor - Formatting code. 11 years ago			`// checking url`
format code with psr standards 9 years ago			`if (substr($url, strlen($url) - 1, strlen($url)) == '/') {`
			`UrlManager::add($url, $description, $active);`
			`} else {`
			`//create`
Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 8 years ago			`UrlManager::add($url.'/', $description, $active);`
format code with psr standards 9 years ago			`}`
			`$message = get_lang('URLAdded');`
			`$url_to_go = 'access_urls.php';`
			`} else {`
			`$url_to_go = 'access_url_edit.php';`
			`$message = get_lang('URLAlreadyAdded');`
			`}`
			`// URL Images`
			`$url .= (substr($url, strlen($url) - 1, strlen($url)) == '/') ? '' : '/';`
			`$url_id = UrlManager::get_url_id($url);`
Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 8 years ago			`$url_images_dir = api_get_path(SYS_PATH).'custompages/url-images/';`
format code with psr standards 9 years ago			`$image_fields = array("url_image_1", "url_image_2", "url_image_3");`
			`foreach ($image_fields as $image_field) {`
			`if ($_FILES[$image_field]['error'] == 0) {`
			`// Hardcoded: only PNG files allowed`
Improve code precision as suggested by #scrutinizer 8 years ago			`$fileFields = explode('.', $_FILES[$image_field]['name']);`
			`if (end($fileFields) == 'png') {`
Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 8 years ago			`move_uploaded_file($_FILES[$image_field]['tmp_name'], $url_images_dir.$url_id.'_'.$image_field.'.png');`
format code with psr standards 9 years ago			`}`
			`// else fail silently`
			`}`
			`// else fail silently`
			`}`
			`}`
			`Security::clear_token();`
			`$tok = Security::get_token();`
Remove Session::read('message'); use Display::addFlash, remove api_set_failure/api_get_failure 8 years ago			`Display::addFlash(Display::return_message($message));`
Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 8 years ago			`header('Location: '.$url_to_go.'?sec_token='.$tok);`
format code with psr standards 9 years ago			`exit();`
			`}`
Fixing Quickform error 15 years ago			`} else {`
format code with psr standards 9 years ago			`if (isset($_POST['submit'])) {`
			`Security::clear_token();`
			`}`
			`$token = Security::get_token();`
			`$form->addElement('hidden', 'sec_token');`
			`$form->setConstants(array('sec_token' => $token));`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 15 years ago			`}`

fix span6 boostrap 2 deleted refs - CT#7539 9 years ago			`$form->addElement('text', 'url', 'URL');`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 15 years ago			`$form->addRule('url', get_lang('ThisFieldIsRequired'), 'required');`
format code with psr standards 9 years ago			`$form->addRule('url', '', 'maxlength', 254);`
			`$form->addElement('textarea', 'description', get_lang('Description'));`
Fixing Quickform error 15 years ago
			`//the first url with id = 1 will be always active`
Format code, fixing PHP warnings, removing old comments. 10 years ago			`if (isset($_GET['url_id']) && $_GET['url_id'] != 1) {`
format code with psr standards 9 years ago			`$form->addElement('checkbox', 'active', null, get_lang('Active'));`
Fixing Quickform error 15 years ago			`}`
A technical correction for the file access_url_edit.php 15 years ago
format code with psr standards 9 years ago			`$defaults['url'] = 'http://';`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 15 years ago			`$form->setDefaults($defaults);`

fixed the correct call to function in class, improve with buttons CT#1127 15 years ago			`$submit_name = get_lang('AddUrl');`
Fixing Quickform error 15 years ago			`if (isset($_GET['url_id'])) {`
format code with psr standards 9 years ago			`$url_id = intval($_GET['url_id']);`
			`$num_url_id = UrlManager::url_id_exist($url_id);`
			`if ($num_url_id != 1) {`
			`header('Location: access_urls.php');`
			`exit();`
			`}`
			`$url_data = UrlManager::get_url_data_from_id($url_id);`
			`$form->addElement('hidden', 'id', $url_data['id']);`
			`$form->setDefaults($url_data);`
			`$submit_name = get_lang('AddUrl');`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 15 years ago			`}`

Format code, fixing PHP warnings, removing old comments. 10 years ago			`if (!api_is_multiple_url_enabled()) {`
			`header('Location: index.php');`
Minor - Formatting code. 11 years ago			`exit;`
			`}`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 15 years ago
			`$tool_name = get_lang('AddUrl');`
format code with psr standards 9 years ago			`$interbreadcrumb[] = array("url" => 'index.php', "name" => get_lang('PlatformAdmin'));`
			`$interbreadcrumb[] = array("url" => 'access_urls.php', "name" => get_lang('MultipleAccessURLs'));`
Format code, fixing PHP warnings, removing old comments. 10 years ago
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 15 years ago			`Display :: display_header($tool_name);`

Custom Pages : Added the URL Images feature. 14 years ago			`// URL Images`
format code with psr standards 9 years ago			`$form->addElement('file', 'url_image_1', 'URL Image 1 (PNG)');`
			`$form->addElement('file', 'url_image_2', 'URL Image 2 (PNG)');`
			`$form->addElement('file', 'url_image_3', 'URL Image 3 (PNG)');`
Custom Pages : Added the URL Images feature. 14 years ago
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 15 years ago			`// Submit button`
Fix buttons. 10 years ago			`$form->addButtonCreate($submit_name);`
Feature #306 - Line endigs cohrrence, Part 1: Converting \r\n line endings (Windows style) to \n (Unix style) in php, html, js, xml, txt files. 15 years ago			`$form->display();`
Fixing queries see #7440 10 years ago
			`Display::display_footer();`