Chamilo is a learning management system focused on ease of use and accessibility
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
chamilo-lms/main/work/edit.php

257 lines
9.7 KiB

<?php
/* For licensing terms, see /license.txt */
use ChamiloSession as Session;
$language_file = array('exercice', 'work', 'document', 'admin', 'gradebook');
require_once '../inc/global.inc.php';
$current_course_tool = TOOL_STUDENTPUBLICATION;
api_protect_course_script(true);
// Including necessary files
require_once 'work.lib.php';
require_once api_get_path(LIBRARY_PATH).'fileManage.lib.php';
require_once api_get_path(LIBRARY_PATH).'fileUpload.lib.php';
require_once api_get_path(LIBRARY_PATH).'fileDisplay.lib.php';
$this_section = SECTION_COURSES;
$work_id = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : null;
$item_id = isset($_REQUEST['item_id']) ? intval($_REQUEST['item_id']) : null;
$work_table = Database :: get_course_table(TABLE_STUDENT_PUBLICATION);
$is_allowed_to_edit = api_is_allowed_to_edit();
$course_id = api_get_course_int_id();
$user_id = api_get_user_id();
$session_id = api_get_session_id();
$course_code = api_get_course_id();
$course_info = api_get_course_info();
if (empty($work_id) || empty($item_id)) {
api_not_allowed(true);
}
$parent_data = $my_folder_data = get_work_data_by_id($work_id);
if (empty($parent_data)) {
api_not_allowed(true);
}
$is_course_member = CourseManager::is_user_subscribed_in_real_or_linked_course($user_id, $course_code, $session_id);
$is_course_member = $is_course_member || api_is_platform_admin();
if ($is_course_member == false) {
api_not_allowed(true);
}
$check = Security::check_token('post');
$token = Security::get_token();
$student_can_edit_in_session = api_is_allowed_to_session_edit(false, true);
$has_ended = false;
$is_author = false;
$work_item = get_work_data_by_id($item_id);
// Get the author ID for that document from the item_property table
$is_author = user_is_author($item_id);
if (!$is_author) {
api_not_allowed(true);
}
// Student's can't edit work only if he can delete his docs.
if (!api_is_allowed_to_edit()) {
if (api_get_course_setting('student_delete_own_publication') != 1) {
api_not_allowed(true);
}
}
if (!empty($my_folder_data)) {
$homework = get_work_assignment_by_id($my_folder_data['id']);
if ($homework['expires_on'] != '0000-00-00 00:00:00' || $homework['ends_on'] != '0000-00-00 00:00:00') {
$time_now = time();
if (!empty($homework['expires_on']) && $homework['expires_on'] != '0000-00-00 00:00:00') {
$time_expires = api_strtotime($homework['expires_on'], 'UTC');
$difference = $time_expires - $time_now;
if ($difference < 0) {
$has_expired = true;
}
}
if (empty($homework['expires_on']) || $homework['expires_on'] == '0000-00-00 00:00:00') {
$has_expired = false;
}
if (!empty($homework['ends_on']) && $homework['ends_on'] != '0000-00-00 00:00:00') {
$time_ends = api_strtotime($homework['ends_on'], 'UTC');
$difference2 = $time_ends - $time_now;
if ($difference2 < 0) {
$has_ended = true;
}
}
$ends_on = api_convert_and_format_date($homework['ends_on']);
$expires_on = api_convert_and_format_date($homework['expires_on']);
}
}
$interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH).'work/work.php?'.api_get_cidreq(), 'name' => get_lang('StudentPublications'));
$interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH).'work/work_list.php?'.api_get_cidreq().'&id='.$work_id, 'name' => $parent_data['title']);
// form title
$form_title = get_lang('Edit');
$interbreadcrumb[] = array('url' => '#', 'name' => $form_title);
$form = new FormValidator(
'form',
'POST',
api_get_self()."?".api_get_cidreq()."&id=".$work_id."&gradebook=".Security::remove_XSS($_GET['gradebook'])."&origin=$origin",
'',
array('enctype' => "multipart/form-data")
);
$form->addElement('header', $form_title);
$show_progress_bar = false;
if ($submitGroupWorkUrl) {
// For user coming from group space to publish his work
$realUrl = str_replace($_configuration['root_sys'], api_get_path(WEB_PATH), str_replace("\\", '/', realpath($submitGroupWorkUrl)));
$form->addElement('hidden', 'newWorkUrl', $submitGroupWorkUrl);
$text_document = $form->addElement('text', 'document', get_lang('Document'));
$defaults['document'] = '<a href="' . format_url($submitGroupWorkUrl) . '">' . $realUrl . '</a>';
$text_document->freeze();
} elseif ($item_id && ($is_allowed_to_edit or $is_author)) {
$workUrl = $currentCourseRepositoryWeb . $workUrl;
}
$form->addElement('hidden', 'id', $work_id);
$form->addElement('hidden', 'item_id', $item_id);
$form->addElement('text', 'title', get_lang('Title'), array('id' => 'file_upload', 'class' => 'span4'));
$form->add_html_editor('description', get_lang('Description'), false, false, getWorkDescriptionToolbar());
$defaults['title'] = $work_item['title'];
$defaults["description"] = $work_item['description'];
$defaults['qualification'] = $work_item['qualification'];
if ($is_allowed_to_edit && !empty($item_id)) {
// Get qualification from parent_id that'll allow the validation qualification over
$sql = "SELECT qualification FROM $work_table WHERE c_id = $course_id AND id ='$work_id' ";
$result = Database::query($sql);
$row = Database::fetch_array($result);
$qualification_over = $row['qualification'];
if (!empty($qualification_over) && intval($qualification_over) > 0) {
$form->addElement('text', 'qualification', array(get_lang('Qualification'), null, " / ".$qualification_over), 'size="10"');
$form->addElement('hidden', 'qualification_over', $qualification_over);
}
}
$form->addElement('hidden', 'active', 1);
$form->addElement('hidden', 'accepted', 1);
$form->addElement('hidden', 'item_to_edit', $item_id);
$form->addElement('hidden', 'sec_token', $token);
$text = get_lang('UpdateWork');
$class = 'save';
// fix the Ok button when we see the tool in the learn path
$form->addElement('style_submit_button', 'editWork', $text, array('class'=> $class, 'value' => "editWork"));
$form->setDefaults($defaults);
$error_message = null;
$_course = api_get_course_info();
$currentCourseRepositorySys = api_get_path(SYS_COURSE_PATH).$_course['path'] . '/';
$succeed = false;
if ($form->validate()) {
if ($student_can_edit_in_session && $check) {
if (isset($_POST['editWork'])) {
/*
* SPECIAL CASE ! For a work edited
*/
//Get the author ID for that document from the item_property table
$item_to_edit_id = intval($_POST['item_to_edit']);
$is_author = user_is_author($item_to_edit_id);
if ($is_author) {
$work_data = get_work_data_by_id($item_to_edit_id);
if (!empty($_POST['title'])) {
$title = isset($_POST['title']) ? $_POST['title'] : $work_data['title'];
}
$description = isset($_POST['description']) ? $_POST['description'] : $work_data['description'];
if ($is_allowed_to_edit && ($_POST['qualification'] !='' )) {
$add_to_update = ', qualificator_id ='."'".api_get_user_id()."', ";
$add_to_update .= ' qualification = '."'".Database::escape_string($_POST['qualification'])."',";
$add_to_update .= ' date_of_qualification = '."'".api_get_utc_datetime()."'";
}
if ($_POST['qualification'] > $_POST['qualification_over']) {
Display::display_error_message(get_lang('QualificationMustNotBeMoreThanQualificationOver'));
} else {
$sql = "UPDATE " . $work_table . "
SET title = '".Database::escape_string($title)."',
description = '".Database::escape_string($description)."'
".$add_to_update."
WHERE c_id = $course_id AND id = $item_to_edit_id";
Database::query($sql);
}
api_item_property_update($_course, 'work', $item_to_edit_id, 'DocumentUpdated', $user_id);
$succeed = true;
$error_message .= Display::return_message(get_lang('ItemUpdated'), false);
} else {
$error_message .= Display::return_message(get_lang('IsNotPosibleSaveTheDocument'), 'error');
}
} else {
$error_message .= Display::return_message(get_lang('IsNotPosibleSaveTheDocument'), 'error');
}
Security::clear_token();
} else {
// Bad token or can't add works
$error_message = Display::return_message(get_lang('IsNotPosibleSaveTheDocument'), 'error');
}
$script = 'work_list.php';
if ($is_allowed_to_edit) {
$script = 'work_list_all.php';
}
header('Location: '.api_get_path(WEB_CODE_PATH).'work/'.$script.'?'.api_get_cidreq().'&id='.$work_id.'&error_message='.$error_message);
exit;
}
$htmlHeadXtra[] = to_javascript_work();
Display :: display_header(null);
if (!empty($work_id)) {
if ($is_allowed_to_edit) {
if (api_resource_is_locked_by_gradebook($work_id, LINK_STUDENTPUBLICATION)) {
echo Display::display_warning_message(get_lang('ResourceLockedByGradebook'));
} else {
$form->display();
}
} elseif ($is_author) {
if (empty($work_item['qualificator_id']) || $work_item['qualificator_id'] == 0) {
$form->display();
} else {
Display::display_error_message(get_lang('ActionNotAllowed'));
}
} elseif ($student_can_edit_in_session && $has_ended == false) {
$form->display();
} else {
Display::display_error_message(get_lang('ActionNotAllowed'));
}
} else {
Display::display_error_message(get_lang('ActionNotAllowed'));
}
Display :: display_footer();