Chamilo is a learning management system focused on ease of use and accessibility
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
chamilo-lms/main/newscorm/storageapi.php

223 lines
6.6 KiB

<?php
// Storage API
// PHP Backend
// CBlue SPRL, Jean-Karim Bockstael, <jeankarim@cblue.be>
require_once('../inc/global.inc.php');
switch ($_REQUEST['action']) {
case "get":
print storage_get($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey']);
break;
case "set":
if (storage_can_set($_REQUEST['svuser'])) {
print storage_set($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey'], $_REQUEST['svvalue']);
}
break;
case "getall":
print storage_getall($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco']);
break;
case "stackpush":
if (storage_can_set($_REQUEST['svuser'])) {
print storage_stack_push($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey'], $_REQUEST['svvalue']);
}
break;
case "stackpop":
if (storage_can_set($_REQUEST['svuser'])) {
print storage_stack_pop($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey']);
}
break;
case "stacklength":
print storage_stack_length($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey']);
break;
case "stackclear":
if (storage_can_set($_REQUEST['svuser'])) {
print storage_stack_clear($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey']);
}
break;
case "stackgetall":
print storage_stack_getall($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey']);
break;
case "usersgetall":
print storage_get_all_users();
break;
default:
// Do nothing
}
function storage_can_set($sv_user) {
// platform admin can change any user's stored values, other users can only change their own values
$allowed = ((api_is_platform_admin()) || ($sv_user == api_get_user_id()));
if (!$allowed) {
print "ERROR : Not allowed";
}
return $allowed;
}
function storage_get($sv_user, $sv_course, $sv_sco, $sv_key) {
$sql = "select sv_value
from ".Database::get_main_table(TABLE_MAIN_STORED_VALUES)."
where user_id= '$sv_user'
and sco_id = '$sv_sco'
and course_id = '$sv_course'
and sv_key = '$sv_key'";
$res = Database::query($sql);
if (mysql_num_rows($res) > 0) {
$row = Database::fetch_assoc($res);
if (get_magic_quotes_gpc()) {
return stripslashes($row['sv_value']);
}
else {
return $row['sv_value'];
}
}
else {
return null;
}
}
function storage_set($sv_user, $sv_course, $sv_sco, $sv_key, $sv_value) {
$sv_value = mysql_real_escape_string($sv_value);
$sql = "replace into ".Database::get_main_table(TABLE_MAIN_STORED_VALUES)."
(user_id, sco_id, course_id, sv_key, sv_value)
values
('$sv_user','$sv_sco','$sv_course','$sv_key','$sv_value')";
$res = Database::query($sql);
return mysql_affected_rows();
}
function storage_getall($sv_user, $sv_course, $sv_sco) {
$sql = "select sv_key, sv_value
from ".Database::get_main_table(TABLE_MAIN_STORED_VALUES)."
where user_id= '$sv_user'
and sco_id = '$sv_sco'
and course_id = '$sv_course'";
$res = Database::query($sql);
$data = array();
while ($row = Database::fetch_assoc($res)) {
if (get_magic_quotes_gpc()) {
$row['sv_value'] = stripslashes($row['sv_value']);
}
$data[] = $row;
}
return json_encode($data);
}
function storage_stack_push($sv_user, $sv_course, $sv_sco, $sv_key, $sv_value) {
$sv_value = mysql_real_escape_string($sv_value);
Database::query("start transaction");
$sqlorder = "select ifnull((select max(stack_order)
from ".Database::get_main_table(TABLE_MAIN_STORED_VALUES_STACK)."
where user_id= '$sv_user'
and sco_id='$sv_sco'
and course_id='$sv_course'
and sv_key='$sv_key'
), 0) as stack_order";
$resorder = Database::query($sqlorder);
$row = Database::fetch_assoc($resorder);
$stack_order = (1 + $row['stack_order']);
$sqlinsert = "insert into ".Database::get_main_table(TABLE_MAIN_STORED_VALUES_STACK)."
(user_id, sco_id, course_id, sv_key, stack_order, sv_value)
values
('$sv_user', '$sv_sco', '$sv_course', '$sv_key', '$stack_order', '$sv_value')";
$resinsert = Database::query($sqlinsert);
if ($resorder && $resinsert) {
Database::query("commit");
return 1;
}
else {
Database::query("rollback");
return 0;
}
}
function storage_stack_pop($sv_user, $sv_course, $sv_sco, $sv_key) {
Database::query("start transaction");
$sqlselect = "select sv_value, stack_order
from ".Database::get_main_table(TABLE_MAIN_STORED_VALUES_STACK)."
where user_id= '$sv_user'
and sco_id='$sv_sco'
and course_id='$sv_course'
and sv_key='$sv_key'
order by stack_order desc
limit 1";
$resselect = Database::query($sqlselect);
$rowselect = Database::fetch_assoc($resselect);
$stack_order = $rowselect['stack_order'];
$sqldelete = "delete
from ".Database::get_main_table(TABLE_MAIN_STORED_VALUES_STACK)."
where user_id= '$sv_user'
and sco_id='$sv_sco'
and course_id='$sv_course'
and sv_key='$sv_key'
and stack_order='$stack_order'";
$resdelete = Database::query($sqldelete);
if ($resselect && $resdelete) {
Database::query("commit");
if (get_magic_quotes_gpc()) {
return stripslashes($rowselect['sv_value']);
}
else {
return $rowselect['sv_value'];
}
}
else {
Database::query("rollback");
return null;
}
}
function storage_stack_length($sv_user, $sv_course, $sv_sco, $sv_key) {
$sql = "select count(*) as length
from ".Database::get_main_table(TABLE_MAIN_STORED_VALUES_STACK)."
where user_id= '$sv_user'
and sco_id='$sv_sco'
and course_id='$sv_course'
and sv_key='$sv_key'";
$res = Database::query($sql);
$row = Database::fetch_assoc($res);
return $row['length'];
}
function storage_stack_clear($sv_user, $sv_course, $sv_sco, $sv_key) {
$sql = "delete
from ".Database::get_main_table(TABLE_MAIN_STORED_VALUES_STACK)."
where user_id= '$sv_user'
and sco_id='$sv_sco'
and course_id='$sv_course'
and sv_key='$sv_key'";
$res = Database::query($sql);
return mysql_num_rows($res);
}
function storage_stack_getall($sv_user, $sv_course, $sv_sco, $sv_key) {
$sql = "select stack_order as stack_order, sv_value as value
from ".Database::get_main_table(TABLE_MAIN_STORED_VALUES_STACK)."
where user_id= '$sv_user'
and sco_id='$sv_sco'
and course_id='$sv_course'
and sv_key='$sv_key'";
$res = Database::query($sql);
$results = array();
while ($row = Database::fetch_assoc($res)) {
if (get_magic_quotes_gpc()) {
$row['value'] = stripslashes($row['value']);
}
$results[] = $row;
}
return json_encode($results);
}
function storage_get_all_users() {
$sql = "select user_id, username, firstname, lastname
from ".Database::get_main_table(TABLE_MAIN_USER)."
order by user_id asc";
$res = Database::query($sql);
$results = array();
while ($row = Database::fetch_assoc($res)) {
$results[] = $row;
}
return json_encode($results);
}
?>