chamilo-lms/main/work/view.php

<?php
/* For licensing terms, see /license.txt */

require_once '../inc/global.inc.php';
$current_course_tool  = TOOL_STUDENTPUBLICATION;

require_once 'work.lib.php';

$id = isset($_GET['id']) ? intval($_GET['id']) : null;
$work = get_work_data_by_id($id);

if (empty($id) || empty($work)) {
    api_not_allowed(true);
}

if ($work['active'] != 1) {
    api_not_allowed(true);
}


$work['title'] = isset($work['title']) ? Security::remove_XSS($work['title']) : '';
$work['description'] = isset($work['description']) ? Security::remove_XSS($work['description']) : '';

$interbreadcrumb[] = array(
    'url' => api_get_path(WEB_CODE_PATH).'work/work.php?'.api_get_cidreq(),
    'name' => get_lang('StudentPublications'),
);

$my_folder_data = get_work_data_by_id($work['parent_id']);
$courseInfo = api_get_course_info();

protectWork(api_get_course_info(), $work['parent_id']);

$isDrhOfCourse = CourseManager::isUserSubscribedInCourseAsDrh(
    api_get_user_id(),
    $courseInfo
);

if ((user_is_author($id) || $isDrhOfCourse || (api_is_allowed_to_edit() || api_is_coach())) ||
    (
        $courseInfo['show_score'] == 0 &&
        $work['active'] == 1 &&
        $work['accepted'] == 1
    )
) {
    if ((api_is_allowed_to_edit() || api_is_coach()) || api_is_drh()) {
        $url_dir = api_get_path(WEB_CODE_PATH).'work/work_list_all.php?id='.$my_folder_data['id'].'&'.api_get_cidreq();
    } else {
        $url_dir = api_get_path(WEB_CODE_PATH).'work/work_list.php?id='.$my_folder_data['id'].'&'.api_get_cidreq();
    }

    $userInfo = api_get_user_info($work['user_id']);
    $interbreadcrumb[] = array('url' => $url_dir, 'name' => $my_folder_data['title']);
    $interbreadcrumb[] = array('url' => '#', 'name' => $userInfo['complete_name']);
    $interbreadcrumb[] = array('url' => '#','name' => $work['title']);

    if (($courseInfo['show_score'] == 0 &&
        $work['active'] == 1 &&
        $work['accepted'] == 1
        ) ||
        (api_is_allowed_to_edit() || api_is_coach()) ||
        user_is_author($id) ||
        $isDrhOfCourse
    ) {
        $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : null;
        $page = isset($_REQUEST['page']) ? $_REQUEST['page'] : null;

        if ($page == 'edit') {
            $url = api_get_path(WEB_CODE_PATH).'work/edit.php?id='.$my_folder_data['id'].'&item_id='.$work['id'].'&'.api_get_cidreq();
        } else {
            $url = api_get_path(WEB_CODE_PATH).'work/view.php?id='.$work['id'].'&'.api_get_cidreq();
        }

        switch ($action) {
            case 'send_comment':
                if (isset($_FILES["file"])) {
                    $_POST['file'] = $_FILES["file"];
                }

                addWorkComment(
                    api_get_course_info(),
                    api_get_user_id(),
                    $my_folder_data,
                    $work,
                    $_POST
                );

                Display::addFlash(Display::return_message(get_lang('CommentCreated')));

                header('Location: '.$url);
                exit;
                break;
            case 'delete_attachment':
                deleteCommentFile(
                    $_REQUEST['comment_id'],
                    api_get_course_info()
                );

                Display::addFlash(Display::return_message(get_lang('DocDeleted')));
                header('Location: '.$url);
                exit;
                break;
        }

        $comments = getWorkComments($work);
        $commentForm = getWorkCommentForm($work);

        $tpl = new Template();

        $tpl->assign('work', $work);
        $tpl->assign('comments', $comments);

        $actions = '';
        if (isset($work['contains_file'])) {
            if (isset($work['download_url'])) {
                $actions .= Display::url(
                    Display::return_icon(
                        'save.png',
                        get_lang('Download'),
                        null,
                        ICON_SIZE_MEDIUM
                    ),
                    $work['download_url']
                );

                if (isset($work['url_correction'])) {
                    $actions .= Display::url(
                        Display::return_icon(
                            'check-circle.png',
                            get_lang('Correction'),
                            null,
                            ICON_SIZE_MEDIUM
                        ),
                        $work['download_url'].'&correction=1'
                    );
                }
            }
        }

        $tpl->assign('actions', $actions);
        if (api_is_allowed_to_session_edit()) {
            $tpl->assign('form', $commentForm);
        }
        $tpl->assign('is_allowed_to_edit', api_is_allowed_to_edit());

        $template = $tpl->get_template('work/view.tpl');
        $content  = $tpl->fetch($template);
        $tpl->assign('content', $content);
        $tpl->display_one_col_template();
    } else {
        api_not_allowed(true);
    }
} else {
    api_not_allowed(true);
}
Now we can add works with out uploading a file see #3978 13 years ago			`<?php`
Fixing upload and adding a view icon for students. 11 years ago			`/* For licensing terms, see /license.txt */`

Now we can add works with out uploading a file see #3978 13 years ago			`require_once '../inc/global.inc.php';`
When hidden course tools we also block the access to the page with a api_not_allowed a new variables is needed: $current_course_tool = TOOL_ATTENDANCE; see BT#4138. Admins have access everywhere 13 years ago			`$current_course_tool = TOOL_STUDENTPUBLICATION;`

Now we can add works with out uploading a file see #3978 13 years ago			`require_once 'work.lib.php';`

Fixing upload and adding a view icon for students. 11 years ago			`$id = isset($_GET['id']) ? intval($_GET['id']) : null;`
Now we can add works with out uploading a file see #3978 13 years ago			`$work = get_work_data_by_id($id);`

			`if (empty($id) \|\| empty($work)) {`
Adding DRH support in works see #7064 10 years ago			`api_not_allowed(true);`
Now we can add works with out uploading a file see #3978 13 years ago			`}`
Minor - format code. 11 years ago
Blocking access if work is not active see BT#8773 10 years ago			`if ($work['active'] != 1) {`
			`api_not_allowed(true);`
			`}`

Add security::removeXSS see #8094 9 years ago
			`$work['title'] = isset($work['title']) ? Security::remove_XSS($work['title']) : '';`
			`$work['description'] = isset($work['description']) ? Security::remove_XSS($work['description']) : '';`

Fix urls + format code 9 years ago			`$interbreadcrumb[] = array(`
			`'url' => api_get_path(WEB_CODE_PATH).'work/work.php?'.api_get_cidreq(),`
			`'name' => get_lang('StudentPublications'),`
			`);`
Now we can add works with out uploading a file see #3978 13 years ago
More fixes in the work tool 13 years ago			`$my_folder_data = get_work_data_by_id($work['parent_id']);`
Adding DRH support in works see #7064 10 years ago			`$courseInfo = api_get_course_info();`

Add student publication folder visibility see #6760 10 years ago			`protectWork(api_get_course_info(), $work['parent_id']);`
More fixes in the work tool 13 years ago
Adding DRH support in works see #7064 10 years ago			`$isDrhOfCourse = CourseManager::isUserSubscribedInCourseAsDrh(`
			`api_get_user_id(),`
			`$courseInfo`
			`);`
Blocking access if user is not subscribed see BT#6615 11 years ago
Coach and download files if session is read only see BT#9233 10 years ago			`if ((user_is_author($id) \|\| $isDrhOfCourse \|\| (api_is_allowed_to_edit() \|\| api_is_coach())) \|\|`
Adding DRH support in works see #7064 10 years ago			`(`
			`$courseInfo['show_score'] == 0 &&`
			`$work['active'] == 1 &&`
			`$work['accepted'] == 1`
			`)`
			`) {`
Coach and download files if session is read only see BT#9233 10 years ago			`if ((api_is_allowed_to_edit() \|\| api_is_coach()) \|\| api_is_drh()) {`
Fix urls + format code 9 years ago			`$url_dir = api_get_path(WEB_CODE_PATH).'work/work_list_all.php?id='.$my_folder_data['id'].'&'.api_get_cidreq();`
Fixing view icon see BT#6418 11 years ago			`} else {`
Fix urls + format code 9 years ago			`$url_dir = api_get_path(WEB_CODE_PATH).'work/work_list.php?id='.$my_folder_data['id'].'&'.api_get_cidreq();`
Fixing view icon see BT#6418 11 years ago			`}`
Adding DRH support in works see #7064 10 years ago
Fix work UI see BT#6760 9 years ago			`$userInfo = api_get_user_info($work['user_id']);`
Fixing comment file manage see BT#6418 11 years ago			`$interbreadcrumb[] = array('url' => $url_dir, 'name' => $my_folder_data['title']);`
Fix work UI see BT#6760 9 years ago			`$interbreadcrumb[] = array('url' => '#', 'name' => $userInfo['complete_name']);`
Fixing comment file manage see BT#6418 11 years ago			`$interbreadcrumb[] = array('url' => '#','name' => $work['title']);`
Fix work UI see BT#6760 9 years ago
Coach and download files if session is read only see BT#9233 10 years ago			`if (($courseInfo['show_score'] == 0 &&`
			`$work['active'] == 1 &&`
			`$work['accepted'] == 1`
			`) \|\|`
			`(api_is_allowed_to_edit() \|\| api_is_coach()) \|\|`
			`user_is_author($id) \|\|`
			`$isDrhOfCourse`
Adding comments per work, configuration $_configuration['work_user_comments'] has to be set as well as the new tables see chash. Otherwise any change will appear in the work tool. 11 years ago			`) {`
Adding attachement in work comments see BT#6418 11 years ago			`$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : null;`
Save comment in edit page see #7769 10 years ago			`$page = isset($_REQUEST['page']) ? $_REQUEST['page'] : null;`

			`if ($page == 'edit') {`
			`$url = api_get_path(WEB_CODE_PATH).'work/edit.php?id='.$my_folder_data['id'].'&item_id='.$work['id'].'&'.api_get_cidreq();`
			`} else {`
			`$url = api_get_path(WEB_CODE_PATH).'work/view.php?id='.$work['id'].'&'.api_get_cidreq();`
			`}`

Adding DRH support in works see #7064 10 years ago			`switch ($action) {`
Adding attachement in work comments see BT#6418 11 years ago			`case 'send_comment':`
			`if (isset($_FILES["file"])) {`
			`$_POST['file'] = $_FILES["file"];`
			`}`
Save comment in edit page see #7769 10 years ago
Adding feedback notifications see BT#9017 10 years ago			`addWorkComment(`
			`api_get_course_info(),`
			`api_get_user_id(),`
			`$my_folder_data,`
			`$work,`
			`$_POST`
			`);`
Save comment in edit page see #7769 10 years ago
			`Display::addFlash(Display::return_message(get_lang('CommentCreated')));`

Adding attachement in work comments see BT#6418 11 years ago			`header('Location: '.$url);`
			`exit;`
			`break;`
			`case 'delete_attachment':`
Adding feedback notifications see BT#9017 10 years ago			`deleteCommentFile(`
			`$_REQUEST['comment_id'],`
			`api_get_course_info()`
			`);`
Save comment in edit page see #7769 10 years ago
			`Display::addFlash(Display::return_message(get_lang('DocDeleted')));`
Adding attachement in work comments see BT#6418 11 years ago			`header('Location: '.$url);`
			`exit;`
			`break;`
Adding comments per work, configuration $_configuration['work_user_comments'] has to be set as well as the new tables see chash. Otherwise any change will appear in the work tool. 11 years ago			`}`

			`$comments = getWorkComments($work);`
			`$commentForm = getWorkCommentForm($work);`
Minor - format code. 11 years ago
			`$tpl = new Template();`
Add security::removeXSS see #8094 9 years ago
Minor - format code. 11 years ago			`$tpl->assign('work', $work);`
Adding comments per work, configuration $_configuration['work_user_comments'] has to be set as well as the new tables see chash. Otherwise any change will appear in the work tool. 11 years ago			`$tpl->assign('comments', $comments);`
Fix work UI see BT#6760 9 years ago
			`$actions = '';`
			`if (isset($work['contains_file'])) {`
			`if (isset($work['download_url'])) {`
			`$actions .= Display::url(`
			`Display::return_icon(`
			`'save.png',`
			`get_lang('Download'),`
			`null,`
			`ICON_SIZE_MEDIUM`
			`),`
			`$work['download_url']`
			`);`

			`if (isset($work['url_correction'])) {`
			`$actions .= Display::url(`
			`Display::return_icon(`
Minor - Update icon - refs CT#8174 8 years ago			`'check-circle.png',`
Fix work UI see BT#6760 9 years ago			`get_lang('Correction'),`
			`null,`
			`ICON_SIZE_MEDIUM`
			`),`
			`$work['download_url'].'&correction=1'`
			`);`
			`}`
			`}`
			`}`

			`$tpl->assign('actions', $actions);`
Coach and download files if session is read only see BT#9233 10 years ago			`if (api_is_allowed_to_session_edit()) {`
			`$tpl->assign('form', $commentForm);`
			`}`
Adding attachement in work comments see BT#6418 11 years ago			`$tpl->assign('is_allowed_to_edit', api_is_allowed_to_edit());`
Adding comments per work, configuration $_configuration['work_user_comments'] has to be set as well as the new tables see chash. Otherwise any change will appear in the work tool. 11 years ago
Fixing upload and adding a view icon for students. 11 years ago			`$template = $tpl->get_template('work/view.tpl');`
More fixes in the work tool 13 years ago			`$content = $tpl->fetch($template);`
			`$tpl->assign('content', $content);`
Fixing upload and adding a view icon for students. 11 years ago			`$tpl->display_one_col_template();`
More fixes in the work tool 13 years ago			`} else {`
Adding api_not_allowed 11 years ago			`api_not_allowed(true);`
More fixes in the work tool 13 years ago			`}`
Adding api_not_allowed 11 years ago			`} else {`
			`api_not_allowed(true);`
Fixing upload and adding a view icon for students. 11 years ago			`}`