chamilo-lms/main/admin/access_url_check_user_sessi...

<?php
/* For licensing terms, see /license.txt */
/**
 * @author Bart Mollet, Julio Montoya lot of fixes
 *
 * @package chamilo.admin
 */
$cidReset = true;
require_once __DIR__.'/../inc/global.inc.php';

// setting the section (for the tabs)
$this_section = SECTION_PLATFORM_ADMIN;

api_protect_admin_script(true);

$tool_name = get_lang('SessionOverview');
$interbreadcrumb[] = ['url' => 'index.php', 'name' => get_lang('PlatformAdmin')];
$interbreadcrumb[] = ['url' => 'session_list.php', 'name' => get_lang('SessionList')];

// Database Table Definitions
$tbl_user = Database::get_main_table(TABLE_MAIN_USER);
$tbl_session_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_USER);
$table_access_url_user = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$url_id = api_get_current_access_url_id();

$action = $_GET['action'];

switch ($action) {
    case 'add_user_to_url':
        $user_id = $_REQUEST['user_id'];
        $result = UrlManager::add_user_to_url($user_id, $url_id);
        $user_info = api_get_user_info($user_id);
        if ($result) {
            $message = Display::return_message(
                get_lang('UserAdded').' '.api_get_person_name(
                    $user_info['firstname'],
                    $user_info['lastname']
                ),
                'confirm'
            );
        }
        break;
}

Display::display_header($tool_name);

if (!empty($message)) {
    echo $message;
}

$multiple_url_is_on = api_get_multiple_access_url();
$order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname' : ' ORDER BY lastname, firstname';
$session_list = SessionManager::get_sessions_list();

$html = '';
$show_users_with_problems = isset($_REQUEST['show_users_with_problems']) && $_REQUEST['show_users_with_problems'] == 1 ? true : false;
if ($show_users_with_problems) {
    $html .= '<a href="'.api_get_self().'?show_users_with_problems=0">'.get_lang('ShowAllUsers').'</a>';
} else {
    $html .= '<a href="'.api_get_self().'?show_users_with_problems=1">'.get_lang('ShowUsersNotAddedInTheURL').'</a>';
}

foreach ($session_list as $session_item) {
    $session_id = $session_item['id'];
    $html .= '<h3>'.$session_item['name'].'</h3>';
    $access_where = "(access_url_id = $url_id OR access_url_id is null )";
    if ($show_users_with_problems) {
        $access_where = "(access_url_id is null)";
    }

    $sql = "SELECT u.user_id, lastname, firstname, username, access_url_id
            FROM $tbl_user u
            INNER JOIN $tbl_session_rel_user su
            ON u.user_id = su.user_id AND su.relation_type<>".SESSION_RELATION_TYPE_RRHH."
            LEFT OUTER JOIN $table_access_url_user uu
            ON (uu.user_id = u.user_id)
            WHERE su.session_id = $session_id AND $access_where
            $order_clause";

    $result = Database::query($sql);
    $users = Database::store_result($result);

    if (!empty($users)) {
        $html .= '<table class="data_table"><tr><th>'.get_lang('User').'<th>'.get_lang('Actions').'</th></tr>';

        foreach ($users as $user) {
            $user_link = '';
            if (!empty($user['user_id'])) {
                $user_link = '<a href="'.api_get_path(WEB_CODE_PATH).'admin/user_information.php?user_id='.intval($user['user_id']).'">'.Security::remove_XSS(api_get_person_name($user['firstname'], $user['lastname'])).' ('.$user['username'].')</a>';
            }

            $link_to_add_user_in_url = '';
            if ($multiple_url_is_on) {
                if ($user['access_url_id'] != $url_id) {
                    $user_link .= ' '.Display::return_icon('warning.png', get_lang('UserNotAddedInURL'), [], ICON_SIZE_MEDIUM);
                    $add = Display::return_icon('add.png', get_lang('AddUsersToURL'), [], ICON_SIZE_MEDIUM);
                    $link_to_add_user_in_url = '<a href="'.api_get_self().'?'.Security::remove_XSS($_SERVER['QUERY_STRING']).'&action=add_user_to_url&id_session='.$id_session.'&user_id='.$user['user_id'].'">'.$add.'</a>';
                }
            }
            $html .= '<tr>
                    <td>
                        <b>'.$user_link.'</b>
                    </td>
                    <td>
                        '.$link_to_add_user_in_url.'
                    </td>
                    </tr>';
        }
        $html .= '</table>';
    }
}
echo $html;
// footer
Display :: display_footer();
Checking if user is added in the URL via a session see BT#3685 14 years ago			`<?php`
			`/* For licensing terms, see /license.txt */`
			`/**`
Minor - Format code 9 years ago			`* @author Bart Mollet, Julio Montoya lot of fixes`
Applied fixes from FlintCI 8 years ago			`*`
Minor - Format code 9 years ago			`* @package chamilo.admin`
			`*/`
Checking if user is added in the URL via a session see BT#3685 14 years ago			`$cidReset = true;`
Use __DIR__ when calling global.inc.php This is needed for an easy migration to chamilo v2 9 years ago			`require_once __DIR__.'/../inc/global.inc.php';`
Checking if user is added in the URL via a session see BT#3685 14 years ago
			`// setting the section (for the tabs)`
			`$this_section = SECTION_PLATFORM_ADMIN;`

			`api_protect_admin_script(true);`

			`$tool_name = get_lang('SessionOverview');`
Applied fixes from FlintCI 8 years ago			`$interbreadcrumb[] = ['url' => 'index.php', 'name' => get_lang('PlatformAdmin')];`
			`$interbreadcrumb[] = ['url' => 'session_list.php', 'name' => get_lang('SessionList')];`
Checking if user is added in the URL via a session see BT#3685 14 years ago
			`// Database Table Definitions`
Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 9 years ago			`$tbl_user = Database::get_main_table(TABLE_MAIN_USER);`
			`$tbl_session_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_USER);`
Minor - Format code 9 years ago			`$table_access_url_user = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);`
			`$url_id = api_get_current_access_url_id();`
Checking if user is added in the URL via a session see BT#3685 14 years ago
			`$action = $_GET['action'];`

Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 9 years ago			`switch ($action) {`
Format code, fixing PHP warnings, removing old comments. 11 years ago			`case 'add_user_to_url':`
Checking if user is added in the URL via a session see BT#3685 14 years ago			`$user_id = $_REQUEST['user_id'];`
Some fixes in order to add the correct URL see BT#3685 14 years ago			`$result = UrlManager::add_user_to_url($user_id, $url_id);`
Checking if user is added in the URL via a session see BT#3685 14 years ago			`$user_info = api_get_user_info($user_id);`
			`if ($result) {`
Minor - Format code 9 years ago			`$message = Display::return_message(`
			`get_lang('UserAdded').' '.api_get_person_name(`
			`$user_info['firstname'],`
			`$user_info['lastname']`
			`),`
			`'confirm'`
			`);`
Checking if user is added in the URL via a session see BT#3685 14 years ago			`}`
Format code, fixing PHP warnings, removing old comments. 11 years ago			`break;`
Checking if user is added in the URL via a session see BT#3685 14 years ago			`}`

			`Display::display_header($tool_name);`

			`if (!empty($message)) {`
			`echo $message;`
			`}`

			`$multiple_url_is_on = api_get_multiple_access_url();`
			`$order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname' : ' ORDER BY lastname, firstname';`
			`$session_list = SessionManager::get_sessions_list();`
Some fixes in order to add the correct URL see BT#3685 14 years ago
Checking if user is added in the URL via a session see BT#3685 14 years ago			`$html = '';`
			`$show_users_with_problems = isset($_REQUEST['show_users_with_problems']) && $_REQUEST['show_users_with_problems'] == 1 ? true : false;`
			`if ($show_users_with_problems) {`
			`$html .= '<a href="'.api_get_self().'?show_users_with_problems=0">'.get_lang('ShowAllUsers').'</a>';`
			`} else {`
			`$html .= '<a href="'.api_get_self().'?show_users_with_problems=1">'.get_lang('ShowUsersNotAddedInTheURL').'</a>';`
			`}`

Minor - Format code 9 years ago			`foreach ($session_list as $session_item) {`
Checking if user is added in the URL via a session see BT#3685 14 years ago			`$session_id = $session_item['id'];`
			`$html .= '<h3>'.$session_item['name'].'</h3>';`
			`$access_where = "(access_url_id = $url_id OR access_url_id is null )";`
			`if ($show_users_with_problems) {`
			`$access_where = "(access_url_id is null)";`
			`}`

			`$sql = "SELECT u.user_id, lastname, firstname, username, access_url_id`
			`FROM $tbl_user u`
			`INNER JOIN $tbl_session_rel_user su`
Replace id_user with user_id and id_session with session_id (Partial) 11 years ago			`ON u.user_id = su.user_id AND su.relation_type<>".SESSION_RELATION_TYPE_RRHH."`
			`LEFT OUTER JOIN $table_access_url_user uu`
			`ON (uu.user_id = u.user_id)`
Replace id_session with session_id. 11 years ago			`WHERE su.session_id = $session_id AND $access_where`
Checking if user is added in the URL via a session see BT#3685 14 years ago			`$order_clause";`

			`$result = Database::query($sql);`
Applied fixes from FlintCI 8 years ago			`$users = Database::store_result($result);`
Format code, fixing PHP warnings, removing old comments. 11 years ago
Checking if user is added in the URL via a session see BT#3685 14 years ago			`if (!empty($users)) {`
Format code, fixing PHP warnings, removing old comments. 11 years ago			`$html .= '<table class="data_table"><tr><th>'.get_lang('User').'<th>'.get_lang('Actions').'</th></tr>';`

Checking if user is added in the URL via a session see BT#3685 14 years ago			`foreach ($users as $user) {`
			`$user_link = '';`
			`if (!empty($user['user_id'])) {`
Format code, fixing PHP warnings, removing old comments. 11 years ago			`$user_link = '<a href="'.api_get_path(WEB_CODE_PATH).'admin/user_information.php?user_id='.intval($user['user_id']).'">'.Security::remove_XSS(api_get_person_name($user['firstname'], $user['lastname'])).' ('.$user['username'].')</a>';`
Checking if user is added in the URL via a session see BT#3685 14 years ago			`}`

			`$link_to_add_user_in_url = '';`
			`if ($multiple_url_is_on) {`
Format code, fixing PHP warnings, removing old comments. 11 years ago			`if ($user['access_url_id'] != $url_id) {`
Applied fixes from FlintCI 8 years ago			`$user_link .= ' '.Display::return_icon('warning.png', get_lang('UserNotAddedInURL'), [], ICON_SIZE_MEDIUM);`
			`$add = Display::return_icon('add.png', get_lang('AddUsersToURL'), [], ICON_SIZE_MEDIUM);`
Checking if user is added in the URL via a session see BT#3685 14 years ago			`$link_to_add_user_in_url = '<a href="'.api_get_self().'?'.Security::remove_XSS($_SERVER['QUERY_STRING']).'&action=add_user_to_url&id_session='.$id_session.'&user_id='.$user['user_id'].'">'.$add.'</a>';`
Format code, fixing PHP warnings, removing old comments. 11 years ago			`}`
Checking if user is added in the URL via a session see BT#3685 14 years ago			`}`
			`$html .= '<tr>`
			`<td>`
			`<b>'.$user_link.'</b>`
			`</td>`
			`<td>`
			`'.$link_to_add_user_in_url.'`
			`</td>`
			`</tr>';`
			`}`
			`$html .= '</table>';`
			`}`
			`}`
			`echo $html;`
			`// footer`
Minor language variable fix and useless get_lang() removals- refs #4776 13 years ago			`Display :: display_footer();`