chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Update index.php

Browse Source
pull/2487/head
Enrique Alcaraz 8 years ago committed by GitHub
parent f48b513d42
commit 042b2278fd
1 changed files with 146 additions and 51 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 197
      index.php

197
index.php
Unescape View File

@ -1,56 +1,151 @@
<?php
/* For licensing terms, see /license.txt */
use ChamiloSession as Session;
/**
* Config the plugin
* @author Enrique Alcaraz Lopez
* @package chamilo.plugin.redirection
* @package chamilo.main
*/
require_once __DIR__.'/config.php';
$redirecciones = PluginRedirection::get();
if (isset($_REQUEST["id"])) {
PluginRedirection::delete($_REQUEST["id"]);
header("Location: index.php");
exit();
} elseif (isset($_POST["submit_button"])) {
PluginRedirection::insert($_POST["user_id"], $_POST["url"]);
header("Location: index.php");
exit();
}
?>
<form action="./index.php" method="post">
<div class="table-responsive well">
<table class="table table-condensed">
<thead>
<td><input type="text" class="form-control" placeholder="User_id" name="user_id" /></td>
<td><input type="text" class="form-control" placeholder="url" name="url" /></td>
<td><input type='submit' value='Agregar' name="submit_button" class='btn btn-primary' /></td>
</thead>
</table>
</div>
</form>
<div class="table-responsive">
<table class="table table-bordered table-condensed">
<tr>
<th>Usuario</th>
<th>Url</th>
<th></th>
</tr>
<?php
foreach ($redirecciones as $redi) {
echo '<tr>';
echo '<td>' . $redi["user_id"] . '</td>';
echo '<td>' . $redi["url"] . '</td>';
echo '<td><a href="index.php?id=' . $redi["id"] . '">Borrar</a></td>';
echo '</tr>';
define('CHAMILO_HOMEPAGE', true);
define('CHAMILO_LOAD_WYSIWYG', false);
/* Flag forcing the 'current course' reset, as we're not inside a course anymore. */
// Maybe we should change this into an api function? an example: CourseManager::unset();
$cidReset = true;
require_once 'main/inc/global.inc.php';
//require_once 'main/auth/external_login/facebook.inc.php';
// The section (for the tabs).
$this_section = SECTION_CAMPUS;
$header_title = null;
if (!api_is_anonymous()) {
$header_title = ' ';
}
$controller = new IndexManager($header_title);
//Actions
$loginFailed = isset($_GET['loginFailed']) ? true : isset($loginFailed);
if (!empty($_GET['logout'])) {
$redirect = !empty($_GET['no_redirect']) ? false : true;
// pass $logoutInfo defined in local.inc.php
$controller->logout($redirect, $logoutInfo);
}
/**
* Registers in the track_e_default table (view in important activities in admin
* interface) a possible attempted break in, sending auth data through get.
* @todo This piece of code should probably move to local.inc.php where the
* actual login / logout procedure is handled.
* The real use of this code block should be seriously considered as well.
* This form should just use a security token and get done with it.
*/
if (isset($_GET['submitAuth']) && $_GET['submitAuth'] == 1) {
$i = api_get_anonymous_id();
Event::addEvent(
LOG_ATTEMPTED_FORCED_LOGIN,
'tried_hacking_get',
$_SERVER['REMOTE_ADDR'].(empty($_POST['login']) ? '' : '/'.$_POST['login']),
null,
$i
);
echo 'Attempted breakin - sysadmins notified.';
session_destroy();
die();
}
// Delete session item necessary to check for legal terms
if (api_get_setting('allow_terms_conditions') === 'true') {
Session::erase('term_and_condition');
}
//If we are not logged in and customapages activated
if (!api_get_user_id() && CustomPages::enabled()) {
if (Request::get('loggedout')) {
CustomPages::display(CustomPages::LOGGED_OUT);
} else {
CustomPages::display(CustomPages::INDEX_UNLOGGED);
}
}
/**
* @todo This piece of code should probably move to local.inc.php where the
* actual login procedure is handled.
* @todo Check if this code is used. I think this code is never executed because
* after clicking the submit button the code does the stuff
* in local.inc.php and then redirects to index.php or user_portal.php depending
* on api_get_setting('page_after_login').
*/
if (!empty($_POST['submitAuth'])) {
// The user has been already authenticated, we are now to find the last login of the user.
if (isset($_user['user_id'])) {
$track_login_table = Database::get_main_table(TABLE_STATISTIC_TRACK_E_LOGIN);
$sql = "SELECT UNIX_TIMESTAMP(login_date)
FROM $track_login_table
WHERE login_user_id = '".$_user['user_id']."'
ORDER BY login_date DESC LIMIT 1";
$result_last_login = Database::query($sql);
if (!$result_last_login) {
if (Database::num_rows($result_last_login) > 0) {
$user_last_login_datetime = Database::fetch_array($result_last_login);
$user_last_login_datetime = $user_last_login_datetime[0];
Session::write('user_last_login_datetime', $user_last_login_datetime);
}
}
?>
</table>
</div>
}
} else {
// Only if login form was not sent because if the form is sent the user was already on the page.
Event::event_open();
}
if (api_get_setting('display_categories_on_homepage') === 'true') {
$controller->tpl->assign('course_category_block', $controller->return_courses_in_categories());
}
$controller->set_login_form();
//@todo move this inside the IndexManager
if (!api_is_anonymous()) {
$controller->tpl->assign('profile_block', $controller->return_profile_block());
$controller->tpl->assign('user_image_block', $controller->return_user_image_block());
if (api_is_platform_admin()) {
$controller->tpl->assign('course_block', $controller->return_course_block());
} else {
$controller->tpl->assign('teacher_block', $controller->return_teacher_link());
}
}
$hot_courses = '';
$announcements_block = '';
// Display the Site Use Cookie Warning Validation
$useCookieValidation = api_get_setting('cookie_warning');
if ($useCookieValidation === 'true') {
if (isset($_POST['acceptCookies'])) {
api_set_site_use_cookie_warning_cookie();
} elseif (!api_site_use_cookie_warning_cookie_exist()) {
if (Template::isToolBarDisplayedForUser()) {
$controller->tpl->assign('toolBarDisplayed', true);
} else {
$controller->tpl->assign('toolBarDisplayed', false);
}
$controller->tpl->assign('displayCookieUsageWarning', true);
}
}
// When loading a chamilo page do not include the hot courses and news
if (!isset($_REQUEST['include'])) {
if (api_get_setting('show_hot_courses') == 'true') {
$hot_courses = $controller->return_hot_courses();
}
$announcements_block = $controller->return_announcements();
}
$controller->tpl->assign('hot_courses', $hot_courses);
$controller->tpl->assign('announcements_block', $announcements_block);
$controller->tpl->assign('home_page_block', $controller->return_home_page());
$controller->tpl->assign('navigation_course_links', $controller->return_navigation_links());
$controller->tpl->assign('notice_block', $controller->return_notice());
//$controller->tpl->assign('main_navigation_block', $controller->return_navigation_links());
$controller->tpl->assign('help_block', $controller->return_help());
if (api_is_platform_admin() || api_is_drh()) {
$controller->tpl->assign('skills_block', $controller->returnSkillLinks());
}
if (api_is_anonymous()) {
$controller->tpl->setLoginBodyClass();
}
// direct login to course
if (isset($_GET['firstpage'])) {
api_set_firstpage_parameter($_GET['firstpage']);
// if we are already logged, go directly to course
if (api_user_is_login()) {
echo "<script>self.location.href='index.php?firstpage=".Security::remove_XSS($_GET['firstpage'])."'</script>";
}
} else {
api_delete_firstpage_parameter();
}
$controller->setGradeBookDependencyBar(api_get_user_id());
$controller->tpl->display_two_col_template();

Write Preview
Loading…
Cancel
Save