chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fixing download work file now we check the itemproperty + the student_publication.checked fields

Browse Source
skala
Julio Montoya 14 years ago
parent ecac43afa3
commit 085401c978
4 changed files with 35 additions and 33 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 7
      main/inc/lib/main_api.lib.php
  2. 15
      main/work/download.php
  3. 4
      main/work/downloadfolder.inc.php
  4. 42
      main/work/work.php

7
main/inc/lib/main_api.lib.php
Unescape View File

@ -2902,9 +2902,14 @@ function api_get_track_item_property_history($tool, $ref) {
function api_get_item_property_info($course_id, $tool, $ref, $session_id = 0) {
$course_info = api_get_course_info_by_id($course_id);
if (empty($course_info)) {
return false;
}
$tool = Database::escape_string($tool);
$ref = intval($ref);
$course_id = intval($course_id);
// Definition of tables.
$TABLE_ITEMPROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY);
$course_id = $course_info['real_id'];

15
main/work/download.php
Unescape View File

@ -32,7 +32,9 @@ $doc_url = str_replace('///', '&', $doc_url);
$doc_url = str_replace(' ', '+', $doc_url);
$doc_url = str_replace('/..', '', $doc_url); //echo $doc_url;
if (!isset($_course)) {
$course_info = api_get_course_info();
if (empty($course_info)) {
api_not_allowed(true);
}
@ -40,16 +42,19 @@ $full_file_name = api_get_path(SYS_COURSE_PATH).api_get_course_path().'/'.$do
$tbl_student_publication = Database::get_course_table(TABLE_STUDENT_PUBLICATION);
// launch event
$doc_url = Database::escape_string($doc_url);
event_download($doc_url);
if (!empty($_course['real_id'])) {
$sql = 'SELECT * FROM '.$tbl_student_publication.'WHERE c_id = '.$_course['real_id'].' AND url LIKE BINARY "'.$doc_url.'"';
$doc_url = Database::escape_string($doc_url);
$sql = 'SELECT * FROM '.$tbl_student_publication.' WHERE c_id = '.$_course['real_id'].' AND url LIKE BINARY "'.$doc_url.'"';
$result = Database::query($sql);
if ($result && Database::num_rows($result)) {
$row = Database::fetch_array($result, 'ASSOC');
$course_info = CourseManager::get_course_information(api_get_course_id());
if (($row['user_id'] == api_get_user_id() || api_is_allowed_to_edit()) || (!empty($course_info) && $course_info['show_score'] == 0) ) {
$item_info = api_get_item_property_info(api_get_course_int_id(), 'work', $row['id']);
if (empty($item_info)) {
exit;
}
if ($item_info['visibility'] == 1 && $row['accepted'] == 1 && ($row['user_id'] == api_get_user_id() || api_is_allowed_to_edit())) {
$title = str_replace(' ', '_', $row['title']);
if (Security::check_abs_path($full_file_name, api_get_path(SYS_COURSE_PATH).api_get_course_path().'/')) {
DocumentManager::file_send_for_download($full_file_name, true, $title);

4
main/work/downloadfolder.inc.php
Unescape View File

@ -67,8 +67,8 @@ if (api_is_allowed_to_edit()) {
$querypath = Database::escape_string($querypath);
$sql = "SELECT url, title FROM $tbl_student_publication AS work, $prop_table AS props
WHERE props.c_id = $course_id AND work.c_id = $course_id AND props.tool='work' AND work.id=props.ref AND work.url LIKE 'work".$querypath."/%' AND work.filetype='file' AND
props.visibility = '1' AND props.lastedit_user_id='".api_get_user_id()."' ";
WHERE props.c_id = $course_id AND work.c_id = $course_id AND props.tool='work' AND work.accepted = 1 AND work.id=props.ref AND work.url LIKE 'work".$querypath."/%' AND work.filetype='file' AND
props.visibility = '1' AND props.insert_user_id='".api_get_user_id()."' ";
$query = Database::query($sql);
//add tem to the zip file
while ($not_deleted_file = Database::fetch_assoc($query)) {

42
main/work/work.php
Unescape View File

@ -64,6 +64,8 @@ require_once api_get_path(LIBRARY_PATH).'fileDisplay.lib.php';
$course_id = api_get_course_int_id();
$course_info = api_get_course_info();
$user_id = api_get_user_id();
// Section (for the tabs)
@ -409,16 +411,8 @@ switch ($action) {
$text_document->freeze();
} elseif ($item_id && ($is_allowed_to_edit or $is_author)) {
$workUrl = $currentCourseRepositoryWeb . $workUrl;
//$form->addElement('hidden', 'id', $edit);
$html = '<div class="row">
<div class="label">' . get_lang("Document") . '
</div>
<div class="formw">
<a href="' . $workUrl . '">' . get_lang("ClickHereToDownloadTheFile") . '</a>
</div>
</div>';
$form->addElement('html', $html);
$form->addElement('html', $html);
} else {
// else standard upload option
$form->addElement('file', 'file', get_lang('UploadADocument'), 'size="40" onchange="updateDocumentTitle(this.value)"');
@ -428,7 +422,7 @@ switch ($action) {
if (empty($item_id)) {
$form->addElement('checkbox', 'contains_file', null, get_lang('ContainsAfile'), array('id'=>'contains_file_id'));
}
$form->addElement('text', 'title', get_lang('TitleWork'), 'id="file_upload" style="width: 350px;"');
$form->addElement('text', 'title', get_lang('Title'), 'id="file_upload" style="width: 350px;"');
$form->addElement('textarea', 'description', get_lang("Description"), 'style="width: 350px; height: 60px;"');
if ($item_id && !empty($work_item)) {
@ -680,8 +674,7 @@ switch ($action) {
$end_date = '';
if (isset($_POST['add_to_calendar']) && $_POST['add_to_calendar'] == 1) {
require_once api_get_path(SYS_CODE_PATH).'calendar/agenda.inc.php';
require_once api_get_path(SYS_CODE_PATH).'resourcelinker/resourcelinker.inc.php';
$course = isset($course_info) ? $course_info : null;
require_once api_get_path(SYS_CODE_PATH).'resourcelinker/resourcelinker.inc.php';
// Setting today date
$date = $end_date = $time;
@ -694,12 +687,12 @@ switch ($action) {
$description = isset($_POST['description']) ? $_POST['description'] : '';
$content = '<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;curdirpath='.api_substr($dir_name_sql, 1).'" >'.$_POST['new_dir'].'</a>'.$description;
$agenda_id = agenda_add_item($course, $title, $content, $date, $end_date, array('GROUP:'.$toolgroup), 0);
$agenda_id = agenda_add_item($course_info, $title, $content, $date, $end_date, array('GROUP:'.$toolgroup), 0);
}
}
//Folder created
api_item_property_update($_course, 'work', $id, 'DirectoryCreated', $user_id);
api_item_property_update($course_info, 'work', $id, 'DirectoryCreated', $user_id);
Display :: display_confirmation_message(get_lang('DirectoryCreated'), false);
// insert into student_publication_assignment
@ -1008,14 +1001,12 @@ switch ($action) {
case 'move':
case 'move_to':
case 'list':
if ($action == 'mark_work') {
}
/* Move file command */
if ($action == 'move_to') {
if ($action == 'move_to') {
$move_to_path = get_work_path($_REQUEST['move_to_id']);
@ -1052,7 +1043,7 @@ switch ($action) {
$session_id = api_get_session_id();
$session_id == 0 ? $withsession = " AND session_id = 0 " : $withsession = " AND session_id='".$session_id."'";
$sql = "SELECT id, url FROM $work_table WHERE url LIKE '/%' AND post_group_id = '".(empty($_SESSION['toolgroup'])?0:intval($_SESSION['toolgroup']))."'".$withsession;
$sql = "SELECT id, url FROM $work_table WHERE url LIKE '/%' AND post_group_id = '".(empty($_SESSION['toolgroup'])?0:intval($_SESSION['toolgroup']))."'".$withsession;
$res = Database::query($sql);
while($folder = Database::fetch_array($res)) {
$folders[$folder['id']] = substr($folder['url'], 1, strlen($folder['url']) - 1);
@ -1077,9 +1068,9 @@ switch ($action) {
Database::query($sql);
Display::display_confirmation_message(get_lang('AllFilesVisible'));*/
} else {
$sql = "UPDATE " . $work_table . " SET accepted = 1
WHERE c_id = $course_id AND id = '" . $item_id . "'";
Database::query($sql);
$sql = "UPDATE " . $work_table . " SET accepted = 1 WHERE c_id = $course_id AND id = '" . $item_id . "'";
Database::query($sql);
api_item_property_update($course_info, 'work', $item_id, 'visible', api_get_user_id());
Display::display_confirmation_message(get_lang('FileVisible'));
}
}
@ -1104,6 +1095,7 @@ switch ($action) {
$sql = "UPDATE " . $work_table . " SET accepted = 0
WHERE c_id = $course_id AND id = '" . $item_id . "'";
Database::query($sql);
api_item_property_update($course_info, 'work', $item_id, 'invisible', api_get_user_id());
Display::display_confirmation_message(get_lang('FileInvisible'));
}
}
@ -1129,16 +1121,16 @@ switch ($action) {
}
$delete_2 = intval($_REQUEST['delete2']);
// gets calendar_id from student_publication_assigment
$sql = "SELECT add_to_calendar FROM $TSTDPUBASG WHERE publication_id ='$delete_2'";
$sql = "SELECT add_to_calendar FROM $TSTDPUBASG WHERE c_id = $course_id AND publication_id ='$delete_2'";
$res = Database::query($sql);
$calendar_id = Database::fetch_row($res);
// delete from agenda if it exists
if (!empty($calendar_id[0])) {
$t_agenda = Database::get_course_table(TABLE_AGENDA);
$sql = "DELETE FROM $t_agenda WHERE id ='".$calendar_id[0]."'";
$sql = "DELETE FROM $t_agenda WHERE c_id = $course_id AND id ='".$calendar_id[0]."'";
Database::query($sql);
}
$sql2 = "DELETE FROM $TSTDPUBASG WHERE publication_id ='$delete_2'";
$sql2 = "DELETE FROM $TSTDPUBASG WHERE c_id = $course_id AND publication_id ='$delete_2'";
$result2 = Database::query($sql2);
$link_id = is_resource_in_course_gradebook(api_get_course_id(), 3 , $delete_2, api_get_session_id());

Write Preview
Loading…
Cancel
Save