diff --git a/main/forum/forumfunction.inc.php b/main/forum/forumfunction.inc.php index 416eaff400..0e3cc2fe33 100644 --- a/main/forum/forumfunction.inc.php +++ b/main/forum/forumfunction.inc.php @@ -1586,17 +1586,16 @@ function get_thread_information($thread_id) { * @todo this function need to be improved * @version octubre 2008, dokeos 1.8 */ -function get_thread_users_details($thread_id, $course_id = null) { +function get_thread_users_details($thread_id) { $t_posts = Database :: get_course_table(TABLE_FORUM_POST); $t_users = Database :: get_main_table(TABLE_MAIN_USER); $t_course_user = Database :: get_main_table(TABLE_MAIN_COURSE_USER); $t_session_rel_user = Database :: get_main_table(TABLE_MAIN_SESSION_COURSE_USER); - if (empty($course_id)) { - $course_id = api_get_course_int_id(); - } else { - $course_id = intval($course_id); - } + $course_code = api_get_course_id(); + $course_code = Database::escape_string($course_code); + + $course_id = api_get_course_int_id(); $is_western_name_order = api_is_western_name_order(); if ($is_western_name_order) { @@ -1611,13 +1610,14 @@ function get_thread_users_details($thread_id, $course_id = null) { //not showing coaches $sql = "SELECT DISTINCT user.user_id, user.lastname, user.firstname, thread_id FROM $t_posts , $t_users user, $t_session_rel_user session_rel_user_rel_course - WHERE poster_id = user.user_id - AND user.user_id = session_rel_user_rel_course.id_user - AND session_rel_user_rel_course.status<>'2' - AND session_rel_user_rel_course.id_user NOT IN ($user_to_avoid) - AND thread_id = '".Database::escape_string($thread_id)."' - AND id_session = '".api_get_session_id()."' - AND course_code = '".$course_id."' $orderby "; + WHERE poster_id = user.user_id AND + user.user_id = session_rel_user_rel_course.id_user AND + session_rel_user_rel_course.status<>'2' AND + session_rel_user_rel_course.id_user NOT IN ($user_to_avoid) AND + thread_id = '".Database::escape_string($thread_id)."' AND + id_session = '".api_get_session_id()."' AND + c_id = $course_id AND + course_code = '".$course_code."' $orderby "; } else { $sql = "SELECT DISTINCT user.user_id, user.lastname, user.firstname, thread_id @@ -1626,8 +1626,9 @@ function get_thread_users_details($thread_id, $course_id = null) { AND user.user_id = course_user.user_id AND course_user.relation_type<>".COURSE_RELATION_TYPE_RRHH." AND thread_id = '".Database::escape_string($thread_id)."' - AND course_user.status NOT IN('1') - AND course_code = '".$course_id."' $orderby"; + AND course_user.status NOT IN('1') AND + c_id = $course_id AND + course_code = '".$course_code."' $orderby"; } $result = Database::query($sql); return $result; @@ -1642,19 +1643,17 @@ function get_thread_users_details($thread_id, $course_id = null) { * @todo this function need to be improved * @version octubre 2008, dokeos 1.8 */ -function get_thread_users_qualify($thread_id, $course_id = null) { - $t_posts = Database :: get_course_table(TABLE_FORUM_POST); - $t_qualify = Database :: get_course_table(TABLE_FORUM_THREAD_QUALIFY); - $t_users = Database :: get_main_table(TABLE_MAIN_USER); - $t_course_user = Database :: get_main_table(TABLE_MAIN_COURSE_USER); - $t_session_rel_user = Database :: get_main_table(TABLE_MAIN_SESSION_COURSE_USER); +function get_thread_users_qualify($thread_id) { + $t_posts = Database :: get_course_table(TABLE_FORUM_POST); + $t_qualify = Database :: get_course_table(TABLE_FORUM_THREAD_QUALIFY); + $t_users = Database :: get_main_table(TABLE_MAIN_USER); + $t_course_user = Database :: get_main_table(TABLE_MAIN_COURSE_USER); + $t_session_rel_user = Database :: get_main_table(TABLE_MAIN_SESSION_COURSE_USER); + + $course_id = api_get_course_int_id(); + $course_code = api_get_course_id(); + $course_code = Database::escape_string($course_code); - if (empty($course_id)) { - $course_id = api_get_course_int_id(); - } else { - $course_id = intval($course_id); - } - $is_western_name_order = api_is_western_name_order(); if ($is_western_name_order) { $orderby = 'ORDER BY user.firstname, user.lastname '; @@ -1676,7 +1675,9 @@ function get_thread_users_qualify($thread_id, $course_id = null) { AND qualify.thread_id = '".Database::escape_string($thread_id)." AND thread_id = '".Database::escape_string($thread_id)."' AND id_session = '".api_get_session_id()."' - AND course_code = '".$course_id."' + AND course_code = '".$course_code."' AND + qualify.c_id = $course_id AND + post.c_id = $course_id $orderby "; } else { $sql = "SELECT DISTINCT post.poster_id, user.lastname, user.firstname, post.thread_id,user.user_id,qualify.qualify @@ -1692,7 +1693,9 @@ function get_thread_users_qualify($thread_id, $course_id = null) { AND qualify.thread_id = '".Database::escape_string($thread_id)."' AND post.thread_id = '".Database::escape_string($thread_id)."' AND course_user.status not in('1') - AND course_code = '".$course_id."' + AND course_code = '".$course_code."' AND + qualify.c_id = $course_id AND + post.c_id = $course_id $orderby "; } $result = Database::query($sql); @@ -1708,7 +1711,7 @@ function get_thread_users_qualify($thread_id, $course_id = null) { * @todo i'm a horrible function fix me * @version octubre 2008, dokeos 1.8 */ -function get_thread_users_not_qualify($thread_id, $course_id = null) { +function get_thread_users_not_qualify($thread_id) { $t_posts = Database :: get_course_table(TABLE_FORUM_POST); $t_qualify = Database :: get_course_table(TABLE_FORUM_THREAD_QUALIFY); $t_users = Database :: get_main_table(TABLE_MAIN_USER); @@ -1722,13 +1725,10 @@ function get_thread_users_not_qualify($thread_id, $course_id = null) { $orderby = 'ORDER BY user.lastname, user.firstname'; } - if (empty($course_id)) { - $course_id = api_get_course_int_id(); - } else { - $course_id = intval($course_id); - } + $course_id = api_get_course_int_id(); + $course_code = api_get_course_id(); - $sql1 = "select user_id FROM $t_qualify WHERE thread_id = '".$thread_id."'"; + $sql1 = "select user_id FROM $t_qualify WHERE c_id = $course_id AND thread_id = '".$thread_id."'"; $result1 = Database::query($sql1); $cad = ''; while ($row = Database::fetch_array($result1)) { @@ -1753,7 +1753,7 @@ function get_thread_users_not_qualify($thread_id, $course_id = null) { AND session_rel_user_rel_course.id_user NOT IN ($user_to_avoid) AND post.thread_id = '".Database::escape_string($thread_id)."' AND id_session = '".api_get_session_id()."' - AND course_code = '".$course_id."' $orderby "; + AND course_code = '".$course_code."' AND post.c_id = $course_id $orderby "; } else { $sql = "SELECT DISTINCT user.user_id, user.lastname, user.firstname, post.thread_id FROM $t_posts post, $t_users user,$t_course_user course_user @@ -1763,7 +1763,7 @@ function get_thread_users_not_qualify($thread_id, $course_id = null) { AND course_user.relation_type<>".COURSE_RELATION_TYPE_RRHH." AND post.thread_id = '".Database::escape_string($thread_id)."' AND course_user.status not in('1') - AND course_code = '".$course_id."' $orderby"; + AND course_code = '".$course_code."' AND post.c_id = $course_id $orderby"; } $result = Database::query($sql); return $result; diff --git a/main/forum/viewforum.php b/main/forum/viewforum.php index bf073758e9..43b665d1d3 100644 --- a/main/forum/viewforum.php +++ b/main/forum/viewforum.php @@ -35,9 +35,6 @@ api_protect_course_script(true); // The section (tabs). $this_section = SECTION_COURSES; -// Including additional library scripts. -require_once api_get_path(LIBRARY_PATH).'groupmanager.lib.php'; - $nameTools = get_lang('ToolForum'); // Are we in a lp ? @@ -68,6 +65,7 @@ if (empty($current_forum)) { $current_forum_category = get_forumcategory_information($current_forum['forum_category']); +$is_group_tutor = false; if (!empty($group_id)) { //Group info & group category info @@ -75,6 +73,8 @@ if (!empty($group_id)) { //User has access in the group? $user_has_access_in_group = GroupManager::user_has_access($userid, $group_id, GROUP_TOOL_FORUM); + + $is_group_tutor = GroupManager::is_tutor_of_group(api_get_user_id(), $group_id); //Course if (!api_is_allowed_to_edit(false, true) AND //is a student @@ -166,36 +166,39 @@ if ($my_action == 'notify' AND isset($_GET['content']) AND isset($_GET['id']) && // Student list -if ($my_action == 'liststd' AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(null, true)) { - - switch($_GET['list']) { +if ($my_action == 'liststd' AND isset($_GET['content']) AND isset($_GET['id']) AND (api_is_allowed_to_edit(null, true) || $is_group_tutor)) { + $active = null; + switch ($_GET['list']) { case 'qualify': - $student_list = get_thread_users_qualify($_GET['id'], api_get_course_int_id()); + $student_list = get_thread_users_qualify($_GET['id']); $nrorow3 = -2; + $active = 2; break; case 'notqualify': - $student_list = get_thread_users_not_qualify($_GET['id'], api_get_course_int_id()); + $student_list = get_thread_users_not_qualify($_GET['id']); $nrorow3 = -2; + $active = 3; break; default: - $student_list = get_thread_users_details($_GET['id'], api_get_course_int_id()); + $student_list = get_thread_users_details($_GET['id']); $nrorow3 = Database::num_rows($student_list); + $active = 1; break; } - $table_list = '


'.get_lang('ThreadUsersList').': '.get_name_thread_by_id($_GET['id']).'

'; + + $table_list = Display::page_subheader(get_lang('ThreadUsersList').': '.get_name_thread_by_id($_GET['id'])); + if ($nrorow3 > 0 || $nrorow3 == -2) { - $url = 'cidReq='.Security::remove_XSS($_GET['cidReq']).'&forum='.Security::remove_XSS($my_forum).'&action='.Security::remove_XSS($_GET['action']).'&content='.Security::remove_XSS($_GET['content'],STUDENT).'&id='.Security::remove_XSS($_GET['id']); - $table_list .= '
-
- - - - - - -
'.get_lang('AllStudents').''.get_lang('StudentsQualified').''.get_lang('StudentsNotQualified').'
-
- '; + $url = 'cidReq='.Security::remove_XSS($_GET['cidReq']).'&forum='.Security::remove_XSS($my_forum).'&action='.Security::remove_XSS($_GET['action']).'&content='.Security::remove_XSS($_GET['content'],STUDENT).'&id='.intval($_GET['id']); + $tabs = array( + array('content' => get_lang('AllStudents'), + 'url' => 'viewforum.php?'.$url.'&origin='.$origin.'&list=all'), + array('content' => get_lang('StudentsQualified'), + 'url' => 'viewforum.php?'.$url.'&origin='.$origin.'&list=qualify'), + array('content' => get_lang('StudentsNotQualified'), + 'url' => 'viewforum.php?'.$url.'&origin='.$origin.'&list=notqualify'), + ); + $table_list .= Display::tabs_only_link($tabs, $active); $icon_qualify = 'blog_new.gif'; $table_list .= '

'; @@ -240,9 +243,9 @@ if ($my_action == 'liststd' AND isset($_GET['content']) AND isset($_GET['id']) A } $table_list .= '
'; - $table_list .= '
'; + $table_list .= '
'; } else { - $table_list .= get_lang('NoParticipation'); + $table_list .= Display::return_message(get_lang('NoParticipation'), 'warning'); } } diff --git a/main/inc/lib/display.lib.php b/main/inc/lib/display.lib.php index 8bc5f4aa30..2e55d45c11 100644 --- a/main/inc/lib/display.lib.php +++ b/main/inc/lib/display.lib.php @@ -788,6 +788,22 @@ class Display { $main_div = self::tag('div',$ul.$divs, $attributes); return $main_div ; } + + public static function tabs_only_link($header_list, $selected = null) { + $id = uniqid(); + $i = 1; + $lis = null; + foreach ($header_list as $item) { + $class = null; + if ($i == $selected) { + $class = 'active'; + } + $item =self::tag('a', $item['content'], array('id'=>$id.'-'.$i, 'href' => $item['url'])); + $lis .=self::tag('li', $item, array('class' => $class)); + $i++; + } + return self::tag('ul',$lis, array('class' => 'nav nav-tabs')); + } /** * In order to display a grid using jqgrid you have to: diff --git a/tests/main/forum/forumfunction.inc.test.php b/tests/main/forum/forumfunction.inc.test.php index 55bcaddf98..3a5fc951d6 100755 --- a/tests/main/forum/forumfunction.inc.test.php +++ b/tests/main/forum/forumfunction.inc.test.php @@ -699,7 +699,7 @@ class TestForumFunction extends UnitTestCase { public function testget_thread_users_details() { $thread_id = 1; - $res = get_thread_users_details($thread_id, $db_name = null); + $res = get_thread_users_details($thread_id); if(!is_null($res)){ $this->assertTrue(is_resource($res)); } else {