From 15378b6c1fbd7df0b055b4b29263f425d6a6e843 Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Wed, 7 Aug 2019 15:57:17 +0200 Subject: [PATCH] Update from 1.11.x --- main/admin/user_list.php | 199 ++++++++---------- main/auth/courses_list.php | 2 +- main/auth/profile.php | 19 +- main/course_info/infocours.php | 27 +-- main/cron/import_csv.php | 8 +- main/document/document.php | 2 + main/document/download_scorm.php | 2 +- main/exercise/exercise.class.php | 10 +- main/exercise/exercise_show.php | 53 ++--- main/exercise/question_list_admin.inc.php | 13 +- main/exercise/stats.php | 2 +- main/forum/forumfunction.inc.php | 166 ++++++++------- main/forum/index.php | 15 +- main/gradebook/gradebook_edit_cat.php | 2 - main/gradebook/index.php | 19 +- main/gradebook/lib/GradebookUtils.php | 49 +++-- main/gradebook/lib/be/abstractlink.class.php | 6 +- main/gradebook/lib/be/category.class.php | 94 ++------- main/gradebook/lib/be/evaluation.class.php | 18 +- .../lib/be/studentpublicationlink.class.php | 4 +- main/gradebook/lib/fe/catform.class.php | 4 + main/gradebook/lib/fe/displaygradebook.php | 8 +- main/gradebook/lib/scoredisplay.class.php | 4 +- main/inc/ajax/document.ajax.php | 3 +- main/inc/ajax/message.ajax.php | 6 +- main/inc/ajax/model.ajax.php | 40 +++- main/inc/ajax/social.ajax.php | 17 +- main/inc/lib/api.lib.php | 20 +- main/inc/lib/array.lib.php | 2 +- main/inc/lib/certificate.lib.php | 22 +- main/inc/lib/chat.lib.php | 20 +- main/inc/lib/course.lib.php | 37 ++-- main/inc/lib/database.constants.inc.php | 1 + main/inc/lib/display.lib.php | 30 +-- main/inc/lib/document.lib.php | 15 +- main/inc/lib/pear/HTML/QuickForm/select.php | 109 +++------- main/inc/lib/pear/HTML/QuickForm/text.php | 3 +- main/install/install.lib.php | 2 +- 38 files changed, 461 insertions(+), 592 deletions(-) diff --git a/main/admin/user_list.php b/main/admin/user_list.php index 0d95122b91..69f884ef63 100755 --- a/main/admin/user_list.php +++ b/main/admin/user_list.php @@ -219,21 +219,22 @@ function prepare_user_sql_query($getCount) if ($getCount) { $sql .= "SELECT COUNT(u.id) AS total_number_of_items FROM $user_table u"; } else { - $sql .= "SELECT u.id AS col0, u.official_code AS col2, "; + $sql .= 'SELECT u.id AS col0, u.official_code AS col2, '; if (api_is_western_name_order()) { - $sql .= "u.firstname AS col3, u.lastname AS col4, "; + $sql .= 'u.firstname AS col3, u.lastname AS col4, '; } else { - $sql .= "u.lastname AS col3, u.firstname AS col4, "; + $sql .= 'u.lastname AS col3, u.firstname AS col4, '; } $sql .= " u.username AS col5, u.email AS col6, u.status AS col7, u.active AS col8, - u.id AS col9, - u.registration_date AS col10, - u.expiration_date AS exp, + u.registration_date AS col9, + u.last_login as col10, + u.id AS col11, + u.expiration_date AS exp, u.password FROM $user_table u"; } @@ -277,9 +278,7 @@ function prepare_user_sql_query($getCount) $extra_info = UserManager::get_extra_field_information_by_name($keyword_extra_data); $field_id = $extra_info['id']; $sql.= " INNER JOIN user_field_values ufv ON u.id=ufv.user_id AND ufv.field_id=$field_id "; - } - */ - + } */ if (isset($_GET['keyword']) && !empty($_GET['keyword'])) { $keywordFiltered = Database::escape_string("%".$_GET['keyword']."%"); $sql .= " WHERE ( @@ -332,18 +331,18 @@ function prepare_user_sql_query($getCount) if (isset($keywordListValues['keyword_active']) && !isset($keywordListValues['keyword_inactive']) ) { - $sql .= " AND u.active = 1"; + $sql .= ' AND u.active = 1'; } elseif (isset($keywordListValues['keyword_inactive']) && !isset($keywordListValues['keyword_active']) ) { - $sql .= " AND u.active = 0"; + $sql .= ' AND u.active = 0'; } - $sql .= " ) "; + $sql .= ' ) '; } $preventSessionAdminsToManageAllUsers = api_get_setting('prevent_session_admins_to_manage_all_users'); if (api_is_session_admin() && $preventSessionAdminsToManageAllUsers === 'true') { - $sql .= " AND u.creator_id = ".api_get_user_id(); + $sql .= ' AND u.creator_id = '.api_get_user_id(); } $variables = Session::read('variables_to_show', []); @@ -410,7 +409,7 @@ function prepare_user_sql_query($getCount) if ((api_is_platform_admin() || api_is_session_admin()) && api_get_multiple_access_url() ) { - $sql .= " AND url_rel_user.access_url_id=".api_get_current_access_url_id(); + $sql .= ' AND url_rel_user.access_url_id = '.api_get_current_access_url_id(); } return $sql; @@ -448,97 +447,49 @@ function get_user_data($from, $number_of_items, $column, $direction) if (!in_array($direction, ['ASC', 'DESC'])) { $direction = 'ASC'; } - $_admins_list = Session::read('admin_list', []); - $column = intval($column); - $from = intval($from); - $number_of_items = intval($number_of_items); + $column = (int) $column; + $from = (int) $from; + $number_of_items = (int) $number_of_items; + $sql .= " ORDER BY col$column $direction "; - $sql .= " LIMIT $from,$number_of_items"; + $sql .= " LIMIT $from, $number_of_items"; $res = Database::query($sql); $users = []; $t = time(); - $currentUser = api_get_current_user(); - - while ($user = Database::fetch_row($res)) { + while ($user = Database::fetch_array($res)) { $userPicture = UserManager::getUserPicture( $user[0], USER_IMAGE_SIZE_SMALL ); - $is_admin = in_array($user[0], $_admins_list); $photo = ''.api_get_person_name($user[2], $user[3]).''; - if ($user[7] == 1 && !empty($user[10])) { + if ($user[7] == 1 && !empty($user['exp'])) { // check expiration date - $expiration_time = convert_sql_date($user[10]); + $expiration_time = convert_sql_date($user['exp']); // if expiration date is passed, store a special value for active field if ($expiration_time < $t) { $user[7] = '-1'; } } - $iconAdmin = ''; - if ($is_admin) { - $iconAdmin .= Display::return_icon( - 'admin_star.png', - get_lang('IsAdministrator'), - null, - ICON_SIZE_SMALL - ); - } - - $iconActive = null; - $action = null; - $image = null; - - if ($user[7] == '1') { - $action = 'Lock'; - $image = 'accept'; - } elseif ($user[7] == '-1') { - $action = 'edit'; - $image = 'warning'; - } elseif ($user[7] == '0') { - $action = 'Unlock'; - $image = 'error'; - } - - if ($action === 'edit') { - $iconActive = Display::return_icon( - $image.'.png', - get_lang('AccountExpired'), - [], - 16 - ); - } elseif ($user['0'] != $currentUser->getId()) { - // you cannot lock yourself out otherwise you could disable all the - // accounts including your own => everybody is locked out and nobody - // can change it anymore. - $iconActive = Display::return_icon( - $image.'.png', - get_lang(ucfirst($action)), - ['onclick' => 'active_user(this);', 'id' => 'img_'.$user['0']], - 16 - ); - } - - $profile = '
'.$photo.'' - .$iconAdmin.''.$iconActive.'
'; - // forget about the expiration date field $users[] = [ - $user[0], - $profile, + $user[0], // id + $photo, $user[1], $user[2], $user[3], - $user[4], - $user[5], + $user[4], // username + $user[5], // email $user[6], - api_get_local_time($user[9]), + $user[7], // active + api_get_local_time($user[8]), + api_get_local_time($user[9], null, null, true), $user[0], ]; } @@ -555,13 +506,13 @@ function get_user_data($from, $number_of_items, $column, $direction) */ function email_filter($email) { - return Display:: encrypted_mailto_link($email, $email, null, true); + return Display::encrypted_mailto_link($email, $email); } /** * Returns a mailto-link. * - * @param string $email An email-address + * @param string $name * @param array $params Deprecated * @param array $row * @@ -585,6 +536,8 @@ function user_filter($name, $params, $row) */ function modify_filter($user_id, $url_params, $row) { + $_admins_list = Session::read('admin_list', []); + $is_admin = in_array($user_id, $_admins_list); $statusname = api_get_status_langvars(); $user_is_anonymous = false; $current_user_status_label = $row['7']; @@ -592,7 +545,7 @@ function modify_filter($user_id, $url_params, $row) if ($current_user_status_label == $statusname[ANONYMOUS]) { $user_is_anonymous = true; } - $result = '
'; + $result = ''; if (!$user_is_anonymous) { $icon = Display::return_icon( 'course.png', @@ -601,7 +554,7 @@ function modify_filter($user_id, $url_params, $row) ); $result .= ' '.$icon.' -
+
  
'; $icon = Display::return_icon( @@ -611,26 +564,26 @@ function modify_filter($user_id, $url_params, $row) ); $result .= ' '.$icon.' -
+
  
'; } else { - $result .= Display::return_icon('course_na.png', get_lang('Courses')); - $result .= Display::return_icon('course_na.png', get_lang('Sessions')); + $result .= Display::return_icon('course_na.png', get_lang('Courses')).'  '; + $result .= Display::return_icon('course_na.png', get_lang('Sessions')).'  '; } if (api_is_platform_admin()) { if (!$user_is_anonymous) { $result .= ''. - Display::return_icon('info2.png', get_lang('Info')).''; + Display::return_icon('info2.png', get_lang('Info')).'  '; } else { - $result .= Display::return_icon('info2_na.png', get_lang('Info')); + $result .= Display::return_icon('info2_na.png', get_lang('Info')).'  '; } } - //only allow platform admins to login_as, or session admins only for students (not teachers nor other admins) + // Only allow platform admins to login_as, or session admins only for students (not teachers nor other admins) $loginAsStatusForSessionAdmins = [$statusname[STUDENT]]; - //except when session.allow_session_admin_login_as_teacher is enabled, then can login_as teachers also + // Except when session.allow_session_admin_login_as_teacher is enabled, then can login_as teachers also if (api_get_configuration_value('session.allow_session_admin_login_as_teacher')) { $loginAsStatusForSessionAdmins[] = $statusname[COURSEMANAGER]; } @@ -642,26 +595,26 @@ function modify_filter($user_id, $url_params, $row) if (!$user_is_anonymous) { if (api_global_admin_can_edit_admin($user_id, null, $sessionAdminCanLoginAs)) { $result .= ''. - Display::return_icon('login_as.png', get_lang('LoginAs')).''; + Display::return_icon('login_as.png', get_lang('LoginAs')).' '; } else { - $result .= Display::return_icon('login_as_na.png', get_lang('LoginAs')); + $result .= Display::return_icon('login_as_na.png', get_lang('LoginAs')).' '; } } else { - $result .= Display::return_icon('login_as_na.png', get_lang('LoginAs')); + $result .= Display::return_icon('login_as_na.png', get_lang('LoginAs')).' '; } } else { - $result .= Display::return_icon('login_as_na.png', get_lang('LoginAs')); + $result .= Display::return_icon('login_as_na.png', get_lang('LoginAs')).' '; } if ($current_user_status_label != $statusname[STUDENT]) { $result .= Display::return_icon( 'statistics_na.png', get_lang('Reporting') - ); + ).' '; } else { $result .= ''. Display::return_icon('statistics.png', get_lang('Reporting')). - ''; + ' '; } if (api_is_platform_admin(true)) { @@ -676,14 +629,14 @@ function modify_filter($user_id, $url_params, $row) [], ICON_SIZE_SMALL ). - ''; + ' '; } else { $result .= Display::return_icon( - 'edit_na.png', - get_lang('Edit'), - [], - ICON_SIZE_SMALL - ).''; + 'edit_na.png', + get_lang('Edit'), + [], + ICON_SIZE_SMALL + ).' '; } } @@ -701,6 +654,19 @@ function modify_filter($user_id, $url_params, $row) ); } + if ($is_admin) { + $result .= Display::return_icon( + 'admin_star.png', + get_lang('IsAdministrator'), + ['width' => ICON_SIZE_SMALL, 'heigth' => ICON_SIZE_SMALL] + ); + } else { + $result .= Display::return_icon( + 'admin_star_na.png', + get_lang('IsNotAdministrator') + ); + } + // actions for assigning sessions, courses or users if (!api_is_session_admin()) { if ($current_user_status_label == $statusname[SESSIONADMIN]) { @@ -814,7 +780,6 @@ function modify_filter($user_id, $url_params, $row) ); } } - $result .= '
'; } return $result; @@ -884,17 +849,17 @@ function active_filter($active, $params, $row) */ function status_filter($status) { - $statusname = api_get_status_langvars(); + $name = api_get_status_langvars(); - return $statusname[$status]; + return $name[$status]; } if (isset($_GET['keyword']) || isset($_GET['keyword_firstname'])) { - $interbreadcrumb[] = ["url" => 'index.php', "name" => get_lang('PlatformAdmin')]; - $interbreadcrumb[] = ["url" => 'user_list.php', "name" => get_lang('UserList')]; + $interbreadcrumb[] = ['url' => 'index.php', 'name' => get_lang('PlatformAdmin')]; + $interbreadcrumb[] = ['url' => 'user_list.php', 'name' => get_lang('UserList')]; $tool_name = get_lang('SearchUsers'); } else { - $interbreadcrumb[] = ["url" => 'index.php', "name" => get_lang('PlatformAdmin')]; + $interbreadcrumb[] = ['url' => 'index.php', 'name' => get_lang('PlatformAdmin')]; $tool_name = get_lang('UserList'); } @@ -1015,7 +980,7 @@ $form->addText( get_lang('Search'), false, [ - 'aria-label' => get_lang("SearchUsers"), + 'aria-label' => get_lang('SearchUsers'), ] ); $form->addButtonSearch(get_lang('Search')); @@ -1134,16 +1099,22 @@ if (api_is_western_name_order()) { $table->set_header(5, get_lang('LoginName')); $table->set_header(6, get_lang('Email')); $table->set_header(7, get_lang('Profile')); -//$table->set_header(8, get_lang('Active'), true); -$table->set_header(8, get_lang('RegistrationDate'), true); -$table->set_header(9, get_lang('Action'), false); +$table->set_header(8, get_lang('Active'), true, 'width="15px"'); +$table->set_header(9, get_lang('RegistrationDate'), true, 'width="90px"'); +$table->set_header(10, get_lang('LatestLogin'), true, 'width="90px"'); +$table->set_header(11, get_lang('Action'), false, 'width="220px"'); $table->set_column_filter(3, 'user_filter'); $table->set_column_filter(4, 'user_filter'); $table->set_column_filter(6, 'email_filter'); $table->set_column_filter(7, 'status_filter'); -//$table->set_column_filter(8, 'active_filter'); -$table->set_column_filter(9, 'modify_filter'); +$table->set_column_filter(8, 'active_filter'); +$table->set_column_filter(11, 'modify_filter'); + +// Hide email column if login is email, to avoid column with same data +if (api_get_setting('login_is_email') === 'true') { + $table->setHideColumn(6); +} // Only show empty actions bar if delete users has been blocked $actionsList = []; @@ -1159,7 +1130,7 @@ $table->set_form_actions($actionsList); $table_result = $table->return_table(); $extra_search_options = ''; -//Try to search the user everywhere +// Try to search the user everywhere if ($table->get_total_number_of_items() == 0) { if (api_get_multiple_access_url() && isset($_REQUEST['keyword'])) { $keyword = Database::escape_string($_REQUEST['keyword']); diff --git a/main/auth/courses_list.php b/main/auth/courses_list.php index e3eb8c5938..7d73af0f36 100755 --- a/main/auth/courses_list.php +++ b/main/auth/courses_list.php @@ -51,7 +51,7 @@ if (!empty($user_course_categories)) { } if ($action != 'unsubscribe') { if ($allowCollapsable) { - if ($row['collapsed'] == 0) { + if (isset($row['collapsed']) && $row['collapsed'] == 0) { echo Display::url( '', $url.'&action=set_collapsable&option=1' diff --git a/main/auth/profile.php b/main/auth/profile.php index dd747fed2f..2efb5eeef3 100755 --- a/main/auth/profile.php +++ b/main/auth/profile.php @@ -26,7 +26,6 @@ $logInfo = [ 'tool_id' => 0, 'tool_id_detail' => 0, 'action' => $this_section, - 'info' => '', ]; Event::registerLog($logInfo); @@ -538,6 +537,7 @@ if ($form->validate()) { //Only update values that are request by the "profile" setting //Adding missing variables + $available_values_to_modify = []; foreach ($profileList as $key) { switch ($key) { @@ -562,7 +562,7 @@ if ($form->validate()) { } } - // Fixing missing variables + //Fixing missing variables $available_values_to_modify = array_merge( $available_values_to_modify, ['competences', 'diplomas', 'openarea', 'teach', 'openid', 'address'] @@ -617,7 +617,6 @@ if ($form->validate()) { } $sql .= " WHERE id = '".api_get_user_id()."'"; - Database::query($sql); if (isset($user_data['language']) && !empty($user_data['language'])) { @@ -652,23 +651,21 @@ if ($form->validate()) { Session::write('_user', $userInfo); if ($hook) { - Database::getManager()->clear(User::class); //Avoid cache issue (user entity is used before) - - $user = api_get_user_entity(api_get_user_id()); //Get updated user info for hook event - + Database::getManager()->clear(User::class); // Avoid cache issue (user entity is used before) + $user = api_get_user_entity(api_get_user_id()); // Get updated user info for hook event $hook->setEventData(['user' => $user]); $hook->notifyUpdateUser(HOOK_EVENT_TYPE_POST); } + Session::erase('system_timezone'); + $url = api_get_self(); header("Location: $url"); exit; } -// the header - $actions = ''; -if (api_get_setting('allow_social_tool') !== 'true') { +if ($allowSocialTool) { if (api_get_setting('extended_profile') === 'true') { if (api_get_setting('allow_message_tool') === 'true') { $actions .= ''. @@ -701,7 +698,7 @@ if ($actions) { SocialManager::setSocialUserBlock($tpl, api_get_user_id(), 'messages'); -if (api_get_setting('allow_social_tool') === 'true') { +if ($allowSocialTool) { SocialManager::setSocialUserBlock($tpl, api_get_user_id(), 'home'); $menu = SocialManager::show_social_menu( 'home', diff --git a/main/course_info/infocours.php b/main/course_info/infocours.php index 6375c3f5fd..773442604a 100755 --- a/main/course_info/infocours.php +++ b/main/course_info/infocours.php @@ -126,7 +126,6 @@ $form->applyFilter('department_url', 'html_filter'); // Extra fields $extra_field = new ExtraField('course'); - $extraFieldAdminPermissions = false; $showOnlyTheseFields = ['tags', 'video_url', 'course_hours_duration', 'max_subscribed_students']; $extra = $extra_field->addElements( @@ -212,8 +211,6 @@ $form->addButtonSave(get_lang('SaveSettings'), 'submit_save'); $form->addHtml(card_settings_close()); -//************* COURSE ACCESS ******************// - $group = []; $group[] = $form->createElement( 'radio', @@ -313,9 +310,7 @@ $form->addPanelOption( 'accordionSettings' ); -//************** END COURSE ACCESS *************// - -//************** START DOCUMENTS ***************// +// Documents $globalGroup = []; if (api_get_setting('documents_default_visibility_defined_in_course') == 'true') { $group = [ @@ -356,12 +351,7 @@ $form->addPanelOption( 'accordionSettings' ); -// *************** END DOCUMENTS ***************** // - -// ************** START EMAIL NOTIFICATIONS *******************// - $globalGroup = []; - $group = []; $group[] = $form->createElement( 'radio', @@ -505,8 +495,6 @@ $form->addPanelOption( 'accordionSettings' ); -//************** END EMAIL NOTIFICATIONS ******************// -//******************* START USER *******************// $group = []; $group[] = $form->createElement( 'radio', @@ -576,10 +564,8 @@ $form->addPanelOption( false, 'accordionSettings' ); -//****************** END USER ****************// - -//***************** CHAT SETTINGS ***************// +// CHAT SETTINGS $group = []; $group[] = $form->createElement( 'radio', @@ -605,8 +591,6 @@ $form->addPanelOption( 'accordionSettings' ); -//*************** START LEARNING PATH *************** // - $globalGroup = []; $group = []; $group[] = $form->createElement( @@ -721,9 +705,7 @@ $form->addPanelOption( false, 'accordionSettings' ); -// ********** END CONFIGURE LEARN PATH ***************// -// ********** EXERCISE ********************* // if (api_get_configuration_value('allow_exercise_auto_launch')) { $globalGroup = []; @@ -814,9 +796,6 @@ $form->addPanelOption( 'accordionSettings' ); -// ************* END THEMATIC *********** // - -// ************* CERTIFICATE SETTINGS ***************** // if (api_get_setting('allow_public_certificates') === 'true') { $group = []; $group[] = $form->createElement( @@ -872,7 +851,7 @@ $form->addPanelOption( 'accordionSettings' ); -//********** STUDENT PUBLICATION ***************** // +// Student publication $group = [ $form->createElement('radio', 'show_score', null, get_lang('NewVisible'), 0), $form->createElement('radio', 'show_score', null, get_lang('NewUnvisible'), 1), diff --git a/main/cron/import_csv.php b/main/cron/import_csv.php index ad3faf360e..0bb0e7301f 100755 --- a/main/cron/import_csv.php +++ b/main/cron/import_csv.php @@ -1226,16 +1226,12 @@ class ImportCsv $update = false; $item = null; if (!isset($event[$extraFieldName])) { - $this->logger->addInfo( - "No external_calendar_itemID found. Skipping ..." - ); + $this->logger->addInfo('No external_calendar_itemID found. Skipping ...'); continue; } else { $externalEventId = $event[$extraFieldName]; if (empty($externalEventId)) { - $this->logger->addInfo( - "external_calendar_itemID was set but empty. Skipping ..." - ); + $this->logger->addInfo('external_calendar_itemID was set but empty. Skipping ...'); continue; } diff --git a/main/document/document.php b/main/document/document.php index 2517615aa1..778e8d5ad8 100755 --- a/main/document/document.php +++ b/main/document/document.php @@ -1658,6 +1658,8 @@ if ($is_certificate_mode && $curdirpath != '/certificates') { ); } +$column_show = []; + if ($isAllowedToEdit || $groupMemberWithUploadRights || DocumentManager::is_my_shared_folder(api_get_user_id(), $curdirpath, $sessionId) diff --git a/main/document/download_scorm.php b/main/document/download_scorm.php index 20b84e829a..51b76a49ad 100755 --- a/main/document/download_scorm.php +++ b/main/document/download_scorm.php @@ -29,7 +29,7 @@ if (empty($obj)) { } // If is visible for the current user -if (!learnpath::is_lp_visible_for_student($obj->get_id(), api_get_user_id())) { +if (!learnpath::is_lp_visible_for_student($obj->get_id(), api_get_user_id(), $_course)) { api_not_allowed(); } diff --git a/main/exercise/exercise.class.php b/main/exercise/exercise.class.php index 179724a7e5..d08d2d1630 100755 --- a/main/exercise/exercise.class.php +++ b/main/exercise/exercise.class.php @@ -3607,8 +3607,8 @@ class Exercise if ($from_database) { $sql = "SELECT answer FROM $TBL_TRACK_ATTEMPT WHERE - exe_id = '".$exeId."' AND - question_id= '".$questionId."'"; + exe_id = $exeId AND + question_id = $questionId"; $result = Database::query($sql); $choice = Database::result($result, 0, 'answer'); @@ -3804,7 +3804,7 @@ class Exercise if ($from_database) { $choice = []; $sql = "SELECT answer FROM $TBL_TRACK_ATTEMPT - WHERE exe_id = $exeId AND question_id= $questionId"; + WHERE exe_id = $exeId AND question_id = $questionId"; $resultans = Database::query($sql); while ($row = Database::fetch_array($resultans)) { $choice[$row['answer']] = 1; @@ -4235,7 +4235,7 @@ class Exercise FROM $TBL_TRACK_ATTEMPT WHERE exe_id = $exeId AND - question_id= ".intval($questionId); + question_id = $questionId"; $result = Database::query($sql); $resultData = Database::fetch_array($result, 'ASSOC'); $answer = $resultData['answer']; @@ -4560,7 +4560,7 @@ class Exercise WHERE hotspot_exe_id = $exeId AND hotspot_question_id= $questionId AND - hotspot_answer_id = ".intval($answerAutoId)." + hotspot_answer_id = $answerAutoId ORDER BY hotspot_id ASC"; $result = Database::query($sql); if (Database::num_rows($result)) { diff --git a/main/exercise/exercise_show.php b/main/exercise/exercise_show.php index b80dec0a6b..4e3234e5a0 100755 --- a/main/exercise/exercise_show.php +++ b/main/exercise/exercise_show.php @@ -16,7 +16,7 @@ use ChamiloSession as Session; * @todo small letters for table variables */ require_once __DIR__.'/../inc/global.inc.php'; -$debug = false; + $origin = api_get_origin(); $currentUserId = api_get_user_id(); $printHeaders = $origin === 'learnpath'; @@ -67,7 +67,7 @@ if (empty($exerciseResult)) { if (empty($choiceDegreeCertainty)) { $choiceDegreeCertainty = isset($_REQUEST['choiceDegreeCertainty']) ? $_REQUEST['choiceDegreeCertainty'] : null; } -$questionId = isset($_REQUEST['questionId']) ? $_REQUEST['questionId'] : null; +$questionId = isset($_REQUEST['questionId']) ? (int) $_REQUEST['questionId'] : null; if (empty($choice)) { $choice = isset($_REQUEST['choice']) ? $_REQUEST['choice'] : null; @@ -309,29 +309,24 @@ if ($show_results || $show_only_total_score || $showTotalScoreAndUserChoicesInLa } $i = $totalScore = $totalWeighting = 0; -if ($debug > 0) { - error_log("ExerciseResult: ".print_r($exerciseResult, 1)); - error_log("QuestionList: ".print_r($questionList, 1)); -} - $arrques = []; $arrans = []; -$user_restriction = $is_allowedToEdit ? '' : "AND user_id=".intval($student_id)." "; +$user_restriction = $is_allowedToEdit ? '' : " AND user_id= $student_id "; $sql = "SELECT attempts.question_id, answer FROM $TBL_TRACK_ATTEMPT as attempts - INNER JOIN ".$TBL_TRACK_EXERCISES." AS stats_exercises - ON stats_exercises.exe_id=attempts.exe_id + INNER JOIN $TBL_TRACK_EXERCISES AS stats_exercises + ON stats_exercises.exe_id = attempts.exe_id INNER JOIN $TBL_EXERCISE_QUESTION AS quizz_rel_questions ON quizz_rel_questions.exercice_id=stats_exercises.exe_exo_id AND quizz_rel_questions.question_id = attempts.question_id AND quizz_rel_questions.c_id=".api_get_course_int_id()." - INNER JOIN ".$TBL_QUESTIONS." AS questions + INNER JOIN $TBL_QUESTIONS AS questions ON questions.id = quizz_rel_questions.question_id AND questions.c_id = ".api_get_course_int_id()." WHERE - attempts.exe_id = ".$id." $user_restriction + attempts.exe_id = $id $user_restriction GROUP BY quizz_rel_questions.question_order, attempts.question_id"; $result = Database::query($sql); $question_list_from_database = []; @@ -548,15 +543,13 @@ foreach ($questionList as $questionId) { $overlap_color = 'red'; } + $missing_color = 'red'; if ($missing_color) { $missing_color = 'green'; - } else { - $missing_color = 'red'; } + $excess_color = 'red'; if ($excess_color) { $excess_color = 'green'; - } else { - $excess_color = 'red'; } if (!is_numeric($final_overlap)) { @@ -648,9 +641,9 @@ foreach ($questionList as $questionId) { echo '

'.$comment.'

'; } - //showing the score - $queryfree = "SELECT marks from ".$TBL_TRACK_ATTEMPT." - WHERE exe_id = ".intval($id)." AND question_id= ".intval($questionId); + // Showing the score + $queryfree = "SELECT marks FROM $TBL_TRACK_ATTEMPT + WHERE exe_id = $id AND question_id= ".intval($questionId); $resfree = Database::query($queryfree); $questionScore = Database::result($resfree, 0, "marks"); $totalScore += $questionScore; @@ -738,7 +731,7 @@ foreach ($questionList as $questionId) { $url_name = get_lang('EditCommentsAndMarks'); } else { $url_name = get_lang('AddComments'); - if ($action == 'edit') { + if ($action === 'edit') { $url_name = get_lang('EditIndividualComment'); } } @@ -842,24 +835,6 @@ foreach ($questionList as $questionId) { } $formMark->display(); - - /*echo '
'; - echo get_lang('AssignMarks'); - echo " '; - echo '

';*/ echo ''; if ($questionScore == -1) { $questionScore = 0; @@ -1002,7 +977,7 @@ if ($answerType != MULTIPLE_ANSWER_TRUE_FALSE_DEGREE_CERTAINTY) { // Total score $myTotalScoreTemp = $totalScore; -if ($origin != 'learnpath' || ($origin == 'learnpath' && isset($_GET['fb_type']))) { +if ($origin != 'learnpath' || ($origin === 'learnpath' && isset($_GET['fb_type']))) { if ($show_results || $show_only_total_score || $showTotalScoreAndUserChoicesInLastAttempt) { $totalScoreText .= '
'; if ($objExercise->selectPropagateNeg() == 0 && $myTotalScoreTemp < 0) { diff --git a/main/exercise/question_list_admin.inc.php b/main/exercise/question_list_admin.inc.php index 8e48d46f8c..44d3014ded 100755 --- a/main/exercise/question_list_admin.inc.php +++ b/main/exercise/question_list_admin.inc.php @@ -216,13 +216,17 @@ if (!$inATest) { if (is_array($questionList)) { foreach ($questionList as $id) { - //To avoid warning messages + // To avoid warning messages. if (!is_numeric($id)) { continue; } /** @var Question $objQuestionTmp */ $objQuestionTmp = Question::read($id); + if (empty($objQuestionTmp)) { + continue; + } + $clone_link = Display::url( Display::return_icon( 'cd.png', @@ -233,7 +237,8 @@ if (!$inATest) { api_get_self().'?'.api_get_cidreq().'&clone_question='.$id.'&page='.$page, ['class' => 'btn btn-default btn-sm'] ); - $edit_link = $objQuestionTmp->type == CALCULATED_ANSWER && $objQuestionTmp->isAnswered() + + $edit_link = $objQuestionTmp->selectType() == CALCULATED_ANSWER && $objQuestionTmp->isAnswered() ? Display::span( Display::return_icon( 'edit_na.png', @@ -311,11 +316,11 @@ if (!$inATest) { TestCategory::getCategoryNameForQuestion($objQuestionTmp->id) ); if (empty($txtQuestionCat)) { - $txtQuestionCat = "-"; + $txtQuestionCat = '-'; } // Question level - $txtQuestionLevel = $objQuestionTmp->level; + $txtQuestionLevel = $objQuestionTmp->getLevel(); if (empty($objQuestionTmp->level)) { $txtQuestionLevel = '-'; } diff --git a/main/exercise/stats.php b/main/exercise/stats.php index cdd75fc7a1..86084cd749 100755 --- a/main/exercise/stats.php +++ b/main/exercise/stats.php @@ -235,7 +235,7 @@ if (!empty($question_list)) { $answer_id, $question_id, $exerciseId, - api_get_course_int_id(), + $courseCode, $sessionId ); $percentage = 0; diff --git a/main/forum/forumfunction.inc.php b/main/forum/forumfunction.inc.php index 8a10ba8eee..5457d937a6 100755 --- a/main/forum/forumfunction.inc.php +++ b/main/forum/forumfunction.inc.php @@ -100,7 +100,7 @@ function handle_forum_and_forumcategories($lp_id = null) $get_content = isset($_GET['content']) ? $_GET['content'] : ''; $post_submit_cat = isset($_POST['SubmitForumCategory']) ? true : false; $post_submit_forum = isset($_POST['SubmitForum']) ? true : false; - $get_id = isset($_GET['id']) ? intval($_GET['id']) : ''; + $get_id = isset($_GET['id']) ? (int) $_GET['id'] : 0; $forum_categories_list = get_forum_categories(); // Verify if forum category exists @@ -111,23 +111,23 @@ function handle_forum_and_forumcategories($lp_id = null) $content = ''; // Adding a forum category - if (($action_forum_cat == 'add' && $get_content == 'forumcategory') || $post_submit_cat) { + if (($action_forum_cat === 'add' && $get_content === 'forumcategory') || $post_submit_cat) { $content = show_add_forumcategory_form([], $lp_id); //$lp_id when is called from learning path } // Adding a forum - if ((($action_forum_cat == 'add' || $action_forum_cat == 'edit') && $get_content == 'forum') || + if ((($action_forum_cat === 'add' || $action_forum_cat === 'edit') && $get_content === 'forum') || $post_submit_forum ) { $inputvalues = []; - if ($action_forum_cat == 'edit' && $get_id || $post_submit_forum) { + if ($action_forum_cat === 'edit' && $get_id || $post_submit_forum) { $inputvalues = get_forums($get_id); } $content = show_add_forum_form($inputvalues, $lp_id); } // Edit a forum category - if (($action_forum_cat == 'edit' && $get_content == 'forumcategory') || + if (($action_forum_cat === 'edit' && $get_content === 'forumcategory') || (isset($_POST['SubmitEditForumCategory'])) ? true : false ) { $forum_category = get_forum_categories($get_id); @@ -135,10 +135,8 @@ function handle_forum_and_forumcategories($lp_id = null) } // Delete a forum category - if ($action_forum_cat == 'delete') { - $id_forum = intval($get_id); - $list_threads = get_threads($id_forum); - + if ($action_forum_cat === 'delete') { + $list_threads = get_threads($get_id); for ($i = 0; $i < count($list_threads); $i++) { deleteForumCategoryThread('thread', $list_threads[$i]['thread_id']); $link_info = GradebookUtils::isResourceInCourseGradebook( @@ -155,21 +153,21 @@ function handle_forum_and_forumcategories($lp_id = null) } // Change visibility of a forum or a forum category. - if ($action_forum_cat == 'invisible' || $action_forum_cat == 'visible') { + if ($action_forum_cat === 'invisible' || $action_forum_cat === 'visible') { $return_message = change_visibility($get_content, $get_id, $action_forum_cat); Display::addFlash( Display::return_message($return_message, 'confirmation', false) ); } // Change lock status of a forum or a forum category. - if ($action_forum_cat == 'lock' || $action_forum_cat == 'unlock') { + if ($action_forum_cat === 'lock' || $action_forum_cat === 'unlock') { $return_message = change_lock_status($get_content, $get_id, $action_forum_cat); Display::addFlash( Display::return_message($return_message, 'confirmation', false) ); } // Move a forum or a forum category. - if ($action_forum_cat == 'move' && isset($_GET['direction'])) { + if ($action_forum_cat === 'move' && isset($_GET['direction'])) { $return_message = move_up_down($get_content, $_GET['direction'], $get_id); Display::addFlash( Display::return_message($return_message, 'confirmation', false) @@ -268,14 +266,14 @@ function show_add_forum_form($inputvalues = [], $lp_id) $form_title = get_lang('EditForum'); } - $form->addElement('header', $form_title); + $form->addHeader($form_title); // We have a hidden field if we are editing. if (!empty($inputvalues) && is_array($inputvalues)) { $my_forum_id = isset($inputvalues['forum_id']) ? $inputvalues['forum_id'] : null; $form->addElement('hidden', 'forum_id', $my_forum_id); } - $lp_id = intval($lp_id); + $lp_id = (int) $lp_id; // hidden field if from learning path $form->addElement('hidden', 'lp_id', $lp_id); @@ -893,7 +891,6 @@ function store_forum($values, $courseInfo = [], $returnId = false) $logInfo = [ 'tool' => TOOL_FORUM, 'tool_id' => $values['forum_id'], - 'tool_id_detail' => 0, 'action' => 'update-forum', 'action_details' => 'forum', 'info' => $values['forum_title'], @@ -922,7 +919,7 @@ function store_forum($values, $courseInfo = [], $returnId = false) 'end_time' => !empty($values['end_time']) ? api_get_utc_datetime($values['end_time']) : null, 'forum_order' => isset($new_max) ? $new_max : null, 'session_id' => $session_id, - 'lp_id' => isset($values['lp_id']) ? intval($values['lp_id']) : 0, + 'lp_id' => isset($values['lp_id']) ? (int) $values['lp_id'] : 0, 'locked' => 0, 'forum_id' => 0, ]; @@ -931,6 +928,25 @@ function store_forum($values, $courseInfo = [], $returnId = false) if ($forumId > 0) { $sql = "UPDATE $table_forums SET forum_id = iid WHERE iid = $forumId"; Database::query($sql); + $courseCode = $courseInfo['code']; + $subscribe = (int) api_get_course_setting('subscribe_users_to_forum_notifications', $courseCode); + + $status = STUDENT; + if (!empty($session_id)) { + $status = 0; + } + if ($subscribe === 1) { + $userList = CourseManager::get_user_list_from_course_code( + $courseCode, + $session_id, + null, + null, + $status + ); + foreach ($userList as $userInfo) { + set_notification('forum', $forumId, false, $userInfo, $courseInfo); + } + } api_item_property_update( $courseInfo, @@ -951,7 +967,6 @@ function store_forum($values, $courseInfo = [], $returnId = false) $logInfo = [ 'tool' => TOOL_FORUM, 'tool_id' => $forumId, - 'tool_id_detail' => 0, 'action' => 'new-forum', 'action_details' => 'forum', 'info' => $values['forum_title'], @@ -1000,7 +1015,7 @@ function deleteForumCategoryThread($content, $id) $groupId = api_get_group_id(); $groupInfo = GroupManager::get_group_properties($groupId); $userId = api_get_user_id(); - $id = intval($id); + $id = (int) $id; // Delete all attachment file about this tread id. $sql = "SELECT post_id FROM $table_forums_post @@ -1012,7 +1027,7 @@ function deleteForumCategoryThread($content, $id) $tool_constant = null; $return_message = ''; - if ($content == 'forumcategory') { + if ($content === 'forumcategory') { $tool_constant = TOOL_FORUM_CATEGORY; $return_message = get_lang('ForumCategoryDeleted'); @@ -1034,7 +1049,7 @@ function deleteForumCategoryThread($content, $id) } } - if ($content == 'forum') { + if ($content === 'forum') { $tool_constant = TOOL_FORUM; $return_message = get_lang('ForumDeleted'); @@ -1056,7 +1071,7 @@ function deleteForumCategoryThread($content, $id) } } - if ($content == 'thread') { + if ($content === 'thread') { $tool_constant = TOOL_FORUM_THREAD; $return_message = get_lang('ThreadDeleted'); Skill::deleteSkillsFromItem($id, ITEM_TYPE_FORUM_THREAD); @@ -5624,58 +5639,68 @@ function get_forums_of_group($groupInfo) /** * This function stores which users have to be notified of which forums or threads. * - * @param string $content does the user want to be notified about a forum or about a thread - * @param int $id the id of the forum or thread + * @param string $content does the user want to be notified about a forum or about a thread + * @param int $id the id of the forum or thread + * @param bool $addOnly + * @param array $userInfo + * @param array $courseInfo * * @return string language variable * - * @author Patrick Cool , Ghent University, Belgium - * - * @version May 2008, dokeos 1.8.5 + * @author Patrick Cool , Ghent University, Belgium + * @author Julio Montoya * - * @since May 2008, dokeos 1.8.5 + * @since May 2008 v1.8.5 */ -function set_notification($content, $id, $add_only = false) +function set_notification($content, $id, $addOnly = false, $userInfo = [], $courseInfo = []) { - $_user = api_get_user_info(); + $userInfo = empty($userInfo) ? api_get_user_info() : $userInfo; + $courseInfo = empty($courseInfo) ? api_get_course_info() : $courseInfo; + $id = (int) $id; + + if (empty($userInfo) || empty($courseInfo) || empty($id) || empty($content)) { + return false; + } + // Database table definition $table_notification = Database::get_course_table(TABLE_FORUM_NOTIFICATION); - $course_id = api_get_course_int_id(); + $course_id = $courseInfo['real_id']; // Which database field do we have to store the id in? - if ($content == 'forum') { - $database_field = 'forum_id'; - } else { - $database_field = 'thread_id'; + $field = 'thread_id'; + if ($content === 'forum') { + $field = 'forum_id'; } + $userId = $userInfo['user_id']; + // First we check if the notification is already set for this. $sql = "SELECT * FROM $table_notification WHERE c_id = $course_id AND - $database_field = '".Database::escape_string($id)."' AND - user_id = '".intval($_user['user_id'])."'"; + $field = $id AND + user_id = $userId "; $result = Database::query($sql); $total = Database::num_rows($result); // If the user did not indicate that (s)he wanted to be notified already // then we store the notification request (to prevent double notification requests). if ($total <= 0) { - $sql = "INSERT INTO $table_notification (c_id, $database_field, user_id) - VALUES (".$course_id.", '".Database::escape_string($id)."','".intval($_user['user_id'])."')"; + $sql = "INSERT INTO $table_notification (c_id, $field, user_id) + VALUES ($course_id, '$id','$userId')"; Database::query($sql); Session::erase('forum_notification'); getNotificationsPerUser(0, true); return get_lang('YouWillBeNotifiedOfNewPosts'); } else { - if (!$add_only) { + if (!$addOnly) { $sql = "DELETE FROM $table_notification WHERE c_id = $course_id AND - $database_field = '".Database::escape_string($id)."' AND - user_id = '".intval($_user['user_id'])."'"; + $field = $id AND + user_id = $userId "; Database::query($sql); Session::erase('forum_notification'); getNotificationsPerUser(0, true); @@ -5695,6 +5720,7 @@ function set_notification($content, $id, $add_only = false) * @return array returns * * @author Patrick Cool , Ghent University, Belgium + * @author Julio Montoya * * @version May 2008, dokeos 1.8.5 * @@ -5708,18 +5734,19 @@ function get_notifications($content, $id) $course_id = api_get_course_int_id(); // Which database field contains the notification? - if ($content == 'forum') { - $database_field = 'forum_id'; - } else { - $database_field = 'thread_id'; + $field = 'thread_id'; + if ($content === 'forum') { + $field = 'forum_id'; } + $id = (int) $id; + $sql = "SELECT user.user_id, user.firstname, user.lastname, user.email, user.user_id user FROM $table_users user, $table_notification notification WHERE notification.c_id = $course_id AND user.active = 1 AND user.user_id = notification.user_id AND - notification.$database_field= '".Database::escape_string($id)."'"; + notification.$field = $id "; $result = Database::query($sql); $return = []; @@ -5749,20 +5776,7 @@ function get_notifications($content, $id) */ function send_notifications($forum_id = 0, $thread_id = 0, $post_id = 0) { - //$_course = api_get_course_info(); - - /*$forumCourseId = api_get_configuration_value('global_forums_course_id'); - if (!empty($forumCourseId)) { - if ($_course['real_id'] == $forumCourseId) { - return false; - } - }*/ - $forum_id = (int) $forum_id; - - // The content of the mail - //$thread_link = api_get_path(WEB_CODE_PATH).'forum/viewthread.php?'.api_get_cidreq().'&forum='.$forum_id.'&thread='.$thread_id; - // Users who subscribed to the forum if ($forum_id != 0) { $users_to_be_notified_by_forum = get_notifications('forum', $forum_id); @@ -5771,8 +5785,6 @@ function send_notifications($forum_id = 0, $thread_id = 0, $post_id = 0) } $current_thread = get_thread_information($forum_id, $thread_id); - //$current_forum = get_forum_information($current_thread['forum_id']); - //$subject = get_lang('NewForumPost').' - '.$_course['official_code'].' - '.$current_forum['forum_title'].' - '.$current_thread['thread_title']; // User who subscribed to the thread if ($thread_id != 0) { @@ -6228,8 +6240,8 @@ function editAttachedFile($array, $id, $courseId = null) { // Init variables $setString = ''; - $id = intval($id); - $courseId = intval($courseId); + $id = (int) $id; + $courseId = (int) $courseId; if (empty($courseId)) { // $courseId can be null, use api method $courseId = api_get_course_int_id(); @@ -6277,8 +6289,7 @@ function editAttachedFile($array, $id, $courseId = null) */ function getAttachmentsAjaxTable($postId = 0) { - // Init variables - $postId = intval($postId); + $postId = (int) $postId; $courseId = api_get_course_int_id(); $attachIds = getAttachmentIdsByPostId($postId, $courseId); $fileDataContent = ''; @@ -6357,10 +6368,10 @@ function getAttachedFiles( $attachId = 0, $courseId = 0 ) { - $forumId = intval($forumId); - $courseId = intval($courseId); - $attachId = intval($attachId); - $postId = intval($postId); + $forumId = (int) $forumId; + $courseId = (int) $courseId; + $attachId = (int) $attachId; + $postId = (int) $postId; $threadId = !empty($threadId) ? intval($threadId) : isset($_REQUEST['thread']) ? intval($_REQUEST['thread']) : ''; if (empty($courseId)) { // $courseId can be null, use api method @@ -6368,7 +6379,7 @@ function getAttachedFiles( } if (empty($forumId)) { if (!empty($_REQUEST['forum'])) { - $forumId = intval($_REQUEST['forum']); + $forumId = (int) $_REQUEST['forum']; } else { // if forum ID is empty, cannot generate delete url @@ -6438,11 +6449,11 @@ function getAttachedFiles( * * @return array */ -function clearAttachedFiles($postId = null, $courseId = null) +function clearAttachedFiles($postId = 0, $courseId = 0) { // Init variables - $courseId = intval($courseId); - $postId = intval($postId); + $courseId = (int) $courseId; + $postId = (int) $postId; $array = []; if (empty($courseId)) { // $courseId can be null, use api method @@ -6488,8 +6499,8 @@ function clearAttachedFiles($postId = null, $courseId = null) function getAttachmentIdsByPostId($postId, $courseId = 0) { $array = []; - $courseId = intval($courseId); - $postId = intval($postId); + $courseId = (int) $courseId; + $postId = (int) $postId; if (empty($courseId)) { // $courseId can be null, use api method $courseId = api_get_course_int_id(); @@ -6520,7 +6531,8 @@ function getAttachmentIdsByPostId($postId, $courseId = 0) */ function getForumCategoryByTitle($title, $courseId, $sessionId = 0) { - $sessionId = intval($sessionId); + $sessionId = (int) $sessionId; + $courseId = (int) $courseId; $forumCategoryTable = Database::get_course_table(TABLE_FORUM_CATEGORY); $itemProperty = Database::get_course_table(TABLE_ITEM_PROPERTY); @@ -6550,7 +6562,7 @@ function getForumCategoryByTitle($title, $courseId, $sessionId = 0) 'ip.tool = ? AND ' => TOOL_FORUM_CATEGORY, 'fc.session_id = ? AND ' => $sessionId, 'fc.cat_title = ? AND ' => $title, - 'fc.c_id = ?' => intval($courseId), + 'fc.c_id = ?' => $courseId, ], ], 'first' diff --git a/main/forum/index.php b/main/forum/index.php index 5e58b30017..3a9fcb2353 100755 --- a/main/forum/index.php +++ b/main/forum/index.php @@ -62,9 +62,9 @@ if (api_is_in_gradebook()) { $search_forum = isset($_GET['search']) ? Security::remove_XSS($_GET['search']) : ''; /* ACTIONS */ -$actions = isset($_GET['action']) ? $_GET['action'] : ''; +$action = isset($_GET['action']) ? $_GET['action'] : ''; -if ($actions === 'add') { +if ($action === 'add') { switch ($_GET['content']) { case 'forum': $interbreadcrumb[] = [ @@ -102,12 +102,12 @@ $form_count = 0; $formContent = ''; if (api_is_allowed_to_edit(false, true)) { //if is called from a learning path lp_id - $lp_id = isset($_REQUEST['lp_id']) ? intval($_REQUEST['lp_id']) : null; + $lp_id = isset($_REQUEST['lp_id']) ? (int) $_REQUEST['lp_id'] : null; $formContent = handle_forum_and_forumcategories($lp_id); } // Notification -if ($actions == 'notify' && isset($_GET['content']) && isset($_GET['id'])) { +if ($action == 'notify' && isset($_GET['content']) && isset($_GET['id'])) { if (api_get_session_id() != 0 && api_is_allowed_to_session_edit(false, true) == false ) { @@ -120,14 +120,11 @@ if ($actions == 'notify' && isset($_GET['content']) && isset($_GET['id'])) { get_whats_new(); $whatsnew_post_info = Session::read('whatsnew_post_info'); -/* TRACKING */ Event::event_access_tool(TOOL_FORUM); $logInfo = [ 'tool' => TOOL_FORUM, - 'tool_id' => 0, - 'tool_id_detail' => 0, - 'action' => !empty($actions) ? $actions : 'list-category', + 'action' => !empty($action) ? $action : 'list-category', 'action_details' => isset($_GET['content']) ? $_GET['content'] : '', ]; Event::registerLog($logInfo); @@ -557,7 +554,7 @@ if (is_array($forumCategories)) { } } - if (!api_is_anonymous() && api_is_allowed_to_session_edit(false, true) && $hideNotifications == false) { + if ($hideNotifications == false && !api_is_anonymous() && api_is_allowed_to_session_edit(false, true)) { $toolActions .= '' .Display::return_icon($iconnotify, get_lang('NotifyMe'), null, ICON_SIZE_SMALL) diff --git a/main/gradebook/gradebook_edit_cat.php b/main/gradebook/gradebook_edit_cat.php index a753852f79..36f118676e 100755 --- a/main/gradebook/gradebook_edit_cat.php +++ b/main/gradebook/gradebook_edit_cat.php @@ -2,8 +2,6 @@ /* For licensing terms, see /license.txt */ /** - * Script. - * * @package chamilo.gradebook */ require_once __DIR__.'/../inc/global.inc.php'; diff --git a/main/gradebook/index.php b/main/gradebook/index.php index bfafe4407a..33390a73e4 100755 --- a/main/gradebook/index.php +++ b/main/gradebook/index.php @@ -178,8 +178,6 @@ $my_actions = implode(';', $list_actions); $my_actions_values = implode(';', $list_values); $logInfo = [ 'tool' => TOOL_GRADEBOOK, - 'tool_id' => 0, - 'tool_id_detail' => 0, 'action' => $my_actions, 'action_details' => $my_actions_values, ]; @@ -260,19 +258,19 @@ if (isset($_GET['visiblelog'])) { //move a category if (isset($_GET['movecat'])) { GradebookUtils::block_students(); - $cats = Category::load($_GET['movecat']); + $moveCategoryId = isset($_GET['movecat']) ? (int) $_GET['movecat'] : 0; + $cats = Category::load($moveCategoryId); if (!isset($_GET['targetcat'])) { $move_form = new CatForm( CatForm::TYPE_MOVE, $cats[0], 'move_cat_form', null, - api_get_self().'?movecat='.intval($_GET['movecat']).'&selectcat='.$selectCat + api_get_self().'?movecat='.$moveCategoryId.'&selectcat='.$selectCat ); if ($move_form->validate()) { header('Location: '.api_get_self().'?selectcat='.$selectCat - .'&movecat='.intval($_GET['movecat']) - .'&targetcat='.$move_form->exportValue('move_cat')); + .'&movecat='.$moveCategoryId.'&targetcat='.$move_form->exportValue('move_cat')); exit; } } else { @@ -370,7 +368,7 @@ if (isset($_GET['deletecat'])) { GradebookUtils::block_students(); $cats = Category::load($_GET['deletecat']); if (isset($cats[0])) { - //delete all categories,subcategories and results + // Delete all categories,subcategories and results if ($cats[0] != null) { if ($cats[0]->get_id() != 0) { // better don't try to delete the root... @@ -406,12 +404,11 @@ if (isset($_GET['visibleeval'])) { if (isset($_GET['lockedeval'])) { GradebookUtils::block_students(); $locked = (int) $_GET['lockedeval']; + $type_locked = 1; + $confirmation_message = get_lang('EvaluationHasBeenLocked'); if (isset($_GET['typelocked']) && api_is_platform_admin()) { $type_locked = 0; $confirmation_message = get_lang('EvaluationHasBeenUnLocked'); - } else { - $type_locked = 1; - $confirmation_message = get_lang('EvaluationHasBeenLocked'); } $eval = Evaluation::load($locked); if ($eval[0] != null) { @@ -493,7 +490,7 @@ if (!empty($course_to_crsind) && !isset($_GET['confirm'])) { die('Error: movecat or moveeval not defined'); } $button = '
'; diff --git a/main/gradebook/lib/GradebookUtils.php b/main/gradebook/lib/GradebookUtils.php index f4b7460fea..b5927b7ac6 100644 --- a/main/gradebook/lib/GradebookUtils.php +++ b/main/gradebook/lib/GradebookUtils.php @@ -713,9 +713,12 @@ class GradebookUtils $date_certificate ) { $table = Database::get_main_table(TABLE_MAIN_GRADEBOOK_CERTIFICATE); - $sql = 'SELECT COUNT(id) as count - FROM '.$table.' gc - WHERE gc.cat_id="'.intval($cat_id).'" AND user_id="'.intval($user_id).'" '; + $cat_id = (int) $cat_id; + $user_id = (int) $user_id; + + $sql = "SELECT COUNT(id) as count + FROM $table gc + WHERE gc.cat_id = $cat_id AND user_id = $user_id "; $rs_exist = Database::query($sql); $row = Database::fetch_array($rs_exist); if ($row['count'] == 0) { @@ -740,8 +743,11 @@ class GradebookUtils public static function get_certificate_by_user_id($cat_id, $user_id) { $table = Database::get_main_table(TABLE_MAIN_GRADEBOOK_CERTIFICATE); - $sql = 'SELECT * FROM '.$table.' - WHERE cat_id="'.intval($cat_id).'" AND user_id="'.intval($user_id).'"'; + $cat_id = (int) $cat_id; + $user_id = (int) $user_id; + + $sql = "SELECT * FROM $table + WHERE cat_id = $cat_id AND user_id = $user_id "; $result = Database::query($sql); $row = Database::fetch_array($result, 'ASSOC'); @@ -796,27 +802,28 @@ class GradebookUtils $user_id, $cat_id = null ) { + $user_id = (int) $user_id; $table_certificate = Database::get_main_table(TABLE_MAIN_GRADEBOOK_CERTIFICATE); - $sql = 'SELECT - gc.score_certificate, - gc.created_at, - gc.path_certificate, - gc.cat_id, - gc.user_id, + $sql = 'SELECT + gc.score_certificate, + gc.created_at, + gc.path_certificate, + gc.cat_id, + gc.user_id, gc.id FROM '.$table_certificate.' gc - WHERE gc.user_id="'.intval($user_id).'" '; + WHERE gc.user_id = "'.$user_id.'" '; if (!is_null($cat_id) && $cat_id > 0) { $sql .= ' AND cat_id='.intval($cat_id); } $rs = Database::query($sql); - $list_certificate = []; + $list = []; while ($row = Database::fetch_array($rs)) { - $list_certificate[] = $row; + $list[] = $row; } - return $list_certificate; + return $list; } /** @@ -854,9 +861,9 @@ class GradebookUtils //add print header if (!$hide_print_button) { - $print = '