Fix psalm issues: Double casting, add phpdoc, fix php warning

Update from 1.11.x
5 years ago · 16bbf012b3
parent a8affdffce
commit 16bbf012b3
16 changed files with 432 additions and 377 deletions
--- a/public/main/course_info/download.php
+++ b/public/main/course_info/download.php
@ -30,7 +30,7 @@ if (in_array($extension, ['xml', 'csv']) &&
    (api_is_platform_admin(true) || api_is_drh())
 ) {
    $content_type = 'application/force-download';
-} elseif ('zip' === $extension && $_cid && (api_is_platform_admin(true) || api_is_course_admin())) {
+} elseif ('zip' === $extension && api_get_course_id() && (api_is_platform_admin(true) || api_is_course_admin())) {
    $content_type = 'application/force-download';
 }

--- a/public/main/course_info/infocours.php
+++ b/public/main/course_info/infocours.php
@ -984,11 +984,8 @@ if ($form->validate() && $isEditable) {
        $illustrationRepo->deleteIllustration($courseEntity);
    }

-    global $_configuration;
-    if (isset($_configuration[$urlId]) &&
-        isset($_configuration[$urlId]['hosting_limit_active_courses']) &&
-        $_configuration[$urlId]['hosting_limit_active_courses'] > 0
-    ) {
+    $limitCourses = api_get_configuration_value('hosting_limit_active_courses');
+    if ($limitCourses > 0) {
        $courseInfo = api_get_course_info_by_id($courseId);

        // Check if
@ -996,7 +993,7 @@ if ($form->validate() && $isEditable) {
            $visibility != $courseInfo['visibility']
        ) {
            $num = CourseManager::countActiveCourses($urlId);
-            if ($num >= $_configuration[$urlId]['hosting_limit_active_courses']) {
+            if ($num >= $limitCourses) {
                api_warn_hosting_contact('hosting_limit_active_courses');

                Display::addFlash(
--- a/public/main/forum/forumfunction.inc.php
+++ b/public/main/forum/forumfunction.inc.php
@ -765,7 +765,7 @@ function store_forum($values, $courseInfo = [], $returnId = false)
    //'forum_image' => $new_file_name,
    $forum
        ->setForumTitle($values['forum_title'])
-        ->setForumComment($values['forum_comment'] ?? null)
+        ->setForumComment($values['forum_comment'] ?? '')
        ->setForumCategory($forumCategory)
        ->setAllowAnonymous($values['allow_anonymous_group']['allow_anonymous'] ?? null)
        ->setAllowEdit($values['students_can_edit_group']['students_can_edit'] ?? null)
--- a/public/main/inc/ajax/course.ajax.php
+++ b/public/main/inc/ajax/course.ajax.php
@ -153,14 +153,14 @@ switch ($action) {
                //TODO change this function to search not only courses STARTING with $_GET['q']
                if (api_is_platform_admin()) {
                    $courseList = CourseManager::get_courses_list(
-                        0, //offset
-                        0, //howMany
-                        1, //$orderby = 1
+                        0,
+                        0,
+                        1,
                        'ASC',
-                        -1, //visibility
+                        -1,
                        $_GET['q'],
-                        null, //$urlId
-                        true //AlsoSearchCode
+                        null,
+                        true
                    );
                } elseif (api_is_teacher()) {
                    $courseList = CourseManager::get_course_list_of_user_as_course_admin(api_get_user_id(), $_GET['q']);
@ -257,12 +257,18 @@ switch ($action) {
        }
        break;
    case 'search_user_by_course':
-        if (api_is_platform_admin()) {
-            $user = Database::get_main_table(TABLE_MAIN_USER);
-            $session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
        $sessionId = $_GET['session_id'];
        $course = api_get_course_info_by_id($_GET['course_id']);

+        $isPlatformAdmin = api_is_platform_admin();
+        $userIsSubscribedInCourse = CourseManager::is_user_subscribed_in_course(
+            api_get_user_id(),
+            $course['code'],
+            !empty($sessionId),
+            $sessionId
+        );
+
+        if ($isPlatformAdmin || $userIsSubscribedInCourse) {
            $json = [
                'items' => [],
            ];
--- a/public/main/inc/ajax/exercise.ajax.php
+++ b/public/main/inc/ajax/exercise.ajax.php
@ -160,7 +160,6 @@ switch ($action) {
        }

        // 1. Setting variables needed by jqgrid
-        $action = $_GET['a'];
        $exercise_id = (int) $_GET['exercise_id'];
        $page = (int) $_REQUEST['page']; //page
        $limit = (int) $_REQUEST['rows']; //quantity of rows
@ -391,12 +390,44 @@ switch ($action) {
        echo 1;
        exit;
        break;
+    case 'check_answers':
+        if (false === api_is_allowed_to_session_edit()) {
+            echo 'error';
+            exit;
+        }
+
+        /** @var Exercise $objExercise */
+        $objExercise = Session::read('objExercise');
+        $questionList = Session::read('questionList');
+        $exeId = Session::read('exe_id');
+
+        // If exercise or question is not set then exit.
+        if (empty($questionList) || empty($objExercise)) {
+            echo 'error';
+            exit;
+        }
+
+        $statInfo = $objExercise->get_stat_track_exercise_info_by_exe_id($exeId);
+
+        echo Display::page_subheader(get_lang('QuestionsToReview'));
+        echo $objExercise->getReminderTable($questionList, $statInfo, true);
+        break;
    case 'save_exercise_by_now':
        $course_info = api_get_course_info_by_id($course_id);
        $course_id = $course_info['real_id'];

-        // Use have permissions?
-        if (api_is_allowed_to_session_edit()) {
+        // Use have permissions to edit exercises results now?
+        if (false === api_is_allowed_to_session_edit()) {
+            echo 'error';
+            if ($debug) {
+                error_log(
+                    'Exercises attempt '.$exeId.': Failed saving question(s) in course/session '.
+                    $course_id.'/'.$session_id.
+                    ': The user ('.api_get_user_id().') does not have the permission to access this session now'
+                );
+            }
+            exit;
+        }
        // "all" or "simple" strings means that there's one or all questions exercise type
        $type = isset($_REQUEST['type']) ? $_REQUEST['type'] : null;

@ -476,7 +507,7 @@ switch ($action) {
            $attemptList = Event::getAllExerciseEventByExeId($exeId);
        }

-            // Updating Reminder algorithm.
+        // No exe id? Can't save answer.
        if (empty($exeId)) {
            // Fires an error.
            echo 'error';
@ -510,7 +541,7 @@ switch ($action) {
            }
        }

-            // No exe id? Can't save answer.
+        // Getting the total weight if the request is simple.
        $total_weight = 0;
        if ('simple' === $type) {
            foreach ($question_list as $my_question_id) {
@ -519,12 +550,12 @@ switch ($action) {
            }
        }
        unset($objQuestionTmp);
-            // Fires an error.
        if ($debug) {
            error_log('Starting questions loop in save_exercise_by_now');
        }

-            // Getting the total weight if the request is simple
+        // Check we have at least one non-empty answer in the array
+        // provided by the user's click on the "Finish test" button.
        if ('all' === $type) {
            $atLeastOneAnswer = false;
            foreach ($question_list as $my_question_id) {
@ -545,7 +576,7 @@ switch ($action) {
            }
        }

-            // Looping the question list
+        // Looping the question list from database (not from the user answer)
        foreach ($question_list as $my_question_id) {
            if ('simple' === $type && $question_id != $my_question_id) {
                if ($debug) {
@ -556,7 +587,6 @@ switch ($action) {

            $my_choice = isset($choice[$my_question_id]) ? $choice[$my_question_id] : null;

-                // Creates a temporary Question object
            $objQuestionTmp = Question::read($my_question_id, $objExercise->course);

            $myChoiceDegreeCertainty = null;
@ -589,7 +619,7 @@ switch ($action) {
            }

            if ('simple' === $type) {
-                    // Getting old attempt in order to decrees the total score.
+            // Getting old attempt in order to decrease the total score.
                $old_result = $objExercise->manage_answer(
                    $exeId,
                    $my_question_id,
@ -620,7 +650,7 @@ switch ($action) {
                    }
                }
            }
-                // Deleting old attempt
+            // Deleting old attempt.
            if (isset($attemptList) && !empty($attemptList[$my_question_id])) {
                if ($debug) {
                    error_log("delete_attempt exe_id : $exeId, my_question_id: $my_question_id");
@ -780,20 +810,11 @@ switch ($action) {
        if ($debug) {
            error_log('Finished questions loop in save_exercise_by_now');
        }
-        } else {
+        if ($type === 'all') {
            if ($debug) {
-                error_log(
-                    'Exercises attempt '.$exeId.': Failed saving question(s) in course/session '.
-                    $course_id.'/'.$session_id.
-                    ': The user ('.
-                    api_get_user_id().
-                    ') does not have the permission to access this session now');
+                error_log("result: ok - all");
+                error_log(" ------ end ajax call ------- ");
            }
-            echo 'error';
-            exit;
-        }
-
-        if ('all' == $type) {
            echo 'ok';
            exit;
        }
--- a/public/main/inc/ajax/extra_field.ajax.php
+++ b/public/main/inc/ajax/extra_field.ajax.php
@ -151,7 +151,6 @@ switch ($action) {
                            dataType: "json",
                            data: "values="+save,
                            success: function(data) {
-                                console.log(data);
                            }
                        });

--- a/public/main/inc/ajax/gradebook.ajax.php
+++ b/public/main/inc/ajax/gradebook.ajax.php
@ -53,6 +53,44 @@ switch ($action) {
            $form->display();
        }
        break;*/
+    case 'export_all_certificates':
+        $categoryId = (int) $_GET['cat_id'];
+        $filterOfficialCodeGet = isset($_GET['filter']) ? Security::remove_XSS($_GET['filter']) : null;
+
+        if (api_is_student_boss()) {
+            $userGroup = new UserGroup();
+            $userList = $userGroup->getGroupUsersByUser(api_get_user_id());
+        } else {
+            $userList = [];
+            if (!empty($filterOfficialCodeGet)) {
+                $userList = UserManager::getUsersByOfficialCode($filterOfficialCodeGet);
+            }
+        }
+
+        $courseCode = api_get_course_id();
+        $sessionId = api_get_session_id();
+
+        $commandScript = api_get_path(SYS_CODE_PATH).'gradebook/cli/export_all_certificates.php';
+
+        $userList = implode(',', $userList);
+
+        shell_exec("php $commandScript $courseCode $sessionId $categoryId $userList > /dev/null &");
+        break;
+    case 'verify_export_all_certificates':
+        $categoryId = (int) $_GET['cat_id'];
+        $courseCode = isset($_GET['cidReq']) ? Security::remove_XSS($_GET['cidReq']) : api_get_course_id();
+        $sessionId = isset($_GET['id_session']) ? (int) $_GET['id_session'] : api_get_session_id();
+        $date = api_get_utc_datetime(null, false, true);
+
+        $pdfName = 'certs_'.$courseCode.'_'.$sessionId.'_'.$categoryId.'_'.$date->format('Y-m-d');
+
+        $sysFinalFile = api_get_path(SYS_ARCHIVE_PATH)."$pdfName.pdf";
+        $webFinalFile = api_get_path(WEB_ARCHIVE_PATH)."$pdfName.pdf";
+
+        if (file_exists($sysFinalFile)) {
+            echo $webFinalFile;
+        }
+        break;
    default:
        echo '';
        break;
--- a/public/main/inc/ajax/myspace.ajax.php
+++ b/public/main/inc/ajax/myspace.ajax.php
@ -23,7 +23,6 @@ switch ($action) {
        if (empty($userId)) {
            exit;
        }
-    // At this date : 23/02/2017, a minor review can't determine where is used this case 'access_detail'
        $cacheAvailable = api_get_configuration_value('apc');
        $table = null;
        $variable = 'lp_global_report_'.$userId;
@ -41,7 +40,7 @@ switch ($action) {
        $sessionCategoryList = UserManager::get_sessions_by_category($userId, false);
        $total = 0;
        $totalAverage = 0;
-        $table = new HTML_Table(['class' => 'data_table']);
+        $table = new HTML_Table(['class' => 'table table-hover table-striped data_table']);
        $row = 0;
        $col = 0;
        foreach ($sessionCategoryList as $category) {
--- a/public/main/inc/ajax/record_audio_rtc.ajax.php
+++ b/public/main/inc/ajax/record_audio_rtc.ajax.php
@ -5,7 +5,6 @@ use ChamiloSession as Session;

 require_once __DIR__.'/../global.inc.php';

-// Add security from Chamilo
 api_block_anonymous_users();

 $courseInfo = api_get_course_info();
--- a/public/main/inc/ajax/record_audio_wami.ajax.php
+++ b/public/main/inc/ajax/record_audio_wami.ajax.php
@ -19,12 +19,12 @@ if (isset($params['waminame']) && isset($params['wamidir']) && isset($params['wa
    $wamiuserid = $params['wamiuserid'];
 } else {
    api_not_allowed();
-    die();
+    exit();
 }

 if (empty($wamiuserid)) {
    api_not_allowed();
-    die();
+    exit();
 }

 $type = isset($_REQUEST['type']) ? $_REQUEST['type'] : 'document'; // can be document or message
@ -49,7 +49,7 @@ $ext = explode('.', $waminame);
 $ext = strtolower($ext[sizeof($ext) - 1]);

 if ('wav' != $ext) {
-    die();
+    exit();
 }

 switch ($type) {
@ -67,7 +67,7 @@ switch ($type) {
        $documentPath = $saveDir.'/'.$waminame_to_save;

        // Add to disk
-        $fh = fopen($documentPath, 'w') or die("can't open file");
+        $fh = fopen($documentPath, 'w') or exit("can't open file");
        fwrite($fh, $content);
        fclose($fh);

--- a/public/main/inc/lib/pdf.lib.php
+++ b/public/main/inc/lib/pdf.lib.php
@ -559,10 +559,10 @@ class PDF
     *
     * @return bool
     */
-    public function delete_watermark($courseCode = null)
+    public static function delete_watermark($courseCode = null)
    {
        $urlId = api_get_current_access_url_id();
-        if (!empty($courseCode) && 'true' == api_get_setting('pdf_export_watermark_by_course')) {
+        if (!empty($courseCode) && 'true' === api_get_setting('pdf_export_watermark_by_course')) {
            $course_info = api_get_course_info($courseCode);
            // course path
            $store_path = api_get_path(SYS_COURSE_PATH).$course_info['path'].'/'.$urlId.'_pdf_watermark.png';
@ -588,10 +588,10 @@ class PDF
     *
     * @return mixed web path of the file if sucess, false otherwise
     */
-    public function upload_watermark($filename, $source_file, $courseCode = null)
+    public static function upload_watermark($filename, $source_file, $courseCode = null)
    {
        $urlId = api_get_current_access_url_id();
-        if (!empty($courseCode) && 'true' == api_get_setting('pdf_export_watermark_by_course')) {
+        if (!empty($courseCode) && 'true' === api_get_setting('pdf_export_watermark_by_course')) {
            $course_info = api_get_course_info($courseCode);
            $store_path = api_get_path(SYS_COURSE_PATH).$course_info['path']; // course path
            $web_path = api_get_path(WEB_COURSE_PATH).$course_info['path'].'/pdf_watermark.png';
--- a/public/main/social/group_topics.php
+++ b/public/main/social/group_topics.php
@ -51,9 +51,7 @@ if (isset($_REQUEST['action']) && 'delete' == $_REQUEST['action']) {
 }

 // My friends
-$friend_html = SocialManager::listMyFriendsBlock(
-    $user_id
-);
+$friend_html = SocialManager::listMyFriendsBlock(api_get_user_id());
 $content = null;
 $social_right_content = '';

--- a/public/main/social/home.php
+++ b/public/main/social/home.php
@ -39,6 +39,7 @@ if (!empty($threadList)) {
 $posts = SocialManager::getMyWallMessages($user_id, 0, 10, $threadIdList);
 $countPost = $posts['count'];
 $posts = $posts['posts'];
+$htmlHeadXtra = [];
 SocialManager::getScrollJs($countPost, $htmlHeadXtra);

 // Block Menu
--- a/public/main/social/personal_data.php
+++ b/public/main/social/personal_data.php
@ -88,14 +88,14 @@ switch ($action) {
                $contentEmail = sprintf(
                    get_lang('User %s signed the agreement.TheDateY'),
                    $currentUserInfo['complete_name'],
-                    api_get_local_time($time)
+                    api_get_local_time()
                );

                MessageManager::send_message_simple(
                    $bossId,
                    $subjectEmail,
                    $contentEmail,
-                    $user_id
+                    api_get_user_id()
                );
            }
        }
@ -400,7 +400,7 @@ $personalData['data'] = $personalDataContent;

 $em = Database::getManager();
 /** @var LegalRepository $legalTermsRepo */
-$legalTermsRepo = $em->getRepository('ChamiloCoreBundle:Legal');
+$legalTermsRepo = $em->getRepository(\Chamilo\CoreBundle\Entity\Legal::class);
 // Get data about the treatment of data
 $treatmentTypes = LegalManager::getTreatmentTypeList();

--- a/public/main/social/profile.php
+++ b/public/main/social/profile.php
@ -106,6 +106,7 @@ if (isset($_GET['u'])) {

 api_block_anonymous_users();
 $countPost = SocialManager::getCountWallMessagesByUser($friendId);
+$htmlHeadXtra = [];
 SocialManager::getScrollJs($countPost, $htmlHeadXtra);
 $link_shared = '';
 if (isset($_GET['shared'])) {
@ -237,7 +238,7 @@ if ($show_full_profile) {

    if (!empty($user_info['competences']) || !empty($user_info['diplomas'])
        || !empty($user_info['openarea']) || !empty($user_info['teach'])) {
-        $more_info .= '<div><h3>'.get_lang('More information').'</h3></div>';
+        $more_info = '<div><h3>'.get_lang('More information').'</h3></div>';
        if (!empty($user_info['competences'])) {
            $more_info .= '<br />';
            $more_info .= '<div class="social-actions-message"><strong>'.get_lang('My competences').'</strong></div>';
--- a/public/main/survey/ch_personality.php
+++ b/public/main/survey/ch_personality.php
@ -53,6 +53,7 @@ class ch_personality extends survey_question
        // Values of question options
        if (is_array($formData['values'])) { // Check if data is correct
            foreach ($formData['values'] as $key => &$value) {
+                $value = Security::remove_XSS($value);
                $question_values[] = '<input size="3" type="text" id="values['.$key.']" name="values['.$key.']" value="'.$value.'" />';
            }
        }
@ -62,14 +63,9 @@ class ch_personality extends survey_question
                $this->html .= '<tr>';
                $this->html .= '<td align="right"><label for="answers['.$key.']">'.($key + 1).'</label></td>';
                $this->html .= '<td width="550">';
-                $this->html .= api_return_html_area(
-                    'answers['.$key.']',
-                    api_html_entity_decode(stripslashes($formData['answers'][$key])),
-                    '',
-                    '',
-                    null,
-                    ['ToolbarSet' => 'Survey', 'Width' => '100%', 'Height' => '120']
-                );
+                $dataValue = api_html_entity_decode(stripslashes($formData['answers'][$key]));
+                $dataValue = Security::remove_XSS($dataValue);
+                $this->html .= '<textarea name="answers['.$key.']" >'.$dataValue.'</textarea>';
                $this->html .= '</td>';
                $this->html .= '<td>';