Format code

main/admin/user_move_stats.php

@@ -359,8 +359,8 @@ if (isset($_REQUEST['load_ajax'])) {
                                     $created_dir = '/'.$created_dir;
                                     $now = api_get_utc_datetime();
                                     //Creating directory
-                                    $sql_add_publication = "INSERT INTO " . $TBL_STUDENT_PUBLICATION . " SET " .
-                                        "url         = '".$created_dir."',
+                                    $sql_add_publication = "INSERT INTO " . $TBL_STUDENT_PUBLICATION . " SET
+                                           url         = '".$created_dir."',
 	                                       c_id        = $course_id,
 	                                       title        = '".$parent_data['title']."',
 	                                       description  = '".$parent_data['description']." folder_moved_from_session_id_$origin_session_id ',

main/document/create_document.php

@@ -182,9 +182,7 @@ if (!is_dir($filepath)) {
 $to_group_id = 0;
 
 if (!$is_certificate_mode) {
-    $req_gid = null;
 	if (api_is_in_group()) {
-		$req_gid = '&gidReq='.api_get_group_id();
 		$interbreadcrumb[] = array ("url" => "../group/group_space.php?".api_get_cidreq(), "name" => get_lang('GroupSpace'));
 		$noPHP_SELF = true;
 		$to_group_id = api_get_group_id();
@@ -193,7 +191,7 @@ if (!$is_certificate_mode) {
 			api_not_allowed(true);
 		}
 	}
-	$interbreadcrumb[] = array("url" => "./document.php?curdirpath=".urlencode($dir).$req_gid, "name" => get_lang('Documents'));
+	$interbreadcrumb[] = array("url" => "./document.php?curdirpath=".urlencode($dir)."&".api_get_cidreq(), "name" => get_lang('Documents'));
 } else {
 	$interbreadcrumb[]= array('url' => '../gradebook/'.$_SESSION['gradebook_dest'], 'name' => get_lang('Gradebook'));
 }
@@ -291,7 +289,9 @@ $folders = DocumentManager::get_all_document_folders($_course, $to_group_id, $is
 // If we are not in the certificates creation, display a folder chooser for the
 // new document created
 
-if (!$is_certificate_mode && !DocumentManager::is_my_shared_folder($userId, $dir, $current_session_id)) {
+if (!$is_certificate_mode &&
+	!DocumentManager::is_my_shared_folder($userId, $dir, $current_session_id)
+) {
 	$folders = DocumentManager::get_all_document_folders($_course, $to_group_id, $is_allowed_to_edit);
 
 	$parent_select = $form->addElement('select', 'curdirpath', array(null, get_lang('DestinationDirectory')));
@@ -323,7 +323,8 @@ if (!$is_certificate_mode && !DocumentManager::is_my_shared_folder($userId, $dir
         }
         $folder_sql = implode("','", $escaped_folders);
 
-        $sql = "SELECT * FROM $doc_table WHERE c_id = $course_id AND filetype='folder' AND path IN ('".$folder_sql."')";
+        $sql = "SELECT * FROM $doc_table
+				WHERE c_id = $course_id AND filetype='folder' AND path IN ('".$folder_sql."')";
         $res = Database::query($sql);
         $folder_titles = array();
         while ($obj = Database::fetch_object($res)) {

main/document/document.php

@@ -1216,7 +1216,6 @@ if ($is_allowed_to_edit ||
 
 $dirForm = null;
 
-
 /* 	CREATE DIRECTORY */
 //Only teacher and all users into their group and any user into his/her shared folder
 if ($is_allowed_to_edit ||

main/document/edit_document.php

@@ -170,7 +170,7 @@ if (!api_is_allowed_to_edit()) {
 Event::event_access_tool(TOOL_DOCUMENT);
 
 //TODO:check the below code and his funcionality
-if (!is_allowed_to_edit()) {
+if (!api_is_allowed_to_edit()) {
 	if (DocumentManager::check_readonly($course_info, $user_id, $file)) {
 		api_not_allowed();
 	}
@@ -184,13 +184,16 @@ if (isset($_POST['comment'])) {
 	// Fixing the path if it is wrong
 	$comment = Database::escape_string(trim($_POST['comment']));
 	$title = Database::escape_string(trim($_POST['title']));
-    //Just in case see BT#3525
+
+    // Just in case see BT#3525
     if (empty($title)) {
 		$title = $documen_data['title'];
 	}
+
 	if (empty($title)) {
 		$title = get_document_title($_POST['filename']);
 	}
+
     if (!empty($document_id)) {
         $query = "UPDATE $dbTable SET comment='".$comment."', title='".$title."' WHERE c_id = $course_id AND id = ".$document_id;
         Database::query($query);

main/inc/lib/api.lib.php

@@ -4300,7 +4300,7 @@ function api_max_sort_value($user_course_category, $user_id)
             WHERE
                 user_id='".intval($user_id)."' AND
                 relation_type<>".COURSE_RELATION_TYPE_RRHH." AND
-                user_course_cat='".Database::escape_string($user_course_category)."'";
+                user_course_cat='".intval($user_course_category)."'";
     $result_max = Database::query($sql);
     if (Database::num_rows($result_max) == 1) {
         $row_max = Database::fetch_array($result_max);
@@ -6723,7 +6723,8 @@ function api_is_global_chat_enabled()
  * @todo Fix tool_visible_by_default_at_creation labels
  * @todo Add sessionId parameter to avoid using context
  */
-function api_set_default_visibility($item_id, $tool_id, $group_id = null) {
+function api_set_default_visibility($item_id, $tool_id, $group_id = null)
+{
     $original_tool_id = $tool_id;
 
     switch ($tool_id) {

main/newscorm/lp_add.php

@@ -47,19 +47,20 @@ function activate_end_date() {
 
 $is_allowed_to_edit = api_is_allowed_to_edit(null, true);
 
-$isStudentView  = isset($_REQUEST['isStudentView']) ? $_REQUEST['isStudentView'] : null;
-$learnpath_id   = isset($_REQUEST['lp_id']) ? $_REQUEST['lp_id'] : null;
+$isStudentView = isset($_REQUEST['isStudentView']) ? $_REQUEST['isStudentView'] : null;
+$learnpath_id = isset($_REQUEST['lp_id']) ? $_REQUEST['lp_id'] : null;
 
 /* MAIN CODE */
 
 // Using the resource linker as a tool for adding resources to the learning path.
 if ($action == 'add' && $type == 'learnpathitem') {
-    $htmlHeadXtra[] = "<script language='JavaScript' type='text/javascript'> window.location=\"../resourcelinker/resourcelinker.php?source_id=5&action=$action&learnpath_id=$learnpath_id&chapter_id=$chapter_id&originalresource=no\"; </script>";
+    $htmlHeadXtra[] = "<script> window.location=\"../resourcelinker/resourcelinker.php?source_id=5&action=$action&learnpath_id=$learnpath_id&chapter_id=$chapter_id&originalresource=no\"; </script>";
 }
 
 if ((!$is_allowed_to_edit) || ($isStudentView)) {
     //error_log('New LP - User not authorized in lp_add.php');
     header('location:lp_controller.php?action=view&lp_id='.$learnpath_id);
+    exit;
 }
 // From here on, we are admin because of the previous condition, so don't check anymore.
 
@@ -68,7 +69,7 @@ if ((!$is_allowed_to_edit) || ($isStudentView)) {
     - all the functions not available for students - always available in this case (page only shown to admin)
 */
 if (isset($_SESSION['gradebook'])){
-    $gradebook =	$_SESSION['gradebook'];
+    $gradebook = $_SESSION['gradebook'];
 }
 
 if (!empty($gradebook) && $gradebook=='view') {
@@ -83,7 +84,8 @@ $interbreadcrumb[] = array('url' => 'lp_controller.php?action=list', 'name' => g
 Display::display_header(get_lang('LearnpathAddLearnpath'), 'Path');
 
 echo '<div class="actions">';
-echo '<a href="lp_controller.php?cidReq='.$_course['sysCode'].'">'.Display::return_icon('back.png', get_lang('ReturnToLearningPaths'),'',ICON_SIZE_MEDIUM).'</a>';
+echo '<a href="lp_controller.php?cidReq='.$_course['sysCode'].'">'.
+        Display::return_icon('back.png', get_lang('ReturnToLearningPaths'),'',ICON_SIZE_MEDIUM).'</a>';
 echo '</div>';
 
 Display::display_normal_message(get_lang('AddLpIntro'), false);
@@ -95,7 +97,7 @@ if ($_POST AND empty($_REQUEST['lp_name'])) {
 $form = new FormValidator('lp_add', 'post', 'lp_controller.php');
 
 // Form title
-$form->addElement('header', null, get_lang('AddLpToStart'));
+$form->addElement('header', get_lang('AddLpToStart'));
 
 // Title
 $form->addElement('text', 'lp_name', api_ucfirst(get_lang('LPName')), array('autofocus' => 'autofocus'));
@@ -124,8 +126,8 @@ $form->addElement('html','</div>');
 
 $defaults['activate_start_date_check']  = 1;
 
-$defaults['publicated_on']  = date('Y-m-d 08:00:00');
-$defaults['expired_on']     = date('Y-m-d 08:00:00',time()+86400);
+$defaults['publicated_on'] = date('Y-m-d 08:00:00');
+$defaults['expired_on'] = date('Y-m-d 08:00:00',time()+86400);
 
 $form->setDefaults($defaults);
 $form->addButtonCreate(get_lang('CreateLearningPath'));

main/newscorm/lp_controller.php

@@ -497,16 +497,15 @@ switch ($action) {
                 $_SESSION['post_time'] = $_REQUEST['post_time'];
 
                 if (isset($_REQUEST['activate_start_date_check']) && $_REQUEST['activate_start_date_check'] == 1) {
-                	$publicated_on  = $_REQUEST['publicated_on'];
+                	$publicated_on = $_REQUEST['publicated_on'];
                 } else {
                 	$publicated_on = null;
                 }
 
                 if (isset($_REQUEST['activate_end_date_check']) && $_REQUEST['activate_end_date_check'] == 1) {
-                	$expired_on   = $_REQUEST['expired_on'];
-                	$expired_on   = $expired_on['Y'].'-'.$expired_on['F'].'-'.$expired_on['d'].' '.$expired_on['H'].':'.$expired_on['i'].':00';
+                	$expired_on = $_REQUEST['expired_on'];
                 } else {
-                	$expired_on   = null;
+                	$expired_on = null;
                 }
 
                 $new_lp_id = learnpath::add_lp(

main/work/work.php

@@ -172,6 +172,7 @@ switch ($action) {
         $form->addButtonCreate(get_lang('CreateDirectory'));
 
         if ($form->validate()) {
+
             $result = addDir(
                 $_POST,
                 $user_id,
@@ -179,6 +180,7 @@ switch ($action) {
                 $group_id,
                 $id_session
             );
+
             if ($result) {
                 $message = Display::return_message(get_lang('DirectoryCreated'), 'success');
             } else {