diff --git a/main/admin/index.php b/main/admin/index.php
index d635d933a8..fe1c27bc96 100755
--- a/main/admin/index.php
+++ b/main/admin/index.php
@@ -177,8 +177,8 @@ if (api_get_setting('use_session_mode') == 'true') { ?>
';
+
+ if (empty($element_count)) {
+ Display::display_warning_message(get_lang('NoDataAvailable'));
} else {
- echo '
';
+ if (!empty($hidden_fields['destination_session'])) {
+ echo '
';
+ } else {
+ echo '
';
+ }
}
CourseSelectForm :: display_hidden_quiz_questions($course);
diff --git a/main/coursecopy/copy_course_session.php b/main/coursecopy/copy_course_session.php
index 11849d5347..35622eea4e 100755
--- a/main/coursecopy/copy_course_session.php
+++ b/main/coursecopy/copy_course_session.php
@@ -26,7 +26,7 @@ require_once 'classes/CourseSelectForm.class.php';
$xajax = new xajax();
-$xajax -> registerFunction('search_courses');
+$xajax->registerFunction('search_courses');
if (!api_is_allowed_to_edit() && !api_is_session_admin()) {
api_not_allowed(true);
@@ -127,8 +127,7 @@ function display_form() {
echo $html;
}
-function search_courses($id_session, $type) {
-
+function search_courses($id_session, $type) {
global $tbl_course, $tbl_session_rel_course, $course_list;
$xajax_response = new XajaxResponse();
@@ -139,44 +138,35 @@ function search_courses($id_session, $type) {
$id_session = intval($id_session);
if ($type == 'origin') {
-
- // Search courses by id_session for origin list
- $sql = "SELECT c.code, c.visual_code, c.title, src.id_session
- FROM $tbl_course c, $tbl_session_rel_course src
- WHERE src.course_code = c.code
- AND src.id_session = '".$id_session."'";
- $rs = Database::query($sql);
-
- $course_list = array();
-
+
+ $course_list = SessionManager::get_course_list_by_session_id($id_session);
+
+ $temp_course_list = array();
$return .= '';
- $_SESSION['course_list'] = $course_list;
- $_SESSION['session_origin'] = $id_session;
+ $_SESSION['course_list'] = $temp_course_list;
+ $_SESSION['session_origin'] = $id_session;
// Build select for destination sessions where is not included current session from select origin
if (!empty($id_session)) {
- $session_table =Database::get_main_table(TABLE_MAIN_SESSION);
- $session_category_table = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY);
-
- $sql = " SELECT s.id, s.name, sc.name as category_name
- FROM $session_table s , $session_category_table sc
- WHERE s.session_category_id = sc.id AND s.id NOT IN('$id_session')";
-
- $rs_select_destination = Database::query($sql);
+
+ $sessions = SessionManager::get_sessions_list();
$select_destination .= '';
$xajax_response -> addAssign('ajax_sessions_list_destination', 'innerHTML', api_utf8_encode($select_destination));
@@ -193,7 +183,6 @@ function search_courses($id_session, $type) {
// Send response by ajax
$xajax_response -> addAssign('ajax_list_courses_origin', 'innerHTML', api_utf8_encode($return));
$xajax_response -> addAssign('ajax_list_courses_destination', 'innerHTML', api_utf8_encode($select_multiple_empty));
-
} else {
//Left Select - Destination
@@ -403,8 +392,7 @@ if ((isset($_POST['action']) && $_POST['action'] == 'course_select_form') || (is
$hidden_fields['destination_course'] = $arr_course_destination[0];
$hidden_fields['origin_course'] = $arr_course_origin[0];
$hidden_fields['destination_session'] = $destination_session;
- $hidden_fields['origin_session'] = $origin_session;
- //echo '
'; print_r($course);
+ $hidden_fields['origin_session'] = $origin_session;
CourseSelectForm :: display_form($course, $hidden_fields, true);
echo '';
@@ -419,4 +407,4 @@ if ((isset($_POST['action']) && $_POST['action'] == 'course_select_form') || (is
/* FOOTER */
-Display::display_footer();
+Display::display_footer();
\ No newline at end of file
diff --git a/main/inc/lib/main_api.lib.php b/main/inc/lib/main_api.lib.php
index 6cffd2f7fa..77dd122c16 100755
--- a/main/inc/lib/main_api.lib.php
+++ b/main/inc/lib/main_api.lib.php
@@ -4241,7 +4241,7 @@ function api_create_include_path_setting() {
*/
function api_get_current_access_url_id() {
$access_url_table = Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
- $path = api_get_path(WEB_PATH);
+ $path = Database::escape_string(api_get_path(WEB_PATH));
$sql = "SELECT id FROM $access_url_table WHERE url = '".$path."'";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
diff --git a/main/inc/lib/sessionmanager.lib.php b/main/inc/lib/sessionmanager.lib.php
index 91103b45b7..d131bb8e36 100755
--- a/main/inc/lib/sessionmanager.lib.php
+++ b/main/inc/lib/sessionmanager.lib.php
@@ -1041,19 +1041,24 @@ class SessionManager {
*/
public static function get_sessions_list($conditions = array(), $order_by = array()) {
- $session_table =Database::get_main_table(TABLE_MAIN_SESSION);
- $session_category_table = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY);
- $user_table = Database::get_main_table(TABLE_MAIN_USER);
-
- $return_array = array();
+ $session_table = Database::get_main_table(TABLE_MAIN_SESSION);
+ $session_category_table = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY);
+ $user_table = Database::get_main_table(TABLE_MAIN_USER);
+ $table_access_url_rel_session = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION);
+
+ $access_url_id = api_get_current_access_url_id();
+
+ $return_array = array();
- $sql_query = " SELECT s.id, s.name, s.nbr_courses, s.date_start, s.date_end, u.firstname, u.lastname , sc.name as category_name, s.promotion_id
+ $sql_query = " SELECT s.id, s.name, s.nbr_courses, s.date_start, s.date_end, u.firstname, u.lastname, sc.name as category_name, s.promotion_id
FROM $session_table s
INNER JOIN $user_table u ON s.id_coach = u.user_id
- LEFT JOIN $session_category_table sc ON s.session_category_id = sc.id ";
-
+ INNER JOIN $table_access_url_rel_session ar ON ar.session_id = s.id
+ LEFT JOIN $session_category_table sc ON s.session_category_id = sc.id
+ WHERE ar.access_url_id = $access_url_id ";
+
if (count($conditions)>0) {
- $sql_query .= ' WHERE ';
+ $sql_query .= ' AND ';
foreach ($conditions as $field=>$value) {
$field = Database::escape_string($field);
$value = Database::escape_string($value);
@@ -1278,15 +1283,17 @@ class SessionManager {
}
/**
- * Gets the list of courses by session
+ * Gets the list of courses by session filtered by access_url
* @param int session id
* @return array list of courses
*/
public static function get_course_list_by_session_id ($session_id) {
$tbl_course = Database::get_main_table(TABLE_MAIN_COURSE);
$tbl_session_rel_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
+
// select the courses
- $sql = "SELECT * FROM $tbl_course c INNER JOIN $tbl_session_rel_course src ON c.code = src.course_code WHERE src.id_session = '$session_id' ORDER BY title;";
+ $sql = "SELECT * FROM $tbl_course c INNER JOIN $tbl_session_rel_course src ON c.code = src.course_code
+ WHERE src.id_session = '$session_id' ORDER BY title;";
$result = Database::query($sql);
$num_rows = Database::num_rows($result);
$courses = array();