diff --git a/certificates/index.php b/certificates/index.php
index 790c37650e..a8f1944d42 100755
--- a/certificates/index.php
+++ b/certificates/index.php
@@ -8,9 +8,11 @@
require_once '../main/inc/global.inc.php';
$action = isset($_GET['action']) ? $_GET['action'] : null;
-$certificate = new Certificate($_GET['id']);
+$userId = isset($_GET['user_id']) ? $_GET['user_id'] : 0;
-CustomCertificatePlugin::redirectCheck($certificate, $_GET['id']);
+$certificate = new Certificate($_GET['id'], $userId);
+
+CustomCertificatePlugin::redirectCheck($certificate, $_GET['id'], $userId);
switch ($action) {
case 'export':
diff --git a/main/admin/course_list.php b/main/admin/course_list.php
index 9ba9a80a71..c5086ac675 100755
--- a/main/admin/course_list.php
+++ b/main/admin/course_list.php
@@ -173,12 +173,9 @@ function get_course_data($from, $number_of_items, $column, $direction)
while ($course = Database::fetch_array($res)) {
// Place colour icons in front of courses.
$show_visual_code = $course['visual_code'] != $course[2] ? Display::label($course['visual_code'], 'info') : null;
- $course[1] = get_course_visibility_icon($course[8]).
- ''.
- Security::remove_XSS($course[1]).
- ' '.
- $show_visual_code
- ;
+ $course[1] = get_course_visibility_icon($course[8]).PHP_EOL
+ .Display::url(Security::remove_XSS($course[1]), $coursePath.$course[9].'/index.php').PHP_EOL
+ .$show_visual_code;
$course[5] = $course[5] == SUBSCRIBE_ALLOWED ? get_lang('Yes') : get_lang('No');
$course[6] = $course[6] == UNSUBSCRIBE_ALLOWED ? get_lang('Yes') : get_lang('No');
$language = isset($languages[$course[3]]) ? $languages[$course[3]] : $course[3];
@@ -186,18 +183,35 @@ function get_course_data($from, $number_of_items, $column, $direction)
$courseCode = $course[0];
$courseId = $course['id'];
- $actions = ''.
- Display::return_icon('info2.png', get_lang('Info')).' '.
- ''.
- Display::return_icon('course_home.png', get_lang('CourseHomepage')).' '.
- ''.
- Display::return_icon('statistics.png', get_lang('Tracking')).' '.
- ''.
- Display::return_icon('edit.png', get_lang('Edit'), [], ICON_SIZE_SMALL).' '.
- ''.
- Display::return_icon('backup.png', get_lang('CreateBackup')).' '.
- ''.
- Display::return_icon('delete.png', get_lang('Delete'), [], ICON_SIZE_SMALL).'';
+ $actions = [];
+ $actions[] = Display::url(
+ Display::return_icon('info2.png', get_lang('Info')),
+ "course_information.php?code=$courseCode"
+ );
+ $actions[] = Display::url(
+ Display::return_icon('course_home.png', get_lang('CourseHomepage')),
+ $coursePath.$course['directory'].'/index.php'
+ );
+ $actions[] = Display::url(
+ Display::return_icon('statistics.png', get_lang('Tracking')),
+ $path.'tracking/courseLog.php?'.api_get_cidreq_params($courseCode)
+ );
+ $actions[] = Display::url(
+ Display::return_icon('edit.png', get_lang('Edit')),
+ $path.'admin/course_edit.php?id='.$courseId
+ );
+ $actions[] = Display::url(
+ Display::return_icon('backup.png', get_lang('CreateBackup')),
+ $path.'coursecopy/create_backup.php?'.api_get_cidreq_params($courseCode)
+ );
+ $actions[] = Display::url(
+ Display::return_icon('delete.png', get_lang('Delete')),
+ $path.'admin/course_list.php?delete_course='.$courseCode,
+ [
+ 'onclick' => "javascript: if (!confirm('"
+ .addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES))."')) return false;",
+ ]
+ );
$courseItem = [
$course[0],
@@ -207,7 +221,7 @@ function get_course_data($from, $number_of_items, $column, $direction)
$course[4],
$course[5],
$course[6],
- $actions,
+ implode(PHP_EOL, $actions),
];
$courses[] = $courseItem;
}
diff --git a/main/admin/user_edit.php b/main/admin/user_edit.php
index 481ccef5bd..e6cad5166f 100755
--- a/main/admin/user_edit.php
+++ b/main/admin/user_edit.php
@@ -69,8 +69,8 @@ function confirmation(name) {
//$htmlHeadXtra[] = api_get_asset('cropper/dist/cropper.min.js');
$tool_name = get_lang('ModifyUserInfo');
-$interbreadcrumb[] = ['url' => 'index.php', "name" => get_lang('PlatformAdmin')];
-$interbreadcrumb[] = ['url' => "user_list.php", "name" => get_lang('UserList')];
+$interbreadcrumb[] = ['url' => 'index.php', 'name' => get_lang('PlatformAdmin')];
+$interbreadcrumb[] = ['url' => 'user_list.php', 'name' => get_lang('UserList')];
$table_user = Database::get_main_table(TABLE_MAIN_USER);
$table_admin = Database::get_main_table(TABLE_MAIN_ADMIN);
diff --git a/main/admin/user_list.php b/main/admin/user_list.php
index 61df25fd52..3a68282b89 100755
--- a/main/admin/user_list.php
+++ b/main/admin/user_list.php
@@ -569,7 +569,7 @@ function email_filter($email)
*/
function user_filter($name, $params, $row)
{
- return ''.$name.'';
+ return ''.$name.'';
}
/**
diff --git a/main/badge/assertion.php b/main/badge/assertion.php
index 95b530ef52..132e0f4464 100644
--- a/main/badge/assertion.php
+++ b/main/badge/assertion.php
@@ -8,14 +8,12 @@
*
* @package chamilo.badge
*/
-header('Content-Type: application/json');
-
require_once __DIR__.'/../inc/global.inc.php';
-$userId = isset($_GET['user']) ? intval($_GET['user']) : 0;
-$skillId = isset($_GET['skill']) ? intval($_GET['skill']) : 0;
-$courseId = isset($_GET['course']) ? intval($_GET['course']) : 0;
-$sessionId = isset($_GET['session']) ? intval($_GET['session']) : 0;
+$userId = isset($_GET['user']) ? (int) $_GET['user'] : 0;
+$skillId = isset($_GET['skill']) ? (int) $_GET['skill'] : 0;
+$courseId = isset($_GET['course']) ? (int) $_GET['course'] : 0;
+$sessionId = isset($_GET['session']) ? (int) $_GET['session'] : 0;
if ($userId === 0 || $skillId === 0) {
exit;
diff --git a/main/badge/class.php b/main/badge/class.php
index 90a45ef544..a880b85e92 100644
--- a/main/badge/class.php
+++ b/main/badge/class.php
@@ -10,17 +10,20 @@
*/
require_once __DIR__.'/../inc/global.inc.php';
-$skillId = isset($_GET['id']) ? intval($_GET['id']) : 0;
+$skillId = isset($_GET['id']) ? (int) $_GET['id'] : 0;
$objSkill = new Skill();
$skill = $objSkill->get($skillId);
+$json = [];
-$json = [
- 'name' => $skill['name'],
- 'description' => $skill['description'],
- 'image' => api_get_path(WEB_UPLOAD_PATH)."badges/{$skill['icon']}",
- 'criteria' => api_get_path(WEB_CODE_PATH)."badge/criteria.php?id=$skillId",
- 'issuer' => api_get_path(WEB_CODE_PATH)."badge/issuer.php",
-];
+if ($skill) {
+ $json = [
+ 'name' => $skill['name'],
+ 'description' => $skill['description'],
+ 'image' => api_get_path(WEB_UPLOAD_PATH)."badges/{$skill['icon']}",
+ 'criteria' => api_get_path(WEB_CODE_PATH)."badge/criteria.php?id=$skillId",
+ 'issuer' => api_get_path(WEB_CODE_PATH).'badge/issuer.php',
+ ];
+}
header('Content-Type: application/json');
diff --git a/main/badge/criteria.php b/main/badge/criteria.php
index d89bfe7ba1..13e9ceb28c 100644
--- a/main/badge/criteria.php
+++ b/main/badge/criteria.php
@@ -10,33 +10,40 @@
*/
require_once __DIR__.'/../inc/global.inc.php';
+$skillId = isset($_GET['id']) ? $_GET['id'] : 0;
+
+if (empty($skillId)) {
+ exit;
+}
+
$entityManager = Database::getManager();
/** @var \Chamilo\CoreBundle\Entity\Skill $skill */
$skill = $entityManager->find('ChamiloCoreBundle:Skill', $_GET['id']);
-if (!$skill) {
- Display::addFlash(
- Display::return_message(get_lang('SkillNotFound'), 'error')
+if ($skill) {
+ $skillInfo = [
+ 'name' => $skill->getName(),
+ 'short_code' => $skill->getShortCode(),
+ 'description' => $skill->getDescription(),
+ 'criteria' => $skill->getCriteria(),
+ 'badge_image' => Skill::getWebIconPath($skill),
+ ];
+
+ $template = new Template();
+ $template->assign('skill_info', $skillInfo);
+
+ $content = $template->fetch(
+ $template->get_template('skill/criteria.tpl')
);
- header('Location: '.api_get_path(WEB_PATH));
+ $template->assign('content', $content);
+ $template->display_one_col_template();
exit;
}
-$skillInfo = [
- 'name' => $skill->getName(),
- 'short_code' => $skill->getShortCode(),
- 'description' => $skill->getDescription(),
- 'criteria' => $skill->getCriteria(),
- 'badge_image' => Skill::getWebIconPath($skill),
-];
-
-$template = new Template();
-$template->assign('skill_info', $skillInfo);
-
-$content = $template->fetch(
- $template->get_template('skill/criteria.tpl')
+Display::addFlash(
+ Display::return_message(get_lang('SkillNotFound'), 'error')
);
-$template->assign('content', $content);
-$template->display_one_col_template();
+header('Location: '.api_get_path(WEB_PATH));
+exit;
diff --git a/main/blog/blog.php b/main/blog/blog.php
index c9a2f4f458..8b275ae983 100755
--- a/main/blog/blog.php
+++ b/main/blog/blog.php
@@ -8,7 +8,7 @@
*/
require_once __DIR__.'/../inc/global.inc.php';
-$blog_id = intval($_GET['blog_id']);
+$blog_id = isset($_GET['blog_id']) ? $_GET['blog_id'] : 0;
if (empty($blog_id)) {
api_not_allowed(true);
@@ -422,11 +422,11 @@ switch ($action) {
$titleSearch = get_lang('PostsOf').' '.$dateSearch;
$tpl->assign('search', $titleSearch);
$tpl->assign('articles', $listArticles);
- $blogLayout = $tpl->get_template('blog/blog.html.twig');
+ $blogLayout = $tpl->get_template('blog/blog.tpl');
} else {
$listArticles = Blog::getPosts($blog_id);
$tpl->assign('articles', $listArticles);
- $blogLayout = $tpl->get_template('blog/blog.html.twig');
+ $blogLayout = $tpl->get_template('blog/blog.tpl');
}
break;
}
diff --git a/main/calendar/download.php b/main/calendar/download.php
index 51e6c90568..0ef649c8b3 100755
--- a/main/calendar/download.php
+++ b/main/calendar/download.php
@@ -19,11 +19,9 @@ header('Expires: Wed, 01 Jan 1990 00:00:00 GMT');
header('Cache-Control: public');
header('Pragma: no-cache');
-$course_id = intval($_REQUEST['course_id']);
+$course_id = isset($_REQUEST['course_id']) ? $_REQUEST['course_id'] : 0;
$user_id = api_get_user_id();
$course_info = api_get_course_info_by_id($course_id);
-$doc_url = $_REQUEST['file'];
-$session_id = api_get_session_id();
if (empty($course_id)) {
$course_id = api_get_course_int_id();
@@ -32,6 +30,9 @@ if (empty($course_id) || empty($doc_url)) {
api_not_allowed();
}
+$doc_url = $_REQUEST['file'];
+$session_id = api_get_session_id();
+
$is_user_is_subscribed = CourseManager::is_user_subscribed_in_course(
$user_id,
$course_info['code'],
diff --git a/main/course_home/course_home.php b/main/course_home/course_home.php
index 9fdfa1401c..490852f79d 100755
--- a/main/course_home/course_home.php
+++ b/main/course_home/course_home.php
@@ -32,6 +32,9 @@ use Fhaculty\Graph\Graph;
$use_anonymous = true;
require_once __DIR__.'/../inc/global.inc.php';
+$js = '';
+$htmlHeadXtra[] = $js;
+
$htmlHeadXtra[] = '