diff --git a/main/auth/cas/authcas.php b/main/auth/cas/authcas.php index 673c228baa..27e22c1b50 100755 --- a/main/auth/cas/authcas.php +++ b/main/auth/cas/authcas.php @@ -88,7 +88,7 @@ function cas_is_authenticated() // if option is on we update user automatically from ldap server if (api_get_setting("update_user_info_cas_with_ldap") == "true") { $ldapuser = extldap_authenticate($login, 'nopass', true); - if ($ldap_user !== false) { + if ($ldapuser !== false) { $chamilo_user = extldap_get_chamilo_user($ldapuser); $chamilo_user['user_id'] = $tab_user_info['user_id']; $chamilo_user['status'] = $tab_user_info['status']; @@ -114,7 +114,7 @@ function cas_is_authenticated() // user has already been authenticated by CAS // If user not found in LDAP, user not created $ldapuser = extldap_authenticate($login, 'nopass', true); - if ($ldap_user !== false) { + if ($ldapuser !== false) { $chamilo_user = extldap_get_chamilo_user($ldapuser); $chamilo_user['username'] = $login; $chamilo_user['auth_source'] = CAS_AUTH_SOURCE; diff --git a/main/coursecopy/import_backup.php b/main/coursecopy/import_backup.php index b4c0c968eb..7475770c05 100755 --- a/main/coursecopy/import_backup.php +++ b/main/coursecopy/import_backup.php @@ -62,6 +62,10 @@ if (Security::check_token('post') && ( $error = false; if (isset($_POST['action']) && $_POST['action'] == 'course_select_form') { // Partial backup here we recover the documents posted + // This gets $_POST['course']. Beware that when using Suhosin, + // the post.max_value_length limit might get in the way of the + // restoration of a course with many items. A value of 1,000,000 bytes + // might be too short. $course = CourseSelectForm::get_posted_course(); } else { @@ -89,7 +93,7 @@ if (Security::check_token('post') && ( } } - if (!$error && $course->has_resources()) { + if (!$error && is_object($course) && $course->has_resources()) { $cr = new CourseRestorer($course); $cr->set_file_option($_POST['same_file_name_option']); $cr->restore(); diff --git a/main/exercice/quiz_template.xls b/main/exercice/quiz_template.xls index 6ea839da8a..967b619c14 100755 Binary files a/main/exercice/quiz_template.xls and b/main/exercice/quiz_template.xls differ diff --git a/main/exercice/upload_exercise.php b/main/exercice/upload_exercise.php index 0377351586..6b2eafd9df 100755 --- a/main/exercice/upload_exercise.php +++ b/main/exercice/upload_exercise.php @@ -466,6 +466,8 @@ function lp_upload_quiz_action_handling() { ) { $score = $score_list[$i][3] * -1; } + } else { + $score = $score_list[$i][3] * -1; } $score /= $numberRightAnswers; break; diff --git a/main/forum/forumfunction.inc.php b/main/forum/forumfunction.inc.php index fe958914af..c61658ca5a 100755 --- a/main/forum/forumfunction.inc.php +++ b/main/forum/forumfunction.inc.php @@ -1450,21 +1450,18 @@ function get_forums( ) { $course_info = api_get_course_info($course_code); - $table_users = Database :: get_main_table(TABLE_MAIN_USER); $table_forums = Database :: get_course_table(TABLE_FORUM); $table_threads = Database :: get_course_table(TABLE_FORUM_THREAD); $table_posts = Database :: get_course_table(TABLE_FORUM_POST); $table_item_property = Database :: get_course_table(TABLE_ITEM_PROPERTY); - // GETTING ALL THE FORUMS - // Condition for the session if (empty($sessionId)) { $session_id = api_get_session_id(); } else { $session_id = $sessionId; } - + $sessionIdLink = ($session_id === 0) ? '' : 'AND threads.session_id = item_properties.session_id'; $condition_session = api_get_session_condition( @@ -1505,7 +1502,7 @@ function get_forums( INNER JOIN ".$table_item_property." item_properties ON ( threads.thread_id=item_properties.ref AND - threads.c_id = item_properties.c_id + threads.c_id = item_properties.c_id $sessionIdLink ) WHERE @@ -1515,20 +1512,6 @@ function get_forums( item_properties.c_id = $course_id GROUP BY threads.forum_id"; - // Select the number of posts of the forum (post that are visible and that are in a thread that is visible). - $sql3 = "SELECT count(*) AS number_of_posts, posts.forum_id - FROM $table_posts posts, $table_threads threads, ".$table_item_property." item_properties - WHERE - posts.visible=1 AND - posts.thread_id=threads.thread_id AND - threads.thread_id=item_properties.ref AND - threads.session_id = item_properties.session_id AND - item_properties.visibility=1 AND - item_properties.tool='".TOOL_FORUM_THREAD."' AND - threads.c_id = $course_id AND - posts.c_id = $course_id AND - item_properties.c_id = $course_id - GROUP BY threads.forum_id"; // Course Admin if (api_is_allowed_to_edit()) { @@ -1554,7 +1537,7 @@ function get_forums( INNER JOIN ".$table_item_property." item_properties ON ( threads.thread_id=item_properties.ref AND - threads.c_id = item_properties.c_id + threads.c_id = item_properties.c_id $sessionIdLink ) WHERE @@ -1563,19 +1546,6 @@ function get_forums( threads.c_id = $course_id AND item_properties.c_id = $course_id GROUP BY threads.forum_id"; - // Select the number of posts of the forum. - $sql3 = "SELECT count(*) AS number_of_posts, posts.forum_id - FROM $table_posts posts, $table_threads threads, ".$table_item_property." item_properties - WHERE - posts.thread_id=threads.thread_id AND - threads.thread_id=item_properties.ref AND - threads.session_id = item_properties.session_id AND - item_properties.visibility=1 AND - item_properties.tool='".TOOL_FORUM_THREAD."' AND - posts.c_id = $course_id AND - threads.c_id = $course_id AND - item_properties.c_id = $course_id - GROUP BY threads.forum_id"; } } else { // GETTING ONE SPECIFIC FORUM @@ -1605,31 +1575,6 @@ function get_forums( forum_id = ".intval($id)." AND c_id = $course_id GROUP BY forum_id"; - - // Select the number of posts of the forum. - $sql3 = "SELECT count(*) AS number_of_posts, forum_id - FROM $table_posts - WHERE - forum_id = ".intval($id)." AND - c_id = $course_id - GROUP BY forum_id"; - - // Select the last post and the poster (note: this is probably no longer needed). - $sql4 = "SELECT - post.post_id, - post.forum_id, - post.poster_id, - post.poster_name, - post.post_date, - users.lastname, - users.firstname - FROM $table_posts post, $table_users users - WHERE - forum_id = ".intval($id)." AND - post.poster_id=users.user_id AND - post.c_id = $course_id - GROUP BY post.forum_id - ORDER BY post.post_id ASC"; } // Handling all the forum information. @@ -1653,25 +1598,16 @@ function get_forums( } } - // Handling the postcount information. - $result3 = Database::query($sql3); - while ($row3 = Database::fetch_array($result3)) { - if ($id == '') { - // This is needed because sql3 takes also the deleted forums into account. - if (array_key_exists($row3['forum_id'], $forum_list)) { - $forum_list[$row3['forum_id']]['number_of_posts'] = $row3['number_of_posts']; - } - } else { - $forum_list['number_of_posts'] = $row3['number_of_posts']; - } - } - /* Finding the last post information (last_post_id, last_poster_id, last_post_date, last_poster_name, last_poster_lastname, last_poster_firstname)*/ if ($id == '') { if (is_array($forum_list)) { foreach ($forum_list as $key => $value) { - $last_post_info_of_forum = get_last_post_information($key, api_is_allowed_to_edit(), $course_id); + $last_post_info_of_forum = get_last_post_information( + $key, + api_is_allowed_to_edit(), + $course_id + ); $forum_list[$key]['last_post_id'] = $last_post_info_of_forum['last_post_id']; $forum_list[$key]['last_poster_id'] = $last_post_info_of_forum['last_poster_id']; $forum_list[$key]['last_post_date'] = $last_post_info_of_forum['last_post_date']; @@ -1683,7 +1619,11 @@ function get_forums( $forum_list = array(); } } else { - $last_post_info_of_forum = get_last_post_information($id, api_is_allowed_to_edit(), $course_id); + $last_post_info_of_forum = get_last_post_information( + $id, + api_is_allowed_to_edit(), + $course_id + ); $forum_list['last_post_id'] = $last_post_info_of_forum['last_post_id']; $forum_list['last_poster_id'] = $last_post_info_of_forum['last_poster_id']; $forum_list['last_post_date'] = $last_post_info_of_forum['last_post_date']; @@ -2767,7 +2707,8 @@ function show_add_post_form($current_forum, $forum_setting, $action = '', $id = empty($values['weight_calification']) ) { Display::display_error_message( - get_lang('YouMustAssignWeightOfQualification').' '.get_lang('Back').'', + get_lang('YouMustAssignWeightOfQualification').' '. + get_lang('Back').'', false ); @@ -3111,10 +3052,11 @@ function store_reply($current_forum, $values) 'visible' => $visible, ] ); - if ($new_post_id) { + if ($new_post_id) { $sql = "UPDATE $table_posts SET post_id = iid WHERE iid = $new_post_id"; Database::query($sql); + $values['new_post_id'] = $new_post_id; $message = get_lang('ReplyAdded'); @@ -3142,12 +3084,19 @@ function store_reply($current_forum, $values) api_get_user_id() ); + // Insert post + api_item_property_update( + $_course, + TOOL_FORUM_POST, + $new_post_id, + 'NewPost', + api_get_user_id() + ); + if ($current_forum['approval_direct_post'] == '1' && !api_is_allowed_to_edit(null, true) ) { - $message .= '
'.get_lang( - 'MessageHasToBeApproved' - ).'
'; + $message .= '
'.get_lang('MessageHasToBeApproved').'
'; } // Setting the notification correctly. @@ -3157,7 +3106,6 @@ function store_reply($current_forum, $values) } send_notification_mails($values['thread_id'], $values); - add_forum_attachment_file('', $new_post_id); } @@ -3732,7 +3680,10 @@ function get_post_topics_of_forum($forum_id) $number_of_topics = 0; // Due to the nature of the group by this can result in an empty string. } - $return = array('number_of_topics' => $number_of_topics, 'number_of_posts' => $number_of_posts); + $return = array( + 'number_of_topics' => $number_of_topics, + 'number_of_posts' => $number_of_posts, + ); return $return; } @@ -4354,6 +4305,7 @@ function display_forum_search_results($search_term) $forum_list = get_forums(); $result = Database::query($sql); + $search_results = []; while ($row = Database::fetch_array($result, 'ASSOC')) { $display_result = false; /* diff --git a/main/forum/index.php b/main/forum/index.php index cae84da8ce..3594a60c0b 100755 --- a/main/forum/index.php +++ b/main/forum/index.php @@ -490,7 +490,7 @@ if (is_array($forumCategories)) { $html .= '
'; $html .= '
'; $html .= '
'; - $html .= '
'.$forum_image.'

'.$number_posts.' ' . get_lang('Posts') . '

' + $html .= '
'.$forum_image.'

'.$number_threads.' ' . get_lang('ForumThreads') . '

' . '
'; $html .= '
'; @@ -556,13 +556,7 @@ if (is_array($forumCategories)) { $html .= '
'; $html .= '
'; $html .= '
'; - $html .= Display::return_icon( - 'post-forum.png', - get_lang('Forum'), - null, - ICON_SIZE_SMALL - ); - $html .= ' ' . $number_threads . '
'.$newPost.'
'; + $html .= $newPost.'
'; $html .= '
'; // The last post in the forum. diff --git a/main/forum/reply.php b/main/forum/reply.php index 6399358c53..7ee158d41e 100755 --- a/main/forum/reply.php +++ b/main/forum/reply.php @@ -17,7 +17,7 @@ * * @package chamilo.forum */ -// Including the global initialization file. + require_once '../inc/global.inc.php'; // The section (tabs). diff --git a/main/forum/viewforum.php b/main/forum/viewforum.php index b420369345..f117315c00 100755 --- a/main/forum/viewforum.php +++ b/main/forum/viewforum.php @@ -49,6 +49,7 @@ require 'forumconfig.inc.php'; require_once 'forumfunction.inc.php'; $userid = api_get_user_id(); +$sessionId = api_get_session_id(); /* MAIN DISPLAY SECTION */ @@ -595,7 +596,9 @@ if (is_array($threads)) { $row_post_id = Database::fetch_array($result_post_id); $iconsEdit = ''; if ($origin != 'learnpath') { - if (api_is_allowed_to_edit(false, true) && !(api_is_course_coach() && $current_forum['session_id'] != $_SESSION['id_session'])) { + if (api_is_allowed_to_edit(false, true) && + !(api_is_course_coach() && $current_forum['session_id'] != $sessionId) + ) { $iconsEdit .= ''; - $my_session = isset($_SESSION['id_session']) ? $_SESSION['id_session'] : null; - if ( - (!isset($_SESSION['id_session']) || $_SESSION['id_session'] == 0) && + (!isset($sessionId) || $sessionId == 0) && !empty($forum_category['session_name']) ) { $session_displayed = ' ('.Security::remove_XSS($forum_category['session_name']).')'; @@ -194,7 +193,7 @@ if ($action_forums != 'add') { ICON_SIZE_MEDIUM ); - if (api_is_allowed_to_edit(false, true) && !($forum_category['session_id'] == 0 && intval($my_session) != 0)) { + if (api_is_allowed_to_edit(false, true) && !($forum_category['session_id'] == 0 && $sessionId != 0)) { $iconsEdit = ''; $html .= '
'; $html .= '
'; - $html .= '
'.$forum_image .'

' . $my_number_posts . ' ' . get_lang('Posts') . '

'; + $html .= '
'.$forum_image .'

' . $my_number_threads . ' ' . get_lang('ForumThreads') . '

'; $html .= '
'; $html .= '
'; @@ -416,7 +414,7 @@ if ($action_forums != 'add') { // The number of topics and posts. if ($forum['forum_of_group'] !== '0') { - $newPost=''; + $newPost = ''; if (is_array($my_whatsnew_post_info) && !empty($my_whatsnew_post_info)) { $newPost = ' ' . Display::return_icon('alert.png', get_lang('Forum'), null, ICON_SIZE_SMALL); } else { @@ -432,8 +430,7 @@ if ($action_forums != 'add') { $html .= '
'; $html .= '
'; - $html .= Display::return_icon('post-forum.png', null, null, ICON_SIZE_SMALL); - $html .= ' ' . $my_number_threads . '
' . $newPost . '
'; + $html .= $newPost . '
'; // the last post in the forum if ($forum['last_poster_name'] != '') { @@ -455,8 +452,7 @@ if ($action_forums != 'add') { if ( api_is_allowed_to_edit(false, true) && - !($forum['session_id'] == 0 && - intval(isset($_SESSION['id_session']) ? $_SESSION['id_session'] : null) != 0) + !($forum['session_id'] == 0 && $sessionId != 0) ) { $html .= '".COURSE_RELATION_TYPE_RRHH." AND c.id = cu.c_id"; + $res = Database::query($sql); while ($course = Database::fetch_object($res)) { $sql = "DELETE FROM $table_group @@ -550,11 +551,6 @@ class UserManager Database::query($sql); } - // Unsubscribe user from all classes - //Classes are not longer supported - /* $sql = "DELETE FROM $table_class_user WHERE user_id = '".$user_id."'"; - Database::query($sql); */ - // Unsubscribe user from usergroup_rel_user $sql = "DELETE FROM $usergroup_rel_user WHERE user_id = '".$user_id."'"; Database::query($sql); @@ -569,25 +565,30 @@ class UserManager // If the user was added as a id_coach then set the current admin as coach see BT# $currentUserId = api_get_user_id(); - $sql = "UPDATE $table_session SET id_coach = $currentUserId WHERE id_coach = '".$user_id."'"; + $sql = "UPDATE $table_session SET id_coach = $currentUserId + WHERE id_coach = '".$user_id."'"; Database::query($sql); - $sql = "UPDATE $table_session SET id_coach = $currentUserId WHERE session_admin_id = '".$user_id."'"; + $sql = "UPDATE $table_session SET id_coach = $currentUserId + WHERE session_admin_id = '".$user_id."'"; Database::query($sql); // Unsubscribe user from all sessions - $sql = "DELETE FROM $table_session_user WHERE user_id = '".$user_id."'"; + $sql = "DELETE FROM $table_session_user + WHERE user_id = '".$user_id."'"; Database::query($sql); // Delete user picture /* TODO: Logic about api_get_setting('split_users_upload_directory') == 'true' a user has 4 different sized photos to be deleted. */ $user_info = api_get_user_info($user_id); + if (strlen($user_info['picture_uri']) > 0) { $path = self::getUserPathById($user_id, 'system'); $img_path = $path.$user_info['picture_uri']; - if (file_exists($img_path)) + if (file_exists($img_path)) { unlink($img_path); + } } // Delete the personal course categories @@ -611,13 +612,8 @@ class UserManager $extraFieldValue = new ExtraFieldValue('user'); $extraFieldValue->deleteValuesByItem($user_id); - if (api_get_multiple_access_url()) { - $url_id = api_get_current_access_url_id(); - UrlManager::delete_url_rel_user($user_id, $url_id); - } else { - //we delete the user from the url_id =1 - UrlManager::delete_url_rel_user($user_id, 1); - } + $url_id = api_get_current_access_url_id(); + UrlManager::delete_url_rel_user($user_id, $url_id); if (api_get_setting('allow_social_tool') == 'true') { $userGroup = new UserGroup(); @@ -640,12 +636,27 @@ class UserManager $sql = "DELETE FROM $table_work WHERE user_id = $user_id AND c_id <> 0"; Database::query($sql); + $sql = "UPDATE c_item_property SET to_user_id = NULL + WHERE to_user_id = '".$user_id."'"; + Database::query($sql); + + $sql = "UPDATE c_item_property SET insert_user_id = NULL + WHERE insert_user_id = '".$user_id."'"; + Database::query($sql); + + $sql = "UPDATE c_item_property SET lastedit_user_id = NULL + WHERE lastedit_user_id = '".$user_id."'"; + Database::query($sql); + // Delete user from database $sql = "DELETE FROM $table_user WHERE id = '".$user_id."'"; Database::query($sql); + + // Add event to system log $user_id_manager = api_get_user_id(); + Event::addEvent( LOG_USER_DELETE, LOG_USER_ID, @@ -653,6 +664,7 @@ class UserManager api_get_utc_datetime(), $user_id_manager ); + Event::addEvent( LOG_USER_DELETE, LOG_USER_OBJECT, diff --git a/main/newscorm/learnpath.class.php b/main/newscorm/learnpath.class.php index f090d0bc17..7959ccaad9 100755 --- a/main/newscorm/learnpath.class.php +++ b/main/newscorm/learnpath.class.php @@ -6008,7 +6008,7 @@ class learnpath $filename = $title; - $content = isset($content) ? $content : $_POST['content_lp']; + $content = !empty($content) ? $content : $_POST['content_lp']; $tmp_filename = $filename;