chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Issue #306 - Platform admin: Various corrections in the scripts for xml-import of sessions and users, increasing reliability when data with extra-whitespace is imported.

Browse Source
skala
Ivan Tcholakov 16 years ago
parent bde25205ae
commit 24e356e318
3 changed files with 55 additions and 43 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 44
      main/admin/session_import.php
  2. 41
      main/admin/user_import.php
  3. 13
      main/inc/lib/usermanager.lib.php

44
main/admin/session_import.php
Unescape View File

@ -73,7 +73,7 @@ if ($_POST['formSent']) {
// Creating/updating users from <Sessions> <Users> base node. // Creating/updating users from <Sessions> <Users> base node.
foreach ($root->Users->User as $node_user) { foreach ($root->Users->User as $node_user) {
$username = api_utf8_decode($node_user->Username); $username = trim(api_utf8_decode($node_user->Username));
$was_cut = false; $was_cut = false;
if (UserManager::is_username_too_long($username)) { if (UserManager::is_username_too_long($username)) {
// The given username is too long. // The given username is too long.
@ -86,16 +86,16 @@ if ($_POST['formSent']) {
if ($was_cut) { if ($was_cut) {
$error_msg .= get_lang('UsernameTooLongWasCut').' '.get_lang('From').' '.$user_name_dist.' '.get_lang('To').' '.$username.' <br />'; $error_msg .= get_lang('UsernameTooLongWasCut').' '.get_lang('From').' '.$user_name_dist.' '.get_lang('To').' '.$username.' <br />';
} }
$lastname = api_utf8_decode($node_user->Lastname); $lastname = trim(api_utf8_decode($node_user->Lastname));
$firstname = api_utf8_decode($node_user->Firstname); $firstname = trim(api_utf8_decode($node_user->Firstname));
$password = api_utf8_decode($node_user->Password); $password = api_utf8_decode($node_user->Password);
if (empty($password)) { if (empty($password)) {
$password = api_generate_password(); $password = api_generate_password();
} }
$email = api_utf8_decode($node_user->Email); $email = trim(api_utf8_decode($node_user->Email));
$official_code = api_utf8_decode($node_user->OfficialCode); $official_code = trim(api_utf8_decode($node_user->OfficialCode));
$phone = api_utf8_decode($node_user->Phone); $phone = trim(api_utf8_decode($node_user->Phone));
$status = api_utf8_decode($node_user->Status); $status = trim(api_utf8_decode($node_user->Status));
switch ($status) { switch ($status) {
case 'student' : $status = 5; break; case 'student' : $status = 5; break;
case 'teacher' : $status = 1; break; case 'teacher' : $status = 1; break;
@ -138,13 +138,13 @@ if ($_POST['formSent']) {
@api_mail($recipient_name, $email, $emailsubject, $emailbody, $sender_name, $email_admin); @api_mail($recipient_name, $email, $emailsubject, $emailbody, $sender_name, $email_admin);
} }
} else { } else {
$lastname = api_utf8_decode($node_user->Lastname); $lastname = trim(api_utf8_decode($node_user->Lastname));
$firstname = api_utf8_decode($node_user->Firstname); $firstname = trim(api_utf8_decode($node_user->Firstname));
$password = api_utf8_decode($node_user->Password); $password = api_utf8_decode($node_user->Password);
$email = api_utf8_decode($node_user->Email); $email = trim(api_utf8_decode($node_user->Email));
$official_code = api_utf8_decode($node_user->OfficialCode); $official_code = trim(api_utf8_decode($node_user->OfficialCode));
$phone = api_utf8_decode($node_user->Phone); $phone = trim(api_utf8_decode($node_user->Phone));
$status = api_utf8_decode($node_user->Status); $status = trim(api_utf8_decode($node_user->Status));
switch ($status) { switch ($status) {
case 'student' : $status = 5; break; case 'student' : $status = 5; break;
case 'teacher' : $status = 1; break; case 'teacher' : $status = 1; break;
@ -169,11 +169,11 @@ if ($_POST['formSent']) {
// Creating courses from <Sessions> <Courses> base node. // Creating courses from <Sessions> <Courses> base node.
if (count($root->Courses->Course) > 0) { if (count($root->Courses->Course) > 0) {
foreach ($root->Courses->Course as $courseNode) { foreach ($root->Courses->Course as $courseNode) {
$course_code = api_utf8_decode($courseNode->CourseCode); $course_code = trim(api_utf8_decode($courseNode->CourseCode));
$title = api_utf8_decode($courseNode->CourseTitle); $title = trim(api_utf8_decode($courseNode->CourseTitle));
$description = api_utf8_decode($courseNode->CourseDescription); $description = api_utf8_decode($courseNode->CourseDescription);
$language = api_utf8_decode($courseNode->CourseLanguage); $language = trim(api_utf8_decode($courseNode->CourseLanguage));
$username = api_utf8_decode($courseNode->CourseTeacher); $username = trim(api_utf8_decode($courseNode->CourseTeacher));
// Looking up for the teacher. // Looking up for the teacher.
$sql = "SELECT user_id, lastname, firstname FROM $tbl_user WHERE username='$username'"; $sql = "SELECT user_id, lastname, firstname FROM $tbl_user WHERE username='$username'";
@ -245,8 +245,8 @@ if ($_POST['formSent']) {
$course_counter = 0; $course_counter = 0;
$user_counter = 0; $user_counter = 0;
$session_name = api_utf8_decode($node_session->SessionName); $session_name = trim(api_utf8_decode($node_session->SessionName));
$coach = api_utf8_decode($node_session->Coach); $coach = trim(api_utf8_decode($node_session->Coach));
if (!empty($coach)) { if (!empty($coach)) {
$coach_id = UserManager::get_user_id_from_username($coach); $coach_id = UserManager::get_user_id_from_username($coach);
@ -260,7 +260,7 @@ if ($_POST['formSent']) {
$coach_id = api_get_user_id(); $coach_id = api_get_user_id();
} }
$date_start = api_utf8_decode($node_session->DateStart); // Just in case - encoding conversion. $date_start = trim(api_utf8_decode($node_session->DateStart)); // Just in case - encoding conversion.
if (!empty($date_start)) { if (!empty($date_start)) {
list($year_start, $month_start, $day_start) = explode('-', $date_start); list($year_start, $month_start, $day_start) = explode('-', $date_start);
@ -271,7 +271,7 @@ if ($_POST['formSent']) {
$time_start = mktime(0, 0, 0, $month_start, $day_start, $year_start); $time_start = mktime(0, 0, 0, $month_start, $day_start, $year_start);
} }
$date_end = api_utf8_decode($node_session->DateEnd); $date_end = trim(api_utf8_decode($node_session->DateEnd));
if (!empty($date_start)) { if (!empty($date_start)) {
list($year_end, $month_end, $day_end) = explode('-', $date_end); list($year_end, $month_end, $day_end) = explode('-', $date_end);
if (empty($year_end) || empty($month_end) || empty($day_end)) { if (empty($year_end) || empty($month_end) || empty($day_end)) {
@ -372,7 +372,7 @@ if ($_POST['formSent']) {
// Adding courses to a session. // Adding courses to a session.
foreach ($node_session->Course as $node_course) { foreach ($node_session->Course as $node_course) {
$course_code = Database::escape_string(api_utf8_decode($node_course->CourseCode)); $course_code = Database::escape_string(trim(api_utf8_decode($node_course->CourseCode)));
// Verify that the course pointed by the course code node exists. // Verify that the course pointed by the course code node exists.
if (CourseManager::course_exists($course_code)) { if (CourseManager::course_exists($course_code)) {
// If the course exists we continue. // If the course exists we continue.

41
main/admin/user_import.php
Unescape View File

@ -22,50 +22,50 @@ function validate_data($users) {
$errors = array(); $errors = array();
$usernames = array(); $usernames = array();
foreach ($users as $index => $user) { foreach ($users as $index => $user) {
// 1. check if mandatory fields are set // 1. Check if mandatory fields are set.
$mandatory_fields = array('LastName', 'FirstName'); $mandatory_fields = array('LastName', 'FirstName');
if (api_get_setting('registration', 'email') == 'true') { if (api_get_setting('registration', 'email') == 'true') {
$mandatory_fields[] = 'Email'; $mandatory_fields[] = 'Email';
} }
foreach ($mandatory_fields as $key => $field) { foreach ($mandatory_fields as $key => $field) {
if (!isset ($user[$field]) || strlen($user[$field]) == 0) { if (empty($user[$field])) {
$user['error'] = get_lang($field.'Mandatory'); $user['error'] = get_lang($field.'Mandatory');
$errors[] = $user; $errors[] = $user;
} }
} }
// 2. check username // 2. Check username.
if (isset ($user['UserName']) && strlen($user['UserName']) != 0) { if (UserManager::is_username_empty($user['UserName'])) {
// 2.1. check if no username was used twice in import file // 2.1. Check if no username was used twice in import file.
if (isset ($usernames[$user['UserName']])) { if (isset ($usernames[$user['UserName']])) {
$user['error'] = get_lang('UserNameUsedTwice'); $user['error'] = get_lang('UserNameUsedTwice');
$errors[] = $user; $errors[] = $user;
} }
$usernames[$user['UserName']] = 1; $usernames[$user['UserName']] = 1;
// 2.2. check if username isn't allready in use in database // 2.2. Check if username isn't allready in use in database.
if (!UserManager :: is_username_available($user['UserName'])) { if (!UserManager :: is_username_available($user['UserName'])) {
$user['error'] = get_lang('UserNameNotAvailable'); $user['error'] = get_lang('UserNameNotAvailable');
$errors[] = $user; $errors[] = $user;
} }
// 2.3. check if username isn't longer than the 20 allowed characters // 2.3. Check if username isn't longer than the 20 allowed characters.
if (UserManager::is_username_too_long($user['UserName'])) { if (UserManager::is_username_too_long($user['UserName'])) {
$user['error'] = get_lang('UserNameTooLong'); $user['error'] = get_lang('UserNameTooLong');
$errors[] = $user; $errors[] = $user;
} }
} }
// 3. check status // 3. Check status.
if (isset ($user['Status']) && !api_status_exists($user['Status'])) { if (isset ($user['Status']) && !api_status_exists($user['Status'])) {
$user['error'] = get_lang('WrongStatus'); $user['error'] = get_lang('WrongStatus');
$errors[] = $user; $errors[] = $user;
} }
// 4. Check classname // 4. Check classname
if (isset ($user['ClassName']) && strlen($user['ClassName']) != 0) { if (!empty($user['ClassName'])) {
if (!ClassManager :: class_name_exists($user['ClassName'])) { if (!ClassManager :: class_name_exists($user['ClassName'])) {
$user['error'] = get_lang('ClassNameNotAvailable'); $user['error'] = get_lang('ClassNameNotAvailable');
$errors[] = $user; $errors[] = $user;
} }
} }
// 5. Check authentication source // 5. Check authentication source
if (isset ($user['AuthSource']) && strlen($user['AuthSource']) != 0) { if (!empty($user['AuthSource'])) {
if (!in_array($user['AuthSource'], $defined_auth_sources)) { if (!in_array($user['AuthSource'], $defined_auth_sources)) {
$user['error'] = get_lang('AuthSourceNotAvailable'); $user['error'] = get_lang('AuthSourceNotAvailable');
$errors[] = $user; $errors[] = $user;
@ -80,19 +80,19 @@ function validate_data($users) {
*/ */
function complete_missing_data($user) { function complete_missing_data($user) {
// 1. Create a username if necessary. // 1. Create a username if necessary.
if (!isset ($user['UserName']) || strlen($user['UserName']) == 0) { if (UserManager::is_username_empty($user['UserName'])) {
$user['UserName'] = UserManager::create_unique_username($user['FirstName'], $user['LastName']); $user['UserName'] = UserManager::create_unique_username($user['FirstName'], $user['LastName']);
} }
// 2. Generate a password if necessary. // 2. Generate a password if necessary.
if (!isset ($user['Password']) || strlen($user['Password']) == 0) { if (empty($user['Password'])) {
$user['Password'] = api_generate_password(); $user['Password'] = api_generate_password();
} }
// 3. Set status if not allready set. // 3. Set status if not allready set.
if (!isset ($user['Status']) || strlen($user['Status']) == 0) { if (empty($user['Status'])) {
$user['Status'] = 'user'; $user['Status'] = 'user';
} }
// 4. Set authsource if not allready set. // 4. Set authsource if not allready set.
if (!isset ($user['AuthSource']) || strlen($user['AuthSource']) == 0) { if (empty($user['AuthSource'])) {
$user['AuthSource'] = PLATFORM_AUTH_SOURCE; $user['AuthSource'] = PLATFORM_AUTH_SOURCE;
} }
return $user; return $user;
@ -144,7 +144,7 @@ function save_data($users) {
} }
} }
} }
if (strlen($user['ClassName']) > 0) { if (!empty($user['ClassName'])) {
$class_id = ClassManager :: get_class_id($user['ClassName']); $class_id = ClassManager :: get_class_id($user['ClassName']);
ClassManager :: add_user($user_id, $class_id); ClassManager :: add_user($user_id, $class_id);
} }
@ -258,11 +258,11 @@ $cidReset = true;
$this_section = SECTION_PLATFORM_ADMIN; $this_section = SECTION_PLATFORM_ADMIN;
api_protect_admin_script(); api_protect_admin_script();
require_once (api_get_path(LIBRARY_PATH).'fileManage.lib.php'); require_once api_get_path(LIBRARY_PATH).'fileManage.lib.php';
require_once (api_get_path(LIBRARY_PATH).'usermanager.lib.php'); require_once api_get_path(LIBRARY_PATH).'usermanager.lib.php';
require_once (api_get_path(LIBRARY_PATH).'classmanager.lib.php'); require_once api_get_path(LIBRARY_PATH).'classmanager.lib.php';
require_once (api_get_path(LIBRARY_PATH).'import.lib.php'); require_once api_get_path(LIBRARY_PATH).'import.lib.php';
require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php'); require_once api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php';
$defined_auth_sources[] = PLATFORM_AUTH_SOURCE; $defined_auth_sources[] = PLATFORM_AUTH_SOURCE;
if (is_array($extAuthSource)) { if (is_array($extAuthSource)) {
@ -396,6 +396,7 @@ if ($count_fields > 0) {
$i++; $i++;
} }
} }
?> ?>
<p><?php echo get_lang('CSVMustLookLike').' ('.get_lang('MandatoryFields').')'; ?> :</p> <p><?php echo get_lang('CSVMustLookLike').' ('.get_lang('MandatoryFields').')'; ?> :</p>

13
main/inc/lib/usermanager.lib.php
Unescape View File

@ -405,6 +405,17 @@ class UserManager {
return $username; return $username;
} }
/**
* Checks whether a username is empty. If the username contains whitespace characters, such as spaces, tabulators, newlines, etc.,
* it is assumed as empty too. So, this function is safe for validation unpurified data.
* Note: The empty username is reserved for the anonymous user.
* @param string $username The given username.
* @return bool Returns TRUE if length of the username exceeds the limit, FALSE otherwise.
*/
public static function is_username_empty($username) {
return (strlen(trim($username)) == 0);
}
/** /**
* Checks whether a username is too long or not. * Checks whether a username is too long or not.
* @param string $username The given username, it should contain only ASCII-letters and digits. * @param string $username The given username, it should contain only ASCII-letters and digits.
@ -420,7 +431,7 @@ class UserManager {
* @return string Retuens the username with length that does not exceed the defined limit. * @return string Retuens the username with length that does not exceed the defined limit.
*/ */
public static function cut_username($username) { public static function cut_username($username) {
return substr($username, 0, USERNAME_MAX_LENGTH); return substr(trim($username), 0, USERNAME_MAX_LENGTH);
} }
/** /**

Write Preview
Loading…
Cancel
Save