diff --git a/.hgignore b/.hgignore
index 8616e260dc..1080f804b5 100644
--- a/.hgignore
+++ b/.hgignore
@@ -113,6 +113,7 @@ searchdb/*
!searchdb/index.html
main/inc/cache/*
+test_laurent.php
syntax: regexp
^main/upload/users$
diff --git a/custompages/first_login.php b/custompages/first_login.php
index 643e7933f1..186ba17ff2 100644
--- a/custompages/first_login.php
+++ b/custompages/first_login.php
@@ -1,7 +1,6 @@
0) {
$user_last_login_datetime = Database::fetch_array($result_last_login);
$user_last_login_datetime = $user_last_login_datetime[0];
- api_session_register('user_last_login_datetime');
+ Session::write('user_last_login_datetime',$user_last_login_datetime);
}
}
Database::free_result($result_last_login);
diff --git a/main/announcements/announcements.php b/main/announcements/announcements.php
index a8dea91bd3..9e4176b031 100644
--- a/main/announcements/announcements.php
+++ b/main/announcements/announcements.php
@@ -141,7 +141,7 @@ if(!empty($_GET['toolgroup'])){
} else {
$toolgroup = 0;
}
- api_session_register("toolgroup");
+ Session::write("toolgroup", $toolgroup);
}
/* Sessions */
diff --git a/main/auth/external_login/login.ldap.php b/main/auth/external_login/login.ldap.php
index 7674bb6a5b..00df303e86 100644
--- a/main/auth/external_login/login.ldap.php
+++ b/main/auth/external_login/login.ldap.php
@@ -53,7 +53,7 @@ if ($ldap_user !== false) {
$loginFailed = false;
$_user['user_id'] = $chamilo_user['user_id'];
$_user['uidReset'] = true;
- api_session_register('_user');
+ Session::write('_user',$_user);
$uidReset=true;
event_login();
diff --git a/main/auth/external_login/newUser.ldap.php b/main/auth/external_login/newUser.ldap.php
index 16ad4337b2..245c5592dc 100644
--- a/main/auth/external_login/newUser.ldap.php
+++ b/main/auth/external_login/newUser.ldap.php
@@ -48,7 +48,7 @@ if ($ldap_user !== false) {
$loginFailed = false;
$_user['user_id'] = $chamilo_uid;
$_user['uidReset'] = true;
- api_session_register('_user');
+ Session::write('_user',$_user);
$uidReset=true;
// Is user admin?
if ($chamilo_user['admin']=== true){
diff --git a/main/auth/external_login/newUser.php b/main/auth/external_login/newUser.php
index 83ae93db04..ac76946006 100644
--- a/main/auth/external_login/newUser.php
+++ b/main/auth/external_login/newUser.php
@@ -27,7 +27,7 @@ if ($user !== false && ($chamilo_uid = external_add_user($user)) !== false) {
$loginFailed = false;
$_user['user_id'] = $chamilo_uid;
$_user['uidReset'] = true;
- api_session_register('_user');
+ Session::write('_user',$_user);
$uidReset=true;
//Autosubscribe to courses
diff --git a/main/auth/external_login/updateUser.php b/main/auth/external_login/updateUser.php
index bafa6cd4b5..cb88d20df2 100644
--- a/main/auth/external_login/updateUser.php
+++ b/main/auth/external_login/updateUser.php
@@ -29,10 +29,10 @@ if ($new_user !== false) { //User can login
$_user['user_id'] = $user['user_id'];
$_user['uidReset'] = true;
$uidReset=true;
- api_session_register('_user');
+ Session::write('_user',$_user);
} else { //User cannot login
$loginFailed = true;
- api_session_unregister('_uid');
+ Session::erase('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=user_password_incorrect');
exit;
}
diff --git a/main/auth/inscription.php b/main/auth/inscription.php
index ef99ee9ccd..05af7aa377 100644
--- a/main/auth/inscription.php
+++ b/main/auth/inscription.php
@@ -14,7 +14,7 @@ require_once '../inc/global.inc.php';
require_once api_get_path(CONFIGURATION_PATH).'profile.conf.php';
require_once api_get_path(LIBRARY_PATH).'mail.lib.inc.php';
require_once api_get_path(LIBRARY_PATH).'legal.lib.php';
-require_once api_get_path(LIBRARY_PATH).'custompages.lib.php';
+//require_once api_get_path(LIBRARY_PATH).'custompages.lib.php';moved to autoload
if (!empty($_SESSION['user_language_choice'])) {
$user_selected_language = $_SESSION['user_language_choice'];
@@ -277,7 +277,7 @@ if (is_array($extra_data)) {
$form->setDefaults($defaults);
-if (api_get_setting('use_custom_pages') != 'true') {
+if (!CustomPages::enabled()) {
// Load terms & conditions from the current lang
if (api_get_setting('allow_terms_conditions') == 'true') {
$get = array_keys($_GET);
@@ -526,7 +526,7 @@ if ($form->validate()) {
// 3. exit the page
unset($user_id);
- if (api_get_setting('use_custom_pages') != 'true') {
+ if (!CustomPages::enabled()) {
Display :: display_footer();
}
exit;
@@ -541,15 +541,15 @@ if ($form->validate()) {
$_user['language'] = $values['language'];
$_user['user_id'] = $user_id;
$is_allowedCreateCourse = $values['status'] == 1;
- api_session_register('_user');
- api_session_register('is_allowedCreateCourse');
+ Session::write('_user',$_user);
+ Session::write('is_allowedCreateCourse',$is_allowedCreateCourse);
//stats
event_login();
// last user login date is now
$user_last_login_datetime = 0; // used as a unix timestamp it will correspond to : 1 1 1970
- api_session_register('user_last_login_datetime');
+ Session::write('user_last_login_datetime',$user_last_login_datetime);
/*
EMAIL NOTIFICATION
@@ -608,14 +608,14 @@ if ($form->validate()) {
// ?uidReset=true&uidReq=$_user['user_id']
$display_text .= '
'. "\n";
- if (api_get_setting('use_custom_pages') == 'true') {
- CustomPages::displayPage('registration-feedback', array('info' => $display_text));
+ if (CustomPages::enabled()) {
+ CustomPages::display(CustomPages::REGISTRATION_FEEDBACK, array('info' => $display_text));
}
echo $display_text;
} else {
// Custom pages
- if (api_get_setting('use_custom_pages') == 'true') {
- CustomPages::displayPage('registration', array('form' => $form));
+ if (CustomPages::enabled()) {
+ CustomPages::display(CustomPages::REGISTRATION, array('form' => $form));
} else {
$form->display();
}
diff --git a/main/auth/key/key_auth.class.php b/main/auth/key/key_auth.class.php
index 06e4df336f..7e52c05829 100644
--- a/main/auth/key/key_auth.class.php
+++ b/main/auth/key/key_auth.class.php
@@ -179,14 +179,14 @@ class KeyAuth
/**
* ! important this is to ensure we don't grant access for other parts
*/
- api_session_destroy();
+ Session::destroy();
global $_user, $_uid;
$_uid = $this->get_user_id();
$_user = UserManager::get_user_info_by_id($_uid);
- api_session_register('_user');
- api_session_register('_uid');
+ Session::write('_user',$_user);
+ Session::write('_uid',$_uid);
/**
* We don't allow redirection since access is granted only for this call
@@ -194,7 +194,7 @@ class KeyAuth
global $no_redirection, $noredirection;
$no_redirection = true;
$noredirection = true;
- api_session_register('noredirection');
+ Session::write('noredirection',$noredirection);
return true;
}
diff --git a/main/auth/ldap/authldap.php b/main/auth/ldap/authldap.php
old mode 100755
new mode 100644
index 09903ea598..f9b41b247e
--- a/main/auth/ldap/authldap.php
+++ b/main/auth/ldap/authldap.php
@@ -219,7 +219,7 @@ function ldap_put_user_info_locally($login, $info_array) {
$loginFailed = false;
$uidReset = true;
$_user['user_id'] = $uData['user_id'];
- api_session_register('_uid');
+ Session::write('_uid', $_uid);
}
/*
diff --git a/main/auth/ldap/login.php b/main/auth/ldap/login.php
old mode 100755
new mode 100644
index cd551226db..6d21a0b3af
--- a/main/auth/ldap/login.php
+++ b/main/auth/ldap/login.php
@@ -29,7 +29,7 @@ if ($loginLdapSucces)
$loginFailed = false;
$uidReset = true;
$_user['user_id'] = $uData['user_id'];
- api_session_register('_uid');
+ Session::write('_uid',$_uid);
// Jand: copied from event_login in events.lib.php to enable login statistics:
event_login();
}
diff --git a/main/auth/lostPassword.php b/main/auth/lostPassword.php
index 9a4a305670..5842d083d2 100644
--- a/main/auth/lostPassword.php
+++ b/main/auth/lostPassword.php
@@ -23,19 +23,18 @@ $language_file = array('registration', 'index');
require_once '../inc/global.inc.php';
require_once api_get_path(LIBRARY_PATH).'login.lib.php';
require_once api_get_path(LIBRARY_PATH).'mail.lib.inc.php';
-require_once api_get_path(LIBRARY_PATH).'custompages.lib.php';
+//require_once api_get_path(LIBRARY_PATH).'custompages.lib.php';moved to autoload
// Custom pages
// Had to move the form handling in here, because otherwise there would
// already be some display output.
global $_configuration;
-if (api_get_setting('use_custom_pages') == 'true') {
-
+if (CustomPages::enabled()) {
//Reset Password when user goes to the link
if ($_GET['reset'] && $_GET['id']){
$mesg = Login::reset_password($_GET["reset"], $_GET["id"], true);
- CustomPages::displayPage('index-unlogged', array('info' => $mesg));
+ CustomPages::display(CustomPages::INDEX_UNLOGGED, array('info' => $mesg));
}
//Check email/username and do the right thing
@@ -75,12 +74,12 @@ if (api_get_setting('use_custom_pages') == 'true') {
Login::send_password_to_user($user, $by_username);
}
} else {
- CustomPages::displayPage('lostpassword',array('error' => get_lang('NoUserAccountWithThisEmailAddress')));
+ CustomPages::display(CustomPages::LOST_PASSWORD, array('error' => get_lang('NoUserAccountWithThisEmailAddress')));
}
} else {
- CustomPages::displayPage('lostpassword');
+ CustomPages::display(CustomPages::LOGGED_OUT);
}
- CustomPages::displayPage('index-unlogged', array('info' => get_lang('YourPasswordHasBeenEmailed')));
+ CustomPages::display(CustomPages::INDEX_UNLOGGED, array('info' => get_lang('YourPasswordHasBeenEmailed')));
}
$tool_name = get_lang('LostPassword');
diff --git a/main/auth/shibboleth/lib/shibboleth_session.class.php b/main/auth/shibboleth/lib/shibboleth_session.class.php
index 2c964df6af..0887d685b0 100644
--- a/main/auth/shibboleth/lib/shibboleth_session.class.php
+++ b/main/auth/shibboleth/lib/shibboleth_session.class.php
@@ -16,8 +16,7 @@ class ShibbolethSession
public static function instance()
{
static $result = false;
- if (empty($result))
- {
+ if (empty($result)) {
$result = new self();
}
return $result;
@@ -36,7 +35,7 @@ class ShibbolethSession
function logout()
{
$_SESSION['_user'] = array();
-
+
$logout_no_redirect = true;
online_logout();
}
@@ -55,26 +54,25 @@ class ShibbolethSession
global $_uid, $is_allowedCreateCourse, $is_platformAdmin, $_real_cid, $_courseUser, $is_courseAdmin;
global $is_courseMember, $is_courseTutor, $is_courseCoach, $is_allowed_in_course, $is_sessionAdmin, $_gid;
$_uid = $uid;
-
+
//is_allowedCreateCourse
$user = User::store()->get_by_user_id($uid);
- if (empty($user))
- {
+ if (empty($user)) {
return;
}
-
+
$this->logout();
-
- api_session_start();
- api_session_register('_uid');
-
+
+ Chamilo::session()->start();
+ Session::write('_uid', $_uid);
+
global $_user;
- $_user = (array)$user;
+ $_user = (array) $user;
$_SESSION['_user'] = $_user;
$_SESSION['_user']['user_id'] = $_uid;
$_SESSION['noredirection'] = true;
-
+
//must be called before 'init_local.inc.php'
event_login();
@@ -87,7 +85,7 @@ class ShibbolethSession
$mainDbName = Database :: get_main_database();
$includePath = api_get_path(INCLUDE_PATH);
-
+
$no_redirection = true;
require("$includePath/local.inc.php");
diff --git a/main/auth/sso/sso.class.php b/main/auth/sso/sso.class.php
index dcb46e849e..bd850a51d1 100644
--- a/main/auth/sso/sso.class.php
+++ b/main/auth/sso/sso.class.php
@@ -116,7 +116,7 @@ class sso {
if (in_array($current_access_url_id, $my_url_list)) {
// the user has permission to enter at this site
$_user['user_id'] = $uData['user_id'];
- api_session_register('_user');
+ Session::write('_user',$_user);
event_login();
// Redirect to homepage
$sso_target = isset($sso['target']) ? $sso['target'] : api_get_path(WEB_PATH) .'.index.php';
@@ -125,7 +125,7 @@ class sso {
} else {
// user does not have permission for this site
$loginFailed = true;
- api_session_unregister('_uid');
+ Session::erase('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=access_url_inactive');
exit;
}
@@ -133,7 +133,7 @@ class sso {
// there is no URL in the multiple
// urls list for this user
$loginFailed = true;
- api_session_unregister('_uid');
+ Session::erase('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=access_url_inactive');
exit;
}
@@ -144,18 +144,18 @@ class sso {
//Check if this admin is admin on the
// principal portal
$_user['user_id'] = $uData['user_id'];
- api_session_register('_user');
+ Session::write('_user',$_user);
event_login();
} else {
//Secondary URL admin wants to login
// so we check as a normal user
if (in_array($current_access_url_id, $my_url_list)) {
$_user['user_id'] = $uData['user_id'];
- api_session_register('_user');
+ Session::write('_user',$_user);
event_login();
} else {
$loginFailed = true;
- api_session_unregister('_uid');
+ Session::erase('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=access_url_inactive');
exit;
}
@@ -164,7 +164,7 @@ class sso {
} else {
//Single URL access (Only 1 portal)
$_user['user_id'] = $uData['user_id'];
- api_session_register('_user');
+ Session::write('_user',$_user);
event_login();
// Redirect to homepage
/* Login was successfull, stay on Chamilo
@@ -179,35 +179,35 @@ class sso {
} else {
// user account expired
$loginFailed = true;
- api_session_unregister('_uid');
+ Session::erase('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=account_expired');
exit;
}
} else {
//User not active
$loginFailed = true;
- api_session_unregister('_uid');
+ Session::erase('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=account_inactive');
exit;
}
} else {
//SHA1 of password is wrong
$loginFailed = true;
- api_session_unregister('_uid');
+ Session::erase('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=wrong_password');
exit;
}
} else {
//Auth_source is wrong
$loginFailed = true;
- api_session_unregister('_uid');
+ Session::erase('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=wrong_authentication_source');
exit;
}
} else {
//No user by that login
$loginFailed = true;
- api_session_unregister('_uid');
+ Session::erase('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=user_not_found');
exit;
}
diff --git a/main/calendar/agenda.php b/main/calendar/agenda.php
index 002d3246c5..8615f5fe07 100644
--- a/main/calendar/agenda.php
+++ b/main/calendar/agenda.php
@@ -86,14 +86,14 @@ if (!empty($_GET['user']) or !empty($_GET['group'])) {
$_SESSION['group']=(int)$_GET['group'];
}
if ((!empty($_GET['user']) and $_GET['user']=="none") or (!empty($_GET['group']) and $_GET['group']=="none")) {
- api_session_unregister("user");
- api_session_unregister("group");
+ Session::erase("user");
+ Session::erase("group");
}
if (!$is_courseAdmin){
if (!empty($_GET['toolgroup'])){
//$_SESSION['toolgroup']=$_GET['toolgroup'];
$toolgroup=Security::remove_XSS($_GET['toolgroup']);
- api_session_register('toolgroup');
+ Session::write('toolgroup',$toolgroup);
}
}
//It comes from the group tools. If it's define it overwrites $_SESSION['group']
diff --git a/main/course_home/course_home.php b/main/course_home/course_home.php
index 9143400451..1eacff0863 100644
--- a/main/course_home/course_home.php
+++ b/main/course_home/course_home.php
@@ -155,7 +155,7 @@ $course_code = $return_result['code'];
$_course['name'] = $course_title;
$_course['official_code'] = $course_code;
-api_session_unregister('toolgroup');
+Session::erase('toolgroup');
$is_speacialcourse = CourseManager::is_special_course($course_code);
@@ -178,7 +178,7 @@ if (!$is_allowed_in_course) {
if (!isset($coursesAlreadyVisited[$_cid])) {
event_access_course();
$coursesAlreadyVisited[$_cid] = 1;
- api_session_register('coursesAlreadyVisited');
+ Session::write('coursesAlreadyVisited', $coursesAlreadyVisited);
}
/*Auto lunch code */
diff --git a/main/dropbox/dropbox_init.inc.php b/main/dropbox/dropbox_init.inc.php
index f374299729..c4ea22ac6f 100644
--- a/main/dropbox/dropbox_init.inc.php
+++ b/main/dropbox/dropbox_init.inc.php
@@ -198,7 +198,7 @@ function confirmation (name)
}
";
-api_session_register('javascript');
+Session::write('javascript',$javascript);
$htmlHeadXtra[] = '
diff --git a/main/exercice/admin.php b/main/exercice/admin.php
index f79b806984..a4a9e5b296 100644
--- a/main/exercice/admin.php
+++ b/main/exercice/admin.php
@@ -179,7 +179,7 @@ if (!is_object($objExercise)) {
$objExercise->read($exerciseId);
}
// saves the object into the session
- api_session_register('objExercise');
+ Session::write('objExercise',$objExercise);
}
// doesn't select the exercise ID if we come from the question pool
@@ -203,7 +203,7 @@ if ($editQuestion || $newQuestion || $modifyQuestion || $modifyAnswers) {
api_not_allowed();
}
// saves the object into the session
- api_session_register('objQuestion');
+ Session::write('objQuestion',$objQuestion);
}
}
@@ -520,7 +520,7 @@ if (!$newQuestion && !$modifyQuestion && !$editQuestion && !isset($_GET['hotspot
require 'question_list_admin.inc.php';
}
-api_session_register('objExercise');
-api_session_register('objQuestion');
-api_session_register('objAnswer');
+Session::write('objExercise', $objExercise);
+Session::write('objQuestion', $objQuestion);
+Session::write('objAnswer', $objAnswer);
Display::display_footer();
\ No newline at end of file
diff --git a/main/exercice/answer_admin.inc.php b/main/exercice/answer_admin.inc.php
index fa5eb2cd33..41f6b291e5 100644
--- a/main/exercice/answer_admin.inc.php
+++ b/main/exercice/answer_admin.inc.php
@@ -595,7 +595,7 @@ if($modifyAnswers)
$objAnswer=new Answer($questionId);
- api_session_register('objAnswer');
+ Session::write('objAnswer', $objAnswer);
if($answerType == UNIQUE_ANSWER || $answerType == MULTIPLE_ANSWER)
{
diff --git a/main/exercice/exercice.php b/main/exercice/exercice.php
index 355f57258b..f9cec36c80 100644
--- a/main/exercice/exercice.php
+++ b/main/exercice/exercice.php
@@ -72,19 +72,19 @@ $exercicePath = $exercicePath . "exercice.php";
// Clear the exercise session
if (isset ($_SESSION['objExercise'])) {
- api_session_unregister('objExercise');
+ Session::erase('objExercise');
}
if (isset ($_SESSION['objQuestion'])) {
- api_session_unregister('objQuestion');
+ Session::erase('objQuestion');
}
if (isset ($_SESSION['objAnswer'])) {
- api_session_unregister('objAnswer');
+ Session::erase('objAnswer');
}
if (isset ($_SESSION['questionList'])) {
- api_session_unregister('questionList');
+ Session::erase('questionList');
}
if (isset ($_SESSION['exerciseResult'])) {
- api_session_unregister('exerciseResult');
+ Session::erase('exerciseResult');
}
//General POST/GET/SESSION/COOKIES parameters recovery
diff --git a/main/exercice/exercise_admin.php b/main/exercice/exercise_admin.php
index bd77306a78..649d899dc9 100644
--- a/main/exercice/exercise_admin.php
+++ b/main/exercice/exercise_admin.php
@@ -166,7 +166,7 @@ if ($form->validate()) {
$message = 'ExerciseAdded';
}
$exercise_id = $objExercise->id;
- api_session_unregister('objExercise');
+ Session::erase('objExercise');
header('Location:admin.php?message='.$message.'&exerciseId='.$exercise_id);
exit;
} else {
diff --git a/main/exercice/exercise_result.php b/main/exercice/exercise_result.php
index 34a91ccc08..b6bc8b1b92 100644
--- a/main/exercice/exercise_result.php
+++ b/main/exercice/exercise_result.php
@@ -248,6 +248,6 @@ if (!api_is_allowed_to_edit(null,true)) {
$objExercise->send_notification($arrques, $arrans, $origin);
}
if (api_is_allowed_to_session_edit()) {
- api_session_unregister('objExercise');
- api_session_unregister('exe_id');
+ Session::erase('objExercise');
+ Session::erase('exe_id');
}
\ No newline at end of file
diff --git a/main/exercice/exercise_show.php b/main/exercice/exercise_show.php
index be7be23660..439e167bf0 100644
--- a/main/exercice/exercise_show.php
+++ b/main/exercice/exercise_show.php
@@ -667,8 +667,8 @@ if (!$is_allowedToEdit) {
}
//destroying the session
-api_session_unregister('questionList');
+Session::erase('questionList');
unset ($questionList);
-api_session_unregister('exerciseResult');
+Session::erase('exerciseResult');
unset ($exerciseResult);
diff --git a/main/exercice/exercise_submit.php b/main/exercice/exercise_submit.php
index a45d0e3136..39051973b0 100644
--- a/main/exercice/exercise_submit.php
+++ b/main/exercice/exercise_submit.php
@@ -97,7 +97,7 @@ $exercice_attemp_table = Database :: get_statistic_table(TABLE_STATISTIC_TRACK_
/* Teacher takes an exam and want to see a preview, we delete the objExercise from the session in order to get the latest changes in the exercise */
if (api_is_allowed_to_edit(null,true) && $_GET['preview'] == 1 ) {
- api_session_unregister('objExercise');
+ Session::erase('objExercise');
}
// 1. Loading the $objExercise variable
@@ -115,7 +115,7 @@ if (!isset($_SESSION['objExercise']) || $_SESSION['objExercise']->id != $_REQUES
$error = get_lang('ExerciseNotFound');
} else {
// Saves the object into the session
- api_session_register('objExercise');
+ Session::write('objExercise',$objExercise);
if ($debug) {error_log('1.1. $_SESSION[objExercise] was unset - set now - end'); };
}
}
@@ -356,7 +356,7 @@ if (!isset($_SESSION['questionList'])) {
if ($objExercise->isRandom() && !empty($exercise_stat_info['data_tracking'])) {
$questionList = explode(',', $exercise_stat_info['data_tracking']);
}
- api_session_register('questionList');
+ Session::write('questionList',$questionList);
if ($debug > 0) { error_log('$_SESSION[questionList] was set'); }
} else {
if (isset($objExercise) && isset($_SESSION['objExercise'])) {
@@ -367,7 +367,7 @@ if (!isset($_SESSION['questionList'])) {
if ($debug) error_log('8. Question list loaded '.print_r($questionList, 1));
$quizStartTime = time();
-api_session_register('quizStartTime');
+Session::write('quizStartTime',$quizStartTime);
//Real question count
$question_count = 0;
@@ -432,9 +432,9 @@ if ($formSent && isset($_POST)) {
// the script "exercise_result.php" will take the variable $exerciseResult from the session
- api_session_register('exerciseResult');
- api_session_register('remind_list');
- api_session_register('exerciseResultCoordinates');
+ Session::write('exerciseResult',$exerciseResult);
+ Session::write('remind_list',$remind_list);
+ Session::write('exerciseResultCoordinates',$exerciseResultCoordinates);
// if all questions on one page OR if it is the last question (only for an exercise with one question per page)
diff --git a/main/exercice/exercise_submit_modal.php b/main/exercice/exercise_submit_modal.php
index f786ceb27b..e2b24a58d1 100644
--- a/main/exercice/exercise_submit_modal.php
+++ b/main/exercice/exercise_submit_modal.php
@@ -49,9 +49,9 @@ $nbrQuestions = intval($_GET['nbrQuestions']);
//clean extra session variables
-api_session_unregister('objExerciseExtra'.$exerciseId);
-api_session_unregister('exerciseResultExtra'.$exerciseId);
-api_session_unregister('questionListExtra'.$exerciseId);
+Session::erase('objExerciseExtra'.$exerciseId);
+Session::erase('exerciseResultExtra'.$exerciseId);
+Session::erase('questionListExtra'.$exerciseId);
//round-up the coordinates
$coords = explode('/',$_GET['hotspot']);
@@ -143,8 +143,8 @@ if(is_array($choice)) {
// the script "exercise_result.php" will take the variable $exerciseResult from the session
-api_session_register('exerciseResult');
-api_session_register('exerciseResultCoordinates');
+Session::write('exerciseResult',$exerciseResult);
+Session::write('exerciseResultCoordinates',$exerciseResultCoordinates);
/*
// if it is the last question (only for a sequential exercise)
@@ -563,7 +563,7 @@ if ($links!='') {
$_SESSION['hotspot_delineation_result'][$exerciseId][$questionid] = array($message, $exerciseResult[$questionid]);
//reseting the exerciseResult variable
- api_session_register('exerciseResult');
+ Session::write('exerciseResult',$exerciseResult);
//save this variables just in case the exercise loads an LP with other exercise
$_SESSION['objExerciseExtra'.$exerciseId] = $_SESSION['objExercise'];
diff --git a/main/exercice/hotspot_admin.inc.php b/main/exercice/hotspot_admin.inc.php
index f472f3f32d..9a6fc15c89 100644
--- a/main/exercice/hotspot_admin.inc.php
+++ b/main/exercice/hotspot_admin.inc.php
@@ -295,7 +295,7 @@ if ($modifyAnswers) {
// construction of the Answer object
$objAnswer=new Answer($objQuestion -> id);
- api_session_register('objAnswer');
+ Session::write('objAnswer',$objAnswer);
if($debug>0){echo str_repeat(' ',2).'$answerType is HOT_SPOT'."
\n";}
if ($answerType == HOT_SPOT_DELINEATION) {
diff --git a/main/exercice/overview.php b/main/exercice/overview.php
index 5a9efbac14..5ba8aea1ed 100644
--- a/main/exercice/overview.php
+++ b/main/exercice/overview.php
@@ -17,7 +17,7 @@ $current_course_tool = TOOL_QUIZ;
// Clear the exercise session just in case
if (isset ($_SESSION['objExercise'])) {
- api_session_unregister('objExercise');
+ Session::erase('objExercise');
}
$this_section = SECTION_COURSES;
diff --git a/main/exercice/question_pool.php b/main/exercice/question_pool.php
index dd0e82e807..f0f26399dc 100644
--- a/main/exercice/question_pool.php
+++ b/main/exercice/question_pool.php
@@ -112,7 +112,7 @@ if ($is_allowedToEdit) {
$objExercise = new Exercise();
$objExercise->read($fromExercise);
}
- api_session_register('objExercise');
+ Session::write('objExercise',$objExercise);
}
$displayMessage = get_lang('ItemAdded');
// header("Location: admin.php?".api_get_cidreq()."&exerciseId=$fromExercise");
@@ -145,7 +145,7 @@ if ($is_allowedToEdit) {
}
// adds the question ID represented by $recup into the list of questions for the current exercise
$objExercise->addToList($recup);
- api_session_register('objExercise');
+ Session::write('objExercise',$objExercise);
// header("Location: admin.php?".api_get_cidreq()."&exerciseId=$fromExercise");
// exit();
@@ -207,7 +207,7 @@ if ($is_allowedToEdit) {
}
}
}
- api_session_register('objExercise');
+ Session::write('objExercise',$objExercise);
// header("Location: admin.php?".api_get_cidreq()."&exerciseId=$fromExercise");
// exit();
}
diff --git a/main/exercice/upload_exercise.php b/main/exercice/upload_exercise.php
index 55ea6728a5..2ba6eb0105 100644
--- a/main/exercice/upload_exercise.php
+++ b/main/exercice/upload_exercise.php
@@ -278,8 +278,8 @@ function lp_upload_quiz_action_handling() {
error_log('New LP - Course has changed, discard lp object', 0);
}
$oLP = null;
- api_session_unregister('oLP');
- api_session_unregister('lpobject');
+ Session::erase('oLP');
+ Session::erase('lpobject');
} else {
$_SESSION['oLP'] = $oLP;
$lp_found = true;
diff --git a/main/forum/forumfunction.inc.php b/main/forum/forumfunction.inc.php
index 416eaff400..bba96393b4 100644
--- a/main/forum/forumfunction.inc.php
+++ b/main/forum/forumfunction.inc.php
@@ -3860,7 +3860,7 @@ function set_notification($content,$id, $add_only = false) {
if ($total <= 0) {
$sql = "INSERT INTO $table_notification (c_id, $database_field, user_id) VALUES (".$course_id.", '".Database::escape_string($id)."','".Database::escape_string($_user['user_id'])."')";
$result = Database::query($sql);
- api_session_unregister('forum_notification');
+ Session::erase('forum_notification');
get_notifications_of_user(0, true);
return get_lang('YouWillBeNotifiedOfNewPosts');
} else {
@@ -3868,7 +3868,7 @@ function set_notification($content,$id, $add_only = false) {
$sql = "DELETE FROM $table_notification
WHERE c_id = $course_id AND $database_field = '".Database::escape_string($id)."' AND user_id = '".Database::escape_string($_user['user_id'])."'";
$result = Database::query($sql);
- api_session_unregister('forum_notification');
+ Session::erase('forum_notification');
get_notifications_of_user(0, true);
return get_lang('YouWillNoLongerBeNotifiedOfNewPosts');
}
diff --git a/main/forum/forumsearch.php b/main/forum/forumsearch.php
index e412c7da82..3171dcd57e 100644
--- a/main/forum/forumsearch.php
+++ b/main/forum/forumsearch.php
@@ -61,7 +61,7 @@ if (!empty($gradebook) && $gradebook == 'view') {
if (!empty ($_GET['gidReq'])) {
$toolgroup = Database::escape_string($_GET['gidReq']);
- api_session_register('toolgroup');
+ Session::write('toolgroup',$toolgroup);
}
if ($origin == 'group') {
diff --git a/main/forum/newthread.php b/main/forum/newthread.php
index c164856e17..183b3d8a89 100644
--- a/main/forum/newthread.php
+++ b/main/forum/newthread.php
@@ -86,7 +86,7 @@ if (!empty($gradebook) && $gradebook == 'view') {
if (!empty($_GET['gidReq'])) {
$toolgroup = intval($_GET['gidReq']);
- api_session_register('toolgroup');
+ Session::write('toolgroup',$toolgroup);
}
/* Is the user allowed here? */
diff --git a/main/forum/viewforum.php b/main/forum/viewforum.php
index bf073758e9..800d170f88 100644
--- a/main/forum/viewforum.php
+++ b/main/forum/viewforum.php
@@ -109,7 +109,7 @@ if (!empty($gradebook) && $gradebook == 'view') {
if (!empty($_GET['gidReq'])) {
$toolgroup = Database::escape_string($_GET['gidReq']);
- api_session_register('toolgroup');
+ Session::write('toolgroup',$toolgroup);
}
if ($origin == 'group') {
diff --git a/main/inc/email_editor.php b/main/inc/email_editor.php
index 2e9ddc5d36..ccfaa51189 100644
--- a/main/inc/email_editor.php
+++ b/main/inc/email_editor.php
@@ -22,7 +22,7 @@ if (empty($_user['user_id'])) {
if (empty($_SESSION['origin_url'])) {
$origin_url = $_SERVER['HTTP_REFERER'];
- api_session_register('origin_url');
+ Session::write('origin_url',$origin_url);
}
/* Process the form and redirect to origin */
@@ -39,7 +39,7 @@ if (!empty($_POST['submit_email']) && !empty($_POST['email_title']) && !empty($_
api_mail('',$email_administrator,$title,$text,get_lang('Anonymous'));
}
$orig = $_SESSION['origin_url'];
- api_session_unregister('origin_url');
+ Session::erase('origin_url');
header('location:'.$orig);
}
diff --git a/main/inc/global.inc.php b/main/inc/global.inc.php
index bb54902496..a323241527 100644
--- a/main/inc/global.inc.php
+++ b/main/inc/global.inc.php
@@ -209,7 +209,7 @@ if (api_is_utf8($charset)) {
}
// Start session after the internationalization library has been initialized.
-api_session_start($already_installed);
+Chamilo::session()->start($already_installed);
// Remove quotes added by PHP - get_magic_quotes_gpc() is deprecated in PHP 5 see #2970
diff --git a/main/inc/lib/autoload.class.php b/main/inc/lib/autoload.class.php
index 5ed846305e..9b7083f6b7 100644
--- a/main/inc/lib/autoload.class.php
+++ b/main/inc/lib/autoload.class.php
@@ -97,6 +97,7 @@ class Autoload
$result['Category'] = '/main/gradebook/lib/be/category.class.php';
$result['Certificate'] = '/main/inc/lib/certificate.lib.php';
$result['Chamilo'] = '/main/inc/lib/chamilo.class.php';
+ $result['ChamiloSession'] = '/main/inc/lib/chamilo_session.class.php';
$result['Chat'] = '/main/inc/lib/chat.lib.php';
$result['ClassManager'] = '/main/inc/lib/classmanager.lib.php';
$result['ClosureCompiler'] = '/main/inc/lib/closure_compiler.class.php';
@@ -119,7 +120,9 @@ class Autoload
$result['CourseSession'] = '/main/coursecopy/classes/CourseSession.class.php';
$result['CsvReader'] = '/main/inc/lib/system/io/csv_reader.class.php';
$result['CsvWriter'] = '/main/inc/lib/system/io/csv_writer.class.php';
- $result['CustomPages'] = '/main/inc/lib/custompages.lib.php';
+ $result['CurrentCourse'] = '/main/inc/lib/current_course.class.php';
+ $result['CurrentUser'] = '/main/inc/lib/current_user.class.php';
+ $result['CustomPages'] = '/main/inc/lib/custom_pages.class.php';
$result['DashboardManager'] = '/main/inc/lib/dashboard.lib.php';
$result['DataForm'] = '/main/gradebook/lib/fe/dataform.class.php';
$result['Debug'] = '/main/inc/lib/debug.lib.php';
@@ -314,6 +317,8 @@ class Autoload
$result['ScoreDisplayForm'] = '/main/gradebook/lib/fe/scoredisplayform.class.php';
$result['ScormDocument'] = '/main/coursecopy/classes/ScormDocument.class.php';
$result['Security'] = '/main/inc/lib/security.lib.php';
+ $result['Session'] = '/main/inc/lib/session.class.php';
+ $result['SessionHandler'] = '/main/inc/lib/session_handler.class.php';
$result['SessionManager'] = '/main/inc/lib/sessionmanager.lib.php';
$result['Shibboleth'] = '/main/auth/shibboleth/app/shibboleth.class.php';
$result['ShibbolethConfig'] = '/main/auth/shibboleth/lib/shibboleth_config.class.php';
@@ -446,7 +451,6 @@ class Autoload
$result['scormOrganization'] = '/main/newscorm/scormOrganization.class.php';
$result['scormResource'] = '/main/newscorm/scormResource.class.php';
$result['search_processor'] = '/main/inc/lib/search/tool_processors/search_processor.class.php';
- $result['session_handler'] = '/main/inc/lib/session_handler.class.php';
$result['sso'] = '/main/auth/sso/sso.class.php';
$result['survey_manager'] = '/main/survey/survey.lib.php';
$result['survey_question'] = '/main/survey/survey.lib.php';
@@ -460,7 +464,6 @@ class Autoload
$result['xhtdoc'] = '/main/inc/lib/xht.lib.php';
$result['xmddoc'] = '/main/inc/lib/xmd.lib.php';
-
return $result;
}
diff --git a/main/inc/lib/chamilo.class.php b/main/inc/lib/chamilo.class.php
index 9569344ed1..0d54c161a5 100644
--- a/main/inc/lib/chamilo.class.php
+++ b/main/inc/lib/chamilo.class.php
@@ -3,9 +3,8 @@
/**
* Description of chamilo
*
- * @copyright (c) 2012 University of Geneva
- * @license GNU General Public License - http://www.gnu.org/copyleft/gpl.html
- * @author Laurent Opprecht
+ * @license see /license.txt
+ * @author Laurent Opprecht for the Univesity of Geneva
*/
class Chamilo
{
@@ -25,6 +24,15 @@ class Chamilo
{
return api_get_setting('server_type') == 'production';
}
+
+ /**
+ *
+ * @return ChamiloSession
+ */
+ static function session()
+ {
+ return ChamiloSession::instance();
+ }
/**
* Returns a full url from local/absolute path and parameters.
diff --git a/main/inc/lib/chamilo_session.class.php b/main/inc/lib/chamilo_session.class.php
new file mode 100644
index 0000000000..16d218033e
--- /dev/null
+++ b/main/inc/lib/chamilo_session.class.php
@@ -0,0 +1,189 @@
+
+ *
+ * @license see /license.txt
+ * @author Laurent Opprecht for the Univesity of Geneva
+ */
+class ChamiloSession extends Session
+{
+
+ const NAME = 'ch_sid';
+
+ /**
+ *
+ * @return ChamiloSession
+ */
+ static function instance()
+ {
+ static $result = null;
+ if (empty($result)) {
+ $result = new ChamiloSession();
+ }
+ return $result;
+ }
+
+ static function session_lifetime()
+ {
+ global $_configuration;
+ return $_configuration['session_lifetime'];
+ }
+
+ static function session_stored_in_db()
+ {
+ return self::read('session_stored_in_db', false);
+ }
+
+ /**
+ * Starts the Chamilo session.
+ *
+ * The default lifetime for session is set here. It is not possible to have it
+ * as a database setting as it is used before the database connection has been made.
+ * It is taken from the configuration file, and if it doesn't exist there, it is set
+ * to 360000 seconds
+ *
+ * @author Olivier Brouckaert
+ * @param string variable - the variable name to save into the session
+ */
+ static function start($already_installed = true)
+ {
+ global $_configuration;
+
+ /* Causes too many problems and is not configurable dynamically.
+ if ($already_installed) {
+ $session_lifetime = 360000;
+ if (isset($_configuration['session_lifetime'])) {
+ $session_lifetime = $_configuration['session_lifetime'];
+ }
+ //session_set_cookie_params($session_lifetime,api_get_path(REL_PATH));
+ }
+ */
+
+ if (self::session_stored_in_db() && function_exists('session_set_save_handler')) {
+ $handler = new SessionHandler();
+ @session_set_save_handler(array(& $handler, 'open'), array(& $handler, 'close'), array(& $handler, 'read'), array(& $handler, 'write'), array(& $handler, 'destroy'), array(& $handler, 'garbage'));
+ }
+
+ /*
+ * Prevent Session fixation bug fixes
+ * See http://support.chamilo.org/issues/3600
+ * http://php.net/manual/en/session.configuration.php
+ * @todo use session_set_cookie_params with some custom admin parameters
+ */
+
+ //session.cookie_lifetime
+ //the session ID is only accepted from a cookie
+ ini_set('session.use_only_cookies', 1);
+
+ //HTTPS only if possible
+ //ini_set('session.cookie_secure', 1);
+ //session ID in the cookie is only readable by the server
+ ini_set('session.cookie_httponly', 1);
+
+ //Use entropy file
+ //session.entropy_file
+ //ini_set('session.entropy_length', 128);
+ //Do not include the identifier in the URL, and not to read the URL for identifiers.
+ ini_set('session.use_trans_sid', 0);
+
+ session_name(self::NAME);
+ session_start();
+
+ $session = self::instance();
+
+ if ($already_installed) {
+ if (!isset($session['checkChamiloURL'])) {
+ $session['checkChamiloURL'] = api_get_path(WEB_PATH);
+ } else if ($session['checkChamiloURL'] != api_get_path(WEB_PATH)) {
+ Session::clear();
+ }
+ }
+
+ if (!$session->has('starttime') || $session->is_valid()) {
+ $session->write('starttime', time());
+ }
+ }
+
+ /**
+ * Session start time: that is the last time the user accesseed the application.
+ *
+ * @return int timestamp
+ */
+ function start_time()
+ {
+ return self::read('starttime');
+ }
+
+ /**
+ * Session end time: when the session expires.
+ *
+ * @return int timestamp
+ */
+ function end_time()
+ {
+ $start_time = $this->start_time();
+ $lifetime = self::session_lifetime();
+ return $start_time + $lifetime;
+ }
+
+ /**
+ * Returns true if the session is stalled. I.e. if session end time is
+ * greater than now. Returns false otherwise.
+ *
+ * @return bool
+ */
+ function is_stalled()
+ {
+ return $this->end_time() >= time();
+ }
+
+ /**
+ * Returns true if the session is valid - if it is not stalled - false otherwise.
+ * @return bool
+ */
+ public function is_valid()
+ {
+ return !$this->is_stalled();
+ }
+
+ /**
+ * The current (logged in) user.
+ *
+ * @return CurrentUser
+ */
+ public function user()
+ {
+ static $result = null;
+ if (empty($result)) {
+ $result = CurrentUser::instance();
+ }
+ return $result;
+ }
+
+ public function course()
+ {
+ static $result = null;
+ if (empty($result)) {
+ $result = CurrentCourse::instance();
+ }
+ return $result;
+ }
+
+
+
+ /**
+ * The current group for the current (logged in) user.
+ *
+ * @return int
+ */
+ public function group_id()
+ {
+ return Session::read('_gid');
+ }
+
+}
\ No newline at end of file
diff --git a/main/inc/lib/conditional_login.class.php b/main/inc/lib/conditional_login.class.php
index 46abd82876..1ede1715f9 100644
--- a/main/inc/lib/conditional_login.class.php
+++ b/main/inc/lib/conditional_login.class.php
@@ -22,9 +22,7 @@ class ConditionalLogin {
}
public static function login() {
- //require_once api_get_path(LIBRARY_PATH).'loginredirection.lib.php'; moved to autologin
$_SESSION['conditional_login']['can_login'] = true;
LoginRedirection::redirect();
- exit();
}
}
\ No newline at end of file
diff --git a/main/inc/lib/conditionallogin.lib.php b/main/inc/lib/conditionallogin.lib.php
deleted file mode 100644
index 13078f1cc1..0000000000
--- a/main/inc/lib/conditionallogin.lib.php
+++ /dev/null
@@ -1,5 +0,0 @@
- for the Univesity of Geneva
+ */
+class CurrentCourse
+{
+
+ /**
+ *
+ * @return CurrentCourse
+ */
+ public static function instance()
+ {
+ static $result = null;
+ if (empty($result)) {
+ $result = new self();
+ }
+ return $result;
+ }
+
+ protected function __construct()
+ {
+ ;
+ }
+
+ public function is_empty()
+ {
+ $id = $this->real_id();
+ return empty($id);
+ }
+
+ public function data()
+ {
+ global $_course;
+ if ($_course == '-1') {
+ $_course = array();
+ }
+ return $_course;
+ }
+
+ public function real_id()
+ {
+ return (int)$this->get('real_id');
+ }
+
+ public function code()
+ {
+ return $this->get('code');
+ }
+
+ public function name()
+ {
+ return $this->get('name');
+ }
+
+ public function title()
+ {
+ return $this->get('title');
+ }
+
+ public function official_code()
+ {
+ return $this->get('official_code');
+ }
+
+ public function sys_code()
+ {
+ return $this->get('sysCode');
+ }
+
+ public function path()
+ {
+ return $this->get('path');
+ }
+
+ /**
+ * not needed in Chamilo 1.9
+ *
+ * @return type
+ */
+ public function db_name()
+ {
+ return $this->get('dbName');
+ }
+
+ public function db_name_glu()
+ {
+ return $this->get('dbNameGlu');
+ }
+
+ public function titular()
+ {
+ return $this->get('titular');
+ }
+
+ public function language()
+ {
+ return $this->get('language');
+ }
+
+ public function category_code()
+ {
+ return $this->get('categoryCode');
+ }
+
+ public function category_ame()
+ {
+ return $this->get('category_name');
+ }
+
+ public function visibility()
+ {
+ return $this->get('visibility');
+ }
+
+ public function subscribe_allowed()
+ {
+ return $this->get('subscribe_allowed');
+ }
+
+ public function unubscribe_allowed()
+ {
+ return $this->get('unubscribe_allowed');
+ }
+
+ public function activate_legal()
+ {
+ return $this->get('activate_legal');
+ }
+
+ public function show_score()
+ {
+ return $this->get('show_score');
+ }
+
+ public function extrnal_link()
+ {
+ return $this->get('extLink');
+ }
+
+ /**
+ * Returns the current user (logged in user) relationship with the course.
+ * I.e his role
+ *
+ * @return array
+ */
+ public function user()
+ {
+ $result = Session::read('_courseUser');
+ $result = $result ? $result : array();
+ return $result;
+ }
+
+ public function get($name, $default = false)
+ {
+ $data = $this->data();
+ return isset($data[$name]) ? $data[$name] : $default;
+ }
+
+}
\ No newline at end of file
diff --git a/main/inc/lib/current_user.class.php b/main/inc/lib/current_user.class.php
new file mode 100644
index 0000000000..5c05df07bc
--- /dev/null
+++ b/main/inc/lib/current_user.class.php
@@ -0,0 +1,187 @@
+ for the Univesity of Geneva
+ */
+class CurrentUser
+{
+
+ /**
+ *
+ * @return CurrentUser
+ */
+ public static function instance()
+ {
+ static $result = null;
+ if (empty($result)) {
+ $result = new self();
+ }
+ return $result;
+ }
+
+ protected function __construct()
+ {
+ ;
+ }
+
+ public function data()
+ {
+ global $_user;
+ return $_user;
+ //return Session::read('_user');
+ }
+
+ public function is_anonymous()
+ {
+ return api_is_anonymous();
+ }
+
+ public function first_name()
+ {
+ return $this->get('firstName');
+ }
+
+ public function last_name()
+ {
+ return $this->get('lastName');
+ }
+
+ public function mail()
+ {
+ return $this->get('mail');
+ }
+
+ public function last_login()
+ {
+ return $this->get('lastLogin');
+ }
+
+ public function official_code()
+ {
+ return $this->get('official_code');
+ }
+
+ public function picture_uri()
+ {
+ return $this->get('picture_uri');
+ }
+
+ public function user_id()
+ {
+ return (int)$this->get('user_id');
+ }
+
+ public function language()
+ {
+ return $this->get('language');
+ }
+
+ public function auth_source()
+ {
+ return $this->get('auth_source');
+ }
+
+ public function theme()
+ {
+ return $this->get('theme');
+ }
+
+ /**
+ * Returns true if user is a platform administrator, false otherwise.
+ *
+ * @return boolean
+ * @see UserManager::is_admin(user_id) for user-id specific function.
+ */
+ public function is_platform_admin()
+ {
+ return (bool) Session::read('is_platformAdmin');
+ if ($_SESSION['is_platformAdmin']) {
+ return true;
+ }
+ global $_user;
+ return $allow_sessions_admins && $_user['status'] == SESSIONADMIN;
+ }
+
+ /**
+ * Returns true if user is a session administrator, false otherwise.
+ *
+ * @return boolean
+ */
+ public function is_session_admin($allow_sessions_admins = false)
+ {
+ global $_user;
+ return (bool) $_user['status'] == SESSIONADMIN;
+ }
+
+ /**
+ * Returns true if the current user is allowed to create courses, false otherwise.
+ *
+ * @return boolean
+ * false otherwise.
+ */
+ public function is_allowed_to_create_course()
+ {
+ return (bool) Session::read('is_allowedCreateCourse', false);
+ }
+
+ /**
+ * Returns true if the current user is a course administrator for the current course, false otherwise.
+ *
+ * @return boolean
+ */
+ public function is_course_admin()
+ {
+ return (bool) Session::read('is_courseAdmin', false);
+ }
+
+ /**
+ * Returns true if the current user is a course member of the current course, false otherwise.
+ *
+ * @return bool
+ */
+ public function is_course_member()
+ {
+ return (bool) Session::read('is_courseMember', false);
+ }
+
+ /**
+ * Returns true if the current user is allowed in the current course, false otherwise.
+ *
+ * @return bool
+ */
+ public function is_allowed_in_course()
+ {
+ return (bool) Session::read('is_allowed_in_course', false);
+ }
+
+ /**
+ * Returns true if the current user is a course coach for the current course, false otherwise.
+ *
+ * @return bool
+ */
+ public function is_course_coach()
+ {
+ return (bool) Session::read('is_courseCoach', false);
+ }
+
+ /**
+ * Returns true if the current user is a course tutor for the current course, false otherwise.
+ *
+ * @return bool
+ */
+ public function is_course_tutor()
+ {
+ return (bool) Session::read('is_courseTutor', false);
+ }
+
+ public function get($name, $default = false)
+ {
+ $data = $this->data();
+ return isset($data[$name]) ? $data[$name] : $default;
+ }
+
+}
\ No newline at end of file
diff --git a/main/inc/lib/custom_pages.class.php b/main/inc/lib/custom_pages.class.php
new file mode 100644
index 0000000000..11a47f447b
--- /dev/null
+++ b/main/inc/lib/custom_pages.class.php
@@ -0,0 +1,82 @@
+
+ * @author Laurent Opprecht for the Univesity of Geneva
+ */
+class CustomPages
+{
+ const INDEX_LOGGED = 'index-logged';
+ const INDEX_UNLOGGED = 'index-unlogged';
+ const LOGGED_OUT = 'loggedout';
+ const REGISTRATION_FEEDBACK = 'registration-feedback';
+ const REGISTRATION = 'registration';
+ const LOST_PASSWORD = 'lostpassword';
+
+ /**
+ * Returns true if custom pages are enabled. False otherwise.
+ * @return bool
+ */
+ public static function enabled()
+ {
+ return api_get_setting('use_custom_pages') == 'true';
+ }
+
+ /**
+ * Returns the path to a custom page.
+ *
+ * @param string $name
+ * @return string
+ */
+ public static function path($name = '')
+ {
+ return api_get_path(SYS_PATH) . 'custompages/' . $name;
+ }
+
+ /**
+ * If enabled display a custom page and exist. Otherwise log error and returns.
+ *
+ * @param string $page_name
+ * @param array $content used to path data to the custom page
+ */
+ public static function display($page_name, $content = array())
+ {
+ if (!self::enabled()) {
+ return false;
+ }
+
+ $file = self::path($page_name . '.php');
+ if (file_exists($file)) {
+ include($file);
+ exit;
+ } else {
+ error_log('CustomPages::displayPage : could not read file ' . $file_name);
+ }
+ }
+
+ /**
+ * Does not look like this function is being used is being used
+ *
+ * @param type $url_id
+ * @return string
+ */
+ public static function getURLImages($url_id = null)
+ {
+ if (is_null($url_id)) {
+ $url = 'http://' . $_SERVER['HTTP_HOST'] . '/';
+ $url_id = UrlManager::get_url_id($url);
+ }
+ $url_images_dir = api_get_path(SYS_PATH) . 'custompages/url-images/';
+ $images = array();
+ for ($img_id = 1; $img_id <= 3; $img_id++) {
+ if (file_exists($url_images_dir . $url_id . '_url_image_' . $img_id . '.png')) {
+ $images[] = api_get_path(WEB_PATH) . 'custompages/url-images/' . $url_id . '_url_image_' . $img_id . '.png';
+ }
+ }
+ return $images;
+ }
+
+}
\ No newline at end of file
diff --git a/main/inc/lib/custompages.lib.php b/main/inc/lib/custompages.lib.php
deleted file mode 100644
index d1498402fd..0000000000
--- a/main/inc/lib/custompages.lib.php
+++ /dev/null
@@ -1,37 +0,0 @@
-
-
-require_once api_get_path(LIBRARY_PATH).'urlmanager.lib.php';
-
-class CustomPages {
-
- public static function displayPage($page_name, $content=array()) {
- $pages_dir = api_get_path(SYS_PATH).'custompages/';
- $file_name = $pages_dir.$page_name.'.php';
- if (file_exists($file_name)) {
- include($file_name);
- exit;
- }
- else {
- error_log('CustomPages::displayPage : could not read file '.$file_name);
- }
- }
-
- public static function getURLImages($url_id = null) {
- if (is_null($url_id)) {
- $url = 'http://'.$_SERVER['HTTP_HOST'].'/';
- $url_id = UrlManager::get_url_id($url);
- }
- $url_images_dir = api_get_path(SYS_PATH).'custompages/url-images/';
- $images = array();
- for ($img_id = 1; $img_id <= 3; $img_id++) {
- if (file_exists($url_images_dir.$url_id.'_url_image_'.$img_id.'.png')) {
- $images[] = api_get_path(WEB_PATH).'custompages/url-images/'.$url_id.'_url_image_'.$img_id.'.png';
- }
- }
- return $images;
- }
-}
-?>
diff --git a/main/inc/lib/login.lib.php b/main/inc/lib/login.lib.php
index 90007561a1..40c0fa07de 100644
--- a/main/inc/lib/login.lib.php
+++ b/main/inc/lib/login.lib.php
@@ -1,126 +1,132 @@
, Ghent University
-* @author Julio Montoya
-* @package chamilo.login
-*/
+ * Code library for login process
+ *
+ * @author Olivier Cauberghe , Ghent University
+ * @author Julio Montoya
+ * @package chamilo.login
+ */
+
/**
* Class
* @package chamilo.login
*/
-class Login
+class Login
{
- /**
- * Get user account list
- *
- * @param unknown_type $user
- * @param boolean $reset
- * @param boolean $by_username
- * @return unknown
- */
- public static function get_user_account_list($user, $reset = false, $by_username = false) {
- global $_configuration;
+
+ /**
+ * Get user account list
+ *
+ * @param unknown_type $user
+ * @param boolean $reset
+ * @param boolean $by_username
+ * @return unknown
+ */
+ public static function get_user_account_list($user, $reset = false, $by_username = false)
+ {
+ global $_configuration;
//$portal_url = $_configuration['root_web'];
- $portal_url = api_get_path(WEB_PATH);
-
- if ($_configuration['multiple_access_urls']) {
- $access_url_id = api_get_current_access_url_id();
- if ($access_url_id != -1 ) {
- $url = api_get_access_url($access_url_id);
- $portal_url = $url['url'];
- }
- }
-
- if ($reset) {
- if ($by_username) {
- $secret_word = self::get_secret_word($user['email']);
- if ($reset) {
- $reset_link = $portal_url."main/auth/lostPassword.php?reset=".$secret_word."&id=".$user['uid'];
- } else {
- $reset_link = get_lang('Pass')." : $user[password]";
- }
- $user_account_list = get_lang('YourRegistrationData')." : \n".get_lang('UserName').' : '.$user['loginName']."\n".get_lang('ResetLink').' : '.$reset_link.'';
-
- if ($user_account_list) {
- $user_account_list = "\n-----------------------------------------------\n" . $user_account_list;
- }
- } else {
- foreach ($user as $this_user) {
- $secret_word = self::get_secret_word($this_user['email']);
- if ($reset) {
- $reset_link = $portal_url."main/auth/lostPassword.php?reset=".$secret_word."&id=".$this_user['uid'];
- } else {
- $reset_link = get_lang('Pass')." : $this_user[password]";
- }
- $user_account_list[] = get_lang('YourRegistrationData')." : \n".get_lang('UserName').' : '.$this_user['loginName']."\n".get_lang('ResetLink').' : '.$reset_link.'';
- }
- if ($user_account_list) {
- $user_account_list = implode("\n-----------------------------------------------\n", $user_account_list);
- }
- }
- } else {
- if (!$by_username) {
- $user = $user[0];
- }
- $reset_link = get_lang('Pass')." : $user[password]";
- $user_account_list = get_lang('YourRegistrationData')." : \n".get_lang('UserName').' : '.$user['loginName']."\n".$reset_link.'';
- }
- return $user_account_list;
- }
-
- /**
- * This function sends the actual password to the user
- *
- * @param unknown_type $user
- * @author Olivier Cauberghe , Ghent University
- */
- public static function send_password_to_user($user, $by_username = false) {
- global $_configuration;
- $email_subject = "[".api_get_setting('siteName')."] ".get_lang('LoginRequest'); // SUBJECT
-
- if ($by_username) { // Show only for lost password
- $user_account_list = self::get_user_account_list($user, false, $by_username); // BODY
- $email_to = $user['email'];
- } else {
- $user_account_list = self::get_user_account_list($user); // BODY
- $email_to = $user[0]['email'];
- }
-
- $portal_url = $_configuration['root_web'];
- if ($_configuration['multiple_access_urls']) {
- $access_url_id = api_get_current_access_url_id();
- if ($access_url_id != -1 ) {
- $url = api_get_access_url($access_url_id);
- $portal_url = $url['url'];
- }
- }
-
- $email_body = get_lang('YourAccountParam')." ".$portal_url."\n\n$user_account_list";
- // SEND MESSAGE
- $sender_name = api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'), null, PERSON_NAME_EMAIL_ADDRESS);
- $email_admin = api_get_setting('emailAdministrator');
-
- if (@api_mail('', $email_to, $email_subject, $email_body, $sender_name, $email_admin) == 1) {
- return get_lang('your_password_has_been_reset');
- } else {
- return get_lang('SystemUnableToSendEmailContact').' '.Display :: encrypted_mailto_link(api_get_setting('emailAdministrator'), get_lang('PlatformAdmin')).".";
- }
- }
-
- /**
- * Handle encrypted password, send an email to a user with his password
- *
- * @param int user id
- * @param bool $by_username
- *
- * @author Olivier Cauberghe , Ghent University
- */
- public static function handle_encrypted_password($user, $by_username = false) {
+ $portal_url = api_get_path(WEB_PATH);
+
+ if ($_configuration['multiple_access_urls']) {
+ $access_url_id = api_get_current_access_url_id();
+ if ($access_url_id != -1) {
+ $url = api_get_access_url($access_url_id);
+ $portal_url = $url['url'];
+ }
+ }
+
+ if ($reset) {
+ if ($by_username) {
+ $secret_word = self::get_secret_word($user['email']);
+ if ($reset) {
+ $reset_link = $portal_url . "main/auth/lostPassword.php?reset=" . $secret_word . "&id=" . $user['uid'];
+ } else {
+ $reset_link = get_lang('Pass') . " : $user[password]";
+ }
+ $user_account_list = get_lang('YourRegistrationData') . " : \n" . get_lang('UserName') . ' : ' . $user['loginName'] . "\n" . get_lang('ResetLink') . ' : ' . $reset_link . '';
+
+ if ($user_account_list) {
+ $user_account_list = "\n-----------------------------------------------\n" . $user_account_list;
+ }
+ } else {
+ foreach ($user as $this_user) {
+ $secret_word = self::get_secret_word($this_user['email']);
+ if ($reset) {
+ $reset_link = $portal_url . "main/auth/lostPassword.php?reset=" . $secret_word . "&id=" . $this_user['uid'];
+ } else {
+ $reset_link = get_lang('Pass') . " : $this_user[password]";
+ }
+ $user_account_list[] = get_lang('YourRegistrationData') . " : \n" . get_lang('UserName') . ' : ' . $this_user['loginName'] . "\n" . get_lang('ResetLink') . ' : ' . $reset_link . '';
+ }
+ if ($user_account_list) {
+ $user_account_list = implode("\n-----------------------------------------------\n", $user_account_list);
+ }
+ }
+ } else {
+ if (!$by_username) {
+ $user = $user[0];
+ }
+ $reset_link = get_lang('Pass') . " : $user[password]";
+ $user_account_list = get_lang('YourRegistrationData') . " : \n" . get_lang('UserName') . ' : ' . $user['loginName'] . "\n" . $reset_link . '';
+ }
+ return $user_account_list;
+ }
+
+ /**
+ * This function sends the actual password to the user
+ *
+ * @param unknown_type $user
+ * @author Olivier Cauberghe , Ghent University
+ */
+ public static function send_password_to_user($user, $by_username = false)
+ {
global $_configuration;
- $email_subject = "[".api_get_setting('siteName')."] ".get_lang('LoginRequest'); // SUBJECT
+ $email_subject = "[" . api_get_setting('siteName') . "] " . get_lang('LoginRequest'); // SUBJECT
+
+ if ($by_username) { // Show only for lost password
+ $user_account_list = self::get_user_account_list($user, false, $by_username); // BODY
+ $email_to = $user['email'];
+ } else {
+ $user_account_list = self::get_user_account_list($user); // BODY
+ $email_to = $user[0]['email'];
+ }
+
+ $portal_url = $_configuration['root_web'];
+ if ($_configuration['multiple_access_urls']) {
+ $access_url_id = api_get_current_access_url_id();
+ if ($access_url_id != -1) {
+ $url = api_get_access_url($access_url_id);
+ $portal_url = $url['url'];
+ }
+ }
+
+ $email_body = get_lang('YourAccountParam') . " " . $portal_url . "\n\n$user_account_list";
+ // SEND MESSAGE
+ $sender_name = api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'), null, PERSON_NAME_EMAIL_ADDRESS);
+ $email_admin = api_get_setting('emailAdministrator');
+
+ if (@api_mail('', $email_to, $email_subject, $email_body, $sender_name, $email_admin) == 1) {
+ return get_lang('your_password_has_been_reset');
+ } else {
+ return get_lang('SystemUnableToSendEmailContact') . ' ' . Display :: encrypted_mailto_link(api_get_setting('emailAdministrator'), get_lang('PlatformAdmin')) . ".";
+ }
+ }
+
+ /**
+ * Handle encrypted password, send an email to a user with his password
+ *
+ * @param int user id
+ * @param bool $by_username
+ *
+ * @author Olivier Cauberghe , Ghent University
+ */
+ public static function handle_encrypted_password($user, $by_username = false)
+ {
+ global $_configuration;
+ $email_subject = "[" . api_get_setting('siteName') . "] " . get_lang('LoginRequest'); // SUBJECT
if ($by_username) { // Show only for lost password
$user_account_list = self::get_user_account_list($user, true, $by_username); // BODY
@@ -131,67 +137,648 @@ class Login
}
$secret_word = self::get_secret_word($email_to);
- $email_body = get_lang('DearUser')." :\n".get_lang('password_request')."\n";
- $email_body .= $user_account_list."\n-----------------------------------------------\n\n";
+ $email_body = get_lang('DearUser') . " :\n" . get_lang('password_request') . "\n";
+ $email_body .= $user_account_list . "\n-----------------------------------------------\n\n";
$email_body .= get_lang('PasswordEncryptedForSecurity');
- $email_body .= "\n\n".get_lang('Formula').",\n".api_get_setting('administratorName')." ".api_get_setting('administratorSurname')."\n".get_lang('PlataformAdmin')." - ".api_get_setting('siteName');
+ $email_body .= "\n\n" . get_lang('Formula') . ",\n" . api_get_setting('administratorName') . " " . api_get_setting('administratorSurname') . "\n" . get_lang('PlataformAdmin') . " - " . api_get_setting('siteName');
$sender_name = api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'), null, PERSON_NAME_EMAIL_ADDRESS);
$email_admin = api_get_setting('emailAdministrator');
-
+
if (@api_mail('', $email_to, $email_subject, $email_body, $sender_name, $email_admin) == 1) {
-
- if (api_get_setting('use_custom_pages') == 'true') {
+
+ if (CustomPages::enabled()) {
return get_lang('YourPasswordHasBeenEmailed');
} else {
Display::display_confirmation_message(get_lang('YourPasswordHasBeenEmailed'));
}
} else {
- $message = get_lang('SystemUnableToSendEmailContact').' '.Display :: encrypted_mailto_link(api_get_setting('emailAdministrator'), get_lang('PlatformAdmin')).".";
- if (api_get_setting('use_custom_pages') == 'true') {
+ $message = get_lang('SystemUnableToSendEmailContact') . ' ' . Display :: encrypted_mailto_link(api_get_setting('emailAdministrator'), get_lang('PlatformAdmin')) . ".";
+ if (CustomPages::enabled()) {
return $message;
} else {
Display::display_error_message($message, false);
}
}
}
-
- /**
- * Gets the secret word
- * @author Olivier Cauberghe , Ghent University
- */
- public static function get_secret_word($add) {
- global $_configuration;
- return $secret_word = md5($_configuration['security_key'].$add);
- }
-
- /**
- * Resets a password
- * @author Olivier Cauberghe , Ghent University
- */
- public static function reset_password($secret, $id, $by_username = false) {
- $tbl_user = Database::get_main_table(TABLE_MAIN_USER);
- $id = intval($id);
- $sql = "SELECT user_id AS uid, lastname AS lastName, firstname AS firstName, username AS loginName, password, email FROM ".$tbl_user." WHERE user_id=$id";
- $result = Database::query($sql);
- $num_rows = Database::num_rows($result);
-
- if ($result && $num_rows > 0) {
- $user = Database::fetch_array($result);
- } else {
- return get_lang('CouldNotResetPassword');
- }
-
- if (self::get_secret_word($user['email']) == $secret) { // OK, secret word is good. Now change password and mail it.
- $user['password'] = api_generate_password();
- $crypted = $user['password'];
- $crypted = api_get_encrypted_password($crypted);
- $sql = "UPDATE ".$tbl_user." SET password='$crypted' WHERE user_id = $id";
- $result = Database::query($sql);
- return self::send_password_to_user($user, $by_username);
- } else {
- return get_lang('NotAllowed');
- }
- }
+
+ /**
+ * Gets the secret word
+ * @author Olivier Cauberghe , Ghent University
+ */
+ public static function get_secret_word($add)
+ {
+ global $_configuration;
+ return $secret_word = md5($_configuration['security_key'] . $add);
+ }
+
+ /**
+ * Resets a password
+ * @author Olivier Cauberghe , Ghent University
+ */
+ public static function reset_password($secret, $id, $by_username = false)
+ {
+ $tbl_user = Database::get_main_table(TABLE_MAIN_USER);
+ $id = intval($id);
+ $sql = "SELECT user_id AS uid, lastname AS lastName, firstname AS firstName, username AS loginName, password, email FROM " . $tbl_user . " WHERE user_id=$id";
+ $result = Database::query($sql);
+ $num_rows = Database::num_rows($result);
+
+ if ($result && $num_rows > 0) {
+ $user = Database::fetch_array($result);
+ } else {
+ return get_lang('CouldNotResetPassword');
+ }
+
+ if (self::get_secret_word($user['email']) == $secret) { // OK, secret word is good. Now change password and mail it.
+ $user['password'] = api_generate_password();
+ $crypted = $user['password'];
+ $crypted = api_get_encrypted_password($crypted);
+ $sql = "UPDATE " . $tbl_user . " SET password='$crypted' WHERE user_id = $id";
+ $result = Database::query($sql);
+ return self::send_password_to_user($user, $by_username);
+ } else {
+ return get_lang('NotAllowed');
+ }
+ }
+
+ /**
+ *
+ * @global bool $is_platformAdmin
+ * @global bool $is_allowedCreateCourse
+ * @global object $_user
+ */
+ public static function init_user($user_id, $reset)
+ {
+ global $is_platformAdmin;
+ global $is_allowedCreateCourse;
+ global $_user;
+
+ if (isset($reset) && $reset) { // session data refresh requested
+ unset($_SESSION['_user']['uidReset']);
+ $is_platformAdmin = false;
+ $is_allowedCreateCourse = false;
+ $_user['user_id'] = $user_id;
+
+ if (isset($_user['user_id']) && $_user['user_id'] && !api_is_anonymous()) {
+ // a uid is given (log in succeeded)
+ $user_table = Database::get_main_table(TABLE_MAIN_USER);
+ $admin_table = Database::get_main_table(TABLE_MAIN_ADMIN);
+ $track_e_login = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_LOGIN);
+
+ $sql = "SELECT user.*, a.user_id is_admin, UNIX_TIMESTAMP(login.login_date) login_date
+ FROM $user_table
+ LEFT JOIN $admin_table a
+ ON user.user_id = a.user_id
+ LEFT JOIN $track_e_login login
+ ON user.user_id = login.login_user_id
+ WHERE user.user_id = '" . $_user['user_id'] . "'
+ ORDER BY login.login_date DESC LIMIT 1";
+
+ $result = Database::query($sql);
+
+ if (Database::num_rows($result) > 0) {
+ // Extracting the user data
+
+ $uData = Database::fetch_array($result);
+
+ $_user['firstName'] = $uData['firstname'];
+ $_user['lastName'] = $uData['lastname'];
+ $_user['mail'] = $uData['email'];
+ $_user['lastLogin'] = $uData['login_date'];
+ $_user['official_code'] = $uData['official_code'];
+ $_user['picture_uri'] = $uData['picture_uri'];
+ $_user['user_id'] = $uData['user_id'];
+ $_user['language'] = $uData['language'];
+ $_user['auth_source'] = $uData['auth_source'];
+ $_user['theme'] = $uData['theme'];
+ $_user['status'] = $uData['status'];
+
+ $is_platformAdmin = (bool) (!is_null($uData['is_admin']));
+ $is_allowedCreateCourse = (bool) (($uData ['status'] == 1) or (api_get_setting('drhCourseManagerRights') and $uData['status'] == 4));
+ ConditionalLogin::check_conditions($uData);
+
+ Session::write('_user',$_user);
+ UserManager::update_extra_field_value($_user['user_id'], 'already_logged_in', 'true');
+ Session::write('is_platformAdmin',$is_platformAdmin);
+ Session::write('is_allowedCreateCourse',$is_allowedCreateCourse);
+
+ // If request_uri is setted we have to go further to have course permissions
+ if (empty($_SESSION['request_uri']) || !isset($_SESSION['request_uri'])) {
+ if (isset($_SESSION['noredirection'])) {
+ //If we just want to reset info without redirecting user
+ unset($_SESSION['noredirection']);
+ } else {
+ LoginRedirection::redirect();
+ }
+ }
+ } else {
+ header('location:' . api_get_path(WEB_PATH));
+ //exit("WARNING UNDEFINED UID !! ");
+ }
+ } else { // no uid => logout or Anonymous
+ Session::erase('_user');
+ Session::erase('_uid');
+ }
+
+ Session::write('is_platformAdmin',$is_platformAdmin);
+ Session::write('is_allowedCreateCourse',$is_allowedCreateCourse);
+ } else { // continue with the previous values
+ $_user = $_SESSION['_user'];
+ $is_platformAdmin = $_SESSION['is_platformAdmin'];
+ $is_allowedCreateCourse = $_SESSION['is_allowedCreateCourse'];
+ }
+ }
+
+ /**
+ *
+ * @global bool $is_platformAdmin
+ * @global bool $is_allowedCreateCourse
+ * @global object $_user
+ * @global int $_cid
+ * @global array $_course
+ * @global type $_real_cid
+ * @global type $_courseUser
+ * @global type $is_courseAdmin
+ * @global type $is_courseTutor
+ * @global type $is_courseCoach
+ * @global type $is_courseMember
+ * @global type $is_sessionAdmin
+ * @global type $is_allowed_in_course
+ *
+ * @param type $course_id
+ * @param type $reset
+ */
+ static function init_course($course_id, $reset)
+ {
+ global $is_platformAdmin;
+ global $is_allowedCreateCourse;
+ global $_user;
+
+ global $_cid;
+ global $_course;
+ global $_real_cid;
+ global $_courseUser;
+
+ global $is_courseAdmin; //course teacher
+ global $is_courseTutor; //course teacher - some rights
+ global $is_courseCoach; //course coach
+ global $is_courseMember; //course student
+ global $is_sessionAdmin;
+ global $is_allowed_in_course;
+
+ if (isset($reset) && $reset) {
+ // Course session data refresh requested or empty data
+ if ($course_id) {
+ $course_table = Database::get_main_table(TABLE_MAIN_COURSE);
+ $course_cat_table = Database::get_main_table(TABLE_MAIN_CATEGORY);
+ $sql = "SELECT course.*, course_category.code faCode, course_category.name faName
+ FROM $course_table
+ LEFT JOIN $course_cat_table
+ ON course.category_code = course_category.code
+ WHERE course.code = '$course_id'";
+ $result = Database::query($sql);
+
+ if (Database::num_rows($result) > 0) {
+ $course_data = Database::fetch_array($result);
+ //@TODO real_cid should be cid, for working with numeric course id
+ $_real_cid = $course_data['id'];
+
+ $_cid = $course_data['code'];
+ $_course = array();
+ $_course['real_id'] = $course_data['id'];
+ $_course['id'] = $course_data['code']; //auto-assigned integer
+ $_course['code'] = $course_data['code'];
+ $_course['name'] = $course_data['title'];
+ $_course['title'] = $course_data['title'];
+ $_course['official_code'] = $course_data['visual_code']; // use in echo
+ $_course['sysCode'] = $course_data['code']; // use as key in db
+ $_course['path'] = $course_data['directory']; // use as key in path
+ $_course['dbName'] = $course_data['db_name']; // use as key in db list
+ $_course['db_name'] = $course_data['db_name']; // not needed in Chamilo 1.9
+ $_course['dbNameGlu'] = $_configuration['table_prefix'] . $course_data['db_name'] . $_configuration['db_glue']; // use in all queries //not needed in Chamilo 1.9
+ $_course['titular'] = $course_data['tutor_name']; // this should be deprecated and use the table course_rel_user
+ $_course['language'] = $course_data['course_language'];
+ $_course['extLink']['url'] = $course_data['department_url'];
+ $_course['extLink']['name'] = $course_data['department_name'];
+ $_course['categoryCode'] = $course_data['faCode'];
+ $_course['categoryName'] = $course_data['faName'];
+ $_course['visibility'] = $course_data['visibility'];
+ $_course['subscribe_allowed'] = $course_data['subscribe'];
+ $_course['unubscribe_allowed'] = $course_data['unsubscribe'];
+ $_course['activate_legal'] = $course_data['activate_legal'];
+ $_course['show_score'] = $course_data['show_score']; //used in the work tool
+
+ Session::write('_cid',$_cid);
+ Session::write('_course',$_course);
+
+ //@TODO real_cid should be cid, for working with numeric course id
+ Session::write('_real_cid',$_real_cid);
+
+ // if a session id has been given in url, we store the session
+ if (api_get_setting('use_session_mode') == 'true') {
+ // Database Table Definitions
+ $tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
+ $tbl_session_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
+ $tbl_session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
+
+ if (!empty($_GET['id_session'])) {
+ $_SESSION['id_session'] = intval($_GET['id_session']);
+ $sql = 'SELECT name FROM ' . $tbl_session . ' WHERE id="' . intval($_SESSION['id_session']) . '"';
+ $rs = Database::query($sql);
+ list($_SESSION['session_name']) = Database::fetch_array($rs);
+ } else {
+ Session::erase('session_name');
+ Session::erase('id_session');
+ }
+ }
+
+ if (!isset($_SESSION['login_as'])) {
+ //Course login
+ if (isset($_user['user_id'])) {
+ event_course_login($_course['sysCode'], $_user['user_id'], api_get_session_id());
+ }
+ }
+ } else {
+ //exit("WARNING UNDEFINED CID !! ");
+ header('location:' . api_get_path(WEB_PATH));
+ }
+ } else {
+ Session::erase('_cid');
+ Session::erase('_real_cid');
+ Session::erase('_course');
+
+ if (!empty($_SESSION)) {
+ foreach ($_SESSION as $key => $session_item) {
+ if (strpos($key, 'lp_autolunch_') === false) {
+ continue;
+ } else {
+ if (isset($_SESSION[$key])) {
+ Session::erase($key);
+ }
+ }
+ }
+ }
+ //Deleting session info
+ if (api_get_session_id()) {
+ Session::erase('id_session');
+ Session::erase('session_name');
+ }
+ }
+ } else {
+ // Continue with the previous values
+ if (empty($_SESSION['_course']) OR empty($_SESSION['_cid'])) { //no previous values...
+ $_cid = -1; //set default values that will be caracteristic of being unset
+ $_course = -1;
+ } else {
+ $_cid = $_SESSION['_cid'];
+ $_course = $_SESSION['_course'];
+
+ // these lines are usefull for tracking. Indeed we can have lost the id_session and not the cid.
+ // Moreover, if we want to track a course with another session it can be usefull
+ if (!empty($_GET['id_session'])) {
+ $tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
+ $sql = 'SELECT name FROM ' . $tbl_session . ' WHERE id="' . intval($_SESSION['id_session']) . '"';
+ $rs = Database::query($sql);
+ list($_SESSION['session_name']) = Database::fetch_array($rs);
+ $_SESSION['id_session'] = intval($_GET['id_session']);
+ }
+
+ if (!isset($_SESSION['login_as'])) {
+ $save_course_access = true;
+
+ //The value $_dont_save_user_course_access should be added before the call of global.inc.php see the main/inc/chat.ajax.php file
+ //Disables the updates in the TRACK_E_COURSE_ACCESS table
+ if (isset($_dont_save_user_course_access) && $_dont_save_user_course_access == true) {
+ $save_course_access = false;
+ }
+
+ if ($save_course_access) {
+ $course_tracking_table = Database :: get_statistic_table(TABLE_STATISTIC_TRACK_E_COURSE_ACCESS);
+
+ /*
+ * When $_configuration['session_lifetime'] is too big 100 hours (in order to let users take exercises with no problems)
+ * the function Tracking::get_time_spent_on_the_course() returns big values (200h) due the condition:
+ * login_course_date > now() - INTERVAL $session_lifetime SECOND
+ *
+ */
+ /*
+ if (isset($_configuration['session_lifetime'])) {
+ $session_lifetime = $_configuration['session_lifetime'];
+ } else {
+ $session_lifetime = 3600; // 1 hour
+ } */
+
+ $session_lifetime = 3600; // 1 hour
+
+ $course_code = $_course['sysCode'];
+ $time = api_get_datetime();
+
+ if (isset($_user['user_id']) && !empty($_user['user_id'])) {
+
+ //We select the last record for the current course in the course tracking table
+ //But only if the login date is < than now + max_life_time
+ $sql = "SELECT course_access_id FROM $course_tracking_table
+ WHERE user_id = " . intval($_user ['user_id']) . " AND
+ course_code = '$course_code' AND
+ session_id = " . api_get_session_id() . " AND
+ login_course_date > now() - INTERVAL $session_lifetime SECOND
+ ORDER BY login_course_date DESC LIMIT 0,1";
+ $result = Database::query($sql);
+
+ if (Database::num_rows($result) > 0) {
+ $i_course_access_id = Database::result($result, 0, 0);
+ //We update the course tracking table
+ $sql = "UPDATE $course_tracking_table SET logout_course_date = '$time', counter = counter+1
+ WHERE course_access_id = " . intval($i_course_access_id) . " AND session_id = " . api_get_session_id();
+ //error_log($sql);
+ Database::query($sql);
+ } else {
+ $sql = "INSERT INTO $course_tracking_table (course_code, user_id, login_course_date, logout_course_date, counter, session_id)" .
+ "VALUES('" . $course_code . "', '" . $_user['user_id'] . "', '$time', '$time', '1','" . api_get_session_id() . "')";
+ //error_log($sql);
+ Database::query($sql);
+ }
+ }
+ }
+ }
+ }
+ }
+ /* COURSE / USER REL. INIT */
+
+ $session_id = api_get_session_id();
+ $user_id = isset($_user['user_id']) ? $_user['user_id'] : null;
+
+ //Course permissions
+ $is_courseAdmin = false; //course teacher
+ $is_courseTutor = false; //course teacher - some rights
+ $is_courseMember = false; //course student
+ //Course - User permissions
+ $is_sessionAdmin = false;
+
+ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) {
+
+ if (isset($user_id) && $user_id && isset($_cid) && $_cid) {
+
+ //Check if user is subscribed in a course
+ $course_user_table = Database::get_main_table(TABLE_MAIN_COURSE_USER);
+ $sql = "SELECT * FROM $course_user_table
+ WHERE user_id = '" . $user_id . "' AND relation_type <> " . COURSE_RELATION_TYPE_RRHH . "
+ AND course_code = '$cidReq'";
+ $result = Database::query($sql);
+
+ $cuData = null;
+ if (Database::num_rows($result) > 0) { // this user have a recorded state for this course
+ $cuData = Database::fetch_array($result, 'ASSOC');
+ $is_courseAdmin = (bool) ($cuData['status'] == 1 );
+ $is_courseTutor = (bool) ($cuData['tutor_id'] == 1 );
+ $is_courseMember = true;
+
+ //Checking if the user filled the course legal agreement
+ if ($_course['activate_legal'] == 1 && !api_is_platform_admin()) {
+ $user_is_subscribed = CourseManager::is_user_accepted_legal($user_id, $_course['id'], $session_id);
+ if (!$user_is_subscribed) {
+ $url = api_get_path(WEB_CODE_PATH) . 'course_info/legal.php?course_code=' . $_course['code'] . '&session_id=' . $session_id;
+ header('Location: ' . $url);
+ exit;
+ }
+ }
+ $_courseUser['role'] = $cuData['role'];
+ Session::write('_courseUser',$_courseUser);
+ }
+
+ //We are in a session course? Check session permissions
+ if (!empty($session_id)) {
+
+ //I'm not the teacher of the course
+ if ($is_courseAdmin == false) {
+ // this user has no status related to this course
+ // The user is subscribed in a session? The user is a Session coach a Session admin ?
+
+ $tbl_session = Database :: get_main_table(TABLE_MAIN_SESSION);
+ $tbl_session_course = Database :: get_main_table(TABLE_MAIN_SESSION_COURSE);
+ $tbl_session_course_user = Database :: get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
+
+ //Session coach, session admin, course coach admin
+ $sql = "SELECT session.id_coach, session_admin_id, session_rcru.id_user
+ FROM $tbl_session session, $tbl_session_course_user session_rcru
+ WHERE session_rcru.id_session = session.id AND
+ session_rcru.course_code = '$_cid' AND
+ session_rcru.id_user = '$user_id' AND
+ session_rcru.id_session = $session_id AND
+ session_rcru.status = 2";
+
+ $result = Database::query($sql);
+ $row = Database::store_result($result);
+
+ //I'm a session admin?
+ if (isset($row) && isset($row[0]) && $row[0]['session_admin_id'] == $user_id) {
+ $_courseUser['role'] = 'Professor';
+ $is_courseMember = false;
+ $is_courseTutor = false;
+ $is_courseAdmin = false;
+ $is_courseCoach = false;
+ $is_sessionAdmin = true;
+ } else {
+ //Im a coach or a student?
+ $sql = "SELECT id_user, status FROM " . $tbl_session_course_user . "
+ WHERE course_code = '$_cid' AND
+ id_user = '" . $user_id . "' AND
+ id_session = '" . $session_id . "'
+ LIMIT 1";
+ $result = Database::query($sql);
+
+ if (Database::num_rows($result)) {
+ $row = Database::fetch_array($result, 'ASSOC');
+
+ $session_course_status = $row['status'];
+
+ switch ($session_course_status) {
+ case '2': // coach - teacher
+ $_courseUser['role'] = 'Professor';
+ $is_courseMember = true;
+ $is_courseTutor = true;
+ $is_courseCoach = true;
+ $is_sessionAdmin = false;
+
+ if (api_get_setting('extend_rights_for_coach') == 'true') {
+ $is_courseAdmin = true;
+ } else {
+ $is_courseAdmin = false;
+ }
+ Session::write('_courseUser',$_courseUser);
+ break;
+ case '0': //student
+ $is_courseMember = true;
+ $is_courseTutor = false;
+ $is_courseAdmin = false;
+ $is_sessionAdmin = false;
+ Session::write('_courseUser',$_courseUser);
+ break;
+ default:
+ //unregister user
+ $is_courseMember = false;
+ $is_courseTutor = false;
+ $is_courseAdmin = false;
+ $is_sessionAdmin = false;
+ Session::erase('_courseUser');
+ break;
+ }
+ } else {
+ //unregister user
+ $is_courseMember = false;
+ $is_courseTutor = false;
+ $is_courseAdmin = false;
+ $is_sessionAdmin = false;
+ Session::erase('_courseUser');
+ }
+ }
+ }
+
+ //If I'm the admin platform i'm a teacher of the course
+ if ($is_platformAdmin) {
+ $is_courseAdmin = true;
+ }
+ }
+ } else { // keys missing => not anymore in the course - user relation
+ // course
+ $is_courseMember = false;
+ $is_courseAdmin = false;
+ $is_courseTutor = false;
+ $is_courseCoach = false;
+ $is_sessionAdmin = false;
+ Session::erase('_courseUser');
+ }
+
+ //Checking the course access
+ $is_allowed_in_course = false;
+
+ if (isset($_course)) {
+ switch ($_course['visibility']) {
+ case COURSE_VISIBILITY_OPEN_WORLD: //3
+ $is_allowed_in_course = true;
+ break;
+ case COURSE_VISIBILITY_OPEN_PLATFORM : //2
+ if (isset($user_id) && !api_is_anonymous($user_id)) {
+ $is_allowed_in_course = true;
+ }
+ break;
+ case COURSE_VISIBILITY_REGISTERED: //1
+ if ($is_platformAdmin || $is_courseMember) {
+ $is_allowed_in_course = true;
+ }
+ break;
+ case COURSE_VISIBILITY_CLOSED: //0
+ if ($is_platformAdmin || $is_courseAdmin) {
+ $is_allowed_in_course = true;
+ }
+ break;
+ }
+ }
+
+ // check the session visibility
+ if ($is_allowed_in_course == true) {
+ //if I'm in a session
+
+ if ($session_id != 0) {
+ if (!$is_platformAdmin) {
+ // admin and session coach are *not* affected to the invisible session mode
+ // the coach is not affected because he can log in some days after the end date of a session
+ $session_visibility = api_get_session_visibility($session_id);
+
+ switch ($session_visibility) {
+ case SESSION_INVISIBLE:
+ $is_allowed_in_course = false;
+ break;
+ }
+ //checking date
+ }
+ }
+ }
+
+ // save the states
+ Session::write('is_courseAdmin',$is_courseAdmin);
+ Session::write('is_courseMember',$is_courseMember);
+ Session::write('is_courseTutor',$is_courseTutor);
+ Session::write('is_courseCoach',$is_courseCoach);
+ Session::write('is_allowed_in_course',$is_allowed_in_course);
+
+ Session::write('is_sessionAdmin',$is_sessionAdmin);
+ } else { // continue with the previous values
+ if (isset($_SESSION ['_courseUser'])) {
+ $_courseUser = $_SESSION ['_courseUser'];
+ }
+
+ $is_courseAdmin = $_SESSION ['is_courseAdmin'];
+ $is_courseTutor = $_SESSION ['is_courseTutor'];
+ $is_courseCoach = $_SESSION ['is_courseCoach'];
+ $is_courseMember = $_SESSION ['is_courseMember'];
+ $is_allowed_in_course = $_SESSION ['is_allowed_in_course'];
+ }
+ }
+
+ /**
+ *
+ * @global int $_cid
+ * @global array $_course
+ * @global int $_gid
+ *
+ * @param int $group_id
+ * @param bool $reset
+ */
+ static function init_group($group_id, $reset)
+ {
+ global $_cid;
+ global $_course;
+ global $_gid;
+
+ if ($reset) { // session data refresh requested
+ if ($group_id && $_cid && !empty($_course['real_id'])) { // have keys to search data
+ $group_table = Database::get_course_table(TABLE_GROUP);
+ $sql = "SELECT * FROM $group_table WHERE c_id = " . $_course['real_id'] . " AND id = '$group_id'";
+ $result = Database::query($sql);
+ if (Database::num_rows($result) > 0) { // This group has recorded status related to this course
+ $gpData = Database::fetch_array($result);
+ $_gid = $gpData ['id'];
+ Session::write('_gid',$_gid);
+ } else {
+ Session::erase('_gid');
+ }
+ } elseif (isset($_SESSION['_gid']) or isset($_gid)) { // Keys missing => not anymore in the group - course relation
+ Session::erase('_gid');
+ }
+ } elseif (isset($_SESSION['_gid'])) { // continue with the previous values
+ $_gid = $_SESSION ['_gid'];
+ } else { //if no previous value, assign caracteristic undefined value
+ $_gid = -1;
+ }
+
+ //set variable according to student_view_enabled choices
+ if (api_get_setting('student_view_enabled') == "true") {
+ if (isset($_GET['isStudentView'])) {
+ if ($_GET['isStudentView'] == 'true') {
+ if (isset($_SESSION['studentview'])) {
+ if (!empty($_SESSION['studentview'])) {
+ // switching to studentview
+ $_SESSION['studentview'] = 'studentview';
+ }
+ }
+ } elseif ($_GET['isStudentView'] == 'false') {
+ if (isset($_SESSION['studentview'])) {
+ if (!empty($_SESSION['studentview'])) {
+ // switching to teacherview
+ $_SESSION['studentview'] = 'teacherview';
+ }
+ }
+ }
+ } elseif (!empty($_SESSION['studentview'])) {
+ //all is fine, no change to that, obviously
+ } elseif (empty($_SESSION['studentview'])) {
+ // We are in teacherview here
+ $_SESSION['studentview'] = 'teacherview';
+ }
+ }
+ }
+
}
diff --git a/main/inc/lib/login_redirection.class.php b/main/inc/lib/login_redirection.class.php
index 2e3af2913b..7bd4e10f56 100644
--- a/main/inc/lib/login_redirection.class.php
+++ b/main/inc/lib/login_redirection.class.php
@@ -52,9 +52,8 @@ Class LoginRedirection {
}
// Custom pages
- if (api_get_setting('use_custom_pages') == 'true') {
- require_once api_get_path(LIBRARY_PATH).'custompages.lib.php';
- CustomPages::displayPage('index-logged');
+ if (CustomPages::enabled()) {
+ CustomPages::display(CustomPages::INDEX_LOGGED);
}
header('location: '.api_get_path(WEB_PATH).api_get_setting('page_after_login').$param);
exit();
diff --git a/main/inc/lib/loginredirection.lib.php b/main/inc/lib/loginredirection.lib.php
deleted file mode 100644
index e65cc74f3e..0000000000
--- a/main/inc/lib/loginredirection.lib.php
+++ /dev/null
@@ -1,7 +0,0 @@
- for the Univesity of Geneva
+ */
+class Session implements ArrayAccess
+{
+
+ static function read($variable, $default = null)
+ {
+ return isset($_SESSION[$variable]) ? $_SESSION[$variable] : $default;
+ }
+
+ static function write($variable, $value)
+ {
+ $_SESSION[$variable] = $value;
+ }
+
+ static function erase($variable)
+ {
+ $variable = (string) $variable;
+ if (isset($GLOBALS[$variable])) {
+ unset($GLOBALS[$variable]);
+ }
+ if (isset($_SESSION[$variable])) {
+ unset($_SESSION[$variable]);
+ }
+ }
+
+ /**
+ * Returns true if session has variable set up, false otherwise.
+ *
+ * @param string $variable
+ */
+ static function has($variable)
+ {
+ return isset($_SESSION[$variable]);
+ }
+
+ static function clear()
+ {
+ session_regenerate_id();
+ session_unset();
+ $_SESSION = array();
+ }
+
+ static function destroy()
+ {
+ session_unset();
+ $_SESSION = array();
+ session_destroy();
+ }
+
+ /*
+ * ArrayAccess
+ */
+
+ public function offsetExists($offset)
+ {
+ return isset($_SESSION[$offset]);
+ }
+
+ /**
+ * It it exists returns the value stored at the specified offset.
+ * If offset does not exists returns null. Do not trigger a warning.
+ *
+ * @param string $offset
+ * @return any
+ */
+ public function offsetGet($offset)
+ {
+ return self::read($offset);
+ }
+
+ public function offsetSet($offset, $value)
+ {
+ self::write($offset, $value);
+ }
+
+ public function offsetUnset($offset)
+ {
+ unset($_SESSION[$offset]);
+ }
+
+ /**
+ * Magical methods
+ *
+ */
+
+ public function __unset($name)
+ {
+ unset($_SESSION[$name]);
+ }
+
+ public function __isset($name)
+ {
+ return self::has($name);
+ }
+
+ /**
+ * It it exists returns the value stored at the specified offset.
+ * If offset does not exists returns null. Do not trigger a warning.
+ *
+ * @param string $name
+ * @return any
+ *
+ */
+ function __get($name)
+ {
+ return self::read($name);
+ }
+
+ /**
+ *
+ * @param string $name
+ * @param any $value
+ */
+ function __set($name, $value)
+ {
+ self::write($name, $value);
+ }
+
+}
\ No newline at end of file
diff --git a/main/inc/lib/session_handler.class.php b/main/inc/lib/session_handler.class.php
index e6c9b1ae09..d775d0b04d 100644
--- a/main/inc/lib/session_handler.class.php
+++ b/main/inc/lib/session_handler.class.php
@@ -8,7 +8,7 @@
/**
* @package chamilo.library
*/
-class session_handler {
+class SessionHandler {
// TODO: Hm, these variables are public.
public $connection;
diff --git a/main/inc/lib/system/io/file_reader.class.php b/main/inc/lib/system/io/file_reader.class.php
index 0dc9bf399d..7673da2ca1 100644
--- a/main/inc/lib/system/io/file_reader.class.php
+++ b/main/inc/lib/system/io/file_reader.class.php
@@ -123,7 +123,7 @@ class FileReader implements Iterator
}
protected function convert($text)
- {
+ {
return $this->converter->convert($text);
}
diff --git a/main/inc/lib/system/text/encoding_converter.class.php b/main/inc/lib/system/text/encoding_converter.class.php
index be240dad85..460a056e8e 100644
--- a/main/inc/lib/system/text/encoding_converter.class.php
+++ b/main/inc/lib/system/text/encoding_converter.class.php
@@ -30,7 +30,7 @@ class EncodingConverter extends Converter
if (strtolower($from_encoding) == strtolower($to_encoding)) {
return Converter::identity();
} else {
- new self($from_encoding, $to_encoding);
+ return new self($from_encoding, $to_encoding);
}
}
@@ -60,7 +60,12 @@ class EncodingConverter extends Converter
if ($from == $to) {
return $string;
}
- api_convert_encoding($string, $to, $from);
+ return api_convert_encoding($string, $to, $from);
+ }
+
+ function reset()
+ {
+ ;
}
}
\ No newline at end of file
diff --git a/main/inc/lib/userportal.lib.php b/main/inc/lib/userportal.lib.php
index b8ff9147bd..b221ae247e 100644
--- a/main/inc/lib/userportal.lib.php
+++ b/main/inc/lib/userportal.lib.php
@@ -157,7 +157,7 @@ class IndexManager {
}
}
exit_of_chat($uid);
- api_session_destroy();
+ Session::destroy();
$query_string = $query_string ? "$query_string&loggedout=true" : '?loggedout=true';
header("Location: index.php$query_string");
exit();
diff --git a/main/inc/local.inc.php b/main/inc/local.inc.php
index f5344aa3a4..b1bdcf9ee4 100644
--- a/main/inc/local.inc.php
+++ b/main/inc/local.inc.php
@@ -144,8 +144,8 @@ if (isset($_SESSION['conditional_login']['uid']) && $_SESSION['conditional_login
$_user['user_id'] = $_SESSION['conditional_login']['uid'];
$_user['status'] = $uData['status'];
- api_session_register('_user');
- api_session_unregister('conditional_login');
+ Session::write('_user',$_user);
+ Session::erase('conditional_login');
$uidReset=true;
event_login();
}
@@ -332,17 +332,17 @@ if (!empty($_SESSION['_user']['user_id']) && ! ($login || $logout)) {
$_user['user_id'] = $uData['user_id'];
$_user['status'] = $uData['status'];
- api_session_register('_user');
+ Session::write('_user',$_user);
event_login();
} else {
$loginFailed = true;
- api_session_unregister('_uid');
+ Session::erase('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=access_url_inactive');
exit;
}
} else {
$loginFailed = true;
- api_session_unregister('_uid');
+ Session::erase('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=access_url_inactive');
exit;
}
@@ -352,18 +352,18 @@ if (!empty($_SESSION['_user']['user_id']) && ! ($login || $logout)) {
ConditionalLogin::check_conditions($uData);
$_user['user_id'] = $uData['user_id'];
$_user['status'] = $uData['status'];
- api_session_register('_user');
+ Session::write('_user',$_user);
event_login();
} else {
//This means a secondary admin wants to login so we check as he's a normal user
if (in_array($current_access_url_id, $my_url_list)) {
$_user['user_id'] = $uData['user_id'];
$_user['status'] = $uData['status'];
- api_session_register('_user');
+ Session::write('_user',$_user);
event_login();
} else {
$loginFailed = true;
- api_session_unregister('_uid');
+ Session::erase('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=access_url_inactive');
exit;
}
@@ -374,25 +374,25 @@ if (!empty($_SESSION['_user']['user_id']) && ! ($login || $logout)) {
$_user['user_id'] = $uData['user_id'];
$_user['status'] = $uData['status'];
- api_session_register('_user');
+ Session::write('_user',$_user);
event_login();
}
} else {
$loginFailed = true;
- api_session_unregister('_uid');
+ Session::erase('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=account_expired');
exit;
}
} else {
$loginFailed = true;
- api_session_unregister('_uid');
+ Session::erase('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=account_inactive');
exit;
}
} else {
// login failed: username or password incorrect
$loginFailed = true;
- api_session_unregister('_uid');
+ Session::erase('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=user_password_incorrect');
exit;
}
@@ -494,7 +494,7 @@ if (!empty($_SESSION['_user']['user_id']) && ! ($login || $logout)) {
error_log('Check the sso_referer URL in your script');
//Request comes from unknown source
$loginFailed = true;
- api_session_unregister('_uid');
+ Session::erase('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=unrecognize_sso_origin');
exit;
}
@@ -536,17 +536,17 @@ if (!empty($_SESSION['_user']['user_id']) && ! ($login || $logout)) {
$_user['user_id'] = $uData['user_id'];
$_user['status'] = $uData['status'];
- api_session_register('_user');
+ Session::write('_user',$_user);
event_login();
} else {
$loginFailed = true;
- api_session_unregister('_uid');
+ Session::erase('_uid');
header('Location: index.php?loginFailed=1&error=account_expired');
exit;
}
} else {
$loginFailed = true;
- api_session_unregister('_uid');
+ Session::erase('_uid');
header('Location: index.php?loginFailed=1&error=account_inactive');
exit;
}
@@ -659,10 +659,10 @@ if (isset($uidReset) && $uidReset) { // session data refresh requested
$is_allowedCreateCourse = (bool) (($uData ['status'] == 1) or (api_get_setting('drhCourseManagerRights') and $uData['status'] == 4));
ConditionalLogin::check_conditions($uData);
- api_session_register('_user');
+ Session::write('_user',$_user);
UserManager::update_extra_field_value($_user['user_id'], 'already_logged_in', 'true');
- api_session_register('is_platformAdmin');
- api_session_register('is_allowedCreateCourse');
+ Session::write('is_platformAdmin',$is_platformAdmin);
+ Session::write('is_allowedCreateCourse',$is_allowedCreateCourse);
// If request_uri is setted we have to go further to have course permissions
if (empty($_SESSION['request_uri']) || !isset($_SESSION['request_uri'])) {
@@ -670,7 +670,6 @@ if (isset($uidReset) && $uidReset) { // session data refresh requested
//If we just want to reset info without redirecting user
unset($_SESSION['noredirection']);
} else {
- //require_once api_get_path(LIBRARY_PATH).'loginredirection.lib.php'; moved to autologin
LoginRedirection::redirect();
}
}
@@ -679,12 +678,12 @@ if (isset($uidReset) && $uidReset) { // session data refresh requested
//exit("WARNING UNDEFINED UID !! ");
}
} else { // no uid => logout or Anonymous
- api_session_unregister('_user');
- api_session_unregister('_uid');
+ Session::erase('_user');
+ Session::erase('_uid');
}
- api_session_register('is_platformAdmin');
- api_session_register('is_allowedCreateCourse');
+ Session::write('is_platformAdmin',$is_platformAdmin);
+ Session::write('is_allowedCreateCourse',$is_allowedCreateCourse);
} else { // continue with the previous values
$_user = $_SESSION['_user'];
$is_platformAdmin = $_SESSION['is_platformAdmin'];
@@ -735,11 +734,11 @@ if (isset($cidReset) && $cidReset) {
$_course['activate_legal'] = $course_data['activate_legal'];
$_course['show_score'] = $course_data['show_score']; //used in the work tool
- api_session_register('_cid');
- api_session_register('_course');
+ Session::write('_cid',$_cid);
+ Session::write('_course',$_course);
//@TODO real_cid should be cid, for working with numeric course id
- api_session_register('_real_cid');
+ Session::write('_real_cid',$_real_cid);
// if a session id has been given in url, we store the session
if (api_get_setting('use_session_mode') == 'true') {
@@ -754,8 +753,8 @@ if (isset($cidReset) && $cidReset) {
$rs = Database::query($sql);
list($_SESSION['session_name']) = Database::fetch_array($rs);
} else {
- api_session_unregister('session_name');
- api_session_unregister('id_session');
+ Session::erase('session_name');
+ Session::erase('id_session');
}
}
@@ -770,9 +769,9 @@ if (isset($cidReset) && $cidReset) {
header('location:'.api_get_path(WEB_PATH));
}
} else {
- api_session_unregister('_cid');
- api_session_unregister('_real_cid');
- api_session_unregister('_course');
+ Session::erase('_cid');
+ Session::erase('_real_cid');
+ Session::erase('_course');
if (!empty($_SESSION)) {
foreach($_SESSION as $key=>$session_item) {
@@ -780,15 +779,15 @@ if (isset($cidReset) && $cidReset) {
continue;
} else {
if(isset($_SESSION[$key])) {
- api_session_unregister($key);
+ Session::erase($key);
}
}
}
}
//Deleting session info
if (api_get_session_id()) {
- api_session_unregister('id_session');
- api_session_unregister('session_name');
+ Session::erase('id_session');
+ Session::erase('session_name');
}
}
} else {
@@ -912,7 +911,7 @@ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) {
}
}
$_courseUser['role'] = $cuData['role'];
- api_session_register('_courseUser');
+ Session::write('_courseUser',$_courseUser);
}
//We are in a session course? Check session permissions
@@ -974,14 +973,14 @@ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) {
} else {
$is_courseAdmin = false;
}
- api_session_register('_courseUser');
+ Session::write('_courseUser',$_courseUser);
break;
case '0': //student
$is_courseMember = true;
$is_courseTutor = false;
$is_courseAdmin = false;
$is_sessionAdmin = false;
- api_session_register('_courseUser');
+ Session::write('_courseUser',$_courseUser);
break;
default:
//unregister user
@@ -989,7 +988,7 @@ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) {
$is_courseTutor = false;
$is_courseAdmin = false;
$is_sessionAdmin = false;
- api_session_unregister('_courseUser');
+ Session::erase('_courseUser');
break;
}
} else {
@@ -998,7 +997,7 @@ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) {
$is_courseTutor = false;
$is_courseAdmin = false;
$is_sessionAdmin = false;
- api_session_unregister('_courseUser');
+ Session::erase('_courseUser');
}
}
}
@@ -1015,7 +1014,7 @@ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) {
$is_courseTutor = false;
$is_courseCoach = false;
$is_sessionAdmin = false;
- api_session_unregister('_courseUser');
+ Session::erase('_courseUser');
}
//Checking the course access
@@ -1065,13 +1064,13 @@ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) {
}
// save the states
- api_session_register('is_courseAdmin');
- api_session_register('is_courseMember');
- api_session_register('is_courseTutor');
- api_session_register('is_courseCoach');
- api_session_register('is_allowed_in_course');
+ Session::write('is_courseAdmin',$is_courseAdmin);
+ Session::write('is_courseMember',$is_courseMember);
+ Session::write('is_courseTutor',$is_courseTutor);
+ Session::write('is_courseCoach',$is_courseCoach);
+ Session::write('is_allowed_in_course',$is_allowed_in_course);
- api_session_register('is_sessionAdmin');
+ Session::write('is_sessionAdmin',$is_sessionAdmin);
} else { // continue with the previous values
if (isset($_SESSION ['_courseUser'])) {
@@ -1095,12 +1094,12 @@ if ((isset($gidReset) && $gidReset) || (isset($cidReset) && $cidReset)) { // ses
if (Database::num_rows($result) > 0) { // This group has recorded status related to this course
$gpData = Database::fetch_array($result);
$_gid = $gpData ['id'];
- api_session_register('_gid');
+ Session::write('_gid',$_gid);
} else {
- api_session_unregister('_gid');
+ Session::erase('_gid');
}
} elseif (isset($_SESSION['_gid']) or isset($_gid)) { // Keys missing => not anymore in the group - course relation
- api_session_unregister('_gid');
+ Session::erase('_gid');
}
} elseif (isset($_SESSION['_gid'])) { // continue with the previous values
$_gid = $_SESSION ['_gid'];
diff --git a/main/install/index.php b/main/install/index.php
index 76ed6046cc..363b574a7a 100644
--- a/main/install/index.php
+++ b/main/install/index.php
@@ -63,7 +63,7 @@ $_setting = array(
if (!empty($_POST['language_list'])) {
$search = array('../', '\\0');
$install_language = str_replace($search, '', urldecode($_POST['language_list']));
- api_session_register('install_language');
+ Session::write('install_language',$install_language);
} elseif (isset($_SESSION['install_language']) && $_SESSION['install_language']) {
$install_language = $_SESSION['install_language'];
} else {
diff --git a/main/newscorm/learnpath_functions.inc.php b/main/newscorm/learnpath_functions.inc.php
index ff1e4ee012..5b62d71ce8 100644
--- a/main/newscorm/learnpath_functions.inc.php
+++ b/main/newscorm/learnpath_functions.inc.php
@@ -1156,19 +1156,19 @@ function export_exercise($item_id) {
/* Clears the exercise session */
if (isset ($_SESSION['objExercise'])) {
- api_session_unregister('objExercise');
+ Session::erase('objExercise');
}
if (isset ($_SESSION['objQuestion'])) {
- api_session_unregister('objQuestion');
+ Session::erase('objQuestion');
}
if (isset ($_SESSION['objAnswer'])) {
- api_session_unregister('objAnswer');
+ Session::erase('objAnswer');
}
if (isset ($_SESSION['questionList'])) {
- api_session_unregister('questionList');
+ Session::erase('questionList');
}
if (isset ($_SESSION['exerciseResult'])) {
- api_session_unregister('exerciseResult');
+ Session::erase('exerciseResult');
}
// If the object is not in the session:
@@ -1183,7 +1183,7 @@ function export_exercise($item_id) {
}
// Saves the object into the session.
- api_session_register('objExercise');
+ Session::write('objExercise',$objExercise);
}
$exerciseTitle = $objExercise->selectTitle();
@@ -1197,7 +1197,7 @@ function export_exercise($item_id) {
$questionList = $randomQuestions ? $objExercise->selectRandomList() : $objExercise->selectQuestionList();
// Saves the question list into the session.
- api_session_register('questionList');
+ Session::write('questionList',$questionList);
}
$nbrQuestions = sizeof($questionList);
diff --git a/main/newscorm/lp_controller.php b/main/newscorm/lp_controller.php
index 2e8c69d7da..b38859c38c 100644
--- a/main/newscorm/lp_controller.php
+++ b/main/newscorm/lp_controller.php
@@ -105,7 +105,7 @@ $myrefresh_id = 0;
if (!empty($_SESSION['refresh']) && $_SESSION['refresh'] == 1) {
// Check if we should do a refresh of the oLP object (for example after editing the LP).
// If refresh is set, we regenerate the oLP object from the database (kind of flush).
- api_session_unregister('refresh');
+ Session::erase('refresh');
$myrefresh = 1;
if ($debug > 0) error_log('New LP - Refresh asked', 0);
}
@@ -127,8 +127,8 @@ if (isset($_SESSION['lpobject'])) {
if ($debug > 0) error_log('New LP - Course has changed, discard lp object', 0);
if ($myrefresh == 1) { $myrefresh_id = $oLP->get_id(); }
$oLP = null;
- api_session_unregister('oLP');
- api_session_unregister('lpobject');
+ Session::erase('oLP');
+ Session::erase('lpobject');
} else {
$_SESSION['oLP'] = $oLP;
$lp_found = true;
@@ -527,7 +527,7 @@ switch ($action) {
// Remove lp from homepage if it is there.
//$_SESSION['oLP']->toggle_visibility((int)$_GET['lp_id'],'i');
$_SESSION['oLP']->delete(null,(int)$_GET['lp_id'],'remove');
- api_session_unregister('oLP');
+ Session::erase('oLP');
require 'lp_list.php';
}
break;
diff --git a/main/newscorm/lp_view.php b/main/newscorm/lp_view.php
index 127851f625..58bb056ec4 100644
--- a/main/newscorm/lp_view.php
+++ b/main/newscorm/lp_view.php
@@ -97,7 +97,7 @@ $_SESSION['lp_mode'] = $_SESSION['oLP']->mode;
// Reinit exercises variables to avoid spacename clashes (see exercise tool)
if (isset($exerciseResult) || isset($_SESSION['exerciseResult'])) {
- api_session_unregister($exerciseResult);
+ Session::erase($exerciseResult);
}
unset($_SESSION['objExercise']);
unset($_SESSION['questionList']);
diff --git a/main/newscorm/resourcelinker.inc.php b/main/newscorm/resourcelinker.inc.php
index 882a8ac048..3d72ded7d2 100644
--- a/main/newscorm/resourcelinker.inc.php
+++ b/main/newscorm/resourcelinker.inc.php
@@ -34,8 +34,8 @@ require_once '../exercice/hotpotatoes.lib.php';
function unset_session_resources() {
$_SESSION['addedresource'] = '';
$_SESSION['addedresourceid'] = '';
- api_session_unregister(addedresource);
- api_session_unregister(addedresourceid);
+ Session::erase(addedresource);
+ Session::erase(addedresourceid);
}
/**
@@ -1701,8 +1701,8 @@ function rl_get_resource_link_for_learnpath($course_code, $learnpath_id, $id_in_
$link .= $main_course_path.'document'.$docurl.'?'.api_get_cidreq();
$openmethod = 2;
$officedoc = false;
- api_session_register('openmethod');
- api_session_register('officedoc');
+ Session::write('openmethod',$openmethod);
+ Session::write('officedoc',$officedoc);
break;
case 'assignments':
$link .= $main_dir_path.'work/work.php?origin='.$origin;
diff --git a/main/newscorm/resourcelinker.php b/main/newscorm/resourcelinker.php
index b13138ad8c..1163235519 100644
--- a/main/newscorm/resourcelinker.php
+++ b/main/newscorm/resourcelinker.php
@@ -382,7 +382,7 @@ if ($_GET['source_id']) {
break;
case '5': // coming from learning path
$from_learnpath = 'yes';
- api_session_register('from_learnpath');
+ Session::write('from_learnpath',$from_learnpath);
break;
case '6': // coming from forum: reply
$url = "../phpbb/reply.php?topic=$topic&forum=$forum&parentid=$parentid";
diff --git a/main/reservation/m_item.php b/main/reservation/m_item.php
old mode 100755
new mode 100644
index 36c7a7ae46..cda63a2fce
--- a/main/reservation/m_item.php
+++ b/main/reservation/m_item.php
@@ -290,7 +290,7 @@ switch ($_GET['action']) {
echo $msg;
$_s_item['id'] = $_GET['item_id'];
$_s_item['name'] = $item['name'];
- api_session_register('_s_item');
+ Session::write('_s_item',$_s_item);
//api_session_register('s_item_name');
//echo "".get_lang('MAddClassgroup')."";
$table = new SortableTable('itemrights', array ('Rsys', 'get_num_itemrights'), array ('Rsys', 'get_table_itemrights'), 1);
diff --git a/main/resourcelinker/resourcelinker.inc.php b/main/resourcelinker/resourcelinker.inc.php
old mode 100755
new mode 100644
index f1ee1b2bed..cf2df281f8
--- a/main/resourcelinker/resourcelinker.inc.php
+++ b/main/resourcelinker/resourcelinker.inc.php
@@ -29,8 +29,8 @@ include(api_get_path(SYS_CODE_PATH).'exercice/hotpotatoes.lib.php');
function unset_session_resources() {
$_SESSION['addedresource']='';
$_SESSION['addedresourceid']='';
- api_session_unregister('addedresource');
- api_session_unregister('addedresourceid');
+ Session::erase('addedresource');
+ Session::erase('addedresourceid');
}
/**
diff --git a/main/resourcelinker/resourcelinker.php b/main/resourcelinker/resourcelinker.php
old mode 100755
new mode 100644
index b876b9c565..dcce6a2809
--- a/main/resourcelinker/resourcelinker.php
+++ b/main/resourcelinker/resourcelinker.php
@@ -320,7 +320,7 @@ if ($_GET["source_id"])
break;
case "5" : // coming from learning path
$from_learnpath = 'yes';
- api_session_register('from_learnpath');
+ Session::write('from_learnpath',$from_learnpath);
break;
case "6" : // coming from forum: reply
$url = "../phpbb/reply.php?topic=$topic&forum=$forum&parentid=$parentid";
diff --git a/main/session/index.php b/main/session/index.php
index 6a222c630a..79962df921 100644
--- a/main/session/index.php
+++ b/main/session/index.php
@@ -33,7 +33,7 @@ $_SESSION['id_session'] = $session_id;
// Clear the exercise session just in case
if (isset ($_SESSION['objExercise'])) {
- api_session_unregister('objExercise');
+ Session::erase('objExercise');
}
$session_info = SessionManager::fetch($session_id);
diff --git a/tests/main/inc/lib/main_api.lib.test.php b/tests/main/inc/lib/main_api.lib.test.php
index d931efb84c..cacc9ca9c1 100755
--- a/tests/main/inc/lib/main_api.lib.test.php
+++ b/tests/main/inc/lib/main_api.lib.test.php
@@ -139,24 +139,24 @@ class TestMainApi extends UnitTestCase {
function testApiSessionStart(){
if (!headers_sent()) {
- $res = api_session_start($already_sintalled=true);
+ $res = Chamilo::session()->start($already_sintalled=true);
}
$this->assertTrue(is_null($res));
}
- function testApiSessionRegister(){
- $$variable[session_register]=false;
- global $$variable;
- if (!headers_sent()) {
- $res=api_session_register($$variable);
- }
- $this->assertTrue(is_null($res));
- $this->assertTrue(is_null($variable[session_register]));
- }
+// function testApiSessionRegister(){
+// $$variable[session_register]=false;
+// global $$variable;
+// if (!headers_sent()) {
+// $res=Session::register($$variable, $$variable);
+// }
+// $this->assertTrue(is_null($res));
+// $this->assertTrue(is_null($variable[session_register]));
+// }
function testApiSessionUnregister() {
$variable=strval($variable);
- $res=api_session_unregister($variable);
+ $res=Session::erase($variable);
$this->assertTrue(is_null($res));
$this->assertTrue(is_null($_SESSION[$variable]=null));
}
@@ -164,7 +164,7 @@ class TestMainApi extends UnitTestCase {
function testApiSessionClear() {
$variable = 'test';
if (!headers_sent()) {
- $res=api_session_clear($variable);
+ $res=Session::clear($variable);
}
$this->assertTrue(is_null($res));
//var_dump($res);
@@ -172,7 +172,7 @@ class TestMainApi extends UnitTestCase {
function testApiSessionDestroy(){
if (!headers_sent()) {
- $res=api_session_destroy();
+ $res=Session::destroy();
}
$this->assertTrue(is_null($res));
//var_dump($res);
diff --git a/tests/main/inc/lib/session_handler.class.test.php b/tests/main/inc/lib/session_handler.class.test.php
index ee965c0dc9..0bab1d3c4e 100755
--- a/tests/main/inc/lib/session_handler.class.test.php
+++ b/tests/main/inc/lib/session_handler.class.test.php
@@ -13,14 +13,14 @@ class TestSessionHandler extends UnitTestCase {
$this->UnitTestCase('Session handler library - main/inc/lib/session_handler.class.test.php');
}
function testClose() {
- $instancia = new session_handler();
+ $instancia = new SessionHandler();
$res=$instancia->close();
$this->assertTrue(is_bool($res));
//var_dump($res);
}
function testdestroy() {
- $instancia = new session_handler();
+ $instancia = new SessionHandler();
$sess_id='';
$res=$instancia->destroy($sess_id);
$this->assertTrue(is_bool($res));
@@ -28,7 +28,7 @@ class TestSessionHandler extends UnitTestCase {
}
function testgarbage() {
- $instancia = new session_handler();
+ $instancia = new SessionHandler();
$lifetime='';
$res=$instancia->garbage($lifetime);
$this->assertTrue(is_bool($res));
@@ -36,7 +36,7 @@ class TestSessionHandler extends UnitTestCase {
}
function testopen() {
- $instancia = new session_handler();
+ $instancia = new SessionHandler();
$path='';
$name='';
$res=$instancia->open($path,$name);
@@ -45,7 +45,7 @@ class TestSessionHandler extends UnitTestCase {
}
function testread() {
- $instancia = new session_handler();
+ $instancia = new SessionHandler();
$sess_id='';
$res=$instancia->read($sess_id);
$this->assertTrue(is_string($res));
@@ -64,14 +64,14 @@ class TestSessionHandler extends UnitTestCase {
*/
function testsqlClose() {
- $instancia = new session_handler();
+ $instancia = new SessionHandler();
$res=$instancia->sqlClose();
$this->assertTrue(is_bool($res));
//var_dump($res);
}
function testsqlConnect() {
- $instancia = new session_handler();
+ $instancia = new SessionHandler();
$res=$instancia->sqlConnect();
$this->assertTrue(is_bool($res));
//var_dump($res);
@@ -84,7 +84,7 @@ class TestSessionHandler extends UnitTestCase {
$tbl_user = Database::get_main_table(TABLE_MAIN_USER);
$query = 'select user_id from '.$tbl_user;
- $instancia = new session_handler();
+ $instancia = new SessionHandler();
$instancia->connection_handler = mysql_connect($_configuration['db_host'],
$_configuration['db_user'],
$_configuration['db_password']);
@@ -96,7 +96,7 @@ class TestSessionHandler extends UnitTestCase {
}
function testwrite() {
- $instancia = new session_handler();
+ $instancia = new SessionHandler();
$sess_id='';
$sess_value='';
$res=$instancia->write($sess_id,$sess_value);
diff --git a/tests/test_manager.inc.php b/tests/test_manager.inc.php
index 8cc91e83c5..1cd0d4f9b8 100755
--- a/tests/test_manager.inc.php
+++ b/tests/test_manager.inc.php
@@ -168,8 +168,8 @@ function create_test_course($course_code = 'TESTCOURSE') {
$_course['subscribe_allowed'] = $cData['subscribe' ];
$_course['unubscribe_allowed'] = $cData['unsubscribe' ];
- api_session_register('_cid');
- api_session_register('_course');
+ Session::write('_cid',$_cid);
+ Session::write('_course',$_course);
}
/* Load the session */
@@ -206,7 +206,7 @@ function delete_test_course($course_code = 'TESTCOURSE') {
// Check api session destroy
if (!headers_sent() && session_id() != "") {
- $res=api_session_destroy();
+ $res=Session::destroy();
}
}
}
diff --git a/user_portal.php b/user_portal.php
index 3768fd1336..384bd09c56 100644
--- a/user_portal.php
+++ b/user_portal.php
@@ -186,4 +186,4 @@ $controller->tpl->assign('classes_block', $controller->return_classes_block(
$controller->tpl->display_two_col_template();
// Deleting the session_id.
-api_session_unregister('session_id');
\ No newline at end of file
+Session::erase('session_id');
\ No newline at end of file