Thorough review of the BuyCourses plugin - refs #5464

main/inc/lib/internationalization.lib.php

@@ -3315,6 +3315,7 @@ function api_is_valid_date($date, $format = 'Y-m-d H:i:s') {
     $d = DateTime::createFromFormat($format, $date);
     return $d && $d->format($format) == $date;
 }
+
 /**
  * Return the encoding country code for jquery datepicker
  * used for exemple in main/exercice/exercise_report.php
@@ -3331,6 +3332,16 @@ function get_datepicker_langage_code() {
     return $languaje;
 }
 
+/**
+ * Returns the variable translated
+ * @param $variable the string to translate
+ * @param $pluginName the Plugin name
+ * @return string the variable translated
+ */
+function get_plugin_lang($variable, $pluginName) {
+    eval("\$plugin = {$pluginName}::create();");
+    return $plugin->get_lang($variable);
+}
 /**
  * Functions for internal use behind this API
  */

main/inc/lib/plugin.class.php

@@ -544,8 +544,7 @@ class Plugin
     /**
      * Delete a tab to chamilo's platform
      * @param string $key
-     *
-     * @return boolean $resp
+     * @return boolean $resp Transaction response
      */
     public function deleteTab($key)
     {

main/inc/lib/template.lib.php

@@ -91,6 +91,7 @@ class Template
 
         $this->twig = new Twig_Environment($loader, $options);
 
+        $this->twig->addFilter('get_plugin_lang', new Twig_Filter_Function('get_plugin_lang'));
         $this->twig->addFilter('get_lang', new Twig_Filter_Function('get_lang'));
         $this->twig->addFilter('get_path', new Twig_Filter_Function('api_get_path'));
         $this->twig->addFilter('get_setting', new Twig_Filter_Function('api_get_setting'));

plugin/buycourses/config.php

@@ -0,0 +1,13 @@
+<?php
+/* For licensing terms, see /license.txt */
+
+define('TABLE_BUY_COURSE', 'plugin_buy_course');
+define('TABLE_BUY_COURSE_COUNTRY', 'plugin_buy_course_country');
+define('TABLE_BUY_COURSE_PAYPAL', 'plugin_buy_course_paypal');
+define('TABLE_BUY_COURSE_TRANSFERENCE', 'plugin_buy_course_transference');
+define('TABLE_BUY_COURSE_TEMPORAL', 'plugin_buy_course_temporal');
+define('TABLE_BUY_COURSE_SALE', 'plugin_buy_course_sale');
+
+require_once __DIR__ . '/../../main/inc/global.inc.php';
+require_once api_get_path(LIBRARY_PATH) . 'plugin.class.php';
+require_once  api_get_path(PLUGIN_PATH) . 'buy_courses/src/buy_course_plugin.class.php';

plugin/buycourses/database.php

@@ -0,0 +1,343 @@
+<?php
+/**
+ * Created by PhpStorm.
+ * User: fgonzales
+ * Date: 21/05/14
+ * Time: 12:19 PM
+ */
+$objPlugin = Buy_CoursesPlugin::create();
+
+$table = Database::get_main_table(TABLE_BUY_COURSE);
+$sql = "CREATE TABLE IF NOT EXISTS $table (
+    id INT unsigned NOT NULL auto_increment PRIMARY KEY,
+    id_course INT unsigned NOT NULL DEFAULT '0',
+    code VARCHAR(40),
+    title VARCHAR(250),
+    visible int(1),
+    price FLOAT(11,2) NOT NULL DEFAULT '0',
+    sync int(1))";
+Database::query($sql);
+$tableCourse = Database::get_main_table(TABLE_MAIN_COURSE);
+$sql = "SELECT id, code, title FROM $tableCourse";
+$res = Database::query($sql);
+while ($row = Database::fetch_assoc($res)) {
+    $presql = "INSERT INTO $table (id_course, code, title, visible) VALUES ('" . $row['id'] . "','" . $row['code'] . "','" . $row['title'] . "','NO')";
+    Database::query($presql);
+}
+
+$table = Database::get_main_table(TABLE_BUY_COURSE_COUNTRY);
+$sql = "CREATE TABLE IF NOT EXISTS $table (
+    `id_country` int(5) NOT NULL AUTO_INCREMENT,
+    `country_code` char(2) NOT NULL DEFAULT '',
+    `country_name` varchar(45) NOT NULL DEFAULT '',
+    `currency_code` char(3) DEFAULT NULL,
+    `iso_alpha3` char(3) DEFAULT NULL,
+    `status` int(1) DEFAULT '0',
+    PRIMARY KEY (`id_country`)
+    ) DEFAULT CHARSET=utf8 AUTO_INCREMENT=0;";
+Database::query($sql);
+
+$sql = "CREATE UNIQUE INDEX index_country ON $table (`country_code`)";
+Database::query($sql);
+
+$sql = "INSERT INTO $table (`country_code`, `country_name`, `currency_code`, `iso_alpha3`) VALUES
+	('AD', 'Andorra', 'EUR', 'AND'),
+	('AE', 'United Arab Emirates', 'AED', 'ARE'),
+	('AF', 'Afghanistan', 'AFN', 'AFG'),
+	('AG', 'Antigua and Barbuda', 'XCD', 'ATG'),
+	('AI', 'Anguilla', 'XCD', 'AIA'),
+	('AL', 'Albania', 'ALL', 'ALB'),
+	('AM', 'Armenia', 'AMD', 'ARM'),
+	('AO', 'Angola', 'AOA', 'AGO'),
+	('AR', 'Argentina', 'ARS', 'ARG'),
+	('AS', 'American Samoa', 'USD', 'ASM'),
+	('AT', 'Austria', 'EUR', 'AUT'),
+	('AU', 'Australia', 'AUD', 'AUS'),
+	('AW', 'Aruba', 'AWG', 'ABW'),
+	('AX', '&Aring;land', 'EUR', 'ALA'),
+	('AZ', 'Azerbaijan', 'AZN', 'AZE'),
+	('BA', 'Bosnia and Herzegovina', 'BAM', 'BIH'),
+	('BB', 'Barbados', 'BBD', 'BRB'),
+	('BD', 'Bangladesh', 'BDT', 'BGD'),
+	('BE', 'Belgium', 'EUR', 'BEL'),
+	('BF', 'Burkina Faso', 'XOF', 'BFA'),
+	('BG', 'Bulgaria', 'BGN', 'BGR'),
+	('BH', 'Bahrain', 'BHD', 'BHR'),
+	('BI', 'Burundi', 'BIF', 'BDI'),
+	('BJ', 'Benin', 'XOF', 'BEN'),
+	('BL', 'Saint Barth&eacute;lemy', 'EUR', 'BLM'),
+	('BM', 'Bermuda', 'BMD', 'BMU'),
+	('BN', 'Brunei', 'BND', 'BRN'),
+	('BO', 'Bolivia', 'BOB', 'BOL'),
+	('BQ', 'Bonaire', 'USD', 'BES'),
+	('BR', 'Brazil', 'BRL', 'BRA'),
+	('BS', 'Bahamas', 'BSD', 'BHS'),
+	('BT', 'Bhutan', 'BTN', 'BTN'),
+	('BV', 'Bouvet Island', 'NOK', 'BVT'),
+	('BW', 'Botswana', 'BWP', 'BWA'),
+	('BY', 'Belarus', 'BYR', 'BLR'),
+	('BZ', 'Belize', 'BZD', 'BLZ'),
+	('CA', 'Canada', 'CAD', 'CAN'),
+	('CC', 'Cocos [Keeling] Islands', 'AUD', 'CCK'),
+	('CD', 'Congo', 'CDF', 'COD'),
+	('CF', 'Central African Republic', 'XAF', 'CAF'),
+	('CG', 'Republic of the Congo', 'XAF', 'COG'),
+	('CH', 'Switzerland', 'CHF', 'CHE'),
+	('CI', 'Ivory Coast', 'XOF', 'CIV'),
+	('CK', 'Cook Islands', 'NZD', 'COK'),
+	('CL', 'Chile', 'CLP', 'CHL'),
+	('CM', 'Cameroon', 'XAF', 'CMR'),
+	('CN', 'China', 'CNY', 'CHN'),
+	('CO', 'Colombia', 'COP', 'COL'),
+	('CR', 'Costa Rica', 'CRC', 'CRI'),
+	('CU', 'Cuba', 'CUP', 'CUB'),
+	('CV', 'Cape Verde', 'CVE', 'CPV'),
+	('CW', 'Curacao', 'ANG', 'CUW'),
+	('CX', 'Christmas Island', 'AUD', 'CXR'),
+	('CY', 'Cyprus', 'EUR', 'CYP'),
+	('CZ', 'Czechia', 'CZK', 'CZE'),
+	('DE', 'Germany', 'EUR', 'DEU'),
+	('DJ', 'Djibouti', 'DJF', 'DJI'),
+	('DK', 'Denmark', 'DKK', 'DNK'),
+	('DM', 'Dominica', 'XCD', 'DMA'),
+	('DO', 'Dominican Republic', 'DOP', 'DOM'),
+	('DZ', 'Algeria', 'DZD', 'DZA'),
+	('EC', 'Ecuador', 'USD', 'ECU'),
+	('EE', 'Estonia', 'EUR', 'EST'),
+	('EG', 'Egypt', 'EGP', 'EGY'),
+	('EH', 'Western Sahara', 'MAD', 'ESH'),
+	('ER', 'Eritrea', 'ERN', 'ERI'),
+	('ES', 'Spain', 'EUR', 'ESP'),
+	('ET', 'Ethiopia', 'ETB', 'ETH'),
+	('FI', 'Finland', 'EUR', 'FIN'),
+	('FJ', 'Fiji', 'FJD', 'FJI'),
+	('FK', 'Falkland Islands', 'FKP', 'FLK'),
+	('FM', 'Micronesia', 'USD', 'FSM'),
+	('FO', 'Faroe Islands', 'DKK', 'FRO'),
+	('FR', 'France', 'EUR', 'FRA'),
+	('GA', 'Gabon', 'XAF', 'GAB'),
+	('GB', 'United Kingdom', 'GBP', 'GBR'),
+	('GD', 'Grenada', 'XCD', 'GRD'),
+	('GE', 'Georgia', 'GEL', 'GEO'),
+	('GF', 'French Guiana', 'EUR', 'GUF'),
+	('GG', 'Guernsey', 'GBP', 'GGY'),
+	('GH', 'Ghana', 'GHS', 'GHA'),
+	('GI', 'Gibraltar', 'GIP', 'GIB'),
+	('GL', 'Greenland', 'DKK', 'GRL'),
+	('GM', 'Gambia', 'GMD', 'GMB'),
+	('GN', 'Guinea', 'GNF', 'GIN'),
+	('GP', 'Guadeloupe', 'EUR', 'GLP'),
+	('GQ', 'Equatorial Guinea', 'XAF', 'GNQ'),
+	('GR', 'Greece', 'EUR', 'GRC'),
+	('GS', 'South Georgia and the South Sandwich Islands', 'GBP', 'SGS'),
+	('GT', 'Guatemala', 'GTQ', 'GTM'),
+	('GU', 'Guam', 'USD', 'GUM'),
+	('GW', 'Guinea-Bissau', 'XOF', 'GNB'),
+	('GY', 'Guyana', 'GYD', 'GUY'),
+	('HK', 'Hong Kong', 'HKD', 'HKG'),
+	('HM', 'Heard Island and McDonald Islands', 'AUD', 'HMD'),
+	('HN', 'Honduras', 'HNL', 'HND'),
+	('HR', 'Croatia', 'HRK', 'HRV'),
+	('HT', 'Haiti', 'HTG', 'HTI'),
+	('HU', 'Hungary', 'HUF', 'HUN'),
+	('ID', 'Indonesia', 'IDR', 'IDN'),
+	('IE', 'Ireland', 'EUR', 'IRL'),
+	('IL', 'Israel', 'ILS', 'ISR'),
+	('IM', 'Isle of Man', 'GBP', 'IMN'),
+	('IN', 'India', 'INR', 'IND'),
+	('IO', 'British Indian Ocean Territory', 'USD', 'IOT'),
+	('IQ', 'Iraq', 'IQD', 'IRQ'),
+	('IR', 'Iran', 'IRR', 'IRN'),
+	('IS', 'Iceland', 'ISK', 'ISL'),
+	('IT', 'Italy', 'EUR', 'ITA'),
+	('JE', 'Jersey', 'GBP', 'JEY'),
+	('JM', 'Jamaica', 'JMD', 'JAM'),
+	('JO', 'Jordan', 'JOD', 'JOR'),
+	('JP', 'Japan', 'JPY', 'JPN'),
+	('KE', 'Kenya', 'KES', 'KEN'),
+	('KG', 'Kyrgyzstan', 'KGS', 'KGZ'),
+	('KH', 'Cambodia', 'KHR', 'KHM'),
+	('KI', 'Kiribati', 'AUD', 'KIR'),
+	('KM', 'Comoros', 'KMF', 'COM'),
+	('KN', 'Saint Kitts and Nevis', 'XCD', 'KNA'),
+	('KP', 'North Korea', 'KPW', 'PRK'),
+	('KR', 'South Korea', 'KRW', 'KOR'),
+	('KW', 'Kuwait', 'KWD', 'KWT'),
+	('KY', 'Cayman Islands', 'KYD', 'CYM'),
+	('KZ', 'Kazakhstan', 'KZT', 'KAZ'),
+	('LA', 'Laos', 'LAK', 'LAO'),
+	('LB', 'Lebanon', 'LBP', 'LBN'),
+	('LC', 'Saint Lucia', 'XCD', 'LCA'),
+	('LI', 'Liechtenstein', 'CHF', 'LIE'),
+	('LK', 'Sri Lanka', 'LKR', 'LKA'),
+	('LR', 'Liberia', 'LRD', 'LBR'),
+	('LS', 'Lesotho', 'LSL', 'LSO'),
+	('LT', 'Lithuania', 'LTL', 'LTU'),
+	('LU', 'Luxembourg', 'EUR', 'LUX'),
+	('LV', 'Latvia', 'LVL', 'LVA'),
+	('LY', 'Libya', 'LYD', 'LBY'),
+	('MA', 'Morocco', 'MAD', 'MAR'),
+	('MC', 'Monaco', 'EUR', 'MCO'),
+	('MD', 'Moldova', 'MDL', 'MDA'),
+	('ME', 'Montenegro', 'EUR', 'MNE'),
+	('MF', 'Saint Martin', 'EUR', 'MAF'),
+	('MG', 'Madagascar', 'MGA', 'MDG'),
+	('MH', 'Marshall Islands', 'USD', 'MHL'),
+	('MK', 'Macedonia', 'MKD', 'MKD'),
+	('ML', 'Mali', 'XOF', 'MLI'),
+	('MM', 'Myanmar [Burma]', 'MMK', 'MMR'),
+	('MN', 'Mongolia', 'MNT', 'MNG'),
+	('MO', 'Macao', 'MOP', 'MAC'),
+	('MP', 'Northern Mariana Islands', 'USD', 'MNP'),
+	('MQ', 'Martinique', 'EUR', 'MTQ'),
+	('MR', 'Mauritania', 'MRO', 'MRT'),
+	('MS', 'Montserrat', 'XCD', 'MSR'),
+	('MT', 'Malta', 'EUR', 'MLT'),
+	('MU', 'Mauritius', 'MUR', 'MUS'),
+	('MV', 'Maldives', 'MVR', 'MDV'),
+	('MW', 'Malawi', 'MWK', 'MWI'),
+	('MX', 'Mexico', 'MXN', 'MEX'),
+	('MY', 'Malaysia', 'MYR', 'MYS'),
+	('MZ', 'Mozambique', 'MZN', 'MOZ'),
+	('NA', 'Namibia', 'NAD', 'NAM'),
+	('NC', 'New Caledonia', 'XPF', 'NCL'),
+	('NE', 'Niger', 'XOF', 'NER'),
+	('NF', 'Norfolk Island', 'AUD', 'NFK'),
+	('NG', 'Nigeria', 'NGN', 'NGA'),
+	('NI', 'Nicaragua', 'NIO', 'NIC'),
+	('NL', 'Netherlands', 'EUR', 'NLD'),
+	('NO', 'Norway', 'NOK', 'NOR'),
+	('NP', 'Nepal', 'NPR', 'NPL'),
+	('NR', 'Nauru', 'AUD', 'NRU'),
+	('NU', 'Niue', 'NZD', 'NIU'),
+	('NZ', 'New Zealand', 'NZD', 'NZL'),
+	('OM', 'Oman', 'OMR', 'OMN'),
+	('PA', 'Panama', 'PAB', 'PAN'),
+	('PE', 'Peru', 'PEN', 'PER'),
+	('PF', 'French Polynesia', 'XPF', 'PYF'),
+	('PG', 'Papua New Guinea', 'PGK', 'PNG'),
+	('PH', 'Philippines', 'PHP', 'PHL'),
+	('PK', 'Pakistan', 'PKR', 'PAK'),
+	('PL', 'Poland', 'PLN', 'POL'),
+	('PM', 'Saint Pierre and Miquelon', 'EUR', 'SPM'),
+	('PN', 'Pitcairn Islands', 'NZD', 'PCN'),
+	('PR', 'Puerto Rico', 'USD', 'PRI'),
+	('PS', 'Palestine', 'ILS', 'PSE'),
+	('PT', 'Portugal', 'EUR', 'PRT'),
+	('PW', 'Palau', 'USD', 'PLW'),
+	('PY', 'Paraguay', 'PYG', 'PRY'),
+	('QA', 'Qatar', 'QAR', 'QAT'),
+	('RE', 'R&eacute;union', 'EUR', 'REU'),
+	('RO', 'Romania', 'RON', 'ROU'),
+	('RS', 'Serbia', 'RSD', 'SRB'),
+	('RU', 'Russia', 'RUB', 'RUS'),
+	('RW', 'Rwanda', 'RWF', 'RWA'),
+	('SA', 'Saudi Arabia', 'SAR', 'SAU'),
+	('SB', 'Solomon Islands', 'SBD', 'SLB'),
+	('SC', 'Seychelles', 'SCR', 'SYC'),
+	('SD', 'Sudan', 'SDG', 'SDN'),
+	('SE', 'Sweden', 'SEK', 'SWE'),
+	('SG', 'Singapore', 'SGD', 'SGP'),
+	('SH', 'Saint Helena', 'SHP', 'SHN'),
+	('SI', 'Slovenia', 'EUR', 'SVN'),
+	('SJ', 'Svalbard and Jan Mayen', 'NOK', 'SJM'),
+	('SK', 'Slovakia', 'EUR', 'SVK'),
+	('SL', 'Sierra Leone', 'SLL', 'SLE'),
+	('SM', 'San Marino', 'EUR', 'SMR'),
+	('SN', 'Senegal', 'XOF', 'SEN'),
+	('SO', 'Somalia', 'SOS', 'SOM'),
+	('SR', 'Suriname', 'SRD', 'SUR'),
+	('SS', 'South Sudan', 'SSP', 'SSD'),
+	('ST', 'S&atilde;o Tom&eacute; and Pr&iacute;ncipe', 'STD', 'STP'),
+	('SV', 'El Salvador', 'USD', 'SLV'),
+	('SX', 'Sint Maarten', 'ANG', 'SXM'),
+	('SY', 'Syria', 'SYP', 'SYR'),
+	('SZ', 'Swaziland', 'SZL', 'SWZ'),
+	('TC', 'Turks and Caicos Islands', 'USD', 'TCA'),
+	('TD', 'Chad', 'XAF', 'TCD'),
+	('TF', 'French Southern Territories', 'EUR', 'ATF'),
+	('TG', 'Togo', 'XOF', 'TGO'),
+	('TH', 'Thailand', 'THB', 'THA'),
+	('TJ', 'Tajikistan', 'TJS', 'TJK'),
+	('TK', 'Tokelau', 'NZD', 'TKL'),
+	('TL', 'East Timor', 'USD', 'TLS'),
+	('TM', 'Turkmenistan', 'TMT', 'TKM'),
+	('TN', 'Tunisia', 'TND', 'TUN'),
+	('TO', 'Tonga', 'TOP', 'TON'),
+	('TR', 'Turkey', 'TRY', 'TUR'),
+	('TT', 'Trinidad and Tobago', 'TTD', 'TTO'),
+	('TV', 'Tuvalu', 'AUD', 'TUV'),
+	('TW', 'Taiwan', 'TWD', 'TWN'),
+	('TZ', 'Tanzania', 'TZS', 'TZA'),
+	('UA', 'Ukraine', 'UAH', 'UKR'),
+	('UG', 'Uganda', 'UGX', 'UGA'),
+	('UM', 'U.S. Minor Outlying Islands', 'USD', 'UMI'),
+	('US', 'United States', 'USD', 'USA'),
+	('UY', 'Uruguay', 'UYU', 'URY'),
+	('UZ', 'Uzbekistan', 'UZS', 'UZB'),
+	('VA', 'Vatican City', 'EUR', 'VAT'),
+	('VC', 'Saint Vincent and the Grenadines', 'XCD', 'VCT'),
+	('VE', 'Venezuela', 'VEF', 'VEN'),
+	('VG', 'British Virgin Islands', 'USD', 'VGB'),
+	('VI', 'U.S. Virgin Islands', 'USD', 'VIR'),
+	('VN', 'Vietnam', 'VND', 'VNM'),
+	('VU', 'Vanuatu', 'VUV', 'VUT'),
+	('WF', 'Wallis and Futuna', 'XPF', 'WLF'),
+	('WS', 'Samoa', 'WST', 'WSM'),
+	('XK', 'Kosovo', 'EUR', 'XKX'),
+	('YE', 'Yemen', 'YER', 'YEM'),
+	('YT', 'Mayotte', 'EUR', 'MYT'),
+	('ZA', 'South Africa', 'ZAR', 'ZAF'),
+	('ZM', 'Zambia', 'ZMK', 'ZMB'),
+	('ZW', 'Zimbabwe', 'ZWL', 'ZWE')";
+Database::query($sql);
+
+$table = Database::get_main_table(TABLE_BUY_COURSE_PAYPAL);
+$sql = "CREATE TABLE IF NOT EXISTS $table (
+    id INT unsigned NOT NULL auto_increment PRIMARY KEY,
+    sandbox VARCHAR(5) NOT NULL DEFAULT 'YES',
+    username VARCHAR(100) NOT NULL DEFAULT '',
+    password VARCHAR(100) NOT NULL DEFAULT '',
+    signature VARCHAR(100) NOT NULL DEFAULT '')";
+Database::query($sql);
+
+$sql = "INSERT INTO $table (id,username,password,signature) VALUES ('1', 'API_UserName', 'API_Password', 'API_Signature')";
+Database::query($sql);
+
+$table = Database::get_main_table(TABLE_BUY_COURSE_TRANSFERENCE);
+$sql = "CREATE TABLE IF NOT EXISTS $table (
+    id INT unsigned NOT NULL auto_increment PRIMARY KEY,
+    name VARCHAR(100) NOT NULL DEFAULT '',
+    account VARCHAR(100) NOT NULL DEFAULT '',
+    swift VARCHAR(100) NOT NULL DEFAULT '')";
+Database::query($sql);
+
+$table = Database::get_main_table(TABLE_BUY_COURSE_TEMPORAL);
+$sql = "CREATE TABLE IF NOT EXISTS $table (
+    cod INT unsigned NOT NULL auto_increment PRIMARY KEY,
+    user_id INT unsigned NOT NULL,
+    name VARCHAR(255) NOT NULL DEFAULT '',
+    course_code VARCHAR(200) NOT NULL DEFAULT '',
+    title VARCHAR(200) NOT NULL DEFAULT '',
+    reference VARCHAR(20) NOT NULL DEFAULT '',
+    price FLOAT(11,2) NOT NULL DEFAULT '0',
+    date TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP)";
+Database::query($sql);
+
+$table = Database::get_main_table(TABLE_BUY_COURSE_SALE);
+$sql = "CREATE TABLE IF NOT EXISTS $table (
+    cod INT unsigned NOT NULL auto_increment PRIMARY KEY,
+    user_id INT unsigned NOT NULL,
+    course_code VARCHAR(200) NOT NULL DEFAULT '',
+    price FLOAT(11,2) NOT NULL DEFAULT '0',
+    payment_type VARCHAR(100) NOT NULL DEFAULT '',
+    status VARCHAR(20) NOT NULL DEFAULT '',
+    date TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP)";
+Database::query($sql);
+
+//Menu main tabs
+$rsTab = $objPlugin->addTab('Buy Courses', 'plugin/buy_courses/index.php');
+
+if ($rsTab) {
+    echo "<script>location.href = '" . $_SERVER['REQUEST_URI'] . "';</script>";
+}

plugin/buycourses/index.php

@@ -0,0 +1,7 @@
+<?php
+
+/**
+ * Show form
+ */
+require_once('config.php');
+require_once('src/index.buycourses.php');

plugin/buycourses/install.php

@@ -0,0 +1,12 @@
+<?php
+/**
+ * This script is included by main/admin/settings.lib.php and generally
+ * includes things to execute in the main database (settings_current table)
+ * @package chamilo.plugin.bigbluebutton
+ */
+/**
+ * Initialization
+ */
+
+require_once dirname(__FILE__) . '/config.php';
+Buy_CoursesPlugin::create()->install();

plugin/buycourses/js/buycourses.js

@@ -0,0 +1,219 @@
+$(document).ready(function () {
+    $("input[name='price']").change(function () {
+        $(this).parent().next().children().attr("style", "display:none");
+        $(this).parent().next().children().next().attr("style", "display:''");
+        $(this).parent().parent().addClass("fmod")
+        $(this).parent().parent().children().each(function () {
+            $(this).addClass("btop");
+        });
+    });
+
+    $("input[name='price']").keyup(function () {
+        $(this).parent().next().children().attr("style", "display:none");
+        $(this).parent().next().children().next().attr("style", "display:''");
+        $(this).parent().parent().addClass("fmod")
+        $(this).parent().parent().children().each(function () {
+            $(this).addClass("btop");
+        });
+    });
+
+    $("input[name='visible']").change(function () {
+        $(this).parent().next().next().children().attr("style", "display:none");
+        $(this).parent().next().next().children().next().attr("style", "display:''");
+        $(this).parent().parent().addClass("fmod")
+        $(this).parent().parent().children().each(function () {
+            $(this).addClass("btop");
+        });
+    });
+
+    $(".save").click(function () {
+        var visible = $(this).parent().parent().prev().prev().children().attr("checked");
+        var price = $(this).parent().parent().prev().children().attr("value");
+        var id_course = $(this).attr('id');
+        $.post("function.php", {tab: "save_mod", id_course: id_course, visible: visible, price: price},
+            function (data) {
+                if (data.status == "false") {
+                    alert("Database Error");
+                } else {
+                    $("#course" + data.id_course).children().attr("style", "display:''");
+                    $("#course" + data.id_course).children().next().attr("style", "display:none");
+                    $("#course" + data.id_course).parent().removeClass("fmod")
+                    $("#course" + data.id_course).parent().children().each(function () {
+                        $(this).removeClass("btop");
+                    });
+                }
+            }, "json");
+
+    });
+
+    $('#sync').click(function (e) {
+        $.post("function.php", {tab: "sync"},
+            function (data) {
+                if (data.status == "false") {
+                    alert(data.contenido);
+                } else {
+                    alert(data.contenido);
+                    location.reload();
+                }
+            }, "json");
+        e.preventDefault();
+        e.stopPropagation();
+    });
+
+
+    $('#confirm_filter').click(function (e) {
+        var vcourse = $("#course_name").attr("value");
+        var pmin = $("#price_min").attr("value");
+        var pmax = $("#price_max").attr("value");
+        if ($("#mostrar_disponibles").attr("checked") == "checked") {
+            var vshow = "YES";
+        } else {
+            var vshow = "NO";
+        }
+        var vcategory = $("#courses_category").attr("value");
+        $.post("function.php", {tab: "courses_filter", course: vcourse, pricemin: pmin, pricemax: pmax, mostrar: vshow, category: vcategory},
+            function (data) {
+                if (data.status == "false") {
+                    alert(data.content);
+                    $("#course_results").html('');
+                } else {
+                    $("#course_results").html(data.content);
+                }
+                $(document).ready(acciones_ajax);
+            }, "json");
+
+        e.preventDefault();
+        e.stopPropagation();
+    });
+
+    $("#save_currency").click(function (e) {
+        var currency_type = $("#currency_type").attr("value");
+        $.post("function.php", {tab: "save_currency", currency: currency_type},
+            function (data) {
+                alert(data.content);
+            }, "json");
+
+        e.preventDefault();
+        e.stopPropagation();
+    });
+
+    $("#save_paypal").click(function (e) {
+        var name = $("#username").attr("value");
+        var clave = $("#password").attr("value");
+        var firma = $("#signature").attr("value");
+        if ($("#sandbox").attr("checked") == "checked") {
+            var vsandbox = "YES";
+        } else {
+            var vsandbox = "NO";
+        }
+        $.post("function.php", {tab: "save_paypal", username: name, password: clave, signature: firma, sandbox: vsandbox},
+            function (data) {
+                alert(data.content);
+            }, "json");
+
+        e.preventDefault();
+        e.stopPropagation();
+    });
+
+    $("#add_account").click(function (e) {
+        var tname = $("#tname").attr("value");
+        var taccount = $("#taccount").attr("value");
+        var tswift = $("#tswift").attr("value");
+        if (tname == '' || taccount == '') {
+            alert("Complete los campos antes de insertar");
+        } else {
+            $.post("function.php", {tab: "add_account", name: tname, account: taccount, swift: tswift},
+                function (data) {
+                    location.reload();
+                }, "json");
+        }
+        e.preventDefault();
+        e.stopPropagation();
+    });
+
+    $(".delete_account").click(function (e) {
+        var fieldName = $(this).parent().attr("id");
+        var id = $("#id_" + fieldName).val();
+        $.post("function.php", {tab: "delete_account", id: id},
+            function (data) {
+                location.reload();
+            }, "json");
+
+        e.preventDefault();
+        e.stopPropagation();
+    });
+
+    $("#cancel_order").click(function (e) {
+        $.post("function.php", {tab: "unset_variables"});
+        window.location.replace("list.php");
+    });
+
+    $(".clear_order").click(function (e) {
+        var vid = $(this).parent().attr("id");
+        $.post("function.php", {tab: "clear_order", id: vid},
+            function (data) {
+                location.reload();
+            }, "json");
+
+        e.preventDefault();
+        e.stopPropagation();
+    });
+
+    $(".confirm_order").click(function (e) {
+        var vid = $(this).parent().attr("id");
+        $.post("function.php", {tab: "confirm_order", id: vid},
+            function (data) {
+                location.reload();
+            }, "json");
+
+        e.preventDefault();
+        e.stopPropagation();
+    });
+
+    $(".slt_tpv").change(function () {
+        var vcod = $(this).attr("value");
+        $.post("function.php", {tab: "activar_tpv", cod: vcod});
+    });
+});
+
+function acciones_ajax() {
+    $('.ajax').on('click', function () {
+        var url = this.href;
+        var dialog = $("#dialog");
+        if ($("#dialog").length == 0) {
+            dialog = $('<div id="dialog" style="display:none"></div>').appendTo('body');
+        }
+        width_value = 580;
+        height_value = 450;
+        resizable_value = true;
+        new_param = get_url_params(url, 'width');
+        if (new_param) {
+            width_value = new_param;
+        }
+        new_param = get_url_params(url, 'height')
+        if (new_param) {
+            height_value = new_param;
+        }
+        new_param = get_url_params(url, 'resizable');
+        if (new_param) {
+            resizable_value = new_param;
+        }
+        // load remote content
+        dialog.load(
+            url,
+            {},
+            function (responseText, textStatus, XMLHttpRequest) {
+                dialog.dialog({
+                    modal: true,
+                    width: width_value,
+                    height: height_value,
+                    resizable: resizable_value
+                });
+            });
+        //prevent the browser to follow the link
+        return false;
+    });
+
+
+}
+		

plugin/buycourses/lang/english.php

@@ -0,0 +1,52 @@
+<?php
+//Needed in order to show the plugin title
+$strings['plugin_title'] = "Comprar cursos";
+$strings['plugin_comment'] = "Configurar precios, tipos de pago, visibilidad de cursos.";
+
+$strings['Visible'] = "Mostrar en el listado";
+$strings['Options'] = "Opciones";
+$strings['Price'] = "Precio";
+$strings['SyncCourseDatabase'] = "Sincronizar cursos de la base de datos";
+
+$strings['Private'] = "Privado - acceso autorizado s&oacute;lo para los miembros del curso";
+$strings['CourseVisibilityClosed'] = "Cerrado - no hay acceso a este curso";
+$strings['OpenToThePlatform'] = "Abierto - acceso autorizado s&oacute;lo para los usuarios registrados en la plataforma";
+$strings['OpenToTheWorld'] = "P&uacute;blico - acceso autorizado a cualquier persona";
+
+$strings['bc_setting_courses_available'] = "Configuraci&oacute;n de cursos disponibles";
+$strings['bc_setting_pay'] = "Configuraci&oacute;n pagos";
+
+$strings['Description'] = "Descripci&oacute;n";
+$strings['Buy'] = "Comprar";
+$strings['Filtro_buscar'] = "Filtro de busqueda";
+$strings['Curso'] = "Curso";
+$strings['Price_Maximum'] = "Precio mayor de";
+$strings['Price_Minimum'] = "Precio menor de";
+$strings['Mostrar_disponibles'] = "Mostrar cursos disponibles";
+$strings['Categorias'] = "Categorias";
+
+$strings['paypal_enable'] = "Habilitar PayPal";
+$strings['tarjet_credit_enable'] = "Habilitar TPV";
+$strings['transference_enable'] = "Habilitar transferencia";
+$strings['unregistered_users_enable'] = "Permitir usuarios sin registro en la plataforma";
+
+$strings['EnrollToCourseXSuccessful'] = "Su inscripci<EFBFBD>n en el curso %s se ha completado.";
+$strings['ErrorContactPlatformAdmin'] = "Se ha producido un error desconocido. Por favor, p<EFBFBD>ngase en contacto con el administrador de la plataforma.";
+$strings['Cancelacionpedido'] = "El pedido se ha cancelado.";
+$strings['AlreadyBuy'] = "Ya est<EFBFBD> matriculado en el curso";
+$strings['Message_conf_transf'] = "Una vez confirmado, recibira un e-mail con los datos bancarios y una referencia del pedido.";
+$strings['bc_subject'] = "Confirmaci<EFBFBD>n pedido de cursos";
+$strings['bc_message'] = "Estimado {{name}}. <br />En cuanto recibamos confirmaci&oacute;n de pago procederemos a dar de alta su usuario en el curso <strong>{{curso}}</strong>.<br><br><strong>No olvide indicar en el concepto de la transferencia el n&uacute;mero de referencia del pedido: <div style='display:inline;text-align:center; font-weight:bold; font-size:20px; color:#333'>{{reference}}</div></strong>";
+$strings['bc_registrado'] = 'Ya se encuentra registrado en el curso';
+$strings['bc_tmp_registrado'] = 'Se encuentra a la espera de recibir el pago';
+
+$strings['bc_confi_index'] = 'Configuraci<EFBFBD>n cursos y precio';
+$strings['bc_pagos_index'] = 'Configuraci<EFBFBD>n pagos';
+$strings['bc_pending'] = 'Pedidos pendientes de pago';
+
+$strings['Ref_pedido'] = 'Referencia del pedido';
+$strings['transferencia_bancaria'] = 'Transferencia Bancaria';
+$strings['paypal'] = 'PayPal';
+$strings['confirmar_compra'] = 'Confirmar compra de curso';
+
+$strings['The_User_Is_Already_Registered'] = 'El usuario ya está registrado';

plugin/buycourses/lang/spanish.php

@@ -0,0 +1,69 @@
+<?php
+//Needed in order to show the plugin title
+$strings['plugin_title'] = "Comprar cursos";
+$strings['plugin_comment'] = "Configurar precios, tipos de pago, visibilidad de cursos.";
+
+$strings['Visible'] = "Mostrar en el listado";
+$strings['Options'] = "Opciones";
+$strings['Price'] = "Precio";
+$strings['SyncCourseDatabase'] = "Sincronizar cursos de la base de datos";
+
+$strings['Private'] = "Privado - acceso autorizado s&oacute;lo para los miembros del curso";
+$strings['CourseVisibilityClosed'] = "Cerrado - no hay acceso a este curso";
+$strings['OpenToThePlatform'] = "Abierto - acceso autorizado s&oacute;lo para los usuarios registrados en la plataforma";
+$strings['OpenToTheWorld'] = "P&uacute;blico - acceso autorizado a cualquier persona";
+
+$strings['Description'] = "Descripci&oacute;n";
+$strings['Buy'] = "Comprar";
+$strings['Mostrar_disponibles'] = "Mostrar cursos disponibles";
+
+$strings['paypal_enable'] = "Habilitar PayPal";
+$strings['transference_enable'] = "Habilitar transferencia";
+$strings['unregistered_users_enable'] = "Permitir usuarios sin registro en la plataforma";
+$strings['Cancelacionpedido'] = "El pedido se ha cancelado.";
+$strings['AlreadyBuy'] = "Ya est<EFBFBD> matriculado en el curso";
+$strings['bc_subject'] = "Confirmaci<EFBFBD>n pedido de cursos";
+
+$strings['paypal'] = 'PayPal';
+$strings['confirmar_compra'] = 'Confirmar compra de curso';
+
+$strings['TheUserIsAlreadyRegistered'] = 'El usuario ya está registrado';
+$strings['ProblemToSaveTheCurrencyType'] = 'Problema al guardar el tipo de moneda';
+$strings['ProblemToSaveThePaypalParameters'] = 'Problema para guardar los parametros de Paypal';
+$strings['ProblemToInsertANewAccount'] = 'Problemas para insertar una nueva cuenta';
+$strings['ProblemToDeleteTheAccount'] = 'Problema para eliminar la cuenta';
+$strings['ProblemToSaveTheMessage'] = 'Problema para guardar el mensaje';
+$strings['ProblemToSubscribeTheUser'] = 'Problema para suscribir el usuario';
+$strings['TheSubscriptionAndActivationWereDoneSuccessfully'] = 'La suscripción y la activación se realizaron con éxito.';
+$strings['TheUserIsAlreadyRegisteredInTheCourse'] = 'El usuario ya está registrado en el curso.';
+$strings['CourseListOnSale'] = 'Lista de cursos a la venta';
+$strings['BuyCourses'] = 'Comprar cursos';
+$strings['ConfigurationOfCoursesAndPrices'] = 'Configuración de los cursos y precios';
+$strings['ConfigurationOfPayments'] = 'Configuración de pagos';
+$strings['OrdersPendingOfPayment'] = 'Pedidos pendientes de pago';
+$strings['AvailableCoursesConfiguration'] = 'Configuración de cursos disponibles';
+$strings['PaymentsConfiguration'] = 'Configuración de Pagos';
+$strings['bc_message'] = "Estimado {{name}}. <br />En cuanto recibamos confirmaci&oacute;n de pago procederemos a dar de alta su usuario en el curso <strong>{{curso}}</strong>.<br><br><strong>No olvide indicar en el concepto de la transferencia el n&uacute;mero de referencia del pedido: <div style='display:inline;text-align:center; font-weight:bold; font-size:20px; color:#333'>{{reference}}</div></strong>";
+$strings['Categories'] = "Categorias";
+$strings['BankTransference'] = 'Transferencia Bancaria';
+$strings['EnrollToCourseXSuccessful'] = "Su inscripción en el curso %s se ha completado.";
+$strings['SearchFilter'] = "Filtro de búsqueda";
+$strings['MinimumPrice'] = "Precio menor de";
+$strings['MaximumPrice'] = "Precio mayor de";
+$strings['AvailableCourses'] = "Cursos disponibles";
+$strings['PaymentConfiguration'] = "Configuración de Pagos";
+$strings['WaitingToReceiveThePayment'] = "Se encuentra a la espera de recibir el pago";
+$strings['CurrencyType'] = "Tipo de moneda";
+$strings['SelectACurrency'] = "Seleccione una moneda";
+$strings['Sandbox'] = "Entorno de Pruebas";
+$strings['BankAccount'] = "Cuenta Bancaria";
+$strings['SubscribeUser'] = "Suscribir Usuario";
+$strings['DeleteTheOrder'] = "Eliminar el Pedido";
+$strings['ReferenceOrder'] = 'Referencia del pedido';
+$strings['UserInformation'] = 'Información del Usuario';
+$strings['OnceItIsConfirmed,YouWillReceiveAnEmailWithTheBankInformationAndAnOrderReference'] = "Una vez confirmado, recibira un e-mail con los datos bancarios y una referencia del pedido.";
+$strings['BankAccountInformation'] = 'Información de la Cuenta Bancaria';
+$strings['ConfirmOrder'] = 'Confirmar Orden';
+$strings['PaymentMethods'] = 'Métodos de pago';
+$strings['CancelOrder'] = 'Cancelar Orden';
+$strings['ErrorContactPlatformAdmin'] = "Se ha producido un error desconocido. Por favor, póngase en contacto con el administrador de la plataforma.";

plugin/buycourses/plugin.php

@@ -0,0 +1,13 @@
+<?php
+/**
+ * This script is a configuration file for the date plugin. You can use it as a master for other platform plugins (course plugins are slightly different).
+ * These settings will be used in the administration interface for plugins (Chamilo configuration settings->Plugins)
+ * @package chamilo.plugin
+ * @author Yannick Warnier <ywarnier@beeznest.org>
+ */
+/**
+ * Plugin details (must be present)
+ */
+
+require_once dirname(__FILE__) . '/config.php';
+$plugin_info = Buy_CoursesPlugin::create()->get_info();

plugin/buycourses/readme.txt

@@ -0,0 +1,5 @@
+Buy Courses<br/><br/>
+Users can access to the catalog to buy the visible courses.<br/>
+If the user is unregistered this user will be requested to register.<br/>
+Once the course is chosen Chamilo is going to show different enabled payment types. <br/>
+Finally the user will receive through email the user and password to access to the chosen course. <br/>

plugin/buycourses/resources/content.css

@@ -0,0 +1,105 @@
+body {
+    background-color: #FFFFFF;
+    font-family: Verdana, Arial, Helvetica, sans-serif;
+    font-size: 10px;
+    scrollbar-3dlight-color: #F0F0EE;
+    scrollbar-arrow-color: #676662;
+    scrollbar-base-color: #F0F0EE;
+    scrollbar-darkshadow-color: #DDDDDD;
+    scrollbar-face-color: #E0E0DD;
+    scrollbar-highlight-color: #F0F0EE;
+    scrollbar-shadow-color: #F0F0EE;
+    scrollbar-track-color: #F5F5F5;
+}
+
+td {
+    font-family: Verdana, Arial, Helvetica, sans-serif;
+    font-size: 10px;
+}
+
+pre {
+    font-family: Verdana, Arial, Helvetica, sans-serif;
+    font-size: 10px;
+}
+
+.example1 {
+    font-weight: bold;
+    font-size: 14px
+}
+
+.example2 {
+    font-weight: bold;
+    font-size: 12px;
+    color: #FF0000
+}
+
+.tablerow1 {
+    background-color: #BBBBBB;
+}
+
+thead {
+    background-color: #FFBBBB;
+}
+
+tfoot {
+    background-color: #BBBBFF;
+}
+
+th {
+    font-family: Verdana, Arial, Helvetica, sans-serif;
+    font-size: 13px;
+}
+
+/* Basic formats */
+
+.bold {
+    font-weight: bold;
+}
+
+.italic {
+    font-style: italic;
+}
+
+.underline {
+    text-decoration: underline;
+}
+
+/* Global align classes */
+
+.left {
+    text-align: inherit;
+}
+
+.center {
+    text-align: center;
+}
+
+.right {
+    text-align: right;
+}
+
+.full {
+    text-align: justify
+}
+
+/* Image and table specific aligns */
+
+img.left, table.left {
+    float: left;
+    text-align: inherit;
+}
+
+img.center, table.center {
+    margin-left: auto;
+    margin-right: auto;
+    text-align: inherit;
+}
+
+img.center {
+    display: block;
+}
+
+img.right, table.right {
+    float: right;
+    text-align: inherit;
+}

plugin/buycourses/resources/plugin.css

@@ -0,0 +1,79 @@
+.cleared {
+    content: ".";
+    display: block;
+    height: 0;
+    clear: both;
+    visibility: hidden;
+    line-height: 0;
+}
+
+table td.ta-center, table th.ta-center {
+    text-align: center;
+}
+
+#courses_table td, #transference_table td, #order_table td {
+    vertical-align: middle;
+}
+
+#courses_table td input.price, #transference_table td input, #currency_type {
+    margin: 0;
+}
+
+#courses_table td.btop {
+    border-top: 1px solid red;
+    border-bottom: 1px solid red;
+}
+
+#courses_table tr.fmod {
+    border: 1px solid red;
+    background: #FFE0E0;
+}
+
+.sprice {
+    color: #FF5555;
+    font-size: 26px;
+    font-weight: 500;
+    margin: 15px 0;
+    text-shadow: 2px 1px 0 #222222;
+}
+
+.dinline {
+    display: inline;
+}
+
+.fright {
+    float: right;
+}
+
+.cursor {
+    cursor: pointer;
+}
+
+.ta-center {
+    text-align: center;
+}
+
+textarea#message {
+    width: 50%;
+}
+
+.send_result {
+    font-weight: bold;
+}
+
+select#lsessions, select#lcourses, select#lexercises, select#status {
+    margin-bottom: 0px;
+}
+
+.column_field_filter {
+    padding: 6px 10px 1px 1px;
+    text-align: right;
+}
+
+.height5 {
+    height: 5px;
+}
+
+.margin-left-fifty{
+    margin-left: 50px !important;
+}

plugin/buycourses/src/ajax.php

@@ -0,0 +1,29 @@
+<?php
+
+require_once '../config.php';
+require_once api_get_path(LIBRARY_PATH) . 'mail.lib.inc.php';
+
+$language_file = array('course_description');
+
+// Get the name of the database course.		
+$tbl_course_description = Database::get_course_table(TABLE_COURSE_DESCRIPTION);
+
+$code = Database::escape_string($_GET['code']);
+$course_info = api_get_course_info($code);
+echo Display::tag('h2', $course_info['name']);
+echo '<br />';
+
+$sql = "SELECT * FROM $tbl_course_description
+    WHERE c_id = " . intval($course_info['real_id']) . "
+    AND session_id = 0 ORDER BY id";
+
+$result = Database::query($sql);
+if (Database::num_rows($result) > 0) {
+    while ($description = Database::fetch_object($result)) {
+        $descriptions[$description->id] = $description;
+    }
+    // Function that displays the details of the course description in html.
+    echo CourseManager::get_details_course_description_html($descriptions, api_get_system_encoding(), false);
+} else {
+    echo get_lang('NoDescription');
+}		

plugin/buycourses/src/buy_course.lib.php

@@ -0,0 +1,342 @@
+<?php
+/**
+ * Functions
+ * @package chamilo.plugin.notify
+ */
+require_once '../../../main/inc/global.inc.php';
+require_once '../config.php';
+require_once api_get_path(LIBRARY_PATH) . 'plugin.class.php';
+
+function sync()
+{
+    $tableBuyCourse = Database::get_main_table(TABLE_BUY_COURSE);
+    $tableCourse = Database::get_main_table(TABLE_MAIN_COURSE);
+
+    $sql = "UPDATE $tableBuyCourse SET sync = 0";
+    Database::query($sql);
+
+    $sql = "SELECT id FROM $tableCourse";
+    $res = Database::query($sql);
+    while ($row = Database::fetch_assoc($res)) {
+        $sql = "SELECT 1 FROM $tableBuyCourse WHERE id_course='" . $row['id'] . "';";
+        Database::query($sql);
+        if (Database::affected_rows() > 0) {
+            $sql = "UPDATE $tableBuyCourse SET sync = 1 WHERE id_course='" . $row['id'] . "';";
+            Database::query($sql);
+        } else {
+            $sql = "INSERT INTO $tableBuyCourse (id_course, visible, sync) VALUES ('" . $row['id'] . "', 0, 1);";
+            Database::query($sql);
+        }
+    }
+    $sql = "DELETE FROM $tableBuyCourse WHERE sync = 0;";
+    Database::query($sql);
+}
+
+function listCourses()
+{
+    $tableBuyCourse = Database::get_main_table(TABLE_BUY_COURSE);
+    $tableCourse = Database::get_main_table(TABLE_MAIN_COURSE);
+    $sql = "SELECT a.id_course, a.visible, a.price, b.*
+        FROM $tableBuyCourse a, $tableCourse b
+        WHERE a.id_course = b.id;";
+
+    $res = Database::query($sql);
+    $aux = array();
+    while ($row = Database::fetch_assoc($res)) {
+        $aux[] = $row;
+    }
+
+    return $aux;
+}
+
+function userCourseList()
+{
+    $tableBuyCourse = Database::get_main_table(TABLE_BUY_COURSE);
+    $tableCourse = Database::get_main_table(TABLE_MAIN_COURSE);
+    $tableCourseRelUser = Database::get_main_table(TABLE_MAIN_COURSE_USER);
+    $tableBuyCourseTemporal = Database::get_main_table(TABLE_BUY_COURSE_TEMPORAL);
+
+    $sql = "SELECT a.id_course, a.visible, a.price, b.*
+        FROM $tableBuyCourse a, $tableCourse b
+        WHERE a.id_course = b.id AND a.visible = 1;";
+    $res = Database::query($sql);
+    $aux = array();
+    while ($row = Database::fetch_assoc($res)) {
+        //check teacher
+        $sql = "SELECT lastname, firstname
+        FROM course_rel_user a, user b
+        WHERE a.course_code='" . $row['code'] . "'
+        AND a.role<>'' AND a.role<>'NULL'
+        AND a.user_id=b.user_id;";
+
+        $tmp = Database::query($sql);
+        $rowTmp = Database::fetch_assoc($tmp);
+        $row['teacher'] = $rowTmp['firstname'] . ' ' . $rowTmp['lastname'];
+        //check if the user is enrolled
+        if (isset($_SESSION['_user']) || $_SESSION['_user']['user_id'] != '') {
+            $sql = "SELECT 1 FROM $tableCourseRelUser
+                WHERE course_code='" . $row['code'] . "'
+                AND user_id='" . $_SESSION['_user']['user_id'] . "';";
+            Database::query($sql);
+            if (Database::affected_rows() > 0) {
+                $row['enrolled'] = "YES";
+            } else {
+                $sql = "SELECT 1 FROM $tableBuyCourseTemporal
+                    WHERE course_code='" . $row['code'] . "'
+                    AND user_id='" . $_SESSION['_user']['user_id'] . "';";
+                Database::query($sql);
+                if (Database::affected_rows() > 0) {
+                    $row['enrolled'] = "TMP";
+                } else {
+                    $row['enrolled'] = "NO";
+                }
+            }
+        } else {
+            $sql = "SELECT 1 FROM $tableBuyCourseTemporal
+                WHERE course_code='" . $row['code'] . "'
+                AND user_id='" . $_SESSION['_user']['user_id'] . "';";
+            Database::query($sql);
+            if (Database::affected_rows() > 0) {
+                $row['enrolled'] = "TMP";
+            } else {
+                $row['enrolled'] = "NO";
+            }
+        }
+        //check images
+        if (file_exists("../../courses/" . $row['code'] . "/course-pic85x85.png")) {
+            $row['course_img'] = "courses/" . $row['code'] . "/course-pic85x85.png";
+        } else {
+            $row['course_img'] = "main/img/without_picture.png";
+        }
+        $row['price'] = number_format($row['price'], 2, '.', ' ');
+        $aux[] = $row;
+    }
+
+    return $aux;
+}
+
+function checkUserCourse($course, $user)
+{
+    $tableCourseRelUser = Database::get_main_table(TABLE_MAIN_COURSE_USER);
+    $sql = "SELECT 1 FROM $tableCourseRelUser
+        WHERE course_code='" . $course . "'
+        AND user_id='" . $user . "';";
+    Database::query($sql);
+    if (Database::affected_rows() > 0) {
+        return true;
+    } else {
+        return false;
+    }
+}
+
+function checkUserCourseTransference($course, $user)
+{
+    $tableBuyCourseTemporal = Database::get_main_table(TABLE_BUY_COURSE_TEMPORAL);
+    $sql = "SELECT 1 FROM $tableBuyCourseTemporal
+        WHERE course_code='" . $course . "'
+        AND user_id='" . $user . "';";
+    Database::query($sql);
+    if (Database::affected_rows() > 0) {
+        return true;
+    } else {
+        return false;
+    }
+}
+
+function listCategories()
+{
+    $tblCourseCategory = Database::get_main_table(TABLE_MAIN_CATEGORY);
+    $sql = "SELECT code, name FROM $tblCourseCategory";
+    $res = Database::query($sql);
+    $aux = array();
+    while ($row = Database::fetch_assoc($res)) {
+        $aux[] = $row;
+    }
+
+    return $aux;
+}
+
+/**
+ * Return an icon representing the visibility of the course
+ */
+function getCourseVisibilityIcon($option)
+{
+    $style = 'margin-bottom:-5px;margin-right:5px;';
+    switch ($option) {
+        case 0:
+            return Display::return_icon('bullet_red.gif', get_lang('CourseVisibilityClosed'), array('style' => $style));
+            break;
+        case 1:
+            return Display::return_icon('bullet_orange.gif', get_lang('Private'), array('style' => $style));
+            break;
+        case 2:
+            return Display::return_icon('bullet_green.gif', get_lang('OpenToThePlatform'), array('style' => $style));
+            break;
+        case 3:
+            return Display::return_icon('bullet_blue.gif', get_lang('OpenToTheWorld'), array('style' => $style));
+            break;
+        default:
+            return '';
+    }
+}
+
+function listCurrency()
+{
+    $tableBuyCourseCountry = Database::get_main_table(TABLE_BUY_COURSE_COUNTRY);
+    $sql = "SELECT * FROM $tableBuyCourseCountry
+        ORDER BY country_name ASC";
+    $res = Database::query($sql);
+    $aux = array();
+    while ($row = Database::fetch_assoc($res)) {
+        $aux[] = $row;
+    }
+
+    return $aux;
+}
+
+function listAccounts()
+{
+    $tableBuyCourseTransference = Database::get_main_table(TABLE_BUY_COURSE_TRANSFERENCE);
+    $sql = "SELECT * FROM $tableBuyCourseTransference";
+    $res = Database::query($sql);
+    $aux = array();
+    while ($row = Database::fetch_assoc($res)) {
+        $aux[] = $row;
+    }
+
+    return $aux;
+}
+
+function paypalParameters()
+{
+    $tableBuyCoursePaypal = Database::get_main_table(TABLE_BUY_COURSE_PAYPAL);
+    $sql = "SELECT * FROM $tableBuyCoursePaypal";
+    $res = Database::query($sql);
+    $row = Database::fetch_assoc($res);
+
+    return $row;
+}
+
+function transferenceParameters()
+{
+    $tableBuyCourseTransference = Database::get_main_table(TABLE_BUY_COURSE_TRANSFERENCE);
+    $sql = "SELECT * FROM $tableBuyCourseTransference";
+    $res = Database::query($sql);
+    $aux = array();
+    while ($row = Database::fetch_assoc($res)) {
+        $aux[] = $row;
+    }
+
+    return $aux;
+}
+
+function findCurrency()
+{
+    $tableBuyCourseCountry = Database::get_main_table(TABLE_BUY_COURSE_COUNTRY);
+    $sql = "SELECT * FROM $tableBuyCourseCountry WHERE status='1';";
+    $res = Database::query($sql);
+    $row = Database::fetch_assoc($res);
+
+    return $row['currency_code'];
+}
+
+function courseInfo($code)
+{
+    $tableBuyCourse = Database::get_main_table(TABLE_BUY_COURSE);
+    $tableCourseRelUser = Database::get_main_table(TABLE_MAIN_COURSE_USER);
+    $tableUser = Database::get_main_table(TABLE_MAIN_USER);
+
+    $sql = "SELECT a.id_course, a.visible, a.price, b.*
+        FROM $tableBuyCourse a, course b
+        WHERE a.id_course=b.id
+        AND a.visible = 1
+        AND b.id = '" . $code . "';";
+    $res = Database::query($sql);
+    $row = Database::fetch_assoc($res);
+    // Check teacher
+    $sql = "SELECT lastname, firstname
+        FROM $tableCourseRelUser a, $tableUser b
+        WHERE a.course_code = '" . $row['code'] . "'
+        AND a.role <> '' AND a.role <> 'NULL'
+        AND a.user_id = b.user_id;";
+    $tmp = Database::query($sql);
+    $rowTmp = Database::fetch_assoc($tmp);
+    $row['teacher'] = $rowTmp['firstname'] . ' ' . $rowTmp['lastname'];
+    //Check if student is enrolled
+    if (isset($_SESSION['_user']) || $_SESSION['_user']['user_id'] != '') {
+        $sql = "SELECT 1 FROM $tableCourseRelUser
+            WHERE course_code='" . $row['code'] . "'
+            AND user_id='" . $_SESSION['_user']['user_id'] . "';";
+        Database::query($sql);
+        if (Database::affected_rows() > 0) {
+            $row['enrolled'] = "YES";
+        } else {
+            $row['enrolled'] = "NO";
+        }
+    } else {
+        $row['enrolled'] = "NO";
+    }
+    //check img
+    if (file_exists("../../courses/" . $row['code'] . "/course-pic85x85.png")) {
+        $row['course_img'] = "courses/" . $row['code'] . "/course-pic85x85.png";
+    } else {
+        $row['course_img'] = "main/img/without_picture.png";
+    }
+    $row['price'] = number_format($row['price'], 2, '.', ' ');
+
+    return $row;
+}
+
+function randomText($long = 6, $minWords = true, $maxWords = true, $number = true)
+{
+    $salt = $minWords ? 'abchefghknpqrstuvwxyz' : '';
+    $salt .= $maxWords ? 'ACDEFHKNPRSTUVWXYZ' : '';
+    $salt .= $number ? (strlen($salt) ? '2345679' : '0123456789') : '';
+
+    if (strlen($salt) == 0) {
+        return '';
+    }
+
+    $i = 0;
+    $str = '';
+
+    srand((double)microtime() * 1000000);
+
+    while ($i < $long) {
+        $number = rand(0, strlen($salt) - 1);
+        $str .= substr($salt, $number, 1);
+        $i++;
+    }
+
+    return $str;
+}
+
+function calculateReference()
+{
+    $tableBuyCourseTemporal = Database::get_main_table(TABLE_BUY_COURSE_TEMPORAL);
+    $sql = "SELECT MAX(cod) as cod FROM $tableBuyCourseTemporal";
+    $res = Database::query($sql);
+    $row = Database::fetch_assoc($res);
+    if ($row['cod'] != '') {
+        $reference = $row['cod'];
+    } else {
+        $reference = '1';
+    }
+    $randomText = randomText();
+    $reference .= $randomText;
+
+    return $reference;
+}
+
+function pendingList()
+{
+    $tableBuyCourseTemporal = Database::get_main_table(TABLE_BUY_COURSE_TEMPORAL);
+    $sql = "SELECT * FROM $tableBuyCourseTemporal;";
+    $res = Database::query($sql);
+    $aux = array();
+    while ($row = Database::fetch_assoc($res)) {
+        $aux[] = $row;
+    }
+
+    return $aux;
+}

plugin/buycourses/src/buy_course_plugin.class.php

@@ -0,0 +1,63 @@
+<?php
+
+/**
+ * Description of buy_courses_plugin
+ *
+ * @copyright (c) 2013 Nosolored
+ * @author Jose Angel Ruiz    <jaruiz@nosolored.com>
+ */
+class Buy_CoursesPlugin extends Plugin
+{
+    /**
+     *
+     * @return StaticPlugin
+     */
+    static function create()
+    {
+        static $result = null;
+        return $result ? $result : $result = new self();
+    }
+
+    protected function __construct()
+    {
+        parent::__construct('1.0', 'Jose Angel Ruiz, Francis Gonzales', array('paypal_enable' => 'boolean', 'transference_enable' => 'boolean', 'unregistered_users_enable' => 'boolean'));
+    }
+
+    /**
+     * This method creates the tables required to this plugin
+     */
+    function install()
+    {
+        require_once api_get_path(SYS_PLUGIN_PATH) . 'buy_courses/database.php';
+    }
+
+    /**
+     * This method drops the plugin tables
+     */
+    function uninstall()
+    {
+        $table = Database::get_main_table(TABLE_BUY_COURSE);
+        $sql = "DROP TABLE IF EXISTS $table";
+        Database::query($sql);
+   
+        $table = Database::get_main_table(TABLE_BUY_COURSE_COUNTRY);
+        $sql = "DROP TABLE IF EXISTS $table";
+        Database::query($sql);
+
+        $table = Database::get_main_table(TABLE_BUY_COURSE_PAYPAL);
+        $sql = "DROP TABLE IF EXISTS $table";
+        Database::query($sql);
+
+        $table = Database::get_main_table(TABLE_BUY_COURSE_TRANSFERENCE);
+        $sql = "DROP TABLE IF EXISTS $table";
+        Database::query($sql);
+
+        $table = Database::get_main_table(TABLE_BUY_COURSE_TEMPORAL);
+        $sql = "DROP TABLE IF EXISTS $table";
+        Database::query($sql);
+
+        $table = Database::get_main_table(TABLE_BUY_COURSE_SALE);
+        $sql = "DROP TABLE IF EXISTS $table";
+        Database::query($sql);
+    }
+}

plugin/buycourses/src/configuration.php

@@ -0,0 +1,46 @@
+<?php
+/**
+ * Initialization
+ */
+require_once dirname(__FILE__) . '/buy_course.lib.php';
+require_once '../../../main/inc/global.inc.php';
+require_once 'buy_course_plugin.class.php';
+
+$plugin = Buy_CoursesPlugin::create();
+
+$_cid = 0;
+$templateName = $plugin->get_lang('AvailableCourses');
+$interbreadcrumb[] = array("url" => "list.php", "name" => $plugin->get_lang('CourseListOnSale'));
+$interbreadcrumb[] = array("url" => "paymentsetup.php", "name" => get_lang('Configuration'));
+
+$tpl = new Template($templateName);
+
+$teacher = api_is_platform_admin();
+api_protect_course_script(true);
+
+if ($teacher) {
+    // sync course table with the plugin
+    sync();
+    $visibility = array();
+    $visibility[] = getCourseVisibilityIcon('0');
+    $visibility[] = getCourseVisibilityIcon('1');
+    $visibility[] = getCourseVisibilityIcon('2');
+    $visibility[] = getCourseVisibilityIcon('3');
+
+    $coursesList = listCourses();
+    $confirmationImgPath = api_get_path(WEB_PLUGIN_PATH) . 'buy_courses/resources/message_confirmation.png';
+    $saveImgPath = api_get_path(WEB_PLUGIN_PATH) . 'buy_courses/resources/save.png';
+    $currencyType = findCurrency();
+
+    $tpl->assign('server', $_configuration['root_web']);
+    $tpl->assign('courses', $coursesList);
+    $tpl->assign('visibility', $visibility);
+    $tpl->assign('confirmation_img', $confirmationImgPath);
+    $tpl->assign('save_img', $saveImgPath);
+    $tpl->assign('currency', $currencyType);
+
+    $listing_tpl = 'buy_courses/view/configuration.tpl';
+    $content = $tpl->fetch($listing_tpl);
+    $tpl->assign('content', $content);
+    $tpl->display_one_col_template();
+}

plugin/buycourses/src/error.php

@@ -0,0 +1,18 @@
+<?php
+$course_plugin = 'buy_courses';
+require_once 'buy_course.lib.php';
+require_once 'buy_course_plugin.class.php';
+
+unset($_SESSION['bc_user_id']);
+unset($_SESSION['bc_registered']);
+unset($_SESSION['bc_course_code']);
+unset($_SESSION['bc_course_title']);
+unset($_SESSION['Payment_Amount']);
+unset($_SESSION['currencyCodeType']);
+unset($_SESSION['PaymentType']);
+unset($_SESSION['nvpReqArray']);
+unset($_SESSION['TOKEN']);
+$_SESSION['bc_success'] = false;
+$_SESSION['bc_message'] = 'CancelOrder';
+
+header('Location:list.php');

plugin/buycourses/src/expresscheckout.php

@@ -0,0 +1,41 @@
+<?php
+
+require_once 'paypalfunctions.php';
+/**
+ * PayPal Express Checkout Module
+ *
+ * The paymentAmount is the total value of
+ * the shopping cart, that was set
+ * earlier in a session variable
+ * by the shopping cart page
+ */
+$paymentAmount = $_SESSION["Payment_Amount"];
+
+/**
+ * The currencyCodeType and paymentType
+ * are set to the selections made on the Integration Assistant
+ */
+$paymentType = "Sale";
+
+/**
+ * Calls the SetExpressCheckout API call
+ * The CallShortcutExpressCheckout function is defined in the file PayPalFunctions.php,
+ * it is included at the top of this file.
+ */
+$resArray = CallShortcutExpressCheckout($paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL);
+$ack = strtoupper($resArray["ACK"]);
+if ($ack == "SUCCESS" || $ack == "SUCCESSWITHWARNING") {
+    RedirectToPayPal($resArray["TOKEN"]);
+} else {
+    //Display a user friendly Error on the page using any of the following error information returned by PayPal
+    $ErrorCode = urldecode($resArray["L_ERRORCODE0"]);
+    $ErrorShortMsg = urldecode($resArray["L_SHORTMESSAGE0"]);
+    $ErrorLongMsg = urldecode($resArray["L_LONGMESSAGE0"]);
+    $ErrorSeverityCode = urldecode($resArray["L_SEVERITYCODE0"]);
+
+    echo "SetExpressCheckout API call failed. ";
+    echo "Detailed Error Message: " . $ErrorLongMsg;
+    echo "Short Error Message: " . $ErrorShortMsg;
+    echo "Error Code: " . $ErrorCode;
+    echo "Error Severity Code: " . $ErrorSeverityCode;
+}

plugin/buycourses/src/function.php

@@ -0,0 +1,310 @@
+<?php
+
+require_once '../config.php';
+require_once 'buy_course.lib.php';
+require_once api_get_path(LIBRARY_PATH) . 'mail.lib.inc.php';
+require_once api_get_path(LIBRARY_PATH) . 'course.lib.php';
+
+$tableBuyCourse = Database::get_main_table(TABLE_BUY_COURSE);
+$tableBuyCourseCountry = Database::get_main_table(TABLE_BUY_COURSE_COUNTRY);
+$tableBuyCoursePaypal = Database::get_main_table(TABLE_BUY_COURSE_PAYPAL);
+$tableBuyCourseTransference = Database::get_main_table(TABLE_BUY_COURSE_TRANSFERENCE);
+$tableBuyCourseTemporal = Database::get_main_table(TABLE_BUY_COURSE_TEMPORAL);
+$tableCourse = Database::get_main_table(TABLE_MAIN_COURSE);
+$tableCourseRelUser = Database::get_main_table(TABLE_MAIN_COURSE_USER);
+$tableUser = Database::get_main_table(TABLE_MAIN_USER);
+
+$plugin = Buy_CoursesPlugin::create();
+$buy_name = $plugin->get_lang('Buy');
+
+if ($_REQUEST['tab'] == 'sync') {
+    $sql = "SELECT code, title FROM $tableCourse;";
+    $res = Database::query($sql);
+    while ($row = Database::fetch_assoc($res)) {
+        $aux_code .= $row['code'];
+        $aux_title .= $row['title'];
+    }
+    echo json_encode(array("status" => "true", "content" => $content));
+}
+
+if ($_REQUEST['tab'] == 'courses_filter') {
+    $course = Database::escape_string($_REQUEST['course']);
+    $priceMin = Database::escape_string($_REQUEST['pricemin']);
+    $priceMax = Database::escape_string($_REQUEST['pricemax']);
+    $show = Database::escape_string($_REQUEST['show']);
+    $category = Database::escape_string($_REQUEST['category']);
+    $server = Database::escape_string($_configuration['root_web']);
+
+    $filter = '';
+    if ($course != '') {
+        $filter .= "b.title LIKE '%" . $course . "%'";
+    }
+    if ($priceMin != '') {
+        if ($filter == '') {
+            $filter .= "a.price >= '" . $priceMin . "'";
+        } else {
+            $filter .= " AND a.price >= '" . $priceMin . "'";
+        }
+    }
+
+    if ($priceMax != '') {
+        if ($filter == '') {
+            $filter .= "a.price <= '" . $priceMax . "'";
+        } else {
+            $filter .= " AND a.price <= '" . $priceMax . "'";
+        }
+    }
+
+    if ($category != '') {
+        if ($filter == '') {
+            $filter .= "b.category_code='" . $category . "'";
+        } else {
+            $filter .= " AND b.category_code='" . $category . "'";
+        }
+    }
+
+    if ($filter == '') {
+        $sql = "SELECT a.id_course, a.visible, a.price, b.*
+            FROM $tableBuyCourse a, $tableCourse b
+            WHERE a.id_course = b.id
+            AND a.visible = 1;";
+    } else {
+        $sql = "SELECT a.id_course, a.visible, a.price, b.*
+            FROM $tableBuyCourse a, $tableCourse b
+            WHERE a.id_course = b.id
+            AND a.visible = 1 AND " . $filter . ";";
+    }
+
+    $res = Database::query($sql);
+    $aux = array();
+    while ($row = Database::fetch_assoc($res)) {
+        //Check teacher
+        $sql = "SELECT lastname, firstname
+            FROM $tableCourseRelUser a, $tableUser b
+            WHERE a.course_code = '" . $row['code'] . "'
+            AND a.role <> ''
+            AND a.role <> 'NULL'
+            AND a.user_id = b.user_id;";
+
+        $tmp = Database::query($sql);
+        $rowTmp = Database::fetch_assoc($tmp);
+        $row['teacher'] = $rowTmp['firstname'] . ' ' . $rowTmp['lastname'];
+        //Check if the student is enrolled
+        if (isset($_SESSION['_user']) || $_SESSION['_user']['user_id'] != '') {
+            $sql = "SELECT 1 FROM $tableCourseRelUser
+                WHERE course_code = '" . $row['code'] . "'
+                AND user_id = " . intval($_SESSION['_user']['user_id']) . ";";
+
+            $tmp = Database::query($sql);
+            if (Database::affected_rows() > 0) {
+                $row['enrolled'] = "YES";
+            } else {
+                $row['enrolled'] = "NO";
+            }
+        } else {
+            $row['enrolled'] = "NO";
+        }
+        // Check img
+        if (file_exists("../../../courses/" . $row['code'] . "/course-pic85x85.png")) {
+            $row['course_img'] = "courses/" . $row['code'] . "/course-pic85x85.png";
+        } else {
+            $row['course_img'] = "main/img/without_picture.png";
+        }
+
+        if ($show == "YES" && $row['enrolled'] == "YES") {
+            ;
+        } else {
+            $aux[] = $row;
+        }
+
+    }
+    $currencyType = findCurrency();
+    foreach ($aux as $course) {
+        $content .= '<div class="well_border span8">';
+        $content .= '<div class="row">';
+        $content .= '<div class="span">';
+        $content .= '<div class="thumbnail">';
+        $content .= '<a class="ajax" rel="gb_page_center[778]" title="" href="' . $server . 'main/inc/ajax/course_home.ajax.php?a=show_course_information&code=' . $course['code'] . '">';
+        $content .= '<img alt="" src="' . $server . $course['course_img'] . '">';
+        $content .= '</a>';
+        $content .= '</div>';
+        $content .= '</div>';
+        $content .= '<div class="span4">';
+        $content .= '<div class="categories-course-description">';
+        $content .= '<h3>' . $course['title'] . '</h3>';
+        $content .= '<h5>' . get_lang('Teacher') . ': ' . $course['teacher'] . '</h5>';
+        $content .= '</div>';
+        if ($course['enrolled'] == "YES") {
+            $content .= '<span class="label label-info">' .  $plugin->get_lang('TheUserIsAlreadyRegistered') . '</span>';
+        }
+        $content .= '</div>';
+        $content .= '<div class="span right">';
+        $content .= '<div class="sprice right">' . $course['price'] . ' ' . $currencyType . ' </div>';
+        $content .= '<div class="cleared"></div>';
+        $content .= '<div class="btn-toolbar right">';
+        $content .= '<a class="ajax btn btn-primary" title="" href="' . $server . 'main/inc/ajax/course_home.ajax.php?a=show_course_information&code=' . $course['code'] . '">' . get_lang('Description') . '</a>&nbsp;';
+        if ($course['enrolled'] != "YES") {
+            $content .= '<a class="btn btn-success" title="" href="' . $server . 'plugin/buy_courses/src/process.php?code=' . $course['id'] . '">' . $buy_name . '</a>';
+        }
+        $content .= '</div>';
+        $content .= '</div>';
+        $content .= '</div>';
+        $content .= '</div>';
+    }
+
+    echo json_encode(array("status" => "true", "content" => $content));
+}
+
+if ($_REQUEST['tab'] == 'save_currency') {
+    $id = $_REQUEST['currency'];
+    $sql = "UPDATE $tableBuyCourseCountry SET status='0';";
+    $res = Database::query($sql);
+    $sql = "UPDATE $tableBuyCourseCountry SET status='1' WHERE id_country='" . $id . "';";
+    $res = Database::query($sql);
+    if (!res) {
+        $content = $plugin->get_lang('ProblemToSaveTheCurrencyType') . Database::error();
+        echo json_encode(array("status" => "false", "content" => $content));
+    } else {
+        $content = get_lang('Saved');
+        echo json_encode(array("status" => "true", "content" => $content));
+    }
+}
+
+if ($_REQUEST['tab'] == 'save_paypal') {
+    $username = Database::escape_string($_REQUEST['username']);
+    $password = Database::escape_string($_REQUEST['password']);
+    $signature = Database::escape_string($_REQUEST['signature']);
+    $sandbox = Database::escape_string($_REQUEST['sandbox']);
+    $sql = "UPDATE $tableBuyCoursePaypal
+        SET sandbox = '" . $sandbox . "',
+        username = '" . $username . "',
+        password = '" . $password . "',
+        signature = '" . $signature . "'
+        WHERE id = '1';";
+
+    $res = Database::query($sql);
+    if (!res) {
+        $content = $plugin->get_lang('ProblemToSaveThePaypalParameters') . Database::error();
+        echo json_encode(array("status" => "false", "content" => $content));
+    } else {
+        $content = get_lang('Saved');
+        echo json_encode(array("status" => "true", "content" => $content));
+    }
+}
+
+if ($_REQUEST['tab'] == 'add_account') {
+    $name = Database::escape_string($_REQUEST['name']);
+    $account = Database::escape_string($_REQUEST['account']);
+    $swift = Database::escape_string($_REQUEST['swift']);
+    $sql = "INSERT INTO $tableBuyCourseTransference (name, account, swift)
+        VALUES ('" . $name . "','" . $account . "', '" . $swift . "');";
+
+    $res = Database::query($sql);
+    if (!res) {
+        $content = $plugin->get_lang('ProblemToInsertANewAccount') . Database::error();
+        echo json_encode(array("status" => "false", "content" => $content));
+    } else {
+        $content = get_lang('Saved');
+        echo json_encode(array("status" => "true", "content" => $content));
+    }
+}
+
+if ($_REQUEST['tab'] == 'delete_account') {
+    $_REQUEST['id'] = intval($_REQUEST['id']);
+    $id = $_REQUEST['id'];
+
+    $sql = "DELETE FROM $tableBuyCourseTransference WHERE id='" . $id . "';";
+    $res = Database::query($sql);
+    if (!res) {
+        $content = $plugin->get_lang('ProblemToDeleteTheAccount') . Database::error();
+        echo json_encode(array("status" => "false", "content" => $content));
+    } else {
+        $content = get_lang('Saved');
+        echo json_encode(array("status" => "true", "content" => $content));
+    }
+}
+
+if ($_REQUEST['tab'] == 'save_mod') {
+    $_REQUEST['id'] = Database::escape_string($_REQUEST['id']);
+    $idCourse = intval($_REQUEST['id_course']);
+    $visible = ($_REQUEST['visible'] == "checked") ? 1 : 0;
+    $price = Database::escape_string($_REQUEST['price']);
+    $obj = $_REQUEST['obj'];
+
+    $sql = "UPDATE $tableBuyCourse
+        SET visible = " . $visible . ",
+        price = '" . $price . "'
+        WHERE id_course = '" . $idCourse . "';";
+
+    $res = Database::query($sql);
+    if (!res) {
+        $content = $plugin->get_lang('ProblemToSaveTheMessage') . Database::error();
+        echo json_encode(array("status" => "false", "content" => $content));
+    } else {
+        echo json_encode(array("status" => "true", "id_course" => $idCourse));
+    }
+}
+
+if ($_REQUEST['tab'] == 'unset_variables') {
+    unset($_SESSION['bc_user_id']);
+    unset($_SESSION['bc_registered']);
+    unset($_SESSION['bc_course_code']);
+    unset($_SESSION['bc_course_title']);
+    unset($_SESSION["Payment_Amount"]);
+    unset($_SESSION["currencyCodeType"]);
+    unset($_SESSION["PaymentType"]);
+    unset($_SESSION["nvpReqArray"]);
+    unset($_SESSION['TOKEN']);
+    $_SESSION['bc_success'] = false;
+    $_SESSION['bc_message'] = 'CancelOrder';
+    unset($_SESSION['bc_url']);
+}
+
+if ($_REQUEST['tab'] == 'clear_order') {
+    $_REQUEST['id'] = intval($_REQUEST['id']);
+    $id = substr($_REQUEST['id'], 6);
+    $sql = "DELETE FROM $tableBuyCourseTemporal WHERE cod='" . $id . "';";
+
+    $res = Database::query($sql);
+    if (!res) {
+        $content = $plugin->get_lang('ProblemToDeleteTheAccount') . Database::error();
+        echo json_encode(array("status" => "false", "content" => $content));
+    } else {
+        $content = get_lang('Saved');
+        echo json_encode(array("status" => "true", "content" => $content));
+    }
+}
+
+if ($_REQUEST['tab'] == 'confirm_order') {
+    $_REQUEST['id'] = intval($_REQUEST['id']);
+    $id = substr($_REQUEST['id'], 6);
+    $sql = "SELECT * FROM $tableBuyCourseTemporal WHERE cod='" . $id . "';";
+    $res = Database::query($sql);
+    $row = Database::fetch_assoc($res);
+
+    $isAllowed = false;
+    $user_id = $row['user_id'];
+    $course_code = $row['course_code'];
+    $all_course_information = CourseManager::get_course_information($course_code);
+
+    if (CourseManager::subscribe_user($user_id, $course_code)) {
+        $isAllowed = true;
+    } else {
+        $isAllowed = false;
+    }
+    //Activate user account
+    if ($isAllowed) {
+        // 1. set account inactive
+        $sql = "UPDATE $tableUser SET active = '1' WHERE user_id = " . intval($_SESSION['bc_user_id']) . "";
+        Database::query($sql);
+
+        $sql = "DELETE FROM $tableBuyCourseTemporal WHERE cod='" . $id . "';";
+        $res = Database::query($sql);
+
+        $content = $plugin->get_lang('TheSubscriptionAndActivationWereDoneSuccessfully');
+        echo json_encode(array("status" => "true", "content" => $content));
+    } else {
+        $content = $plugin->get_lang('ProblemToSubscribeTheUser');
+        echo json_encode(array("status" => "false", "content" => $content));
+    }
+}

plugin/buycourses/src/index.buycourses.php

@@ -0,0 +1,25 @@
+<?php
+/**
+ * @package chamilo.plugin.themeselect
+ */
+
+$plugin = Buy_CoursesPlugin::create();
+$guess_enable = $plugin->get('unregistered_users_enable');
+
+if ($guess_enable == "true" || isset($_SESSION['_user'])) {
+    $title = $plugin->get_lang('CourseListOnSale');
+    $templateName = $plugin->get_lang('BuyCourses');
+
+    $tpl = new Template($templateName);
+    $tpl->assign('isAdmin', api_is_platform_admin());
+    $tpl->assign('title', $title);
+    $tpl->assign('BuyCourses', $templateName);
+    $tpl->assign('ConfigurationOfCoursesAndPrices', $plugin->get_lang('ConfigurationOfCoursesAndPrices'));
+    $tpl->assign('ConfigurationOfPayments', $plugin->get_lang('ConfigurationOfPayments'));
+    $tpl->assign('OrdersPendingOfPayment', $plugin->get_lang('OrdersPendingOfPayment'));
+    $listing_tpl = 'buy_courses/view/index.tpl';
+    $content = $tpl->fetch($listing_tpl);
+    $tpl->assign('content', $content);
+    $tpl->display_one_col_template();
+}
+ 

plugin/buycourses/src/index.php

@@ -0,0 +1 @@
+<?php

plugin/buycourses/src/inscription.php

@@ -0,0 +1,336 @@
+<?php
+/* For licensing terms, see /license.txt */
+
+/**
+ * This script displays a form for registering new users.
+ * @package  chamilo.auth
+ */
+
+use ChamiloSession as Session;
+
+$language_file = array('registration', 'admin');
+
+if (!empty($_POST['language'])) { //quick hack to adapt the registration form result to the selected registration language
+    $_GET['language'] = $_POST['language'];
+}
+require_once '../config.php';
+require_once api_get_path(CONFIGURATION_PATH) . 'profile.conf.php';
+require_once api_get_path(LIBRARY_PATH) . 'mail.lib.inc.php';
+
+if (!empty($_SESSION['user_language_choice'])) {
+    $user_selected_language = $_SESSION['user_language_choice'];
+} elseif (!empty($_SESSION['_user']['language'])) {
+    $user_selected_language = $_SESSION['_user']['language'];
+} else {
+    $user_selected_language = get_setting('platformLanguage');
+}
+
+$form = new FormValidator('registration');
+
+if (api_get_setting('allow_terms_conditions') == 'true') {
+    $user_already_registered_show_terms = isset($_SESSION['term_and_condition']['user_id']);
+} else {
+    $user_already_registered_show_terms = false;
+}
+
+//Direct Link Subscription feature #5299
+$course_code_redirect = isset($_REQUEST['c']) && !empty($_REQUEST['c']) ? $_REQUEST['c'] : null;
+$exercise_redirect = isset($_REQUEST['e']) && !empty($_REQUEST['e']) ? $_REQUEST['e'] : null;
+
+if (!empty($course_code_redirect)) {
+    Session::write('course_redirect', $course_code_redirect);
+    Session::write('exercise_redirect', $exercise_redirect);
+}
+
+if ($user_already_registered_show_terms == false) {
+
+    if (api_is_western_name_order()) {
+        //	FIRST NAME and LAST NAME
+        $form->addElement('text', 'firstname', get_lang('FirstName'), array('size' => 40));
+        $form->addElement('text', 'lastname', get_lang('LastName'), array('size' => 40));
+    } else {
+        //	LAST NAME and FIRST NAME
+        $form->addElement('text', 'lastname', get_lang('LastName'), array('size' => 40));
+        $form->addElement('text', 'firstname', get_lang('FirstName'), array('size' => 40));
+    }
+    $form->applyFilter(array('lastname', 'firstname'), 'trim');
+    $form->addRule('lastname', get_lang('ThisFieldIsRequired'), 'required');
+    $form->addRule('firstname', get_lang('ThisFieldIsRequired'), 'required');
+
+    //	EMAIL
+    $form->addElement('text', 'email', get_lang('Email'), array('size' => 40));
+    if (api_get_setting('registration', 'email') == 'true') {
+        $form->addRule('email', get_lang('ThisFieldIsRequired'), 'required');
+    }
+
+    if (api_get_setting('login_is_email') == 'true') {
+        $form->applyFilter('email', 'trim');
+        if (api_get_setting('registration', 'email') != 'true') {
+            $form->addRule('email', get_lang('ThisFieldIsRequired'), 'required');
+        }
+        $form->addRule('email', sprintf(get_lang('UsernameMaxXCharacters'), (string)USERNAME_MAX_LENGTH), 'maxlength', USERNAME_MAX_LENGTH);
+        $form->addRule('email', get_lang('UserTaken'), 'username_available');
+    }
+
+    $form->addRule('email', get_lang('EmailWrong'), 'email');
+    if (api_get_setting('openid_authentication') == 'true') {
+        $form->addElement('text', 'openid', get_lang('OpenIDURL'), array('size' => 40));
+    }
+
+    //	USERNAME
+    if (api_get_setting('login_is_email') != 'true') {
+        $form->addElement('text', 'username', get_lang('UserName'), array('size' => USERNAME_MAX_LENGTH));
+        $form->applyFilter('username', 'trim');
+        $form->addRule('username', get_lang('ThisFieldIsRequired'), 'required');
+        $form->addRule('username', sprintf(get_lang('UsernameMaxXCharacters'), (string)USERNAME_MAX_LENGTH), 'maxlength', USERNAME_MAX_LENGTH);
+        $form->addRule('username', get_lang('UsernameWrong'), 'username');
+        $form->addRule('username', get_lang('UserTaken'), 'username_available');
+    }
+
+    //	PASSWORD
+    $form->addElement('password', 'pass1', get_lang('Pass'), array('size' => 20, 'autocomplete' => 'off'));
+    $form->addElement('password', 'pass2', get_lang('Confirmation'), array('size' => 20, 'autocomplete' => 'off'));
+    $form->addRule('pass1', get_lang('ThisFieldIsRequired'), 'required');
+    $form->addRule('pass2', get_lang('ThisFieldIsRequired'), 'required');
+    $form->addRule(array('pass1', 'pass2'), get_lang('PassTwo'), 'compare');
+
+    if (CHECK_PASS_EASY_TO_FIND) {
+        $form->addRule('password1', get_lang('PassTooEasy') . ': ' . api_generate_password(), 'callback', 'api_check_password');
+    }
+
+    //	PHONE
+    $form->addElement('text', 'phone', get_lang('Phone'), array('size' => 20));
+    if (api_get_setting('registration', 'phone') == 'true') {
+        $form->addRule('phone', get_lang('ThisFieldIsRequired'), 'required');
+    }
+
+    //	LANGUAGE
+    if (api_get_setting('registration', 'language') == 'true') {
+        $form->addElement('select_language', 'language', get_lang('Language'));
+    }
+
+}
+
+if (isset($_SESSION['user_language_choice']) && $_SESSION['user_language_choice'] != '') {
+    $defaults['language'] = $_SESSION['user_language_choice'];
+} else {
+    $defaults['language'] = api_get_setting('platformLanguage');
+}
+if (!empty($_GET['username'])) {
+    $defaults['username'] = Security::remove_XSS($_GET['username']);
+}
+if (!empty($_GET['email'])) {
+    $defaults['email'] = Security::remove_XSS($_GET['email']);
+}
+
+if (!empty($_GET['phone'])) {
+    $defaults['phone'] = Security::remove_XSS($_GET['phone']);
+}
+
+if (api_get_setting('openid_authentication') == 'true' && !empty($_GET['openid'])) {
+    $defaults['openid'] = Security::remove_XSS($_GET['openid']);
+}
+$defaults['status'] = STUDENT;
+
+if (is_array($extra_data)) {
+    $defaults = array_merge($defaults, $extra_data);
+}
+
+$form->setDefaults($defaults);
+
+$content = null;
+
+if (api_get_setting('allow_terms_conditions') == 'true') {
+    $get = array_keys($_GET);
+    if (isset($get)) {
+        if ($get[0] == 'legal') {
+            $language = api_get_interface_language();
+            $language = api_get_language_id($language);
+            $term_preview = LegalManager::get_last_condition($language);
+            if (!$term_preview) {
+                //look for the default language
+                $language = api_get_setting('platformLanguage');
+                $language = api_get_language_id($language);
+                $term_preview = LegalManager::get_last_condition($language);
+            }
+            $tool_name = get_lang('TermsAndConditions');
+            Display :: display_header($tool_name);
+
+            if (!empty($term_preview['content'])) {
+                echo $term_preview['content'];
+            } else {
+                echo get_lang('ComingSoon');
+            }
+            Display :: display_footer();
+            exit;
+        }
+    }
+}
+
+$tool_name = get_lang('Registration', null, (!empty($_POST['language']) ? $_POST['language'] : $_user['language']));
+
+if (api_get_setting('allow_terms_conditions') == 'true' && $user_already_registered_show_terms) {
+    $tool_name = get_lang('TermsAndConditions');
+}
+
+$home = api_get_path(SYS_PATH) . 'home/';
+if (api_is_multiple_url_enabled()) {
+    $access_url_id = api_get_current_access_url_id();
+    if ($access_url_id != -1) {
+        $url_info = api_get_access_url($access_url_id);
+        $url = api_remove_trailing_slash(preg_replace('/https?:\/\//i', '', $url_info['url']));
+        $clean_url = replace_dangerous_char($url);
+        $clean_url = str_replace('/', '-', $clean_url);
+        $clean_url .= '/';
+        $home_old = api_get_path(SYS_PATH) . 'home/';
+        $home = api_get_path(SYS_PATH) . 'home/' . $clean_url;
+    }
+}
+
+if (file_exists($home . 'register_top_' . $user_selected_language . '.html')) {
+    $home_top_temp = @(string)file_get_contents($home . 'register_top_' . $user_selected_language . '.html');
+    $open = str_replace('{rel_path}', api_get_path(REL_PATH), $home_top_temp);
+    $open = api_to_system_encoding($open, api_detect_encoding(strip_tags($open)));
+    if (!empty($open)) {
+        $content = '<div class="well_border">' . $open . '</div>';
+    }
+}
+
+$content .= Display::return_message(get_lang('YourAccountHasToBeApproved'));
+
+// Terms and conditions
+if (api_get_setting('allow_terms_conditions') == 'true') {
+    $language = api_get_interface_language();
+    $language = api_get_language_id($language);
+    $term_preview = LegalManager::get_last_condition($language);
+
+    if (!$term_preview) {
+        //we load from the platform
+        $language = api_get_setting('platformLanguage');
+        $language = api_get_language_id($language);
+        $term_preview = LegalManager::get_last_condition($language);
+
+        //if is false we load from english
+        if (!$term_preview) {
+            $language = api_get_language_id('english'); //this must work
+            $term_preview = LegalManager::get_last_condition($language);
+        }
+    }
+
+    // Version and language
+    $form->addElement('hidden', 'legal_accept_type', $term_preview['version'] . ':' . $term_preview['language_id']);
+    $form->addElement('hidden', 'legal_info', $term_preview['legal_id'] . ':' . $term_preview['language_id']);
+
+    if ($term_preview['type'] == 1) {
+        $form->addElement('checkbox', 'legal_accept', null, get_lang('IHaveReadAndAgree') . '&nbsp;<a href="inscription.php?legal" target="_blank">' . get_lang('TermsAndConditions') . '</a>');
+        $form->addRule('legal_accept', get_lang('ThisFieldIsRequired'), 'required');
+    } else {
+        $preview = LegalManager::show_last_condition($term_preview);
+        $form->addElement('label', null, $preview);
+    }
+}
+
+$form->addElement('button', 'submit', get_lang('RegisterUser'), array('class' => 'btn btn-primary btn-large'));
+
+if ($form->validate()) {
+    $values = $form->exportValues();
+    $values['username'] = api_substr($values['username'], 0, USERNAME_MAX_LENGTH); //make *sure* the login isn't too long
+    $values['status'] = STUDENT;
+    $values['official_code'] = api_strtoupper($values['username']);
+
+    if (api_get_setting('login_is_email') == 'true') {
+        $values['username'] = $values['email'];
+    }
+
+    // Creates a new user
+    $user_id = UserManager::create_user($values['firstname'], $values['lastname'], $values['status'], $values['email'], $values['username'], $values['pass1'], $values['official_code'], $values['language'], $values['phone'], $picture_uri, PLATFORM_AUTH_SOURCE, null, 1, 0, null, null, true);
+
+    // Register extra fields
+    $extras = array();
+    foreach ($values as $key => $value) {
+        if (substr($key, 0, 6) == 'extra_') { //an extra field
+            $extras[substr($key, 6)] = $value;
+        }
+    }
+
+    //update the extra fields
+    $count_extra_field = count($extras);
+    if ($count_extra_field > 0) {
+        foreach ($extras as $key => $value) {
+            UserManager::update_extra_field_value($user_id, $key, $value);
+        }
+    }
+
+    if ($user_id) {
+        // storing the extended profile
+        $store_extended = false;
+        $sql = "UPDATE " . Database::get_main_table(TABLE_MAIN_USER) . " SET ";
+        if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'mycomptetences') == 'true') {
+            $sql_set[] = "competences = '" . Database::escape_string($values['competences']) . "'";
+            $store_extended = true;
+        }
+        if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'mydiplomas') == 'true') {
+            $sql_set[] = "diplomas = '" . Database::escape_string($values['diplomas']) . "'";
+            $store_extended = true;
+        }
+        if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'myteach') == 'true') {
+            $sql_set[] = "teach = '" . Database::escape_string($values['teach']) . "'";
+            $store_extended = true;
+        }
+        if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'mypersonalopenarea') == 'true') {
+            $sql_set[] = "openarea = '" . Database::escape_string($values['openarea']) . "'";
+            $store_extended = true;
+        }
+        if ($store_extended) {
+            $sql .= implode(',', $sql_set);
+            $sql .= " WHERE user_id = '" . Database::escape_string($user_id) . "'";
+            Database::query($sql);
+        }
+
+        // if there is a default duration of a valid account then we have to change the expiration_date accordingly
+        if (api_get_setting('account_valid_duration') != '') {
+            $sql = "UPDATE " . Database::get_main_table(TABLE_MAIN_USER) . " SET expiration_date='registration_date+1' WHERE user_id='" . $user_id . "'";
+            Database::query($sql);
+        }
+
+        // if the account has to be approved then we set the account to inactive, sent a mail to the platform admin and exit the page.
+
+        $TABLE_USER = Database::get_main_table(TABLE_MAIN_USER);
+        // 1. set account inactive
+        $sql = "UPDATE " . $TABLE_USER . "	SET active='0' WHERE user_id='" . $user_id . "'";
+        Database::query($sql);
+    }
+
+
+    // Terms & Conditions
+    if (api_get_setting('allow_terms_conditions') == 'true') {
+        // update the terms & conditions
+
+        if (isset($values['legal_accept_type'])) {
+            $cond_array = explode(':', $values['legal_accept_type']);
+            if (!empty($cond_array[0]) && !empty($cond_array[1])) {
+                $time = time();
+                $condition_to_save = intval($cond_array[0]) . ':' . intval($cond_array[1]) . ':' . $time;
+                UserManager::update_extra_field_value($user_id, 'legal_accept', $condition_to_save);
+            }
+        }
+        $values = api_get_user_info($user_id);
+    }
+
+    /* SESSION REGISTERING */
+    /* @todo move this in a function */
+    $_user['firstName'] = stripslashes($values['firstname']);
+    $_user['lastName'] = stripslashes($values['lastname']);
+    $_user['mail'] = $values['email'];
+    $_user['language'] = $values['language'];
+    $_user['user_id'] = $user_id;
+    $_user['username'] = $values['username'];
+    Session::write('bc_user', $_user);
+    header('Location:process.php');
+} else {
+    Display :: display_header($tool_name);
+    echo Display::page_header($tool_name);
+    echo $content;
+    $form->display();
+    Display :: display_footer();
+}

plugin/buycourses/src/list.php

@@ -0,0 +1,55 @@
+<?php
+/**
+ * @package chamilo.plugin.buy_courses
+ */
+/**
+ * Initialization
+ */
+
+require_once '../../../main/inc/global.inc.php';
+require_once api_get_path(LIBRARY_PATH) . 'plugin.class.php';
+require_once 'buy_course_plugin.class.php';
+require_once 'buy_course.lib.php';
+
+$course_plugin = 'buy_courses';
+$plugin = Buy_CoursesPlugin::create();
+$_cid = 0;
+
+if (api_is_platform_admin()) {
+    $interbreadcrumb[] = array("url" => "configuration.php", "name" => $plugin->get_lang('AvailableCoursesConfiguration'));
+    $interbreadcrumb[] = array("url" => "paymentsetup.php", "name" => $plugin->get_lang('PaymentsConfiguration'));
+}
+
+$templateName = $plugin->get_lang('CourseListOnSale');
+$tpl = new Template($templateName);
+if (isset($_SESSION['bc_success'])) {
+    $tpl->assign('rmessage', 'YES');
+    if ($_SESSION['bc_success'] == true) {
+        $message = sprintf($plugin->get_lang($_SESSION['bc_message']), $_SESSION['bc_url']);
+        unset($_SESSION['bc_url']);
+        $tpl->assign('class', 'confirmation-message');
+    } else {
+        $message = $plugin->get_lang($_SESSION['bc_message']);
+        $tpl->assign('class', 'warning-message');
+    }
+    $tpl->assign('responseMessage', $message);
+    unset($_SESSION['bc_success']);
+    unset($_SESSION['bc_message']);
+
+} else {
+    $tpl->assign('rmessage', 'NO');
+}
+
+$courseList = userCourseList();
+$categoryList = listCategories();
+$currencyType = findCurrency();
+
+$tpl->assign('server', $_configuration['root_web']);
+$tpl->assign('courses', $courseList);
+$tpl->assign('category', $categoryList);
+$tpl->assign('currency', $currencyType);
+
+$listing_tpl = 'buy_courses/view/list.tpl';
+$content = $tpl->fetch($listing_tpl);
+$tpl->assign('content', $content);
+$tpl->display_one_col_template();

plugin/buycourses/src/paymentsetup.php

@@ -0,0 +1,49 @@
+<?php
+/**
+ * Initialization
+ */
+require_once dirname(__FILE__) . '/buy_course.lib.php';
+require_once '../../../main/inc/global.inc.php';
+require_once 'buy_course_plugin.class.php';
+$plugin = Buy_CoursesPlugin::create();
+$_cid = 0;
+$templateName = $plugin->get_lang('PaymentConfiguration');
+$interbreadcrumb[] = array("url" => "list.php", "name" => $plugin->get_lang('CourseListOnSale'));
+$interbreadcrumb[] = array("url" => "configuration.php", "name" => $plugin->get_lang('AvailableCoursesConfiguration'));
+
+$tpl = new Template($templateName);
+$teacher = api_is_platform_admin();
+api_protect_course_script(true);
+
+if ($teacher) {
+    // Sync course table with the plugin
+    $listCurrency = listCurrency();
+    $paypalParams = paypalParameters();
+    $transferenceParams = transferenceParameters();
+
+    $confirmationImg = api_get_path(WEB_PLUGIN_PATH) . 'buy_courses/resources/message_confirmation.png';
+    $saveImg = api_get_path(WEB_PLUGIN_PATH) . 'buy_courses/resources/save.png';
+    $moreImg = api_get_path(WEB_PLUGIN_PATH) . 'buy_courses/resources/more.png';
+    $deleteImg = api_get_path(WEB_PLUGIN_PATH) . 'buy_courses/resources/delete.png';
+    $showImg = api_get_path(WEB_PLUGIN_PATH) . 'buy_courses/resources/acces_tool.gif';
+
+    $paypalEnable = $plugin->get('paypal_enable');
+    $transferenceEnable = $plugin->get('transference_enable');
+
+    $tpl->assign('server', $_configuration['root_web']);
+    $tpl->assign('currencies', $listCurrency);
+    $tpl->assign('paypal', $paypalParams);
+    $tpl->assign('transference', $transferenceParams);
+    $tpl->assign('confirmation_img', $confirmationImg);
+    $tpl->assign('save_img', $saveImg);
+    $tpl->assign('more_img', $moreImg);
+    $tpl->assign('delete_img', $deleteImg);
+    $tpl->assign('show_img', $showImg);
+    $tpl->assign('paypal_enable', $paypalEnable);
+    $tpl->assign('transference_enable', $transferenceEnable);
+
+    $listing_tpl = 'buy_courses/view/paymentsetup.tpl';
+    $content = $tpl->fetch($listing_tpl);
+    $tpl->assign('content', $content);
+    $tpl->display_one_col_template();
+}

plugin/buycourses/src/paypalfunctions.php

@@ -0,0 +1,383 @@
+<?php
+/********************************************
+ * PayPal API Module
+ *
+ * Defines all the global variables and the wrapper functions
+ ********************************************/
+$PROXY_HOST = '127.0.0.1';
+$PROXY_PORT = '808';
+
+$SandboxFlag = $pruebas;
+
+/**
+ * PayPal API Credentials
+ * Replace <API_USERNAME> with your API Username
+ * Replace <API_PASSWORD> with your API Password
+ * Replace <API_SIGNATURE> with your Signature
+ */
+$API_UserName = $paypalUsername;
+$API_Password = $paypalPassword;
+$API_Signature = $paypalSignature;
+
+// BN Code is only applicable for partners
+$sBNCode = "PP-ECWizard";
+
+/**
+ * Define the PayPal Redirect URLs.
+ * This is the URL that the buyer is first sent to do authorize payment with their paypal account
+ * change the URL depending if you are testing on the sandbox or the live PayPal site
+ *
+ * For the sandbox, the URL is https://www.sandbox.paypal.com/webscr&cmd=_express-checkout&token=
+ * For the live site, the URL is https://www.paypal.com/webscr&cmd=_express-checkout&token=
+ */
+
+if ($SandboxFlag == true) {
+    $API_Endpoint = "https://api-3t.sandbox.paypal.com/nvp";
+    $PAYPAL_URL = "https://www.sandbox.paypal.com/webscr?cmd=_express-checkout&token=";
+} else {
+    $API_Endpoint = "https://api-3t.paypal.com/nvp";
+    $PAYPAL_URL = "https://www.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=";
+}
+
+$USE_PROXY = false;
+$version = "93";
+
+if (session_id() == "") {
+    session_start();
+}
+
+/**
+ * An express checkout transaction starts with a token, that
+ * identifies to PayPal your transaction
+ * In this example, when the script sees a token, the script
+ * knows that the buyer has already authorized payment through
+ * paypal.  If no token was found, the action is to send the buyer
+ * to PayPal to first authorize payment
+ */
+
+/**
+ * Purpose: 	Prepares the parameters for the SetExpressCheckout API Call.
+ * Inputs:
+ *		paymentAmount:  	Total value of the shopping cart
+ *		currencyCodeType: 	Currency code value the PayPal API
+ *		paymentType: 		paymentType has to be one of the following values: Sale or Order or Authorization
+ *		returnURL:			the page where buyers return to after they are done with the payment review on PayPal
+ *		cancelURL:			the page where buyers return to when they cancel the payment review on PayPal
+ */
+function CallShortcutExpressCheckout($paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL, $extra)
+{
+    // Construct the parameter string that describes the SetExpressCheckout API call in the shortcut implementation
+    $nvpstr = "&PAYMENTREQUEST_0_AMT=" . $paymentAmount;
+    $nvpstr .= "&PAYMENTREQUEST_0_ITEMAMT=" . $paymentAmount;
+    $nvpstr .= "&PAYMENTREQUEST_0_PAYMENTACTION=" . $paymentType;
+    $nvpstr .= "&RETURNURL=" . $returnURL;
+    $nvpstr .= "&CANCELURL=" . $cancelURL;
+    $nvpstr .= "&PAYMENTREQUEST_0_CURRENCYCODE=" . $currencyCodeType;
+    $nvpstr .= $extra;
+
+    $_SESSION["currencyCodeType"] = $currencyCodeType;
+    $_SESSION["PaymentType"] = $paymentType;
+
+    /**
+     * Make the API call to PayPal
+     * If the API call succeded, then redirect the buyer to PayPal to begin to authorize payment.
+     * If an error occured, show the resulting errors
+     */
+    $resArray = hash_call("SetExpressCheckout", $nvpstr);
+    $ack = strtoupper($resArray["ACK"]);
+    if ($ack == "SUCCESS" || $ack == "SUCCESSWITHWARNING") {
+        $token = urldecode($resArray["TOKEN"]);
+        $_SESSION['TOKEN'] = $token;
+    }
+
+    return $resArray;
+}
+
+/**
+ * Purpose: 	Prepares the parameters for the SetExpressCheckout API Call.
+ * Inputs:
+ *		paymentAmount:  	Total value of the shopping cart
+ *		currencyCodeType: 	Currency code value the PayPal API
+ *		paymentType: 		paymentType has to be one of the following values: Sale or Order or Authorization
+ *		returnURL:			the page where buyers return to after they are done with the payment review on PayPal
+ *		cancelURL:			the page where buyers return to when they cancel the payment review on PayPal
+ *		shipToName:		the Ship to name entered on the merchant's site
+ *		shipToStreet:		the Ship to Street entered on the merchant's site
+ *		shipToCity:			the Ship to City entered on the merchant's site
+ *		shipToState:		the Ship to State entered on the merchant's site
+ *		shipToCountryCode:	the Code for Ship to Country entered on the merchant's site
+ *		shipToZip:			the Ship to ZipCode entered on the merchant's site
+ *		shipToStreet2:		the Ship to Street2 entered on the merchant's site
+ *		phoneNum:			the phoneNum  entered on the merchant's site
+ */
+function CallMarkExpressCheckout($paymentAmount, $currencyCodeType, $paymentType, $returnURL,
+                                 $cancelURL, $shipToName, $shipToStreet, $shipToCity, $shipToState,
+                                 $shipToCountryCode, $shipToZip, $shipToStreet2, $phoneNum
+)
+{
+    // Construct the parameter string that describes the SetExpressCheckout API call in the shortcut implementation
+    $nvpstr = "&PAYMENTREQUEST_0_AMT=" . $paymentAmount;
+    $nvpstr = $nvpstr . "&PAYMENTREQUEST_0_PAYMENTACTION=" . $paymentType;
+    $nvpstr = $nvpstr . "&RETURNURL=" . $returnURL;
+    $nvpstr = $nvpstr . "&CANCELURL=" . $cancelURL;
+    $nvpstr = $nvpstr . "&PAYMENTREQUEST_0_CURRENCYCODE=" . $currencyCodeType;
+    $nvpstr = $nvpstr . "&ADDROVERRIDE=1";
+    $nvpstr = $nvpstr . "&PAYMENTREQUEST_0_SHIPTONAME=" . $shipToName;
+    $nvpstr = $nvpstr . "&PAYMENTREQUEST_0_SHIPTOSTREET=" . $shipToStreet;
+    $nvpstr = $nvpstr . "&PAYMENTREQUEST_0_SHIPTOSTREET2=" . $shipToStreet2;
+    $nvpstr = $nvpstr . "&PAYMENTREQUEST_0_SHIPTOCITY=" . $shipToCity;
+    $nvpstr = $nvpstr . "&PAYMENTREQUEST_0_SHIPTOSTATE=" . $shipToState;
+    $nvpstr = $nvpstr . "&PAYMENTREQUEST_0_SHIPTOCOUNTRYCODE=" . $shipToCountryCode;
+    $nvpstr = $nvpstr . "&PAYMENTREQUEST_0_SHIPTOZIP=" . $shipToZip;
+    $nvpstr = $nvpstr . "&PAYMENTREQUEST_0_SHIPTOPHONENUM=" . $phoneNum;
+
+    $_SESSION["currencyCodeType"] = $currencyCodeType;
+    $_SESSION["PaymentType"] = $paymentType;
+
+    /**
+     * Make the API call to PayPal
+     * If the API call succeded, then redirect the buyer to PayPal to begin to authorize payment.
+     * If an error occured, show the resulting errors
+     */
+    $resArray = hash_call("SetExpressCheckout", $nvpstr);
+    $ack = strtoupper($resArray["ACK"]);
+    if ($ack == "SUCCESS" || $ack == "SUCCESSWITHWARNING") {
+        $token = urldecode($resArray["TOKEN"]);
+        $_SESSION['TOKEN'] = $token;
+    }
+
+    return $resArray;
+}
+
+/**
+ *
+ * Purpose: Prepares the parameters for the GetExpressCheckoutDetails API Call.
+ *
+ * Inputs:
+ *		None
+ * Returns:
+ *		The NVP Collection object of the GetExpressCheckoutDetails Call Response.
+ */
+
+function GetShippingDetails($token)
+{
+    /**
+     * At this point, the buyer has completed authorizing the payment
+     * at PayPal.  The function will call PayPal to obtain the details
+     * of the authorization, including any shipping information of the
+     * buyer.  Remember, the authorization is not a completed transaction
+     * at this state - the buyer still needs an additional step to finalize
+     * the transaction
+     *
+     * Build a second API request to PayPal, using the token as the
+     * ID to get the details on the payment authorization
+     */
+    $nvpstr = "&TOKEN=" . $token;
+
+    /**
+     * Make the API call and store the results in an array.
+     * If the call was a success, show the authorization details, and provide
+     * an action to complete the payment.
+     * If failed, show the error
+     */
+    $resArray = hash_call("GetExpressCheckoutDetails", $nvpstr);
+    $ack = strtoupper($resArray["ACK"]);
+    if ($ack == "SUCCESS" || $ack == "SUCCESSWITHWARNING") {
+        $_SESSION['payer_id'] = $resArray['PAYERID'];
+    }
+
+    return $resArray;
+}
+
+/**
+ * Purpose: 	Prepares the parameters for the GetExpressCheckoutDetails API Call.
+ * Inputs:
+ * sBNCode:	The BN code used by PayPal to track the transactions from a given shopping cart.
+ * Returns:
+ *		The NVP Collection object of the GetExpressCheckoutDetails Call Response.
+ */
+
+function ConfirmPayment($FinalPaymentAmt)
+{
+    /**
+     * Gather the information to make the final call to
+     * finalize the PayPal payment.  The variable nvpstr
+     * holds the name value pairs
+     */
+
+    //Format the other parameters that were stored in the session from the previous calls
+
+    $token = urlencode($_SESSION['TOKEN']);
+    $paymentType = urlencode($_SESSION['PaymentType']);
+    $currencyCodeType = urlencode($_SESSION['currencyCodeType']);
+    $payerID = urlencode($_SESSION['payer_id']);
+    $serverName = urlencode($_SERVER['SERVER_NAME']);
+
+    $nvpstr = '&TOKEN=' . $token . '&PAYERID=' . $payerID . '&PAYMENTREQUEST_0_PAYMENTACTION=' . $paymentType . '&PAYMENTREQUEST_0_AMT=' . $FinalPaymentAmt;
+    $nvpstr .= '&PAYMENTREQUEST_0_CURRENCYCODE=' . $currencyCodeType . '&IPADDRESS=' . $serverName;
+
+    /**
+     * Make the call to PayPal to finalize payment
+     * If an error occured, show the resulting errors
+     */
+
+    $resArray = hash_call("DoExpressCheckoutPayment", $nvpstr);
+
+    /**
+     * Display the API response back to the browser.
+     * If the response from PayPal was a success, display the response parameters
+     * If the response was an error, display the errors received using APIError.php.
+     */
+
+    $ack = strtoupper($resArray["ACK"]);
+    return $resArray;
+}
+
+
+/**
+ * Purpose: 	This function makes a DoDirectPayment API call
+ * Inputs:
+ *		paymentType:		paymentType has to be one of the following values: Sale or Order or Authorization
+ *		paymentAmount:  	total value of the shopping cart
+ *		currencyCode:	 	currency code value the PayPal API
+ *		firstName:			first name as it appears on credit card
+ *		lastName:			last name as it appears on credit card
+ *		street:				buyer's street address line as it appears on credit card
+ *		city:				buyer's city
+ *		state:				buyer's state
+ *		countryCode:		buyer's country code
+ *		zip:				buyer's zip
+ *		creditCardType:		buyer's credit card type (i.e. Visa, MasterCard ... )
+ *		creditCardNumber:	buyers credit card number without any spaces, dashes or any other characters
+ *		expDate:			credit card expiration date
+ *		cvv2:				Card Verification Value
+ * Returns:
+ *		The NVP Collection object of the DoDirectPayment Call Response.
+ */
+
+function DirectPayment($paymentType, $paymentAmount, $creditCardType, $creditCardNumber,
+                       $expDate, $cvv2, $firstName, $lastName, $street, $city, $state, $zip,
+                       $countryCode, $currencyCode)
+{
+    //Construct the parameter string that describes DoDirectPayment
+    $nvpstr = "&AMT=" . $paymentAmount;
+    $nvpstr = $nvpstr . "&CURRENCYCODE=" . $currencyCode;
+    $nvpstr = $nvpstr . "&PAYMENTACTION=" . $paymentType;
+    $nvpstr = $nvpstr . "&CREDITCARDTYPE=" . $creditCardType;
+    $nvpstr = $nvpstr . "&ACCT=" . $creditCardNumber;
+    $nvpstr = $nvpstr . "&EXPDATE=" . $expDate;
+    $nvpstr = $nvpstr . "&CVV2=" . $cvv2;
+    $nvpstr = $nvpstr . "&FIRSTNAME=" . $firstName;
+    $nvpstr = $nvpstr . "&LASTNAME=" . $lastName;
+    $nvpstr = $nvpstr . "&STREET=" . $street;
+    $nvpstr = $nvpstr . "&CITY=" . $city;
+    $nvpstr = $nvpstr . "&STATE=" . $state;
+    $nvpstr = $nvpstr . "&COUNTRYCODE=" . $countryCode;
+    $nvpstr = $nvpstr . "&IPADDRESS=" . $_SERVER['REMOTE_ADDR'];
+
+    $resArray = hash_call("DoDirectPayment", $nvpstr);
+
+    return $resArray;
+
+}
+
+/**
+ *
+ * hash_call: Function to perform the API call to PayPal using API signature
+ * @methodName is name of API  method.
+ * @nvpStr is nvp string.
+ * returns an associtive array containing the response from the server.
+ *
+ */
+function hash_call($methodName, $nvpStr)
+{
+    //declaring of global variables
+    global $API_Endpoint, $version, $API_UserName, $API_Password, $API_Signature;
+    global $USE_PROXY, $PROXY_HOST, $PROXY_PORT;
+    global $sBNCode;
+
+    //setting the curl parameters.
+    $ch = curl_init();
+    curl_setopt($ch, CURLOPT_URL, $API_Endpoint);
+    curl_setopt($ch, CURLOPT_VERBOSE, 1);
+    //turning off the server and peer verification(TrustManager Concept).
+    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
+    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
+    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+    curl_setopt($ch, CURLOPT_POST, 1);
+
+    //if USE_PROXY constant set to TRUE in Constants.php, then only proxy will be enabled.
+    //Set proxy name to PROXY_HOST and port number to PROXY_PORT in constants.php
+    if ($USE_PROXY) {
+        curl_setopt($ch, CURLOPT_PROXY, $PROXY_HOST . ":" . $PROXY_PORT);
+    }
+
+    //NVPRequest for submitting to server
+    $nvpreq = "METHOD=" . urlencode($methodName) . "&VERSION=" . urlencode($version) .
+        "&PWD=" . urlencode($API_Password) . "&USER=" . urlencode($API_UserName) .
+        "&SIGNATURE=" . urlencode($API_Signature) . $nvpStr . "&BUTTONSOURCE=" . urlencode($sBNCode);
+
+    //setting the nvpreq as POST FIELD to curl
+    curl_setopt($ch, CURLOPT_POSTFIELDS, $nvpreq);
+    //getting response from server
+    $response = curl_exec($ch);
+    //converting NVPResponse to an Associative Array
+    $nvpResArray = deformatNVP($response);
+    $nvpReqArray = deformatNVP($nvpreq);
+
+    $_SESSION['nvpReqArray'] = $nvpReqArray;
+
+    if (curl_errno($ch)) {
+        // moving to display page to display curl errors
+        $_SESSION['curl_error_no'] = curl_errno($ch);
+        $_SESSION['curl_error_msg'] = curl_error($ch);
+        //Execute the Error handling module to display errors.
+    } else {
+        //closing the curl
+        curl_close($ch);
+    }
+
+    return $nvpResArray;
+}
+
+/**
+ * Purpose: Redirects to PayPal.com site.
+ * Inputs:  NVP string.
+ */
+
+function RedirectToPayPal($token)
+{
+    global $PAYPAL_URL;
+    // Redirect to paypal.com here
+    $payPalURL = $PAYPAL_URL . $token;
+    header("Location: " . $payPalURL);
+    exit;
+}
+
+/**
+ * This function will take NVPString and convert it to an Associative Array and it will decode the response.
+ * It is usefull to search for a particular key and displaying arrays.
+ * @nvpstr is NVPString.
+ * @nvpArray is Associative Array.
+ */
+
+function deformatNVP($nvpstr)
+{
+    $intial = 0;
+    $nvpArray = array();
+
+    while (strlen($nvpstr)) {
+        //postion of Key
+        $keypos = strpos($nvpstr, '=');
+        //position of value
+        $valuepos = strpos($nvpstr, '&') ? strpos($nvpstr, '&') : strlen($nvpstr);
+        /*getting the Key and Value values and storing in a Associative Array*/
+        $keyval = substr($nvpstr, $intial, $keypos);
+        $valval = substr($nvpstr, $keypos + 1, $valuepos - $keypos - 1);
+        //decoding the respose
+        $nvpArray[urldecode($keyval)] = urldecode($valval);
+        $nvpstr = substr($nvpstr, $valuepos + 1, strlen($nvpstr));
+    }
+
+    return $nvpArray;
+}

plugin/buycourses/src/pending_orders.php

@@ -0,0 +1,35 @@
+<?php
+/**
+ * Initialization
+ */
+require_once '../config.php';
+require_once dirname(__FILE__) . '/buy_course.lib.php';
+
+$plugin = Buy_CoursesPlugin::create();
+$_cid = 0;
+$tableName = $plugin->get_lang('AvailableCoursesConfiguration');
+$interbreadcrumb[] = array("url" => "list.php", "name" => $plugin->get_lang('CourseListOnSale'));
+$interbreadcrumb[] = array("url" => "paymentsetup.php", "name" => $plugin->get_lang('PaymentsConfiguration'));
+
+$tpl = new Template($tableName);
+
+$teacher = api_is_platform_admin();
+api_protect_course_script(true);
+
+if ($teacher) {
+    $pendingList = pendingList();
+    $confirmationImg = api_get_path(WEB_PLUGIN_PATH) . 'buy_courses/resources/message_confirmation.png';
+    $deleteImg = api_get_path(WEB_PLUGIN_PATH) . 'buy_courses/resources/delete.png';
+    $currencyType = findCurrency();
+
+    $tpl->assign('server', $_configuration['root_web']);
+    $tpl->assign('pending', $pendingList);
+    $tpl->assign('confirmation_img', $confirmationImg);
+    $tpl->assign('delete_img', $deleteImg);
+    $tpl->assign('currency', $currencyType);
+
+    $listing_tpl = 'buy_courses/view/pending_orders.tpl';
+    $content = $tpl->fetch($listing_tpl);
+    $tpl->assign('content', $content);
+    $tpl->display_one_col_template();
+}

plugin/buycourses/src/process.php

@@ -0,0 +1,85 @@
+<?php
+/**
+ * Initialization
+ */
+require_once '../config.php';
+require_once dirname(__FILE__) . '/buy_course.lib.php';
+
+$plugin = Buy_CoursesPlugin::create();
+$_cid = 0;
+$templateName = $plugin->get_lang('PaymentMethods');
+$interbreadcrumb[] = array("url" => "list.php", "name" => $plugin->get_lang('CourseListOnSale'));
+
+$tpl = new Template($templateName);
+
+if (!empty($_GET['code'])) {
+    $code = (int)$_GET['code'];
+} else {
+    $code = $_SESSION['bc_course_code'];
+}
+
+$tableCourse = Database::get_main_table(TABLE_MAIN_COURSE);
+$tableBuyCourse = Database::get_main_table(TABLE_BUY_COURSE);
+
+$sql = "SELECT a.price, a.title, b.code
+    FROM $tableBuyCourse a, $tableCourse b
+    WHERE a.id_course = " . $code . "
+    AND a.id_course = b.id;";
+$res = Database::query($sql);
+$row = Database::fetch_assoc($res);
+
+$_SESSION['Payment_Amount'] = number_format($row['price'], 2, '.', '');
+$_SESSION['bc_course_code'] = $code;
+$_SESSION['bc_course_title'] = $row['title'];
+$_SESSION['bc_course_codetext'] = $row['code'];
+
+if (!isset($_SESSION['_user'])) {
+    //Needs to be Registered
+    if (!isset($_SESSION['bc_user'])) {
+        header('Location:inscription.php');
+        exit;
+    } else {
+        $_SESSION['bc_user_id'] = $_SESSION['bc_user']['user_id'];
+        $tpl->assign('name', $_SESSION['bc_user']['firstName'] . ' ' . $_SESSION['bc_user']['lastName']);
+        $tpl->assign('email', $_SESSION['bc_user']['mail']);
+        $tpl->assign('user', $_SESSION['bc_user']['username']);
+    }
+} else {
+    $_SESSION['bc_user_id'] = $_SESSION['_user']['user_id'];
+    $_SESSION['bc_user'] = $_SESSION['_user'];
+    $tpl->assign('name', $_SESSION['bc_user']['firstname'] . ' ' . $_SESSION['bc_user']['lastname']);
+    $tpl->assign('email', $_SESSION['bc_user']['email']);
+    $tpl->assign('user', $_SESSION['bc_user']['username']);
+}
+
+if (checkUserCourse($_SESSION['bc_course_codetext'], $_SESSION['bc_user_id'])) {
+    $_SESSION['bc_success'] = false;
+    $_SESSION['bc_message'] = 'AlreadyBuy';
+    header('Location: list.php');
+}
+
+if (checkUserCourseTransference($_SESSION['bc_course_codetext'], $_SESSION['bc_user_id'])) {
+    $_SESSION['bc_success'] = false;
+    $_SESSION['bc_message'] = 'bc_tmp_registered';
+    header('Location: list.php');
+}
+
+$currencyType = findCurrency();
+
+$paypalEnable = $plugin->get('paypal_enable');
+$transferenceEnable = $plugin->get('transference_enable');
+
+$courseInfo = courseInfo($code);
+
+$tpl->assign('course', $courseInfo);
+$tpl->assign('server', $_configuration['root_web']);
+$tpl->assign('paypal_enable', $paypalEnable);
+$tpl->assign('transference_enable', $transferenceEnable);
+$tpl->assign('title', $_SESSION['bc_course_title']);
+$tpl->assign('price', $_SESSION['Payment_Amount']);
+$tpl->assign('currency', $currencyType);
+
+$listing_tpl = 'buy_courses/view/process.tpl';
+$content = $tpl->fetch($listing_tpl);
+$tpl->assign('content', $content);
+$tpl->display_one_col_template();

plugin/buycourses/src/process_confirm.php

@@ -0,0 +1,152 @@
+<?php
+
+require_once '../config.php';
+require_once '../../../main/inc/lib/mail.lib.inc.php';
+require_once dirname(__FILE__) . '/buy_course.lib.php';
+
+if ($_POST['payment_type'] == '') {
+    header('Location:process.php');
+}
+
+$tableBuyCourseTemporal = Database::get_main_table(TABLE_BUY_COURSE_TEMPORAL);
+$tableBuyCoursePaypal = Database::get_main_table(TABLE_BUY_COURSE_PAYPAL);
+
+if (isset($_POST['Confirm'])) {
+    // Save the user, course and reference in a tmp table
+    $user_id = $_SESSION['bc_user_id'];
+    $course_code = $_SESSION['bc_course_codetext'];
+    $reference = calculateReference();
+
+    reset($_POST);
+    while (list ($param, $val) = each($_POST)) {
+        $asignacion = "\$" . $param . "=mysql_real_escape_string(\$_POST['" . $param . "']);";
+        eval($asignacion);
+    }
+
+    $sql = "INSERT INTO $tableBuyCourseTemporal (user_id, name, course_code, title, reference, price)
+        VALUES ('" . $user_id . "', '" . $name . "','" . $course_code . "','" . $title . "','" . $reference . "','" . $price . "');";
+    $res = Database::query($sql);
+
+    // Notify the user and send the bank info
+
+    $accountsList = listAccounts();
+    $text = '<div align="center"><table style="width:70%"><tr><th style="text-align:center"><h3>Datos Bancarios</h3></th></tr>';
+    foreach ($accountsList as $account) {
+        $text .= '<tr>';
+        $text .= '<td>';
+        $text .= '<font color="#0000FF"><strong>' . htmlspecialchars($account['name']) . '</strong></font><br />';
+        if ($account['swift'] != '') {
+            $text .= 'SWIFT: <strong>' . htmlspecialchars($account['swift']) . '</strong><br />';
+        }
+        $text .= 'Cuenta Bancaria: <strong>' . htmlspecialchars($account['account']) . '</strong><br />';
+        $text .= '</td></tr>';
+    }
+    $text .= '</table></div>';
+
+    $plugin = Buy_CoursesPlugin::create();
+    $asunto = utf8_encode($plugin->get_lang('bc_subject'));
+
+
+    if (!isset($_SESSION['_user'])) {
+        $name = $_SESSION['bc_user']['firstName'] . ' ' . $_SESSION['bc_user']['lastName'];
+        $email = $_SESSION['bc_user']['mail'];
+    } else {
+        $name = $_SESSION['bc_user']['firstname'] . ' ' . $_SESSION['bc_user']['lastname'];
+        $email = $_SESSION['bc_user']['email'];
+    }
+
+    $courseInfo = courseInfo($_SESSION['bc_course_code']);
+    $title_course = $courseInfo['title'];
+
+    $message = $plugin->get_lang('bc_message');
+    $message = str_replace("{{name}}", $name, $message);
+    $message = str_replace("{{course}}", $title_course, $message);
+    $message = str_replace("{{reference}}", $reference, $message);
+    $message .= $text;
+
+    api_mail($name, $email, $asunto, $message);
+    // Return to course list
+    header('Location:list.php');
+}
+
+
+$currencyType = $_POST['currency_type'];
+$_SESSION['bc_currency_type'] = $currencyType;
+$server = $_POST['server'];
+
+if ($_POST['payment_type'] == "PayPal") {
+    $sql = "SELECT * FROM $tableBuyCoursePaypal WHERE id='1';";
+    $res = Database::query($sql);
+    $row = Database::fetch_assoc($res);
+    $pruebas = ($row['sandbox'] == "YES") ? true: false;
+    $paypalUsername = $row['username'];
+    $paypalPassword = $row['password'];
+    $paypalSignature = $row['signature'];
+    require_once("paypalfunctions.php");
+    // PayPal Express Checkout Module
+    $paymentAmount = $_SESSION["Payment_Amount"];
+    $currencyCodeType = $currencyType;
+    $paymentType = "Sale";
+    $returnURL = $server . "plugin/buy_courses/src/success.php";
+    $cancelURL = $server . "plugin/buy_courses/src/error.php";
+
+    $courseInfo = courseInfo($_SESSION['bc_course_code']);
+    $courseTitle = $courseInfo['title'];
+    $i = 0;
+    $extra = "&L_PAYMENTREQUEST_0_NAME" . $i . "=" . $courseTitle;
+    $extra .= "&L_PAYMENTREQUEST_0_AMT" . $i . "=" . $paymentAmount;
+    $extra .= "&L_PAYMENTREQUEST_0_QTY" . $i . "=1";
+
+    $resArray = CallShortcutExpressCheckout($paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL, $extra);
+    $ack = strtoupper($resArray["ACK"]);
+
+    if ($ack == "SUCCESS" || $ack == "SUCCESSWITHWARNING") {
+        RedirectToPayPal($resArray["TOKEN"]);
+    } else {
+        $ErrorCode = urldecode($resArray["L_ERRORCODE0"]);
+        $ErrorShortMsg = urldecode($resArray["L_SHORTMESSAGE0"]);
+        $ErrorLongMsg = urldecode($resArray["L_LONGMESSAGE0"]);
+        $ErrorSeverityCode = urldecode($resArray["L_SEVERITYCODE0"]);
+
+        echo "<br />SetExpressCheckout API call failed. ";
+        echo "<br />Detailed Error Message: " . $ErrorLongMsg;
+        echo "<br />Short Error Message: " . $ErrorShortMsg;
+        echo "<br />Error Code: " . $ErrorCode;
+        echo "<br />Error Severity Code: " . $ErrorSeverityCode;
+    }
+}
+
+if ($_POST['payment_type'] == "Transference") {
+    $_cid = 0;
+    $templateName = $plugin->get_lang('PaymentMethods');
+    $interbreadcrumb[] = array("url" => "list.php", "name" => $plugin->get_lang('CourseListOnSale'));
+
+    $tpl = new Template($templateName);
+
+    $code = $_SESSION['bc_course_code'];
+    $courseInfo = courseInfo($code);
+
+    $tpl->assign('course', $courseInfo);
+    $tpl->assign('server', $_configuration['root_web']);
+    $tpl->assign('title', $_SESSION['bc_course_title']);
+    $tpl->assign('price', $_SESSION['Payment_Amount']);
+    $tpl->assign('currency', $_SESSION['bc_currency_type']);
+    if (!isset($_SESSION['_user'])) {
+        $tpl->assign('name', $_SESSION['bc_user']['firstName'] . ' ' . $_SESSION['bc_user']['lastName']);
+        $tpl->assign('email', $_SESSION['bc_user']['mail']);
+        $tpl->assign('user', $_SESSION['bc_user']['username']);
+    } else {
+        $tpl->assign('name', $_SESSION['bc_user']['firstname'] . ' ' . $_SESSION['bc_user']['lastname']);
+        $tpl->assign('email', $_SESSION['bc_user']['email']);
+        $tpl->assign('user', $_SESSION['bc_user']['username']);
+    }
+
+    //Get bank list account
+    $accountsList = listAccounts();
+    $tpl->assign('accounts', $accountsList);
+
+    $listing_tpl = 'buy_courses/view/process_confirm.tpl';
+    $content = $tpl->fetch($listing_tpl);
+    $tpl->assign('content', $content);
+    $tpl->display_one_col_template();
+}

plugin/buycourses/src/success.php

@@ -0,0 +1,313 @@
+<?php
+
+use ChamiloSession as Session;
+
+require_once '../config.php';
+require_once dirname(__FILE__) . '/buy_course.lib.php';
+require_once api_get_path(LIBRARY_PATH) . 'mail.lib.inc.php';
+require_once api_get_path(LIBRARY_PATH) . 'course.lib.php';
+
+$tableBuyCoursePaypal = Database::get_main_table(TABLE_BUY_COURSE_PAYPAL);
+
+$plugin = Buy_CoursesPlugin::create();
+
+/**
+ * Paypal data
+ */
+$sql = "SELECT * FROM $tableBuyCoursePaypal WHERE id='1';";
+$res = Database::query($sql);
+$row = Database::fetch_assoc($res);
+$pruebas = ($row['sandbox'] == "YES") ? true: false;
+$paypalUsername = $row['username'];
+$paypalPassword = $row['password'];
+$paypalSignature = $row['signature'];
+require_once("paypalfunctions.php");
+
+/**
+ * PayPal Express Checkout Call
+ */
+
+// Check to see if the Request object contains a variable named 'token'	
+$token = "";
+if (isset($_REQUEST['token'])) {
+    $token = $_REQUEST['token'];
+}
+
+// If the Request object contains the variable 'token' then it means that the user is coming from PayPal site.	
+if ($token != "") {
+    $sql = "SELECT * FROM $tableBuyCoursePaypal WHERE id='1';";
+    $res = Database::query($sql);
+    $row = Database::fetch_assoc($res);
+    $paypalUsername = $row['username'];
+    $paypalPassword = $row['password'];
+    $paypalSignature = $row['signature'];
+    require_once 'paypalfunctions.php';
+
+    /**
+     * Calls the GetExpressCheckoutDetails API call
+     * The GetShippingDetails function is defined in PayPalFunctions.jsp
+     *included at the top of this file.
+     */
+    $resArray = GetShippingDetails($token);
+    $ack = strtoupper($resArray["ACK"]);
+    if ($ack == "SUCCESS" || $ack == "SUCESSWITHWARNING") {
+        /**
+         * The information that is returned by the GetExpressCheckoutDetails
+         * call should be integrated by the partner into his Order Review page
+         */
+        $email = $resArray["EMAIL"]; // ' Email address of payer.
+        $payerId = $resArray["PAYERID"]; // ' Unique PayPal customer account identification number.
+        $payerStatus = $resArray["PAYERSTATUS"]; // ' Status of payer. Character length and limitations: 10 single-byte alphabetic characters.
+        $salutation = $resArray["SALUTATION"]; // ' Payer's salutation.
+        $firstName = $resArray["FIRSTNAME"]; // ' Payer's first name.
+        $middleName = $resArray["MIDDLENAME"]; // ' Payer's middle name.
+        $lastName = $resArray["LASTNAME"]; // ' Payer's last name.
+        $suffix = $resArray["SUFFIX"]; // ' Payer's suffix.
+        $cntryCode = $resArray["COUNTRY_CODE"]; // ' Payer's country of residence in the form of ISO standard 3166 two-character country codes.
+        $business = $resArray["BUSINESS"]; // ' Payer's business name.
+        $shipToName = $resArray["PAYMENTREQUEST_0_SHIPTONAME"]; // ' Person's name associated with this address.
+        $shipToStreet = $resArray["PAYMENTREQUEST_0_SHIPTOSTREET"]; // ' First street address.
+        $shipToStreet2 = $resArray["PAYMENTREQUEST_0_SHIPTOSTREET2"]; // ' Second street address.
+        $shipToCity = $resArray["PAYMENTREQUEST_0_SHIPTOCITY"]; // ' Name of city.
+        $shipToState = $resArray["PAYMENTREQUEST_0_SHIPTOSTATE"]; // ' State or province
+        $shipToCntryCode = $resArray["PAYMENTREQUEST_0_SHIPTOCOUNTRYCODE"]; // ' Country code.
+        $shipToZip = $resArray["PAYMENTREQUEST_0_SHIPTOZIP"]; // ' U.S. Zip code or other country-specific postal code.
+        $addressStatus = $resArray["ADDRESSSTATUS"]; // ' Status of street address on file with PayPal
+        $invoiceNumber = $resArray["INVNUM"]; // ' Your own invoice or tracking number, as set by you in the element of the same name in SetExpressCheckout request .
+        $phonNumber = $resArray["PHONENUM"]; // ' Payer's contact telephone number. Note:  PayPal returns a contact telephone number only if your Merchant account profile settings require that the buyer enter one.
+    } else {
+        //Display a user friendly Error on the page using any of the following error information returned by PayPal
+        $ErrorCode = urldecode($resArray["L_ERRORCODE0"]);
+        $ErrorShortMsg = urldecode($resArray["L_SHORTMESSAGE0"]);
+        $ErrorLongMsg = urldecode($resArray["L_LONGMESSAGE0"]);
+        $ErrorSeverityCode = urldecode($resArray["L_SEVERITYCODE0"]);
+
+        echo "<br />GetExpressCheckoutDetails API call failed. ";
+        echo "<br />Detailed Error Message: " . $ErrorLongMsg;
+        echo "<br />Short Error Message: " . $ErrorShortMsg;
+        echo "<br />Error Code: " . $ErrorCode;
+        echo "<br />Error Severity Code: " . $ErrorSeverityCode;
+    }
+}
+
+
+if (!isset($_POST['paymentOption'])) {
+    // Confirm the order
+    $_cid = 0;
+    $templateName = $plugin->get_lang('PaymentMethods');
+    $interbreadcrumb[] = array("url" => "list.php", "name" => $plugin->get_lang('CourseListOnSale'));
+
+    $tpl = new Template($templateName);
+
+    $code = $_SESSION['bc_course_code'];
+    $courseInfo = courseInfo($code);
+
+    $tpl->assign('course', $courseInfo);
+    $tpl->assign('server', $_configuration['root_web']);
+    $tpl->assign('title', $_SESSION['bc_course_title']);
+    $tpl->assign('price', $_SESSION['Payment_Amount']);
+    $tpl->assign('currency', $_SESSION['bc_currency_type']);
+    if (!isset($_SESSION['_user'])) {
+        $tpl->assign('name', $_SESSION['bc_user']['firstName'] . ' ' . $_SESSION['bc_user']['lastName']);
+        $tpl->assign('email', $_SESSION['bc_user']['mail']);
+        $tpl->assign('user', $_SESSION['bc_user']['username']);
+    } else {
+        $tpl->assign('name', $_SESSION['bc_user']['firstname'] . ' ' . $_SESSION['bc_user']['lastname']);
+        $tpl->assign('email', $_SESSION['bc_user']['email']);
+        $tpl->assign('user', $_SESSION['bc_user']['username']);
+    }
+
+
+    $listing_tpl = 'buy_courses/view/success.tpl';
+    $content = $tpl->fetch($listing_tpl);
+    $tpl->assign('content', $content);
+    $tpl->display_one_col_template();
+
+} else {
+    /**
+     * PayPal Express Checkout Call
+     */
+    $PaymentOption = $_POST['paymentOption'];
+    $sql = "SELECT * FROM $tableBuyCoursePaypal WHERE id='1';";
+    $res = Database::query($sql);
+    $row = Database::fetch_assoc($res);
+    $paypalUsername = $row['username'];
+    $paypalPassword = $row['password'];
+    $paypalSignature = $row['signature'];
+    require_once("paypalfunctions.php");
+    if ($PaymentOption == "PayPal") {
+
+        /**
+         * The paymentAmount is the total value of
+         * the shopping cart, that was set
+         * earlier in a session variable
+         * by the shopping cart page
+         */
+        $finalPaymentAmount = $_SESSION["Payment_Amount"];
+
+        /**
+         * Calls the DoExpressCheckoutPayment API call
+         * The ConfirmPayment function is defined in the file PayPalFunctions.jsp,
+         * that is included at the top of this file.
+         */
+        $resArray = ConfirmPayment($finalPaymentAmount);
+        $ack = strtoupper($resArray["ACK"]);
+        if ($ack == "SUCCESS" || $ack == "SUCCESSWITHWARNING") {
+
+            /**
+             * THE PARTNER SHOULD SAVE THE KEY TRANSACTION RELATED INFORMATION LIKE transactionId & orderTime
+             * IN THEIR OWN  DATABASE
+             * AND THE REST OF THE INFORMATION CAN BE USED TO UNDERSTAND THE STATUS OF THE PAYMENT
+             */
+
+            $transactionId = $resArray["PAYMENTINFO_0_TRANSACTIONID"]; // ' Unique transaction ID of the payment. Note:  If the PaymentAction of the request was Authorization or Order, this value is your AuthorizationID for use with the Authorization & Capture APIs.
+            $transactionType = $resArray["PAYMENTINFO_0_TRANSACTIONTYPE"]; //' The type of transaction Possible values: l  cart l  express-checkout
+            $paymentType = $resArray["PAYMENTINFO_0_PAYMENTTYPE"]; //' Indicates whether the payment is instant or delayed. Possible values: l  none l  echeck l  instant
+            $orderTime = $resArray["PAYMENTINFO_0_ORDERTIME"]; //' Time/date stamp of payment
+            $amt = $resArray["PAYMENTINFO_0_AMT"]; //' The final amount charged, including any shipping and taxes from your Merchant Profile.
+            $currencyCode = $resArray["PAYMENTINFO_0_CURRENCYCODE"]; //' A three-character currency code for one of the currencies listed in PayPay-Supported Transactional Currencies. Default: USD.
+            $feeAmt = $resArray["PAYMENTINFO_0_FEEAMT"]; //' PayPal fee amount charged for the transaction
+            $settleAmt = $resArray["PAYMENTINFO_0_SETTLEAMT"]; //' Amount deposited in your PayPal account after a currency conversion.
+            $taxAmt = $resArray["PAYMENTINFO_0_TAXAMT"]; //' Tax charged on the transaction.
+            $exchangeRate = $resArray["PAYMENTINFO_0_EXCHANGERATE"]; //' Exchange rate if a currency conversion occurred. Relevant only if your are billing in their non-primary currency. If the customer chooses to pay with a currency other than the non-primary currency, the conversion occurs in the customer's account.
+
+            /**
+             * Status of the payment:
+             * Completed: The payment has been completed, and the funds have been added successfully to your account balance.
+             * Pending: The payment is pending. See the PendingReason element for more information.
+             */
+
+            $paymentStatus = $resArray["PAYMENTINFO_0_PAYMENTSTATUS"];
+
+            /**
+             * The reason the payment is pending:
+             * none: No pending reason
+             * address: The payment is pending because your customer did not include a confirmed
+             * shipping address and your Payment Receiving Preferences is set such that you want to
+             * manually accept or deny each of these payments. To change your preference, go to the Preferences section of your Profile.
+             * echeck: The payment is pending because it was made by an eCheck that has not yet cleared.
+             * intl: The payment is pending because you hold a non-U.S. account and do not have a withdrawal mechanism.
+             * You must manually accept or deny this payment from your Account Overview.
+             * multi-currency: You do not have a balance in the currency sent, and you do not have your
+             * Payment Receiving Preferences set to automatically convert and accept this payment. You must manually accept or deny this payment.
+             * verify: The payment is pending because you are not yet verified. You must verify your account before you can accept this payment.
+             * other: The payment is pending for a reason other than those listed above. For more information, contact PayPal customer service.
+             */
+            $pendingReason = $resArray["PAYMENTINFO_0_PENDINGREASON"];
+
+            /**
+             * The reason for a reversal if TransactionType is reversal:
+             *  none: No reason code
+             *  chargeback: A reversal has occurred on this transaction due to a chargeback by your customer.
+             *  guarantee: A reversal has occurred on this transaction due to your customer triggering a money-back guarantee.
+             *  buyer-complaint: A reversal has occurred on this transaction due to a complaint about the transaction from your customer.
+             *  refund: A reversal has occurred on this transaction because you have given the customer a refund.
+             *  other: A reversal has occurred on this transaction due to a reason not listed above.
+             */
+
+            $reasonCode = $resArray["PAYMENTINFO_0_REASONCODE"];
+
+            // Insert the user information to activate the user
+            if ($paymentStatus == "Completed") {
+                $user_id = $_SESSION['bc_user_id'];
+                $course_code = $_SESSION['bc_course_codetext'];
+                $all_course_information = CourseManager::get_course_information($course_code);
+
+                if (CourseManager::subscribe_user($user_id, $course_code)) {
+                    $send = api_get_course_setting('email_alert_to_teacher_on_new_user_in_course', $course_code);
+                    if ($send == 1) {
+                        CourseManager::email_to_tutor($user_id, $course_code, $send_to_tutor_also = false);
+                    } else if ($send == 2) {
+                        CourseManager::email_to_tutor($user_id, $course_code, $send_to_tutor_also = true);
+                    }
+                    $url = Display::url($all_course_information['title'], api_get_course_url($course_code));
+                    $_SESSION['bc_message'] = 'EnrollToCourseXSuccessful';
+                    $_SESSION['bc_url'] = $url;
+                    $_SESSION['bc_success'] = true;
+                } else {
+                    $_SESSION['bc_message'] = 'ErrorContactPlatformAdmin';
+                    $_SESSION['bc_success'] = false;
+                }
+                // Activate the use
+                $TABLE_USER = Database::get_main_table(TABLE_MAIN_USER);
+                $sql = "UPDATE " . $TABLE_USER . "	SET active='1' WHERE user_id='" . $_SESSION['bc_user_id'] . "'";
+                Database::query($sql);
+
+                $user_table = Database::get_main_table(TABLE_MAIN_USER);
+                $admin_table = Database::get_main_table(TABLE_MAIN_ADMIN);
+                $track_e_login = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_LOGIN);
+
+                $sql = "SELECT user.*, a.user_id is_admin, login.login_date
+					FROM $user_table
+					LEFT JOIN $admin_table a
+					ON user.user_id = a.user_id
+					LEFT JOIN $track_e_login login
+					ON user.user_id  = login.login_user_id
+					WHERE user.user_id = '" . $_SESSION['bc_user_id'] . "'
+					ORDER BY login.login_date DESC LIMIT 1";
+
+                $result = Database::query($sql);
+
+                if (Database::num_rows($result) > 0) {
+                    // Extracting the user data
+                    $uData = Database::fetch_array($result);
+
+                    $_user = _api_format_user($uData, false);
+                    $_user['lastLogin'] = api_strtotime($uData['login_date'], 'UTC');
+
+                    $is_platformAdmin = (bool)(!is_null($uData['is_admin']));
+                    $is_allowedCreateCourse = (bool)(($uData ['status'] == COURSEMANAGER) or (api_get_setting('drhCourseManagerRights') and $uData['status'] == DRH));
+                    ConditionalLogin::check_conditions($uData);
+
+                    Session::write('_user', $_user);
+
+                    UserManager::update_extra_field_value($_user['user_id'], 'already_logged_in', 'true');
+                    Session::write('is_platformAdmin', $is_platformAdmin);
+                    Session::write('is_allowedCreateCourse', $is_allowedCreateCourse);
+                } else {
+                    header('location:' . api_get_path(WEB_PATH));
+                }
+
+                // Delete variables
+                unset($_SESSION['bc_user_id']);
+                unset($_SESSION['bc_course_code']);
+                unset($_SESSION['bc_course_codetext']);
+                unset($_SESSION['bc_course_title']);
+                unset($_SESSION['bc_user']);
+                unset($_SESSION["Payment_Amount"]);
+                unset($_SESSION["sec_token"]);
+                unset($_SESSION["currencyCodeType"]);
+                unset($_SESSION["PaymentType"]);
+                unset($_SESSION["nvpReqArray"]);
+                unset($_SESSION['TOKEN']);
+                header('Location:list.php');
+            } else {
+                $_SESSION['bc_message'] = 'CancelOrder';
+                unset($_SESSION['bc_course_code']);
+                unset($_SESSION['bc_course_title']);
+                unset($_SESSION["Payment_Amount"]);
+                unset($_SESSION["currencyCodeType"]);
+                unset($_SESSION["PaymentType"]);
+                unset($_SESSION["nvpReqArray"]);
+                unset($_SESSION['TOKEN']);
+                header('Location:list.php');
+            }
+        } else {
+            //Display a user friendly Error on the page using any of the following error information returned by PayPal
+            $ErrorCode = urldecode($resArray["L_ERRORCODE0"]);
+            $ErrorShortMsg = urldecode($resArray["L_SHORTMESSAGE0"]);
+            $ErrorLongMsg = urldecode($resArray["L_LONGMESSAGE0"]);
+            $ErrorSeverityCode = urldecode($resArray["L_SEVERITYCODE0"]);
+            $_SESSION['bc_message'] = 'ErrorContactPlatformAdmin';
+            unset($_SESSION['bc_course_code']);
+            unset($_SESSION['bc_course_codetext']);
+            unset($_SESSION['bc_course_title']);
+            unset($_SESSION["Payment_Amount"]);
+            unset($_SESSION["currencyCodeType"]);
+            unset($_SESSION["PaymentType"]);
+            unset($_SESSION["nvpReqArray"]);
+            unset($_SESSION['TOKEN']);
+            header('Location:list.php');
+        }
+    }
+}

plugin/buycourses/uninstall.php

@@ -0,0 +1,13 @@
+<?php
+
+/**
+ * This script is included by main/admin/settings.lib.php when unselecting a plugin
+ * and is meant to remove things installed by the install.php script in both
+ * the global database and the courses tables
+ * @package chamilo.plugin.bigbluebutton
+ */
+/**
+ * Queries
+ */
+require_once dirname(__FILE__) . '/config.php';
+Buy_CoursesPlugin::create()->uninstall();

plugin/buycourses/view/configuration.tpl

@@ -0,0 +1,45 @@
+<script type='text/javascript' src="../js/funciones.js"></script>
+
+<link rel="stylesheet" type="text/css" href="../resources/plugin.css"/>
+
+<div class="row">
+    <div class="span12">
+        <table id="courses_table" class="data_table">
+            <tr class="row_odd">
+                <th>{{ 'Title'|get_lang }}</th>
+                <th>{{ 'OfficialCode'|get_lang }}</th>
+                <th class="ta-center">{{ 'Visible'|get_lang }}</th>
+                <th class="span2">{{ 'Price'|get_plugin_lang('Buy_CoursesPlugin') }}</th>
+                <th class="span1 ta-center">{{ 'Option'|get_lang }}</th>
+            </tr>
+            {% set i = 0 %}
+
+            {% for course in courses %}
+                {{ i%2 == 0 ? '<tr class="row_even">' : '<tr class="row_odd">' }}
+                    {% set i = i + 1 %}
+                    <td>
+                        {{ visibility[course.visibility] }}
+                        <a href="{{ server }}courses/{{course.code}}/index.php">{{course.title}}</a>
+                        <span class="label label-info">{{ course.visual_code }}</span>
+                    </td>
+                    <td>
+                        {{course.code}}
+                    </td>
+                    <td class="ta-center">
+                        {% if course.visible == 1 %}
+                            <input type="checkbox" name="visible" value="1" checked="checked" size="6" />
+                        {% else %}
+                            <input type="checkbox" name="visible" value="1" size="6" />
+                        {% endif %}
+                    </td>
+                    <td><input type="text" name="price" value="{{course.price}}" class="span1 price" /> {{ currency }}</td>
+                    <td class=" ta-center" id="course{{ course.id }}">
+                        <div class="confirmed"><img src="{{ confirmation_img }}" alt="ok"/></div>
+                        <div class="modified" style="display:none"><img id="{{course.id_course}}" src="{{ save_img }}" alt="save" class="cursor save"/></div>
+                    </td>
+                </tr>
+            {% endfor %}
+        </table>
+    </div>
+<div class="cleared"></div>
+</div>

plugin/buycourses/view/index.tpl

@@ -0,0 +1,19 @@
+<div class="well sidebar-nav static normal-message">
+    <h4> {{title}} </h4>
+    <ul class="nav nav-list">
+        <li>
+            <a href="src/list.php"> {{ BuyCourses }} </a>
+        </li>
+        {% if isAdmin == 'true' %}
+        <li>
+            <a href="src/configuration.php"> {{ ConfigurationOfCoursesAndPrices }} </a>
+        </li>
+        <li>
+            <a href="src/paymentsetup.php"> {{ ConfigurationOfPayments }} </a>
+        </li>
+        <li>
+            <a href="src/pending_orders.php"> {{ OrdersPendingOfPayment }} </a>
+        </li>
+        {% endif %}
+    </ul>
+</div>

plugin/buycourses/view/list.tpl

@@ -0,0 +1,81 @@
+<script type='text/javascript' src="../js/funciones.js"></script>
+<link rel="stylesheet" type="text/css" href="../resources/plugin.css"/>
+
+<div class="row">
+    <div class="span3">
+        <div id="course_category_well" class="well">
+            <ul class="nav nav-list">
+                <li class="nav-header"><h4>{{ 'SearchFilter'|get_plugin_lang('Buy_CoursesPlugin') }}:</h4></li>
+                <li class="nav-header">{{ 'Course'|get_lang }}:</li>
+                <li><input type="text" id="course_name" style="width:95%"/></li>
+                <li class="nav-header">{{ 'MinimumPrice'|get_plugin_lang('Buy_CoursesPlugin') }}:
+                    <input type="text" id="price_min" class="span1"/>
+                </li>
+                <li class="nav-header">{{ 'MaximumPrice'|get_plugin_lang('Buy_CoursesPlugin') }}:
+                    <input type="text" id="price_max" class="span1"/>
+                </li>
+                <li class="nav-header">{{ 'Categories'|get_lang }}:</li>
+                <li>
+                    <select id="courses_category">
+                        <option value="" selected="selected"></option>
+                        {% for category in categories %}
+                            <option value="{{ category.code }}">{{ category.name }}</option>
+                        {% endfor %}
+                    </select>
+                </li>
+                <br />
+                <li class="ta-center">
+                    <input type="button" class="btn btn-primary" value="Search Courses" id="confirm_filter" />
+                </li>
+            </ul>
+        </div>
+    </div>
+    <div class="span9" id="course_results">
+        {% if rmessage == "YES" %}
+            <div class="{{ class }}">
+                {{ responseMessage }}
+            </div>
+        {% endif %}
+        {% for course in courses %}
+            <div class="well_border span8">
+                <div class="row">
+                    <div class="span">
+                        <div class="thumbnail">
+                            <a class="ajax" rel="gb_page_center[778]" title="" href="{{ server }}plugin/buy_courses/src/ajax.php?code={{ course.code }}">
+                                <img alt="" src="{{ server }}{{ course.course_img }}">
+                            </a>
+                        </div>
+                    </div>
+                    <div class="span4">
+                        <div class="categories-course-description">
+                            <h3>{{ course.title }}</h3>
+                            <h5>{{ 'Teacher'|get_lang }}: {{ course.teacher }}</h5>
+                        </div>
+                        {% if course.enrolled == "YES" %}
+                            <span class="label label-info">{{ 'TheUserIsAlreadyRegisteredInTheCourse'|get_plugin_lang('Buy_CoursesPlugin') }}</span>
+                        {% endif %}
+                        {% if course.enrolled == "TMP" %}
+                            <span class="label label-warning">{{ 'WaitingToReceiveThePayment'|get_plugin_lang('Buy_CoursesPlugin') }}</span>
+                        {% endif %}
+                    </div>
+                    <div class="span right">
+                        <div class="sprice right">
+                            {{ course.price }} {{ currency }}
+                        </div>
+                        <div class="cleared"></div>
+                        <div class="btn-toolbar right">
+                            <a class="ajax btn btn-primary" title="" href="{{ server }}plugin/buy_courses/src/ajax.php?code={{ course.code }}">
+                                {{ 'Description'|get_lang }}
+                            </a>
+                            {% if course.enrolled == "NO" %}
+                                <a class="btn btn-success" title="" href="{{ server }}plugin/buy_courses/src/process.php?code={{ course.id }}">
+                                    {{ 'Buy'|get_plugin_lang('Buy_CoursesPlugin') }}
+                                </a>
+                            {% endif %}
+                        </div>
+                    </div>
+                </div>
+            </div>
+        {% endfor %}
+    </div>
+</div>

plugin/buycourses/view/paymentsetup.tpl

@@ -0,0 +1,76 @@
+<script type='text/javascript' src="../js/funciones.js"></script>
+
+<link rel="stylesheet" type="text/css" href="../resources/plugin.css"/>
+
+<div class="row">
+    <div class="span12">
+        <h3>{{ 'CurrencyType'|get_plugin_lang('Buy_CoursesPlugin') }}:</h3>
+        <select id="currency_type">
+            <option value="" selected="selected">{{ 'SelectACurrency'|get_plugin_lang('Buy_CoursesPlugin') }}</option>
+            {% for currency in currencies %}
+                {% if currency.status == 1 %}
+                    <option value="{{ currency.id_country }}" selected="selected">{{ currency.country_name }} => {{ currency.currency_code }}
+                    </option>
+                {% else %}
+                    <option value="{{ currency.id_country }}">{{ currency.country_name }} => {{ currency.currency_code }}</option>
+                {% endif %}
+            {% endfor %}
+        </select>
+        <input type="button" id="save_currency" class="btn btn-primary" value="{{ 'Save'|get_lang }}" />
+
+        {% if paypal_enable == "true" %}
+            <hr />
+            <h3>Configuraci&oacute;n PayPal:</h3>
+                {% if paypal.sandbox == "YES" %}
+                    {{ 'Sandbox'|get_plugin_lang('Buy_CoursesPlugin') }}: <input type="checkbox" id="sandbox" value="YES" checked="checked"/>
+                {% else %}
+                    {{ 'Sandbox'|get_plugin_lang('Buy_CoursesPlugin') }}: <input type="checkbox" id="sandbox" value="YES" />
+                {% endif %}
+            <br />
+            API_UserName: <input type="text" id="username" value="{{ paypal.username | e}}" /><br/>
+            API_Password: <input type="text" id="password" value="{{ paypal.password | e }}"/><br/>
+            API_Signature: <input type="text" id="signature" value="{{ paypal.signature | e }}"/><br/>
+            <input type="button" id="save_paypal" class="btn btn-primary" value="{{ 'Save'|get_lang }}"/>
+        {% endif %}
+
+        {% if transference_enable == "true" %}
+            <hr />
+            <h3>Configuraci&oacute;n Transferencia: </h3>
+            <table id="transference_table" class="data_table">
+                <tr class="row_odd">
+                <th>{{ 'Name'|get_lang }}</th>
+                <th>{{ 'BankAccount'|get_plugin_lang('Buy_CoursesPlugin') }}</th>
+                <th>{{ 'SWIFT'|get_lang }}</th>
+                <th class="span1 ta-center">{{ 'Option'|get_lang }}</th>
+                </tr>
+                {% set i = 0 %}
+
+                {% for transf in transference %}
+                {{ i%2==0 ? '
+                <tr class="row_even">' : '
+                <tr class="row_odd">' }}
+                    {% set i = i + 1 %}
+                    <td>{{ transf.name | e }}</td>
+                    <td>{{ transf.account | e }}</td>
+                    <td>{{ transf.swift | e }}</td>
+                    <td class="ta-center" id="account{{ transf.id }}">
+                        <img src="{{ delete_img }}" class="cursor delete_account" alt="ok"/>
+                        <input type="hidden" id="id_account{{ transf.id }}" name="id_account{{ transf.id }}" value="{{ transf.id }}" />
+                    </td>
+                </tr>
+                {% endfor %}
+                {{ i%2==0 ? '
+                <tr class="row_even">' : '
+                <tr class="row_odd">' }}
+                    <td><input class="span4" type="text" id="tname"/></td>
+                    <td><input type="text" id="taccount"/></td>
+                    <td><input class="span2" type="text" id="tswift"</td>
+                    <td class="ta-center">
+                        <img class="cursor" id="add_account" src="{{ more_img }}" alt="add account"/>
+                    </td>
+                </tr>
+            </table>
+        {% endif %}
+</div>
+<div class="cleared"></div>
+</div>

plugin/buycourses/view/pending_orders.tpl

@@ -0,0 +1,39 @@
+<script type='text/javascript' src="../js/funciones.js"></script>
+
+<link rel="stylesheet" type="text/css" href="../resources/plugin.css"/>
+
+<div class="row">
+    <div class="span12">
+        <table id="orders_table" class="data_table">
+            <tr class="row_odd">
+                <th class="ta-center">{{ 'ReferenceOrder'|get_plugin_lang('Buy_CoursesPlugin') }}</th>
+                <th>{{ 'Name'|get_lang }}</th>
+                <th>{{ 'Title'|get_lang }}</th>
+                <th class="span2">{{ 'Price'|get_lang }}</th>
+                <th class="ta-center">{{ 'Date'|get_lang }}</th>
+                <th class="span2 ta-center">{{ 'Options'|get_lang }}</th>
+            </tr>
+            {% set i = 0 %}
+
+            {% for order in pending %}
+                {{ i%2==0 ? '<tr class="row_even">' : '<tr class="row_odd">' }}
+                {% set i = i + 1 %}
+                <td class="ta-center">{{ order.reference }}</td>
+                <td>{{ order.name }}</td>
+                <td>{{ order.title }}</td>
+                <td>{{ order.price }} {{ currency }}</td>
+                <td class="ta-center">{{ order.date }}</td>
+                <td class="ta-center" id="order{{ order.cod }}">
+                    <img src="{{ confirmation_img }}" alt="ok" class="cursor confirm_order"
+                         title="{{ 'SubscribeUser'|get_plugin_lang('Buy_CoursesPlugin') }}"/>
+                    &nbsp;&nbsp;
+                    <img src="{{ delete_img }}" alt="delete" class="cursor clear_order"
+                         title="{{ 'DeleteTheOrder'|get_plugin_lang('Buy_CoursesPlugin') }}"/>
+                </td>
+            </tr>
+{% endfor %}
+
+</table>
+</div>
+<div class="cleared"></div>
+</div>

plugin/buycourses/view/process.tpl

@@ -0,0 +1,75 @@
+<script type='text/javascript' src="../js/funciones.js"></script>
+
+<link rel="stylesheet" type="text/css" href="../resources/plugin.css"/>
+
+<div class="row">
+    <div class="span12">
+        <div id="course_category_well" class="well span3">
+            <ul class="nav nav-list">
+                <li class="nav-header"><h4>{{ 'UserInformation'|get_plugin_lang('Buy_CoursesPlugin') }}:</h4></li>
+                <li class="nav-header">{{ 'Name'|get_lang }}:</li>
+                <li><h5>{{ name }}</h5></li>
+                <li class="nav-header">{{ 'User'|get_lang }}:</li>
+                <li><h5>{{ user }}</h5></li>
+                <li class="nav-header">{{ 'Email'|get_lang }}:</li>
+                <li><h5>{{ email }}</h5></li>
+                <br/>
+            </ul>
+        </div>
+
+        <br/><br/>
+
+        <div class="well_border span8">
+            <div class="row">
+                <div class="span">
+                    <div class="thumbnail">
+                        <a class="ajax" rel="gb_page_center[778]" title=""
+                           href="{{ server }}plugin/buy_courses/src/ajax.php?code={{ course.code }}">
+                            <img alt="" src="{{ server }}{{ course.course_img }}">
+                        </a>
+                    </div>
+                </div>
+                <div class="span4">
+                    <div class="categories-course-description">
+                        <h3>{{ course.title }}</h3>
+                        <h5>{{ 'Teacher'|get_lang }}: {{ course.teacher }}</h5>
+                    </div>
+                </div>
+                <div class="span right">
+                    <div class="sprice right">{{ course.price }} {{ currency }}</div>
+                    <div class="cleared"></div>
+                    <div class="btn-toolbar right">
+                        <a class="ajax btn btn-primary" title=""
+                           href="{{ server }}plugin/buy_courses/src/ajax.php?code={{ course.code }}">{{'Description'|get_lang }}
+                        </a>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+    <div class="cleared"></div>
+    <form class="form-horizontal span3 offset4" action="../src/process_confirm.php" method="post">
+        <fieldset>
+            <legend align="center">{{ 'PaymentMethods'|get_plugin_lang('Buy_CoursesPlugin') }}</legend>
+            <div align="center" class="control-group">
+                <div class="controls margin-left-fifty">
+                    {% if paypal_enable == "true" %}
+                        <label class="radio">
+                            <input type="radio" id="payment_type-p" name="payment_type" value="PayPal" > Paypal
+                        </label>
+                    {% endif %}
+                    {% if transference_enable == "true" %}
+                        <label class="radio">
+                            <input type="radio" id="payment_type-tra" name="payment_type" value="Transference" > {{ 'BankTransference'|get_plugin_lang('Buy_CoursesPlugin') }}
+                        </label>
+                    {% endif %}
+                </div>
+                </br>
+                <input type="hidden" name="currency_type" value="{{ currency }}" />
+                <input type="hidden" name="server" value="{{ server }}"/>
+                <input align="center" type="submit" class="btn btn-success" value="{{ 'ConfirmOrder'|get_plugin_lang('Buy_CoursesPlugin') }}"/>
+            </div>
+        </fieldset>
+    </form>
+    <div class="cleared"></div>
+</div>

plugin/buycourses/view/process_confirm.tpl

@@ -0,0 +1,88 @@
+<script type='text/javascript' src="../js/funciones.js"></script>
+
+<link rel="stylesheet" type="text/css" href="../resources/plugin.css"/>
+
+<div class="row">
+    <div class="span12">
+        <div id="course_category_well" class="well span3">
+            <ul class="nav nav-list">
+                <li class="nav-header"><h4>{{ 'UserInformation'|get_plugin_lang('Buy_CoursesPlugin') }}:</h4></li>
+                <li class="nav-header">{{ 'Name'|get_lang }}:</li>
+                <li><h5>{{ name | e }}</h5></li>
+                <li class="nav-header">{{ 'User'|get_lang }}:</li>
+                <li><h5>{{ user | e }}</h5></li>
+                <li class="nav-header">{{ 'Email'|get_lang }}:</li>
+                <li><h5>{{ email | e}}</h5></li>
+                <br/>
+            </ul>
+        </div>
+
+        <br/><br/>
+
+        <div class="well_border span8">
+            <div class="row">
+                <div class="span">
+                    <div class="thumbnail">
+                        <a class="ajax" rel="gb_page_center[778]" title=""
+                           href="{{ server }}plugin/buy_courses/src/ajax.php?code={{ course.code }}">
+                            <img src="{{ server }}{{ course.course_img }}">
+                        </a>
+                    </div>
+                </div>
+                <div class="span4">
+                    <div class="categories-course-description">
+                        <h3>{{ course.title }}</h3>
+                        <h5>{{ 'Teacher'|get_lang }}: {{ course.teacher }}</h5>
+                    </div>
+                </div>
+                <div class="span right">
+                    <div class="sprice right">{{ course.price }} {{ currency }}</div>
+                    <div class="cleared"></div>
+                    <div class="btn-toolbar right">
+                        <a class="ajax btn btn-primary" title=""
+                           href="{{ server }}plugin/buy_courses/src/ajax.php?code={{ course.code }}">{{'Description'|get_lang }}
+                        </a>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+    <div class="cleared"></div>
+    <hr/>
+    <div align="center">
+        <table class="data_table" style="width:70%">
+            <tr>
+                <th class="ta-center">{{ 'BankAccountInformation'|get_plugin_lang('Buy_CoursesPlugin') }}</th>
+            </tr>
+            {% set i = 0 %}
+            {% for account in accounts %}
+            {{ i%2==0 ? '<tr class="row_even">' : '<tr class="row_odd">' }}
+                {% set i = i + 1 %}
+                <td class="ta-center">
+                <font color="#0000FF">{{ account.name | e }}</font><br/>
+                {% if account.swift != '' %}
+                SWIFT: <strong>{{ account.swift | e }}</strong><br/>
+                {% endif %}
+                {{ 'BankAccount'|get_plugin_lang('Buy_CoursesPlugin') }}: <strong>{{ account.account | e }}</strong><br/>
+                </td></tr>
+            {% endfor %}
+            </table>
+            <br />
+            <div class="normal-message">{{ 'OnceItIsConfirmed,YouWillReceiveAnEmailWithTheBankInformationAndAnOrderReference'|get_plugin_lang('Buy_CoursesPlugin') | e}}
+    </div>
+    <br/>
+
+    <form method="post" name="frmConfirm" action="../src/process_confirm.php">
+        <input type="hidden" name="payment_type" value="Transference"/>
+        <input type="hidden" name="name" value="{{ name | e }}"/>
+        <input type="hidden" name="price" value="{{ course.price }}"/>
+        <input type="hidden" name="title" value="{{ course.title | e }}"/>
+
+        <div class="btn_next">
+            <input class="btn btn-success" type="submit" name="Confirm" value="{{ 'ConfirmOrder'|get_plugin_lang('Buy_CoursesPlugin') }}"/>
+            <input class="btn btn-danger" type="button" name="Cancel" value="{{ 'CancelOrder'|get_plugin_lang('Buy_CoursesPlugin') }}" id="CancelOrder"/>
+        </div>
+    </form>
+</div>
+<div class="cleared"></div>
+</div>

plugin/buycourses/view/success.tpl

@@ -0,0 +1,63 @@
+<script type='text/javascript' src="../js/funciones.js"></script>
+
+<link rel="stylesheet" type="text/css" href="../resources/plugin.css"/>
+
+<div class="row">
+    <div class="span12">
+        <div id="course_category_well" class="well span3">
+            <ul class="nav nav-list">
+                <li class="nav-header"><h4>{{ 'UserInformation'|get_plugin_lang('Buy_CoursesPlugin') }}:</h4></li>
+                <li class="nav-header">{{ 'Name'|get_lang }}:</li>
+                <li><h5>{{ name }}</h5></li>
+                <li class="nav-header">{{ 'User'|get_lang }}:</li>
+                <li><h5>{{ user }}</h5></li>
+                <li class="nav-header">{{ 'Email'|get_lang }}:</li>
+                <li><h5>{{ email }}</h5></li>
+                <br/>
+            </ul>
+        </div>
+
+        <br/><br/>
+
+        <div class="well_border span8">
+            <div class="row">
+                <div class="span">
+                    <div class="thumbnail">
+                        <a class="ajax" rel="gb_page_center[778]" title=""
+                           href="{{ server }}plugin/buy_courses/function/ajax.php?code={{ course.code }}">
+                            <img alt="" src="{{ server }}{{ course.course_img }}">
+                        </a>
+                    </div>
+                </div>
+                <div class="span4">
+                    <div class="categories-course-description">
+                        <h3>{{ course.title }}</h3>
+                        <h5>{{ 'Teacher'|get_lang }}: {{ course.teacher }}</h5>
+                    </div>
+                </div>
+                <div class="span right">
+                    <div class="sprice right">{{ course.price }} {{ currency }}</div>
+                    <div class="cleared"></div>
+                    <div class="btn-toolbar right">
+                        <a class="ajax btn btn-primary" title=""
+                           href="{{ server }}plugin/buy_courses/function/ajax.php?code={{ course.code }}">{{'Description'|get_lang }}</a>
+
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+    <div class="cleared"></div>
+    <hr/>
+    <div align="center">
+        <form method="post" name="frmConfirm" action="../src/success.php">
+            <input type="hidden" name="paymentOption" value="PayPal"/>
+
+            <div class="btn_next">
+                <input class="btn btn-success" type="submit" name="Confirm" value="{{ 'ConfirmOrder'|get_plugin_lang('Buy_CoursesPlugin') }}"/>
+                <input class="btn btn-danger" type="button" name="Cancel" value="{{ 'CancelOrder'|get_plugin_lang('Buy_CoursesPlugin') }}" id="cancel_order"/>
+            </div>
+        </form>
+    </div>
+    <div class="cleared"></div>
+</div>

plugin/ticket/database.php

@@ -3,7 +3,7 @@
  * Contains the SQL for the tickets management plugin database structure
  */
 
-$objPlugin = new TicketPlugin();
+$objPlugin = TicketPlugin::create();
 
 $table = Database::get_main_table(TABLE_TICKET_ASSIGNED_LOG);
 $sql = "CREATE TABLE IF NOT EXISTS ".$table." (