chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Scrutinizer Auto-Fixes

Browse Source 
This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com
pull/2487/head
Scrutinizer Auto-Fixer 8 years ago
parent 6fd95e4f74
commit 3a1787b2d5
34 changed files with 605 additions and 606 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      main/admin/ldap_synchro.php
  2. 2
      main/admin/ldap_users_synchro.php
  3. 10
      main/admin/skill_list.php
  4. 28
      main/admin/sub_language_add.php
  5. 142
      main/auth/cas/lib/CAS.php
  6. 6
      main/auth/conditional_login/complete_phone_number.php
  7. 46
      main/auth/courses_list.php
  8. 46
      main/auth/external_login/facebook.inc.php
  9. 2
      main/auth/external_login/updateUser.php
  10. 22
      main/blog/blog_admin.php
  11. 2
      main/cron/user_import/client.php
  12. 10
      main/exercise/exercise_admin.php
  13. 138
      main/forum/forumfunction.inc.php
  14. 2
      main/inc/ajax/dropbox.ajax.php
  15. 40
      main/inc/ajax/social.ajax.php
  16. 6
      main/inc/lib/access_url_edit_sessions_to_url_functions.lib.php
  17. 4
      main/inc/lib/add_many_session_to_category_functions.lib.php
  18. 90
      main/inc/lib/auth.lib.php
  19. 21
      main/inc/lib/database.lib.php
  20. 90
      main/inc/lib/extra_field.lib.php
  21. 78
      main/inc/lib/login.lib.php
  22. 8
      main/inc/lib/search/ChamiloIndexer.class.php
  23. 134
      main/inc/lib/search/search_widget.php
  24. 68
      main/inc/lib/statistics.lib.php
  25. 4
      main/lp/lp_edit_item_prereq.php
  26. 18
      main/permissions/group_permissions.inc.php
  27. 24
      main/session/session_course_user.php
  28. 10
      main/social/myfiles.php
  29. 40
      main/ticket/tutor_report.lib.php
  30. 40
      main/webservices/cm_webservice_forum.php
  31. 8
      main/webservices/soap_course.php
  32. 4
      plugin/dashboard/block_teacher/block_teacher.class.php
  33. 42
      plugin/pens/chamilo_pens.php
  34. 24
      plugin/search_course/lib/search_course_widget.class.php

2
main/admin/ldap_synchro.php
Unescape View File

@ -23,7 +23,7 @@ $interbreadcrumb[] = array('url' => 'index.php', "name" => get_lang('PlatformAdm
$interbreadcrumb[] = array('url' => api_get_self(), "name" => "Liste des sessions");
// Database Table Definitions
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$tbl_session_rel_class = Database::get_main_table(TABLE_MAIN_SESSION_CLASS);
$tbl_session_rel_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
$tbl_session_rel_course_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);

2
main/admin/ldap_users_synchro.php
Unescape View File

@ -23,7 +23,7 @@ $interbreadcrumb[] = array('url' => 'index.php', "name" => get_lang('PlatformAdm
$interbreadcrumb[] = array('url' => api_get_self(), "name" => get_lang('SessionsList'));
// Database Table Definitions
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$tbl_session_rel_class = Database::get_main_table(TABLE_MAIN_SESSION_CLASS);
$tbl_session_rel_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
$tbl_session_rel_course_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);

10
main/admin/skill_list.php
Unescape View File

@ -20,7 +20,7 @@ if (api_get_setting('allow_skills_tool') != 'true') {
}
$action = isset($_GET['action']) ? $_GET['action'] : 'list';
$skillId = isset($_GET['id']) ? intval($_GET['id']): 0;
$skillId = isset($_GET['id']) ? intval($_GET['id']) : 0;
$entityManager = Database::getManager();
@ -55,7 +55,7 @@ switch ($action) {
);
}
header('Location: ' . api_get_self());
header('Location: '.api_get_self());
exit;
break;
case 'disable':
@ -108,13 +108,13 @@ switch ($action) {
);
}
header('Location: ' . api_get_self());
header('Location: '.api_get_self());
exit;
break;
case 'list':
//no break
default:
$interbreadcrumb[] = array ("url" => 'index.php', "name" => get_lang('PlatformAdmin'));
$interbreadcrumb[] = array("url" => 'index.php', "name" => get_lang('PlatformAdmin'));
$toolbar = Display::url(
Display::return_icon(
@ -122,7 +122,7 @@ switch ($action) {
get_lang('CreateSkill'),
null,
ICON_SIZE_MEDIUM),
api_get_path(WEB_CODE_PATH) . 'admin/skill_create.php',
api_get_path(WEB_CODE_PATH).'admin/skill_create.php',
['title' => get_lang('CreateSkill')]
);

28
main/admin/sub_language_add.php
Unescape View File

@ -39,8 +39,8 @@ function add_sub_language($original_name, $english_name, $isocode, $sublanguage_
$sublanguage_available = Database::escape_string($sublanguage_available);
$parent_id = intval($parent_id);
$sql = 'INSERT INTO ' . $tbl_admin_languages . '(original_name,english_name,isocode,dokeos_folder,available,parent_id)
VALUES ("' . $original_name . '","' . $english_name . '","' . $isocode . '","' . $english_name . '","' . $sublanguage_available . '","' . $parent_id . '")';
$sql = 'INSERT INTO '.$tbl_admin_languages.'(original_name,english_name,isocode,dokeos_folder,available,parent_id)
VALUES ("' . $original_name.'","'.$english_name.'","'.$isocode.'","'.$english_name.'","'.$sublanguage_available.'","'.$parent_id.'")';
$res = Database::query($sql);
if ($res === false) {
return false;
@ -65,8 +65,8 @@ function add_sub_language($original_name, $english_name, $isocode, $sublanguage_
function check_if_language_exist($original_name, $english_name, $isocode, $sublanguage_available)
{
$tbl_admin_languages = Database::get_main_table(TABLE_MAIN_LANGUAGE);
$sql_original_name = 'SELECT count(*) AS count_original_name FROM ' . $tbl_admin_languages . ' WHERE original_name="' . Database::escape_string($original_name) . '" ';
$sql_english_name = 'SELECT count(*) AS count_english_name FROM ' . $tbl_admin_languages . ' WHERE english_name="' . Database::escape_string($english_name) . '" ';
$sql_original_name = 'SELECT count(*) AS count_original_name FROM '.$tbl_admin_languages.' WHERE original_name="'.Database::escape_string($original_name).'" ';
$sql_english_name = 'SELECT count(*) AS count_english_name FROM '.$tbl_admin_languages.' WHERE english_name="'.Database::escape_string($english_name).'" ';
//$sql_isocode='SELECT count(*) AS count_isocode FROM '.$tbl_admin_languages.' WHERE isocode="'.Database::escape_string($isocode).'" ';
$rs_original_name = Database::query($sql_original_name);
$rs_english_name = Database::query($sql_english_name);
@ -122,7 +122,7 @@ function check_if_exist_language_by_id($language_id)
*/
function ckeck_if_is_parent_of_sub_language($parent_id)
{
$sql = 'SELECT count(*) AS count FROM language WHERE parent_id= ' . intval($parent_id) . '';
$sql = 'SELECT count(*) AS count FROM language WHERE parent_id= '.intval($parent_id).'';
$rs = Database::query($sql);
if (Database::num_rows($rs) > 0 && Database::result($rs, 0, 'count') == 1) {
return true;
@ -183,7 +183,7 @@ if ((isset($_GET['id']) && $_GET['id'] == strval(intval($_GET['id']))) && (isset
}
}
$language_name = get_lang('CreateSubLanguageForLanguage') . ' ( ' . strtolower($language_name) . ' )';
$language_name = get_lang('CreateSubLanguageForLanguage').' ( '.strtolower($language_name).' )';
if (ckeck_if_is_parent_of_sub_language($parent_id) === true && isset($_GET['action']) && $_GET['action'] == 'deletesublanguage') {
$language_name = get_lang('DeleteSubLanguage');
@ -204,15 +204,15 @@ if (isset($_POST['SubmitAddNewLanguage'])) {
foreach ($check_information as $index_information => $value_information) {
$allow_insert_info = false;
if ($index_information == 'original_name') {
$msg .= Display::return_message(get_lang('AlreadyExists') . ' "' . get_lang('OriginalName') . '" ' . '(' . $original_name . ')',
$msg .= Display::return_message(get_lang('AlreadyExists').' "'.get_lang('OriginalName').'" '.'('.$original_name.')',
'error');
}
if ($index_information == 'english_name') {
$msg .= Display::return_message(get_lang('AlreadyExists') . ' "' . get_lang('EnglishName') . '" ' . '(' . $english_name . ')',
$msg .= Display::return_message(get_lang('AlreadyExists').' "'.get_lang('EnglishName').'" '.'('.$english_name.')',
'error');
}
if ($index_information == 'isocode') {
$msg .= Display::return_message(get_lang('CodeDoesNotExists') . ': ' . $isocode . '', 'error');
$msg .= Display::return_message(get_lang('CodeDoesNotExists').': '.$isocode.'', 'error');
}
if ($index_information == 'execute_add' && $value_information === true) {
$allow_insert_info = true;
@ -226,7 +226,7 @@ if (isset($_POST['SubmitAddNewLanguage'])) {
$english_name = api_strtolower($english_name);
$isocode = str_replace(' ', '_', $isocode);
$str_info = '<br/>' . get_lang('OriginalName') . ' : ' . $original_name . '<br/>' . get_lang('EnglishName') . ' : ' . $english_name . '<br/>' . get_lang('PlatformCharsetTitle') . ' : ' . $isocode;
$str_info = '<br/>'.get_lang('OriginalName').' : '.$original_name.'<br/>'.get_lang('EnglishName').' : '.$english_name.'<br/>'.get_lang('PlatformCharsetTitle').' : '.$isocode;
$mkdir_result = SubLanguageManager::add_language_directory($english_name);
if ($mkdir_result) {
@ -235,7 +235,7 @@ if (isset($_POST['SubmitAddNewLanguage'])) {
SubLanguageManager::remove_language_directory($english_name);
$msg .= Display::return_message(get_lang('LanguageDirectoryNotWriteableContactAdmin'), 'error');
} else {
Display::addFlash(Display::return_message(get_lang('TheNewSubLanguageHasBeenAdded') . $str_info, null, false));
Display::addFlash(Display::return_message(get_lang('TheNewSubLanguageHasBeenAdded').$str_info, null, false));
unset($interbreadcrumb);
$_GET['sub_language_id'] = $_REQUEST['sub_language_id'] = $sl_id;
require 'sub_language.php';
@ -271,7 +271,7 @@ if (isset($_POST['SubmitAddDeleteLanguage'])) {
if (isset($_GET['action']) && $_GET['action'] == 'definenewsublanguage') {
$text = $language_name;
$form = new FormValidator('addsublanguage', 'post',
'sub_language_add.php?id=' . Security::remove_XSS($_GET['id']) . '&action=definenewsublanguage');
'sub_language_add.php?id='.Security::remove_XSS($_GET['id']).'&action=definenewsublanguage');
$class = 'add';
$form->addElement('header', '', $text);
$form->addElement('text', 'original_name', get_lang('OriginalName'), 'class="input_titles"');
@ -284,7 +284,7 @@ if (isset($_GET['action']) && $_GET['action'] == 'definenewsublanguage') {
$form->addElement('checkbox', 'sub_language_is_visible', '', get_lang('Visibility'));
$form->addButtonCreate(get_lang('CreateSubLanguage'), 'SubmitAddNewLanguage');
//$values['original_name'] = $language_details['original_name'].'...'; -> cannot be used because of quickform filtering (freeze)
$values['english_name'] = $language_details['english_name'] . '2';
$values['english_name'] = $language_details['english_name'].'2';
$values['isocode'] = $language_details['isocode'];
$form->setDefaults($values);
$form->display();
@ -292,7 +292,7 @@ if (isset($_GET['action']) && $_GET['action'] == 'definenewsublanguage') {
if (isset($_GET['action']) && $_GET['action'] == 'deletesublanguage') {
$text = $language_name;
$form = new FormValidator('deletesublanguage', 'post',
'sub_language_add.php?id=' . Security::remove_XSS($_GET['id']) . '&sub_language_id=' . Security::remove_XSS($_GET['sub_language_id']));
'sub_language_add.php?id='.Security::remove_XSS($_GET['id']).'&sub_language_id='.Security::remove_XSS($_GET['sub_language_id']));
$class = 'minus';
$form->addElement('header', '', $text);
$form->addElement('static', '', get_lang('OriginalName'), $original_name);

142
main/auth/cas/lib/CAS.php
Unescape View File

@ -33,7 +33,7 @@
// hack by Vangelis Haniotakis to handle the absence of $_SERVER['REQUEST_URI'] in IIS
//
if (!$_SERVER['REQUEST_URI']) {
$_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['QUERY_STRING'];
$_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'].'?'.$_SERVER['QUERY_STRING'];
}
//
@ -371,7 +371,7 @@ class phpCAS
self::traceBegin();
if (is_object($PHPCAS_CLIENT)) {
self::error($PHPCAS_INIT_CALL['method'] . '() has already been called (at ' . $PHPCAS_INIT_CALL['file'] . ':' . $PHPCAS_INIT_CALL['line'] . ')');
self::error($PHPCAS_INIT_CALL['method'].'() has already been called (at '.$PHPCAS_INIT_CALL['file'].':'.$PHPCAS_INIT_CALL['line'].')');
}
if (gettype($server_version) != 'string') {
self::error('type mismatched for parameter $server_version (should be `string\')');
@ -392,7 +392,7 @@ class phpCAS
'done' => true,
'file' => $dbg[0]['file'],
'line' => $dbg[0]['line'],
'method' => __CLASS__ . '::' . __FUNCTION__
'method' => __CLASS__.'::'.__FUNCTION__
);
// initialize the global object $PHPCAS_CLIENT
@ -421,7 +421,7 @@ class phpCAS
self::traceBegin();
if (is_object($PHPCAS_CLIENT)) {
self::error($PHPCAS_INIT_CALL['method'] . '() has already been called (at ' . $PHPCAS_INIT_CALL['file'] . ':' . $PHPCAS_INIT_CALL['line'] . ')');
self::error($PHPCAS_INIT_CALL['method'].'() has already been called (at '.$PHPCAS_INIT_CALL['file'].':'.$PHPCAS_INIT_CALL['line'].')');
}
if (gettype($server_version) != 'string') {
self::error('type mismatched for parameter $server_version (should be `string\')');
@ -442,7 +442,7 @@ class phpCAS
'done' => true,
'file' => $dbg[0]['file'],
'line' => $dbg[0]['line'],
'method' => __CLASS__ . '::' . __FUNCTION__
'method' => __CLASS__.'::'.__FUNCTION__
);
// initialize the global object $PHPCAS_CLIENT
@ -477,10 +477,10 @@ class phpCAS
if (empty ($filename)) {
if (preg_match('/^Win.*/', getenv('OS'))) {
if (isset ($_ENV['TMP'])) {
$debugDir = $_ENV['TMP'] . '/';
$debugDir = $_ENV['TMP'].'/';
} else {
if (isset ($_ENV['TEMP'])) {
$debugDir = $_ENV['TEMP'] . '/';
$debugDir = $_ENV['TEMP'].'/';
} else {
$debugDir = '';
}
@ -488,7 +488,7 @@ class phpCAS
} else {
$debugDir = DEFAULT_DEBUG_DIR;
}
$filename = $debugDir . 'phpCAS.log';
$filename = $debugDir.'phpCAS.log';
}
if (empty ($PHPCAS_DEBUG['unique_id'])) {
@ -536,7 +536,7 @@ class phpCAS
for ($i = 0; $i < $PHPCAS_DEBUG['indent']; $i++) {
$indent_str .= '| ';
}
error_log($PHPCAS_DEBUG['unique_id'] . ' ' . $indent_str . $str . "\n", 3, $PHPCAS_DEBUG['filename']);
error_log($PHPCAS_DEBUG['unique_id'].' '.$indent_str.$str."\n", 3, $PHPCAS_DEBUG['filename']);
}
}
@ -566,7 +566,7 @@ class phpCAS
}
}
}
echo "<br />\n<b>phpCAS error</b>: <font color=\"FF0000\"><b>" . __CLASS__ . "::" . $function . '(): ' . htmlentities($msg) . "</b></font> in <b>" . $file . "</b> on line <b>" . $line . "</b><br />\n";
echo "<br />\n<b>phpCAS error</b>: <font color=\"FF0000\"><b>".__CLASS__."::".$function.'(): '.htmlentities($msg)."</b></font> in <b>".$file."</b> on line <b>".$line."</b><br />\n";
self::trace($msg);
self::traceExit();
exit ();
@ -578,7 +578,7 @@ class phpCAS
public function trace($str)
{
$dbg = self::backtrace();
self::log($str . ' [' . basename($dbg[1]['file']) . ':' . $dbg[1]['line'] . ']');
self::log($str.' ['.basename($dbg[1]['file']).':'.$dbg[1]['line'].']');
}
/**
@ -591,9 +591,9 @@ class phpCAS
$dbg = self::backtrace();
$str = '=> ';
if (!empty ($dbg[2]['class'])) {
$str .= $dbg[2]['class'] . '::';
$str .= $dbg[2]['class'].'::';
}
$str .= $dbg[2]['function'] . '(';
$str .= $dbg[2]['function'].'(';
if (is_array($dbg[2]['args'])) {
foreach ($dbg[2]['args'] as $index => $arg) {
if ($index != 0) {
@ -602,7 +602,7 @@ class phpCAS
$str .= str_replace("\n", "", var_export($arg, true));
}
}
$str .= ') [' . basename($dbg[2]['file']) . ':' . $dbg[2]['line'] . ']';
$str .= ') ['.basename($dbg[2]['file']).':'.$dbg[2]['line'].']';
self::log($str);
$PHPCAS_DEBUG['indent']++;
}
@ -619,7 +619,7 @@ class phpCAS
$PHPCAS_DEBUG['indent']--;
$dbg = self::backtrace();
$str = '';
$str .= '<= ' . str_replace("\n", "", var_export($res, true));
$str .= '<= '.str_replace("\n", "", var_export($res, true));
self::log($str);
}
@ -658,7 +658,7 @@ class phpCAS
{
global $PHPCAS_CLIENT;
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
self::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
}
if (gettype($lang) != 'string') {
self::error('type mismatched for parameter $lang (should be `string\')');
@ -703,7 +703,7 @@ class phpCAS
{
global $PHPCAS_CLIENT;
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
self::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
}
if (gettype($header) != 'string') {
self::error('type mismatched for parameter $header (should be `string\')');
@ -720,7 +720,7 @@ class phpCAS
{
global $PHPCAS_CLIENT;
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
self::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
}
if (gettype($footer) != 'string') {
self::error('type mismatched for parameter $footer (should be `string\')');
@ -750,13 +750,13 @@ class phpCAS
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after ' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::proxy()');
}
if (!$PHPCAS_CLIENT->isProxy()) {
self::error('this method should only be called after ' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::proxy()');
}
if ($PHPCAS_AUTH_CHECK_CALL['done']) {
self::error('this method should only be called before ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() (called at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ')');
self::error('this method should only be called before '.$PHPCAS_AUTH_CHECK_CALL['method'].'() (called at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].')');
}
if (gettype($format) != 'string') {
self::error('type mismatched for parameter $format (should be `string\')');
@ -796,13 +796,13 @@ class phpCAS
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after ' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::proxy()');
}
if (!$PHPCAS_CLIENT->isProxy()) {
self::error('this method should only be called after ' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::proxy()');
}
if ($PHPCAS_AUTH_CHECK_CALL['done']) {
self::error('this method should only be called before ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() (called at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ')');
self::error('this method should only be called before '.$PHPCAS_AUTH_CHECK_CALL['method'].'() (called at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].')');
}
if (gettype($user) != 'string') {
self::error('type mismatched for parameter $user (should be `string\')');
@ -857,16 +857,16 @@ class phpCAS
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after ' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::proxy()');
}
if (!$PHPCAS_CLIENT->isProxy()) {
self::error('this method should only be called after ' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::proxy()');
}
if (!$PHPCAS_AUTH_CHECK_CALL['done']) {
self::error('this method should only be called after the programmer is sure the user has been authenticated (by calling ' . __CLASS__ . '::checkAuthentication() or ' . __CLASS__ . '::forceAuthentication()');
self::error('this method should only be called after the programmer is sure the user has been authenticated (by calling '.__CLASS__.'::checkAuthentication() or '.__CLASS__.'::forceAuthentication()');
}
if (!$PHPCAS_AUTH_CHECK_CALL['result']) {
self::error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');
self::error('authentication was checked (by '.$PHPCAS_AUTH_CHECK_CALL['method'].'() at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].') but the method returned FALSE');
}
if (gettype($url) != 'string') {
self::error('type mismatched for parameter $url (should be `string\')');
@ -901,16 +901,16 @@ class phpCAS
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after ' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::proxy()');
}
if (!$PHPCAS_CLIENT->isProxy()) {
self::error('this method should only be called after ' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::proxy()');
}
if (!$PHPCAS_AUTH_CHECK_CALL['done']) {
self::error('this method should only be called after the programmer is sure the user has been authenticated (by calling ' . __CLASS__ . '::checkAuthentication() or ' . __CLASS__ . '::forceAuthentication()');
self::error('this method should only be called after the programmer is sure the user has been authenticated (by calling '.__CLASS__.'::checkAuthentication() or '.__CLASS__.'::forceAuthentication()');
}
if (!$PHPCAS_AUTH_CHECK_CALL['result']) {
self::error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');
self::error('authentication was checked (by '.$PHPCAS_AUTH_CHECK_CALL['method'].'() at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].') but the method returned FALSE');
}
if (gettype($url) != 'string') {
self::error('type mismatched for parameter $url (should be `string\')');
@ -947,7 +947,7 @@ class phpCAS
{
global $PHPCAS_CLIENT;
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
self::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
}
if (gettype($n) != 'integer') {
self::error('type mismatched for parameter $header (should be `string\')');
@ -965,7 +965,7 @@ class phpCAS
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
self::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
}
$auth = $PHPCAS_CLIENT->checkAuthentication();
@ -976,7 +976,7 @@ class phpCAS
'done' => true,
'file' => $dbg[0]['file'],
'line' => $dbg[0]['line'],
'method' => __CLASS__ . '::' . __FUNCTION__,
'method' => __CLASS__.'::'.__FUNCTION__,
'result' => $auth
);
self::traceEnd($auth);
@ -994,7 +994,7 @@ class phpCAS
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
self::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
}
$auth = $PHPCAS_CLIENT->forceAuthentication();
@ -1005,7 +1005,7 @@ class phpCAS
'done' => true,
'file' => $dbg[0]['file'],
'line' => $dbg[0]['line'],
'method' => __CLASS__ . '::' . __FUNCTION__,
'method' => __CLASS__.'::'.__FUNCTION__,
'result' => $auth
);
@ -1013,7 +1013,7 @@ class phpCAS
self::trace('user is not authenticated, redirecting to the CAS server');
$PHPCAS_CLIENT->forceAuthentication();
} else {
self::trace('no need to authenticate (user `' . self::getUser() . '\' is already authenticated)');
self::trace('no need to authenticate (user `'.self::getUser().'\' is already authenticated)');
}
self::traceEnd();
@ -1029,7 +1029,7 @@ class phpCAS
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should not be called before' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
self::error('this method should not be called before'.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
}
// store where the authentication has been checked and the result
@ -1038,7 +1038,7 @@ class phpCAS
'done' => true,
'file' => $dbg[0]['file'],
'line' => $dbg[0]['line'],
'method' => __CLASS__ . '::' . __FUNCTION__,
'method' => __CLASS__.'::'.__FUNCTION__,
'result' => $auth
);
@ -1051,7 +1051,7 @@ class phpCAS
*/
public function authenticate()
{
self::error('this method is deprecated. You should use ' . __CLASS__ . '::forceAuthentication() instead');
self::error('this method is deprecated. You should use '.__CLASS__.'::forceAuthentication() instead');
}
/**
@ -1066,7 +1066,7 @@ class phpCAS
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
self::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
}
// call the isAuthenticated method of the global $PHPCAS_CLIENT object
@ -1078,7 +1078,7 @@ class phpCAS
'done' => true,
'file' => $dbg[0]['file'],
'line' => $dbg[0]['line'],
'method' => __CLASS__ . '::' . __FUNCTION__,
'method' => __CLASS__.'::'.__FUNCTION__,
'result' => $auth
);
self::traceEnd($auth);
@ -1095,7 +1095,7 @@ class phpCAS
{
global $PHPCAS_CLIENT;
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
self::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
}
return ($PHPCAS_CLIENT->isSessionAuthenticated());
}
@ -1111,13 +1111,13 @@ class phpCAS
{
global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
self::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
}
if (!$PHPCAS_AUTH_CHECK_CALL['done']) {
self::error('this method should only be called after ' . __CLASS__ . '::forceAuthentication() or ' . __CLASS__ . '::isAuthenticated()');
self::error('this method should only be called after '.__CLASS__.'::forceAuthentication() or '.__CLASS__.'::isAuthenticated()');
}
if (!$PHPCAS_AUTH_CHECK_CALL['result']) {
self::error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');
self::error('authentication was checked (by '.$PHPCAS_AUTH_CHECK_CALL['method'].'() at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].') but the method returned FALSE');
}
return $PHPCAS_CLIENT->getUser();
}
@ -1133,13 +1133,13 @@ class phpCAS
{
global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
self::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
}
if (!$PHPCAS_AUTH_CHECK_CALL['done']) {
self::error('this method should only be called after ' . __CLASS__ . '::forceAuthentication() or ' . __CLASS__ . '::isAuthenticated()');
self::error('this method should only be called after '.__CLASS__.'::forceAuthentication() or '.__CLASS__.'::isAuthenticated()');
}
if (!$PHPCAS_AUTH_CHECK_CALL['result']) {
self::error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');
self::error('authentication was checked (by '.$PHPCAS_AUTH_CHECK_CALL['method'].'() at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].') but the method returned FALSE');
}
return $PHPCAS_CLIENT->getAttributes();
}
@ -1151,7 +1151,7 @@ class phpCAS
{
global $PHPCAS_CLIENT;
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
self::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
}
return ($PHPCAS_CLIENT->handleLogoutRequests($check_client, $allowed_clients));
}
@ -1166,7 +1166,7 @@ class phpCAS
{
global $PHPCAS_CLIENT;
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
self::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
}
return $PHPCAS_CLIENT->getServerLoginURL();
}
@ -1182,7 +1182,7 @@ class phpCAS
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after
' . __CLASS__ . '::client()');
' . __CLASS__.'::client()');
}
if (gettype($url) != 'string') {
self::error('type mismatched for parameter $url (should be
@ -1204,7 +1204,7 @@ class phpCAS
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after
' . __CLASS__ . '::client()');
' . __CLASS__.'::client()');
}
if (gettype($url) != 'string') {
self::error('type mismatched for parameter $url (should be
@ -1226,7 +1226,7 @@ class phpCAS
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after
' . __CLASS__ . '::client()');
' . __CLASS__.'::client()');
}
if (gettype($url) != 'string') {
self::error('type mismatched for parameter $url (should be
@ -1247,7 +1247,7 @@ class phpCAS
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after
' . __CLASS__ . '::client()');
' . __CLASS__.'::client()');
}
if (gettype($url) != 'string') {
self::error('type mismatched for parameter $url (should be
@ -1267,7 +1267,7 @@ class phpCAS
{
global $PHPCAS_CLIENT;
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
self::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
}
return $PHPCAS_CLIENT->getServerLogoutURL();
}
@ -1283,7 +1283,7 @@ class phpCAS
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after
' . __CLASS__ . '::client()');
' . __CLASS__.'::client()');
}
if (gettype($url) != 'string') {
self::error('type mismatched for parameter $url (should be
@ -1303,7 +1303,7 @@ class phpCAS
global $PHPCAS_CLIENT;
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');
}
$parsedParams = array();
if ($params != "") {
@ -1334,7 +1334,7 @@ class phpCAS
global $PHPCAS_CLIENT;
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');
}
if (!is_string($service)) {
self::error('type mismatched for parameter $service (should be `string\')');
@ -1355,7 +1355,7 @@ class phpCAS
global $PHPCAS_CLIENT;
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');
}
if (!is_string($url)) {
self::error('type mismatched for parameter $url (should be `string\')');
@ -1377,7 +1377,7 @@ class phpCAS
global $PHPCAS_CLIENT;
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');
}
if (!is_string($service)) {
self::error('type mismatched for parameter $service (should be `string\')');
@ -1404,10 +1404,10 @@ class phpCAS
global $PHPCAS_CLIENT;
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after ' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::proxy()');
}
if (!$PHPCAS_CLIENT->isProxy()) {
self::error('this method should only be called after ' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::proxy()');
}
if (gettype($url) != 'string') {
self::error('type mismatched for parameter $url (should be `string\')');
@ -1427,7 +1427,7 @@ class phpCAS
global $PHPCAS_CLIENT;
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after ' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::proxy()');
}
if (gettype($url) != 'string') {
self::error('type mismatched for parameter $url (should be `string\')');
@ -1443,7 +1443,7 @@ class phpCAS
{
global $PHPCAS_CLIENT;
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after ' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::proxy()');
}
return ($PHPCAS_CLIENT->getURL());
}
@ -1455,7 +1455,7 @@ class phpCAS
{
global $PHPCAS_CLIENT;
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after ' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::proxy()');
}
if (gettype($target_service) != 'string') {
self::error('type mismatched for parameter $target_service(should be `string\')');
@ -1473,7 +1473,7 @@ class phpCAS
global $PHPCAS_CLIENT;
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');
}
if (gettype($cert) != 'string') {
self::error('type mismatched for parameter $cert (should be `string\')');
@ -1492,7 +1492,7 @@ class phpCAS
global $PHPCAS_CLIENT;
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');
}
if (gettype($cert) != 'string') {
self::error('type mismatched for parameter $cert (should be `string\')');
@ -1509,7 +1509,7 @@ class phpCAS
global $PHPCAS_CLIENT;
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');
}
$PHPCAS_CLIENT->setNoCasServerValidation();
self::traceEnd();
@ -1528,7 +1528,7 @@ class phpCAS
global $PHPCAS_CLIENT;
self::traceBegin();
if (!is_object($PHPCAS_CLIENT)) {
self::error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
self::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');
}
$PHPCAS_CLIENT->setExtraCurlOption($key, $value);
self::traceEnd();

6
main/auth/conditional_login/complete_phone_number.php
Unescape View File

@ -2,9 +2,9 @@
/* For licensing terms, see /license.txt */
require_once __DIR__.'/../../inc/global.inc.php';
$url = api_get_path(WEB_PATH).'main/auth/conditional_login/complete_phone_number.php';
$url = api_get_path(WEB_PATH).'main/auth/conditional_login/complete_phone_number.php';
if (! isset($_SESSION['conditional_login']['uid']))
if (!isset($_SESSION['conditional_login']['uid']))
die("Not Authorised");
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
@ -20,7 +20,7 @@ if (! isset($_SESSION['conditional_login']['uid']))
</body>
</html>
<?php
if (isset($_POST['submit'])){
if (isset($_POST['submit'])) {
$u = api_get_user_info($_SESSION['conditional_login']['uid']);
$u['phone'] = $_POST['phone_number'];
$password = null; // we don't want to change the password

46
main/auth/courses_list.php
Unescape View File

@ -17,7 +17,7 @@ $courses_without_category = isset($courses_in_category[0]) ? $courses_in_categor
<div id="actions" class="actions">
<?php if ($action != 'createcoursecategory') { ?>
<a href="<?php echo api_get_self(); ?>?action=createcoursecategory">
<?php echo Display::return_icon('new_folder.png', get_lang('CreateCourseCategory'),'','32'); ?></a>
<?php echo Display::return_icon('new_folder.png', get_lang('CreateCourseCategory'), '', '32'); ?></a>
<?php } ?>
</div>
<?php
@ -45,25 +45,25 @@ if (!empty($user_course_categories)) {
$max_category_key = count($user_course_categories);
if ($action != 'unsubscribe') { ?>
<a href="courses.php?action=sortmycourses&amp;categoryid=<?php echo $row['id']; ?>&amp;sec_token=<?php echo $stok; ?>#category<?php echo $row['id']; ?>">
<?php echo Display::display_icon('edit.png', get_lang('Edit'),'',22); ?>
<?php echo Display::display_icon('edit.png', get_lang('Edit'), '', 22); ?>
</a>
<?php if (0 != $counter) { ?>
<a href="courses.php?action=<?php echo $action ?>&amp;move=up&amp;category=<?php echo $row['id']; ?>&amp;sec_token=<?php echo $stok; ?>">
<?php echo Display::return_icon('up.png', get_lang('Up'),'',22); ?>
<?php echo Display::return_icon('up.png', get_lang('Up'), '', 22); ?>
</a>
<?php } else { ?>
<?php echo Display::return_icon('up_na.png', get_lang('Up'),'',22); ?>
<?php echo Display::return_icon('up_na.png', get_lang('Up'), '', 22); ?>
<?php } ?>
<?php if ($row['id'] != $last['id']) { ?>
<a href="courses.php?action=<?php echo $action; ?>&amp;move=down&amp;category=<?php echo $row['id']; ?>&amp;sec_token=<?php echo $stok; ?>">
<?php echo Display::return_icon('down.png', get_lang('Down'),'',22); ?>
<?php echo Display::return_icon('down.png', get_lang('Down'), '', 22); ?>
</a>
<?php } else { ?>
<?php echo Display::return_icon('down_na.png', get_lang('Down'),'',22); ?>
<?php echo Display::return_icon('down_na.png', get_lang('Down'), '', 22); ?>
<?php } ?>
<a href="courses.php?action=deletecoursecategory&amp;id=<?php echo $row['id']; ?>&amp;sec_token=<?php echo $stok; ?>">
<?php echo Display::display_icon('delete.png', get_lang('Delete'), array('onclick' => "javascript: if (!confirm('".addslashes(api_htmlentities(get_lang("CourseCategoryAbout2bedeleted"), ENT_QUOTES, api_get_system_encoding()))."')) return false;"),22) ?>
<?php echo Display::display_icon('delete.png', get_lang('Delete'), array('onclick' => "javascript: if (!confirm('".addslashes(api_htmlentities(get_lang("CourseCategoryAbout2bedeleted"), ENT_QUOTES, api_get_system_encoding()))."')) return false;"), 22) ?>
</a>
<?php }
$counter++;
@ -116,35 +116,35 @@ if (!empty($user_course_categories)) {
<div style="float:left;width:110px;">
<?php
if (api_get_setting('show_courses_descriptions_in_catalog') == 'true') {
$icon_title = get_lang('CourseDetails') . ' - ' . $course['title'];
$icon_title = get_lang('CourseDetails').' - '.$course['title'];
?>
<a href="<?php echo api_get_path(WEB_CODE_PATH); ?>inc/ajax/course_home.ajax.php?a=show_course_information&code=<?php echo $course['code'] ?>" data-title="<?php echo $icon_title ?>" title="<?php echo $icon_title ?>" class="ajax">
<?php echo Display::return_icon('info.png', $icon_title,'','22') ?>
<?php echo Display::return_icon('info.png', $icon_title, '', '22') ?>
<?php } ?>
</a>
<?php if (isset($_GET['edit']) && $course['code'] == $_GET['edit']) { ?>
<?php echo Display::display_icon('edit_na.png', get_lang('Edit'),'',22); ?>
<?php echo Display::display_icon('edit_na.png', get_lang('Edit'), '', 22); ?>
<?php } else { ?>
<a href="courses.php?action=<?php echo $action; ?>&amp;edit=<?php echo $course['code']; ?>&amp;sec_token=<?php echo $stok; ?>">
<?php echo Display::display_icon('edit.png', get_lang('Edit'),'',22); ?>
<?php echo Display::display_icon('edit.png', get_lang('Edit'), '', 22); ?>
</a>
<?php } ?>
<?php if ($key > 0) { ?>
<a href="courses.php?action=<?php echo $action; ?>&amp;move=up&amp;course=<?php echo $course['code']; ?>&amp;category=<?php echo $course['user_course_cat']; ?>&amp;sec_token=<?php echo $stok; ?>">
<?php echo Display::display_icon('up.png', get_lang('Up'),'',22); ?>
<?php echo Display::display_icon('up.png', get_lang('Up'), '', 22); ?>
</a>
<?php } else { ?>
<?php echo Display::display_icon('up_na.png', get_lang('Up'),'',22); ?>
<?php echo Display::display_icon('up_na.png', get_lang('Up'), '', 22); ?>
<?php } ?>
<?php if ($key < $number_of_courses - 1) { ?>
<a href="courses.php?action=<?php echo $action; ?>&amp;move=down&amp;course=<?php echo $course['code']; ?>&amp;category=<?php echo $course['user_course_cat']; ?>&amp;sec_token=<?php echo $stok; ?>">
<?php echo Display::display_icon('down.png', get_lang('Down'),'',22); ?>
<?php echo Display::display_icon('down.png', get_lang('Down'), '', 22); ?>
</a>
<?php } else { ?>
<?php echo Display::display_icon('down_na.png', get_lang('Down'),'',22); ?>
<?php echo Display::display_icon('down_na.png', get_lang('Down'), '', 22); ?>
<?php } ?>
</div>
@ -213,36 +213,36 @@ if (!empty($courses_without_category)) {
<div style="float:left; width:110px">
<?php
if (api_get_setting('show_courses_descriptions_in_catalog') == 'true') {
$icon_title = get_lang('CourseDetails') . ' - ' . $course['title'];
$icon_title = get_lang('CourseDetails').' - '.$course['title'];
?>
<a href="<?php echo api_get_path(WEB_CODE_PATH); ?>inc/ajax/course_home.ajax.php?a=show_course_information&code=<?php echo $course['code'] ?>" data-title="<?php echo $icon_title ?>" title="<?php echo $icon_title ?>" class="ajax">
<?php echo Display::return_icon('info.png', $icon_title, '','22'); ?>
<?php echo Display::return_icon('info.png', $icon_title, '', '22'); ?>
</a>
<?php } ?>
<?php if (isset($_GET['edit']) && $course['code'] == $_GET['edit']) { ?>
<?php echo Display::display_icon('edit_na.png', get_lang('Edit'),'',22); ?>
<?php echo Display::display_icon('edit_na.png', get_lang('Edit'), '', 22); ?>
<?php } else { ?>
<a href="courses.php?action=<?php echo $action; ?>&amp;edit=<?php echo $course['code']; ?>&amp;sec_token=<?php echo $stok; ?>">
<?php echo Display::display_icon('edit.png', get_lang('Edit'),'',22); ?>
<?php echo Display::display_icon('edit.png', get_lang('Edit'), '', 22); ?>
</a>
<?php } ?>
<!-- up /down icons-->
<?php if ($key > 0) { ?>
<a href="courses.php?action=<?php echo $action; ?>&amp;move=up&amp;course=<?php echo $course['code']; ?>&amp;category=<?php echo $course['user_course_cat']; ?>&amp;sec_token=<?php echo $stok; ?>">
<?php echo Display::display_icon('up.png', get_lang('Up'),'',22) ?>
<?php echo Display::display_icon('up.png', get_lang('Up'), '', 22) ?>
</a>
<?php } else {
echo Display::display_icon('up_na.png', get_lang('Up'),'',22);
echo Display::display_icon('up_na.png', get_lang('Up'), '', 22);
}
if ($key < $number_of_courses - 1) { ?>
<a href="courses.php?action=<?php echo $action; ?>&amp;move=down&amp;course=<?php echo $course['code']; ?>&amp;category=<?php echo $course['user_course_cat']; ?>&amp;sec_token=<?php echo $stok; ?>">
<?php echo Display::display_icon('down.png', get_lang('Down'),'',22); ?>
<?php echo Display::display_icon('down.png', get_lang('Down'), '', 22); ?>
</a>
<?php } else {
echo Display::display_icon('down_na.png', get_lang('Down'),'',22);
echo Display::display_icon('down_na.png', get_lang('Down'), '', 22);
}?>
</div>
<div style="float:left; margin-right:10px;">

46
main/auth/external_login/facebook.inc.php
Unescape View File

@ -32,19 +32,19 @@ function facebookConnect()
try {
$accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
} catch (Facebook\Exceptions\FacebookResponseException $e) {
Display::addFlash(
Display::return_message('Facebook Graph returned an error: ' . $e->getMessage(), 'error')
Display::return_message('Facebook Graph returned an error: '.$e->getMessage(), 'error')
);
header('Location: ' . api_get_path(WEB_PATH));
header('Location: '.api_get_path(WEB_PATH));
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
} catch (Facebook\Exceptions\FacebookSDKException $e) {
Display::addFlash(
Display::return_message('Facebook SDK returned an error: ' . $e->getMessage(), 'error')
Display::return_message('Facebook SDK returned an error: '.$e->getMessage(), 'error')
);
header('Location: ' . api_get_path(WEB_PATH));
header('Location: '.api_get_path(WEB_PATH));
exit;
}
@ -58,17 +58,17 @@ function facebookConnect()
}
$error = implode('<br>', [
'Error: ' . $helper->getError(),
'Error Code: ' . $helper->getErrorCode(),
'Error Reason: ' . $helper->getErrorReason(),
'Error Description: ' . $helper->getErrorDescription()
'Error: '.$helper->getError(),
'Error Code: '.$helper->getErrorCode(),
'Error Reason: '.$helper->getErrorReason(),
'Error Description: '.$helper->getErrorDescription()
]);
Display::addFlash(
Display::return_message($error, 'error', false)
);
header('Location: ' . api_get_path(WEB_PATH));
header('Location: '.api_get_path(WEB_PATH));
exit;
}
@ -82,29 +82,29 @@ function facebookConnect()
$accessToken = $oAuth2Client->getLongLivedAccessToken($accessToken);
} catch (Facebook\Exceptions\FacebookSDKException $e) {
Display::addFlash(
Display::return_message('Error getting long-lived access token: ' . $e->getMessage(), 'error')
Display::return_message('Error getting long-lived access token: '.$e->getMessage(), 'error')
);
header('Location: ' . api_get_path(WEB_PATH));
header('Location: '.api_get_path(WEB_PATH));
exit;
}
}
try {
$response = $fb->get('/me?fields=id,first_name,last_name,locale,email', $accessToken->getValue());
} catch(Facebook\Exceptions\FacebookResponseException $e) {
} catch (Facebook\Exceptions\FacebookResponseException $e) {
Display::addFlash(
Display::return_message('Graph returned an error: ' . $e->getMessage(), 'error')
Display::return_message('Graph returned an error: '.$e->getMessage(), 'error')
);
header('Location: ' . api_get_path(WEB_PATH));
header('Location: '.api_get_path(WEB_PATH));
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
} catch (Facebook\Exceptions\FacebookSDKException $e) {
Display::addFlash(
Display::return_message('Facebook SDK returned an error: ' . $e->getMessage(), 'error')
Display::return_message('Facebook SDK returned an error: '.$e->getMessage(), 'error')
);
header('Location: ' . api_get_path(WEB_PATH));
header('Location: '.api_get_path(WEB_PATH));
exit;
}
@ -140,14 +140,14 @@ function facebookConnect()
Display::return_message(get_lang('UserNotRegistered'), 'error')
);
header('Location: ' . api_get_path(WEB_PATH));
header('Location: '.api_get_path(WEB_PATH));
exit;
}
$_user['user_id'] = $chamilo_uid;
$_SESSION['_user'] = $_user;
header('Location: ' . api_get_path(WEB_PATH));
header('Location: '.api_get_path(WEB_PATH));
exit();
}
@ -158,7 +158,7 @@ function facebookConnect()
$_user['user_id'] = $chamilo_uid;
$_SESSION['_user'] = $_user;
header('Location: ' . api_get_path(WEB_PATH));
header('Location: '.api_get_path(WEB_PATH));
exit();
}
@ -175,7 +175,7 @@ function facebookGetLoginUrl()
]);
$helper = $fb->getRedirectLoginHelper();
$loginUrl = $helper->getLoginUrl(api_get_path(WEB_PATH) . '?action=fbconnect', [
$loginUrl = $helper->getLoginUrl(api_get_path(WEB_PATH).'?action=fbconnect', [
'email'
]);

2
main/auth/external_login/updateUser.php
Unescape View File

@ -36,6 +36,6 @@ if ($new_user !== false) { //User can login
//User cannot login
$loginFailed = true;
Session::erase('_uid');
header('Location: ' . api_get_path(WEB_PATH) . 'index.php?loginFailed=1&error=user_password_incorrect');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=user_password_incorrect');
exit;
}

22
main/blog/blog_admin.php
Unescape View File

@ -8,7 +8,7 @@
*/
require_once __DIR__.'/../inc/global.inc.php';
$current_course_tool = TOOL_BLOGS;
$current_course_tool = TOOL_BLOGS;
$this_section = SECTION_COURSES;
@ -20,7 +20,7 @@ api_protect_course_script(true);
// ONLY USERS REGISTERED IN THE COURSE
if ((!api_is_allowed_in_course() || !$is_courseMember) && !api_is_allowed_to_edit()) {
api_not_allowed(true);//print headers/footers
api_not_allowed(true); //print headers/footers
}
if (api_is_allowed_to_edit()) {
@ -34,29 +34,29 @@ if (api_is_allowed_to_edit()) {
'url' => 'blog_admin.php?'.api_get_cidreq(),
'name' => $nameTools,
);
$my_url='';
if (isset($_GET['action']) && $_GET['action']=='add') {
$my_url = '';
if (isset($_GET['action']) && $_GET['action'] == 'add') {
$current_section = get_lang('AddBlog');
$my_url='action=add';
} elseif (isset($_GET['action']) && $_GET['action']=='edit') {
$my_url = 'action=add';
} elseif (isset($_GET['action']) && $_GET['action'] == 'edit') {
$current_section = get_lang('EditBlog');
$my_url='action=edit&amp;blog_id='.Security::remove_XSS($_GET['blog_id']);
$my_url = 'action=edit&amp;blog_id='.Security::remove_XSS($_GET['blog_id']);
}
Display::display_header('');
}
echo '<div class="actions">';
echo "<a href='".api_get_self()."?".api_get_cidreq()."&action=add'>",
Display::return_icon('new_blog.png', get_lang('AddBlog'),'',ICON_SIZE_MEDIUM)."</a>";
Display::return_icon('new_blog.png', get_lang('AddBlog'), '', ICON_SIZE_MEDIUM)."</a>";
echo '</div>';
if (!empty($_POST['new_blog_submit']) && !empty($_POST['blog_name'])) {
if (isset($_POST['blog_name'])) {
if (isset($_POST['blog_name'])) {
Blog::addBlog($_POST['blog_name'], $_POST['blog_subtitle']);
echo Display::return_message(get_lang('BlogStored'), 'confirmation');
}
}
if (!empty($_POST['edit_blog_submit']) && !empty($_POST['blog_name'])) {
if (strlen(trim($_POST['blog_name']))>0) {
if (strlen(trim($_POST['blog_name'])) > 0) {
Blog::editBlog($_POST['blog_id'], $_POST['blog_name'], $_POST['blog_subtitle']);
echo Display::return_message(get_lang('BlogEdited'), 'confirmation');
}
@ -83,7 +83,7 @@ if (api_is_allowed_to_edit()) {
// we show the form if
// 1. no post data
// 2. there is post data and one of the three form elements is empty
if (!$_POST || (!empty($_POST) && (empty($_POST['edit_blog_submit']) || empty($_POST['blog_name']) ))) {
if (!$_POST || (!empty($_POST) && (empty($_POST['edit_blog_submit']) || empty($_POST['blog_name'])))) {
// if there is post data there is certainly an error in the form
if ($_POST) {
echo Display::return_message(get_lang('FormHasErrorsPleaseComplete'), 'error');

2
main/cron/user_import/client.php
Unescape View File

@ -14,7 +14,7 @@
*/
require_once __DIR__.'/../../inc/global.inc.php';
// check if this client has been called by php_cli (command line or cron)
if (php_sapi_name()!='cli') {
if (php_sapi_name() != 'cli') {
echo 'You can\'t call this service through a browser';
die();
}

10
main/exercise/exercise_admin.php
Unescape View File

@ -168,8 +168,8 @@ if ($form->validate()) {
$gradebook = $_SESSION['gradebook'];
}
if (!empty($gradebook) && $gradebook=='view') {
$interbreadcrumb[]= array(
if (!empty($gradebook) && $gradebook == 'view') {
$interbreadcrumb[] = array(
'url' => '../gradebook/'.$_SESSION['gradebook_dest'],
'name' => get_lang('ToolGradebook')
);
@ -189,7 +189,7 @@ if ($form->validate()) {
echo '<div class="actions">';
if ($objExercise->id != 0) {
echo '<a href="admin.php?'.api_get_cidreq().'&exerciseId='.$objExercise->id.'">' .
echo '<a href="admin.php?'.api_get_cidreq().'&exerciseId='.$objExercise->id.'">'.
Display::return_icon('back.png', get_lang('GoBackToQuestionList'), '', ICON_SIZE_MEDIUM).'</a>';
} else {
if (!empty($_GET['lp_id']) || !empty($_POST['lp_id'])) {
@ -199,9 +199,9 @@ if ($form->validate()) {
} else {
$lp_id = intval($_GET['lp_id']);
}
echo "<a href=\"../lp/lp_controller.php?".api_get_cidreq()."&gradebook=&action=add_item&type=step&lp_id=".$lp_id."#resource_tab-2\">".Display::return_icon('back.png', get_lang("BackTo").' '.get_lang("LearningPaths"),'',ICON_SIZE_MEDIUM)."</a>";
echo "<a href=\"../lp/lp_controller.php?".api_get_cidreq()."&gradebook=&action=add_item&type=step&lp_id=".$lp_id."#resource_tab-2\">".Display::return_icon('back.png', get_lang("BackTo").' '.get_lang("LearningPaths"), '', ICON_SIZE_MEDIUM)."</a>";
} else {
echo '<a href="exercise.php?'.api_get_cidreq().'">' .
echo '<a href="exercise.php?'.api_get_cidreq().'">'.
Display::return_icon('back.png', get_lang('BackToExercisesList'), '', ICON_SIZE_MEDIUM).
'</a>';
}

138
main/forum/forumfunction.inc.php
Unescape View File

@ -66,10 +66,10 @@ $(function () {
var l = $(this);
var id = l.closest("tr").attr("id");
var filename = l.closest("tr").find(".attachFilename").html();
if (confirm("' . get_lang('AreYouSureToDeleteJS') . '", filename)) {
if (confirm("' . get_lang('AreYouSureToDeleteJS').'", filename)) {
$.ajax({
type: "POST",
url: "'.api_get_path(WEB_AJAX_PATH) . 'forum.ajax.php?'.api_get_cidreq().'&a=delete_file&attachId=" + id +"&thread='.$threadId .'&forum='.$forumId .'",
url: "'.api_get_path(WEB_AJAX_PATH).'forum.ajax.php?'.api_get_cidreq().'&a=delete_file&attachId=" + id +"&thread='.$threadId.'&forum='.$forumId.'",
dataType: "json",
success: function(data) {
if (data.error == false) {
@ -181,7 +181,7 @@ function handle_forum_and_forumcategories($lp_id = null)
*/
function show_add_forumcategory_form($inputvalues = array(), $lp_id)
{
$form = new FormValidator('forumcategory', 'post', 'index.php?' . api_get_cidreq());
$form = new FormValidator('forumcategory', 'post', 'index.php?'.api_get_cidreq());
// hidden field if from learning path
$form->addElement('hidden', 'lp_id', $lp_id);
// Setting the form elements.
@ -230,7 +230,7 @@ function show_add_forumcategory_form($inputvalues = array(), $lp_id)
function show_add_forum_form($inputvalues = array(), $lp_id)
{
$_course = api_get_course_info();
$form = new FormValidator('forumcategory', 'post', 'index.php?' . api_get_cidreq());
$form = new FormValidator('forumcategory', 'post', 'index.php?'.api_get_cidreq());
// The header for the form
if (!empty($inputvalues)) {
@ -347,9 +347,9 @@ function show_add_forum_form($inputvalues = array(), $lp_id)
// Forum image
$form->addProgress();
if (!empty($inputvalues['forum_image'])) {
$baseImagePath = api_get_course_path() . '/upload/forum/images/' . $inputvalues['forum_image'];
$image_path = api_get_path(WEB_COURSE_PATH) . $baseImagePath;
$sysImagePath = api_get_path(SYS_COURSE_PATH) . $baseImagePath;
$baseImagePath = api_get_course_path().'/upload/forum/images/'.$inputvalues['forum_image'];
$image_path = api_get_path(WEB_COURSE_PATH).$baseImagePath;
$sysImagePath = api_get_path(SYS_COURSE_PATH).$baseImagePath;
if (file_exists($sysImagePath)) {
$show_preview_image = Display::img($image_path, null, ['class' => 'img-responsive']);
@ -1017,24 +1017,24 @@ function return_visible_invisible_icon($content, $id, $current_visibility_status
$html = '';
$id = Security::remove_XSS($id);
if ($current_visibility_status == '1') {
$html .= '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&';
$html .= '<a href="'.api_get_self().'?'.api_get_cidreq().'&';
if (is_array($additional_url_parameters)) {
foreach ($additional_url_parameters as $key => $value) {
$html .= $key . '=' . $value . '&';
$html .= $key.'='.$value.'&';
}
}
$html.='action=invisible&content='.$content.'&id='.$id.'">'.
$html .= 'action=invisible&content='.$content.'&id='.$id.'">'.
Display::return_icon('visible.png', get_lang('MakeInvisible'), array(), ICON_SIZE_SMALL).'</a>';
}
if ($current_visibility_status == '0') {
$html .= '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&';
$html .= '<a href="'.api_get_self().'?'.api_get_cidreq().'&';
if (is_array($additional_url_parameters)) {
foreach ($additional_url_parameters as $key => $value) {
$html .= $key . '=' . $value . '&';
$html .= $key.'='.$value.'&';
}
}
$html .= 'action=visible&content=' . $content . '&id=' . $id . '">' .
Display::return_icon('invisible.png', get_lang('MakeVisible'), array(), ICON_SIZE_SMALL) . '</a>';
$html .= 'action=visible&content='.$content.'&id='.$id.'">'.
Display::return_icon('invisible.png', get_lang('MakeVisible'), array(), ICON_SIZE_SMALL).'</a>';
}
return $html;
}
@ -1062,21 +1062,21 @@ function return_lock_unlock_icon($content, $id, $current_lock_status, $additiona
$html .= '<a href="'.api_get_self().'?'.api_get_cidreq().'&';
if (is_array($additional_url_parameters)) {
foreach ($additional_url_parameters as $key => $value) {
$html .= $key . '=' . $value . '&';
$html .= $key.'='.$value.'&';
}
}
$html.= 'action=unlock&content='.$content.'&id='.$id.'">'.
$html .= 'action=unlock&content='.$content.'&id='.$id.'">'.
Display::return_icon('lock.png', get_lang('Unlock'), array(), ICON_SIZE_SMALL).'</a>';
}
if ($current_lock_status == '0') {
$html .= '<a href="'.api_get_self().'?'.api_get_cidreq().'&';
if (is_array($additional_url_parameters)) {
foreach ($additional_url_parameters as $key => $value) {
$html .= $key . '=' . $value . '&';
$html .= $key.'='.$value.'&';
}
}
$html .= 'action=lock&content=' . $content . '&id=' . $id . '">' .
Display::return_icon('unlock.png', get_lang('Lock'), array(), ICON_SIZE_SMALL) . '</a>';
$html .= 'action=lock&content='.$content.'&id='.$id.'">'.
Display::return_icon('unlock.png', get_lang('Lock'), array(), ICON_SIZE_SMALL).'</a>';
}
return $html;
@ -1255,7 +1255,7 @@ function move_up_down($content, $direction, $id)
$sort_column = 'forum_order';
// We also need the forum_category of this forum.
$sql = "SELECT forum_category FROM $table_forums
WHERE c_id = $course_id AND forum_id = " . intval($id);
WHERE c_id = $course_id AND forum_id = ".intval($id);
$result = Database::query($sql);
$row = Database::fetch_array($result);
$forum_category = $row['forum_category'];
@ -1280,7 +1280,7 @@ function move_up_down($content, $direction, $id)
forum_categories.c_id = $course_id AND
item_properties.c_id = $course_id AND
forum_categories.cat_id=item_properties.ref AND
item_properties.tool='" . TOOL_FORUM_CATEGORY . "'
item_properties.tool='".TOOL_FORUM_CATEGORY."'
ORDER BY forum_categories.cat_order $sort_direction";
}
if ($content == 'forum') {
@ -1288,7 +1288,7 @@ function move_up_down($content, $direction, $id)
FROM $table
WHERE
c_id = $course_id AND
forum_category='" . Database::escape_string($forum_category) . "'
forum_category='".Database::escape_string($forum_category)."'
ORDER BY forum_order $sort_direction";
}
// Finding the items that need to be switched.
@ -1312,16 +1312,16 @@ function move_up_down($content, $direction, $id)
// We do an extra check if we do not have illegal values. If your remove this if statment you will
// be able to mess with the sorting by refreshing the page over and over again.
if ($this_sort != '' && $next_sort != '' && $next_id != '' && $this_id != '') {
$sql = "UPDATE $table SET $sort_column='" . Database::escape_string($this_sort) . "'
WHERE c_id = $course_id AND $id_column='" . Database::escape_string($next_id) . "'";
$sql = "UPDATE $table SET $sort_column='".Database::escape_string($this_sort)."'
WHERE c_id = $course_id AND $id_column='".Database::escape_string($next_id)."'";
Database::query($sql);
$sql = "UPDATE $table SET $sort_column='" . Database::escape_string($next_sort) . "'
WHERE c_id = $course_id AND $id_column='" . Database::escape_string($this_id) . "'";
$sql = "UPDATE $table SET $sort_column='".Database::escape_string($next_sort)."'
WHERE c_id = $course_id AND $id_column='".Database::escape_string($this_id)."'";
Database::query($sql);
}
return get_lang(ucfirst($content) . 'Moved');
return get_lang(ucfirst($content).'Moved');
}
/**
@ -1582,7 +1582,7 @@ function get_forums(
INNER JOIN $table_forums forum
ON (forum.forum_id = item_properties.ref AND forum.c_id = item_properties.c_id)
WHERE
forum.forum_id = " . intval($id) . " AND
forum.forum_id = ".intval($id)." AND
forum.c_id = $course_id AND
item_properties.visibility != 2 AND
item_properties.tool = '".TOOL_FORUM."'
@ -1592,7 +1592,7 @@ function get_forums(
$sql2 = "SELECT count(*) AS number_of_threads, forum_id
FROM $table_threads
WHERE
forum_id = " . intval($id) . "
forum_id = ".intval($id)."
GROUP BY forum_id";
}
@ -1825,7 +1825,7 @@ function get_threads($forum_id, $courseId = null, $sessionId = null)
if (!empty($groupInfo)) {
$groupIid = $groupInfo['iid'];
$groupCondition = " AND item_properties.to_group_id = '$groupIid' ";
$groupCondition = " AND item_properties.to_group_id = '$groupIid' ";
}
$sessionCondition = api_get_session_condition(
@ -2334,7 +2334,7 @@ function get_forum_information($forum_id, $courseId = 0)
{
$table_forums = Database::get_course_table(TABLE_FORUM);
$table_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY);
$courseId = empty($courseId) ? api_get_course_int_id(): intval($courseId);
$courseId = empty($courseId) ? api_get_course_int_id() : intval($courseId);
$forum_id = intval($forum_id);
$sql = "SELECT *
@ -2822,13 +2822,13 @@ function show_add_post_form($current_forum, $forum_setting, $action, $id = '', $
$my_post = isset($_GET['post']) ? (int) $_GET['post'] : '';
$my_gradebook = isset($_GET['gradebook']) ? Security::remove_XSS($_GET['gradebook']) : '';
$url = api_get_self() . '?' . http_build_query([
$url = api_get_self().'?'.http_build_query([
'action' => $action,
'forum' => $forumId,
'gradebook' => $my_gradebook,
'thread' => $myThread,
'post' => $my_post
]) . '&' . api_get_cidreq();
]).'&'.api_get_cidreq();
$form = new FormValidator(
'thread',
@ -3122,7 +3122,7 @@ function saveThreadScore(
if ($row[0] == 0) {
$sql = "INSERT INTO $table_threads_qualify (c_id, user_id, thread_id,qualify,qualify_user_id,qualify_time,session_id)
VALUES (".$course_id.", '".$user_id."','".$thread_id."',".(float)$thread_qualify.", '".$currentUserId."','".$qualify_time."','".$session_id."')";
VALUES (".$course_id.", '".$user_id."','".$thread_id."',".(float) $thread_qualify.", '".$currentUserId."','".$qualify_time."','".$session_id."')";
Database::query($sql);
$insertId = Database::insert_id();
@ -4662,9 +4662,9 @@ function add_forum_attachment_file($file_comment, $last_id)
continue;
}
$course_dir = $_course['path'] . '/upload/forum';
$course_dir = $_course['path'].'/upload/forum';
$sys_course_path = api_get_path(SYS_COURSE_PATH);
$updir = $sys_course_path . $course_dir;
$updir = $sys_course_path.$course_dir;
// Try to add an extension to the file if it hasn't one.
$new_file_name = add_ext_on_mime(
@ -4681,7 +4681,7 @@ function add_forum_attachment_file($file_comment, $last_id)
}
$new_file_name = uniqid('');
$new_path = $updir . '/' . $new_file_name;
$new_path = $updir.'/'.$new_file_name;
$result = @move_uploaded_file($attachment['tmp_name'], $new_path);
$safe_file_comment = Database::escape_string($file_comment);
$safe_file_name = Database::escape_string($file_name);
@ -4857,16 +4857,16 @@ function delete_attachment($post_id, $id_attach = 0, $display = true)
$forum_table_attachment = Database::get_course_table(TABLE_FORUM_ATTACHMENT);
$course_id = api_get_course_int_id();
$cond = (!empty($id_attach)) ? " iid = " . (int) $id_attach . "" : " post_id = " . (int) $post_id . "";
$cond = (!empty($id_attach)) ? " iid = ".(int) $id_attach."" : " post_id = ".(int) $post_id."";
$sql = "SELECT path FROM $forum_table_attachment WHERE c_id = $course_id AND $cond";
$res = Database::query($sql);
$row = Database::fetch_array($res);
$course_dir = $_course['path'] . '/upload/forum';
$course_dir = $_course['path'].'/upload/forum';
$sys_course_path = api_get_path(SYS_COURSE_PATH);
$updir = $sys_course_path . $course_dir;
$updir = $sys_course_path.$course_dir;
$my_path = isset($row['path']) ? $row['path'] : null;
$file = $updir . '/' . $my_path;
$file = $updir.'/'.$my_path;
if (Security::check_abs_path($file, $updir)) {
@unlink($file);
}
@ -5444,37 +5444,37 @@ function get_all_post_from_user($user_id, $course_code)
$post_list = get_thread_user_post_limit($course_code, $thread['thread_id'], $user_id, 1);
$post_counter = count($post_list);
if (is_array($post_list) && count($post_list) > 0) {
$hand_forums.= '<div id="social-thread">';
$hand_forums.= Display::return_icon('thread.png', get_lang('Thread'), '', ICON_SIZE_MEDIUM);
$hand_forums.= '&nbsp;'.Security::remove_XSS($thread['thread_title'], STUDENT);
$hand_forums.= '</div>';
$hand_forums .= '<div id="social-thread">';
$hand_forums .= Display::return_icon('thread.png', get_lang('Thread'), '', ICON_SIZE_MEDIUM);
$hand_forums .= '&nbsp;'.Security::remove_XSS($thread['thread_title'], STUDENT);
$hand_forums .= '</div>';
foreach ($post_list as $posts) {
$hand_forums.= '<div id="social-post">';
$hand_forums.= '<strong>'.Security::remove_XSS($posts['post_title'], STUDENT).'</strong>';
$hand_forums.= '<br / >';
$hand_forums.= Security::remove_XSS($posts['post_text'], STUDENT);
$hand_forums.= '</div>';
$hand_forums.= '<br / >';
$hand_forums .= '<div id="social-post">';
$hand_forums .= '<strong>'.Security::remove_XSS($posts['post_title'], STUDENT).'</strong>';
$hand_forums .= '<br / >';
$hand_forums .= Security::remove_XSS($posts['post_text'], STUDENT);
$hand_forums .= '</div>';
$hand_forums .= '<br / >';
}
}
}
$i++;
}
$forum_results .='<div id="social-forum">';
$forum_results .='<div class="clear"></div><br />';
$forum_results .='<div id="social-forum-title">'.
$forum_results .= '<div id="social-forum">';
$forum_results .= '<div class="clear"></div><br />';
$forum_results .= '<div id="social-forum-title">'.
Display::return_icon('forum.gif', get_lang('Forum')).'&nbsp;'.Security::remove_XSS($forum['forum_title'], STUDENT).
'<div style="float:right;margin-top:-35px">
<a href="../forum/viewforum.php?'.api_get_cidreq_params($course_code).'&forum='.$forum['forum_id'].' " >'.
get_lang('SeeForum').'
</a>
</div></div>';
$forum_results .='<br / >';
$forum_results .= '<br / >';
if ($post_counter > 0) {
$forum_results .=$hand_forums;
$forum_results .= $hand_forums;
}
$forum_results .='</div>';
$forum_results .= '</div>';
}$j++;
}
}
@ -5615,16 +5615,16 @@ function editAttachedFile($array, $id, $courseId = null) {
$courseId = intval($courseId);
if (empty($courseId)) {
// $courseId can be null, use api method
$courseId= api_get_course_int_id();
$courseId = api_get_course_int_id();
}
/*
* Check if Attachment ID and Course ID are greater than zero
* and array of field values is not empty
*/
if ($id > 0 && $courseId > 0 && !empty($array) && is_array($array)) {
foreach($array as $key => &$item) {
foreach ($array as $key => &$item) {
$item = Database::escape_string($item);
$setString .= $key . ' = "' .$item . '", ';
$setString .= $key.' = "'.$item.'", ';
}
// Delete last comma
$setString = substr($setString, 0, strlen($setString) - 2);
@ -5684,10 +5684,10 @@ function getAttachmentsAjaxTable($postId = 0)
foreach ($uploadedFiles as $k => $uploadedFile) {
if (!empty($uploadedFile) && in_array($uploadedFile['id'], $attachIds)) {
// Buil html table including an input with attachmentID
$fileDataContent .= '<tr id="' . $uploadedFile['id'] . '" ><td>' . $uploadedFile['name'] . '</td><td>' . $uploadedFile['size'] . '</td><td>&nbsp;' . $uploadedFile['result'] .
' </td><td> <input style="width:90%;" type="text" value="' . $uploadedFile['comment'] . '" name="file_comments[]"> </td><td>' .
$uploadedFile['delete'] . '</td>' .
'<input type="hidden" value="' . $uploadedFile['id'] .'" name="file_ids[]">' . '</tr>';
$fileDataContent .= '<tr id="'.$uploadedFile['id'].'" ><td>'.$uploadedFile['name'].'</td><td>'.$uploadedFile['size'].'</td><td>&nbsp;'.$uploadedFile['result'].
' </td><td> <input style="width:90%;" type="text" value="'.$uploadedFile['comment'].'" name="file_comments[]"> </td><td>'.
$uploadedFile['delete'].'</td>'.
'<input type="hidden" value="'.$uploadedFile['id'].'" name="file_ids[]">'.'</tr>';
} else {
/*
* If attachment data is empty, then delete it from $_SESSION
@ -5700,7 +5700,7 @@ function getAttachmentsAjaxTable($postId = 0)
$style = empty($fileDataContent) ? 'display: none;' : '';
// Forum attachment Ajax table
$fileData = '
<div class="control-group " style="'. $style . '">
<div class="control-group " style="'. $style.'">
<label class="control-label">'.get_lang('AttachmentList').'</label>
<div class="controls">
<table id="attachmentFileList" class="files data_table span10">
@ -5772,7 +5772,7 @@ function getAttachedFiles($forumId, $threadId, $postId = 0, $attachId = 0, $cour
// name contains an URL to download attachment file and its filename
$json['name'] = Display::url(
api_htmlentities($row['filename']),
api_get_path(WEB_CODE_PATH) . 'forum/download.php?file='.$row['path'].'&'.api_get_cidreq(),
api_get_path(WEB_CODE_PATH).'forum/download.php?file='.$row['path'].'&'.api_get_cidreq(),
array('target'=>'_blank', 'class' => 'attachFilename')
);
$json['id'] = $row['iid'];
@ -5783,9 +5783,9 @@ function getAttachedFiles($forumId, $threadId, $postId = 0, $attachId = 0, $cour
if (!empty($row) && is_array($row)) {
// Set result as success and bring delete URL
$json['result'] = Display::return_icon('accept.png', get_lang('Uploaded'));
$url = api_get_path(WEB_CODE_PATH) . 'forum/viewthread.php?' . api_get_cidreq() . '&action=delete_attach&forum=' . $forumId . '&thread=' . $threadId.'&id_attach=' . $row['iid'];
$url = api_get_path(WEB_CODE_PATH).'forum/viewthread.php?'.api_get_cidreq().'&action=delete_attach&forum='.$forumId.'&thread='.$threadId.'&id_attach='.$row['iid'];
$json['delete'] = Display::url(
Display::return_icon('delete.png',get_lang('Delete'), array(), ICON_SIZE_SMALL),
Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL),
$url,
array('class' => 'deleteLink')
);
@ -5874,7 +5874,7 @@ function getAttachmentIdsByPostId($postId, $courseId = null)
WHERE c_id = $courseId AND post_id = $postId";
$result = Database::query($sql);
if ($result !== false && Database::num_rows($result) > 0) {
while ($row = Database::fetch_array($result,'ASSOC')) {
while ($row = Database::fetch_array($result, 'ASSOC')) {
$array[] = $row['id'];
}
}

2
main/inc/ajax/dropbox.ajax.php
Unescape View File

@ -15,7 +15,7 @@ switch ($action) {
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
$recipients = isset($_POST['recipients']) ? $_POST['recipients'] : '';
$id = isset($_GET['id']) ? (int)$_GET['id'] : 0;
$id = isset($_GET['id']) ? (int) $_GET['id'] : 0;
if (empty($recipients) && empty($id)) {
$resultList[] = ['error' => get_lang('YouMustSelectAtLeastOneDestinee')];

40
main/inc/ajax/social.ajax.php
Unescape View File

@ -24,7 +24,7 @@ switch ($action) {
}
if (isset($_GET['friend_id'])) {
$my_current_friend = $_GET['friend_id'];
$my_current_friend = $_GET['friend_id'];
UserManager::relate_users($current_user_id, $my_current_friend, $relation_type);
UserManager::relate_users($my_current_friend, $current_user_id, $relation_type);
SocialManager::invitation_accepted($my_current_friend, $current_user_id);
@ -32,7 +32,7 @@ switch ($action) {
Display::return_message(get_lang('AddedContactToList'), 'success')
);
header('Location: ' . api_get_path(WEB_CODE_PATH) . 'social/invitations.php');
header('Location: '.api_get_path(WEB_CODE_PATH).'social/invitations.php');
}
break;
case 'deny_friend':
@ -42,9 +42,9 @@ switch ($action) {
}
if (isset($_GET['is_my_friend'])) {
$relation_type = USER_RELATION_TYPE_FRIEND;//my friend
$relation_type = USER_RELATION_TYPE_FRIEND; //my friend
} else {
$relation_type = USER_RELATION_TYPE_UNKNOWN;//Contact unknown
$relation_type = USER_RELATION_TYPE_UNKNOWN; //Contact unknown
}
if (isset($_GET['denied_friend_id'])) {
SocialManager::invitation_denied($_GET['denied_friend_id'], $current_user_id);
@ -52,7 +52,7 @@ switch ($action) {
Display::return_message(get_lang('InvitationDenied'), 'success')
);
header('Location: ' . api_get_path(WEB_CODE_PATH) . 'social/invitations.php');
header('Location: '.api_get_path(WEB_CODE_PATH).'social/invitations.php');
}
break;
case 'delete_friend':
@ -71,7 +71,7 @@ switch ($action) {
break;
}
$user_id = api_get_user_id();
$name_search= Security::remove_XSS($_POST['search_name_q']);
$name_search = Security::remove_XSS($_POST['search_name_q']);
$number_friends = 0;
if (isset($name_search) && $name_search != 'undefined') {
@ -84,14 +84,14 @@ switch ($action) {
$number_of_images = 8;
$number_friends = count($friends);
if ($number_friends != 0) {
$number_loop = ($number_friends/$number_of_images);
$number_loop = ($number_friends / $number_of_images);
$loop_friends = ceil($number_loop);
$j = 0;
for ($k = 0; $k < $loop_friends; $k++) {
if ($j==$number_of_images) {
$number_of_images=$number_of_images*2;
if ($j == $number_of_images) {
$number_of_images = $number_of_images * 2;
}
while ($j<$number_of_images) {
while ($j < $number_of_images) {
if (isset($friends[$j])) {
$friend = $friends[$j];
$user_name = api_xml_http_response_encode($friend['firstName'].' '.$friend['lastName']);
@ -99,15 +99,15 @@ switch ($action) {
$friend_html .= '
<div class="col-md-3">
<div class="thumbnail text-center" id="div_' . $friends[$j]['friend_user_id'] . '">
<img src="' . $userPicture . '" class="img-responsive" id="imgfriend_' . $friend['friend_user_id'] . '" title="$user_name">
<div class="thumbnail text-center" id="div_' . $friends[$j]['friend_user_id'].'">
<img src="' . $userPicture.'" class="img-responsive" id="imgfriend_'.$friend['friend_user_id'].'" title="$user_name">
<div class="caption">
<h3>
<a href="profile.php?u=' . $friend['friend_user_id'] . '">' . $user_name . '</a>
<a href="profile.php?u=' . $friend['friend_user_id'].'">'.$user_name.'</a>
</h3>
<p>
<button class="btn btn-danger" onclick="delete_friend(this)" id=img_' . $friend['friend_user_id'] . '>
' . get_lang('Delete') . '
<button class="btn btn-danger" onclick="delete_friend(this)" id=img_' . $friend['friend_user_id'].'>
' . get_lang('Delete').'
</button>
</p>
</div>
@ -136,7 +136,7 @@ switch ($action) {
switch ($action) {
case 'load_course':
$course_id = intval($_POST['course_code']); // the int course id
$course_id = intval($_POST['course_code']); // the int course id
$course_info = api_get_course_info_by_id($course_id);
$course_code = $course_info['code'];
@ -144,7 +144,7 @@ switch ($action) {
//------Forum messages
$forum_result = get_all_post_from_user($user_id, $course_code);
$all_result_data = 0;
if ($forum_result !='') {
if ($forum_result != '') {
echo '<div id="social-forum-main-title">';
echo api_xml_http_response_encode(get_lang('Forum'));
echo '</div>';
@ -157,7 +157,7 @@ switch ($action) {
}
//------Blog posts
$result = Blog::getBlogPostFromUser($course_id, $user_id, $course_code );
$result = Blog::getBlogPostFromUser($course_id, $user_id, $course_code);
if (!empty($result)) {
api_display_tool_title(api_xml_http_response_encode(get_lang('Blog')));
@ -215,8 +215,8 @@ switch ($action) {
$html .= Display::div(
Display::url(
get_lang('SeeMore'),
api_get_self() . '?u=' . $userId . '&a=list_wall_message&start=' .
($start + $length + 1) . '&length=' . $length,
api_get_self().'?u='.$userId.'&a=list_wall_message&start='.
($start + $length + 1).'&length='.$length,
array(
'class' => 'nextPage',
)

6
main/inc/lib/access_url_edit_sessions_to_url_functions.lib.php
Unescape View File

@ -43,17 +43,17 @@ class Accessurleditsessionstourl
ORDER BY name, id
LIMIT 11';
$rs = Database::query($sql);
$i=0;
$i = 0;
while ($session = Database::fetch_array($rs)) {
$i++;
if ($i<=10) {
if ($i <= 10) {
$return .= '<a href="#" onclick="add_user_to_url(\''.addslashes($session['id']).'\',\''.addslashes($session['name']).' ('.addslashes($session['id']).')'.'\')">'.$session['name'].' </a><br />';
} else {
$return .= '...<br />';
}
}
}
$xajax_response -> addAssign('ajax_list_courses','innerHTML',api_utf8_encode($return));
$xajax_response -> addAssign('ajax_list_courses', 'innerHTML', api_utf8_encode($return));
return $xajax_response;
}
}

4
main/inc/lib/add_many_session_to_category_functions.lib.php
Unescape View File

@ -22,7 +22,7 @@ class AddManySessionToCategoryFunctions
* @assert () !== ''
* @assert ('abc','single') !== ''
*/
function search_courses($needle,$type)
function search_courses($needle, $type)
{
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$xajax_response = new xajaxResponse();
@ -38,7 +38,7 @@ class AddManySessionToCategoryFunctions
$return .= '<select id="origin" name="NoSessionCategoryList[]" multiple="multiple" size="20" style="width:340px;">';
while ($course = Database::fetch_array($rs)) {
$course_list[] = $course['id'];
$return .= '<option value="'.$course['id'].'" title="'.htmlspecialchars($course['name'],ENT_QUOTES).'">'.$course['name'].'</option>';
$return .= '<option value="'.$course['id'].'" title="'.htmlspecialchars($course['name'], ENT_QUOTES).'">'.$course['name'].'</option>';
}
$return .= '</select>';
$xajax_response->addAssign(

90
main/inc/lib/auth.lib.php
Unescape View File

@ -48,12 +48,12 @@ class Auth
$special_course_list = array();
if (Database::num_rows($result) > 0) {
while ($result_row = Database::fetch_array($result)) {
$special_course_list[] = '"' . $result_row['item_id'] . '"';
$special_course_list[] = '"'.$result_row['item_id'].'"';
}
}
$without_special_courses = '';
if (!empty($special_course_list)) {
$without_special_courses = ' AND course.id NOT IN (' . implode(',', $special_course_list) . ')';
$without_special_courses = ' AND course.id NOT IN ('.implode(',', $special_course_list).')';
}
// Secondly we select the courses that are in a category (user_course_cat<>0) and sort these according to the sort of the category
@ -73,8 +73,8 @@ class Auth
FROM $TABLECOURS course, $TABLECOURSUSER course_rel_user
WHERE
course.id = course_rel_user.c_id AND
course_rel_user.relation_type<>" . COURSE_RELATION_TYPE_RRHH . " AND
course_rel_user.user_id = '" . $user_id . "' $without_special_courses
course_rel_user.relation_type<>".COURSE_RELATION_TYPE_RRHH." AND
course_rel_user.user_id = '" . $user_id."' $without_special_courses
ORDER BY course_rel_user.sort ASC";
$result = Database::query($sql);
$courses = array();
@ -137,13 +137,13 @@ class Auth
$special_course_list = array();
if (Database::num_rows($result) > 0) {
while ($result_row = Database::fetch_array($result)) {
$special_course_list[] = '"' . $result_row['item_id'] . '"';
$special_course_list[] = '"'.$result_row['item_id'].'"';
}
}
$without_special_courses = '';
if (!empty($special_course_list)) {
$without_special_courses = ' AND course.id NOT IN (' . implode(',', $special_course_list) . ')';
$without_special_courses = ' AND course.id NOT IN ('.implode(',', $special_course_list).')';
}
$sql = "SELECT
@ -154,8 +154,8 @@ class Auth
$TABLECOURSUSER course_rel_user
WHERE
course.id = course_rel_user.c_id AND
course_rel_user.user_id = '" . $user_id . "' AND
course_rel_user.relation_type <> " . COURSE_RELATION_TYPE_RRHH . "
course_rel_user.user_id = '".$user_id."' AND
course_rel_user.relation_type <> " . COURSE_RELATION_TYPE_RRHH."
$without_special_courses
ORDER BY course_rel_user.user_course_cat, course_rel_user.sort ASC";
$result = Database::query($sql);
@ -183,11 +183,11 @@ class Auth
$TABLECOURSUSER = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$max_sort_value = api_max_sort_value($newcategory, $current_user);
$sql = "UPDATE $TABLECOURSUSER SET
user_course_cat='" . $newcategory . "',
sort='" . ($max_sort_value + 1) . "'
user_course_cat='".$newcategory."',
sort='" . ($max_sort_value + 1)."'
WHERE
c_id ='" . $courseId . "' AND
user_id='" . $current_user . "' AND
c_id ='" . $courseId."' AND
user_id='" . $current_user."' AND
relation_type<>" . COURSE_RELATION_TYPE_RRHH;
$resultQuery = Database::query($sql);
@ -246,18 +246,18 @@ class Auth
$targetCourseId = $targetCourseInfo['real_id'];
$sql = "UPDATE $table
SET sort='" . $target_course['sort'] . "'
SET sort='".$target_course['sort']."'
WHERE
c_id = '" . $courseId . "' AND
user_id = '" . $current_user_id . "' AND
c_id = '" . $courseId."' AND
user_id = '" . $current_user_id."' AND
relation_type<>" . COURSE_RELATION_TYPE_RRHH;
$result1 = Database::query($sql);
$sql = "UPDATE $table SET sort='" . $source_course['sort'] . "'
$sql = "UPDATE $table SET sort='".$source_course['sort']."'
WHERE
c_id ='" . $targetCourseId . "' AND
user_id='" . $current_user_id . "' AND
c_id ='" . $targetCourseId."' AND
user_id='" . $current_user_id."' AND
relation_type<>" . COURSE_RELATION_TYPE_RRHH;
$result2 = Database::query($sql);
@ -306,12 +306,12 @@ class Auth
if (count($target_category) > 0 && count($source_category) > 0) {
$table = Database::get_main_table(TABLE_USER_COURSE_CATEGORY);
$sql = "UPDATE $table SET
sort = '" . Database::escape_string($target_category['sort']) . "'
WHERE id='" . intval($source_category['id']) . "' AND user_id='" . $userId . "'";
sort = '".Database::escape_string($target_category['sort'])."'
WHERE id='" . intval($source_category['id'])."' AND user_id='".$userId."'";
$resultFirst = Database::query($sql);
$sql = "UPDATE $table SET
sort = '" . Database::escape_string($source_category['sort']) . "'
WHERE id='" . intval($target_category['id']) . "' AND user_id='" . $userId . "'";
sort = '".Database::escape_string($source_category['sort'])."'
WHERE id='" . intval($target_category['id'])."' AND user_id='".$userId."'";
$resultSecond = Database::query($sql);
if (Database::affected_rows($resultFirst) && Database::affected_rows($resultSecond)) {
$result = true;
@ -335,8 +335,8 @@ class Auth
$result = false;
$tucc = Database::get_main_table(TABLE_USER_COURSE_CATEGORY);
$sql = "UPDATE $tucc
SET title='" . api_htmlentities($title, ENT_QUOTES, api_get_system_encoding()) . "'
WHERE id='" . $category_id . "'";
SET title='".api_htmlentities($title, ENT_QUOTES, api_get_system_encoding())."'
WHERE id='" . $category_id."'";
$resultQuery = Database::query($sql);
if (Database::affected_rows($resultQuery)) {
$result = true;
@ -358,8 +358,8 @@ class Auth
$result = false;
$sql = "DELETE FROM $tucc
WHERE
id='" . $category_id . "' AND
user_id='" . $current_user_id . "'";
id='".$category_id."' AND
user_id='" . $current_user_id."'";
$resultQuery = Database::query($sql);
if (Database::affected_rows($resultQuery)) {
$result = true;
@ -367,9 +367,9 @@ class Auth
$sql = "UPDATE $TABLECOURSUSER
SET user_course_cat='0'
WHERE
user_course_cat='" . $category_id . "' AND
user_id='" . $current_user_id . "' AND
relation_type<>" . COURSE_RELATION_TYPE_RRHH . " ";
user_course_cat='".$category_id."' AND
user_id='" . $current_user_id."' AND
relation_type<>" . COURSE_RELATION_TYPE_RRHH." ";
Database::query($sql);
return $result;
@ -403,12 +403,12 @@ class Auth
if (Database::num_rows($special_course_result) > 0) {
$special_course_list = array();
while ($result_row = Database::fetch_array($special_course_result)) {
$special_course_list[] = '"' . $result_row['item_id'] . '"';
$special_course_list[] = '"'.$result_row['item_id'].'"';
}
}
$without_special_courses = '';
if (!empty($special_course_list)) {
$without_special_courses = ' AND course.code NOT IN (' . implode(',', $special_course_list) . ')';
$without_special_courses = ' AND course.code NOT IN ('.implode(',', $special_course_list).')';
}
$visibilityCondition = $justVisible ? CourseManager::getCourseVisibilitySQLCondition('course', true) : '';
@ -416,9 +416,9 @@ class Auth
$search_term_safe = Database::escape_string($search_term);
$sql_find = "SELECT * FROM $courseTable
WHERE (
code LIKE '%" . $search_term_safe . "%' OR
title LIKE '%" . $search_term_safe . "%' OR
tutor_name LIKE '%" . $search_term_safe . "%'
code LIKE '%".$search_term_safe."%' OR
title LIKE '%" . $search_term_safe."%' OR
tutor_name LIKE '%" . $search_term_safe."%'
)
$without_special_courses
$visibilityCondition
@ -436,9 +436,9 @@ class Auth
ON (url_rel_course.c_id = course.id)
WHERE
access_url_id = $url_access_id AND (
code LIKE '%" . $search_term_safe . "%' OR
title LIKE '%" . $search_term_safe . "%' OR
tutor_name LIKE '%" . $search_term_safe . "%'
code LIKE '%".$search_term_safe."%' OR
title LIKE '%" . $search_term_safe."%' OR
tutor_name LIKE '%" . $search_term_safe."%'
)
$without_special_courses
$visibilityCondition
@ -500,8 +500,8 @@ class Auth
// (s)he can only delete the course
$sql = "SELECT * FROM $tbl_course_user
WHERE
user_id='" . $current_user_id . "' AND
c_id ='" . $courseId . "' AND
user_id='".$current_user_id."' AND
c_id ='" . $courseId."' AND
status='1' ";
$result_check = Database::query($sql);
$number_of_rows = Database::num_rows($result_check);
@ -530,7 +530,7 @@ class Auth
// step 1: we determine the max value of the user defined course categories
$sql = "SELECT sort FROM $tucc
WHERE user_id='" . $current_user_id . "'
WHERE user_id='".$current_user_id."'
ORDER BY sort DESC";
$rs_sort = Database::query($sql);
$maxsort = Database::fetch_array($rs_sort);
@ -539,13 +539,13 @@ class Auth
// step 2: we check if there is already a category with this name, if not we store it, else we give an error.
$sql = "SELECT * FROM $tucc
WHERE
user_id='" . $current_user_id . "' AND
title='" . $category_title . "'
user_id='".$current_user_id."' AND
title='" . $category_title."'
ORDER BY sort DESC";
$rs = Database::query($sql);
if (Database::num_rows($rs) == 0) {
$sql = "INSERT INTO $tucc (user_id, title,sort)
VALUES ('" . $current_user_id . "', '" . api_htmlentities($category_title, ENT_QUOTES, api_get_system_encoding()) . "', '" . $nextsort . "')";
VALUES ('".$current_user_id."', '".api_htmlentities($category_title, ENT_QUOTES, api_get_system_encoding())."', '".$nextsort."')";
$resultQuery = Database::query($sql);
if (Database::affected_rows($resultQuery)) {
$result = true;
@ -639,10 +639,10 @@ class Auth
) {
return false;
}
$message = get_lang('CourseRequiresPassword') . '<br />';
$message = get_lang('CourseRequiresPassword').'<br />';
$message .= $all_course_information['title'].' ('.$all_course_information['visual_code'].') ';
$action = api_get_path(WEB_CODE_PATH) . "auth/courses.php?action=subscribe_user_with_password&sec_token=" . $_SESSION['sec_token'];
$action = api_get_path(WEB_CODE_PATH)."auth/courses.php?action=subscribe_user_with_password&sec_token=".$_SESSION['sec_token'];
$form = new FormValidator('subscribe_user_with_password', 'post', $action);
$form->addElement('hidden', 'sec_token', $_SESSION['sec_token']);
$form->addElement('hidden', 'subscribe_user_with_password', $all_course_information['code']);

21
main/inc/lib/database.lib.php
Unescape View File

@ -115,8 +115,7 @@ class Database
*/
public static function getUTCDateTimeTypeClass()
{
return isset(self::$utcDateTimeClass) ? self::$utcDateTimeClass :
'Application\DoctrineExtensions\DBAL\Types\UTCDateTimeType';
return isset(self::$utcDateTimeClass) ? self::$utcDateTimeClass : 'Application\DoctrineExtensions\DBAL\Types\UTCDateTimeType';
}
/**
@ -163,7 +162,7 @@ class Database
);*/
AnnotationRegistry::registerLoader(
function ($class) use ($sysPath) {
function($class) use ($sysPath) {
$file = str_replace("\\", DIRECTORY_SEPARATOR, $class).".php";
$file = str_replace('Symfony/Component/Validator', '', $file);
$file = $sysPath.'vendor/symfony/validator'.$file;
@ -432,7 +431,7 @@ class Database
if (!empty($params)) {
$sql = 'INSERT INTO '.$table_name.' ('.implode(',', $params).')
VALUES (:'.implode(', :' ,$params).')';
VALUES (:'.implode(', :', $params).')';
$statement = self::getManager()->getConnection()->prepare($sql);
$result = $statement->execute($attributes);
@ -471,11 +470,11 @@ class Database
foreach ($attributes as $key => $value) {
if ($showQuery) {
echo $key . ': ' . $value . PHP_EOL;
echo $key.': '.$value.PHP_EOL;
}
$updateSql .= "$key = :$key ";
if ($count < count($attributes)) {
$updateSql.= ', ';
$updateSql .= ', ';
}
$count++;
}
@ -530,7 +529,7 @@ class Database
if ($columns == '*') {
$clean_columns = '*';
} else {
$clean_columns = (string)$columns;
$clean_columns = (string) $columns;
}
}
@ -577,7 +576,7 @@ class Database
$clean_values = array();
foreach ($value_array as $item) {
$item = self::escape_string($item);
$clean_values[]= $item;
$clean_values[] = $item;
}
} else {
$value_array = self::escape_string($value_array);
@ -601,7 +600,7 @@ class Database
}
if (!empty($where_return)) {
$return_value = " WHERE $where_return" ;
$return_value = " WHERE $where_return";
}
break;
case 'order':
@ -624,10 +623,10 @@ class Database
if (in_array($element[1], array('desc', 'asc'))) {
$order = $element[1];
}
$temp_value[]= $element[0].' '.$order.' ';
$temp_value[] = $element[0].' '.$order.' ';
} else {
//by default DESC
$temp_value[]= $element[0].' DESC ';
$temp_value[] = $element[0].' DESC ';
}
}
if (!empty($temp_value)) {

90
main/inc/lib/extra_field.lib.php
Unescape View File

@ -27,19 +27,19 @@ class ExtraField extends Model
);
public $ops = array(
'eq' => '=', //equal
'ne' => '<>', //not equal
'lt' => '<', //less than
'le' => '<=', //less than or equal
'gt' => '>', //greater than
'ge' => '>=', //greater than or equal
'bw' => 'LIKE', //begins with
'eq' => '=', //equal
'ne' => '<>', //not equal
'lt' => '<', //less than
'le' => '<=', //less than or equal
'gt' => '>', //greater than
'ge' => '>=', //greater than or equal
'bw' => 'LIKE', //begins with
'bn' => 'NOT LIKE', //doesn't begin with
'in' => 'LIKE', //is in
'in' => 'LIKE', //is in
'ni' => 'NOT LIKE', //is not in
'ew' => 'LIKE', //ends with
'ew' => 'LIKE', //ends with
'en' => 'NOT LIKE', //doesn't end with
'cn' => 'LIKE', //contains
'cn' => 'LIKE', //contains
'nc' => 'NOT LIKE' //doesn't contain
);
@ -392,7 +392,7 @@ class ExtraField extends Model
*/
public static function get_extra_fields_by_handler($handler)
{
$types= array();
$types = array();
$types[self::FIELD_TYPE_TEXT] = get_lang('FieldTypeText');
$types[self::FIELD_TYPE_TEXTAREA] = get_lang('FieldTypeTextarea');
$types[self::FIELD_TYPE_RADIO] = get_lang('FieldTypeRadio');
@ -1086,7 +1086,7 @@ class ExtraField extends Model
// chzn-select doesn't work for sessions??
$form->addElement(
'select',
'extra_' . $field_details['variable'],
'extra_'.$field_details['variable'],
$field_details['display_text'],
$options,
array('id' => 'extra_'.$field_details['variable'])
@ -1211,7 +1211,7 @@ class ExtraField extends Model
}
});';
$first_id = null;
$first_id = null;
if (!empty($extraData)) {
if (isset($extraData['extra_'.$field_details['variable']])) {
$first_id = $extraData['extra_'.$field_details['variable']]['extra_'.$field_details['variable']];
@ -1267,7 +1267,7 @@ class ExtraField extends Model
<div class="form-group ">
<div class="col-sm-12">
<div class="panel-separator">
<h4 id="' . $field_details['variable'] . '" class="form-separator">' . $field_details['display_text'] . '</h4>
<h4 id="' . $field_details['variable'].'" class="form-separator">'.$field_details['display_text'].'</h4>
</div>
</div>
</div>
@ -1463,9 +1463,9 @@ EOF;
];
if (is_array($extraData) && array_key_exists($fieldVariable, $extraData)) {
if (file_exists(api_get_path(SYS_UPLOAD_PATH) . $extraData[$fieldVariable])) {
if (file_exists(api_get_path(SYS_UPLOAD_PATH).$extraData[$fieldVariable])) {
$fieldTexts[] = Display::img(
api_get_path(WEB_UPLOAD_PATH) . $extraData[$fieldVariable],
api_get_path(WEB_UPLOAD_PATH).$extraData[$fieldVariable],
$field_details['display_text'],
['width' => '300']
);
@ -1488,7 +1488,7 @@ EOF;
$allowed_picture_types = ['jpg', 'jpeg', 'png', 'gif'];
$form->addRule(
'extra_'.$field_details['variable'],
get_lang('OnlyImagesAllowed') . ' ('.implode(',', $allowed_picture_types).')',
get_lang('OnlyImagesAllowed').' ('.implode(',', $allowed_picture_types).')',
'filetype',
$allowed_picture_types
);
@ -1522,10 +1522,10 @@ EOF;
if (is_array($extraData) &&
array_key_exists($fieldVariable, $extraData)
) {
if (file_exists(api_get_path(SYS_UPLOAD_PATH) . $extraData[$fieldVariable])) {
if (file_exists(api_get_path(SYS_UPLOAD_PATH).$extraData[$fieldVariable])) {
$fieldTexts[] = Display::url(
api_get_path(WEB_UPLOAD_PATH) . $extraData[$fieldVariable],
api_get_path(WEB_UPLOAD_PATH) . $extraData[$fieldVariable],
api_get_path(WEB_UPLOAD_PATH).$extraData[$fieldVariable],
api_get_path(WEB_UPLOAD_PATH).$extraData[$fieldVariable],
array(
'title' => $field_details['display_text'],
'target' => '_blank'
@ -1564,7 +1564,7 @@ EOF;
"extra_{$field_details['variable']}",
$field_details['display_text']
);
$form->applyFilter('extra_' . $field_details['variable'], 'stripslashes');
$form->applyFilter('extra_'.$field_details['variable'], 'stripslashes');
if ($freezeElement) {
$form->freeze('extra_'.$field_details['variable']);
@ -1576,7 +1576,7 @@ EOF;
$field_details['display_text']
);
$form->applyFilter(
'extra_' . $field_details['variable'],
'extra_'.$field_details['variable'],
'stripslashes'
);
if ($freezeElement) {
@ -1588,7 +1588,7 @@ EOF;
"extra_{$field_details['variable']}",
$field_details['display_text']
);
$form->applyFilter('extra_' . $field_details['variable'], 'stripslashes');
$form->applyFilter('extra_'.$field_details['variable'], 'stripslashes');
if ($freezeElement) {
$form->freeze('extra_'.$field_details['variable']);
@ -1600,7 +1600,7 @@ EOF;
$field_details['display_text']
);
$form->applyFilter(
'extra_' . $field_details['variable'],
'extra_'.$field_details['variable'],
'stripslashes'
);
if ($freezeElement) {
@ -1627,7 +1627,7 @@ EOF;
'<script>
$(document).ready(function() {
if (typeof google === "object") {
var address = "' . $dataValue . '";
var address = "' . $dataValue.'";
initializeGeo'.$field_details['variable'].'(address, false);
$("#geolocalization_extra_'.$field_details['variable'].'").on("click", function() {
@ -1649,7 +1649,7 @@ EOF;
});
} else {
$("#map_extra_'.$field_details['variable'].'").html("<div class=\"alert alert-info\">' . get_lang('YouNeedToActivateTheGoogleMapsPluginInAdminPlatformToSeeTheMap') . '</div>");
$("#map_extra_'.$field_details['variable'].'").html("<div class=\"alert alert-info\">'.get_lang('YouNeedToActivateTheGoogleMapsPluginInAdminPlatformToSeeTheMap').'</div>");
}
});
@ -1663,7 +1663,7 @@ EOF;
};
var geoError = function(error) {
alert("Geocode ' . get_lang('Error') . ': " + error);
alert("Geocode ' . get_lang('Error').': " + error);
};
var geoOptions = {
@ -1714,11 +1714,11 @@ EOF;
infowindow.open(map_'.$field_details['variable'].', marker);
});
} else {
alert("' . get_lang("NotFound") . '");
alert("' . get_lang("NotFound").'");
}
} else {
alert("Geocode ' . get_lang('Error') . ': ' . get_lang("AddressField") . ' ' . get_lang("NotFound") . '");
alert("Geocode ' . get_lang('Error').': '.get_lang("AddressField").' '.get_lang("NotFound").'");
}
});
}
@ -1778,8 +1778,8 @@ EOF;
$(document).ready(function() {
if (typeof google === "object") {
var lat = "' . $lat . '";
var lng = "' . $lng . '";
var lat = "' . $lat.'";
var lng = "' . $lng.'";
var latLng = new google.maps.LatLng(lat, lng);
initializeGeo'.$field_details['variable'].'(false, latLng);
@ -1804,7 +1804,7 @@ EOF;
}
});
} else {
$("#map_extra_'.$field_details['variable'].'").html("<div class=\"alert alert-info\">' . get_lang('YouNeedToActivateTheGoogleMapsPluginInAdminPlatformToSeeTheMap') . '</div>");
$("#map_extra_'.$field_details['variable'].'").html("<div class=\"alert alert-info\">'.get_lang('YouNeedToActivateTheGoogleMapsPluginInAdminPlatformToSeeTheMap').'</div>");
}
});
@ -1819,7 +1819,7 @@ EOF;
};
var geoError = function(error) {
alert("Geocode ' . get_lang('Error') . ': " + error);
alert("Geocode ' . get_lang('Error').': " + error);
};
var geoOptions = {
@ -1870,11 +1870,11 @@ EOF;
infowindow.open(map_'.$field_details['variable'].', marker);
});
} else {
alert("' . get_lang("NotFound") . '");
alert("' . get_lang("NotFound").'");
}
} else {
alert("Geocode ' . get_lang('Error') . ': " + status);
alert("Geocode ' . get_lang('Error').': " + status);
}
});
}
@ -2069,7 +2069,7 @@ EOF;
$form->addElement('header', $header);
if ($action == 'edit') {
$translateUrl = api_get_path(WEB_CODE_PATH) . 'extrafield/translate.php?' . http_build_query([
$translateUrl = api_get_path(WEB_CODE_PATH).'extrafield/translate.php?'.http_build_query([
'extra_field' => $id
]);
$translateButton = Display::toolbarButton(get_lang('TranslateThisTerm'), $translateUrl, 'language', 'link');
@ -2408,7 +2408,7 @@ JAVASCRIPT;
foreach ($extra_fields as $extra_info) {
$extra_field_info = $extra_info['extra_field_info'];
$inject_joins .= " INNER JOIN $this->table_field_values fv$counter
ON (s." . $this->primaryKey . " = fv$counter." . $this->handler_id . ") ";
ON (s.".$this->primaryKey." = fv$counter.".$this->handler_id.") ";
// Add options
if (isset($extra_field_info['field_type']) && in_array(
$extra_field_info['field_type'],
@ -2421,7 +2421,7 @@ JAVASCRIPT;
) {
$options['where'] = str_replace(
$extra_info['field'],
'fv' . $counter . '.field_id = ' . $extra_info['id'] . ' AND fvo' . $counter . '.option_value',
'fv'.$counter.'.field_id = '.$extra_info['id'].' AND fvo'.$counter.'.option_value',
$options['where']
);
$inject_joins .= "
@ -2436,13 +2436,13 @@ JAVASCRIPT;
) {
$options['where'] = str_replace(
$extra_info['field'],
'tag' . $counter . '.tag ',
'tag'.$counter.'.tag ',
$options['where']
);
$inject_joins .= "
INNER JOIN $this->table_field_rel_tag tag_rel$counter
ON (tag_rel$counter.field_id = ".$extra_info['id']." AND tag_rel$counter.item_id = s." . $this->primaryKey.")
ON (tag_rel$counter.field_id = ".$extra_info['id']." AND tag_rel$counter.item_id = s.".$this->primaryKey.")
INNER JOIN $this->table_field_tag tag$counter
ON (tag$counter.id = tag_rel$counter.tag_id)
";
@ -2648,19 +2648,19 @@ JAVASCRIPT;
break;
}
if (!file_exists(api_get_path(SYS_UPLOAD_PATH) . $valueData['value'])) {
if (!file_exists(api_get_path(SYS_UPLOAD_PATH).$valueData['value'])) {
break;
}
$image = Display::img(
api_get_path(WEB_UPLOAD_PATH) . $valueData['value'],
api_get_path(WEB_UPLOAD_PATH).$valueData['value'],
$field['display_text'],
array('width' => '300')
);
$displayedValue = Display::url(
$image,
api_get_path(WEB_UPLOAD_PATH) . $valueData['value'],
api_get_path(WEB_UPLOAD_PATH).$valueData['value'],
array('target' => '_blank')
);
break;
@ -2669,13 +2669,13 @@ JAVASCRIPT;
break;
}
if (!file_exists(api_get_path(SYS_UPLOAD_PATH) . $valueData['value'])) {
if (!file_exists(api_get_path(SYS_UPLOAD_PATH).$valueData['value'])) {
break;
}
$displayedValue = Display::url(
get_lang('Download'),
api_get_path(WEB_UPLOAD_PATH) . $valueData['value'],
api_get_path(WEB_UPLOAD_PATH).$valueData['value'],
array(
'title' => $field['display_text'],
'target' => '_blank'

78
main/inc/lib/login.lib.php
Unescape View File

@ -36,24 +36,24 @@ class Login
if ($by_username) {
$secret_word = self::get_secret_word($user['email']);
if ($reset) {
$reset_link = $portal_url . "main/auth/lostPassword.php?reset=" . $secret_word . "&id=" . $user['uid'];
$reset_link = $portal_url."main/auth/lostPassword.php?reset=".$secret_word."&id=".$user['uid'];
} else {
$reset_link = get_lang('Pass') . " : $user[password]";
$reset_link = get_lang('Pass')." : $user[password]";
}
$user_account_list = get_lang('YourRegistrationData') . " : \n" . get_lang('UserName') . ' : ' . $user['loginName'] . "\n" . get_lang('ResetLink') . ' : ' . $reset_link . '';
$user_account_list = get_lang('YourRegistrationData')." : \n".get_lang('UserName').' : '.$user['loginName']."\n".get_lang('ResetLink').' : '.$reset_link.'';
if ($user_account_list) {
$user_account_list = "\n-----------------------------------------------\n" . $user_account_list;
$user_account_list = "\n-----------------------------------------------\n".$user_account_list;
}
} else {
foreach ($user as $this_user) {
$secret_word = self::get_secret_word($this_user['email']);
if ($reset) {
$reset_link = $portal_url . "main/auth/lostPassword.php?reset=" . $secret_word . "&id=" . $this_user['uid'];
$reset_link = $portal_url."main/auth/lostPassword.php?reset=".$secret_word."&id=".$this_user['uid'];
} else {
$reset_link = get_lang('Pass') . " : $this_user[password]";
$reset_link = get_lang('Pass')." : $this_user[password]";
}
$user_account_list[] = get_lang('YourRegistrationData') . " : \n" . get_lang('UserName') . ' : ' . $this_user['loginName'] . "\n" . get_lang('ResetLink') . ' : ' . $reset_link . '';
$user_account_list[] = get_lang('YourRegistrationData')." : \n".get_lang('UserName').' : '.$this_user['loginName']."\n".get_lang('ResetLink').' : '.$reset_link.'';
}
if ($user_account_list) {
$user_account_list = implode("\n-----------------------------------------------\n", $user_account_list);
@ -63,8 +63,8 @@ class Login
if (!$by_username) {
$user = $user[0];
}
$reset_link = get_lang('Pass') . " : $user[password]";
$user_account_list = get_lang('YourRegistrationData') . " : \n" . get_lang('UserName') . ' : ' . $user['loginName'] . "\n" . $reset_link . '';
$reset_link = get_lang('Pass')." : $user[password]";
$user_account_list = get_lang('YourRegistrationData')." : \n".get_lang('UserName').' : '.$user['loginName']."\n".$reset_link.'';
}
return $user_account_list;
}
@ -77,7 +77,7 @@ class Login
*/
public static function send_password_to_user($user, $by_username = false)
{
$email_subject = "[" . api_get_setting('siteName') . "] " . get_lang('LoginRequest'); // SUBJECT
$email_subject = "[".api_get_setting('siteName')."] ".get_lang('LoginRequest'); // SUBJECT
if ($by_username) { // Show only for lost password
$user_account_list = self::get_user_account_list($user, false, $by_username); // BODY
@ -96,7 +96,7 @@ class Login
}
}
$email_body = get_lang('YourAccountParam') . " " . $portal_url . "\n\n$user_account_list";
$email_body = get_lang('YourAccountParam')." ".$portal_url."\n\n$user_account_list";
// SEND MESSAGE
$sender_name = api_get_person_name(
api_get_setting('administratorName'),
@ -135,7 +135,7 @@ class Login
*/
public static function handle_encrypted_password($user, $by_username = false)
{
$email_subject = "[" . api_get_setting('siteName') . "] " . get_lang('LoginRequest'); // SUBJECT
$email_subject = "[".api_get_setting('siteName')."] ".get_lang('LoginRequest'); // SUBJECT
if ($by_username) {
// Show only for lost password
@ -145,11 +145,11 @@ class Login
$user_account_list = self::get_user_account_list($user, true); // BODY
$email_to = $user[0]['email'];
}
$email_body = get_lang('DearUser') . " :\n" . get_lang('password_request') . "\n";
$email_body .= $user_account_list . "\n-----------------------------------------------\n\n";
$email_body = get_lang('DearUser')." :\n".get_lang('password_request')."\n";
$email_body .= $user_account_list."\n-----------------------------------------------\n\n";
$email_body .= get_lang('PasswordEncryptedForSecurity');
$email_body .= "\n\n" . get_lang('SignatureFormula') . ",\n" . api_get_setting('administratorName') . " " . api_get_setting('administratorSurname') . "\n" . get_lang('PlataformAdmin') . " - " . api_get_setting('siteName');
$email_body .= "\n\n".get_lang('SignatureFormula').",\n".api_get_setting('administratorName')." ".api_get_setting('administratorSurname')."\n".get_lang('PlataformAdmin')." - ".api_get_setting('siteName');
$sender_name = api_get_person_name(
api_get_setting('administratorName'),
@ -243,7 +243,7 @@ class Login
password,
email,
auth_source
FROM " . $tbl_user . "
FROM " . $tbl_user."
WHERE user_id = $id";
$result = Database::query($sql);
$num_rows = Database::num_rows($result);
@ -302,7 +302,7 @@ class Login
ON user.user_id = a.user_id
LEFT JOIN $track_e_login login
ON user.user_id = login.login_user_id
WHERE user.user_id = '" . $_user['user_id'] . "'
WHERE user.user_id = '".$_user['user_id']."'
ORDER BY login.login_date DESC LIMIT 1";
$result = Database::query($sql);
@ -332,7 +332,7 @@ class Login
Session::write('is_platformAdmin', $is_platformAdmin);
Session::write('is_allowedCreateCourse', $is_allowedCreateCourse);
} else {
header('location:' . api_get_path(WEB_PATH));
header('location:'.api_get_path(WEB_PATH));
//exit("WARNING UNDEFINED UID !! ");
}
} else { // no uid => logout or Anonymous
@ -378,9 +378,9 @@ class Login
global $_course;
global $_real_cid;
global $is_courseAdmin; //course teacher
global $is_courseTutor; //course teacher - some rights
global $is_courseCoach; //course coach
global $is_courseAdmin; //course teacher
global $is_courseTutor; //course teacher - some rights
global $is_courseCoach; //course coach
global $is_courseMember; //course student
global $is_sessionAdmin;
global $is_allowed_in_course;
@ -437,7 +437,7 @@ class Login
if (!empty($_GET['id_session'])) {
$_SESSION['id_session'] = intval($_GET['id_session']);
$sql = 'SELECT name FROM ' . $tbl_session . ' WHERE id="' . intval($_SESSION['id_session']) . '"';
$sql = 'SELECT name FROM '.$tbl_session.' WHERE id="'.intval($_SESSION['id_session']).'"';
$rs = Database::query($sql);
if ($rs != null) {
list($_SESSION['session_name']) = Database::fetch_array($rs);
@ -455,7 +455,7 @@ class Login
}
} else {
//exit("WARNING UNDEFINED CID !! ");
header('location:' . api_get_path(WEB_PATH));
header('location:'.api_get_path(WEB_PATH));
}
} else {
Session::erase('_cid');
@ -482,7 +482,7 @@ class Login
} else {
// Continue with the previous values
if (empty($_SESSION['_course']) OR empty($_SESSION['_cid'])) { //no previous values...
$_cid = -1; //set default values that will be caracteristic of being unset
$_cid = -1; //set default values that will be caracteristic of being unset
$_course = -1;
} else {
$_cid = $_SESSION['_cid'];
@ -492,7 +492,7 @@ class Login
// Moreover, if we want to track a course with another session it can be usefull
if (!empty($_GET['id_session'])) {
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$sql = 'SELECT name FROM ' . $tbl_session . ' WHERE id="' . intval($_SESSION['id_session']) . '"';
$sql = 'SELECT name FROM '.$tbl_session.' WHERE id="'.intval($_SESSION['id_session']).'"';
$rs = Database::query($sql);
if ($rs != null) {
list($_SESSION['session_name']) = Database::fetch_array($rs);
@ -534,9 +534,9 @@ class Login
//But only if the login date is < than now + max_life_time
$sql = "SELECT course_access_id FROM $course_tracking_table
WHERE
user_id = " . intval($_user ['user_id']) . " AND
user_id = ".intval($_user ['user_id'])." AND
c_id = '".api_get_course_int_id()."' AND
session_id = " . api_get_session_id() . " AND
session_id = " . api_get_session_id()." AND
login_course_date > now() - INTERVAL $session_lifetime SECOND
ORDER BY login_course_date DESC LIMIT 0,1";
$result = Database::query($sql);
@ -546,11 +546,11 @@ class Login
//We update the course tracking table
$sql = "UPDATE $course_tracking_table
SET logout_course_date = '$time', counter = counter+1
WHERE course_access_id = " . intval($i_course_access_id) . " AND session_id = " . api_get_session_id();
WHERE course_access_id = ".intval($i_course_access_id)." AND session_id = ".api_get_session_id();
Database::query($sql);
} else {
$sql = "INSERT INTO $course_tracking_table (c_id, user_id, login_course_date, logout_course_date, counter, session_id)" .
"VALUES('" . api_get_course_int_id() . "', '" . $_user['user_id'] . "', '$time', '$time', '1','" . api_get_session_id() . "')";
$sql = "INSERT INTO $course_tracking_table (c_id, user_id, login_course_date, logout_course_date, counter, session_id)".
"VALUES('".api_get_course_int_id()."', '".$_user['user_id']."', '$time', '$time', '1','".api_get_session_id()."')";
Database::query($sql);
}
}
@ -577,8 +577,8 @@ class Login
$course_user_table = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$sql = "SELECT * FROM $course_user_table
WHERE
user_id = '" . $user_id . "' AND
relation_type <> " . COURSE_RELATION_TYPE_RRHH . " AND
user_id = '".$user_id."' AND
relation_type <> " . COURSE_RELATION_TYPE_RRHH." AND
c_id = '".$_real_cid."'";
$result = Database::query($sql);
@ -599,8 +599,8 @@ class Login
);
if (!$user_is_subscribed) {
$url = api_get_path(WEB_CODE_PATH) . 'course_info/legal.php?course_code=' . $_course['code'] . '&session_id=' . $session_id;
header('Location: ' . $url);
$url = api_get_path(WEB_CODE_PATH).'course_info/legal.php?course_code='.$_course['code'].'&session_id='.$session_id;
header('Location: '.$url);
exit;
}
}
@ -641,11 +641,11 @@ class Login
} else {
//Im a coach or a student?
$sql = "SELECT user_id, status
FROM " . $tbl_session_course_user . "
FROM " . $tbl_session_course_user."
WHERE
c_id = '$_cid' AND
user_id = '" . $user_id . "' AND
session_id = '" . $session_id . "'
user_id = '".$user_id."' AND
session_id = '" . $session_id."'
LIMIT 1";
$result = Database::query($sql);
@ -790,7 +790,7 @@ class Login
if ($reset) { // session data refresh requested
if ($group_id && $_cid && !empty($_course['real_id'])) { // have keys to search data
$group_table = Database::get_course_table(TABLE_GROUP);
$sql = "SELECT * FROM $group_table WHERE c_id = " . $_course['real_id'] . " AND id = '$group_id'";
$sql = "SELECT * FROM $group_table WHERE c_id = ".$_course['real_id']." AND id = '$group_id'";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) { // This group has recorded status related to this course
$gpData = Database::fetch_array($result);
@ -843,7 +843,7 @@ class Login
*/
public static function get_user_accounts_by_username($username)
{
if (strpos($username,'@')){
if (strpos($username, '@')) {
$username = api_strtolower($username);
$email = true;
} else {

8
main/inc/lib/search/ChamiloIndexer.class.php
Unescape View File

@ -47,7 +47,7 @@ class ChamiloIndexer extends XapianIndexer
return false;
}
require_once api_get_path(LIBRARY_PATH) . 'search/xapian/XapianQuery.php';
require_once api_get_path(LIBRARY_PATH).'search/xapian/XapianQuery.php';
// compare terms
$doc = $this->get_document($search_did);
@ -64,10 +64,10 @@ class ChamiloIndexer extends XapianIndexer
// save it to search engine
foreach ($missing_terms as $term) {
$this->add_term_to_doc($prefix . $term, $doc);
$this->add_term_to_doc($prefix.$term, $doc);
}
foreach ($deprecated_terms as $term) {
$this->remove_term_from_doc($prefix . $term, $doc);
$this->remove_term_from_doc($prefix.$term, $doc);
}
// don't do anything if no change
@ -84,7 +84,7 @@ class ChamiloIndexer extends XapianIndexer
*/
function get_terms_on_db($prefix, $course_code, $tool_id, $ref_id)
{
require_once api_get_path(LIBRARY_PATH) . 'specific_fields_manager.lib.php';
require_once api_get_path(LIBRARY_PATH).'specific_fields_manager.lib.php';
$terms = get_specific_field_values_list_by_prefix($prefix, $course_code, $tool_id, $ref_id);
$prefix_terms = array();
foreach ($terms as $term) {

134
main/inc/lib/search/search_widget.php
Unescape View File

@ -29,13 +29,13 @@ function search_widget_prepare(&$htmlHeadXtra) {
/**
* Get one term html select
*/
function format_one_specific_field_select($prefix, $sf_term_array, $op, $extra_select_attr='size="7" class="sf-select-multiple"') {
function format_one_specific_field_select($prefix, $sf_term_array, $op, $extra_select_attr = 'size="7" class="sf-select-multiple"') {
global $charset;
$multiple_select = '<select '. $extra_select_attr .' title="'. $prefix .'" id="sf-'. $prefix .'" name="sf_'. $prefix .'[]">';
$multiple_select = '<select '.$extra_select_attr.' title="'.$prefix.'" id="sf-'.$prefix.'" name="sf_'.$prefix.'[]">';
$all_selected = '';
if (!empty($_REQUEST['sf_'. $prefix]) ) {
if (in_array('__all__', $_REQUEST['sf_'. $prefix])) {
if (!empty($_REQUEST['sf_'.$prefix])) {
if (in_array('__all__', $_REQUEST['sf_'.$prefix])) {
$all_selected = 'selected="selected"';
}
}
@ -44,17 +44,17 @@ function format_one_specific_field_select($prefix, $sf_term_array, $op, $extra_s
} else if ($op == 'or') {
$all_selected_name = get_lang('Any');
}
$multiple_select .= '<option value="__all__" '. $all_selected .' >-- '. $all_selected_name .' --</option>';
$multiple_select .= '<option value="__all__" '.$all_selected.' >-- '.$all_selected_name.' --</option>';
foreach ($sf_term_array as $raw_term) {
$term = substr($raw_term, 1);
if (empty($term)) continue;
$html_term = htmlspecialchars($term, ENT_QUOTES, $charset);
$selected = '';
if (!empty($_REQUEST['sf_'.$prefix]) && is_array($_REQUEST['sf_'.$prefix]) && in_array($term,$_REQUEST['sf_'.$prefix])) {
if (!empty($_REQUEST['sf_'.$prefix]) && is_array($_REQUEST['sf_'.$prefix]) && in_array($term, $_REQUEST['sf_'.$prefix])) {
$selected = 'selected="selected"';
}
$multiple_select .= '<option value="'. $html_term .'" '.$selected.'>'. $html_term .'</option>';
$multiple_select .= '<option value="'.$html_term.'" '.$selected.'>'.$html_term.'</option>';
}
$multiple_select .= '</select>';
return $multiple_select;
@ -63,15 +63,15 @@ function format_one_specific_field_select($prefix, $sf_term_array, $op, $extra_s
/**
* Get terms html selects
*/
function format_specific_fields_selects($sf_terms, $op, $prefilter_prefix='') {
function format_specific_fields_selects($sf_terms, $op, $prefilter_prefix = '') {
// Process each prefix type term
$i = 0;
$max = count($sf_terms);
$multiple_selects ='';
$multiple_selects = '';
foreach ($sf_terms as $prefix => $sf_term_array) {
if ($prefix == $prefilter_prefix) continue;
$multiple_select = '';
if ($i>0) {
if ($i > 0) {
//print "+" image
$multiple_select .= '<td><img class="sf-select-splitter" src="../img/search-big-plus.gif" alt="plus-sign-decoration"/></td>';
}
@ -89,9 +89,9 @@ function format_specific_fields_selects($sf_terms, $op, $prefilter_prefix='') {
$sf_copy = $sf_term_array;
// get specific field name
$sf_value = get_specific_field_list(array( 'code' => "'$prefix'" ));
$sf_value = get_specific_field_list(array('code' => "'$prefix'"));
$sf_value = array_shift($sf_value);
$multiple_select .= '<td><label class="sf-select-multiple-title" for="sf_'. $prefix .'[]">' . $sf_value['name'].'</label><br />';
$multiple_select .= '<td><label class="sf-select-multiple-title" for="sf_'.$prefix.'[]">'.$sf_value['name'].'</label><br />';
$multiple_select .= format_one_specific_field_select($prefix, $sf_term_array, $op, 'multiple="multiple" size="7" class="sf-select-multiple"');
$multiple_select .= '</td>';
$multiple_selects .= $multiple_select;
@ -107,11 +107,11 @@ function format_specific_fields_selects($sf_terms, $op, $prefilter_prefix='') {
*/
function search_widget_normal_form($action, $show_thesaurus, $sf_terms, $op) {
$thesaurus_icon = Display::return_icon('thesaurus.gif', get_lang('SearchAdvancedOptions'), array('id'=>'thesaurus-icon'));
$advanced_options = '<a id="tags-toggle" href="#">'. get_lang('SearchAdvancedOptions') .'</a>';
$display_thesaurus = ($show_thesaurus==true? 'block': 'none');
$help = '<h3>'. get_lang('SearchKeywordsHelpTitle') .'</h3>'. get_lang('SearchKeywordsHelpComment');
$mode = (!empty($_REQUEST['mode'])? htmlentities($_REQUEST['mode']): 'gallery');
$type = (!empty($_REQUEST['type'])? htmlentities($_REQUEST['type']): 'normal');
$advanced_options = '<a id="tags-toggle" href="#">'.get_lang('SearchAdvancedOptions').'</a>';
$display_thesaurus = ($show_thesaurus == true ? 'block' : 'none');
$help = '<h3>'.get_lang('SearchKeywordsHelpTitle').'</h3>'.get_lang('SearchKeywordsHelpComment');
$mode = (!empty($_REQUEST['mode']) ? htmlentities($_REQUEST['mode']) : 'gallery');
$type = (!empty($_REQUEST['type']) ? htmlentities($_REQUEST['type']) : 'normal');
/**
* POST avoid long urls, but we are using GET because
@ -119,36 +119,36 @@ function search_widget_normal_form($action, $show_thesaurus, $sf_terms, $op) {
* could not send a form in pagination
*/
if (isset($_GET['action']) && strcmp(trim($_GET['action']),'search')===0) {
$action='index.php';
if (isset($_GET['action']) && strcmp(trim($_GET['action']), 'search') === 0) {
$action = 'index.php';
}
$navigator_info = api_get_navigator();
if ($navigator_info['name']=='Internet Explorer' && $navigator_info['version']=='6') {
$submit_button1 = '<input type="submit" id="submit" value="'. get_lang('Search') .'" />';
$submit_button2 = '<input class="lower-submit" type="submit" value="'. get_lang('Search') .'" />';
$reset_button = '<input type="submit" id="tags-clean" value="'. get_lang('SearchResetKeywords') .'" />';
if ($navigator_info['name'] == 'Internet Explorer' && $navigator_info['version'] == '6') {
$submit_button1 = '<input type="submit" id="submit" value="'.get_lang('Search').'" />';
$submit_button2 = '<input class="lower-submit" type="submit" value="'.get_lang('Search').'" />';
$reset_button = '<input type="submit" id="tags-clean" value="'.get_lang('SearchResetKeywords').'" />';
} else {
$submit_button1 = '<button class="search" type="submit" id="submit" value="'. get_lang("Search") .'" /> '. get_lang('Search') .'</button>';
$submit_button2 = '<button class="search" type="submit" value="'. get_lang('Search') .'" />'. get_lang('Search') .'</button>';
$reset_button = '<button class="save" type="submit" id="tags-clean" value="'. get_lang('SearchResetKeywords') .'" />'. get_lang('SearchResetKeywords') .'</button> ';
$submit_button1 = '<button class="search" type="submit" id="submit" value="'.get_lang("Search").'" /> '.get_lang('Search').'</button>';
$submit_button2 = '<button class="search" type="submit" value="'.get_lang('Search').'" />'.get_lang('Search').'</button>';
$reset_button = '<button class="save" type="submit" id="tags-clean" value="'.get_lang('SearchResetKeywords').'" />'.get_lang('SearchResetKeywords').'</button> ';
}
$query = isset($_REQUEST['query']) ? Security::remove_XSS($_REQUEST['query']) : null;
$form = '<form id="chamilo_search" action="'. $action .'" method="GET">
<input type="text" id="query" name="query" size="40" value="' . $query . '" />
<input type="hidden" name="mode" value="'. $mode .'"/>
<input type="hidden" name="type" value="'. $type .'"/>
$form = '<form id="chamilo_search" action="'.$action.'" method="GET">
<input type="text" id="query" name="query" size="40" value="' . $query.'" />
<input type="hidden" name="mode" value="'. $mode.'"/>
<input type="hidden" name="type" value="'. $type.'"/>
<input type="hidden" name="tablename_page_nr" value="1" />
'.$submit_button1.'
<br /><br />';
$list = get_specific_field_list();
if(!empty($list)) {
$form .= '<span class="search-links-box">'. $advanced_options .'&nbsp;</span>
<div id="tags" class="tags" style="display:'. $display_thesaurus .';">
<div class="search-help-box">'. $help .'</div>
if (!empty($list)) {
$form .= '<span class="search-links-box">'.$advanced_options.'&nbsp;</span>
<div id="tags" class="tags" style="display:'. $display_thesaurus.';">
<div class="search-help-box">'. $help.'</div>
<table>
<tr>';
$form .= format_specific_fields_selects($sf_terms, $op);
@ -162,9 +162,9 @@ function search_widget_normal_form($action, $show_thesaurus, $sf_terms, $op) {
$form .= '</tr>
<tr>
<td id="operator-select">
'. get_lang('SearchCombineSearchWith') .':<br />
<input type="radio" class="search-operator" name="operator" value="or" '. $or_checked .'>'. api_strtoupper(get_lang('Or')) .'</input>
<input type="radio" class="search-operator" name="operator" value="and" '. $and_checked .'>'. api_strtoupper(get_lang('And')) .'</input>
'. get_lang('SearchCombineSearchWith').':<br />
<input type="radio" class="search-operator" name="operator" value="or" '. $or_checked.'>'.api_strtoupper(get_lang('Or')).'</input>
<input type="radio" class="search-operator" name="operator" value="and" '. $and_checked.'>'.api_strtoupper(get_lang('And')).'</input>
</td>
<td></td>
<td>
@ -176,7 +176,7 @@ function search_widget_normal_form($action, $show_thesaurus, $sf_terms, $op) {
</table>
</div>';
}
$form .='</form>
$form .= '</form>
<br style="clear: both;"/>';
return $form;
}
@ -186,36 +186,36 @@ function search_widget_normal_form($action, $show_thesaurus, $sf_terms, $op) {
*
* This type allow filter all other multiple select terms by one term in a dinamic way
*/
function search_widget_prefilter_form($action, $show_thesaurus, $sf_terms, $op, $prefilter_prefix=NULL) {
function search_widget_prefilter_form($action, $show_thesaurus, $sf_terms, $op, $prefilter_prefix = NULL) {
$thesaurus_icon = Display::return_icon('thesaurus.gif', get_lang('SearchAdvancedOptions'), array('id'=>'thesaurus-icon'));
$advanced_options = '<a id="tags-toggle" href="#">'. get_lang('SearchAdvancedOptions') .'</a>';
$display_thesaurus = ($show_thesaurus==true? 'block': 'none');
$help = '<h3>'. get_lang('SearchKeywordsHelpTitle') .'</h3>'. get_lang('SearchKeywordsHelpComment');
$mode = (!empty($_REQUEST['mode'])? htmlentities($_REQUEST['mode']): 'gallery');
$type = (!empty($_REQUEST['type'])? htmlentities($_REQUEST['type']): 'normal');
$advanced_options = '<a id="tags-toggle" href="#">'.get_lang('SearchAdvancedOptions').'</a>';
$display_thesaurus = ($show_thesaurus == true ? 'block' : 'none');
$help = '<h3>'.get_lang('SearchKeywordsHelpTitle').'</h3>'.get_lang('SearchKeywordsHelpComment');
$mode = (!empty($_REQUEST['mode']) ? htmlentities($_REQUEST['mode']) : 'gallery');
$type = (!empty($_REQUEST['type']) ? htmlentities($_REQUEST['type']) : 'normal');
/**
* POST avoid long urls, but we are using GET because
* SortableTableFromArray pagination is done with simple links, so now we
* could not send a form in pagination
*/
if (isset($_GET['action']) && strcmp(trim($_GET['action']),'search')===0) {
$action='index.php';
if (isset($_GET['action']) && strcmp(trim($_GET['action']), 'search') === 0) {
$action = 'index.php';
}
$form = '
<form id="chamilo_search" action="'. $action .'" method="GET">
<form id="chamilo_search" action="'. $action.'" method="GET">
<input type="text" id="query" name="query" size="40" />
<input type="hidden" name="mode" value="'. $mode .'"/>
<input type="hidden" name="type" value="'. $type .'"/>
<input type="hidden" name="mode" value="'. $mode.'"/>
<input type="hidden" name="type" value="'. $type.'"/>
<input type="hidden" name="tablename_page_nr" value="1" />
<input type="submit" id="submit" value="'. get_lang("Search") .'" />
<input type="submit" id="submit" value="'. get_lang("Search").'" />
<br /><br />';
$list = get_specific_field_list();
if(!empty($list)) {
$form .=' <span class="search-links-box">'. $thesaurus_icon . $advanced_options .'&nbsp;</span>
<div id="tags" class="tags" style="display:'. $display_thesaurus .';">
<div class="search-help-box">'. $help .'</div>
if (!empty($list)) {
$form .= ' <span class="search-links-box">'.$thesaurus_icon.$advanced_options.'&nbsp;</span>
<div id="tags" class="tags" style="display:'. $display_thesaurus.';">
<div class="search-help-box">'. $help.'</div>
<table>
<tr>';
if (!is_null($prefilter_prefix)) {
@ -230,9 +230,9 @@ function search_widget_prefilter_form($action, $show_thesaurus, $sf_terms, $op,
$sf_term_array = $temp;
// get specific field name
$sf_value = get_specific_field_list(array( 'code' => "'$prefilter_prefix'" ));
$sf_value = get_specific_field_list(array('code' => "'$prefilter_prefix'"));
$sf_value = array_shift($sf_value);
$form .= '<label class="sf-select-multiple-title" for="sf_'. $prefix .'[]">'.$icons_for_search_terms[$prefix].' '.$sf_value['name'].'</label><br />';
$form .= '<label class="sf-select-multiple-title" for="sf_'.$prefix.'[]">'.$icons_for_search_terms[$prefix].' '.$sf_value['name'].'</label><br />';
$form .= format_one_specific_field_select($prefilter_prefix, $sf_term_array, $op, 'id="prefilter"');
$form .= format_specific_fields_selects($sf_terms, $op, $prefilter_prefix);
@ -252,15 +252,15 @@ function search_widget_prefilter_form($action, $show_thesaurus, $sf_terms, $op,
</tr>
<tr>
<td id="operator-select">
'. get_lang('SearchCombineSearchWith') .':<br />
<input type="radio" class="search-operator" name="operator" value="or" '. $or_checked .'>'. api_strtoupper(get_lang('Or')) .'</input>
<input type="radio" class="search-operator" name="operator" value="and" '. $and_checked .'>'. api_strtoupper(get_lang('And')) .'</input>
'. get_lang('SearchCombineSearchWith').':<br />
<input type="radio" class="search-operator" name="operator" value="or" '. $or_checked.'>'.api_strtoupper(get_lang('Or')).'</input>
<input type="radio" class="search-operator" name="operator" value="and" '. $and_checked.'>'.api_strtoupper(get_lang('And')).'</input>
</td>
<td></td>
<td>
<br />
<input class="lower-submit" type="submit" value="'. get_lang('Search') .'" />
<input type="submit" id="tags-clean" value="'. get_lang('SearchResetKeywords') .'" />
<input class="lower-submit" type="submit" value="'. get_lang('Search').'" />
<input type="submit" id="tags-clean" value="'. get_lang('SearchResetKeywords').'" />
</td>
</tr>
</table>
@ -277,7 +277,7 @@ function search_widget_prefilter_form($action, $show_thesaurus, $sf_terms, $op,
* Show search form
*/
function display_search_form($action, $show_thesaurus, $sf_terms, $op) {
$type = (!empty($_REQUEST['type'])? htmlentities($_REQUEST['type']): 'normal');
$type = (!empty($_REQUEST['type']) ? htmlentities($_REQUEST['type']) : 'normal');
switch ($type) {
case 'prefilter':
@ -304,7 +304,7 @@ function display_search_form($action, $show_thesaurus, $sf_terms, $op) {
* @param string $action Just in case your action is not
* index.php
*/
function search_widget_show($action='index.php')
function search_widget_show($action = 'index.php')
{
require_once api_get_path(LIBRARY_PATH).'search/ChamiloQuery.php';
// TODO: load images dinamically when they're avalaible from specific field ui to add
@ -317,14 +317,14 @@ function search_widget_show($action='index.php')
if (($cid = api_get_course_id()) != -1) { // with cid
// get search engine terms
$course_filter = chamilo_get_boolean_query(XAPIAN_PREFIX_COURSEID . $cid);
$course_filter = chamilo_get_boolean_query(XAPIAN_PREFIX_COURSEID.$cid);
$dkterms = chamilo_query_simple_query('', 0, 1000, array($course_filter));
//prepare specific fields names (and also get possible URL param names)
foreach ($specific_fields as $specific_field) {
$temp = array();
if (is_array($dkterms) && count($dkterms)>0) {
foreach($dkterms[1] as $obj) {
if (is_array($dkterms) && count($dkterms) > 0) {
foreach ($dkterms[1] as $obj) {
$temp = array_merge($obj['sf-'.$specific_field['code']], $temp);
}
}
@ -352,7 +352,7 @@ function search_widget_show($action='index.php')
}
$op = 'or';
if (!empty($_REQUEST['operator']) && in_array($op,array('or','and'))) {
if (!empty($_REQUEST['operator']) && in_array($op, array('or', 'and'))) {
$op = $_REQUEST['operator'];
}

68
main/inc/lib/statistics.lib.php
Unescape View File

@ -104,10 +104,10 @@ class Statistics
$course_user_table = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$course_table = Database::get_main_table(TABLE_MAIN_COURSE);
$user_table = Database::get_main_table(TABLE_MAIN_USER);
$access_url_rel_user_table= Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$access_url_rel_user_table = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$current_url_id = api_get_current_access_url_id();
$active_filter = $onlyActive?' AND active=1':'';
$status_filter = isset($status)?' AND status = '.intval($status):'';
$active_filter = $onlyActive ? ' AND active=1' : '';
$status_filter = isset($status) ? ' AND status = '.intval($status) : '';
if (api_is_multiple_url_enabled()) {
$sql = "SELECT COUNT(DISTINCT(u.user_id)) AS number
@ -131,7 +131,7 @@ class Statistics
FROM $user_table
WHERE 1=1 $status_filter $active_filter";
if (isset($categoryCode)) {
$status_filter = isset($status)?' AND status = '.intval($status):'';
$status_filter = isset($status) ? ' AND status = '.intval($status) : '';
$sql = "SELECT COUNT(DISTINCT(cu.user_id)) AS number
FROM $course_user_table cu, $course_table c
WHERE
@ -156,7 +156,7 @@ class Statistics
public static function countSessions()
{
$session_table = Database::get_main_table(TABLE_MAIN_SESSION);
$access_url_rel_session_table= Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION);
$access_url_rel_session_table = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION);
if (api_is_multiple_url_enabled()) {
$current_url_id = api_get_current_access_url_id();
$sql = "SELECT COUNT(id) AS number
@ -179,9 +179,9 @@ class Statistics
public static function getNumberOfActivities()
{
// Database table definitions
$track_e_default = Database::get_main_table(TABLE_STATISTIC_TRACK_E_DEFAULT);
$track_e_default = Database::get_main_table(TABLE_STATISTIC_TRACK_E_DEFAULT);
$table_user = Database::get_main_table(TABLE_MAIN_USER);
$access_url_rel_user_table= Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$access_url_rel_user_table = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$current_url_id = api_get_current_access_url_id();
if (api_is_multiple_url_enabled()) {
$sql = "SELECT count(default_id) AS total_number_of_items
@ -229,7 +229,7 @@ class Statistics
$from = intval($from);
$numberOfItems = intval($numberOfItems);
if (!in_array($direction, array('ASC','DESC'))) {
if (!in_array($direction, array('ASC', 'DESC'))) {
$direction = 'DESC';
}
@ -280,7 +280,7 @@ class Statistics
$sql .= " LIMIT $from,$numberOfItems ";
$res = Database::query($sql);
$activities = array ();
$activities = array();
while ($row = Database::fetch_row($res)) {
if (strpos($row[1], '_object') === false && strpos($row[1], '_array') === false) {
$row[2] = $row[2];
@ -350,7 +350,7 @@ class Statistics
FROM $categoryTable
ORDER BY tree_pos";
$res = Database::query($sql);
$categories = array ();
$categories = array();
while ($category = Database::fetch_object($res)) {
$categories[$category->code] = $category->name;
}
@ -371,7 +371,7 @@ class Statistics
$data_max = ($data_max < $value ? $value : $data_max);
}
reset($data);
$result = array ();
$result = array();
$delta = $max / $data_max;
foreach ($data as $index => $value) {
$result[$index] = (int) round($value * $delta);
@ -405,9 +405,9 @@ class Statistics
} else {
$number_label = self::makeSizeString($number);
}
$percentage = ($total>0?number_format(100*$number/$total, 1, ',', '.'):'0');
$percentage = ($total > 0 ? number_format(100 * $number / $total, 1, ',', '.') : '0');
echo '<tr class="row_'.($i%2 == 0 ? 'odd' : 'even').'">
echo '<tr class="row_'.($i % 2 == 0 ? 'odd' : 'even').'">
<td width="150">'.$subtitle.'</td>
<td width="550">'.Display::bar_progress($percentage, false).'</td>
<td align="right">'.$number_label.'</td>';
@ -415,7 +415,7 @@ class Statistics
echo '<td align="right"> '.$percentage.'%</td>';
}
echo '</tr>';
$i ++;
$i++;
}
if ($showTotal) {
if (!$isFileSize) {
@ -441,11 +441,11 @@ class Statistics
$table_url = null;
$where_url = null;
$now = api_get_utc_datetime();
$where_url_last = ' WHERE login_date > DATE_SUB("' . $now . '",INTERVAL 1 %s)';
$where_url_last = ' WHERE login_date > DATE_SUB("'.$now.'",INTERVAL 1 %s)';
if (api_is_multiple_url_enabled()) {
$table_url = ", $access_url_rel_user_table";
$where_url = " WHERE login_user_id=user_id AND access_url_id='".$current_url_id."'";
$where_url_last = ' AND login_date > DATE_SUB("' . $now . '",INTERVAL 1 %s)';
$where_url_last = ' AND login_date > DATE_SUB("'.$now.'",INTERVAL 1 %s)';
}
$period = get_lang('PeriodMonth');
@ -464,7 +464,7 @@ class Statistics
GROUP BY stat_date
ORDER BY stat_date ";
$sql_last_x = "SELECT DATE_FORMAT( login_date, '%H' ) AS stat_date , count( login_id ) AS number_of_logins
FROM ".$table.$table_url.$where_url.sprintf($where_url_last,'DAY')."
FROM ".$table.$table_url.$where_url.sprintf($where_url_last, 'DAY')."
GROUP BY stat_date
ORDER BY stat_date ";
break;
@ -476,7 +476,7 @@ class Statistics
GROUP BY stat_date
ORDER BY DATE_FORMAT( login_date, '%w' ) ";
$sql_last_x = "SELECT DATE_FORMAT( login_date, '%w' ) AS stat_date, count( login_id ) AS number_of_logins
FROM ".$table.$table_url.$where_url.sprintf($where_url_last,'WEEK')."
FROM ".$table.$table_url.$where_url.sprintf($where_url_last, 'WEEK')."
GROUP BY stat_date
ORDER BY DATE_FORMAT( login_date, '%w' ) ";
break;
@ -527,7 +527,7 @@ class Statistics
$where_url = " AND login_user_id=user_id AND access_url_id='".$current_url_id."'";
} else {
$table_url = '';
$where_url='';
$where_url = '';
}
$now = api_get_utc_datetime();
$field = 'login_user_id';
@ -566,7 +566,7 @@ class Statistics
$where_url = " AND login_user_id=user_id AND access_url_id='".$current_url_id."'";
} else {
$table_url = '';
$where_url='';
$where_url = '';
}
$now = api_get_utc_datetime();
$field = 'login_user_id';
@ -579,7 +579,7 @@ class Statistics
GROUP BY date(login_date)";
$res = Database::query($sql);
while ($row = Database::fetch_array($res,'ASSOC')){
while ($row = Database::fetch_array($res, 'ASSOC')) {
$totalLogin[$row['login_date']] = $row['number'];
}
@ -679,7 +679,7 @@ class Statistics
$url_condition2 = null;
$table = null;
if (api_is_multiple_url_enabled()) {
$url_condition = ", $access_url_rel_user_table as url WHERE url.user_id=u.user_id AND access_url_id='".$current_url_id."'";
$url_condition = ", $access_url_rel_user_table as url WHERE url.user_id=u.user_id AND access_url_id='".$current_url_id."'";
$url_condition2 = " AND url.user_id=u.user_id AND access_url_id='".$current_url_id."'";
$table = ", $access_url_rel_user_table as url ";
}
@ -712,7 +712,7 @@ class Statistics
'width=200px',
false
);
$renderer =& $form->defaultRenderer();
$renderer = & $form->defaultRenderer();
$renderer->setCustomElementTemplate('<span>{element}</span> ');
$form->addElement('hidden', 'report', 'activities');
$form->addElement('hidden', 'activities_direction', 'DESC');
@ -762,10 +762,10 @@ class Statistics
$columns[1] = 'access_date';
$sql_order[SORT_ASC] = 'ASC';
$sql_order[SORT_DESC] = 'DESC';
$per_page = isset($_GET['per_page'])?intval($_GET['per_page']) : 10;
$page_nr = isset($_GET['page_nr'])?intval($_GET['page_nr']) : 1;
$column = isset($_GET['column'])?intval($_GET['column']) : 0;
$date_diff = isset($_GET['date_diff'])?intval($_GET['date_diff']) : 60;
$per_page = isset($_GET['per_page']) ? intval($_GET['per_page']) : 10;
$page_nr = isset($_GET['page_nr']) ? intval($_GET['page_nr']) : 1;
$column = isset($_GET['column']) ? intval($_GET['column']) : 0;
$date_diff = isset($_GET['date_diff']) ? intval($_GET['date_diff']) : 60;
$direction = isset($_GET['direction']) ? $_GET['direction'] : SORT_ASC;
if (!in_array($direction, array(SORT_ASC, SORT_DESC))) {
@ -793,25 +793,25 @@ class Statistics
access_url_id='".$current_url_id."'
GROUP BY t.c_id
HAVING t.c_id <> ''
AND DATEDIFF( '".api_get_utc_datetime()."' , access_date ) <= ". $date_diff;
AND DATEDIFF( '".api_get_utc_datetime()."' , access_date ) <= ".$date_diff;
} else {
$sql = "SELECT * FROM $table t
GROUP BY t.c_id
HAVING t.c_id <> ''
AND DATEDIFF( '".api_get_utc_datetime()."' , access_date ) <= ". $date_diff;
AND DATEDIFF( '".api_get_utc_datetime()."' , access_date ) <= ".$date_diff;
}
$sql .= ' ORDER BY '.$columns[$column].' '.$sql_order[$direction];
$from = ($page_nr -1) * $per_page;
$from = ($page_nr - 1) * $per_page;
$sql .= ' LIMIT '.$from.','.$per_page;
echo '<p>'.get_lang('LastAccess').' &gt;= '.$date_diff.' '.get_lang('Days').'</p>';
$res = Database::query($sql);
if (Database::num_rows($res) > 0) {
$courses = array ();
$courses = array();
while ($obj = Database::fetch_object($res)) {
$courseInfo = api_get_course_info_by_id($obj->c_id);
$course = array ();
$course[]= '<a href="'.api_get_path(WEB_COURSE_PATH).$courseInfo['code'].'">'.$courseInfo['code'].' <a>';
$course = array();
$course[] = '<a href="'.api_get_path(WEB_COURSE_PATH).$courseInfo['code'].'">'.$courseInfo['code'].' <a>';
// Allow sort by date hiding the numerical date
$course[] = '<span style="display:none;">'.$obj->access_date.'</span>'.api_convert_and_format_date($obj->access_date);
$courses[] = $course;
@ -937,7 +937,7 @@ class Statistics
$where_url = " AND login_user_id=user_id AND access_url_id='".$current_url_id."'";
} else {
$table_url = '';
$where_url='';
$where_url = '';
}
$now = api_get_utc_datetime();
$sql[get_lang('ThisDay')] =

4
main/lp/lp_edit_item_prereq.php
Unescape View File

@ -27,7 +27,7 @@ $submit = isset($_POST['submit_button']) ? $_POST['submit_button'] : null;
/* MAIN CODE */
if ((!$is_allowed_to_edit) || ($isStudentView)) {
error_log('New LP - User not authorized in lp_edit_item_prereq.php');
header('location:lp_controller.php?action=view&lp_id=' . $learnpath_id);
header('location:lp_controller.php?action=view&lp_id='.$learnpath_id);
exit;
}
@ -45,7 +45,7 @@ if (isset($_SESSION['gradebook'])) {
if (!empty($gradebook) && $gradebook == 'view') {
$interbreadcrumb[] = array(
'url' => '../gradebook/' . $_SESSION['gradebook_dest'],
'url' => '../gradebook/'.$_SESSION['gradebook_dest'],
'name' => get_lang('ToolGradebook')
);
}

18
main/permissions/group_permissions.inc.php
Unescape View File

@ -48,11 +48,11 @@ if (api_get_setting('permissions') == 'full') {
$header_array = $rights_full;
}
echo "<form method=\"post\" action=\"" . str_replace('&', '&amp;', $_SERVER['REQUEST_URI']) . "\">";
echo "<form method=\"post\" action=\"".str_replace('&', '&amp;', $_SERVER['REQUEST_URI'])."\">";
// DISPLAYING THE ROLES LIST
if (api_get_setting('group_roles') == 'true') {
// the list of the roles for the user
echo '<strong>' . get_lang('GroupRoles') . '</strong><br />';
echo '<strong>'.get_lang('GroupRoles').'</strong><br />';
$current_group_course_roles = get_roles('group', $group_id);
$current_group_platform_roles = get_roles('group', $group_id, 'platform');
display_role_list($current_group_course_roles, $current_group_platform_roles);
@ -64,9 +64,9 @@ echo "<table class=\"data_table\">\n";
// the header
echo "\t<tr>\n";
echo "\t\t<th>" . get_lang('Module') . "</th>\n";
echo "\t\t<th>".get_lang('Module')."</th>\n";
foreach ($header_array as $header_key => $header_value) {
echo "\t\t<th>" . get_lang($header_value) . "</th>\n";
echo "\t\t<th>".get_lang($header_value)."</th>\n";
}
echo "\t</tr>\n";
@ -113,12 +113,12 @@ foreach ($tool_rights as $tool => $rights) // $tool_rights contains all the poss
echo "</table>\n";
if ($setting_visualisation == 'checkbox') {
echo "<input type=\"Submit\" name=\"StoreGroupPermissions\" value=\"" . get_lang('StorePermissions') . "\">";
echo "<input type=\"Submit\" name=\"StoreGroupPermissions\" value=\"".get_lang('StorePermissions')."\">";
}
echo "</form>";
// LEGEND
echo '<strong>' . get_lang('Legend') . '</strong><br />';
echo '<img src="../img/wrong.gif" /> ' . get_lang('UserHasPermissionNot') . '<br />';
echo '<img src="../img/checkbox_on2.gif" /> ' . get_lang('UserHasPermission') . '<br />';
echo '<img src="../img/checkbox_on3.gif" /> ' . get_lang('UserHasPermissionByRoleGroup') . '<br />';
echo '<strong>'.get_lang('Legend').'</strong><br />';
echo '<img src="../img/wrong.gif" /> '.get_lang('UserHasPermissionNot').'<br />';
echo '<img src="../img/checkbox_on2.gif" /> '.get_lang('UserHasPermission').'<br />';
echo '<img src="../img/checkbox_on3.gif" /> '.get_lang('UserHasPermissionByRoleGroup').'<br />';

24
main/session/session_course_user.php
Unescape View File

@ -16,7 +16,7 @@ $id_session = intval($_GET['id_session']);
SessionManager::protectSession($id_session);
// setting breadcrumbs
$interbreadcrumb[] = array('url' => 'session_list.php','name' => get_lang('SessionList'));
$interbreadcrumb[] = array('url' => 'session_list.php', 'name' => get_lang('SessionList'));
$interbreadcrumb[] = array(
'url' => 'resume_session.php?id_session='.$id_session,
'name' => get_lang('SessionOverview'),
@ -43,7 +43,7 @@ if (!api_is_platform_admin()) {
FROM '.Database::get_main_table(TABLE_MAIN_SESSION).'
WHERE id='.$id_session;
$rs = Database::query($sql);
if (Database::result($rs,0,0)!=$_user['user_id']) {
if (Database::result($rs, 0, 0) != $_user['user_id']) {
api_not_allowed(true);
}
}
@ -88,9 +88,9 @@ if (isset($_POST['formSent']) && $_POST['formSent']) {
foreach ($CourseList as $enreg_course) {
$exists = false;
foreach($existingCourses as $existingCourse) {
foreach ($existingCourses as $existingCourse) {
if ($enreg_course == $existingCourse['id']) {
$exists=true;
$exists = true;
}
}
@ -110,7 +110,7 @@ if (isset($_POST['formSent']) && $_POST['formSent']) {
}
foreach ($existingCourses as $existingCourse) {
if (!in_array($existingCourse['id'], $CourseList)){
if (!in_array($existingCourse['id'], $CourseList)) {
$existingCourse = Database::escape_string($existingCourse['id']);
$sql = "INSERT IGNORE INTO $tbl_session_rel_course_rel_user (session_id,c_id,user_id)
VALUES ('$id_session','$existingCourse','$id_user')";
@ -146,7 +146,7 @@ $sql = "SELECT course.id, code, title, visual_code, srcru.session_id
WHERE srcru.user_id = $id_user AND session_id = $id_session";
//all
$sql_all="SELECT course.id, code, title, visual_code, src.session_id
$sql_all = "SELECT course.id, code, title, visual_code, src.session_id
FROM $tbl_course course
INNER JOIN $tbl_session_rel_course as src
ON course.id = src.c_id AND session_id = $id_session";
@ -163,9 +163,9 @@ foreach ($Courses as $course) {
foreach ($CoursesAll as $course) {
if (in_array($course['id'], $course_temp)) {
$nosessionCourses[$course['id']] = $course ;
$nosessionCourses[$course['id']] = $course;
} else {
$sessionCourses[$course['id']] = $course ;
$sessionCourses[$course['id']] = $course;
}
}
unset($Courses);
@ -184,9 +184,9 @@ unset($Courses);
<td width="45%" align="center">
<div id="ajax_list_courses_multiple">
<select id="origin" name="NoSessionCoursesList[]" multiple="multiple" size="20" style="width:320px;"> <?php
foreach($nosessionCourses as $enreg) {
foreach ($nosessionCourses as $enreg) {
?>
<option value="<?php echo $enreg['id']; ?>" <?php echo 'title="'.htmlspecialchars($enreg['title'].' ('.$enreg['visual_code'].')',ENT_QUOTES).'"'; if(in_array($enreg['code'],$CourseList)) echo 'selected="selected"'; ?>><?php echo $enreg['title'].' ('.$enreg['visual_code'].')'; ?></option>
<option value="<?php echo $enreg['id']; ?>" <?php echo 'title="'.htmlspecialchars($enreg['title'].' ('.$enreg['visual_code'].')', ENT_QUOTES).'"'; if (in_array($enreg['code'], $CourseList)) echo 'selected="selected"'; ?>><?php echo $enreg['title'].' ('.$enreg['visual_code'].')'; ?></option>
<?php
}
?> </select></div> <?php
@ -211,9 +211,9 @@ unset($Courses);
<td width="45%" align="center">
<select id='destination' name="SessionCoursesList[]" multiple="multiple" size="20" style="width:320px;">
<?php
foreach($sessionCourses as $enreg) {
foreach ($sessionCourses as $enreg) {
?>
<option value="<?php echo $enreg['id']; ?>" title="<?php echo htmlspecialchars($enreg['title'].' ('.$enreg['visual_code'].')',ENT_QUOTES); ?>"><?php echo $enreg['title'].' ('.$enreg['visual_code'].')'; ?></option>
<option value="<?php echo $enreg['id']; ?>" title="<?php echo htmlspecialchars($enreg['title'].' ('.$enreg['visual_code'].')', ENT_QUOTES); ?>"><?php echo $enreg['title'].' ('.$enreg['visual_code'].')'; ?></option>
<?php
}
unset($sessionCourses);

10
main/social/myfiles.php
Unescape View File

@ -28,7 +28,7 @@ function denied_friend (element_input) {
beforeSend: function(objeto) {
$("#id_response").html("<img src=\'../inc/lib/javascript/indicator.gif\' />"); },
type: "POST",
url: "' . api_get_path(WEB_AJAX_PATH) . 'social.ajax.php?a=deny_friend",
url: "' . api_get_path(WEB_AJAX_PATH).'social.ajax.php?a=deny_friend",
data: "denied_friend_id="+friend_user_id,
success: function(datos) {
$("div#"+name_div_id).hide("slow");
@ -37,7 +37,7 @@ function denied_friend (element_input) {
});
}
function register_friend(element_input) {
if(confirm("' . get_lang('AddToFriends') . '")) {
if(confirm("' . get_lang('AddToFriends').'")) {
name_button=$(element_input).attr("id");
name_div_id="id_"+name_button.substring(13);
user_id=name_div_id.split("_");
@ -47,7 +47,7 @@ function register_friend(element_input) {
beforeSend: function(objeto) {
$("div#dpending_"+user_friend_id).html("<img src=\'../inc/lib/javascript/indicator.gif\' />"); },
type: "POST",
url: "' . api_get_path(WEB_AJAX_PATH) . 'social.ajax.php?a=add_friend",
url: "' . api_get_path(WEB_AJAX_PATH).'social.ajax.php?a=add_friend",
data: "friend_id="+user_friend_id+"&is_my_friend="+"friend",
success: function(datos) { $("div#"+name_div_id).hide("slow");
$("form").submit()
@ -58,8 +58,8 @@ function register_friend(element_input) {
$(document).on("ready", function () {
$("#el-finder").elfinder({
url: "' . api_get_path(WEB_LIBRARY_PATH) . 'elfinder/php/connector.php",
lang: "' . api_get_language_isocode() . '",
url: "' . api_get_path(WEB_LIBRARY_PATH).'elfinder/php/connector.php",
lang: "' . api_get_language_isocode().'",
height: 600,
resizable: false,
rememberLastDir: false,

40
main/ticket/tutor_report.lib.php
Unescape View File

@ -106,51 +106,51 @@ function showResults($courseInfo, $weeksCount, $page)
$lineHeaderExport = array(null, null);
$lineHeaderExport2 = array(null, ull);
while ($rowe = Database::fetch_assoc($resultHeader)) {
$lineHeaderExport[] = utf8_decode('Work' . $rowe['week_id']);
$lineHeaderExport[] = utf8_decode('Forum' . $rowe['week_id']);
$lineHeaderExport[] = utf8_decode('Work'.$rowe['week_id']);
$lineHeaderExport[] = utf8_decode('Forum'.$rowe['week_id']);
//$fila_export_encabezado[] = utf8_decode('Eval'.$rowe['week_id']);
//$fila_export_encabezado[] = utf8_decode('PC'.$rowe['week_id']);
$lineHeaderExport2[] = utf8_decode($rowe['work_title']);
$lineHeaderExport2[] = utf8_decode($rowe['thread_title']);
//$fila_export_encabezado2[] = utf8_decode($rowe['eval_title']);
//$fila_export_encabezado2[] = utf8_decode($rowe['pc_title']);
$fila_export = array('Work' . $rowe['week_id'], 'Forum' . $rowe['week_id'], 'Eval' . $rowe['week_id'], 'PC' . $rowe['week_id']);
$fila_export = array('Work'.$rowe['week_id'], 'Forum'.$rowe['week_id'], 'Eval'.$rowe['week_id'], 'PC'.$rowe['week_id']);
if ($rowe['week_id'] > (($page - 1) * 7) && $rowe['week_id'] <= (7 * $page)) {
$ids[$rowe['week_id']] = $rowe['id'];
$line.='<th>
<a href="#" onClick="showContent(' . "'tarea" . $rowe['week_id'] . "'" . ');">Work' . $rowe['week_id'] . '
<div class="blackboard_hide" id="tarea' . $rowe['week_id'] . '">' . $rowe['work_title'] . '</div>
$line .= '<th>
<a href="#" onClick="showContent(' . "'tarea".$rowe['week_id']."'".');">Work'.$rowe['week_id'].'
<div class="blackboard_hide" id="tarea' . $rowe['week_id'].'">'.$rowe['work_title'].'</div>
</a></th>';
$line.= '<th>
<a href="#" onClick="showContent(' . "'foro" . $rowe['week_id'] . "'" . ');">Forum' . $rowe['week_id'] . '
<div class="blackboard_hide" id="foro' . $rowe['week_id'] . '">' . $rowe['thread_title'] . '</div>
$line .= '<th>
<a href="#" onClick="showContent(' . "'foro".$rowe['week_id']."'".');">Forum'.$rowe['week_id'].'
<div class="blackboard_hide" id="foro' . $rowe['week_id'].'">'.$rowe['thread_title'].'</div>
</a>
</th>';
}
}
$tableExport[] = $lineHeaderExport;
$tableExport[] = $lineHeaderExport2;
$line.= '</tr>';
$line .= '</tr>';
$html = '<form action="tutor.php" name="semanas" id="semanas" method="POST">
<div class="row">
' . get_lang('SelectWeeksSpan') . '
' . get_lang('SelectWeeksSpan').'
<select name="weeksNumber" id="weeksNumber" onChange="submit();">
<option value="7" ' . (($weeksCount == 7) ? 'selected="selected"' : "") . '>7 weeks</option>
<option value="14" ' . (($weeksCount == 14) ? 'selected="selected"' : "") . '>14 weeks</option>
<option value="7" ' . (($weeksCount == 7) ? 'selected="selected"' : "").'>7 weeks</option>
<option value="14" ' . (($weeksCount == 14) ? 'selected="selected"' : "").'>14 weeks</option>
</select>';
if ($weeksCount == 14) {
$html .= '<span style="float:right;"><a href="tutor.php?page=' . (($page == 1) ? 2 : 1) . '">' . (($page == 1) ? "Siguiente" : "Anterior") . '</a></span>';
$html .= '<span style="float:right;"><a href="tutor.php?page='.(($page == 1) ? 2 : 1).'">'.(($page == 1) ? "Siguiente" : "Anterior").'</a></span>';
}
$html .= '<span style="float:right;"><a href="' . api_get_self() . '?action=export' . $get_parameter . $get_parameter2 . '">' . Display::return_icon('export_excel.png', get_lang('Export'), '', '32') . '</a></span>';
$html .= '<span style="float:right;"><a href="'.api_get_self().'?action=export'.$get_parameter.$get_parameter2.'">'.Display::return_icon('export_excel.png', get_lang('Export'), '', '32').'</a></span>';
$html .= '</form>';
$html .= '<table class="reports">';
$html .= '<tr>
<th ></th>';
for ($i = (7 * $page - 6); $i <= $page * 7; $i++) {
$html .= '<th colspan="2">Week ' . $i . '<a href="assign_tickets.php?id=' . $ids[$i] . '" class="ajax">' . Display::return_icon('edit.png', get_lang('Edit'), array('width' => '16', 'height' => '16'), 22) . '</a></th>';
$html .= '<th colspan="2">Week '.$i.'<a href="assign_tickets.php?id='.$ids[$i].'" class="ajax">'.Display::return_icon('edit.png', get_lang('Edit'), array('width' => '16', 'height' => '16'), 22).'</a></th>';
}
$html .= '</tr>';
$html .= $line;
@ -190,12 +190,12 @@ function showStudentResult($datos, $pagina)
$inicio = (7 * $pagina - 6);
$fila = '<tr>';
$fila.= '<td><a href="' . api_get_path(WEB_CODE_PATH) . 'user/userInfo.php?' . api_get_cidreq() . '&uInfo=' . $datos[$inicio]['user_id'] . '">' . $datos[$inicio]['username'] . '</a></td>';
$fila .= '<td><a href="'.api_get_path(WEB_CODE_PATH).'user/userInfo.php?'.api_get_cidreq().'&uInfo='.$datos[$inicio]['user_id'].'">'.$datos[$inicio]['username'].'</a></td>';
foreach ($datos as $dato) {
$fila.= '<td align="center">' . (($dato['work_ok'] == 1) ? Display::return_icon('check.png') : Display::return_icon('aspa.png')) . '</td>';
$fila.= '<td align="center">' . (($dato['thread_ok'] == 1) ? Display::return_icon('check.png') : Display::return_icon('aspa.png')) . '</td>';
$fila .= '<td align="center">'.(($dato['work_ok'] == 1) ? Display::return_icon('check.png') : Display::return_icon('aspa.png')).'</td>';
$fila .= '<td align="center">'.(($dato['thread_ok'] == 1) ? Display::return_icon('check.png') : Display::return_icon('aspa.png')).'</td>';
}
$fila.= '</tr>';
$fila .= '</tr>';
return $fila;
}

40
main/webservices/cm_webservice_forum.php
Unescape View File

@ -23,7 +23,7 @@ class WSCMForum extends WSCM
{
if ($this->verifyUserPass($username, $password) == "valid") {
$course_db = api_get_course_info($course_code);
$foruns_info = get_forums($id='', $course_db['code']);
$foruns_info = get_forums($id = '', $course_db['code']);
$foruns_id = '#';
foreach ($foruns_info as $forum) {
if (isset($forum['forum_id'])) {
@ -48,12 +48,12 @@ class WSCMForum extends WSCM
$table_forums = Database::get_course_table(TABLE_FORUM, $course_db['db_name']);
$table_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY, $course_db['db_name']);
$sql="SELECT * FROM ".$table_forums." forums, ".$table_item_property." item_properties
$sql = "SELECT * FROM ".$table_forums." forums, ".$table_item_property." item_properties
WHERE item_properties.tool='".TOOL_FORUM."'
AND item_properties.ref='".Database::escape_string($forum_id)."'
AND forums.forum_id='".Database::escape_string($forum_id)."'";
$result=Database::query($sql);
$forum_info=Database::fetch_array($result);
$result = Database::query($sql);
$forum_info = Database::fetch_array($result);
$forum_info['approval_direct_post'] = 0; // we can't anymore change this option, so it should always be activated
$forum_title = utf8_decode($forum_info['forum_title']);
@ -74,7 +74,7 @@ class WSCMForum extends WSCM
$threads_id = '#';
foreach ($threads_info as $thread)
{
if( isset($thread['thread_id']))
if (isset($thread['thread_id']))
{
$threads_id .= $thread['thread_id']."#";
}
@ -99,12 +99,12 @@ class WSCMForum extends WSCM
$table_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY, $course_db['db_name']);
$table_threads = Database::get_course_table(TABLE_FORUM_THREAD, $course_db['db_name']);
$sql="SELECT * FROM ".$table_threads." threads, ".$table_item_property." item_properties
$sql = "SELECT * FROM ".$table_threads." threads, ".$table_item_property." item_properties
WHERE item_properties.tool='".TOOL_FORUM_THREAD."'
AND item_properties.ref='".Database::escape_string($thread_id)."'
AND threads.thread_id='".Database::escape_string($thread_id)."'";
$result=Database::query($sql);
$thread_info=Database::fetch_array($result);
$result = Database::query($sql);
$thread_info = Database::fetch_array($result);
switch ($field) {
case 'title':
@ -145,12 +145,12 @@ class WSCMForum extends WSCM
$table_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY, $course_db['db_name']);
$table_threads = Database::get_course_table(TABLE_FORUM_THREAD, $course_db['db_name']);
$sql="SELECT * FROM ".$table_threads." threads, ".$table_item_property." item_properties
$sql = "SELECT * FROM ".$table_threads." threads, ".$table_item_property." item_properties
WHERE item_properties.tool='".TOOL_FORUM_THREAD."'
AND item_properties.ref='".Database::escape_string($thread_id)."'
AND threads.thread_id='".Database::escape_string($thread_id)."'";
$result=Database::query($sql);
$thread_info=Database::fetch_array($result);
$result = Database::query($sql);
$thread_info = Database::fetch_array($result);
$htmlcode = true;
$field_table = "thread_title";
@ -172,7 +172,7 @@ class WSCMForum extends WSCM
$table_posts = Database::get_course_table(TABLE_FORUM_POST, $course_db['db_name']);
// note: change these SQL so that only the relevant fields of the user table are used
if (api_is_allowed_to_edit(null,true)) {
if (api_is_allowed_to_edit(null, true)) {
$sql = "SELECT * FROM $table_posts posts
LEFT JOIN $table_users users
ON posts.poster_id=users.user_id
@ -187,9 +187,9 @@ class WSCMForum extends WSCM
AND posts.visible='1'
ORDER BY posts.post_id ASC";
}
$result=Database::query($sql);
while ($row=Database::fetch_array($result)) {
$posts_info[]=$row;
$result = Database::query($sql);
while ($row = Database::fetch_array($result)) {
$posts_info[] = $row;
}
$posts_id = '#';
@ -221,8 +221,8 @@ class WSCMForum extends WSCM
$sql = "SELECT * FROM ".$table_posts."posts, ".$table_users." users
WHERE posts.poster_id=users.user_id AND posts.post_id='".Database::escape_string($post_id)."'";
$result=Database::query($sql);
$post_info =Database::fetch_array($result);
$result = Database::query($sql);
$post_info = Database::fetch_array($result);
$htmlcode = false;
switch ($field) {
@ -269,9 +269,9 @@ class WSCMForum extends WSCM
$table_threads = Database::get_course_table(TABLE_FORUM_THREAD, $course_db['db_name']);
$forum_table_attachment = Database::get_course_table(TABLE_FORUM_ATTACHMENT, $course_db['db_name']);
$table_posts = Database::get_course_table(TABLE_FORUM_POST, $course_db['db_name']);
$post_date=date('Y-m-d H:i:s');
$visible=1;
$has_attachment=false;
$post_date = date('Y-m-d H:i:s');
$visible = 1;
$has_attachment = false;
$my_post = '';
$post_notification = '';

8
main/webservices/soap_course.php
Unescape View File

@ -51,10 +51,10 @@ $s->register(
'WSCourse.DeleteCourse',
array('secret_key' => 'xsd:string', 'course_id_field_name' => 'xsd:string', 'course_id_value' => 'xsd:string'),
array(),
'urn:WSService', // namespace
'urn:WSService#WSCourse.DeleteCourse', // soapaction
'rpc', // style
'encoded', // use
'urn:WSService', // namespace
'urn:WSService#WSCourse.DeleteCourse', // soapaction
'rpc', // style
'encoded', // use
'Delete a course in chamilo' // documentation
);

4
plugin/dashboard/block_teacher/block_teacher.class.php
Unescape View File

@ -67,7 +67,7 @@ class BlockTeacher extends Block
<div class="panel panel-default" id="intro">
<div class="panel-heading">
'.get_lang('TeachersInformationsList').'
<div class="pull-right"><a class="btn btn-danger btn-xs" onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmYourChoice'),ENT_QUOTES,$charset)).'\')) return false;" href="index.php?action=disable_block&path='.$this->path.'">
<div class="pull-right"><a class="btn btn-danger btn-xs" onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES, $charset)).'\')) return false;" href="index.php?action=disable_block&path='.$this->path.'">
<em class="fa fa-times"></em>
</a></div>
</div>
@ -151,7 +151,7 @@ class BlockTeacher extends Block
$teachers_table = null;
if (count($teachers) > 0) {
$a_last_week = get_last_week();
$last_week = date('Y-m-d',$a_last_week[0]).' '.get_lang('To').' '.date('Y-m-d', $a_last_week[6]);
$last_week = date('Y-m-d', $a_last_week[0]).' '.get_lang('To').' '.date('Y-m-d', $a_last_week[6]);
$teachers_table .= '<table class="data_table" width:"95%">';
$teachers_table .= '

42
plugin/pens/chamilo_pens.php
Unescape View File

@ -25,8 +25,8 @@
* @licence http://www.gnu.org/licenses/gpl.txt
*/
require_once __DIR__ . '/../../main/inc/global.inc.php';
require_once __DIR__ . '/lib/pens.php';
require_once __DIR__.'/../../main/inc/global.inc.php';
require_once __DIR__.'/lib/pens.php';
/**
* ChamiloPens
@ -156,24 +156,24 @@ class ChamiloPens extends Plugin
$clean_vendor_data = Database::escape_string($this->_vendor_data);
$created_at = api_get_utc_datetime();
$table = Database::get_main_table(self::TABLE_NAME);
$sql_query = "INSERT INTO $table (pens_version, package_type, package_type_version, package_format, package_id, client, vendor_data, package_name, created_at) VALUES (" .
"'" . $this->_pens_version . "', " .
"'" . $this->_package_type . "', " .
"'" . $clean_package_type_version . "', " .
"'" . $this->_package_format . "', " .
"'" . $clean_package_id . "', " .
"'" . $clean_client . "', " .
"'" . $clean_vendor_data . "', " .
"'" . $this->_package_name . "', " .
"'" . $created_at . "') ON DUPLICATE KEY UPDATE " .
"pens_version = VALUES(pens_version), " .
"package_type = VALUES(package_type), " .
"package_type_version = VALUES(package_type_version), " .
"package_format = VALUES(package_format), " .
"client = VALUES(client), " .
"vendor_data = VALUES(vendor_data), " .
"package_name = VALUES(package_name), " .
"updated_at = '" . $created_at . "';";
$sql_query = "INSERT INTO $table (pens_version, package_type, package_type_version, package_format, package_id, client, vendor_data, package_name, created_at) VALUES (".
"'".$this->_pens_version."', ".
"'".$this->_package_type."', ".
"'".$clean_package_type_version."', ".
"'".$this->_package_format."', ".
"'".$clean_package_id."', ".
"'".$clean_client."', ".
"'".$clean_vendor_data."', ".
"'".$this->_package_name."', ".
"'".$created_at."') ON DUPLICATE KEY UPDATE ".
"pens_version = VALUES(pens_version), ".
"package_type = VALUES(package_type), ".
"package_type_version = VALUES(package_type_version), ".
"package_format = VALUES(package_format), ".
"client = VALUES(client), ".
"vendor_data = VALUES(vendor_data), ".
"package_name = VALUES(package_name), ".
"updated_at = '".$created_at."';";
Database::query($sql_query);
}
@ -186,7 +186,7 @@ class ChamiloPens extends Plugin
public static function findByPackageId($package_id)
{
$table = Database::get_main_table(self::TABLE_NAME);
$sql_query = "SELECT * FROM $table WHERE package_id = '" . $package_id . "';";
$sql_query = "SELECT * FROM $table WHERE package_id = '".$package_id."';";
$results = Database::query($sql_query);
$number = Database::num_rows($results);
if ($number == 1) {

24
plugin/search_course/lib/search_course_widget.class.php
Unescape View File

@ -60,12 +60,12 @@ class SearchCourseWidget
$url = self::server('REQUEST_URI');
$url = explode('?', $url);
$url = reset($url);
$url = self::server('SERVER_NAME') . $url;
$url = self::server('SERVER_NAME').$url;
$root = api_get_path('WEB_PATH');
$root = str_replace('https://', '', $root);
$root = str_replace('http://', '', $root);
$index_url = $root . 'index.php';
$index_url = $root.'index.php';
return $url == $index_url || $url == $root;
}
@ -80,12 +80,12 @@ class SearchCourseWidget
$url = self::server('REQUEST_URI');
$url = explode('?', $url);
$url = reset($url);
$url = self::server('SERVER_NAME') . $url;
$url = self::server('SERVER_NAME').$url;
$root = api_get_path('WEB_PATH');
$root = str_replace('https://', '', $root);
$root = str_replace('http://', '', $root);
$index_url = $root . 'user_portal.php';
$index_url = $root.'user_portal.php';
return $url == $index_url || $url == $root;
}
@ -153,8 +153,8 @@ class SearchCourseWidget
$parameters[self::PARAM_ACTION] = $action;
}
$parameters = implode('&', $parameters);
$parameters = $parameters ? '?' . $parameters : '';
return $self . $parameters;
$parameters = $parameters ? '?'.$parameters : '';
return $self.$parameters;
}
/**
@ -241,8 +241,8 @@ EOT;
$details = implode(' - ', $details);
$title = $course['title'];
$href = api_get_path(WEB_COURSE_PATH).$course['code'] .'/index.php';
echo '<tr><td><b><a href="' . $href . '">' . "$title</a></b><br/>$details</td><td>";
$href = api_get_path(WEB_COURSE_PATH).$course['code'].'/index.php';
echo '<tr><td><b><a href="'.$href.'">'."$title</a></b><br/>$details</td><td>";
if (!api_is_anonymous()) {
if ($course['registration_code']) {
Display::display_icon(
@ -333,13 +333,13 @@ EOT;
if (api_is_anonymous())
{
$course_fiter = 'visibility = ' . COURSE_VISIBILITY_OPEN_WORLD;
$course_fiter = 'visibility = '.COURSE_VISIBILITY_OPEN_WORLD;
}
else
{
$course_fiter = 'visibility = ' . COURSE_VISIBILITY_OPEN_WORLD . ' OR ';
$course_fiter .= 'visibility = ' . COURSE_VISIBILITY_OPEN_PLATFORM . ' OR ';
$course_fiter .= '(visibility = ' . COURSE_VISIBILITY_REGISTERED . ' AND subscribe = 1)';
$course_fiter = 'visibility = '.COURSE_VISIBILITY_OPEN_WORLD.' OR ';
$course_fiter .= 'visibility = '.COURSE_VISIBILITY_OPEN_PLATFORM.' OR ';
$course_fiter .= '(visibility = '.COURSE_VISIBILITY_REGISTERED.' AND subscribe = 1)';
}
$sql = <<<EOT

Write Preview
Loading…
Cancel
Save