chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix security and code convections

Browse Source
pull/2487/head
nosolored 9 years ago
parent 0541cc7f38
commit 3eba8ceee2
26 changed files with 988 additions and 928 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      plugin/sepe/admin.php
  2. 8
      plugin/sepe/config.php
  3. 230
      plugin/sepe/database.php
  4. 1
      plugin/sepe/lang/english.php
  5. 5
      plugin/sepe/lang/spanish.php
  6. 1
      plugin/sepe/src/configuration.php
  7. 85
      plugin/sepe/src/formative-action-edit.php
  8. 63
      plugin/sepe/src/formative-action.php
  9. 51
      plugin/sepe/src/formative-actions-list.php
  10. 55
      plugin/sepe/src/function.php
  11. 37
      plugin/sepe/src/identification-data-edit.php
  12. 1
      plugin/sepe/src/identification-data.php
  13. 59
      plugin/sepe/src/index.sepe.php
  14. 398
      plugin/sepe/src/participant-action-edit.php
  15. 178
      plugin/sepe/src/participant-specialty-edit.php
  16. 1
      plugin/sepe/src/sepe-administration-menu.php
  17. 118
      plugin/sepe/src/sepe.lib.php
  18. 122
      plugin/sepe/src/sepe_plugin.class.php
  19. 177
      plugin/sepe/src/specialty-action-edit.php
  20. 60
      plugin/sepe/src/specialty-classroom-edit.php
  21. 129
      plugin/sepe/src/specialty-tutor-edit.php
  22. 85
      plugin/sepe/src/specialty-tutorial-edit.php
  23. 30
      plugin/sepe/view/formative-actions-list.tpl
  24. 14
      plugin/sepe/view/participant-action-edit.tpl
  25. 2
      plugin/sepe/view/sepe-administration-menu.tpl
  26. 4
      plugin/sepe/view/specialty-tutor-edit.tpl

2
plugin/sepe/admin.php
Unescape View File

@ -8,5 +8,5 @@ $pluginPath = api_get_path(WEB_PLUGIN_PATH).'sepe/src/sepe-administration-menu.p
if ($enable && api_is_platform_admin()) {
header('Location:'.$pluginPath);
} else {
header('Location: ../../index.php');
header('Location: ../../index.php');
}

8
plugin/sepe/config.php
Unescape View File

@ -2,10 +2,10 @@
/* For licensing terms, see /license.txt */
/**
* Config the plugin
* @author Jose Angel Ruiz <jaruiz@nosolored.com>
* @author Julio Montoya <gugli100@gmail.com>
* @package chamilo.plugin.sepe
*/
* @author Jose Angel Ruiz <jaruiz@nosolored.com>
* @author Julio Montoya <gugli100@gmail.com>
* @package chamilo.plugin.sepe
*/
require_once __DIR__ . '/../../main/inc/global.inc.php';
require_once api_get_path(LIBRARY_PATH).'plugin.class.php';

230
plugin/sepe/database.php
Unescape View File

@ -18,12 +18,12 @@ $connection = $entityManager->getConnection();
$platform = $connection->getDatabasePlatform();
//Create tables
/* ========== PLUGIN_SEPE_CENTER ========== */
/* ========== PLUGIN_SEPE_CENTER ========== */
$sepeCenterTable = $pluginSchema->createTable(SepePlugin::TABLE_SEPE_CENTER);
$sepeCenterTable->addColumn(
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
);
$sepeCenterTable->addColumn('center_origin', \Doctrine\DBAL\Types\Type::STRING);
$sepeCenterTable->addColumn('center_code', \Doctrine\DBAL\Types\Type::STRING);
@ -34,12 +34,12 @@ $sepeCenterTable->addColumn('phone', \Doctrine\DBAL\Types\Type::STRING);
$sepeCenterTable->addColumn('mail', \Doctrine\DBAL\Types\Type::STRING);
$sepeCenterTable->setPrimaryKey(array('d'));
/* ========== PLUGIN_SEPE_ACTIONS ========== */
/* ========== PLUGIN_SEPE_ACTIONS ========== */
$sepeActionsTable = $pluginSchema->createTable(SepePlugin::TABLE_SEPE_ACTIONS);
$sepeActionsTable->addColumn(
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
);
$sepeActionsTable->addColumn(
'action_origin',
@ -82,7 +82,7 @@ $sepeActionsTable->addColumn(
'full_itinerary_indicator',
\Doctrine\DBAL\Types\Type::STRING,
array('length' => 2)
); //enum('SI','NO')
);
$sepeActionsTable->addColumn(
'financing_type',
\Doctrine\DBAL\Types\Type::STRING,
@ -104,12 +104,12 @@ $sepeActionsTable->addColumn('requirements', \Doctrine\DBAL\Types\Type::TEXT);
$sepeActionsTable->addColumn('contact_action', \Doctrine\DBAL\Types\Type::TEXT);
$sepeActionsTable->setPrimaryKey(array('id'));
/* ========== PLUGIN_SEPE_SPECIALTY ========== */
/* ==========PLUGIN_SEPE_SPECIALTY========== */
$sepeSpecialtyTable = $pluginSchema->createTable(SepePlugin::TABLE_SEPE_SPECIALTY);
$sepeSpecialtyTable->addColumn(
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
);
$sepeSpecialtyTable->addColumn(
'action_id',
@ -231,12 +231,12 @@ $sepeSpecialtyTable->addForeignKeyConstraint(
array('onDelete' => 'CASCADE')
);
/* ========== PLUGIN_SEPE_CENTROS ========== */
/* ========== PLUGIN_SEPE_CENTROS ========== */
$sepeCentrosTable = $pluginSchema->createTable(SepePlugin::TABLE_SEPE_CENTERS);
$sepeCentrosTable->addColumn(
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
);
$sepeCentrosTable->addColumn(
'center_origin',
@ -250,13 +250,13 @@ $sepeCentrosTable->addColumn(
);
$sepeCentrosTable->setPrimaryKey(array('cod'));
/* ========== PLUGIN_SEPE_SPECIALTY_CLASSROOM ========== */
/* ========== PLUGIN_SEPE_SPECIALTY_CLASSROOM ========== */
$sepeSpecialtyClassroomTable = $pluginSchema->createTable(SepePlugin::TABLE_SEPE_SPECIALTY_CLASSROOM);
$sepeSpecialtyClassroomTable->addColumn(
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
);
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
);
$sepeSpecialtyClassroomTable->addColumn(
'specialty_id',
\Doctrine\DBAL\Types\Type::INTEGER,
@ -275,12 +275,12 @@ $sepeSpecialtyClassroomTable->addForeignKeyConstraint(
array('onDelete' => 'CASCADE')
);
/* ========== PLUGIN_SEPE_TUTORS ========== */
/* ========== PLUGIN_SEPE_TUTORS ========== */
$sepeTutorsTable = $pluginSchema->createTable(SepePlugin::TABLE_SEPE_TUTORS);
$sepeTutorsTable->addColumn(
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
);
$sepeTutorsTable->addColumn(
'platform_user_id',
@ -329,12 +329,12 @@ $sepeTutorsTable->addColumn(
);
$sepeTutorsTable->setPrimaryKey(array('id'));
/* ========== PLUGIN_SEPE_SPECIALTY_TUTORS ========== */
/* ========== PLUGIN_SEPE_SPECIALTY_TUTORS ========== */
$sepeSpecialtyTutorsTable = $pluginSchema->createTable(SepePlugin::TABLE_SEPE_SPECIALTY_TUTORS);
$sepeSpecialtyTutorsTable->addColumn(
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
);
$sepeSpecialtyTutorsTable->addColumn(
'specialty_id',
@ -379,12 +379,12 @@ $sepeSpecialtyTutorsTable->addForeignKeyConstraint(
array('onDelete' => 'CASCADE')
);
/* ========== PLUGIN_SEPE_TUTORS_EMPRESA ========== */
/* ========== PLUGIN_SEPE_TUTORS_EMPRESA ========== */
$sepeTutorsCompanyTable = $pluginSchema->createTable(SepePlugin::TABLE_SEPE_TUTORS_COMPANY);
$sepeTutorsCompanyTable->addColumn(
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
);
$sepeTutorsCompanyTable->addColumn(
'alias',
@ -415,15 +415,15 @@ $sepeTutorsCompanyTable->addColumn(
'training',
\Doctrine\DBAL\Types\Type::STRING,
array('length' => 2)
);
$sepeTutorsCompanyTable->setPrimaryKey(array('cod'));
/* ========== PLUGIN_SEPE_PARTICIPANTS ========== */
);
$sepeTutorsCompanyTable->setPrimaryKey(array('cod'));
/* ========== PLUGIN_SEPE_PARTICIPANTS ========== */
$sepeParticipantsTable = $pluginSchema->createTable(SepePlugin::TABLE_SEPE_PARTICIPANTS);
$sepeParticipantsTable->addColumn(
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
);
$sepeParticipantsTable->addColumn(
'action_id',
@ -495,12 +495,12 @@ $sepeParticipantsTable->addForeignKeyConstraint(
array('onDelete' => 'CASCADE')
);
/* ========== PLUGIN_SEPE_PARTICIPANTS_SPECIALTY ========== */
/* ========== PLUGIN_SEPE_PARTICIPANTS_SPECIALTY ========== */
$sepeParticipantsSpecialtyTable = $pluginSchema->createTable(SepePlugin::TABLE_SEPE_PARTICIPANTS_SPECIALTY);
$sepeParticipantsSpecialtyTable->addColumn(
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
);
$sepeParticipantsSpecialtyTable->addColumn(
'participant_id',
@ -523,14 +523,14 @@ $sepeParticipantsSpecialtyTable->addColumn(
array('length' => 14, 'notnull' => false)
);
$sepeParticipantsSpecialtyTable->addColumn(
'registration_date',
\Doctrine\DBAL\Types\Type::DATE,
array('notnull' => false)
'registration_date',
\Doctrine\DBAL\Types\Type::DATE,
array('notnull' => false)
);
$sepeParticipantsSpecialtyTable->addColumn(
'leaving_date',
\Doctrine\DBAL\Types\Type::DATE,
array('notnull' => false)
'leaving_date',
\Doctrine\DBAL\Types\Type::DATE,
array('notnull' => false)
);
$sepeParticipantsSpecialtyTable->addColumn(
'center_origin',
@ -543,14 +543,14 @@ $sepeParticipantsSpecialtyTable->addColumn(
array('length' => 16, 'notnull' => false)
);
$sepeParticipantsSpecialtyTable->addColumn(
'start_date',
\Doctrine\DBAL\Types\Type::DATE,
array('notnull' => false)
'start_date',
\Doctrine\DBAL\Types\Type::DATE,
array('notnull' => false)
);
$sepeParticipantsSpecialtyTable->addColumn(
'end_date',
\Doctrine\DBAL\Types\Type::DATE,
array('notnull' => false)
'end_date',
\Doctrine\DBAL\Types\Type::DATE,
array('notnull' => false)
);
$sepeParticipantsSpecialtyTable->addColumn(
'final_result',
@ -575,12 +575,12 @@ $sepeParticipantsSpecialtyTable->addForeignKeyConstraint(
array('onDelete' => 'CASCADE')
);
/* ========== PLUGIN_SEPE_PARTICIPANTS_SPECIALTY_TUTORIALS ========== */
/* ========== PLUGIN_SEPE_PARTICIPANTS_SPECIALTY_TUTORIALS ========== */
$sepeParticipantsSpecialtyTutorialsTable = $pluginSchema->createTable(SepePlugin::TABLE_SEPE_PARTICIPANTS_SPECIALTY_TUTORIALS);
$sepeParticipantsSpecialtyTutorialsTable->addColumn(
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
);
$sepeParticipantsSpecialtyTutorialsTable->addColumn(
'participant_specialty_id',
@ -607,16 +607,16 @@ $sepeParticipantsSpecialtyTutorialsTable->addForeignKeyConstraint(
array('onDelete' => 'CASCADE')
);
/* ========== PLUGIN_SEPE_COURSE_ACTIONS ========== */
/* ========== PLUGIN_SEPE_COURSE_ACTIONS ========== */
$sepeCourseActionsTable = $pluginSchema->createTable(SepePlugin::TABLE_SEPE_COURSE_ACTIONS);
$sepeCourseActionsTable->addColumn(
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
);
$sepeCourseActionsTable->addColumn(
'course_id',
\Doctrine\DBAL\Types\Type::INTEGER,
\Doctrine\DBAL\Types\Type::INTEGER,
array('unsigned' => true)
);
$sepeCourseActionsTable->addColumn(
@ -632,27 +632,27 @@ $sepeCourseActionsTable->addForeignKeyConstraint(
array('onDelete' => 'CASCADE')
);
/* ========== PLUGIN_SEPE_COMPETENCIA_DOCENTE ========== */
$sepeCompetenciaDocenteTable = $pluginSchema->createTable(SepePlugin::TABLE_SEPE_TEACHING_COMPETENCE);
$sepeCompetenciaDocenteTable->addColumn(
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
/* ========== PLUGIN_SEPE_TEACHING_COMPETENCE ========== */
$sepeTeachingCompetenceTable = $pluginSchema->createTable(SepePlugin::TABLE_SEPE_TEACHING_COMPETENCE);
$sepeTeachingCompetenceTable->addColumn(
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
);
$sepeCompetenciaDocenteTable->addColumn(
$sepeTeachingCompetenceTable->addColumn(
'code',
\Doctrine\DBAL\Types\Type::STRING,
array('length' => 2)
);
$sepeCompetenciaDocenteTable->addColumn('value', \Doctrine\DBAL\Types\Type::TEXT);
$sepeCompetenciaDocenteTable->setPrimaryKey(array('id'));
$sepeTeachingCompetenceTable->addColumn('value', \Doctrine\DBAL\Types\Type::TEXT);
$sepeTeachingCompetenceTable->setPrimaryKey(array('id'));
/* ========== PLUGIN_SEPE_LOG_PARTICIPANT ========== */
/* ========== PLUGIN_SEPE_LOG_PARTICIPANT ========== */
$sepeLogParticipantTable = $pluginSchema->createTable(SepePlugin::TABLE_SEPE_LOG_PARTICIPANT);
$sepeLogParticipantTable->addColumn(
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
);
$sepeLogParticipantTable->addColumn(
'platform_user_id',
@ -668,12 +668,12 @@ $sepeLogParticipantTable->addColumn('registration_date', \Doctrine\DBAL\Types\Ty
$sepeLogParticipantTable->addColumn('leaving_date', \Doctrine\DBAL\Types\Type::DATETIME);
$sepeLogParticipantTable->setPrimaryKey(array('id'));
/* ========== PLUGIN_SEPE_LOG_MOD_PARTICIPANT ========== */
/* ========== PLUGIN_SEPE_LOG_MOD_PARTICIPANT ========== */
$sepeLogModParticipantTable = $pluginSchema->createTable(SepePlugin::TABLE_SEPE_LOG_MOD_PARTICIPANT);
$sepeLogModParticipantTable->addColumn(
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
);
$sepeLogModParticipantTable->addColumn(
'platform_user_id',
@ -688,12 +688,12 @@ $sepeLogModParticipantTable->addColumn(
$sepeLogModParticipantTable->addColumn('change_date', \Doctrine\DBAL\Types\Type::DATETIME);
$sepeLogModParticipantTable->setPrimaryKey(array('id'));
/* ========== PLUGIN_SEPE_LOG ========== */
/* ==========PLUGIN_SEPE_LOG ========== */
$sepeLogTable = $pluginSchema->createTable(SepePlugin::TABLE_SEPE_LOG);
$sepeLogTable->addColumn(
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
'id',
\Doctrine\DBAL\Types\Type::INTEGER,
array('autoincrement' => true, 'unsigned' => true)
);
$sepeLogTable->addColumn(
'ip',
@ -708,7 +708,6 @@ $sepeLogTable->addColumn(
$sepeLogTable->addColumn('date', \Doctrine\DBAL\Types\Type::DATETIME);
$sepeLogTable->setPrimaryKey(array('id'));
$queries = $pluginSchema->toSql($platform);
foreach ($queries as $query) {
@ -718,12 +717,12 @@ foreach ($queries as $query) {
//Insert data
$sepeTeachingCompetenceTable = Database::get_main_table(SepePlugin::TABLE_SEPE_TEACHING_COMPETENCE);
$competences = array(
array(1, '01', 'Certificado de profesionalidad de docencia de la formación profesional para el empleo regulado por Real Decreto 1697/2011, de 18 de noviembre.'),
array(2, '02', 'Certificado de profesionalidad de formador ocupacional.'),
array(3, '03', 'Certificado de Aptitud Pedagógica o título profesional de Especialización Didáctica o Certificado de Cualificación Pedagógica.'),
array(4, '04', 'Máster Universitario habilitante para el ejercicio de las Profesiones reguladas de Profesor de Educación Secundaria Obligatoria y Bachillerato, Formación Profesional y Escuelas Oficiales de Idiomas.'),
array(5, '05', 'Curso de formación equivalente a la formación pedagógica y didáctica exigida para aquellas personas que, estando en posesion de una titulación declarada equivalente a efectos de docencia, no pueden realizar los estudios de máster, establecida en la disposición adicional primera del Real Decreto 1834/2008, de 8 de noviembre.'),
array(6, '06', 'Experiencia docente contrastada de al menos 600 horas de impartición de acciones formativas de formación profesional para el empleo o del sistema educativo en modalidad presencial, en los últimos diez años.')
array(1, '01', 'Certificado de profesionalidad de docencia de la formación profesional para el empleo regulado por Real Decreto 1697/2011, de 18 de noviembre.'),
array(2, '02', 'Certificado de profesionalidad de formador ocupacional.'),
array(3, '03', 'Certificado de Aptitud Pedagógica o título profesional de Especialización Didáctica o Certificado de Cualificación Pedagógica.'),
array(4, '04', 'Máster Universitario habilitante para el ejercicio de las Profesiones reguladas de Profesor de Educación Secundaria Obligatoria y Bachillerato, Formación Profesional y Escuelas Oficiales de Idiomas.'),
array(5, '05', 'Curso de formación equivalente a la formación pedagógica y didáctica exigida para aquellas personas que, estando en posesion de una titulación declarada equivalente a efectos de docencia, no pueden realizar los estudios de máster, establecida en la disposición adicional primera del Real Decreto 1834/2008, de 8 de noviembre.'),
array(6, '06', 'Experiencia docente contrastada de al menos 600 horas de impartición de acciones formativas de formación profesional para el empleo o del sistema educativo en modalidad presencial, en los últimos diez años.')
);
foreach ($competences as $competence) {
@ -738,15 +737,15 @@ foreach ($competences as $competence) {
}
$sepeTutorsCompanyTable = Database::get_main_table(SepePlugin::TABLE_SEPE_TUTORS_COMPANY);
Database::insert(
$sepeTutorsCompanyTable,
array(
'cod' => 1,
'alias' => 'Sin tutor',
'company' => 'SI',
'training' => 'SI'
)
);
Database::insert(
$sepeTutorsCompanyTable,
array(
'cod' => 1,
'alias' => 'Sin tutor',
'company' => 'SI',
'training' => 'SI'
)
);
/* Create extra fields for platform users */
$fieldlabel = 'sexo';
@ -789,9 +788,9 @@ $provinces = 'Albacete;Alicante/Alacant;Almería;Araba/Álava;Asturias;Ávila;Ba
$list_provinces = explode(';',$provinces);
$i = 1;
foreach ($list_provinces as $value) {
$sql = "INSERT INTO extra_field_options (field_id, option_value, display_text, option_order) VALUES ('".$field_id."', '".$i."', '".$value."','".$i."');";
Database::query($sql);
$i++;
$sql = "INSERT INTO extra_field_options (field_id, option_value, display_text, option_order) VALUES ('".$field_id."', '".$i."', '".$value."','".$i."');";
Database::query($sql);
$i++;
}
$fieldlabel = 'comunidad_residencia';
@ -803,12 +802,11 @@ $ccaa = ';Andalucía;Aragón;Asturias, Principado de;Balears, Illes;Canarias;Can
$list_ccaa = explode(';',$ccaa);
$i = 1;
foreach ($list_ccaa as $value) {
$sql = "INSERT INTO extra_field_options (field_id, option_value, display_text, option_order) VALUES ('".$field_id."', '".$i."', '".$value."','".$i."');";
Database::query($sql);
$i++;
$sql = "INSERT INTO extra_field_options (field_id, option_value, display_text, option_order) VALUES ('".$field_id."', '".$i."', '".$value."','".$i."');";
Database::query($sql);
$i++;
}
$fieldlabel = 'provincia_trabajo';
$fieldtype = '4';
$fieldtitle = 'Provincia Trabajo';
@ -817,9 +815,9 @@ $fielddefault = '';
$field_id = UserManager::create_extra_field($fieldlabel,$fieldtype,$fieldtitle,$fielddefault);
$i = 1;
foreach ($list_provincias as $value) {
$sql = "INSERT INTO extra_field_options (field_id, option_value, display_text, option_order) VALUES ('".$field_id."', '".$i."', '".$value."','".$i."');";
Database::query($sql);
$i++;
$sql = "INSERT INTO extra_field_options (field_id, option_value, display_text, option_order) VALUES ('".$field_id."', '".$i."', '".$value."','".$i."');";
Database::query($sql);
$i++;
}
$fieldlabel = 'comunidad_trabajo';
@ -830,9 +828,9 @@ $fielddefault = '';
$field_id = UserManager::create_extra_field($fieldlabel,$fieldtype,$fieldtitle,$fielddefault);
$i = 1;
foreach ($list_ccaa as $value) {
$sql = "INSERT INTO extra_field_options (field_id, option_value, display_text, option_order) VALUES ('".$field_id."', '".$i."', '".$value."','".$i."');";
Database::query($sql);
$i++;
$sql = "INSERT INTO extra_field_options (field_id, option_value, display_text, option_order) VALUES ('".$field_id."', '".$i."', '".$value."','".$i."');";
Database::query($sql);
$i++;
}
$fieldlabel = 'medio_conocimiento';

1
plugin/sepe/lang/english.php
Unescape View File

@ -289,3 +289,4 @@ $strings['NoSaveData'] = "Unable to save selection";
$strings['NoExistsCourse'] = "The course to which the training action is associated does not exist";
$strings['FormativeActionInUse'] = "The chosen training action is being used for another course";
$strings['ProblemToken'] = "Token not valid";
$strings['NoTutor'] = "No tutor";

5
plugin/sepe/lang/spanish.php
Unescape View File

@ -286,6 +286,7 @@ $strings['Situation50'] = "50-Cancelada";
$strings['ProblemGenerateApiKey'] = "Problema al generar una nueva api key";
$strings['ErrorDataIncorrect'] = "Error al recibir los datos";
$strings['NoSaveData'] = "No se ha podido guardar la selección";
$strings['NoExistsCourse'] = "El curso al que se le asocia la acci&oacute;n formativa no existe";
$strings['FormativeActionInUse'] = "La acci&oacute;n formativa elegida est&aacute; siendo usada por otro curso";
$strings['NoExistsCourse'] = "El curso al que se le asocia la acción formativa no existe";
$strings['FormativeActionInUse'] = "La acción formativa elegida está siendo usada por otro curso";
$strings['ProblemToken'] = "Token incorrecto, pruebe de nuevo a guardar los cambios";
$strings['NoTutor'] = "Sin tutor";

1
plugin/sepe/src/configuration.php
Unescape View File

@ -3,7 +3,6 @@
/**
* This script displays setting api key user.
* @package chamilo.plugin.sepe
*/
use \ChamiloSession as Session;

85
plugin/sepe/src/formative-action-edit.php
Unescape View File

@ -3,7 +3,6 @@
/**
* This script displays a formative action edit form.
* @package chamilo.plugin.sepe
*/
use \ChamiloSession as Session;
require_once '../config.php';
@ -15,29 +14,29 @@ $_cid = 0;
if (!empty($_POST)) {
$check = Security::check_token('post');
if ($check) {
$actionOrigin = trim(Security::remove_XSS(stripslashes($_POST['action_origin'])));
$actionCode = trim(Security::remove_XSS(stripslashes($_POST['action_code'])));
$situation = trim(Security::remove_XSS(stripslashes($_POST['situation'])));
$specialtyOrigin = trim(Security::remove_XSS(stripslashes($_POST['specialty_origin'])));
$professionalArea = trim(Security::remove_XSS(stripslashes($_POST['professional_area'])));
$specialtyCode = trim(Security::remove_XSS(stripslashes($_POST['specialty_code'])));
$duration = trim(Security::remove_XSS(stripslashes($_POST['duration'])));
$dayStart = trim(Security::remove_XSS(stripslashes($_POST['day_start'])));
$monthStart = trim(Security::remove_XSS(stripslashes($_POST['month_start'])));
$yearStart = trim(Security::remove_XSS(stripslashes($_POST['year_start'])));
$dayEnd = trim(Security::remove_XSS(stripslashes($_POST['day_end'])));
$monthEnd = trim(Security::remove_XSS(stripslashes($_POST['month_end'])));
$yearEnd = trim(Security::remove_XSS(stripslashes($_POST['year_end'])));
$fullItineraryIndicator = trim(Security::remove_XSS(stripslashes($_POST['full_itinerary_indicator'])));
$financingType = trim(Security::remove_XSS(stripslashes($_POST['financing_type'])));
$attendeesCount = trim(Security::remove_XSS(stripslashes($_POST['attendees_count'])));
$actionName = trim(Security::remove_XSS(stripslashes($_POST['action_name'])));
$globalInfo = trim(Security::remove_XSS(stripslashes($_POST['global_info'])));
$schedule = trim(Security::remove_XSS(stripslashes($_POST['schedule'])));
$requirements = trim(Security::remove_XSS(stripslashes($_POST['requirements'])));
$contactAction = trim(Security::remove_XSS(stripslashes($_POST['contact_action'])));
$actionId = trim(Security::remove_XSS(stripslashes($_POST['action_id'])));
$courseId = trim(Security::remove_XSS(stripslashes($_POST['course_id'])));
$actionOrigin = Database::escape_string(trim($_POST['action_origin']));
$actionCode = Database::escape_string(trim($_POST['action_code']));
$situation = Database::escape_string(trim($_POST['situation']));
$specialtyOrigin = Database::escape_string(trim($_POST['specialty_origin']));
$professionalArea = Database::escape_string(trim($_POST['professional_area']));
$specialtyCode = Database::escape_string(trim($_POST['specialty_code']));
$duration = Database::escape_string(trim($_POST['duration']));
$dayStart = Database::escape_string(trim($_POST['day_start']));
$monthStart = Database::escape_string(trim($_POST['month_start']));
$yearStart = Database::escape_string(trim($_POST['year_start']));
$dayEnd = Database::escape_string(trim($_POST['day_end']));
$monthEnd = Database::escape_string(trim($_POST['month_end']));
$yearEnd = Database::escape_string(trim($_POST['year_end']));
$fullItineraryIndicator = Database::escape_string(trim($_POST['full_itinerary_indicator']));
$financingType = Database::escape_string(trim($_POST['financing_type']));
$attendeesCount = intval($_POST['attendees_count']);
$actionName = Database::escape_string(trim($_POST['action_name']));
$globalInfo = Database::escape_string(trim($_POST['global_info']));
$schedule = Database::escape_string(trim($_POST['schedule']));
$requirements = Database::escape_string(trim($_POST['requirements']));
$contactAction = Database::escape_string(trim($_POST['contact_action']));
$actionId = intval($_POST['action_id']);
$courseId = intval($_POST['course_id']);
$startDate = $yearStart."-".$monthStart."-".$dayStart;
$endDate = $yearEnd."-".$monthEnd."-".$dayEnd;
@ -133,9 +132,9 @@ if (!empty($_POST)) {
$token = Security::get_token();
$_SESSION['sepe_message_error'] = $plugin->get_lang('ProblemToken');
session_write_close();
$actionId = trim(Security::remove_XSS(stripslashes($_POST['action_id'])));
$actionId = intval($_POST['action_id']);
if ($actionId == '0') {
$courseId = trim(Security::remove_XSS(stripslashes($_POST['course_id'])));
$courseId = intval($_POST['course_id']);
header("Location: formative-action-edit.php?new_action=1&cid=".$courseId);
} else {
header("Location: formative-action-edit.php?action_id=".$actionId);
@ -146,7 +145,7 @@ if (!empty($_POST)) {
}
if (api_is_platform_admin()) {
if (isset($_GET['new_action']) && $_GET['new_action'] == '1') {
if (isset($_GET['new_action']) && intval($_GET['new_action']) == 1) {
$info = array();
$interbreadcrumb[] = array("url" => "/plugin/sepe/src/sepe-administration-menu.php", "name" => $plugin->get_lang('MenuSepe'));
$interbreadcrumb[] = array("url" => "formative-actions-list.php", "name" => $plugin->get_lang('FormativesActionsList'));
@ -155,33 +154,33 @@ if (api_is_platform_admin()) {
$yearStart = $yearEnd = date("Y");
$tpl->assign('info', $info);
$tpl->assign('new_action', '1');
$tpl->assign('course_id', $_GET['cid']);
$tpl->assign('course_id', intval($_GET['cid']));
} else {
$courseId = getCourse($_GET['action_id']);
$courseId = getCourse(intval($_GET['action_id']));
$interbreadcrumb[] = array("url" => "/plugin/sepe/src/sepe-administration-menu.php", "name" => $plugin->get_lang('MenuSepe'));
$interbreadcrumb[] = array("url" => "formative-actions-list.php", "name" => $plugin->get_lang('FormativesActionsList'));
$interbreadcrumb[] = array("url" => "formative-action.php?cid=".$courseId, "name" => $plugin->get_lang('FormativeAction'));
$info = getActionInfo($_GET['action_id']);
$info = getActionInfo(intval($_GET['action_id']));
$templateName = $plugin->get_lang('formativeActionEdit');
$tpl = new Template($templateName);
$tpl->assign('info', $info);
if ($info['start_date'] != "0000-00-00" && $info['start_date'] != NULL) {
$tpl->assign('day_start', date("j",strtotime($info['start_date'])));
$tpl->assign('month_start', date("n",strtotime($info['start_date'])));
$tpl->assign('year_start', date("Y",strtotime($info['start_date'])));
$yearStart = date("Y",strtotime($info['start_date']));
} elseif (strpos($info['start_date'],'0000') === false) {
$yearStart = date("Y",strtotime($info['start_date']));
$tpl->assign('day_start', date("j", strtotime($info['start_date'])));
$tpl->assign('month_start', date("n", strtotime($info['start_date'])));
$tpl->assign('year_start', date("Y", strtotime($info['start_date'])));
$yearStart = date("Y", strtotime($info['start_date']));
} elseif (strpos($info['start_date'], '0000') === false) {
$yearStart = date("Y", strtotime($info['start_date']));
} else {
$yearStart = date("Y");
}
if ($info['end_date'] != "0000-00-00" && $info['end_date'] != NULL) {
$tpl->assign('day_end', date("j",strtotime($info['end_date'])));
$tpl->assign('month_end', date("n",strtotime($info['end_date'])));
$tpl->assign('year_end', date("Y",strtotime($info['end_date'])));
$yearEnd = date("Y",strtotime($info['end_date']));
} elseif (strpos($info['end_date'],'0000') === false) {
$yearEnd = date("Y",strtotime($info['end_date']));
$tpl->assign('day_end', date("j", strtotime($info['end_date'])));
$tpl->assign('month_end', date("n", strtotime($info['end_date'])));
$tpl->assign('year_end', date("Y", strtotime($info['end_date'])));
$yearEnd = date("Y", strtotime($info['end_date']));
} elseif (strpos($info['end_date'], '0000') === false) {
$yearEnd = date("Y", strtotime($info['end_date']));
} else {
$yearEnd = date("Y");
}
@ -210,7 +209,7 @@ if (api_is_platform_admin()) {
$tpl->assign('message_error', $_SESSION['sepe_message_error']);
unset($_SESSION['sepe_message_error']);
}
$tpl->assign('sec_token',$token);
$tpl->assign('sec_token', $token);
$listing_tpl = 'sepe/view/formative-action-edit.tpl';
$content = $tpl->fetch($listing_tpl);

63
plugin/sepe/src/formative-action.php
Unescape View File

@ -3,7 +3,6 @@
/**
* This script displays a basic info of formative action.
* @package chamilo.plugin.sepe
*/
use \ChamiloSession as Session;
@ -15,37 +14,37 @@ $plugin = SepePlugin::create();
$_cid = 0;
if (api_is_platform_admin()) {
$actionId = getActionId($_GET['cid']);
$info = getActionInfo($actionId);
if ($info === false) {
header("Location: formative-actions-list.php");
}
$templateName = $plugin->get_lang('FormativeActionData');
$interbreadcrumb[] = array("url" => "/plugin/sepe/src/sepe-administration-menu.php", "name" => $plugin->get_lang('MenuSepe'));
$interbreadcrumb[] = array("url" => "formative-actions-list.php", "name" => $plugin->get_lang('FormativesActionsList'));
$tpl = new Template($templateName);
if (isset($_SESSION['sepe_message_info'])) {
$tpl->assign('message_info', $_SESSION['sepe_message_info']);
unset($_SESSION['sepe_message_info']);
}
if (isset($_SESSION['sepe_message_error'])) {
$tpl->assign('message_error', $_SESSION['sepe_message_error']);
unset($_SESSION['sepe_message_error']);
}
$tpl->assign('info', $info);
$tpl->assign('start_date', date("d/m/Y",strtotime($info['start_date'])));
$tpl->assign('end_date', date("d/m/Y",strtotime($info['end_date'])));
$tpl->assign('action_id', $actionId);
$listSpecialty = specialtyList($actionId);
$tpl->assign('listSpecialty', $listSpecialty);
$listParticipant = participantList($actionId);
$tpl->assign('listParticipant', $listParticipant);
$listing_tpl = 'sepe/view/formative-action.tpl';
$content = $tpl->fetch($listing_tpl);
$tpl->assign('content', $content);
$tpl->display_one_col_template();
$actionId = getActionId(intval($_GET['cid']));
$info = getActionInfo($actionId);
if ($info === false) {
header("Location: formative-actions-list.php");
}
$templateName = $plugin->get_lang('FormativeActionData');
$interbreadcrumb[] = array("url" => "/plugin/sepe/src/sepe-administration-menu.php", "name" => $plugin->get_lang('MenuSepe'));
$interbreadcrumb[] = array("url" => "formative-actions-list.php", "name" => $plugin->get_lang('FormativesActionsList'));
$tpl = new Template($templateName);
if (isset($_SESSION['sepe_message_info'])) {
$tpl->assign('message_info', $_SESSION['sepe_message_info']);
unset($_SESSION['sepe_message_info']);
}
if (isset($_SESSION['sepe_message_error'])) {
$tpl->assign('message_error', $_SESSION['sepe_message_error']);
unset($_SESSION['sepe_message_error']);
}
$tpl->assign('info', $info);
$tpl->assign('start_date', date("d/m/Y",strtotime($info['start_date'])));
$tpl->assign('end_date', date("d/m/Y",strtotime($info['end_date'])));
$tpl->assign('action_id', $actionId);
$listSpecialty = specialtyList($actionId);
$tpl->assign('listSpecialty', $listSpecialty);
$listParticipant = participantList($actionId);
$tpl->assign('listParticipant', $listParticipant);
$listing_tpl = 'sepe/view/formative-action.tpl';
$content = $tpl->fetch($listing_tpl);
$tpl->assign('content', $content);
$tpl->display_one_col_template();
} else {
header('Location:' . api_get_path(WEB_PATH));
}

51
plugin/sepe/src/formative-actions-list.php
Unescape View File

@ -2,8 +2,7 @@
/* For licensing terms, see /license.txt */
/**
* This script displays a formatives actions list.
* @package chamilo.plugin.sepe
* This script displays a formatives actions list.
*/
use \ChamiloSession as Session;
@ -12,30 +11,30 @@ require_once '../config.php';
$plugin = SepePlugin::create();
if (api_is_platform_admin()) {
$templateName = $plugin->get_lang('FormativesActionsList');
$interbreadcrumb[] = array("url" => "/plugin/sepe/src/sepe-administration-menu.php", "name" => $plugin->get_lang('MenuSepe'));
$tpl = new Template($templateName);
if (isset($_SESSION['sepe_message_info'])) {
$tpl->assign('message_info', $_SESSION['sepe_message_info']);
unset($_SESSION['sepe_message_info']);
}
if (isset($_SESSION['sepe_message_error'])) {
$tpl->assign('message_error', $_SESSION['sepe_message_error']);
unset($_SESSION['sepe_message_error']);
}
$courseActionList = listCourseAction();
$courseFreeList = listCourseFree();
$actionFreeList = listActionFree();
$tpl->assign('course_action_list', $courseActionList);
$tpl->assign('course_free_list', $courseFreeList);
$tpl->assign('action_free_list', $actionFreeList);
$listing_tpl = 'sepe/view/formative-actions-list.tpl';
$content = $tpl->fetch($listing_tpl);
$tpl->assign('content', $content);
$tpl->display_one_col_template();
$templateName = $plugin->get_lang('FormativesActionsList');
$interbreadcrumb[] = array("url" => "/plugin/sepe/src/sepe-administration-menu.php", "name" => $plugin->get_lang('MenuSepe'));
$tpl = new Template($templateName);
if (isset($_SESSION['sepe_message_info'])) {
$tpl->assign('message_info', $_SESSION['sepe_message_info']);
unset($_SESSION['sepe_message_info']);
}
if (isset($_SESSION['sepe_message_error'])) {
$tpl->assign('message_error', $_SESSION['sepe_message_error']);
unset($_SESSION['sepe_message_error']);
}
$courseActionList = listCourseAction();
$courseFreeList = listCourseFree();
$actionFreeList = listActionFree();
$tpl->assign('course_action_list', $courseActionList);
$tpl->assign('course_free_list', $courseFreeList);
$tpl->assign('action_free_list', $actionFreeList);
$listing_tpl = 'sepe/view/formative-actions-list.tpl';
$content = $tpl->fetch($listing_tpl);
$tpl->assign('content', $content);
$tpl->display_one_col_template();
} else {
header('Location:' . api_get_path(WEB_PATH));
}

55
plugin/sepe/src/function.php
Unescape View File

@ -24,8 +24,8 @@ if ($_REQUEST['tab'] == 'delete_center_data') {
}
if ($_REQUEST['tab'] == 'delete_action') {
$id = $_REQUEST['id'];
$sql = "DELETE FROM $tableSepeActions WHERE id='".$id."';";
$id = intval($_REQUEST['id']);
$sql = "DELETE FROM $tableSepeActions WHERE id = $id;";
$res = Database::query($sql);
if (!$res) {
$content = $plugin->get_lang('ProblemToDeleteInfoAction') . Database::error();
@ -38,8 +38,8 @@ if ($_REQUEST['tab'] == 'delete_action') {
}
if ($_REQUEST['tab'] == 'delete_specialty') {
$id = substr($_REQUEST['id'],9);
$sql = "DELETE FROM $tableSepeSpecialty WHERE id='".$id."';";
$id = intval(substr($_REQUEST['id'],9));
$sql = "DELETE FROM $tableSepeSpecialty WHERE id = $id;";
$res = Database::query($sql);
if (!$res) {
$content = $plugin->get_lang('ProblemToDeleteInfoSpecialty') . Database::error();
@ -51,8 +51,8 @@ if ($_REQUEST['tab'] == 'delete_specialty') {
}
if ($_REQUEST['tab'] == 'delete_specialty_participant') {
$id = substr($_REQUEST['id'],9);
$sql = "DELETE FROM $tableSepeParticipantsSpecialty WHERE id='".$id."';";
$id = intval(substr($_REQUEST['id'],9));
$sql = "DELETE FROM $tableSepeParticipantsSpecialty WHERE id = $id;";
$res = Database::query($sql);
if (!$res) {
$content = $plugin->get_lang('ProblemToDeleteInfoSpecialty') . Database::error();
@ -64,8 +64,8 @@ if ($_REQUEST['tab'] == 'delete_specialty_participant') {
}
if ($_REQUEST['tab'] == 'delete_classroom') {
$id = substr($_REQUEST['id'],9);
$sql = "DELETE FROM $tableSepeSpecialtyClassroom WHERE id='".$id."';";
$id = intval(substr($_REQUEST['id'],9));
$sql = "DELETE FROM $tableSepeSpecialtyClassroom WHERE id = $id;";
$res = Database::query($sql);
if (!$res) {
$content = $plugin->get_lang('ProblemToDeleteInfoSpecialtyClassroom') . Database::error();
@ -77,10 +77,10 @@ if ($_REQUEST['tab'] == 'delete_classroom') {
}
if ($_REQUEST['tab'] == 'checkTutorEdit') {
$type = $_REQUEST['type'];
$number = $_REQUEST['number'];
$letter=$_REQUEST['letter'];
$platform_user_id = $_REQUEST['platform_user_id'];
$type = Database::escape_string(trim($_REQUEST['type']));
$number = Database::escape_string(trim($_REQUEST['number']));
$letter = Database::escape_string(trim($_REQUEST['letter']));
$platform_user_id = intval($_REQUEST['platform_user_id']);
$sql = "SELECT platform_user_id
FROM $tableSepeTutors
@ -92,7 +92,7 @@ if ($_REQUEST['tab'] == 'checkTutorEdit') {
exit;
} else {
$aux = Database::fetch_assoc($res);
if ($aux['platform_user_id'] == $platform_user_id || $aux['platform_user_id'] == '0') {
if ($aux['platform_user_id'] == $platform_user_id || $aux['platform_user_id'] == 0) {
echo json_encode(array("status" => "true"));
} else {
$content = $plugin->get_lang('ModDataTeacher');
@ -102,8 +102,8 @@ if ($_REQUEST['tab'] == 'checkTutorEdit') {
}
if ($_REQUEST['tab'] == 'delete_tutor') {
$id = substr($_REQUEST['id'],5);
$sql = "DELETE FROM $tableSepeSpecialtyTutors WHERE id='".$id."';";
$id = intval(substr($_REQUEST['id'],5));
$sql = "DELETE FROM $tableSepeSpecialtyTutors WHERE id = $id;";
$res = Database::query($sql);
if (!$res) {
$content = $plugin->get_lang('ProblemToDeleteInfoSpecialtyTutor') . Database::error();
@ -115,15 +115,15 @@ if ($_REQUEST['tab'] == 'delete_tutor') {
}
if ($_REQUEST['tab'] == 'delete_participant') {
$id = substr($_REQUEST['id'],11);
$sql = "SELECT platform_user_id, action_id FROM $tableSepeParticipants WHERE id='".$id."';";
$id = intval(substr($_REQUEST['id'],11));
$sql = "SELECT platform_user_id, action_id FROM $tableSepeParticipants WHERE id = $id;";
$res = Database::query($sql);
$row = Database::fetch_assoc($res);
$sql = "UPDATE plugin_sepe_log_participant SET fecha_baja='".date("Y-m-d H:i:s")."' WHERE platform_user_id='".$row['platform_user_id']."' AND action_id='".$row['action_id']."';";
$res = Database::query($sql);
$sql = "DELETE FROM $tableSepeParticipants WHERE id='".$id."';";
$sql = "DELETE FROM $tableSepeParticipants WHERE id = $id;";
$res = Database::query($sql);
if (!$res) {
$content = $plugin->get_lang('ProblemToDeleteInfoParticipant') . Database::error();
@ -135,8 +135,8 @@ if ($_REQUEST['tab'] == 'delete_participant') {
}
if ($_REQUEST['tab'] == 'unlink_action') {
$id = substr($_REQUEST['id'],16);
$sql = "DELETE FROM $tableSepeCourseActions WHERE id='".$id."';";
$id = intval(substr($_REQUEST['id'],16));
$sql = "DELETE FROM $tableSepeCourseActions WHERE id = $id;";
$res = Database::query($sql);
if (!$res) {
$content = $plugin->get_lang('ProblemToDesvincularInfoAction') . Database::error();
@ -148,26 +148,23 @@ if ($_REQUEST['tab'] == 'unlink_action') {
}
if ($_REQUEST['tab'] == 'assign_action') {
$course_id = substr($_REQUEST['course_id'],9);
$action_id = $_REQUEST['action_id'];
$course_id = intval(substr($_REQUEST['course_id'],9));
$action_id = intval($_REQUEST['action_id']);
if (trim($action_id) != '' && trim($course_id) != '') {
$action_id = Database::escape_string($action_id);
$course_id = Database::escape_string($course_id);
$sql = "SELECT * FROM $tableSepeCourseActions WHERE action_id='".$action_id."';";
if ($action_id != 0 && $course_id != 0) {
$sql = "SELECT * FROM $tableSepeCourseActions WHERE action_id = $action_id;";
$rs = Database::query($sql);
if (Database::num_rows($rs) > 0) {
$content = $plugin->get_lang('FormativeActionInUse');
echo json_encode(array("status" => "false", "content" => $content));
} else {
$sql = "SELECT 1 FROM course WHERE id='".$course_id."';";
$sql = "SELECT 1 FROM course WHERE id = $course_id;";
$rs = Database::query($sql);
if (Database::num_rows($rs) == 0) {
$content = $plugin->get_lang('NoExistsCourse');
echo json_encode(array("status" => "false", "content" => $content));
} else {
$sql = "INSERT INTO $tableSepeCourseActions (course_id, action_id) VALUES ('".$course_id."','".$action_id."');";
$sql = "INSERT INTO $tableSepeCourseActions (course_id, action_id) VALUES ($course_id, $action_id);";
$rs = Database::query($sql);
if (!$rs) {
$content = $plugin->get_lang('NoSaveData');

37
plugin/sepe/src/identification-data-edit.php
Unescape View File

@ -3,7 +3,6 @@
/**
* This script displays a data center edit form.
* @package chamilo.plugin.sepe
*/
use \ChamiloSession as Session;
@ -13,25 +12,25 @@ $plugin = SepePlugin::create();
if ( !empty($_POST)) {
$check = Security::check_token('post');
if ($check) {
$centerOrigin = trim(Security::remove_XSS(stripslashes($_POST['center_origin'])));
$centerCode = trim(Security::remove_XSS(stripslashes($_POST['center_code'])));
$centerName = trim(Security::remove_XSS(stripslashes($_POST['center_name'])));
$url = trim(Security::remove_XSS(stripslashes($_POST['url'])));
$trackingUrl = trim(Security::remove_XSS(stripslashes($_POST['tracking_url'])));
$phone = trim(Security::remove_XSS(stripslashes($_POST['phone'])));
$mail = trim(Security::remove_XSS(stripslashes($_POST['mail'])));
$id = trim(Security::remove_XSS(stripslashes($_POST['id'])));
$centerOrigin = Database::escape_string(trim($_POST['center_origin']));
$centerCode = Database::escape_string(trim($_POST['center_code']));
$centerName = Database::escape_string(trim($_POST['center_name']));
$url = Database::escape_string(trim($_POST['url']));
$trackingUrl = Database::escape_string(trim($_POST['tracking_url']));
$phone = Database::escape_string(trim($_POST['phone']));
$mail = Database::escape_string(trim($_POST['mail']));
$id = intval($_POST['id']);
if (checkIdentificationData()) {
$sql = "UPDATE $tableSepeCenter SET
center_origin='".$centerOrigin."',
center_code='".$centerCode."',
center_name='".$centerName."',
url='".$url."',
tracking_url='".$trackingUrl."',
phone='".$phone."',
mail='".$mail."'
WHERE id='".$id."'";
center_origin = '".$centerOrigin."',
center_code = '".$centerCode."',
center_name = '".$centerName."',
url = '".$url."',
tracking_url = '".$trackingUrl."',
phone = '".$phone."',
mail = '".$mail."'
WHERE id = $id";
} else {
$sql = "INSERT INTO $tableSepeCenter (
id,
@ -43,7 +42,7 @@ if ( !empty($_POST)) {
phone,
mail
) VALUES (
'1',
1,
'".$centerOrigin."',
'".$centerCode."',
'".$centerName."',
@ -84,7 +83,7 @@ if (api_is_platform_admin()) {
$tpl->assign('message_error', $_SESSION['sepe_message_error']);
unset($_SESSION['sepe_message_error']);
}
$tpl->assign('sec_token',$token);
$tpl->assign('sec_token', $token);
$listing_tpl = 'sepe/view/identification-data-edit.tpl';
$content = $tpl->fetch($listing_tpl);
$tpl->assign('content', $content);

1
plugin/sepe/src/identification-data.php
Unescape View File

@ -3,7 +3,6 @@
/**
* This script displays a basic info about data center.
* @package chamilo.plugin.sepe
*/
use \ChamiloSession as Session;

59
plugin/sepe/src/index.sepe.php
Unescape View File

@ -2,7 +2,6 @@
/* For license terms, see /license.txt */
/**
* Index of the Sepe plugin
* @package chamilo.plugin.sepe
*/
$plugin = SepePlugin::create();
@ -10,34 +9,34 @@ $enable = $plugin->get('sepe_enable') == 'true';
$title = $plugin->get_lang('AdministratorSepe');
$pluginPath = api_get_path(WEB_PLUGIN_PATH).'sepe/src/';
if (api_is_platform_admin() && $enable) {
echo '<div class="panel panel-default">';
echo '<div class="panel-heading" role="tab">';
echo '<h4 class="panel-title">'.$title.'</h4>';
echo '</div>';
echo '<div class="panel-collapse collapse in" role="tabpanel">';
echo '<div class="panel-body">';
echo '<ul class="nav nav-pills nav-stacked">';
echo '<li>';
echo '<a href="'.$pluginPath.'identification-data.php">';
echo '<img src="'.api_get_path(WEB_PLUGIN_PATH).'sepe/resources/list.png">';
echo $plugin->get_lang('DataCenter');
echo '</a>';
echo '</li>';
echo '<li>';
echo '<a href="'.$pluginPath.'formative-actions-list.php">';
echo '<img src="'.api_get_path(WEB_PLUGIN_PATH).'sepe/resources/forms.png">';
echo $plugin->get_lang('FormativeActionsForm');
echo '</a>';
echo '</li>';
echo '<li>';
echo '<a href="'.$pluginPath.'configuration.php">';
echo '<img src="'.api_get_path(WEB_PLUGIN_PATH).'sepe/resources/settings.png">';
echo $plugin->get_lang('Setting');
echo '</a>';
echo '</li>';
echo '</ul>';
echo '</div>';
echo '</div>';
echo '</div>';
echo '<div class="panel panel-default">';
echo '<div class="panel-heading" role="tab">';
echo '<h4 class="panel-title">'.$title.'</h4>';
echo '</div>';
echo '<div class="panel-collapse collapse in" role="tabpanel">';
echo '<div class="panel-body">';
echo '<ul class="nav nav-pills nav-stacked">';
echo '<li>';
echo '<a href="'.$pluginPath.'identification-data.php">';
echo '<img src="'.api_get_path(WEB_PLUGIN_PATH).'sepe/resources/list.png">';
echo $plugin->get_lang('DataCenter');
echo '</a>';
echo '</li>';
echo '<li>';
echo '<a href="'.$pluginPath.'formative-actions-list.php">';
echo '<img src="'.api_get_path(WEB_PLUGIN_PATH).'sepe/resources/forms.png">';
echo $plugin->get_lang('FormativeActionsForm');
echo '</a>';
echo '</li>';
echo '<li>';
echo '<a href="'.$pluginPath.'configuration.php">';
echo '<img src="'.api_get_path(WEB_PLUGIN_PATH).'sepe/resources/settings.png">';
echo $plugin->get_lang('Setting');
echo '</a>';
echo '</li>';
echo '</ul>';
echo '</div>';
echo '</div>';
echo '</div>';
}

398
plugin/sepe/src/participant-action-edit.php
Unescape View File

@ -3,7 +3,6 @@
/**
* This script displays a participant edit form.
* @package chamilo.plugin.sepe
*/
use \ChamiloSession as Session;
@ -16,215 +15,226 @@ $_cid = 0;
if ( !empty($_POST)) {
$check = Security::check_token('post');
if ($check) {
$companyTutorId = trim(Security::remove_XSS(stripslashes($_POST['company_tutor_id'])));
$tutorCompanyDocumentType = trim(Security::remove_XSS(stripslashes($_POST['tutor_company_document_type'])));
$tutorCompanyDocumentNumber = trim(Security::remove_XSS(stripslashes($_POST['tutor_company_document_number'])));
$tutorCompanyDocumentLetter = trim(Security::remove_XSS(stripslashes($_POST['tutor_company_document_letter'])));
$tutorCompanyAlias = trim(Security::remove_XSS(stripslashes($_POST['tutor_company_alias'])));
$trainingTutorId = trim(Security::remove_XSS(stripslashes($_POST['training_tutor_id'])));
$tutorTrainingDocumentType = trim(Security::remove_XSS(stripslashes($_POST['tutor_training_document_type'])));
$tutorTrainingDocumentNumber = trim(Security::remove_XSS(stripslashes($_POST['tutor_training_document_number'])));
$tutorTrainingDocumentLetter = trim(Security::remove_XSS(stripslashes($_POST['tutor_training_document_letter'])));
$tutorTrainingAlias = trim(Security::remove_XSS(stripslashes($_POST['tutor_training_alias'])));
$newParticipant = trim(Security::remove_XSS(stripslashes($_POST['new_participant'])));
$platformUserId = trim(Security::remove_XSS(stripslashes($_POST['platform_user_id'])));
$documentType = trim(Security::remove_XSS(stripslashes($_POST['document_type'])));
$documentNumber = trim(Security::remove_XSS(stripslashes($_POST['document_number'])));
$documentLetter = trim(Security::remove_XSS(stripslashes($_POST['document_letter'])));
$keyCompetence = trim(Security::remove_XSS(stripslashes($_POST['key_competence'])));
$contractId = trim(Security::remove_XSS(stripslashes($_POST['contract_id'])));
$companyFiscalNumber = trim(Security::remove_XSS(stripslashes($_POST['company_fiscal_number'])));
$participantId = trim(Security::remove_XSS(stripslashes($_POST['participant_id'])));
$actionId = trim(Security::remove_XSS(stripslashes($_POST['action_id'])));
if (isset($companyTutorId) && $companyTutorId == "new_company_tutor") {
$sql = "SELECT * FROM $tableTutorCompany
WHERE document_type='".$tutorCompanyDocumentType."' AND document_number='".$tutorCompanyDocumentNumber."' AND document_letter='".$tutorCompanyDocumentLetter."';";
$rs = Database::query($sql);
if (Database::num_rows($rs) > 0) {
$row = Database::fetch_assoc($rs);
$companyTutorId = $row['id'];
$sql = "UPDATE $tableTutorCompany SET company='1' WHERE id='".$companyTutorId."'";
Database::query($sql);
} else {
$sql = "INSERT INTO $tableTutorCompany (alias,document_type,document_number,document_letter,company)
VALUES ('".$tutorCompanyAlias."','".$tutorCompanyDocumentType."','".$tutorCompanyDocumentNumber."','".$tutorCompanyDocumentLetter."','1');";
$rs = Database::query($sql);
if (!$rs) {
echo Database::error();
} else {
$companyTutorId = Database::insert_id();
}
}
}
if (isset($trainingTutorId) && $trainingTutorId == "new_training_tutor") {
$sql = "SELECT * FROM $tableTutorCompany
WHERE document_type='".$tutorTrainingDocumentType."' AND document_number='".$tutorTrainingDocumentNumber."' AND document_letter='".$tutorTrainingDocumentLetter."';";
$rs = Database::query($sql);
$companyTutorId = (!empty($_POST['company_tutor_id']) ? intval($_POST['company_tutor_id']) : NULL);
$trainingTutorId = (!empty($_POST['training_tutor_id']) ? intval($_POST['training_tutor_id']) : NULL);
$tutorCompanyDocumentType = Database::escape_string(trim($_POST['tutor_company_document_type']));
$tutorCompanyDocumentNumber = Database::escape_string(trim($_POST['tutor_company_document_number']));
$tutorCompanyDocumentLetter = Database::escape_string(trim($_POST['tutor_company_document_letter']));
$tutorCompanyAlias = Database::escape_string(trim($_POST['tutor_company_alias']));
$tutorTrainingDocumentType = Database::escape_string(trim($_POST['tutor_training_document_type']));
$tutorTrainingDocumentNumber = Database::escape_string(trim($_POST['tutor_training_document_number']));
$tutorTrainingDocumentLetter = Database::escape_string(trim($_POST['tutor_training_document_letter']));
$tutorTrainingAlias = Database::escape_string(trim($_POST['tutor_training_alias']));
$newParticipant = intval($_POST['new_participant']);
$platformUserId = intval($_POST['platform_user_id']);
$documentType = Database::escape_string(trim($_POST['document_type']));
$documentNumber = Database::escape_string(trim($_POST['document_number']));
$documentLetter = Database::escape_string(trim($_POST['document_letter']));
$keyCompetence = Database::escape_string(trim($_POST['key_competence']));
$contractId = Database::escape_string(trim($_POST['contract_id']));
$companyFiscalNumber = Database::escape_string(trim($_POST['company_fiscal_number']));
$participantId = intval($_POST['participant_id']);
$actionId = intval($_POST['action_id']);
if (isset($companyTutorId) && $companyTutorId == 0) {
$sql = "SELECT * FROM $tableTutorCompany
WHERE document_type = '".$tutorCompanyDocumentType."'
AND document_number = '".$tutorCompanyDocumentNumber."'
AND document_letter = '".$tutorCompanyDocumentLetter."';";
$rs = Database::query($sql);
if (Database::num_rows($rs) > 0) {
$row = Database::fetch_assoc($rs);
$companyTutorId = $row['id'];
$sql = "UPDATE $tableTutorCompany SET company = 1 WHERE id = $companyTutorId";
Database::query($sql);
} else {
$sql = "INSERT INTO $tableTutorCompany (alias,document_type,document_number,document_letter,company)
VALUES ('".$tutorCompanyAlias."','".$tutorCompanyDocumentType."','".$tutorCompanyDocumentNumber."','".$tutorCompanyDocumentLetter."','1');";
$rs = Database::query($sql);
if (!$rs) {
echo Database::error();
} else {
$companyTutorId = Database::insert_id();
}
}
}
if (isset($trainingTutorId) && $trainingTutorId == 0) {
$sql = "SELECT * FROM $tableTutorCompany
WHERE document_type = '".$tutorTrainingDocumentType."' AND document_number = '".$tutorTrainingDocumentNumber."' AND document_letter = '".$tutorTrainingDocumentLetter."';";
$rs = Database::query($sql);
if (Database::num_rows($rs) > 0) {
$row = Database::fetch_assoc($rs);
$trainingTutorId = $row['id'];
$sql = "UPDATE $tableTutorCompany SET training='1' WHERE id='".$trainingTutorId."'";
Database::query($sql);
} else {
$sql = "INSERT INTO $tableTutorCompany (alias,document_type,document_number,document_letter,training)
VALUES ('".$tutorTrainingAlias."','".$tutorTrainingDocumentType."','".$tutorTrainingDocumentNumber."','".$tutorTrainingDocumentLetter."','1');";
$rs = Database::query($sql);
if (!$rs) {
echo Database::error();
} else {
$trainingTutorId = Database::insert_id();
}
}
}
if (isset($newParticipant) && $newParticipant != "1") {
$sql = "UPDATE plugin_sepe_participants SET
platform_user_id='".$platformUserId."',
document_type='".$documentType."',
document_number='".$documentNumber."',
document_letter='".$documentLetter."',
key_competence='".$keyCompetence."',
contract_id='".$contractId."',
company_fiscal_number='".$companyFiscalNumber."',
company_tutor_id='".$companyTutorId."',
training_tutor_id='".$trainingTutorId."'
WHERE id='".$participantId."';";
} else {
$sql = "INSERT INTO plugin_sepe_participants(
action_id,
platform_user_id,
document_type,
document_number,
document_letter,
key_competence,
contract_id,
company_fiscal_number,
company_tutor_id,
training_tutor_id
) VALUES (
'".$actionId."',
'".$platformUserId."',
'".$documentType."',
'".$documentNumber."',
'".$documentLetter."',
'".$keyCompetence."',
'".$contractId."',
'".$companyFiscalNumber."',
'".$companyTutorId."',
'".$trainingTutorId."'
);";
}
$res = Database::query($sql);
if (!$res) {
error_log(Database::error());
$_SESSION['sepe_message_error'] = $plugin->get_lang('NoSaveChange');
} else {
if ($newParticipant == '1') {
$participantId = Database::insert_id();
}
$insertLog = checkInsertNewLog($platformUserId,$actionId);
if ($insertLog) {
$sql = "INSERT INTO $tableSepeLogParticipant (
if (Database::num_rows($rs) > 0) {
$row = Database::fetch_assoc($rs);
$trainingTutorId = $row['id'];
$sql = "UPDATE $tableTutorCompany SET training = 1 WHERE id = $trainingTutorId";
Database::query($sql);
} else {
$sql = "INSERT INTO $tableTutorCompany (alias,document_type,document_number,document_letter,training)
VALUES ('".$tutorTrainingAlias."','".$tutorTrainingDocumentType."','".$tutorTrainingDocumentNumber."','".$tutorTrainingDocumentLetter."','1');";
$rs = Database::query($sql);
if (!$rs) {
echo Database::error();
} else {
$trainingTutorId = Database::insert_id();
}
}
}
if (isset($newParticipant) && $newParticipant != 1) {
$sql = "UPDATE $tableSepeParticipants SET
platform_user_id = '".$platformUserId."',
document_type = '".$documentType."',
document_number = '".$documentNumber."',
document_letter = '".$documentLetter."',
key_competence = '".$keyCompetence."',
contract_id = '".$contractId."',
company_fiscal_number = '".$companyFiscalNumber."'
WHERE id = $participantId";
} else {
$sql = "INSERT INTO $tableSepeParticipants(
action_id,
platform_user_id,
document_type,
document_number,
document_letter,
key_competence,
contract_id,
company_fiscal_number
) VALUES (
'".$actionId."',
'".$platformUserId."',
'".$documentType."',
'".$documentNumber."',
'".$documentLetter."',
'".$keyCompetence."',
'".$contractId."',
'".$companyFiscalNumber."'
);";
}
$res = Database::query($sql);
if (!$res) {
error_log(Database::error());
$_SESSION['sepe_message_error'] = $plugin->get_lang('NoSaveChange');
} else {
if ($newParticipant == 1) {
$participantId = Database::insert_id();
}
// Update tutors
if (is_null($companyTutorId)) {
$sql = "UPDATE $tableSepeParticipants SET company_tutor_id = NULL WHERE id = $participantId";
} else {
$sql = "UPDATE $tableSepeParticipants SET company_tutor_id = $companyTutorId WHERE id = $participantId";
}
Database::query($sql);
if (is_null($trainingTutorId)) {
$sql = "UPDATE $tableSepeParticipants SET training_tutor_id = NULL WHERE id = $participantId";
} else {
$sql = "UPDATE $tableSepeParticipants SET training_tutor_id = $trainingTutorId WHERE id = $participantId";
}
Database::query($sql);
$insertLog = checkInsertNewLog($platformUserId,$actionId);
if ($insertLog) {
$sql = "INSERT INTO $tableSepeLogParticipant (
platform_user_id,
action_id,
registration_date
) VALUES (
'".$platformUserId."',
'".$actionId."',
'".date("Y-m-d H:i:s")."'
);";
} else {
$sql = "INSERT INTO $tableSepeLogChangeParticipant (
registration_date
) VALUES (
'".$platformUserId."',
'".$actionId."',
'".date("Y-m-d H:i:s")."'
);";
} else {
$sql = "INSERT INTO $tableSepeLogChangeParticipant (
platform_user_id,
action_id,
change_date
) VALUES (
'".$platformUserId."',
'".$actionId."',
'".date("Y-m-d H:i:s")."'
);";
}
$res = Database::query($sql);
$_SESSION['sepe_message_info'] = $plugin->get_lang('SaveChange');
}
session_write_close();
header("Location: participant-action-edit.php?new_participant=0&participant_id=".$participantId."&action_id=".$actionId);
action_id,
change_date
) VALUES (
'".$platformUserId."',
'".$actionId."',
'".date("Y-m-d H:i:s")."'
);";
}
$res = Database::query($sql);
$_SESSION['sepe_message_info'] = $plugin->get_lang('SaveChange');
}
session_write_close();
header("Location: participant-action-edit.php?new_participant=0&participant_id=".$participantId."&action_id=".$actionId);
} else {
$participantId = trim(Security::remove_XSS(stripslashes($_POST['participant_id'])));
$actionId = trim(Security::remove_XSS(stripslashes($_POST['action_id'])));
$newParticipant = trim(Security::remove_XSS(stripslashes($_POST['new_participant'])));
$participantId = intval($_POST['participant_id']);
$actionId = intval($_POST['action_id']);
$newParticipant = intval($_POST['new_participant']);
Security::clear_token();
$token = Security::get_token();
$_SESSION['sepe_message_error'] = $plugin->get_lang('ProblemToken');
session_write_close();
header("Location: participant-action-edit.php?new_participant=".$newParticipant."&participant_id=".$participantId."&action_id=".$actionId);
header("Location: participant-action-edit.php?new_participant=".$newParticipant."&participant_id=".$participantId."&action_id=".$actionId);
}
} else {
$token = Security::get_token();
}
if (api_is_platform_admin()) {
$courseId = getCourse($_GET['action_id']);
$interbreadcrumb[] = array("url" => "/plugin/sepe/src/sepe-administration-menu.php", "name" => $plugin->get_lang('MenuSepe'));
$interbreadcrumb[] = array("url" => "formative-actions-list.php", "name" => $plugin->get_lang('FormativesActionsList'));
$interbreadcrumb[] = array("url" => "formative-action.php?cid=".$courseId, "name" => $plugin->get_lang('FormativeAction'));
if (isset($_GET['new_participant']) && $_GET['new_participant'] == '1') {
$templateName = $plugin->get_lang('NewParticipantAction');
$tpl = new Template($templateName);
$tpl->assign('action_id', $_GET['action_id']);
$info = array();
$tpl->assign('info', $info);
$tpl->assign('new_participant', '1');
} else {
$templateName = $plugin->get_lang('EditParticipantAction');
$tpl = new Template($templateName);
$tpl->assign('action_id', $_GET['action_id']);
$info = getInfoParticipantAction($_GET['participant_id']);
$tpl->assign('info', $info);
$tpl->assign('new_participant', '0');
$tpl->assign('participant_id', $_GET['participant_id']);
if ($info['platform_user_id'] != 0) {
$infoUserPlatform = api_get_user_info($info['platform_user_id']);//UserManager::get_user_info_by_id($info['platform_user_id']);
$tpl->assign('info_user_platform', $infoUserPlatform);
}
$listParticipantSpecialty = listParticipantSpecialty($_GET['participant_id']);
$tpl->assign('listParticipantSpecialty', $listParticipantSpecialty);
}
$courseCode = getCourseCode($_GET['action_id']);
$listStudentInfo = array();
$listStudent = CourseManager::get_student_list_from_course_code($courseCode);
foreach ($listStudent as $value) {
$sql = "SELECT 1 FROM $tableSepeParticipants WHERE platform_user_id='".$value['user_id']."';";
$res = Database::query($sql);
if (Database::num_rows($res)==0) {
$listStudentInfo[] = api_get_user_info($value['user_id']);
}
}
$actionId = intval($_GET['action_id']);
$courseId = getCourse($actionId);
$interbreadcrumb[] = array("url" => "/plugin/sepe/src/sepe-administration-menu.php", "name" => $plugin->get_lang('MenuSepe'));
$interbreadcrumb[] = array("url" => "formative-actions-list.php", "name" => $plugin->get_lang('FormativesActionsList'));
$interbreadcrumb[] = array("url" => "formative-action.php?cid=".$courseId, "name" => $plugin->get_lang('FormativeAction'));
if (isset($_GET['new_participant']) && intval($_GET['new_participant']) == 1) {
$templateName = $plugin->get_lang('NewParticipantAction');
$tpl = new Template($templateName);
$tpl->assign('action_id', $actionId);
$info = array();
$tpl->assign('info', $info);
$tpl->assign('new_participant', '1');
} else {
$templateName = $plugin->get_lang('EditParticipantAction');
$tpl = new Template($templateName);
$tpl->assign('action_id', $actionId);
$info = getInfoParticipantAction(intval($_GET['participant_id']));
$tpl->assign('info', $info);
$tpl->assign('new_participant', '0');
$tpl->assign('participant_id', intval($_GET['participant_id']));
if ($info['platform_user_id'] != 0) {
$infoUserPlatform = api_get_user_info($info['platform_user_id']);
$tpl->assign('info_user_platform', $infoUserPlatform);
}
$listParticipantSpecialty = listParticipantSpecialty(intval($_GET['participant_id']));
$tpl->assign('listParticipantSpecialty', $listParticipantSpecialty);
}
$courseCode = getCourseCode($actionId);
$listStudentInfo = array();
$listStudent = CourseManager::get_student_list_from_course_code($courseCode);
foreach ($listStudent as $value) {
$sql = "SELECT 1 FROM $tableSepeParticipants WHERE platform_user_id = '".$value['user_id']."';";
$res = Database::query($sql);
if (Database::num_rows($res) == 0) {
$listStudentInfo[] = api_get_user_info($value['user_id']);
}
}
$tpl->assign('listStudent', $listStudentInfo);
$listTutorCompany = array();
$listTutorCompany = listTutorType("company='1'");
$tpl->assign('list_tutor_company', $listTutorCompany);
$listTutorTraining = array();
$listTutorTraining= listTutorType("training='1'");
$tpl->assign('list_tutor_training', $listTutorTraining);
if (isset($_SESSION['sepe_message_info'])) {
$tpl->assign('message_info', $_SESSION['sepe_message_info']);
unset($_SESSION['sepe_message_info']);
}
if (isset($_SESSION['sepe_message_error'])) {
$tpl->assign('message_error', $_SESSION['sepe_message_error']);
unset($_SESSION['sepe_message_error']);
}
$tpl->assign('sec_token',$token);
$listing_tpl = 'sepe/view/participant-action-edit.tpl';
$content = $tpl->fetch($listing_tpl);
$tpl->assign('content', $content);
$tpl->display_one_col_template();
$listTutorCompany = array();
$listTutorCompany = listTutorType("company = '1'");
$tpl->assign('list_tutor_company', $listTutorCompany);
$listTutorTraining = array();
$listTutorTraining= listTutorType("training = '1'");
$tpl->assign('list_tutor_training', $listTutorTraining);
if (isset($_SESSION['sepe_message_info'])) {
$tpl->assign('message_info', $_SESSION['sepe_message_info']);
unset($_SESSION['sepe_message_info']);
}
if (isset($_SESSION['sepe_message_error'])) {
$tpl->assign('message_error', $_SESSION['sepe_message_error']);
unset($_SESSION['sepe_message_error']);
}
$tpl->assign('sec_token', $token);
$listing_tpl = 'sepe/view/participant-action-edit.tpl';
$content = $tpl->fetch($listing_tpl);
$tpl->assign('content', $content);
$tpl->display_one_col_template();
} else {
header('Location:' . api_get_path(WEB_PATH));
}

178
plugin/sepe/src/participant-specialty-edit.php
Unescape View File

@ -3,7 +3,6 @@
/**
* This script displays a participant specialty edit form.
* @package chamilo.plugin.sepe
*/
use \ChamiloSession as Session;
@ -16,51 +15,51 @@ $_cid = 0;
if ( !empty($_POST)) {
$check = Security::check_token('post');
if ($check) {
$newSpecialty = trim(Security::remove_XSS(stripslashes($_POST['new_specialty'])));
$specialtyOrigin = trim(Security::remove_XSS(stripslashes($_POST['specialty_origin'])));
$professionalArea = trim(Security::remove_XSS(stripslashes($_POST['professional_area'])));
$specialtyCode = trim(Security::remove_XSS(stripslashes($_POST['specialty_code'])));
$centerOrigin = trim(Security::remove_XSS(stripslashes($_POST['center_origin'])));
$centerCode = trim(Security::remove_XSS(stripslashes($_POST['center_code'])));
$finalResult = trim(Security::remove_XSS(stripslashes($_POST['final_result'])));
$finalQualification = trim(Security::remove_XSS(stripslashes($_POST['final_qualification'])));
$finalScore = trim(Security::remove_XSS(stripslashes($_POST['final_score'])));
$yearRegistration = trim(Security::remove_XSS(stripslashes($_POST['year_registration'])));
$monthRegistration = trim(Security::remove_XSS(stripslashes($_POST['month_registration'])));
$dayRegistration = trim(Security::remove_XSS(stripslashes($_POST['day_registration'])));
$yearLeaving = trim(Security::remove_XSS(stripslashes($_POST['year_leaving'])));
$monthLeaving = trim(Security::remove_XSS(stripslashes($_POST['month_leaving'])));
$dayLeaving = trim(Security::remove_XSS(stripslashes($_POST['day_leaving'])));
$dayStart = trim(Security::remove_XSS(stripslashes($_POST['day_start'])));
$monthStart = trim(Security::remove_XSS(stripslashes($_POST['month_start'])));
$yearStart = trim(Security::remove_XSS(stripslashes($_POST['year_start'])));
$dayEnd = trim(Security::remove_XSS(stripslashes($_POST['day_end'])));
$monthEnd = trim(Security::remove_XSS(stripslashes($_POST['month_end'])));
$yearEnd = trim(Security::remove_XSS(stripslashes($_POST['year_end'])));
$participantId = trim(Security::remove_XSS(stripslashes($_POST['participant_id'])));
$actionId = trim(Security::remove_XSS(stripslashes($_POST['action_id'])));
$specialtyId = trim(Security::remove_XSS(stripslashes($_POST['specialty_id'])));
$newSpecialty = intval($_POST['new_specialty']);
$specialtyOrigin = Database::escape_string(trim($_POST['specialty_origin']));
$professionalArea = Database::escape_string(trim($_POST['professional_area']));
$specialtyCode = Database::escape_string(trim($_POST['specialty_code']));
$centerOrigin = Database::escape_string(trim($_POST['center_origin']));
$centerCode = Database::escape_string(trim($_POST['center_code']));
$finalResult = Database::escape_string(trim($_POST['final_result']));
$finalQualification = Database::escape_string(trim($_POST['final_qualification']));
$finalScore = Database::escape_string(trim($_POST['final_score']));
$yearRegistration = Database::escape_string(trim($_POST['year_registration']));
$monthRegistration = Database::escape_string(trim($_POST['month_registration']));
$dayRegistration = Database::escape_string(trim($_POST['day_registration']));
$yearLeaving = Database::escape_string(trim($_POST['year_leaving']));
$monthLeaving = Database::escape_string(trim($_POST['month_leaving']));
$dayLeaving = Database::escape_string(trim($_POST['day_leaving']));
$dayStart = Database::escape_string(trim($_POST['day_start']));
$monthStart = Database::escape_string(trim($_POST['month_start']));
$yearStart = Database::escape_string(trim($_POST['year_start']));
$dayEnd = Database::escape_string(trim($_POST['day_end']));
$monthEnd = Database::escape_string(trim($_POST['month_end']));
$yearEnd = Database::escape_string(trim($_POST['year_end']));
$participantId = intval($_POST['participant_id']);
$actionId = intval($_POST['action_id']);
$specialtyId = intval($_POST['specialty_id']);
$registrationDate = $yearRegistration."-".$monthRegistration."-".$dayRegistration;
$leavingDate = $yearLeaving."-".$monthLeaving."-".$dayLeaving;
$startDate = $yearStart."-".$monthStart."-".$dayStart;
$endDate = $yearEnd."-".$monthEnd."-".$dayEnd;
if (isset($newSpecialty) && $newSpecialty != "1") {
if (isset($newSpecialty) && $newSpecialty != 1) {
$sql = "UPDATE $tableSepeParticipantsSpecialty SET
specialty_origin='".$specialtyOrigin."',
professional_area='".$professionalArea."',
specialty_code='".$specialtyCode."',
registration_date='".$registrationDate."',
leaving_date='".$leavingDate."',
center_origin='".$centerOrigin."',
center_code='".$centerCode."',
start_date='".$startDate."',
end_date='".$endDate."',
final_result='".$finalResult."',
final_qualification='".$finalQualification."',
final_score='".$finalScore."'
WHERE id='".$specialtyId."';";
specialty_origin = '".$specialtyOrigin."',
professional_area = '".$professionalArea."',
specialty_code = '".$specialtyCode."',
registration_date = '".$registrationDate."',
leaving_date = '".$leavingDate."',
center_origin = '".$centerOrigin."',
center_code = '".$centerCode."',
start_date = '".$startDate."',
end_date = '".$endDate."',
final_result = '".$finalResult."',
final_qualification = '".$finalQualification."',
final_score = '".$finalScore."'
WHERE id = $specialtyId";
} else {
$sql = "INSERT INTO $tableSepeParticipantsSpecialty (
participant_id,
@ -77,7 +76,7 @@ if ( !empty($_POST)) {
final_qualification,
final_score
) VALUES (
'".$participantId."',
$participantId,
'".$specialtyOrigin."',
'".$professionalArea."',
'".$specialtyCode."',
@ -102,8 +101,8 @@ if ( !empty($_POST)) {
$specialtyId = Database::insert_id();
}
$platformUserId = etUserPlatformFromParticipant($participantId);
$insertLog = checkInsertNewLog($platformUserId,$actionId);
$platformUserId = getUserPlatformFromParticipant($participantId);
$insertLog = checkInsertNewLog($platformUserId, $actionId);
if ($insertLog) {
if ($finalResult == "1" || $finalResult == "2") {
$leavingDateLog = date("Y-m-d H:i:s");
@ -117,16 +116,16 @@ if ( !empty($_POST)) {
leaving_date
) VALUES (
'".$platformUserId."',
'".$actionId."',
'".date("Y-m-d H:i:s")."'
'".$leavingDateLog."'
);";
'".$actionId."',
'".date("Y-m-d H:i:s")."'
'".$leavingDateLog."'
);";
} else {
if ($finalResult == "1" || $finalResult == "2") {
$sql = "UPDATE $tableSepeLogParticipant
SET leaving_date='".date("Y-m-d H:i:s")."'
WHERE platform_user_id='".$platformUserId."' AND action_id='".$actionId."';";
SET leaving_date = '".date("Y-m-d H:i:s")."'
WHERE platform_user_id = '".$platformUserId."' AND action_id = '".$actionId."';";
} else {
$sql = "INSERT INTO $tableSepeLogChangeParticipant (
platform_user_id,
@ -134,9 +133,9 @@ if ( !empty($_POST)) {
change_date
) VALUES (
'".$platformUserId."',
'".$actionId."',
'".date("Y-m-d H:i:s")."'
);";
'".$actionId."',
'".date("Y-m-d H:i:s")."'
);";
}
}
$res = Database::query($sql);
@ -144,10 +143,10 @@ if ( !empty($_POST)) {
session_write_close();
header("Location: participant-specialty-edit.php?new_specialty=0&specialty_id=".$specialtyId."&participant_id=".$participantId."&action_id=".$actionId);
} else {
$newSpecialty = trim(Security::remove_XSS(stripslashes($_POST['new_specialty'])));
$participantId = trim(Security::remove_XSS(stripslashes($_POST['participant_id'])));
$actionId = trim(Security::remove_XSS(stripslashes($_POST['action_id'])));
$specialtyId = trim(Security::remove_XSS(stripslashes($_POST['specialty_id'])));
$newSpecialty = intval($_POST['new_specialty']);
$participantId = intval($_POST['participant_id']);
$actionId = intval($_POST['action_id']);
$specialtyId = intval($_POST['specialty_id']);
Security::clear_token();
$token = Security::get_token();
$_SESSION['sepe_message_error'] = $plugin->get_lang('ProblemToken');
@ -159,16 +158,17 @@ if ( !empty($_POST)) {
}
if (api_is_platform_admin()) {
$courseId = getCourse($_GET['action_id']);
$actionId = intval($_GET['action_id']);
$courseId = getCourse($actionId);
$interbreadcrumb[] = array("url" => "/plugin/sepe/src/sepe-administration-menu.php", "name" => $plugin->get_lang('MenuSepe'));
$interbreadcrumb[] = array("url" => "formative-actions-list.php", "name" => $plugin->get_lang('FormativesActionsList'));
$interbreadcrumb[] = array("url" => "formative-action.php?cid=".$courseId, "name" => $plugin->get_lang('FormativeAction'));
$interbreadcrumb[] = array("url" => "participant-action-edit.php?new_participant=0&participant_id=".$_GET['participant_id']."&action_id=".$_GET['action_id'], "name" => $plugin->get_lang('FormativeActionParticipant'));
if (isset($_GET['new_specialty']) && $_GET['new_specialty'] == "1") {
$interbreadcrumb[] = array("url" => "participant-action-edit.php?new_participant=0&participant_id=".intval($_GET['participant_id'])."&action_id=".$_GET['action_id'], "name" => $plugin->get_lang('FormativeActionParticipant'));
if (isset($_GET['new_specialty']) && intval($_GET['new_specialty']) == 1) {
$templateName = $plugin->get_lang('NewSpecialtyParticipant');
$tpl = new Template($templateName);
$tpl->assign('action_id', $_GET['action_id']);
$tpl->assign('participant_id', $_GET['participant_id']);
$tpl->assign('action_id', $actionId);
$tpl->assign('participant_id', intval($_GET['participant_id']));
$info = array();
$tpl->assign('info', $info);
$tpl->assign('new_specialty', '1');
@ -177,53 +177,53 @@ if (api_is_platform_admin()) {
} else {
$templateName = $plugin->get_lang('EditSpecialtyParticipant');
$tpl = new Template($templateName);
$tpl->assign('action_id', $_GET['action_id']);
$tpl->assign('specialty_id', $_GET['specialty_id']);
$tpl->assign('participant_id', $_GET['participant_id']);
$info = getInfoSpecialtyParticipant($_GET['specialty_id']);
$tpl->assign('action_id', $actionId);
$tpl->assign('specialty_id', intval($_GET['specialty_id']));
$tpl->assign('participant_id', intval($_GET['participant_id']));
$info = getInfoSpecialtyParticipant(intval($_GET['specialty_id']));
$tpl->assign('info', $info);
$tpl->assign('new_specialty', '0');
if ($info['registration_date'] != '0000-00-00' && $info['registration_date'] != NULL) {
$tpl->assign('day_registration', date("j",strtotime($info['registration_date'])));
$tpl->assign('month_registration', date("n",strtotime($info['registration_date'])));
$tpl->assign('year_registration', date("Y",strtotime($info['registration_date'])));
$registrationYear = date("Y",strtotime($info['registration_date']));
} elseif (strpos($info['end_date'],'0000') === false) {
$registrationYear = date("Y",strtotime($info['registration_date']));
$tpl->assign('day_registration', date("j", strtotime($info['registration_date'])));
$tpl->assign('month_registration', date("n", strtotime($info['registration_date'])));
$tpl->assign('year_registration', date("Y", strtotime($info['registration_date'])));
$registrationYear = date("Y", strtotime($info['registration_date']));
} elseif (strpos($info['end_date'], '0000') === false) {
$registrationYear = date("Y", strtotime($info['registration_date']));
} else {
$registrationYear = date("Y");
}
if ($info['leaving_date'] != '0000-00-00' && $info['leaving_date'] != NULL) {
$tpl->assign('day_leaving', date("j",strtotime($info['leaving_date'])));
$tpl->assign('month_leaving', date("n",strtotime($info['leaving_date'])));
$tpl->assign('year_leaving', date("Y",strtotime($info['leaving_date'])));
$leaveYear = date("Y",strtotime($info['leaving_date']));
} elseif (strpos($info['end_date'],'0000') === false) {
$leaveYear = date("Y",strtotime($info['leaving_date']));
$tpl->assign('day_leaving', date("j", strtotime($info['leaving_date'])));
$tpl->assign('month_leaving', date("n", strtotime($info['leaving_date'])));
$tpl->assign('year_leaving', date("Y", strtotime($info['leaving_date'])));
$leaveYear = date("Y", strtotime($info['leaving_date']));
} elseif (strpos($info['end_date'], '0000') === false) {
$leaveYear = date("Y", strtotime($info['leaving_date']));
} else {
$leaveYear = date("Y");
}
if ($info['start_date'] != '0000-00-00' && $info['start_date'] != NULL) {
$tpl->assign('day_start', date("j",strtotime($info['start_date'])));
$tpl->assign('month_start', date("n",strtotime($info['start_date'])));
$tpl->assign('year_start', date("Y",strtotime($info['start_date'])));
$startYear = date("Y",strtotime($info['start_date']));
} elseif (strpos($info['end_date'],'0000') === false) {
$startYear = date("Y",strtotime($info['start_date']));
$tpl->assign('day_start', date("j", strtotime($info['start_date'])));
$tpl->assign('month_start', date("n", strtotime($info['start_date'])));
$tpl->assign('year_start', date("Y", strtotime($info['start_date'])));
$startYear = date("Y", strtotime($info['start_date']));
} elseif (strpos($info['end_date'], '0000') === false) {
$startYear = date("Y", strtotime($info['start_date']));
} else {
$startYear = date("Y");
}
if ($info['end_date'] != '0000-00-00' && $info['end_date'] != NULL) {
$tpl->assign('day_end', date("j",strtotime($info['end_date'])));
$tpl->assign('day_end', date("j", strtotime($info['end_date'])));
$tpl->assign('month_end', date("n",strtotime($info['end_date'])));
$tpl->assign('year_end', date("Y",strtotime($info['end_date'])));
$endYear = date("Y",strtotime($info['end_date']));
} elseif (strpos($info['end_date'],'0000') === false) {
$endYear = date("Y",strtotime($info['end_date']));
$tpl->assign('year_end', date("Y", strtotime($info['end_date'])));
$endYear = date("Y", strtotime($info['end_date']));
} elseif (strpos($info['end_date'], '0000') === false) {
$endYear = date("Y", strtotime($info['end_date']));
} else {
$endYear = date("Y");
}
$listSpecialtyTutorials = getListSpecialtyTutorial($_GET['specialty_id']);
$listSpecialtyTutorials = getListSpecialtyTutorial(intval($_GET['specialty_id']));
$tpl->assign('listSpecialtyTutorials', $listSpecialtyTutorials);
}
@ -266,7 +266,7 @@ if (api_is_platform_admin()) {
$tpl->assign('message_error', $_SESSION['sepe_message_error']);
unset($_SESSION['sepe_message_error']);
}
$tpl->assign('sec_token',$token);
$tpl->assign('sec_token', $token);
$listing_tpl = 'sepe/view/participant-specialty-edit.tpl';
$content = $tpl->fetch($listing_tpl);
$tpl->assign('content', $content);

1
plugin/sepe/src/sepe-administration-menu.php
Unescape View File

@ -3,7 +3,6 @@
/**
* This script displays a administrator menu.
* @package chamilo.plugin.sepe
*/
use \ChamiloSession as Session;

118
plugin/sepe/src/sepe.lib.php
Unescape View File

@ -32,6 +32,13 @@ function getInfoIdentificationData()
$res = Database::query($sql);
if (Database::num_rows($res) > 0) {
$row = Database::fetch_assoc($res);
$row['center_origin'] = Security::remove_XSS(stripslashes($row['center_origin']));
$row['center_code'] = Security::remove_XSS(stripslashes($row['center_code']));
$row['center_name'] = Security::remove_XSS(stripslashes($row['center_name']));
$row['url'] = Security::remove_XSS(stripslashes($row['url']));
$row['tracking_url'] = Security::remove_XSS(stripslashes($row['tracking_url']));
$row['phone'] = Security::remove_XSS(stripslashes($row['phone']));
$row['mail'] = Security::remove_XSS(stripslashes($row['mail']));
} else {
$row = false;
}
@ -53,7 +60,7 @@ function checkIdentificationData()
function getActionId($courseId)
{
global $tableSepeCourseActions;
$sql = "SELECT action_id FROM $tableSepeCourseActions WHERE course_id='".$courseId."';";
$sql = "SELECT action_id FROM $tableSepeCourseActions WHERE course_id = $courseId";
$rs = Database::query($sql);
$aux = Database::fetch_assoc($rs);
return $aux['action_id'];
@ -62,7 +69,7 @@ function getActionId($courseId)
function getCourse($actionId)
{
global $tableSepeCourseActions;
$sql = "SELECT course_id FROM $tableSepeCourseActions WHERE action_id='".$actionId."';";
$sql = "SELECT course_id FROM $tableSepeCourseActions WHERE action_id = $actionId";
$rs = Database::query($sql);
$aux = Database::fetch_assoc($rs);
return $aux['course_id'];
@ -71,7 +78,7 @@ function getCourseCode($actionId)
{
global $tableCourse;
$courseId = getCourse($actionId);
$sql = "SELECT code FROM $tableCourse WHERE id='".$courseId."'";
$sql = "SELECT code FROM $tableCourse WHERE id = $courseId";
$rs = Database::query($sql);
$aux = Database::fetch_assoc($rs);
return $aux['code'];
@ -80,10 +87,23 @@ function getCourseCode($actionId)
function getActionInfo($id)
{
global $tableSepeActions;
$sql = "SELECT * FROM $tableSepeActions WHERE id='".$id."';";
$sql = "SELECT * FROM $tableSepeActions WHERE id = $id";
$res = Database::query($sql);
$aux = array();
if (Database::num_rows($res) > 0) {
$row['action_origin'] = Security::remove_XSS(stripslashes($row['action_origin']));
$row['action_code'] = Security::remove_XSS(stripslashes($row['action_code']));
$row['situation'] = Security::remove_XSS(stripslashes($row['situation']));
$row['specialty_origin'] = Security::remove_XSS(stripslashes($row['specialty_origin']));
$row['professional_area'] = Security::remove_XSS(stripslashes($row['professional_area']));
$row['specialty_code'] = Security::remove_XSS(stripslashes($row['specialty_code']));
$row['full_itinerary_indicator'] = Security::remove_XSS(stripslashes($row['full_itinerary_indicator']));
$row['financing_type'] = Security::remove_XSS(stripslashes($row['financing_type']));
$row['action_name'] = Security::remove_XSS(stripslashes($row['action_name']));
$row['global_info'] = Security::remove_XSS(stripslashes($row['global_info']));
$row['schedule'] = Security::remove_XSS(stripslashes($row['schedule']));
$row['requirements'] = Security::remove_XSS(stripslashes($row['requirements']));
$row['contact_action'] = Security::remove_XSS(stripslashes($row['contact_action']));
$row = Database::fetch_assoc($res);
} else {
$row = false;
@ -94,10 +114,16 @@ function getActionInfo($id)
function getSpecialtActionInfo($specialtyId)
{
global $tableSepeSpecialty;
$sql = "SELECT * FROM $tableSepeSpecialty WHERE id='".$specialtyId."';";
$sql = "SELECT * FROM $tableSepeSpecialty WHERE id = $specialtyId";
$res = Database::query($sql);
$aux = array();
if (Database::num_rows($res) > 0) {
$row['specialty_origin'] = Security::remove_XSS(stripslashes($row['specialty_origin']));
$row['professional_area'] = Security::remove_XSS(stripslashes($row['professional_area']));
$row['specialty_code'] = Security::remove_XSS(stripslashes($row['specialty_code']));
$row['center_origin'] = Security::remove_XSS(stripslashes($row['center_origin']));
$row['center_code'] = Security::remove_XSS(stripslashes($row['center_code']));
$row['modality_impartition'] = Security::remove_XSS(stripslashes($row['modality_impartition']));
$row = Database::fetch_assoc($res);
} else {
$row = false;
@ -110,11 +136,13 @@ function getInfoSpecialtyClassroom($classroomId)
global $tableSepeSpecialtyClassroom;
global $tableCenters;
$sql = "SELECT a.*, center_origin, center_code
FROM $tableSepeSpecialtyClassroom a LEFT JOIN $tableCenters b ON a.center_id=b.id
WHERE a.id='".$classroomId."';";
FROM $tableSepeSpecialtyClassroom a LEFT JOIN $tableCenters b ON a.center_id = b.id
WHERE a.id = $classroomId";
$res = Database::query($sql);
$aux = array();
if (Database::num_rows($res) > 0) {
$row['center_origin'] = Security::remove_XSS(stripslashes($row['center_origin']));
$row['center_code'] = Security::remove_XSS(stripslashes($row['center_code']));
$row = Database::fetch_assoc($res);
} else {
$row = false;
@ -125,7 +153,7 @@ function getInfoSpecialtyClassroom($classroomId)
function getInfoSpecialtyTutorial($tutorialId)
{
global $tableSepeParticipantsSpecialtyTutorials;
$sql = "SELECT * FROM $tableSepeParticipantsSpecialtyTutorials WHERE id='".$tutorialId."';";
$sql = "SELECT * FROM $tableSepeParticipantsSpecialtyTutorials WHERE id = $tutorialId";
$res = Database::query($sql);
$aux = array();
if (Database::num_rows($res) > 0) {
@ -139,7 +167,7 @@ function getInfoSpecialtyTutorial($tutorialId)
function list_tutor($specialtyId)
{
global $tableSepeSpecialtyTutors;
$sql = "SELECT * FROM $tableSepeSpecialtyTutors WHERE specialty_id='".$specialtyId."';";
$sql = "SELECT * FROM $tableSepeSpecialtyTutors WHERE specialty_id = $specialtyId";
$res = Database::query($sql);
if (Database::num_rows($res) > 0) {
$row = Database::fetch_assoc($res);
@ -185,7 +213,7 @@ function getTutorsSpecialty($specialtyId)
global $tableSepeSpecialtyTutors;
global $tableSepeTutors;
global $tableUser;
$sql = "SELECT tutor_id FROM $tableSepeSpecialtyTutors;";
$sql = "SELECT tutor_id FROM $tableSepeSpecialtyTutors WHERE specialty_id = $specialtyId";
$rs = Database::query($sql);
$tutorsList = array();
while ($tmp = Database::fetch_assoc($rs)) {
@ -217,10 +245,13 @@ function getInfoSpecialtyTutor($tutorId)
$sql = "SELECT a.*,platform_user_id,document_type, document_number,document_letter
FROM $tableSepeSpecialtyTutors a
INNER JOIN $tableSepeTutors b ON a.tutor_id=b.id
WHERE a.id='".$tutorId."';";
WHERE a.id = $tutorId;";
$res = Database::query($sql);
$aux = array();
if (Database::num_rows($res) > 0) {
$row['tutor_accreditation'] = Security::remove_XSS(stripslashes($row['tutor_accreditation']));
$row['teaching_competence'] = Security::remove_XSS(stripslashes($row['teaching_competence']));
$row['training_teleforming'] = Security::remove_XSS(stripslashes($row['training_teleforming']));
$row = Database::fetch_assoc($res);
} else {
$row = false;
@ -232,7 +263,7 @@ function freeTeacherList($teacherList,$specialtyId,$platform_user_id)
{
global $tableSepeSpecialtyTutors;
global $tableSepeTutors;
$sql = "SELECT tutor_id FROM $tableSepeSpecialtyTutors WHERE specialty_id='".$specialtyId."';";
$sql = "SELECT tutor_id FROM $tableSepeSpecialtyTutors WHERE specialty_id = $specialtyId";
$rs = Database::query($sql);
if (Database::num_rows($rs) > 0) {
while ($aux = Database::fetch_assoc($rs)) {
@ -257,21 +288,33 @@ function freeTeacherList($teacherList,$specialtyId,$platform_user_id)
function getInfoParticipantAction($participantId)
{
global $tableSepeParticipants;
$sql = "SELECT * FROM $tableSepeParticipants WHERE id='".$participantId."';";
$sql = "SELECT * FROM $tableSepeParticipants WHERE id = $participantId";
$res = Database::query($sql);
$aux = array();
if (Database::num_rows($res) > 0) {
$row = Database::fetch_assoc($res);
$result = [];
$result['id'] = $row[''];
$result['action_id'] = $row['action_id'];
$result['company_tutor_id'] = $row['company_tutor_id'];
$result['training_tutor_id'] = $row['training_tutor_id'];
$result['platform_user_id'] = $row['platform_user_id'];
$result['document_type'] = Security::remove_XSS(stripslashes($row['document_type']));
$result['document_number'] = Security::remove_XSS(stripslashes($row['document_number']));
$result['document_letter'] = Security::remove_XSS(stripslashes($row['document_letter']));
$result['key_competence'] = Security::remove_XSS(stripslashes($row['key_competence']));
$result['contract_id'] = Security::remove_XSS(stripslashes($row['contract_id']));
$result['company_fiscal_number'] = Security::remove_XSS(stripslashes($row['company_fiscal_number']));
} else {
$row = false;
$result = false;
}
return $row;
return $result;
}
function getParticipantId($id)
{
global $tableSepeParticipantsSpecialty;
$sql = "SELECT participant_id FROM $tableSepeParticipantsSpecialty WHERE id='".$id."';";
$sql = "SELECT participant_id FROM $tableSepeParticipantsSpecialty WHERE id = $id";
$rs = Database::query($sql);
$aux = Database::fetch_assoc($rs);
return $aux['participant_id'];
@ -280,11 +323,19 @@ function getParticipantId($id)
function getInfoSpecialtyParticipant($specialtyId)
{
global $tableSepeParticipantsSpecialty;
$sql = "SELECT * FROM $tableSepeParticipantsSpecialty WHERE id='".$specialtyId."';";
$sql = "SELECT * FROM $tableSepeParticipantsSpecialty WHERE id = $specialtyId";
$res = Database::query($sql);
$aux = array();
if (Database::num_rows($res) > 0) {
$row = Database::fetch_assoc($res);
$row['specialty_origin'] = Security::remove_XSS(stripslashes($row['specialty_origin']));
$row['professional_area'] = Security::remove_XSS(stripslashes($row['professional_area']));
$row['specialty_code'] = Security::remove_XSS(stripslashes($row['specialty_code']));
$row['center_origin'] = Security::remove_XSS(stripslashes($row['center_origin']));
$row['center_code'] = Security::remove_XSS(stripslashes($row['center_code']));
$row['final_result'] = Security::remove_XSS(stripslashes($row['final_result']));
$row['final_qualification'] = Security::remove_XSS(stripslashes($row['final_qualification']));
$row['final_score'] = Security::remove_XSS(stripslashes($row['final_score']));
} else {
$row = false;
}
@ -296,7 +347,7 @@ function specialtyList($actionId)
global $tableSepeSpecialty;
$sql = "SELECT id, specialty_origin, professional_area, specialty_code
FROM $tableSepeSpecialty
WHERE action_id='".$actionId."';";
WHERE action_id = $actionId";
$res = Database::query($sql);
$aux = array();
while ($row = Database::fetch_assoc($res)) {
@ -311,7 +362,7 @@ function participantList($actionId)
global $tableUser;
$sql = "SELECT $tableSepeParticipants.id AS id, document_type, document_number, document_letter, firstname, lastname
FROM $tableSepeParticipants LEFT JOIN $tableUser ON $tableSepeParticipants.platform_user_id=$tableUser.user_id
WHERE action_id='".$actionId."';";
WHERE action_id = $actionId";
$res = Database::query($sql);
$aux = array();
while ($row = Database::fetch_assoc($res)) {
@ -323,10 +374,18 @@ function participantList($actionId)
function listParticipantSpecialty($participantId)
{
global $tableSepeParticipantsSpecialty;
$sql = "SELECT * FROM $tableSepeParticipantsSpecialty WHERE participant_id='".$participantId."';";
$sql = "SELECT * FROM $tableSepeParticipantsSpecialty WHERE participant_id = $participantId";
$res = Database::query($sql);
$aux = array();
while ($row = Database::fetch_assoc($res)) {
$row['specialty_origin'] = Security::remove_XSS(stripslashes($row['specialty_origin']));
$row['professional_area'] = Security::remove_XSS(stripslashes($row['professional_area']));
$row['specialty_code'] = Security::remove_XSS(stripslashes($row['specialty_code']));
$row['center_origin'] = Security::remove_XSS(stripslashes($row['center_origin']));
$row['center_code'] = Security::remove_XSS(stripslashes($row['center_code']));
$row['final_result'] = Security::remove_XSS(stripslashes($row['final_result']));
$row['final_qualification'] = Security::remove_XSS(stripslashes($row['final_qualification']));
$row['final_score'] = Security::remove_XSS(stripslashes($row['final_score']));
$aux[] = $row;
}
return $aux;
@ -338,7 +397,7 @@ function classroomList($specialtyId)
global $tableCenters;
$sql = "SELECT a.*, center_origin, center_code
FROM $tableSepeSpecialtyClassroom a LEFT JOIN $tableCenters b ON a.center_id=b.id
WHERE specialty_id='".$specialtyId."';";
WHERE specialty_id = $specialtyId";
$res = Database::query($sql);
$aux = array();
while ($row = Database::fetch_assoc($res)) {
@ -356,7 +415,7 @@ function tutorsList($specialtyId)
$sql = "SELECT a.*,document_type,document_number,document_letter, firstname, lastname FROM $tableSepeSpecialtyTutors a
INNER JOIN $tableSepeTutors b ON a.tutor_id=b.id
LEFT JOIN $tableUser c ON b.platform_user_id=c.user_id
WHERE a.specialty_id='".$specialtyId."';";
WHERE a.specialty_id = $specialtyId";
$res = Database::query($sql);
while ($row = Database::fetch_assoc($res)) {
$aux[] = $row;
@ -367,10 +426,13 @@ function tutorsList($specialtyId)
function getListSpecialtyTutorial($specialtyId)
{
global $tableSepeParticipantsSpecialtyTutorials;
$sql = "SELECT * FROM $tableSepeParticipantsSpecialtyTutorials WHERE participant_specialty_id='".$specialtyId."';";
$sql = "SELECT * FROM $tableSepeParticipantsSpecialtyTutorials WHERE participant_specialty_id = $specialtyId";
$res = Database::query($sql);
$aux = array();
while ($row = Database::fetch_assoc($res)) {
$row['tutor_accreditation'] = Security::remove_XSS(stripslashes($row['tutor_accreditation']));
$row['teaching_competence'] = Security::remove_XSS(stripslashes($row['teaching_competence']));
$row['training_teleforming'] = Security::remove_XSS(stripslashes($row['training_teleforming']));
$aux[] = $row;
}
return $aux;
@ -418,6 +480,8 @@ function listActionFree()
$res = Database::query($sql);
$aux = array();
while ($row = Database::fetch_assoc($res)) {
$row['action_origin'] = Security::remove_XSS(stripslashes($row['action_origin']));
$row['action_code'] = Security::remove_XSS(stripslashes($row['action_code']));
$aux[] = $row;
}
return $aux;
@ -428,7 +492,7 @@ function getSpecialtyTutorId($specialtyId, $tutorId)
global $tableSepeSpecialtyTutors;
$sql = "SELECT id
FROM $tableSepeSpecialtyTutors
WHERE specialty_id='".$specialtyId."' AND tutor_id='".$tutorId."';";
WHERE specialty_id = $specialtyId AND tutor_id = $tutorId";
$res = Database::query($sql);
$row = Database::fetch_assoc($res);
return $row['id'];
@ -437,7 +501,7 @@ function getSpecialtyTutorId($specialtyId, $tutorId)
function checkInsertNewLog($platformUserId,$actionId)
{
global $tableSepeLogParticipant;
$sql = "SELECT * FROM $tableSepeLogParticipant WHERE platform_user_id='".$platformUserId."' AND action_id='".$actionId."';";
$sql = "SELECT * FROM $tableSepeLogParticipant WHERE platform_user_id = $platformUserId AND action_id = $actionId";
$res = Database::query($sql);
if (Database::num_rows($res) > 0) {
return false;
@ -449,10 +513,10 @@ function checkInsertNewLog($platformUserId,$actionId)
function getUserPlatformFromParticipant($participantId)
{
global $tableSepeParticipants;
$sql = "SELECT * FROM $tableSepeParticipants WHERE id='".$participantId."';";
$sql = "SELECT * FROM $tableSepeParticipants WHERE id = $participantId";
$res = Database::query($sql);
$row = Database::fetch_assoc($res);
if ($row['platform_user_id'] == '0' || $row['platform_user_id'] == '') {
if ($row['platform_user_id'] == 0 || $row['platform_user_id'] == '') {
return false;
} else {
return $row['platform_user_id'];

122
plugin/sepe/src/sepe_plugin.class.php
Unescape View File

@ -3,30 +3,30 @@
/**
* Plugin class for the SEPE plugin
* @package chamilo.plugin.sepe
* @author Jose Angel Ruiz <jaruiz@nosolored.com>
* @author Jose Angel Ruiz <jaruiz@nosolored.com>
* @author Julio Montoya <gugli100@gmail.com>
*/
class SepePlugin extends Plugin
{
const TABLE_SEPE_CENTER = 'plugin_sepe_center';
const TABLE_SEPE_ACTIONS = 'plugin_sepe_actions';
const TABLE_SEPE_SPECIALTY = 'plugin_sepe_specialty';
const TABLE_SEPE_SPECIALTY_CLASSROOM = 'plugin_sepe_specialty_classroom';
const TABLE_SEPE_CENTERS = 'plugin_sepe_centers';
const TABLE_SEPE_TUTORS = 'plugin_sepe_tutors';
const TABLE_SEPE_SPECIALTY_TUTORS = 'plugin_sepe_specialty_tutors';
const TABLE_SEPE_PARTICIPANTS = 'plugin_sepe_participants';
const TABLE_SEPE_PARTICIPANTS_SPECIALTY = 'plugin_sepe_participants_specialty';
const TABLE_SEPE_PARTICIPANTS_SPECIALTY_TUTORIALS = 'plugin_sepe_participants_specialty_tutorials';
const TABLE_SEPE_COURSE_ACTIONS = 'plugin_sepe_course_actions';
const TABLE_SEPE_TUTORS_COMPANY = 'plugin_sepe_tutors_company';
const TABLE_SEPE_TEACHING_COMPETENCE = 'plugin_sepe_teaching_competence';
const TABLE_SEPE_LOG_PARTICIPANT = 'plugin_sepe_log_participant';
const TABLE_SEPE_LOG_MOD_PARTICIPANT = 'plugin_sepe_log_mod_participant';
const TABLE_SEPE_LOG = 'plugin_sepe_log';
const TABLE_SEPE_CENTER = 'plugin_sepe_center';
const TABLE_SEPE_ACTIONS = 'plugin_sepe_actions';
const TABLE_SEPE_SPECIALTY = 'plugin_sepe_specialty';
const TABLE_SEPE_SPECIALTY_CLASSROOM = 'plugin_sepe_specialty_classroom';
const TABLE_SEPE_CENTERS = 'plugin_sepe_centers';
const TABLE_SEPE_TUTORS = 'plugin_sepe_tutors';
const TABLE_SEPE_SPECIALTY_TUTORS = 'plugin_sepe_specialty_tutors';
const TABLE_SEPE_PARTICIPANTS = 'plugin_sepe_participants';
const TABLE_SEPE_PARTICIPANTS_SPECIALTY = 'plugin_sepe_participants_specialty';
const TABLE_SEPE_PARTICIPANTS_SPECIALTY_TUTORIALS = 'plugin_sepe_participants_specialty_tutorials';
const TABLE_SEPE_COURSE_ACTIONS = 'plugin_sepe_course_actions';
const TABLE_SEPE_TUTORS_COMPANY = 'plugin_sepe_tutors_company';
const TABLE_SEPE_TEACHING_COMPETENCE = 'plugin_sepe_teaching_competence';
const TABLE_SEPE_LOG_PARTICIPANT = 'plugin_sepe_log_participant';
const TABLE_SEPE_LOG_MOD_PARTICIPANT = 'plugin_sepe_log_mod_participant';
const TABLE_SEPE_LOG = 'plugin_sepe_log';
public $isAdminPlugin = true;
/**
public $isAdminPlugin = true;
/**
*
* @return StaticPlugin
*/
@ -39,37 +39,37 @@ class SepePlugin extends Plugin
protected function __construct()
{
parent::__construct(
'2.0',
'
Jose Angel Ruiz - NoSoloRed (original author) <br>
Julio Montoya (SOAP integration)
',
array('sepe_enable' => 'boolean')
);
'2.0',
'
Jose Angel Ruiz - NoSoloRed (original author) <br>
Julio Montoya (SOAP integration)
',
array('sepe_enable' => 'boolean')
);
}
/**
/**
* This method creates the tables required to this plugin
*/
function install()
{
$tablesToBeCompared = array(
self::TABLE_SEPE_CENTER,
self::TABLE_SEPE_ACTIONS,
self::TABLE_SEPE_SPECIALTY,
self::TABLE_SEPE_SPECIALTY_CLASSROOM,
self::TABLE_SEPE_CENTERS,
self::TABLE_SEPE_TUTORS,
self::TABLE_SEPE_SPECIALTY_TUTORS,
self::TABLE_SEPE_PARTICIPANTS,
self::TABLE_SEPE_PARTICIPANTS_SPECIALTY,
self::TABLE_SEPE_PARTICIPANTS_SPECIALTY_TUTORIALS,
self::TABLE_SEPE_COURSE_ACTIONS,
self::TABLE_SEPE_TUTORS_COMPANY,
self::TABLE_SEPE_TEACHING_COMPETENCE,
self::TABLE_SEPE_LOG_PARTICIPANT,
self::TABLE_SEPE_LOG_MOD_PARTICIPANT,
self::TABLE_SEPE_LOG
self::TABLE_SEPE_CENTER,
self::TABLE_SEPE_ACTIONS,
self::TABLE_SEPE_SPECIALTY,
self::TABLE_SEPE_SPECIALTY_CLASSROOM,
self::TABLE_SEPE_CENTERS,
self::TABLE_SEPE_TUTORS,
self::TABLE_SEPE_SPECIALTY_TUTORS,
self::TABLE_SEPE_PARTICIPANTS,
self::TABLE_SEPE_PARTICIPANTS_SPECIALTY,
self::TABLE_SEPE_PARTICIPANTS_SPECIALTY_TUTORIALS,
self::TABLE_SEPE_COURSE_ACTIONS,
self::TABLE_SEPE_TUTORS_COMPANY,
self::TABLE_SEPE_TEACHING_COMPETENCE,
self::TABLE_SEPE_LOG_PARTICIPANT,
self::TABLE_SEPE_LOG_MOD_PARTICIPANT,
self::TABLE_SEPE_LOG
);
$em = Database::getManager();
$cn = $em->getConnection();
@ -82,29 +82,29 @@ class SepePlugin extends Plugin
require_once api_get_path(SYS_PLUGIN_PATH) . 'sepe/database.php';
}
/**
/**
* This method drops the plugin tables
*/
function uninstall()
{
$tablesToBeDeleted = array(
self::TABLE_SEPE_CENTER,
self::TABLE_SEPE_SPECIALTY_CLASSROOM,
self::TABLE_SEPE_CENTERS,
self::TABLE_SEPE_TUTORS,
self::TABLE_SEPE_SPECIALTY_TUTORS,
self::TABLE_SEPE_PARTICIPANTS_SPECIALTY_TUTORIALS,
self::TABLE_SEPE_PARTICIPANTS_SPECIALTY,
self::TABLE_SEPE_COURSE_ACTIONS,
self::TABLE_SEPE_PARTICIPANTS,
self::TABLE_SEPE_TUTORS_COMPANY,
self::TABLE_SEPE_SPECIALTY,
self::TABLE_SEPE_ACTIONS,
self::TABLE_SEPE_TEACHING_COMPETENCE,
self::TABLE_SEPE_LOG_PARTICIPANT,
self::TABLE_SEPE_LOG_MOD_PARTICIPANT,
self::TABLE_SEPE_LOG
self::TABLE_SEPE_SPECIALTY_CLASSROOM,
self::TABLE_SEPE_CENTERS,
self::TABLE_SEPE_TUTORS,
self::TABLE_SEPE_SPECIALTY_TUTORS,
self::TABLE_SEPE_PARTICIPANTS_SPECIALTY_TUTORIALS,
self::TABLE_SEPE_PARTICIPANTS_SPECIALTY,
self::TABLE_SEPE_COURSE_ACTIONS,
self::TABLE_SEPE_PARTICIPANTS,
self::TABLE_SEPE_TUTORS_COMPANY,
self::TABLE_SEPE_SPECIALTY,
self::TABLE_SEPE_ACTIONS,
self::TABLE_SEPE_TEACHING_COMPETENCE,
self::TABLE_SEPE_LOG_PARTICIPANT,
self::TABLE_SEPE_LOG_MOD_PARTICIPANT,
self::TABLE_SEPE_LOG
);
foreach ($tablesToBeDeleted as $tableToBeDeleted) {

177
plugin/sepe/src/specialty-action-edit.php
Unescape View File

@ -3,7 +3,6 @@
/**
* This script displays a specialty action edit form.
* @package chamilo.plugin.sepe
*/
use \ChamiloSession as Session;
@ -16,41 +15,41 @@ $_cid = 0;
if (!empty($_POST)) {
$check = Security::check_token('post');
if ($check) {
$specialtyOrigin = trim(Security::remove_XSS(stripslashes($_POST['specialty_origin'])));
$professionalArea = trim(Security::remove_XSS(stripslashes($_POST['professional_area'])));
$specialtyCode = trim(Security::remove_XSS(stripslashes($_POST['specialty_code'])));
$centerOrigin = trim(Security::remove_XSS(stripslashes($_POST['center_origin'])));
$centerCode = trim(Security::remove_XSS(stripslashes($_POST['center_code'])));
$dayStart = trim(Security::remove_XSS(stripslashes($_POST['day_start'])));
$monthStart = trim(Security::remove_XSS(stripslashes($_POST['month_start'])));
$yearStart = trim(Security::remove_XSS(stripslashes($_POST['year_start'])));
$dayEnd = trim(Security::remove_XSS(stripslashes($_POST['day_end'])));
$monthEnd = trim(Security::remove_XSS(stripslashes($_POST['month_end'])));
$yearEnd = trim(Security::remove_XSS(stripslashes($_POST['year_end'])));
$modality_impartition = trim(Security::remove_XSS(stripslashes($_POST['modality_impartition'])));
$classroomHours = trim(Security::remove_XSS(stripslashes($_POST['classroom_hours'])));
$distanceHours = trim(Security::remove_XSS(stripslashes($_POST['distance_hours'])));
$morningsParticipantsNumber = trim(Security::remove_XSS(stripslashes($_POST['mornings_participants_number'])));
$morningsAccessNumber = trim(Security::remove_XSS(stripslashes($_POST['mornings_access_number'])));
$morningTotalDuration = trim(Security::remove_XSS(stripslashes($_POST['morning_total_duration'])));
$afternoonParticipantsNumber = trim(Security::remove_XSS(stripslashes($_POST['afternoon_participants_number'])));
$afternoonAccessNumber = trim(Security::remove_XSS(stripslashes($_POST['afternoon_access_number'])));
$afternoonTotalDuration = trim(Security::remove_XSS(stripslashes($_POST['afternoon_total_duration'])));
$nightParticipantsNumber = trim(Security::remove_XSS(stripslashes($_POST['night_participants_number'])));
$nightAccessNumber = trim(Security::remove_XSS(stripslashes($_POST['night_access_number'])));
$nightTotalDuration = trim(Security::remove_XSS(stripslashes($_POST['night_total_duration'])));
$attendeesCount = trim(Security::remove_XSS(stripslashes($_POST['attendees_count'])));
$learningActivityCount = trim(Security::remove_XSS(stripslashes($_POST['learning_activity_count'])));
$attemptCount = trim(Security::remove_XSS(stripslashes($_POST['attempt_count'])));
$evaluationActivityCount = trim(Security::remove_XSS(stripslashes($_POST['evaluation_activity_count'])));
$actionId = trim(Security::remove_XSS(stripslashes($_POST['action_id'])));
$specialtyId = trim(Security::remove_XSS(stripslashes($_POST['specialty_id'])));
$newSpecialty = trim(Security::remove_XSS(stripslashes($_POST['new_specialty'])));
$specialtyOrigin = Database::escape_string(trim($_POST['specialty_origin']));
$professionalArea = Database::escape_string(trim($_POST['professional_area']));
$specialtyCode = Database::escape_string(trim($_POST['specialty_code']));
$centerOrigin = Database::escape_string(trim($_POST['center_origin']));
$centerCode = Database::escape_string(trim($_POST['center_code']));
$dayStart = Database::escape_string(trim($_POST['day_start']));
$monthStart = Database::escape_string(trim($_POST['month_start']));
$yearStart = Database::escape_string(trim($_POST['year_start']));
$dayEnd = Database::escape_string(trim($_POST['day_end']));
$monthEnd = Database::escape_string(trim($_POST['month_end']));
$yearEnd = Database::escape_string(trim($_POST['year_end']));
$modality_impartition = Database::escape_string(trim($_POST['modality_impartition']));
$classroomHours = Database::escape_string(trim($_POST['classroom_hours']));
$distanceHours = intval($_POST['distance_hours']);
$morningsParticipantsNumber = intval($_POST['mornings_participants_number']);
$morningsAccessNumber = intval($_POST['mornings_access_number']);
$morningTotalDuration = intval($_POST['morning_total_duration']);
$afternoonParticipantsNumber = intval($_POST['afternoon_participants_number']);
$afternoonAccessNumber = intval($_POST['afternoon_access_number']);
$afternoonTotalDuration = intval($_POST['afternoon_total_duration']);
$nightParticipantsNumber = intval($_POST['night_participants_number']);
$nightAccessNumber = intval($_POST['night_access_number']);
$nightTotalDuration = intval($_POST['night_total_duration']);
$attendeesCount = intval($_POST['attendees_count']);
$learningActivityCount = intval($_POST['learning_activity_count']);
$attemptCount = intval($_POST['attempt_count']);
$evaluationActivityCount = intval($_POST['evaluation_activity_count']);
$actionId = intval($_POST['action_id']);
$specialtyId = intval($_POST['specialty_id']);
$newSpecialty = intval($_POST['new_specialty']);
$startDate = $yearStart."-".$monthStart."-".$dayStart;
$endDate = $yearEnd."-".$monthEnd."-".$dayEnd;
if (isset($newSpecialty) && $newSpecialty != "1") {
if (isset($newSpecialty) && $newSpecialty != 1) {
$sql = "UPDATE plugin_sepe_specialty SET
specialty_origin='".$specialtyOrigin."',
professional_area='".$professionalArea."',
@ -60,22 +59,22 @@ if (!empty($_POST)) {
start_date='".$startDate."',
end_date='".$endDate."',
modality_impartition='".$modalityImpartition."',
classroom_hours='".$classroomHours."',
distance_hours='".$distanceHours."',
mornings_participants_number='".$morningsParticipantsNumber."',
mornings_access_number='".$morningsAccessNumber."',
morning_total_duration='".$morningTotalDuration."',
afternoon_participants_number='".$afternoonParticipantsNumber."',
afternoon_access_number='".$afternoonAccessNumber."',
afternoon_total_duration='".$afternoonTotalDuration."',
night_participants_number='".$nightParticipantsNumber."',
night_access_number='".$nightAccessNumber."',
night_total_duration='".$nightTotalDuration."',
attendees_count='".$attendeesCount."',
learning_activity_count='".$learningActivityCount."',
attempt_count='".$attemptCount."',
evaluation_activity_count='".$evaluationActivityCount."'
WHERE id='".$specialtyId."';";
classroom_hours = $classroomHours,
distance_hours = $distanceHours,
mornings_participants_number = $morningsParticipantsNumber,
mornings_access_number = $morningsAccessNumber,
morning_total_duration = $morningTotalDuration,
afternoon_participants_number = $afternoonParticipantsNumber,
afternoon_access_number = $afternoonAccessNumber,
afternoon_total_duration = $afternoonTotalDuration,
night_participants_number = $nightParticipantsNumber,
night_access_number = $nightAccessNumber,
night_total_duration = $nightTotalDuration,
attendees_count = $attendeesCount,
learning_activity_count = $learningActivityCount,
attempt_count = $attemptCount,
evaluation_activity_count = $evaluationActivityCount
WHERE id = $specialtyId;";
} else {
$sql = "INSERT INTO plugin_sepe_specialty (
action_id,
@ -103,7 +102,7 @@ if (!empty($_POST)) {
attempt_count,
evaluation_activity_count
) VALUES (
'".$actionId."',
$actionId,
'".$specialtyOrigin."',
'".$professionalArea."',
'".$specialtyCode."',
@ -112,21 +111,21 @@ if (!empty($_POST)) {
'".$startDate."',
'".$endDate."',
'".$modalityImpartition."',
'".$classroomHours."',
'".$distanceHours."',
'".$morningsParticipantsNumber."',
'".$morningsAccessNumber."',
'".$morningTotalDuration."',
'".$afternoonParticipantsNumber."',
'".$afternoonAccessNumber."',
'".$afternoonTotalDuration."',
'".$nightParticipantsNumber."',
'".$nightAccessNumber."',
'".$nightTotalDuration."',
'".$attendeesCount."',
'".$learningActivityCount."',
'".$attemptCount."',
'".$evaluationActivityCount."'
$classroomHours,
$distanceHours,
$morningsParticipantsNumber,
$morningsAccessNumber,
$morningTotalDuration,
$afternoonParticipantsNumber,
$afternoonAccessNumber,
$afternoonTotalDuration,
$nightParticipantsNumber,
$nightAccessNumber,
$nightTotalDuration,
$attendeesCount,
$learningActivityCount,
$attemptCount,
$evaluationActivityCount
);";
}
$res = Database::query($sql);
@ -134,7 +133,7 @@ if (!empty($_POST)) {
echo Database::error();
$_SESSION['sepe_message_error'] = $plugin->get_lang('NoSaveChange');
} else {
if ($newSpecialty == "1") {
if ($newSpecialty == 1) {
$specialtyId = Database::insert_id();
$_SESSION['sepe_message_info'] = $plugin->get_lang('SaveChange');
}
@ -142,9 +141,9 @@ if (!empty($_POST)) {
session_write_close();
header("Location: specialty-action-edit.php?new_specialty=0&specialty_id=".$specialtyId."&action_id=".$actionId);
} else {
$actionId = trim(Security::remove_XSS(stripslashes($_POST['action_id'])));
$specialtyId = trim(Security::remove_XSS(stripslashes($_POST['specialty_id'])));
$newSpecialty = trim(Security::remove_XSS(stripslashes($_POST['new_specialty'])));
$actionId = intval($_POST['action_id']);
$specialtyId = intval($_POST['specialty_id']);
$newSpecialty = intval($_POST['new_specialty']);
Security::clear_token();
$token = Security::get_token();
$_SESSION['sepe_message_error'] = $plugin->get_lang('ProblemToken');
@ -156,14 +155,14 @@ if (!empty($_POST)) {
}
if (api_is_platform_admin()) {
$id_course = getCourse($_GET['action_id']);
$id_course = getCourse(intval($_GET['action_id']));
$interbreadcrumb[] = array("url" => "/plugin/sepe/src/sepe-administration-menu.php", "name" => $plugin->get_lang('MenuSepe'));
$interbreadcrumb[] = array("url" => "formative-actions-list.php", "name" => $plugin->get_lang('FormativesActionsList'));
$interbreadcrumb[] = array("url" => "formative-action.php?cid=".$id_course, "name" => $plugin->get_lang('FormativeAction'));
if (isset($_GET['new_specialty']) && $_GET['new_specialty'] == "1") {
if (isset($_GET['new_specialty']) && intval($_GET['new_specialty']) == 1) {
$templateName = $plugin->get_lang('NewSpecialtyAccion');
$tpl = new Template($templateName);
$tpl->assign('action_id', $_GET['action_id']);
$tpl->assign('action_id', intval($_GET['action_id']));
$info = array();
$tpl->assign('info', $info);
$tpl->assign('new_action', '1');
@ -171,35 +170,35 @@ if (api_is_platform_admin()) {
} else {
$templateName = $plugin->get_lang('EditSpecialtyAccion');
$tpl = new Template($templateName);
$tpl->assign('action_id', $_GET['action_id']);
$info = getSpecialtActionInfo($_GET['specialty_id']);
$tpl->assign('action_id', intval($_GET['action_id']));
$info = getSpecialtActionInfo(intval($_GET['specialty_id']));
$tpl->assign('info', $info);
if ($info['start_date'] != '0000-00-00' && $info['start_date'] != NULL) {
$tpl->assign('day_start', date("j",strtotime($info['start_date'])));
$tpl->assign('month_start', date("n",strtotime($info['start_date'])));
$tpl->assign('year_start', date("Y",strtotime($info['start_date'])));
$yearStart = date("Y",strtotime($info['start_date']));
} elseif (strpos($info['start_date'],'0000') === false) {
$yearStart = date("Y",strtotime($info['start_date']));
$tpl->assign('day_start', date("j", strtotime($info['start_date'])));
$tpl->assign('month_start', date("n", strtotime($info['start_date'])));
$tpl->assign('year_start', date("Y", strtotime($info['start_date'])));
$yearStart = date("Y", strtotime($info['start_date']));
} elseif (strpos($info['start_date'], '0000') === false) {
$yearStart = date("Y", strtotime($info['start_date']));
} else {
$yearStart = date("Y");
}
if ($info['end_date'] != '0000-00-00' && $info['end_date'] != NULL) {
$tpl->assign('day_end', date("j",strtotime($info['end_date'])));
$tpl->assign('month_end', date("n",strtotime($info['end_date'])));
$tpl->assign('year_end', date("Y",strtotime($info['end_date'])));
$yearEnd = date("Y",strtotime($info['end_date']));
} elseif (strpos($info['end_date'],'0000') === false) {
$yearEnd = date("Y",strtotime($info['end_date']));
$tpl->assign('day_end', date("j", strtotime($info['end_date'])));
$tpl->assign('month_end', date("n", strtotime($info['end_date'])));
$tpl->assign('year_end', date("Y", strtotime($info['end_date'])));
$yearEnd = date("Y", strtotime($info['end_date']));
} elseif (strpos($info['end_date'], '0000') === false) {
$yearEnd = date("Y", strtotime($info['end_date']));
} else {
$yearEnd = date("Y");
}
$tpl->assign('new_action', '0');
$tpl->assign('specialty_id', $_GET['specialty_id']);
$tpl->assign('specialty_id', intval($_GET['specialty_id']));
$listClassroom = classroomList($_GET['specialty_id']);
$listClassroom = classroomList(intval($_GET['specialty_id']));
$tpl->assign('listClassroom', $listClassroom);
$listTutors = tutorsList($_GET['specialty_id']);
$listTutors = tutorsList(intval($_GET['specialty_id']));
$tpl->assign('listTutors', $listTutors);
}
@ -225,7 +224,7 @@ if (api_is_platform_admin()) {
$tpl->assign('message_error', $_SESSION['sepe_message_error']);
unset($_SESSION['sepe_message_error']);
}
$tpl->assign('sec_token',$token);
$tpl->assign('sec_token', $token);
$listing_tpl = 'sepe/view/specialty-action-edit.tpl';
$content = $tpl->fetch($listing_tpl);
$tpl->assign('content', $content);

60
plugin/sepe/src/specialty-classroom-edit.php
Unescape View File

@ -3,7 +3,6 @@
/**
* This script displays a specialty classroom edit form.
* @package chamilo.plugin.sepe
*/
use \ChamiloSession as Session;
@ -16,24 +15,24 @@ $_cid = 0;
if (!empty($_POST)) {
$check = Security::check_token('post');
if ($check) {
$sltCentersExists = trim(Security::remove_XSS(stripslashes($_POST['slt_centers_exists'])));
$specialtyId = trim(Security::remove_XSS(stripslashes($_POST['specialty_id'])));
$existsCenterId = trim(Security::remove_XSS(stripslashes($_POST['exists_center_id'])));
$centerOrigin = trim(Security::remove_XSS(stripslashes($_POST['center_origin'])));
$centerCode = trim(Security::remove_XSS(stripslashes($_POST['center_code'])));
$newClassroom = trim(Security::remove_XSS(stripslashes($_POST['new_classroom'])));
$actionId = trim(Security::remove_XSS(stripslashes($_POST['action_id'])));
$classroomId = trim(Security::remove_XSS(stripslashes($_POST['classroom_id'])));
$sltCentersExists = intval($_POST['slt_centers_exists']);
$specialtyId = intval($_POST['specialty_id']);
$existsCenterId = intval($_POST['exists_center_id']);
$centerOrigin = Database::escape_string(trim($_POST['center_origin']));
$centerCode = Database::escape_string(trim($_POST['center_code']));
$newClassroom = intval($_POST['new_classroom']);
$actionId = intval($_POST['action_id']);
$classroomId = intval($_POST['classroom_id']);
if ($sltCentersExists == '1') {
if ($sltCentersExists == 1) {
$sql = "INSERT INTO $tableSepeSpecialtyClassroom (specialty_id, center_id)
VALUES ('".$specialtyId."','".$existsCenterId."');";
VALUES ($specialtyId, $existsCenterId);";
$res = Database::query($sql);
if (!$res) {
echo Database::error();
$_SESSION['sepe_message_error'] = $plugin->get_lang('NoSaveChange');
} else {
if ($newClassroom == "1") {
if ($newClassroom == 1) {
$classroomId = Database::insert_id();
}
$_SESSION['sepe_message_info'] = $plugin->get_lang('SaveChange');
@ -54,17 +53,17 @@ if (!empty($_POST)) {
$centerId = Database::insert($tableCenters, $params);
}
if (isset($newClassroom) && $newClassroom != '1') {
$sql = "UPDATE $tableSepeSpecialtyClassroom SET center_id='".$centerId."' WHERE id='".$classroomId."';";
if (isset($newClassroom) && $newClassroom != 1) {
$sql = "UPDATE $tableSepeSpecialtyClassroom SET center_id = $centerId WHERE id = $classroomId;";
} else {
$sql = "INSERT INTO $tableSepeSpecialtyClassroom (specialty_id, center_id) VALUES ('".$specialtyId."','".$centerId."');";
$sql = "INSERT INTO $tableSepeSpecialtyClassroom (specialty_id, center_id) VALUES ($specialtyId, $centerId);";
}
$res = Database::query($sql);
if (!$res) {
echo Database::error();
$_SESSION['sepe_message_error'] = $plugin->get_lang('NoSaveChange');
} else {
if ($newClassroom == '1') {
if ($newClassroom == 1) {
$classroomId = Database::insert_id();
}
$_SESSION['sepe_message_info'] = $plugin->get_lang('SaveChange');
@ -73,10 +72,10 @@ if (!empty($_POST)) {
session_write_close();
header("Location: specialty-action-edit.php?new_specialty=0&specialty_id=".$specialtyId."&action_id=".$actionId);
} else {
$newClassroom = trim(Security::remove_XSS(stripslashes($_POST['new_classroom'])));
$actionId = trim(Security::remove_XSS(stripslashes($_POST['action_id'])));
$classroomId = trim(Security::remove_XSS(stripslashes($_POST['classroom_id'])));
$specialtyId = trim(Security::remove_XSS(stripslashes($_POST['specialty_id'])));
$newClassroom = intval($_POST['new_classroom']);
$actionId = intval($_POST['action_id']);
$classroomId = intval($_POST['classroom_id']);
$specialtyId = intval($_POST['specialty_id']);
Security::clear_token();
$_SESSION['sepe_message_error'] = $plugin->get_lang('ProblemToken');
$token = Security::get_token();
@ -88,26 +87,26 @@ if (!empty($_POST)) {
}
if (api_is_platform_admin()) {
$courseId = getCourse($_GET['action_id']);
$courseId = getCourse(intval($_GET['action_id']));
$interbreadcrumb[] = array("url" => "/plugin/sepe/src/sepe-administration-menu.php", "name" => $plugin->get_lang('MenuSepe'));
$interbreadcrumb[] = array("url" => "formative-actions-list.php", "name" => $plugin->get_lang('FormativesActionsList'));
$interbreadcrumb[] = array("url" => "formative-action.php?cid=".$courseId, "name" => $plugin->get_lang('FormativeAction'));
$interbreadcrumb[] = array("url" => "specialty-action-edit.php?new_specialty=0&specialty_id=".$_GET['specialty_id']."&action_id=".$_GET['action_id'], "name" => $plugin->get_lang('SpecialtyFormativeAction'));
if (isset($_GET['new_classroom']) && $_GET['new_classroom'] == "1") {
$interbreadcrumb[] = array("url" => "specialty-action-edit.php?new_specialty=0&specialty_id=".intval($_GET['specialty_id'])."&action_id=".intval($_GET['action_id']), "name" => $plugin->get_lang('SpecialtyFormativeAction'));
if (isset($_GET['new_classroom']) && intval($_GET['new_classroom']) == 1) {
$templateName = $plugin->get_lang('NewSpecialtyClassroom');
$tpl = new Template($templateName);
$tpl->assign('action_id', $_GET['action_id']);
$tpl->assign('specialty_id', $_GET['specialty_id']);
$tpl->assign('action_id', intval($_GET['action_id']));
$tpl->assign('specialty_id', intval($_GET['specialty_id']));
$info = array();
$tpl->assign('info', $info);
$tpl->assign('new_classroom', '1');
} else {
$templateName = $plugin->get_lang('EditSpecialtyClassroom');
$tpl = new Template($templateName);
$tpl->assign('action_id', $_GET['action_id']);
$tpl->assign('specialty_id', $_GET['specialty_id']);
$tpl->assign('classroom_id', $_GET['classroom_id']);
$info = getInfoSpecialtyClassroom($_GET['classroom_id']);
$tpl->assign('action_id', intval($_GET['action_id']));
$tpl->assign('specialty_id', intval($_GET['specialty_id']));
$tpl->assign('classroom_id', intval($_GET['classroom_id']));
$info = getInfoSpecialtyClassroom(intval($_GET['classroom_id']));
$tpl->assign('info', $info);
$tpl->assign('new_classroom', '0');
@ -123,13 +122,12 @@ if (api_is_platform_admin()) {
$tpl->assign('message_error', $_SESSION['sepe_message_error']);
unset($_SESSION['sepe_message_error']);
}
$tpl->assign('sec_token',$token);
$tpl->assign('sec_token', $token);
$listing_tpl = 'sepe/view/specialty-classroom-edit.tpl';
$content = $tpl->fetch($listing_tpl);
$tpl->assign('content', $content);
$tpl->display_one_col_template();
} else {
header('Location:' . api_get_path(WEB_PATH));
}

129
plugin/sepe/src/specialty-tutor-edit.php
Unescape View File

@ -3,7 +3,6 @@
/**
* This script displays a specialty tutors edit form.
* @package chamilo.plugin.sepe
*/
use \ChamiloSession as Session;
@ -16,24 +15,24 @@ $_cid = 0;
if ( !empty($_POST)) {
$check = Security::check_token('post');
if ($check) {
$sltUserExists = trim(Security::remove_XSS(stripslashes($_POST['slt_user_exists'])));
$existingTutor = trim(Security::remove_XSS(stripslashes($_POST['existingTutor'])));
$specialtyId = trim(Security::remove_XSS(stripslashes($_POST['specialty_id'])));
$tutorAccreditation = trim(Security::remove_XSS(stripslashes($_POST['tutor_accreditation'])));
$professionalExperience = trim(Security::remove_XSS(stripslashes($_POST['professional_experience'])));
$teachingCompetence = trim(Security::remove_XSS(stripslashes($_POST['teaching_competence'])));
$experienceTeleforming = trim(Security::remove_XSS(stripslashes($_POST['experience_teleforming'])));
$trainingTeleforming = trim(Security::remove_XSS(stripslashes($_POST['training_teleforming'])));
$specialtyTutorId = trim(Security::remove_XSS(stripslashes($_POST['specialtyTutorId'])));
$documentType = trim(Security::remove_XSS(stripslashes($_POST['document_type'])));
$documentNumber = trim(Security::remove_XSS(stripslashes($_POST['document_number'])));
$documentLetter = trim(Security::remove_XSS(stripslashes($_POST['document_letter'])));
$actionId = trim(Security::remove_XSS(stripslashes($_POST['action_id'])));
$newTutor = trim(Security::remove_XSS(stripslashes($_POST['new_tutor'])));
$platformUserId = trim(Security::remove_XSS(stripslashes($_POST['platform_user_id'])));
$sltUserExists = intval($_POST['slt_user_exists']);
$existingTutor = intval($_POST['existingTutor']);
$specialtyId = intval($_POST['specialty_id']);
$tutorAccreditation = Database::escape_string(trim($_POST['tutor_accreditation']));
$professionalExperience = intval($_POST['professional_experience']);
$teachingCompetence = Database::escape_string(trim($_POST['teaching_competence']));
$experienceTeleforming = intval($_POST['experience_teleforming']);
$trainingTeleforming = Database::escape_string(trim($_POST['training_teleforming']));
$specialtyTutorId = intval($_POST['specialtyTutorId']);
$documentType = Database::escape_string(trim($_POST['document_type']));
$documentNumber = Database::escape_string(trim($_POST['document_number']));
$documentLetter = Database::escape_string(trim($_POST['document_letter']));
$actionId = intval($_POST['action_id']);
$newTutor = intval($_POST['new_tutor']);
$platformUserId = intval($_POST['platform_user_id']);
if ($sltUserExists == "1") {
$sql = "SELECT * FROM plugin_sepe_tutors WHERE cod='".$existingTutor."';";
if ($sltUserExists == 1) {
$sql = "SELECT * FROM $tableSepeTutors WHERE id = $existingTutor;";
$rs = Database::query($sql);
$tmp = Database::fetch_assoc($rs);
@ -46,8 +45,8 @@ if ( !empty($_POST)) {
experience_teleforming ,
training_teleforming
) VALUES (
'".$specialtyId."',
'".$existingTutor."',
$specialtyId,
$existingTutor,
'".$tmp['tutor_accreditation']."',
'".$tmp['professional_experience']."',
'".$tmp['teaching_competence']."',
@ -59,28 +58,28 @@ if ( !empty($_POST)) {
$sql = "SELECT id
FROM $tableSepeTutors
WHERE
document_type='".$documentType."'
AND document_number='".$documentNumber."'
AND document_letter='".$documentLetter."';";
document_type = '".$documentType."'
AND document_number = '".$documentNumber."'
AND document_letter = '".$documentLetter."';";
$rs = Database::query($sql);
if (Database::num_rows($rs) > 0) {
$aux = Database::fetch_assoc($rs);
$sql = "UPDATE $tableSepeTutors SET
platform_user_id='".$platformUserId."',
tutor_accreditation='".$tutorAccreditation."',
professional_experience='".$professionalExperience."',
teaching_competence='".$teachingCompetence."',
experience_teleforming='".$experienceTeleforming."',
training_teleforming='".$trainingTeleforming."'
WHERE id='".$aux['id']."';";
platform_user_id = $platformUserId,
tutor_accreditation = '".$tutorAccreditation."',
professional_experience = $professionalExperience,
teaching_competence = '".$teachingCompetence."',
experience_teleforming = $experienceTeleforming,
training_teleforming = '".$trainingTeleforming."'
WHERE id = '".$aux['id']."';";
$res = Database::query($sql);
if (!$res) {
error_log(Database::error());
$_SESSION['sepe_message_error'] = $plugin->get_lang('NoSaveChange');
}
$newTutor = 0; //Reset variable, no create new tutor, exists tutor
$tutor_id = $aux['id'];
$specialtyTutorId = getSpecialtyTutorId($specialtyId, $tutor_id);
$tutorId = $aux['id'];
$specialtyTutorId = getSpecialtyTutorId($specialtyId, $tutorId);
} else {
$sql = "UPDATE $tableSepeTutors
SET platform_user_id=''
@ -97,14 +96,14 @@ if ( !empty($_POST)) {
experience_teleforming,
training_teleforming
) VALUES (
'".$platformUserId."',
$platformUserId,
'".$documentType."',
'".$documentNumber."',
'".$documentLetter."',
'".$tutorAccreditation."',
'".$professionalExperience."',
$professionalExperience,
'".$teachingCompetence."',
'".$experienceTeleforming."',
$experienceTeleforming,
'".$trainingTeleforming."'
);";
$res = Database::query($sql);
@ -112,19 +111,19 @@ if ( !empty($_POST)) {
error_log(Database::error());
$_SESSION['sepe_message_error'] = $plugin->get_lang('NoSaveChange');
} else {
$tutor_id = Database::insert_id();
$tutorId = Database::insert_id();
}
}
if (isset($newTutor) && $newTutor != "1") {
if (isset($newTutor) && $newTutor != 1) {
$sql = "UPDATE $tableSepeSpecialtyTutors SET
tutor_id='".$tutor_id."',
tutor_accreditation='".$tutorAccreditation."',
professional_experience='".$professionalExperience."',
teaching_competence='".$teachingCompetence."',
experience_teleforming='".$experienceTeleforming."',
tutor_id = $tutorId,
tutor_accreditation = '".$tutorAccreditation."',
professional_experience = $professionalExperience,
teaching_competence = '".$teachingCompetence."',
experience_teleforming = $experienceTeleforming,
training_teleforming='".$trainingTeleforming."'
WHERE id='".$specialtyTutorId."';";
WHERE id = $specialtyTutorId;";
} else {
$sql = "INSERT INTO $tableSepeSpecialtyTutors (
specialty_id,
@ -135,12 +134,12 @@ if ( !empty($_POST)) {
experience_teleforming,
training_teleforming
) VALUES (
'".$specialtyId."',
'".$tutor_id."',
$specialtyId,
$tutorId,
'".$tutorAccreditation."',
'".$professionalExperience."',
$professionalExperience,
'".$teachingCompetence."',
'".$experienceTeleforming."',
$experienceTeleforming,
'".$trainingTeleforming."'
);";
}
@ -149,8 +148,8 @@ if ( !empty($_POST)) {
error_log(Database::error());
$_SESSION['sepe_message_error'] = $plugin->get_lang('NoSaveChange');
} else {
if ($newTutor == "1") {
$tutor_id = Database::insert_id();
if ($newTutor == 1) {
$tutorId = Database::insert_id();
}
$_SESSION['sepe_message_info'] = $plugin->get_lang('SaveChange');
}
@ -158,10 +157,10 @@ if ( !empty($_POST)) {
session_write_close();
header("Location: specialty-action-edit.php?new_specialty=0&specialty_id=".$specialtyId."&action_id=".$actionId);
} else {
$actionId = trim(Security::remove_XSS(stripslashes($_POST['action_id'])));
$newTutor = trim(Security::remove_XSS(stripslashes($_POST['new_tutor'])));
$specialtyId = trim(Security::remove_XSS(stripslashes($_POST['specialty_id'])));
$specialtyTutorId = trim(Security::remove_XSS(stripslashes($_POST['specialtyTutorId'])));
$actionId = intval($_POST['action_id']);
$newTutor = intval($_POST['new_tutor']);
$specialtyId = intval($_POST['specialty_id']);
$specialtyTutorId = intval($_POST['specialtyTutorId']);
Security::clear_token();
$token = Security::get_token();
$_SESSION['sepe_message_error'] = $plugin->get_lang('ProblemToken');
@ -173,16 +172,16 @@ if ( !empty($_POST)) {
}
if (api_is_platform_admin()) {
$courseId = getCourse($_GET['action_id']);
$courseId = getCourse(intval($_GET['action_id']));
$interbreadcrumb[] = array("url" => "/plugin/sepe/src/sepe-administration-menu.php", "name" => $plugin->get_lang('MenuSepe'));
$interbreadcrumb[] = array("url" => "formative-actions-list.php", "name" => $plugin->get_lang('FormativesActionsList'));
$interbreadcrumb[] = array("url" => "formative-action.php?cid=".$courseId, "name" => $plugin->get_lang('FormativeAction'));
$interbreadcrumb[] = array("url" => "specialty-action-edit.php?new_specialty=0&specialty_id=".$_GET['specialty_id']."&action_id=".$_GET['action_id'], "name" => $plugin->get_lang('SpecialtyFormativeAction'));
if (isset($_GET['new_tutor']) && $_GET['new_tutor'] == "1") {
$interbreadcrumb[] = array("url" => "specialty-action-edit.php?new_specialty=0&specialty_id=".intval($_GET['specialty_id'])."&action_id=".$_GET['action_id'], "name" => $plugin->get_lang('SpecialtyFormativeAction'));
if (isset($_GET['new_tutor']) && intval($_GET['new_tutor']) == 1) {
$templateName = $plugin->get_lang('NewSpecialtyTutor');
$tpl = new Template($templateName);
$tpl->assign('action_id', $_GET['action_id']);
$tpl->assign('specialty_id', $_GET['specialty_id']);
$tpl->assign('action_id', intval($_GET['action_id']));
$tpl->assign('specialty_id', intval($_GET['specialty_id']));
$info = array();
$tpl->assign('info', $info);
$tpl->assign('new_tutor', '1');
@ -190,20 +189,20 @@ if (api_is_platform_admin()) {
} else {
$templateName = $plugin->get_lang('EditSpecialtyTutor');
$tpl = new Template($templateName);
$tpl->assign('action_id', $_GET['action_id']);
$tpl->assign('specialty_id', $_GET['specialty_id']);
$tpl->assign('tutor_id', $_GET['tutor_id']);
$info = getInfoSpecialtyTutor($_GET['tutor_id']);
$tpl->assign('action_id', intval($_GET['action_id']));
$tpl->assign('specialty_id', intval($_GET['specialty_id']));
$tpl->assign('tutor_id', intval($_GET['tutor_id']));
$info = getInfoSpecialtyTutor(intval($_GET['tutor_id']));
$tpl->assign('info', $info);
$tpl->assign('new_tutor', '0');
$platformUserId = $info['platform_user_id'];
}
$tutorsList = getTutorsSpecialty($_GET['specialty_id']);
$tutorsList = getTutorsSpecialty(intval($_GET['specialty_id']));
$tpl->assign('ExistingTutorsList', $tutorsList);
$listTeachers = CourseManager::getTeachersFromCourse($courseId);
$listTeachers = freeTeacherList($listTeachers,$_GET['specialty_id'],$platformUserId);
$listTeachers = freeTeacherList($listTeachers, intval($_GET['specialty_id']), $platformUserId);
$tpl->assign('listTeachers', $listTeachers);
if (isset($_SESSION['sepe_message_info'])) {
$tpl->assign('message_info', $_SESSION['sepe_message_info']);
@ -213,7 +212,7 @@ if (api_is_platform_admin()) {
$tpl->assign('message_error', $_SESSION['sepe_message_error']);
unset($_SESSION['sepe_message_error']);
}
$tpl->assign('sec_token',$token);
$tpl->assign('sec_token', $token);
$listing_tpl = 'sepe/view/specialty-tutor-edit.tpl';
$content = $tpl->fetch($listing_tpl);

85
plugin/sepe/src/specialty-tutorial-edit.php
Unescape View File

@ -3,7 +3,6 @@
/**
* This script displays a specialty tutorial edit form.
* @package chamilo.plugin.sepe
*/
use \ChamiloSession as Session;
@ -16,28 +15,28 @@ $_cid = 0;
if ( !empty($_POST)) {
$check = Security::check_token('post');
if ($check) {
$centerOrigin = trim(Security::remove_XSS(stripslashes($_POST['center_origin'])));
$centerCode = trim(Security::remove_XSS(stripslashes($_POST['center_code'])));
$dayStart = trim(Security::remove_XSS(stripslashes($_POST['day_start'])));
$monthStart = trim(Security::remove_XSS(stripslashes($_POST['month_start'])));
$yearStart = trim(Security::remove_XSS(stripslashes($_POST['year_start'])));
$dayEnd = trim(Security::remove_XSS(stripslashes($_POST['day_end'])));
$monthEnd = trim(Security::remove_XSS(stripslashes($_POST['month_end'])));
$yearEnd = trim(Security::remove_XSS(stripslashes($_POST['year_end'])));
$tutorialId = trim(Security::remove_XSS(stripslashes($_POST['tutorial_id'])));
$actionId = trim(Security::remove_XSS(stripslashes($_POST['action_id'])));
$specialtyId = trim(Security::remove_XSS(stripslashes($_POST['specialty_id'])));
$newTutorial = trim(Security::remove_XSS(stripslashes($_POST['new_tutorial'])));
$centerOrigin = Database::escape_string(trim($_POST['center_origin']));
$centerCode = Database::escape_string(trim($_POST['center_code']));
$dayStart = Database::escape_string(trim($_POST['day_start']));
$monthStart = Database::escape_string(trim($_POST['month_start']));
$yearStart = Database::escape_string(trim($_POST['year_start']));
$dayEnd = Database::escape_string(trim($_POST['day_end']));
$monthEnd = Database::escape_string(trim($_POST['month_end']));
$yearEnd = Database::escape_string(trim($_POST['year_end']));
$tutorialId = intval($_POST['tutorial_id']);
$actionId = intval($_POST['action_id']);
$specialtyId = intval($_POST['specialty_id']);
$newTutorial = intval($_POST['new_tutorial']);
$starDate = $yearStart."-".$monthStart."-".$dayStart;
$endDate = $yearEnd."-".$monthEnd."-".$dayEnd;
if (isset($newTutorial) && $newTutorial != "1") {
if (isset($newTutorial) && $newTutorial != 1) {
$sql = "UPDATE $tableSepeParticipantsSpecialtyTutorials SET
center_origin='".$centerOrigin."',
center_code='".$centerCode."',
start_date='".$starDate."',
end_date='".$endDate."'
WHERE id='".$tutorialId."';";
WHERE id = $tutorialId;";
} else {
$sql = "INSERT INTO $tableSepeParticipantsSpecialtyTutorials (
participant_specialty_id,
@ -46,7 +45,7 @@ if ( !empty($_POST)) {
start_date,
end_date
) VALUES (
'".$specialtyId."',
$specialtyId,
'".$centerOrigin."',
'".$centerCode."',
'".$starDate."',
@ -65,10 +64,10 @@ if ( !empty($_POST)) {
$participantId = getParticipantId($specialtyId);
header("Location: participant-specialty-edit.php?new_specialty=0&participant_id=".$participantId."&specialty_id=".$specialtyId."&action_id=".$actionId);
} else {
$tutorialId = trim(Security::remove_XSS(stripslashes($_POST['tutorial_id'])));
$actionId = trim(Security::remove_XSS(stripslashes($_POST['action_id'])));
$specialtyId = trim(Security::remove_XSS(stripslashes($_POST['specialty_id'])));
$newTutorial = trim(Security::remove_XSS(stripslashes($_POST['new_tutorial'])));
$tutorialId = intval($_POST['tutorial_id']);
$actionId = intval($_POST['action_id']);
$specialtyId = intval($_POST['specialty_id']);
$newTutorial = intval($_POST['new_tutorial']);
Security::clear_token();
$token = Security::get_token();
$_SESSION['sepe_message_error'] = $plugin->get_lang('ProblemToken');
@ -80,17 +79,17 @@ if ( !empty($_POST)) {
}
if (api_is_platform_admin()) {
$courseId = getCourse($_GET['action_id']);
$participantId = getParticipantId($_GET['specialty_id']);
$courseId = getCourse(intval($_GET['action_id']));
$participantId = getParticipantId(intval($_GET['specialty_id']));
$interbreadcrumb[] = array("url" => "/plugin/sepe/src/sepe-administration-menu.php", "name" => $plugin->get_lang('MenuSepe'));
$interbreadcrumb[] = array("url" => "formative-actions-list.php", "name" => $plugin->get_lang('FormativesActionsList'));
$interbreadcrumb[] = array("url" => "formative-action.php?cid=".$courseId, "name" => $plugin->get_lang('FormativeAction'));
$interbreadcrumb[] = array("url" => "participant-specialty-edit.php?new_specialty=0&participant_id=".$participantId."&specialty_id=".$_GET['specialty_id']."&action_id=".$_GET['action_id'], "name" => $plugin->get_lang('SpecialtyFormativeParcipant'));
if (isset($_GET['new_tutorial']) && $_GET['new_tutorial'] == "1") {
$interbreadcrumb[] = array("url" => "participant-specialty-edit.php?new_specialty=0&participant_id=".$participantId."&specialty_id=".intval($_GET['specialty_id'])."&action_id=".intval($_GET['action_id']), "name" => $plugin->get_lang('SpecialtyFormativeParcipant'));
if (isset($_GET['new_tutorial']) && intval($_GET['new_tutorial']) == 1) {
$templateName = $plugin->get_lang('new_tutorial');
$tpl = new Template($templateName);
$tpl->assign('action_id', $_GET['action_id']);
$tpl->assign('specialty_id', $_GET['specialty_id']);
$tpl->assign('action_id', intval($_GET['action_id']));
$tpl->assign('specialty_id', intval($_GET['specialty_id']));
$info = array();
$tpl->assign('info', $info);
$tpl->assign('new_tutorial', '1');
@ -98,29 +97,29 @@ if (api_is_platform_admin()) {
} else {
$templateName = $plugin->get_lang('edit_tutorial');
$tpl = new Template($templateName);
$tpl->assign('action_id', $_GET['action_id']);
$tpl->assign('specialty_id', $_GET['specialty_id']);
$tpl->assign('tutorial_id', $_GET['tutorial_id']);
$info = getInfoSpecialtyTutorial($_GET['tutorial_id']);
$tpl->assign('action_id', intval($_GET['action_id']));
$tpl->assign('specialty_id', intval($_GET['specialty_id']));
$tpl->assign('tutorial_id', intval($_GET['tutorial_id']));
$info = getInfoSpecialtyTutorial(intval($_GET['tutorial_id']));
$tpl->assign('info', $info);
$tpl->assign('new_tutorial', '0');
if ($info['start_date'] != '0000-00-00' && $info['start_date'] != NULL) {
$tpl->assign('day_start', date("j",strtotime($info['start_date'])));
$tpl->assign('month_start', date("n",strtotime($info['start_date'])));
$tpl->assign('year_start', date("Y",strtotime($info['start_date'])));
$startYear = date("Y",strtotime($info['start_date']));
} elseif (strpos($info['end_date'],'0000') === false) {
$startYear = date("Y",strtotime($info['start_date']));
$tpl->assign('day_start', date("j", strtotime($info['start_date'])));
$tpl->assign('month_start', date("n", strtotime($info['start_date'])));
$tpl->assign('year_start', date("Y", strtotime($info['start_date'])));
$startYear = date("Y", strtotime($info['start_date']));
} elseif (strpos($info['end_date'], '0000') === false) {
$startYear = date("Y", strtotime($info['start_date']));
} else {
$startYear = date("Y");
}
if ($info['end_date'] != '0000-00-00' && $info['end_date'] != NULL) {
$tpl->assign('day_end', date("j",strtotime($info['end_date'])));
$tpl->assign('month_end', date("n",strtotime($info['end_date'])));
$tpl->assign('year_end', date("Y",strtotime($info['end_date'])));
$endYear = date("Y",strtotime($info['end_date']));
} elseif (strpos($info['end_date'],'0000') === false) {
$endYear = date("Y",strtotime($info['end_date']));
$tpl->assign('day_end', date("j", strtotime($info['end_date'])));
$tpl->assign('month_end', date("n", strtotime($info['end_date'])));
$tpl->assign('year_end', date("Y", strtotime($info['end_date'])));
$endYear = date("Y", strtotime($info['end_date']));
} elseif (strpos($info['end_date'], '0000') === false) {
$endYear = date("Y", strtotime($info['end_date']));
} else {
$endYear = date("Y");
}
@ -148,7 +147,7 @@ if (api_is_platform_admin()) {
$tpl->assign('message_error', $_SESSION['sepe_message_error']);
unset($_SESSION['sepe_message_error']);
}
$tpl->assign('sec_token',$token);
$tpl->assign('sec_token', $token);
$listing_tpl = 'sepe/view/specialty-tutorial-edit.tpl';
$content = $tpl->fetch($listing_tpl);

30
plugin/sepe/view/formative-actions-list.tpl
Unescape View File

@ -14,46 +14,46 @@
</div>
{% endif %}
<div class="page-header">
<h2>{{ 'FormativesActionsList' | get_plugin_lang('SepePlugin') }}</h2>
<h2>{{ 'FormativesActionsList' | get_plugin_lang('SepePlugin') }}</h2>
</div>
<div class="report_section">
{% if course_action_list|length > 0 %}
<input type="hidden" id="confirmDeleteUnlinkAction" value="{{ 'confirmDeleteAction' | get_plugin_lang('SepePlugin') }}" />
{% if course_action_list|length > 0 %}
<input type="hidden" id="confirmDeleteUnlinkAction" value="{{ 'confirmDeleteAction' | get_plugin_lang('SepePlugin') }}" />
<table class="table table-bordered sepe-box-center" style="width:auto">
{% for course in course_action_list %}
<tr>
{% for course in course_action_list %}
<tr>
<td class="sepe-vertical-align-middle">{{ 'Course' | get_lang }}: <strong>{{ course.title }}</strong> -> {{ 'ActionId' | get_plugin_lang('SepePlugin') | upper }}: <strong>{{ course.action_origin }} {{ course.action_code }}</strong></td>
<td class="text-center">
<a href="#" class="btn btn-danger btn-sm sepe-margin-side delete-action" id="delete-action-id{{ course.action_id }}">{{ 'Delete' | get_plugin_lang('SepePlugin') }}</a>
<a href="#" class="btn btn-warning btn-sm sepe-margin-side unlink-action" id="unlink-action-id{{ course.id }}">{{ 'Unlink' | get_plugin_lang('SepePlugin') }}</a>
<a href="formative-action.php?cid={{ course.course_id }}" class="btn btn-info btn-sm sepe-margin-side">{{ 'SeeOrEdit' | get_plugin_lang('SepePlugin') }}</a>
</td>
</tr>
</tr>
{% endfor %}
</table>
{% else %}
<div class="alert alert-warning">
<div class="alert alert-warning">
{{ 'NoFormativeActionToCourse' | get_plugin_lang('SepePlugin') }}
</div>
{% endif %}
</div>
<hr />
<div class="page-header">
<h2>{{ 'CourseFreeOfFormativeAction' | get_plugin_lang('SepePlugin') }}</h2>
<h2>{{ 'CourseFreeOfFormativeAction' | get_plugin_lang('SepePlugin') }}</h2>
</div>
<div class="report_section">
<input type="hidden" id="alertAssignAction" value="{{ 'alertAssignAction'| get_plugin_lang('SepePlugin') }}" />
<table class="table table-striped">
{% for course in course_free_list %}
<tr>
<table class="table table-striped">
{% for course in course_free_list %}
<tr>
<td class="sepe-vertical-align-middle">{{ 'Course' | get_lang }}: <strong>{{ course.title }}</strong></td>
<td class="text-center sepe-vertical-align-middle">
<select class="chzn-select" id="action_formative{{ course.id }}" style="width:250px">
<option value="">{{ 'SelectAction' | get_plugin_lang('SepePlugin') }}</option>
<select class="chzn-select" id="action_formative{{ course.id }}" style="width:250px">
<option value="">{{ 'SelectAction' | get_plugin_lang('SepePlugin') }}</option>
{% for action in action_free_list %}
<option value="{{ action.id }}">
<option value="{{ action.id }}">
{{ action.action_origin }} {{ action.action_code }}
</option>
{% endfor %}
@ -63,7 +63,7 @@
<a href="#" class="btn btn-info btn-sm sepe-margin-side assign_action" id="course_id{{ course.id }}">{{ 'AssignAction' | get_plugin_lang('SepePlugin') }}</a>
<a href="formative-action-edit.php?new_action=1&cid={{ course.id }}" class="btn btn-success btn-sm sepe-margin-side">{{ 'CreateAction' | get_plugin_lang('SepePlugin') }}</a>
</td>
</tr>
</tr>
{% endfor %}
</table>
</div>

14
plugin/sepe/view/participant-action-edit.tpl
Unescape View File

@ -2,7 +2,7 @@
<script type='text/javascript'>
$(document).ready(function () {
$("select[name='company_tutor_id']").change(function(){
if ($(this).val() == "new_company_tutor") {
if ($(this).val() == "0") {
$("#new-company-tutor-layer").show();
} else {
$("#new-company-tutor-layer").hide();
@ -10,7 +10,7 @@
});
$("select[name='training_tutor_id']").change(function(){
if ($(this).val() == "new_training_tutor") {
if ($(this).val() == "0") {
$("#new-training-tutor-layer").show();
} else {
$("#new-training-tutor-layer").hide();
@ -170,7 +170,8 @@
<label class="control-label col-sm-3">{{ 'CompanyTutorsList' | get_plugin_lang('SepePlugin') }}</label>
<div class="col-sm-9">
<select name="company_tutor_id" class="form-control">
<option value="new_company_tutor">{{ 'CreateNewTutorCompany' | get_plugin_lang('SepePlugin') }}</option>
<option value="" selected="selected">{{ 'NoTutor' | get_plugin_lang('SepePlugin') }}</option>
<option value="0">{{ 'CreateNewTutorCompany' | get_plugin_lang('SepePlugin') }}</option>
{% for tutor in list_tutor_company %}
{% if tutor.id == info.company_tutor_id or ( info|length == 0 and tutor.id == "1" ) %}
<option value="{{ tutor.id }}" selected="selected">{{ tutor.alias }}</option>
@ -194,7 +195,7 @@
<label class="control-label col-sm-3">{{ 'DocumentType' | get_plugin_lang('SepePlugin') }}: </label>
<div class="col-sm-9">
<select name="tutor_company_document_type" class="form-control">
<select name="tutor_company_document_type" class="form-control">
<option value="" selected="selected"></option>
<option value="D">{{ 'DocumentTypeD' | get_plugin_lang('SepePlugin') }}</option>
<option value="E">{{ 'DocumentTypeE' | get_plugin_lang('SepePlugin') }}</option>
@ -233,7 +234,8 @@
<label class="control-label col-sm-3">{{ 'TrainingTutorsList' | get_plugin_lang('SepePlugin') }}</label>
<div class="col-sm-9">
<select name="training_tutor_id" class="form-control">
<option value="new_training_tutor">{{ 'CreateNewTutorTraining' | get_plugin_lang('SepePlugin') }}</option>
<option value="" selected="selected">{{ 'NoTutor' | get_plugin_lang('SepePlugin') }}</option>
<option value="0">{{ 'CreateNewTutorTraining' | get_plugin_lang('SepePlugin') }}</option>
{% for tutor in list_tutor_training %}
{% if tutor.id == info.training_tutor_id or ( info|length == 0 and tutor.id == "1" ) %}
<option value="{{ tutor.id }}" selected="selected">{{ tutor.alias }}</option>
@ -256,7 +258,7 @@
<div class="form-group">
<label class="control-label col-sm-3">{{ 'DocumentType' | get_plugin_lang('SepePlugin') }}: </label>
<div class="col-sm-9">
<select name="tutor_training_document_type" class="form-control">
<select name="tutor_training_document_type" class="form-control">
<option value="" selected="selected"></option>
<option value="D">{{ 'DocumentTypeD' | get_plugin_lang('SepePlugin') }}</option>
<option value="E">{{ 'DocumentTypeE' | get_plugin_lang('SepePlugin') }}</option>

2
plugin/sepe/view/sepe-administration-menu.tpl
Unescape View File

@ -1,5 +1,5 @@
<div class="row">
<div class="col-md-12">
{{ html_text }}
{{ html_text }}
</div>
</div>

4
plugin/sepe/view/specialty-tutor-edit.tpl
Unescape View File

@ -270,9 +270,9 @@
<option value="" selected="selected"></option>
{% for teacher in listTeachers %}
{% if info.platform_user_id == teacher.user_id %}
<option value="{{ teacher.user_id }}" selected="selected">{{ teacher.firstname }} {{ teacher.lastname }}</option>
<option value="{{ teacher.id }}" selected="selected">{{ teacher.firstname }} {{ teacher.lastname }}</option>
{% else %}
<option value="{{ teacher.user_id }}">{{ teacher.firstname }} {{ teacher.lastname }}</option>
<option value="{{ teacher.id }}">{{ teacher.firstname }} {{ teacher.lastname }}</option>
{% endif %}
{% endfor %}
</select>

Write Preview
Loading…
Cancel
Save