[svn r10808] bugfix: error when editing student publication

http://www.dokeos.com/forum/viewtopic.php?t=8294

main/work/work.php

@@ -23,7 +23,7 @@
 * 	@author Patrick Cool <patrick.cool@UGent.be>, Ghent University - ability for course admins to specify wether uploaded documents are visible or invisible by default.
 * 	@author Roan Embrechts, code refactoring and virtual course support
 * 	@author Frederic Vauthier, directories management
-*  	@version $Id: work.php 10570 2006-12-29 13:57:25Z fvauthier $
+*  	@version $Id: work.php 10808 2007-01-20 19:59:25Z pcool $
 *
 * 	@todo refactor more code into functions, use quickforms, coding standards, ...
 */
@@ -104,13 +104,14 @@ include_once(api_get_path(LIBRARY_PATH) . "course.lib.php");
 include_once(api_get_path(LIBRARY_PATH) . "debug.lib.inc.php");
 include_once(api_get_path(LIBRARY_PATH) . "events.lib.inc.php");
 include_once('work.lib.php');
+
+
 /*
 -----------------------------------------------------------
 	Table definitions
 -----------------------------------------------------------
 */
-$tool_name = get_lang(TOOL_STUDENTPUBLICATION);
+$main_course_table 	= Database::get_main_table(TABLE_MAIN_COURSE);
-$main_course_table = Database::get_main_table(TABLE_MAIN_COURSE);
 $work_table 		= Database::get_course_table(TABLE_STUDENT_PUBLICATION);
 $iprop_table 		= Database::get_course_table(TABLE_ITEM_PROPERTY);
 
@@ -119,8 +120,7 @@ $iprop_table 		= Database::get_course_table(TABLE_ITEM_PROPERTY);
 	Constants and variables
 -----------------------------------------------------------
 */
-
+$tool_name 			= get_lang('StudentPublication');
-
 $user_id = api_get_user_id();
 $course_code = $_course['sysCode'];
 $is_course_member = CourseManager::is_user_subscribed_in_real_or_linked_course($user_id, $course_code, $_SESSION['id_session']);
@@ -139,7 +139,6 @@ $make_invisible = $_REQUEST['make_invisible'];
 $make_visible = $_REQUEST['make_visible'];
 $origin = $_REQUEST['origin'];
 $submitGroupWorkUrl = $_REQUEST['submitGroupWorkUrl'];
-$submitWork = $_REQUEST['submitWork'];
 $title = $_REQUEST['title'];
 $uploadvisibledisabled = $_REQUEST['uploadvisibledisabled'];
 $id = (int) $_REQUEST['id'];
@@ -171,9 +170,12 @@ $cur_dir_path_url = urlencode($cur_dir_path);
 
 //prepare a form of path that can easily be added at the end of any url ending with "work/"
 $my_cur_dir_path = $cur_dir_path;
-if($my_cur_dir_path == '/'){
+if($my_cur_dir_path == '/')
+{
 	$my_cur_dir_path = '';
-}elseif(substr($my_cur_dir_path,-1,1)!='/'){
+}
+elseif(substr($my_cur_dir_path,-1,1)!='/')
+{
 	$my_cur_dir_path = $my_cur_dir_path.'/';
 }
 /*
@@ -207,7 +209,7 @@ if(isset($_POST['cancelForm']) && !empty($_POST['cancelForm']))
 	exit();
 }
 
-if ($submitWork || $submitGroupWorkUrl)
+if ($_POST['submitWork'] || $submitGroupWorkUrl)
 {
 	// these libraries are only used for upload purpose
 	// so we only include them when necessary
@@ -233,7 +235,8 @@ if($_SERVER['REQUEST_METHOD'] == 'POST' && !sizeof($_POST))
 }
 //toolgroup comes from group. the but of tis variable is to limit post to the group of the student
 if (!api_is_course_admin()){
-	if (!empty($_GET['toolgroup'])){
+	if (!empty($_GET['toolgroup']))
+	{
 		$toolgroup=$_GET['toolgroup'];
 		api_session_register('toolgroup');
 	}
@@ -256,13 +259,9 @@ else
 //stats
 event_access_tool(TOOL_STUDENTPUBLICATION);
 
-
-
 $is_allowed_to_edit = api_is_allowed_to_edit(); //has to come after display_tool_view_option();
 //api_display_tool_title($tool_name);
 
-
-
 /*
 ==============================================================================
 		MAIN CODE
@@ -297,7 +296,7 @@ Display::display_introduction_section(TOOL_STUDENTPUBLICATION);
 	COMMANDS SECTION (reserved for course administrator)
 -----------------------------------------------------------
 */
-if ($is_allowed_to_edit)
+if (api_is_allowed_to_edit())
 {
 	/*-------------------------------------------
 				DELETE WORK COMMAND
@@ -439,7 +438,8 @@ if ($is_allowed_to_edit)
 	/* -------------------
 	 * Delete dir command
 	 --------------------*/
-	if(!empty($_REQUEST['delete_dir'])){
+	if(!empty($_REQUEST['delete_dir']))
+	{
 		//TODO implement
 		del_dir($base_work_dir.'/',$_REQUEST['delete_dir']);
 		Display::display_normal_message($_REQUEST['delete_dir'].' '.get_lang('DirDeleted'));
@@ -447,7 +447,8 @@ if ($is_allowed_to_edit)
 	/* ----------------------
 	 * Move file form request
 	 ----------------------- */
-	if(!empty($_REQUEST['move'])){
+	if(!empty($_REQUEST['move']))
+	{
 		$folders = get_subdirs_list($base_work_dir,1);
 		Display::display_normal_message(build_move_to_selector($folders,$cur_dir_path,$_REQUEST['move']));
 	}
@@ -461,7 +462,8 @@ if ($is_allowed_to_edit)
 		if($move_to == '/' or empty($move_to))
 		{
 			$move_to = '';
-		}elseif(substr($move_to,-1,1)!='/')
+		}
+		elseif(substr($move_to,-1,1)!='/')
 		{
 			$move_to = $move_to.'/';
 		}
@@ -496,15 +498,19 @@ if ($is_allowed_to_edit)
 	COMMANDS SECTION (reserved for others - check they're authors each time)
 -----------------------------------------------------------
 */
-else{
+else
-	$iprop_table = Database::get_course_table(ITEM_PROPERTY_TABLE);
+{
+	$iprop_table = Database::get_course_table(TABLE_ITEM_PROPERTY);
 	$user_id = api_get_user_id();
 	/*-------------------------------------------
 				DELETE WORK COMMAND
 	-----------------------------------------*/
 	if ($delete)
 	{
-		if ($delete == "all"){/*not authorized to this user */}
+		if ($delete == "all")
+		{
+			/*not authorized to this user */
+		}
 		else
 		{
 			//Get the author ID for that document from the item_property table
@@ -536,7 +542,6 @@ else{
 	/*-------------------------------------------
 	           EDIT COMMAND WORK COMMAND
 	  -----------------------------------------*/
-
 	if ($edit)
 	{
 		//Get the author ID for that document from the item_property table
@@ -569,7 +574,7 @@ else{
 
 $error_message="";
 
-if($submitWork && $is_course_member)
+if($_POST['submitWork'] && $is_course_member)
 {
 	if($_FILES['file']['size'])
 	{
@@ -602,7 +607,10 @@ if($submitWork && $is_course_member)
 		{
 			$post_group_id = $_SESSION['toolgroup'];
 		}
-		else{$post_group_id = '0';}
+		else
+		{
+			$post_group_id = '0';
+		}
 		//if we come from the group tools the groupid will be saved in $work_table
 
 		move_uploaded_file($_FILES['file']['tmp_name'],$updir.$my_cur_dir_path.$new_file_name);
@@ -707,7 +715,7 @@ if($submitWork && $is_course_member)
 		}
 	}
 }
-if ($submitWork && $succeed &&!$id) //last value is to check this is not "just" an edit
+if ($_POST['submitWork'] && $succeed &&!$id) //last value is to check this is not "just" an edit
 {
 		//YW Tis part serve to send a e-mail to the tutors when a new file is send
 	// Lets predefine some variables. Be sure to change the from address!
@@ -884,7 +892,7 @@ if ($submitWork && $succeed &&!$id) //last value is to check this is not "just"
 					"<td>",
 					"<input type=\"submit\" name=\"submitWork\" value=\"".get_lang('Ok')."\">";
 
-			if($submitWork || $edit)
+			if($_POST['submitWork'] || $edit)
 			{
 				echo "&nbsp;&nbsp;<input type=\"submit\" name=\"cancelForm\" value=\"".get_lang('Cancel')."\" onclick=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang('ConfirmYourChoice')))."')) return false;\">";
 			}