chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Use Database::insert

Browse Source
1.10.x
Julio Montoya 10 years ago
parent b647292d81
commit 4dff56a3c7
10 changed files with 290 additions and 272 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 21
      main/exercice/hotspot_savescore.inc.php
  2. 21
      main/exercice/question.class.php
  3. 38
      main/exercice/unique_answer.class.php
  4. 194
      main/forum/forumfunction.inc.php
  5. 52
      main/inc/lib/AnnouncementManager.php
  6. 64
      main/inc/lib/attendance.lib.php
  7. 2
      main/inc/lib/blog.lib.php
  8. 30
      main/inc/lib/fileUpload.lib.php
  9. 22
      main/inc/lib/glossary.lib.php
  10. 118
      main/work/work.lib.php

21
main/exercice/hotspot_savescore.inc.php
Unescape View File

@ -38,15 +38,16 @@ $coordinates = substr($coordinates,0,-1);
$TBL_TRACK_E_HOTSPOT = Database::get_main_table(TABLE_STATISTIC_TRACK_E_HOTSPOT);
// Save into db
$sql = "INSERT INTO $TBL_TRACK_E_HOTSPOT (user_id , course_id , quiz_id , question_id , answer_id , correct , coordinate ) VALUES (
".intval($_user['user_id']).",
'".Database::escape_string($courseCode)."',
".intval($exerciseId).",
".intval($questionId).",
".intval($answerId).",
".intval($hit)."',
'".Database::escape_string($coordinates)."')";
$result = Database::query($sql);
$params = [
'user_id' => api_get_user_id(),
'course_id' => $courseCode,
'quiz_id' => $exerciseId,
'question_id' => $questionId,
'answer_id' => $answerId,
'correct' => $hit ,
'coordinate' => $coordinates
];
// Save insert id into session if users changes answer.
$insert_id = Database::insert_id();
$insert_id = Database::insert($TBL_TRACK_E_HOTSPOT, $params);
$_SESSION['exerciseResult'][$questionId]['ids'][$answerOrderId] = $insert_id;

21
main/exercice/question.class.php
Unescape View File

@ -876,16 +876,19 @@ abstract class Question
$TBL_ANSWERS = Database::get_course_table(
TABLE_QUIZ_ANSWER
);
$sql = "INSERT INTO $TBL_ANSWERS (
c_id, question_id, answer, correct, comment, ponderation, position, hotspot_coordinates,
hotspot_type
)
VALUES (
$c_id, " . intval($this->id) . ", '', NULL , '', '10' , '1', '0;0|0|0', 'delineation'
)";
Database::query($sql);
$params = [
'c_id' => $c_id,
'question_id' => $this->id,
'answer' => '',
'correct' => '',
'comment' => '',
'ponderation' => 10,
'position' => 1,
'hotspot_coordinates' => '0;0|0|0',
'hotspot_type' => 'delineation',
];
$id = Database::insert($TBL_ANSWERS, $params);
$id = Database::insert_id();
if ($id) {
$sql = "UPDATE $TBL_ANSWERS SET id = id_auto WHERE id_auto = $id";
Database::query($sql);

38
main/exercice/unique_answer.class.php
Unescape View File

@ -447,30 +447,22 @@ class UniqueAnswer extends Question
$rs_max = Database::query($sql);
$row_max = Database::fetch_object($rs_max);
$position = $row_max->max_position + 1;
// Insert a new answer
$sql = "INSERT INTO $tbl_quiz_answer (
c_id,
id,
question_id,
answer,
correct,
comment,
ponderation,
position,
destination
) VALUES (
$course_id,
$id,
$question_id,
'" . $title . "',
$correct,
'" . $comment . "',
'$score', $position,
'0@@0@@0@@0'
)";
Database::query($sql);
$id = Database::insert_id();
$params = [
'c_id' => $course_id,
'id' => $id,
'question_id' => $question_id,
'answer' => $title,
'correct' => $correct,
'comment' => $comment,
'ponderation' => $score,
'position' => $position,
'destination' => '0@@0@@0@@0',
];
$id = Database::insert($tbl_quiz_answer, $params);
if ($id) {
$sql = "UPDATE $tbl_quiz_answer SET id = iid WHERE iid = $id";
Database::query($sql);

194
main/forum/forumfunction.inc.php
Unescape View File

@ -685,21 +685,28 @@ function store_forum($values, $courseInfo = array(), $returnId = false)
}
// Storing after edition.
$sql = "UPDATE ".$table_forums." SET
forum_title='".$clean_title."',
".$sql_image."
forum_comment='".Database::escape_string(stripslashes($values['forum_comment']))."',
forum_category='".Database::escape_string(stripslashes($values['forum_category']))."',
allow_anonymous='".Database::escape_string(isset($values['allow_anonymous_group']['allow_anonymous']) ? $values['allow_anonymous_group']['allow_anonymous'] : null)."',
allow_edit='".Database::escape_string($values['students_can_edit_group']['students_can_edit'])."',
approval_direct_post='".Database::escape_string(isset($values['approval_direct_group']['approval_direct']) ? $values['approval_direct_group']['approval_direct'] : null)."',
allow_attachments='".Database::escape_string(isset($values['allow_attachments_group']['allow_attachments']) ? $values['allow_attachments_group']['allow_attachments'] : null)."',
allow_new_threads='".Database::escape_string($values['allow_new_threads_group']['allow_new_threads'])."',
forum_group_public_private='".Database::escape_string($values['public_private_group_forum_group']['public_private_group_forum'])."',
default_view='".Database::escape_string($values['default_view_type_group']['default_view_type'])."',
forum_of_group='".Database::escape_string($values['group_forum'])."'
WHERE c_id = $course_id AND forum_id = ".intval($values['forum_id'])."";
Database::query($sql);
$params = [
'forum_title'=> $values['forum_title'],
'forum_image'=> $sql_image,
'forum_comment'=> $values['forum_comment'],
'forum_category'=> $values['forum_category'],
'allow_anonymous'=> $values['allow_anonymous_group']['allow_anonymous'],
'allow_edit'=> $values['students_can_edit_group']['students_can_edit'],
'approval_direct_post'=> $values['approval_direct_group']['approval_direct'],
'allow_attachments'=> $values['allow_attachments_group']['allow_attachments'],
'allow_new_threads'=> $values['allow_new_threads_group']['allow_new_threads'],
'default_view'=> $values['default_view_type_group']['default_view_type'],
'forum_of_group'=> $values['group_forum'],
'forum_group_public_private'=> $values['public_private_group_forum_group']['public_private_group_forum'],
'forum_order'=> $new_max,
'session_id'=> $session_id,
];
Database::update(
$table_forums,
$params,
['c_id = ? AND = forum_id' => [$course_id, $values['forum_id']]]
);
api_item_property_update(
$courseInfo,
@ -718,25 +725,24 @@ function store_forum($values, $courseInfo = array(), $returnId = false)
$sql_image = "'".$new_file_name."', ";
}
$sql = "INSERT INTO ".$table_forums." (c_id, forum_title, forum_image, forum_comment, forum_category, allow_anonymous, allow_edit, approval_direct_post, allow_attachments, allow_new_threads, default_view, forum_of_group, forum_group_public_private, forum_order, session_id)
VALUES (
".$course_id.",
'".$clean_title."',
".$sql_image."
'".Database::escape_string(isset($values['forum_comment']) ? $values['forum_comment'] : null)."',
'".Database::escape_string(isset($values['forum_category']) ? $values['forum_category'] : null)."',
'".Database::escape_string(isset($values['allow_anonymous_group']['allow_anonymous']) ? $values['allow_anonymous_group']['allow_anonymous'] : null)."',
'".Database::escape_string(isset($values['students_can_edit_group']['students_can_edit']) ? $values['students_can_edit_group']['students_can_edit'] : null)."',
'".Database::escape_string(isset($values['approval_direct_group']['approval_direct']) ? $values['approval_direct_group']['approval_direct'] : null)."',
'".Database::escape_string(isset($values['allow_attachments_group']['allow_attachments']) ? $values['allow_attachments_group']['allow_attachments'] : null)."',
'".Database::escape_string(isset($values['allow_new_threads_group']['allow_new_threads']) ? $values['allow_new_threads_group']['allow_new_threads'] : null)."',
'".Database::escape_string(isset($values['default_view_type_group']['default_view_type']) ? $values['default_view_type_group']['default_view_type'] : null)."',
'".Database::escape_string(isset($values['group_forum']) ? $values['group_forum'] : null)."',
'".Database::escape_string(isset($values['public_private_group_forum_group']['public_private_group_forum']) ? $values['public_private_group_forum_group']['public_private_group_forum'] : null)."',
'".Database::escape_string(isset($new_max) ? $new_max : null)."',
".intval($session_id).")";
Database::query($sql);
$last_id = Database::insert_id();
$params = [
'c_id' => $course_id,
'forum_title'=> $values['forum_title'],
'forum_image'=> $sql_image,
'forum_comment'=> isset($values['forum_comment']) ? $values['forum_comment'] : null,
'forum_category'=> isset($values['forum_category']) ? $values['forum_category'] : null,
'allow_anonymous'=> isset($values['allow_anonymous_group']['allow_anonymous']) ? $values['allow_anonymous_group']['allow_anonymous'] : null,
'allow_edit'=> isset($values['students_can_edit_group']['students_can_edit']) ? $values['students_can_edit_group']['students_can_edit'] : null,
'approval_direct_post'=> isset($values['approval_direct_group']['approval_direct']) ? $values['approval_direct_group']['approval_direct'] : null,
'allow_attachments'=> isset($values['allow_attachments_group']['allow_attachments']) ? $values['allow_attachments_group']['allow_attachments'] : null,
'allow_new_threads'=> isset($values['allow_new_threads_group']['allow_new_threads']) ? $values['allow_new_threads_group']['allow_new_threads'] : null,
'default_view'=> isset($values['default_view_type_group']['default_view_type']) ? $values['default_view_type_group']['default_view_type'] : null,
'forum_of_group'=> isset($values['group_forum']) ? $values['group_forum'] : null,
'forum_group_public_private'=> isset($values['public_private_group_forum_group']['public_private_group_forum']) ? $values['public_private_group_forum_group']['public_private_group_forum'] : null,
'forum_order'=> isset($new_max) ? $new_max : null,
'session_id'=> $session_id,
];
$last_id = Database::insert($table_forums, $params);
if ($last_id > 0) {
$sql = "UPDATE $table_forums SET forum_id = $last_id
@ -2335,7 +2341,7 @@ function store_thread($current_forum, $values, $courseInfo = array(), $showMessa
$visible = 1;
}
$clean_post_title = Database::escape_string(stripslashes($values['post_title']));
$clean_post_title = $values['post_title'];
// We first store an entry in the forum_thread table because the thread_id is used in the forum_post table.
$last_thread_id = Database::insert(
@ -2431,20 +2437,20 @@ function store_thread($current_forum, $values, $courseInfo = array(), $showMessa
}
// We now store the content in the table_post table.
$sql = "INSERT INTO $table_posts (c_id, post_title, post_text, thread_id, forum_id, poster_id, poster_name, post_date, post_notification, post_parent_id, visible)
VALUES (
".$course_id.",
'".$clean_post_title."',
'".Database::escape_string($values['post_text'])."',
'".Database::escape_string($last_thread_id)."',
'".Database::escape_string($values['forum_id'])."',
'".Database::escape_string($_user['user_id'])."',
'".Database::escape_string(stripslashes(isset($values['poster_name']) ? $values['poster_name'] : null))."',
'".Database::escape_string($post_date)."',
'".Database::escape_string(isset($values['post_notification']) ? $values['post_notification'] : null)."','0',
'".Database::escape_string($visible)."')";
Database::query($sql);
$last_post_id = Database::insert_id();
$params = [
'c_id' => $course_id,
'post_title' => $clean_post_title,
'post_text' => $values['post_text'],
'thread_id' => $last_thread_id,
'forum_id' => $values['forum_id'],
'poster_id' => $_user['user_id'],
'poster_name' => isset($values['poster_name']) ? $values['poster_name'] : null,
'post_date' => $post_date,
'post_notification' => isset($values['post_notification']) ? $values['post_notification'] : null,
'post_parent_id' => 0,
'visible' => $visible,
];
$last_post_id = Database::insert($table_posts, $params);
if ($last_post_id) {
$sql = "UPDATE $table_posts SET post_id = $last_post_id
@ -2478,7 +2484,10 @@ function store_thread($current_forum, $values, $courseInfo = array(), $showMessa
if ($has_attachment) {
// Try to add an extension to the file if it hasn't one.
$new_file_name = add_ext_on_mime(stripslashes($_FILES['user_upload']['name']), $_FILES['user_upload']['type']);
$new_file_name = add_ext_on_mime(
stripslashes($_FILES['user_upload']['name']),
$_FILES['user_upload']['type']
);
if (!filter_extension($new_file_name)) {
if ($showMessage) {
@ -4046,56 +4055,66 @@ function store_move_post($values)
$current_post = get_post_information($values['post_id']);
// Storing a new thread.
$sql = "INSERT INTO $table_threads (c_id, thread_title, forum_id, thread_poster_id, thread_poster_name, thread_last_post, thread_date)
VALUES (
".$course_id.",
'".Database::escape_string($current_post['post_title'])."',
'".Database::escape_string($current_post['forum_id'])."',
'".Database::escape_string($current_post['poster_id'])."',
'".Database::escape_string($current_post['poster_name'])."',
'".Database::escape_string($values['post_id'])."',
'".Database::escape_string($current_post['post_date'])."'
)";
Database::query($sql);
$new_thread_id = Database::insert_id();
api_item_property_update($_course, TOOL_FORUM_THREAD, $new_thread_id, 'visible', $current_post['poster_id']);
$params = [
'c_id' => $course_id,
'thread_title' => $current_post['post_title'],
'forum_id' => $current_post['forum_id'],
'thread_poster_id' => $current_post['poster_id'],
'thread_poster_name' => $current_post['poster_name'],
'thread_last_post' => $values['post_id'],
'thread_date' => $current_post['post_date'],
];
$new_thread_id = Database::insert($table_threads, $params);
api_item_property_update(
$_course,
TOOL_FORUM_THREAD,
$new_thread_id,
'visible',
$current_post['poster_id']
);
// Moving the post to the newly created thread.
$sql = "UPDATE $table_posts SET thread_id='".Database::escape_string($new_thread_id)."', post_parent_id='0' WHERE c_id = $course_id AND post_id='".Database::escape_string($values['post_id'])."'";
$sql = "UPDATE $table_posts SET thread_id='".intval($new_thread_id)."', post_parent_id='0'
WHERE c_id = $course_id AND post_id='".intval($values['post_id'])."'";
Database::query($sql);
// Resetting the parent_id of the thread to 0 for all those who had this moved post as parent.
$sql = "UPDATE $table_posts SET post_parent_id='0' WHERE c_id = $course_id AND post_parent_id='".Database::escape_string($values['post_id'])."'";
$sql = "UPDATE $table_posts SET post_parent_id='0'
WHERE c_id = $course_id AND post_parent_id='".intval($values['post_id'])."'";
Database::query($sql);
// Updating updating the number of threads in the forum.
$sql = "UPDATE $table_forums SET forum_threads=forum_threads+1 WHERE c_id = $course_id AND forum_id='".Database::escape_string($current_post['forum_id'])."'";
$sql = "UPDATE $table_forums SET forum_threads=forum_threads+1
WHERE c_id = $course_id AND forum_id='".intval($current_post['forum_id'])."'";
Database::query($sql);
// Resetting the last post of the old thread and decreasing the number of replies and the thread.
$sql = "SELECT * FROM $table_posts WHERE c_id = $course_id AND thread_id='".Database::escape_string($current_post['thread_id'])."' ORDER BY post_id DESC";
$sql = "SELECT * FROM $table_posts
WHERE c_id = $course_id AND thread_id='".intval($current_post['thread_id'])."'
ORDER BY post_id DESC";
$result = Database::query($sql);
$row = Database::fetch_array($result);
$sql = "UPDATE $table_threads SET thread_last_post='".$row['post_id']."', thread_replies=thread_replies-1 WHERE c_id = $course_id AND thread_id='".Database::escape_string($current_post['thread_id'])."'";
$sql = "UPDATE $table_threads SET
thread_last_post='".$row['post_id']."',
thread_replies=thread_replies-1
WHERE
c_id = $course_id AND
thread_id='".intval($current_post['thread_id'])."'";
Database::query($sql);
} else {
// Moving to the chosen thread.
//Old code
//$sql = "UPDATE $table_posts SET thread_id='".Database::escape_string($_POST['thread'])."', post_parent_id='0' WHERE post_id='".Database::escape_string($values['post_id'])."'";
//$result = Database::query($sql);
// Resetting the parent_id of the thread to 0 for all those who had this moved post as parent.
//$sql = "UPDATE $table_posts SET post_parent_id='0' WHERE post_parent_id='".Database::escape_string($values['post_id'])."'";
//$result = Database::query($sql);
// If this post is the last post of the thread we must update the thread_last_post with a new post_id
// Search for the original thread_id
$sql = "SELECT thread_id FROM ".$table_posts." WHERE c_id = $course_id AND post_id = '".$values['post_id']."' ";
$sql = "SELECT thread_id FROM ".$table_posts."
WHERE c_id = $course_id AND post_id = '".$values['post_id']."' ";
$result = Database::query($sql);
$row = Database::fetch_array($result);
$original_thread_id = $row['thread_id'];
$sql = "SELECT thread_last_post FROM ".$table_threads." WHERE c_id = $course_id AND thread_id = '".$original_thread_id."' ";
$sql = "SELECT thread_last_post FROM ".$table_threads."
WHERE c_id = $course_id AND thread_id = '".$original_thread_id."' ";
$result = Database::query($sql);
$row = Database::fetch_array($result);
@ -4103,28 +4122,35 @@ function store_move_post($values)
// If is this thread, update the thread_last_post with the last one.
if ($thread_is_last_post == $values['post_id']) {
$sql = "SELECT post_id FROM ".$table_posts." WHERE c_id = $course_id AND thread_id = '".$original_thread_id."' AND post_id <> '".$values['post_id']."' ORDER BY post_date DESC LIMIT 1";
$sql = "SELECT post_id FROM ".$table_posts."
WHERE c_id = $course_id AND thread_id = '".$original_thread_id."' AND post_id <> '".$values['post_id']."'
ORDER BY post_date DESC LIMIT 1";
$result = Database::query($sql);
$row = Database::fetch_array($result);
$thread_new_last_post = $row['post_id'];
$sql = "UPDATE ".$table_threads." SET thread_last_post = '".$thread_new_last_post."' WHERE c_id = $course_id AND thread_id = '".$original_thread_id."' ";
$sql = "UPDATE ".$table_threads." SET thread_last_post = '".$thread_new_last_post."'
WHERE c_id = $course_id AND thread_id = '".$original_thread_id."' ";
Database::query($sql);
}
$sql = "UPDATE $table_threads SET thread_replies=thread_replies-1 WHERE c_id = $course_id AND thread_id='".$original_thread_id."'";
$sql = "UPDATE $table_threads SET thread_replies=thread_replies-1
WHERE c_id = $course_id AND thread_id='".$original_thread_id."'";
Database::query($sql);
// moving to the chosen thread
$sql = "UPDATE $table_posts SET thread_id='".intval($_POST['thread'])."', post_parent_id='0' WHERE c_id = $course_id AND post_id='".intval($values['post_id'])."'";
$sql = "UPDATE $table_posts SET thread_id='".intval($_POST['thread'])."', post_parent_id='0'
WHERE c_id = $course_id AND post_id='".intval($values['post_id'])."'";
Database::query($sql);
// resetting the parent_id of the thread to 0 for all those who had this moved post as parent
$sql = "UPDATE $table_posts SET post_parent_id='0' WHERE c_id = $course_id AND post_parent_id='".intval($values['post_id'])."'";
$sql = "UPDATE $table_posts SET post_parent_id='0'
WHERE c_id = $course_id AND post_parent_id='".intval($values['post_id'])."'";
Database::query($sql);
$sql = "UPDATE $table_threads SET thread_replies=thread_replies+1 WHERE c_id = $course_id AND thread_id='".intval($_POST['thread'])."'";
$sql = "UPDATE $table_threads SET thread_replies=thread_replies+1
WHERE c_id = $course_id AND thread_id='".intval($_POST['thread'])."'";
Database::query($sql);
}

52
main/inc/lib/AnnouncementManager.php
Unescape View File

@ -456,21 +456,19 @@ class AnnouncementManager
$course_id = api_get_course_int_id();
// store in the table announcement
$sql = "INSERT INTO $tbl_announcement SET
c_id = '$course_id',
content = '$newContent',
title = '$emailTitle',
end_date = '$now',
display_order = '$order',
session_id = " . api_get_session_id();
$result = Database::query($sql);
if ($result === false) {
return false;
}
$params = [
'c_id' => $course_id,
'content' => $newContent,
'title' => $emailTitle,
'end_date' => $now,
'display_order' => $order,
'session_id' => api_get_session_id(),
];
$last_id = Database::insert($tbl_announcement, $params);
//store the attach file
$last_id = Database::insert_id();
// Store the attach file
if ($last_id) {
$sql = "UPDATE $tbl_announcement SET id = iid WHERE iid = $last_id";
Database::query($sql);
@ -1242,18 +1240,22 @@ class AnnouncementManager
} else {
$new_file_name = uniqid('');
$new_path = $updir . '/' . $new_file_name;
$result = @move_uploaded_file($file['tmp_name'], $new_path);
$safe_file_comment = Database::escape_string($file_comment);
$safe_file_name = Database::escape_string($file_name);
$safe_new_file_name = Database::escape_string($new_file_name);
// Storing the attachments if any
$sql = 'INSERT INTO ' . $tbl_announcement_attachment . ' (c_id, filename, comment, path, announcement_id, size) ' .
"VALUES ($course_id, '$safe_file_name', '$file_comment', '$safe_new_file_name' , '$announcement_id', '" . intval($file['size']) . "' )";
$result = Database::query($sql);
$insertId = Database::insert_id();
$sql = "UPDATE $tbl_announcement_attachment SET id = iid WHERE iid = $insertId";
Database::query($sql);
move_uploaded_file($file['tmp_name'], $new_path);
$params = [
'c_id' => $course_id,
'filename' => $file_name,
'comment' => $file_comment,
'path' => $new_file_name,
'announcement_id' => $announcement_id,
'size' => intval($file['size']),
];
$insertId = Database::insert($tbl_announcement_attachment, $params);
if ($insertId) {
$sql = "UPDATE $tbl_announcement_attachment SET id = iid WHERE iid = $insertId";
Database::query($sql);
}
$return = 1;
}

64
main/inc/lib/attendance.lib.php
Unescape View File

@ -295,35 +295,33 @@ class Attendance
$user_id = api_get_user_id();
$course_code = $_course['code'];
$course_id = $_course['real_id'];
$title_gradebook= Database::escape_string($this->attendance_qualify_title);
$title_gradebook= $this->attendance_qualify_title;
$value_calification = 0;
$weight_calification = floatval($this->attendance_weight);
$sql = "INSERT INTO $tbl_attendance SET
c_id = $course_id,
name ='".Database::escape_string($this->name)."',
description = '".Database::escape_string($this->description)."',
attendance_qualify_title = '$title_gradebook',
attendance_weight = '$weight_calification',
session_id = '$session_id'";
$result = Database::query($sql);
$affected_rows = Database::affected_rows($result);
$last_id = 0;
if (!empty($affected_rows)) {
// save inside item property table
$last_id = Database::insert_id();
if ($last_id) {
$sql = "UPDATE $tbl_attendance SET id = iid WHERE iid = $last_id";
Database::query($sql);
$params = [
'c_id' => $course_id,
'name' => $this->name,
'description' => $this->description,
'attendance_qualify_title' => $title_gradebook,
'attendance_weight' => $weight_calification,
'session_id' => $session_id
];
$last_id = Database::insert($tbl_attendance, $params);
if (!empty($last_id)) {
$sql = "UPDATE $tbl_attendance SET id = iid WHERE iid = $last_id";
Database::query($sql);
api_item_property_update(
$_course,
TOOL_ATTENDANCE,
$last_id,
"AttendanceAdded",
$user_id
);
api_item_property_update(
$_course,
TOOL_ATTENDANCE,
$last_id,
"AttendanceAdded",
$user_id
);
}
}
// add link to gradebook
if ($link_to_gradebook && !empty($this->category_id)) {
@ -716,11 +714,6 @@ class Attendance
presence = 1";
$result = Database::query($sql);
$insertId = Database::insert_id();
//The table attendance_sheet do not have id field
//$sql = "UPDATE $tbl_attendance_sheet SET id = iid WHERE iid = $insertId";
//Database::query($sql);
$affected_rows += Database::affected_rows($result);
} else {
$sql = "UPDATE $tbl_attendance_sheet SET presence = 1
@ -749,10 +742,7 @@ class Attendance
presence = 0";
$result = Database::query($sql);
$insertId = Database::insert_id();
//The table attendance_sheet do not hace id field
//$sql = "UPDATE $tbl_attendance_sheet SET id = iid WHERE iid = $insertId";
//Database::query($sql);
Database::insert_id();
$affected_rows += Database::affected_rows($result);
} else {
@ -859,8 +849,10 @@ class Attendance
Database::query($sql);
$insertId = Database::insert_id();
$sql = "UPDATE $tbl_attendance_result SET id = iid WHERE iid = $insertId";
Database::query($sql);
if ($insertId) {
$sql = "UPDATE $tbl_attendance_result SET id = iid WHERE iid = $insertId";
Database::query($sql);
}
}
}
}

2
main/inc/lib/blog.lib.php
Unescape View File

@ -134,7 +134,7 @@ class Blog
$sql = "UPDATE $tbl_blogs SET blog_id = iid WHERE iid = $this_blog_id";
Database::query($sql);
//insert into item_property
// insert into item_property
api_item_property_update(
api_get_course_info(),
TOOL_BLOGS,

30
main/inc/lib/fileUpload.lib.php
Unescape View File

@ -1215,27 +1215,29 @@ function add_document(
}
$readonly = intval($readonly);
$comment = Database::escape_string($comment);
$path = Database::escape_string($path);
$filetype = Database::escape_string($filetype);
$filesize = Database::escape_string($filesize);
$title = Database::escape_string(htmlspecialchars($title));
$c_id = $_course['real_id'];
$table_document = Database::get_course_table(TABLE_DOCUMENT);
$sql = "INSERT INTO $table_document (id, c_id, path, filetype, size, title, comment, readonly, session_id)
VALUES (null, $c_id, '$path','$filetype','$filesize','$title', '$comment', $readonly, $session_id)";
if (Database::query($sql)) {
$documentId = Database::insert_id();
$params = [
'id' => '',
'c_id' => $c_id,
'path' => $path,
'filetype' => $filetype,
'size' => $filesize,
'title' => $title,
'comment' => $comment,
'readonly' => $readonly,
'session_id' => $session_id,
];
$documentId = Database::insert($table_document, $params);
if ($documentId) {
$sql = "UPDATE $table_document SET id = iid WHERE iid = $documentId";
Database::query($sql);
if ($documentId) {
if ($save_visibility) {
api_set_default_visibility($documentId, TOOL_DOCUMENT, $group_id);
}
if ($save_visibility) {
api_set_default_visibility($documentId, TOOL_DOCUMENT, $group_id);
}
return $documentId;
} else {
return false;

22
main/inc/lib/glossary.lib.php
Unescape View File

@ -111,21 +111,15 @@ class GlossaryManager
Display::display_error_message(get_lang('GlossaryTermAlreadyExistsYouShouldEditIt'));
return false;
} else {
$sql = "INSERT INTO $t_glossary (c_id, name, description, display_order, session_id)
VALUES(
".api_get_course_int_id().",
'".Database::escape_string($values['glossary_title'])."',
'".Database::escape_string($values['glossary_comment'])."',
'".(int)($max_glossary_item + 1)."',
'".Database::escape_string($session_id)."'
)";
$result = Database::query($sql);
if ($result === false) {
return false;
}
$id = Database::insert_id();
$params = [
'c_id' => api_get_course_int_id(),
'name' => $values['glossary_title'],
'description' => $values['glossary_comment'],
'display_order' => $max_glossary_item + 1,
'session_id' => $session_id,
];
$id = Database::insert($t_glossary, $params);
if ($id) {
$sql = "UPDATE $t_glossary SET glossary_id = $id WHERE iid = $id";

118
main/work/work.lib.php
Unescape View File

@ -1017,18 +1017,21 @@ function insert_all_directory_in_course_table($base_work_dir)
$work_table = Database :: get_course_table(TABLE_STUDENT_PUBLICATION);
for($i = 0; $i < count($only_dir); $i++) {
$url = Database::escape_string($only_dir[$i]);
$sql = "INSERT INTO " . $work_table . " SET
c_id = '$course_id',
url = '".$url."',
title = '',
description = '',
author = '',
active = '1',
accepted = '1',
filetype = 'folder',
post_group_id = '".$group_id."'";
Database::query($sql);
$url = $only_dir[$i];
$params = [
'c_id' => $course_id,
'url' => $url,
'title' => '',
'description' => '',
'author' => '',
'active' => '1',
'accepted' => '1',
'filetype' => 'folder',
'post_group_id' => $group_id,
];
Database::insert($work_table, $params);
}
}
@ -3638,28 +3641,28 @@ function processWorkForm($workInfo, $values, $courseInfo, $sessionId, $groupId,
if ($saveWork) {
$active = '1';
$sql = "INSERT INTO ".$work_table." SET
c_id = $courseId ,
url = '".$url . "',
filetype = 'file',
title = '".Database::escape_string($title)."',
description = '".Database::escape_string($description)."',
contains_file = '".$contains_file."',
active = '".$active."',
accepted = '1',
post_group_id = '".$groupId."',
sent_date = '".api_get_utc_datetime()."',
parent_id = '".$workInfo['id']."' ,
session_id = '".$sessionId."',
user_id = '".$userId."'";
$params = [
'c_id' => $courseId,
'url' => $url,
'filetype' => 'file',
'title' => $title,
'description' => $description,
'contains_file' => $contains_file,
'active' => $active,
'accepted' => '1',
'post_group_id' => $groupId,
'sent_date' => api_get_utc_datetime(),
'parent_id' => $workInfo['id'],
'session_id' => $sessionId,
'user_id' => $userId
];
$workId = Database::insert($work_table, $params);
Database::query($sql);
$workId = Database::insert_id();
if ($workId) {
$sql = "UPDATE $work_table SET id = iid WHERE iid = $workId ";
Database::query($sql);
$sql = "UPDATE $work_table SET id = iid WHERE iid = $workId ";
Database::query($sql);
if ($workId) {
if (array_key_exists('filename', $workInfo) && !empty($filename)) {
$filename = Database::escape_string($filename);
$sql = "UPDATE $work_table SET
@ -3730,29 +3733,28 @@ function addDir($params, $user_id, $courseInfo, $group_id, $session_id)
if (!empty($created_dir)) {
$dirName = '/'.$created_dir;
$today = api_get_utc_datetime();
$sql = "INSERT INTO " . $work_table . " SET
c_id = $course_id,
url = '".Database::escape_string($dirName)."',
title = '".Database::escape_string($params['new_dir'])."',
description = '".Database::escape_string($params['description'])."',
author = '',
active = '1',
accepted = '1',
filetype = 'folder',
post_group_id = '" . $group_id . "',
sent_date = '" . $today . "',
qualification = '".($params['qualification'] != '' ? Database::escape_string($params['qualification']) : '') ."',
parent_id = '',
qualificator_id = '',
weight = '".Database::escape_string($params['weight'])."',
session_id = '".$session_id."',
allow_text_assignment = '".Database::escape_string($params['allow_text_assignment'])."',
contains_file = 0,
user_id = '".$user_id."'";
Database::query($sql);
// Add the directory
$id = Database::insert_id();
$params = [
'c_id' => $course_id,
'url' => $dirName,
'title' => $params['new_dir'],
'description' => $params['description'],
'author' => '',
'active' => '1',
'accepted' => '1',
'filetype' => 'folder',
'post_group_id' => $group_id,
'sent_date' => $today,
'qualification' => $params['qualification'] != '' ? $params['qualification'] : '',
'parent_id' => '',
'qualificator_id' => '',
'weight' => $params['weight'],
'session_id' => $session_id,
'allow_text_assignment' => $params['allow_text_assignment'],
'contains_file' => 0,
'user_id' => $user_id,
];
$id = Database::insert($work_table, $params);
if ($id) {
@ -4247,9 +4249,13 @@ function updateSettings($courseInfo, $showScore, $studentDeleteOwnPublication)
WHERE variable = 'student_delete_own_publication' AND c_id = $courseId";
Database::query($query);
} else {
$query = "INSERT INTO " . $table_course_setting . " (c_id, variable, value, category) VALUES
($courseId, 'student_delete_own_publication' , '".Database::escape_string($studentDeleteOwnPublication) . "','work')";
Database::query($query);
$params = [
'c_id' => $courseId,
'variable' => 'student_delete_own_publication',
'value' => $studentDeleteOwnPublication,
'category' => 'work'
];
Database::insert($table_course_setting, $params);
}
}

Write Preview
Loading…
Cancel
Save