diff --git a/main/document/document.inc.php b/main/document/document.inc.php index a67e9c6560..9004613f69 100755 --- a/main/document/document.inc.php +++ b/main/document/document.inc.php @@ -201,11 +201,14 @@ function create_document_link($document_data, $show_as_icon = false, $counter = } $current_session_id = api_get_session_id(); $copy_to_myfiles = $open_in_new_window_link = null; + + $curdirpath = isset($_GET['curdirpath']) ? Security::remove_XSS($_GET['curdirpath']) : null; + if (!$show_as_icon) { if ($filetype == 'folder') { if (api_is_allowed_to_edit() || api_is_platform_admin() || api_get_setting('students_download_folders') == 'true') { //filter when I am into shared folder, I can show for donwload only my shared folder - if (isset($_GET['curdirpath']) && is_shared_folder($_GET['curdirpath'], $current_session_id)) { + if (is_shared_folder($curdirpath, $current_session_id)) { if (preg_match('/shared_folder\/sf_user_'.api_get_user_id().'$/', urldecode($forcedownload_link))|| preg_match('/shared_folder_session_'.$current_session_id.'\/sf_user_'.api_get_user_id().'$/', urldecode($forcedownload_link)) || api_is_allowed_to_edit() || api_is_platform_admin()) { $force_download_html = ($size == 0) ? '' : ''.Display::return_icon($forcedownload_icon, get_lang('Download'), array(),22).''; } @@ -219,7 +222,7 @@ function create_document_link($document_data, $show_as_icon = false, $counter = //copy files to users myfiles if (api_get_setting('users_copy_files') == 'true' && api_get_user_id() != 0){ - $copy_myfiles_link = ($filetype == 'file') ? api_get_self().'?'.api_get_cidreq().'&curdirpath='.Security::remove_XSS($_GET['curdirpath']).'&action=copytomyfiles&id='.$url_path.$req_gid :api_get_self().'?'.api_get_cidreq(); + $copy_myfiles_link = ($filetype == 'file') ? api_get_self().'?'.api_get_cidreq().'&curdirpath='.$curdirpath.'&action=copytomyfiles&id='.$url_path.$req_gid :api_get_self().'?'.api_get_cidreq(); if ($filetype == 'file') { $copy_to_myfiles = ''.Display::return_icon('briefcase.png', get_lang('CopyToMyFiles'), array(),22).'  '; diff --git a/main/newscorm/learnpath.class.php b/main/newscorm/learnpath.class.php index 4d22117010..83248277f9 100755 --- a/main/newscorm/learnpath.class.php +++ b/main/newscorm/learnpath.class.php @@ -4804,14 +4804,14 @@ class learnpath { $gradebook = isset($_GET['gradebook']) ? Security :: remove_XSS($_GET['gradebook']) : null; echo '
'; echo Display :: return_icon('build_learnpath_na.png', get_lang('Build'),'','32'); - echo '' . Display :: return_icon('move_learnpath.png', get_lang('BasicOverview'),'','32').''; - echo '' . Display :: return_icon('view_left_right.png', get_lang('Display'),'','32').' '; - Display :: display_icon('i.gif'); - echo '' . Display :: return_icon('new_learnigpath_object.png', get_lang('NewStep'),'','32').''; - echo '' . Display :: return_icon('add_learnpath_section.png', get_lang('NewChapter'),'','32').''; - echo '' . Display :: return_icon('upload_audio.png', get_lang('UpdateAllAudioFragments'),'','32').''; - echo '' . Display :: return_icon('settings.png', get_lang('CourseSettings'),'','32').''; + echo '' . Display :: return_icon('move_learnpath.png', get_lang('BasicOverview'),'','32').''; + echo '' . Display :: return_icon('view_left_right.png', get_lang('Display'),'','32').' '; + Display :: display_icon('i.gif'); + echo '' . Display :: return_icon('new_learnigpath_object.png', get_lang('NewStep'),'','32').''; + echo '' . Display :: return_icon('add_learnpath_section.png', get_lang('NewChapter'),'','32').''; + echo '' . Display :: return_icon('upload_audio.png', get_lang('UpdateAllAudioFragments'),'','32').''; + echo '' . Display :: return_icon('settings.png', get_lang('CourseSettings'),'','32').''; echo '
'; } @@ -6158,26 +6158,27 @@ class learnpath { $tbl_lp_item = Database :: get_course_table(TABLE_LP_ITEM); if ($id != 0 && is_array($extra_info)) { - $item_title = $extra_info['title']; - $item_description = $extra_info['description']; + $item_title = $extra_info['title']; + $item_description = $extra_info['description']; $item_path = api_get_path(WEB_COURSE_PATH) . $_course['path'] . '/scorm/' . $this->path . '/' . stripslashes($extra_info['path']); + $item_path_fck = '/scorm/' . $this->path . '/' . stripslashes($extra_info['path']); } else { $item_title = ''; $item_description = ''; + $item_path_fck = ''; } - $return = '
+ $return = '
'; if ($id != 0 && is_array($extra_info)) $parent = $extra_info['parent_item_id']; else $parent = 0; - - $sql = " - SELECT * - FROM " . $tbl_lp_item . " - WHERE lp_id = " . $this->lp_id . " AND id != " . $id . " "; + + $id = intval($id); + $sql = "SELECT * FROM " . $tbl_lp_item . " + WHERE lp_id = " . $this->lp_id . " AND id != $id"; if ($item_type == 'module') $sql .= " AND parent_item_id = 0"; @@ -6208,7 +6209,7 @@ class learnpath { unset ($this->arrMenu); $return .= $title; - $return .= '
+ $return .= '
'; require_once api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php'; @@ -6223,6 +6224,7 @@ class learnpath { $arrHide[0]['value'] = Security :: remove_XSS($this->name); $arrHide[0]['padding'] = 3; $charset = api_get_system_encoding(); + if ($item_type != 'module' && $item_type != 'dokeos_module') { for ($i = 0; $i < count($arrLP); $i++) { if ($action != 'add') { @@ -6312,8 +6314,18 @@ class learnpath { $form->addElement('html', ''); } $renderer = $form->defaultRenderer(); - $renderer->setElementTemplate('
      {label}
{element}', 'content_lp'); - $form->addElement('html_editor', 'content_lp', '', null, array('ToolbarSet' => 'LearningPathDocuments', 'Width' => '100%', 'Height' => '400', 'FullPage' => true)); + $renderer->setElementTemplate('
      {label}
{element}', 'content_lp'); + + $relative_prefix = ''; + $editor_config = array( 'ToolbarSet' => 'LearningPathDocuments', + 'Width' => '100%', + 'Height' => '500', + 'FullPage' => true, + 'CreateDocumentDir' => $relative_prefix, + 'CreateDocumentWebDir' => api_get_path(WEB_COURSE_PATH) . api_get_course_path().'/scorm/', + 'BaseHref' => api_get_path(WEB_COURSE_PATH) . api_get_course_path().$item_path_fck + ); + $form->addElement('html_editor', 'content_lp', '', null, $editor_config); $defaults['content_lp'] = file_get_contents($item_path); } @@ -6362,7 +6374,6 @@ class learnpath { } } } - if ($id != 0 && is_array($extra_info)) { $item_title = stripslashes($extra_info['title']); $item_description = stripslashes($extra_info['description']); diff --git a/main/newscorm/lp_add_item.php b/main/newscorm/lp_add_item.php index 1beab66521..bd90cf4e26 100755 --- a/main/newscorm/lp_add_item.php +++ b/main/newscorm/lp_add_item.php @@ -19,11 +19,6 @@ $this_section = SECTION_COURSES; api_protect_course_script(); -/* Libraries */ - -// The main_api.lib.php, database.lib.php and display.lib.php -// libraries are included by default. - include 'learnpath_functions.inc.php'; include 'resourcelinker.inc.php'; @@ -287,7 +282,7 @@ echo ''; break; case TOOL_DOCUMENT: Display::display_confirmation_message(get_lang('NewDocumentCreated')); - echo $_SESSION['oLP']->display_item($new_item_id, true, $msg); + echo $_SESSION['oLP']->display_item($new_item_id, true); break; case TOOL_FORUM: echo $_SESSION['oLP']->display_manipulate($new_item_id, $_GET['type']); diff --git a/main/newscorm/lp_build.php b/main/newscorm/lp_build.php index f2609e1839..0559518aa1 100755 --- a/main/newscorm/lp_build.php +++ b/main/newscorm/lp_build.php @@ -43,20 +43,6 @@ $tbl_lp_view = Database::get_course_table(TABLE_LP_VIEW); $isStudentView = (int) $_REQUEST['isStudentView']; $learnpath_id = (int) $_REQUEST['lp_id']; $submit = $_POST['submit_button']; -/* -$chapter_id = $_GET['chapter_id']; -$title = $_POST['title']; -$description = $_POST['description']; -$Submititem = $_POST['Submititem']; -$action = $_REQUEST['action']; -$id = (int) $_REQUEST['id']; -$type = $_REQUEST['type']; -$direction = $_REQUEST['direction']; -$moduleid = $_REQUEST['moduleid']; -$prereq = $_REQUEST['prereq']; -$type = $_REQUEST['type']; -*/ - /* MAIN CODE */ // Using the resource linker as a tool for adding resources to the learning path. @@ -87,12 +73,6 @@ $sql_query = "SELECT * FROM $tbl_lp WHERE id = $learnpath_id"; $result = Database::query($sql_query); $therow = Database::fetch_array($result); -//$admin_output = ''; -/* - Course admin section - - all the functions not available for students - always available in this case (page only shown to admin) -*/ - /* SHOWING THE ADMIN TOOLS */ if (!empty($_GET['gradebook']) && $_GET['gradebook'] == 'view') { @@ -110,17 +90,14 @@ if (!empty($gradebook) && $gradebook == 'view') { ); } $interbreadcrumb[] = array('url' => 'lp_controller.php?action=list', 'name' => get_lang('LearningPaths')); -$interbreadcrumb[] = array('url' => api_get_self()."?action=build&lp_id=$learnpath_id", "name" => $therow['name']); +$interbreadcrumb[] = array('url' => '#', "name" => $therow['name']); // Theme calls. $lp_theme_css=$_SESSION['oLP']->get_theme(); $show_learn_path = true; Display::display_header('', 'Path'); - -//api_display_tool_title($therow['name']); - $suredel = trim(get_lang('AreYouSureToDelete')); -//$suredelstep = trim(get_lang('AreYouSureToDeleteSteps')); + ?> build_action_menu(); @@ -167,15 +139,15 @@ echo '
'; Display::display_normal_message(get_lang('LearnpathAdded'), false); } // Display::display_normal_message(get_lang('LPCreatedAddChapterStep'), false); - $gradebook = Security::remove_XSS($_GET['gradebook']); - //$learnpathadded = Display::return_icon('gallery/creative.gif', '', array('align' => 'right')); - $learnpathadded = '

'.get_lang('LearnPathAddedTitle').'

'; - $learnpathadded .= ''.Display::return_icon('new_learnigpath_object.png', get_lang('NewStep'), array('style' => 'vertical-align: middle;'),'22').' '.get_lang('NewStep').': '.get_lang('NewStepComment').'
'; - $learnpathadded .= ''.Display::return_icon('add_learnpath_section.png', get_lang('NewChapter'), array('style' => 'vertical-align: middle;'),'22').' '.get_lang('NewChapter').': '.get_lang('NewChapterComment').'
'; + $gradebook = isset($_GET['gradebook']) ? Security::remove_XSS($_GET['gradebook']) : null; + + $learnpathadded = '

'.get_lang('LearnPathAddedTitle').'


'; + $learnpathadded .= ''.Display::return_icon('new_learnigpath_object.png', get_lang('NewStep'), array('style' => 'vertical-align: middle;'),'22').' '.get_lang('NewStep').': '.get_lang('NewStepComment').'
'; + $learnpathadded .= ''.Display::return_icon('add_learnpath_section.png', get_lang('NewChapter'), array('style' => 'vertical-align: middle;'),'22').' '.get_lang('NewChapter').': '.get_lang('NewChapterComment').'
'; $learnpathadded .= ''.Display::return_icon('build_learnpath.png', get_lang('Build'), array('style' => 'vertical-align: middle;'),'22').' '.get_lang('Build').": ".get_lang('BuildComment').'
'; - $learnpathadded .= ''.Display::return_icon('move_learnpath.png', get_lang('BasicOverview'), array('style' => 'vertical-align: middle;'),'22').' '.get_lang('BasicOverview').': '.get_lang('BasicOverviewComment').'
'; - $learnpathadded .= ''.Display::return_icon('view_left_right.png', get_lang('Display'),array('style' => 'vertical-align: middle;'),'22').' '.get_lang('Display').': '.get_lang('DisplayComment').'
'; - $learnpathadded .= '



'; + $learnpathadded .= ''.Display::return_icon('move_learnpath.png', get_lang('BasicOverview'), array('style' => 'vertical-align: middle;'),'22').' '.get_lang('BasicOverview').': '.get_lang('BasicOverviewComment').'
'; + $learnpathadded .= ''.Display::return_icon('view_left_right.png', get_lang('Display'),array('style' => 'vertical-align: middle;'),'22').' '.get_lang('Display').': '.get_lang('DisplayComment').'
'; + $learnpathadded .= '

'; Display::display_normal_message($learnpathadded, false); } echo ''; diff --git a/main/newscorm/lp_edit_item.php b/main/newscorm/lp_edit_item.php index 6db1c4f0c4..095de9f912 100755 --- a/main/newscorm/lp_edit_item.php +++ b/main/newscorm/lp_edit_item.php @@ -97,6 +97,7 @@ if (!empty($gradebook) && $gradebook == 'view') { } $interbreadcrumb[] = array('url' => 'lp_controller.php?action=list', 'name' => get_lang('LearningPaths')); $interbreadcrumb[] = array('url' => api_get_self()."?action=build&lp_id=$learnpath_id", 'name' => stripslashes("{$therow['name']}")); +$interbreadcrumb[] = array('url' => '#', 'name' => get_lang('Edit')); // Theme calls. $show_learn_path = true; diff --git a/main/newscorm/lp_view_item.php b/main/newscorm/lp_view_item.php index aa301915ad..1c6e249688 100755 --- a/main/newscorm/lp_view_item.php +++ b/main/newscorm/lp_view_item.php @@ -72,6 +72,7 @@ if ($action == 'add' && $type == 'learnpathitem') { if ((!$is_allowed_to_edit) || ($isStudentView)) { error_log('New LP - User not authorized in lp_view_item.php'); header('location:lp_controller.php?action=view&lp_id='.$learnpath_id); + exit; } // From here on, we are admin because of the previous condition, so don't check anymore. @@ -93,7 +94,8 @@ if (!empty($gradebook) && $gradebook == 'view') { } $interbreadcrumb[] = array('url' => 'lp_controller.php?action=list', 'name' => get_lang('LearningPaths')); -$interbreadcrumb[] = array('url' => api_get_self()."?action=build&lp_id=$learnpath_id", 'name' => stripslashes("{$therow['name']}")); +$interbreadcrumb[] = array('url' => api_get_self()."?action=build&lp_id=$learnpath_id", 'name' => $therow['name']); +$interbreadcrumb[] = array('url' => '#', 'name' => get_lang('Item')); // Theme calls $show_learn_path = true;