chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[svn r16416] Access url interface created.

Browse Source
skala
Julio Montoya 18 years ago
parent 1f0ed72062
commit 4e57ee1d95
2 changed files with 368 additions and 0 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 165
      main/admin/access_url_edit.php
  2. 203
      main/admin/access_urls.php

165
main/admin/access_url_edit.php
Unescape View File

@ -0,0 +1,165 @@
<?php
/*
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2008 Dokeos SPRL
Copyright (c) 2008 Julio Montoya
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact address: Dokeos, rue du Corbeau, 108, B-1030 Brussels, Belgium
Mail: info@dokeos.com
==============================================================================
*/
// name of the language file that needs to be included
$language_file = 'admin';
$cidReset = true;
require ('../inc/global.inc.php');
$this_section = SECTION_PLATFORM_ADMIN;
api_protect_admin_script();
require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php');
require_once (api_get_path(LIBRARY_PATH).'security.lib.php');
$access_url_table= Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
// Create the form
$form = new FormValidator('add_url');
$form->addElement('text','url',get_lang('URL'),array('size'=>'30'));
$form->addElement('static', null, null, get_lang('Example'));
$form->addRule('url', get_lang('ThisFieldIsRequired'), 'required');
$form->addRule('url', '', 'maxlength',254);
$form->addElement('textarea','description',get_lang('Description'));
$form->addElement('checkbox','active',get_lang('Active'));
$form->addRule('checkbox', get_lang('ThisFieldIsRequired'), 'required');
$defaults['url']='http://';
$form->setDefaults($defaults);
if( $form->validate())
{
$check = Security::check_token('post');
if($check)
{
$url_array = $form->getSubmitValues();
$url = Security::remove_XSS($url_array['url']);
$description = Security::remove_XSS($url_array['description']);
$active = intval($url_array['active']);
$tms = time();
$url_id = $url_array['id'];
$url_to_go='access_urls.php';
if ($url_id!='')
{
$sql = "UPDATE $access_url_table
SET url = '".Database::escape_string($url)."',
description = '".Database::escape_string($description)."',
active = '".Database::escape_string($active)."',
created_by = '".Database::escape_string(api_get_user_id())."',
tms = FROM_UNIXTIME(".$tms.") WHERE id = '$url_id'";
api_sql_query($sql, __FILE__, __LINE__);
$url_to_go='access_urls.php';
$message=get_lang('URLEdited');
}
else
{
$sql = "SELECT id FROM $access_url_table WHERE url = '$url' ";
$res = api_sql_query($sql,__FILE__,__LINE__);
$result = Database::fetch_array($res);
if (empty($result))
{
//checking url
if (substr($url,strlen($url)-1, strlen($url))=='/')
{
//create
$sql = "INSERT INTO $access_url_table
SET url = '".Database::escape_string($url)."',
description = '".Database::escape_string($description)."',
active = '".Database::escape_string($active)."',
created_by = '".Database::escape_string(api_get_user_id())."',
tms = FROM_UNIXTIME(".$tms.")";
$result = api_sql_query($sql, __FILE__, __LINE__);
$message = get_lang('URLAdded');
}
else
{
$message = get_lang('URLMustHaveFinalSlash');
}
$url_to_go='access_url_edit.php';
}
else
{
$url_to_go='access_url_edit.php';
$message = get_lang('URLAlreadyAdded');
}
Security::clear_token();
$tok = Security::get_token();
header('Location: '.$url_to_go.'?action=show_message&message='.urlencode($message).'&sec_token='.$tok);
exit();
}
}
}
else
{
if(isset($_POST['submit']))
{
Security::clear_token();
}
$token = Security::get_token();
$form->addElement('hidden','sec_token');
$form->setConstants(array('sec_token' => $token));
}
$submit_name = get_lang('Add');
if (isset($_GET['url_id']))
{
$url_id = Database::escape_string($_GET['url_id']);
$sql = "SELECT id, url, description, active FROM $access_url_table WHERE id = '".$url_id."'";
$res = api_sql_query($sql,__FILE__,__LINE__);
if(mysql_num_rows($res) != 1)
{
header('Location: access_urls.php');
exit;
}
$url_data = Database::fetch_array($res,'ASSOC');
$form->addElement('hidden','id',$url_data['id']);
$form->setDefaults($url_data);
$submit_name = get_lang('Edit');
}
if (!$_configuration['multiple_access_urls'])
header('Location: index.php');
$tool_name = get_lang('AddUrl');
$interbreadcrumb[] = array ("url" => 'index.php', "name" => get_lang('PlatformAdmin'));
$interbreadcrumb[] = array ("url" => 'access_urls.php', "name" => get_lang('MultipleAccessURLs'));
Display :: display_header($tool_name);
if (isset ($_GET['action']))
{
switch ($_GET['action'])
{
case 'show_message' :
Display :: display_normal_message(stripslashes($_GET['message']));
break;
}
}
// Submit button
$form->addElement('submit', 'submit', $submit_name);
$form->display();
?>

203
main/admin/access_urls.php
Unescape View File

@ -0,0 +1,203 @@
<?php
/*
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2008 Dokeos SPRL
Copyright (c) 2008 Julio Montoya
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact address: Dokeos, rue du Corbeau, 108, B-1030 Brussels, Belgium
Mail: info@dokeos.com
==============================================================================
*/
/**
==============================================================================
* @package dokeos.admin
==============================================================================
*/
/*
==============================================================================
INIT SECTION
==============================================================================
*/
// name of the language file that needs to be included
$language_file = 'admin';
$cidReset = true;
require ('../inc/global.inc.php');
$this_section = SECTION_PLATFORM_ADMIN;
api_protect_admin_script();
if (!$_configuration['multiple_access_urls'])
header('Location: index.php');
$interbreadcrumb[] = array ("url" => 'index.php', "name" => get_lang('PlatformAdmin'));
$tool_name = get_lang('MultipleAccessURLs');
Display :: display_header($tool_name);
require_once (api_get_path(LIBRARY_PATH).'sortabletable.class.php');
require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php');
require_once (api_get_path(LIBRARY_PATH).'security.lib.php');
// Actions
if (isset ($_GET['action']))
{
$check = Security::check_token('get');
if ($check)
{
$url_id=Database::escape_string($_GET['url_id']);
switch ($_GET['action'])
{
case 'show_message' :
Display :: display_normal_message(stripslashes($_GET['message']));
break;
case 'delete_url' :
$access_url_table= Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$sql= "DELETE FROM $access_url_table WHERE id = '$url_id'";
$result = api_sql_query($sql, __FILE__, __LINE__);
if ($result)
{
Display :: display_normal_message(get_lang('URLDeleted'));
}
else
{
Display :: display_error_message(get_lang('CannotDeleteURL'));
}
break;
case 'lock' :
$message=lock_unlock_user('lock',$url_id);
Display :: display_normal_message($message);
break;
case 'unlock';
$message=lock_unlock_user('unlock',$url_id);
Display :: display_normal_message($message);
break;
}
}
Security::clear_token();
}
echo '<div align="right">
<a href="'.api_get_path(WEB_CODE_PATH).'admin/access_url_edit.php">'.get_lang('AddUrl').'</a>
</div><br />';
$table = new SortableTable('urls', 'get_number_of_urls', 'get_url_data',2);
$parameters['sec_token'] = Security::get_token();
$table->set_additional_parameters($parameters);
$table->set_header(0, '', false);
$table->set_header(1, get_lang('URL'));
$table->set_header(2, get_lang('Description'));
$table->set_header(3, get_lang('Active'));
$table->set_header(4, get_lang('Modify'));
$table->set_column_filter(3, 'active_filter');
$table->set_column_filter(4, 'modify_filter');
//$table->set_form_actions(array ('delete' => get_lang('DeleteFromPlatform')));
$table->display();
function get_number_of_urls()
{
$access_url_table= Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$sql = "SELECT count(id) as count_result FROM $access_url_table";
$res = api_sql_query($sql, __FILE__, __LINE__);
$url = Database::fetch_row($res);
$result = $url['0'];
return $result;
}
function get_url_data()
{
$access_url_table= Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$sql = "SELECT id AS col0, url AS col1, description AS col2, active AS col3 FROM $access_url_table";
$res = api_sql_query($sql, __FILE__, __LINE__);
$urls = array ();
while ($url = Database::fetch_row($res))
{
$urls[] = $url;
}
return $urls;
}
function modify_filter($active, $url_params, $row)
{
global $charset;
$url_id = $row['0'];
if ($url_id != '1')
{
$result .= '<a href="access_url_edit.php?url_id='.$url_id.'"><img src="../img/edit.gif" border="0" style="vertical-align: middle;" title="'.get_lang('Edit').'" alt="'.get_lang('Edit').'"/></a>&nbsp;';
$result .= '<a href="access_urls.php?action=delete_url&amp;url_id='.$url_id.'&amp;sec_token='.$_SESSION['sec_token'].'" onclick="javascript:if(!confirm('."'".addslashes(htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES,$charset))."'".')) return false;"><img src="../img/delete.gif" border="0" style="vertical-align: middle;" title="'.get_lang('Delete').'" alt="'.get_lang('Delete').'"/></a>';
}
return $result;
}
function active_filter($active, $url_params, $row)
{
$active = $row['3'];
if ($active=='1')
{
$action='lock';
$image='right';
}
if ($active=='0')
{
$action='unlock';
$image='wrong';
}
if ($row['0']=='1') // you cannot lock the default
{
$result = '<img src="../img/'.$image.'.gif" border="0" style="vertical-align: middle;" alt="'.get_lang(ucfirst($action)).'" title="'.get_lang(ucfirst($action)).'"/>';
}
else
{
$result = '<a href="access_urls.php?action='.$action.'&amp;url_id='.$row['0'].'&amp;sec_token='.$_SESSION['sec_token'].'"><img src="../img/'.$image.'.gif" border="0" style="vertical-align: middle;" alt="'.get_lang(ucfirst($action)).'" title="'.get_lang(ucfirst($action)).'"/></a>';
}
return $result;
}
function lock_unlock_user($status,$url_id)
{
$url_table = Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
if ($status=='lock')
{
$status_db='0';
$return_message=get_lang('URLInactivate');
}
if ($status=='unlock')
{
$status_db='1';
$return_message=get_lang('URLActivate');
}
if(($status_db=='1' OR $status_db=='0') AND is_numeric($url_id))
{
$sql="UPDATE $url_table SET active='".Database::escape_string($status_db)."' WHERE id='".Database::escape_string($url_id)."'";
$result = api_sql_query($sql, __FILE__, __LINE__);
}
if ($result)
{
return $return_message;
}
}
/*
==============================================================================
FOOTER
==============================================================================
*/
Display :: display_footer();
?>
Write Preview
Loading…
Cancel
Save