chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Check old link newscorm/lp_controller too see BT#12200

Browse Source
ofaj
jmontoyaa 8 years ago
parent dd2d7edff6
commit 4ebb26c18b
2 changed files with 63 additions and 57 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 104
      main/lp/learnpath.class.php
  2. 16
      main/lp/learnpathList.class.php

104
main/lp/learnpath.class.php
Unescape View File

@ -4133,72 +4133,76 @@ class learnpath
$tbl_lp = Database :: get_course_table(TABLE_LP_MAIN);
$lp_id = intval($lp_id);
$sql = "SELECT * FROM $tbl_lp
WHERE c_id = ".$course_id." AND id = $lp_id";
WHERE c_id = $course_id AND id = $lp_id";
$result = Database::query($sql);
if (Database::num_rows($result)) {
$row = Database :: fetch_array($result);
$name = domesticate($row['name']);
if ($set_visibility == 'i') {
$s = $name . " " . get_lang('LearnpathNotPublished');
$v = 0;
}
if ($set_visibility == 'v') {
$s = $name . " " . get_lang('LearnpathPublished');
$v = 1;
}
} else {
return false;
}
$session_id = api_get_session_id();
$session_condition = api_get_session_condition($session_id);
$tbl_tool = Database :: get_course_table(TABLE_TOOL_LIST);
$link = 'lp/lp_controller.php?action=view&lp_id='.$lp_id.'&id_session='.$session_id;
$sql = "SELECT * FROM $tbl_tool
WHERE
c_id = ".$course_id." AND
link='$link' and
image='scormbuilder.gif' and
link LIKE '$link%'
$session_condition
";
$result = Database::query($sql);
$num = Database :: num_rows($result);
if ($set_visibility == 'i' && $num > 0) {
$sql = "DELETE FROM $tbl_tool
WHERE c_id = ".$course_id." AND (link='$link' and image='scormbuilder.gif' $session_condition)";
Database::query($sql);
$session_id = api_get_session_id();
$session_condition = api_get_session_condition($session_id);
} elseif ($set_visibility == 'v' && $num == 0) {
$sql = "INSERT INTO $tbl_tool (category, c_id, name, link, image, visibility, admin, address, added_tool, session_id) VALUES
('authoring', $course_id, '$name', '$link', 'scormbuilder.gif', '$v', '0','pastillegris.gif', 0, $session_id)";
Database::query($sql);
$tbl_tool = Database :: get_course_table(TABLE_TOOL_LIST);
$link = 'lp/lp_controller.php?action=view&lp_id='.$lp_id.'&id_session='.$session_id;
$oldLink = 'newscorm/lp_controller.php?action=view&lp_id='.$lp_id.'&id_session='.$session_id;
$insertId = Database::insert_id();
if ($insertId) {
$sql = "UPDATE $tbl_tool SET id = iid WHERE iid = $insertId";
$sql = "SELECT * FROM $tbl_tool
WHERE
c_id = $course_id AND
(link = '$link' OR link = '$oldLink') AND
image = 'scormbuilder.gif' AND
(
link LIKE '$link%' OR
link LIKE '$oldLink%'
)
$session_condition
";
$result = Database::query($sql);
$num = Database :: num_rows($result);
if ($set_visibility == 'i' && $num > 0) {
$sql = "DELETE FROM $tbl_tool
WHERE
c_id = $course_id AND
(link = '$link' OR link = '$oldLink') AND
image='scormbuilder.gif'
$session_condition";
Database::query($sql);
} elseif ($set_visibility == 'v' && $num == 0) {
$sql = "INSERT INTO $tbl_tool (category, c_id, name, link, image, visibility, admin, address, added_tool, session_id) VALUES
('authoring', $course_id, '$name', '$link', 'scormbuilder.gif', '$v', '0','pastillegris.gif', 0, $session_id)";
Database::query($sql);
$insertId = Database::insert_id();
if ($insertId) {
$sql = "UPDATE $tbl_tool SET id = iid WHERE iid = $insertId";
Database::query($sql);
}
} elseif ($set_visibility == 'v' && $num > 0) {
$sql = "UPDATE $tbl_tool SET
c_id = $course_id,
name = '$name',
link = '$link',
image = 'scormbuilder.gif',
visibility = '$v',
admin = '0',
address = 'pastillegris.gif',
added_tool = 0,
session_id = $session_id
WHERE
c_id = ".$course_id." AND
(link='$link' and image='scormbuilder.gif' $session_condition)
";
Database::query($sql);
} else {
// Parameter and database incompatible, do nothing, exit.
return false;
}
} elseif ($set_visibility == 'v' && $num > 0) {
$sql = "UPDATE $tbl_tool SET
c_id = $course_id,
name = '$name',
link = '$link',
image = 'scormbuilder.gif',
visibility = '$v',
admin = '0',
address = 'pastillegris.gif',
added_tool = 0,
session_id = $session_id
WHERE
c_id = ".$course_id." AND
(link='$link' and image='scormbuilder.gif' $session_condition)
";
Database::query($sql);
} else {
// Parameter and database incompatible, do nothing, exit.
return false;
}
}

16
main/lp/learnpathList.class.php
Unescape View File

@ -112,26 +112,28 @@ class LearnpathList
->createQuery($dql)
->getResult();
$names = array();
$names = [];
/** @var CLp $row */
foreach ($learningPaths as $row) {
// Use domesticate here instead of Database::escape_string because
// it prevents ' to be slashed and the input (done by learnpath.class.php::toggle_visibility())
// is done using domesticate()
$myname = domesticate($row->getName());
$mylink = 'lp/lp_controller.php?action=view&lp_id=' . $row->getIid() . '&id_session='.$session_id;
$name = domesticate($row->getName());
$link = 'lp/lp_controller.php?action=view&lp_id=' . $row->getIid() . '&id_session='.$session_id;
$oldLink = 'newscorm/lp_controller.php?action=view&lp_id=' . $row->getIid() . '&id_session='.$session_id;
$sql2 = "SELECT * FROM $tbl_tool
WHERE
c_id = $course_id AND (
name='$myname' AND
name='$name' AND
image='scormbuilder.gif' AND
link LIKE '$mylink%'
(
link LIKE '$link%' OR
link LIKE '$oldLink%'
)
)";
$res2 = Database::query($sql2);
if (Database::num_rows($res2) > 0) {
$row2 = Database::fetch_array($res2);
$pub = $row2['visibility'];

Write Preview
Loading…
Cancel
Save