|
|
@ -3,7 +3,7 @@ |
|
|
|
/** |
|
|
|
/** |
|
|
|
* @author Frederik Vermeire <frederik.vermeire@pandora.be>, UGent Internship |
|
|
|
* @author Frederik Vermeire <frederik.vermeire@pandora.be>, UGent Internship |
|
|
|
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University: code cleaning |
|
|
|
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University: code cleaning |
|
|
|
* @author Julio MMontoya <gugli100@gmail.com>, MORE code cleaning |
|
|
|
* @author Julio Montoya <gugli100@gmail.com>, MORE code cleaning |
|
|
|
* @abstract The task of the internship was to integrate the 'send messages to specific users' with the |
|
|
|
* @abstract The task of the internship was to integrate the 'send messages to specific users' with the |
|
|
|
* Announcements tool and also add the resource linker here. The database also needed refactoring |
|
|
|
* Announcements tool and also add the resource linker here. The database also needed refactoring |
|
|
|
* as there was no title field (the title was merged into the content field) |
|
|
|
* as there was no title field (the title was merged into the content field) |
|
|
@ -67,11 +67,10 @@ $tbl_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY); |
|
|
|
$_SESSION['source_type']="Ad_Valvas"; |
|
|
|
$_SESSION['source_type']="Ad_Valvas"; |
|
|
|
include '../resourcelinker/resourcelinker.inc.php'; |
|
|
|
include '../resourcelinker/resourcelinker.inc.php'; |
|
|
|
|
|
|
|
|
|
|
|
if (!empty($_POST['addresources'])) // When the "Add Resource" button is clicked we store all the form data into a session |
|
|
|
if (!empty($_POST['addresources'])) { |
|
|
|
{ |
|
|
|
// When the "Add Resource" button is clicked we store all the form data into a session |
|
|
|
include('announcements.inc.php'); |
|
|
|
require_once 'announcements.inc.php'; |
|
|
|
|
|
|
|
$form_elements= array ('emailTitle'=>Security::remove_XSS($emailTitle), 'newContent'=>Security::remove_XSS($newContent), 'id'=>$id, 'to'=>$selectedform, 'emailoption'=>$email_ann); |
|
|
|
$form_elements= array ('emailTitle'=>stripslashes($emailTitle), 'newContent'=>stripslashes($newContent), 'id'=>$id, 'to'=>$selectedform, 'emailoption'=>$email_ann); |
|
|
|
|
|
|
|
$_SESSION['formelements']=$form_elements; |
|
|
|
$_SESSION['formelements']=$form_elements; |
|
|
|
|
|
|
|
|
|
|
|
if($id) // this is to correctly handle edits |
|
|
|
if($id) // this is to correctly handle edits |
|
|
@ -314,9 +313,9 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
/* |
|
|
|
/* |
|
|
|
Delete announcement |
|
|
|
Delete announcement |
|
|
|
*/ |
|
|
|
*/ |
|
|
|
if (!empty($_GET['action']) AND $_GET['action']=='delete' AND isset($_GET['id'])) { |
|
|
|
if (!empty($_GET['action']) AND $_GET['action']=='delete' AND isset($_GET['id'])) { |
|
|
|
//Database::query("DELETE FROM $tbl_announcement WHERE id='$delete'"); |
|
|
|
//Database::query("DELETE FROM $tbl_announcement WHERE id='$delete'"); |
|
|
|
$id=intval(addslashes($_GET['id'])); |
|
|
|
$id=intval(addslashes($_GET['id'])); |
|
|
@ -341,17 +340,15 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
/* |
|
|
|
/* |
|
|
|
Delete all announcements |
|
|
|
Delete all announcements |
|
|
|
*/ |
|
|
|
*/ |
|
|
|
if (!empty($_GET['action']) and $_GET['action']=='delete_all') { |
|
|
|
if (!empty($_GET['action']) and $_GET['action']=='delete_all') { |
|
|
|
|
|
|
|
|
|
|
|
//Database::query("DELETE FROM $tbl_announcement"); |
|
|
|
//Database::query("DELETE FROM $tbl_announcement"); |
|
|
|
if (api_is_allowed_to_edit()) { |
|
|
|
if (api_is_allowed_to_edit()) { |
|
|
|
Database::query("UPDATE $tbl_item_property SET visibility='2' WHERE tool='".TOOL_ANNOUNCEMENT."'"); |
|
|
|
Database::query("UPDATE $tbl_item_property SET visibility='2' WHERE tool='".TOOL_ANNOUNCEMENT."'"); |
|
|
|
|
|
|
|
|
|
|
|
delete_all_resources_type("Ad_Valvas"); |
|
|
|
delete_all_resources_type("Ad_Valvas"); |
|
|
|
|
|
|
|
|
|
|
|
$id = null; |
|
|
|
$id = null; |
|
|
|
$emailTitle = null; |
|
|
|
$emailTitle = null; |
|
|
|
$newContent = null; |
|
|
|
$newContent = null; |
|
|
@ -360,9 +357,9 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
/* |
|
|
|
/* |
|
|
|
Modify announcement |
|
|
|
Modify announcement |
|
|
|
*/ |
|
|
|
*/ |
|
|
|
if (!empty($_GET['action']) and $_GET['action']=='modify' AND isset($_GET['id'])) { |
|
|
|
if (!empty($_GET['action']) and $_GET['action']=='modify' AND isset($_GET['id'])) { |
|
|
|
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) { |
|
|
|
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) { |
|
|
|
api_not_allowed(); |
|
|
|
api_not_allowed(); |
|
|
@ -402,9 +399,10 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed |
|
|
|
|
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
/* |
|
|
|
/* |
|
|
|
Move announcement up/down |
|
|
|
Move announcement up/down |
|
|
|
*/ |
|
|
|
*/ |
|
|
|
|
|
|
|
|
|
|
|
if ($ctok == $_GET['sec_token']) { |
|
|
|
if ($ctok == $_GET['sec_token']) { |
|
|
|
if (!empty($_GET['down'])) { |
|
|
|
if (!empty($_GET['down'])) { |
|
|
|
$thisAnnouncementId = intval($_GET['down']); |
|
|
|
$thisAnnouncementId = intval($_GET['down']); |
|
|
@ -458,9 +456,9 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed |
|
|
|
$message = get_lang('AnnouncementMoved'); |
|
|
|
$message = get_lang('AnnouncementMoved'); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
/* |
|
|
|
/* |
|
|
|
Submit announcement |
|
|
|
Submit announcement |
|
|
|
*/ |
|
|
|
*/ |
|
|
|
//if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) { |
|
|
|
//if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) { |
|
|
|
|
|
|
|
|
|
|
|
$emailTitle=(!empty($_POST['emailTitle'])?$safe_emailTitle:''); |
|
|
|
$emailTitle=(!empty($_POST['emailTitle'])?$safe_emailTitle:''); |
|
|
@ -483,7 +481,7 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed |
|
|
|
if ($ctok == $_POST['sec_token']) { |
|
|
|
if ($ctok == $_POST['sec_token']) { |
|
|
|
$file_comment = $_POST['file_comment']; |
|
|
|
$file_comment = $_POST['file_comment']; |
|
|
|
$file = $_FILES['user_upload']; |
|
|
|
$file = $_FILES['user_upload']; |
|
|
|
$edit_id = edit_advalvas_item($id,$emailTitle,$newContent,$_POST['selectedform'],$file,$file_comment); |
|
|
|
$edit_id = edit_advalvas_item($id, $emailTitle, $newContent, $_POST['selectedform'], $file, $file_comment); |
|
|
|
if (!$delete) { |
|
|
|
if (!$delete) { |
|
|
|
update_added_resources("Ad_Valvas", $id); |
|
|
|
update_added_resources("Ad_Valvas", $id); |
|
|
|
} |
|
|
|
} |
|
|
@ -500,18 +498,17 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed |
|
|
|
$file = $_FILES['user_upload']; |
|
|
|
$file = $_FILES['user_upload']; |
|
|
|
$file_comment = $_POST['file_comment']; |
|
|
|
$file_comment = $_POST['file_comment']; |
|
|
|
if (!empty($_SESSION['toolgroup'])) { |
|
|
|
if (!empty($_SESSION['toolgroup'])) { |
|
|
|
$insert_id=store_advalvas_group_item($safe_emailTitle,$safe_newContent,$order,array('GROUP:'.$_SESSION['toolgroup']),$_POST['selectedform'],$file,$file_comment); |
|
|
|
$insert_id = store_advalvas_group_item($safe_emailTitle,$safe_newContent,$order,array('GROUP:'.$_SESSION['toolgroup']),$_POST['selectedform'],$file,$file_comment); |
|
|
|
} else { |
|
|
|
} else { |
|
|
|
$insert_id=store_advalvas_item($safe_emailTitle,$safe_newContent,$order,$_POST['selectedform'],$file,$file_comment); |
|
|
|
|
|
|
|
|
|
|
|
$insert_id = store_advalvas_item($safe_emailTitle, $safe_newContent, $order, $_POST['selectedform'], $file, $file_comment); |
|
|
|
} |
|
|
|
} |
|
|
|
store_resources($_SESSION['source_type'],$insert_id); |
|
|
|
store_resources($_SESSION['source_type'],$insert_id); |
|
|
|
$_SESSION['select_groupusers']="hide"; |
|
|
|
$_SESSION['select_groupusers']="hide"; |
|
|
|
$message = get_lang('AnnouncementAdded'); |
|
|
|
$message = get_lang('AnnouncementAdded'); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
/* |
|
|
|
/* MAIL WHEN USER COMES FROM SURVEY */ |
|
|
|
MAIL WHEN USER COMES FROM SURVEY |
|
|
|
|
|
|
|
*/ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if ($_POST['emailsAdd']) { |
|
|
|
if ($_POST['emailsAdd']) { |
|
|
|
|
|
|
|
|
|
|
@ -569,9 +566,7 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
/* |
|
|
|
/* MAIL FUNCTION */ |
|
|
|
MAIL FUNCTION |
|
|
|
|
|
|
|
*/ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if ($_POST['email_ann'] && empty($_POST['onlyThoseMails'])) { |
|
|
|
if ($_POST['email_ann'] && empty($_POST['onlyThoseMails'])) { |
|
|
|
|
|
|
|
|
|
|
@ -581,16 +576,11 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed |
|
|
|
|
|
|
|
|
|
|
|
// groepen omzetten in users |
|
|
|
// groepen omzetten in users |
|
|
|
if ($grouplist) { |
|
|
|
if ($grouplist) { |
|
|
|
|
|
|
|
|
|
|
|
$grouplist = "'".implode("', '",$grouplist)."'"; //protect individual elements with surrounding quotes |
|
|
|
$grouplist = "'".implode("', '",$grouplist)."'"; //protect individual elements with surrounding quotes |
|
|
|
$sql = "SELECT user_id |
|
|
|
$sql = "SELECT user_id |
|
|
|
FROM $tbl_groupUser gu |
|
|
|
FROM $tbl_groupUser gu |
|
|
|
WHERE gu.group_id IN (".$grouplist.")"; |
|
|
|
WHERE gu.group_id IN (".$grouplist.")"; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$groupMemberResult = Database::query($sql); |
|
|
|
$groupMemberResult = Database::query($sql); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if ($groupMemberResult) { |
|
|
|
if ($groupMemberResult) { |
|
|
|
while ($u = Database::fetch_array($groupMemberResult)) { |
|
|
|
while ($u = Database::fetch_array($groupMemberResult)) { |
|
|
|
$userlist [] = $u ['user_id']; // complete the user id list ... |
|
|
|
$userlist [] = $u ['user_id']; // complete the user id list ... |
|
|
@ -598,7 +588,6 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (is_array($userlist)) { |
|
|
|
if (is_array($userlist)) { |
|
|
|
$userlist = "'".implode("', '", array_unique($userlist) )."'"; |
|
|
|
$userlist = "'".implode("', '", array_unique($userlist) )."'"; |
|
|
|
|
|
|
|
|
|
|
@ -626,19 +615,11 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed |
|
|
|
|
|
|
|
|
|
|
|
if ($sqlmail != '') { |
|
|
|
if ($sqlmail != '') { |
|
|
|
$rs_mail = Database::query($sqlmail); |
|
|
|
$rs_mail = Database::query($sqlmail); |
|
|
|
/*================================================================================= |
|
|
|
|
|
|
|
send email one by one to avoid antispam |
|
|
|
|
|
|
|
=================================================================================*/ |
|
|
|
|
|
|
|
$db_name = Database::get_course_table(TABLE_MAIN_SURVEY); |
|
|
|
|
|
|
|
while ($myrow = Database::fetch_array($rs_mail)) { |
|
|
|
|
|
|
|
/* Header : Bericht van uw lesgever - GES ($_cid) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Body : John Doe (prenom + nom) <john_doe@hotmail.com> (email) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Morgen geen les!! (emailTitle) |
|
|
|
/* Send email one by one to avoid antispam */ |
|
|
|
|
|
|
|
|
|
|
|
Morgen is er geen les, de les wordt geschrapt wegens vergadering (newContent) |
|
|
|
$db_name = Database::get_course_table(TABLE_MAIN_SURVEY); |
|
|
|
*/ |
|
|
|
while ($myrow = Database::fetch_array($rs_mail)) { |
|
|
|
|
|
|
|
|
|
|
|
$emailSubject = "[" . $_course['official_code'] . "] " . $emailTitle; |
|
|
|
$emailSubject = "[" . $_course['official_code'] . "] " . $emailTitle; |
|
|
|
|
|
|
|
|
|
|
@ -653,15 +634,14 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed |
|
|
|
$sender_name = api_get_person_name($_SESSION['_user']['lastName'], $_SESSION['_user']['firstName'], null, PERSON_NAME_EMAIL_ADDRESS); |
|
|
|
$sender_name = api_get_person_name($_SESSION['_user']['lastName'], $_SESSION['_user']['firstName'], null, PERSON_NAME_EMAIL_ADDRESS); |
|
|
|
$email = $_SESSION['_user']['mail']; |
|
|
|
$email = $_SESSION['_user']['mail']; |
|
|
|
$headers="From:$sender_name\r\nReply-to: $email"; |
|
|
|
$headers="From:$sender_name\r\nReply-to: $email"; |
|
|
|
//@mail($myrow["email"],stripslashes($emailTitle),$message,$headers); |
|
|
|
|
|
|
|
@api_mail('',$myrow["email"],stripslashes($emailTitle),$message,$sender_name,$email); |
|
|
|
@api_mail('',$myrow["email"],stripslashes($emailTitle),$message,$sender_name,$email); |
|
|
|
} else { |
|
|
|
} else { |
|
|
|
// intro of the email: receiver name and subject |
|
|
|
// intro of the email: receiver name and subject |
|
|
|
$mail_body = api_get_person_name($myrow["lastname"], $myrow["firstname"], null, PERSON_NAME_EMAIL_ADDRESS)."<br />\n".stripslashes($emailTitle)."<br />"; |
|
|
|
$mail_body = api_get_person_name($myrow["lastname"], $myrow["firstname"], null, PERSON_NAME_EMAIL_ADDRESS)."<br />\n".stripslashes($emailTitle)."<br />"; |
|
|
|
|
|
|
|
|
|
|
|
// main part of the email |
|
|
|
// Main part of the email |
|
|
|
$mail_body .= trim(stripslashes($newContent)); |
|
|
|
$mail_body .= trim(stripslashes($newContent)); |
|
|
|
// signature of email: sender name and course URL after -- line |
|
|
|
// Signature of email: sender name and course URL after -- line |
|
|
|
$mail_body .= "<br />-- <br />"; |
|
|
|
$mail_body .= "<br />-- <br />"; |
|
|
|
$mail_body .= api_get_person_name($_user['firstName'], $_user['lastName'], null, PERSON_NAME_EMAIL_ADDRESS)." \n"; |
|
|
|
$mail_body .= api_get_person_name($_user['firstName'], $_user['lastName'], null, PERSON_NAME_EMAIL_ADDRESS)." \n"; |
|
|
|
$mail_body .= "<br /> \n<a href=\"".api_get_path(WEB_CODE_PATH).'announcements/announcements.php?'.api_get_cidreq()."\">"; |
|
|
|
$mail_body .= "<br /> \n<a href=\"".api_get_path(WEB_CODE_PATH).'announcements/announcements.php?'.api_get_cidreq()."\">"; |
|
|
@ -717,7 +697,6 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed |
|
|
|
update_mail_sent($insert_id); |
|
|
|
update_mail_sent($insert_id); |
|
|
|
$message = $added_and_sent; |
|
|
|
$message = $added_and_sent; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
} // $email_ann*/ |
|
|
|
} // $email_ann*/ |
|
|
|
} // end condition token |
|
|
|
} // end condition token |
|
|
|
} // isset |
|
|
|
} // isset |
|
|
|