From 06be33018e111c389101d15eccf68fb8ab0f85b5 Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Wed, 12 Sep 2012 14:18:03 +0200 Subject: [PATCH 1/2] Fixing UTC time --- main/inc/local.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main/inc/local.inc.php b/main/inc/local.inc.php index c26ad48252..40f324f6f8 100644 --- a/main/inc/local.inc.php +++ b/main/inc/local.inc.php @@ -1099,7 +1099,7 @@ if (api_get_setting('student_view_enabled') == "true") { if (isset($_cid)) { $tbl_course = Database::get_main_table(TABLE_MAIN_COURSE); - $time = api_get_datetime(); + $time = api_get_utc_datetime(); $sql="UPDATE $tbl_course SET last_visit= '$time' WHERE code='$_cid'"; Database::query($sql); } From 9cf5a81774e5f1e65b2ab40e34ab55f6389ea148 Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Wed, 12 Sep 2012 15:10:15 +0200 Subject: [PATCH 2/2] Fixes in redirect and local when using sso_referer --- main/inc/lib/redirect.class.php | 64 +++++++++++++-------------------- main/inc/local.inc.php | 29 +++++++-------- 2 files changed, 39 insertions(+), 54 deletions(-) diff --git a/main/inc/lib/redirect.class.php b/main/inc/lib/redirect.class.php index 22a6bb2c08..05030a4fad 100644 --- a/main/inc/lib/redirect.class.php +++ b/main/inc/lib/redirect.class.php @@ -6,26 +6,21 @@ * @license see /license.txt * @author Laurent Opprecht for the Univesity of Geneva */ -class Redirect -{ +class Redirect { - static function www() - { + static function www() { return Uri::www(); } - static function go($url = '') - { - if (empty($url)) - { + static function go($url = '') { + if (empty($url)) { Redirect::session_request_uri(); $www = self::www(); self::navigate($www); } $is_full_uri = (strpos($url, 'http') === 0); - if ($is_full_uri) - { + if ($is_full_uri) { self::navigate($url); } @@ -35,85 +30,74 @@ class Redirect /** * Redirect to the session "request uri" if it exists. - * @param bool Whether the user ha just logged in (in this case, use page_after_login rules) + * @param bool Whether the user just logged in (in this case, use page_after_login rules) */ - static function session_request_uri($logging_in = false, $user_id = null) - { -// if (api_is_anonymous()) -// { -// return; -// } + static function session_request_uri($logging_in = false, $user_id = null) { $no_redirection = isset($_SESSION['noredirection']) ? $_SESSION['noredirection'] : false; - - if($no_redirection){ + + if ($no_redirection) { unset($_SESSION['noredirection']); return; } - + $url = isset($_SESSION['request_uri']) ? $_SESSION['request_uri'] : ''; unset($_SESSION['request_uri']); - - + if (!empty($url)) { self::navigate($url); - } elseif ($logging_in) { + } elseif ($logging_in || (isset($_REQUEST['sso_referer']) && !empty($_REQUEST['sso_referer']))) { if (isset($user_id)) { - // Make sure we use the appropriate role redirection in case one has been defined - global $_configuration; + // Make sure we use the appropriate role redirection in case one has been defined $user_status = api_get_user_status($user_id); switch ($user_status) { case COURSEMANAGER: $redir = api_get_setting('teacher_page_after_login'); if (!empty($redir)) { - self::navigate(api_get_path(WEB_PATH).$redir); + self::navigate(api_get_path(WEB_PATH) . $redir); } break; case STUDENT: $redir = api_get_setting('student_page_after_login'); if (!empty($redir)) { - self::navigate(api_get_path(WEB_PATH).$redir); + self::navigate(api_get_path(WEB_PATH) . $redir); } break; case DRH: $redir = api_get_setting('drh_page_after_login'); if (!empty($redir)) { - self::navigate(api_get_path(WEB_PATH).$redir); + self::navigate(api_get_path(WEB_PATH) . $redir); } break; case SESSIONADMIN: $redir = api_get_setting('sessionadmin_page_after_login'); if (!empty($redir)) { - self::navigate(api_get_path(WEB_PATH).$redir); + self::navigate(api_get_path(WEB_PATH) . $redir); } break; default: break; } } - $pal = api_get_setting('page_after_login'); - if (!empty($pal)) { - self::navigate(api_get_path(WEB_PATH).$pal); + $page_after_login = api_get_setting('page_after_login'); + if (!empty($page_after_login)) { + self::navigate(api_get_path(WEB_PATH) . $page_after_login); } } } - static function home() - { + static function home() { $www = self::www(); self::navigate($www); } - static function user_home() - { + static function user_home() { $www = self::www(); self::navigate("$www/user_portal.php"); } - protected static function navigate($url) - { + protected static function navigate($url) { session_write_close(); //should not be neeeded header("Location: $url"); exit; } - -} +} \ No newline at end of file diff --git a/main/inc/local.inc.php b/main/inc/local.inc.php index 40f324f6f8..6578bc3687 100644 --- a/main/inc/local.inc.php +++ b/main/inc/local.inc.php @@ -159,13 +159,13 @@ $logging_in = false; /* MAIN CODE */ -if (!empty($_SESSION['_user']['user_id']) && ! ($login || $logout)) { +if (!empty($_SESSION['_user']['user_id']) && !($login || $logout)) { // uid is in session => login already done, continue with this value $_user['user_id'] = $_SESSION['_user']['user_id']; //Check if we have to reset user data //This param can be used to reload user data if user has been logged by external script - if (isset($_SESSION['_user']['uidReset']) && $_SESSION['_user']['uidReset']){ - $uidReset=true; + if (isset($_SESSION['_user']['uidReset']) && $_SESSION['_user']['uidReset']) { + $uidReset = true; } } else { if (isset($_user['user_id'])) { @@ -883,7 +883,7 @@ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) { // this user has no status related to this course // The user is subscribed in a session? The user is a Session coach a Session admin ? - $tbl_session = Database :: get_main_table(TABLE_MAIN_SESSION); + $tbl_session = Database :: get_main_table(TABLE_MAIN_SESSION); $tbl_session_course = Database :: get_main_table(TABLE_MAIN_SESSION_COURSE); $tbl_session_course_user = Database :: get_main_table(TABLE_MAIN_SESSION_COURSE_USER); @@ -894,7 +894,8 @@ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) { session_rcru.course_code = '$_cid' AND session_rcru.id_user = '$user_id' AND session_rcru.id_session = $session_id AND - session_rcru.status = 2"; + session_rcru.status = 2 + "; $result = Database::query($sql); $row = Database::store_result($result); @@ -909,16 +910,16 @@ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) { $is_sessionAdmin = true; } else { //Im a coach or a student? - $sql = "SELECT id_user, status FROM ".$tbl_session_course_user." + $sql = "SELECT cu.id_user, cu.status FROM $tbl_session_course_user cu WHERE course_code = '$_cid' AND - id_user = '".$user_id."' AND - id_session = '".$session_id."' + cu.id_user = '".$user_id."' AND + cu.id_session = '".$session_id."' LIMIT 1"; $result = Database::query($sql); if (Database::num_rows($result)) { $row = Database::fetch_array($result, 'ASSOC'); - + $session_course_status = $row['status']; switch ($session_course_status) { @@ -936,13 +937,14 @@ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) { } Session::write('_courseUser', $_courseUser); break; - case '0': //student + case '0': //Student $_courseUser['role'] = ''; $is_courseMember = true; $is_courseTutor = false; $is_courseAdmin = false; $is_courseCoach = false; $is_sessionAdmin = false; + Session::write('_courseUser', $_courseUser); break; default: @@ -1016,8 +1018,8 @@ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) { if ($session_id != 0) { if (!$is_platformAdmin) { // admin is not affected to the invisible session mode - $session_visibility = api_get_session_visibility($session_id); - + $session_visibility = api_get_session_visibility($session_id); + switch ($session_visibility) { case SESSION_INVISIBLE: $is_allowed_in_course = false; @@ -1104,5 +1106,4 @@ if (isset($_cid)) { Database::query($sql); } -Redirect::session_request_uri($logging_in, $user_id); - +Redirect::session_request_uri($logging_in, $user_id); \ No newline at end of file