chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[svn r9985] replace $_uid with $_user['user_id']

Browse Source
skala
Patrick Cool 19 years ago
parent abedd38515
commit 702d95bab7
12 changed files with 93 additions and 94 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      main/course_home/course_home.php
  2. 4
      main/create_course/add_course.php
  3. 14
      main/document/create_document.php
  4. 14
      main/document/document.php
  5. 14
      main/document/edit_document.php
  6. 14
      main/document/upload.php
  7. 4
      main/dropbox/dropbox_class.inc.php
  8. 12
      main/dropbox/dropbox_download.php
  9. 67
      main/dropbox/dropbox_functions.inc.php
  10. 2
      main/dropbox/dropbox_init.inc.php
  11. 24
      main/dropbox/dropbox_submit.php
  12. 14
      main/dropbox/index.php

4
main/course_home/course_home.php
Unescape View File

@ -1,4 +1,4 @@
<?php // $Id: course_home.php 9744 2006-10-25 10:04:16Z fvauthier $ <?php // $Id: course_home.php 9985 2006-11-15 00:43:47Z pcool $
/* /*
============================================================================== ==============================================================================
Dokeos - elearning and course management software Dokeos - elearning and course management software
@ -116,7 +116,7 @@ $user_id = api_get_user_id();
$course_code = $_course["sysCode"]; $course_code = $_course["sysCode"];
$course_info = Database::get_course_info($course_code); $course_info = Database::get_course_info($course_code);
$return_result = CourseManager::determine_course_title_from_course_info($_uid, $course_info); $return_result = CourseManager::determine_course_title_from_course_info($_user['user_id'], $course_info);
$course_title = $return_result["title"]; $course_title = $return_result["title"];
$course_code = $return_result["code"]; $course_code = $return_result["code"];

4
main/create_course/add_course.php
Unescape View File

@ -1,5 +1,5 @@
<?php <?php
// $Id: add_course.php 9527 2006-10-17 09:38:49Z elixir_inter $ // $Id: add_course.php 9985 2006-11-15 00:43:47Z pcool $
/* /*
============================================================================== ==============================================================================
Dokeos - elearning and course management software Dokeos - elearning and course management software
@ -113,7 +113,7 @@ if($form->validate())
update_Db_course($db_name); update_Db_course($db_name);
fill_course_repository($directory); fill_course_repository($directory);
fill_Db_course($db_name, $directory, $course_language); fill_Db_course($db_name, $directory, $course_language);
register_course($code, $visual_code, $directory, $db_name, $tutor_name, $category_code, $title, $course_language, $_uid, $expiration_date); register_course($code, $visual_code, $directory, $db_name, $tutor_name, $category_code, $title, $course_language, $_user['user_id'], $expiration_date);
} }
$message = get_lang('JustCreated'); $message = get_lang('JustCreated');
$message .= " <strong>".$course_values['wanted_code']."</strong>"; $message .= " <strong>".$course_values['wanted_code']."</strong>";

14
main/document/create_document.php
Unescape View File

@ -1,5 +1,5 @@
<?php <?php
// $Id: create_document.php 9246 2006-09-25 13:24:53Z bmol $ // $Id: create_document.php 9985 2006-11-15 00:43:47Z pcool $
/* /*
============================================================================== ==============================================================================
Dokeos - elearning and course management software Dokeos - elearning and course management software
@ -199,8 +199,8 @@ if ($form->validate())
$doc_id = add_document($_course, $dir.'css', 'folder', 0, 'css'); $doc_id = add_document($_course, $dir.'css', 'folder', 0, 'css');
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'FolderCreated', $_uid); api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'FolderCreated', $_user['user_id']);
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'invisible', $_uid); api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'invisible', $_user['user_id']);
} }
if (!is_file($filepath.'css/frames.css')) if (!is_file($filepath.'css/frames.css'))
@ -209,8 +209,8 @@ if ($form->validate())
$doc_id = add_document($_course, $dir.'css/frames.css', 'file', filesize($filepath.'css/frames.css'), 'frames.css'); $doc_id = add_document($_course, $dir.'css/frames.css', 'file', filesize($filepath.'css/frames.css'), 'frames.css');
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', $_uid); api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', $_user['user_id']);
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'invisible', $_uid); api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'invisible', $_user['user_id']);
} }
$file_size = filesize($filepath.$filename.'.'.$extension); $file_size = filesize($filepath.$filename.'.'.$extension);
@ -219,10 +219,10 @@ if ($form->validate())
$document_id = add_document($_course, $save_file_path, 'file', $file_size, $filename); $document_id = add_document($_course, $save_file_path, 'file', $file_size, $filename);
if ($document_id) if ($document_id)
{ {
api_item_property_update($_course, TOOL_DOCUMENT, $document_id, 'DocumentAdded', $_uid, $to_group_id); api_item_property_update($_course, TOOL_DOCUMENT, $document_id, 'DocumentAdded', $_user['user_id'], $to_group_id);
//update parent folders //update parent folders
item_property_update_on_folder($_course, $_GET['dir'], $_uid); item_property_update_on_folder($_course, $_GET['dir'], $_user['user_id']);
$new_comment = isset ($_POST['comment']) ? trim($_POST['comment']) : ''; $new_comment = isset ($_POST['comment']) ? trim($_POST['comment']) : '';
$new_title = isset ($_POST['title']) ? trim($_POST['title']) : ''; $new_title = isset ($_POST['title']) ? trim($_POST['title']) : '';

14
main/document/document.php
Unescape View File

@ -1,4 +1,4 @@
<?php // $Id: document.php 9757 2006-10-25 11:35:34Z elixir_inter $ <?php // $Id: document.php 9985 2006-11-15 00:43:47Z pcool $
/* /*
============================================================================== ==============================================================================
Dokeos - elearning and course management software Dokeos - elearning and course management software
@ -135,7 +135,7 @@ if(isset($_SESSION['_gid']) && $_SESSION['_gid']!='')
if($group_properties['doc_state']==2) //documents are private if($group_properties['doc_state']==2) //documents are private
{ {
if($is_allowed_to_edit || GroupManager :: is_user_in_group($_uid,$_SESSION['_gid'])) //only courseadmin or group members (members + tutors) allowed if($is_allowed_to_edit || GroupManager :: is_user_in_group($_user['user_id'],$_SESSION['_gid'])) //only courseadmin or group members (members + tutors) allowed
{ {
$to_group_id = $_SESSION['_gid']; $to_group_id = $_SESSION['_gid'];
$req_gid = '&amp;gidReq='.$_SESSION['_gid']; $req_gid = '&amp;gidReq='.$_SESSION['_gid'];
@ -156,7 +156,7 @@ if(isset($_SESSION['_gid']) && $_SESSION['_gid']!='')
$req_gid = '&amp;gidReq='.$_SESSION['_gid']; $req_gid = '&amp;gidReq='.$_SESSION['_gid'];
$interbreadcrumb[]= array ("url"=>"../group/group_space.php?gidReq=".$_SESSION['_gid'], "name"=> get_lang('GroupSpace')); $interbreadcrumb[]= array ("url"=>"../group/group_space.php?gidReq=".$_SESSION['_gid'], "name"=> get_lang('GroupSpace'));
//allowed to upload? //allowed to upload?
if($is_allowed_to_edit || GroupManager::is_subscribed($_uid,$_SESSION['_gid'])) //only courseadmin or group members can upload if($is_allowed_to_edit || GroupManager::is_subscribed($_user['user_id'],$_SESSION['_gid'])) //only courseadmin or group members can upload
{ {
$group_member_with_upload_rights = true; $group_member_with_upload_rights = true;
} }
@ -229,7 +229,7 @@ $course_quota = DocumentManager::get_course_quota();
*/ */
function launch_ppt2lp($file){ function launch_ppt2lp($file){
global $_course,$_uid, $openoffice_conf, $base_work_dir; global $_course,$_user, $openoffice_conf, $base_work_dir;
$response = new XajaxResponse(); $response = new XajaxResponse();
// lp tables // lp tables
@ -248,7 +248,7 @@ function launch_ppt2lp($file){
//create the directory //create the directory
$added_slash = '/'; $added_slash = '/';
$dir_name = $added_slash.substr($file, 1, strrpos($file,'.')-1); $dir_name = $added_slash.substr($file, 1, strrpos($file,'.')-1);
$created_dir = create_unexisting_directory($_course,$_uid,$to_group_id,$to_user_id,$base_work_dir,$dir_name); $created_dir = create_unexisting_directory($_course,$_user['user_id'],$to_group_id,$to_user_id,$base_work_dir,$dir_name);
chmod ($base_work_dir.$created_dir,0777); chmod ($base_work_dir.$created_dir,0777);
/* /*
@ -518,7 +518,7 @@ if($is_allowed_to_edit || $group_member_with_upload_rights) // TEACHER ONLY
include_once(api_get_path(LIBRARY_PATH) . 'fileUpload.lib.php'); include_once(api_get_path(LIBRARY_PATH) . 'fileUpload.lib.php');
$added_slash = ($curdirpath=='/')?'':'/'; $added_slash = ($curdirpath=='/')?'':'/';
$dir_name = $curdirpath.$added_slash.replace_dangerous_char($_POST['dirname']); $dir_name = $curdirpath.$added_slash.replace_dangerous_char($_POST['dirname']);
$created_dir = create_unexisting_directory($_course,$_uid,$to_group_id,$to_user_id,$base_work_dir,$dir_name,$_POST['dirname']); $created_dir = create_unexisting_directory($_course,$_user['user_id'],$to_group_id,$to_user_id,$base_work_dir,$dir_name,$_POST['dirname']);
if($created_dir) if($created_dir)
{ {
//Display::display_normal_message("<strong>".$created_dir."</strong> was created!"); //Display::display_normal_message("<strong>".$created_dir."</strong> was created!");
@ -565,7 +565,7 @@ if($is_allowed_to_edit || $group_member_with_upload_rights) // TEACHER ONLY
$visibility_command = 'invisible'; $visibility_command = 'invisible';
} }
//update item_property to change visibility //update item_property to change visibility
if(api_item_property_update($_course, TOOL_DOCUMENT, $update_id, $visibility_command, $_uid)) if(api_item_property_update($_course, TOOL_DOCUMENT, $update_id, $visibility_command, $_user['user_id']))
{ {
Display::display_normal_message(get_lang("ViMod")); Display::display_normal_message(get_lang("ViMod"));
} }

14
main/document/edit_document.php
Unescape View File

@ -1,4 +1,4 @@
<?php // $Id: edit_document.php 9246 2006-09-25 13:24:53Z bmol $ <?php // $Id: edit_document.php 9985 2006-11-15 00:43:47Z pcool $
/* /*
============================================================================== ==============================================================================
Dokeos - elearning and course management software Dokeos - elearning and course management software
@ -381,8 +381,8 @@ if($is_allowedToEdit)
$doc_id=add_document($_course,$dir.'css','folder',0,'css'); $doc_id=add_document($_course,$dir.'css','folder',0,'css');
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'FolderCreated', $_uid); api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'FolderCreated', $_user['user_id']);
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'invisible', $_uid); api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'invisible', $_user['user_id']);
} }
if(!is_file($filepath.'css/frames.css')) if(!is_file($filepath.'css/frames.css'))
@ -391,8 +391,8 @@ if($is_allowedToEdit)
$doc_id=add_document($_course,$dir.'css/frames.css','file',filesize($filepath.'css/frames.css'),'frames.css'); $doc_id=add_document($_course,$dir.'css/frames.css','file',filesize($filepath.'css/frames.css'),'frames.css');
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', $_uid); api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', $_user['user_id']);
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'invisible', $_uid); api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'invisible', $_user['user_id']);
} }
// "WHAT'S NEW" notification: update table item_property (previously last_tooledit) // "WHAT'S NEW" notification: update table item_property (previously last_tooledit)
@ -401,9 +401,9 @@ if($is_allowedToEdit)
{ {
$file_size = filesize($filepath.$filename.'.'.$extension); $file_size = filesize($filepath.$filename.'.'.$extension);
update_existing_document($_course, $document_id,$file_size); update_existing_document($_course, $document_id,$file_size);
api_item_property_update($_course, TOOL_DOCUMENT, $document_id, 'DocumentUpdated', $_uid); api_item_property_update($_course, TOOL_DOCUMENT, $document_id, 'DocumentUpdated', $_user['user_id']);
//update parent folders //update parent folders
item_property_update_on_folder($_course,$dir,$_uid); item_property_update_on_folder($_course,$dir,$_user['user_id']);
header('Location: document.php?curdirpath='.urlencode($_GET['curdirpath']).$req_gid); header('Location: document.php?curdirpath='.urlencode($_GET['curdirpath']).$req_gid);
exit(); exit();
} }

14
main/document/upload.php
Unescape View File

@ -1,4 +1,4 @@
<?php // $Id: upload.php 9246 2006-09-25 13:24:53Z bmol $ <?php // $Id: upload.php 9985 2006-11-15 00:43:47Z pcool $
/* /*
============================================================================== ==============================================================================
Dokeos - elearning and course management software Dokeos - elearning and course management software
@ -110,7 +110,7 @@ if(isset($_SESSION['_gid']) && $_SESSION['_gid']!='') //if the group id is set,
$group_properties = GroupManager::get_group_properties($_SESSION['_gid']); $group_properties = GroupManager::get_group_properties($_SESSION['_gid']);
$noPHP_SELF=true; $noPHP_SELF=true;
if($is_allowed_to_edit || GroupManager::is_user_in_group($_uid,$_SESSION['_gid'])) //only courseadmin or group members allowed if($is_allowed_to_edit || GroupManager::is_user_in_group($_user['user_id'],$_SESSION['_gid'])) //only courseadmin or group members allowed
{ {
$to_group_id = $_SESSION['_gid']; $to_group_id = $_SESSION['_gid'];
$req_gid = '&amp;gidReq='.$_SESSION['_gid']; $req_gid = '&amp;gidReq='.$_SESSION['_gid'];
@ -215,7 +215,7 @@ if(isset($_FILES['user_upload']))
if($upload_ok) if($upload_ok)
{ {
//file got on the server without problems, now process it //file got on the server without problems, now process it
$new_path = handle_uploaded_document($_course, $_FILES['user_upload'],$base_work_dir,$_POST['curdirpath'],$_uid,$to_group_id,$to_user_id,$max_filled_space,$_POST['unzip'],$_POST['if_exists']); $new_path = handle_uploaded_document($_course, $_FILES['user_upload'],$base_work_dir,$_POST['curdirpath'],$_user['user_id'],$to_group_id,$to_user_id,$max_filled_space,$_POST['unzip'],$_POST['if_exists']);
$new_comment = isset($_POST['comment']) ? trim($_POST['comment']) : ''; $new_comment = isset($_POST['comment']) ? trim($_POST['comment']) : '';
$new_title = isset($_POST['title']) ? trim($_POST['title']) : ''; $new_title = isset($_POST['title']) ? trim($_POST['title']) : '';
@ -248,13 +248,13 @@ if(isset($_POST['submit_image']))
//we could also create a function for this, I'm not sure... //we could also create a function for this, I'm not sure...
//create a directory for the missing files //create a directory for the missing files
$img_directory = str_replace('.','_',$_POST['related_file']."_files"); $img_directory = str_replace('.','_',$_POST['related_file']."_files");
$missing_files_dir = create_unexisting_directory($_course,$_uid,$to_group_id,$to_user_id,$base_work_dir,$img_directory); $missing_files_dir = create_unexisting_directory($_course,$_user['user_id'],$to_group_id,$to_user_id,$base_work_dir,$img_directory);
//put the uploaded files in the new directory and get the paths //put the uploaded files in the new directory and get the paths
$paths_to_replace_in_file = move_uploaded_file_collection_into_directory($_course, $_FILES['img_file'],$base_work_dir,$missing_files_dir,$_uid,$to_group_id,$to_user_id,$max_filled_space); $paths_to_replace_in_file = move_uploaded_file_collection_into_directory($_course, $_FILES['img_file'],$base_work_dir,$missing_files_dir,$_user['user_id'],$to_group_id,$to_user_id,$max_filled_space);
//open the html file and replace the paths //open the html file and replace the paths
replace_img_path_in_html_file($_POST['img_file_path'],$paths_to_replace_in_file,$base_work_dir.$_POST['related_file']); replace_img_path_in_html_file($_POST['img_file_path'],$paths_to_replace_in_file,$base_work_dir.$_POST['related_file']);
//update parent folders //update parent folders
item_property_update_on_folder($_course,$_POST['curdirpath'],$_uid); item_property_update_on_folder($_course,$_POST['curdirpath'],$_user['user_id']);
} }
} }
//they want to create a directory //they want to create a directory
@ -262,7 +262,7 @@ if(isset($_POST['create_dir']) && $_POST['dirname']!='')
{ {
$added_slash = ($path=='/')?'':'/'; $added_slash = ($path=='/')?'':'/';
$dir_name = $path.$added_slash.replace_dangerous_char($_POST['dirname']); $dir_name = $path.$added_slash.replace_dangerous_char($_POST['dirname']);
$created_dir = create_unexisting_directory($_course,$_uid,$to_group_id,$to_user_id,$base_work_dir,$dir_name,$_POST['dirname']); $created_dir = create_unexisting_directory($_course,$_user['user_id'],$to_group_id,$to_user_id,$base_work_dir,$dir_name,$_POST['dirname']);
if($created_dir) if($created_dir)
{ {
//Display::display_normal_message("<strong>".$created_dir."</strong> was created!"); //Display::display_normal_message("<strong>".$created_dir."</strong> was created!");

4
main/dropbox/dropbox_class.inc.php
Unescape View File

@ -196,7 +196,7 @@ class Dropbox_Work {
/* /*
* private function creating existing object by retreiving info from db * private function creating existing object by retreiving info from db
*/ */
global $_uid; // RH: Feedback global $_user; // RH: Feedback
/* /*
* Do some sanity checks * Do some sanity checks
@ -259,7 +259,7 @@ class Dropbox_Work {
/* /*
// RH: Feedback // RH: Feedback
$result = api_sql_query("SELECT feedback_date, feedback, cat_id FROM `". $result = api_sql_query("SELECT feedback_date, feedback, cat_id FROM `".
dropbox_cnf("postTbl")."` WHERE dest_user_id='".$_uid. dropbox_cnf("postTbl")."` WHERE dest_user_id='".$_user['user_id'].
"' AND file_id='".$id."'",__FILE__,__LINE__); "' AND file_id='".$id."'",__FILE__,__LINE__);
if ($res = mysql_fetch_array($result)) if ($res = mysql_fetch_array($result))
{ {

12
main/dropbox/dropbox_download.php
Unescape View File

@ -65,9 +65,9 @@ if ( isset($_GET['cat_id']) AND is_numeric($_GET['cat_id']) AND $_GET['action']=
{ {
// here we also incorporate the person table to make sure that deleted sent documents are not included. // here we also incorporate the person table to make sure that deleted sent documents are not included.
$sql="SELECT DISTINCT file.id, file.filename, file.title FROM `".$dropbox_cnf["fileTbl"]."` file, `".$dropbox_cnf["personTbl"]."` person $sql="SELECT DISTINCT file.id, file.filename, file.title FROM `".$dropbox_cnf["fileTbl"]."` file, `".$dropbox_cnf["personTbl"]."` person
WHERE file.uploader_id='".mysql_real_escape_string($_uid)."' WHERE file.uploader_id='".mysql_real_escape_string($_user['user_id'])."'
AND file.cat_id='".mysql_real_escape_string($_GET['cat_id'])."' AND file.cat_id='".mysql_real_escape_string($_GET['cat_id'])."'
AND person.user_id='".mysql_real_escape_string($_uid)."' AND person.user_id='".mysql_real_escape_string($_user['user_id'])."'
AND person.file_id=file.id AND person.file_id=file.id
" ; " ;
} }
@ -75,7 +75,7 @@ if ( isset($_GET['cat_id']) AND is_numeric($_GET['cat_id']) AND $_GET['action']=
{ {
$sql="SELECT DISTINCT file.id, file.filename, file.title FROM `".$dropbox_cnf["fileTbl"]."` file, `".$dropbox_cnf["personTbl"]."` person, `".$dropbox_cnf["postTbl"]."` post $sql="SELECT DISTINCT file.id, file.filename, file.title FROM `".$dropbox_cnf["fileTbl"]."` file, `".$dropbox_cnf["personTbl"]."` person, `".$dropbox_cnf["postTbl"]."` post
WHERE post.cat_id='".mysql_real_escape_string($_GET['cat_id'])."' WHERE post.cat_id='".mysql_real_escape_string($_GET['cat_id'])."'
AND person.user_id='".mysql_real_escape_string($_uid)."' AND person.user_id='".mysql_real_escape_string($_user['user_id'])."'
AND person.file_id=file.id AND person.file_id=file.id
AND post.file_id=file.id AND post.file_id=file.id
" ; " ;
@ -120,7 +120,7 @@ if ( ! isset( $_GET['id']) || ! is_numeric( $_GET['id']))
$allowed_to_download=false; $allowed_to_download=false;
// Check if the user has sent or received the file. // Check if the user has sent or received the file.
$sql="SELECT * FROM `".$dropbox_cnf["personTbl"]."` WHERE file_id='".mysql_real_escape_string($_GET['id'])."' AND user_id='".mysql_real_escape_string($_uid)."'"; $sql="SELECT * FROM `".$dropbox_cnf["personTbl"]."` WHERE file_id='".mysql_real_escape_string($_GET['id'])."' AND user_id='".mysql_real_escape_string($_user['user_id'])."'";
$result=api_sql_query($sql); $result=api_sql_query($sql);
if (mysql_num_rows($result)>0) if (mysql_num_rows($result)>0)
{ {
@ -357,14 +357,14 @@ require_once( "dropbox_class.inc.php");
AUTHORISATION SECTION AUTHORISATION SECTION
============================================================================== ==============================================================================
*/ */
if ( !isset( $_uid) || !$is_course_member ) if ( !isset( $_user['user_id']) || !$is_course_member )
{ {
require_once( "dropbox_init2.inc.php"); require_once( "dropbox_init2.inc.php");
exit( ); exit( );
} }
if ($_GET['mailing']) // RH: Mailing detail window call if ($_GET['mailing']) // RH: Mailing detail window call
getUserOwningThisMailing($_GET['mailing'], $_uid, '500'); // RH or die getUserOwningThisMailing($_GET['mailing'], $_user['user_id'], '500'); // RH or die
/* /*
============================================================================== ==============================================================================

67
main/dropbox/dropbox_functions.inc.php
Unescape View File

@ -35,7 +35,7 @@
*/ */
function handle_multiple_actions() function handle_multiple_actions()
{ {
global $_uid, $is_courseAdmin, $is_courseTutor; global $_user, $is_courseAdmin, $is_courseTutor;
//print_r($_POST); //print_r($_POST);
// STEP 1: are we performing the actions on the received or on the sent files? // STEP 1: are we performing the actions on the received or on the sent files?
@ -65,7 +65,7 @@ function handle_multiple_actions()
// STEP 3A: deleting // STEP 3A: deleting
if ($_POST['actions']=='delete') if ($_POST['actions']=='delete')
{ {
$dropboxfile=new Dropbox_Person( $_uid, $is_courseAdmin, $is_courseTutor); $dropboxfile=new Dropbox_Person( $_user['user_id'], $is_courseAdmin, $is_courseTutor);
foreach ($checked_file_ids as $key=>$value) foreach ($checked_file_ids as $key=>$value)
{ {
if ($_GET['view']=='received' OR !$_GET['view']) if ($_GET['view']=='received' OR !$_GET['view'])
@ -120,7 +120,7 @@ function handle_multiple_actions()
function delete_category($action, $id) function delete_category($action, $id)
{ {
global $dropbox_cnf; global $dropbox_cnf;
global $_uid, $is_courseAdmin, $is_courseTutor; global $_user['user_id'], $is_courseAdmin, $is_courseTutor;
// an additional check that might not be necessary // an additional check that might not be necessary
if ($action=='deletereceivedcategory') if ($action=='deletereceivedcategory')
@ -150,7 +150,7 @@ function delete_category($action, $id)
while ($row=mysql_fetch_array($result)) while ($row=mysql_fetch_array($result))
{ {
$dropboxfile=new Dropbox_Person( $_uid, $is_courseAdmin, $is_courseTutor); $dropboxfile=new Dropbox_Person( $_user['user_id'], $is_courseAdmin, $is_courseTutor);
if ($action=='deletereceivedcategory') if ($action=='deletereceivedcategory')
{ {
$dropboxfile->deleteReceivedWork($row[$id_field]); $dropboxfile->deleteReceivedWork($row[$id_field]);
@ -202,7 +202,7 @@ function display_move_form($part, $id, $target=array())
*/ */
function store_move($id, $target, $part) function store_move($id, $target, $part)
{ {
global $_uid; global $_user;
global $dropbox_cnf; global $dropbox_cnf;
if ((isset($id) AND $id<>'') AND (isset($target) AND $target<>'') AND (isset($part) AND $part<>'')) if ((isset($id) AND $id<>'') AND (isset($target) AND $target<>'') AND (isset($part) AND $part<>''))
@ -210,7 +210,7 @@ function store_move($id, $target, $part)
if ($part=='received') if ($part=='received')
{ {
$sql="UPDATE `".$dropbox_cnf["postTbl"]."` SET cat_id='".mysql_real_escape_string($target)."' $sql="UPDATE `".$dropbox_cnf["postTbl"]."` SET cat_id='".mysql_real_escape_string($target)."'
WHERE dest_user_id='".mysql_real_escape_string($_uid)."' WHERE dest_user_id='".mysql_real_escape_string($_user['user_id'])."'
AND file_id='".mysql_real_escape_string($id)."' AND file_id='".mysql_real_escape_string($id)."'
"; ";
api_sql_query($sql,__FILE__,__LINE__); api_sql_query($sql,__FILE__,__LINE__);
@ -219,7 +219,7 @@ function store_move($id, $target, $part)
if ($part=='sent') if ($part=='sent')
{ {
$sql="UPDATE `".$dropbox_cnf["fileTbl"]."` SET cat_id='".mysql_real_escape_string($target)."' $sql="UPDATE `".$dropbox_cnf["fileTbl"]."` SET cat_id='".mysql_real_escape_string($target)."'
WHERE uploader_id='".mysql_real_escape_string($_uid)."' WHERE uploader_id='".mysql_real_escape_string($_user['user_id'])."'
AND id='".mysql_real_escape_string($id)."' AND id='".mysql_real_escape_string($id)."'
"; ";
api_sql_query($sql,__FILE__,__LINE__); api_sql_query($sql,__FILE__,__LINE__);
@ -302,14 +302,14 @@ function display_file_checkbox($id, $part)
*/ */
function get_dropbox_categories($filter='') function get_dropbox_categories($filter='')
{ {
global $_uid; global $_user;
global $dropbox_cnf; global $dropbox_cnf;
echo '<h1>'.$filter.'</h1>'; echo '<h1>'.$filter.'</h1>';
$return_array=array(); $return_array=array();
$sql="SELECT * FROM `".$dropbox_cnf['tbl_category']."` WHERE user_id='".$_uid."'"; $sql="SELECT * FROM `".$dropbox_cnf['tbl_category']."` WHERE user_id='".$_user['user_id']."'";
$result=api_sql_query($sql); $result=api_sql_query($sql);
while ($row=mysql_fetch_array($result)) while ($row=mysql_fetch_array($result))
@ -339,7 +339,7 @@ function get_dropbox_categories($filter='')
*/ */
function store_addcategory() function store_addcategory()
{ {
global $_uid; global $_user;
global $dropbox_cnf; global $dropbox_cnf;
// check if the target is valid // check if the target is valid
@ -367,7 +367,7 @@ function store_addcategory()
if (!$_POST['edit_id']) if (!$_POST['edit_id'])
{ {
// step 3a, we check if the category doesn't already exist // step 3a, we check if the category doesn't already exist
$sql="SELECT * FROM `".$dropbox_cnf['tbl_category']."` WHERE user_id='".$_uid."' AND cat_name='".mysql_real_escape_string($_POST['category_name'])."' AND received='".$received."' AND sent='".$sent."'"; $sql="SELECT * FROM `".$dropbox_cnf['tbl_category']."` WHERE user_id='".$_user['user_id']."' AND cat_name='".mysql_real_escape_string($_POST['category_name'])."' AND received='".$received."' AND sent='".$sent."'";
$result=api_sql_query($sql); $result=api_sql_query($sql);
@ -375,7 +375,7 @@ function store_addcategory()
if (mysql_num_rows($result)==0) if (mysql_num_rows($result)==0)
{ {
$sql="INSERT INTO `".$dropbox_cnf['tbl_category']."` (cat_name, received, sent, user_id) $sql="INSERT INTO `".$dropbox_cnf['tbl_category']."` (cat_name, received, sent, user_id)
VALUES ('".mysql_real_escape_string($_POST['category_name'])."', '".mysql_real_escape_string($received)."', '".mysql_real_escape_string($sent)."', '".mysql_real_escape_string($_uid)."')"; VALUES ('".mysql_real_escape_string($_POST['category_name'])."', '".mysql_real_escape_string($received)."', '".mysql_real_escape_string($sent)."', '".mysql_real_escape_string($_user['user_id'])."')";
api_sql_query($sql); api_sql_query($sql);
return get_lang('CategoryStored'); return get_lang('CategoryStored');
} }
@ -387,7 +387,7 @@ function store_addcategory()
else else
{ {
$sql="UPDATE `".$dropbox_cnf['tbl_category']."` SET cat_name='".mysql_real_escape_string($_POST['category_name'])."', received='".mysql_real_escape_string($received)."' , sent='".mysql_real_escape_string($sent)."' $sql="UPDATE `".$dropbox_cnf['tbl_category']."` SET cat_name='".mysql_real_escape_string($_POST['category_name'])."', received='".mysql_real_escape_string($received)."' , sent='".mysql_real_escape_string($sent)."'
WHERE user_id='".mysql_real_escape_string($_uid)."' WHERE user_id='".mysql_real_escape_string($_user['user_id'])."'
AND cat_id='".mysql_real_escape_string($_POST['edit_id'])."'"; AND cat_id='".mysql_real_escape_string($_POST['edit_id'])."'";
api_sql_query($sql); api_sql_query($sql);
return get_lang('CategoryModified'); return get_lang('CategoryModified');
@ -477,12 +477,12 @@ function display_addcategory_form($category_name='', $id='')
*/ */
function display_add_form() function display_add_form()
{ {
global $_uid; global $_user;
global $is_courseAdmin; global $is_courseAdmin;
global $is_courseTutor; global $is_courseTutor;
global $course_info; // this global $course_info; // this
$dropbox_person = new Dropbox_Person( $_uid, $is_courseAdmin, $is_courseTutor); $dropbox_person = new Dropbox_Person( $_user['user_id'], $is_courseAdmin, $is_courseTutor);
?> ?>
<form method="post" action="index.php?view_received_category=<?php echo $_GET['view_received_category']; ?>&view_sent_category=<?php echo $_GET['view_sent_category']; ?>&view=<?php echo $_GET['view']; ?>&<?php echo "&origin=$origin"; ?>" enctype="multipart/form-data" onsubmit="return checkForm(this)"> <form method="post" action="index.php?view_received_category=<?php echo $_GET['view_received_category']; ?>&view_sent_category=<?php echo $_GET['view_sent_category']; ?>&view=<?php echo $_GET['view']; ?>&<?php echo "&origin=$origin"; ?>" enctype="multipart/form-data" onsubmit="return checkForm(this)">
<table border="0"> <table border="0">
@ -521,7 +521,7 @@ function display_add_form()
<?php echo dropbox_lang("authors")?>: <?php echo dropbox_lang("authors")?>:
</td> </td>
<td> <td>
<input type="text" name="authors" value="<?php echo getUserNameFromId($_uid)?>" size="32" /> <input type="text" name="authors" value="<?php echo getUserNameFromId($_user['user_id'])?>" size="32" />
</td> </td>
</tr> </tr>
<tr> <tr>
@ -570,7 +570,7 @@ function display_add_form()
|| dropbox_cnf("allowStudentToStudent") // RH: also if option is set || dropbox_cnf("allowStudentToStudent") // RH: also if option is set
|| $current_user['status']!=5 // always allow teachers || $current_user['status']!=5 // always allow teachers
|| $current_user['tutor_id']==1 // always allow tutors || $current_user['tutor_id']==1 // always allow tutors
) && $current_user['user_id'] != $_uid ) // don't include yourself ) && $current_user['user_id'] != $_user['user_id'] ) // don't include yourself
{ {
$full_name = $current_user['lastcommafirst']; $full_name = $current_user['lastcommafirst'];
echo '<option value="user_' . $current_user['user_id'] . '">' . $full_name . '</option>'; echo '<option value="user_' . $current_user['user_id'] . '">' . $full_name . '</option>';
@ -605,7 +605,7 @@ function display_add_form()
if ( dropbox_cnf("allowJustUpload")) // RH if ( dropbox_cnf("allowJustUpload")) // RH
{ {
//echo '<option value="upload">'.dropbox_lang("justUploadInSelect").'</option>'; //echo '<option value="upload">'.dropbox_lang("justUploadInSelect").'</option>';
echo '<option value="user_'.$_uid.'">'.dropbox_lang("justUploadInSelect").'</option>'; echo '<option value="user_'.$_user['user_id'].'">'.dropbox_lang("justUploadInSelect").'</option>';
} }
echo "</select>", echo "</select>",
@ -787,7 +787,7 @@ function dropbox_cnf($variable)
function store_add_dropbox() function store_add_dropbox()
{ {
global $dropbox_cnf; global $dropbox_cnf;
global $_uid; global $_user;
require_once(api_get_path(LIBRARY_PATH) . "/fileUpload.lib.php"); require_once(api_get_path(LIBRARY_PATH) . "/fileUpload.lib.php");
// ---------------------------------------------------------- // ----------------------------------------------------------
@ -890,14 +890,14 @@ function store_add_dropbox()
// set author // set author
if ( $_POST['authors'] == '') if ( $_POST['authors'] == '')
{ {
$_POST['authors'] = getUserNameFromId( $_uid); $_POST['authors'] = getUserNameFromId( $_user['user_id']);
} }
// note: I think we could better migrate everything from here on to separate functions: store_new_dropbox, store_new_mailing, store_just_upload // note: I think we could better migrate everything from here on to separate functions: store_new_dropbox, store_new_mailing, store_just_upload
if ( $dropbox_overwrite) // RH: Mailing: adapted if ( $dropbox_overwrite) // RH: Mailing: adapted
{ {
$dropbox_person = new Dropbox_Person( $_uid, $is_courseAdmin, $is_courseTutor); $dropbox_person = new Dropbox_Person( $_user['user_id'], $is_courseAdmin, $is_courseTutor);
foreach($dropbox_person->sentWork as $w) foreach($dropbox_person->sentWork as $w)
{ {
@ -907,7 +907,7 @@ function store_add_dropbox()
{ {
return get_lang('mailingNonMailingError'); return get_lang('mailingNonMailingError');
} }
if ( ($w->recipients[0]['id'] == $_uid) xor $thisIsJustUpload) if ( ($w->recipients[0]['id'] == $_user['user_id']) xor $thisIsJustUpload)
{ {
return get_lang('mailingJustUploadNoOther'); return get_lang('mailingJustUploadNoOther');
} }
@ -919,7 +919,7 @@ function store_add_dropbox()
} }
else // rename file to login_filename_uniqueId format else // rename file to login_filename_uniqueId format
{ {
$dropbox_filename = getLoginFromId( $_uid) . "_" . $dropbox_filename . "_".uniqid(''); $dropbox_filename = getLoginFromId( $_user['user_id']) . "_" . $dropbox_filename . "_".uniqid('');
} }
// creating the array that contains all the users who will receive the file // creating the array that contains all the users who will receive the file
@ -935,7 +935,7 @@ function store_add_dropbox()
$userList = GroupManager::get_subscribed_users(substr($rec, strlen('group_') )); $userList = GroupManager::get_subscribed_users(substr($rec, strlen('group_') ));
foreach ($userList as $usr) foreach ($userList as $usr)
{ {
if (! in_array($usr['user_id'], $newWorkRecipients) && $usr['user_id'] != $_uid) if (! in_array($usr['user_id'], $newWorkRecipients) && $usr['user_id'] != $_user['user_id'])
{ {
$new_work_recipients[] = $usr['user_id']; $new_work_recipients[] = $usr['user_id'];
} }
@ -946,7 +946,7 @@ function store_add_dropbox()
@move_uploaded_file( $dropbox_filetmpname, dropbox_cnf("sysPath") . '/' . $dropbox_filename); @move_uploaded_file( $dropbox_filetmpname, dropbox_cnf("sysPath") . '/' . $dropbox_filename);
new Dropbox_SentWork( $_uid, $dropbox_title, $_POST['description'], strip_tags($_POST['authors']), $dropbox_filename, $dropbox_filesize, $new_work_recipients); new Dropbox_SentWork( $_user['user_id'], $dropbox_title, $_POST['description'], strip_tags($_POST['authors']), $dropbox_filename, $dropbox_filesize, $new_work_recipients);
return get_lang('FileUploadSucces'); return get_lang('FileUploadSucces');
} }
@ -1063,7 +1063,7 @@ function feedback_form()
function store_feedback() function store_feedback()
{ {
global $dropbox_cnf; global $dropbox_cnf;
global $_uid; global $_user;
if (!is_numeric($_GET['id'])) if (!is_numeric($_GET['id']))
{ {
@ -1077,7 +1077,7 @@ function store_feedback()
else else
{ {
$sql="INSERT INTO `".$dropbox_cnf['tbl_feedback']."` (file_id, author_user_id, feedback, feedback_date) VALUES $sql="INSERT INTO `".$dropbox_cnf['tbl_feedback']."` (file_id, author_user_id, feedback, feedback_date) VALUES
('".mysql_real_escape_string($_GET['id'])."','".mysql_real_escape_string($_uid)."','".mysql_real_escape_string($_POST['feedback'])."',NOW())"; ('".mysql_real_escape_string($_GET['id'])."','".mysql_real_escape_string($_user['user_id'])."','".mysql_real_escape_string($_POST['feedback'])."',NOW())";
api_sql_query($sql); api_sql_query($sql);
return get_lang('DropboxFeedbackStored'); return get_lang('DropboxFeedbackStored');
} }
@ -1097,7 +1097,7 @@ function zip_download ($array)
{ {
global $_course; global $_course;
global $dropbox_cnf; global $dropbox_cnf;
global $_uid; global $_user;
global $files; global $files;
// zip library for creation of the zipfile // zip library for creation of the zipfile
@ -1121,7 +1121,7 @@ function zip_download ($array)
FROM `".$dropbox_cnf["fileTbl"]."` file, `".$dropbox_cnf["personTbl"]."` person FROM `".$dropbox_cnf["fileTbl"]."` file, `".$dropbox_cnf["personTbl"]."` person
WHERE file.id IN (".implode(', ',$array).") WHERE file.id IN (".implode(', ',$array).")
AND file.id=person.file_id AND file.id=person.file_id
AND person.user_id='".$_uid."'"; AND person.user_id='".$_user['user_id']."'";
$result=api_sql_query($sql,__FILE__,__LINE__); $result=api_sql_query($sql,__FILE__,__LINE__);
while ($row=mysql_fetch_array($result)) while ($row=mysql_fetch_array($result))
{ {
@ -1138,7 +1138,7 @@ function zip_download ($array)
} }
// create the zip file // create the zip file
$temp_zip_file=$temp_zip_dir.'/dropboxdownload-'.$_uid.'-'.mktime().'.zip'; $temp_zip_file=$temp_zip_dir.'/dropboxdownload-'.$_user['user_id'].'-'.mktime().'.zip';
$zip_folder=new PclZip($temp_zip_file); $zip_folder=new PclZip($temp_zip_file);
foreach ($files as $key=>$value) foreach ($files as $key=>$value)
@ -1192,7 +1192,6 @@ function my_pre_add_callback($p_event, &$p_header)
function zip_download_alternative($files) function zip_download_alternative($files)
{ {
global $_course; global $_course;
global $_uid;
global $_user; global $_user;
$temp_zip_dir = api_get_path(SYS_COURSE_PATH).$_course['path']."/temp/"; $temp_zip_dir = api_get_path(SYS_COURSE_PATH).$_course['path']."/temp/";
@ -1214,7 +1213,7 @@ function zip_download_alternative($files)
} }
// Step 3: create the zip file and add all the files to it // Step 3: create the zip file and add all the files to it
$temp_zip_file=$temp_zip_dir.'/dropboxdownload-'.$_uid.'-'.mktime().'.zip'; $temp_zip_file=$temp_zip_dir.'/dropboxdownload-'.$_user['user_id'].'-'.mktime().'.zip';
$zip_folder=new PclZip($temp_zip_file); $zip_folder=new PclZip($temp_zip_file);
foreach ($files as $key=>$value) foreach ($files as $key=>$value)
{ {
@ -1414,7 +1413,7 @@ function check_number_feedback($key, $array)
*/ */
function get_last_tool_access($tool, $course_code='', $user_id='') function get_last_tool_access($tool, $course_code='', $user_id='')
{ {
global $_course, $_user, $_uid; global $_course, $_user;
// The default values of the parameters // The default values of the parameters
if ($course=='') if ($course=='')
@ -1423,7 +1422,7 @@ function get_last_tool_access($tool, $course_code='', $user_id='')
} }
if ($user_id=='') if ($user_id=='')
{ {
$user_id=$_uid; $user_id=$_user['user_id'];
} }
// the table where the last tool access is stored (=track_e_lastaccess) // the table where the last tool access is stored (=track_e_lastaccess)

2
main/dropbox/dropbox_init.inc.php
Unescape View File

@ -121,7 +121,7 @@ $is_course_member = CourseManager::is_user_subscribed_in_real_or_linked_course($
// only when it is needed. // only when it is needed.
if ($_GET['action']=='add') if ($_GET['action']=='add')
{ {
$dropbox_person = new Dropbox_Person( $_uid, $is_courseAdmin, $is_courseTutor); $dropbox_person = new Dropbox_Person( $_user['user_id'], $is_courseAdmin, $is_courseTutor);
} }
/* /*

24
main/dropbox/dropbox_submit.php
Unescape View File

@ -197,12 +197,12 @@ if ( isset( $_POST["submitWork"]))
// set author // set author
if ( $_POST['authors'] == '') if ( $_POST['authors'] == '')
{ {
$_POST['authors'] = getUserNameFromId( $_uid); $_POST['authors'] = getUserNameFromId( $_user['user_id']);
} }
if ( $dropbox_overwrite) // RH: Mailing: adapted if ( $dropbox_overwrite) // RH: Mailing: adapted
{ {
$dropbox_person = new Dropbox_Person( $_uid, $is_courseAdmin, $is_courseTutor); $dropbox_person = new Dropbox_Person( $_user['user_id'], $is_courseAdmin, $is_courseTutor);
foreach($dropbox_person->sentWork as $w) foreach($dropbox_person->sentWork as $w)
{ {
@ -213,7 +213,7 @@ if ( isset( $_POST["submitWork"]))
$error = TRUE; $error = TRUE;
$errormsg = dropbox_lang("mailingNonMailingError"); $errormsg = dropbox_lang("mailingNonMailingError");
} }
if ( ($w->recipients[0]['id'] == $_uid) xor $thisIsJustUpload) if ( ($w->recipients[0]['id'] == $_user['user_id']) xor $thisIsJustUpload)
{ {
$error = TRUE; $error = TRUE;
$errormsg = dropbox_lang("mailingJustUploadNoOther"); $errormsg = dropbox_lang("mailingJustUploadNoOther");
@ -225,7 +225,7 @@ if ( isset( $_POST["submitWork"]))
} }
else // rename file to login_filename_uniqueId format else // rename file to login_filename_uniqueId format
{ {
$dropbox_filename = getLoginFromId( $_uid) . "_" . $dropbox_filename . "_".uniqid(''); $dropbox_filename = getLoginFromId( $_user['user_id']) . "_" . $dropbox_filename . "_".uniqid('');
} }
if ( ( ! is_dir( dropbox_cnf("sysPath")))) if ( ( ! is_dir( dropbox_cnf("sysPath"))))
@ -272,7 +272,7 @@ if ( isset( $_POST["submitWork"]))
$userList = GroupManager::get_subscribed_users(substr($rec, strlen('group_') )); $userList = GroupManager::get_subscribed_users(substr($rec, strlen('group_') ));
foreach ($userList as $usr) foreach ($userList as $usr)
{ {
if (! in_array($usr['user_id'], $newWorkRecipients) && $usr['user_id'] != $_uid) if (! in_array($usr['user_id'], $newWorkRecipients) && $usr['user_id'] != $_user['user_id'])
{ {
$newWorkRecipients[] = $usr['user_id']; $newWorkRecipients[] = $usr['user_id'];
} }
@ -287,7 +287,7 @@ if ( isset( $_POST["submitWork"]))
{ {
@move_uploaded_file( $dropbox_filetmpname, dropbox_cnf("sysPath") . '/' . $dropbox_filename) @move_uploaded_file( $dropbox_filetmpname, dropbox_cnf("sysPath") . '/' . $dropbox_filename)
or die( dropbox_lang("uploadError")." (code 407)"); or die( dropbox_lang("uploadError")." (code 407)");
new Dropbox_SentWork( $_uid, $dropbox_title, $_POST['description'], strip_tags($_POST['authors']), $dropbox_filename, $dropbox_filesize, $newWorkRecipients); new Dropbox_SentWork( $_user['user_id'], $dropbox_title, $_POST['description'], strip_tags($_POST['authors']), $dropbox_filename, $dropbox_filesize, $newWorkRecipients);
} }
} }
} //end if(!$error) } //end if(!$error)
@ -317,7 +317,7 @@ if ( isset( $_POST["submitWork"]))
*/ */
if ( isset( $_GET['mailingIndex'])) // examine or send if ( isset( $_GET['mailingIndex'])) // examine or send
{ {
$dropbox_person = new Dropbox_Person( $_uid, $is_courseAdmin, $is_courseTutor); $dropbox_person = new Dropbox_Person( $_user['user_id'], $is_courseAdmin, $is_courseTutor);
if ( isset($_SESSION["sentOrder"])) if ( isset($_SESSION["sentOrder"]))
{ {
$dropbox_person->orderSentWork ($_SESSION["sentOrder"]); $dropbox_person->orderSentWork ($_SESSION["sentOrder"]);
@ -513,7 +513,7 @@ if ( isset( $_GET['mailingIndex'])) // examine or send
} }
else else
{ {
$newName = getLoginFromId( $_uid) . "_" . $thisFile . "_" . uniqid(''); $newName = getLoginFromId( $_user['user_id']) . "_" . $thisFile . "_" . uniqid('');
if ( rename(dropbox_cnf("sysPath") . '/' . $thisFile, dropbox_cnf("sysPath") . '/' . $newName)) if ( rename(dropbox_cnf("sysPath") . '/' . $thisFile, dropbox_cnf("sysPath") . '/' . $newName))
new Dropbox_SentWork( $mailingPseudoId, $thisFile, $mailing_item->description, $mailing_item->author, $newName, $thisContent['size'], array($thisRecip[0])); new Dropbox_SentWork( $mailingPseudoId, $thisFile, $mailing_item->description, $mailing_item->author, $newName, $thisContent['size'], array($thisRecip[0]));
} }
@ -580,12 +580,12 @@ if ( isset( $_GET['deleteReceived']) || isset( $_GET['deleteSent'])
{ {
if ( $_GET['mailing']) // RH: Mailing if ( $_GET['mailing']) // RH: Mailing
{ {
getUserOwningThisMailing($_GET['mailing'], $_uid, '408'); // RH or die getUserOwningThisMailing($_GET['mailing'], $_user['user_id'], '408'); // RH or die
$dropbox_person = new Dropbox_Person( $_GET['mailing'], $is_courseAdmin, $is_courseTutor); $dropbox_person = new Dropbox_Person( $_GET['mailing'], $is_courseAdmin, $is_courseTutor);
} }
else else
{ {
$dropbox_person = new Dropbox_Person( $_uid, $is_courseAdmin, $is_courseTutor); $dropbox_person = new Dropbox_Person( $_user['user_id'], $is_courseAdmin, $is_courseTutor);
} }
// RH: these two are needed, I think // RH: these two are needed, I think
@ -637,8 +637,8 @@ if ( isset( $_GET['deleteReceived']) || isset( $_GET['deleteSent'])
{ {
$w = new Dropbox_SentWork($id = $_GET['showFeedback']); $w = new Dropbox_SentWork($id = $_GET['showFeedback']);
if ($w->uploader_id != $_uid) if ($w->uploader_id != $_user['user_id'])
getUserOwningThisMailing($w->uploader_id, $_uid, '411'); // RH or die getUserOwningThisMailing($w->uploader_id, $_user['user_id'], '411'); // RH or die
foreach( $w -> recipients as $r) if (($fb = $r["feedback"])) foreach( $w -> recipients as $r) if (($fb = $r["feedback"]))
{ {

14
main/dropbox/index.php
Unescape View File

@ -121,7 +121,7 @@ require_once( "dropbox_init.inc.php");
// get the last time the user accessed the tool // get the last time the user accessed the tool
if ($_SESSION['last_access'][$_course['id']][TOOL_DROPBOX]=='') if ($_SESSION['last_access'][$_course['id']][TOOL_DROPBOX]=='')
{ {
$last_access=get_last_tool_access(TOOL_DROPBOX,$_course['code'],$_uid); $last_access=get_last_tool_access(TOOL_DROPBOX,$_course['code'],$_user['user_id']);
$_SESSION['last_access'][$_course['id']][TOOL_DROPBOX]=$last_access; $_SESSION['last_access'][$_course['id']][TOOL_DROPBOX]=$last_access;
} }
else else
@ -197,7 +197,7 @@ if ($_POST['do_move'])
// *** Delete a file *** // *** Delete a file ***
if (($_GET['action']=='deletereceivedfile' OR $_GET['action']=='deletesentfile') AND isset($_GET['id']) AND is_numeric($_GET['id'])) if (($_GET['action']=='deletereceivedfile' OR $_GET['action']=='deletesentfile') AND isset($_GET['id']) AND is_numeric($_GET['id']))
{ {
$dropboxfile=new Dropbox_Person( $_uid, $is_courseAdmin, $is_courseTutor); $dropboxfile=new Dropbox_Person( $_user['user_id'], $is_courseAdmin, $is_courseTutor);
if ($_GET['action']=='deletereceivedfile') if ($_GET['action']=='deletereceivedfile')
{ {
$dropboxfile->deleteReceivedWork($_GET['id']); $dropboxfile->deleteReceivedWork($_GET['id']);
@ -309,7 +309,7 @@ if (!$_GET['view'] OR $_GET['view']=='received' OR $dropbox_cnf['sent_received_t
// object initialisation // object initialisation
$dropbox_person = new Dropbox_Person( $_uid, $is_courseAdmin, $is_courseTutor); // note: are the $is_courseAdmin and $is_courseTutor parameters needed???? $dropbox_person = new Dropbox_Person( $_user['user_id'], $is_courseAdmin, $is_courseTutor); // note: are the $is_courseAdmin and $is_courseTutor parameters needed????
// constructing the array that contains the total number of feedback messages per document. // constructing the array that contains the total number of feedback messages per document.
$number_feedback=get_total_number_feedback(); $number_feedback=get_total_number_feedback();
@ -456,7 +456,7 @@ if ($_GET['view']=='sent' OR $dropbox_cnf['sent_received_tabs']==false)
echo '<form name="recieved_files" method="post" action="'.$_SERVER['PHP_SELF'].'?view_received_category='.$_GET['view_received_category'].'&amp;view_sent_category='.$_GET['view_sent_category'].'&amp;view='.$_GET['view'].'&amp;action='.$_GET['action'].'&amp;id='.$_GET['id'].'">'; echo '<form name="recieved_files" method="post" action="'.$_SERVER['PHP_SELF'].'?view_received_category='.$_GET['view_received_category'].'&amp;view_sent_category='.$_GET['view_sent_category'].'&amp;view='.$_GET['view'].'&amp;action='.$_GET['action'].'&amp;id='.$_GET['id'].'">';
// object initialisation // object initialisation
$dropbox_person = new Dropbox_Person( $_uid, $is_courseAdmin, $is_courseTutor); $dropbox_person = new Dropbox_Person( $_user['user_id'], $is_courseAdmin, $is_courseTutor);
// constructing the array that contains the total number of feedback messages per document. // constructing the array that contains the total number of feedback messages per document.
$number_feedback=get_total_number_feedback(); $number_feedback=get_total_number_feedback();
@ -598,7 +598,7 @@ exit;
if ( $_GET['mailing']) // RH: Mailing detail window passes parameter if ( $_GET['mailing']) // RH: Mailing detail window passes parameter
{ {
getUserOwningThisMailing($_GET['mailing'], $_uid, '304'); // RH or die getUserOwningThisMailing($_GET['mailing'], $_user['user_id'], '304'); // RH or die
$dropbox_person = new Dropbox_Person( $_GET['mailing'], $is_courseAdmin, $is_courseTutor); $dropbox_person = new Dropbox_Person( $_GET['mailing'], $is_courseAdmin, $is_courseTutor);
$mailingInUrl = "&mailing=" . urlencode( $_GET['mailing']); $mailingInUrl = "&mailing=" . urlencode( $_GET['mailing']);
} }
@ -733,7 +733,7 @@ $i = 0;
foreach ( $dropbox_person -> receivedWork as $w) foreach ( $dropbox_person -> receivedWork as $w)
{ {
if ( $w -> uploader_id == $_uid) // RH: justUpload if ( $w -> uploader_id == $_user['user_id']) // RH: justUpload
{ {
$numberDisplayed -= 1; continue; $numberDisplayed -= 1; continue;
} }
@ -916,7 +916,7 @@ foreach ( $dropbox_person -> sentWork as $w)
<td align="right" valign="top"> <td align="right" valign="top">
<?php // RH: Mailing: clickable images for examine and send <?php // RH: Mailing: clickable images for examine and send
if ( $w->recipients[0]['id'] == $_uid) if ( $w->recipients[0]['id'] == $_user['user_id'])
{ {
$langSentTo = dropbox_lang("justUploadInList", "noDLTT") . '&nbsp;'; // RH: justUpload $langSentTo = dropbox_lang("justUploadInList", "noDLTT") . '&nbsp;'; // RH: justUpload
} }

Write Preview
Loading…
Cancel
Save