chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Moving code to controllers, adding ChamiloLMS namespace to Composer, adding public folder see #5523

Browse Source
skala
Julio Montoya 12 years ago
parent e6388b3830
commit 746cac7a9d
7 changed files with 666 additions and 649 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 234
      index.php
  2. 115
      main/inc/global.inc.php
  3. 99
      main/inc/local.inc.php
  4. 8
      public/.htaccess
  5. 234
      src/ChamiloLMS/Controller/IndexController.php
  6. 312
      src/ChamiloLMS/Controller/UserPortalController.php
  7. 313
      user_portal.php

234
index.php
Unescape View File

@ -12,7 +12,7 @@ $language_file = array('courses', 'index');
// Maybe we should change this into an api function? an example: CourseManager::unset();
$cidReset = true;
require_once 'main/inc/global.inc.php';
$app = require_once 'main/inc/global.inc.php';
require_once 'main/chat/chat_functions.lib.php';
// The section (for the tabs).
@ -38,234 +38,4 @@ $htmlHeadXtra[] = '
//$cookie = new Cookie('TestCookie', 'cookies_yes', time()+3600*24*31*12);
//$response->headers->setCookie($cookie);
use Silex\Application;
use Symfony\Component\HttpFoundation\Response;
/**
*
*/
class IndexController
{
/**
* @param Silex\Application $app
* @return Symfony\Component\HttpFoundation\Response
*/
public function indexAction(Application $app)
{
$request = $app['request'];
//Actions
$logout = $request->get('logout');
if (!empty($logout)) {
$this->logout();
}
//$article = $app['orm.em']->getRepository('Entity\EntityCourse');
//$courses_query = $app['orm.em']->createQuery('SELECT a FROM Entity\EntityCourse a');
//$a = new EntityCourse();
//$article = $app['orm.em']->getRepository('EntityCourse');
//var_dump($article);
//$courses_query = $app['orm.em']->createQuery('SELECT a FROM Entity\EntityCourse a');
/*
$paginator = new Doctrine\ORM\Tools\Pagination\Paginator($courses_query, $fetchJoinCollection = true);
$c = count($paginator);
foreach ($paginator as $course) {
echo $course->getCode() . "\n";
}
exit; */
//$app['orm.em']->find('EntityCourse', 1);
//var_dump($app['orm.ems']['mysql']);
// Defines wether or not anonymous visitors can see a list of the courses on the Chamilo homepage that are open to the world.
//$_setting['display_courses_to_anonymous_users'] = 'true';
// Delete session neccesary for legal terms
if (api_get_setting('allow_terms_conditions') == 'true') {
unset($_SESSION['term_and_condition']);
}
//If we are not logged in and customapages activated
if (!api_get_user_id() && CustomPages::enabled()) {
$logged_out = $request->get('loggedout');
if ($logged_out) {
CustomPages::display(CustomPages::LOGGED_OUT);
} else {
CustomPages::display(CustomPages::INDEX_UNLOGGED);
}
}
//$this->check_last_login();
if (api_get_setting('display_categories_on_homepage') == 'true') {
$app['template']->assign('course_category_block', PageController::return_courses_in_categories());
}
// Facebook connexion, if activated
if (api_is_facebook_auth_activated() && !api_get_user_id()) {
facebook_connect();
}
$this->set_login_form($app);
if (!api_is_anonymous()) {
PageController::return_profile_block();
PageController::return_user_image_block();
if (api_is_platform_admin()) {
PageController::return_course_block();
} else {
PageController::return_teacher_link();
}
}
//Hot courses & announcements
$hot_courses = null;
$announcements_block = null;
// When loading a chamilo page do not include the hot courses and news
if (!isset($_REQUEST['include'])) {
if (api_get_setting('show_hot_courses') == 'true') {
$hot_courses = PageController::return_hot_courses();
}
$announcements_block = PageController::return_announcements();
}
$app['template']->assign('hot_courses', $hot_courses);
$app['template']->assign('announcements_block', $announcements_block);
//Homepage
$app['template']->assign('home_page_block', PageController::return_home_page());
//Navigation links
$nav_links = $app['template']->return_navigation_links();
$app['template']->assign('navigation_course_links', $nav_links);
$app['template']->assign('main_navigation_block', $nav_links);
PageController::return_notice();
PageController::return_help();
if (api_is_platform_admin() || api_is_drh()) {
PageController::return_skills_links();
}
$response = $app['template']->render_layout('layout_2_col.tpl');
//return new Response($response, 200, array('Cache-Control' => 's-maxage=3600, public'));
return new Response($response, 200, array());
}
/**
*
* @todo This piece of code should probably move to local.inc.php where the actual login procedure is handled.
* @todo Check if this code is used. I think this code is never executed because after clicking the submit button
* the code does the stuff in local.inc.php and then redirects to index.php or user_portal.php depending
* on api_get_setting('page_after_login').
* @deprecated seems not to be used
*/
function check_last_login()
{
if (!empty($_POST['submitAuth'])) {
// The user has been already authenticated, we are now to find the last login of the user.
if (!empty($this->user_id)) {
$track_login_table = Database :: get_statistic_table(TABLE_STATISTIC_TRACK_E_LOGIN);
$sql_last_login = "SELECT login_date
FROM $track_login_table
WHERE login_user_id = '".$this->user_id."'
ORDER BY login_date DESC LIMIT 1";
$result_last_login = Database::query($sql_last_login);
if (!$result_last_login) {
if (Database::num_rows($result_last_login) > 0) {
$user_last_login_datetime = Database::fetch_array($result_last_login);
$user_last_login_datetime = $user_last_login_datetime[0];
Session::write('user_last_login_datetime', $user_last_login_datetime);
}
}
Database::free_result($result_last_login);
if (api_is_platform_admin()) {
// decode all open event informations and fill the track_c_* tables
include api_get_path(LIBRARY_PATH).'stats.lib.inc.php';
decodeOpenInfos();
}
}
} else {
// Only if login form was not sent because if the form is sent the user was already on the page.
event_open();
}
}
/**
* @param Silex\Application $app
*/
function set_login_form(Application $app)
{
$user_id = api_get_user_id();
$login_form = null;
if (!$user_id || api_is_anonymous($user_id)) {
// Only display if the user isn't logged in.
$app['template']->assign('login_language_form', api_display_language_form(true));
//self::display_login_form($app);
$app['template']->assign('login_form', self::display_login_form($app));
if (api_get_setting('allow_lostpassword') == 'true' || api_get_setting('allow_registration') == 'true') {
$login_form .= '<ul class="nav nav-list">';
if (api_get_setting('allow_registration') != 'false') {
$login_form .= '<li><a href="main/auth/inscription.php">'.get_lang('Reg').'</a></li>';
}
if (api_get_setting('allow_lostpassword') == 'true') {
$login_form .= '<li><a href="main/auth/lostPassword.php">'.get_lang('LostPassword').'</a></li>';
}
$login_form .= '</ul>';
}
$app['template']->assign('login_options', $login_form);
}
}
function logout()
{
$user_id = api_get_user_id();
online_logout($user_id, true);
}
/**
* @param Silex\Application $app
* @return string
*/
function display_login_form(Application $app)
{
/* {{ form_widget(form) }}
$form = $app['form.factory']->createBuilder('form')
->add('name')
->add('email')
->add('gender', 'choice', array(
'choices' => array(1 => 'male', 2 => 'female'),
'expanded' => true,
))
->getForm();
return $app['template']->assign('form', $form->createView());
*/
$form = new FormValidator('formLogin', 'POST', null, null, array('class' => 'form-vertical'));
$form->addElement(
'text',
'login',
get_lang('UserName'),
array('class' => 'span2 autocapitalize_off', 'autofocus' => 'autofocus')
);
$form->addElement('password', 'password', get_lang('Pass'), array('class' => 'span2'));
$form->addElement('style_submit_button', 'submitAuth', get_lang('LoginEnter'), array('class' => 'btn'));
$html = $form->return_form();
if (api_get_setting('openid_authentication') == 'true') {
include_once 'main/auth/openid/login.php';
$html .= '<div>'.openid_form().'</div>';
}
return $html;
}
}
$app->match('/', 'IndexController::indexAction', 'POST|GET');
$app->run();
//$app['http_cache']->run();
$app->run();

115
main/inc/global.inc.php
Unescape View File

@ -8,7 +8,6 @@
* (which doesn't occur anymore when servertype config setting is set to test,
* and which will disappear completely in Dokeos 1.6.1)
* - include of /conf/configuration.php;
* - include of several libraries: main_api, database, display, text, security;
* - selecting the main database;
* - include of language files.
*
@ -131,6 +130,71 @@ $app->register(new Silex\Provider\HttpCacheServiceProvider(), array(
//$app->register(new Silex\Provider\SessionServiceProvider());
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\User;
use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Doctrine\DBAL\Connection;
class UserProvider implements UserProviderInterface
{
private $conn;
public function __construct(Connection $conn)
{
$this->conn = $conn;
}
public function loadUserByUsername($username)
{
$stmt = $this->conn->executeQuery('SELECT * FROM users WHERE username = ?', array(strtolower($username)));
if (!$user = $stmt->fetch()) {
throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $username));
}
$roles = 'student';
echo $user['username'];exit;
return new User($user['username'], $user['password'], explode(',', $roles), true, true, true, true);
}
public function refreshUser(UserInterface $user)
{
if (!$user instanceof User) {
throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', get_class($user)));
}
return $this->loadUserByUsername($user->getUsername());
}
public function supportsClass($class)
{
return $class === 'Symfony\Component\Security\Core\User\User';
}
}
/*
$app->register(new Silex\Provider\SecurityServiceProvider(), array(
'security.firewalls' => array(
'secured' => array(
'pattern' => '^/admin/',
'form' => array(
'login_path' => '/login',
'check_path' => '/admin/login_check'
),
'logout' => array('path' => '/logout', 'target' => '/'),
'users' => $app->share(function() use ($app) {
return new UserProvider($app['db']);
})
)
),
'security.role_hierarchy'=> array(
'ROLE_ADMIN' => array('ROLE_EDITOR'),
"ROLE_EDITOR" => array('ROLE_WRITER'),
"ROLE_WRITER" => array('ROLE_USER'),
"ROLE_USER" => array("ROLE_SUSCRIBER"),
)
));*/
//URL generator provider
$app->register(new Silex\Provider\UrlGeneratorServiceProvider());
@ -312,15 +376,6 @@ class ChamiloServiceProvider implements ServiceProviderInterface
//Registering Chamilo service provider
$app->register(new ChamiloServiceProvider(), array());
//Controllers as services
$app->register(new Silex\Provider\ServiceControllerServiceProvider());
$app['pages.controller'] = $app->share(
function () use ($app) {
return new PagesController($app['pages.repository']);
}
);
//Manage error messages
$app->error(
@ -883,4 +938,44 @@ if (empty($default_quota)) {
}
define('DEFAULT_DOCUMENT_QUOTA', $default_quota);
//Controllers as services
$app->register(new Silex\Provider\ServiceControllerServiceProvider());
$app['pages.controller'] = $app->share(function () use ($app) {
return new PagesController($app['pages.repository']);
});
$app['index.controller'] = $app->share(function () use ($app) {
return new ChamiloLMS\Controller\IndexController();
});
$app['userportal.controller'] = $app->share(function () use ($app) {
return new ChamiloLMS\Controller\UserPortalController();
});
/*
class PostController
{
protected $repo;
public function __construct()
{
}
public function indexJsonAction()
{
return 'ddd';
}
}
$app['posts.controller'] = $app->share(function() use ($app) {
return new PostController();
});
$app->mount('/', "posts.controller");*/
//index.php
$app->get('/', 'index.controller:indexAction');
//user_portal.php
$app->get('/userportal', 'userportal.controller:indexAction');
//$app->mount('/', 'index.controller');
return $app;

99
main/inc/local.inc.php
Unescape View File

@ -20,99 +20,9 @@
* The course id is stored in $_cid session variable.
* The group id is stored in $_gid session variable.
*
*
* VARIABLES AFFECTING THE SCRIPT BEHAVIOR
*
* string $login
* string $password
* boolean $logout
*
* string $cidReq : course id requested
* boolean $cidReset : ask for a course Reset, if no $cidReq is provided in the
* same time, all course informations is removed from the
* current session
*
* int $gidReq : group Id requested
* boolean $gidReset : ask for a group Reset, if no $gidReq is provided in the
* same time, all group informations is removed from the
* current session
*
*
* VARIABLES SET AND RETURNED BY THE SCRIPT
*
* All the variables below are set and returned by this script.
*
* USER VARIABLES
*
* string $_user ['firstName' ]
* string $_user ['lastName' ]
* string $_user ['mail' ]
* string $_user ['lastLogin' ]
* string $_user ['official_code']
* string $_user ['picture_uri' ]
* string $_user['user_id']
*
* boolean $is_platformAdmin
* boolean $is_allowedCreateCourse
*
* COURSE VARIABLES
* see the function get_course_info_with_category
* boolean $is_courseMember
* boolean $is_courseTutor
* boolean $is_courseAdmin
*
*
* GROUP VARIABLES
*
* int $_gid (the group id)
*
*
* IMPORTANT ADVICE FOR DEVELOPERS
*
* We strongly encourage developers to use a connection layer at the top of
* their scripts rather than use these variables, as they are, inside the core
* of their scripts. It will make code maintenance much easier.
*
* Many if the functions you need you can already find in the
* main_api.lib.php
*
* We encourage you to use functions to access these global "kernel" variables.
* You can add them to e.g. the main API library.
*
*
* SCRIPT STRUCTURE
*
* 1. The script determines if there is an authentication attempt. This part
* only chek if the login name and password are valid. Afterwards, it set the
* $_user['user_id'] (user id) and the $uidReset flag. Other user informations are retrieved
* later. It's also in this section that optional external authentication
* devices step in.
*
* 2. The script determines what other session informations have to be set or
* reset, setting correctly $cidReset (for course) and $gidReset (for group).
*
* 3. If needed, the script retrieves the other user informations (first name,
* last name, ...) and stores them in session.
*
* 4. If needed, the script retrieves the course information and stores them
* in session
*
* 5. The script initializes the user permission status and permission for the
* course level
*
* 6. If needed, the script retrieves group informations an store them in
* session.
*
* 7. The script initializes the user status and permission for the group level.
*
* @package chamilo.include
* @package chamilo.include
*/
/*
INIT SECTION
variables should be initialised here
*/
//require_once api_get_path(LIBRARY_PATH).'conditionallogin.lib.php'; moved to autologin
// verified if exists the username and password in session current
@ -125,7 +35,7 @@ if (isset($_SESSION['conditional_login']['uid']) && $_SESSION['conditional_login
$_user['user_id'] = $_SESSION['conditional_login']['uid'];
$_user['status'] = $uData['status'];
Session::write('_user',$_user);
Session::write('_user', $_user);
Session::erase('conditional_login');
$uidReset=true;
event_login();
@ -218,7 +128,7 @@ if (!empty($_SESSION['_user']['user_id']) && !($login || $logout)) {
}
$cas_login=false;
if ($cas_activated AND !isset($_user['user_id']) and !isset($_POST['login']) && !$logout) {
if ($cas_activated AND !isset($_user['user_id']) and !isset($_POST['login']) && !$logout) {
require_once api_get_path(SYS_PATH).'main/auth/cas/authcas.php';
$cas_login = cas_is_authenticated();
}
@ -603,7 +513,6 @@ if (isset($uidReset) && $uidReset) { // session data refresh requested
// Extracting the user data
$uData = Database::fetch_array($result);
$_user = _api_format_user($uData, false);
$_user['lastLogin'] = api_strtotime($uData['login_date'], 'UTC');
@ -611,7 +520,7 @@ if (isset($uidReset) && $uidReset) { // session data refresh requested
$is_allowedCreateCourse = (bool) (($uData ['status'] == COURSEMANAGER) or (api_get_setting('drhCourseManagerRights') and $uData['status'] == DRH));
ConditionalLogin::check_conditions($uData);
Session::write('_user',$_user);
Session::write('_user', $_user);
UserManager::update_extra_field_value($_user['user_id'], 'already_logged_in', 'true');
Session::write('is_platformAdmin',$is_platformAdmin);
Session::write('is_allowedCreateCourse',$is_allowedCreateCourse);

8
public/.htaccess
Unescape View File

@ -0,0 +1,8 @@
<IfModule mod_rewrite.c>
Options -MultiViews
RewriteEngine On
#RewriteBase /path/to/app
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>

234
src/ChamiloLMS/Controller/IndexController.php
Unescape View File

@ -0,0 +1,234 @@
<?php
/* For licensing terms, see /license.txt */
namespace ChamiloLMS\Controller;
use Silex\Application;
use Symfony\Component\HttpFoundation\Response;
/**
*
*/
class IndexController
{
/**
* @param \Silex\Application $app
* @return \Symfony\Component\HttpFoundation\Response
*/
public function indexAction(Application $app)
{
$request = $app['request'];
$token = $app['security']->getToken();
//Actions
$logout = $request->get('logout');
if (!empty($logout)) {
$this->logout();
$app->redirect($app['url_generator']->generator('index'));
}
//$article = $app['orm.em']->getRepository('Entity\EntityCourse');
//$courses_query = $app['orm.em']->createQuery('SELECT a FROM Entity\EntityCourse a');
//$a = new EntityCourse();
//$article = $app['orm.em']->getRepository('EntityCourse');
//var_dump($article);
//$courses_query = $app['orm.em']->createQuery('SELECT a FROM Entity\EntityCourse a');
/*
$paginator = new Doctrine\ORM\Tools\Pagination\Paginator($courses_query, $fetchJoinCollection = true);
$c = count($paginator);
foreach ($paginator as $course) {
echo $course->getCode() . "\n";
}
exit; */
//$app['orm.em']->find('EntityCourse', 1);
//var_dump($app['orm.ems']['mysql']);
// Defines wether or not anonymous visitors can see a list of the courses on the Chamilo homepage that are open to the world.
//$_setting['display_courses_to_anonymous_users'] = 'true';
// Delete session neccesary for legal terms
if (api_get_setting('allow_terms_conditions') == 'true') {
unset($_SESSION['term_and_condition']);
}
//If we are not logged in and customapages activated
if (!api_get_user_id() && CustomPages::enabled()) {
$logged_out = $request->get('loggedout');
if ($logged_out) {
CustomPages::display(CustomPages::LOGGED_OUT);
} else {
CustomPages::display(CustomPages::INDEX_UNLOGGED);
}
}
//$this->check_last_login();
if (api_get_setting('display_categories_on_homepage') == 'true') {
$app['template']->assign('course_category_block', \PageController::return_courses_in_categories());
}
// Facebook connexion, if activated
if (api_is_facebook_auth_activated() && !api_get_user_id()) {
facebook_connect();
}
$this->set_login_form($app);
if (!api_is_anonymous()) {
\PageController::return_profile_block();
\PageController::return_user_image_block();
if (api_is_platform_admin()) {
\PageController::return_course_block();
} else {
\PageController::return_teacher_link();
}
}
//Hot courses & announcements
$hot_courses = null;
$announcements_block = null;
// When loading a chamilo page do not include the hot courses and news
if (!isset($_REQUEST['include'])) {
if (api_get_setting('show_hot_courses') == 'true') {
$hot_courses = \PageController::return_hot_courses();
}
$announcements_block = \PageController::return_announcements();
}
$app['template']->assign('hot_courses', $hot_courses);
$app['template']->assign('announcements_block', $announcements_block);
//Homepage
$app['template']->assign('home_page_block', \PageController::return_home_page());
//Navigation links
$nav_links = $app['template']->return_navigation_links();
$app['template']->assign('navigation_course_links', $nav_links);
$app['template']->assign('main_navigation_block', $nav_links);
\PageController::return_notice();
\PageController::return_help();
if (api_is_platform_admin() || api_is_drh()) {
\PageController::return_skills_links();
}
$response = $app['template']->render_layout('layout_2_col.tpl');
//return new Response($response, 200, array('Cache-Control' => 's-maxage=3600, public'));
return new Response($response, 200, array());
}
/**
*
* @todo This piece of code should probably move to local.inc.php where the actual login procedure is handled.
* @todo Check if this code is used. I think this code is never executed because after clicking the submit button
* the code does the stuff in local.inc.php and then redirects to index.php or user_portal.php depending
* on api_get_setting('page_after_login').
* @deprecated seems not to be used
*/
function check_last_login()
{
if (!empty($_POST['submitAuth'])) {
// The user has been already authenticated, we are now to find the last login of the user.
if (!empty($this->user_id)) {
$track_login_table = Database :: get_statistic_table(TABLE_STATISTIC_TRACK_E_LOGIN);
$sql_last_login = "SELECT login_date
FROM $track_login_table
WHERE login_user_id = '".$this->user_id."'
ORDER BY login_date DESC LIMIT 1";
$result_last_login = Database::query($sql_last_login);
if (!$result_last_login) {
if (Database::num_rows($result_last_login) > 0) {
$user_last_login_datetime = Database::fetch_array($result_last_login);
$user_last_login_datetime = $user_last_login_datetime[0];
Session::write('user_last_login_datetime', $user_last_login_datetime);
}
}
Database::free_result($result_last_login);
if (api_is_platform_admin()) {
// decode all open event informations and fill the track_c_* tables
include api_get_path(LIBRARY_PATH).'stats.lib.inc.php';
decodeOpenInfos();
}
}
} else {
// Only if login form was not sent because if the form is sent the user was already on the page.
event_open();
}
}
/**
* @param Silex\Application $app
*/
function set_login_form(Application $app)
{
$user_id = api_get_user_id();
$login_form = null;
if (!$user_id || api_is_anonymous($user_id)) {
// Only display if the user isn't logged in.
$app['template']->assign('login_language_form', api_display_language_form(true));
//self::display_login_form($app);
$app['template']->assign('login_form', self::display_login_form($app));
if (api_get_setting('allow_lostpassword') == 'true' || api_get_setting('allow_registration') == 'true') {
$login_form .= '<ul class="nav nav-list">';
if (api_get_setting('allow_registration') != 'false') {
$login_form .= '<li><a href="main/auth/inscription.php">'.get_lang('Reg').'</a></li>';
}
if (api_get_setting('allow_lostpassword') == 'true') {
$login_form .= '<li><a href="main/auth/lostPassword.php">'.get_lang('LostPassword').'</a></li>';
}
$login_form .= '</ul>';
}
$app['template']->assign('login_options', $login_form);
}
}
function logout()
{
$user_id = api_get_user_id();
online_logout($user_id, true);
}
/**
* @param \Silex\Application $app
* @return string
*/
function display_login_form(Application $app)
{
/* {{ form_widget(form) }}
$form = $app['form.factory']->createBuilder('form')
->add('name')
->add('email')
->add('gender', 'choice', array(
'choices' => array(1 => 'male', 2 => 'female'),
'expanded' => true,
))
->getForm();
return $app['template']->assign('form', $form->createView());
*/
$form = new FormValidator('formLogin', 'POST', null, null, array('class' => 'form-vertical'));
$form->addElement(
'text',
'login',
get_lang('UserName'),
array('class' => 'span2 autocapitalize_off', 'autofocus' => 'autofocus')
);
$form->addElement('password', 'password', get_lang('Pass'), array('class' => 'span2'));
$form->addElement('style_submit_button', 'submitAuth', get_lang('LoginEnter'), array('class' => 'btn'));
$html = $form->return_form();
if (api_get_setting('openid_authentication') == 'true') {
include_once 'main/auth/openid/login.php';
$html .= '<div>'.openid_form().'</div>';
}
return $html;
}
}

312
src/ChamiloLMS/Controller/UserPortalController.php
Unescape View File

@ -0,0 +1,312 @@
<?php
namespace ChamiloLMS\Controller;
use Silex\Application;
use \ChamiloSession as Session;
use Symfony\Component\HttpFoundation\Response;
class UserPortalController
{
function indexAction(Application $app)
{
// Check if a user is enrolled only in one course for going directly to the course after the login.
if (api_get_setting('go_to_course_after_login') == 'true') {
// Get the courses list
$personal_course_list = UserManager::get_personal_session_course_list(api_get_user_id());
$my_session_list = array();
$count_of_courses_no_sessions = 0;
$count_of_courses_with_sessions = 0;
foreach ($personal_course_list as $course) {
if (!empty($course['id_session'])) {
$my_session_list[$course['id_session']] = true;
$count_of_courses_with_sessions++;
} else {
$count_of_courses_no_sessions++;
}
}
$count_of_sessions = count($my_session_list);
if ($count_of_sessions == 1 && $count_of_courses_no_sessions == 0) {
$key = array_keys($personal_course_list);
$course_info = $personal_course_list[$key[0]];
$course_directory = $course_info['course_info']['path'];
$id_session = isset($course_info['id_session']) ? $course_info['id_session'] : 0;
$url = api_get_path(WEB_CODE_PATH).'session/?session_id='.$id_session;
header('location:'.$url);
exit;
}
if (!isset($_SESSION['coursesAlreadyVisited']) && $count_of_sessions == 0 && $count_of_courses_no_sessions == 1) {
$key = array_keys($personal_course_list);
$course_info = $personal_course_list[$key[0]];
$course_directory = $course_info['course_info']['path'];
$id_session = isset($course_info['id_session']) ? $course_info['id_session'] : 0;
$url = api_get_path(WEB_COURSE_PATH).$course_directory.'/?id_session='.$id_session;
header('location:'.$url);
exit;
}
}
/* Sniffing system */
/*
//store posts to sessions
if ($_SESSION['sniff_navigator']!="checked") {
$_SESSION['sniff_navigator']=Security::remove_XSS($_POST['sniff_navigator']);
$_SESSION['sniff_screen_size_w']=Security::remove_XSS($_POST['sniff_navigator_screen_size_w']);
$_SESSION['sniff__screen_size_h']=Security::remove_XSS($_POST['sniff_navigator_screen_size_h']);
$_SESSION['sniff_type_mimetypes']=Security::remove_XSS($_POST['sniff_navigator_type_mimetypes']);
$_SESSION['sniff_suffixes_mimetypes']=Security::remove_XSS($_POST['sniff_navigator_suffixes_mimetypes']);
$_SESSION['sniff_list_plugins']=Security::remove_XSS($_POST['sniff_navigator_list_plugins']);
$_SESSION['sniff_check_some_activex']=Security::remove_XSS($_POST['sniff_navigator_check_some_activex']);
$_SESSION['sniff_check_some_plugins']=Security::remove_XSS($_POST['sniff_navigator_check_some_plugins']);
$_SESSION['sniff_java']=Security::remove_XSS($_POST['sniff_navigator_java']);
$_SESSION['sniff_java_sun_ver']=Security::remove_XSS($_POST['sniff_navigator_java_sun_ver']);
} */
// Main courses and session list
$courses_and_sessions = \PageController::return_courses_and_sessions(api_get_user_id());
//Show the chamilo mascot
if (empty($courses_and_sessions) && !isset($_GET['history'])) {
\PageController::return_welcome_to_course_block($app['template']);
}
$app['template']->assign('content', $courses_and_sessions);
/*
if (api_get_setting('allow_browser_sniffer') == 'true') {
if ($_SESSION['sniff_navigator']!="checked") {
$app['template']->assign('show_sniff', 1);
} else {
$app['template']->assign('show_sniff', 0);
}
}
//check for flash and message
$sniff_notification = '';
$some_activex=$_SESSION['sniff_check_some_activex'];
$some_plugins=$_SESSION['sniff_check_some_plugins'];
if(!empty($some_activex) || !empty($some_plugins)){
if (! preg_match("/flash_yes/", $some_activex) && ! preg_match("/flash_yes/", $some_plugins)) {
$sniff_notification = Display::return_message(get_lang('NoFlash'), 'warning', true);
//js verification - To annoying of redirecting every time the page
$app['template']->assign('sniff_notification', $sniff_notification);
}
} */
\PageController::return_profile_block();
\PageController::return_user_image_block();
\PageController::return_course_block();
$app['template']->assign('navigation_course_links', $app['template']->return_navigation_links());
\PageController::return_reservation_block();
$app['template']->assign('search_block', \PageController::return_search_block());
$app['template']->assign('classes_block', \PageController::return_classes_block());
\PageController::return_skills_links();
// Deleting the session_id.
Session::erase('session_id');
$response = $app['template']->render_template('userportal/index.tpl');
//return new Response($response, 200, array('Cache-Control' => 's-maxage=3600, private'));
return new Response($response, 200, array());
}
function check_last_login()
{
/**
* @todo This piece of code should probably move to local.inc.php where the actual login procedure is handled.
* @todo Check if this code is used. I think this code is never executed because after clicking the submit button
* the code does the stuff in local.inc.php and then redirects to index.php or user_portal.php depending
* on api_get_setting('page_after_login').
*/
if (!empty($_POST['submitAuth'])) {
// The user has been already authenticated, we are now to find the last login of the user.
if (!empty($this->user_id)) {
$track_login_table = Database :: get_statistic_table(TABLE_STATISTIC_TRACK_E_LOGIN);
$sql_last_login = "SELECT login_date
FROM $track_login_table
WHERE login_user_id = '".$this->user_id."'
ORDER BY login_date DESC LIMIT 1";
$result_last_login = Database::query($sql_last_login);
if (!$result_last_login) {
if (Database::num_rows($result_last_login) > 0) {
$user_last_login_datetime = Database::fetch_array($result_last_login);
$user_last_login_datetime = $user_last_login_datetime[0];
Session::write('user_last_login_datetime', $user_last_login_datetime);
}
}
Database::free_result($result_last_login);
if (api_is_platform_admin()) {
// decode all open event informations and fill the track_c_* tables
include api_get_path(LIBRARY_PATH).'stats.lib.inc.php';
decodeOpenInfos();
}
}
// End login -- if ($_POST['submitAuth'])
} else {
// Only if login form was not sent because if the form is sent the user was already on the page.
event_open();
}
}
function set_login_form()
{
global $loginFailed;
$login_form = '';
if (!($this->user_id) || api_is_anonymous($this->user_id)) {
// Only display if the user isn't logged in.
$this->page->assign('login_language_form', api_display_language_form(true));
$this->page->assign('login_form', self::display_login_form());
if ($loginFailed) {
$this->page->assign('login_failed', self::handle_login_failed());
}
if (api_get_setting('allow_lostpassword') == 'true' || api_get_setting('allow_registration') == 'true') {
$login_form .= '<ul class="nav nav-list">';
if (api_get_setting('allow_registration') != 'false') {
$login_form .= '<li><a href="main/auth/inscription.php">'.get_lang('Reg').'</a></li>';
}
if (api_get_setting('allow_lostpassword') == 'true') {
$login_form .= '<li><a href="main/auth/lostPassword.php">'.get_lang('LostPassword').'</a></li>';
}
$login_form .= '</ul>';
}
$this->page->assign('login_options', $login_form);
}
}
/**
* Alias for the online_logout() function
*/
function logout()
{
online_logout($this->user_id, true);
}
/**
* This function checks if there are courses that are open to the world in the platform course categories (=faculties)
*
* @param string $category
* @return boolean
*/
function category_has_open_courses($category)
{
$setting_show_also_closed_courses = api_get_setting('show_closed_courses') == 'true';
$main_course_table = Database :: get_main_table(TABLE_MAIN_COURSE);
$category = Database::escape_string($category);
$sql_query = "SELECT * FROM $main_course_table WHERE category_code='$category'";
$sql_result = Database::query($sql_query);
while ($course = Database::fetch_array($sql_result)) {
if (!$setting_show_also_closed_courses) {
if ((api_get_user_id() > 0 && $course['visibility'] == COURSE_VISIBILITY_OPEN_PLATFORM) || ($course['visibility'] == COURSE_VISIBILITY_OPEN_WORLD)) {
return true; //at least one open course
}
} else {
if (isset($course['visibility'])) {
return true; // At least one course (it does not matter weither it's open or not because $setting_show_also_closed_courses = true).
}
}
}
return false;
}
/**
* Reacts on a failed login:
* Displays an explanation with a link to the registration form.
*
* @version 1.0.1
*/
function handle_login_failed()
{
$message = get_lang('InvalidId');
if (!isset($_GET['error'])) {
if (api_is_self_registration_allowed()) {
$message = get_lang('InvalidForSelfRegistration');
}
} else {
switch ($_GET['error']) {
case '':
if (api_is_self_registration_allowed()) {
$message = get_lang('InvalidForSelfRegistration');
}
break;
case 'account_expired':
$message = get_lang('AccountExpired');
break;
case 'account_inactive':
$message = get_lang('AccountInactive');
break;
case 'user_password_incorrect':
$message = get_lang('InvalidId');
break;
case 'access_url_inactive':
$message = get_lang('AccountURLInactive');
break;
case 'unrecognize_sso_origin':
//$message = get_lang('SSOError');
break;
}
}
return Display::return_message($message, 'error');
}
/**
* retrieves all the courses that the user has already subscribed to
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University, Belgium
* @param int $user_id: the id of the user
* @return array an array containing all the information of the courses of the given user
*/
function get_courses_of_user($user_id)
{
$table_course = Database::get_main_table(TABLE_MAIN_COURSE);
$table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
// Secondly we select the courses that are in a category (user_course_cat <> 0) and sort these according to the sort of the category
$user_id = intval($user_id);
$sql_select_courses = "SELECT course.code k, course.visual_code vc, course.subscribe subscr, course.unsubscribe unsubscr,
course.title i, course.tutor_name t, course.db_name db, course.directory dir, course_rel_user.status status,
course_rel_user.sort sort, course_rel_user.user_course_cat user_course_cat
FROM $table_course course,
$table_course_user course_rel_user
WHERE course.code = course_rel_user.course_code
AND course_rel_user.user_id = '".$user_id."'
AND course_rel_user.relation_type<>".COURSE_RELATION_TYPE_RRHH."
ORDER BY course_rel_user.sort ASC";
$result = Database::query($sql_select_courses);
$courses = array();
while ($row = Database::fetch_array($result)) {
// We only need the database name of the course.
$courses[$row['k']] = array(
'db' => $row['db'],
'code' => $row['k'],
'visual_code' => $row['vc'],
'title' => $row['i'],
'directory' => $row['dir'],
'status' => $row['status'],
'tutor' => $row['t'],
'subscribe' => $row['subscr'],
'unsubscribe' => $row['unsubscr'],
'sort' => $row['sort'],
'user_course_category' => $row['user_course_cat']
);
}
return $courses;
}
}

313
user_portal.php
Unescape View File

@ -79,316 +79,5 @@ if ($load_dirs) {
</script>';
}
use Silex\Application;
use Symfony\Component\HttpFoundation\Response;
class UserPortalController
{
function indexAction(Application $app)
{
// Check if a user is enrolled only in one course for going directly to the course after the login.
if (api_get_setting('go_to_course_after_login') == 'true') {
// Get the courses list
$personal_course_list = UserManager::get_personal_session_course_list(api_get_user_id());
$my_session_list = array();
$count_of_courses_no_sessions = 0;
$count_of_courses_with_sessions = 0;
foreach ($personal_course_list as $course) {
if (!empty($course['id_session'])) {
$my_session_list[$course['id_session']] = true;
$count_of_courses_with_sessions++;
} else {
$count_of_courses_no_sessions++;
}
}
$count_of_sessions = count($my_session_list);
if ($count_of_sessions == 1 && $count_of_courses_no_sessions == 0) {
$key = array_keys($personal_course_list);
$course_info = $personal_course_list[$key[0]];
$course_directory = $course_info['course_info']['path'];
$id_session = isset($course_info['id_session']) ? $course_info['id_session'] : 0;
$url = api_get_path(WEB_CODE_PATH).'session/?session_id='.$id_session;
header('location:'.$url);
exit;
}
if (!isset($_SESSION['coursesAlreadyVisited']) && $count_of_sessions == 0 && $count_of_courses_no_sessions == 1) {
$key = array_keys($personal_course_list);
$course_info = $personal_course_list[$key[0]];
$course_directory = $course_info['course_info']['path'];
$id_session = isset($course_info['id_session']) ? $course_info['id_session'] : 0;
$url = api_get_path(WEB_COURSE_PATH).$course_directory.'/?id_session='.$id_session;
header('location:'.$url);
exit;
}
}
/* Sniffing system */
/*
//store posts to sessions
if ($_SESSION['sniff_navigator']!="checked") {
$_SESSION['sniff_navigator']=Security::remove_XSS($_POST['sniff_navigator']);
$_SESSION['sniff_screen_size_w']=Security::remove_XSS($_POST['sniff_navigator_screen_size_w']);
$_SESSION['sniff__screen_size_h']=Security::remove_XSS($_POST['sniff_navigator_screen_size_h']);
$_SESSION['sniff_type_mimetypes']=Security::remove_XSS($_POST['sniff_navigator_type_mimetypes']);
$_SESSION['sniff_suffixes_mimetypes']=Security::remove_XSS($_POST['sniff_navigator_suffixes_mimetypes']);
$_SESSION['sniff_list_plugins']=Security::remove_XSS($_POST['sniff_navigator_list_plugins']);
$_SESSION['sniff_check_some_activex']=Security::remove_XSS($_POST['sniff_navigator_check_some_activex']);
$_SESSION['sniff_check_some_plugins']=Security::remove_XSS($_POST['sniff_navigator_check_some_plugins']);
$_SESSION['sniff_java']=Security::remove_XSS($_POST['sniff_navigator_java']);
$_SESSION['sniff_java_sun_ver']=Security::remove_XSS($_POST['sniff_navigator_java_sun_ver']);
} */
// Main courses and session list
$courses_and_sessions = PageController::return_courses_and_sessions(api_get_user_id());
//Show the chamilo mascot
if (empty($courses_and_sessions) && !isset($_GET['history'])) {
PageController::return_welcome_to_course_block($app['template']);
}
$app['template']->assign('content', $courses_and_sessions);
/*
if (api_get_setting('allow_browser_sniffer') == 'true') {
if ($_SESSION['sniff_navigator']!="checked") {
$app['template']->assign('show_sniff', 1);
} else {
$app['template']->assign('show_sniff', 0);
}
}
//check for flash and message
$sniff_notification = '';
$some_activex=$_SESSION['sniff_check_some_activex'];
$some_plugins=$_SESSION['sniff_check_some_plugins'];
if(!empty($some_activex) || !empty($some_plugins)){
if (! preg_match("/flash_yes/", $some_activex) && ! preg_match("/flash_yes/", $some_plugins)) {
$sniff_notification = Display::return_message(get_lang('NoFlash'), 'warning', true);
//js verification - To annoying of redirecting every time the page
$app['template']->assign('sniff_notification', $sniff_notification);
}
} */
PageController::return_profile_block();
PageController::return_user_image_block();
PageController::return_course_block();
$app['template']->assign('navigation_course_links', $app['template']->return_navigation_links());
PageController::return_reservation_block();
$app['template']->assign('search_block', PageController::return_search_block());
$app['template']->assign('classes_block', PageController::return_classes_block());
PageController::return_skills_links();
// Deleting the session_id.
Session::erase('session_id');
$response = $app['template']->render_template('userportal/index.tpl');
//return new Response($response, 200, array('Cache-Control' => 's-maxage=3600, private'));
return new Response($response, 200, array());
}
function check_last_login()
{
/**
* @todo This piece of code should probably move to local.inc.php where the actual login procedure is handled.
* @todo Check if this code is used. I think this code is never executed because after clicking the submit button
* the code does the stuff in local.inc.php and then redirects to index.php or user_portal.php depending
* on api_get_setting('page_after_login').
*/
if (!empty($_POST['submitAuth'])) {
// The user has been already authenticated, we are now to find the last login of the user.
if (!empty($this->user_id)) {
$track_login_table = Database :: get_statistic_table(TABLE_STATISTIC_TRACK_E_LOGIN);
$sql_last_login = "SELECT login_date
FROM $track_login_table
WHERE login_user_id = '".$this->user_id."'
ORDER BY login_date DESC LIMIT 1";
$result_last_login = Database::query($sql_last_login);
if (!$result_last_login) {
if (Database::num_rows($result_last_login) > 0) {
$user_last_login_datetime = Database::fetch_array($result_last_login);
$user_last_login_datetime = $user_last_login_datetime[0];
Session::write('user_last_login_datetime', $user_last_login_datetime);
}
}
Database::free_result($result_last_login);
if (api_is_platform_admin()) {
// decode all open event informations and fill the track_c_* tables
include api_get_path(LIBRARY_PATH).'stats.lib.inc.php';
decodeOpenInfos();
}
}
// End login -- if ($_POST['submitAuth'])
} else {
// Only if login form was not sent because if the form is sent the user was already on the page.
event_open();
}
}
function set_login_form()
{
global $loginFailed;
$login_form = '';
if (!($this->user_id) || api_is_anonymous($this->user_id)) {
// Only display if the user isn't logged in.
$this->page->assign('login_language_form', api_display_language_form(true));
$this->page->assign('login_form', self::display_login_form());
if ($loginFailed) {
$this->page->assign('login_failed', self::handle_login_failed());
}
if (api_get_setting('allow_lostpassword') == 'true' || api_get_setting('allow_registration') == 'true') {
$login_form .= '<ul class="nav nav-list">';
if (api_get_setting('allow_registration') != 'false') {
$login_form .= '<li><a href="main/auth/inscription.php">'.get_lang('Reg').'</a></li>';
}
if (api_get_setting('allow_lostpassword') == 'true') {
$login_form .= '<li><a href="main/auth/lostPassword.php">'.get_lang('LostPassword').'</a></li>';
}
$login_form .= '</ul>';
}
$this->page->assign('login_options', $login_form);
}
}
/**
* Alias for the online_logout() function
*/
function logout()
{
online_logout($this->user_id, true);
}
/**
* This function checks if there are courses that are open to the world in the platform course categories (=faculties)
*
* @param string $category
* @return boolean
*/
function category_has_open_courses($category)
{
$setting_show_also_closed_courses = api_get_setting('show_closed_courses') == 'true';
$main_course_table = Database :: get_main_table(TABLE_MAIN_COURSE);
$category = Database::escape_string($category);
$sql_query = "SELECT * FROM $main_course_table WHERE category_code='$category'";
$sql_result = Database::query($sql_query);
while ($course = Database::fetch_array($sql_result)) {
if (!$setting_show_also_closed_courses) {
if ((api_get_user_id() > 0 && $course['visibility'] == COURSE_VISIBILITY_OPEN_PLATFORM) || ($course['visibility'] == COURSE_VISIBILITY_OPEN_WORLD)) {
return true; //at least one open course
}
} else {
if (isset($course['visibility'])) {
return true; // At least one course (it does not matter weither it's open or not because $setting_show_also_closed_courses = true).
}
}
}
return false;
}
/**
* Reacts on a failed login:
* Displays an explanation with a link to the registration form.
*
* @version 1.0.1
*/
function handle_login_failed()
{
$message = get_lang('InvalidId');
if (!isset($_GET['error'])) {
if (api_is_self_registration_allowed()) {
$message = get_lang('InvalidForSelfRegistration');
}
} else {
switch ($_GET['error']) {
case '':
if (api_is_self_registration_allowed()) {
$message = get_lang('InvalidForSelfRegistration');
}
break;
case 'account_expired':
$message = get_lang('AccountExpired');
break;
case 'account_inactive':
$message = get_lang('AccountInactive');
break;
case 'user_password_incorrect':
$message = get_lang('InvalidId');
break;
case 'access_url_inactive':
$message = get_lang('AccountURLInactive');
break;
case 'unrecognize_sso_origin':
//$message = get_lang('SSOError');
break;
}
}
return Display::return_message($message, 'error');
}
/**
* retrieves all the courses that the user has already subscribed to
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University, Belgium
* @param int $user_id: the id of the user
* @return array an array containing all the information of the courses of the given user
*/
function get_courses_of_user($user_id)
{
$table_course = Database::get_main_table(TABLE_MAIN_COURSE);
$table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
// Secondly we select the courses that are in a category (user_course_cat <> 0) and sort these according to the sort of the category
$user_id = intval($user_id);
$sql_select_courses = "SELECT course.code k, course.visual_code vc, course.subscribe subscr, course.unsubscribe unsubscr,
course.title i, course.tutor_name t, course.db_name db, course.directory dir, course_rel_user.status status,
course_rel_user.sort sort, course_rel_user.user_course_cat user_course_cat
FROM $table_course course,
$table_course_user course_rel_user
WHERE course.code = course_rel_user.course_code
AND course_rel_user.user_id = '".$user_id."'
AND course_rel_user.relation_type<>".COURSE_RELATION_TYPE_RRHH."
ORDER BY course_rel_user.sort ASC";
$result = Database::query($sql_select_courses);
$courses = array();
while ($row = Database::fetch_array($result)) {
// We only need the database name of the course.
$courses[$row['k']] = array(
'db' => $row['db'],
'code' => $row['k'],
'visual_code' => $row['vc'],
'title' => $row['i'],
'directory' => $row['dir'],
'status' => $row['status'],
'tutor' => $row['t'],
'subscribe' => $row['subscr'],
'unsubscribe' => $row['unsubscr'],
'sort' => $row['sort'],
'user_course_category' => $row['user_course_cat']
);
}
return $courses;
}
}
$app->get('/', 'UserPortalController::indexAction');
$app->run();
//$app['http_cache']->run();
$app->run();
Write Preview
Loading…
Cancel
Save