From 746cac7a9d2e5a075ab90e6bd00b975cf2175b02 Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Mon, 4 Mar 2013 16:59:41 +0100 Subject: [PATCH] Moving code to controllers, adding ChamiloLMS namespace to Composer, adding public folder see #5523 --- index.php | 234 +------------ main/inc/global.inc.php | 115 ++++++- main/inc/local.inc.php | 99 +----- public/.htaccess | 8 + src/ChamiloLMS/Controller/IndexController.php | 234 +++++++++++++ .../Controller/UserPortalController.php | 312 +++++++++++++++++ user_portal.php | 313 +----------------- 7 files changed, 666 insertions(+), 649 deletions(-) create mode 100644 public/.htaccess create mode 100644 src/ChamiloLMS/Controller/IndexController.php create mode 100644 src/ChamiloLMS/Controller/UserPortalController.php diff --git a/index.php b/index.php index 0a5cb8de13..e7dde85ec1 100644 --- a/index.php +++ b/index.php @@ -12,7 +12,7 @@ $language_file = array('courses', 'index'); // Maybe we should change this into an api function? an example: CourseManager::unset(); $cidReset = true; -require_once 'main/inc/global.inc.php'; +$app = require_once 'main/inc/global.inc.php'; require_once 'main/chat/chat_functions.lib.php'; // The section (for the tabs). @@ -38,234 +38,4 @@ $htmlHeadXtra[] = ' //$cookie = new Cookie('TestCookie', 'cookies_yes', time()+3600*24*31*12); //$response->headers->setCookie($cookie); -use Silex\Application; -use Symfony\Component\HttpFoundation\Response; - -/** - * - */ -class IndexController -{ - /** - * @param Silex\Application $app - * @return Symfony\Component\HttpFoundation\Response - */ - public function indexAction(Application $app) - { - $request = $app['request']; - - //Actions - $logout = $request->get('logout'); - - if (!empty($logout)) { - $this->logout(); - } - - //$article = $app['orm.em']->getRepository('Entity\EntityCourse'); - //$courses_query = $app['orm.em']->createQuery('SELECT a FROM Entity\EntityCourse a'); - //$a = new EntityCourse(); - //$article = $app['orm.em']->getRepository('EntityCourse'); - //var_dump($article); - //$courses_query = $app['orm.em']->createQuery('SELECT a FROM Entity\EntityCourse a'); - /* - $paginator = new Doctrine\ORM\Tools\Pagination\Paginator($courses_query, $fetchJoinCollection = true); - $c = count($paginator); - foreach ($paginator as $course) { - echo $course->getCode() . "\n"; - } - exit; */ - - //$app['orm.em']->find('EntityCourse', 1); - //var_dump($app['orm.ems']['mysql']); - // Defines wether or not anonymous visitors can see a list of the courses on the Chamilo homepage that are open to the world. - //$_setting['display_courses_to_anonymous_users'] = 'true'; - // Delete session neccesary for legal terms - if (api_get_setting('allow_terms_conditions') == 'true') { - unset($_SESSION['term_and_condition']); - } - - //If we are not logged in and customapages activated - if (!api_get_user_id() && CustomPages::enabled()) { - $logged_out = $request->get('loggedout'); - if ($logged_out) { - CustomPages::display(CustomPages::LOGGED_OUT); - } else { - CustomPages::display(CustomPages::INDEX_UNLOGGED); - } - } - - //$this->check_last_login(); - - if (api_get_setting('display_categories_on_homepage') == 'true') { - $app['template']->assign('course_category_block', PageController::return_courses_in_categories()); - } - - // Facebook connexion, if activated - if (api_is_facebook_auth_activated() && !api_get_user_id()) { - facebook_connect(); - } - - $this->set_login_form($app); - - if (!api_is_anonymous()) { - PageController::return_profile_block(); - - PageController::return_user_image_block(); - - if (api_is_platform_admin()) { - PageController::return_course_block(); - } else { - PageController::return_teacher_link(); - } - } - - //Hot courses & announcements - $hot_courses = null; - $announcements_block = null; - - // When loading a chamilo page do not include the hot courses and news - if (!isset($_REQUEST['include'])) { - if (api_get_setting('show_hot_courses') == 'true') { - $hot_courses = PageController::return_hot_courses(); - } - $announcements_block = PageController::return_announcements(); - } - - $app['template']->assign('hot_courses', $hot_courses); - $app['template']->assign('announcements_block', $announcements_block); - - //Homepage - $app['template']->assign('home_page_block', PageController::return_home_page()); - - //Navigation links - $nav_links = $app['template']->return_navigation_links(); - - $app['template']->assign('navigation_course_links', $nav_links); - $app['template']->assign('main_navigation_block', $nav_links); - - PageController::return_notice(); - PageController::return_help(); - - if (api_is_platform_admin() || api_is_drh()) { - PageController::return_skills_links(); - } - $response = $app['template']->render_layout('layout_2_col.tpl'); - - //return new Response($response, 200, array('Cache-Control' => 's-maxage=3600, public')); - return new Response($response, 200, array()); - } - - /** - * - * @todo This piece of code should probably move to local.inc.php where the actual login procedure is handled. - * @todo Check if this code is used. I think this code is never executed because after clicking the submit button - * the code does the stuff in local.inc.php and then redirects to index.php or user_portal.php depending - * on api_get_setting('page_after_login'). - * @deprecated seems not to be used - */ - function check_last_login() - { - if (!empty($_POST['submitAuth'])) { - // The user has been already authenticated, we are now to find the last login of the user. - if (!empty($this->user_id)) { - $track_login_table = Database :: get_statistic_table(TABLE_STATISTIC_TRACK_E_LOGIN); - $sql_last_login = "SELECT login_date - FROM $track_login_table - WHERE login_user_id = '".$this->user_id."' - ORDER BY login_date DESC LIMIT 1"; - $result_last_login = Database::query($sql_last_login); - if (!$result_last_login) { - if (Database::num_rows($result_last_login) > 0) { - $user_last_login_datetime = Database::fetch_array($result_last_login); - $user_last_login_datetime = $user_last_login_datetime[0]; - Session::write('user_last_login_datetime', $user_last_login_datetime); - } - } - Database::free_result($result_last_login); - - if (api_is_platform_admin()) { - // decode all open event informations and fill the track_c_* tables - include api_get_path(LIBRARY_PATH).'stats.lib.inc.php'; - decodeOpenInfos(); - } - } - } else { - // Only if login form was not sent because if the form is sent the user was already on the page. - event_open(); - } - } - - /** - * @param Silex\Application $app - */ - function set_login_form(Application $app) - { - $user_id = api_get_user_id(); - $login_form = null; - if (!$user_id || api_is_anonymous($user_id)) { - - // Only display if the user isn't logged in. - $app['template']->assign('login_language_form', api_display_language_form(true)); - //self::display_login_form($app); - - $app['template']->assign('login_form', self::display_login_form($app)); - - if (api_get_setting('allow_lostpassword') == 'true' || api_get_setting('allow_registration') == 'true') { - $login_form .= ''; - } - $app['template']->assign('login_options', $login_form); - } - } - - function logout() - { - $user_id = api_get_user_id(); - online_logout($user_id, true); - } - - /** - * @param Silex\Application $app - * @return string - */ - function display_login_form(Application $app) - { - /* {{ form_widget(form) }} - $form = $app['form.factory']->createBuilder('form') - ->add('name') - ->add('email') - ->add('gender', 'choice', array( - 'choices' => array(1 => 'male', 2 => 'female'), - 'expanded' => true, - )) - ->getForm(); - return $app['template']->assign('form', $form->createView()); - */ - - $form = new FormValidator('formLogin', 'POST', null, null, array('class' => 'form-vertical')); - $form->addElement( - 'text', - 'login', - get_lang('UserName'), - array('class' => 'span2 autocapitalize_off', 'autofocus' => 'autofocus') - ); - $form->addElement('password', 'password', get_lang('Pass'), array('class' => 'span2')); - $form->addElement('style_submit_button', 'submitAuth', get_lang('LoginEnter'), array('class' => 'btn')); - $html = $form->return_form(); - if (api_get_setting('openid_authentication') == 'true') { - include_once 'main/auth/openid/login.php'; - $html .= '
'.openid_form().'
'; - } - return $html; - } -} - -$app->match('/', 'IndexController::indexAction', 'POST|GET'); -$app->run(); -//$app['http_cache']->run(); \ No newline at end of file +$app->run(); \ No newline at end of file diff --git a/main/inc/global.inc.php b/main/inc/global.inc.php index caab75e6a2..b0c0235ad9 100755 --- a/main/inc/global.inc.php +++ b/main/inc/global.inc.php @@ -8,7 +8,6 @@ * (which doesn't occur anymore when servertype config setting is set to test, * and which will disappear completely in Dokeos 1.6.1) * - include of /conf/configuration.php; - * - include of several libraries: main_api, database, display, text, security; * - selecting the main database; * - include of language files. * @@ -131,6 +130,71 @@ $app->register(new Silex\Provider\HttpCacheServiceProvider(), array( //$app->register(new Silex\Provider\SessionServiceProvider()); +use Symfony\Component\Security\Core\User\UserProviderInterface; +use Symfony\Component\Security\Core\User\UserInterface; +use Symfony\Component\Security\Core\User\User; +use Symfony\Component\Security\Core\Exception\UnsupportedUserException; +use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; +use Doctrine\DBAL\Connection; + +class UserProvider implements UserProviderInterface +{ + private $conn; + + public function __construct(Connection $conn) + { + $this->conn = $conn; + } + + public function loadUserByUsername($username) + { + $stmt = $this->conn->executeQuery('SELECT * FROM users WHERE username = ?', array(strtolower($username))); + + if (!$user = $stmt->fetch()) { + throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $username)); + } + $roles = 'student'; + echo $user['username'];exit; + return new User($user['username'], $user['password'], explode(',', $roles), true, true, true, true); + } + + public function refreshUser(UserInterface $user) + { + if (!$user instanceof User) { + throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', get_class($user))); + } + + return $this->loadUserByUsername($user->getUsername()); + } + + public function supportsClass($class) + { + return $class === 'Symfony\Component\Security\Core\User\User'; + } +} +/* +$app->register(new Silex\Provider\SecurityServiceProvider(), array( + 'security.firewalls' => array( + 'secured' => array( + 'pattern' => '^/admin/', + 'form' => array( + 'login_path' => '/login', + 'check_path' => '/admin/login_check' + ), + 'logout' => array('path' => '/logout', 'target' => '/'), + 'users' => $app->share(function() use ($app) { + return new UserProvider($app['db']); + }) + ) + ), + 'security.role_hierarchy'=> array( + 'ROLE_ADMIN' => array('ROLE_EDITOR'), + "ROLE_EDITOR" => array('ROLE_WRITER'), + "ROLE_WRITER" => array('ROLE_USER'), + "ROLE_USER" => array("ROLE_SUSCRIBER"), + ) +));*/ + //URL generator provider $app->register(new Silex\Provider\UrlGeneratorServiceProvider()); @@ -312,15 +376,6 @@ class ChamiloServiceProvider implements ServiceProviderInterface //Registering Chamilo service provider $app->register(new ChamiloServiceProvider(), array()); -//Controllers as services -$app->register(new Silex\Provider\ServiceControllerServiceProvider()); - -$app['pages.controller'] = $app->share( - function () use ($app) { - return new PagesController($app['pages.repository']); - } -); - //Manage error messages $app->error( @@ -883,4 +938,44 @@ if (empty($default_quota)) { } define('DEFAULT_DOCUMENT_QUOTA', $default_quota); +//Controllers as services +$app->register(new Silex\Provider\ServiceControllerServiceProvider()); + +$app['pages.controller'] = $app->share(function () use ($app) { + return new PagesController($app['pages.repository']); +}); + +$app['index.controller'] = $app->share(function () use ($app) { + return new ChamiloLMS\Controller\IndexController(); +}); + +$app['userportal.controller'] = $app->share(function () use ($app) { + return new ChamiloLMS\Controller\UserPortalController(); +}); + +/* +class PostController +{ + protected $repo; + + public function __construct() + { + } + public function indexJsonAction() + { + return 'ddd'; + } +} + +$app['posts.controller'] = $app->share(function() use ($app) { + return new PostController(); +}); +$app->mount('/', "posts.controller");*/ + +//index.php +$app->get('/', 'index.controller:indexAction'); +//user_portal.php +$app->get('/userportal', 'userportal.controller:indexAction'); + +//$app->mount('/', 'index.controller'); return $app; \ No newline at end of file diff --git a/main/inc/local.inc.php b/main/inc/local.inc.php index 3ac0e31ddf..0fcc759c6a 100644 --- a/main/inc/local.inc.php +++ b/main/inc/local.inc.php @@ -20,99 +20,9 @@ * The course id is stored in $_cid session variable. * The group id is stored in $_gid session variable. * - * - * VARIABLES AFFECTING THE SCRIPT BEHAVIOR - * - * string $login - * string $password - * boolean $logout - * - * string $cidReq : course id requested - * boolean $cidReset : ask for a course Reset, if no $cidReq is provided in the - * same time, all course informations is removed from the - * current session - * - * int $gidReq : group Id requested - * boolean $gidReset : ask for a group Reset, if no $gidReq is provided in the - * same time, all group informations is removed from the - * current session - * - * - * VARIABLES SET AND RETURNED BY THE SCRIPT - * - * All the variables below are set and returned by this script. - * - * USER VARIABLES - * - * string $_user ['firstName' ] - * string $_user ['lastName' ] - * string $_user ['mail' ] - * string $_user ['lastLogin' ] - * string $_user ['official_code'] - * string $_user ['picture_uri' ] - * string $_user['user_id'] - * - * boolean $is_platformAdmin - * boolean $is_allowedCreateCourse - * - * COURSE VARIABLES - * see the function get_course_info_with_category -* boolean $is_courseMember -* boolean $is_courseTutor -* boolean $is_courseAdmin -* -* -* GROUP VARIABLES -* -* int $_gid (the group id) -* -* -* IMPORTANT ADVICE FOR DEVELOPERS -* -* We strongly encourage developers to use a connection layer at the top of -* their scripts rather than use these variables, as they are, inside the core -* of their scripts. It will make code maintenance much easier. -* -* Many if the functions you need you can already find in the -* main_api.lib.php -* -* We encourage you to use functions to access these global "kernel" variables. -* You can add them to e.g. the main API library. -* -* -* SCRIPT STRUCTURE -* -* 1. The script determines if there is an authentication attempt. This part -* only chek if the login name and password are valid. Afterwards, it set the -* $_user['user_id'] (user id) and the $uidReset flag. Other user informations are retrieved -* later. It's also in this section that optional external authentication -* devices step in. -* -* 2. The script determines what other session informations have to be set or -* reset, setting correctly $cidReset (for course) and $gidReset (for group). -* -* 3. If needed, the script retrieves the other user informations (first name, - * last name, ...) and stores them in session. -* -* 4. If needed, the script retrieves the course information and stores them -* in session -* -* 5. The script initializes the user permission status and permission for the -* course level -* -* 6. If needed, the script retrieves group informations an store them in -* session. -* -* 7. The script initializes the user status and permission for the group level. -* -* @package chamilo.include + * @package chamilo.include */ -/* - INIT SECTION - variables should be initialised here - */ - //require_once api_get_path(LIBRARY_PATH).'conditionallogin.lib.php'; moved to autologin // verified if exists the username and password in session current @@ -125,7 +35,7 @@ if (isset($_SESSION['conditional_login']['uid']) && $_SESSION['conditional_login $_user['user_id'] = $_SESSION['conditional_login']['uid']; $_user['status'] = $uData['status']; - Session::write('_user',$_user); + Session::write('_user', $_user); Session::erase('conditional_login'); $uidReset=true; event_login(); @@ -218,7 +128,7 @@ if (!empty($_SESSION['_user']['user_id']) && !($login || $logout)) { } $cas_login=false; - if ($cas_activated AND !isset($_user['user_id']) and !isset($_POST['login']) && !$logout) { + if ($cas_activated AND !isset($_user['user_id']) and !isset($_POST['login']) && !$logout) { require_once api_get_path(SYS_PATH).'main/auth/cas/authcas.php'; $cas_login = cas_is_authenticated(); } @@ -603,7 +513,6 @@ if (isset($uidReset) && $uidReset) { // session data refresh requested // Extracting the user data $uData = Database::fetch_array($result); - $_user = _api_format_user($uData, false); $_user['lastLogin'] = api_strtotime($uData['login_date'], 'UTC'); @@ -611,7 +520,7 @@ if (isset($uidReset) && $uidReset) { // session data refresh requested $is_allowedCreateCourse = (bool) (($uData ['status'] == COURSEMANAGER) or (api_get_setting('drhCourseManagerRights') and $uData['status'] == DRH)); ConditionalLogin::check_conditions($uData); - Session::write('_user',$_user); + Session::write('_user', $_user); UserManager::update_extra_field_value($_user['user_id'], 'already_logged_in', 'true'); Session::write('is_platformAdmin',$is_platformAdmin); Session::write('is_allowedCreateCourse',$is_allowedCreateCourse); diff --git a/public/.htaccess b/public/.htaccess new file mode 100644 index 0000000000..a0db644dbb --- /dev/null +++ b/public/.htaccess @@ -0,0 +1,8 @@ + + Options -MultiViews + + RewriteEngine On + #RewriteBase /path/to/app + RewriteCond %{REQUEST_FILENAME} !-f + RewriteRule ^ index.php [L] + \ No newline at end of file diff --git a/src/ChamiloLMS/Controller/IndexController.php b/src/ChamiloLMS/Controller/IndexController.php new file mode 100644 index 0000000000..6acabf2d36 --- /dev/null +++ b/src/ChamiloLMS/Controller/IndexController.php @@ -0,0 +1,234 @@ +getToken(); + + //Actions + $logout = $request->get('logout'); + + if (!empty($logout)) { + $this->logout(); + $app->redirect($app['url_generator']->generator('index')); + } + + //$article = $app['orm.em']->getRepository('Entity\EntityCourse'); + //$courses_query = $app['orm.em']->createQuery('SELECT a FROM Entity\EntityCourse a'); + //$a = new EntityCourse(); + //$article = $app['orm.em']->getRepository('EntityCourse'); + //var_dump($article); + //$courses_query = $app['orm.em']->createQuery('SELECT a FROM Entity\EntityCourse a'); + /* + $paginator = new Doctrine\ORM\Tools\Pagination\Paginator($courses_query, $fetchJoinCollection = true); + $c = count($paginator); + foreach ($paginator as $course) { + echo $course->getCode() . "\n"; + } + exit; */ + + //$app['orm.em']->find('EntityCourse', 1); + //var_dump($app['orm.ems']['mysql']); + // Defines wether or not anonymous visitors can see a list of the courses on the Chamilo homepage that are open to the world. + //$_setting['display_courses_to_anonymous_users'] = 'true'; + // Delete session neccesary for legal terms + if (api_get_setting('allow_terms_conditions') == 'true') { + unset($_SESSION['term_and_condition']); + } + + //If we are not logged in and customapages activated + if (!api_get_user_id() && CustomPages::enabled()) { + $logged_out = $request->get('loggedout'); + if ($logged_out) { + CustomPages::display(CustomPages::LOGGED_OUT); + } else { + CustomPages::display(CustomPages::INDEX_UNLOGGED); + } + } + + //$this->check_last_login(); + + if (api_get_setting('display_categories_on_homepage') == 'true') { + $app['template']->assign('course_category_block', \PageController::return_courses_in_categories()); + } + + // Facebook connexion, if activated + if (api_is_facebook_auth_activated() && !api_get_user_id()) { + facebook_connect(); + } + + $this->set_login_form($app); + + if (!api_is_anonymous()) { + \PageController::return_profile_block(); + \PageController::return_user_image_block(); + + if (api_is_platform_admin()) { + \PageController::return_course_block(); + } else { + \PageController::return_teacher_link(); + } + } + + //Hot courses & announcements + $hot_courses = null; + $announcements_block = null; + + // When loading a chamilo page do not include the hot courses and news + if (!isset($_REQUEST['include'])) { + if (api_get_setting('show_hot_courses') == 'true') { + $hot_courses = \PageController::return_hot_courses(); + } + $announcements_block = \PageController::return_announcements(); + } + + $app['template']->assign('hot_courses', $hot_courses); + $app['template']->assign('announcements_block', $announcements_block); + + //Homepage + $app['template']->assign('home_page_block', \PageController::return_home_page()); + + //Navigation links + $nav_links = $app['template']->return_navigation_links(); + + $app['template']->assign('navigation_course_links', $nav_links); + $app['template']->assign('main_navigation_block', $nav_links); + + \PageController::return_notice(); + \PageController::return_help(); + + if (api_is_platform_admin() || api_is_drh()) { + \PageController::return_skills_links(); + } + $response = $app['template']->render_layout('layout_2_col.tpl'); + + //return new Response($response, 200, array('Cache-Control' => 's-maxage=3600, public')); + return new Response($response, 200, array()); + } + + /** + * + * @todo This piece of code should probably move to local.inc.php where the actual login procedure is handled. + * @todo Check if this code is used. I think this code is never executed because after clicking the submit button + * the code does the stuff in local.inc.php and then redirects to index.php or user_portal.php depending + * on api_get_setting('page_after_login'). + * @deprecated seems not to be used + */ + function check_last_login() + { + if (!empty($_POST['submitAuth'])) { + // The user has been already authenticated, we are now to find the last login of the user. + if (!empty($this->user_id)) { + $track_login_table = Database :: get_statistic_table(TABLE_STATISTIC_TRACK_E_LOGIN); + $sql_last_login = "SELECT login_date + FROM $track_login_table + WHERE login_user_id = '".$this->user_id."' + ORDER BY login_date DESC LIMIT 1"; + $result_last_login = Database::query($sql_last_login); + if (!$result_last_login) { + if (Database::num_rows($result_last_login) > 0) { + $user_last_login_datetime = Database::fetch_array($result_last_login); + $user_last_login_datetime = $user_last_login_datetime[0]; + Session::write('user_last_login_datetime', $user_last_login_datetime); + } + } + Database::free_result($result_last_login); + + if (api_is_platform_admin()) { + // decode all open event informations and fill the track_c_* tables + include api_get_path(LIBRARY_PATH).'stats.lib.inc.php'; + decodeOpenInfos(); + } + } + } else { + // Only if login form was not sent because if the form is sent the user was already on the page. + event_open(); + } + } + + /** + * @param Silex\Application $app + */ + function set_login_form(Application $app) + { + $user_id = api_get_user_id(); + $login_form = null; + if (!$user_id || api_is_anonymous($user_id)) { + + // Only display if the user isn't logged in. + $app['template']->assign('login_language_form', api_display_language_form(true)); + //self::display_login_form($app); + + $app['template']->assign('login_form', self::display_login_form($app)); + + if (api_get_setting('allow_lostpassword') == 'true' || api_get_setting('allow_registration') == 'true') { + $login_form .= ''; + } + $app['template']->assign('login_options', $login_form); + } + } + + function logout() + { + $user_id = api_get_user_id(); + online_logout($user_id, true); + } + + /** + * @param \Silex\Application $app + * @return string + */ + function display_login_form(Application $app) + { + /* {{ form_widget(form) }} + $form = $app['form.factory']->createBuilder('form') + ->add('name') + ->add('email') + ->add('gender', 'choice', array( + 'choices' => array(1 => 'male', 2 => 'female'), + 'expanded' => true, + )) + ->getForm(); + return $app['template']->assign('form', $form->createView()); + */ + + $form = new FormValidator('formLogin', 'POST', null, null, array('class' => 'form-vertical')); + $form->addElement( + 'text', + 'login', + get_lang('UserName'), + array('class' => 'span2 autocapitalize_off', 'autofocus' => 'autofocus') + ); + $form->addElement('password', 'password', get_lang('Pass'), array('class' => 'span2')); + $form->addElement('style_submit_button', 'submitAuth', get_lang('LoginEnter'), array('class' => 'btn')); + $html = $form->return_form(); + if (api_get_setting('openid_authentication') == 'true') { + include_once 'main/auth/openid/login.php'; + $html .= '
'.openid_form().'
'; + } + return $html; + } +} \ No newline at end of file diff --git a/src/ChamiloLMS/Controller/UserPortalController.php b/src/ChamiloLMS/Controller/UserPortalController.php new file mode 100644 index 0000000000..55df639bbf --- /dev/null +++ b/src/ChamiloLMS/Controller/UserPortalController.php @@ -0,0 +1,312 @@ +assign('content', $courses_and_sessions); + + /* + if (api_get_setting('allow_browser_sniffer') == 'true') { + if ($_SESSION['sniff_navigator']!="checked") { + $app['template']->assign('show_sniff', 1); + } else { + $app['template']->assign('show_sniff', 0); + } + } + + //check for flash and message + + $sniff_notification = ''; + $some_activex=$_SESSION['sniff_check_some_activex']; + $some_plugins=$_SESSION['sniff_check_some_plugins']; + + if(!empty($some_activex) || !empty($some_plugins)){ + if (! preg_match("/flash_yes/", $some_activex) && ! preg_match("/flash_yes/", $some_plugins)) { + $sniff_notification = Display::return_message(get_lang('NoFlash'), 'warning', true); + //js verification - To annoying of redirecting every time the page + $app['template']->assign('sniff_notification', $sniff_notification); + } + } */ + + \PageController::return_profile_block(); + \PageController::return_user_image_block(); + \PageController::return_course_block(); + + $app['template']->assign('navigation_course_links', $app['template']->return_navigation_links()); + \PageController::return_reservation_block(); + $app['template']->assign('search_block', \PageController::return_search_block()); + $app['template']->assign('classes_block', \PageController::return_classes_block()); + \PageController::return_skills_links(); + + // Deleting the session_id. + Session::erase('session_id'); + + $response = $app['template']->render_template('userportal/index.tpl'); + + //return new Response($response, 200, array('Cache-Control' => 's-maxage=3600, private')); + return new Response($response, 200, array()); + } + + function check_last_login() + { + /** + * @todo This piece of code should probably move to local.inc.php where the actual login procedure is handled. + * @todo Check if this code is used. I think this code is never executed because after clicking the submit button + * the code does the stuff in local.inc.php and then redirects to index.php or user_portal.php depending + * on api_get_setting('page_after_login'). + */ + if (!empty($_POST['submitAuth'])) { + // The user has been already authenticated, we are now to find the last login of the user. + if (!empty($this->user_id)) { + $track_login_table = Database :: get_statistic_table(TABLE_STATISTIC_TRACK_E_LOGIN); + $sql_last_login = "SELECT login_date + FROM $track_login_table + WHERE login_user_id = '".$this->user_id."' + ORDER BY login_date DESC LIMIT 1"; + $result_last_login = Database::query($sql_last_login); + if (!$result_last_login) { + if (Database::num_rows($result_last_login) > 0) { + $user_last_login_datetime = Database::fetch_array($result_last_login); + $user_last_login_datetime = $user_last_login_datetime[0]; + Session::write('user_last_login_datetime', $user_last_login_datetime); + } + } + Database::free_result($result_last_login); + + if (api_is_platform_admin()) { + // decode all open event informations and fill the track_c_* tables + include api_get_path(LIBRARY_PATH).'stats.lib.inc.php'; + decodeOpenInfos(); + } + } + // End login -- if ($_POST['submitAuth']) + } else { + // Only if login form was not sent because if the form is sent the user was already on the page. + event_open(); + } + } + + function set_login_form() + { + global $loginFailed; + + $login_form = ''; + + if (!($this->user_id) || api_is_anonymous($this->user_id)) { + + // Only display if the user isn't logged in. + $this->page->assign('login_language_form', api_display_language_form(true)); + $this->page->assign('login_form', self::display_login_form()); + + if ($loginFailed) { + $this->page->assign('login_failed', self::handle_login_failed()); + } + + if (api_get_setting('allow_lostpassword') == 'true' || api_get_setting('allow_registration') == 'true') { + $login_form .= ''; + } + $this->page->assign('login_options', $login_form); + } + } + + /** + * Alias for the online_logout() function + */ + function logout() + { + online_logout($this->user_id, true); + } + + /** + * This function checks if there are courses that are open to the world in the platform course categories (=faculties) + * + * @param string $category + * @return boolean + */ + function category_has_open_courses($category) + { + $setting_show_also_closed_courses = api_get_setting('show_closed_courses') == 'true'; + $main_course_table = Database :: get_main_table(TABLE_MAIN_COURSE); + $category = Database::escape_string($category); + $sql_query = "SELECT * FROM $main_course_table WHERE category_code='$category'"; + $sql_result = Database::query($sql_query); + while ($course = Database::fetch_array($sql_result)) { + if (!$setting_show_also_closed_courses) { + if ((api_get_user_id() > 0 && $course['visibility'] == COURSE_VISIBILITY_OPEN_PLATFORM) || ($course['visibility'] == COURSE_VISIBILITY_OPEN_WORLD)) { + return true; //at least one open course + } + } else { + if (isset($course['visibility'])) { + return true; // At least one course (it does not matter weither it's open or not because $setting_show_also_closed_courses = true). + } + } + } + return false; + } + + /** + * Reacts on a failed login: + * Displays an explanation with a link to the registration form. + * + * @version 1.0.1 + */ + function handle_login_failed() + { + $message = get_lang('InvalidId'); + + if (!isset($_GET['error'])) { + if (api_is_self_registration_allowed()) { + $message = get_lang('InvalidForSelfRegistration'); + } + } else { + switch ($_GET['error']) { + case '': + if (api_is_self_registration_allowed()) { + $message = get_lang('InvalidForSelfRegistration'); + } + break; + case 'account_expired': + $message = get_lang('AccountExpired'); + break; + case 'account_inactive': + $message = get_lang('AccountInactive'); + break; + case 'user_password_incorrect': + $message = get_lang('InvalidId'); + break; + case 'access_url_inactive': + $message = get_lang('AccountURLInactive'); + break; + case 'unrecognize_sso_origin': + //$message = get_lang('SSOError'); + break; + } + } + return Display::return_message($message, 'error'); + } + + /** + * retrieves all the courses that the user has already subscribed to + * @author Patrick Cool , Ghent University, Belgium + * @param int $user_id: the id of the user + * @return array an array containing all the information of the courses of the given user + */ + function get_courses_of_user($user_id) + { + $table_course = Database::get_main_table(TABLE_MAIN_COURSE); + $table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER); + // Secondly we select the courses that are in a category (user_course_cat <> 0) and sort these according to the sort of the category + $user_id = intval($user_id); + $sql_select_courses = "SELECT course.code k, course.visual_code vc, course.subscribe subscr, course.unsubscribe unsubscr, + course.title i, course.tutor_name t, course.db_name db, course.directory dir, course_rel_user.status status, + course_rel_user.sort sort, course_rel_user.user_course_cat user_course_cat + FROM $table_course course, + $table_course_user course_rel_user + WHERE course.code = course_rel_user.course_code + AND course_rel_user.user_id = '".$user_id."' + AND course_rel_user.relation_type<>".COURSE_RELATION_TYPE_RRHH." + ORDER BY course_rel_user.sort ASC"; + $result = Database::query($sql_select_courses); + $courses = array(); + while ($row = Database::fetch_array($result)) { + // We only need the database name of the course. + $courses[$row['k']] = array( + 'db' => $row['db'], + 'code' => $row['k'], + 'visual_code' => $row['vc'], + 'title' => $row['i'], + 'directory' => $row['dir'], + 'status' => $row['status'], + 'tutor' => $row['t'], + 'subscribe' => $row['subscr'], + 'unsubscribe' => $row['unsubscr'], + 'sort' => $row['sort'], + 'user_course_category' => $row['user_course_cat'] + ); + } + return $courses; + } +} \ No newline at end of file diff --git a/user_portal.php b/user_portal.php index 917db8977f..18ac39332a 100644 --- a/user_portal.php +++ b/user_portal.php @@ -79,316 +79,5 @@ if ($load_dirs) { '; } -use Silex\Application; -use Symfony\Component\HttpFoundation\Response; - -class UserPortalController -{ - - function indexAction(Application $app) - { - // Check if a user is enrolled only in one course for going directly to the course after the login. - if (api_get_setting('go_to_course_after_login') == 'true') { - - // Get the courses list - $personal_course_list = UserManager::get_personal_session_course_list(api_get_user_id()); - - $my_session_list = array(); - $count_of_courses_no_sessions = 0; - $count_of_courses_with_sessions = 0; - - foreach ($personal_course_list as $course) { - if (!empty($course['id_session'])) { - $my_session_list[$course['id_session']] = true; - $count_of_courses_with_sessions++; - } else { - $count_of_courses_no_sessions++; - } - } - $count_of_sessions = count($my_session_list); - - if ($count_of_sessions == 1 && $count_of_courses_no_sessions == 0) { - - $key = array_keys($personal_course_list); - $course_info = $personal_course_list[$key[0]]; - $course_directory = $course_info['course_info']['path']; - $id_session = isset($course_info['id_session']) ? $course_info['id_session'] : 0; - - $url = api_get_path(WEB_CODE_PATH).'session/?session_id='.$id_session; - - header('location:'.$url); - exit; - } - - if (!isset($_SESSION['coursesAlreadyVisited']) && $count_of_sessions == 0 && $count_of_courses_no_sessions == 1) { - $key = array_keys($personal_course_list); - $course_info = $personal_course_list[$key[0]]; - $course_directory = $course_info['course_info']['path']; - $id_session = isset($course_info['id_session']) ? $course_info['id_session'] : 0; - - $url = api_get_path(WEB_COURSE_PATH).$course_directory.'/?id_session='.$id_session; - header('location:'.$url); - exit; - } - } - - /* Sniffing system */ - /* - //store posts to sessions - if ($_SESSION['sniff_navigator']!="checked") { - $_SESSION['sniff_navigator']=Security::remove_XSS($_POST['sniff_navigator']); - $_SESSION['sniff_screen_size_w']=Security::remove_XSS($_POST['sniff_navigator_screen_size_w']); - $_SESSION['sniff__screen_size_h']=Security::remove_XSS($_POST['sniff_navigator_screen_size_h']); - $_SESSION['sniff_type_mimetypes']=Security::remove_XSS($_POST['sniff_navigator_type_mimetypes']); - $_SESSION['sniff_suffixes_mimetypes']=Security::remove_XSS($_POST['sniff_navigator_suffixes_mimetypes']); - $_SESSION['sniff_list_plugins']=Security::remove_XSS($_POST['sniff_navigator_list_plugins']); - $_SESSION['sniff_check_some_activex']=Security::remove_XSS($_POST['sniff_navigator_check_some_activex']); - $_SESSION['sniff_check_some_plugins']=Security::remove_XSS($_POST['sniff_navigator_check_some_plugins']); - $_SESSION['sniff_java']=Security::remove_XSS($_POST['sniff_navigator_java']); - $_SESSION['sniff_java_sun_ver']=Security::remove_XSS($_POST['sniff_navigator_java_sun_ver']); - } */ - - - - // Main courses and session list - $courses_and_sessions = PageController::return_courses_and_sessions(api_get_user_id()); - - //Show the chamilo mascot - if (empty($courses_and_sessions) && !isset($_GET['history'])) { - PageController::return_welcome_to_course_block($app['template']); - } - - $app['template']->assign('content', $courses_and_sessions); - - /* - if (api_get_setting('allow_browser_sniffer') == 'true') { - if ($_SESSION['sniff_navigator']!="checked") { - $app['template']->assign('show_sniff', 1); - } else { - $app['template']->assign('show_sniff', 0); - } - } - - //check for flash and message - - $sniff_notification = ''; - $some_activex=$_SESSION['sniff_check_some_activex']; - $some_plugins=$_SESSION['sniff_check_some_plugins']; - - if(!empty($some_activex) || !empty($some_plugins)){ - if (! preg_match("/flash_yes/", $some_activex) && ! preg_match("/flash_yes/", $some_plugins)) { - $sniff_notification = Display::return_message(get_lang('NoFlash'), 'warning', true); - //js verification - To annoying of redirecting every time the page - $app['template']->assign('sniff_notification', $sniff_notification); - } - } */ - - PageController::return_profile_block(); - PageController::return_user_image_block(); - PageController::return_course_block(); - - $app['template']->assign('navigation_course_links', $app['template']->return_navigation_links()); - PageController::return_reservation_block(); - $app['template']->assign('search_block', PageController::return_search_block()); - $app['template']->assign('classes_block', PageController::return_classes_block()); - PageController::return_skills_links(); - - // Deleting the session_id. - Session::erase('session_id'); - - $response = $app['template']->render_template('userportal/index.tpl'); - - //return new Response($response, 200, array('Cache-Control' => 's-maxage=3600, private')); - return new Response($response, 200, array()); - } - - function check_last_login() - { - /** - * @todo This piece of code should probably move to local.inc.php where the actual login procedure is handled. - * @todo Check if this code is used. I think this code is never executed because after clicking the submit button - * the code does the stuff in local.inc.php and then redirects to index.php or user_portal.php depending - * on api_get_setting('page_after_login'). - */ - if (!empty($_POST['submitAuth'])) { - // The user has been already authenticated, we are now to find the last login of the user. - if (!empty($this->user_id)) { - $track_login_table = Database :: get_statistic_table(TABLE_STATISTIC_TRACK_E_LOGIN); - $sql_last_login = "SELECT login_date - FROM $track_login_table - WHERE login_user_id = '".$this->user_id."' - ORDER BY login_date DESC LIMIT 1"; - $result_last_login = Database::query($sql_last_login); - if (!$result_last_login) { - if (Database::num_rows($result_last_login) > 0) { - $user_last_login_datetime = Database::fetch_array($result_last_login); - $user_last_login_datetime = $user_last_login_datetime[0]; - Session::write('user_last_login_datetime', $user_last_login_datetime); - } - } - Database::free_result($result_last_login); - - if (api_is_platform_admin()) { - // decode all open event informations and fill the track_c_* tables - include api_get_path(LIBRARY_PATH).'stats.lib.inc.php'; - decodeOpenInfos(); - } - } - // End login -- if ($_POST['submitAuth']) - } else { - // Only if login form was not sent because if the form is sent the user was already on the page. - event_open(); - } - } - - function set_login_form() - { - global $loginFailed; - - $login_form = ''; - - if (!($this->user_id) || api_is_anonymous($this->user_id)) { - - // Only display if the user isn't logged in. - $this->page->assign('login_language_form', api_display_language_form(true)); - $this->page->assign('login_form', self::display_login_form()); - - if ($loginFailed) { - $this->page->assign('login_failed', self::handle_login_failed()); - } - - if (api_get_setting('allow_lostpassword') == 'true' || api_get_setting('allow_registration') == 'true') { - $login_form .= ''; - } - $this->page->assign('login_options', $login_form); - } - } - - /** - * Alias for the online_logout() function - */ - function logout() - { - online_logout($this->user_id, true); - } - - /** - * This function checks if there are courses that are open to the world in the platform course categories (=faculties) - * - * @param string $category - * @return boolean - */ - function category_has_open_courses($category) - { - $setting_show_also_closed_courses = api_get_setting('show_closed_courses') == 'true'; - $main_course_table = Database :: get_main_table(TABLE_MAIN_COURSE); - $category = Database::escape_string($category); - $sql_query = "SELECT * FROM $main_course_table WHERE category_code='$category'"; - $sql_result = Database::query($sql_query); - while ($course = Database::fetch_array($sql_result)) { - if (!$setting_show_also_closed_courses) { - if ((api_get_user_id() > 0 && $course['visibility'] == COURSE_VISIBILITY_OPEN_PLATFORM) || ($course['visibility'] == COURSE_VISIBILITY_OPEN_WORLD)) { - return true; //at least one open course - } - } else { - if (isset($course['visibility'])) { - return true; // At least one course (it does not matter weither it's open or not because $setting_show_also_closed_courses = true). - } - } - } - return false; - } - - /** - * Reacts on a failed login: - * Displays an explanation with a link to the registration form. - * - * @version 1.0.1 - */ - function handle_login_failed() - { - $message = get_lang('InvalidId'); - - if (!isset($_GET['error'])) { - if (api_is_self_registration_allowed()) { - $message = get_lang('InvalidForSelfRegistration'); - } - } else { - switch ($_GET['error']) { - case '': - if (api_is_self_registration_allowed()) { - $message = get_lang('InvalidForSelfRegistration'); - } - break; - case 'account_expired': - $message = get_lang('AccountExpired'); - break; - case 'account_inactive': - $message = get_lang('AccountInactive'); - break; - case 'user_password_incorrect': - $message = get_lang('InvalidId'); - break; - case 'access_url_inactive': - $message = get_lang('AccountURLInactive'); - break; - case 'unrecognize_sso_origin': - //$message = get_lang('SSOError'); - break; - } - } - return Display::return_message($message, 'error'); - } - - /** - * retrieves all the courses that the user has already subscribed to - * @author Patrick Cool , Ghent University, Belgium - * @param int $user_id: the id of the user - * @return array an array containing all the information of the courses of the given user - */ - function get_courses_of_user($user_id) - { - $table_course = Database::get_main_table(TABLE_MAIN_COURSE); - $table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER); - // Secondly we select the courses that are in a category (user_course_cat <> 0) and sort these according to the sort of the category - $user_id = intval($user_id); - $sql_select_courses = "SELECT course.code k, course.visual_code vc, course.subscribe subscr, course.unsubscribe unsubscr, - course.title i, course.tutor_name t, course.db_name db, course.directory dir, course_rel_user.status status, - course_rel_user.sort sort, course_rel_user.user_course_cat user_course_cat - FROM $table_course course, - $table_course_user course_rel_user - WHERE course.code = course_rel_user.course_code - AND course_rel_user.user_id = '".$user_id."' - AND course_rel_user.relation_type<>".COURSE_RELATION_TYPE_RRHH." - ORDER BY course_rel_user.sort ASC"; - $result = Database::query($sql_select_courses); - $courses = array(); - while ($row = Database::fetch_array($result)) { - // We only need the database name of the course. - $courses[$row['k']] = array( - 'db' => $row['db'], - 'code' => $row['k'], - 'visual_code' => $row['vc'], - 'title' => $row['i'], - 'directory' => $row['dir'], - 'status' => $row['status'], - 'tutor' => $row['t'], - 'subscribe' => $row['subscr'], - 'unsubscribe' => $row['unsubscr'], - 'sort' => $row['sort'], - 'user_course_category' => $row['user_course_cat'] - ); - } - return $courses; - } -} $app->get('/', 'UserPortalController::indexAction'); -$app->run(); -//$app['http_cache']->run(); \ No newline at end of file +$app->run(); \ No newline at end of file