@ -36,19 +36,20 @@ include_once api_get_path(LIBRARY_PATH).'WCAG/WCAG_rendering.php';
$interbreadcrumb[] = array ("url" => "index.php", "name" => get_lang('CourseProgram'));
$description_type = isset ($_REQUEST['description_type']) ? Security::remove_XSS($_REQUEST['description_type']) : null;
$description_id = isset ($_REQUEST['description_id']) ? Security::remove_XSS($_REQUEST['description_id']) : null;
$action = isset($_GET['action'])?Security::remove_XSS($_GET['action']):'';
$edit = isset($_POST['edit'])?Security::remove_XSS($_POST['edit']):'';
$add = isset($_POST['add'])?Security::remove_XSS($_POST['add']):'';
if(intval($description_id ) == 1) $interbreadcrumb[] = array ("url" => "#", "name" => get_lang('GeneralDescription'));
if(intval($description_id ) == 2) $interbreadcrumb[] = array ("url" => "#", "name" => get_lang('Objectives'));
if(intval($description_id ) == 3) $interbreadcrumb[] = array ("url" => "#", "name" => get_lang('Topics'));
if(intval($description_id ) == 4) $interbreadcrumb[] = array ("url" => "#", "name" => get_lang('Methodology'));
if(intval($description_id ) == 5) $interbreadcrumb[] = array ("url" => "#", "name" => get_lang('CourseMaterial'));
if(intval($description_id ) == 6) $interbreadcrumb[] = array ("url" => "#", "name" => get_lang('HumanAndTechnicalResources'));
if(intval($description_id ) == 7) $interbreadcrumb[] = array ("url" => "#", "name" => get_lang('Assessment'));
if(intval($description_id ) >= 8) $interbreadcrumb[] = array ("url" => "#", "name" => get_lang('NewBloc'));
if(intval($description_type ) == 1) $interbreadcrumb[] = array ("url" => "#", "name" => get_lang('GeneralDescription'));
if(intval($description_type ) == 2) $interbreadcrumb[] = array ("url" => "#", "name" => get_lang('Objectives'));
if(intval($description_type ) == 3) $interbreadcrumb[] = array ("url" => "#", "name" => get_lang('Topics'));
if(intval($description_type ) == 4) $interbreadcrumb[] = array ("url" => "#", "name" => get_lang('Methodology'));
if(intval($description_type ) == 5) $interbreadcrumb[] = array ("url" => "#", "name" => get_lang('CourseMaterial'));
if(intval($description_type ) == 6) $interbreadcrumb[] = array ("url" => "#", "name" => get_lang('HumanAndTechnicalResources'));
if(intval($description_type ) == 7) $interbreadcrumb[] = array ("url" => "#", "name" => get_lang('Assessment'));
if(intval($description_type ) >= 8) $interbreadcrumb[] = array ("url" => "#", "name" => get_lang('NewBloc'));
api_protect_course_script(true);
$nameTools = get_lang('CourseProgram');
@ -129,15 +130,23 @@ $default_description_title_editable[7] = true;
*/
$condition_session = api_get_session_condition($session_id, false);
$current_session_id = api_get_session_id();
$sql = "SELECT description_type,title FROM $tbl_course_description $condition_session ORDER BY description_type ";
$sql = "SELECT id,title FROM $tbl_course_description $condition_session ORDER BY id ";
$result = Database::query($sql, __FILE__, __LINE__);
while ($row = Database::fetch_array($result)) {
$default_description_titles[$row['i d']] = $row['title'];
$default_description_titles[$row['description_type ']] = $row['title'];
}
if (api_is_allowed_to_edit(null,true) & & !is_null($description_id) || $action =='add') {
$actions = array('add','delete','edit');
if ((api_is_allowed_to_edit(null,true) & & !is_null($description_type)) || in_array($action,$actions)) {
$description_id = intval($description_id);
$description_type = intval($description_type);
// Delete a description block
if ($action == 'delete') {
$sql = "DELETE FROM $tbl_course_description WHERE id='".$description_id."'";
@ -148,31 +157,32 @@ if (api_is_allowed_to_edit(null,true) && !is_null($description_id) || $action ==
}
// Add or edit a description block
else {
if (!empty($description_id)) {
$sql = "SELECT * FROM $tbl_course_description WHERE id='".$description_id."'";
if (!empty($description_type)) {
$sql = "SELECT * FROM $tbl_course_description WHERE description_type='$description_type' AND session_id='$current_session_id'";
$result = Database::query($sql, __FILE__, __LINE__);
if ($description = Database::fetch_array($result)) {
$default_description_titles[$description_id ] = $description['title'];
$default_description_titles[$description_type ] = $description['title'];
$description_content = $description['content'];
} else {
$current_title = $default_description_titles[$description_id ];
$current_title = $default_description_titles[$description_type ];
}
} else {
$sql = "SELECT MAX(i d) as MAX FROM $tbl_course_description $condition_session";
$sql = "SELECT MAX(description_type ) as MAX FROM $tbl_course_description $condition_session";
$result = Database::query($sql, __FILE__, __LINE__);
$max= Database::fetch_array($result);
$description_id = $max['MAX']+1;
if ($description_id < ADD_BLOCK ) {
$description_id =8;
$description_type = $max['MAX']+1;
if ($description_type < ADD_BLOCK ) {
$description_type =8;
}
}
//Se borro: echo ' < style > . r o w { } < \ s t y l e > p o r q u e h a c i a c o n f l i c t o e n a p a r t a d o p e r s o n a l i z a d o c o n l o s e s t i l o s p r o p i o s d e l f o r m v a l i d a t o r
// Build the form
$form = new FormValidator('course_description','POST','index.php?'.api_get_cidreq(),'','style="width: 100%;"');
$form->addElement('header', '', $default_description_titles[$description_id ]);
$form->addElement('hidden', 'description_id ');
$form->addElement('header', '', $default_description_titles[$description_type ]);
$form->addElement('hidden', 'description_type ');
if ($action == 'edit' || intval($edit) == 1 ) {
$form->addElement('hidden', 'edit','1');
@ -182,7 +192,7 @@ if (api_is_allowed_to_edit(null,true) && !is_null($description_id) || $action ==
$form->addElement('hidden', 'add','1');
}
if (($description_id >= ADD_BLOCK) || $default_description_title_editable[$description_id ] || $action == 'add' || intval($edit) == 1) {
if (($description_type >= ADD_BLOCK) || $default_description_title_editable[$description_type ] || $action == 'add' || intval($edit) == 1) {
$form->add_textfield('title', get_lang('Title'), true, array('size'=>'width: 350px;'));
$form->applyFilter('title','html_filter');
}
@ -194,9 +204,10 @@ if (api_is_allowed_to_edit(null,true) && !is_null($description_id) || $action ==
}
$form->addElement('style_submit_button', null, get_lang('Save'), 'class="save"');
// Set some default values
$default['title'] = $default_description_titles[$description_id ];
$default['title'] = $default_description_titles[$description_type ];
$default['contentDescription'] = $description_content;
$default['description_id'] = $description_id;
$default['description_type'] = $description_type;
//if ($description_id >= ADD_BLOCK) {
//$default['description_id'] = ADD_BLOCK;
//}
@ -210,23 +221,23 @@ if (api_is_allowed_to_edit(null,true) && !is_null($description_id) || $action ==
$content = $description['contentDescription'];
}
$title = $description['title'];
if ($description['description_id '] >= ADD_BLOCK) {
if ($description['description_type '] >= ADD_BLOCK) {
if ($description['add']=='1') { //if this element has been submitted for addition
$result = Database::query($sql, __FILE__, __LINE__);
$sql = "INSERT IGNORE INTO $tbl_course_description SET id = '".$description_id." ', title = '".Database::escape_string(Security::remove_XSS($title,COURSEMANAGERLOWSECURITY))."', content = '".Database::escape_string(Security::remove_XSS($content,COURSEMANAGERLOWSECURITY))."', session_id = ".intval($session_id)." ";
$sql = "INSERT IGNORE INTO $tbl_course_description SET description_type='$description_type ', title = '".Database::escape_string(Security::remove_XSS($title,COURSEMANAGERLOWSECURITY))."', content = '".Database::escape_string(Security::remove_XSS($content,COURSEMANAGERLOWSECURITY))."', session_id = '$current_session_id' ";
Database::query($sql, __FILE__, __LINE__);
} else {
$sql = "UPDATE $tbl_course_description SET title = '".Database::escape_string(Security::remove_XSS($title,COURSEMANAGERLOWSECURITY))."', content = '".Database::escape_string(Security::remove_XSS($content,COURSEMANAGERLOWSECURITY))."' WHERE id = '".$description_id."' ";
$sql = "UPDATE $tbl_course_description SET title = '".Database::escape_string(Security::remove_XSS($title,COURSEMANAGERLOWSECURITY))."', content = '".Database::escape_string(Security::remove_XSS($content,COURSEMANAGERLOWSECURITY))."' WHERE description_type='$description_type' AND session_id = '$current_session_id' ";
Database::query($sql, __FILE__, __LINE__);
}
} else {
//if title is not editable, then use default title
if (!$default_description_title_editable[$description_id ]) {
$title = $default_description_titles[$description_id ];
if (!$default_description_title_editable[$description_type ]) {
$title = $default_description_titles[$description_type ];
}
$sql = "DELETE FROM $tbl_course_description WHERE id = '".$description_id." '";
$sql = "DELETE FROM $tbl_course_description WHERE description_type = '".$description_type."' AND session_id = '$current_session_id '";
Database::query($sql, __FILE__, __LINE__);
$sql = "INSERT INTO $tbl_course_description SET id = '".$description_id ."', title = '".Database::escape_string(Security::remove_XSS($title,COURSEMANAGERLOWSECURITY))."', content = '".Database::escape_string(Security::remove_XSS($content,COURSEMANAGERLOWSECURITY))."', session_id = ".intval($session_id)." ";
$sql = "INSERT INTO $tbl_course_description SET description_type = '".$description_type ."', title = '".Database::escape_string(Security::remove_XSS($title,COURSEMANAGERLOWSECURITY))."', content = '".Database::escape_string(Security::remove_XSS($content,COURSEMANAGERLOWSECURITY))."', session_id = '$current_session_id' ";
Database::query($sql, __FILE__, __LINE__);
}
$id = Database::insert_id();
@ -256,7 +267,7 @@ if (api_is_allowed_to_edit(null,true) && !is_null($description_id) || $action ==
echo '< a href = "'.api_get_self().'?'.api_get_cidreq().'&action=add" > '.Display::return_icon($default_description_icon[$id], $title, array('height'=>'22')).' '.$title.'< / a > ';
break;
} else {
echo '< a href = "'.api_get_self().'?'.api_get_cidreq().'&description_id ='.$id.'" > '.Display::return_icon($default_description_icon[$id], $title, array('height'=>'22')).' '.$title.'< / a > ';
echo '< a href = "'.api_get_self().'?'.api_get_cidreq().'&description_type ='.$id.'" > '.Display::return_icon($default_description_icon[$id], $title, array('height'=>'22')).' '.$title.'< / a > ';
$i++;
}
}
@ -288,9 +299,9 @@ if ($show_description_list) {
$result = Database::query($sql, __FILE__, __LINE__);
$descriptions = array();
while ($description = Database::fetch_object($result)) {
$descriptions[$description->i d] = $description;
$descriptions[$description->description_type ] = $description;
//reload titles to ensure we have the last version (after edition)
$default_description_titles[$description->i d] = $description->title;
$default_description_titles[$description->description_type ] = $description->title;
}
if (api_is_allowed_to_edit(null,true)) {
$categories = array ();
@ -308,7 +319,7 @@ if ($show_description_list) {
echo '< a href = "'.api_get_self().'?'.api_get_cidreq().'&action=add" > '.Display::return_icon($default_description_icon[$id], $title, array('height'=>'22')).' '.$title.'< / a > ';
break;
} else {
echo '< a href = "'.api_get_self().'?'.api_get_cidreq().'&description_id ='.$id.'" > '.Display::return_icon($default_description_icon[$id], $title, array('height'=>'22')).' '.$title.'< / a > ';
echo '< a href = "'.api_get_self().'?'.api_get_cidreq().'&description_type ='.$id.'" > '.Display::return_icon($default_description_icon[$id], $title, array('height'=>'22')).' '.$title.'< / a > ';
$i++;
}
}
@ -324,7 +335,7 @@ if ($show_description_list) {
echo '< / a > ';
//edit
echo '< a href = "'.api_get_self().'?'.api_get_cidreq().'&description_id='.$description->id.'" > ';
echo '< a href = "'.api_get_self().'?'.api_get_cidreq().'&action=edit& description_id='.$description->id.'&description_type='.$description->description_type .'" > ';
echo Display::return_icon('edit.gif', get_lang('Edit'), array('style' => 'vertical-align:middle;float:right; padding-right:4px;'));
echo '< / a > ';
}
Cristian Fasanando
15 years ago