chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Adding setting to allow session admins to control of all sessions see #3823

Browse Source
skala
Julio Montoya 14 years ago
parent 178bf55999
commit 7c508cd579
11 changed files with 144 additions and 137 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 13
      main/admin/add_courses_to_session.php
  2. 46
      main/admin/add_users_to_session.php
  3. 6
      main/admin/resume_session.php
  4. 9
      main/admin/session_course_edit.php
  5. 7
      main/admin/session_course_list.php
  6. 16
      main/admin/session_course_user.php
  7. 29
      main/admin/session_course_user_list.php
  8. 110
      main/admin/session_edit.php
  9. 29
      main/inc/lib/sessionmanager.lib.php
  10. 8
      main/install/db_main.sql
  11. 8
      main/install/migrate-db-1.8.8-1.9.0-pre.sql

13
main/admin/add_courses_to_session.php
Unescape View File

@ -19,6 +19,8 @@ require_once api_get_path(LIBRARY_PATH).'add_courses_to_session_functions.lib.ph
$id_session = intval($_GET['id_session']);
SessionManager::protect_session_edit($id_session);
$xajax = new xajax();
//$xajax->debugOn();
$xajax -> registerFunction (array('search_courses', 'AddCourseToSession', 'search_courses'));
@ -26,9 +28,6 @@ $xajax -> registerFunction (array('search_courses', 'AddCourseToSession', 'searc
// Setting the section (for the tabs)
$this_section = SECTION_PLATFORM_ADMIN;
// Access restrictions
api_protect_admin_script(true);
// setting breadcrumbs
$interbreadcrumb[] = array('url' => 'index.php', 'name' => get_lang('PlatformAdmin'));
$interbreadcrumb[] = array('url' => 'session_list.php','name' => get_lang('SessionList'));
@ -115,7 +114,7 @@ if ($_POST['formSent']) {
$rs = Database::query("SELECT course_code FROM $tbl_session_rel_course WHERE id_session=$id_session");
$existingCourses = Database::store_result($rs);
// Updating only the RRHH users?? why?
//$sql="SELECT id_user FROM $tbl_session_rel_user WHERE id_session = $id_session AND relation_type=".COURSE_RELATION_TYPE_RRHH." ";
$sql = "SELECT id_user FROM $tbl_session_rel_user WHERE id_session = $id_session ";
@ -134,10 +133,10 @@ if ($_POST['formSent']) {
if(!$exists) {
$sql_insert_rel_course= "INSERT INTO $tbl_session_rel_course(id_session,course_code) VALUES('$id_session','$enreg_course')";
Database::query($sql_insert_rel_course);
$course_info = api_get_course_info($enreg_course);
CourseManager::update_course_ranking($course_info['real_id'], $id_session);
//We add in the existing courses table the current course, to not try to add another time the current course
$existingCourses[]=array('course_code'=>$enreg_course);
$nbr_users=0;
@ -160,7 +159,7 @@ if ($_POST['formSent']) {
CourseManager::remove_course_ranking($course_info['real_id'], $id_session);
Database::query("DELETE FROM $tbl_session_rel_course WHERE course_code='".$existingCourse['course_code']."' AND id_session=$id_session");
Database::query("DELETE FROM $tbl_session_rel_course_rel_user WHERE course_code='".$existingCourse['course_code']."' AND id_session=$id_session");
}
}
$nbr_courses=count($CourseList);

46
main/admin/add_users_to_session.php
Unescape View File

@ -15,17 +15,15 @@ require_once '../inc/global.inc.php';
require_once '../inc/lib/xajax/xajax.inc.php';
$xajax = new xajax();
//$xajax->debugOn();
$xajax -> registerFunction ('search_users');
// setting the section (for the tabs)
$this_section = SECTION_PLATFORM_ADMIN;
// Access restrictions
api_protect_admin_script(true);
$id_session = intval($_GET['id_session']);
SessionManager::protect_session_edit($id_session);
// setting breadcrumbs
$interbreadcrumb[] = array('url' => 'index.php','name' => get_lang('PlatformAdmin'));
$interbreadcrumb[] = array('url' => 'session_list.php','name' => get_lang('SessionList'));
@ -76,13 +74,13 @@ function search_users($needle, $type) {
global $tbl_user,$tbl_session_rel_user,$id_session;
$xajax_response = new XajaxResponse();
$return = '';
if (!empty($needle) && !empty($type)) {
//normal behaviour
if ($type == 'any_session' && $needle == 'false') {
$type = 'multiple';
$needle = '';
$needle = '';
}
// xajax send utf8 datas... datas in db can be non-utf8 datas
@ -93,7 +91,7 @@ function search_users($needle, $type) {
$order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname, username' : ' ORDER BY lastname, firstname, username';
$cond_user_id = '';
//Only for single & multiple
if (in_array($type, array('single','multiple')))
if (!empty($id_session)) {
@ -128,17 +126,17 @@ function search_users($needle, $type) {
break;
case 'any_session':
$sql = 'SELECT DISTINCT user.user_id, username, lastname, firstname FROM '.$tbl_user.' user LEFT OUTER JOIN '.$tbl_session_rel_user.' s ON (s.id_user = user.user_id)
WHERE s.id_user IS null AND user.status<>'.DRH.' AND
WHERE s.id_user IS null AND user.status<>'.DRH.' AND
user.user_id<>"'.$user_anonymous.'"'.$cond_user_id.
$order_clause;
break;
}
}
global $_configuration;
if ($_configuration['multiple_access_urls']) {
$tbl_user_rel_access_url= Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1) {
if ($access_url_id != -1) {
switch($type) {
case 'single':
$sql = 'SELECT user.user_id, username, lastname, firstname FROM '.$tbl_user.' user
@ -152,16 +150,16 @@ function search_users($needle, $type) {
case 'multiple':
$sql = 'SELECT user.user_id, username, lastname, firstname FROM '.$tbl_user.' user
INNER JOIN '.$tbl_user_rel_access_url.' url_user ON (url_user.user_id=user.user_id)
WHERE access_url_id = '.$access_url_id.' AND
WHERE access_url_id = '.$access_url_id.' AND
'.(api_sort_by_first_name() ? 'firstname' : 'lastname').' LIKE "'.$needle.'%" AND user.status<>'.DRH.' AND user.user_id<>"'.$user_anonymous.'"'.$cond_user_id.
$order_clause;
break;
case 'any_session' :
$sql = 'SELECT DISTINCT user.user_id, username, lastname, firstname FROM '.$tbl_user.' user LEFT OUTER JOIN '.$tbl_session_rel_user.' s ON (s.id_user = user.user_id)
INNER JOIN '.$tbl_user_rel_access_url.' url_user ON (url_user.user_id=user.user_id)
WHERE access_url_id = '.$access_url_id.' AND
WHERE access_url_id = '.$access_url_id.' AND
s.id_user IS null AND
user.status<>'.DRH.' AND
user.status<>'.DRH.' AND
user.user_id<>"'.$user_anonymous.'"'.$cond_user_id.
$order_clause;
break;
@ -233,7 +231,7 @@ function validate_filter() {
document.formulaire.submit();
}
function checked_in_no_session(checked) {
function checked_in_no_session(checked) {
$("#first_letter_user")
.find("option")
.attr("selected", false);
@ -259,13 +257,13 @@ if($_POST['form_sent']) {
$firstLetterUser = $_POST['firstLetterUser'];
$firstLetterSession = $_POST['firstLetterSession'];
$UserList = $_POST['sessionUsersList'];
if (!is_array($UserList)) {
$UserList=array();
}
if ($form_sent == 1) {
//added a parameter to send emails when registering a user
//added a parameter to send emails when registering a user
SessionManager::suscribe_users_to_session($id_session, $UserList, null, true);
header('Location: resume_session.php?id_session='.$id_session);
exit;
@ -326,7 +324,7 @@ if ($ajax_search) {
}
}
}
if ($use_extra_fields) {
$final_result = array();
if (count($extra_field_result)>1) {
@ -392,16 +390,16 @@ if ($ajax_search) {
foreach ($Users as $user) {
if ($user['id_session'] != $id_session)
$nosessionUsersList[$user['user_id']] = $user ;
$nosessionUsersList[$user['user_id']] = $user ;
}
$user_anonymous=api_get_anonymous_id();
foreach($nosessionUsersList as $key_user_list =>$value_user_list) {
if ($nosessionUsersList[$key_user_list]['user_id']==$user_anonymous) {
unset($nosessionUsersList[$key_user_list]);
}
}
//filling the correct users in list
$sql="SELECT user_id, lastname, firstname, username, id_session
FROM $tbl_user u
@ -539,13 +537,13 @@ if(!empty($errorMsg)) {
?>
</select>
</div>
<input type="checkbox" onchange="checked_in_no_session(this.checked);" name="user_with_any_session" id="user_with_any_session_id">
<input type="checkbox" onchange="checked_in_no_session(this.checked);" name="user_with_any_session" id="user_with_any_session_id">
<label for="user_with_any_session_id"><?php echo get_lang('UsersRegisteredInNoSession'); ?></label>
<?php
}
unset($nosessionUsersList);
?>
</div>
</td>
<td width="10%" valign="middle" align="center">

6
main/admin/resume_session.php
Unescape View File

@ -14,7 +14,9 @@ require_once '../inc/global.inc.php';
// setting the section (for the tabs)
$this_section = SECTION_PLATFORM_ADMIN;
api_protect_admin_script(true);
$id_session = (int)$_GET['id_session'];
SessionManager::protect_session_edit($id_session);
$tool_name = get_lang('SessionOverview');
@ -33,7 +35,7 @@ $tbl_session_category = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY)
$table_access_url_user = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$id_session = (int)$_GET['id_session'];
$sql = 'SELECT name, nbr_courses, nbr_users, nbr_classes, DATE_FORMAT(date_start,"%d-%m-%Y") as date_start, DATE_FORMAT(date_end,"%d-%m-%Y") as date_end, lastname, firstname, username, session_admin_id, nb_days_access_before_beginning, nb_days_access_after_end, session_category_id, visibility
FROM '.$tbl_session.' LEFT JOIN '.$tbl_user.' ON id_coach = user_id

9
main/admin/session_course_edit.php
Unescape View File

@ -9,13 +9,10 @@ $language_file='admin';
$cidReset=true;
require_once '../inc/global.inc.php';
require_once '../inc/lib/sessionmanager.lib.php';
// setting the section (for the tabs)
/*$this_section=SECTION_PLATFORM_ADMIN;
api_protect_admin_script();*/
$id_session = intval($_GET['id_session']);
SessionManager::protect_session_edit($id_session);
$id_session=intval($_GET['id_session']);
$course_code=trim(stripslashes($_GET['course_code']));
$formSent=0;
@ -94,7 +91,7 @@ global $_configuration;
if ($_configuration['multiple_access_urls']) {
$tbl_access_rel_user= Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$access_url_id = api_get_current_access_url_id();
$sql="SELECT u.user_id,lastname,firstname,username FROM $tbl_user u LEFT JOIN $tbl_access_rel_user a ON(u.user_id= a.user_id) WHERE status='1' AND access_url_id = $access_url_id ".$order_clause;
$sql="SELECT u.user_id,lastname,firstname,username FROM $tbl_user u LEFT JOIN $tbl_access_rel_user a ON(u.user_id= a.user_id) WHERE status='1' AND access_url_id = $access_url_id ".$order_clause;
} else {
$sql="SELECT user_id,lastname,firstname,username FROM $tbl_user WHERE status='1'".$order_clause;
}

7
main/admin/session_course_list.php
Unescape View File

@ -14,7 +14,8 @@ require_once '../inc/global.inc.php';
// setting the section (for the tabs)
$this_section=SECTION_PLATFORM_ADMIN;
api_protect_admin_script(true);
$id_session = intval($_GET['id_session']);
SessionManager::protect_session_edit($id_session);
// Database Table Definitions
$tbl_course = Database::get_main_table(TABLE_MAIN_COURSE);
@ -22,8 +23,6 @@ $tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$tbl_session_rel_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
$tbl_session_rel_course_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
$id_session = intval($_GET['id_session']);
if (empty($id_session)) {
api_not_allowed();
}
@ -46,7 +45,7 @@ if ($action == 'delete') {
foreach ($idChecked as $id){
$my_temp[]= Database::escape_string($id);// forcing the escape_string
}
$idChecked = $my_temp;
$idChecked = $my_temp;
$idChecked="'".implode("','", $idChecked)."'";
Database::query("DELETE FROM $tbl_session_rel_course WHERE id_session='$id_session' AND course_code IN($idChecked)");
$nbr_affected_rows=Database::affected_rows();

16
main/admin/session_course_user.php
Unescape View File

@ -16,8 +16,8 @@ require_once '../inc/global.inc.php';
// setting the section (for the tabs)
$this_section = SECTION_PLATFORM_ADMIN;
// Access restrictions
api_protect_admin_script(true);
$id_session = intval($_GET['id_session']);
SessionManager::protect_session_edit($id_session);
// setting breadcrumbs
$interbreadcrumb[] = array('url' => 'index.php', 'name' => get_lang('PlatformAdmin'));
@ -32,9 +32,9 @@ $tbl_session_rel_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE)
$tbl_course = Database::get_main_table(TABLE_MAIN_COURSE);
// setting the name of the tool
$tool_name= get_lang('EditSessionCoursesByUser');
$id_session=intval($_GET['id_session']);
$id_user=intval($_GET['id_user']);
$tool_name = get_lang('EditSessionCoursesByUser');
$id_user = intval($_GET['id_user']);
if (empty($id_user) || empty($id_session)) {
header('Location: resume_session.php?id_session='.$id_session);
@ -125,9 +125,9 @@ echo '<legend>'.$tool_name.': '.$session_info['name'].' - '.$user_info['complete
$nosessionCourses = $sessionCourses = array();
// actual user
$sql="SELECT code, title, visual_code, srcru.id_session " .
"FROM $tbl_course course inner JOIN $tbl_session_rel_course_rel_user as srcru " .
"ON course.code = srcru.course_code WHERE srcru.id_user = $id_user AND id_session = $id_session";
$sql = "SELECT code, title, visual_code, srcru.id_session
FROM $tbl_course course inner JOIN $tbl_session_rel_course_rel_user as srcru
ON course.code = srcru.course_code WHERE srcru.id_user = $id_user AND id_session = $id_session";
//all
$sql_all="SELECT code, title, visual_code, src.id_session " .

29
main/admin/session_course_user_list.php
Unescape View File

@ -8,9 +8,8 @@
*/
$language_file = array('admin', 'registration');
$cidReset = true;
require_once '../inc/global.inc.php';
api_protect_admin_script(true);
require_once '../inc/global.inc.php';
$tbl_user = Database::get_main_table(TABLE_MAIN_USER);
$tbl_course = Database::get_main_table(TABLE_MAIN_COURSE);
@ -20,6 +19,8 @@ $tbl_session_rel_user = Database::get_main_table(TABLE_MAIN_SESSIO
$tbl_session_rel_course_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
$id_session = intval($_GET['id_session']);
SessionManager::protect_session_edit($id_session);
if (empty($id_session )) {
api_not_allowed();
}
@ -41,10 +42,10 @@ if (is_array($idChecked)) {
$idChecked = $my_temp;
}
$sql = "SELECT s.name, c.title FROM $tbl_session_rel_course src
$sql = "SELECT s.name, c.title FROM $tbl_session_rel_course src
INNER JOIN $tbl_session s ON s.id = src.id_session
INNER JOIN $tbl_course c ON c.code = src.course_code
WHERE src.id_session='$id_session' AND src.course_code='".Database::escape_string($course_code)."' ";
WHERE src.id_session='$id_session' AND src.course_code='".Database::escape_string($course_code)."' ";
$result = Database::query($sql);
@ -55,12 +56,12 @@ if (!list($session_name,$course_title)=Database::fetch_row($result)) {
switch($action) {
case 'delete':
case 'delete':
if (is_array($idChecked) && count($idChecked)>0 ) {
array_map('intval', $idChecked);
$idChecked = implode(',',$idChecked);
}
if (!empty($idChecked)) {
if (!empty($idChecked)) {
Database::query("DELETE FROM $tbl_session_rel_course_rel_user WHERE id_session='$id_session' AND course_code='".$course_code."' AND id_user IN($idChecked)");
$nbr_affected_rows = Database::affected_rows();
Database::query("UPDATE $tbl_session_rel_course SET nbr_users=nbr_users-$nbr_affected_rows WHERE id_session='$id_session' AND course_code='".$course_code."'");
@ -68,8 +69,8 @@ switch($action) {
header('Location: '.api_get_self().'?id_session='.$id_session.'&course_code='.urlencode($course_code).'&sort='.$sort);
exit();
break;
case 'add':
SessionManager::subscribe_users_to_session_course($idChecked, $id_session, $course_code);
case 'add':
SessionManager::subscribe_users_to_session_course($idChecked, $id_session, $course_code);
header('Location: '.api_get_self().'?id_session='.$id_session.'&course_code='.urlencode($course_code).'&sort='.$sort);
exit;
break;
@ -79,11 +80,11 @@ switch($action) {
$limit = 20;
$from = $page * $limit;
$is_western_name_order = api_is_western_name_order();
//scru.status<>2 scru.course_code='".$course_code."'
//scru.status<>2 scru.course_code='".$course_code."'
$sql = "SELECT DISTINCT u.user_id,".($is_western_name_order ? 'u.firstname, u.lastname' : 'u.lastname, u.firstname').", u.username, scru.id_user as is_subscribed
FROM $tbl_session_rel_user s INNER JOIN $tbl_user u ON (u.user_id=s.id_user) LEFT JOIN $tbl_session_rel_course_rel_user scru ON (u.user_id=scru.id_user AND scru.course_code = '".$course_code."' )
WHERE s.id_session='$id_session'
FROM $tbl_session_rel_user s INNER JOIN $tbl_user u ON (u.user_id=s.id_user) LEFT JOIN $tbl_session_rel_course_rel_user scru ON (u.user_id=scru.id_user AND scru.course_code = '".$course_code."' )
WHERE s.id_session='$id_session'
ORDER BY $sort $direction LIMIT $from,".($limit+1);
if ($direction == 'desc') {
@ -166,7 +167,7 @@ foreach ($Users as $key=>$enreg) {
<?php } ?>
<td><?php echo api_htmlentities($enreg['username'],ENT_QUOTES,$charset); ?></td>
<td>
<?php if ($enreg['is_subscribed']) { ?>
<?php if ($enreg['is_subscribed']) { ?>
<a href="<?php echo api_get_self(); ?>?id_session=<?php echo $id_session; ?>&course_code=<?php echo urlencode($course_code); ?>&sort=<?php echo $sort; ?>&action=delete&idChecked[]=<?php echo $enreg['user_id']; ?>" onclick="javascript:if(!confirm('<?php echo get_lang('ConfirmYourChoice'); ?>')) return false;">
<?php Display::display_icon('delete.png', get_lang('Delete')); ?>
</a>
@ -175,7 +176,7 @@ foreach ($Users as $key=>$enreg) {
<?php Display::display_icon('add.png', get_lang('Add'), array(), ICON_SIZE_SMALL); ?>
</a>
<?php } ?>
</td>
</tr>
<?php

110
main/admin/session_edit.php
Unescape View File

@ -9,17 +9,19 @@ require_once '../inc/global.inc.php';
// setting the section (for the tabs)
$this_section = SECTION_PLATFORM_ADMIN;
api_protect_admin_script(true);
$id = intval($_GET['id']);
$formSent = 0;
// Database Table Definitions
$tbl_user = Database::get_main_table(TABLE_MAIN_USER);
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$tbl_session_rel_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
$sql = "SELECT name,date_start,date_end,id_coach, session_admin_id, nb_days_access_before_beginning, nb_days_access_after_end, session_category_id, visibility
$id = intval($_GET['id']);
SessionManager::protect_session_edit($id);
$sql = "SELECT name,date_start,date_end,id_coach, session_admin_id, nb_days_access_before_beginning, nb_days_access_after_end, session_category_id, visibility
FROM $tbl_session WHERE id = $id";
$result = Database::query($sql);
@ -30,9 +32,7 @@ if (!$infos = Database::fetch_array($result)) {
$id_coach = $infos['id_coach'];
if (!api_is_platform_admin() && $infos['session_admin_id'] != api_get_user_id()) {
api_not_allowed(true);
}
$tool_name = get_lang('EditSession');
@ -46,8 +46,8 @@ list($year_end,$month_end,$day_end) = explode('-',$infos['date_end']);
$end_year_disabled = $end_month_disabled = $end_day_disabled = '';
if ($_POST['formSent']) {
$formSent = 1;
$formSent = 1;
$name = $_POST['name'];
$year_start = $_POST['year_start'];
$month_start = $_POST['month_start'];
@ -61,15 +61,15 @@ if ($_POST['formSent']) {
$id_coach = $_POST['id_coach'];
$id_session_category = $_POST['session_category'];
$id_visibility = $_POST['session_visibility'];
$end_limit = $_POST['end_limit'];
$start_limit = $_POST['start_limit'];
$start_limit = $_POST['start_limit'];
if (empty($end_limit) && empty($start_limit)) {
$nolimit = 1;
} else {
$nolimit = null;
}
}
$return = SessionManager::edit_session($id,$name,$year_start,$month_start,$day_start,$year_end,$month_end,$day_end,$nb_days_acess_before,$nb_days_acess_after,$nolimit, $id_coach, $id_session_category,$id_visibility,$start_limit,$end_limit);
if ($return == strval(intval($return))) {
@ -107,16 +107,16 @@ if (!empty($return)) {
<form class="form-horizontal" method="post" name="form" action="<?php echo api_get_self(); ?>?page=<?php echo Security::remove_XSS($_GET['page']) ?>&id=<?php echo $id; ?>" style="margin:0px;">
<fieldset>
<legend><?php echo $tool_name; ?></legend>
<legend><?php echo $tool_name; ?></legend>
<input type="hidden" name="formSent" value="1">
<div class="control-group">
<label class="control-label">
<?php echo get_lang('SessionName') ?>
</label>
<div class="controls">
<input type="text" name="name" size="50" maxlength="50" value="<?php if($formSent) echo api_htmlentities($name,ENT_QUOTES,$charset); else echo api_htmlentities($infos['name'],ENT_QUOTES,$charset); ?>">
</div>
</div>
</div>
<div class="control-group">
<label class="control-label">
@ -133,7 +133,7 @@ if (!empty($return)) {
$Categories = SessionManager::get_all_session_category();
?>
</select>
</div>
</div>
</div>
<div class="control-group">
<label class="control-label">
@ -143,22 +143,22 @@ if (!empty($return)) {
<select class="chzn-select" id="session_category" name="session_category" style="width:380px;" title="<?php echo get_lang('Select'); ?>">
<option value="0"><?php get_lang('None'); ?></option>
<?php
if (!empty($Categories)) {
if (!empty($Categories)) {
foreach($Categories as $Rows) { ?>
<option value="<?php echo $Rows['id']; ?>" <?php if($Rows['id'] == $infos['session_category_id']) echo 'selected="selected"'; ?>><?php echo $Rows['name']; ?></option>
<?php }
}
?>
</select>
</div>
</div>
</div>
<div class="control-group">
<div class="control-group">
<div class="controls">
<a href="javascript://" onclick="if(document.getElementById('options').style.display == 'none'){document.getElementById('options').style.display = 'block';}else{document.getElementById('options').style.display = 'none';}"><?php echo get_lang('DefineSessionOptions') ?></a>
</div>
</div>
</div>
<div class="control-group">
<div class="controls">
<div class="control-group">
<div class="controls">
<div style="display:
<?php
if($formSent){
@ -174,23 +174,23 @@ if (!empty($return)) {
}
?>
;" id="options">
<input type="text" name="nb_days_access_before" value="<?php if($formSent) echo api_htmlentities($nb_days_access_before,ENT_QUOTES,$charset); else echo api_htmlentities($infos['nb_days_access_before_beginning'],ENT_QUOTES,$charset); ?>" style="width: 30px;">&nbsp;<?php echo get_lang('DaysBefore') ?>
<br />
<br />
<br />
<input type="text" name="nb_days_access_after" value="<?php if($formSent) echo api_htmlentities($nb_days_access_after,ENT_QUOTES,$charset); else echo api_htmlentities($infos['nb_days_access_after_end'],ENT_QUOTES,$charset); ?>" style="width: 30px;">&nbsp;<?php echo get_lang('DaysAfter') ?>
</div>
</div>
</div>
</div>
<div class="clear"></div>
<div class="control-group">
<div class="controls">
<div class="clear"></div>
<div class="control-group">
<div class="controls">
<label for="start_limit">
<input id="start_limit" type="checkbox" name="start_limit" onchange="disable_starttime(this)" <?php if ($year_start!="0000") echo "checked"; ?>/>
<?php echo get_lang('DateStartSession');?>
</label>
</label>
<div id="start_date" style="<?php echo ($year_start=="0000") ? "display:none" : "display:block" ; ?>">
<br />
<select name="day_start">
@ -243,7 +243,7 @@ if (!empty($return)) {
</select>
/
<select name="year_start">
<?php
for($i=$thisYear-5;$i <= ($thisYear+5);$i++) { ?>
<option value="<?php echo $i; ?>" <?php if($year_start == $i) echo 'selected="selected"'; ?> ><?php echo $i; ?></option>
@ -252,18 +252,18 @@ if (!empty($return)) {
?>
</select>
</div>
</div>
</div>
</div>
<div class="control-group">
<div class="controls">
<div class="control-group">
<div class="controls">
<label for="end_limit">
<input id="end_limit" type="checkbox" name="end_limit" onchange="disable_endtime(this)" <?php if ($year_end!="0000") echo "checked"; ?>/>
<?php echo get_lang('DateEndSession') ?>
</label>
<div id="end_date" style="<?php echo ($year_end=="0000") ? "display:none" : "display:block" ; ?>">
<br />
<select name="day_end" <?php echo $end_day_disabled; ?> >
<option value="1">01</option>
<option value="2" <?php if($day_end == 2) echo 'selected="selected"'; ?> >02</option>
@ -314,7 +314,7 @@ if (!empty($return)) {
</select>
/
<select name="year_end" <?php echo $end_year_disabled; ?>>
<?php
for($i=$thisYear-5;$i <= ($thisYear+5);$i++) {
?>
@ -323,24 +323,24 @@ if (!empty($return)) {
}
?>
</select>
<br /> <br />
<?php echo get_lang('SessionVisibility') ?> <br />
<br /> <br />
<?php echo get_lang('SessionVisibility') ?> <br />
<select name="session_visibility" style="width:250px;">
<?php
$visibility_list = array(SESSION_VISIBLE_READ_ONLY=>get_lang('SessionReadOnly'), SESSION_VISIBLE=>get_lang('SessionAccessible'), SESSION_INVISIBLE=>api_ucfirst(get_lang('SessionNotAccessible')));
foreach($visibility_list as $key=>$item): ?>
<option value="<?php echo $key; ?>" <?php if($key == $infos['visibility']) echo 'selected="selected"'; ?>><?php echo $item; ?></option>
<?php endforeach; ?>
</select>
</select>
</div>
</div>
</div>
<div class="control-group">
</div>
<div class="control-group">
<div class="controls">
<button class="save" type="submit" value="<?php echo get_lang('ModifyThisSession') ?>"><?php echo get_lang('ModifyThisSession') ?></button>
</div>
<button class="save" type="submit" value="<?php echo get_lang('ModifyThisSession') ?>"><?php echo get_lang('ModifyThisSession') ?></button>
</div>
</div>
</fieldset>
</form>
@ -361,26 +361,26 @@ function setDisable(select){
document.form.session_visibility.disabled = (select.checked) ? true : false;
document.form.session_visibility.selectedIndex = 0;
document.form.start_limit.disabled = (select.checked) ? true : false;
document.form.start_limit.checked = false;
document.form.end_limit.disabled = (select.checked) ? true : false;
document.form.end_limit.checked = false;
var end_div = document.getElementById('end_date');
end_div.style.display = 'none';
var start_div = document.getElementById('start_date');
start_div.style.display = 'none';
start_div.style.display = 'none';
}
function disable_endtime(select) {
var end_div = document.getElementById('end_date');
if (end_div.style.display == 'none')
end_div.style.display = 'block';
else
else
end_div.style.display = 'none';
}
@ -388,7 +388,7 @@ function disable_starttime(select) {
var start_div = document.getElementById('start_date');
if (start_div.style.display == 'none')
start_div.style.display = 'block';
else
else
start_div.style.display = 'none';
}

29
main/inc/lib/sessionmanager.lib.php
Unescape View File

@ -160,7 +160,7 @@ class SessionManager {
api_mail_html($complete_name, $user_info['email'], $subject, $message);
*
*/
// add event to system log
$user_id = api_get_user_id();
event_system(LOG_SESSION_CREATE, LOG_SESSION_ID, $session_id, api_get_utc_datetime(), $user_id);
@ -184,15 +184,13 @@ class SessionManager {
$where = 'WHERE 1=1 ';
$user_id = api_get_user_id();
if (api_is_session_admin() && api_get_setting('allow_session_admins_to_see_all_sessions') == 'false') {
$where.=" WHERE s.session_admin_id = $user_id ";
if (api_is_session_admin() && api_get_setting('allow_session_admins_to_manage_all_sessions') == 'false') {
$where.=" AND s.session_admin_id = $user_id ";
}
$query_rows = "SELECT count(*) as total_rows
FROM $tbl_session s
LEFT JOIN $tbl_session_category sc ON s.session_category_id = sc.id
INNER JOIN $tbl_user u ON s.id_coach = u.user_id
$where ";
$query_rows = "SELECT count(*) as total_rows FROM $tbl_session s
LEFT JOIN $tbl_session_category sc ON s.session_category_id = sc.id
INNER JOIN $tbl_user u ON s.id_coach = u.user_id $where ";
$result_rows = Database::query($query_rows);
$recorset = Database::fetch_array($result_rows);
$num = $recorset['total_rows'];
@ -211,7 +209,7 @@ class SessionManager {
$where = 'WHERE 1=1 ';
$user_id = api_get_user_id();
if (api_is_session_admin() && api_get_setting('allow_session_admins_to_see_all_sessions') == 'false') {
if (api_is_session_admin() && api_get_setting('allow_session_admins_to_manage_all_sessions') == 'false') {
$where.=" AND s.session_admin_id = $user_id ";
}
@ -1728,6 +1726,7 @@ class SessionManager {
}
return false;
}
/**
* Get the number of sessions
* @param int ID of the URL we want to filter on (optional)
@ -1740,4 +1739,16 @@ class SessionManager {
$row = Database::fetch_row($res);
return $row[0];
}
function protect_session_edit($id) {
api_protect_admin_script(true);
$session_info = self::fetch($id);
if (api_get_setting('allow_session_admins_to_manage_all_sessions') != 'true') {
if ($session_info['session_admin_id'] != api_get_user_id()) {
api_not_allowed(true);
}
}
}
}

8
main/install/db_main.sql
Unescape View File

@ -862,7 +862,7 @@ VALUES
('facebook_description', NULL, 'radio', 'Facebook', 'false', 'FacebookMainActivateTitle', 'FacebookMainActivateComment', NULL, NULL, 0),
('gradebook_locking_enabled', NULL, 'radio', 'Gradebook', 'false', 'GradebookEnableLockingTitle', 'GradebookEnableLockingComment', NULL, NULL, 0),
('gradebook_default_grade_model_id', NULL, 'select', 'Gradebook', '', 'GradebookDefaultGradeModelTitle', 'GradebookDefaultGradeModelComment', NULL, NULL, 1),
('allow_session_admins_to_see_all_sessions', NULL, 'radio', 'Session', 'false', 'AllowSessionAdminsToSeeAllSessionsTitle', 'AllowSessionAdminsToSeeAllSessionsComment', NULL, NULL, 1),
('allow_session_admins_to_manage_all_sessions', NULL, 'radio', 'Session', 'false', 'AllowSessionAdminsToSeeAllSessionsTitle', 'AllowSessionAdminsToSeeAllSessionsComment', NULL, NULL, 1),
('allow_skills_tool', NULL, 'radio', 'Platform', 'false', 'AllowSkillsToolTitle', 'AllowSkillsToolComment', NULL, NULL, 1),
('allow_public_certificates', NULL, 'radio', 'Course', 'false', 'AllowPublicCertificatesTitle', 'AllowPublicCertificatesComment', NULL, NULL, 1),
('platform_unsubscribe_allowed', NULL, 'radio', 'Platform', 'false', 'PlatformUnsubscribeTitle', 'PlatformUnsubscribeComment', NULL, NULL, 1),
@ -870,7 +870,7 @@ VALUES
('enable_iframe_inclusion', NULL, 'radio', 'Editor', 'false', 'EnableIframeInclusionTitle', 'EnableIframeInclusionComment', NULL, NULL, 1),
('show_hot_courses', NULL, 'radio', 'Platform', 'true', 'ShowHotCoursesTitle', 'ShowHotCoursesComment', NULL, NULL, 1),
('enable_webcam_clip',NULL,'radio','Tools','false','EnableWebCamClipTitle','EnableWebCamClipComment',NULL,NULL, 0),
('chamilo_database_version', NULL, 'textfield',NULL, '1.9.0.18190','DatabaseVersion','', NULL, NULL, 0);
('chamilo_database_version', NULL, 'textfield',NULL, '1.9.0.18219','DatabaseVersion','', NULL, NULL, 0);
UNLOCK TABLES;
/*!40000 ALTER TABLE settings_current ENABLE KEYS */;
@ -1198,8 +1198,8 @@ VALUES
('gradebook_locking_enabled', 'false', 'No'),
('gradebook_enable_grade_model', 'true', 'Yes'),
('gradebook_enable_grade_model', 'false', 'No'),
('allow_session_admins_to_see_all_sessions', 'true', 'Yes'),
('allow_session_admins_to_see_all_sessions', 'false', 'No'),
('allow_session_admins_to_manage_all_sessions', 'true', 'Yes'),
('allow_session_admins_to_manage_all_sessions', 'false', 'No'),
('allow_skills_tool', 'true', 'Yes'),
('allow_skills_tool', 'false', 'No'),
('allow_public_certificates', 'true', 'Yes'),

8
main/install/migrate-db-1.8.8-1.9.0-pre.sql
Unescape View File

@ -106,9 +106,9 @@ INSERT INTO settings_current (variable, subkey, type, category, selected_value,
INSERT INTO settings_options (variable, value, display_text) VALUES ('allow_users_to_change_email_with_no_password', 'true', 'Yes');
INSERT INTO settings_options (variable, value, display_text) VALUES ('allow_users_to_change_email_with_no_password', 'false', 'No');
INSERT INTO settings_current (variable, subkey, type, category, selected_value, title, comment, scope, subkeytext, access_url_changeable) VALUES ('allow_session_admins_to_see_all_sessions', NULL, 'radio', 'Session', 'false', 'AllowSessionAdminsToSeeAllSessionsTitle', 'AllowSessionAdminsToSeeAllSessionsComment', NULL, NULL, 1);
INSERT INTO settings_options (variable, value, display_text) VALUES ('allow_session_admins_to_see_all_sessions', 'true', 'Yes');
INSERT INTO settings_options (variable, value, display_text) VALUES ('allow_session_admins_to_see_all_sessions', 'false', 'No');
INSERT INTO settings_current (variable, subkey, type, category, selected_value, title, comment, scope, subkeytext, access_url_changeable) VALUES ('allow_session_admins_to_manage_all_sessions', NULL, 'radio', 'Session', 'false', 'AllowSessionAdminsToSeeAllSessionsTitle', 'AllowSessionAdminsToSeeAllSessionsComment', NULL, NULL, 1);
INSERT INTO settings_options (variable, value, display_text) VALUES ('allow_session_admins_to_manage_all_sessions', 'true', 'Yes');
INSERT INTO settings_options (variable, value, display_text) VALUES ('allow_session_admins_to_manage_all_sessions', 'false', 'No');
-- Shibboleth and Facebook auth and ldap
INSERT INTO settings_current (variable, subkey, type, category, selected_value, title, comment, scope, subkeytext, access_url_changeable) VALUES ('shibboleth_description', NULL, 'radio', 'Shibboleth', 'false', 'ShibbolethMainActivateTitle', 'ShibbolethMainActivateComment', NULL, NULL, 0);
@ -273,7 +273,7 @@ DELETE FROM settings_current WHERE variable = "user_order_by";
DELETE FROM settings_options WHERE variable = "user_order_by";
-- Do not move this query
UPDATE settings_current SET selected_value = '1.9.0.18189' WHERE variable = 'chamilo_database_version';
UPDATE settings_current SET selected_value = '1.9.0.18219' WHERE variable = 'chamilo_database_version';
-- xxSTATSxx
ALTER TABLE track_e_exercices ADD COLUMN questions_to_check TEXT NOT NULL DEFAULT '';

Write Preview
Loading…
Cancel
Save