Minor- Format code

main/inc/lib/GamificationUtils.php

@@ -40,6 +40,7 @@ class GamificationUtils
      * Get the achieved points for an user in a session
      * @param int $sessionId The session ID
      * @param int $userId The user ID
+     *
      * @return int The count of points
      */
     public static function getSessionPoints($sessionId, $userId)
@@ -89,6 +90,7 @@ class GamificationUtils
      * Get the calculated progress for an user in a session
      * @param int $sessionId The session ID
      * @param int $userId The user ID
+     *
      * @return float The progress
      */
     public static function getSessionProgress($sessionId, $userId)
@@ -124,6 +126,7 @@ class GamificationUtils
      * Get the number of stars achieved for an user in a session
      * @param int $sessionId The session ID
      * @param int $userId The user ID
+     *
      * @return int The number of stars
      */
     public static function getSessionStars($sessionId, $userId)
@@ -173,6 +176,7 @@ class GamificationUtils
      * Get the stars on sessions with gamification mode
      * @param int $userId The user ID
      * @param int $userStatus The user Status
+     *
      * @return int
      */
     public static function getTotalUserStars($userId, $userStatus)
@@ -199,6 +203,7 @@ class GamificationUtils
      * Get the total progress on sessions with gamification mode
      * @param int $userId The user ID
      * @param int $userStatus The user Status
+     *
      * @return float
      */
     public static function getTotalUserProgress($userId, $userStatus)

main/inc/lib/events_dispatcher.class.php

@@ -2,21 +2,21 @@
 include_once api_get_path(CONFIGURATION_PATH).'events.conf.php';
 
 /**
- * 
- * Entry point for every event in the application. 
+ *  Class EventsDispatcher
+ * Entry point for every event in the application.
  * Fires the functions linked to the events according to the event's conf.
  * Every function got its own filter, it's fired inside the functiones fired
  * by this class. The filter config is next to the event config, in conf/events.conf.php
- *  
+ *
  */
-class EventsDispatcher 
+class EventsDispatcher
 {
     public static function events($event_name, $event_data = array())
     {
         global $event_config;
         // get the config for the event passed in parameter ($event_name)
         // and execute every actions with the values
-        
+
         foreach ($event_config[$event_name]["actions"] as $func) {
             $execute = true;
             if (!function_exists($func)) // if the function doesn't exist, we log
@@ -24,26 +24,24 @@ class EventsDispatcher
                 error_log("EventsDispatcher warning : ".$func." does not exist.");
                 $execute = false;
             }
-            
+
             // check if the event's got a filter
-            if (function_exists($event_name."_".$func."_filter_func")) 
-            {
+            if (function_exists($event_name."_".$func."_filter_func")) {
                 $filter = $event_name."_".$func."_filter_func";
-                // if it does, we execute the filter (which changes the data 
+                // if it does, we execute the filter (which changes the data
                 // in-place and returns true on success or false on error)
                 $execute = $filter($event_data);
-            }
-            else // if there's no filter
-            {
+            } else {
+                // if there's no filter
                 error_log("EventsDispatcher warning : ".$event_name."_".$func."_filter_func does not exist.");
             }
 
-            if (!$execute) // if the filter says we cannot send the mail, we get out of here
-            {
+            if (!$execute) {
+                // if the filter says we cannot send the mail, we get out of here
                 return false;
             }
-            // finally, if the filter says yes (or the filter doesn't exist), 
-            // we execute the in-between function that will call the needed 
+            // finally, if the filter says yes (or the filter doesn't exist),
+            // we execute the in-between function that will call the needed
             // function
             $func($event_name, $event_data);
         }

main/inc/lib/events_email.class.php

@@ -51,8 +51,7 @@ class EventsMail
 
         // Fill the array's cells with info regarding the user that fired the event
         // (for the keys in the template)
-        if ( isset($event_data["about_user"]) )
-        {
+        if (isset($event_data["about_user"])) {
             $about_user = api_get_user_info($event_data["about_user"]);
             $event_data["firstname"] = $about_user["firstname"];
             $event_data["lastname"] = $about_user["lastname"];
@@ -63,24 +62,27 @@ class EventsMail
         }
 
         // First, we send the mail to people we put in the $event_data["send_to"]
-        if ($event_data["send_to"] != null) // the users we precised need to receive the mail
-        {
-            foreach ($event_data["send_to"] as $id) // for every member put in the array
-            {
+        if ($event_data["send_to"] != null) {
+            // the users we precised need to receive the mail
+            foreach ($event_data["send_to"] as $id) {
+                // for every member put in the array
                 // get user's info (to know where to send)
                 $user_info = api_get_user_info($id);
 
                 // get the language the email will be in
-                if ($event_data["prior_lang"] != null) // if $lang is not null, we use that lang
-                {
+                if ($event_data["prior_lang"] != null) {
+                    // if $lang is not null, we use that lang
                     $language = $event_data["prior_lang"];
-                }
-                else  // else we use the user's language
-                {
-                    $sql = 'SELECT language FROM ' . Database::get_main_table(TABLE_MAIN_USER) . ' u
-                    WHERE u.user_id = "' . $id . '"
+                } else {
+                    // else we use the user's language
+                    $sql = 'SELECT language
+                            FROM '.Database::get_main_table(TABLE_MAIN_USER).' u
+                            WHERE u.user_id = "'.$id.'"
                     ';
-                    $language = Database::store_result(Database::query($sql), 'ASSOC');
+                    $language = Database::store_result(
+                        Database::query($sql),
+                        'ASSOC'
+                    );
                     $language = $language[0]["language"];
                 }
 
@@ -99,18 +101,32 @@ class EventsMail
                 // checks if there's a file we need to join to the mail
                 if (isset($values["certificate_pdf_file"])) {
                     $message = str_replace("\n", "<br />", $message);
-                    api_mail_html($recipient_name, $user_info["mail"], $subject, $message, $sender_name, $email_admin, null, array($values['certificate_pdf_file']));
+                    api_mail_html(
+                        $recipient_name,
+                        $user_info["mail"],
+                        $subject,
+                        $message,
+                        $sender_name,
+                        $email_admin,
+                        null,
+                        array($values['certificate_pdf_file'])
+                    );
                 } else {
-                    api_mail_html($recipient_name, $user_info["mail"], $subject, $message, $sender_name, $email_admin);
+                    api_mail_html(
+                        $recipient_name,
+                        $user_info["mail"],
+                        $subject,
+                        $message,
+                        $sender_name,
+                        $email_admin
+                    );
                 }
 
                 // If the mail only need to be send once (we know that thanks to the events.conf), we log it in the table
-                if ($event_config[$event_name]["sending_mail_once"])
-                {
-                    $sql = 'INSERT INTO ' . Database::get_main_table(TABLE_EVENT_SENT) . '
-                        (user_from, user_to, event_type_name)
-                        VALUES ('.$event_data["user_id"].', '.$id.' ,"'.Database::escape_string($event_name).'");
-                        ';
+                if ($event_config[$event_name]["sending_mail_once"]) {
+                    $sql = 'INSERT INTO ' . Database::get_main_table(TABLE_EVENT_SENT) . ' (user_from, user_to, event_type_name)
+                            VALUES ('.$event_data["user_id"].', '.$id.' ,"'.Database::escape_string($event_name).'")
+                    ';
                     Database::query($sql);
                 }
             }
@@ -118,20 +134,19 @@ class EventsMail
 
         // Second, we send to people linked to the event
         // So, we get everyone
-        $sql = 'SELECT u.user_id, u.language, u.email, u.firstname, u.lastname FROM ' . Database::get_main_table(TABLE_EVENT_TYPE_REL_USER) . ' ue
+        $sql = 'SELECT u.user_id, u.language, u.email, u.firstname, u.lastname
+                FROM ' . Database::get_main_table(TABLE_EVENT_TYPE_REL_USER) . ' ue
                 INNER JOIN '.Database::get_main_table(TABLE_MAIN_USER).' u ON u.user_id = ue.user_id
                 WHERE event_type_name = "' . $event_name . '"';
         $result = Database::store_result(Database::query($sql), 'ASSOC');
-
-        foreach ($result as $key => $value) // for each of the linked users
-        {
+        // for each of the linked users
+        foreach ($result as $key => $value) {
             // we get the language
-            if ($event_data["prior_lang"] != null) // if $lang is not null, we use that lang
-            {
+            if ($event_data["prior_lang"] != null) {
+                // if $lang is not null, we use that lang
                 $language = $event_data["prior_lang"];
-            }
-            else // else we get the user's lang
-            {
+            } else {
+                // else we get the user's lang
                 $sql = 'SELECT language FROM '.Database::get_main_table(TABLE_MAIN_USER).'
                     where user_id = '.$value["user_id"].' ';
                 $result = Database::store_result(Database::query($sql), 'ASSOC');
@@ -151,11 +166,17 @@ class EventsMail
             // we send the mail
             $recipient_name = api_get_person_name($value['firstname'], $value['lastname']);
 
-            api_mail_html($recipient_name, $value["email"], $subject, $message, $sender_name, $email_admin);
+            api_mail_html(
+                $recipient_name,
+                $value["email"],
+                $subject,
+                $message,
+                $sender_name,
+                $email_admin
+            );
 
             // If the mail only need to be send once (we know that thanks to the events.conf, we log it in the table
-            if ($event_config[$event_name]["sending_mail_once"])
-            {
+            if ($event_config[$event_name]["sending_mail_once"]) {
                 $sql = 'INSERT INTO ' . Database::get_main_table(TABLE_EVENT_SENT) . '
                     (user_from, user_to, event_type_name)
                     VALUES ('.$event_data["user_id"].', '.$value["user_id"].' , "'.Database::escape_string($event_name).'");
@@ -206,10 +227,14 @@ class EventsMail
      */
     private static function getMessage($event_name, $language)
     {
-        $sql = 'SELECT message, subject, l.dokeos_folder FROM ' . Database::get_main_table(TABLE_EVENT_EMAIL_TEMPLATE) . ' em
+        $sql = 'SELECT message, subject, l.dokeos_folder
+                FROM ' . Database::get_main_table(TABLE_EVENT_EMAIL_TEMPLATE) . ' em
                 INNER JOIN ' . Database::get_main_table(TABLE_MAIN_LANGUAGE) . ' l
                 ON em.language_id = l.id
-                WHERE em.event_type_name = "' . $event_name . '" and (l.dokeos_folder = "' . $language . '" OR l.dokeos_folder = "english") and em.message <> ""
+                WHERE
+                    em.event_type_name = "' . $event_name . '" AND
+                    (l.dokeos_folder = "' . $language . '" OR l.dokeos_folder = "english") AND
+                    em.message <> ""
                 ';
         return Database::store_result(Database::query($sql), 'ASSOC');
     }
@@ -224,18 +249,16 @@ class EventsMail
      */
     private static function getCorrectMessage(&$message, &$subject, $language, $result)
     {
-        foreach ($result as $msg)
-        {
-            if ($msg["dokeos_folder"] == $language)
-            {
+        foreach ($result as $msg) {
+            if ($msg["dokeos_folder"] == $language) {
                 $message = $msg["message"];
                 $subject = $msg["subject"];
                 break;
-            }
-            else if ($msg["dokeos_folder"] == "english")
-            {
-                $message = $msg["message"];
-                $subject = $msg["subject"];
+            } else {
+                if ($msg["dokeos_folder"] == "english") {
+                    $message = $msg["message"];
+                    $subject = $msg["subject"];
+                }
             }
         }
     }
@@ -250,8 +273,7 @@ class EventsMail
      */
     private static function formatMessage(&$message, &$subject, $event_config, $event_name, &$event_data)
     {
-        foreach ($event_config[$event_name]["available_keyvars"] as $key => $word)
-        {
+        foreach ($event_config[$event_name]["available_keyvars"] as $key => $word) {
             $message = str_replace('((' . $key . '))', $event_data[$word], $message);
             $subject = str_replace('((' . $key . '))', $event_data[$word], $subject);
         }

main/newscorm/lp_admin_view.php

@@ -294,8 +294,7 @@ switch ($_GET['action']) {
         }
         break;
 }
-if(!empty($_GET['updateaudio']))
-{
+if (!empty($_GET['updateaudio'])) {
     // list of items to add audio files
     echo $_SESSION['oLP']->overview();
 }

main/newscorm/lp_impress.php

@@ -19,12 +19,21 @@ api_protect_course_script();
 $lp_id = intval($_GET['lp_id']);
 
 // Check if the learning path is visible for student - (LP requisites)
-if (!api_is_allowed_to_edit(null, true) && !learnpath::is_lp_visible_for_student($lp_id, api_get_user_id())) {
+if (!api_is_allowed_to_edit(null, true) &&
+    !learnpath::is_lp_visible_for_student($lp_id, api_get_user_id())
+) {
     api_not_allowed();
 }
 
 //Checking visibility (eye icon)
-$visibility = api_get_item_visibility(api_get_course_info(), TOOL_LEARNPATH, $lp_id, $action, api_get_user_id(), api_get_session_id());
+$visibility = api_get_item_visibility(
+    api_get_course_info(),
+    TOOL_LEARNPATH,
+    $lp_id,
+    $action,
+    api_get_user_id(),
+    api_get_session_id()
+);
 if (!api_is_allowed_to_edit(null, true) && intval($visibility) == 0 ) {
      api_not_allowed();
 }
@@ -47,8 +56,14 @@ $is_allowed_to_edit = api_is_allowed_to_edit(null, true, false, false);
 if ($is_allowed_to_edit) {
     echo '<div style="position: fixed; top: 0px; left: 0px; pointer-events: auto;width:100%">';
     global $interbreadcrumb;
-    $interbreadcrumb[] = array('url' => 'lp_controller.php?action=list&isStudentView=false', 'name' => get_lang('LearningPaths'));
-    $interbreadcrumb[] = array('url' => api_get_self()."?action=add_item&type=step&lp_id=".$_SESSION['oLP']->lp_id."&isStudentView=false", 'name' => $_SESSION['oLP']->get_name());
+    $interbreadcrumb[] = array(
+        'url' => 'lp_controller.php?action=list&isStudentView=false',
+        'name' => get_lang('LearningPaths'),
+    );
+    $interbreadcrumb[] = array(
+        'url' => api_get_self()."?action=add_item&type=step&lp_id=".$_SESSION['oLP']->lp_id."&isStudentView=false",
+        'name' => $_SESSION['oLP']->get_name(),
+    );
     $interbreadcrumb[] = array('url' => '#', 'name' => get_lang('Preview'));
     echo return_breadcrumb($interbreadcrumb, null, null);
     echo '</div>';
@@ -58,10 +73,6 @@ $html = '';
 $step = 1;
 foreach ($list as $toc) {
     $x = 1000*$step;
-    //data-scale="'.$step.'"
-    //data-x="850" data-y="3000" data-rotate="90" data-scale="5"
-
-
     $html .= '<div id="step-'.$step.'" class="step slide" data-x="'.$x.'" data-y="-1500"  >';
     $html .= '<div class="impress-content">';
     $src = $_SESSION['oLP']->get_link('http', $toc['id']);
@@ -84,4 +95,4 @@ $tpl = new Template($tool_name, false, false, true);
 $tpl->assign('html', $html);
 $content = $tpl->fetch('default/learnpath/impress.tpl');
 $tpl->assign('content', $content);
-$tpl->display_one_col_template();
+$tpl->display_one_col_template();

main/newscorm/lp_list_search.php

@@ -6,12 +6,10 @@
  * @package chamilo.learnpath
  * @author Diego Escalante Urrelo <diegoe@gmail.com>
  * @author Marco Antonio Villegas Vega <marvil07@gmail.com>
- * @author Julio Montoya <gugli100@gmail.com> Lots of bug fixing
+ * @author Julio Montoya <gugli100@gmail.com> bug fixing
  *
  */
-/**
- * Code
- */
+
 require api_get_path(LIBRARY_PATH).'search/search_widget.php';
 require api_get_path(LIBRARY_PATH).'search/ChamiloQuery.php';
 require_once api_get_path(LIBRARY_PATH).'search/IndexableChunk.class.php';
@@ -82,7 +80,8 @@ foreach ($specific_fields as $specific_field) {
         $sf_terms_for_code = xapian_get_all_terms(1000, $specific_field['code']);
         foreach ($sf_terms_for_code as $term) {
             if (!empty($term)) {
-                $term_array[] = chamilo_get_boolean_query($term['name']); // Here name includes prefix.
+                // Here name includes prefix.
+                $term_array[] = chamilo_get_boolean_query($term['name']);
             }
         }
     }
@@ -100,7 +99,11 @@ if (count($term_array)) {
     $fixed_queries = chamilo_join_queries($term_array, null, $op);
 
     if ($course_filter != null) {
-        $fixed_queries = chamilo_join_queries($fixed_queries, $course_filter, 'and');
+        $fixed_queries = chamilo_join_queries(
+            $fixed_queries,
+            $course_filter,
+            'and'
+        );
     }
 } else {
     if (!empty($query)) {
@@ -108,7 +111,12 @@ if (count($term_array)) {
     }
 }
 
-list($count, $results) = chamilo_query_query(api_convert_encoding($query, 'UTF-8', $charset), 0, 1000, $fixed_queries);
+list($count, $results) = chamilo_query_query(
+    api_convert_encoding($query, 'UTF-8', $charset),
+    0,
+    1000,
+    $fixed_queries
+);
 
 // Prepare blocks to show.
 $blocks = array();

main/newscorm/resourcelinker.inc.php

@@ -9,10 +9,6 @@
  *	@todo use the constants for the tools
  *	@todo use Database API instead of creating table names locally.
  */
-/**
- * Code
- */
-/* INIT SECTION */
 
 // Flag to allow for anonymous user - needs to be set before global.inc.php.
 
@@ -176,7 +172,6 @@ function show_documents($folder) {
  */
 function file_or_folder($filefolder) {
     global $_course;
-    global $baseServDir;
     $courseDir   = $_course['path'].'/document';
     $baseWorkDir = api_get_path(SYS_COURSE_PATH).$courseDir;
     return (is_dir($baseWorkDir.$filefolder) ? 1 : 0);
@@ -188,8 +183,8 @@ function file_or_folder($filefolder) {
  * @param $source_type
  * @param $source_id
  */
-function store_resources($source_type, $source_id) {
-    global $_course;
+function store_resources($source_type, $source_id)
+{
     $resource_table = Database::get_course_table(TABLE_LINKED_RESOURCES);
     $course_id = api_get_course_int_id();
 
@@ -218,8 +213,8 @@ function store_resources($source_type, $source_id) {
  * @param $style this is used to style the link (for instance when a resource is hidden => the added resources should also be styled like they are hidden)
  * @todo use the constants for the type definitions.
  */
-function display_addedresource_link($type, $id, $style = '') {
-    global $_course;
+function display_addedresource_link($type, $id, $style = '')
+{
     $course_id = api_get_course_int_id();
 
     // Styling the link of the added resource.
@@ -329,8 +324,8 @@ function display_addedresource_link($type, $id, $style = '') {
  * @todo this function is too long, rewrite
  */
 function display_addedresource_link_in_learnpath($type, $id, $completed, $id_in_path, $builder, $icon, $level = 0) {
-    global $_course, $learnpath_id, $tbl_learnpath_item, $items;
-    global $curDirPath, $_configuration, $enableDocumentParsing, $_course, $_user, $_cid;
+    global $learnpath_id, $items;
+    global $enableDocumentParsing, $_course, $_user, $_cid;
 
     $course_id = api_get_course_int_id();
 
@@ -1042,9 +1037,10 @@ function display_addedresource_link_in_learnpath($type, $id, $completed, $id_in_
  * @param id          - that is the correspondent id in the mirror tool (like Agenda item 2)
  * @param id_in_path  - the unique index in the items table
  */
-function get_addedresource_link_in_learnpath($type, $id, $id_in_path) {
-    global $_course, $learnpath_id, $tbl_learnpath_item, $items;
-    global $curDirPath, $_configuration, $enableDocumentParsing, $_user, $_cid;
+function get_addedresource_link_in_learnpath($type, $id, $id_in_path)
+{
+    global $_course, $learnpath_id;
+    global $enableDocumentParsing, $_user, $_cid;
 
     $tbl_lp_item = Database::get_course_table(TABLE_LP_ITEM);
     $course_id = api_get_course_int_id();
@@ -1320,11 +1316,12 @@ function delete_one_added_resource($source_type, $source_id, $resource_type, $re
 /**
  * This function is to delete the resources that were added to a specific item
  */
-function delete_added_resource($type, $id) {
-    global $_course;
+function delete_added_resource($type, $id)
+{
     $course_id = api_get_course_int_id();
     $TABLERESOURCE = Database::get_course_table(TABLE_LINKED_RESOURCES);
-    $sql = "DELETE FROM $TABLERESOURCE WHERE c_id = $course_id AND source_type='$type' and source_id='$id'";
+    $sql = "DELETE FROM $TABLERESOURCE
+            WHERE c_id = $course_id AND source_type='$type' and source_id='$id'";
     Database::query($sql);
 }
 
@@ -1332,8 +1329,8 @@ function delete_added_resource($type, $id) {
  * This function is te delete all resources of a specific type (only used in announcements -- delete all)
  * Author : Frederik Vermeire <frederik.vermeire@pandora.be>
  */
-function delete_all_resources_type($type) {
-  global $_course;
+function delete_all_resources_type($type)
+{
   $course_id = api_get_course_int_id();
   $TABLERESOURCE = Database::get_course_table(TABLE_LINKED_RESOURCES);
   $sql = "DELETE FROM $TABLERESOURCE WHERE c_id = $course_id AND source_type='$type'";
@@ -1344,10 +1341,10 @@ function delete_all_resources_type($type) {
  * This function checks wether there are added resources or not
  */
 function check_added_resources($type, $id) {
-    global $_course, $origin;
     $course_id = api_get_course_int_id();
     $TABLERESOURCE = Database::get_course_table(TABLE_LINKED_RESOURCES);
-    $sql = "SELECT * FROM $TABLERESOURCE WHERE c_id = $course_id AND source_type='$type' and source_id='$id'";
+    $sql = "SELECT * FROM $TABLERESOURCE
+            WHERE c_id = $course_id AND source_type='$type' and source_id='$id'";
     $result = Database::query($sql);
     $number_added = Database::num_rows($result);
     if ($number_added != 0)
@@ -1360,20 +1357,21 @@ function check_added_resources($type, $id) {
  * this function is to load the resources that were added to a specific item
  * into the session variables
  */
-function edit_added_resources($type, $id) {
-    global $_course;
+function edit_added_resources($type, $id)
+{
     $course_id = api_get_course_int_id();
     $TABLERESOURCE = Database::get_course_table(TABLE_LINKED_RESOURCES);
 
-    $sql="SELECT * FROM $TABLERESOURCE WHERE c_id = $course_id AND source_type='$type' and source_id=$id";
+    $sql = "SELECT * FROM $TABLERESOURCE
+            WHERE c_id = $course_id AND source_type='$type' and source_id=$id";
     $result=Database::query($sql);
     while ($row=Database::fetch_array($result))
     {
         $addedresource[]=$row["resource_type"];
         $addedresourceid[]=$row["resource_id"];
     }
-    $_SESSION['addedresource']=$addedresource;
-    $_SESSION['addedresourceid']=$addedresourceid;
+    $_SESSION['addedresource'] = $addedresource;
+    $_SESSION['addedresourceid'] = $addedresourceid;
 }
 
 /**
@@ -1381,12 +1379,13 @@ function edit_added_resources($type, $id) {
  * first we delete all the added resources in the database,
  * then we add all the resources from the session object.
  */
-function update_added_resources($type, $id) {
-    global $_course;
+function update_added_resources($type, $id)
+{
     $course_id = api_get_course_int_id();
     $TABLERESOURCE = Database::get_course_table(TABLE_LINKED_RESOURCES);
     // delete all the added resources for this item in the database;
-    $sql="DELETE FROM $TABLERESOURCE WHERE c_id = $course_id AND source_type='$type' AND source_id='$id'";
+    $sql = "DELETE FROM $TABLERESOURCE
+            WHERE c_id = $course_id AND source_type='$type' AND source_id='$id'";
     //echo $sql;
     Database::query($sql);
 
@@ -1403,9 +1402,14 @@ function update_added_resources($type, $id) {
 function display_added_resources($type, $id, $style = '') {
     $course_id = api_get_course_int_id();
     // The array containing the icons
-    $arr_icons = array('Agenda'=>'../img/agenda.gif', 'Ad Valvas'=>'../img/valves.gif', 'Link'=>'../img/links.gif', 'Exercise'=>'../img/quiz.gif' );
-
-    global $_course, $origin;
+    $arr_icons = array(
+        'Agenda' => '../img/agenda.gif',
+        'Ad Valvas' => '../img/valves.gif',
+        'Link' => '../img/links.gif',
+        'Exercise' => '../img/quiz.gif',
+    );
+
+    global $origin;
     $TABLERESOURCE = Database::get_course_table(TABLE_LINKED_RESOURCES);
 
     $sql = "SELECT * FROM $TABLERESOURCE WHERE c_id = $course_id AND source_type='$type' and source_id='$id'";

main/newscorm/storageapi.php

@@ -6,102 +6,104 @@
 require_once('../inc/global.inc.php');
 
 // variable cleaning...
-foreach (Array("svkey", "svvalue") as $key)
-	$_REQUEST[$key] = Database::escape_string($_REQUEST[$key]);
+foreach (array("svkey", "svvalue") as $key) {
+    $_REQUEST[$key] = Database::escape_string($_REQUEST[$key]);
+}
 
-foreach (Array("svuser", "svcourse", "svsco", "svlength", "svasc") as $key)
-	$_REQUEST[$key] = intval($_REQUEST[$key]);
+foreach (array("svuser", "svcourse", "svsco", "svlength", "svasc") as $key) {
+    $_REQUEST[$key] = intval($_REQUEST[$key]);
+}
 
 switch ($_REQUEST['action']) {
-	case "get":
-		print storage_get($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey']);
-		break;
-	case "set":
-		if (storage_can_set($_REQUEST['svuser'])) {
-			print storage_set($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey'], $_REQUEST['svvalue']);
-		}
-		break;
-	case "getall":
-		print storage_getall($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco']);
-		break;
-	case "stackpush":
-		if (storage_can_set($_REQUEST['svuser'])) {
-			print storage_stack_push($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey'], $_REQUEST['svvalue']);
-		}
-		break;
-	case "stackpop":
-		if (storage_can_set($_REQUEST['svuser'])) {
-			print storage_stack_pop($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey']);
-		}
-		break;
-	case "stacklength":
-		print storage_stack_length($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey']);
-		break;
-	case "stackclear":
-		if (storage_can_set($_REQUEST['svuser'])) {
-			print storage_stack_clear($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey']);
-		}
-		break;
-	case "stackgetall":
-		if (storage_can_set($_REQUEST['svuser']))
-			print storage_stack_getall($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey']);
-		break;
-	case "getposition":
-		print storage_get_position($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey'], $_REQUEST['svasc']);
-		break;
-	case "getleaders":
-		print storage_get_leaders($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey'], $_REQUEST['svasc'], $_REQUEST['svlength']);
-		break;
-	case "usersgetall":
+    case "get":
+        print storage_get($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey']);
+        break;
+    case "set":
+        if (storage_can_set($_REQUEST['svuser'])) {
+            print storage_set($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey'], $_REQUEST['svvalue']);
+        }
+        break;
+    case "getall":
+        print storage_getall($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco']);
+        break;
+    case "stackpush":
+        if (storage_can_set($_REQUEST['svuser'])) {
+            print storage_stack_push($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey'], $_REQUEST['svvalue']);
+        }
+        break;
+    case "stackpop":
+        if (storage_can_set($_REQUEST['svuser'])) {
+            print storage_stack_pop($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey']);
+        }
+        break;
+    case "stacklength":
+        print storage_stack_length($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey']);
+        break;
+    case "stackclear":
+        if (storage_can_set($_REQUEST['svuser'])) {
+            print storage_stack_clear($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey']);
+        }
+        break;
+    case "stackgetall":
+        if (storage_can_set($_REQUEST['svuser']))
+            print storage_stack_getall($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey']);
+        break;
+    case "getposition":
+        print storage_get_position($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey'], $_REQUEST['svasc']);
+        break;
+    case "getleaders":
+        print storage_get_leaders($_REQUEST['svuser'], $_REQUEST['svcourse'], $_REQUEST['svsco'], $_REQUEST['svkey'], $_REQUEST['svasc'], $_REQUEST['svlength']);
+        break;
+    case "usersgetall":
 // security issue
-		print "NOT allowed, security issue, see sources";
+        print "NOT allowed, security issue, see sources";
 //		print storage_get_all_users();
-		break;
-	default:
-		// Do nothing
+        break;
+    default:
+        // Do nothing
 }
 
 function storage_can_set($sv_user) {
-	// platform admin can change any user's stored values, other users can only change their own values
-	$allowed = ((api_is_platform_admin()) || ($sv_user == api_get_user_id()));
-	if (!$allowed) {
-		print "ERROR : Not allowed";
-	}
-	return $allowed;
+    // platform admin can change any user's stored values, other users can only change their own values
+    $allowed = ((api_is_platform_admin()) || ($sv_user == api_get_user_id()));
+    if (!$allowed) {
+        print "ERROR : Not allowed";
+    }
+    return $allowed;
 }
 
 function storage_get($sv_user, $sv_course, $sv_sco, $sv_key) {
-	$sql = "select sv_value
-		from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES)."
-		where user_id= '$sv_user'
-		and sco_id = '$sv_sco'
-		and course_id = '$sv_course'
-		and sv_key = '$sv_key'";
-	$res = Database::query($sql);
-	if (Database::num_rows($res) > 0) {
-		$row = Database::fetch_assoc($res);
-		if (get_magic_quotes_gpc()) {
-			return stripslashes($row['sv_value']);
-		} else {
-			return $row['sv_value'];
-		}
-	}
-	else {
-		return null;
-	}
+    $sql = "select sv_value
+        from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES)."
+        where user_id= '$sv_user'
+        and sco_id = '$sv_sco'
+        and course_id = '$sv_course'
+        and sv_key = '$sv_key'";
+    $res = Database::query($sql);
+    if (Database::num_rows($res) > 0) {
+        $row = Database::fetch_assoc($res);
+        if (get_magic_quotes_gpc()) {
+            return stripslashes($row['sv_value']);
+        } else {
+            return $row['sv_value'];
+        }
+    }
+    else {
+        return null;
+    }
 }
 
 function storage_get_leaders($sv_user, $sv_course, $sv_sco, $sv_key, $sv_asc, $sv_length) {
 
-	// get leaders
-	$sql_leaders = "select u.user_id, firstname, lastname, email, username, sv_value as value
-		from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES)." sv,
-			".Database::get_main_table(TABLE_MAIN_USER)." u
-		where u.user_id=sv.user_id
-		and sco_id = '$sv_sco'
-		and course_id = '$sv_course'
-		and sv_key = '$sv_key'
-		order by sv_value ".($sv_asc ? "ASC": "DESC")." limit $sv_length";
+    // get leaders
+    $sql_leaders = "select u.user_id, firstname, lastname, email, username, sv_value as value
+        from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES)." sv,
+            ".Database::get_main_table(TABLE_MAIN_USER)." u
+        where u.user_id=sv.user_id
+        and sco_id = '$sv_sco'
+        and course_id = '$sv_course'
+        and sv_key = '$sv_key'
+        order by sv_value ".($sv_asc ? "ASC": "DESC")." limit $sv_length";
 //	$sql_data = "select sv.user_id as user_id, sv_key as variable, sv_value as value
 //		from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES)." sv
 //		where sv.user_id in (select u2.user_id from ($sql_leaders) u2)
@@ -112,181 +114,180 @@ function storage_get_leaders($sv_user, $sv_course, $sv_sco, $sv_key, $sv_asc, $s
 //	while($row = Database::fetch_assoc($resData))
 //		$data[] = $row; // fetching all data
 //
-	$resLeaders = Database::query($sql_leaders);
-	$result = array();
-	while ($row = Database::fetch_assoc($resLeaders)) {
-		$row["values"] = array();
+    $resLeaders = Database::query($sql_leaders);
+    $result = array();
+    while ($row = Database::fetch_assoc($resLeaders)) {
+        $row["values"] = array();
 //		foreach($data as $dataRow) {
 //			if ($dataRow["user_id"] = $row["user_id"])
 //				$row["values"][$dataRow["variable"]] = $dataRow["value"];
 //		}
-		$result[] = $row;
-	}
-	return json_encode($result);
+        $result[] = $row;
+    }
+    return json_encode($result);
 }
 
 function storage_get_position($sv_user, $sv_course, $sv_sco, $sv_key, $sv_asc, $sv_length) {
-	$sql = "select count(list.user_id) as position
-		from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES)." search,
-			".Database::get_main_table(TABLE_TRACK_STORED_VALUES)." list
-		where search.user_id= '$sv_user'
-		and search.sco_id = '$sv_sco'
-		and search.course_id = '$sv_course'
-		and search.sv_key = '$sv_key'
-		and list.sv_value ".($sv_asc ? "<=": ">=")." search.sv_value
-		and list.sco_id = search.sco_id
-		and list.course_id = search.course_id
-		and list.sv_key = search.sv_key
-		order by list.sv_value" ;
-	$res = Database::query($sql);
-	if (Database::num_rows($res) > 0) {
-		$row = Database::fetch_assoc($res);
-		return $row['position'];
-	}
-	else {
-		return null;
-	}
+    $sql = "select count(list.user_id) as position
+        from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES)." search,
+            ".Database::get_main_table(TABLE_TRACK_STORED_VALUES)." list
+        where search.user_id= '$sv_user'
+        and search.sco_id = '$sv_sco'
+        and search.course_id = '$sv_course'
+        and search.sv_key = '$sv_key'
+        and list.sv_value ".($sv_asc ? "<=": ">=")." search.sv_value
+        and list.sco_id = search.sco_id
+        and list.course_id = search.course_id
+        and list.sv_key = search.sv_key
+        order by list.sv_value" ;
+    $res = Database::query($sql);
+    if (Database::num_rows($res) > 0) {
+        $row = Database::fetch_assoc($res);
+        return $row['position'];
+    }
+    else {
+        return null;
+    }
 }
 
 function storage_set($sv_user, $sv_course, $sv_sco, $sv_key, $sv_value) {
-	$sv_value = Database::escape_string($sv_value);
-	$sql = "replace into ".Database::get_main_table(TABLE_TRACK_STORED_VALUES)."
-		(user_id, sco_id, course_id, sv_key, sv_value)
-		values
-		('$sv_user','$sv_sco','$sv_course','$sv_key','$sv_value')";
-	$res = Database::query($sql);
-	return Database::affected_rows($res);
+    $sv_value = Database::escape_string($sv_value);
+    $sql = "replace into ".Database::get_main_table(TABLE_TRACK_STORED_VALUES)."
+        (user_id, sco_id, course_id, sv_key, sv_value)
+        values
+        ('$sv_user','$sv_sco','$sv_course','$sv_key','$sv_value')";
+    $res = Database::query($sql);
+    return Database::affected_rows($res);
 }
 
 function storage_getall($sv_user, $sv_course, $sv_sco) {
-	$sql = "select sv_key, sv_value
-		from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES)."
-		where user_id= '$sv_user'
-		and sco_id = '$sv_sco'
-		and course_id = '$sv_course'";
-	$res = Database::query($sql);
-	$data = array();
-	while ($row = Database::fetch_assoc($res)) {
-		if (get_magic_quotes_gpc()) {
-			$row['sv_value'] = stripslashes($row['sv_value']);
-		}
-		$data[] = $row;
-	}
-	return json_encode($data);
+    $sql = "select sv_key, sv_value
+        from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES)."
+        where user_id= '$sv_user'
+        and sco_id = '$sv_sco'
+        and course_id = '$sv_course'";
+    $res = Database::query($sql);
+    $data = array();
+    while ($row = Database::fetch_assoc($res)) {
+        if (get_magic_quotes_gpc()) {
+            $row['sv_value'] = stripslashes($row['sv_value']);
+        }
+        $data[] = $row;
+    }
+    return json_encode($data);
 }
 
 function storage_stack_push($sv_user, $sv_course, $sv_sco, $sv_key, $sv_value) {
-	$sv_value = Database::escape_string($sv_value);
-	Database::query("start transaction");
-	$sqlorder = "select ifnull((select max(stack_order)
-		from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES_STACK)."
-		where user_id= '$sv_user'
-		and sco_id='$sv_sco'
-		and course_id='$sv_course'
-		and sv_key='$sv_key'
-		), 0) as stack_order";
-	$resorder = Database::query($sqlorder);
-	$row = Database::fetch_assoc($resorder);
-	$stack_order = (1 + $row['stack_order']);
-	$sqlinsert = "insert into ".Database::get_main_table(TABLE_TRACK_STORED_VALUES_STACK)."
-		(user_id, sco_id, course_id, sv_key, stack_order, sv_value)
-		values
-		('$sv_user', '$sv_sco', '$sv_course', '$sv_key', '$stack_order', '$sv_value')";
-	$resinsert = Database::query($sqlinsert);
-	if ($resorder && $resinsert) {
-		Database::query("commit");
-		return 1;
-	}
-	else {
-		Database::query("rollback");
-		return 0;
-	}
+    $sv_value = Database::escape_string($sv_value);
+    Database::query("start transaction");
+    $sqlorder = "select ifnull((select max(stack_order)
+        from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES_STACK)."
+        where user_id= '$sv_user'
+        and sco_id='$sv_sco'
+        and course_id='$sv_course'
+        and sv_key='$sv_key'
+        ), 0) as stack_order";
+    $resorder = Database::query($sqlorder);
+    $row = Database::fetch_assoc($resorder);
+    $stack_order = (1 + $row['stack_order']);
+    $sqlinsert = "insert into ".Database::get_main_table(TABLE_TRACK_STORED_VALUES_STACK)."
+        (user_id, sco_id, course_id, sv_key, stack_order, sv_value)
+        values
+        ('$sv_user', '$sv_sco', '$sv_course', '$sv_key', '$stack_order', '$sv_value')";
+    $resinsert = Database::query($sqlinsert);
+    if ($resorder && $resinsert) {
+        Database::query("commit");
+        return 1;
+    }
+    else {
+        Database::query("rollback");
+        return 0;
+    }
 }
 
 function storage_stack_pop($sv_user, $sv_course, $sv_sco, $sv_key) {
-	Database::query("start transaction");
-	$sqlselect = "select sv_value, stack_order
-		from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES_STACK)."
-		where user_id= '$sv_user'
-		and sco_id='$sv_sco'
-		and course_id='$sv_course'
-		and sv_key='$sv_key'
-		order by stack_order desc
-		limit 1";
-	$resselect = Database::query($sqlselect);
-	$rowselect = Database::fetch_assoc($resselect);
-	$stack_order = $rowselect['stack_order'];
-	$sqldelete = "delete
-		from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES_STACK)."
-		where user_id= '$sv_user'
-		and sco_id='$sv_sco'
-		and course_id='$sv_course'
-		and sv_key='$sv_key'
-		and stack_order='$stack_order'";
-	$resdelete = Database::query($sqldelete);
-	if ($resselect && $resdelete) {
-		Database::query("commit");
-		if (get_magic_quotes_gpc()) {
-			return stripslashes($rowselect['sv_value']);
-		} else {
-			return $rowselect['sv_value'];
-		}
-	} else {
-		Database::query("rollback");
-		return null;
-	}
+    Database::query("start transaction");
+    $sqlselect = "select sv_value, stack_order
+        from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES_STACK)."
+        where user_id= '$sv_user'
+        and sco_id='$sv_sco'
+        and course_id='$sv_course'
+        and sv_key='$sv_key'
+        order by stack_order desc
+        limit 1";
+    $resselect = Database::query($sqlselect);
+    $rowselect = Database::fetch_assoc($resselect);
+    $stack_order = $rowselect['stack_order'];
+    $sqldelete = "delete
+        from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES_STACK)."
+        where user_id= '$sv_user'
+        and sco_id='$sv_sco'
+        and course_id='$sv_course'
+        and sv_key='$sv_key'
+        and stack_order='$stack_order'";
+    $resdelete = Database::query($sqldelete);
+    if ($resselect && $resdelete) {
+        Database::query("commit");
+        if (get_magic_quotes_gpc()) {
+            return stripslashes($rowselect['sv_value']);
+        } else {
+            return $rowselect['sv_value'];
+        }
+    } else {
+        Database::query("rollback");
+        return null;
+    }
 }
 
 function storage_stack_length($sv_user, $sv_course, $sv_sco, $sv_key) {
-	$sql = "select count(*) as length
-		from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES_STACK)."
-		where user_id= '$sv_user'
-		and sco_id='$sv_sco'
-		and course_id='$sv_course'
-		and sv_key='$sv_key'";
-	$res = Database::query($sql);
-	$row = Database::fetch_assoc($res);
-	return $row['length'];
+    $sql = "select count(*) as length
+        from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES_STACK)."
+        where user_id= '$sv_user'
+        and sco_id='$sv_sco'
+        and course_id='$sv_course'
+        and sv_key='$sv_key'";
+    $res = Database::query($sql);
+    $row = Database::fetch_assoc($res);
+    return $row['length'];
 }
 
 function storage_stack_clear($sv_user, $sv_course, $sv_sco, $sv_key) {
-	$sql = "delete
-		from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES_STACK)."
-		where user_id= '$sv_user'
-		and sco_id='$sv_sco'
-		and course_id='$sv_course'
-		and sv_key='$sv_key'";
-	$res = Database::query($sql);
-	return Database::num_rows($res);
+    $sql = "delete
+        from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES_STACK)."
+        where user_id= '$sv_user'
+        and sco_id='$sv_sco'
+        and course_id='$sv_course'
+        and sv_key='$sv_key'";
+    $res = Database::query($sql);
+    return Database::num_rows($res);
 }
 
 function storage_stack_getall($sv_user, $sv_course, $sv_sco, $sv_key) {
-	$sql = "select stack_order as stack_order, sv_value as value
-		from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES_STACK)."
-		where user_id= '$sv_user'
-		and sco_id='$sv_sco'
-		and course_id='$sv_course'
-		and sv_key='$sv_key'";
-	$res = Database::query($sql);
-	$results = array();
-	while ($row = Database::fetch_assoc($res)) {
-		if (get_magic_quotes_gpc()) {
-			$row['value'] = stripslashes($row['value']);
-		}
-		$results[] = $row;
-	}
-	return json_encode($results);
+    $sql = "select stack_order as stack_order, sv_value as value
+        from ".Database::get_main_table(TABLE_TRACK_STORED_VALUES_STACK)."
+        where user_id= '$sv_user'
+        and sco_id='$sv_sco'
+        and course_id='$sv_course'
+        and sv_key='$sv_key'";
+    $res = Database::query($sql);
+    $results = array();
+    while ($row = Database::fetch_assoc($res)) {
+        if (get_magic_quotes_gpc()) {
+            $row['value'] = stripslashes($row['value']);
+        }
+        $results[] = $row;
+    }
+    return json_encode($results);
 }
 
 function storage_get_all_users() {
-	$sql = "select user_id, username, firstname, lastname
-		from ".Database::get_main_table(TABLE_MAIN_USER)."
-		order by user_id asc";
-	$res = Database::query($sql);
-	$results = array();
-	while ($row = Database::fetch_assoc($res)) {
-		$results[] = $row;
-	}
-	return json_encode($results);
+    $sql = "select user_id, username, firstname, lastname
+        from ".Database::get_main_table(TABLE_MAIN_USER)."
+        order by user_id asc";
+    $res = Database::query($sql);
+    $results = array();
+    while ($row = Database::fetch_assoc($res)) {
+        $results[] = $row;
+    }
+    return json_encode($results);
 }
-?>

main/survey/ch_dropdown.php

@@ -9,6 +9,7 @@ class ch_dropdown extends survey_question
     /**
      * @param array $survey_data
      * @param $formData
+     *
      * @return FormValidator
      */
     public function createForm($survey_data, $formData)

main/survey/ch_multiplechoice.php

@@ -9,6 +9,7 @@ class ch_multiplechoice extends survey_question
     /**
      * @param array $survey_data
      * @param array $formData
+     *
      * @return FormValidator
      */
     public function createForm($survey_data, $formData)

main/survey/generate_link.php

@@ -15,8 +15,14 @@ if (empty($survey_id)) {
 
 $survey_data = SurveyManager::get_survey($survey_id);
 
-$interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH).'survey/survey_list.php', 'name' => get_lang('SurveyList'));
-$interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH).'survey/survey.php?survey_id='.$survey_id, 'name' => strip_tags($survey_data['title']));
+$interbreadcrumb[] = array(
+    'url' => api_get_path(WEB_CODE_PATH).'survey/survey_list.php',
+    'name' => get_lang('SurveyList'),
+);
+$interbreadcrumb[] = array(
+    'url' => api_get_path(WEB_CODE_PATH).'survey/survey.php?survey_id='.$survey_id,
+    'name' => strip_tags($survey_data['title']),
+);
 
 Display::display_header(get_lang('Survey'), 'Survey');
 

main/survey/question.php

@@ -27,15 +27,6 @@ if (!api_is_allowed_to_edit(false, true)) {
 
 // Is valid request
 $is_valid_request = isset($_REQUEST['is_executable']) ? $_REQUEST['is_executable'] : null;
-/*if ($request_index != $is_valid_request) {
-	if ($request_index == 'save_question') {
-		unset($_POST[$request_index]);
-	} elseif ($request_index == 'add_answer') {
-		unset($_POST[$request_index]);
-	} elseif($request_index == 'remove_answer') {
-		unset($_POST[$request_index]);
-	}
-}*/
 
 // Database table definitions
 $table_survey = Database:: get_course_table(TABLE_SURVEY);

main/survey/reporting.php

@@ -10,7 +10,6 @@
  * 	@todo The question has to be more clearly indicated (same style as when filling the survey)
  */
 
-// Including the global initialization file
 require_once '../inc/global.inc.php';
 
 $this_section = SECTION_COURSES;

main/survey/survey.download.inc.php

@@ -13,98 +13,99 @@
 
 function check_download_survey($course, $invitation, $doc_url)
 {
-	// Getting all the course information
-	$_course = CourseManager::get_course_information($course);
+    // Getting all the course information
+    $_course = CourseManager::get_course_information($course);
     $course_id = $_course['real_id'];
 
-	// Database table definitions
-	$table_survey 					= Database :: get_course_table(TABLE_SURVEY);
-	$table_survey_question 			= Database :: get_course_table(TABLE_SURVEY_QUESTION);
-	$table_survey_question_option 	= Database :: get_course_table(TABLE_SURVEY_QUESTION_OPTION);
-	$table_survey_invitation 		= Database :: get_course_table(TABLE_SURVEY_INVITATION);
+    // Database table definitions
+    $table_survey = Database:: get_course_table(TABLE_SURVEY);
+    $table_survey_question = Database:: get_course_table(TABLE_SURVEY_QUESTION);
+    $table_survey_question_option = Database :: get_course_table(TABLE_SURVEY_QUESTION_OPTION);
+    $table_survey_invitation = Database :: get_course_table(TABLE_SURVEY_INVITATION);
 
-	// Now we check if the invitationcode is valid
-	$sql = "SELECT * FROM $table_survey_invitation
-	        WHERE
-	            c_id = $course_id AND
-	            invitation_code = '".Database::escape_string($invitation)."'";
-	$result = Database::query($sql);
-	if (Database::num_rows($result) < 1) {
-		Display :: display_error_message(get_lang('WrongInvitationCode'), false);
-		Display :: display_footer();
-		exit;
-	}
-	$survey_invitation = Database::fetch_assoc($result);
+    // Now we check if the invitationcode is valid
+    $sql = "SELECT * FROM $table_survey_invitation
+            WHERE
+                c_id = $course_id AND
+                invitation_code = '".Database::escape_string($invitation)."'";
+    $result = Database::query($sql);
+    if (Database::num_rows($result) < 1) {
+        Display :: display_error_message(get_lang('WrongInvitationCode'), false);
+        Display :: display_footer();
+        exit;
+    }
+    $survey_invitation = Database::fetch_assoc($result);
 
-	// Now we check if the user already filled the survey
-	if ($survey_invitation['answered'] == 1) {
-		Display :: display_error_message(get_lang('YouAlreadyFilledThisSurvey'), false);
-		Display :: display_footer();
-		exit;
-	}
+    // Now we check if the user already filled the survey
+    if ($survey_invitation['answered'] == 1) {
+        Display :: display_error_message(get_lang('YouAlreadyFilledThisSurvey'), false);
+        Display :: display_footer();
+        exit;
+    }
 
-	// Very basic security check: check if a text field from a survey/answer/option contains the name of the document requested
+    // Very basic security check: check if a text field from a survey/answer/option contains the name of the document requested
 
-	// Fetch survey ID
+    // Fetch survey ID
 
-	// If this is the case there will be a language choice
-	$sql = "SELECT * FROM $table_survey
-	        WHERE
-	            c_id = $course_id AND
-	            code='".Database::escape_string($survey_invitation['survey_code'])."'";
-	$result = Database::query($sql);
-	if (Database::num_rows($result) > 1) {
-		if ($_POST['language']) {
-			$survey_invitation['survey_id'] = $_POST['language'];
-		} else {
-			echo '<form id="language" name="language" method="POST" action="'.api_get_self().'?course='.$_GET['course'].'&invitationcode='.$_GET['invitationcode'].'">';
-			echo '  <select name="language">';
-			while ($row = Database::fetch_assoc($result)) {
-				echo '<option value="'.$row['survey_id'].'">'.$row['lang'].'</option>';
-			}
-			echo '</select>';
-			echo '  <input type="submit" name="Submit" value="'.get_lang('Ok').'" />';
-			echo '</form>';
-			display::display_footer();
-			exit;
-		}
-	} else {
-		$row = Database::fetch_assoc($result);
-		$survey_invitation['survey_id'] = $row['survey_id'];
-	}
+    // If this is the case there will be a language choice
+    $sql = "SELECT * FROM $table_survey
+            WHERE
+                c_id = $course_id AND
+                code='".Database::escape_string($survey_invitation['survey_code'])."'";
+    $result = Database::query($sql);
+    if (Database::num_rows($result) > 1) {
+        if ($_POST['language']) {
+            $survey_invitation['survey_id'] = $_POST['language'];
+        } else {
+            echo '<form id="language" name="language" method="POST" action="'.api_get_self().'?course='.Security::remove_XSS($_GET['course']).'&invitationcode='.Security::remove_XSS($_GET['invitationcode']).'">';
+            echo '  <select name="language">';
+            while ($row = Database::fetch_assoc($result)) {
+                echo '<option value="'.$row['survey_id'].'">'.$row['lang'].'</option>';
+            }
+            echo '</select>';
+            echo '  <input type="submit" name="Submit" value="'.get_lang('Ok').'" />';
+            echo '</form>';
+            display::display_footer();
+            exit;
+        }
+    } else {
+        $row = Database::fetch_assoc($result);
+        $survey_invitation['survey_id'] = $row['survey_id'];
+    }
 
-	$sql = "SELECT count(*)
-	        FROM $table_survey
-	        WHERE
-	            c_id = $course_id AND
-	            survey_id = ".$survey_invitation['survey_id']." AND (
+    $sql = "SELECT count(*)
+            FROM $table_survey
+            WHERE
+                c_id = $course_id AND
+                survey_id = ".$survey_invitation['survey_id']." AND (
                     title LIKE '%$doc_url%'
                     or subtitle LIKE '%$doc_url%'
                     or intro LIKE '%$doc_url%'
                     or surveythanks LIKE '%$doc_url%'
                 )
-		    UNION
-		        SELECT count(*)
-		        FROM $table_survey_question
-		        WHERE
-		            c_id = $course_id AND
-		            survey_id = ".$survey_invitation['survey_id']." AND (
+            UNION
+                SELECT count(*)
+                FROM $table_survey_question
+                WHERE
+                    c_id = $course_id AND
+                    survey_id = ".$survey_invitation['survey_id']." AND (
                         survey_question LIKE '%$doc_url%'
                         or survey_question_comment LIKE '%$doc_url%'
                     )
-		    UNION
-		        SELECT count(*)
-		        FROM $table_survey_question_option
-		        WHERE
-		            c_id = $course_id AND
-		            survey_id = ".$survey_invitation['survey_id']." AND (
+            UNION
+                SELECT count(*)
+                FROM $table_survey_question_option
+                WHERE
+                    c_id = $course_id AND
+                    survey_id = ".$survey_invitation['survey_id']." AND (
                         option_text LIKE '%$doc_url%'
                     )";
-	$result = Database::query($sql);
-	if (Database::num_rows($result) == 0) {
-		Display :: display_error_message(get_lang('WrongInvitationCode'), false);
-		Display :: display_footer();
-		exit;
-	}
-	return $_course;
+    $result = Database::query($sql);
+    if (Database::num_rows($result) == 0) {
+        Display :: display_error_message(get_lang('WrongInvitationCode'), false);
+        Display :: display_footer();
+        exit;
+    }
+
+    return $_course;
 }