diff --git a/main/admin/add_courses_to_session.php b/main/admin/add_courses_to_session.php index 216a7f3152..b6b6e52a9f 100755 --- a/main/admin/add_courses_to_session.php +++ b/main/admin/add_courses_to_session.php @@ -172,13 +172,14 @@ if ($ajax_search) { $result = Database::query($sql); $Courses = Database::store_result($result); foreach ($Courses as $course) { - if ($course['id_session'] == $sessionId) { + if ($course['session_id'] == $sessionId) { $sessionCourses[$course['id']] = $course ; } else { $nosessionCourses[$course['id']] = $course ; } } } + unset($Courses); ?>
> @@ -202,16 +203,13 @@ unset($Courses); } else { ?>
- + - + +
".SESSION_RELATION_TYPE_RRHH." AND srcru.session_id = '".intval($sessionId)."'"; @@ -323,7 +323,7 @@ if ($session['nbr_courses'] == 0) { // Get coachs of the courses in session - $sql = "SELECT user.lastname,user.firstname, user.username + $sql = "SELECT user.lastname, user.firstname, user.username FROM $tbl_session_rel_course_rel_user session_rcru, $tbl_user user WHERE session_rcru.user_id = user.user_id AND diff --git a/main/admin/session_course_edit.php b/main/admin/session_course_edit.php index 2ee0eed6c8..7b6911a503 100755 --- a/main/admin/session_course_edit.php +++ b/main/admin/session_course_edit.php @@ -12,21 +12,21 @@ $id_session = intval($_GET['id_session']); SessionManager::protect_session_edit($id_session); $course_code = $_GET['course_code']; -$formSent=0; -$errorMsg=''; +$formSent = 0; +$errorMsg = ''; // Database Table Definitions -$tbl_user = Database::get_main_table(TABLE_MAIN_USER); -$tbl_course = Database::get_main_table(TABLE_MAIN_COURSE); -$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION); -$tbl_session_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE); +$tbl_user = Database::get_main_table(TABLE_MAIN_USER); +$tbl_course = Database::get_main_table(TABLE_MAIN_COURSE); +$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION); +$tbl_session_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE); $tbl_session_rel_course_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER); $course_info = api_get_course_info($_REQUEST['course_code']); -$courseId = $course_info['id']; +$courseId = $course_info['real_id']; $tool_name = $course_info['name']; $sql = "SELECT s.name, c.title - FROM $tbl_session_course sc,$tbl_session s,$tbl_course c + FROM $tbl_session_course sc, $tbl_session s,$tbl_course c WHERE sc.session_id=s.id AND sc.c_id = c.id AND diff --git a/main/admin/session_course_list.php b/main/admin/session_course_list.php index 34613f6e47..cd760062be 100755 --- a/main/admin/session_course_list.php +++ b/main/admin/session_course_list.php @@ -55,9 +55,11 @@ if ($action == 'delete') { $limit = 20; $from = $page * $limit; -$sql = "SELECT code, title, nbr_users FROM $tbl_session_rel_course, $tbl_course - WHERE c_id = id AND session_id='$id_session' - ORDER BY $sort LIMIT $from,".($limit+1); +$sql = "SELECT c.id, c.code, c.title, nbr_users + FROM $tbl_session_rel_course, $tbl_course c + WHERE c_id = c.id AND session_id='$id_session' + ORDER BY $sort + LIMIT $from,".($limit+1); $result=Database::query($sql); $Courses=Database::store_result($result); $tool_name = api_htmlentities($session_name,ENT_QUOTES,$charset).' : '.get_lang('CourseListInSession'); @@ -78,14 +80,18 @@ $tableHeader[] = array(get_lang('NbUsers')); $tableHeader[] = array(get_lang('Actions')); $tableCourses = array(); -foreach($Courses as $key=>$enreg) { + +foreach ($Courses as $key=>$enreg) { $course = array(); $course[] = ''; $course[] = api_htmlentities($enreg['title'],ENT_QUOTES,$charset); $course[] = ''.$enreg['nbr_users'].' '.get_lang('Users').''; - $course[] = ''.Display::return_icon('course_home.gif', get_lang('Course')).' - '.Display::return_icon('edit.gif', get_lang('Edit')).' - '.Display::return_icon('delete.gif', get_lang('Delete')).''; + $course[] = ''. + Display::return_icon('course_home.gif', get_lang('Course')).' + '. + Display::return_icon('edit.png', get_lang('Edit')).' + '. + Display::return_icon('delete.png', get_lang('Delete')).''; $tableCourses[] = $course; } echo ''; diff --git a/main/forum/forumfunction.inc.php b/main/forum/forumfunction.inc.php index f731b179dc..40afe1daa1 100755 --- a/main/forum/forumfunction.inc.php +++ b/main/forum/forumfunction.inc.php @@ -1239,7 +1239,7 @@ function get_forum_categories($id = '') $session_id = api_get_session_id(); $course_id = api_get_course_int_id(); - $condition_session = api_get_session_condition($session_id, true, true); + $condition_session = api_get_session_condition($session_id, true, true, 'forum_categories.session_id'); $condition_session .= " AND forum_categories.c_id = $course_id AND item_properties.c_id = $course_id"; if (empty($id)) { @@ -1368,7 +1368,7 @@ function get_forums( $session_id = $sessionId; } - $condition_session = api_get_session_condition($session_id, true, false, 'id_session'); + $condition_session = api_get_session_condition($session_id, true, false, 'item_properties.session_id'); $course_id = $course_info['real_id']; $forum_list = array(); @@ -1512,7 +1512,13 @@ function get_forums( // Select the last post and the poster (note: this is probably no longer needed). $sql4 = "SELECT - post.post_id, post.forum_id, post.poster_id, post.poster_name, post.post_date, users.lastname, users.firstname + post.post_id, + post.forum_id, + post.poster_id, + post.poster_name, + post.post_date, + users.lastname, + users.firstname FROM $table_posts post, $table_users users WHERE forum_id = ".intval($id)." AND diff --git a/main/forum/viewthread_flat.inc.php b/main/forum/viewthread_flat.inc.php index 79c6b2b910..5e0de98e97 100755 --- a/main/forum/viewthread_flat.inc.php +++ b/main/forum/viewthread_flat.inc.php @@ -56,7 +56,11 @@ if (isset($current_thread['thread_id'])) { $id_attach = !empty($attachment_list)?$attachment_list['id']:''; // The user who posted it can edit his thread only if the course admin allowed this in the properties of the forum // The course admin him/herself can do this off course always - if ( GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) OR ($current_forum['allow_edit']==1 AND $row['user_id']==$_user['user_id']) or (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session']))) { + if ( + GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) || + ($current_forum['allow_edit']==1 AND $row['user_id']==$_user['user_id']) || + (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session'])) + ) { if (api_is_allowed_to_session_edit(false,true)) { if ($locked == false) { echo "".Display::return_icon('edit.png',get_lang('Edit'), array(), ICON_SIZE_SMALL).""; @@ -65,7 +69,7 @@ if (isset($current_thread['thread_id'])) { } if ($origin != 'learnpath') { - if (GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) OR api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session'])) { + if (GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) || api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session'])) { if ($locked == false) { echo "".Display::return_icon('delete.png', get_lang('Delete'),array(), ICON_SIZE_SMALL).""; } @@ -94,8 +98,10 @@ if (isset($current_thread['thread_id'])) { } } - if (($current_forum_category && $current_forum_category['locked']==0) AND $current_forum['locked']==0 AND $current_thread['locked']==0 OR api_is_allowed_to_edit(false,true)) { - if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id'])) { + if (($current_forum_category && $current_forum_category['locked']==0) && + $current_forum['locked']==0 && $current_thread['locked']==0 || api_is_allowed_to_edit(false,true) + ) { + if ($_user['user_id'] || ($current_forum['allow_anonymous']==1 && !$_user['user_id'])) { if (!api_is_anonymous() && api_is_allowed_to_session_edit(false,true)) { echo ''.Display :: return_icon('message_reply_forum.png', get_lang('ReplyToMessage')).""; echo ''.Display :: return_icon('quote.gif', get_lang('QuoteMessage')).""; @@ -114,12 +120,12 @@ if (isset($current_thread['thread_id'])) { } echo ""; // prepare the notification icon - if (isset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]) and !empty($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]) and !empty($whatsnew_post_info[$_GET['forum']][$row['thread_id']])) { + if (isset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]) && !empty($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]) and !empty($whatsnew_post_info[$_GET['forum']][$row['thread_id']])) { $post_image=Display::return_icon('forumpostnew.gif'); } else { $post_image=Display::return_icon('forumpost.gif'); } - if ($row['post_notification']=='1' AND $row['poster_id']==$_user['user_id']) { + if ($row['post_notification']=='1' && $row['poster_id']==$_user['user_id']) { $post_image.=Display::return_icon('forumnotification.gif',get_lang('YouWillBeNotified')); } // The post title @@ -151,7 +157,9 @@ if (isset($current_thread['thread_id'])) { echo Display::return_icon('attachment.gif',get_lang('Attachment')); echo ' '.$user_filename.' '; - if (($current_forum['allow_edit']==1 AND $row['user_id']==$_user['user_id']) or (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session']))) { + if (($current_forum['allow_edit']==1 && $row['user_id']==$_user['user_id']) || + (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session'])) + ) { echo '  '.Display::return_icon('delete.png',get_lang('Delete'), array(), ICON_SIZE_SMALL).'
'; } echo ''.$attachment['comment'].''; diff --git a/main/inc/lib/AnnouncementManager.php b/main/inc/lib/AnnouncementManager.php index 2fbd551858..21ebb9b20b 100755 --- a/main/inc/lib/AnnouncementManager.php +++ b/main/inc/lib/AnnouncementManager.php @@ -1284,7 +1284,7 @@ class AnnouncementManager $user_id = api_get_user_id(); $group_id = api_get_group_id(); $session_id = api_get_session_id(); - $condition_session = api_get_session_condition($session_id, true, true); + $condition_session = api_get_session_condition($session_id, true, true, 'announcement.session_id'); $course_id = api_get_course_int_id(); $_course = api_get_course_info(); @@ -1606,7 +1606,7 @@ class AnnouncementManager $_course = api_get_course_info(); $session_id = api_get_session_id(); $userId = api_get_user_id(); - $condition_session = api_get_session_condition($session_id, true, true); + $condition_session = api_get_session_condition($session_id, true, true, 'announcement.session_id'); if (api_is_allowed_to_edit(false,true)) { // check teacher status @@ -1619,13 +1619,14 @@ class AnnouncementManager } $sql = "SELECT announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id FROM $tbl_announcement announcement, $tbl_item_property ip - WHERE announcement.c_id = $course_id AND - ip.c_id = $course_id AND - announcement.id = ip.ref AND - ip.tool = 'announcement' AND - ip.visibility <> '2' - $group_condition - $condition_session + WHERE + announcement.c_id = $course_id AND + ip.c_id = $course_id AND + announcement.id = ip.ref AND + ip.tool = 'announcement' AND + ip.visibility <> '2' + $group_condition + $condition_session GROUP BY ip.ref ORDER BY display_order DESC LIMIT 0,$maximum"; @@ -1642,7 +1643,7 @@ class AnnouncementManager "OR ip.to_group_id IN (0, ".implode(", ", $group_memberships)."))) "; } else { $cond_user_id = " AND (ip.lastedit_user_id = '".$userId."' - OR ip.to_group_id IN (0, ".api_get_group_id()."))"; + OR ip.to_group_id IN (0, ".api_get_group_id()."))"; } } else { if (api_get_group_id() == 0) { @@ -1701,24 +1702,25 @@ class AnnouncementManager // the user is not identiefied => show only the general announcements $sql="SELECT announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id - FROM $tbl_announcement announcement, $tbl_item_property ip - WHERE - announcement.c_id = $course_id AND - ip.c_id = $course_id AND - announcement.id = ip.ref - AND ip.tool='announcement' - AND ip.visibility='1' - AND ip.to_group_id='0' - $condition_session - GROUP BY ip.ref - ORDER BY display_order DESC - LIMIT 0,$maximum"; + FROM $tbl_announcement announcement, $tbl_item_property ip + WHERE + announcement.c_id = $course_id AND + ip.c_id = $course_id AND + announcement.id = ip.ref + AND ip.tool='announcement' + AND ip.visibility='1' + AND ip.to_group_id='0' + $condition_session + GROUP BY ip.ref + ORDER BY display_order DESC + LIMIT 0,$maximum"; } } } } $result = Database::query($sql); + return Database::num_rows($result); } } diff --git a/main/inc/lib/course_home.lib.php b/main/inc/lib/course_home.lib.php index 1abaffc23c..d6469653f9 100755 --- a/main/inc/lib/course_home.lib.php +++ b/main/inc/lib/course_home.lib.php @@ -443,7 +443,7 @@ class CourseHome // Condition for the session $session_id = api_get_session_id(); $course_id = api_get_course_int_id(); - $condition_session = api_get_session_condition($session_id, true, true); + $condition_session = api_get_session_condition($session_id, true, true, 't.session_id'); switch ($course_tool_category) { case TOOL_STUDENT_VIEW: @@ -452,37 +452,38 @@ class CourseHome $condition_display_tools = ' WHERE (visibility = 1 AND (category = "authoring" OR category = "interaction" OR category = "plugin") OR (name = "'.TOOL_TRACKING.'") ) '; } $sql = "SELECT * - FROM $course_tool_table + FROM $course_tool_table t $condition_display_tools AND c_id = $course_id $condition_session ORDER BY id"; $result = Database::query($sql); break; case TOOL_AUTHORING: - $sql = "SELECT * FROM $course_tool_table + $sql = "SELECT * FROM $course_tool_table t WHERE category = 'authoring' AND c_id = $course_id $condition_session ORDER BY id"; $result = Database::query($sql); break; case TOOL_INTERACTION: - $sql = "SELECT * FROM $course_tool_table + $sql = "SELECT * FROM $course_tool_table t WHERE category = 'interaction' AND c_id = $course_id $condition_session ORDER BY id"; $result = Database::query($sql); break; case TOOL_ADMIN_VISIBLE: - $sql = "SELECT * FROM $course_tool_table + $sql = "SELECT * FROM $course_tool_table t WHERE category = 'admin' AND visibility ='1' AND c_id = $course_id $condition_session ORDER BY id"; $result = Database::query($sql); break; case TOOL_ADMIN_PLATFORM: - $sql = "SELECT * FROM $course_tool_table - WHERE category = 'admin' AND c_id = $course_id $condition_session ORDER BY id"; + $sql = "SELECT * FROM $course_tool_table t + WHERE category = 'admin' AND c_id = $course_id $condition_session + ORDER BY id"; $result = Database::query($sql); break; case TOOL_DRH: - $sql = "SELECT * FROM $course_tool_table + $sql = "SELECT * FROM $course_tool_table t WHERE name IN ('tracking') AND c_id = $course_id $condition_session ORDER BY id"; $result = Database::query($sql); @@ -490,7 +491,7 @@ class CourseHome case TOOL_COURSE_PLUGIN: //Other queries recover id, name, link, image, visibility, admin, address, added_tool, target, category and session_id // but plugins are not present in the tool table, only globally and inside the course_settings table once configured - $sql = "SELECT * FROM $course_tool_table + $sql = "SELECT * FROM $course_tool_table t WHERE category = 'plugin' AND c_id = $course_id $condition_session ORDER BY id"; $result = Database::query($sql); @@ -553,6 +554,8 @@ class CourseHome $course_link_table = Database::get_course_table(TABLE_LINK); $course_item_property_table = Database::get_course_table(TABLE_ITEM_PROPERTY); + $condition_session = api_get_session_condition($session_id, true, true, 'tip.session_id'); + switch ($course_tool_category) { case TOOL_AUTHORING: $sql_links = "SELECT tl.*, tip.visibility @@ -576,7 +579,8 @@ class CourseHome case TOOL_STUDENT_VIEW: $sql_links = "SELECT tl.*, tip.visibility FROM $course_link_table tl - LEFT JOIN $course_item_property_table tip ON tip.tool='link' AND tip.ref=tl.id + LEFT JOIN $course_item_property_table tip + ON tip.tool='link' AND tip.ref=tl.id WHERE tl.c_id = $course_id AND tip.c_id = $course_id AND @@ -585,7 +589,8 @@ class CourseHome case TOOL_ADMIN: $sql_links = "SELECT tl.*, tip.visibility FROM $course_link_table tl - LEFT JOIN $course_item_property_table tip ON tip.tool='link' AND tip.ref=tl.id + LEFT JOIN $course_item_property_table tip + ON tip.tool='link' AND tip.ref=tl.id WHERE tl.c_id = $course_id AND tip.c_id = $course_id AND diff --git a/main/inc/lib/document.lib.php b/main/inc/lib/document.lib.php index ce0104f584..32904c8e6e 100755 --- a/main/inc/lib/document.lib.php +++ b/main/inc/lib/document.lib.php @@ -541,7 +541,7 @@ class DocumentManager // Condition for the session $sessionId = api_get_session_id(); - $condition_session = " AND (id_session = '$sessionId' OR (id_session = '0') )"; + $condition_session = " AND (last.session_id = '$sessionId' OR (last.session_id = '0') )"; $condition_session .= self::getSessionFolderFilters($originalPath, $sessionId); $sharedCondition = null; @@ -739,7 +739,7 @@ class DocumentManager if ($can_see_invisible) { // condition for the session $session_id = api_get_session_id(); - $condition_session = api_get_session_condition($session_id); + $condition_session = api_get_session_condition($session_id, true, false, 'docs.session_id'); $show_users_condition = ""; if (api_get_setting('show_users_folders') == 'false') { $show_users_condition = " AND docs.path NOT LIKE '%shared_folder%'"; @@ -760,7 +760,8 @@ class DocumentManager last.to_group_id = " . $to_group_id . " AND docs.path NOT LIKE '%shared_folder%' AND docs.path NOT LIKE '%_DELETED_%' AND - last.visibility <> 2 $condition_session "; + last.visibility <> 2 + $condition_session "; } else { $sql = "SELECT DISTINCT docs.id, path FROM $TABLE_ITEMPROPERTY AS last diff --git a/main/inc/lib/glossary.lib.php b/main/inc/lib/glossary.lib.php index 779a33ceac..2cf7320069 100755 --- a/main/inc/lib/glossary.lib.php +++ b/main/inc/lib/glossary.lib.php @@ -422,23 +422,24 @@ class GlossaryManager //condition for the session $session_id = api_get_session_id(); - $condition_session = api_get_session_condition($session_id, true, true); + $condition_session = api_get_session_condition($session_id, true, true, 'glossary.session_id'); $column = intval($column); if (!in_array($direction,array('DESC', 'ASC'))) { $direction = 'ASC'; } - $from = intval($from); - $number_of_items = intval($number_of_items); + $from = intval($from); + $number_of_items = intval($number_of_items); $sql = "SELECT glossary.name as col0, glossary.description as col1, $col2 - glossary.session_id as session_id + glossary.session_id FROM $t_glossary glossary, $t_item_propery ip - WHERE glossary.glossary_id = ip.ref AND - tool = '".TOOL_GLOSSARY."' $condition_session AND - glossary.c_id = ".api_get_course_int_id()." AND - ip.c_id = ".api_get_course_int_id()." + WHERE + glossary.glossary_id = ip.ref AND + tool = '".TOOL_GLOSSARY."' $condition_session AND + glossary.c_id = ".api_get_course_int_id()." AND + ip.c_id = ".api_get_course_int_id()." ORDER BY col$column $direction LIMIT $from,$number_of_items"; $res = Database::query($sql); diff --git a/main/inc/lib/link.lib.php b/main/inc/lib/link.lib.php index 729c4670ae..0ce6118ea4 100755 --- a/main/inc/lib/link.lib.php +++ b/main/inc/lib/link.lib.php @@ -790,7 +790,7 @@ class Link extends Model $tblItemProperty = Database:: get_course_table(TABLE_ITEM_PROPERTY); $courseId = intval($courseId); // Condition for the session. - $sessionCondition = api_get_session_condition($sessionId, true, true); + $sessionCondition = api_get_session_condition($sessionId, true, true, 'linkcat.session_id'); // Getting links $sql = "SELECT *, linkcat.id @@ -859,7 +859,7 @@ class Link extends Model // Condition for the session. $session_id = api_get_session_id(); - $condition_session = api_get_session_condition($session_id, true, true); + $condition_session = api_get_session_condition($session_id, true, true, 'link.session_id'); $catid = intval($catid); $course_id = api_get_course_int_id(); diff --git a/main/inc/lib/sessionmanager.lib.php b/main/inc/lib/sessionmanager.lib.php index 33069bacf5..6298f12853 100755 --- a/main/inc/lib/sessionmanager.lib.php +++ b/main/inc/lib/sessionmanager.lib.php @@ -1445,7 +1445,9 @@ class SessionManager $values['id_coach'] = $id_coach; $values['nb_days_access_before_beginning'] = $nb_days_acess_before; $values['nb_days_access_after_end'] = $nb_days_acess_after; - $values['session_category_id'] = $id_session_category; + if (!empty($id_session_category)) { + $values['session_category_id'] = $id_session_category; + } $values['description'] = $description; $values['show_description'] = intval($showDescription); $values['visibility'] = $id_visibility; @@ -2048,11 +2050,11 @@ class SessionManager $courseInfo = api_get_course_info($existingCourse['c_id']); $sql = "DELETE FROM $tbl_session_rel_course - WHERE c_id = '" . $existingCourse['c_id'] . "' AND session_id=$sessionId"; + WHERE c_id = '" . $existingCourse['c_id'] . "' AND session_id = $sessionId"; Database::query($sql); $sql = "DELETE FROM $tbl_session_rel_course_rel_user - WHERE c_id = '" . $existingCourse['c_id'] . "' AND session_id=$sessionId"; + WHERE c_id = '" . $existingCourse['c_id'] . "' AND session_id = $sessionId"; Database::query($sql); CourseManager::remove_course_ranking( @@ -2108,6 +2110,7 @@ class SessionManager SET nbr_courses = $nbr_courses WHERE id = '$sessionId'"; Database::query($sql); + exit; } /**