diff --git a/main/link/linkfunctions.php b/main/link/linkfunctions.php
index af1173b63f..4061c86bb0 100755
--- a/main/link/linkfunctions.php
+++ b/main/link/linkfunctions.php
@@ -114,7 +114,7 @@ function addlinkcategory($type)
$sql = "INSERT INTO ".$tbl_link." (url, title, description, category_id, display_order, on_homepage, target, session_id) VALUES ('$urllink','$title','$description','$selectcategory','$order', '$onhomepage','$target','$session_id')";
$catlinkstatus = get_lang('LinkAdded');
- Database::query($sql, __FILE__, __LINE__);
+ Database::query($sql);
$link_id = Database::insert_id();
@@ -162,7 +162,7 @@ function addlinkcategory($type)
$table_link_category = Database::get_course_table(TABLE_LINK_CATEGORY);
$sql_cat = 'SELECT * FROM %s WHERE id=%d LIMIT 1';
$sql_cat = sprintf($sql_cat, $table_link_category, (int)$selectcategory);
- $result = Database::query($sql_cat, __FILE__, __LINE__);
+ $result = Database::query($sql_cat);
if (Database::num_rows($result) == 1) {
$row = Database::fetch_array($result);
$ic_slide->addValue("category", $row['category_title']);
@@ -182,7 +182,7 @@ function addlinkcategory($type)
$sql = 'INSERT INTO %s (id, course_code, tool_id, ref_id_high_level, search_did)
VALUES (NULL , \'%s\', \'%s\', %s, %s)';
$sql = sprintf($sql, $tbl_se_ref, $courseid, TOOL_LINK, $link_id, $did);
- Database::query($sql,__FILE__,__LINE__);
+ Database::query($sql);
}
}
@@ -214,7 +214,7 @@ function addlinkcategory($type)
$session_id = api_get_session_id();
$sql = "INSERT INTO ".$tbl_categories." (category_title, description, display_order, session_id) VALUES ('".Security::remove_XSS($category_title)."','".Security::remove_XSS($description)."', '$order', '$session_id')";
- Database::query($sql, __FILE__, __LINE__);
+ Database::query($sql);
$catlinkstatus = get_lang('CategoryAdded');
@@ -258,7 +258,7 @@ function deletelinkcategory($type)
// make a restore function possible for the platform administrator
if (isset($_GET['id']) && $_GET['id']==strval(intval($_GET['id']))) {
$sql="UPDATE $tbl_link SET on_homepage='0' WHERE id='".Database::escape_string($_GET['id'])."'";
- Database::query($sql,__FILE__,__LINE__);
+ Database::query($sql);
}
api_item_property_update($_course, TOOL_LINK, $id, "delete", $_user['user_id']);
@@ -274,11 +274,11 @@ function deletelinkcategory($type)
// first we delete the category itself and afterwards all the links of this category.
$sql = "DELETE FROM ".$tbl_categories." WHERE id='".Database::escape_string(Security::remove_XSS($_GET['id']))."'";
- Database::query($sql, __FILE__, __LINE__);
+ Database::query($sql);
$sql = "DELETE FROM ".$tbl_link." WHERE category_id='".Database::escape_string(Security::remove_XSS($_GET['id']))."'";
$catlinkstatus = get_lang('CategoryDeleted');
unset ($id);
- Database::query($sql, __FILE__, __LINE__);
+ Database::query($sql);
Display::display_confirmation_message(get_lang('CategoryDeleted'));
}
@@ -296,7 +296,7 @@ function delete_link_from_search_engine($course_id, $link_id) {
$tbl_se_ref = Database::get_main_table(TABLE_MAIN_SEARCH_ENGINE_REF);
$sql = 'SELECT * FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=%s LIMIT 1';
$sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_LINK, $link_id);
- $res = Database::query($sql, __FILE__, __LINE__);
+ $res = Database::query($sql);
if (Database::num_rows($res) > 0) {
$row = Database::fetch_array($res);
require_once(api_get_path(LIBRARY_PATH) .'search/DokeosIndexer.class.php');
@@ -305,7 +305,7 @@ function delete_link_from_search_engine($course_id, $link_id) {
}
$sql = 'DELETE FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=%s LIMIT 1';
$sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_LINK, $link_id);
- Database::query($sql, __FILE__, __LINE__);
+ Database::query($sql);
// remove terms from db
require_once(api_get_path(LIBRARY_PATH) .'specific_fields_manager.lib.php');
@@ -347,7 +347,7 @@ function editlinkcategory($type)
{
// this is used to populate the link-form with the info found in the database
$sql = "SELECT * FROM ".$tbl_link." WHERE id='".$_GET['id']."'";
- $result = Database::query($sql, __FILE__, __LINE__);
+ $result = Database::query($sql);
if ($myrow = Database::fetch_array($result))
{
$urllink = $myrow["url"];
@@ -373,7 +373,7 @@ function editlinkcategory($type)
// finding the old category_id
$sql = "SELECT * FROM ".$tbl_link." WHERE id='".Database::escape_string(Security::remove_XSS($_POST['id']))."'";
- $result = Database::query($sql, __FILE__, __LINE__);
+ $result = Database::query($sql);
$row = Database::fetch_array($result);
$category_id = $row['category_id'];
@@ -387,7 +387,7 @@ function editlinkcategory($type)
}
$sql = "UPDATE ".$tbl_link." set url='".Database::escape_string(Security::remove_XSS($_POST['urllink']))."', title='".Database::escape_string(Security::remove_XSS($_POST['title']))."', description='".Database::escape_string(Security::remove_XSS($_POST['description']))."', category_id='".Database::escape_string(Security::remove_XSS($_POST['selectcategory']))."', display_order='".$max_display_order."', on_homepage='".Database::escape_string(Security::remove_XSS($onhomepage))." ' $mytarget WHERE id='".Database::escape_string(Security::remove_XSS($_POST['id']))."'";
- Database::query($sql, __FILE__, __LINE__);
+ Database::query($sql);
// update search enchine and its values table if enabled
if (api_get_setting('search_enabled')=='true') {
@@ -402,7 +402,7 @@ function editlinkcategory($type)
$tbl_se_ref = Database::get_main_table(TABLE_MAIN_SEARCH_ENGINE_REF);
$sql = 'SELECT * FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=%s LIMIT 1';
$sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_LINK, $link_id);
- $res = Database::query($sql, __FILE__, __LINE__);
+ $res = Database::query($sql);
if (Database::num_rows($res) > 0) {
require_once(api_get_path(LIBRARY_PATH) . 'search/DokeosIndexer.class.php');
@@ -448,7 +448,7 @@ function editlinkcategory($type)
$table_link_category = Database::get_course_table(TABLE_LINK_CATEGORY);
$sql_cat = 'SELECT * FROM %s WHERE id=%d LIMIT 1';
$sql_cat = sprintf($sql_cat, $table_link_category, (int)$selectcategory);
- $result = Database::query($sql_cat, __FILE__, __LINE__);
+ $result = Database::query($sql_cat);
if (Database::num_rows($result) == 1) {
$row = Database::fetch_array($result);
$ic_slide->addValue("category", $row['category_title']);
@@ -467,12 +467,12 @@ function editlinkcategory($type)
// save it to db
$sql = 'DELETE FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=\'%s\'';
$sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_LINK, $link_id);
- Database::query($sql,__FILE__,__LINE__);
+ Database::query($sql);
//var_dump($sql);
$sql = 'INSERT INTO %s (id, course_code, tool_id, ref_id_high_level, search_did)
VALUES (NULL , \'%s\', \'%s\', %s, %s)';
$sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_LINK, $link_id, $did);
- Database::query($sql,__FILE__,__LINE__);
+ Database::query($sql);
}
}
@@ -490,7 +490,7 @@ function editlinkcategory($type)
if (!$submitCategory)
{
$sql = "SELECT * FROM ".$tbl_categories." WHERE id='".$_GET['id']."'";
- $result = Database::query($sql, __FILE__, __LINE__);
+ $result = Database::query($sql);
if ($myrow = Database::fetch_array($result))
{
$category_title = $myrow["category_title"];
@@ -501,7 +501,7 @@ function editlinkcategory($type)
if ($submitCategory)
{
$sql = "UPDATE ".$tbl_categories." set category_title='".Database::escape_string(Security::remove_XSS($_POST['category_title']))."', description='".Database::escape_string(Security::remove_XSS($_POST['description']))."' WHERE id='".Database::escape_string(Security::remove_XSS($_POST['id']))."'";
- Database::query($sql, __FILE__, __LINE__);
+ Database::query($sql);
Display::display_confirmation_message(get_lang('CategoryModded'));
}
@@ -700,7 +700,7 @@ function movecatlink($catlinkid)
if(!empty($thiscatlinkId))
{
$sql = "SELECT category_id from ".$movetable." WHERE id='$thiscatlinkId'";
- $result = Database::query($sql, __FILE__, __LINE__);
+ $result = Database::query($sql);
$catid = Database::fetch_array($result);
}
}
@@ -759,15 +759,15 @@ function get_cat($catname) // get category id (existing or make new)
{
$tbl_categories = Database :: get_course_table(TABLE_LINK_CATEGORY);
- $result = Database::query("SELECT `id` FROM ".$tbl_categories." WHERE `category_title`='".addslashes($catname)."'", __FILE__, __LINE__);
+ $result = Database::query("SELECT `id` FROM ".$tbl_categories." WHERE `category_title`='".addslashes($catname)."'");
if (Database::num_rows($result) >= 1 && ($row = Database::fetch_array($result)))
return $row['id']; // several categories with same name: take first
- $result = Database::query("SELECT MAX(display_order) FROM ".$tbl_categories."", __FILE__, __LINE__);
+ $result = Database::query("SELECT MAX(display_order) FROM ".$tbl_categories."");
list ($max_order) = Database::fetch_row($result);
- Database::query("INSERT INTO ".$tbl_categories." (category_title, description, display_order) VALUES ('".addslashes($catname)."','','". ($max_order +1)."')", __FILE__, __LINE__);
+ Database::query("INSERT INTO ".$tbl_categories." (category_title, description, display_order) VALUES ('".addslashes($catname)."','','". ($max_order +1)."')");
return Database::insert_id();
}
@@ -782,11 +782,11 @@ function put_link($url, $cat, $title, $description, $on_homepage, $hidden)
$urleq = "url='".addslashes($url)."'";
$cateq = "category_id=".$cat;
- $result = Database::query("SELECT id FROM $tbl_link WHERE ".$urleq.' AND '.$cateq, __FILE__, __LINE__);
+ $result = Database::query("SELECT id FROM $tbl_link WHERE ".$urleq.' AND '.$cateq);
if (Database::num_rows($result) >= 1 && ($row = Database::fetch_array($result)))
{
- Database::query("UPDATE $tbl_link set title='".addslashes($title)."', description='".addslashes($description)."' WHERE id='".addslashes($id = $row['id'])."'", __FILE__, __LINE__);
+ Database::query("UPDATE $tbl_link set title='".addslashes($title)."', description='".addslashes($description)."' WHERE id='".addslashes($id = $row['id'])."'");
$lang_link = get_lang('update_link');
$ipu = "LinkUpdated";
@@ -794,10 +794,10 @@ function put_link($url, $cat, $title, $description, $on_homepage, $hidden)
}
else // add new link
{
- $result = Database::query("SELECT MAX(display_order) FROM $tbl_link WHERE category_id='".addslashes($cat)."'", __FILE__, __LINE__);
+ $result = Database::query("SELECT MAX(display_order) FROM $tbl_link WHERE category_id='".addslashes($cat)."'");
list ($max_order) = Database::fetch_row($result);
- Database::query("INSERT INTO $tbl_link (url, title, description, category_id, display_order, on_homepage) VALUES ('".addslashes($url)."','".addslashes($title)."','".addslashes($description)."','".addslashes($cat)."','". ($max_order +1)."','".$on_homepage."')", __FILE__, __LINE__);
+ Database::query("INSERT INTO $tbl_link (url, title, description, category_id, display_order, on_homepage) VALUES ('".addslashes($url)."','".addslashes($title)."','".addslashes($description)."','".addslashes($cat)."','". ($max_order +1)."','".$on_homepage."')");
$id = Database::insert_id();
$lang_link = get_lang('new_link');
diff --git a/main/messages/download.php b/main/messages/download.php
index aea8e3a908..03cc85561c 100755
--- a/main/messages/download.php
+++ b/main/messages/download.php
@@ -41,36 +41,36 @@ $tbl_messsage_attachment = Database::get_main_table(TABLE_MESSAGE_ATTACHMENT);
$sql= "SELECT filename,message_id FROM $tbl_messsage_attachment WHERE path LIKE BINARY '$file_url'";
-$result= Database::query($sql, __FILE__, __LINE__);
+$result= Database::query($sql);
$row= Database::fetch_array($result,MYSQL_ASSOC);
$title = str_replace(' ','_', $row['filename']);
$message_id = $row['message_id'];
// allow download only for user sender and user receiver
$sql = "SELECT user_sender_id, user_receiver_id, group_id FROM $tbl_messsage WHERE id = '$message_id'";
-$rs= Database::query($sql, __FILE__, __LINE__);
+$rs= Database::query($sql);
$row_users= Database::fetch_array($rs,MYSQL_ASSOC);
-$current_uid = api_get_user_id();
+$current_uid = api_get_user_id();
// get message user id for inbox/outbox
$message_uid = '';
$message_type = array('inbox','outbox');
-if (in_array($_GET['type'],$message_type)) {
- if ($_GET['type'] == 'inbox') {
- $message_uid = $row_users['user_receiver_id'];
- } else {
+if (in_array($_GET['type'],$message_type)) {
+ if ($_GET['type'] == 'inbox') {
+ $message_uid = $row_users['user_receiver_id'];
+ } else {
$message_uid = $row_users['user_sender_id'];
- }
+ }
}
// allow to the correct user for download this file
$not_allowed_to_edit = false;
if (!empty($row_users['group_id'])) {
- $users_group = GroupPortalManager::get_all_users_by_group($row_users['group_id']);
+ $users_group = GroupPortalManager::get_all_users_by_group($row_users['group_id']);
if (!in_array($current_uid,array_keys($users_group))) {
$not_allowed_to_edit = true;
- }
-} else {
+ }
+} else {
if ($current_uid != $message_uid) {
$not_allowed_to_edit = true;
}
@@ -82,10 +82,10 @@ if ($not_allowed_to_edit) {
}
// set the path directory file
-if (!empty($row_users['group_id'])) {
+if (!empty($row_users['group_id'])) {
$path_user_info = GroupPortalManager::get_group_picture_path_by_id($row_users['group_id'], 'system', true);
} else {
- $path_user_info = UserManager::get_user_picture_path_by_id($message_uid, 'system', true);
+ $path_user_info = UserManager::get_user_picture_path_by_id($message_uid, 'system', true);
}
$full_file_name = $path_user_info['dir'].'message_attachments/'.$file_url;
diff --git a/main/messages/new_message.php b/main/messages/new_message.php
index 783612408e..f9aad96784 100755
--- a/main/messages/new_message.php
+++ b/main/messages/new_message.php
@@ -58,8 +58,8 @@ $htmlHeadXtra[] = '';
$htmlHeadXtra[] = '';
$nameTools = get_lang('ComposeMessage');
@@ -128,19 +128,19 @@ function show_compose_reply_to_message ($message_id, $receiver_id) {
global $charset;
$table_message = Database::get_main_table(TABLE_MESSAGE);
$query = "SELECT user_sender_id FROM $table_message WHERE user_receiver_id=".intval($receiver_id)." AND id='".intval($message_id)."';";
- $result = Database::query($query,__FILE__,__LINE__);
+ $result = Database::query($query);
$row = Database::fetch_array($result,'ASSOC');
if (!isset($row['user_sender_id'])) {
echo get_lang('InvalidMessageId');
die();
}
-
+
$pre_html = '
'.get_lang('SendMessageTo').'
';
- $post = '
';
+ $post = '