chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

merge

Browse Source
skala
Yannick Warnier 16 years ago
parent 9f041148f4 30fa963439
commit 85170acbf7
86 changed files with 2787 additions and 2703 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 1
      main/admin/access_url_edit_courses_to_url.php
  2. 2
      main/admin/access_url_edit_sessions_to_url.php
  3. 283
      main/admin/calendar.lib.php
  4. 109
      main/admin/calendar.php
  5. 10
      main/admin/user_edit.php
  6. 52
      main/admin/user_list.php
  7. 1035
      main/announcements/announcements.inc.php
  8. 457
      main/announcements/announcements.php
  9. 31
      main/announcements/download.php
  10. 687
      main/calendar/agenda.inc.php
  11. 130
      main/calendar/agenda.php
  12. 2
      main/calendar/calendar.php
  13. 144
      main/calendar/myagenda.inc.php
  14. 109
      main/calendar/myagenda.php
  15. 14
      main/chat/chat.php
  16. 1
      main/chat/chat_whoisonline.php
  17. 9
      main/conference/api.php
  18. 4
      main/conference/audiopost.php
  19. 2
      main/conference/checksession.php
  20. 2
      main/conference/get_translation.lib.php
  21. 9
      main/conference/index.php
  22. 2
      main/conference/testpost.php
  23. 2
      main/conference/videoconference.php
  24. 35
      main/css/academica/default.css
  25. 35
      main/css/baby_orange/default.css
  26. 17
      main/css/blue_lagoon/default.css
  27. 19
      main/css/chamilo/default.css
  28. 17
      main/css/chamilo_green/default.css
  29. 17
      main/css/chamilo_red/default.css
  30. 16
      main/css/cool_blue/default.css
  31. 36
      main/css/corporate/default.css
  32. 33
      main/css/cosmic_campus/default.css
  33. 17
      main/css/delicious_bordeaux/default.css
  34. 17
      main/css/dokeos_blue/default.css
  35. 18
      main/css/dokeos_classic/default.css
  36. 39
      main/css/dokeos_classic_2D/default.css
  37. 17
      main/css/empire_green/default.css
  38. 17
      main/css/fruity_orange/default.css
  39. 17
      main/css/medical/default.css
  40. 17
      main/css/public_admin/default.css
  41. 17
      main/css/royal_purple/default.css
  42. 295
      main/css/silver_line/default.css
  43. 40
      main/css/sober_brown/default.css
  44. 17
      main/css/steel_grey/default.css
  45. 17
      main/css/tasty_olive/default.css
  46. BIN
      main/default_course_document/images/logo_dokeos.png
  47. 7
      main/document/document.inc.php
  48. 11
      main/document/document.php
  49. 4
      main/document/edit_document.php
  50. 7
      main/document/showinframes.php
  51. 136
      main/exercice/exercice.php
  52. 56
      main/exercice/savescores.php
  53. 140
      main/forum/index.php
  54. 3
      main/forum/reply.php
  55. 34
      main/forum/viewthread_flat.inc.php
  56. 32
      main/forum/viewthread_nested.inc.php
  57. 32
      main/forum/viewthread_threaded.inc.php
  58. 33
      main/gradebook/gradebook.php
  59. 2
      main/gradebook/gradebook_flatview.php
  60. 1
      main/gradebook/lib/fe/flatviewtable.class.php
  61. 44
      main/gradebook/lib/flatview_data_generator.class.php
  62. 5
      main/gradebook/lib/gradebook_functions.inc.php
  63. 25
      main/gradebook/lib/scoredisplay.class.php
  64. BIN
      main/img/calendar_global.png
  65. BIN
      main/img/loading1.gif
  66. 32
      main/inc/ajax/user_manager.ajax.php
  67. 18
      main/inc/lib/events.lib.inc.php
  68. 47
      main/inc/lib/fileManage.lib.php
  69. 7
      main/inc/lib/fileUpload.lib.php
  70. 94
      main/inc/lib/groupmanager.lib.php
  71. 91
      main/inc/lib/main_api.lib.php
  72. 4
      main/inc/lib/security.lib.php
  73. 2
      main/install/update-db-1.8.5-1.8.6.inc.php
  74. 33
      main/link/linkfunctions.php
  75. 82
      main/newscorm/learnpath.class.php
  76. 282
      main/newscorm/lp_add_item.php
  77. 41
      main/newscorm/lp_list.php
  78. 32
      main/newscorm/lp_view.php
  79. 34
      main/resourcelinker/resourcelinker.inc.php
  80. 34
      main/resourcelinker/resourcelinker.php
  81. 36
      main/social/groups.php
  82. 8
      main/survey/survey.lib.php
  83. 39
      main/wiki/index.php
  84. 133
      main/wiki/wiki.inc.php
  85. 1
      tests/main/inc/lib/fileManage.lib.test.php
  86. 1
      tests/main/inc/lib/fileManager.lib.test.php

1
main/admin/access_url_edit_courses_to_url.php
Unescape View File

@ -17,7 +17,6 @@ require_once (api_get_path(LIBRARY_PATH).'urlmanager.lib.php');
require_once (api_get_path(LIBRARY_PATH).'access_url_edit_courses_to_url_functions.lib.php');
$xajax = new xajax();
//$xajax->debugOn();
$xajax -> registerFunction (array('search_courses', 'Accessurleditcoursestourl', 'search_courses'));

2
main/admin/access_url_edit_sessions_to_url.php
Unescape View File

@ -18,7 +18,7 @@ require_once api_get_path(LIBRARY_PATH).'urlmanager.lib.php';
require_once api_get_path(LIBRARY_PATH).'access_url_edit_sessions_to_url_functions.lib.php';
$xajax = new xajax();
//$xajax->debugOn();
$xajax -> registerFunction (array('search_sessions', 'Accessurleditsessionstourl', 'search_sessions'));

283
main/admin/calendar.lib.php
Unescape View File

@ -4,6 +4,8 @@
* @package chamilo.admin
* @author Carlos Vargas
* This file is the calendar/agenda.inc.php
*
* @todo This file should not exist since redeclares many of the functions in calendar/agenda.inc.php J.M
*/
/*
@ -40,8 +42,7 @@ $MonthsLong = api_get_months_long();
* @return html code
* @todo refactor this so that $monthName is no longer needed as a parameter
*/
function display_minimonthcalendar($agendaitems, $month, $year, $monthName)
{
function display_minimonthcalendar($agendaitems, $month, $year, $monthName) {
global $DaysShort;
//Handle leap year
$numberofdays = array (0, 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31);
@ -54,22 +55,22 @@ function display_minimonthcalendar($agendaitems, $month, $year, $monthName)
$backwardsURL = api_get_self()."?".api_get_cidreq()."&coursePath=".(empty($_GET['coursePath'])?'':$_GET['coursePath'])."&courseCode=".(empty($_GET['courseCode'])?'':$_GET['courseCode'])."&month=". ($month == 1 ? 12 : $month -1)."&year=". ($month == 1 ? $year -1 : $year);
$forewardsURL = api_get_self()."?".api_get_cidreq()."&coursePath=".(empty($_GET['coursePath'])?'':$_GET['coursePath'])."&courseCode=".(empty($_GET['courseCode'])?'':$_GET['courseCode'])."&month=". ($month == 12 ? 1 : $month +1)."&year=". ($month == 12 ? $year +1 : $year);
echo "<table class=\"data_table\">\n",
"<tr>\n",
"<th width=\"10%\"><a href=\"", $backwardsURL, "\"> ".Display::return_icon('action_prev.png',get_lang('Previous'))." </a></th>\n",
"<th width=\"80%\" colspan=\"5\">", $monthName, " ", $year, "</th>\n",
"<th width=\"10%\"><a href=\"", $forewardsURL, "\"> ".Display::return_icon('action_next.png',get_lang('Next'))."</a></th>\n", "</tr>\n";
echo "<tr>\n";
echo "<table class=\"data_table\">",
"<tr>",
"<th width=\"10%\"><a href=\"", $backwardsURL, "\"> ".Display::return_icon('action_prev.png',get_lang('Previous'))." </a></th>",
"<th width=\"80%\" colspan=\"5\">", $monthName, " ", $year, "</th>",
"<th width=\"10%\"><a href=\"", $forewardsURL, "\"> ".Display::return_icon('action_next.png',get_lang('Next'))."</a></th>", "</tr>";
echo "<tr>";
for ($ii = 1; $ii < 8; $ii ++)
{
echo "<td class=\"weekdays\">", $DaysShort[$ii % 7], "</td>\n";
echo "<td class=\"weekdays\">", $DaysShort[$ii % 7], "</td>";
}
echo "</tr>\n";
echo "</tr>";
$curday = -1;
$today = getdate();
while ($curday <= $numberofdays[$month])
{
echo "<tr>\n";
echo "<tr>";
for ($ii = 0; $ii < 7; $ii ++)
{
if (($curday == -1) && ($ii == $startdayofweek))
@ -85,7 +86,7 @@ function display_minimonthcalendar($agendaitems, $month, $year, $monthName)
$dayheader = "$curday";
$class = "class=\"days_today\"";
}
echo "\t<td ".$class.">";
echo "<td ".$class.">";
if (!empty($agendaitems[$curday]))
{
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&amp;action=view&amp;view=day&amp;day=".$curday."&amp;month=".$month."&amp;year=".$year."\">".$dayheader."</a>";
@ -94,18 +95,18 @@ function display_minimonthcalendar($agendaitems, $month, $year, $monthName)
{
echo $dayheader;
}
// "a".$dayheader." <span class=\"agendaitem\">".$agendaitems[$curday]."</span>\n";
echo "</td>\n";
// "a".$dayheader." <span class=\"agendaitem\">".$agendaitems[$curday]."</span>";
echo "</td>";
$curday ++;
}
else
{
echo "<td>&nbsp;</td>\n";
echo "<td>&nbsp;</td>";
}
}
echo "</tr>\n";
echo "</tr>";
}
echo "</table>\n";
echo "</table>";
}
/**
* show the calender of the given month
@ -119,10 +120,9 @@ function display_minimonthcalendar($agendaitems, $month, $year, $monthName)
* @author: Patrick Cool <patrick.cool@UGent.be>, Ghent University
* @return javascript code
*/
function to_javascript()
{
$Send2All=get_lang("Send2All");
return "<script type=\"text/javascript\" language=\"JavaScript\">
function to_javascript() {
$Send2All=get_lang("Send2All");
return "<script type=\"text/javascript\" language=\"JavaScript\">
<!-- Begin javascript menu swapper
function move(fbox, tbox)
@ -287,21 +287,19 @@ function validate_date()
* @author: Patrick Cool <patrick.cool@UGent.be>, Ghent University
* @return javascript code
*/
function user_group_filter_javascript()
{
return "<script language=\"JavaScript\" type=\"text/JavaScript\">
<!--
function MM_jumpMenu(targ,selObj,restore){
eval(targ+\".location='\"+selObj.options[selObj.selectedIndex].value+\"'\");
if (restore) selObj.selectedIndex=0;
}
//-->
</script>
";
function user_group_filter_javascript() {
return "<script language=\"JavaScript\" type=\"text/JavaScript\">
<!--
function MM_jumpMenu(targ,selObj,restore){
eval(targ+\".location='\"+selObj.options[selObj.selectedIndex].value+\"'\");
if (restore) selObj.selectedIndex=0;
}
//-->
</script>
";
}
function display_monthcalendar($month, $year)
{
function display_monthcalendar($month, $year) {
global $MonthsLong;
global $DaysShort;
global $origin;
@ -324,26 +322,24 @@ function display_monthcalendar($month, $year)
$maand_array_maandnummer=$month-1;
echo "<table class=\"data_table\">\n",
"<tr>\n",
"<th width=\"10%\"><a href=\"",$backwardsURL,"\"> ".Display::return_icon('action_prev.png',get_lang('Previous'))."</a></th>\n",
"<th width=\"80%\" colspan=\"5\">",$MonthsLong[$maand_array_maandnummer]," ",$year,"</th>\n",
"<th width=\"10%\"><a href=\"",$forewardsURL,"\"> ".Display::return_icon('action_next.png',get_lang('Next'))."</a></th>\n",
"</tr>\n";
echo "<table class=\"data_table\">",
"<tr>",
"<th width=\"10%\"><a href=\"",$backwardsURL,"\"> ".Display::return_icon('action_prev.png',get_lang('Previous'))."</a></th>",
"<th width=\"80%\" colspan=\"5\">",$MonthsLong[$maand_array_maandnummer]," ",$year,"</th>",
"<th width=\"10%\"><a href=\"",$forewardsURL,"\"> ".Display::return_icon('action_next.png',get_lang('Next'))."</a></th>",
"</tr>";
echo "<tr>\n";
echo "<tr>";
for ($ii=1;$ii<8; $ii++)
{
echo "<td class=\"weekdays\" width=\"14%\">",$DaysShort[$ii%7],"</td>\n";
}
for ($ii=1;$ii<8; $ii++) {
echo "<td class=\"weekdays\" width=\"14%\">",$DaysShort[$ii%7],"</td>";
}
echo "</tr>\n";
echo "</tr>";
$curday = -1;
$today = getdate();
while ($curday <=$numberofdays[$month])
{
echo "<tr>\n";
while ($curday <=$numberofdays[$month]) {
echo "<tr>";
for ($ii=0; $ii<7; $ii++)
{
if (($curday == -1)&&($ii==$startdayofweek))
@ -371,13 +367,13 @@ function display_monthcalendar($month, $year)
if (($curday==$today['mday'])&&($year ==$today['year'])&&($month == $today['mon']))
{
echo "<td id=\"today\" ",$bgcolor,"\">".$dayheader." \n";
echo "<td id=\"today\" ",$bgcolor,"\">".$dayheader." ";
}
else
{
echo "<td id=\"days\" ",$bgcolor,"\">".$dayheader." \n";
echo "<td id=\"days\" ",$bgcolor,"\">".$dayheader." ";
}
echo "</td>\n";
echo "</td>";
$curday++;
}
@ -401,9 +397,7 @@ echo "</table>";
* @author: Patrick Cool <patrick.cool@UGent.be>, Ghent University
* @return integer the id of the last added agenda item
*/
function store_new_agenda_item()
{
global $_user /*, $_course*/;
function store_new_agenda_item() {
$TABLEAGENDA = Database::get_main_table(TABLE_MAIN_SYSTEM_CALENDAR);
//$t_agenda_repeat = Database::get_course_Table(TABLE_AGENDA_REPEAT);
@ -486,24 +480,17 @@ function display_courseadmin_links() {
echo "<a href='".api_get_self()."?".api_get_cidreq()."&action=add&amp;origin=".Security::remove_XSS($_GET['origin'])."'>".Display::return_icon('calendar_personal_add.gif', get_lang('AgendaAdd'))." ".get_lang('AgendaAdd')."</a>";
}
function display_student_links()
{
global $show;
if ($_SESSION['sort'] == 'DESC')
{
echo "<a href='".api_get_self()."?sort=asc&amp;origin=".$_GET['origin']."'>".Display::return_icon('calendar_up.gif',get_lang('AgendaSortChronologicallyUp')).' '.get_lang("AgendaSortChronologicallyUp")."</a>";
}
else
{
echo "<a href='".api_get_self()."?sort=desc&amp;origin=".$_GET['origin']."'>".Display::return_icon('calendar_down.gif',get_lang('AgendaSortChronologicallyDown')).' '.get_lang("AgendaSortChronologicallyDown")."</a>";
}
if ($_SESSION['view'] <> 'month')
{
echo "\t<a href=\"".api_get_self()."?action=view&amp;view=month\"><img src=\"../img/calendar_month.gif\" border=\"0\" alt=\"".get_lang('MonthView')."\" /> ".get_lang('MonthView')."</a>\n";
function display_student_links() {
if ($_SESSION['sort'] == 'DESC') {
echo "<a href='".api_get_self()."?sort=asc&amp;origin=".Security::remove_XSS($_GET['origin'])."'>".Display::return_icon('calendar_up.gif',get_lang('AgendaSortChronologicallyUp')).' '.get_lang("AgendaSortChronologicallyUp")."</a>";
} else {
echo "<a href='".api_get_self()."?sort=desc&amp;origin=".Security::remove_XSS($_GET['origin'])."'>".Display::return_icon('calendar_down.gif',get_lang('AgendaSortChronologicallyDown')).' '.get_lang("AgendaSortChronologicallyDown")."</a>";
}
else
{
echo "\t<a href=\"".api_get_self()."?action=view&amp;view=list\"><img src=\"../img/calendar_select.gif\" border=\"0\" alt=\"".get_lang('ListView')."\" /> ".get_lang('ListView')."</a>\n";
if ($_SESSION['view'] <> 'month') {
echo "<a href=\"".api_get_self()."?action=view&amp;view=month\"><img src=\"../img/calendar_month.gif\" border=\"0\" alt=\"".get_lang('MonthView')."\" /> ".get_lang('MonthView')."</a>";
} else {
echo "<a href=\"".api_get_self()."?action=view&amp;view=list\"><img src=\"../img/calendar_select.gif\" border=\"0\" alt=\"".get_lang('ListView')."\" /> ".get_lang('ListView')."</a>";
}
}
/**
@ -512,8 +499,7 @@ function display_student_links()
* @param integer the id of the agenda item we are getting all the information of
* @return an associative array that contains all the information of the agenda item. The keys are the database fields
*/
function get_agenda_item($id)
{
function get_agenda_item($id) {
$TABLEAGENDA = Database::get_main_table(TABLE_MAIN_SYSTEM_CALENDAR);
//$t_agenda_repeat = Database::get_course_table(TABLE_AGENDA_REPEAT);
$item = array();
@ -532,12 +518,9 @@ function get_agenda_item($id)
$item['end_date'] = $entry_to_edit["end_date"];
$item['to'] == "everyone";
// if the item has been sent to everybody then we show the compact to form
if ($item['to']=="everyone")
{
if ($item['to']=="everyone") {
$_SESSION['allow_individual_calendar']="hide";
}
else
{
} else {
$_SESSION['allow_individual_calendar']="show";
}
@ -550,8 +533,7 @@ function get_agenda_item($id)
* 3. modify the attachments (if needed)
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
*/
function store_edited_agenda_item()
{
function store_edited_agenda_item() {
// STEP 1: editing the calendar_event table
// 1.a. some filtering of the input data
@ -626,8 +608,7 @@ function delete_agenda_item($id)
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
* @param integer id the id of the agenda item we are changing the visibility of
*/
function showhide_agenda_item($id)
{
function showhide_agenda_item($id) {
global $nameTools;
/*==================================================
SHOW / HIDE A CALENDAR ITEM
@ -672,7 +653,7 @@ function display_agenda_items()
$stop = 0;
// this is to make a difference between showing everything (all months) or only the current month)
// $show_all_current is a part of the sql statement
if ($_SESSION['show']!=="showall")
if ($_SESSION['show_all_admin']!=="showall")
{
$show_all_current=" AND MONTH(start_date)=$select_month AND year(start_date)=$select_year";
$start = mktime(0,0,0,$select_month,1,$select_year);
@ -731,7 +712,7 @@ function display_agenda_items()
while($myrow=Database::fetch_array($result))
{
$is_repeated = !empty($myrow['parent_event_id']);
echo '<table class="data_table">',"\n";
echo '<table class="data_table">',"";
/*--------------------------------------------------
display: the month bar
--------------------------------------------------*/
@ -740,9 +721,9 @@ function display_agenda_items()
if ($month_bar != api_format_date($myrow["start_date"], "%m%Y"))
{
$month_bar = api_format_date($myrow["start_date"], "%m%Y");
echo "\t<tr>\n\t\t<td class=\"agenda_month_divider\" colspan=\"3\" valign=\"top\">".
echo "<tr><td class=\"agenda_month_divider\" colspan=\"3\" valign=\"top\">".
api_format_date($myrow["start_date"], "%B %Y").
"</td>\n\t</tr>\n";
"</td></tr>";
}
/*--------------------------------------------------
@ -775,22 +756,21 @@ function display_agenda_items()
$text_style="textnow";
}
echo "\t\t<th>\n";
echo "<th>";
// adding an internal anchor
echo "\t\t\t<a name=\"".(int)date("d",strtotime($myrow["start_date"]))."\"></a>";
echo "<a name=\"".(int)date("d",strtotime($myrow["start_date"]))."\"></a>";
// the icons. If the message is sent to one or more specific users/groups
// we add the groups icon
// 2do: if it is sent to groups we display the group icon, if it is sent to a user we show the user icon
Display::display_icon('agenda.gif', get_lang('Agenda'));
if ($myrow['to_group_id']!=='0')
{
Display::display_icon('calendar_global.png', get_lang('Agenda'));
/*if ($myrow['to_group_id']!=='0') {
echo Display::return_icon('group.gif', get_lang('AllUsersOfThePlatform'));
}
echo " ".$myrow['title']."\n";
echo "\t\t</th>\n";
}*/
echo " ".$myrow['title']."";
echo "</th>";
// the message has been sent to
echo "\t\t<th>".get_lang("SentTo").": ".get_lang('AllUsersOfThePlatform');
echo "<th>".get_lang("SentTo").": ".get_lang('AllUsersOfThePlatform');
//$sent_to=sent_to(TOOL_CALENDAR_EVENT, $myrow["ref"]);
//$sent_to_form=sent_to_form($sent_to);
// echo $sent_to_form;
@ -809,16 +789,16 @@ function display_agenda_items()
display: the title
--------------------------------------------------*/
echo "<tr class='row_odd'>";
echo "\t\t<td>".get_lang("StartTimeWindow").": ";
echo "<td>".get_lang("StartTimeWindow").": ";
echo api_format_date($myrow["start_date"]);
echo "</td>\n";
echo "\t\t<td>";
echo "</td>";
echo "<td>";
if ($myrow["end_date"]<>"0000-00-00 00:00:00")
{
echo get_lang("EndTimeWindow").": ";
echo api_convert_and_format_date($myrow["end_date"], null, date_default_timezone_get());
}
echo "</td>\n";
echo "</td>";
// attachment list
//$attachment_list=get_attachment($myrow['id']);
@ -995,12 +975,12 @@ function display_one_agenda_item($agenda_id)
/*--------------------------------------------------
DISPLAY: THE ITEMS
--------------------------------------------------*/
echo "<table id=\"data_table\">\n";
echo "<table id=\"data_table\">";
/*--------------------------------------------------
DISPLAY : the icon, title, destinees of the item
--------------------------------------------------*/
echo "\t<tr>\n";
echo "<tr>";
// highlight: if a date in the small calendar is clicked we highlight the relevant items
$myrow["start_date"] = api_get_local_time($myrow["start_date"], null, date_default_timezone_get());
@ -1028,10 +1008,10 @@ function display_one_agenda_item($agenda_id)
}
echo "\t\t<td class=\"".$style."\">\n";
echo "<td class=\"".$style."\">";
// adding an internal anchor
echo "\t\t\t<a name=\"".(int)date("d",strtotime($myrow["start_date"]))."\"></a>";
echo "<a name=\"".(int)date("d",strtotime($myrow["start_date"]))."\"></a>";
// the icons. If the message is sent to one or more specific users/groups
// we add the groups icon
@ -1041,27 +1021,27 @@ function display_one_agenda_item($agenda_id)
{
echo Display::return_icon('group.gif');
}
echo " ".$myrow['title']."\n";
echo "\t\t</td>\n";
echo " ".$myrow['title']."";
echo "</td>";
// the message has been sent to
echo "\t\t<td class=\"".$stylenotbold."\">".get_lang("SentTo").": ".get_lang('AllUsersOfThePlatform');
echo "<td class=\"".$stylenotbold."\">".get_lang("SentTo").": ".get_lang('AllUsersOfThePlatform');
//$sent_to = sent_to(TOOL_CALENDAR_EVENT, $myrow["ref"]);
//sent_to_form=sent_to_form($sent_to);
//echo $sent_to_form;
echo "</td>\n\t</tr>\n";
echo "</td></tr>";
/*--------------------------------------------------
DISPLAY: the title
--------------------------------------------------*/
echo "\t<tr class=\"".$stylenotbold."\">\n";
echo "\t\t<td>".get_lang("StartTime").": ";
echo "<tr class=\"".$stylenotbold."\">";
echo "<td>".get_lang("StartTime").": ";
echo api_format_date($myrow["start_date"]);
echo "</td>\n";
echo "\t\t<td>".get_lang("EndTime").": ";
echo "</td>";
echo "<td>".get_lang("EndTime").": ";
echo api_convert_and_format_date($myrow["end_date"], null, date_default_timezone_get());
echo "</td>\n";
echo "\n\t</tr>\n";
echo "</td>";
echo "</tr>";
/*--------------------------------------------------
DISPLAY: the content
@ -1073,7 +1053,7 @@ function display_one_agenda_item($agenda_id)
$content = $myrow['content'];
$content = make_clickable($content);
$content = text_filter($content);
//echo "\t<tr>\n\t\t<td class=\"".$text_style."\" colspan='2'>";
//echo "<tr><td class=\"".$text_style."\" colspan='2'>";
//echo $content;
//echo "</td></tr>";
echo "<tr class='row_even'>";
@ -1181,32 +1161,32 @@ echo "</select>";
function show_user_group_filter_form()
{
/** @todo this select missing to implement */
echo "\n<select name=\"select\" onchange=\"MM_jumpMenu('parent',this,0)\">";
echo "\n\t<option value=\"agenda.php?user=none\">".get_lang("ShowAll")."</option>";
echo "<select name=\"select\" onchange=\"MM_jumpMenu('parent',this,0)\">";
echo "<option value=\"agenda.php?user=none\">".get_lang("ShowAll")."</option>";
// Groups
echo "\n\t<optgroup label=\"".get_lang("Groups")."\">";
echo "<optgroup label=\"".get_lang("Groups")."\">";
//$group_list=get_course_groups();
/* foreach($group_list as $this_group)
{
// echo "<option value=\"agenda.php?isStudentView=true&amp;group=".$this_group['id']."\">".$this_group['name']."</option>";
echo "\n\t\t<option value=\"agenda.php?group=".$this_group['id']."\" ";
echo "<option value=\"agenda.php?group=".$this_group['id']."\" ";
echo ($this_group['id']==$_SESSION['group'])? " selected":"" ;
echo ">".$this_group['name']."</option>";
}*/
echo "\n\t</optgroup>";
echo "</optgroup>";
// Users
echo "\n\t<optgroup label=\"".get_lang("Users")."\">";
echo "<optgroup label=\"".get_lang("Users")."\">";
//$user_list=get_course_users();
/* foreach($user_list as $this_user)
{
// echo "<option value=\"agenda.php?isStudentView=true&amp;user=".$this_user['uid']."\">".$this_user['lastName']." ".$this_user['firstName']."</option>";
echo "\n\t\t<option value=\"agenda.php?user=".$this_user['uid']."\" ";
echo "<option value=\"agenda.php?user=".$this_user['uid']."\" ";
echo ($this_user['uid']==$_SESSION['user'])? " selected":"" ;
echo ">".$this_user['lastName']." ".$this_user['firstName']."</option>";
}*/
echo "\n\t</optgroup>";
echo "</optgroup>";
echo "</select>";
}
@ -1332,14 +1312,13 @@ function show_add_form($id = '')
</td></tr>
<td width="10%">
<!-- date: 1 -> 31 -->
<nobr><?php echo get_lang('StartDate').": \n"; ?></nobr>
<nobr><?php echo get_lang('StartDate').": "; ?></nobr>
</td>
<td width="35%">
<select name="fday" onchange="javascript:document.new_calendar_item.end_fday.value=this.value;">
<?php
// small loop for filling all the dates
// 2do: the available dates should be those of the selected month => february is from 1 to 28 (or 29) and not to 31
echo "\n";
foreach (range(1, 31) as $i)
{
// values have to have double digits
@ -1347,11 +1326,11 @@ function show_add_form($id = '')
// the current day is indicated with [] around the date
if ($value==$day)
{
echo "\t\t\t\t <option value=\"".$value."\" selected> ".$i." </option>\n";
echo " <option value=\"".$value."\" selected> ".$i." </option>";
}
else
{
echo "\t\t\t\t<option value=\"$value\">$i</option>\n";
echo "<option value=\"$value\">$i</option>";
}
}
?>
@ -1359,7 +1338,6 @@ function show_add_form($id = '')
<!-- month: january -> december -->
<select name="fmonth" onchange="javascript:document.new_calendar_item.end_fmonth.value=this.value;">
<?php
echo "\n";
for ($i=1; $i<=12; $i++)
{
// values have to have double digits
@ -1373,11 +1351,11 @@ function show_add_form($id = '')
}
if ($value==$month)
{
echo "\t\t\t\t <option value=\"".$value."\" selected>".$MonthsLong[$i-1]."</option>\n";
echo " <option value=\"".$value."\" selected>".$MonthsLong[$i-1]."</option>\n";
}
else
{
echo "\t\t\t\t <option value=\"".$value."\">".$MonthsLong[$i-1]."</option>\n";
echo " <option value=\"".$value."\">".$MonthsLong[$i-1]."</option>\n";
}
} ?>
</select>
@ -1389,7 +1367,7 @@ function show_add_form($id = '')
for ($i=1; $i<=5; $i++)
{
$value=$year+$i;
echo "\t\t\t\t<option value=\"$value\">$value</option>\n";
echo "<option value=\"$value\">$value</option>\n";
} ?>
</select>
<a href="javascript:openCalendar('new_calendar_item','f')"><?php Display::display_icon('calendar_select.gif', get_lang('Select'), array ('style' => 'vertical-align: middle;')); ?></a>
@ -1409,11 +1387,11 @@ function show_add_form($id = '')
// the current hour is indicated with [] around the hour
if ($hours==$value)
{
echo "\t\t\t\t<option value=\"".$value."\" selected> ".$value." </option>\n";
echo "<option value=\"".$value."\" selected> ".$value." </option>\n";
}
else
{
echo "\t\t\t\t<option value=\"$value\">$value</option>\n";
echo "<option value=\"$value\">$value</option>\n";
}
} ?>
</select>
@ -1426,7 +1404,7 @@ function show_add_form($id = '')
{
// values have to have double digits
$value = ($i <= 9 ? '0'.$i : $i );
echo "\t\t\t\t<option value=\"$value\">$value</option>\n";
echo "<option value=\"$value\">$value</option>\n";
} ?>
</select>
</td>
@ -1453,9 +1431,9 @@ function show_add_form($id = '')
$value = ($i <= 9 ? '0'.$i : $i );
// the current day is indicated with [] around the date
if ($value==$end_day)
{ echo "\t\t\t\t <option value=\"".$value."\" selected> ".$i." </option>\n";}
{ echo " <option value=\"".$value."\" selected> ".$i." </option>\n";}
else
{ echo "\t\t\t\t <option value=\"".$value."\">".$i."</option>\n"; }
{ echo " <option value=\"".$value."\">".$i."</option>\n"; }
}?>
</select>
<!-- month: january -> december -->
@ -1467,9 +1445,9 @@ function show_add_form($id = '')
// values have to have double digits
$value = ($i <= 9 ? '0'.$i : $i );
if ($value==$end_month)
{ echo "\t\t\t\t <option value=\"".$value."\" selected>".$MonthsLong[$i-1]."</option>\n"; }
{ echo " <option value=\"".$value."\" selected>".$MonthsLong[$i-1]."</option>\n"; }
else
{ echo "\t\t\t\t <option value=\"".$value."\">".$MonthsLong[$i-1]."</option>\n"; }
{ echo " <option value=\"".$value."\">".$MonthsLong[$i-1]."</option>\n"; }
}?>
</select>
<select name="end_fyear">
@ -1480,7 +1458,7 @@ function show_add_form($id = '')
for ($i=1; $i<=5; $i++)
{
$value=$end_year+$i;
echo "\t\t\t\t<option value=\"$value\">$value</option>\n";
echo "<option value=\"$value\">$value</option>\n";
} ?>
</select>
<a href="javascript:openCalendar('new_calendar_item', 'end_f')"><?php Display::display_icon('calendar_select.gif',get_lang('Select'), array ('style' => 'vertical-align: middle;')); ?></a>
@ -1499,9 +1477,9 @@ function show_add_form($id = '')
$value = ($i <= 9 ? '0'.$i : $i );
// the current hour is indicated with [] around the hour
if ($end_hours==$value)
{ echo "\t\t\t\t<option value=\"".$value."\" selected> ".$value." </option>\n"; }
{ echo "<option value=\"".$value."\" selected> ".$value." </option>\n"; }
else
{ echo "\t\t\t\t<option value=\"".$value."\"> ".$value." </option>\n"; }
{ echo "<option value=\"".$value."\"> ".$value." </option>\n"; }
} ?>
</select>
@ -1513,7 +1491,7 @@ function show_add_form($id = '')
{
// values have to have double digits
$value = ($i <= 9 ? '0'.$i : $i );
echo "\t\t\t\t<option value=\"$value\">$value</option>\n";
echo "<option value=\"$value\">$value</option>\n";
} ?>
</select>
<br>
@ -1564,11 +1542,11 @@ function show_add_form($id = '')
</tr>-->
<?php
//if ($_SESSION['addedresource'])
echo "\t<tr>\n";
echo "\t\t<td colspan=\"4\">\n";
echo "<tr>\n";
echo "<td colspan=\"4\">\n";
//echo display_resources(0);//--------------------------------------------------------
$test=$_SESSION['addedresource'];
echo "\t\t</td>\n\t</tr>\n";
echo "</td>\n</tr>\n";
/* END ADDED BY UGENT, Patrick Cool, march 2004 */
if(empty($id)) //only show repeat fields when adding the first time
{
@ -1687,9 +1665,8 @@ function get_agendaitems($month, $year)
return $agendaitems;
}
function display_upcoming_events()
{
echo '<b>'.get_lang('UpcomingEvent').'</b><br />';
function display_upcoming_events() {
echo '<br /><b>'.get_lang('UpcomingEvent').'</b><br />';
$number_of_items_to_show = (int)api_get_setting('number_of_upcoming_events');
//databases of the courses
@ -1804,7 +1781,7 @@ function display_daycalendar($agendaitems, $day, $month, $year, $weekdaynames, $
$class = "class=\"row_odd\"";
}
echo "<tr $class>\n";
echo "\t";
echo "";
if ($i % 2 == 0)
{
echo ("<td valign=\"top\" width=\"75\">". (($i) / 2)." ".get_lang("HourShort")." 00</td>\n");
@ -1813,7 +1790,7 @@ function display_daycalendar($agendaitems, $day, $month, $year, $weekdaynames, $
{
echo ("<td valign=\"top\" width=\"75\">". ((($i) / 2) - (1 / 2))." ".get_lang("HourShort")." 30</td>\n");
}
echo "\t<td $class valign=\"top\" colspan=\"2\">\n";
echo "<td $class valign=\"top\" colspan=\"2\">\n";
if (is_array($agendaitems[$i]))
{
foreach ($agendaitems[$i] as $key => $value)
@ -1825,7 +1802,7 @@ function display_daycalendar($agendaitems, $day, $month, $year, $weekdaynames, $
{
echo $agendaitems[$i];
}
echo "\t</td>\n";
echo "</td>\n";
echo "</tr>\n";
}
echo "</table>\n";
@ -1875,7 +1852,7 @@ function display_weekcalendar($agendaitems, $month, $year, $weekdaynames, $month
for ($ii = 1; $ii < 8; $ii ++)
{
$is_today = ($ii == $thisday_of_the_week AND (!isset($_GET['week']) OR $_GET['week']==$thisweek_number));
echo "\t<td class=\"weekdays\">";
echo "<td class=\"weekdays\">";
if ($is_today)
{
echo "<font color=#CC3300>";
@ -1909,7 +1886,7 @@ function display_weekcalendar($agendaitems, $month, $year, $weekdaynames, $month
$class = "class=\"days_today\"";
}
echo "\t<td ".$class.">";
echo "<td ".$class.">";
echo "<span class=\"agendaitem\">".$agendaitems[date('j', $value)]."&nbsp;</span> ";
echo "</td>\n";
$counter ++;

109
main/admin/calendar.php
Unescape View File

@ -23,14 +23,6 @@ api_protect_admin_script(true);
// setting breadcrumbs
$interbreadcrumb[] = array('url' => 'index.php', 'name' => get_lang('PlatformAdmin'));
//$interbreadcrumb[] = array('url' => 'session_list.php','name' => get_lang('SessionList'));
// Database Table Definitions
// $tbl_session_rel_course_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
// $tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
// $tbl_session_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_USER);
// $tbl_session_rel_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
// $tbl_course = Database::get_main_table(TABLE_MAIN_COURSE);
// setting the name of the tool
$tool_name= get_lang('SubscribeCoursesToSession');
@ -47,37 +39,30 @@ if(!api_is_platform_admin())
}
}
/*
-----------------------------------------------------------
Libraries
-----------------------------------------------------------
*/
// containing the functions for the agenda tool
include "calendar.lib.php";
// some debug functions
include($includePath."/lib/debug.lib.inc.php");
require_once 'calendar.lib.php';
/*==============================================================================
/*
TREATING THE PARAMETERS
1. viewing month only or everything
2. sort ascending or descending
3. showing or hiding the send-to-specific-groups-or-users form
4. filter user or group
============================================================================== */
*/
// 1. show all or show current month?
if (!$_SESSION['show'])
{
$_SESSION['show']="showall";
if (!$_SESSION['show_all_admin']) {
$_SESSION['show_all_admin']="showall";
}
if (!empty($_GET['action']) and $_GET['action']=="showcurrent")
{
$_SESSION['show']="showcurrent";
$_SESSION['show_all_admin']='showcurrent';
}
if (!empty($_GET['action']) and $_GET['action']=="showall")
{
$_SESSION['show']="showall";
$_SESSION['show_all_admin']='showall';
}
//echo $_SESSION['show'];
// 2. sorting order (ASC or DESC)
if (empty($_GET['sort']) and empty($_SESSION['sort']))
@ -133,9 +118,9 @@ else
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"".$clarolineRepositoryWeb."css/default.css\"/>";
}*/
/* ==============================================================================
/*
SETTING SOME VARIABLES
============================================================================== */
*/
// Variable definitions
// Defining the shorts for the days. We use camelcase because these are arrays of language variables
$DaysShort = api_get_week_days_short();
@ -151,29 +136,18 @@ $tbl_user = Database::get_main_table(TABLE_MAIN_USER);
$tbl_courseUser = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$tbl_group = Database::get_course_table(TABLE_GROUP);
$tbl_groupUser = Database::get_course_table(TABLE_GROUP_USER);
$tbl_session_course_user= Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
/* ==============================================================================
/*
ACCESS RIGHTS
============================================================================== */
*/
// permission stuff - also used by loading from global in agenda.inc.php
$is_allowed_to_edit = is_allowed_to_edit() OR (api_get_course_setting('allow_user_edit_agenda') && !api_is_anonymous());
// Displaying the title of the tool
// api_display_tool_title($nameTools);
// tool introduction
//Display::display_introduction_section(TOOL_CALENDAR_EVENT);
// insert an anchor (top) so one can jump back to the top of the page
echo "<a name=\"top\"></a>";
/*
==============================================================================
MAIN SECTION
==============================================================================
*/
//setting the default year and month
@ -207,21 +181,18 @@ echo '</div><br /><br />';
echo '<table width="100%" border="0" cellspacing="0" cellpadding="0">'
. '<tr>';
// THE LEFT PART
if (empty($_GET['origin']) or $_GET['origin']!='learnpath')
{
if (empty($_GET['origin']) or $_GET['origin']!='learnpath') {
echo '<td width="220" height="19" valign="top">';
// the small calendar
$MonthName = $MonthsLong[$select_month -1];
$agenda_items=get_calendar_items($select_month,$select_year);
if (api_get_setting('display_mini_month_calendar') == 'true')
{
if (api_get_setting('display_mini_month_calendar') == 'true') {
display_minimonthcalendar($agenda_items, $select_month,$select_year, $MonthName);
}
/*if (api_get_setting('display_upcoming_events') == 'true') {
if (api_get_setting('display_upcoming_events') == 'true') {
display_upcoming_events();
}*/
}
echo '</td>';
echo '<td width="20" background="../img/verticalruler.gif">&nbsp;</td>';
}
@ -232,17 +203,13 @@ echo '<td valign="top">';
echo '<div class="sort" style="float:right">';
echo '</div>';
if (api_is_allowed_to_edit(false,true))
{
if (api_is_allowed_to_edit(false,true)) {
switch ($_GET['action'])
{
case "add":
if(!empty($_POST['ical_submit'])) {
$course_info = api_get_course_info();
agenda_import_ical($course_info,$_FILES['ical_import']);
if (api_get_setting('display_upcoming_events') == 'true') {
display_upcoming_events();
}
agenda_import_ical($course_info,$_FILES['ical_import']);
display_agenda_items();
} elseif ($_POST['submit_event']) {
@ -258,10 +225,7 @@ if (api_is_allowed_to_edit(false,true))
$end_d = intval($_POST['repeat_end_day']);
$end = mktime(23, 59, 59, $end_m, $end_d, $end_y);
$res = agenda_add_repeat_item($course_info,$id,$_POST['repeat_type'],$end,null,$_POST['file_comment']);
}
if (api_get_setting('display_upcoming_events') == 'true') {
display_upcoming_events();
}
}
display_agenda_items();
} else {
show_add_form();
@ -275,22 +239,12 @@ if (api_is_allowed_to_edit(false,true))
{ $my_id_attach = (int)$_REQUEST['id_attach'];
$my_file_comment = Database::escape_string($_REQUEST['file_comment']);
store_edited_agenda_item($my_id_attach,$my_file_comment);
if (api_get_setting('display_upcoming_events') == 'true') {
display_upcoming_events();
}
display_agenda_items();
}
else
{
} else {
$id=(int)$_GET['id'];
show_add_form($id);
}
}
else
{
if (api_get_setting('display_upcoming_events') == 'true') {
display_upcoming_events();
}
} else {
display_agenda_items();
}
break;
@ -308,10 +262,7 @@ if (api_is_allowed_to_edit(false,true))
}
}
}
if (api_get_setting('display_upcoming_events') == 'true') {
display_upcoming_events();
}
display_agenda_items();
display_agenda_items();
break;
case "showhide":
@ -320,9 +271,6 @@ if (api_is_allowed_to_edit(false,true))
{ // a coach can only delete an element belonging to his session
showhide_agenda_item($id);
}
if (api_get_setting('display_upcoming_events') == 'true') {
display_upcoming_events();
}
display_agenda_items();
break;
case "announce": //copying the agenda item into an announcement
@ -334,9 +282,6 @@ if (api_is_allowed_to_edit(false,true))
echo '<br />';
Display::display_normal_message(get_lang('CopiedAsAnnouncement').'<a href="../announcements/announcements.php?id='.$ann_id.$tool_group_link.'">'.get_lang('NewAnnouncement').'</a>', false);
}
if (api_get_setting('display_upcoming_events') == 'true') {
display_upcoming_events();
}
display_agenda_items();
break;
case "delete_attach": //delete attachment file
@ -344,9 +289,6 @@ if (api_is_allowed_to_edit(false,true))
if (!empty($id_attach)) {
delete_attachment_file($id_attach);
}
if (api_get_setting('display_upcoming_events') == 'true') {
display_upcoming_events();
}
display_agenda_items();
break;
@ -382,15 +324,10 @@ if (!$_GET['action'] OR $_GET['action']=="showall" OR $_GET['action']=="showcur
echo "&nbsp;</td></tr></table>";
/*
==============================================================================
FOOTER
==============================================================================
*/
// The footer is displayed only if we are not in the learnpath
if ($_GET['origin'] != 'learnpath')
{
if ($_GET['origin'] != 'learnpath') {
Display::display_footer();
}
?>
?>

10
main/admin/user_edit.php
Unescape View File

@ -1,9 +1,7 @@
<?php // $Id: user_edit.php 22233 2009-07-20 09:54:05Z ivantcholakov $
/* For licensing terms, see /dokeos_license.txt */
<?php
/* For licensing terms, see /license.txt */
/**
==============================================================================
* @package dokeos.admin
==============================================================================
* @package chamilo.admin
*/
// Language files that should be included
@ -11,7 +9,7 @@ $language_file = array('admin', 'registration');
$cidReset = true;
include '../inc/global.inc.php';
require_once '../inc/global.inc.php';
$this_section = SECTION_PLATFORM_ADMIN;

52
main/admin/user_list.php
Unescape View File

@ -32,6 +32,43 @@ function load_course_list (div_course,my_user_id) {
}
});
}
function active_user(element_div) {
id_image=$(element_div).attr("id");
image_clicked=$(element_div).attr("src");
image_clicked_info = image_clicked.split("/");
image_real_clicked = image_clicked_info[image_clicked_info.length-1];
var status = 1;
if (image_real_clicked == "right.gif") {
status = 0;
}
user_id=id_image.split("_");
ident="#img_"+user_id[1];
if (confirm("'.get_lang('AreYouSureToEditTheUserStatus', '').'")) {
$.ajax({
contentType: "application/x-www-form-urlencoded",
beforeSend: function(objeto) {
$(ident).attr("src","'.api_get_path(WEB_IMG_PATH).'loading1.gif'.'"); }, //candy eye stuff
type: "GET",
url: "'.api_get_path(WEB_AJAX_PATH).'user_manager.ajax.php?a=active_user",
data: "user_id="+user_id[1]+"&status="+status,
success: function(datos) {
if (status == 1) {
$(ident).attr("src","'.api_get_path(WEB_IMG_PATH).'right.gif'.'");
$(ident).attr("title","'.get_lang('Lock').'");
} else {
$(ident).attr("src","'.api_get_path(WEB_IMG_PATH).'wrong.gif'.'");
$(ident).attr("title","'.get_lang('Unlock').'");
}
}
});
}
}
function clear_course_list (div_course) {
$("div#"+div_course).html("&nbsp;");
$("div#"+div_course).hide("");
@ -505,8 +542,10 @@ function modify_filter($user_id,$url_params,$row)
}
if ($row[0]<>$_user['user_id'] && $user_is_anonymous == false) {
// you cannot lock yourself out otherwise you could disable all the accounts including your own => everybody is locked out and nobody can change it anymore.
$result .= '<a href="user_list.php?action=delete_user&amp;user_id='.$user_id.'&amp;'.$url_params.'&amp;sec_token='.$_SESSION['sec_token'].'" onclick="javascript:if(!confirm('."'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES,$charset))."'".')) return false;">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
} else {
$result .= Display::return_icon('delete_na.gif', get_lang('Delete'));
}
@ -550,20 +589,25 @@ function active_filter($active, $url_params, $row) {
global $_user;
if ($active=='1') {
$action='lock';
$action='Lock';
$image='right';
} elseif ($active=='-1') {
$action='edit';
$image='expired';
} elseif ($active=='0') {
$action='unlock';
$action='Unlock';
$image='wrong';
}
if ($action=='edit') {
$result = Display::return_icon($image.'.gif', get_lang('AccountExpired'));
}elseif ($row['0']<>$_user['user_id']) { // you cannot lock yourself out otherwise you could disable all the accounts including your own => everybody is locked out and nobody can change it anymore.
$result = '<a href="user_list.php?action='.$action.'&amp;user_id='.$row['0'].'&amp;'.$url_params.'&amp;sec_token='.$_SESSION['sec_token'].'">'.Display::return_icon($image.'.gif', get_lang(ucfirst($action))).'</a>';
} elseif ($row['0']<>$_user['user_id']) {
// you cannot lock yourself out otherwise you could disable all the accounts including your own => everybody is locked out and nobody can change it anymore.
//$result = '<a href="user_list.php?action='.$action.'&amp;user_id='.$row['0'].'&amp;'.$url_params.'&amp;sec_token='.$_SESSION['sec_token'].'">'.Display::return_icon($image.'.gif', get_lang(ucfirst($action))).'</a>';
//$result = '<a href="'.api_get_path(WEB_AJAX_PATH).'user_manager.ajax.php?action=active_user&amp;user_id='.$row['0'].'&amp;'.$url_params.'&amp;sec_token='.$_SESSION['sec_token'].'">';
$result .=Display::return_icon($image.'.gif', get_lang(ucfirst($action)), array('onclick'=>'active_user(this);', 'id'=>'img_'.$row['0'])).'</a>';
//$result .= '<div>';
}
return $result;
}

1035
main/announcements/announcements.inc.php
View File

File diff suppressed because it is too large Load Diff

457
main/announcements/announcements.php
Unescape View File

@ -1,12 +1,14 @@
<?php //$Id: announcements.php 2009-11-13 18:56:45Z aportugal $
<?php
/* For licensing terms, see /license.txt */
/**
* @author Frederik Vermeire <frederik.vermeire@pandora.be>, UGent Internship
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University: code cleaning
* @author Julio Montoya <gugli100@gmail.com>, MORE code cleaning
*
* @abstract The task of the internship was to integrate the 'send messages to specific users' with the
* Announcements tool and also add the resource linker here. The database also needed refactoring
* as there was no title field (the title was merged into the content field)
* @package dokeos.announcements
* @package chamilo.announcements
* @todo make AWACS out of the configuration settings
* @todo this file is 1200+ lines without any functions -> needs to be split into
* multiple functions
@ -15,9 +17,7 @@
INIT SECTION
*/
// name of the language file that needs to be included
$language_file[] = 'announcements';
$language_file[] = 'group';
$language_file[] = 'survey';
$language_file = array('announcements', 'group', 'survey');
// use anonymous mode when accessing this course tool
$use_anonymous = true;
@ -25,10 +25,8 @@ $use_anonymous = true;
// setting the global file that gets the general configuration, the databases, the languages, ...
require_once '../inc/global.inc.php';
$this_section=SECTION_COURSES;
$nameTools = get_lang('ToolAnnouncement');
//session
if(isset($_GET['id_session'])) {
$_SESSION['id_session'] = intval($_GET['id_session']);
@ -64,75 +62,66 @@ $tbl_announcement = Database::get_course_table(TABLE_ANNOUNCEMENT);
$tbl_announcement_attachment = Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT);
$tbl_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY);
/* Libraries */
$lib = api_get_path(LIBRARY_PATH); //avoid useless function calls
require_once $lib.'groupmanager.lib.php';
require_once $lib.'mail.lib.inc.php';
require_once $lib.'debug.lib.inc.php';
require_once $lib.'tracking.lib.php';
require_once $lib.'fckeditor/fckeditor.php';
require_once $lib.'fileUpload.lib.php';
require_once 'announcements.inc.php';
/*
Resource linker
*/
$_SESSION['source_type']="Ad_Valvas";
include '../resourcelinker/resourcelinker.inc.php';
if (!empty($_POST['addresources'])) // When the "Add Resource" button is clicked we store all the form data into a session
{
include('announcements.inc.php');
$_SESSION['source_type']="Ad_Valvas";
require_once '../resourcelinker/resourcelinker.inc.php';
$form_elements= array ('emailTitle'=>stripslashes($emailTitle), 'newContent'=>stripslashes($newContent), 'id'=>$id, 'to'=>$selectedform, 'emailoption'=>$email_ann);
if (!empty($_POST['addresources'])) {
// When the "Add Resource" button is clicked we store all the form data into a session
$form_elements= array ('emailTitle'=>Security::remove_XSS($emailTitle), 'newContent'=>Security::remove_XSS($newContent), 'id'=>$id, 'to'=>$selectedform, 'emailoption'=>$email_ann);
$_SESSION['formelements']=$form_elements;
if($id) // this is to correctly handle edits
{
$action="edit";
}else
{
$action="add";
if($id) {
// this is to correctly handle edits
$action="edit";
} else {
$action="add";
}
// ============== //
// 7 = Ad_Valvas //
// ============== //
if($surveyid)
{
if($surveyid) {
header("Location: ../resourcelinker/resourcelinker.php?source_id=7&action=$action&id=$id&originalresource=no&publish_survey=$surveyid&db_name=$db_name&cidReq=$cidReq");
exit;
}
else
{
} else {
header("Location: ../resourcelinker/resourcelinker.php?source_id=7&action=$action&id=$id&originalresource=no");
exit;
}
exit;
}
/*
Tracking
*/
/* Tracking */
event_access_tool(TOOL_ANNOUNCEMENT);
/*
Libraries
*/
$lib = api_get_path(LIBRARY_PATH); //avoid useless function calls
require_once $lib.'groupmanager.lib.php';
require_once $lib.'mail.lib.inc.php';
require_once $lib.'debug.lib.inc.php';
require_once $lib.'tracking.lib.php';
require_once $lib.'fckeditor/fckeditor.php';
require_once $lib.'fileUpload.lib.php';
require_once 'announcements.inc.php';
/*
POST TO
*/
/* POST TO */
$safe_emailTitle = $_POST['emailTitle'];
$safe_newContent = $_POST['newContent'];
if (!empty($_POST['To']))
{
if (!empty($_POST['To'])) {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
api_not_allowed();
}
$display_form = true;
$form_elements = array ('emailTitle'=>$safe_emailTitle, 'newContent'=>$safe_newContent, 'id'=>Security::remove_XSS($_POST['id']), 'emailoption'=>Security::remove_XSS($_POST['email_ann']));
$form_elements = array ('emailTitle'=>$safe_emailTitle, 'newContent'=>$safe_newContent, 'id'=>$_POST['id'], 'emailoption'=>$_POST['email_ann']);
$_SESSION['formelements'] = $form_elements;
$form_elements = $_SESSION['formelements'];
@ -146,17 +135,14 @@ if (!empty($_POST['To']))
*/
$setting_select_groupusers = true;
if (empty($_POST['To']) and !$_SESSION['select_groupusers'])
{
if (empty($_POST['To']) and !$_SESSION['select_groupusers']) {
$_SESSION['select_groupusers'] = "hide";
}
$select_groupusers_status=$_SESSION['select_groupusers'];
if (!empty($_POST['To']) and ($select_groupusers_status=="hide"))
{
if (!empty($_POST['To']) and ($select_groupusers_status=="hide")) {
$_SESSION['select_groupusers'] = "show";
}
if (!empty($_POST['To']) and ($select_groupusers_status=="show"))
{
if (!empty($_POST['To']) and ($select_groupusers_status=="show")) {
$_SESSION['select_groupusers'] = "hide";
}
@ -204,7 +190,7 @@ if(!empty($_GET['toolgroup'])){
if($_GET['toolgroup'] == strval(intval($_GET['toolgroup']))){ //check is integer
$toolgroup = $_GET['toolgroup'];
$_SESSION['select_groupusers'] = 'hide';
}else{
} else {
$toolgroup = 0;
}
api_session_register("toolgroup");
@ -218,32 +204,29 @@ if(!empty($_GET['toolgroup'])){
$ctok = $_SESSION['sec_token'];
$stok = Security::get_token();
if (!empty($_SESSION['formelements']) and !empty($_GET['originalresource']) and $_GET['originalresource'] == 'no')
{
if (!empty($_SESSION['formelements']) and !empty($_GET['originalresource']) and $_GET['originalresource'] == 'no') {
$form_elements = $_SESSION['formelements'];
$title_to_modify = $form_elements['emailTitle'];
$content_to_modify = $form_elements['newContent'];
$announcement_to_modify = $form_elements['id'];
$to = $form_elements['to'];
//load_edit_users('announcement',$announcement_to_modify);
$email_ann = $form_elements['emailoption'];
}
if(!empty($_GET['remind_inactive']))
{
if(!empty($_GET['remind_inactive'])) {
$to[] = 'USER:'.intval($_GET['remind_inactive']);
}
/*
Survey
*/
$surveyid = 0;
if(!empty($_REQUEST['publish_survey']))
{
$surveyid=Database::escape_string(Security::remove_XSS($_REQUEST['publish_survey']));
if(!empty($_REQUEST['publish_survey'])) {
$surveyid=intval($_REQUEST['publish_survey']);
}
$cidReq=Database::escape_string($_REQUEST['cidReq']);
if($surveyid)
{
//@todo fix those request values
$cidReq = Database::escape_string($_REQUEST['cidReq']);
if($surveyid) {
$db_name=Database::escape_string($_REQUEST['db_name']);
$sql_temp = "SELECT * FROM $db_name.survey WHERE survey_id='$surveyid'";
$res_temp = Database::query($sql_temp);
@ -274,10 +257,9 @@ if (!empty($_SESSION['toolgroup'])){
// showing the header if we are not in the learning path, if we are in
// the learning path, we do not include the banner so we have to explicitly
// include the stylesheet, which is normally done in the header
if (empty($_GET['origin']) or $_GET['origin'] !== 'learnpath')
{
if (empty($_GET['origin']) or $_GET['origin'] !== 'learnpath') {
//we are not in the learning path
Display::Display_header($nameTools,"Announcements");
Display::display_header($nameTools,get_lang('Announcements'));
} else {
//we are in the learning path, only display central data and change css
$display_title_list = false;
@ -285,8 +267,6 @@ if (empty($_GET['origin']) or $_GET['origin'] !== 'learnpath')
$display_specific_announcement = true;
$announcement_id = $_REQUEST['ann_id'];
?> <link rel="stylesheet" type="text/css" href="<?php echo api_get_path(WEB_CODE_PATH).'css/'.$my_style; ?>/default.css">
<!-- css file for announcements -->
<link href="../css/<?php echo $my_style; ?>/announcements.css" rel="stylesheet" type="text/css">
<?php
}
@ -309,23 +289,21 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
api_not_allowed();
}
$id=intval($_GET['id']);
if (!api_is_course_coach() || api_is_element_in_the_session(TOOL_ANNOUNCEMENT, $id)) {
if (!api_is_course_coach() || api_is_element_in_the_session(TOOL_ANNOUNCEMENT, $_GET['id'])) {
if ($ctok == $_GET['sec_token']) {
change_visibility_announcement(TOOL_ANNOUNCEMENT,$id);
$message = get_lang("VisibilityChanged");
AnnouncementManager::change_visibility_announcement($_course, $_GET['id']);
$message = get_lang('VisibilityChanged');
}
}
}
}
/*
Delete announcement
*/
if (!empty($_GET['action']) AND $_GET['action']=='delete' AND isset($_GET['id'])) {
/*
Delete announcement
*/
if (!empty($_GET['action']) && $_GET['action']=='delete' && isset($_GET['id'])) {
//Database::query("DELETE FROM $tbl_announcement WHERE id='$delete'");
$id=intval(addslashes($_GET['id']));
$id=intval($_GET['id']);
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
api_not_allowed();
}
@ -333,42 +311,34 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
if (!api_is_course_coach() || api_is_element_in_the_session(TOOL_ANNOUNCEMENT, $id)) {
// tooledit : visibility = 2 : only visibile for platform administrator
if ($ctok == $_GET['sec_token']) {
Database::query("UPDATE $tbl_item_property SET visibility='2' WHERE tool='".TOOL_ANNOUNCEMENT."' and ref='".$id."'");
if ($ctok == $_GET['sec_token']) {
AnnouncementManager::delete_announcement($_course, $id);
delete_added_resource("Ad_Valvas", $delete);
$id = null;
$emailTitle = null;
$newContent = null;
$message = get_lang("AnnouncementDeleted");
$message = get_lang('AnnouncementDeleted');
}
}
}
/*
Delete all announcements
*/
/*
Delete all announcements
*/
if (!empty($_GET['action']) and $_GET['action']=='delete_all') {
//Database::query("DELETE FROM $tbl_announcement");
if (api_is_allowed_to_edit()) {
Database::query("UPDATE $tbl_item_property SET visibility='2' WHERE tool='".TOOL_ANNOUNCEMENT."'");
delete_all_resources_type("Ad_Valvas");
if (api_is_allowed_to_edit()) {
AnnouncementManager::delete_all_announcements($_course);
$id = null;
$emailTitle = null;
$newContent = null;
$message = get_lang("AnnouncementDeletedAll");
$message = get_lang('AnnouncementDeletedAll');
}
}
/*
Modify announcement
*/
/*
Modify announcement
*/
if (!empty($_GET['action']) and $_GET['action']=='modify' AND isset($_GET['id'])) {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
api_not_allowed();
@ -408,9 +378,10 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
}
/*
Move announcement up/down
*/
/*
Move announcement up/down
*/
if ($ctok == $_GET['sec_token']) {
if (!empty($_GET['down'])) {
$thisAnnouncementId = intval($_GET['down']);
@ -464,9 +435,9 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
$message = get_lang('AnnouncementMoved');
}
/*
Submit announcement
*/
/*
Submit announcement
*/
//if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) {
$emailTitle=(!empty($_POST['emailTitle'])?$safe_emailTitle:'');
@ -489,7 +460,7 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
if ($ctok == $_POST['sec_token']) {
$file_comment = $_POST['file_comment'];
$file = $_FILES['user_upload'];
$edit_id = edit_advalvas_item($id,$emailTitle,$newContent,$_POST['selectedform'],$file,$file_comment);
$edit_id = edit_advalvas_item($id, $emailTitle, $newContent, $_POST['selectedform'], $file, $file_comment);
if (!$delete) {
update_added_resources("Ad_Valvas", $id);
}
@ -500,24 +471,23 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
if ($ctok == $_POST['sec_token']) {
if (!$surveyid) {
$result = Database::query("SELECT MAX(display_order) FROM $tbl_announcement WHERE session_id=".intval($_SESSION['id_session'])." OR session_id=0");
$result = Database::query("SELECT MAX(display_order) FROM $tbl_announcement WHERE session_id=".api_get_session_id()." OR session_id=0");
list($orderMax) = Database::fetch_row($result);
$order = $orderMax + 1;
$file = $_FILES['user_upload'];
$file_comment = $_POST['file_comment'];
if (!empty($_SESSION['toolgroup'])) {
$insert_id=store_advalvas_group_item($safe_emailTitle,$safe_newContent,$order,array('GROUP:'.$_SESSION['toolgroup']),$_POST['selectedform'],$file,$file_comment);
$insert_id = store_advalvas_group_item($safe_emailTitle,$safe_newContent,$order,array('GROUP:'.$_SESSION['toolgroup']),$_POST['selectedform'],$file,$file_comment);
} else {
$insert_id=store_advalvas_item($safe_emailTitle,$safe_newContent,$order,$_POST['selectedform'],$file,$file_comment);
$insert_id = store_advalvas_item($safe_emailTitle, $safe_newContent, $order, $_POST['selectedform'], $file, $file_comment);
}
store_resources($_SESSION['source_type'],$insert_id);
$_SESSION['select_groupusers']="hide";
$message = get_lang('AnnouncementAdded');
}
/*
MAIL WHEN USER COMES FROM SURVEY
*/
/* MAIL WHEN USER COMES FROM SURVEY */
if ($_POST['emailsAdd']) {
@ -575,9 +545,7 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
}
}
/*
MAIL FUNCTION
*/
/* MAIL FUNCTION */
if ($_POST['email_ann'] && empty($_POST['onlyThoseMails'])) {
@ -587,16 +555,11 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
// groepen omzetten in users
if ($grouplist) {
$grouplist = "'".implode("', '",$grouplist)."'"; //protect individual elements with surrounding quotes
$sql = "SELECT user_id
FROM $tbl_groupUser gu
WHERE gu.group_id IN (".$grouplist.")";
$groupMemberResult = Database::query($sql);
if ($groupMemberResult) {
while ($u = Database::fetch_array($groupMemberResult)) {
$userlist [] = $u ['user_id']; // complete the user id list ...
@ -604,48 +567,39 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
}
}
if (is_array($userlist)) {
$userlist = "'".implode("', '", array_unique($userlist) )."'";
// send to the created 'userlist'
$sqlmail = "SELECT user_id, lastname, firstname, email
FROM $tbl_user
WHERE user_id IN (".$userlist.")";
FROM $tbl_user
WHERE user_id IN (".$userlist.")";
} else if (empty($_POST['not_selected_form'])) {
if(empty($_SESSION['id_session']) || api_get_setting('use_session_mode')=='false') {
// send to everybody
$sqlmail = "SELECT user.user_id, user.email, user.lastname, user.firstname
FROM $tbl_course_user, $tbl_user
WHERE course_code='".Database::escape_string($_course['sysCode'])."'
AND course_rel_user.user_id = user.user_id AND relation_type <>".COURSE_RELATION_TYPE_RRHH." ";
FROM $tbl_course_user, $tbl_user
WHERE course_code='".Database::escape_string($_course['sysCode'])."'
AND course_rel_user.user_id = user.user_id AND relation_type <>".COURSE_RELATION_TYPE_RRHH." ";
} else {
$sqlmail = "SELECT user.user_id, user.email, user.lastname, user.firstname
FROM $tbl_user
INNER JOIN $tbl_session_course_user
ON $tbl_user.user_id = $tbl_session_course_user.id_user
AND $tbl_session_course_user.course_code = '".$_course['id']."'
AND $tbl_session_course_user.id_session = ".intval($_SESSION['id_session']);
FROM $tbl_user
INNER JOIN $tbl_session_course_user
ON $tbl_user.user_id = $tbl_session_course_user.id_user
AND $tbl_session_course_user.course_code = '".$_course['id']."'
AND $tbl_session_course_user.id_session = ".api_get_session_id();
}
}
if ($sqlmail != '') {
$rs_mail = Database::query($sqlmail);
/*=================================================================================
send email one by one to avoid antispam
=================================================================================*/
/* Send email one by one to avoid antispam */
$db_name = Database::get_course_table(TABLE_MAIN_SURVEY);
while ($myrow = Database::fetch_array($rs_mail)) {
/* Header : Bericht van uw lesgever - GES ($_cid)
Body : John Doe (prenom + nom) <john_doe@hotmail.com> (email)
Morgen geen les!! (emailTitle)
Morgen is er geen les, de les wordt geschrapt wegens vergadering (newContent)
*/
$emailSubject = "[" . $_course['official_code'] . "] " . $emailTitle;
if ($surveyid) {
@ -658,39 +612,38 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
$message=stripslashes($newContentsix);
$sender_name = api_get_person_name($_SESSION['_user']['lastName'], $_SESSION['_user']['firstName'], null, PERSON_NAME_EMAIL_ADDRESS);
$email = $_SESSION['_user']['mail'];
$headers="From:$sender_name\r\nReply-to: $email";
//@mail($myrow["email"],stripslashes($emailTitle),$message,$headers);
$headers="From:$sender_name\r\nReply-to: $email";
@api_mail('',$myrow["email"],stripslashes($emailTitle),$message,$sender_name,$email);
} else {
// intro of the email: receiver name and subject
$mail_body = api_get_person_name($myrow["lastname"], $myrow["firstname"], null, PERSON_NAME_EMAIL_ADDRESS)."<br />\n".stripslashes($emailTitle)."<br />";
$mail_body = api_get_person_name($myrow["lastname"], $myrow["firstname"], null, PERSON_NAME_EMAIL_ADDRESS)."<br />\n".stripslashes($emailTitle)."<br />";
// main part of the email
// Main part of the email
$mail_body .= trim(stripslashes($newContent));
// signature of email: sender name and course URL after -- line
// Signature of email: sender name and course URL after -- line
$mail_body .= "<br />-- <br />";
$mail_body .= api_get_person_name($_user['firstName'], $_user['lastName'], null, PERSON_NAME_EMAIL_ADDRESS)." \n";
$mail_body .= "<br /> \n<a href=\"".api_get_path(WEB_CODE_PATH).'announcements/announcements.php?'.api_get_cidreq()."\">";
$mail_body .= $_course['official_code'].' '.$_course['name'] . "</a>";
$recipient_name = api_get_person_name($myrow["firstname"], $myrow["lastname"], null, PERSON_NAME_EMAIL_ADDRESS);
$mailid = $myrow["email"];
$recipient_name = api_get_person_name($myrow["firstname"], $myrow["lastname"], null, PERSON_NAME_EMAIL_ADDRESS);
$mailid = $myrow["email"];
$sender_name = api_get_person_name($_SESSION['_user']['firstName'], $_SESSION['_user']['lastName'], null, PERSON_NAME_EMAIL_ADDRESS);
$sender_email = $_SESSION['_user']['mail'];
$sender_name = api_get_person_name($_SESSION['_user']['firstName'], $_SESSION['_user']['lastName'], null, PERSON_NAME_EMAIL_ADDRESS);
$sender_email = $_SESSION['_user']['mail'];
// send attachment file
$data_file = array();
$sql = 'SELECT path, filename FROM '.$tbl_announcement_attachment.' WHERE announcement_id = "'.$insert_id.'"';
$rs_attach = Database::query($sql);
if (Database::num_rows($rs_attach) > 0) {
$row_attach = Database::fetch_array($rs_attach);
$path_attach = api_get_path(SYS_COURSE_PATH).$_course['path'].'/upload/announcements/'.$row_attach['path'];
$filename_attach = $row_attach['filename'];
$data_file = array('path' => $path_attach,'filename' => $filename_attach);
}
// send attachment file
$data_file = array();
$sql = 'SELECT path, filename FROM '.$tbl_announcement_attachment.' WHERE announcement_id = "'.$insert_id.'"';
$rs_attach = Database::query($sql);
if (Database::num_rows($rs_attach) > 0) {
$row_attach = Database::fetch_array($rs_attach);
$path_attach = api_get_path(SYS_COURSE_PATH).$_course['path'].'/upload/announcements/'.$row_attach['path'];
$filename_attach = $row_attach['filename'];
$data_file = array('path' => $path_attach,'filename' => $filename_attach);
}
@api_mail_html($recipient_name, $mailid, stripslashes($emailSubject), $mail_body, $sender_name, $sender_email, null, $data_file, true);
@api_mail_html($recipient_name, $mailid, stripslashes($emailSubject), $mail_body, $sender_name, $sender_email, null, $data_file, true);
}
$sql_date="SELECT * FROM $db_name WHERE survey_id='$surveyid'";
@ -723,7 +676,6 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
update_mail_sent($insert_id);
$message = $added_and_sent;
}
} // $email_ann*/
} // end condition token
} // isset
@ -778,13 +730,20 @@ $condition_session = api_get_session_condition($session_id);
if(api_is_allowed_to_edit(false,true)) {
// check teacher status
if (empty($_GET['origin']) or $_GET['origin'] !== 'learnpath') {
if (api_get_group_id() == 0) {
$group_condition = "";
} else {
$group_condition = "AND (ip.to_group_id='".api_get_group_id()."' OR ip.to_group_id = 0)";
}
$sql="SELECT
announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
FROM $tbl_announcement announcement, $tbl_item_property ip
WHERE announcement.id = ip.ref
AND ip.tool='announcement'
AND ip.visibility<>'2'
$group_condition
$condition_session
GROUP BY ip.ref
ORDER BY display_order DESC
@ -793,18 +752,28 @@ if(api_is_allowed_to_edit(false,true)) {
} else {
// students only get to see the visible announcements
if (empty($_GET['origin']) or $_GET['origin'] !== 'learnpath') {
$group_memberships=GroupManager::get_group_ids($_course['dbName'], $_user['user_id']);
if ((api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) {
$cond_user_id = " AND (ip.lastedit_user_id = '".api_get_user_id()."' OR ( ip.to_user_id='".$_user['user_id']."'" .
if (api_get_group_id() == 0) {
$cond_user_id = " AND (ip.lastedit_user_id = '".api_get_user_id()."' OR ( ip.to_user_id='".$_user['user_id']."'" .
"OR ip.to_group_id IN (0, ".implode(", ", $group_memberships)."))) ";
} else {
$cond_user_id = " AND (ip.lastedit_user_id = '".api_get_user_id()."'
OR ip.to_group_id IN (0, ".api_get_group_id()."))";
}
} else {
$cond_user_id = " AND ( ip.to_user_id='".$_user['user_id']."'" .
"OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).")) ";
if (api_get_group_id() == 0) {
$cond_user_id = " AND ( ip.to_user_id='".$_user['user_id']."'" .
"OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).")) ";
} else {
$cond_user_id = " AND ( ip.to_user_id='".$_user['user_id']."'" .
"OR ip.to_group_id IN (0, ".api_get_group_id().")) ";
}
}
// the user is member of several groups => display personal announcements AND his group announcements AND the general announcements
if (is_array($group_memberships) && count($group_memberships)>0) {
$sql="SELECT
@ -884,17 +853,19 @@ if (!$surveyid) {
}
if (api_is_allowed_to_edit() && $announcement_number > 1) {
if (!$show_actions)
echo '<div class="actions">';
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&action=delete_all\" onclick=\"javascript:if(!confirm('".get_lang("ConfirmYourChoice")."')) return false;\">".Display::return_icon('valvesdelete.gif',get_lang('AnnouncementDeleteAll')).get_lang('AnnouncementDeleteAll')."</a>\n"; } // if announcementNumber > 1
if ($show_actions)
echo '</div>';
if (api_get_group_id() == 0 ) {
if (!$show_actions)
echo '<div class="actions">';
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&action=delete_all\" onclick=\"javascript:if(!confirm('".get_lang("ConfirmYourChoice")."')) return false;\">".Display::return_icon('valvesdelete.gif',get_lang('AnnouncementDeleteAll')).get_lang('AnnouncementDeleteAll')."</a>\n"; } // if announcementNumber > 1
}
if ($show_actions)
echo '</div>';
}
if (empty($_GET['origin']) OR $_GET['origin'] !== 'learnpath') {
echo "\n\n<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n";
echo "\t<tr>\n";
echo "\t\t<td width=\"20%\" valign=\"top\">\n";
echo "<tr>\n";
echo "<td width=\"20%\" valign=\"top\">\n";
}
/*
@ -902,12 +873,12 @@ if (empty($_GET['origin']) OR $_GET['origin'] !== 'learnpath') {
*/
if (!$surveyid) {
if ($display_title_list == true) {
echo "\t\t\t<table>\n";
echo "<table>\n";
while ($myrow = Database::fetch_array($result)) {
$title = $myrow['title'];
$title = Security::remove_XSS($title);
echo "\t\t\t\t<tr>\n";
echo "\t\t\t\t\t<td width=\"15%\">\n";
echo "<tr>\n";
echo "<td width=\"15%\">\n";
if ($myrow['visibility']==0) {
$class="class=\"invisible\"";
} else {
@ -916,18 +887,18 @@ if (!$surveyid) {
//validation when belongs to a session
$session_img = api_get_session_image($myrow['session_id'], $_user['status']);
echo "\t\t\t\t\t\t".Display::return_icon('lp_announcement.png', api_convert_and_format_date($myrow['end_date'], DATE_FORMAT_LONG), array('align' => 'absmiddle', 'Width' => '10', 'Height' => '10'))." <a style=\"text-decoration:none\" href=\"announcements.php?".api_get_cidreq()."#".$myrow['id']."\" ".$class.">" . api_trunc_str($title, $length) . "</a>\n" . $session_img;
echo "\t\t\t\t\t</td>\n\t\t\t\t</tr>\n";
echo Display::return_icon('lp_announcement.png', api_convert_and_format_date($myrow['end_date'], DATE_FORMAT_LONG), array('align' => 'absmiddle', 'Width' => '10', 'Height' => '10'))." <a style=\"text-decoration:none\" href=\"announcements.php?".api_get_cidreq()."#".$myrow['id']."\" ".$class.">" . api_trunc_str($title, $length) . "</a>\n" . $session_img;
echo "</td>\n</tr>\n";
}
echo "\t\t\t</table>\n";
echo "</table>\n";
} // end $display_title_list == true
}
if (empty($_GET['origin']) or $_GET['origin'] !== 'learnpath') {
echo "\t\t</td>\n";
echo "\t\t<td width=\"20\" background=\"../img/verticalruler.gif\">&nbsp;</td>\n";
echo "</td>\n";
echo "<td width=\"20\" background=\"../img/verticalruler.gif\">&nbsp;</td>\n";
// START RIGHT PART
echo "\t\t<td valign=\"top\">\n";
echo "<td valign=\"top\">\n";
}
/*
@ -975,13 +946,13 @@ if ($display_form == true) {
} elseif (isset($_GET['remind_inactive'])) {
$email_ann = '1';
$_SESSION['select_groupusers']="show";
$content_to_modify = sprintf(get_lang('RemindInactiveLearnersMailContent'),api_get_setting('siteName'), 7);
$title_to_modify = sprintf(get_lang('RemindInactiveLearnersMailSubject'),api_get_setting('siteName'));
$content_to_modify = sprintf(get_lang('RemindInactiveLearnersMailContent'), api_get_setting('siteName'), 7);
$title_to_modify = sprintf(get_lang('RemindInactiveLearnersMailSubject'), api_get_setting('siteName'));
} elseif (isset($_GET['remindallinactives']) && $_GET['remindallinactives']=='true') {
// we want to remind inactive users. The $_GET['since'] parameter determines which users have to be warned (i.e the users who have been inactive for x days or more
$since = isset($_GET['since']) ? intval($_GET['since']) : 6;
// getting the users who have to be reminded
$to = Tracking :: get_inactives_students_in_course($_course['id'],$since, $_SESSION['id_session']);
$to = Tracking :: get_inactives_students_in_course($_course['id'],$since, api_get_session_id());
// setting the variables for the form elements: the users who need to receive the message
foreach($to as &$user) {
$user = 'USER:'.$user;
@ -1066,7 +1037,6 @@ if ($display_form == true) {
<span class="form_required">*</span> '.get_lang('EmailTitle').'
</div>
<div class="formw">
<input type="text" id="emailTitle" name="emailTitle" value="'.Security::remove_XSS($title_to_modify).'" size="60">
</div>
</div>';
@ -1145,30 +1115,32 @@ if ($display_form == true) {
} // displayform
/*
DISPLAY ANNOUNCEMENT LIST
*/
if ($display_announcement_list && !$surveyid) {
// by default we use the id of the current user. The course administrator can see the announcement of other users by using the user / group filter
$user_id=$_user['user_id'];
//$user_id=$_user['user_id'];
if (isset($_SESSION['user'])) {
$user_id=$_SESSION['user'];
//$user_id=$_SESSION['user'];
}
$user_id = api_get_user_id();
if (isset($_SESSION['group'])) {
$group_id=$_SESSION['group'];
//$group_id=$_SESSION['group'];
}
$group_id = api_get_group_id();
//$group_memberships=GroupManager::get_group_ids($_course['dbName'], $_user['user_id']);
$group_memberships=GroupManager::get_group_ids($_course['dbName'],$_user['user_id']);
$group_memberships = GroupManager::get_group_ids($_course['dbName'],api_get_user_id());
if (api_is_allowed_to_edit(false,true)) {
// A.1. you are a course admin with a USER filter
// => see only the messages of this specific user + the messages of the group (s)he is member of.
if (isset($_SESSION['user'])) {
if (!empty($_SESSION['user'])) {
if (is_array($group_memberships) && count($group_memberships)>0) {
$sql="SELECT
announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
@ -1191,15 +1163,15 @@ if ($display_announcement_list && !$surveyid) {
ORDER BY display_order DESC";
}
} elseif (isset($_SESSION['group'])) {
} elseif (api_get_group_id() !=0 ) {
// A.2. you are a course admin with a GROUP filter
// => see only the messages of this specific group
$sql="SELECT
announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
FROM $tbl_announcement announcement, $tbl_item_property ip
WHERE announcement.id = ip.ref
AND ip.tool='announcement'
AND ip.visibility<>'2'
AND (ip.to_group_id=$group_id OR ip.to_group_id='0')
$condition_session
GROUP BY ip.ref
@ -1210,7 +1182,6 @@ if ($display_announcement_list && !$surveyid) {
// => see all the messages of all the users and groups without editing possibilities
if (isset($isStudentView) and $isStudentView=="true") {
$sql="SELECT
announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
FROM $tbl_announcement announcement, $tbl_item_property ip
@ -1232,17 +1203,30 @@ if ($display_announcement_list && !$surveyid) {
$condition_session
GROUP BY ip.ref
ORDER BY display_order DESC";
}
}
} else {
//STUDENT
//STUDENT
if (is_array($group_memberships) && count($group_memberships)>0) {
if ((api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) {
$cond_user_id = " AND (ip.lastedit_user_id = '".api_get_user_id()."' OR (ip.to_user_id=$user_id OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).") )) ";
if (api_get_group_id() == 0) {
//No group
$cond_user_id = " AND (ip.lastedit_user_id = '".api_get_user_id()."' OR ( ip.to_user_id='".$_user['user_id']."'" .
"OR ip.to_group_id IN (0, ".implode(", ", $group_memberships)."))) ";
} else {
$cond_user_id = " AND (ip.lastedit_user_id = '".api_get_user_id()."'
OR ip.to_group_id IN (0, ".api_get_group_id()."))";
}
//$cond_user_id = " AND (ip.lastedit_user_id = '".api_get_user_id()."' OR (ip.to_user_id=$user_id OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).") )) ";
} else {
$cond_user_id = " AND (ip.to_user_id=$user_id OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).")) ";
if (api_get_group_id() == 0) {
$cond_user_id = " AND (ip.to_user_id=$user_id OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).")) ";
} else {
$cond_user_id = " AND (ip.to_user_id=$user_id OR ip.to_group_id IN (0, ".api_get_group_id()."))";
}
}
$sql="SELECT
@ -1254,6 +1238,7 @@ if ($display_announcement_list && !$surveyid) {
$condition_session
AND ip.visibility='1'
ORDER BY display_order DESC";
} else {
if ($_user['user_id']) {
@ -1272,7 +1257,7 @@ if ($display_announcement_list && !$surveyid) {
$cond_user_id
$condition_session
AND ip.visibility='1'
AND announcement.session_id IN(0,".intval($_SESSION['id_session']).")
AND announcement.session_id IN(0,".api_get_session_id().")
ORDER BY display_order DESC";
} else {
@ -1290,14 +1275,14 @@ if ($display_announcement_list && !$surveyid) {
$cond_user_id
$condition_session
AND ip.visibility='1'
AND announcement.session_id IN(0,".intval($_SESSION['id_session']).")";
AND announcement.session_id IN(0,".api_get_session_id().")";
}
}
}
$result = Database::query($sql);
$num_rows = Database::num_rows($result);
$result = Database::query($sql);
$num_rows = Database::num_rows($result);
/*
DISPLAY: NO ITEMS
@ -1310,7 +1295,7 @@ if ($display_announcement_list && !$surveyid) {
$iterator = 1;
$bottomAnnouncement = $announcement_number;
echo "\t\t\t<table width=\"100%\" class=\"data_table\">\n";
echo "<table width=\"100%\" class=\"data_table\">\n";
$displayed=array();
@ -1339,46 +1324,47 @@ if ($display_announcement_list && !$surveyid) {
$style = '';
}
echo "\t\t\t\t<tr class=\"".$style."\">";
echo "<tr class=\"".$style."\">";
/* THE ICONS */
echo "\t\t\t\t\t<th>\n";
echo "<th>\n";
// anchoring
echo "<a name=\"".(int)($myrow["id"])."\"></a>\n";
// User or group icon
if ($myrow['to_group_id']!== '0' and $myrow['to_group_id']!== 'NULL') {
echo "\t\t\t\t\t\t".Display::return_icon('group.gif', get_lang('AnnounceSentToUserSelection'))."\n";
echo Display::return_icon('group.gif', get_lang('AnnounceSentToUserSelection'))."\n";
}
// the email icon
if ($myrow['email_sent'] == '1') {
echo "\t\t\t\t\t\t".Display::return_icon('email.gif', get_lang('AnnounceSentByEmail'))."\n";
echo Display::return_icon('email.gif', get_lang('AnnounceSentByEmail'))."\n";
}
echo "\t\t\t\t\t</th>\n";
echo "</th>\n";
/* TITLE */
echo "\t\t\t\t\t<th>".Security::remove_XSS($title)."</th>\n";
echo "\t\t\t\t\t<th>" . get_lang("SentTo") . " : &nbsp; ";
$sent_to=sent_to("announcement", $myrow['id']);
$sent_to_form=sent_to_form($sent_to);
$user_info=api_get_user_info($myrow['insert_user_id']);
echo "<th>".Security::remove_XSS($title)."</th>\n";
echo "<th>" . get_lang("SentTo") . " : &nbsp; ";
$sent_to = sent_to('announcement', $myrow['id']);
$sent_to_form = sent_to_form($sent_to);
$user_info = api_get_user_info($myrow['insert_user_id']);
echo '&nbsp;&nbsp;&nbsp;'.get_lang('By').' : &nbsp;'.str_replace(' ', '&nbsp;', api_get_person_name($user_info['firstName'], $user_info['lastName']));
echo "\t\t\t\t\t</th>\n","\t\t\t\t</tr>\n";
echo "\t\t\t\t<tr class='row_odd'>\n\t\t\t\t\t<td class=\"announcements_datum\" colspan=\"3\">";
echo "</th></tr>";
echo "<tr class='row_odd'>\n<td class=\"announcements_datum\" colspan=\"3\">";
echo get_lang('AnnouncementPublishedOn')," : ", api_convert_and_format_date($last_post_datetime, DATE_FORMAT_LONG, date_default_timezone_get());
echo "</td>\n\t\t\t\t</tr>\n";
echo "</td>\n</tr>\n";
/* CONTENT */
echo "\t\t\t\t<tr class=\"$text_style\">\n\t\t\t\t\t<td colspan=\"3\">\n";
echo $content."\t\t\t\t\t</td>\n\t\t\t\t</tr>\n";
echo "<tr class=\"$text_style\">\n<td colspan=\"3\">\n";
echo $content."</td>\n</tr>";
/* RESOURCES */
echo "<tr class='row_odd'>\n<td colspan=\"3\">\n";
echo "<tr class='row_odd'><td colspan=\"3\">";
if (check_added_resources("Ad_Valvas", $myrow["id"])) {
echo "<i>".get_lang('AddedResources')."</i><br />";
@ -1448,7 +1434,7 @@ if ($display_announcement_list && !$surveyid) {
}
echo "</td>\n</tr>\n";
echo "</td></tr>";
$iterator ++;
} else { // end of is_allowed_to_edit
@ -1481,13 +1467,12 @@ if ($display_announcement_list && !$surveyid) {
} // end: if ($displayAnnoucementList)
echo "</table>";
if (!empty($display_specific_announcement)) display_announcement($announcement_id);
if (!empty($display_specific_announcement)) {
AnnouncementManager::display_announcement($announcement_id);
}
/*
FOOTER
*/
/* FOOTER */
if (empty($_GET['origin']) or $_GET['origin'] !== 'learnpath') {
//we are not in learnpath tool
Display::display_footer();
}
}

31
main/announcements/download.php
Unescape View File

@ -1,48 +1,25 @@
<?php // $Id: announcements.php 2009-11-13 10:57:03Z aportugal $
/*
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2009 Dokeos SPRL
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact address: Dokeos, rue du Corbeau, 108, B-1030 Brussels, Belgium
info@dokeos.com
==============================================================================
*/
<?php
/* For licensing terms, see /license.txt */
/**
==============================================================================
* This file is responsible for passing requested documents to the browser.
* Html files are parsed to fix a few problems with URLs,
* but this code will hopefully be replaced soon by an Apache URL
* rewrite mechanism.
*
* @package dokeos.announcements
==============================================================================
* @package chamilo.announcements
*/
/*
==============================================================================
MAIN CODE
==============================================================================
*/
session_cache_limiter('public');
require_once '../inc/global.inc.php';
$this_section=SECTION_COURSES;
require_once api_get_path(LIBRARY_PATH).'document.lib.php';
require_once 'announcements.inc.php';
// IMPORTANT to avoid caching of documents
header('Expires: Wed, 01 Jan 1990 00:00:00 GMT');
header('Cache-Control: public');

687
main/calendar/agenda.inc.php
View File

File diff suppressed because it is too large Load Diff

130
main/calendar/agenda.php
Unescape View File

@ -52,78 +52,64 @@ if (!empty($_GET['view'])) {
}
/*
-----------------------------------------------------------
Libraries
-----------------------------------------------------------
*/
// containing the functions for the agenda tool
include "agenda.inc.php";
require_once 'agenda.inc.php';
// some debug functions
include($includePath."/lib/debug.lib.inc.php");
require_once $includePath."/lib/debug.lib.inc.php";
/*==============================================================================
/*
TREATING THE PARAMETERS
1. viewing month only or everything
2. sort ascending or descending
3. showing or hiding the send-to-specific-groups-or-users form
4. filter user or group
============================================================================== */
*/
// 1. show all or show current month?
if (!$_SESSION['show'])
{
if (!$_SESSION['show']) {
$_SESSION['show']="showall";
}
if (!empty($_GET['action']) and $_GET['action']=="showcurrent")
{
if (!empty($_GET['action']) and $_GET['action']=="showcurrent") {
$_SESSION['show']="showcurrent";
}
if (!empty($_GET['action']) and $_GET['action']=="showall")
{
if (!empty($_GET['action']) and $_GET['action']=="showall") {
$_SESSION['show']="showall";
}
//echo $_SESSION['show'];
// 2. sorting order (ASC or DESC)
if (empty($_GET['sort']) and empty($_SESSION['sort']))
{
if (empty($_GET['sort']) and empty($_SESSION['sort'])) {
$_SESSION['sort']="DESC";
}
if (!empty($_GET['sort']) and $_GET['sort']=="asc")
{
if (!empty($_GET['sort']) and $_GET['sort']=="asc") {
$_SESSION['sort']="ASC";
}
if (!empty($_GET['sort']) and $_GET['sort']=="desc")
{
if (!empty($_GET['sort']) and $_GET['sort']=="desc") {
$_SESSION['sort']="DESC";
}
// 3. showing or hiding the send-to-specific-groups-or-users form
$setting_allow_individual_calendar=true;
if (empty($_POST['To']) and empty($_SESSION['allow_individual_calendar']))
{
if (empty($_POST['To']) and empty($_SESSION['allow_individual_calendar'])) {
$_SESSION['allow_individual_calendar']="hide";
}
$allow_individual_calendar_status=$_SESSION['allow_individual_calendar'];
if (!empty($_POST['To']) and ($allow_individual_calendar_status=="hide"))
{
if (!empty($_POST['To']) and ($allow_individual_calendar_status=="hide")) {
$_SESSION['allow_individual_calendar']="show";
}
if (!empty($_GET['sort']) and ($allow_individual_calendar_status=="show"))
{
if (!empty($_GET['sort']) and ($allow_individual_calendar_status=="show")) {
$_SESSION['allow_individual_calendar']="hide";
}
// 4. filter user or group
if (!empty($_GET['user']) or !empty($_GET['group']))
{
if (!empty($_GET['user']) or !empty($_GET['group'])) {
$_SESSION['user']=(int)$_GET['user'];
$_SESSION['group']=(int)$_GET['group'];
}
if ((!empty($_GET['user']) and $_GET['user']=="none") or (!empty($_GET['group']) and $_GET['group']=="none"))
{
if ((!empty($_GET['user']) and $_GET['user']=="none") or (!empty($_GET['group']) and $_GET['group']=="none")) {
api_session_unregister("user");
api_session_unregister("group");
}
}
if (!$is_courseAdmin){
if (!empty($_GET['toolgroup'])){
//$_SESSION['toolgroup']=$_GET['toolgroup'];
@ -132,8 +118,7 @@ if (!$is_courseAdmin){
}
}
//It comes from the group tools. If it's define it overwrites $_SESSION['group']
if (!empty($_GET['isStudentView']) and $_GET['isStudentView']=="false")
{
if (!empty($_GET['isStudentView']) and $_GET['isStudentView']=="false") {
api_session_unregister("user");
api_session_unregister("group");
}
@ -212,16 +197,13 @@ echo '<a name="top"></a>';
//setting the default year and month
$select_year = '';
$select_month = '';
if(!empty($_GET['year']))
{
if(!empty($_GET['year'])) {
$select_year = (int)$_GET['year'];
}
if(!empty($_GET['month']))
{
if(!empty($_GET['month'])) {
$select_month = (int)$_GET['month'];
}
if (empty($select_year) && empty($select_month))
{
if (empty($select_year) && empty($select_month)) {
$today = getdate();
$select_year = $today['year'];
$select_month = $today['mon'];
@ -314,8 +296,8 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
}
}
echo '<table width="100%" border="0" cellspacing="0" cellpadding="0">'
. '<tr>';
echo '<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>';
// THE LEFT PART
if (empty($_GET['origin']) or $_GET['origin']!='learnpath') {
@ -323,8 +305,7 @@ if (empty($_GET['origin']) or $_GET['origin']!='learnpath') {
// the small calendar
$MonthName = $MonthsLong[$select_month -1];
$agenda_items=get_calendar_items($select_month,$select_year);
if (api_get_setting('display_mini_month_calendar') == 'true')
{
if (api_get_setting('display_mini_month_calendar') == 'true') {
display_minimonthcalendar($agenda_items, $select_month,$select_year, $MonthName);
}
echo '<br />';
@ -350,58 +331,57 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
display_ical_import_form();
break;
}
display_agenda_items();
}
else {
display_agenda_items($select_month, $select_year);
} else {
display_ical_import_form();
}
break;
case 'add' :
if ($_POST['submit_event']) {
display_agenda_items();
} else {
show_add_form();
}
break;
if ($_POST['submit_event']) {
display_agenda_items($select_month, $select_year);
} else {
show_add_form();
}
break;
case 'edit' :
if ( !(api_is_course_coach() && !api_is_element_in_the_session(TOOL_AGENDA, intval($_REQUEST['id'])))) {
if ($_POST['submit_event']) {
display_agenda_items();
} else {
$id=(int)$_GET['id'];
show_add_form($id);
}
if ( !(api_is_course_coach() && !api_is_element_in_the_session(TOOL_AGENDA, intval($_REQUEST['id'])))) {
if ($_POST['submit_event']) {
display_agenda_items($select_month, $select_year);
} else {
display_agenda_items();
$id=(int)$_GET['id'];
show_add_form($id);
}
break;
} else {
display_agenda_items($select_month, $select_year);
}
break;
case 'delete':
display_agenda_items();
break;
display_agenda_items($select_month, $select_year);
break;
case 'showhide':
if(!empty($_GET['agenda_id'])) {
display_one_agenda_item((int)$_GET['agenda_id']);
} else {
display_agenda_items();
}
break;
if(!empty($_GET['agenda_id'])) {
display_one_agenda_item((int)$_GET['agenda_id']);
} else {
display_agenda_items($select_month, $select_year);
}
break;
case 'announce':
display_agenda_items();
display_agenda_items($select_month, $select_year);
break;
case 'delete_attach':
display_agenda_items();
display_agenda_items($select_month, $select_year);
break;
}
}
// this is for students and whenever the courseaministrator has not chosen any action. It is in fact the default behaviour
if (!$_GET['action'] || $_GET['action']=="showall" || $_GET['action']=="showcurrent" || $_GET['action']=="view") {
if (!$_GET['action'] || $_GET['action']=='showall' || $_GET['action']=='showcurrent' || $_GET['action']=="view") {
if ($_GET['origin'] != 'learnpath') {
if (!$_SESSION['view'] || $_SESSION['view'] <> 'month') {
if(!empty($_GET['agenda_id'])) {
display_one_agenda_item((int)$_GET['agenda_id']);
display_one_agenda_item($_GET['agenda_id']);
} else {
display_agenda_items();
display_agenda_items($select_month, $select_year);
}
} else {
display_monthcalendar($select_month, $select_year);
@ -413,13 +393,11 @@ if (!$_GET['action'] || $_GET['action']=="showall" || $_GET['action']=="showcur
echo '&nbsp;</td></tr></table>';
/*
==============================================================================
FOOTER
==============================================================================
*/
// The footer is displayed only if we are not in the learnpath
if ($_GET['origin'] != 'learnpath')
{
Display::display_footer();
}
?>
?>

2
main/calendar/calendar.php
Unescape View File

@ -1,4 +1,4 @@
<?php //$Id: calendar.php 21101 2009-05-30 14:56:54Z iflorespaz $
<?php
/* For licensing terms, see /license.txt */
$language_file = 'agenda';

144
main/calendar/myagenda.inc.php
Unescape View File

@ -123,7 +123,6 @@ function get_myagendaitems($courses_dbs, $month, $year) {
$items[$agendaday][$item['start_date']] .= '<br />'."<a href=\"$URL\" title=\"".Security::remove_XSS($array_course_info['title'])."\">".$agenda_link."</a> ".Security::remove_XSS($item['title'])."<br /> ";
$items[$agendaday][$item['start_date']] .= '<br/>';
}
}
// sorting by hour for every day
$agendaitems = array ();
@ -136,6 +135,8 @@ function get_myagendaitems($courses_dbs, $month, $year) {
$agendaitems[$agendaday] .= $val;
}
}
//print_r($agendaitems);
return $agendaitems;
}
@ -162,19 +163,21 @@ function display_mymonthcalendar($agendaitems, $month, $year, $weekdaynames=arra
$backwardsURL = api_get_self()."?coursePath=".urlencode($course_path)."&amp;courseCode=".Security::remove_XSS($g_cc)."&amp;action=view&amp;view=month&amp;month=". ($month == 1 ? 12 : $month -1)."&amp;year=". ($month == 1 ? $year -1 : $year);
$forewardsURL = api_get_self()."?coursePath=".urlencode($course_path)."&amp;courseCode=".Security::remove_XSS($g_cc)."&amp;action=view&amp;view=month&amp;month=". ($month == 12 ? 1 : $month +1)."&amp;year=". ($month == 12 ? $year +1 : $year);
echo "<table class=\"data_table\">\n", "<tr>\n", "<th width=\"10%\"><a href=\"", $backwardsURL, "\">".Display::return_icon('action_prev.png',get_lang('Previous'))."</a></th>";
echo "<th width=\"80%\" colspan=\"5\">", $monthName, " ", $year, "</th>\n", "<th width=\"10%\"><a href=\"", $forewardsURL, "\">".Display::return_icon('action_next.png',get_lang('Next'))."</a></th>", "</tr>";
echo '<table id="agenda_list">'.'<tr>';
echo '<th width="10%"><a href="'.$backwardsURL.'">'.Display::return_icon('action_prev.png',get_lang('Previous')).'</a></th>';
echo '<th width="80%" colspan="5">'.$monthName." ".$year.'</th>';
echo '<th width="10%"><a href="'.$forewardsURL.'">'.Display::return_icon('action_next.png',get_lang('Next')).'</a></th>';
echo '</tr>';
echo "<tr>\n";
for ($ii = 1; $ii < 8; $ii ++)
{
echo "<td class=\"weekdays\">", $DaysShort[$ii % 7], "</td>\n";
echo '<tr>';
for ($ii = 1; $ii < 8; $ii ++) {
echo '<td class="weekdays">'.$DaysShort[$ii % 7].'</td>';
}
echo "</tr>\n";
echo '</tr>';
$curday = -1;
$today = getdate();
while ($curday <= $numberofdays[$month]) {
echo "<tr>\n";
echo "<tr>";
for ($ii = 0; $ii < 7; $ii ++) {
if (($curday == -1) && ($ii == $startdayofweek)) {
$curday = 1;
@ -183,22 +186,22 @@ function display_mymonthcalendar($agendaitems, $month, $year, $weekdaynames=arra
$bgcolor = $ii < 5 ? $class = "class=\"days_week\" style=\"width:10%;\"" : $class = "class=\"days_weekend\" style=\"width:10%;\"";
$dayheader = "<b>$curday</b><br />";
if (($curday == $today['mday']) && ($year == $today['year']) && ($month == $today['mon'])) {
$dayheader = "<b>$curday - ".get_lang("Today")."</b><br />";
$dayheader = "<b>$curday - ".get_lang('Today')."</b><br />";
$class = "class=\"days_today\" style=\"width:10%;\"";
}
echo "<td ".$class.">", "".$dayheader;
if (!empty($agendaitems[$curday])) {
echo "<span class=\"agendaitem\">".$agendaitems[$curday]."</span>";
}
echo "</td>\n";
echo "</td>";
$curday ++;
} else {
echo "<td>&nbsp;</td>\n";
echo "<td>&nbsp;</td>";
}
}
echo "</tr>\n";
echo "</tr>";
}
echo "</table>\n";
echo "</table>";
}
/**
* Show the mini calender of the given month
@ -217,20 +220,20 @@ function display_myminimonthcalendar($agendaitems, $month, $year, $monthName) {
$backwardsURL = api_get_self()."?coursePath=".urlencode($course_path)."&amp;courseCode=".Security::remove_XSS($g_cc)."&amp;month=". ($month == 1 ? 12 : $month -1)."&amp;year=". ($month == 1 ? $year -1 : $year);
$forewardsURL = api_get_self()."?coursePath=".urlencode($course_path)."&amp;courseCode=".Security::remove_XSS($g_cc)."&amp;month=". ($month == 12 ? 1 : $month +1)."&amp;year=". ($month == 12 ? $year +1 : $year);
echo "<table class=\"data_table\">\n", "<tr>\n", "<th width=\"10%\"><a href=\"", $backwardsURL, "\">".Display::return_icon('action_prev.png',get_lang('Previous'))."</a></th>";
echo "<th width=\"80%\" colspan=\"5\">", $monthName, " ", $year, "</th>\n", "<th width=\"10%\"><a href=\"", $forewardsURL, "\">".Display::return_icon('action_next.png',get_lang('Next'))."</a></th>", "</tr>";
echo "<table class=\"data_table\">", "<tr>", "<th width=\"10%\"><a href=\"", $backwardsURL, "\">".Display::return_icon('action_prev.png',get_lang('Previous'))."</a></th>";
echo "<th width=\"80%\" colspan=\"5\">", $monthName, " ", $year, "</th>", "<th width=\"10%\"><a href=\"", $forewardsURL, "\">".Display::return_icon('action_next.png',get_lang('Next'))."</a></th>", "</tr>";
echo "<tr>\n";
echo "<tr>";
for ($ii = 1; $ii < 8; $ii ++)
{
echo "<td class=\"weekdays\">", $DaysShort[$ii % 7], "</td>\n";
echo "<td class=\"weekdays\">", $DaysShort[$ii % 7], "</td>";
}
echo "</tr>\n";
echo "</tr>";
$curday = -1;
$today = getdate();
while ($curday <= $numberofdays[$month])
{
echo "<tr>\n";
echo "<tr>";
for ($ii = 0; $ii < 7; $ii ++) {
if (($curday == -1) && ($ii == $startdayofweek))
{
@ -245,7 +248,7 @@ function display_myminimonthcalendar($agendaitems, $month, $year, $monthName) {
$dayheader = "$curday";
$class = "class=\"days_today\"";
}
echo "\t<td ".$class.">";
echo "<td ".$class.">";
if (!empty($agendaitems[$curday]))
{
echo "<a href=\"".api_get_self()."?action=view&amp;view=day&amp;day=".$curday."&amp;month=".$month."&amp;year=".$year."\">".$dayheader."</a>";
@ -254,18 +257,18 @@ function display_myminimonthcalendar($agendaitems, $month, $year, $monthName) {
{
echo $dayheader;
}
// "a".$dayheader." <span class=\"agendaitem\">".$agendaitems[$curday]."</span>\n";
echo "</td>\n";
// "a".$dayheader." <span class=\"agendaitem\">".$agendaitems[$curday]."</span>";
echo "</td>";
$curday ++;
}
else
{
echo "<td>&nbsp;</td>\n";
echo "<td>&nbsp;</td>";
}
}
echo "</tr>\n";
echo "</tr>";
}
echo "</table>\n";
echo "</table>";
}
/**
@ -612,12 +615,11 @@ function get_personal_agenda_items($agendaitems, $day = "", $month = "", $year =
$root_url = $url['url'];
}
}
$result = Database::query($sql);
while ($item = Database::fetch_array($result))
{
while ($item = Database::fetch_array($result)) {
// we break the date field in the database into a date and a time part
$agenda_db_date = explode(" ", $item[date]);
$agenda_db_date = explode(" ", $item['date']);
$date = $agenda_db_date[0];
$time = $agenda_db_date[1];
// we divide the date part into a day, a month and a year
@ -631,31 +633,29 @@ function get_personal_agenda_items($agendaitems, $day = "", $month = "", $year =
$minute = $agendatime[1];
$second = $agendatime[2];
// if the student has specified a course we a add a link to that course
if ($item['course'] <> "")
{
if ($item['course'] <> "") {
$url = $root_url."main/calendar/agenda.php?cidReq=".urlencode($item['course'])."&amp;day=$day&amp;month=$month&amp;year=$year#$day"; // RH //Patrick Cool: to highlight the relevant agenda item
$course_link = "<a href=\"$url\" title=\"".$item['course']."\">".$item['course']."</a>";
}
else
{
} else {
$course_link = "";
}
// Creating the array that will be returned. If we have week or month view we have an array with the date as the key
// if we have a day_view we use a half hour as index => key 33 = 16h30
if ($type !== "day_view") // This is the array construction for the WEEK or MONTH view
{
if ($type !== "day_view") {
// This is the array construction for the WEEK or MONTH view
//Display events in agenda
$agendaitems[$day] .= "<div><i>$hour:$minute</i> $course_link <a href=\"myagenda.php?action=view&amp;view=personal&amp;day=$day&amp;month=$month&amp;year=$year&amp;id=".$item['id']."#".$item['id']."\" class=\"personal_agenda\">".$item['title']."</a></div><br />";
}
else // this is the array construction for the DAY view
{
} else {
// this is the array construction for the DAY view
$halfhour = 2 * $agendatime['0'];
if ($agendatime['1'] >= '30')
{
if ($agendatime['1'] >= '30') {
$halfhour = $halfhour +1;
}
//Display events by list
$agendaitems[$halfhour] .= "<div><i>$hour:$minute</i> $course_link <a href=\"myagenda.php?action=view&amp;view=personal&amp;day=$day&amp;month=$month&amp;year=$year&amp;id=".$item['id']."#".$item['id']."\" class=\"personal_agenda\">".$item['title']."</a></div>";
}
}
//print_r($agendaitems);
@ -688,19 +688,17 @@ function get_personal_agenda_item($id) {
* these items in one list (ordered by date and grouped by month (the month_bar)
*/
function show_personal_agenda() {
global $MonthsLong, $charset;
global $_user;
global $MonthsLong, $charset;
$tbl_personal_agenda = Database :: get_user_personal_table(TABLE_PERSONAL_AGENDA);
// The SQL statement that retrieves all the personal agenda items of this user
$sql = "SELECT * FROM ".$tbl_personal_agenda." WHERE user='".$_user['user_id']."' ORDER BY date DESC";
$sql = "SELECT * FROM ".$tbl_personal_agenda." WHERE user='".api_get_user_id()."' ORDER BY date DESC";
$result = Database::query($sql);
// variable initialisation
$month_bar = "";
// setting the default day, month and year
if (!$_GET['day'] AND !$_GET['month'] AND !$_GET['year'])
{
if (!$_GET['day'] AND !$_GET['month'] AND !$_GET['year']) {
$today = getdate();
$year = $today['year'];
$month = $today['mon'];
@ -711,36 +709,37 @@ function show_personal_agenda() {
$export_icon_high = 'export_high_fade.png';
// starting the table output
echo "<table class=\"data_table\">\n";
echo '<table class="data_table">';
if (Database::num_rows($result) > 0)
{
while ($myrow = Database::fetch_array($result))
{
/*--------------------------------------------------
display: the month bar
--------------------------------------------------*/
if ($month_bar != date("m", strtotime($myrow["date"])).date("Y", strtotime($myrow["date"])))
{
if (Database::num_rows($result) > 0) {
while ($myrow = Database::fetch_array($result)) {
/* display: the month bar */
if ($month_bar != date("m", strtotime($myrow["date"])).date("Y", strtotime($myrow["date"]))) {
$month_bar = date("m", strtotime($myrow["date"])).date("Y", strtotime($myrow["date"]));
echo "<tr><th class=\"title\" colspan=\"2\" class=\"month\" valign=\"top\">".$MonthsLong[date("n", strtotime($myrow["date"])) - 1]." ".date("Y", strtotime($myrow["date"]))."</th></tr>\n";
echo "<tr><th class=\"title\" colspan=\"2\" class=\"month\" valign=\"top\">".$MonthsLong[date("n", strtotime($myrow["date"])) - 1]." ".date("Y", strtotime($myrow["date"]))."</th></tr>";
}
// highlight: if a date in the small calendar is clicked we highlight the relevant items
$db_date = (int) date("d", strtotime($myrow["date"])).date("n", strtotime($myrow["date"])).date("Y", strtotime($myrow["date"]));
if ($_GET["day"].$_GET["month"].$_GET["year"] <> $db_date)
{
if ($_GET["day"].$_GET["month"].$_GET["year"] <> $db_date) {
$style = "data";
$text_style = "text";
}
else
{
} else {
$style = "datanow";
$text_style = "text";
}
/* display: the title */
echo "<tr>";
echo '<td class="'.$style.'" colspan="2">';
echo $myrow['title'];
echo "</td>";
echo "</tr>";
/*--------------------------------------------------
display: date and time
--------------------------------------------------*/
echo "\t<tr>\n\t\t";
echo "<tr>";
echo '<td class="'.$style.'">';
// adding an internal anchor
echo "<a name=\"".$myrow["id"]."\"></a>";
@ -752,29 +751,22 @@ function show_personal_agenda() {
//echo '<a class="ical_export" href="ical_export.php?type=personal&id='.$myrow['id'].'&class=confidential" title="'.get_lang('ExportiCalConfidential').'">'.Display::return_icon($export_icon_high, get_lang('ExportiCalConfidential')).'</a>';
//echo '<a class="ical_export" href="ical_export.php?type=personal&id='.$myrow['id'].'&class=private" title="'.get_lang('ExportiCalPrivate').'">'.Display::return_icon($export_icon_low, get_lang('ExportiCalPrivate')).'</a>';
//echo '<a class="ical_export" href="ical_export.php?type=personal&id='.$myrow['id'].'&class=public" title="'.get_lang('ExportiCalPublic').'">'.Display::return_icon($export_icon, get_lang('ExportiCalPublic')).'</a>';
//echo "\n\t\t</td>\n\t";
//echo "</td>";
echo "</tr>";
/*--------------------------------------------------
display: the title
--------------------------------------------------*/
echo "<tr>";
echo '<td class="'.$style.'" colspan="2">';
echo $myrow['title'];
echo "\n\t\t</td>\n\t";
echo "</tr>\n";
/*--------------------------------------------------
display: the content
--------------------------------------------------*/
$content = $myrow['text'];
$content = make_clickable($content);
$content = text_filter($content);
echo "\t<tr>\n\t\t<td class=\"".$text_style."\" colspan='2'>";
echo "<tr><td class=\"".$text_style."\" colspan='2'>";
echo $content;
echo "</td></tr>";
/*--------------------------------------------------
display: the edit / delete icons
--------------------------------------------------*/
echo "\t<tr>\n\t\t<td class=\"".$text_style."\" colspan='2'>";
echo "<tr><td class=\"".$text_style."\" colspan='2'>";
echo "<a href=\"myagenda.php?action=edit_personal_agenda_item&amp;id=".$myrow['id']."\">".Display::return_icon('edit.gif', get_lang('Edit'))."</a>";
echo "<a href=\"".api_get_self()."?action=delete&amp;id=".$myrow['id']."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang('ConfirmYourChoice'),ENT_QUOTES,$charset))."')) return false;\">".Display::return_icon('delete.gif', get_lang('Delete'))."</a>";
echo "</td></tr>";
@ -784,7 +776,7 @@ function show_personal_agenda() {
{
echo '<tr><td colspan="2">'.get_lang('NoAgendaItems').'</td></tr>';
}
echo "</table>\n";
echo "</table>";
}
/**

109
main/calendar/myagenda.php
Unescape View File

@ -1,46 +1,5 @@
<?php
/* For licensing terms, see /license.txt */
/**
@author: Patrick Cool <patrick.cool@UGent.be>, Ghent University
@author: Toon Van Hoecke <toon.vanhoecke@ugent.be>, Ghent University
@author: Eric Remy (initial version)
@version: 2.2 alpha
@description: this file generates a general agenda of all items of the
courses the user is registered for
version info:
-------------
-> version 2.3 : Yannick Warnier, yannick.warnier@dokeos.com 2008
Added repeated events
-> version 2.2 : Patrick Cool, patrick.cool@ugent.be, november 2004
Personal Agenda added. The user can add personal agenda items. The items
are stored in a chamilo_user database because it is not course or platform
based. A personal agenda view was also added. This lists all the personal
agenda items of that user.
-> version 2.1 : Patrick Cool, patrick.cool@ugent.be, , oktober 2004
This is the version that works with the Group based Agenda tool.
-> version 2.0 (alpha): Patrick Cool, patrick.cool@ugent.be, , oktober 2004
The 2.0 version introduces besides the month view also a week- and day view.
In the 2.5 (final) version it will be possible for the student to add his/her
own agenda items. The platform administrator can however decide if the students
are allowed to do this or not.
The alpha version only contains the three views. The personal agenda feature is
not yet completely finished. There are however already some parts of the code
for adding a personal agenda item present.
this code was not released in an official dokeos but was only used in the offical
server of the Ghent University where it underwent serious testing
-> version 1.5: Toon Van Hoecke, toon.vanhoecke@ugent.be, december 2003
-> version 1.0: Eric Remy, eremy@rmwc.edu, 6 Oct 2003
The tool was initially called master-calendar as it collects all the calendar
items of all the courses one is subscribed to. It was very soon integrated in
Dokeos as this was a really basic and very usefull tool.
**/
// HEADER
// name of the language file that needs to be included
$language_file = 'agenda';
@ -76,11 +35,11 @@ Display::display_header(get_lang('MyAgenda'));
// SETTING SOME VARIABLES
// setting the database variables
$TABLECOURS = Database :: get_main_table(TABLE_MAIN_COURSE);
$TABLECOURSUSER = Database :: get_main_table(TABLE_MAIN_COURSE_USER);
$TABLEAGENDA = Database :: get_course_table(TABLE_AGENDA);
$TABLECOURS = Database :: get_main_table(TABLE_MAIN_COURSE);
$TABLECOURSUSER = Database :: get_main_table(TABLE_MAIN_COURSE_USER);
$TABLEAGENDA = Database :: get_course_table(TABLE_AGENDA);
$TABLE_ITEMPROPERTY = Database :: get_course_table(TABLE_ITEM_PROPERTY);
$tbl_personal_agenda = Database :: get_user_personal_table(TABLE_PERSONAL_AGENDA);
$tbl_personal_agenda= Database :: get_user_personal_table(TABLE_PERSONAL_AGENDA);
// the variables for the days and the months
// Defining the shorts for the days
@ -91,17 +50,17 @@ $DaysLong = api_get_week_days_long();
$MonthsLong = api_get_months_long();
/*
TREATING THE URL PARAMETERS
1. The default values
2. storing it in the session
3. possible view
3.a Month view
3.b Week view
3.c day view
3.d personal view (only the personal agenda items)
4. add personal agenda
5. edit personal agenda
6. delete personal agenda
TREATING THE URL PARAMETERS
1. The default values
2. storing it in the session
3. possible view
3.a Month view
3.b Week view
3.c day view
3.d personal view (only the personal agenda items)
4. add personal agenda
5. edit personal agenda
6. delete personal agenda
*/
// 1. The default values. if there is no session yet, we have by default the month view
@ -118,51 +77,47 @@ if ($_SESSION['view']) {
switch ($_SESSION['view']) {
// 3.a Month view
case "month" :
$process = "month_view";
$process = 'month_view';
break;
// 3.a Week view
case "week" :
$process = "week_view";
$process = 'week_view';
break;
// 3.a Day view
case "day" :
$process = "day_view";
$process = 'day_view';
break;
// 3.a Personal view
case "personal" :
$process = "personal_view";
$process = 'personal_view';
break;
}
}
// 4. add personal agenda
if (!empty($_GET['action']) && $_GET['action'] == "add_personal_agenda_item" and !$_POST['Submit'])
{
if (!empty($_GET['action']) && $_GET['action'] == 'add_personal_agenda_item' and !$_POST['Submit']) {
$process = "add_personal_agenda_item";
}
if (!empty($_GET['action']) && $_GET['action'] == "add_personal_agenda_item" and $_POST['Submit'])
{
if (!empty($_GET['action']) && $_GET['action'] == "add_personal_agenda_item" and $_POST['Submit']) {
$process = "store_personal_agenda_item";
}
// 5. edit personal agenda
if (!empty($_GET['action']) && $_GET['action'] == "edit_personal_agenda_item" and !$_POST['Submit'])
{
if (!empty($_GET['action']) && $_GET['action'] == 'edit_personal_agenda_item' and !$_POST['Submit']) {
$process = "edit_personal_agenda_item";
}
if (!empty($_GET['action']) && $_GET['action'] == "edit_personal_agenda_item" and $_POST['Submit'])
{
if (!empty($_GET['action']) && $_GET['action'] == 'edit_personal_agenda_item' and $_POST['Submit']) {
$process = "store_personal_agenda_item";
}
// 6. delete personal agenda
if (!empty($_GET['action']) && $_GET['action'] == "delete" AND $_GET['id'])
{
if (!empty($_GET['action']) && $_GET['action'] == "delete" AND $_GET['id']) {
$process = "delete_personal_agenda_item";
}
// OUTPUT
if (isset ($_user['user_id'])) {
// getting all the courses that this user is subscribed to
$courses_dbs = get_all_courses_of_user();
if (!is_array($courses_dbs)) // this is for the special case if the user has no courses (otherwise you get an error)
{
if (!is_array($courses_dbs)) {
// this is for the special case if the user has no courses (otherwise you get an error)
$courses_dbs = array ();
}
// setting and/or getting the year, month, day, week
@ -173,13 +128,11 @@ if (isset ($_user['user_id'])) {
$year = $today['year'];
}
$month = (!empty($_GET['month'])? (int)$_GET['month']:NULL);
if ($month == NULL)
{
if ($month == NULL) {
$month = $today['mon'];
}
$day = (!empty($_GET['day']) ? (int)$_GET['day']:NULL);
if ($day == NULL)
{
if ($day == NULL) {
$day = $today['mday'];
}
$week = (!empty($_GET['week']) ?(int)$_GET['week']:NULL);
@ -207,8 +160,7 @@ if (isset ($_user['user_id'])) {
echo "<td width=\"220\" valign=\"top\">";
$agendaitems = get_myagendaitems($courses_dbs, $month, $year);
$agendaitems = get_global_agenda_items($agendaitems, $day, $month, $year, $week, "month_view");
if (api_get_setting('allow_personal_agenda') == 'true')
{
if (api_get_setting('allow_personal_agenda') == 'true') {
$agendaitems = get_personal_agenda_items($agendaitems, $day, $month, $year, $week, "month_view");
}
display_myminimonthcalendar($agendaitems, $month, $year, $monthName);
@ -224,6 +176,7 @@ if (isset ($_user['user_id'])) {
case 'month_view' :
$agendaitems = get_myagendaitems($courses_dbs, $month, $year);
$agendaitems = get_global_agenda_items($agendaitems, $day, $month, $year, $week, "month_view");
if (api_get_setting("allow_personal_agenda") == "true")
{
$agendaitems = get_personal_agenda_items($agendaitems, $day, $month, $year, $week, "month_view");

14
main/chat/chat.php
Unescape View File

@ -56,8 +56,15 @@ if (!empty($mycourseid) && $mycourseid != -1) {
}
if (api_get_setting('show_navigation_menu') != 'false') {
$footer_size = 20;
} else {
switch($my_style) {
} else {
$top_size = 135;
switch($my_style) {
case 'chamilo_red' :
case 'chamilo_green' :
case 'chamilo' :
$top_size = 185;
$footer_size = 48;
break;
case 'dokeos_classic' :
case 'chamilo_classic' :
$footer_size = 48;
@ -79,6 +86,7 @@ if (api_get_setting('show_navigation_menu') != 'false') {
break;
}
}
$cidreq = Security::remove_XSS($_GET['cidReq']);
?>
@ -92,7 +100,7 @@ $cidreq = Security::remove_XSS($_GET['cidReq']);
echo'<title>'.get_lang('Chat').' - '.$mycourseid.' - '.api_get_setting('siteName').'</title>';
if (empty($open_chat_window)) {
echo'<frameset rows="135,*,'.$footer_size.'" border="0" frameborder="0" framespacing="1">';
echo'<frameset rows="'.$top_size.',*,'.$footer_size.'" border="0" frameborder="0" framespacing="1">';
echo '<frame src="chat_banner.php?cidReq='.$cidreq.'" name="chat_banner" scrolling="no">';
}

1
main/chat/chat_whoisonline.php
Unescape View File

@ -90,6 +90,7 @@ if (!empty($course)) {
$user_id = $enreg['user_id'];
require 'header_frame.inc.php';
?>
<table border="0" cellpadding="0" cellspacing="0" width="100%" class="data_table">
<tr><th colspan="2"><?php echo get_lang('Connected'); ?></th></tr>

9
main/conference/api.php
Unescape View File

@ -1,14 +1,13 @@
<?php
/* See license terms in /dokeos_license.txt */
/* See license terms in /license.txt */
/* FIX for IE cache when using https */
session_cache_limiter("none");
/**
==============================================================================
* This is an interface between Dokeos and Videoconference application
* This is an interface between Chamilo and Videoconference application
*
==============================================================================
*/
/*==== DEBUG ====*/
$debug=0;
@ -42,7 +41,7 @@ if ($_SERVER['HTTP_USER_AGENT'] == 'Shockwave Flash') {
} */
/*==== INCLUDE ====*/
require_once ('../inc/global.inc.php');
require_once '../inc/global.inc.php';
api_block_anonymous_users();
require_once (api_get_path(LIBRARY_PATH)."course.lib.php");
require_once (api_get_path(LIBRARY_PATH)."document.lib.php");

4
main/conference/audiopost.php
Unescape View File

@ -1,8 +1,10 @@
<?php
/* See license terms in /license.txt */
//file_put_contents("result.txt", print_r($_POST, true));
//file_put_contents("result3.txt", print_r($_FILES, true));
//file_put_contents("result2.txt", print_r($_GET, true));
require('../inc/global.inc.php');
require_once '../inc/global.inc.php';
// check the request comes from our red5 server
$ips = gethostbynamel(api_get_setting('service_visio','visio_host'));

2
main/conference/checksession.php
Unescape View File

@ -1,5 +1,5 @@
<?php
/* See license terms in /dokeos_license.txt */
/* See license terms in /license.txt */
/* FIX for IE cache when using https */
session_cache_limiter("none");

2
main/conference/get_translation.lib.php
Unescape View File

@ -1,5 +1,5 @@
<?php
/* See license terms in /chamilo_license.txt */
/* See license terms in /license.txt */
/**
* Library for language translation from Chamilo language files to XML for videoconference
* @uses main_api.lib.php for api_get_path()

9
main/conference/index.php
Unescape View File

@ -1,11 +1,14 @@
<?php
/* See license terms in /dokeos_license.txt */
/* See license terms in /license.txt */
/**
* Generates the HTML page containing the iframe that loads the videoconference's Flash plugin
*/
include("../inc/global.inc.php");
require_once '../inc/global.inc.php';
api_protect_course_script();
$_SESSION["roomType"] = $_GET['type'];
//Not sure what values can be set here I just found that $_SESSION["roomType"] could be the string "conference"
if ($_GET['type'] == 'conference') {
$_SESSION["roomType"] = $_GET['type'];
}
?>
<span align="center">
<iframe frameborder="0" scrolling="no" width="100%" height="100%" src="videoconference.php"></iframe>

2
main/conference/testpost.php
Unescape View File

@ -1,4 +1,6 @@
<?php
/* See license terms in /license.txt */
//file_put_contents("result.txt", print_r($_POST, true));
//file_put_contents("result3.txt", print_r($_FILES, true));
//file_put_contents("result2.txt", print_r($_GET, true));

2
main/conference/videoconference.php
Unescape View File

@ -1,4 +1,4 @@
<?php require('../inc/global.inc.php'); ?>
<?php require_once '../inc/global.inc.php';?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>

35
main/css/academica/default.css
Unescape View File

@ -643,6 +643,41 @@ form span.form_error {
padding: 2px 10px;
text-align: center;
}
/* The cells for the days (1->31) */
#agenda_list .days_week {
height: 40px;
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
#agenda_list .days_weekend {
height: 40px;
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
#agenda_list .days_today {
height: 40px;
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {
background-color: #eee;

35
main/css/baby_orange/default.css
Unescape View File

@ -613,6 +613,41 @@ form span.form_error {
text-align: center;
border:1px solid #EE4C03;
}
/* The cells for the days (1->31) */
#agenda_list .days_week {
height: 40px;
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
#agenda_list .days_weekend {
height: 40px;
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
#agenda_list .days_today {
height: 40px;
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/*The caption of the calendar (displays the month and the << and >> links*/
#agenda_list .title {
background-color: #680157;

17
main/css/blue_lagoon/default.css
Unescape View File

@ -701,7 +701,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
@ -710,7 +710,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
@ -719,12 +719,17 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFCA8D;
color: #CC3300;
font-weight: bold;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {
background-color: #eee;

19
main/css/chamilo/default.css
Unescape View File

@ -1014,7 +1014,7 @@ input.liteoption {
text-align: center;
}
/* The cells with the name of the days of the weeks (mon->sun)*/
#agenda_list .weekdays {
#agenda_list .weekdays, .data_table .weekdays {
background-color: #dcdcdc;
text-align: center;
font-weight: bold;
@ -1027,7 +1027,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
@ -1036,7 +1036,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
@ -1045,12 +1045,17 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFCA8D;
color: #CC3300;
font-weight: bold;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {
background-color: #eee;

17
main/css/chamilo_green/default.css
Unescape View File

@ -1031,7 +1031,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
@ -1040,7 +1040,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
@ -1049,12 +1049,17 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFCA8D;
color: #CC3300;
font-weight: bold;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {
background-color: #eee;

17
main/css/chamilo_red/default.css
Unescape View File

@ -1025,7 +1025,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
@ -1034,7 +1034,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
@ -1043,12 +1043,17 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFCA8D;
color: #CC3300;
font-weight: bold;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {
background-color: #eee;

16
main/css/cool_blue/default.css
Unescape View File

@ -680,7 +680,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
@ -689,7 +689,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
@ -698,11 +698,15 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFCA8D;
color: #CC3300;
font-weight: bold;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {

36
main/css/corporate/default.css
Unescape View File

@ -607,34 +607,40 @@ form span.form_error {
border: 1px solid #CCCCCC;
border-collapse: collapse;
}
/* The cells for the days (1->31) */
.days_week {
#agenda_list .days_week {
height: 40px;
width: 12%;
border: 1px solid #CCCCCC;
text-align: left;
vertical-align: top;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f9f9f9;
background-color: #f5f5f5;
}
.days_weekend {
#agenda_list .days_weekend {
height: 40px;
width: 12%;
border: 1px solid #CCCCCC;
text-align: left;
vertical-align: top;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #eaeaea;
background-color: #e6e6e6;
}
.days_today {
#agenda_list .days_today {
height: 40px;
width: 12%;
border: 1px solid #CCCCCC;
text-align: left;
vertical-align: top;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFCA8D;
color: #CC3300;
font-weight: bold;
background-color: #FFFFC0;
}
.agenda_month_divider {
background-color: #666;
color: #fff;
text-align: center;
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/*The caption of the calendar (displays the month and the << and >> links*/
#agenda_list .title {

33
main/css/cosmic_campus/default.css
Unescape View File

@ -692,6 +692,39 @@ form span.form_error {
padding: 2px 10px;
text-align: center;
}
#agenda_list .days_week {
height: 40px;
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
#agenda_list .days_weekend {
height: 40px;
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
#agenda_list .days_today {
height: 40px;
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {
background-color: #eee;

17
main/css/delicious_bordeaux/default.css
Unescape View File

@ -699,7 +699,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
@ -708,7 +708,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
@ -717,12 +717,17 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFCA8D;
color: #CC3300;
font-weight: bold;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {
background-color: #eee;

17
main/css/dokeos_blue/default.css
Unescape View File

@ -685,7 +685,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
@ -694,7 +694,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
@ -703,12 +703,17 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFCA8D;
color: #CC3300;
font-weight: bold;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {
background-color: #eee;

18
main/css/dokeos_classic/default.css
Unescape View File

@ -743,13 +743,14 @@ input.liteoption {
border: 1px solid #264269;
border-collapse: collapse;
}
/* The cells for the days (1->31) */
#agenda_list .days_week {
height: 40px;
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
@ -758,7 +759,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
@ -767,12 +768,17 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFCA8D;
color: #CC3300;
font-weight: bold;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {
background-color: #eee;

39
main/css/dokeos_classic_2D/default.css
Unescape View File

@ -699,32 +699,41 @@ input.liteoption {
font-weight: bold;
text-align: center;
}
#agenda_list .days_week, #agenda_list .days_weekend, #agenda_list .days_today {
border: 1px solid #264269;
border-collapse: collapse;
/* The cells for the days (1->31) */
#agenda_list .days_week {
height: 40px;
width: 12%;
text-align: left;
vertical-align: top;
width: 12%;
}
/* The cells for the days (1->31) */
#agenda_list .days_week {
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
#agenda_list .days_weekend {
height: 40px;
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
#agenda_list .days_today {
background-color: #FFCA8D;
color: #CC3300;
font-weight: bold;
}
#agenda_list .data, #agenda_list .datanotbold, #agenda_list .text, #agenda_list .data_hidden, #agenda_list .datanotbold_hidden, #agenda_list .text_hidden, #agenda_list .datanow, #agenda_list .datanotboldnow, #agenda_list .textnow {
border: 0px solid #4171B5;
border-collapse: collapse;
padding: 2px 10px;
height: 40px;
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {
background-color: #eee;

17
main/css/empire_green/default.css
Unescape View File

@ -696,7 +696,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
@ -705,7 +705,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
@ -714,12 +714,17 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFCA8D;
color: #CC3300;
font-weight: bold;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {
background-color: #eee;

17
main/css/fruity_orange/default.css
Unescape View File

@ -695,7 +695,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
@ -704,7 +704,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
@ -713,12 +713,17 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFCA8D;
color: #CC3300;
font-weight: bold;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {
background-color: #eee;

17
main/css/medical/default.css
Unescape View File

@ -782,7 +782,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
@ -791,7 +791,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
@ -800,12 +800,17 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFCA8D;
color: #CC3300;
font-weight: bold;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {
background-color: #eee;

17
main/css/public_admin/default.css
Unescape View File

@ -793,7 +793,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
@ -802,7 +802,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
@ -811,12 +811,17 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFCA8D;
color: #CC3300;
font-weight: bold;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {
background-color: #eee;

17
main/css/royal_purple/default.css
Unescape View File

@ -693,7 +693,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
@ -702,7 +702,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
@ -711,12 +711,17 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFCA8D;
color: #CC3300;
font-weight: bold;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {
background-color: #eee;

295
main/css/silver_line/default.css
Unescape View File

@ -830,124 +830,251 @@ div.row div.label {
AGENDA
==============================================================================
*/
#agenda_list {
#agenda {
width: 100%;
margin: 0 auto;
width: 95%;
border: 1px solid #bbb;
border-collapse: collapse;
}
#agenda_list .datanow {
background: #ddd url('images/headertables.jpg') repeat-x top center;
border: 1px solid #ddd;
vertical-align: top;
.agenda_month_divider {
background-color: #dcdcdc;
font-weight: bold;
color: #666;
text-align: center;
}
#agenda_list img {
margin-right: .8em;
#agenda .title a {
color: #fff;
}
#agenda_list td.data img, #agenda_list td.datanow img {
margin-bottom: -.6em;
margin-top: -.3em;
#agenda .agendaitem {
}
#agenda_list td.textnow {
border: 1px solid #bbb;
background-color: #eee;
padding: .5em;
#smallcalendar .title {
background-color: #dcdcdc;
font-weight: bold;
padding: 2px;
color: #666;
text-align: center;
font-size: 11px;
}
#agenda_list tr, #agenda_list td {
width: auto;
border: none;
#smallcalendar .title a {
color: #666;
}
#agenda_list tr.data, #agenda_list td.data, .data {
background: transparent url('images/headertables.jpg') repeat-x top center;
vertical-align: top;
border: 1px solid #ddd;
#agenda_select {
list-style: none;
border: 0px solid green;
margin: 30px 0 0 0;
padding: 0 0 0 10px;
}
#agenda_list tr.text, #agenda_list td.text, .text {
border: 1px solid #ddd;
/* ---------------------------------------------------
styles for the agenda (day, week, month view)
-----------------------------------------------------*/
#agenda_list {
width: 100%;
margin: 0 auto;
border: 1px solid #fff;
border-collapse: collapse;
}
.agenda_month_divider {
/*The caption of the calendar (displays the month and the << and >> links*/
#agenda_list .title {
background-color: #dcdcdc;
font-weight: bold;
color: #666;
text-align: left;
padding: 2px 10px;
text-align: center;
background: #fff url("images/divider2.jpg") no-repeat 50% 1.3em;
height: 2.8em;
border: 1px solid #bbb;
}
.agenda_month_divider, .title {
font: bold 1.2em Arial, sans-serif, sans;
color: #4170b4;
#agenda_list .title a:link, #agenda_list #title a:visited {
background-color: #dcdcdc;
font-weight: bold;
font-size: 11px;
color: #666;
padding: 2px 10px;
text-align: center;
}
#agenda_select img {
margin-right: .2em;
#agenda_list .title a:hover {
background-color: #dcdcdc;
font-weight: bold;
font-size: 11px;
color: #f3840d;
padding: 2px 10px;
text-align: center;
}
#agenda_select li {
margin-bottom: .6em;
font: bold 1em Arial, sans-serif, sans;
/* The cells with the name of the days of the weeks (mon->sun)*/
#agenda_list .weekdays {
background-color: #dcdcdc;
text-align: center;
font-weight: bold;
border: 1px solid #264269;
border-collapse: collapse;
}
#agenda_select li a {
font: bold 1em Arial, sans-serif, sans;
text-decoration: none;
/* The cells for the days (1->31) */
#agenda_list .days_week {
height: 40px;
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
.alternativeBgLight {
background-color: #ccc;
#agenda_list .days_weekend {
height: 40px;
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
.announcements_datum {
color: #888;
border: 1px solid #ddd;
#agenda_list .days_today {
height: 40px;
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {
background-color: #eee;
text-align: left;
padding: 2px 10px;
font-weight: bold;
border: 0px solid #dcdcdc;
border-collapse: collapse;
}
.data, .announcements_datum, .datanow {
font: bold 1em Arial, sans-serif, sans;
#agenda_list .datanotbold {
background-color: #eee;
text-align: left;
padding: 2px 10px;
font-weight: normal;
border: 0px solid #dcdcdc;
border-collapse: collapse;
}
.datanotbold {
#agenda_list .text {
background-color: #fff;
text-align: left;
padding: 2px 10px;
font-weight: normal;
border: 0px solid #dcdcdc;
border-collapse: collapse;
}
span.agendaitem {
text-align: center;
display: block;
font-size: 95%;
width: 90%;
margin: 0 auto;
font-size: .9em;
/*text in the cells: display of agenda items (invisible)*/
#agenda_list .data_hidden {
background-color: #eee;
text-align: left;
padding: 2px 10px;
font-weight: bold;
border: 0px solid #dcdcdc;
border-collapse: collapse;
color: #999999;
}
span.agendaitem i {
font: bold 97% Arial, sans-serif, sans;
color: #a9a;
#agenda_list .datanotbold_hidden {
background-color: #eee;
text-align: left;
padding: 2px 10px;
font-weight: normal;
border: 0px solid #dcdcdc;
border-collapse: collapse;
color: #999999;
}
/* Calendar */
.days_today {
font: bold 1em Arial, sans-serif, sans;
text-decoration: none;
color: #667;
#agenda_list .text_hidden {
background-color: #fff;
text-align: left;
padding: 2px 10px;
font-weight: normal;
border: 0px solid #dcdcdc;
border-collapse: collapse;
color: #999999;
}
.days_week {
background-color: #ccc;
/*text in the cells: display of agenda items (highlighted)*/
#agenda_list .datanow {
background-color: #FFCC00;
text-align: left;
padding: 2px 10px;
font-weight: bold;
border: 0px solid #dcdcdc;
border-collapse: collapse;
}
.days_week, .days_weekend, .days_today {
text-align: center;
#agenda_list .datanotboldnow {
background-color: #FFCC00;
text-align: left;
padding: 2px 10px;
font-weight: normal;
border: 0px solid #dcdcdc;
border-collapse: collapse;
}
.days_week a, .days_weekend a {
font: bold 1em Arial, sans-serif, sans;
#agenda_list .textnow {
background-color: #fff;
text-align: left;
padding: 2px 10px;
font-weight: normal;
border: 0px solid #dcdcdc;
border-collapse: collapse;
}
.days_weekend {
background-color: #aaa;
/* ---------------------------------------------------
styles for the mini agenda
-----------------------------------------------------*/
#smallcalendar {
width: 100%;
margin: 0 auto;
border: 1px solid #fff;
border-collapse: collapse;
}
.days_weekend .agendaitem i {
color: #444;
#smallcalendar .weekdays {
background-color: #dcdcdc;
text-align: center;
font-size: 11px;
font-weight: bold;
border: 1px solid #fff;
border-collapse: collapse;
}
#newedit_form tr.title {
background:none;
text-align:left;
#smallcalendar .days_week {
background-color: #f5f5f5;
text-align: center;
font-size: 11px;
border-collapse: collapse;
}
.title {
background: #ddd url('images/headertables.jpg') repeat-x top center;
#smallcalendar .days_weekend {
background-color: #e6e6e6;
text-align: center;
font-size: 11px;
border: 1px solid #fff;
border-collapse: collapse;
}
.weekdays {
font: bold 1.1em Arial, sans-serif, sans;
color: #fff;
background-color: #667;
#smallcalendar .days_today {
width: 12%;
text-align: center;
font-size: 11px;
border: 1px solid #FA8500;
border-collapse: collapse;
background-color: #FFCA8D;
}
.ical_export {
float: right;
margin-top: 0.2em;
/* ---------------------------------------------------
styles for the personal agenda
-----------------------------------------------------*/
.personal_agenda {
color: #008000;
}
.personal_agenda a:link, .personal_agenda a:visited {
color: #008000;
}
a.personal_agenda:link, a.personal_agenda:visited {
color: #008000;
}
.personal_agenda a:hover, .personal_agenda a:hover {
color: #666666;
}
a.personal_agenda:hover, a.personal_agenda:hover {
color: #666666;
}
/*
==============================================================================

40
main/css/sober_brown/default.css
Unescape View File

@ -766,7 +766,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
@ -775,7 +775,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
@ -784,37 +784,17 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border-collapse: collapse;
background-color: #FFCA8D;
color: #CC3300;
font-weight: bold;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {
background-color: #eee;
text-align: left;
padding: 2px 10px;
font-weight: bold;
border: 0px solid #dcdcdc;
border-collapse: collapse;
}
#agenda_list .datanotbold {
background-color: #eee;
text-align: left;
padding: 2px 10px;
font-weight: normal;
border: 0px solid #dcdcdc;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFFFC0;
}
#agenda_list .text {
background-color: #fff;
text-align: left;
padding: 2px 10px;
font-weight: normal;
border: 0px solid #dcdcdc;
border-collapse: collapse;
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/*text in the cells: display of agenda items (invisible)*/
#agenda_list .data_hidden {
background-color: #eee;

17
main/css/steel_grey/default.css
Unescape View File

@ -698,7 +698,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
@ -707,7 +707,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
@ -716,12 +716,17 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFCA8D;
color: #CC3300;
font-weight: bold;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {
background-color: #eee;

17
main/css/tasty_olive/default.css
Unescape View File

@ -695,7 +695,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #f5f5f5;
}
@ -704,7 +704,7 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #e6e6e6;
}
@ -713,12 +713,17 @@ input.liteoption {
width: 12%;
text-align: left;
vertical-align: top;
border: 1px solid #264269;
border: 1px solid #ccc;
border-collapse: collapse;
background-color: #FFCA8D;
color: #CC3300;
font-weight: bold;
background-color: #FFFFC0;
}
#agenda_list th {
background-color:#E5EDF9;
border:1px solid gray;
padding-right:12px;
}
/* text in the cells: display of agenda items (visible)*/
#agenda_list .data {
background-color: #eee;

BIN
main/default_course_document/images/logo_dokeos.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 6.0 KiB

After

Width:  |  Height:  |  Size: 5.0 KiB

7
main/document/document.inc.php
Unescape View File

@ -62,7 +62,7 @@ function build_directory_selector($folders, $curdirpath, $group_dir = '', $chang
$userinfo = Database::get_user_info_from_id(substr($folder_titles[$folder], 8));
$folder_titles[$folder] = api_get_person_name($userinfo['firstname'], $userinfo['lastname']);
}
$folder_titles[$folder] = cut($folder_titles[$folder], 80);
$label = str_repeat('&nbsp;&nbsp;&nbsp;', count($path_parts) - 2).' &mdash; '.$folder_titles[$folder];
$parent_select -> addOption($label, $folder);
if ($selected != '') {
@ -78,8 +78,9 @@ function build_directory_selector($folders, $curdirpath, $group_dir = '', $chang
$label = '/ ('.get_lang('HomeDirectory').')';
} else {
$path_parts = explode('/', str_replace($group_dir, '', $folder));
$label = cut($label, 80);
$label = str_repeat('&nbsp;&nbsp;&nbsp;', count($path_parts) - 2).' &mdash; '.$label;
}
}
$parent_select -> addOption($label, $folder);
if ($selected != '') {
$parent_select->setSelected($folder);
@ -129,7 +130,7 @@ function create_document_link($www, $title, $path, $filetype, $size, $visibility
$ext = explode('.', $path);
$ext = strtolower($ext[sizeof($ext) - 1]);
// "htmlfiles" are shown in a frameset
if ($ext == 'htm' || $ext == 'html' || $ext == 'gif' || $ext == 'jpg' || $ext == 'jpeg' || $ext == 'png') {
if ($ext == 'htm' || $ext == 'html' || $ext == 'gif' || $ext == 'jpg' || $ext == 'jpeg' || $ext == 'png' || $ext == 'pdf' || $ext == 'swf' || $ext == 'mp3') {
$url = 'showinframes.php?'.api_get_cidreq().'&amp;file='.$url_path.$req_gid;
} else {
// url-encode for problematic characters (we may not call them dangerous characters...)

11
main/document/document.php
Unescape View File

@ -278,7 +278,7 @@ $image_files_only = '';
if ($is_certificate_mode) {
$interbreadcrumb[]= array('url' => '../gradebook/index.php', 'name' => get_lang('Gradebook'));
} else {
$interbreadcrumb[]= array('url' => '', 'name' => get_lang('Document'));
$interbreadcrumb[]= array('url' => '', 'name' => get_lang('Documents'));
}
// Interbreadcrumb for the current directory root path
@ -305,10 +305,15 @@ for ($i = 0; $i < $array_len; $i++) {
}
$url_dir = 'document.php?&curdirpath='.$dir_acum.$dir_array[$i];
//Max char 80
$url_to_who = cut($dir_array[$i],80);
if ($is_certificate_mode) {
$interbreadcrumb[] = array('url' => $url_dir.'&selectcat='.Security::remove_XSS($_GET['selectcat']), 'name' => $dir_array[$i]);
$interbreadcrumb[] = array('url' => $url_dir.'&selectcat='.Security::remove_XSS($_GET['selectcat']), 'name' => $url_to_who);
} else {
$interbreadcrumb[] = array('url' => $url_dir, 'name' => $dir_array[$i]);
$interbreadcrumb[] = array('url' => $url_dir, 'name' => $url_to_who);
}
$dir_acum .= $dir_array[$i].'/';

4
main/document/edit_document.php
Unescape View File

@ -592,8 +592,8 @@ function nav_to_slideshow($slide_id) {
$path = Security::remove_XSS($_GET['curdirpath']);
$pathurl = urlencode($path);
echo '<div class="actions">';
echo '<a href="document.php?action=exit_slideshow&curdirpath='.$pathurl.'">'.Display::return_icon('back.png').get_lang('BackTo').' '.get_lang('DocumentsOverview').'</a>&nbsp;';
//echo '<a href="'.api_get_path(WEB_PATH).'main/document/slideshow.php?slide_id='.$slide_id.'&curdirpath='.Security::remove_XSS(urlencode($_GET['curdirpath'])).'">'.Display::return_icon('back.png', get_lang('BackTo').' '.get_lang('ViewSlideshow')).get_lang('BackTo').' '.get_lang('ViewSlideshow').'</a>';
//echo '<a href="document.php?action=exit_slideshow&curdirpath='.$pathurl.'">'.Display::return_icon('back.png').get_lang('BackTo').' '.get_lang('DocumentsOverview').'</a>&nbsp;';
echo '<a href="'.api_get_path(WEB_PATH).'main/document/slideshow.php?slide_id='.$slide_id.'&curdirpath='.Security::remove_XSS(urlencode($_GET['curdirpath'])).'">'.Display::return_icon('back.png', get_lang('BackTo').' '.get_lang('ViewSlideshow')).get_lang('BackTo').' '.get_lang('ViewSlideshow').'</a>';
echo '</div>';
}

7
main/document/showinframes.php
Unescape View File

@ -42,7 +42,9 @@ if (isset($_SESSION['_gid']) && $_SESSION['_gid'] != '') {
}
$interbreadcrumb[] = array('url' => './document.php?curdirpath='.dirname($header_file).$req_gid, 'name' => get_lang('Documents'));
$interbreadcrumb[] = array('url' => 'showinframes.php?file='.$header_file, 'name' => $header_file);
$name_to_show = cut($header_file, 80);
$interbreadcrumb[] = array('url' => 'showinframes.php?file='.$header_file, 'name' => $name_to_show);
$file_url_sys = api_get_path(SYS_COURSE_PATH).'document'.$header_file;
$path_info = pathinfo($file_url_sys);
$this_section = SECTION_COURSES;
@ -60,7 +62,6 @@ if (!empty($_GET['nopages'])) {
$_SESSION['whereami'] = 'document/view';
$interbreadcrumb[] = array('url' => './document.php', 'name' => get_lang('Documents'));
$nameTools = get_lang('Documents');
$file = Security::remove_XSS(urldecode($_GET['file']));
@ -138,7 +139,7 @@ $htmlHeadXtra[] = '<script type="text/javascript">
//Display::display_header($tool_name, 'User');
Display::display_header(null, 'Doc');
Display::display_header('');
echo "<div align=\"center\">";
$file_url_web = api_get_path(WEB_COURSE_PATH).$_course['path'].'/document'.$header_file.'?'.api_get_cidreq();
echo '<a href="'.$file_url_web.'" target="_blank">'.get_lang('_cut_paste_link').'</a></div>';

136
main/exercice/exercice.php
Unescape View File

@ -130,12 +130,12 @@ if ($_GET['delete'] == 'delete' && ($is_allowedToEdit || api_is_coach()) && !emp
}
if ($show == 'result' && $_REQUEST['comments'] == 'update' && ($is_allowedToEdit || $is_tutor) && $_GET['exeid']== strval(intval($_GET['exeid']))) {
$id = $_GET['exeid']; //filtered by post-condition
$emailid = $_GET['emailid'];
$test = $_GET['test'];
$from = $_SESSION['_user']['mail'];
$from_name = api_get_person_name($_SESSION['_user']['firstName'], $_SESSION['_user']['lastName'], null, PERSON_NAME_EMAIL_ADDRESS);
$url = api_get_path(WEB_CODE_PATH) . 'exercice/exercice.php?' . api_get_cidreq() . '&show=result';
$id = $_GET['exeid']; //filtered by post-condition
$emailid = $_GET['emailid'];
$test = $_GET['test'];
$from = $_SESSION['_user']['mail'];
$from_name = api_get_person_name($_SESSION['_user']['firstName'], $_SESSION['_user']['lastName'], null, PERSON_NAME_EMAIL_ADDRESS);
$url = api_get_path(WEB_CODE_PATH) . 'exercice/exercice.php?' . api_get_cidreq() . '&show=result';
$TBL_RECORDING = Database :: get_statistic_table('track_e_attempt_recording');
$total_weighting = $_REQUEST['totalWeighting'];
@ -157,10 +157,12 @@ if ($show == 'result' && $_REQUEST['comments'] == 'update' && ($is_allowedToEdit
} else {
$array_content_id_exe=$post_content_id;
}
for ($i=0;$i<$loop_in_track;$i++) {
$my_marks=Database::escape_string($_POST['marks_'.$array_content_id_exe[$i]]);
$contain_comments=Database::escape_string($_POST['comments_'.$array_content_id_exe[$i]]);
if (isset($contain_comments)) {
@ -168,38 +170,40 @@ if ($show == 'result' && $_REQUEST['comments'] == 'update' && ($is_allowedToEdit
} else {
$my_comments='';
}
$my_questionid=$array_content_id_exe[$i];
$sql = "SELECT question from $TBL_QUESTIONS WHERE id = '$my_questionid'";
$result =Database::query($sql);
$ques_name = Database::result($result,0,"question");
$query = "UPDATE $TBL_TRACK_ATTEMPT SET marks = '$my_marks',teacher_comment = '$my_comments'
WHERE question_id = '".$my_questionid."'
AND exe_id='".$id."'";
Database::query($query);
$qry = 'SELECT sum(marks) as tot
FROM '.$TBL_TRACK_ATTEMPT.' WHERE exe_id = '.intval($id).'
GROUP BY question_id';
$res = Database::query($qry);
$tot = Database::result($res,0,'tot');
//updating also the total weight
$totquery = "UPDATE $TBL_TRACK_EXERCICES SET exe_result = '".Database::escape_string($tot)."', exe_weighting = '".Database::escape_string($total_weighting)."'
WHERE exe_Id='".Database::escape_string($id)."'";
Database::query($totquery);
$recording_changes = 'INSERT INTO '.$TBL_RECORDING.' ' .
'(exe_id,
question_id,
marks,
insert_date,
author,
teacher_comment)
VALUES
('."'$id','".$my_questionid."','$my_marks','".date('Y-m-d H:i:s')."','".api_get_user_id()."'".',"'.$my_comments.'")';
Database::query($recording_changes);
$my_questionid=$array_content_id_exe[$i];
$sql = "SELECT question from $TBL_QUESTIONS WHERE id = '$my_questionid'";
$result =Database::query($sql);
$ques_name = Database::result($result,0,"question");
$query = "UPDATE $TBL_TRACK_ATTEMPT SET marks = '$my_marks',teacher_comment = '$my_comments'
WHERE question_id = '".$my_questionid."'
AND exe_id='".$id."'";
Database::query($query);
$qry = 'SELECT sum(marks) as tot
FROM '.$TBL_TRACK_ATTEMPT.' WHERE exe_id = '.intval($id).'
GROUP BY question_id';
$res = Database::query($qry);
$tot = Database::result($res,0,'tot');
//updating also the total weight
$totquery = "UPDATE $TBL_TRACK_EXERCICES SET exe_result = '".Database::escape_string($tot)."', exe_weighting = '".Database::escape_string($total_weighting)."'
WHERE exe_Id='".Database::escape_string($id)."'";
Database::query($totquery);
$recording_changes = 'INSERT INTO '.$TBL_RECORDING.' ' .
'(exe_id,
question_id,
marks,
insert_date,
author,
teacher_comment)
VALUES
('."'$id','".$my_questionid."','$my_marks','".date('Y-m-d H:i:s')."','".api_get_user_id()."'".',"'.$my_comments.'")';
Database::query($recording_changes);
}
$post_content_id=array();
$array_content_id_exe=array();
/*foreach ($_POST as $key => $v) {
@ -273,7 +277,7 @@ if ($show == 'result' && $_REQUEST['comments'] == 'update' && ($is_allowedToEdit
//search items
if (isset($_POST['my_exe_exo_id']) && isset($_POST['student_id'])) {
$sql_lp='SELECT li.id as lp_item_id,li.lp_id,li.item_type,li.path,liv.id AS lp_view_id,liv.user_id,max(liv.view_count) AS view_count FROM '.$TBL_LP_ITEM.' li
INNER JOIN '.$TBL_LP_VIEW.' liv ON li.lp_id=liv.lp_id WHERE li.path="'.Database::escape_string(Security::remove_XSS($_POST['my_exe_exo_id'])).'" AND li.item_type="quiz" AND user_id="'.Database::escape_string(Security::remove_XSS($_POST['student_id'])).'" ';
INNER JOIN '.$TBL_LP_VIEW.' liv ON li.lp_id=liv.lp_id WHERE li.path="'.Database::escape_string(Security::remove_XSS($_POST['my_exe_exo_id'])).'" AND li.item_type="quiz" AND user_id="'.Database::escape_string($_POST['student_id']).'" ';
$rs_lp=Database::query($sql_lp);
if (!($rs_lp===false)) {
$row_lp=Database::fetch_array($rs_lp);
@ -348,33 +352,63 @@ if ($show == 'result' && $_REQUEST['comments'] == 'update' && ($is_allowedToEdit
$totalWeighting = $_POST['totalWeighting'];
if ($lp_item_id == strval(intval($lp_item_id)) && $lp_item_view_id == strval(intval($lp_item_view_id)) && $student_id == strval(intval($student_id))) {
$score = Database :: escape_string($_POST['total_score']);
$score = Database :: escape_string($_POST['total_score']); //This is the new note
$total_time = Database :: escape_string($_POST['total_time']);
//I need the lp_item_view_id in order to update the record
//@todo add the lp_item_view_id in the track_exercise table in order to have a real match between the lp_item_view and the track_exercise
//$my_real_lp_item_view_id = Database :: escape_string($_POST['real_lp_item_view_id']);
$lp_item_id = Database :: escape_string($lp_item_id);
$lp_item_view_id = Database :: escape_string($lp_item_view_id);
$student_id = Database :: escape_string($student_id);
$totalWeighting = Database :: escape_string($totalWeighting);
// get max view_count from lp_item_view
/*$sql = "SELECT MAX(view_count) FROM $TBL_LP_ITEM_VIEW WHERE lp_item_id = '" . (int) $lp_item_view_id . "'
AND lp_view_id = (SELECT id from $TBL_LP_VIEW WHERE user_id = '" . (int) $student_id . "' and lp_id='" . (int) $lp_item_id . "')";
/*
$sql = "SELECT (view_count) FROM $TBL_LP_ITEM_VIEW
WHERE lp_item_id = '" . (int) $lp_item_view_id . "' AND lp_view_id = $my_real_lp_item_view_id ORDER BY id DESC LIMIT 1";
$res_view_count = Database::query($sql);
$res_view_count = Database :: fetch_row($res_view_count);
$my_view_count = intval($res_view_count[0]);
*/
//Checking if this is the lastest attempt
$sql = "SELECT exe_id FROM $TBL_TRACK_EXERCICES
WHERE exe_user_id = '" . Database :: escape_string($_POST['student_id']) . "' AND exe_cours_id = '" . api_get_course_id() . "' AND orig_lp_id = '$lp_item_id' AND orig_lp_item_id = '$lp_item_view_id' AND session_id = '" . api_get_session_id() . "' AND status = ''
ORDER BY exe_id DESC LIMIT 1 ";
$res_view_count = Database::query($sql);
$res_view_count = Database :: fetch_row($res_view_count);
$my_view_count = intval($res_view_count[0]);
//Update lp_item_view if this attempts is the latest
$sql = "SELECT MAX(view_count) FROM $TBL_LP_ITEM_VIEW
WHERE lp_item_id = '" . (int) $lp_item_view_id . "' AND lp_view_id = (SELECT id from $TBL_LP_VIEW WHERE user_id = '" . (int) $student_id . "' and lp_id='" . (int) $lp_item_id . "')";
$res_max_view_count = Database::query($sql);
$row_max_view_count = Database :: fetch_row($res_max_view_count);
$max_view_count = (int) $row_max_view_count[0];
// update score and total_time from last attempt when you qualify the exercise in Learning path detail
$sql_update_score = "UPDATE $TBL_LP_ITEM_VIEW SET score = '" . (float) $score . "',total_time = '" . (int) $total_time . "' WHERE lp_item_id = '" . (int) $lp_item_view_id . "'
AND lp_view_id = (SELECT id from $TBL_LP_VIEW WHERE user_id = '" . (int) $student_id . "' and lp_id='" . (int) $lp_item_id . "') AND view_count = '$max_view_count'";
Database::query($sql_update_score);
$max_view_count = intval($row_max_view_count[0]);
//Only update if is the last attempt
if ($my_view_count == $_GET['exeid']) {
// update score and total_time from last attempt when you qualify the exercise in Learning path detail
$sql_update_score = "UPDATE $TBL_LP_ITEM_VIEW SET score = '" . intval($tot) . "', total_time = '" . (int) $total_time . "' WHERE lp_item_id = '" . (int) $lp_item_view_id . "'
AND lp_view_id = (SELECT id from $TBL_LP_VIEW WHERE user_id = '" . (int) $student_id . "' and lp_id='" . (int) $lp_item_id . "') AND view_count = '$max_view_count'";
Database::query($sql_update_score);
}
/*
/*
// update score and total_time from last attempt when you qualify the exercise in Learning path detail
$sql_update_score = "UPDATE $TBL_LP_ITEM_VIEW SET score = '" . (float) $score . "',total_time = '" . (int) $total_time . "' WHERE lp_item_id = '" . (int) $lp_item_view_id . "'
AND lp_view_id = (SELECT id from $TBL_LP_VIEW WHERE user_id = '" . (int) $student_id . "' and lp_id='" . (int) $lp_item_id . "') AND view_count = '$max_view_count'";
Database::query($sql_update_score);*/
// update max_score from a exercise in lp
$sql_update_max_score = "UPDATE $TBL_LP_ITEM SET max_score = '" . (float) $totalWeighting . "' WHERE id = '" . (int) $lp_item_view_id . "'";
//$sql_update_max_score = "UPDATE $TBL_LP_ITEM SET max_score = '" . (float) $totalWeighting . "' WHERE id = '" . (int) $lp_item_view_id . "'";
Database::query($sql_update_max_score);
//Database::query($sql_update_max_score);
}
}

56
main/exercice/savescores.php
Unescape View File

@ -3,7 +3,7 @@
/**
* Saving the scores.
* @package dokeos.exercise
* @package chamilo.exercise
* @author
* @version $Id: savescores.php 15602 2008-06-18 08:52:24Z pcool $
*/
@ -11,8 +11,7 @@
// name of the language file that needs to be included
$language_file = 'learnpath';
if($_GET['origin']=='learnpath')
{
if($_GET['origin']=='learnpath') {
require_once ('../newscorm/learnpath.class.php');
require_once ('../newscorm/learnpathItem.class.php');
require_once ('../newscorm/scorm.class.php');
@ -21,18 +20,16 @@ if($_GET['origin']=='learnpath')
require_once ('../newscorm/aiccItem.class.php');
}
include ('../inc/global.inc.php');
require_once '../inc/global.inc.php';
$this_section=SECTION_COURSES;
include_once (api_get_path(LIBRARY_PATH).'fileManage.lib.php');
require_once api_get_path(LIBRARY_PATH).'fileManage.lib.php';
$documentPath = api_get_path(SYS_COURSE_PATH).$_course['path']."/document";
$full_file_path = $documentPath.$test;
my_delete($full_file_path.$_user['user_id'].".t.html");
$TABLETRACK_HOTPOTATOES = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_HOTPOTATOES);
$tbl_learnpath_user = Database::get_course_table(TABLE_LEARNPATH_USER);
$TABLE_LP_ITEM_VIEW = Database::get_course_table(TABLE_LP_ITEM_VIEW);
@ -52,8 +49,7 @@ $jscript2run = '';
* @param integer Score to save inside the tracking tables (HP and learnpath)
* @return void
*/
function save_scores($file, $score)
{
function save_scores($file, $score) {
global $_configuration, $origin,
$_user, $_cid,
$TABLETRACK_HOTPOTATOES;
@ -62,55 +58,47 @@ function save_scores($file, $score)
$reallyNow = time();
$date = date("Y-m-d H:i:s", $reallyNow);
if (!$_configuration['tracking_enabled'])
{
if (!$_configuration['tracking_enabled']) {
return 0;
}
if ($_user['user_id'])
{
$user_id = "'".$_user['user_id']."'";
}
else // anonymous
{
if ($_user['user_id']) {
$user_id = $_user['user_id'];
} else {
// anonymous
$user_id = "NULL";
}
$sql = "INSERT INTO $TABLETRACK_HOTPOTATOES ".
"(exe_name, exe_user_id, exe_date,exe_cours_id,exe_result,exe_weighting)" .
"VALUES" .
"(
'".Database::escape_string($file)."',
'".Database::escape_string($user_id)."',
'".Database::escape_string($date)."',
'".Database::escape_string($_cid)."',
'".Database::escape_string($score)."',
'".Database::escape_string($weighting)."')";
"(exe_name, exe_user_id, exe_date,exe_cours_id,exe_result,exe_weighting)" .
"VALUES" .
"(
'".Database::escape_string($file)."',
'".Database::escape_string($user_id)."',
'".Database::escape_string($date)."',
'".Database::escape_string($_cid)."',
'".Database::escape_string($score)."',
'".Database::escape_string($weighting)."')";
$res = Database::query($sql);
if ($origin == 'learnpath')
{
if ($origin == 'learnpath') {
//if we are in a learning path, save the score in the corresponding
//table to get tracking in there as well
global $jscript2run;
//record the results in the learning path, using the SCORM interface (API)
$jscript2run .= '<script language="javascript" type="text/javascript">window.parent.API.void_save_asset('.$score.','.$weighting.');</script>';
}
}
// Save the Scores
save_scores($test, $score);
// Back
if ($origin != 'learnpath')
{
if ($origin != 'learnpath') {
// $url = "Hpdownload.php?doc_url=".$test."&cid=".$cid; // back to the test
$url = "exercice.php"; // back to exercices
$jscript2run .= '<script language="javascript" type="text/javascript">'."window.open('$url', '_top', '')".'</script>';
echo $jscript2run;
}
else
{
} else {
?>
<html>
<head>

140
main/forum/index.php
Unescape View File

@ -1,28 +1,5 @@
<?php // $Id: document.php 16494 2008-10-10 22:07:36Z yannoo $
/*
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2004-2008 Dokeos SPRL
Copyright (c) 2003 Ghent University (UGent)
Copyright (c) 2001 Universite catholique de Louvain (UCL)
Copyright (c) various contributors
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact address: Dokeos, rue du Corbeau, 108, B-1030 Brussels, Belgium
Mail: info@dokeos.com
==============================================================================
*/
<?php
/* For licensing terms, see /license.txt */
/**
* These files are a complete rework of the forum. The database structure is
@ -42,14 +19,14 @@
* @Copyright Ghent University
* @Copyright Patrick Cool
*
* @package dokeos.forum
* @package chamilo.forum
*/
// name of the language file that needs to be included
$language_file = 'forum';
// including the global dokeos file
require '../inc/global.inc.php';
require_once '../inc/global.inc.php';
$htmlHeadXtra[] = '<script type="text/javascript" src="'.api_get_path(WEB_CODE_PATH).'inc/lib/javascript/jquery.js" ></script>';
$htmlHeadXtra[] = '<script type="text/javascript" language="javascript">
$(document).ready(function(){ $(\'.hide-me\').slideUp() });
@ -74,29 +51,22 @@ $this_section=SECTION_COURSES;
api_protect_course_script(true);
// including additional library scripts
require_once(api_get_path(LIBRARY_PATH).'/text.lib.php');
require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php');
require_once (api_get_path(LIBRARY_PATH).'groupmanager.lib.php');
require_once api_get_path(LIBRARY_PATH).'/text.lib.php';
require_once api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php';
require_once api_get_path(LIBRARY_PATH).'groupmanager.lib.php';
$nameTools=get_lang('Forums');
/*
-----------------------------------------------------------
Including necessary files
-----------------------------------------------------------
*/
require 'forumconfig.inc.php';
require_once 'forumconfig.inc.php';
require_once 'forumfunction.inc.php';
/*
==============================================================================
MAIN DISPLAY SECTION
==============================================================================
*/
/*
-----------------------------------------------------------
Header
-----------------------------------------------------------
*/
if (!empty($_GET['gradebook']) && $_GET['gradebook']=='view' ) {
@ -138,9 +108,7 @@ $form_count=0;
/*
------------------------------------------------------------------------------------------------------
ACTIONS
------------------------------------------------------------------------------------------------------
*/
$get_actions=isset($_GET['action']) ? $_GET['action'] : '';
if (api_is_allowed_to_edit(false,true)) {
@ -160,17 +128,13 @@ if (isset($_GET['action']) && $_GET['action'] == 'notify' AND isset($_GET['conte
$whatsnew_post_info = array();
$whatsnew_post_info = $_SESSION['whatsnew_post_info'];
/*
-----------------------------------------------------------
/*
TRACKING
-----------------------------------------------------------
*/
event_access_tool(TOOL_FORUM);
/*
------------------------------------------------------------------------------------------------------
RETRIEVING ALL THE FORUM CATEGORIES AND FORUMS
------------------------------------------------------------------------------------------------------
RETRIEVING ALL THE FORUM CATEGORIES AND FORUMS
note: we do this here just after het handling of the actions to be sure that we already incorporate the
latest changes
*/
@ -183,9 +147,8 @@ if (isset($_GET['action']) && $_GET['action'] == 'notify' AND isset($_GET['conte
$forum_list=get_forums();
/*
------------------------------------------------------------------------------------------------------
RETRIEVING ALL GROUPS AND THOSE OF THE USER
------------------------------------------------------------------------------------------------------
RETRIEVING ALL GROUPS AND THOSE OF THE USER
*/
// the groups of the user
$groups_of_user=array();
@ -200,20 +163,15 @@ if (isset($_GET['action']) && $_GET['action'] == 'notify' AND isset($_GET['conte
}
}
/*
------------------------------------------------------------------------------------------------------
CLEAN GROUP ID FOR AJAXFILEMANAGER
------------------------------------------------------------------------------------------------------
/*
CLEAN GROUP ID FOR AJAXFILEMANAGER
*/
if(isset($_SESSION['_gid']))
{
if(isset($_SESSION['_gid'])) {
unset($_SESSION['_gid']);
}
/*
------------------------------------------------------------------------------------------------------
ACTION LINKS
------------------------------------------------------------------------------------------------------
/*
ACTION LINKS
*/
$session_id=isset($_SESSION['id_session']) ? $_SESSION['id_session'] : false;
//if (api_is_allowed_to_edit() and !$_GET['action'])
@ -228,12 +186,10 @@ if (isset($_GET['action']) && $_GET['action'] == 'notify' AND isset($_GET['conte
}
echo '</div>';
/*
------------------------------------------------------------------------------------------------------
Display Forum Categories and the Forums in it
------------------------------------------------------------------------------------------------------
/*
Display Forum Categories and the Forums in it
*/
echo '<table class="data_table">'."\n";
echo '<table class="data_table">';
// Step 3: we display the forum_categories first
if(is_array($forum_categories_list)) {
foreach ($forum_categories_list as $forum_category_key => $forum_category) {
@ -247,13 +203,13 @@ if (isset($_GET['action']) && $_GET['action'] == 'notify' AND isset($_GET['conte
$session_displayed = '';
}
echo "\t<tr>\n\t\t<th style=\"padding-left:5px;\" align=\"left\" colspan=\"5\">";
echo "<tr><th style=\"padding-left:5px;\" align=\"left\" colspan=\"5\">";
echo '<a href="viewforumcategory.php?'.api_get_cidreq().'&forumcategory='.prepare4display(Security::remove_XSS($forum_category['cat_id'])).'" '.class_visible_invisible(prepare4display($forum_category['visibility'])).'>'.prepare4display(Security::remove_XSS($forum_category['cat_title'])).$session_displayed.'</a>'. $session_img .'<br />';
if ($forum_category['cat_comment']<>'' AND trim($forum_category['cat_comment'])<>'&nbsp;') {
echo '<span class="forum_description">'.prepare4display(Security::remove_XSS($forum_category['cat_comment'],STUDENT)).'</span>';
if ($forum_category['cat_comment']<>'' AND trim($forum_category['cat_comment'])<>'&nbsp;') {
echo '<span class="forum_description">'.prepare4display($forum_category['cat_comment']).'</span>';
}
echo "</th>\n";
echo '</th>';
echo '<th style="vertical-align: top;" align="center" >';
if (api_is_allowed_to_edit(false,true) && !($forum_category['session_id']==0 && intval($session_id)!=0)) {
@ -264,19 +220,19 @@ if (isset($_GET['action']) && $_GET['action'] == 'notify' AND isset($_GET['conte
display_up_down_icon('forumcategory',prepare4display($forum_category['cat_id']), $forum_categories_list);
}
echo '</th>';
echo "\t</tr>\n";
echo "</tr>";
// step 4: the interim headers (for the forum)
echo "\t<tr class=\"forum_header\">\n";
echo "\t\t<td colspan=\"2\">".get_lang('Forum')."</td>\n";
echo "\t\t<td>".get_lang('Topics')."</td>\n";
echo "\t\t<td>".get_lang('Posts')."</td>\n";
echo "\t\t<td>".get_lang('LastPosts')."</td>\n";
echo "\t\t<td>".get_lang('Actions')."</td>\n";
echo "\t</tr>\n";
echo "<tr class=\"forum_header\">";
echo "<td colspan=\"2\">".get_lang('Forum')."</td>";
echo "<td>".get_lang('Topics')."</td>";
echo "<td>".get_lang('Posts')."</td>";
echo "<td>".get_lang('LastPosts')."</td>";
echo "<td>".get_lang('Actions')."</td>";
echo "</tr>";
// the forums in this category
$forums_in_category=get_forums_in_category($forum_category['cat_id']);
$forums_in_category=get_forums_in_category($forum_category['cat_id']);
// step 5: we display all the forums in this category.
$forum_count=0;
@ -348,7 +304,7 @@ if (isset($_GET['action']) && $_GET['action'] == 'notify' AND isset($_GET['conte
if ($show_forum) {
$form_count++;
$mywhatsnew_post_info=isset($whatsnew_post_info[$forum['forum_id']]) ? $whatsnew_post_info[$forum['forum_id']]: null;
echo "\t<tr class=\"forum\">\n";
echo "<tr class=\"forum\">";
// Showing the image
if(!empty($forum['forum_image'])) {
@ -365,8 +321,8 @@ if (isset($_GET['action']) && $_GET['action'] == 'notify' AND isset($_GET['conte
echo "<img src=\"$image_path\" $img_attributes>";
}
}
echo "</td>\n";
echo "\t\t<td width=\"20\">";
echo "</td>";
echo "<td width=\"20\">";
if ($forum['forum_of_group']!=='0') {
if (is_array($mywhatsnew_post_info) and !empty($mywhatsnew_post_info)) {
@ -383,7 +339,7 @@ if (isset($_GET['action']) && $_GET['action'] == 'notify' AND isset($_GET['conte
}
}
echo "</td>\n";
echo "</td>";
//validacion when belongs to a session
$session_img = api_get_session_image($forum['session_id'], $_user['status']);
@ -404,13 +360,13 @@ if (isset($_GET['action']) && $_GET['action'] == 'notify' AND isset($_GET['conte
}
$forum['forum_of_group']==0?$groupid='':$groupid=$forum['forum_of_group'];
echo "\t\t<td><a href=\"viewforum.php?".api_get_cidreq()."&gidReq=".Security::remove_XSS($groupid)."&forum=".prepare4display($forum['forum_id'])."\" ".class_visible_invisible(prepare4display($forum['visibility'])).">".prepare4display(Security::remove_XSS($forum['forum_title'])).$session_displayed.'</a>'.$forum_title_group_addition.'<br />'.prepare4display(Security::remove_XSS($forum['forum_comment'],STUDENT))."</td>\n";
echo "<td><a href=\"viewforum.php?".api_get_cidreq()."&gidReq=".Security::remove_XSS($groupid)."&forum=".prepare4display($forum['forum_id'])."\" ".class_visible_invisible(prepare4display($forum['visibility'])).">".prepare4display(Security::remove_XSS($forum['forum_title'])).$session_displayed.'</a>'.$forum_title_group_addition.'<br />'.prepare4display(Security::remove_XSS($forum['forum_comment'],STUDENT))."</td>";
//$number_forum_topics_and_posts=get_post_topics_of_forum($forum['forum_id']); // deprecated
// the number of topics and posts
$number_threads=isset($forum['number_of_threads']) ? $forum['number_of_threads'] : null;
$number_posts =isset($forum['number_of_posts']) ? $forum['number_of_posts'] : null;
echo "\t\t<td>".$number_threads."</td>\n";
echo "\t\t<td>".$number_posts."</td>\n";
echo "<td>".$number_threads."</td>";
echo "<td>".$number_posts."</td>";
// the last post in the forum
if ($forum['last_poster_name']<>'') {
$name=$forum['last_poster_name'];
@ -419,13 +375,13 @@ if (isset($_GET['action']) && $_GET['action'] == 'notify' AND isset($_GET['conte
$name = api_get_person_name($forum['last_poster_firstname'], $forum['last_poster_lastname']);
$poster_id=$forum['last_poster_id'];
}
echo "\t\t<td nowrap=\"nowrap\">";
echo "<td nowrap=\"nowrap\">";
if (!empty($forum['last_post_id'])) {
echo api_convert_and_format_date($forum['last_post_date'], null, date_default_timezone_get())."<br /> ".get_lang('By').' '.display_user_link($poster_id, $name);
}
echo "</td>\n";
echo "\t\t<td nowrap=\"nowrap\" align=\"center\">";
echo "</td>";
echo "<td nowrap=\"nowrap\" align=\"center\">";
if (api_is_allowed_to_edit(false,true) && !($forum['session_id']==0 && intval($session_id)!=0)) {
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&gradebook=$gradebook&action=edit&amp;content=forum&amp;id=".$forum['forum_id']."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>";
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&gradebook=$gradebook&action=delete&amp;content=forum&amp;id=".$forum['forum_id']."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang("DeleteForum"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>";
@ -444,22 +400,20 @@ if (isset($_GET['action']) && $_GET['action'] == 'notify' AND isset($_GET['conte
if (!api_is_anonymous() && api_is_allowed_to_session_edit(false,true) ) {
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&gradebook=$gradebook&action=notify&amp;content=forum&amp;id=".$forum['forum_id']."\">".icon('../img/'.$iconnotify,get_lang('NotifyMe'))."</a>";
}
echo "</td>\n";
echo "\t</tr>";
echo "</td>";
echo "</tr>";
}
}
}
if (count($forum_list)==0) {
echo "\t<tr><td>".get_lang('NoForumInThisCategory')."</td>".(api_is_allowed_to_edit(false,true)?'<td colspan="6"></td>':'<td colspan="6"></td>')."</tr>\n";
echo "<tr><td>".get_lang('NoForumInThisCategory')."</td>".(api_is_allowed_to_edit(false,true)?'<td colspan="6"></td>':'<td colspan="6"></td>')."</tr>";
}
}
}
echo "</table>\n";
echo "</table>";
/*
==============================================================================
FOOTER
==============================================================================
*/
Display :: display_footer();

3
main/forum/reply.php
Unescape View File

@ -165,7 +165,8 @@ echo '</table>';
$my_action = isset($_GET['action']) ? Security::remove_XSS($_GET['action']) : '';
$my_post = isset($_GET['post']) ? Security::remove_XSS($_GET['post']) : '';
$my_elements = isset($_SESSION['formelements']) ? $_SESSION['formelements'] : '';
$values = show_add_post_form(Security::remove_XSS($my_action,$my_post, $my_elements)); // note: this has to be cleaned first
$values = show_add_post_form($my_action,$my_post, $my_elements); // note: this has to be cleaned first
if (!empty($values) AND isset($_POST['SubmitPost'])) {
store_reply($values);

34
main/forum/viewthread_flat.inc.php
Unescape View File

@ -14,7 +14,7 @@ if (isset($current_thread['thread_id'])){
$rows=get_posts($current_thread['thread_id']);
$increment=0;
foreach ($rows as $row) {
echo "<table width=\"100%\" class=\"post\" cellspacing=\"5\" border=\"0\">\n";
echo "<table width=\"100%\" class=\"post\" cellspacing=\"5\" border=\"0\">";
// the style depends on the status of the message: approved or not
if ($row['visible']=='0') {
$titleclass='forum_message_post_title_2_be_approved';
@ -26,8 +26,8 @@ if (isset($current_thread['thread_id'])){
$leftclass='forum_message_left';
}
echo "\t<tr>\n";
echo "\t\t<td rowspan=\"3\" class=\"$leftclass\">";
echo "<tr>";
echo "<td rowspan=\"3\" class=\"$leftclass\">";
if ($row['user_id']=='0') {
$name=prepare4display($row['poster_name']);
} else {
@ -49,16 +49,16 @@ if (isset($current_thread['thread_id'])){
// The course admin him/herself can do this off course always
if (($current_forum['allow_edit']==1 AND $row['user_id']==$_user['user_id']) or (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session']))) {
if (api_is_allowed_to_session_edit(false,true))
echo "<a href=\"editpost.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;post=".$row['post_id']."&origin=".$origin."&edit=edition&id_attach=".$id_attach."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>\n";
echo "<a href=\"editpost.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;post=".$row['post_id']."&origin=".$origin."&edit=edition&id_attach=".$id_attach."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>";
}
if ($origin != 'learnpath') {
if (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session'])) {
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=delete&amp;content=post&amp;id=".$row['post_id']."&origin=".$origin."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang("DeletePost"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>\n";
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=delete&amp;content=post&amp;id=".$row['post_id']."&origin=".$origin."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang("DeletePost"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>";
display_visible_invisible_icon('post', $row['post_id'], $row['visible'],array('forum'=>Security::remove_XSS($_GET['forum']),'thread'=>Security::remove_XSS($_GET['thread']), 'origin'=>$origin ));
echo "\n";
echo "";
if ($increment>0) {
echo "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=move&amp;post=".$row['post_id']."&origin=".$origin."\">".icon('../img/deplacer_fichier.gif',get_lang('MovePost'))."</a>\n";
echo "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=move&amp;post=".$row['post_id']."&origin=".$origin."\">".icon('../img/deplacer_fichier.gif',get_lang('MovePost'))."</a>";
}
}
}
@ -70,11 +70,11 @@ if (isset($current_thread['thread_id'])){
if( isset($_GET['gradebook'])){
if ($increment>0 && $user_status!=1 ) {
$info_thread=get_thread_information(Security::remove_XSS($_GET['thread']));
echo "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".$info_thread['forum_id']."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=list&amp;post=".$row['post_id']."&amp;user=".$row['poster_id']."&user_id=".$row['poster_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."&gradebook=".Security::remove_XSS($_GET['gradebook'])."\" >".icon('../img/new_test_small.gif',get_lang('Qualify'))."</a>\n";
echo "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".$info_thread['forum_id']."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=list&amp;post=".$row['post_id']."&amp;user=".$row['poster_id']."&user_id=".$row['poster_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."&gradebook=".Security::remove_XSS($_GET['gradebook'])."\" >".icon('../img/new_test_small.gif',get_lang('Qualify'))."</a>";
}
} else {
if ($increment>0 && $user_status!=1 ) {
echo "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=list&amp;post=".$row['post_id']."&amp;user=".$row['poster_id']."&user_id=".$row['poster_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."\" >".icon('../img/new_test_small.gif',get_lang('Qualify'))."</a>\n";
echo "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=list&amp;post=".$row['post_id']."&amp;user=".$row['poster_id']."&user_id=".$row['poster_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."\" >".icon('../img/new_test_small.gif',get_lang('Qualify'))."</a>";
}
}
}
@ -82,8 +82,8 @@ if (isset($current_thread['thread_id'])){
if ($current_forum_category['locked']==0 AND $current_forum['locked']==0 AND $current_thread['locked']==0 OR api_is_allowed_to_edit(false,true)) {
if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id'])) {
if (!api_is_anonymous() && api_is_allowed_to_session_edit(false,true)) {
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$row['post_id'].'&amp;action=replymessage&origin='.$origin.'">'.Display :: return_icon('message_reply_forum.png', get_lang('ReplyToMessage'))."</a>\n";
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$row['post_id'].'&amp;action=quote&origin='.$origin.'">'.Display :: return_icon('quote.gif', get_lang('QuoteMessage'))."</a>\n";
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$row['post_id'].'&amp;action=replymessage&origin='.$origin.'">'.Display :: return_icon('message_reply_forum.png', get_lang('ReplyToMessage'))."</a>";
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$row['post_id'].'&amp;action=quote&origin='.$origin.'">'.Display :: return_icon('quote.gif', get_lang('QuoteMessage'))."</a>";
}
}
} else {
@ -97,7 +97,7 @@ if (isset($current_thread['thread_id'])){
echo get_lang('ThreadLocked').'<br />';
}
}
echo "</td>\n";
echo "</td>";
// show the
if (isset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]) and !empty($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]) and !empty($whatsnew_post_info[$_GET['forum']][$row['thread_id']])) {
$post_image=icon('../img/forumpostnew.gif');
@ -108,13 +108,13 @@ if (isset($current_thread['thread_id'])){
$post_image.=icon('../img/forumnotification.gif',get_lang('YouWillBeNotified'));
}
// The post title
echo "\t\t<td class=\"$titleclass\">".prepare4display(Security::remove_XSS($row['post_title'], STUDENT))."</td>\n";
echo "\t</tr>\n";
echo "<td class=\"$titleclass\">".prepare4display(Security::remove_XSS($row['post_title'], STUDENT))."</td>";
echo "</tr>";
// The post message
echo "\t<tr>\n";
echo "\t\t<td class=\"$messageclass\">".prepare4display(Security::remove_XSS($row['post_text'], STUDENT))."</td>\n";
echo "\t</tr>\n";
echo "<tr>";
echo "<td class=\"$messageclass\">".prepare4display(Security::remove_XSS($row['post_text'], STUDENT))."</td>";
echo "</tr>";
// The check if there is an attachment

32
main/forum/viewthread_nested.inc.php
Unescape View File

@ -40,8 +40,8 @@ foreach ($rows as $post) {
$indent=$post['indent_cnt']*'20';
echo "<div style=\"margin-left: ".$indent."px;\">";
echo "<table width=\"100%\" class=\"post\" cellspacing=\"5\" border=\"0\">\n";
echo "\t<tr>\n";
echo "<table width=\"100%\" class=\"post\" cellspacing=\"5\" border=\"0\">";
echo "\t<tr>";
echo "\t\t<td rowspan=\"3\" class=\"$leftclass\">";
if ($post['user_id']=='0') {
$name=$post['poster_name'];
@ -59,14 +59,14 @@ foreach ($rows as $post) {
// The user who posted it can edit his thread only if the course admin allowed this in the properties of the forum
// The course admin him/herself can do this off course always
if (($current_forum['allow_edit']==1 AND $post['user_id']==$_user['user_id']) or (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session']))) {
echo "<a href=\"editpost.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;origin=".$origin."&amp;post=".$post['post_id']."&id_attach=".$id_attach."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>\n";
echo "<a href=\"editpost.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;origin=".$origin."&amp;post=".$post['post_id']."&id_attach=".$id_attach."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>";
}
if (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session'])) {
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=delete&amp;content=post&amp;id=".$post['post_id']."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang("DeletePost"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>\n";
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=delete&amp;content=post&amp;id=".$post['post_id']."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang("DeletePost"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>";
display_visible_invisible_icon('post', $post['post_id'], $post['visible'],array('forum'=>Security::remove_XSS($_GET['forum']),'thread'=>Security::remove_XSS($_GET['thread']) ));
echo "\n";
echo "";
if ($count>0) {
echo "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=move&amp;origin=".$origin."&amp;post=".$post['post_id']."\">".icon('../img/deplacer_fichier.gif',get_lang('MovePost'))."</a>\n";
echo "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=move&amp;origin=".$origin."&amp;post=".$post['post_id']."\">".icon('../img/deplacer_fichier.gif',get_lang('MovePost'))."</a>";
}
}
$userinf=api_get_user_info($post['user_id']);
@ -74,7 +74,7 @@ foreach ($rows as $post) {
if (api_is_allowed_to_edit(null,true)) {
if ($count>0 && $user_status!=1) {
$current_qualify_thread=show_qualify('1',$_GET['cidReq'],$_GET['forum'],$post['user_id'],$_GET['thread']);
echo "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=list&amp;post=".$post['post_id']."&amp;user=".$post['user_id']."&user_id=".$post['user_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."\" >".icon('../img/new_test_small.gif',get_lang('Qualify'))."</a>\n";
echo "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=list&amp;post=".$post['post_id']."&amp;user=".$post['user_id']."&user_id=".$post['user_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."\" >".icon('../img/new_test_small.gif',get_lang('Qualify'))."</a>";
}
}
//echo '<br /><br />';
@ -82,8 +82,8 @@ foreach ($rows as $post) {
if ($current_forum_category['locked']==0 AND $current_forum['locked']==0 AND $current_thread['locked']==0 OR api_is_allowed_to_edit(false,true)) {
if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id'])) {
if (!api_is_anonymous() && api_is_allowed_to_session_edit(false,true)) {
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$post['post_id'].'&amp;action=replymessage&amp;origin='. $origin .'">'.Display :: return_icon('message_reply_forum.png', get_lang('ReplyToMessage'))."</a>\n";
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$post['post_id'].'&amp;action=quote&amp;origin='. $origin .'">'.Display :: return_icon('quote.gif', get_lang('QuoteMessage'))."</a>\n";
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$post['post_id'].'&amp;action=replymessage&amp;origin='. $origin .'">'.Display :: return_icon('message_reply_forum.png', get_lang('ReplyToMessage'))."</a>";
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$post['post_id'].'&amp;action=quote&amp;origin='. $origin .'">'.Display :: return_icon('quote.gif', get_lang('QuoteMessage'))."</a>";
}
}
} else {
@ -97,7 +97,7 @@ foreach ($rows as $post) {
echo get_lang('ThreadLocked').'<br />';
}
}
echo "</td>\n";
echo "</td>";
// note: this can be removed here because it will be displayed in the tree
if (isset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$post['post_id']]) and !empty($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$post['post_id']]) and !empty($whatsnew_post_info[$_GET['forum']][$post['thread_id']])) {
$post_image=icon('../img/forumpostnew.gif');
@ -108,13 +108,13 @@ foreach ($rows as $post) {
$post_image.=icon('../img/forumnotification.gif',get_lang('YouWillBeNotified'));
}
// The post title
echo "\t\t<td class=\"$titleclass\">".prepare4display(Security::remove_XSS($post['post_title'], STUDENT))."</td>\n";
echo "\t</tr>\n";
echo "\t\t<td class=\"$titleclass\">".prepare4display(Security::remove_XSS($post['post_title'], STUDENT))."</td>";
echo "\t</tr>";
// The post message
echo "\t<tr>\n";
echo "\t\t<td class=\"$messageclass\">".prepare4display(Security::remove_XSS($post['post_text'], STUDENT))."</td>\n";
echo "\t</tr>\n";
echo "\t<tr>";
echo "\t\t<td class=\"$messageclass\">".prepare4display(Security::remove_XSS($post['post_text'], STUDENT))."</td>";
echo "\t</tr>";
// The check if there is an attachment
@ -139,7 +139,7 @@ foreach ($rows as $post) {
// The post has been displayed => it can be removed from the what's new array
unset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]);
unset($_SESSION['whatsnew_post_info'][$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]);
echo "</table>\n";
echo "</table>";
echo "</div>";
$count++;
}

32
main/forum/viewthread_threaded.inc.php
Unescape View File

@ -95,7 +95,7 @@ foreach ($rows as $post) {
$class='';
}
$count_loop=($count==0)?'&id=1' : '';
$thread_structure.= "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;post=".$post['post_id']."&amp;origin=$origin$count_loop\" $class>".prepare4display(Security::remove_XSS($post['post_title'],STUDENT))."</a></div>\n";
$thread_structure.= "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;post=".$post['post_id']."&amp;origin=$origin$count_loop\" $class>".prepare4display(Security::remove_XSS($post['post_title'],STUDENT))."</a></div>";
$prev_next_array[]=$post['post_id'];
}
$count++;
@ -180,8 +180,8 @@ else
// we mark the image we are displaying as set
unset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$rows[$display_post_id]['post_id']]);
echo "<table width=\"100%\" class=\"post\" cellspacing=\"5\" border=\"0\">\n";
echo "\t<tr>\n";
echo "<table width=\"100%\" class=\"post\" cellspacing=\"5\" border=\"0\">";
echo "\t<tr>";
echo "\t\t<td rowspan=\"3\" class=\"$leftclass\">";
if ($rows[$display_post_id]['user_id']=='0') {
$name=prepare4display($rows[$display_post_id]['poster_name']);
@ -200,13 +200,13 @@ $id_attach = !empty($attachment_list)?$attachment_list['id']:'';
// The course admin him/herself can do this off course always
if (($current_forum['allow_edit']==1 AND $rows[$display_post_id]['user_id']==$_user['user_id']) or (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session'])))
{
echo "<a href=\"editpost.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;origin=".$origin."&amp;post=".$rows[$display_post_id]['post_id']."&id_attach=".$id_attach."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>\n";
echo "<a href=\"editpost.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;origin=".$origin."&amp;post=".$rows[$display_post_id]['post_id']."&id_attach=".$id_attach."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>";
}
if (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session']))
{
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=delete&amp;content=post&amp;id=".$rows[$display_post_id]['post_id']."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang("DeletePost"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>\n";
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=delete&amp;content=post&amp;id=".$rows[$display_post_id]['post_id']."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang("DeletePost"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>";
display_visible_invisible_icon('post', $rows[$display_post_id]['post_id'], $rows[$display_post_id]['visible'],array('forum'=>Security::remove_XSS($_GET['forum']),'thread'=>Security::remove_XSS($_GET['thread']), 'post'=>Security::remove_XSS($_GET['post']) ));
echo "\n";
echo "";
//verified the post minor
$my_post=get_posts($_GET['thread']);
$id_posts=array();
@ -221,7 +221,7 @@ if (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_f
$post_minor=(int)$id_posts[0];
$post_id = isset($_GET['post'])?(int)$_GET['post']:0;
if (!isset($_GET['id']) && $post_id>$post_minor) {
echo "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;origin=".$origin."&amp;action=move&amp;post=".$rows[$display_post_id]['post_id']."\">".icon('../img/deplacer_fichier.gif',get_lang('MovePost'))."</a>\n";
echo "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;origin=".$origin."&amp;action=move&amp;post=".$rows[$display_post_id]['post_id']."\">".icon('../img/deplacer_fichier.gif',get_lang('MovePost'))."</a>";
}
}
$userinf=api_get_user_info($rows[$display_post_id]['user_id']);
@ -232,7 +232,7 @@ if (api_is_allowed_to_edit(null,true)) {
if($user_status!=1)
{
$current_qualify_thread=show_qualify('1',$_GET['cidReq'],$_GET['forum'],$rows[$display_post_id]['user_id'],$_GET['thread']);
echo "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=list&amp;post=".$rows[$display_post_id]['post_id']."&amp;user=".$rows[$display_post_id]['user_id']."&user_id=".$rows[$display_post_id]['user_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."\" >".icon('../img/new_test_small.gif',get_lang('Qualify'))."</a>\n";
echo "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=list&amp;post=".$rows[$display_post_id]['post_id']."&amp;user=".$rows[$display_post_id]['user_id']."&user_id=".$rows[$display_post_id]['user_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."\" >".icon('../img/new_test_small.gif',get_lang('Qualify'))."</a>";
}
}
}
@ -243,8 +243,8 @@ if ($current_forum_category['locked']==0 AND $current_forum['locked']==0 AND $cu
if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id']))
{
if (!api_is_anonymous() && api_is_allowed_to_session_edit(false,true)) {
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$rows[$display_post_id]['post_id'].'&amp;action=replymessage&amp;origin='. $origin .'">'.Display :: return_icon('message_reply_forum.png', get_lang('ReplyToMessage'))."</a>\n";
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$rows[$display_post_id]['post_id'].'&amp;action=quote&amp;origin='. $origin .'">'.Display :: return_icon('quote.gif', get_lang('QuoteMessage'))."</a>\n";
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$rows[$display_post_id]['post_id'].'&amp;action=replymessage&amp;origin='. $origin .'">'.Display :: return_icon('message_reply_forum.png', get_lang('ReplyToMessage'))."</a>";
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$rows[$display_post_id]['post_id'].'&amp;action=quote&amp;origin='. $origin .'">'.Display :: return_icon('quote.gif', get_lang('QuoteMessage'))."</a>";
}
}
}
@ -263,7 +263,7 @@ else
echo get_lang('ThreadLocked').'<br />';
}
}
echo "</td>\n";
echo "</td>";
// note: this can be removed here because it will be displayed in the tree
if (isset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$rows[$display_post_id]['post_id']]) and !empty($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$rows[$display_post_id]['post_id']]) and !empty($whatsnew_post_info[$_GET['forum']][$rows[$display_post_id]['thread_id']]))
{
@ -278,13 +278,13 @@ if ($rows[$display_post_id]['post_notification']=='1' AND $rows[$display_post_id
$post_image.=icon('../img/forumnotification.gif',get_lang('YouWillBeNotified'));
}
// The post title
echo "\t\t<td class=\"$titleclass\">".prepare4display(Security::remove_XSS($rows[$display_post_id]['post_title'], STUDENT))."</td>\n";
echo "\t</tr>\n";
echo "\t\t<td class=\"$titleclass\">".prepare4display(Security::remove_XSS($rows[$display_post_id]['post_title'], STUDENT))."</td>";
echo "\t</tr>";
// The post message
echo "\t<tr>\n";
echo "\t\t<td class=\"$messageclass\">".prepare4display(Security::remove_XSS($rows[$display_post_id]['post_text'], STUDENT))."</td>\n";
echo "\t</tr>\n";
echo "\t<tr>";
echo "\t\t<td class=\"$messageclass\">".prepare4display(Security::remove_XSS($rows[$display_post_id]['post_text'], STUDENT))."</td>";
echo "\t</tr>";
// The check if there is an attachment
$attachment_list = get_attachment($display_post_id);

33
main/gradebook/gradebook.php
Unescape View File

@ -402,38 +402,25 @@ if (!isset($_GET['exportpdf']) and !isset($_GET['export_certificate'])) {
'name' => get_lang('ToolGradebook')
);
Display :: display_header(get_lang('FlatView'));
}
elseif (isset ($_GET['search'])) {
} elseif (isset ($_GET['search'])) {
if ($_SESSION['gradebook_dest'] == 'index.php') {
$gradebook_dest = Security::remove_XSS($_SESSION['gradebook_dest']).'?cidReq='.Security::remove_XSS($_GET['course']).'&amp;';
} else {
$gradebook_dest = Security::remove_XSS($_SESSION['gradebook_dest']);
}
$interbreadcrumb[]= array (
'url' => $gradebook_dest,
'name' => get_lang('Gradebook')
);
$interbreadcrumb[]= array ('url' => $gradebook_dest,'name' => get_lang('Gradebook'));
if ((isset($_GET['selectcat']) && $_GET['selectcat']>0)) {
if ((isset($_GET['selectcat']) && $_GET['selectcat']>0)) {
if (!empty($_GET['course'])) {
$interbreadcrumb[]= array (
'url' => $gradebook_dest.'selectcat='.Security::remove_XSS($_GET['selectcat']),
'name' => get_lang('Details')
);
$interbreadcrumb[]= array ('url' => $gradebook_dest.'selectcat='.Security::remove_XSS($_GET['selectcat']),'name' => get_lang('Details'));
} else {
$interbreadcrumb[]= array (
'url' => $_SESSION['gradebook_dest'].'?selectcat=0',
'name' => get_lang('Details')
);
}
}
Display :: display_header('');
$interbreadcrumb[]= array ('url' => $_SESSION['gradebook_dest'].'?selectcat=0','name' => get_lang('Details'));
}
}
Display :: display_header('');
} else {
Display :: display_header('');
}
}

2
main/gradebook/gradebook_flatview.php
Unescape View File

@ -262,6 +262,8 @@ if (!empty($_POST['export_report']) && $_POST['export_report'] == 'export_report
require_once 'gradebook_result.class.php';
$printable_data = get_printable_data($users, $alleval, $alllinks);
//exit;
switch($_POST['export_format']) {
case 'xls':

1
main/gradebook/lib/fe/flatviewtable.class.php
Unescape View File

@ -24,6 +24,7 @@ class FlatViewTable extends SortableTable
function FlatViewTable ($selectcat, $users= array (), $evals= array (), $links= array (), $limit_enabled = false, $offset = 0, $addparams = null) {
parent :: __construct ('flatviewlist', null, null, (api_is_western_name_order() xor api_sort_by_first_name()) ? 1 : 0);
$this->datagen = new FlatViewDataGenerator($users, $evals, $links);
$this->selectcat = $selectcat;
$this->limit_enabled = $limit_enabled;
$this->offset = $offset;

44
main/gradebook/lib/flatview_data_generator.class.php
Unescape View File

@ -48,20 +48,25 @@ class FlatViewDataGenerator
/**
* Get array containing column header names (incl user columns)
*/
public function get_header_names ($items_start = 0, $items_count = null) {
public function get_header_names ($items_start = 0, $items_count = null , $show_detail = false) {
$headers = array();
$headers[] = get_lang('LastName');
$headers[] = get_lang('FirstName');
if (!isset($items_count)) {
$items_count = count($this->evals_links) - $items_start;
}
for ($count=0;
($count < $items_count ) && ($items_start + $count < count($this->evals_links));
$count++) {
for ($count=0; ($count < $items_count ) && ($items_start + $count < count($this->evals_links)); $count++) {
$item = $this->evals_links [$count + $items_start];
$headers[] = $item->get_name();
if ($show_detail == true) {
$headers[] = $item->get_name().' ('.get_lang('Detail').')';
}
}
$headers[] = get_lang('GradebookQualificationTotal');
if ($show_detail == true) {
$headers[] = get_lang('GradebookQualificationTotal').' ('.get_lang('Detail').')';
}
return $headers;
}
@ -91,10 +96,9 @@ class FlatViewDataGenerator
* 2: user firstname
* 3+: evaluation/link scores
*/
public function get_data ($users_sorting = 0,
$users_start = 0, $users_count = null,
public function get_data ($users_sorting = 0, $users_start = 0, $users_count = null,
$items_start = 0, $items_count = null,
$ignore_score_color = false) {
$ignore_score_color = false, $show_all = false) {
// do some checks on users/items counts, redefine if invalid values
if (!isset($users_count)) {
$users_count = count ($this->users) - $users_start;
@ -120,9 +124,11 @@ class FlatViewDataGenerator
} elseif ($users_sorting & self :: FVDG_SORT_FIRSTNAME) {
usort($usertable, array ('FlatViewDataGenerator','sort_by_first_name'));
}
if ($users_sorting & self :: FVDG_SORT_DESC) {
$usertable = array_reverse($usertable);
}
// select the requested users
$selected_users = array_slice($usertable, $users_start, $users_count);
// generate actual data array
@ -144,22 +150,30 @@ class FlatViewDataGenerator
$item_value=0;
$item_total=0;
for ($count=0;
($count < $items_count ) && ($items_start + $count < count($this->evals_links));
$count++) {
for ($count=0; ($count < $items_count ) && ($items_start + $count < count($this->evals_links)); $count++) {
$item = $this->evals_links [$count + $items_start];
$score = $item->calc_score($user[0]);
$divide=( ($score[1])==0 ) ? 1 : $score[1];
$item_value+=round($score[0]/$divide*$item->get_weight(),2);
$item_total+=$item->get_weight();
$row[] = $scoredisplay->display_score($score,SCORE_DIV_PERCENT);
if ($show_all == false) {
$row[] = $scoredisplay->display_score($score,SCORE_DIV_PERCENT);
} else {
$row[] = $scoredisplay->display_score($score, SCORE_DECIMAL);
$row[] = $scoredisplay->display_score($score, SCORE_DIV_PERCENT);
}
}
$total_score=array($item_value,$item_total);
$row[] = $scoredisplay->display_score($total_score,SCORE_DIV_PERCENT);
if ($show_all == false) {
$row[] = $scoredisplay->display_score($total_score,SCORE_DIV_PERCENT);
} else {
$row[] = $scoredisplay->display_score($total_score,SCORE_DECIMAL);
$row[] = $scoredisplay->display_score($total_score,SCORE_DIV_PERCENT);
}
unset($score);
$data[] = $row;
}
$data[] = $row;
}
return $data;
}

5
main/gradebook/lib/gradebook_functions.inc.php
Unescape View File

@ -302,8 +302,9 @@ function get_printable_data($users,$alleval, $alllinks) {
$datagen = new FlatViewDataGenerator ($users, $alleval, $alllinks);
$offset = isset($_GET['offset']) ? $_GET['offset'] : '0';
$count = (($offset + 10) > $datagen->get_total_items_count()) ? ($datagen->get_total_items_count() - $offset) : 10;
$header_names = $datagen->get_header_names($offset, $count);
$data_array = $datagen->get_data(FlatViewDataGenerator :: FVDG_SORT_LASTNAME, 0, null, $offset, $count, true);
$header_names = $datagen->get_header_names($offset, $count, true);
$data_array = $datagen->get_data(FlatViewDataGenerator :: FVDG_SORT_LASTNAME, 0, null, $offset, $count, true,true);
$newarray = array();
foreach ($data_array as $data) {
$newarray[] = array_slice($data, 1);

25
main/gradebook/lib/scoredisplay.class.php
Unescape View File

@ -5,6 +5,8 @@ define('SCORE_DIV',1);
define('SCORE_PERCENT',2);
define('SCORE_DIV_PERCENT',3);
define('SCORE_AVERAGE',4);
define('SCORE_DECIMAL',5);
define('SCORE_IGNORE_SPLIT', 8);
define('SCORE_BOTH',1);
define('SCORE_ONLY_DEFAULT',2);
@ -233,11 +235,14 @@ class ScoreDisplay
* @param int $what one of the following constants: SCORE_BOTH, SCORE_ONLY_DEFAULT, SCORE_ONLY_CUSTOM (default: SCORE_BOTH)
* (only taken into account if custom score display is enabled and for course/platform admin)
*/
public function display_score($score,$type,$what = SCORE_BOTH) {
$type2 = $type & 7; // removes the 'SCORE_IGNORE_SPLIT' bit
public function display_score($score,$type, $what = SCORE_BOTH) {
$type2 = $type & 7; // removes the 'SCORE_IGNORE_SPLIT' bit
$split_enabled = ($type2 == $type);
$my_score=($score==0) ? 1 : $score;
if ($this->custom_enabled && isset($this->custom_display_conv)) {
if ($this->custom_enabled && isset($this->custom_display_conv)) {
// students only see the custom display
if (!api_is_allowed_to_create_course()) {
$display = $this->display_custom($my_score);
@ -254,8 +259,8 @@ class ScoreDisplay
$display.= ' ('.$this->display_custom ($my_score).')';
}
} else {
// if no custom display set, use default display
} else {
// if no custom display set, use default display
$display = $this->display_default ($my_score, $type2);
}
return (($split_enabled ? $this->get_color_display_start_tag($my_score) : '')
@ -278,9 +283,17 @@ class ScoreDisplay
case SCORE_AVERAGE : // XX %
return $this->display_as_percent($score);
case SCORE_DECIMAL : // 0.50 (X/Y)
return $this->display_as_decimal($score);
}
}
private function display_as_decimal($score) {
$score_denom=($score[1]==0) ? 1 : $score[1];
return round(($score[0]/ $score_denom),2);
}
private function display_as_percent ($score) {
$score_denom=($score[1]==0) ? 1 : $score[1];
return round(($score[0] / $score_denom) * 100,2) . ' %';

BIN
main/img/calendar_global.png
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 946 B

BIN
main/img/loading1.gif
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 673 B

32
main/inc/ajax/user_manager.ajax.php
Unescape View File

@ -3,6 +3,7 @@
/**
* Responses to AJAX calls
*/
$language_file = array('admin', 'registration');
require_once '../global.inc.php';
require_once api_get_path(LIBRARY_PATH).'usermanager.lib.php';
$action = $_GET['a'];
@ -36,6 +37,37 @@ switch ($action) {
<?php
}
break;
case 'active_user':
if (api_is_platform_admin()) {
$user_id = intval($_GET['user_id']);
$status = intval($_GET['status']);
if (!empty($user_id)) {
$user_table = Database :: get_main_table(TABLE_MAIN_USER);
$sql="UPDATE $user_table SET active='".$status."' WHERE user_id='".Database::escape_string($user_id)."'";
$result = Database::query($sql);
//Send and email if account is active
if ($status == 1) {
$user_info = api_get_user_info($user_id);
$recipient_name = api_get_person_name($user_info['firstname'], $user_info['lastname'], null, PERSON_NAME_EMAIL_ADDRESS);
$emailsubject = '['.api_get_setting('siteName').'] '.get_lang('YourReg').' '.api_get_setting('siteName');
$email_admin = api_get_setting('emailAdministrator');
$sender_name = api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'), null, PERSON_NAME_EMAIL_ADDRESS);
$emailbody=get_lang('Dear')." ".stripslashes($recipient_name).",\n\n";
$emailbody.=sprintf(get_lang('YourAccountOnXHasJustBeenApprovedByOneOfOurAdministrators'), api_get_setting('siteName'))."\n";
$emailbody.=sprintf(get_lang('YouCanNowLoginAtXUsingTheLoginAndThePasswordYouHaveProvided'), api_get_path(WEB_PATH)).",\n\n";
$emailbody.=get_lang('HaveFun')."\n\n";
//$emailbody.=get_lang('Problem'). "\n\n". get_lang('Formula');
$emailbody.=api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'))."\n". get_lang('Manager'). " ".api_get_setting('siteName')."\nT. ".api_get_setting('administratorTelephone')."\n" .get_lang('Email') ." : ".api_get_setting('emailAdministrator');
$result = api_mail($recipient_name, $user_info['mail'], $emailsubject, $emailbody, $sender_name, $email_admin);
}
}
} else {
echo '';
}
break;
default:
echo '';

18
main/inc/lib/events.lib.inc.php
Unescape View File

@ -1,4 +1,4 @@
<?php // $Id: events.lib.inc.php 22205 2009-07-17 21:11:52Z cfasanando $
<?php
/* See license terms in /license.txt */
/**
* EVENTS LIBRARY
@ -178,7 +178,8 @@ function event_access_tool($tool, $id_session=0)
global $_course;
global $TABLETRACK_LASTACCESS; //for "what's new" notification
$id_session = api_get_session_id();
$id_session = api_get_session_id();
$tool = Database::escape_string($tool);
$reallyNow = time();
$user_id = $_user['user_id'] ? "'".$_user['user_id']."'" : "0"; // no one
// record information
@ -201,7 +202,7 @@ function event_access_tool($tool, $id_session=0)
VALUES
(".$user_id.",".// Don't add ' ' around value, it's already done.
"'".$_cid."' ,
'".htmlspecialchars($tool, ENT_QUOTES)."',
'".$tool."',
FROM_UNIXTIME(".$reallyNow."),
'".$id_session."')";
$res = Database::query($sql);
@ -209,14 +210,11 @@ function event_access_tool($tool, $id_session=0)
// "what's new" notification
$sql = "UPDATE $TABLETRACK_LASTACCESS
SET access_date = FROM_UNIXTIME($reallyNow)
WHERE access_user_id = ".$user_id." AND access_cours_code = '".$_cid."' AND access_tool = '".htmlspecialchars($tool, ENT_QUOTES)."' AND access_session_id=".$id_session;
WHERE access_user_id = ".$user_id." AND access_cours_code = '".$_cid."' AND access_tool = '".$tool."' AND access_session_id=".$id_session;
$res = Database::query($sql);
if (Database::affected_rows() == 0)
{
$sql = "INSERT INTO $TABLETRACK_LASTACCESS
(access_user_id,access_cours_code,access_tool, access_date, access_session_id)
VALUES
(".$user_id.", '".$_cid."' , '".htmlspecialchars($tool, ENT_QUOTES)."', FROM_UNIXTIME($reallyNow), $id_session)";
if (Database::affected_rows() == 0) {
$sql = "INSERT INTO $TABLETRACK_LASTACCESS (access_user_id,access_cours_code,access_tool, access_date, access_session_id)
VALUES (".$user_id.", '".$_cid."' , '".$tool."', FROM_UNIXTIME($reallyNow), $id_session)";
$res = Database::query($sql);
}
return 1;

47
main/inc/lib/fileManage.lib.php
Unescape View File

@ -579,33 +579,38 @@ class FileManager
Database::query($query);
}
/**
* Like in Java, creates the directory named by this abstract pathname,
* including any necessary but nonexistent parent directories.
*
* @author Hugues Peeters <peeters@ipm.ucl.ac.be>
* @author Christophe Gesche <gesche@ipm.ucl.ac.be>
*
* @param string $path - path to create
* @param string $mode - directory permission (default is '770')
*
* @return boolean TRUE if succeeds FALSE otherwise
*/
function mkdirs($path, $mode = '0770') {
if (file_exists($path)) {
return false;
} else {
FileManager :: mkdirs(dirname($path), $mode);
//mkdir($path, $mode);
return true;
}
}
} //end class FileManager
/* DEPRECATED FUNCTIONS */
/**
* Like in Java, creates the directory named by this abstract pathname,
* including any necessary but nonexistent parent directories.
*
* @author Hugues Peeters <peeters@ipm.ucl.ac.be>
* @author Christophe Gesche <gesche@ipm.ucl.ac.be>
*
* @param string $path - path to create
* @param string $mode - directory permission (default is '770')
*
* @return boolean TRUE if succeeds FALSE otherwise
*/
function mkdirs($path, $mode = '0770') {
if (file_exists($path)) {
return false;
} else {
FileManager :: mkdirs(dirname($path), $mode);
//mkdir($path, $mode);
return true;
}
}
/**
* @deprecated 06-FEB-2010. The function mkdir() is able to create directories recursively.
* @link http://php.net/manual/en/function.mkdir.php

7
main/inc/lib/fileUpload.lib.php
Unescape View File

@ -1017,13 +1017,13 @@ function search_img_from_html($html_file) {
*/
function create_unexisting_directory($_course, $user_id, $to_group_id, $to_user_id, $base_work_dir, $desired_dir_name, $title = null, $visibility = '') {
$nb = '';
while (file_exists($base_work_dir.$desired_dir_name.$nb)) {
while (file_exists($base_work_dir.$desired_dir_name.$nb)) {
$nb += 1;
}
if($title == null) {
$title = basename($desired_dir_name);
}
if (mkdir($base_work_dir.$desired_dir_name.$nb, api_get_permissions_for_new_directories(), true)) {
// Check if pathname already exists inside document table
$tbl_document = Database::get_course_table(TABLE_DOCUMENT, $_course['dbName']);
@ -1043,7 +1043,8 @@ function create_unexisting_directory($_course, $user_id, $to_group_id, $to_user_
return $desired_dir_name.$nb;
}
} else {
return false;
//This means the folder NOT exist in the filesystem (now this was created) but there is a record in the Database
return $desired_dir_name.$nb;
}
} else {
return false;

94
main/inc/lib/groupmanager.lib.php
Unescape View File

@ -15,6 +15,8 @@ require_once 'course.lib.php';
require_once 'tablesort.lib.php';
require_once 'fileManage.lib.php';
require_once 'fileUpload.lib.php';
require_once 'document.lib.php';
/**
* infinite
*/
@ -207,17 +209,14 @@ class GroupManager {
calendar_state = '".$category['calendar_state']."', work_state = '".$category['work_state']."', announcements_state = '".$category['announcements_state']."', forum_state = '".$category['forum_state']."', wiki_state = '".$category['wiki_state']."', chat_state = '".$category['chat_state']."', self_registration_allowed = '".$category['self_reg_allowed']."', self_unregistration_allowed = '".$category['self_unreg_allowed']."', session_id='".Database::escape_string($my_id_session)."'";
Database::query($sql);
$lastId = Database::insert_id();
/*$secret_directory = uniqid("")."_team_".$lastId;
while (is_dir(api_get_path(SYS_COURSE_PATH).$currentCourseRepository."/group/$secret_directory"))
{
$secret_directory = uniqid("")."_team_".$lastId;
}
FileManager :: mkdirs(api_get_path(SYS_COURSE_PATH).$currentCourseRepository."/group/".$secret_directory, api_get_permissions_for_new_directories());
*/
$desired_dir_name= '/'.replace_dangerous_char($name,'strict').'_groupdocs';
$dir_name = create_unexisting_directory($_course,$_user['user_id'],$lastId,NULL,api_get_path(SYS_COURSE_PATH).$currentCourseRepository.'/document',$desired_dir_name);
$my_path = api_get_path(SYS_COURSE_PATH).$currentCourseRepository.'/document';
$unique_name = create_unexisting_directory($_course,$_user['user_id'],$lastId,NULL,$my_path, $desired_dir_name);
/* Stores the directory path into the group table */
$sql = "UPDATE ".$table_group." SET name = '".Database::escape_string($name)."', secret_directory = '".$dir_name."' WHERE id ='".$lastId."'";
$sql = "UPDATE ".$table_group." SET name = '".Database::escape_string($name)."', secret_directory = '".$unique_name."' WHERE id ='".$lastId."'";
Database::query($sql);
// create a forum if needed
@ -356,14 +355,11 @@ class GroupManager {
*/
public static function delete_groups ($group_ids, $course_code = null) {
$course_db = '';
if ($course_code != null)
{
if ($course_code != null) {
$course = Database :: get_course_info($course_code);
$course['path'] = $course['directory'];
$course_db = $course['database'];
}
else
{
} else {
$course = api_get_course_info();
}
@ -393,25 +389,43 @@ class GroupManager {
// define repository for deleted element
$group_garbage = api_get_path(SYS_ARCHIVE_PATH).$course['path']."/group/";
/* Useless code
$group_garbage = api_get_path(SYS_ARCHIVE_PATH).$course['path']."/group";
var_dump($group_garbage);
if (!file_exists($group_garbage))
FileManager :: mkdirs($group_garbage, api_get_permissions_for_new_directories());
*/
// Unsubscribe all users
self :: unsubscribe_all_users($group_ids);
$sql = 'SELECT id, secret_directory, session_id FROM '.$group_table.' WHERE id IN ('.implode(' , ', $group_ids).')';
$db_result = Database::query($sql);
$forum_ids = array ();
while ($group = Database::fetch_object($db_result))
{
while ($group = Database::fetch_object($db_result)) {
// move group-documents to garbage
$source_directory = api_get_path(SYS_COURSE_PATH).$course['path']."/group/".$group->secret_directory;
$destination_directory = $group_garbage.$group->secret_directory;
if (file_exists($source_directory))
{
rename($source_directory, $destination_directory);
//$source_directory = api_get_path(SYS_COURSE_PATH).$course['path']."/group/".$group->secret_directory;
$source_directory = api_get_path(SYS_COURSE_PATH).$course['path']."/document".$group->secret_directory;
//File to renamed
$destination_dir = api_get_path(SYS_COURSE_PATH).$course['path']."/document".$group->secret_directory.'_DELETED_'.$group->id;
if (!empty($group->secret_directory)) {
//Deleting from document tool
DocumentManager::delete_document($course, $group->secret_directory, $source_directory);
if (file_exists($source_directory)) {
if (api_get_setting('permanently_remove_deleted_files') == 'true') {
//Delete
my_delete($source_directory);
} else {
//Rename
rename($source_directory, $destination_dir);
}
}
}
//$forum_ids[] = $group->forum_id;
}
// delete the groups
$sql = "DELETE FROM ".$group_table." WHERE id IN ('".implode("' , '", $group_ids)."')";
Database::query($sql);
@ -1278,15 +1292,14 @@ class GroupManager {
$user_id = Database::escape_string($user_id);
$sql = "SELECT tutor_id FROM ".$course_user_table."
WHERE `user_id`='".$user_id."'
AND `course_code`='".$_course['sysCode']."'"."AND tutor_id=1";
WHERE user_id='".$user_id."' AND course_code='".$_course['sysCode']."'"."AND tutor_id=1";
$db_result = Database::query($sql);
$result = (Database::num_rows($db_result) > 0);
return $result;
}
/**
* Get all group's from a given course in which a given user is ubscribed
* Get all group's from a given course in which a given user is unsubscribed
* @author Patrick Cool
* @param string $course_db: the database of the course you want to
* retrieve the groups for
@ -1294,22 +1307,21 @@ class GroupManager {
* group memberships
*/
public static function get_group_ids ($course_db,$user_id) {
$groups = array();
$tbl_group = Database::get_course_table(TABLE_GROUP_USER,$course_db);
$user_id = Database::escape_string($user_id);
$sql = "SELECT group_id FROM $tbl_group WHERE user_id = '$user_id'";
$groupres = Database::query($sql);
// uncommenting causes a bug in Agenda AND announcements because there we check if the return value of this function is an array or not
//$groups=array();
if($groupres)
{
while ($myrow= Database::fetch_array($groupres))
$groups[]=$myrow['group_id'];
}
return $groups;
$groups = array();
$tbl_group = Database::get_course_table(TABLE_GROUP_USER,$course_db);
$user_id = Database::escape_string($user_id);
$sql = "SELECT group_id FROM $tbl_group WHERE user_id = '$user_id'";
$groupres = Database::query($sql);
// uncommenting causes a bug in Agenda AND announcements because there we check if the return value of this function is an array or not
//$groups=array();
if($groupres) {
while ($myrow= Database::fetch_array($groupres))
$groups[]=$myrow['group_id'];
}
return $groups;
}
/*
-----------------------------------------------------------

91
main/inc/lib/main_api.lib.php
Unescape View File

@ -1436,13 +1436,22 @@ class api_failure {
/* CONFIGURATION SETTINGS */
/**
* Gets the current Chamilo (not PHP/cookie) session ID, if active
* Gets the current Chamilo (not PHP/cookie) session ID
* @return int O if no active session, the session ID otherwise
*/
function api_get_session_id() {
return empty($_SESSION['id_session']) ? 0 : (int)$_SESSION['id_session'];
return empty($_SESSION['id_session']) ? 0 : intval($_SESSION['id_session']);
}
/**
* Gets the current Chamilo (not social network) group ID
* @return int O if no active session, the session ID otherwise
*/
function api_get_group_id() {
return empty($_SESSION['_gid']) ? 0 : intval($_SESSION['_gid']);
}
/**
* Gets the current or given session name
* @param int Session ID (optional)
@ -2319,19 +2328,20 @@ function api_get_item_visibility($_course, $tool, $id) {
function api_item_property_update($_course, $tool, $item_id, $lastedit_type, $user_id, $to_group_id = 0, $to_user_id = null, $start_visible = 0, $end_visible = 0, $session_id = 0) {
// Definition of variables
$tool = Database::escape_string($tool);
$item_id = Database::escape_string($item_id);
$lastedit_type = Database::escape_string($lastedit_type);
$user_id = Database::escape_string($user_id);
$to_group_id = Database::escape_string($to_group_id);
$to_user_id = Database::escape_string($to_user_id);
$start_visible = Database::escape_string($start_visible);
$end_visible = Database::escape_string($end_visible);
$start_visible = ($start_visible == 0) ? '0000-00-00 00:00:00' : $start_visible;
$end_visible = ($end_visible == 0) ? '0000-00-00 00:00:00' : $end_visible;
$to_filter = '';
$time = time();
$time = date('Y-m-d H:i:s', $time);
$tool = Database::escape_string($tool);
$item_id = Database::escape_string($item_id);
$lastedit_type = Database::escape_string($lastedit_type);
$user_id = Database::escape_string($user_id);
$to_group_id = Database::escape_string($to_group_id);
$to_user_id = Database::escape_string($to_user_id);
$start_visible = Database::escape_string($start_visible);
$end_visible = Database::escape_string($end_visible);
$start_visible = ($start_visible == 0) ? '0000-00-00 00:00:00' : $start_visible;
$end_visible = ($end_visible == 0) ? '0000-00-00 00:00:00' : $end_visible;
$to_filter = '';
$time = time();
$time = date('Y-m-d H:i:s', $time);
if (!empty($session_id)) {
$session_id = intval($session_id);
} else {
@ -2379,8 +2389,10 @@ function api_item_property_update($_course, $tool, $item_id, $lastedit_type, $us
$to_filter = " AND to_group_id='$to_group_id' $condition_session"; // Set filter to intended group
}
}
// Update if possible
$set_type = '';
switch ($lastedit_type) {
case 'delete' : // delete = make item only visible for the platform admin
$visibility = '2';
@ -2395,18 +2407,14 @@ function api_item_property_update($_course, $tool, $item_id, $lastedit_type, $us
SET lastedit_type='".str_replace('_', '', ucwords($tool))."Deleted', lastedit_date='$time', lastedit_user_id='$user_id', visibility='$visibility', id_session = '$session_id' $set_type
WHERE $filter";
} else {
$sql = "INSERT INTO $TABLE_ITEMPROPERTY
(tool, ref, insert_date, insert_user_id, lastedit_date, lastedit_type, lastedit_user_id,$to_field, visibility, start_visible, end_visible, id_session)
VALUES ('$tool','$item_id','$time', '$user_id', '$time', '$lastedit_type','$user_id', '$to_value', '$visibility', '$start_visible','$end_visible', '$session_id')";
$sql = "INSERT INTO $TABLE_ITEMPROPERTY (tool, ref, insert_date, insert_user_id, lastedit_date, lastedit_type, lastedit_user_id,$to_field, visibility, start_visible, end_visible, id_session)
VALUES ('$tool','$item_id','$time', '$user_id', '$time', '$lastedit_type','$user_id', '$to_value', '$visibility', '$start_visible','$end_visible', '$session_id')";
}
} else {
$sql = "UPDATE $TABLE_ITEMPROPERTY
SET lastedit_type='".str_replace('_', '', ucwords($tool))."Deleted', lastedit_date='$time', lastedit_user_id='$user_id', visibility='$visibility' $set_type
WHERE $filter";
$sql = "UPDATE $TABLE_ITEMPROPERTY SET lastedit_type='".str_replace('_', '', ucwords($tool))."Deleted', lastedit_date='$time', lastedit_user_id='$user_id', visibility='$visibility' $set_type
WHERE $filter";
}
break;
case 'visible' : // Change item to visible
$visibility = '1';
@ -2421,18 +2429,14 @@ function api_item_property_update($_course, $tool, $item_id, $lastedit_type, $us
SET lastedit_type='".str_replace('_', '', ucwords($tool))."Visible', lastedit_date='$time', lastedit_user_id='$user_id', visibility='$visibility', id_session = '$session_id' $set_type
WHERE $filter";
} else {
$sql = "INSERT INTO $TABLE_ITEMPROPERTY
(tool, ref, insert_date, insert_user_id, lastedit_date, lastedit_type, lastedit_user_id,$to_field, visibility, start_visible, end_visible, id_session)
VALUES ('$tool','$item_id','$time', '$user_id', '$time', '$lastedit_type','$user_id', '$to_value', '$visibility', '$start_visible','$end_visible', '$session_id')";
$sql = "INSERT INTO $TABLE_ITEMPROPERTY (tool, ref, insert_date, insert_user_id, lastedit_date, lastedit_type, lastedit_user_id,$to_field, visibility, start_visible, end_visible, id_session)
VALUES ('$tool','$item_id','$time', '$user_id', '$time', '$lastedit_type','$user_id', '$to_value', '$visibility', '$start_visible','$end_visible', '$session_id')";
}
} else {
} else {
$sql = "UPDATE $TABLE_ITEMPROPERTY
SET lastedit_type='".str_replace('_', '', ucwords($tool))."Visible', lastedit_date='$time', lastedit_user_id='$user_id', visibility='$visibility' $set_type
WHERE $filter";
SET lastedit_type='".str_replace('_', '', ucwords($tool))."Visible', lastedit_date='$time', lastedit_user_id='$user_id', visibility='$visibility' $set_type
WHERE $filter";
}
break;
case 'invisible' : // Change item to invisible
$visibility = '0';
@ -2447,34 +2451,29 @@ function api_item_property_update($_course, $tool, $item_id, $lastedit_type, $us
SET lastedit_type='".str_replace('_', '', ucwords($tool))."Invisible', lastedit_date='$time', lastedit_user_id='$user_id', visibility='$visibility', id_session = '$session_id' $set_type
WHERE $filter";
} else {
$sql = "INSERT INTO $TABLE_ITEMPROPERTY
(tool, ref, insert_date, insert_user_id, lastedit_date, lastedit_type, lastedit_user_id,$to_field, visibility, start_visible, end_visible, id_session)
VALUES ('$tool','$item_id','$time', '$user_id', '$time', '$lastedit_type','$user_id', '$to_value', '$visibility', '$start_visible','$end_visible', '$session_id')";
$sql = "INSERT INTO $TABLE_ITEMPROPERTY (tool, ref, insert_date, insert_user_id, lastedit_date, lastedit_type, lastedit_user_id,$to_field, visibility, start_visible, end_visible, id_session)
VALUES ('$tool','$item_id','$time', '$user_id', '$time', '$lastedit_type','$user_id', '$to_value', '$visibility', '$start_visible','$end_visible', '$session_id')";
}
} else {
$sql = "UPDATE $TABLE_ITEMPROPERTY
SET lastedit_type='".str_replace('_', '', ucwords($tool))."Invisible', lastedit_date='$time', lastedit_user_id='$user_id', visibility='$visibility' $set_type
WHERE $filter";
SET lastedit_type='".str_replace('_', '', ucwords($tool))."Invisible', lastedit_date='$time', lastedit_user_id='$user_id', visibility='$visibility' $set_type
WHERE $filter";
}
break;
default : // The item will be added or updated
$set_type = ", lastedit_type='$lastedit_type' ";
$visibility = '1';
$filter .= $to_filter;
$sql = "UPDATE $TABLE_ITEMPROPERTY
SET lastedit_date='$time', lastedit_user_id='$user_id' $set_type
WHERE $filter";
}
SET lastedit_date='$time', lastedit_user_id='$user_id' $set_type
WHERE $filter";
}
$res = Database::query($sql);
// Insert if no entries are found (can only happen in case of $lastedit_type switch is 'default')
if (Database::affected_rows() == 0) {
$sql = "INSERT INTO $TABLE_ITEMPROPERTY
(tool,ref,insert_date,insert_user_id,lastedit_date,lastedit_type, lastedit_user_id,$to_field, visibility, start_visible, end_visible, id_session)
VALUES ('$tool','$item_id','$time', '$user_id', '$time', '$lastedit_type','$user_id', '$to_value','$visibility','$start_visible','$end_visible', '$session_id')";
$sql = "INSERT INTO $TABLE_ITEMPROPERTY (tool,ref,insert_date,insert_user_id,lastedit_date,lastedit_type, lastedit_user_id,$to_field, visibility, start_visible, end_visible, id_session)
VALUES ('$tool','$item_id','$time', '$user_id', '$time', '$lastedit_type','$user_id', '$to_value','$visibility','$start_visible','$end_visible', '$session_id')";
$res = Database::query($sql);
if (!$res) {
return false;

4
main/inc/lib/security.lib.php
Unescape View File

@ -1,12 +1,12 @@
<?php
/* For licensing terms, see /license.txt */
/**
* This is the security library for Dokeos.
* This is the security library for Chamilo.
*
* This library is based on recommendations found in the PHP5 Certification
* Guide published at PHP|Architect, and other recommendations found on
* http://www.phpsec.org/
* The principles here are that all data is tainted (most scripts of Dokeos are
* The principles here are that all data is tainted (most scripts of Chamilo are
* open to the public or at least to a certain public that could be malicious
* under specific circumstances). We use the white list approach, where as we
* consider that data can only be used in the database or in a file if it has

2
main/install/update-db-1.8.5-1.8.6.inc.php
Unescape View File

@ -196,7 +196,7 @@ if (defined('SYSTEM_INSTALLATION')) {
</h1>
</td>
<td style="width: 50%;">
<img style="width: 100px; height: 100px;" alt="dokeos logo" src="{COURSE_DIR}images/logo_dokeos.png"></td>
<img alt="Chamilo logo" src="{COURSE_DIR}images/logo_dokeos.png"></td>
</tr>
</tbody>
</table>

33
main/link/linkfunctions.php
Unescape View File

@ -224,18 +224,18 @@ function deletelinkcategory($type) {
}
if ($type == 'category') {
global $id;
if (isset($_GET['id']) && !empty($_GET['id'])) {
// First we delete the category itself and afterwards all the links of this category.
$sql = "DELETE FROM ".$tbl_categories." WHERE id='".intval($_GET['id'])."'";
Database::query($sql);
$sql = "DELETE FROM ".$tbl_link." WHERE category_id='".intval($_GET['id'])."'";
$catlinkstatus = get_lang('CategoryDeleted');
unset ($id);
Database::query($sql);
// First we delete the category itself and afterwards all the links of this category.
$sql = "DELETE FROM ".$tbl_categories." WHERE id='".Database::escape_string(Security::remove_XSS($_GET['id']))."'";
Database::query($sql);
$sql = "DELETE FROM ".$tbl_link." WHERE category_id='".Database::escape_string(Security::remove_XSS($_GET['id']))."'";
$catlinkstatus = get_lang('CategoryDeleted');
unset ($id);
Database::query($sql);
Display::display_confirmation_message(get_lang('CategoryDeleted'));
Display::display_confirmation_message(get_lang('CategoryDeleted'));
}
}
}
@ -328,7 +328,7 @@ function editlinkcategory($type) {
}
// Finding the old category_id
$sql = "SELECT * FROM ".$tbl_link." WHERE id='".Database::escape_string(Security::remove_XSS($_POST['id']))."'";
$sql = "SELECT * FROM ".$tbl_link." WHERE id='".intval($_POST['id'])."'";
$result = Database::query($sql);
$row = Database::fetch_array($result);
$category_id = $row['category_id'];
@ -342,7 +342,14 @@ function editlinkcategory($type) {
$max_display_order = $row['display_order'];
}
$sql = "UPDATE ".$tbl_link." set url='".Database::escape_string(Security::remove_XSS($_POST['urllink']))."', title='".Database::escape_string(Security::remove_XSS($_POST['title']))."', description='".Database::escape_string(Security::remove_XSS($_POST['description']))."', category_id='".Database::escape_string(Security::remove_XSS($_POST['selectcategory']))."', display_order='".$max_display_order."', on_homepage='".Database::escape_string(Security::remove_XSS($onhomepage))." ' $mytarget WHERE id='".Database::escape_string(Security::remove_XSS($_POST['id']))."'";
$sql = "UPDATE ".$tbl_link." SET " .
"url='".Database::escape_string($_POST['urllink'])."', " .
"title='".Database::escape_string($_POST['title'])."', " .
"description='".Database::escape_string($_POST['description'])."', " .
"category_id='".Database::escape_string($_POST['selectcategory'])."', " .
"display_order='".$max_display_order."', " .
"on_homepage='".Database::escape_string($onhomepage)." ' $mytarget " .
" WHERE id='".Database::escape_string($_POST['id'])."'";
Database::query($sql);
// Update search enchine and its values table if enabled
@ -453,7 +460,7 @@ function editlinkcategory($type) {
// This is used to put the modified info of the category-form into the database
if ($submit_category) {
$sql = "UPDATE ".$tbl_categories." set category_title='".Database::escape_string(Security::remove_XSS($_POST['category_title']))."', description='".Database::escape_string(Security::remove_XSS($_POST['description']))."' WHERE id='".Database::escape_string(Security::remove_XSS($_POST['id']))."'";
$sql = "UPDATE ".$tbl_categories." set category_title='".Database::escape_string($_POST['category_title'])."', description='".Database::escape_string($_POST['description'])."' WHERE id='".Database::escape_string($_POST['id'])."'";
Database::query($sql);
Display::display_confirmation_message(get_lang('CategoryModded'));
}

82
main/newscorm/learnpath.class.php
Unescape View File

@ -633,7 +633,7 @@ class learnpath {
"default_encoding,display_order,content_maker," .
"content_local,js_lib,session_id) " .
"VALUES ($type,'$name','$description','','embedded'," .
"'UTF-8','$dsp','Dokeos'," .
"'UTF-8','$dsp','Chamilo'," .
"'local','','".Database::escape_string($session_id)."')";
//if($this->debug>2){error_log('New LP - Inserting new lp '.$sql_insert,0);}
$res_insert = Database::query($sql_insert);
@ -4710,12 +4710,17 @@ class learnpath {
if (is_numeric($item_id)) {
$tbl_lp_item = Database :: get_course_table(TABLE_LP_ITEM);
$tbl_doc = Database :: get_course_table(TABLE_DOCUMENT);
$sql = "SELECT lp.*
FROM " . $tbl_lp_item . " as lp
WHERE lp.id = " . Database :: escape_string($item_id);
$sql = "SELECT lp.* FROM " . $tbl_lp_item . " as lp
WHERE lp.id = " . Database :: escape_string($item_id);
$result = Database::query($sql);
while ($row = Database :: fetch_array($result)) {
while ($row = Database :: fetch_array($result)) {
$_SESSION['parent_item_id'] = ($row['item_type'] == 'dokeos_chapter' || $row['item_type'] == 'dokeos_module' || $row['item_type'] == 'dir') ? $item_id : 0;
//Prevents wrong parent selection for document see Bug#1251
if ($row['item_type'] != 'dokeos_chapter' || $row['item_type'] != 'dokeos_module') {
$_SESSION['parent_item_id'] = $row['parent_item_id'];
}
$return .= $this->display_manipulate($item_id, $row['item_type']);
$return .= '<div style="padding:10px;">';
if ($msg != '')
@ -5032,10 +5037,10 @@ class learnpath {
reset($arrLP);
}
$return .= "\t\t\t\t" . '</select>';
$return .= "\t\t\t" . '</td>' . "\n";
$return .= "\t\t" . '</tr>' . "\n";
$return .= "\t\t" . '<tr>' . "\n";
$return .= '</select>';
$return .= '</td>';
$return .= '</tr>';
$return .= '<tr>';
$return .= "\t\t\t" . '<td class="label"><label for="idPosition">' . get_lang('Position') . '</label></td>' . "\n";
$return .= "\t\t\t" . '<td class="input">' . "\n";
@ -5991,14 +5996,12 @@ class learnpath {
$path_parts = pathinfo($extra_info['path']);
$item_title = stripslashes($path_parts['filename']);
}
}
elseif (is_numeric($extra_info)) {
$sql_doc = "SELECT path, title
FROM " . $tbl_doc . "
WHERE id = " . Database :: escape_string($extra_info);
} elseif (is_numeric($extra_info)) {
$sql_doc = "SELECT path, title FROM " . $tbl_doc . "
WHERE id = " . Database :: escape_string($extra_info);
$result = Database::query($sql_doc);
$row = Database :: fetch_array($result);
$row = Database :: fetch_array($result);
$explode = explode('.', $row['title']);
@ -6028,32 +6031,26 @@ class learnpath {
else
$parent = 0;
$sql = "
SELECT *
FROM " . $tbl_lp_item . "
WHERE
lp_id = " . $this->lp_id;
$sql = "SELECT * FROM " . $tbl_lp_item . "
WHERE lp_id = " . $this->lp_id;
$result = Database::query($sql);
$arrLP = array ();
while ($row = Database :: fetch_array($result)) {
$arrLP[] = array (
'id' => $row['id'],
'item_type' => $row['item_type'],
'title' => $row['title'],
'path' => $row['path'],
'description' => $row['description'],
'parent_item_id' => $row['parent_item_id'],
'previous_item_id' => $row['previous_item_id'],
'next_item_id' => $row['next_item_id'],
'display_order' => $row['display_order'],
'max_score' => $row['max_score'],
'min_score' => $row['min_score'],
'mastery_score' => $row['mastery_score'],
'prerequisite' => $row['prerequisite']
);
'id' => $row['id'],
'item_type' => $row['item_type'],
'title' => $row['title'],
'path' => $row['path'],
'description' => $row['description'],
'parent_item_id' => $row['parent_item_id'],
'previous_item_id' => $row['previous_item_id'],
'next_item_id' => $row['next_item_id'],
'display_order' => $row['display_order'],
'max_score' => $row['max_score'],
'min_score' => $row['min_score'],
'mastery_score' => $row['mastery_score'],
'prerequisite' => $row['prerequisite']
);
}
$this->tree_array($arrLP);
@ -6069,8 +6066,8 @@ class learnpath {
$return .= get_lang("EditTheCurrentDocument") . "\n";
}
$return .= ' </div>
</div>';
$return .= '</div>
</div>';
if (isset ($_GET['edit']) && $_GET['edit'] == 'true') {
$return .= Display :: return_warning_message('<strong>' . get_lang("Warning") . ' !</strong><br />' . get_lang("WarningEditingDocument"), false);
@ -6112,6 +6109,7 @@ class learnpath {
}
}
}
$parent_select = & $form->addElement('select', 'parent', get_lang('Parent'), '', 'class="learnpath_item_form" style="width:40%;" onchange="load_cbo(this.value);"');
$my_count=0;
foreach ($arrHide as $key => $value) {
@ -6125,13 +6123,15 @@ class learnpath {
}
$my_count++;
}
if (!empty ($id)) {
$parent_select->setSelected($parent);
} else {
} else {
$parent_item_id = $_SESSION['parent_item_id'];
$parent_select->setSelected($parent_item_id);
}
if (is_array($arrLP)) {
reset($arrLP);

282
main/newscorm/lp_add_item.php
Unescape View File

@ -1,28 +1,8 @@
<?php // $Id: index.php 16620 2008-10-25 20:03:54Z yannoo $
/*
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2004-2008 Dokeos SPRL
Copyright (c) 2003 Ghent University (UGent)
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact: Dokeos, rue Notre Dame, 152, B-1140 Evere, Belgium, info@dokeos.com
==============================================================================
*/
<?php
/* For licensing terms, see /license.txt */
/**
==============================================================================
* This is a learning path creation and player tool in Dokeos - previously
* learnpath_handler.php
*
@ -31,23 +11,17 @@
* @author Roan Embrechts, refactoring and code cleaning
* @author Yannick Warnier <ywarnier@beeznest.org> - cleaning and update
* @author Julio Montoya - Improving the list of templates
* @package dokeos.learnpath
==============================================================================
* @package chamilo.learnpath
*/
/*
==============================================================================
INIT SECTION
==============================================================================
*/
$this_section=SECTION_COURSES;
api_protect_course_script();
/*
-----------------------------------------------------------
Libraries
-----------------------------------------------------------
*/
//the main_api.lib.php, database.lib.php and display.lib.php
//libraries are included by default
@ -57,12 +31,10 @@ include('learnpath_functions.inc.php');
include('resourcelinker.inc.php');
//rewrite the language file, sadly overwritten by resourcelinker.inc.php
// name of the language file that needs to be included
$language_file = "learnpath";
$language_file = 'learnpath';
/*
-----------------------------------------------------------
Header and action code
-----------------------------------------------------------
*/
$htmlHeadXtra[] = '
<script type="text/javascript">
@ -72,15 +44,13 @@ var temp2=false;
var use_document_title='.api_get_setting('use_document_title').';
var load_default_template = '. ((isset($_POST['submit']) || empty($_SERVER['QUERY_STRING'])) ? 'false' : 'true' ) .';
function FCKeditor_OnComplete( editorInstance )
{
function FCKeditor_OnComplete( editorInstance ) {
editorInstance.Events.AttachEvent( \'OnSelectionChange\', check_for_title ) ;
document.getElementById(\'frmModel\').innerHTML = "<iframe height=890px width=230px; frameborder=0 src=\''.api_get_path(WEB_LIBRARY_PATH).'fckeditor/editor/fckdialogframe.html \'>";
}
function check_for_title()
{
if(temp==true){
function check_for_title() {
if (temp==true) {
// This functions shows that you can interact directly with the editor area
// DOM. In this way you have the freedom to do anything you want with it.
@ -133,15 +103,11 @@ function check_for_title()
temp=true;
}
function InnerDialogLoaded()
{
if (document.all)
{
function InnerDialogLoaded() {
if (document.all) {
// if is iexplorer
var B=new window.frames.content_lp___Frame.FCKToolbarButton(\'Templates\',window.content_lp___Frame.FCKLang.Templates);
}
else
{
} else {
var B=new window.frames[0].FCKToolbarButton(\'Templates\',window.frames[0].FCKLang.Templates);
}
@ -152,9 +118,7 @@ function InnerDialogLoaded()
$htmlHeadXtra[] = $_SESSION['oLP']->create_js();
/*
-----------------------------------------------------------
Constants and variables
-----------------------------------------------------------
*/
$is_allowed_to_edit = api_is_allowed_to_edit(null,true);
@ -180,19 +144,16 @@ $prereq = $_REQUEST['prereq'];
$type = $_REQUEST['type'];
*/
/*
==============================================================================
MAIN CODE
==============================================================================
*/
// using the resource linker as a tool for adding resources to the learning path
if ($action=="add" and $type=="learnpathitem")
{
if ($action=="add" and $type=="learnpathitem") {
$htmlHeadXtra[] = "<script language='JavaScript' type='text/javascript'> window.location=\"../resourcelinker/resourcelinker.php?source_id=5&action=$action&learnpath_id=$learnpath_id&chapter_id=$chapter_id&originalresource=no\"; </script>";
}
if ( (! $is_allowed_to_edit) or ($isStudentView) )
{
if ( (! $is_allowed_to_edit) or ($isStudentView) ) {
error_log('New LP - User not authorized in lp_add_item.php');
header('location:lp_controller.php?action=view&lp_id='.$learnpath_id);
exit;
}
//from here on, we are admin because of the previous condition, so don't check anymore
@ -202,14 +163,12 @@ $therow=Database::fetch_array($result);
//$admin_output = '';
/*
-----------------------------------------------------------
Course admin section
- all the functions not available for students - always available in this case (page only shown to admin)
-----------------------------------------------------------
*/
/*==================================================
/*
SHOWING THE ADMIN TOOLS
==================================================*/
*/
if (isset($_SESSION['gradebook'])){
$gradebook= $_SESSION['gradebook'];
}
@ -224,7 +183,7 @@ if (!empty($gradebook) && $gradebook=='view') {
$interbreadcrumb[]= array ("url"=>"lp_controller.php?action=list", "name"=> get_lang("_learning_path"));
$interbreadcrumb[]= array ("url"=>api_get_self()."?action=build&lp_id=$learnpath_id", "name" => stripslashes("{$therow['name']}"));
switch($_GET['type']){
switch($_GET['type']) {
case 'chapter':
$interbreadcrumb[]= array ("url"=>"#", "name" => get_lang("NewChapter"));
break;
@ -270,19 +229,14 @@ function confirmation(name)
//echo $admin_output;
/*
-----------------------------------------------------------
DISPLAY SECTION
-----------------------------------------------------------
*/
echo $_SESSION['oLP']->build_action_menu();
echo '<table cellpadding="0" cellspacing="0" class="lp_build">';
echo '<tr>';
echo '<td class="tree">';
// show the template list
if (isset($_GET['type']) && $_GET['type']=='document' && !isset($_GET['file']))
{
if (isset($_GET['type']) && $_GET['type']=='document' && !isset($_GET['file'])) {
$count_items = count($_SESSION['oLP']->ordered_items);
$style = ($count_items > 12)?' style="height:250px;width:230px;overflow-x : auto; overflow-y : scroll;" ':' class="lp_tree" ';
echo '<div '.$style.'>';
@ -300,146 +254,90 @@ echo '<table cellpadding="0" cellspacing="0" class="lp_build">';
echo '</div>';
}
echo '</td>';
echo '<td class="workspace">';
if(isset($new_item_id) && is_numeric($new_item_id))
{
switch($_GET['type'])
{
case 'chapter':
echo $_SESSION['oLP']->display_manipulate($new_item_id, $_GET['type']);
Display::display_confirmation_message(get_lang('NewChapterCreated'));
break;
case TOOL_LINK:
echo $_SESSION['oLP']->display_manipulate($new_item_id, $_GET['type']);
Display::display_confirmation_message(get_lang('NewLinksCreated'));
break;
case TOOL_STUDENTPUBLICATION:
echo $_SESSION['oLP']->display_manipulate($new_item_id, $_GET['type']);
Display::display_confirmation_message(get_lang('NewStudentPublicationCreated'));
break;
case 'module':
echo $_SESSION['oLP']->display_manipulate($new_item_id, $_GET['type']);
Display::display_confirmation_message(get_lang('NewModuleCreated'));
break;
case TOOL_QUIZ:
echo $_SESSION['oLP']->display_manipulate($new_item_id, $_GET['type']);
Display::display_confirmation_message(get_lang('NewExerciseCreated'));
break;
case TOOL_DOCUMENT:
Display::display_confirmation_message(get_lang('NewDocumentCreated'));
echo $_SESSION['oLP']->display_item($new_item_id, true, $msg);
break;
case TOOL_FORUM:
echo $_SESSION['oLP']->display_manipulate($new_item_id, $_GET['type']);
Display::display_confirmation_message(get_lang('NewForumCreated'));
break;
case 'thread':
echo $_SESSION['oLP']->display_manipulate($new_item_id, $_GET['type']);
Display::display_confirmation_message(get_lang('NewThreadCreated'));
break;
}
if(isset($new_item_id) && is_numeric($new_item_id)) {
switch($_GET['type']) {
case 'chapter':
echo $_SESSION['oLP']->display_manipulate($new_item_id, $_GET['type']);
Display::display_confirmation_message(get_lang('NewChapterCreated'));
break;
case TOOL_LINK:
echo $_SESSION['oLP']->display_manipulate($new_item_id, $_GET['type']);
Display::display_confirmation_message(get_lang('NewLinksCreated'));
break;
case TOOL_STUDENTPUBLICATION:
echo $_SESSION['oLP']->display_manipulate($new_item_id, $_GET['type']);
Display::display_confirmation_message(get_lang('NewStudentPublicationCreated'));
break;
case 'module':
echo $_SESSION['oLP']->display_manipulate($new_item_id, $_GET['type']);
Display::display_confirmation_message(get_lang('NewModuleCreated'));
break;
case TOOL_QUIZ:
echo $_SESSION['oLP']->display_manipulate($new_item_id, $_GET['type']);
Display::display_confirmation_message(get_lang('NewExerciseCreated'));
break;
case TOOL_DOCUMENT:
Display::display_confirmation_message(get_lang('NewDocumentCreated'));
echo $_SESSION['oLP']->display_item($new_item_id, true, $msg);
break;
case TOOL_FORUM:
echo $_SESSION['oLP']->display_manipulate($new_item_id, $_GET['type']);
Display::display_confirmation_message(get_lang('NewForumCreated'));
break;
case 'thread':
echo $_SESSION['oLP']->display_manipulate($new_item_id, $_GET['type']);
Display::display_confirmation_message(get_lang('NewThreadCreated'));
break;
}
else
{
switch($_GET['type'])
{
case 'chapter':
echo $_SESSION['oLP']->display_item_form($_GET['type'], get_lang("EnterDataNewChapter"));
break;
case 'module':
echo $_SESSION['oLP']->display_item_form($_GET['type'], get_lang("EnterDataNewModule"));
break;
case 'document':
if(isset($_GET['file']) && is_numeric($_GET['file']))
{
echo $_SESSION['oLP']->display_document_form('add', 0, $_GET['file']);
}
else
{
echo $_SESSION['oLP']->display_document_form('add', 0);
}
break;
case 'hotpotatoes':
echo $_SESSION['oLP']->display_hotpotatoes_form('add', 0, $_GET['file']);
break;
case 'quiz':
echo $_SESSION['oLP']->display_quiz_form('add', 0, $_GET['file']);
break;
case 'forum':
echo $_SESSION['oLP']->display_forum_form('add', 0, $_GET['forum_id']);
break;
case 'thread':
echo $_SESSION['oLP']->display_thread_form('add', 0, $_GET['thread_id']);
break;
case 'link':
echo $_SESSION['oLP']->display_link_form('add', 0, $_GET['file']);
break;
case 'student_publication':
echo $_SESSION['oLP']->display_student_publication_form('add', 0, $_GET['file']);
break;
case 'step':
echo $_SESSION['oLP']->display_resources();
break;
}
} else {
switch($_GET['type']) {
case 'chapter':
echo $_SESSION['oLP']->display_item_form($_GET['type'], get_lang("EnterDataNewChapter"));
break;
case 'module':
echo $_SESSION['oLP']->display_item_form($_GET['type'], get_lang("EnterDataNewModule"));
break;
case 'document':
if(isset($_GET['file']) && is_numeric($_GET['file'])) {
echo $_SESSION['oLP']->display_document_form('add', 0, $_GET['file']);
} else {
echo $_SESSION['oLP']->display_document_form('add', 0);
}
break;
case 'hotpotatoes':
echo $_SESSION['oLP']->display_hotpotatoes_form('add', 0, $_GET['file']);
break;
case 'quiz':
echo $_SESSION['oLP']->display_quiz_form('add', 0, $_GET['file']);
break;
case 'forum':
echo $_SESSION['oLP']->display_forum_form('add', 0, $_GET['forum_id']);
break;
case 'thread':
echo $_SESSION['oLP']->display_thread_form('add', 0, $_GET['thread_id']);
break;
case 'link':
echo $_SESSION['oLP']->display_link_form('add', 0, $_GET['file']);
break;
case 'student_publication':
echo $_SESSION['oLP']->display_student_publication_form('add', 0, $_GET['file']);
break;
case 'step':
echo $_SESSION['oLP']->display_resources();
break;
}
}
echo '</td>';
echo '</tr>';
echo '</table>';
/*
==============================================================================
FOOTER
==============================================================================
*/
Display::display_footer();
?>

41
main/newscorm/lp_list.php
Unescape View File

@ -60,10 +60,8 @@ $current_session = api_get_session_id();
//api_display_tool_title($nameTools);
/*
-----------------------------------------------------------
Introduction section
(editable by course admins)
-----------------------------------------------------------
*/
Display::display_introduction_section(TOOL_LEARNPATH, array(
'CreateDocumentWebDir' => api_get_path(WEB_COURSE_PATH).api_get_course_path().'/document/',
@ -74,16 +72,12 @@ Display::display_introduction_section(TOOL_LEARNPATH, array(
$is_allowed_to_edit = api_is_allowed_to_edit(null,true);
if($is_allowed_to_edit)
{
/*--------------------------------------
if ($is_allowed_to_edit) {
/*
DIALOG BOX SECTION
--------------------------------------*/
*/
if (!empty($dialog_box))
{
if (!empty($dialog_box)) {
switch ($_GET['dialogtype'])
{
case 'confirmation':
@ -100,8 +94,7 @@ if($is_allowed_to_edit)
break;
}
}
if (api_failure::get_last_failure())
{
if (api_failure::get_last_failure()) {
Display::display_normal_message(api_failure::get_last_failure());
}
@ -157,8 +150,7 @@ if (!empty($curDirPath))
echo '<tr>';
echo '<th>'.get_lang('Title').'</th>'."\n" .
'<th>'.get_lang('Progress')."</th>\n";
if ($is_allowed_to_edit)
{
if ($is_allowed_to_edit) {
echo '<th>'.get_lang('CourseSettings')."</th>\n" .
//xport now is inside "Edit"
//'<th>'.get_lang('ExportShort')."</th>\n" .
@ -180,12 +172,10 @@ $flat_list = $list->get_flat_list();
$test_mode = api_get_setting('server_type');
$max = count($flat_list);
//var_dump($flat_list);
if (is_array($flat_list))
{
if (is_array($flat_list)) {
$counter = 0;
$current = 0;
foreach ($flat_list as $id => $details)
{
foreach ($flat_list as $id => $details) {
//validacion when belongs to a session
$session_img = api_get_session_image($details['lp_session'], $_user['status']);
@ -242,13 +232,10 @@ if (is_array($flat_list))
$lp_theme_css=$mystyle;
if($display_progress_bar)
{
$dsp_progress = '<td>'.learnpath::get_progress_bar('%',learnpath::get_db_progress($id,api_get_user_id()),'').'</td>';
}
else
{
$dsp_progress = '<td style="padding-top:1em;">'.learnpath::get_db_progress($id,api_get_user_id(),'both').'</td>';
if($display_progress_bar) {
$dsp_progress = '<td width="140px">'.learnpath::get_progress_bar('%',learnpath::get_db_progress($id,api_get_user_id()),'').'</td>';
} else {
$dsp_progress = '<td width="140px" style="padding-top:1em;">'.learnpath::get_db_progress($id,api_get_user_id(),'both').'</td>';
}
if($is_allowed_to_edit) {
@ -524,9 +511,7 @@ echo "</table>";
echo "<br/><br/>";
/*
==============================================================================
FOOTER
==============================================================================
*/
Display::display_footer();
?>
?>

32
main/newscorm/lp_view.php
Unescape View File

@ -391,6 +391,20 @@ window.onload = function() {
document.body.style.overflow = 'hidden';
updateContentHeight();
viewportheight = window.innerHeight;
//Fixing IE compatibility of window.innerHeight
var viewportheight = 0;
if( typeof( window.innerHeight ) == 'number' ) {
//Non-IE
viewportheight = window.innerHeight;
} else if( document.documentElement && ( document.documentElement.clientWidth || document.documentElement.clientHeight ) ) {
//IE 6+ in 'standards compliant mode'
viewportheight = document.documentElement.clientHeight;
} else if( document.body && ( document.body.clientWidth || document.body.clientHeight ) ) {
//IE 4 compatible
viewportheight = document.body.clientHeight;
}
document.getElementById('toc_id').style.height = viewportheight - 200 + "px";
}
@ -584,7 +598,21 @@ window.onload = function() {
rightZoneHeightOccupied = docHeight - initialRightZoneHeight;
document.body.style.overflow = 'hidden';
updateContentHeight();
viewportheight = window.innerHeight;
//Fixing IE compatibility of window.innerHeight
var viewportheight = 0;
if( typeof( window.innerHeight ) == 'number' ) {
//Non-IE
viewportheight = window.innerHeight;
} else if( document.documentElement && ( document.documentElement.clientWidth || document.documentElement.clientHeight ) ) {
//IE 6+ in 'standards compliant mode'
viewportheight = document.documentElement.clientHeight;
} else if( document.body && ( document.body.clientWidth || document.body.clientHeight ) ) {
//IE 4 compatible
viewportheight = document.body.clientHeight;
}
document.getElementById('toc_id').style.height = viewportheight - 200 + "px";
@ -633,4 +661,4 @@ window.onresize = updateContentHeight;
//Display::display_footer();
}
//restore global setting
$_setting['show_navigation_menu'] = $save_setting;
$_setting['show_navigation_menu'] = $save_setting;

34
main/resourcelinker/resourcelinker.inc.php
Unescape View File

@ -1,42 +1,18 @@
<?php // $Id: resourcelinker.inc.php 20468 2009-05-11 08:48:25Z ivantcholakov $
/*
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2004 Dokeos S.A.
Copyright (c) 2003 Ghent University (UGent)
Copyright (c) 2001 Universite catholique de Louvain (UCL)
Copyright (c) Patrick Cool (patrick.cool@ugent.be)
Copyright (c) Denes Nagy
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact: Dokeos, 181 rue Royale, B-1000 Brussels, Belgium, info@dokeos.com
==============================================================================
*/
/* For licensing terms, see /license.txt */
/**
==============================================================================
* @author Patrick Cool - original version
* @author Denes Nagy - further improvements for learning path builder
* @author Roan Embrechts - refactoring to improve code organisation
* @package dokeos.resourcelinker
* @package chamilo.resourcelinker
* @todo use the constants for the tools
* @todo use Database API instead of creating table names locally.
==============================================================================
* @this is still use?
*/
/*
==============================================================================
INIT SECTION
==============================================================================
*/
// name of the language file that needs to be included
@ -48,9 +24,7 @@ include_once(api_get_path(LIBRARY_PATH).'fileDisplay.lib.php');
include(api_get_path(SYS_CODE_PATH).'exercice/hotpotatoes.lib.php');
/*
==============================================================================
FUNCTIONS
==============================================================================
*/
function unset_session_resources()

34
main/resourcelinker/resourcelinker.php
Unescape View File

@ -1,42 +1,16 @@
<?php
/*
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2004-2005 Dokeos S.A.
Copyright (c) 2003 Ghent University (UGent)
Copyright (c) 2001 Universite catholique de Louvain (UCL)
Copyright (c) Patrick Cool (patrick.cool@ugent.be)
Copyright (c) Denes Nagy
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact: Dokeos, 181 rue Royale, B-1000 Brussels, Belgium, info@dokeos.com
==============================================================================
*/
/* For licensing terms, see /license.txt */
/**
==============================================================================
* @author Patrick Cool, original code
* @author Denes Nagy - many bugfixes and improvements, adjusted for learning path
* @author Roan Embrechts - refactoring, code cleaning
* @package dokeos.resourcelinker
* @todo reorganise code,
* use Database API instead of creating table names locally.
==============================================================================
*/
/*
==============================================================================
INIT SECTION
==============================================================================
*/
// name of the language file that needs to be included
//$language_file = 'resourcelinker';// TODO: Repeated deleting and moving the rest of this lang file to trad4all
@ -1037,11 +1011,7 @@ if ($showresources)
echo "</td></tr></table>";
/*
==============================================================================
FOOTER
==============================================================================
*/
Display :: display_footer();
?>
?>

36
main/social/groups.php
Unescape View File

@ -142,7 +142,7 @@ if (isset($_GET['view']) && in_array($_GET['view'],$allowed_views)) {
}
} else {
$interbreadcrumb[]= array ('url' =>'groups.php','name' => get_lang('Groups'));
$interbreadcrumb[]= array ('url' =>'#','name' => get_lang('MessageList'));
$interbreadcrumb[]= array ('url' =>'#','name' => get_lang('GroupList'));
}
Display :: display_header($tool_name, 'Groups');
@ -431,31 +431,54 @@ if ($group_id != 0 ) {
}
}
// display groups (newest, mygroups, pop)
echo '<div class="social-box-main1">';
if (isset($_GET['view']) && in_array($_GET['view'],$allowed_views)) {
$view_group = $_GET['view'];
switch ($view_group) {
case 'mygroups' :
if (count($grid_my_groups) > 0) {
echo '<div class="social-groups-text3">'.api_strtoupper(get_lang('MyGroups')).'</div>';
Display::display_sortable_grid('mygroups', array(), $grid_my_groups, array('hide_navigation'=>true, 'per_page' => 2), $query_vars, false, array(true, true, true,false));
Display::display_sortable_grid('mygroups', array(), $grid_my_groups, array('hide_navigation'=>true, 'per_page' => 2), $query_vars, false, array(true, true, true,false));
}
if (api_is_platform_admin() || api_get_setting('allow_students_to_create_groups_in_social') == 'true') {
if (empty($grid_my_groups)) {
echo '<a href="group_add.php">'.get_lang('YouShouldCreateAGroup').'</a>';
}
}
break;
case 'newest' :
if (count($grid_newest_groups) > 0) {
echo '<div class="social-groups-text3">'.api_strtoupper(get_lang('Newest')).'</div>';
Display::display_sortable_grid('newest', array(), $grid_newest_groups, array('hide_navigation'=>true, 'per_page' => 100), $query_vars, false, array(true, true, true,false));
}
if (api_is_platform_admin() || api_get_setting('allow_students_to_create_groups_in_social') == 'true') {
if (empty($grid_newest_groups)) {
echo '<a href="group_add.php">'.get_lang('YouShouldCreateAGroup').'</a>';
}
}
break;
default :
if (count($grid_pop_groups) > 0) {
echo '<div class="social-groups-text3">'.api_strtoupper(get_lang('Popular')).'</div>';
Display::display_sortable_grid('popular', array(), $grid_pop_groups, array('hide_navigation'=>true, 'per_page' => 100), $query_vars, false, array(true, true, true,true,true));
}
if (api_is_platform_admin() || api_get_setting('allow_students_to_create_groups_in_social') == 'true') {
if (empty($grid_pop_groups)) {
echo '<a href="group_add.php">'.get_lang('YouShouldCreateAGroup').'</a>';
}
}
break;
}
} else {
} else {
if (count($grid_my_groups) > 0) {
echo '<div class="social-groups-text3">'.api_strtoupper(get_lang('MyGroups')).'</div>';
Display::display_sortable_grid('mygroups', array(), $grid_my_groups, array('hide_navigation'=>true, 'per_page' => 2), $query_vars, false, array(true, true, true,false));
@ -468,6 +491,13 @@ if ($group_id != 0 ) {
echo '<div class="social-groups-text3">'.api_strtoupper(get_lang('Popular')).'</div>';
Display::display_sortable_grid('popular', array(), $grid_pop_groups, array('hide_navigation'=>true, 'per_page' => 100), $query_vars, false, array(true, true, true,true,true));
}
if (api_is_platform_admin() || api_get_setting('allow_students_to_create_groups_in_social') == 'true') {
if (empty($grid_my_groups) && empty($grid_newest_groups) && empty($grid_pop_groups) ) {
echo '<a href="group_add.php">'.get_lang('YouShouldCreateAGroup').'</a>';
}
}
}
echo '</div>';

8
main/survey/survey.lib.php
Unescape View File

@ -217,16 +217,16 @@ class survey_manager {
}
$sql = "INSERT INTO $table_survey (code, title, subtitle, author, lang, avail_from, avail_till, is_shared, template, intro, surveythanks, creation_date, anonymous".$additional['columns'].", session_id) VALUES (
'".Database::escape_string(strtolower(generate_course_code(api_substr($values['survey_code'],0))))."',
'".Database::escape_string(Security::remove_XSS(stripslashes(api_html_entity_decode($values['survey_title'])), COURSEMANAGERLOWSECURITY))."',
'".Database::escape_string(Security::remove_XSS(stripslashes(api_html_entity_decode($values['survey_subtitle'])), COURSEMANAGERLOWSECURITY))."',
'".Database::escape_string($values['survey_title'])."',
'".Database::escape_string($values['survey_subtitle'])."',
'".Database::escape_string($_user['user_id'])."',
'".Database::escape_string($values['survey_language'])."',
'".Database::escape_string($values['start_date'])."',
'".Database::escape_string($values['end_date'])."',
'".Database::escape_string($shared_survey_id)."',
'".Database::escape_string('template')."',
'".Database::escape_string(Security::remove_XSS(stripslashes(api_html_entity_decode($values['survey_introduction'])), COURSEMANAGERLOWSECURITY))."',
'".Database::escape_string(Security::remove_XSS(stripslashes(api_html_entity_decode($values['survey_thanks'])), COURSEMANAGERLOWSECURITY))."',
'".Database::escape_string($values['survey_introduction'])."',
'".Database::escape_string($values['survey_thanks'])."',
'".date('Y-m-d H:i:s')."',
'".Database::escape_string($values['anonymous'])."'".$additional['values'].",
".intval($_SESSION['id_session'])."

39
main/wiki/index.php
Unescape View File

@ -93,6 +93,10 @@ event_access_tool(TOOL_WIKI);
HEADER & TITLE
*/
// If it is a group wiki then the breadcrumbs will be different.
//Setting variable
$_clean['group_id'] = 0;
if ($_SESSION['_gid'] OR $_GET['group_id']) {
if (isset($_SESSION['_gid'])) {
@ -111,10 +115,10 @@ if ($_SESSION['_gid'] OR $_GET['group_id']) {
//ensure this tool in groups whe it's private or deactivated
if ($group_properties['wiki_state']==0) {
echo api_not_allowed();
api_not_allowed();
} elseif ($group_properties['wiki_state']==2) {
if (!api_is_allowed_to_edit(false,true) and !GroupManager :: is_user_in_group($_user['user_id'], $_SESSION['_gid'])) {
echo api_not_allowed();
api_not_allowed();
}
}
} else {
@ -448,6 +452,13 @@ if (!in_array($_GET['action'], array('addnew', 'searchpages', 'allpages', 'recen
echo '</div>';
}
//In new pages go to new page
if (isset($_POST['SaveWikiNew']))
{
display_wiki_entry(Security::remove_XSS($_POST['reflink']));
}
/////////////////////// more options /////////////////////// Juan Carlos Raña Trabado
//more for export to course document area. See display_wiki_entry
@ -1626,7 +1637,7 @@ if ($_GET['action']=='edit')
</select> %';
echo '<br/><br/>';
echo '<input type="hidden" name="wpost_id" value="'.md5(uniqid(rand(), true)).'">';//prevent double post
echo '<button class="save" type="submit" name="SaveWikiChange">'.get_lang('langSave').'</button>';//for save button Don't change name (see fckeditor/editor/plugins/customizations/fckplugin_compressed.js and fckplugin.js
echo '<button class="save" type="submit" name="SaveWikiChange">'.get_lang('Save').'</button>';//for save button Don't change name (see fckeditor/editor/plugins/customizations/fckplugin_compressed.js and fckplugin.js
echo '</div>';
echo '</form>';
}
@ -1839,18 +1850,14 @@ if ($_GET['action']=='history' or Security::remove_XSS($_POST['HistoryDifference
//rss feed. TODO:
//
if ($_GET['action']=='recentchanges')
{
if ($_GET['action']=='recentchanges') {
$_clean['group_id']=(int)$_SESSION['_gid'];
if ( api_is_allowed_to_session_edit(false,true) ) {
if (check_notify_all()==1)
{
if (check_notify_all()==1) {
$notify_all= '<img src="../img/wiki/send_mail_checked.gif" title="'.get_lang('FullNotifyByEmail').'" alt="'.get_lang('FullNotifyByEmail').'" style="vertical-align:middle;" />'.get_lang('NotNotifyChanges');
$lock_unlock_notify_all='unlocknotifyall';
}
else
{
} else {
$notify_all= '<img src="../img/wiki/send_mail.gif" title="'.get_lang('FullCancelNotifyByEmail').'" alt="'.get_lang('FullCancelNotifyByEmail').'" style="vertical-align:middle;"/>'.get_lang('NotifyChanges');
$lock_unlock_notify_all='locknotifyall';
}
@ -1869,14 +1876,12 @@ if ($_GET['action']=='recentchanges')
$sql='SELECT * FROM '.$tbl_wiki.', '.$tbl_wiki_conf.' WHERE '.$tbl_wiki_conf.'.page_id='.$tbl_wiki.'.page_id AND '.$tbl_wiki.'.'.$groupfilter.$condition_session.' ORDER BY dtime DESC'; // new version
}
else
{
} else {
$sql='SELECT * FROM '.$tbl_wiki.' WHERE '.$groupfilter.$condition_session.' AND visibility=1 ORDER BY dtime DESC'; // old version TODO: Replace by the bottom line
//$sql='SELECT * FROM '.$tbl_wiki.', '.$tbl_wiki_conf.' WHERE '.$tbl_wiki_conf.'.page_id='.$tbl_wiki.'.page_id AND visibility=1 AND '.$tbl_wiki.'.'.$groupfilter.' ORDER BY dtime DESC'; // new version
}
$allpages=Database::query($sql);
//show table
@ -2348,12 +2353,6 @@ if ($_GET['action']=='discuss')
}
}
///in new pages go to new page
if ($_POST['SaveWikiNew'])
{
display_wiki_entry(Security::remove_XSS($_POST['reflink']));
}
echo "</div>"; // echo "<div id='mainwiki'>";
echo "</div>"; // echo "<div id='wikiwrapper'>";

133
main/wiki/wiki.inc.php
Unescape View File

@ -270,16 +270,17 @@ function save_wiki() {
// NOTE: visibility, visibility_disc and ratinglock_disc changes are not made here, but through the interce buttons
// cleaning the variables
$_clean['page_id']=Database::escape_string($_POST['page_id']);
$_clean['reflink']=Database::escape_string(Security::remove_XSS($_POST['reflink']));
$_clean['title']=Database::escape_string(Security::remove_XSS($_POST['title']));
$_clean['content']= Database::escape_string(Security::remove_XSS(stripslashes(api_html_entity_decode($_POST['content'])),COURSEMANAGERLOWSECURITY));
$_clean['user_id']=(int)Database::escape_string(api_get_user_id());
$_clean['assignment']=Database::escape_string($_POST['assignment']);
$_clean['comment']=Database::escape_string(Security::remove_XSS($_POST['comment']));
$_clean['progress']=Database::escape_string($_POST['progress']);
$_clean['version']=Database::escape_string($_POST['version'])+1;
$_clean['linksto'] = links_to($_clean['content']); //and check links content
$_clean['page_id'] = Database::escape_string($_POST['page_id']);
$_clean['reflink'] = Database::escape_string($_POST['reflink']);
$_clean['title'] = Database::escape_string($_POST['title']);
$_clean['content'] = Database::escape_string($_POST['content']);
$_clean['user_id'] = api_get_user_id();
$_clean['assignment'] = Database::escape_string($_POST['assignment']);
$_clean['comment'] = Database::escape_string($_POST['comment']);
$_clean['progress'] = Database::escape_string($_POST['progress']);
$_clean['version'] = intval($_POST['version']) + 1 ;
$_clean['linksto'] = links_to($_clean['content']); //and check links content
$dtime = date( "Y-m-d H:i:s" );
$session_id = api_get_session_id();
@ -296,56 +297,55 @@ function save_wiki() {
if(!empty($_POST['task']))
{
$_clean['task']= Database::escape_string(Security::remove_XSS(stripslashes(api_html_entity_decode($_POST['task'])),COURSEMANAGERLOWSECURITY));
$_clean['task']= Database::escape_string($_POST['task']);
}
if(!empty($_POST['feedback1']) || !empty($_POST['feedback2']) || !empty($_POST['feedback3']))
{
$_clean['feedback1']=Database::escape_string(Security::remove_XSS($_POST['feedback1']));
$_clean['feedback2']=Database::escape_string(Security::remove_XSS($_POST['feedback2']));
$_clean['feedback3']=Database::escape_string(Security::remove_XSS($_POST['feedback3']));
$_clean['fprogress1']=Database::escape_string(Security::remove_XSS($_POST['fprogress1']));
$_clean['fprogress2']=Database::escape_string(Security::remove_XSS($_POST['fprogress2']));
$_clean['fprogress3']=Database::escape_string(Security::remove_XSS($_POST['fprogress3']));
if(!empty($_POST['feedback1']) || !empty($_POST['feedback2']) || !empty($_POST['feedback3'])) {
$_clean['feedback1']=Database::escape_string($_POST['feedback1']);
$_clean['feedback2']=Database::escape_string($_POST['feedback2']);
$_clean['feedback3']=Database::escape_string($_POST['feedback3']);
$_clean['fprogress1']=Database::escape_string($_POST['fprogress1']);
$_clean['fprogress2']=Database::escape_string($_POST['fprogress2']);
$_clean['fprogress3']=Database::escape_string($_POST['fprogress3']);
}
if(Security::remove_XSS($_POST['initstartdate']==1))
{
$_clean['startdate_assig']=Database::escape_string(Security::remove_XSS(get_date_from_select('startdate_assig')));
$_clean['startdate_assig']=Database::escape_string(get_date_from_select('startdate_assig'));
}
else
{
$_clean['startdate_assig']=Database::escape_string(Security::remove_XSS($_POST['startdate_assig']));
$_clean['startdate_assig']=Database::escape_string($_POST['startdate_assig']);
}
if(Security::remove_XSS($_POST['initenddate']==1))
{
$_clean['enddate_assig']=Database::escape_string(Security::remove_XSS(get_date_from_select('enddate_assig')));
$_clean['enddate_assig']=Database::escape_string(get_date_from_select('enddate_assig'));
}
else
{
$_clean['enddate_assig']=Database::escape_string(Security::remove_XSS($_POST['enddate_assig']));
$_clean['enddate_assig']=Database::escape_string($_POST['enddate_assig']);
}
$_clean['delayedsubmit']=Database::escape_string(Security::remove_XSS($_POST['delayedsubmit']));
$_clean['delayedsubmit']=Database::escape_string($_POST['delayedsubmit']);
if(!empty($_POST['max_text']) || !empty($_POST['max_version']))
{
$_clean['max_text']=Database::escape_string(Security::remove_XSS($_POST['max_text']));
$_clean['max_version']=Database::escape_string(Security::remove_XSS($_POST['max_version']));
$_clean['max_text'] =Database::escape_string($_POST['max_text']);
$_clean['max_version']=Database::escape_string($_POST['max_version']);
}
$sql = "INSERT INTO ".$tbl_wiki." (page_id, reflink, title, content, user_id, group_id, dtime, assignment, comment, progress, version, linksto, user_ip, session_id) VALUES ('".$_clean['page_id']."','".$_clean['reflink']."','".$_clean['title']."','".$_clean['content']."','".$_clean['user_id']."','".$_clean['group_id']."','".$dtime."','".$_clean['assignment']."','".$_clean['comment']."','".$_clean['progress']."','".$_clean['version']."','".$_clean['linksto']."','".Database::escape_string($_SERVER['REMOTE_ADDR'])."', '".Database::escape_string($session_id)."')";
$sql = "INSERT INTO ".$tbl_wiki." (page_id, reflink, title, content, user_id, group_id, dtime, assignment, comment, progress, version, linksto, user_ip, session_id)
VALUES ('".$_clean['page_id']."','".$_clean['reflink']."','".$_clean['title']."','".$_clean['content']."','".$_clean['user_id']."','".$_clean['group_id']."','".$dtime."','".$_clean['assignment']."','".$_clean['comment']."','".$_clean['progress']."','".$_clean['version']."','".$_clean['linksto']."','".Database::escape_string($_SERVER['REMOTE_ADDR'])."', '".Database::escape_string($session_id)."')";
$result=Database::query($sql);
$Id = Database::insert_id();
$result = Database::query($sql);
$Id = Database::insert_id();
if ($Id > 0) {
//insert into item_property
api_item_property_update(api_get_course_info(), TOOL_WIKI, $Id, 'WikiAdded', api_get_user_id(), $_clean['group_id']);
}
if ($_clean['page_id'] ==0)
{
if ($_clean['page_id'] ==0) {
$sql='UPDATE '.$tbl_wiki.' SET page_id="'.$Id.'" WHERE id="'.$Id.'"';
Database::query($sql);
}
@ -354,7 +354,8 @@ function save_wiki() {
if ($_clean['reflink']=='index' && $_clean['version']==1)
{
$sql="INSERT INTO ".$tbl_wiki_conf." (page_id, task, feedback1, feedback2, feedback3, fprogress1, fprogress2, fprogress3, max_text, max_version, startdate_assig, enddate_assig, delayedsubmit) VALUES ('".$Id."','".$_clean['task']."','".$_clean['feedback1']."','".$_clean['feedback2']."','".$_clean['feedback3']."','".$_clean['fprogress1']."','".$_clean['fprogress2']."','".$_clean['fprogress3']."','".$_clean['max_text']."','".$_clean['max_version']."','".$_clean['startdate_assig']."','".$_clean['enddate_assig']."','".$_clean['delayedsubmit']."')";
$sql="INSERT INTO ".$tbl_wiki_conf." (page_id, task, feedback1, feedback2, feedback3, fprogress1, fprogress2, fprogress3, max_text, max_version, startdate_assig, enddate_assig, delayedsubmit)
VALUES ('".$Id."','".$_clean['task']."','".$_clean['feedback1']."','".$_clean['feedback2']."','".$_clean['feedback3']."','".$_clean['fprogress1']."','".$_clean['fprogress2']."','".$_clean['fprogress3']."','".$_clean['max_text']."','".$_clean['max_version']."','".$_clean['startdate_assig']."','".$_clean['enddate_assig']."','".$_clean['delayedsubmit']."')";
}
else
{
@ -435,13 +436,13 @@ function save_new_wiki() {
$session_id = api_get_session_id();
if($_clean['assignment']==2 || $_clean['assignment']==1) {// Unlike ordinary pages of pages of assignments. Allow create a ordinary page although there is a assignment with the same name
$_clean['reflink']=Database::escape_string(Security::remove_XSS(str_replace(' ','_',$_POST['title']."_uass".$assig_user_id)));
$_clean['reflink']=Database::escape_string(str_replace(' ','_',$_POST['title']."_uass".$assig_user_id));
} else {
$_clean['reflink']=Database::escape_string(Security::remove_XSS(str_replace(' ','_',$_POST['title'])));
$_clean['reflink']=Database::escape_string(str_replace(' ','_',$_POST['title']));
}
$_clean['title']=Database::escape_string(Security::remove_XSS($_POST['title']));
$_clean['content']= Database::escape_string(Security::remove_XSS(stripslashes(api_html_entity_decode($_POST['content'])),COURSEMANAGERLOWSECURITY));
$_clean['title']=Database::escape_string($_POST['title']);
$_clean['content']= Database::escape_string($_POST['content']);
if($_clean['assignment']==2) {//config by default for individual assignment (students)
@ -452,7 +453,7 @@ function save_new_wiki() {
$_clean['ratinglock_disc']=0;
} else {
$_clean['user_id']=(int)Database::escape_string(api_get_user_id());
$_clean['user_id']=api_get_user_id();
$_clean['visibility']=1;
$_clean['visibility_disc']=1;
@ -460,7 +461,7 @@ function save_new_wiki() {
}
$_clean['comment']=Database::escape_string(Security::remove_XSS($_POST['comment']));
$_clean['comment']=Database::escape_string($_POST['comment']);
$_clean['progress']=Database::escape_string($_POST['progress']);
$_clean['version']=1;
@ -476,44 +477,36 @@ function save_new_wiki() {
$_clean['linksto'] = links_to($_clean['content']); //check wikilinks
//cleaning config variables
$_clean['task']= Database::escape_string(Security::remove_XSS(stripslashes(api_html_entity_decode($_POST['task'])),COURSEMANAGERLOWSECURITY));
$_clean['feedback1']=Database::escape_string(Security::remove_XSS($_POST['feedback1']));
$_clean['feedback2']=Database::escape_string(Security::remove_XSS($_POST['feedback2']));
$_clean['feedback3']=Database::escape_string(Security::remove_XSS($_POST['feedback3']));
$_clean['fprogress1']=Database::escape_string(Security::remove_XSS($_POST['fprogress1']));
$_clean['fprogress2']=Database::escape_string(Security::remove_XSS($_POST['fprogress2']));
$_clean['fprogress3']=Database::escape_string(Security::remove_XSS($_POST['fprogress3']));
if(Security::remove_XSS($_POST['initstartdate']==1))
{
$_clean['startdate_assig']=Database::escape_string(Security::remove_XSS(get_date_from_select('startdate_assig')));
}
else
{
$_clean['startdate_assig']=Database::escape_string(Security::remove_XSS($_POST['startdate_assig']));
$_clean['task']= Database::escape_string($_POST['task']);
$_clean['feedback1']=Database::escape_string($_POST['feedback1']);
$_clean['feedback2']=Database::escape_string($_POST['feedback2']);
$_clean['feedback3']=Database::escape_string($_POST['feedback3']);
$_clean['fprogress1']=Database::escape_string($_POST['fprogress1']);
$_clean['fprogress2']=Database::escape_string($_POST['fprogress2']);
$_clean['fprogress3']=Database::escape_string($_POST['fprogress3']);
if($_POST['initstartdate']==1) {
$_clean['startdate_assig']=Database::escape_string(get_date_from_select('startdate_assig'));
} else {
$_clean['startdate_assig']=Database::escape_string($_POST['startdate_assig']);
}
if(Security::remove_XSS($_POST['initenddate']==1))
{
$_clean['enddate_assig']=Database::escape_string(Security::remove_XSS(get_date_from_select('enddate_assig')));
}
else
{
$_clean['enddate_assig']=Database::escape_string(Security::remove_XSS($_POST['enddate_assig']));
if($_POST['initenddate']==1) {
$_clean['enddate_assig']=Database::escape_string(get_date_from_select('enddate_assig'));
} else {
$_clean['enddate_assig']=Database::escape_string($_POST['enddate_assig']);
}
$_clean['delayedsubmit']=Database::escape_string(Security::remove_XSS($_POST['delayedsubmit']));
$_clean['max_text']=Database::escape_string(Security::remove_XSS($_POST['max_text']));
$_clean['max_version']=Database::escape_string(Security::remove_XSS($_POST['max_version']));
$_clean['delayedsubmit']=Database::escape_string($_POST['delayedsubmit']);
$_clean['max_text']=Database::escape_string($_POST['max_text']);
$_clean['max_version']=Database::escape_string($_POST['max_version']);
//filter no _uass
if (api_eregi('_uass', $_POST['title']) || (api_strtoupper(trim($_POST['title'])) == 'INDEX' || api_strtoupper(trim(api_htmlentities($_POST['title'], ENT_QUOTES, $charset))) == api_strtoupper(api_htmlentities(get_lang('DefaultTitle'), ENT_QUOTES, $charset)))) {
$message= get_lang('GoAndEditMainPage');
Display::display_warning_message($message,false);
} else {
$var=$_clean['reflink'];
$group_id=Security::remove_XSS($_GET['group_id']);
if(!checktitle($var)) {
return get_lang('WikiPageTitleExist').'<a href="index.php?action=edit&amp;title='.$var.'&group_id='.$group_id.'">'.$_POST['title'].'</a>';
@ -965,12 +958,12 @@ function word_count($document) {
# strip all html tags
$wc = strip_tags($document);
//remove words and remove one letter words commented temporarily because of problems with utf8 support. TODO: fix and enable
# remove 'words' that don't consist of alphanumerical characters or punctuation
$pattern = "#[^(\w|\d|\'|\"|\.|\!|\?|;|,|\\|\/|\-|:|\&|@)]+#";
$wc = trim(preg_replace($pattern, " ", $wc));
//$pattern = "#[^(\w|\d|\'|\"|\.|\!|\?|;|,|\\|\/|\-|:|\&|@)]+#";
//$wc = trim(preg_replace($pattern, " ", $wc));
# remove one-letter 'words' that consist only of punctuation
$wc = trim(preg_replace("#\s*[(\'|\"|\.|\!|\?|;|,|\\|\/|\-|:|\&|@)]\s*#", " ", $wc));
//$wc = trim(preg_replace("#\s*[(\'|\"|\.|\!|\?|;|,|\\|\/|\-|:|\&|@)]\s*#", " ", $wc)); //
# remove superfluous whitespace
$wc = preg_replace("/\s\s+/", " ", $wc);
@ -2084,7 +2077,7 @@ function make_select($name,$values,$checked='') {
*
*/
function get_date_from_select($prefix) {
return $_POST[$prefix.'_year'].'-'.two_digits($_POST[$prefix.'_month']).'-'.two_digits($_POST[$prefix.'_day']).' '.two_digits($_POST[$prefix.'_hour']).':'.two_digits($_POST[$prefix.'_minute']).':00';
return $_POST[$prefix.'_year'].'-'.two_digits($_POST[$prefix.'_month']).'-'.two_digits($_POST[$prefix.'_day']).' '.two_digits($_POST[$prefix.'_hour']).':'.two_digits($_POST[$prefix.'_minute']).':00';
}
/**

1
tests/main/inc/lib/fileManage.lib.test.php
Unescape View File

@ -196,6 +196,7 @@ class TestFileManager extends UnitTestCase {
}
public function testMkdirs(){
//This function is deprecated
$path=api_get_path(SYS_COURSE_PATH).'document';
$res = $this->fmanager->mkdirs($path);
$this->assertFalse($res);

1
tests/main/inc/lib/fileManager.lib.test.php
Unescape View File

@ -191,6 +191,7 @@ class TestFileManager extends UnitTestCase {
}
public function testMkdirs(){
//This function is deprecated
$path='/var/www/path/ruta';
$res = $this->fmanager->mkdirs($path);
$this->assertFalse($res);

Write Preview
Loading…
Cancel
Save