Add user and group multiple select in survey see BT#5715

Missing double validation.
10 years ago · 86d56c0a8e
parent b41e42b48b
commit 86d56c0a8e
4 changed files with 126 additions and 51 deletions
--- a/main/inc/lib/AnnouncementManager.php
+++ b/main/inc/lib/AnnouncementManager.php
@ -374,7 +374,7 @@ class AnnouncementManager
                    '0'
                );
            } else {
-                $send_to = self::separate_users_groups($sentTo);
+                $send_to = CourseManager::separateUsersGroups($sentTo);

                // Storing the selected groups
                if (is_array($send_to['groups']) && !empty($send_to['groups'])) {
@ -460,7 +460,7 @@ class AnnouncementManager
        // store in item_property (first the groups, then the users

        if (!isset($to_users)) { // !isset($to): when no user is selected we send it to everyone
-            $send_to = self::separate_users_groups($to);
+            $send_to = CourseManager::separateUsersGroups($to);
            // storing the selected groups
            if (is_array($send_to['groups'])) {
                foreach ($send_to['groups'] as $group) {
@ -541,7 +541,7 @@ class AnnouncementManager
        if (!is_null($to)) {
            // !is_null($to): when no user is selected we send it to everyone

-            $send_to = self::separate_users_groups($to);
+            $send_to = CourseManager::separateUsersGroups($to);

            // storing the selected groups
            if (is_array($send_to['groups'])) {
@ -1088,33 +1088,7 @@ class AnnouncementManager
        }
    }

-    /**
-     * This function separates the users from the groups
-     * users have a value USER:XXX (with XXX the groups id have a value
-     *  GROUP:YYY (with YYY the group id)
-     * @param    array   Array of strings that define the type and id of each destination
-     * @return   array   Array of groups and users (each an array of IDs)
-     */
-    public static function separate_users_groups($to)
-    {
-        $grouplist = array();
-        $userlist = array();
-        foreach ($to as $to_item) {
-            list($type, $id) = explode(':', $to_item);
-            switch ($type) {
-                case 'GROUP':
-                    $grouplist[] = intval($id);
-                    break;
-                case 'USER':
-                    $userlist[] = intval($id);
-                    break;
-            }
-        }

-        $send_to['groups'] = $grouplist;
-        $send_to['users'] = $userlist;
-        return $send_to;
-    }

    /**
     * Returns all the users and all the groups a specific announcement item
--- a/main/inc/lib/course.lib.php
+++ b/main/inc/lib/course.lib.php
@ -5330,6 +5330,34 @@ class CourseManager
        );
    }

+    /**
+     * This function separates the users from the groups
+     * users have a value USER:XXX (with XXX the groups id have a value
+     *  GROUP:YYY (with YYY the group id)
+     * @param    array   Array of strings that define the type and id of each destination
+     * @return   array   Array of groups and users (each an array of IDs)
+     */
+    public static function separateUsersGroups($to)
+    {
+        $grouplist = array();
+        $userlist = array();
+        foreach ($to as $to_item) {
+            list($type, $id) = explode(':', $to_item);
+            switch ($type) {
+                case 'GROUP':
+                    $grouplist[] = intval($id);
+                    break;
+                case 'USER':
+                    $userlist[] = intval($id);
+                    break;
+            }
+        }
+
+        $send_to['groups'] = $grouplist;
+        $send_to['users'] = $userlist;
+        return $send_to;
+    }
+
    /**
     * this function shows the form for sending a message to a specific group or user.
     */
--- a/main/survey/survey.lib.php
+++ b/main/survey/survey.lib.php
@ -3368,9 +3368,19 @@ class SurveyUtil
     * @version January 2007
     *
     */
-    static function save_invitations($users_array, $invitation_title, $invitation_text, $reminder = 0, $sendmail = 0, $remindUnAnswered = 0)
-    {
-        if (!is_array($users_array)) return 0; // Should not happen
+    public static function save_invitations(
+        $users_array,
+        $invitation_title,
+        $invitation_text,
+        $reminder = 0,
+        $sendmail = 0,
+        $remindUnAnswered = 0
+    ) {
+        if (!is_array($users_array)) {
+            // Should not happen
+
+            return 0;
+        }

        // Getting the survey information
        $survey_data = survey_manager::get_survey($_GET['survey_id']);
@ -3386,13 +3396,38 @@ class SurveyUtil

        $counter = 0;  // Nr of invitations "sent" (if sendmail option)
        $course_id = api_get_course_int_id();
-
        $session_id = api_get_session_id();

-        foreach ($users_array as $key=>$value) {
-            if (!isset($value) || $value == '') continue;
+        $result = CourseManager::separateUsersGroups($users_array);
+
+        $groupList = $result['groups'];
+        $users_array = $result['users'];
+
+        foreach ($groupList as $groupId) {
+            $userGroupList = GroupManager::getStudents($groupId);
+            $userGroupIdList = array_column($userGroupList, 'user_id');
+            $users_array = array_merge($users_array, $userGroupIdList);
+
+            $params = array(
+                'c_id' => $course_id,
+                'session_id' => $session_id,
+                'group_id' => $groupId,
+                'survey_code' => $survey_data['code']
+            );
+            self::save_invitation($params);
+        }
+
+        $users_array = array_unique($users_array);
+
+        foreach ($users_array as $key => $value) {
+            if (!isset($value) || $value == '') {
+                continue;
+            }
+
            // Skip user if reminding only unanswered people
-            if (in_array($value, $exclude_users)) continue;
+            if (in_array($value, $exclude_users)) {
+                continue;
+            }
            // Get the unique invitation code if we already have it
            if ($reminder == 1 && array_key_exists($value, $survey_invitations)) {
                $invitation_code = $survey_invitations[$value]['invitation_code'];
@ -3403,8 +3438,10 @@ class SurveyUtil
            // Store the invitation if user_id not in $already_invited['course_users'] OR email is not in $already_invited['additional_users']
            $addit_users_array = isset($already_invited['additional_users']) && !empty($already_invited['additional_users']) ? explode(';', $already_invited['additional_users']) : array();

-            $my_alredy_invited = ($already_invited['course_users'] == null) ? array() : $already_invited['course_users'];
-            if ((is_numeric($value) && !in_array($value, $my_alredy_invited)) || (!is_numeric($value) && !in_array($value, $addit_users_array))) {
+            $my_alredy_invited = $already_invited['course_users'] == null ? array() : $already_invited['course_users'];
+            if ((is_numeric($value) && !in_array($value, $my_alredy_invited)) ||
+                (!is_numeric($value) && !in_array($value, $addit_users_array))
+            ) {
                $new_user = true;
                if (!array_key_exists($value, $survey_invitations)) {
                    $params = array(
@ -3418,6 +3455,7 @@ class SurveyUtil
                    self::save_invitation($params);
                }
            }
+
            // Send the email if checkboxed
            if (($new_user || $reminder == 1) && $sendmail != 0) {
                // Make a change for absolute url
@ -3430,14 +3468,19 @@ class SurveyUtil
                $counter++;
            }
        }
+
        return $counter; // Number of invitations sent
    }

+    /**
+     * @param $params
+     * @return bool|int
+     */
    static function save_invitation($params)
    {
        // Database table to store the invitations data
        $table_survey_invitation = Database::get_course_table(TABLE_SURVEY_INVITATION);
-        if (!empty($params['c_id']) && !empty($params['user']) && !empty($params['survey_code'])) {
+        if (!empty($params['c_id']) && (!empty($params['user']) || !empty($params['group_id'])) && !empty($params['survey_code'])) {
            return Database::insert($table_survey_invitation, $params);
        }
        return false;
@ -3580,7 +3623,7 @@ class SurveyUtil

        // Selecting all the invitations of this survey AND the additional emailaddresses (the left join)
        $order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname' : ' ORDER BY lastname, firstname';
-        $sql = "SELECT user
+        $sql = "SELECT user, group_id
 				FROM $table_survey_invitation as table_invitation
 				WHERE
 				    table_invitation.c_id = $course_id AND
@ -3590,17 +3633,22 @@ class SurveyUtil

        $defaults = array();
        $defaults['course_users'] = array();
-        $defaults['additional_users'] = array();
+        $defaults['additional_users'] = array(); // Textarea
+        $defaults['users'] = array(); // user and groups

        $result = Database::query($sql);
        while ($row = Database::fetch_array($result)) {
            if (is_numeric($row['user'])) {
                $defaults['course_users'][] = $row['user'];
+                $defaults['users'][] = 'USER:'.$row['user'];
            } else {
                if (!empty($row['user'])) {
                    $defaults['additional_users'][] = $row['user'];
                }
            }
+            if (isset($row['group_id'])) {
+                $defaults['users'][] = 'GROUP:'.$row['group_id'];
+            }
        }

        if (!empty($defaults['course_users'])) {
--- a/main/survey/survey_invite.php
+++ b/main/survey/survey_invite.php
@ -91,7 +91,11 @@ if ($survey_data['invited'] > 0 && !isset($_POST['submit'])) {
 }

 // Building the form for publishing the survey
-$form = new FormValidator('publish_form', 'post', api_get_self().'?survey_id='.$survey_id.'&'.api_get_cidReq());
+$form = new FormValidator(
+	'publish_form',
+	'post',
+	api_get_self().'?survey_id='.$survey_id.'&'.api_get_cidReq()
+);
 $form->addElement('header', '', $tool_name);

 // Course users
@ -105,7 +109,17 @@ $possible_users = array();
 foreach ($complete_user_list as & $user) {
 	$possible_users[$user['user_id']] = api_get_person_name($user['firstname'], $user['lastname']);
 }
-$users = $form->addElement('advmultiselect', 'course_users', get_lang('CourseUsers'), $possible_users, 'style="width: 250px; height: 200px;"');
+
+
+CourseManager::addUserGroupMultiSelect($form, array());
+
+/*$form->addElement(
+	'advmultiselect',
+	'course_users',
+	get_lang('CourseUsers'),
+	$possible_users,
+	'style="width: 250px; height: 200px;"'
+);*/

 // Additional users
 $form->addElement(
@ -122,13 +136,12 @@ $form->addElement('html', '</div>');
 $form->addElement('html', '<div id="mail_text_wrapper">');

 // The title of the mail
-$form->addElement('text', 'mail_title', get_lang('MailTitle'), array('class' => 'span6'));
+$form->addText('mail_title', get_lang('MailTitle'), false);
 // The text of the mail
-$form->addElement(
-	'html_editor',
+$form->addHtmlEditor(
 	'mail_text',
 	array(get_lang('MailText'), get_lang('UseLinkSyntax')),
-	null,
+	false,
 	array('ToolbarSet' => 'Survey', 'Height' => '150')
 );
 $form->addElement('html', '</div>');
@ -163,7 +176,7 @@ $form->addElement('label', null, $auto_survey_link);

 if ($form->validate()) {
   	$values = $form->exportValues();
-    if ($values['send_mail'] == 1) {
+    if (isset($values['send_mail']) && $values['send_mail'] == 1) {
        if (empty($values['mail_title']) || empty($values['mail_text'])) {
            Display :: display_error_message(get_lang('FormHasErrorsPleaseComplete'));
            // Getting the invited users
@ -183,10 +196,22 @@ if ($form->validate()) {
        }
    }
    // Save the invitation mail
-	SurveyUtil::save_invite_mail($values['mail_text'], $values['mail_title'], !empty($survey_data['invite_mail']));
+	SurveyUtil::save_invite_mail(
+		$values['mail_text'],
+		$values['mail_title'],
+		!empty($survey_data['invite_mail'])
+	);
+
 	// Saving the invitations for the course users
-	$count_course_users = SurveyUtil::save_invitations($values['course_users'], $values['mail_title'],
-    $values['mail_text'], $values['resend_to_all'], $values['send_mail'], $values['remindUnAnswered']);
+	$count_course_users = SurveyUtil::save_invitations(
+		$values['users'],
+		$values['mail_title'],
+		$values['mail_text'],
+		$values['resend_to_all'],
+		$values['send_mail'],
+		$values['remindUnAnswered']
+	);
+
 	// Saving the invitations for the additional users
 	$values['additional_users'] = $values['additional_users'].';'; 	// This is for the case when you enter only one email
 	$temp = str_replace(',', ';', $values['additional_users']);		// This is to allow , and ; as email separators