chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge with 1.9.x

Browse Source
skala
Julio Montoya 13 years ago
parent 22f2b46b19 69b54521a6
commit 8cafb13169
28 changed files with 1030 additions and 985 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 8
      documentation/optimization.html
  2. 2
      main/attendance/attendance_calendar.php
  3. 106
      main/attendance/attendance_controller.php
  4. 2
      main/attendance/attendance_list.php
  5. 73
      main/attendance/attendance_sheet.php
  6. 16
      main/auth/courses.php
  7. 17
      main/auth/courses_controller.php
  8. 688
      main/auth/openid/login.php
  9. 459
      main/auth/openid/openid.lib.php
  10. 21
      main/auth/openid/whatis.php
  11. 6
      main/css/base.css
  12. 472
      main/inc/lib/auth.lib.php
  13. 3
      main/inc/lib/database.lib.php
  14. 3
      main/inc/lib/export.lib.inc.php
  15. 6
      main/inc/local.inc.php
  16. 3
      main/lang/english/admin.inc.php
  17. 1
      main/lang/english/agenda.inc.php
  18. 1
      main/lang/english/exercice.inc.php
  19. 10
      main/lang/english/trad4all.inc.php
  20. 1
      main/lang/spanish/admin.inc.php
  21. 1
      main/lang/spanish/agenda.inc.php
  22. 1
      main/lang/spanish/exercice.inc.php
  23. 7
      main/lang/spanish/trad4all.inc.php
  24. 13
      main/newscorm/learnpath.class.php
  25. 6
      main/newscorm/lp_controller.php
  26. 76
      main/newscorm/lp_edit_item_prereq.php
  27. 11
      main/template/default/auth/courses_categories.php
  28. 2
      main/work/work.php

8
documentation/optimization.html
Unescape View File

@ -77,6 +77,14 @@ An optional additional caching mechanism you may use is the realpath_cache_size
<hr />
<h2><a name="2.Slow-queries"></a>2. Slow queries</h2>
Enable slow_queries in /etc/mysqld/my.cnf, restart MySQL then follow using sudo tail -f /var/log/mysql/mysql-slow.log
<br /><br />
In Chamilo 1.9 in particular, due to the merge of all databases into one, you might experience performance issue if you have many learning paths with many items in them.<br />
To solve this performance issue, you can execute the following queries manually in your database:<br />
<pre>
ALTER TABLE lp_item ADD INDEX idx_c_lp_item_cid_lp_id (c_id, lp_id);
ALTER TABLE lp_item_view ADD INDEX idx_c_lp_item_view_cid_lp_view_id_lp_item_id (c_id, lp_view_id, lp_item_id);
</pre>
These will be available in Chamilo 1.10 directly, but we cannot put them into Chamilo 1.9 from now on for organizational reasons.<br />
<hr />
<h2><a name="3.Indexes-caching"></a>3. Indexes caching</h2>
One good reference: <a href="http://dev.mysql.com/doc/refman/5.1/en/multiple-key-caches.html">MySQL documentation on multiple key caches</a><br />

2
main/attendance/attendance_calendar.php
Unescape View File

@ -15,7 +15,7 @@ if (isset($_SESSION['gradebook'])) {
$param_gradebook = '&gradebook='.Security::remove_XSS($_SESSION['gradebook']);
}
if (!$is_locked_attendance || api_is_platform_admin()) {
echo '<div class="actions" style="margin-bottom:30px">';
echo '<div class="actions">';
if ($action == 'calendar_add') {
echo '<a href="index.php?'.api_get_cidreq().'&action=calendar_list&attendance_id='.$attendance_id.$param_gradebook.'">'.Display::return_icon('back.png',get_lang('AttendanceCalendar'),'',ICON_SIZE_MEDIUM).'</a>';
} else {

106
main/attendance/attendance_controller.php
Unescape View File

@ -174,6 +174,7 @@
}
$this->attendance_list();
}
/**
* Restores an attendance entry and fallback to attendances rendering
* @param int attendance id
@ -265,8 +266,7 @@
}
$data['users_in_course'] = $attendance->get_users_rel_course($attendance_id);
$my_calendar_id = null;
$my_calendar_id = null;
if (is_numeric($filter_type)) {
$my_calendar_id = $filter_type;
$filter_type = 'calendar_id';
@ -385,7 +385,7 @@
* @param int attendance id
*/
public function attendance_sheet_export_to_pdf($action, $attendance_id, $student_id = 0, $course_id = '') {
$attendance = new Attendance();
$courseInfo = CourseManager::get_course_information($course_id);
@ -394,7 +394,20 @@
$data_array['attendance_id'] = $attendance_id;
$data_array['users_in_course'] = $attendance->get_users_rel_course($attendance_id);
$data_array['attendant_calendar'] = $attendance->get_attendance_calendar($attendance_id);
$filter_type = 'today';
if (!empty($_REQUEST['filter'])) {
$filter_type = $_REQUEST['filter'];
}
$my_calendar_id = null;
if (is_numeric($filter_type)) {
$my_calendar_id = $filter_type;
$filter_type = 'calendar_id';
}
$data_array['attendant_calendar'] = $attendance->get_attendance_calendar($attendance_id, $filter_type, $my_calendar_id);
//$data_array['attendant_calendar'] = $attendance->get_attendance_calendar($attendance_id);
if (api_is_allowed_to_edit(null, true) || api_is_drh()) {
$data_array['users_presence'] = $attendance->get_users_attendance_sheet($attendance_id);
@ -408,10 +421,12 @@
$data_array['faults'] = $attendance->get_faults_of_user($user_id, $attendance_id);
$data_array['user_id'] = $user_id;
}
$data_array['next_attendance_calendar_id'] = $attendance->get_next_attendance_calendar_id($attendance_id);
// set headers pdf
//Set headers pdf
$courseCategory = CourseManager::get_course_category($courseInfo['category_code']);
$teacherInfo = CourseManager::get_teacher_list_from_course_code($courseInfo['code']);
@ -427,9 +442,9 @@
$data_table = array();
$head_table = array('#', get_lang('Name'));
foreach ($data_array['attendant_calendar'] as $class_day) {
$head_table[] = $class_day['date'];
}
foreach ($data_array['attendant_calendar'] as $class_day) {
$head_table[] = api_format_date($class_day['date_time'], DATE_FORMAT_SHORT).' <br />'.api_format_date($class_day['date_time'], TIME_NO_SEC_FORMAT);
}
$data_table[] = $head_table;
$dataClass = array();
@ -439,54 +454,44 @@
$data_attendant_calendar = $data_array['attendant_calendar'];
$data_users_presence = $data_array['users_presence'];
$count = 1;
foreach ($data_array['users_in_course'] as $user) {
$cols = 1;
$result = array();
$result['count'] = $count;
$result['full_name'] = api_get_person_name($user['firstname'], $user['lastname']);
foreach ($data_array['attendant_calendar'] as $class_day) {
if ($class_day['done_attendance'] == 1) {
if ($data_users_presence[$user['user_id']][$class_day['id']]['presence'] == 1)
$result[$class_day['id']] = " . ";
else
$result[$class_day['id']] = " F ";
} else {
$result[$class_day['id']] = " \ ";
}
$cols++;
if (!empty($data_array['users_in_course'])) {
foreach ($data_array['users_in_course'] as $user) {
$cols = 1;
$result = array();
$result['count'] = $count;
$result['full_name'] = api_get_person_name($user['firstname'], $user['lastname']);
foreach ($data_array['attendant_calendar'] as $class_day) {
if ($class_day['done_attendance'] == 1) {
if ($data_users_presence[$user['user_id']][$class_day['id']]['presence'] == 1)
$result[$class_day['id']] = get_lang('UserAttendedSymbol');
else
$result[$class_day['id']] = get_lang('UserNotAttendedSymbol');
} else {
$result[$class_day['id']] = " ";
}
$cols++;
}
$count++;
$data_table[] = $result;
}
$count++;
$data_table[] = $result;
}
}
$max_cols_per_page = 12; //10 dates + 2 name and number
$max_dates_per_page = $max_dates_per_page_original = $max_cols_per_page - 2;//10
//
//var_dump($cols);exit;
$rows = count($data_table);
$rows = count($data_table);
if ($cols > $max_cols_per_page) {
$number_tables = round(($cols-2)/$max_dates_per_page);
//var_dump($number_tables);
$number_tables = round(($cols-2)/$max_dates_per_page);
$headers = $data_table[0];
//var_dump($data_table[1]);
$all = array();
$all = array();
$tables = array();
$changed = 1;
$changed = 1;
for ($i= 0; $i <= $rows; $i++) {
$row = $data_table[$i];
$row = $data_table[$i];
$key = 1;
$max_dates_per_page = 10;
//for ($j = 0; $j < $cols; $j++) {
$item = $data_table[$i];
$count_j = 0;
@ -504,11 +509,16 @@
}
}
}
}
$content = null;
$content = null;
foreach ($tables as $sub_table) {
$content .= Export::convert_array_to_html($sub_table).'<br /><br />';
if (!empty($tables)) {
foreach ($tables as $sub_table) {
$content .= Export::convert_array_to_html($sub_table).'<br /><br />';
}
}
} else {
$content .= Export::convert_array_to_html($data_table, array('header_attributes' => array('align' => 'center')));
}
$params = array(

2
main/attendance/attendance_list.php
Unescape View File

@ -15,7 +15,7 @@ if (api_is_allowed_to_edit(null, true)) {
if (isset($_SESSION['gradebook'])) {
$param_gradebook = '&gradebook='.Security::remove_XSS($_SESSION['gradebook']);
}
echo '<div class="actions" style="margin-bottom:30px">';
echo '<div class="actions">';
echo '<a href="index.php?'.api_get_cidreq().$param_gradebook.'&action=attendance_add">'.Display::return_icon('new_attendance_list.png',get_lang('CreateANewAttendance'),'',ICON_SIZE_MEDIUM).'</a>';
echo '</div>';
}

73
main/attendance/attendance_sheet.php
Unescape View File

@ -16,35 +16,14 @@ if (api_is_allowed_to_edit(null, true)) {
if (isset($_SESSION['gradebook'])) {
$param_gradebook = '&gradebook='.$_SESSION['gradebook'];
}
if (!$is_locked_attendance || api_is_platform_admin()) {
echo '<div class="actions" style="margin-bottom:30px">';
echo '<a href="index.php?'.api_get_cidreq().'&action=calendar_list&attendance_id='.$attendance_id.$param_gradebook.'">'.
Display::return_icon('attendance_calendar.png',get_lang('AttendanceCalendar'),'',ICON_SIZE_MEDIUM).'</a>';
echo '<a href="index.php?'.api_get_cidreq().'&action=attendance_sheet_export_to_pdf&attendance_id='.$attendance_id.$param_gradebook.'">'.
Display::return_icon('pdf.png',get_lang('ExportToPDF'),'',ICON_SIZE_MEDIUM).'</a>';
echo '</div>';
}
$message_information = get_lang('AttendanceSheetDescription');
if (!empty($message_information)) {
$message = '<strong>'.get_lang('Information').'</strong><br />';
$message .= $message_information;
Display::display_normal_message($message, false);
}
if ($is_locked_attendance) {
Display::display_warning_message(get_lang('TheAttendanceSheetIsLocked'), false);
}
$form = new FormValidator('filter', 'post', 'index.php?action=attendance_sheet_add&'.api_get_cidreq().$param_gradebook.'&attendance_id='.$attendance_id);
$form = new FormValidator('filter', 'post', 'index.php?action=attendance_sheet_add&'.api_get_cidreq().$param_gradebook.'&attendance_id='.$attendance_id, null, array('class' => 'form-search pull-left'));
$values = array(
'all' => get_lang('All'),
'today' => get_lang('Today'),
'all_done' => get_lang('AllDone'),
'all_not_done' => get_lang('AllNotDone')
);
);
$today = api_convert_and_format_date(null, DATE_FORMAT_SHORT);
$exists_attendance_today = false;
@ -62,7 +41,7 @@ if (api_is_allowed_to_edit(null, true)) {
Display::display_warning_message(get_lang('ThereIsNoClassScheduledTodayTryPickingAnotherDay'));
}
$form->addElement('select', 'filter', get_lang('Filter'), $values);
$form->addElement('select', 'filter', get_lang('Filter'), $values, array('id' => 'filter_id'));
$form->addElement('style_submit_button', null, get_lang('Filter'), 'class="filter"');
if (isset($_REQUEST['filter'])) {
@ -71,14 +50,54 @@ if (api_is_allowed_to_edit(null, true)) {
}
} else {
$default_filter = 'today';
}
}
$renderer = $form->defaultRenderer();
$renderer->setElementTemplate('{label} {element} ');
$form->setDefaults(array('filter'=>$default_filter));
if (!$is_locked_attendance || api_is_platform_admin()) {
echo '<div class="actions">';
echo '<a style="float:left;" href="index.php?'.api_get_cidreq().'&action=calendar_list&attendance_id='.$attendance_id.$param_gradebook.'">'.
Display::return_icon('attendance_calendar.png',get_lang('AttendanceCalendar'),'',ICON_SIZE_MEDIUM).'</a>';
if (count($users_in_course) > 0) {
$form->display();
}
echo '<a id="pdf_export" style="float:left;" href="index.php?'.api_get_cidreq().'&action=attendance_sheet_export_to_pdf&attendance_id='.$attendance_id.$param_gradebook.'">'.
Display::return_icon('pdf.png',get_lang('ExportToPDF'),'',ICON_SIZE_MEDIUM).'</a>';
echo '</div>';
}
$message_information = get_lang('AttendanceSheetDescription');
if (!empty($message_information)) {
$message = '<strong>'.get_lang('Information').'</strong><br />';
$message .= $message_information;
Display::display_normal_message($message, false);
}
if ($is_locked_attendance) {
Display::display_warning_message(get_lang('TheAttendanceSheetIsLocked'), false);
}
$param_filter = '&filter='.Security::remove_XSS($default_filter);
if (count($users_in_course) > 0) {
$form->display();
?>
<script type="text/javascript">
<script>
var original_url = '';
$("#filter_id").on('change', function() {
filter = $(this).val();
if (original_url == '') {
original_url = $("#pdf_export").attr('href');
}
new_url = original_url + "&filter=" +filter
$("#pdf_export").attr('href', new_url);
//console.log(new_url);
});
function UpdateTableHeaders() {
$("div.divTableWithFloatingHeader").each(function() {
var originalHeaderRow = $(".tableFloatingHeaderOriginal", this);

16
main/auth/courses.php
Unescape View File

@ -73,7 +73,7 @@ if (api_is_platform_admin() || api_is_course_admin() || api_is_allowed_to_create
}
// filter actions
$actions = array('sortmycourses', 'createcoursecategory', 'subscribe', 'deletecoursecategory', 'display_courses','display_random_courses');
$actions = array('sortmycourses', 'createcoursecategory', 'subscribe', 'deletecoursecategory', 'display_courses', 'display_random_courses' , 'subscribe_user_with_password');
$action = 'display_random_courses';
$nameTools = get_lang('SortMyCourses');
@ -88,6 +88,10 @@ if ($action == 'subscribe') {
$nameTools = get_lang('CourseManagement');
}
if ($action == 'subscribe_user_with_password') {
$nameTools = get_lang('CourseManagement');
}
if ($action == 'display_random_courses' || $action == 'display_courses' ) {
$nameTools = get_lang('CourseManagement');
}
@ -164,9 +168,9 @@ if (isset($_REQUEST['search_course'])) {
}
}
// subscribe user to course
if (isset($_GET['subscribe_course'])) {
if ($ctok == $_GET['sec_token']) {
// Subscribe user to course
if (isset($_REQUEST['subscribe_course'])) {
if ($ctok == $_GET['sec_token']) {
$courses_controller->subscribe_user($_GET['subscribe_course'], $_GET['search_term'], $_GET['category_code']);
}
}
@ -185,6 +189,10 @@ if (isset($_POST['unsubscribe'])) {
}
}
switch ($action) {
case 'subscribe_user_with_password':
$courses_controller->subscribe_user($_POST['subscribe_user_with_password'], $_POST['search_term'], $_POST['category_code']);
exit;
break;
case 'createcoursecategory':
$courses_controller->categories_list($action);
break;

17
main/auth/courses_controller.php
Unescape View File

@ -79,7 +79,7 @@ class CoursesController { // extends Controller {
* @param string action
* @param string Category code (optional)
*/
public function courses_categories($action, $category_code = null, $message = '', $error = '') {
public function courses_categories($action, $category_code = null, $message = '', $error = '', $content = null) {
$data = array();
$browse_course_categories = $this->model->browse_course_categories();
@ -117,6 +117,7 @@ class CoursesController { // extends Controller {
$data['user_coursecodes'] = $user_coursecodes;
$data['action'] = $action;
$data['message'] = $message;
$data['content'] = $content;
$data['error'] = $error;
// render to the view
@ -170,23 +171,19 @@ class CoursesController { // extends Controller {
*/
public function subscribe_user($course_code, $search_term, $category_code) {
$data = array();
$result = $this->model->subscribe_user($course_code);
$result = $this->model->subscribe_user($course_code);
if (!$result) {
$error = get_lang('CourseRegistrationCodeIncorrect');
} else {
//Redirect directly to the course after subscription
/*
if ($result) {
$url = api_get_course_url($course_code);
header('Location: '.$url);
exit;
}*/
$message = $result;
$message = $result['message'];
$content = $result['content'];
}
if (!empty($search_term)) {
$this->search_courses($search_term, $message, $error);
} else {
$this->courses_categories('subcribe', $category_code, $message, $error);
$this->courses_categories('subcribe', $category_code, $message, $error, $content);
}
return $result;
}

688
main/auth/openid/login.php
Unescape View File

@ -1,4 +1,5 @@
<?php
/* For licensing terms, see /license.txt */
/**
* OpenID login method
@ -12,14 +13,23 @@
/**
* Initialisation
*/
require_once dirname(__FILE__).'../../inc/conf/auth.conf.php';
require_once api_get_path(CONFIGURATION_PATH) . 'auth.conf.php';
require_once 'openid.lib.php';
require_once 'xrds.lib.php';
function openid_form()
{
return '<div class="menusection"><span class="menusectioncaption">'.get_lang('OpenIdAuthentication').'</span><form name="openid_login" method="post"><label for="openid_url">'.get_lang('OpenIDURL').' <a href="main/auth/openid/whatis.php" title="'.get_lang('OpenIDWhatIs').'">'.Display::return_icon('info3.gif',get_lang('Info')).'</a></label><input type="text" id="openid_url" name="openid_url" style="background: url(main/img/openid_small_logo.png) no-repeat; background-color: #fff; background-position: 0 50%; padding-left:18px;" value="http://"></input><input type="submit" name="openid_login" value="'.get_lang('Enter').'" /><br /><br /></form></div>';
function openid_form() {
//get_lang('OpenIdAuthentication')
$form = new FormValidator('openid_login', 'post', null, null, array('class' => 'form-vertical form_login'));
$form->addElement('text', 'openid_url', array(get_lang('OpenIDURL'), Display::url(get_lang('OpenIDWhatIs'), 'main/auth/openid/whatis.php')), array('class' => 'openid_input'));
$form->addElement('button', 'submit', get_lang('Login'));
return $form->return_form();
/*
return '<label for="openid_url">'.get_lang('OpenIDURL').' <a href="main/auth/openid/whatis.php" title="'.get_lang('OpenIDWhatIs').'">'.Display::return_icon('info3.gif',get_lang('Info')).'</a></label>
<input type="text" id="openid_url" name="openid_url" style="background: url(main/img/openid_small_logo.png) no-repeat; background-color: #fff; background-position: 0 50%; padding-left:18px;" value="http://"></input>
* <input type="submit" name="openid_login" value="'.get_lang('Enter').'" /><br /><br /></form></div>';
*
*/
}
/**
@ -32,46 +42,40 @@ function openid_form()
* @param $claimed_id The OpenID to authenticate
* @param $return_to The endpoint to return to from the OpenID Provider
*/
function openid_begin($claimed_id, $return_to = '', $form_values = array())
{
$claimed_id = _openid_normalize($claimed_id);
$services = openid_discovery($claimed_id);
if (count($services) == 0) {
echo 'Sorry, that is not a valid OpenID. Please ensure you have spelled your ID correctly.';
return;
}
$op_endpoint = $services[0]['uri'];
// Store the discovered endpoint in the session (so we don't have to rediscover).
$_SESSION['openid_op_endpoint'] = $op_endpoint;
// Store the claimed_id in the session (for handling delegation).
$_SESSION['openid_claimed_id'] = $claimed_id;
// Store the login form values so we can pass them to
// user_exteral_login later.
$_SESSION['openid_user_login_values'] = $form_values;
// If bcmath is present, then create an association
$assoc_handle = '';
if (function_exists('bcadd')) {
$assoc_handle = openid_association($op_endpoint);
}
// Now that there is an association created, move on
// to request authentication from the IdP
$identity = (!empty($services[0]['delegate'])) ? $services[0]['delegate'] : $claimed_id;
if (isset($services[0]['types']) && is_array($services[0]['types']) && in_array(OPENID_NS_2_0 .'/server', $services[0]['types'])) {
$identity = 'http://openid.net/identifier_select/2.0';
}
$authn_request = openid_authentication_request($claimed_id, $identity, $return_to, $assoc_handle, $services[0]['version']);
if ($services[0]['version'] == 2) {
openid_redirect($op_endpoint, $authn_request);
}
else {
openid_redirect_http($op_endpoint, $authn_request);
}
function openid_begin($claimed_id, $return_to = '', $form_values = array()) {
$claimed_id = _openid_normalize($claimed_id);
$services = openid_discovery($claimed_id);
if (count($services) == 0) {
echo 'Sorry, that is not a valid OpenID. Please ensure you have spelled your ID correctly.';
return;
}
$op_endpoint = $services[0]['uri'];
// Store the discovered endpoint in the session (so we don't have to rediscover).
$_SESSION['openid_op_endpoint'] = $op_endpoint;
// Store the claimed_id in the session (for handling delegation).
$_SESSION['openid_claimed_id'] = $claimed_id;
// Store the login form values so we can pass them to
// user_exteral_login later.
$_SESSION['openid_user_login_values'] = $form_values;
// If bcmath is present, then create an association
$assoc_handle = '';
if (function_exists('bcadd')) {
$assoc_handle = openid_association($op_endpoint);
}
// Now that there is an association created, move on
// to request authentication from the IdP
$identity = (!empty($services[0]['delegate'])) ? $services[0]['delegate'] : $claimed_id;
if (isset($services[0]['types']) && is_array($services[0]['types']) && in_array(OPENID_NS_2_0 . '/server', $services[0]['types'])) {
$identity = 'http://openid.net/identifier_select/2.0';
}
$authn_request = openid_authentication_request($claimed_id, $identity, $return_to, $assoc_handle, $services[0]['version']);
if ($services[0]['version'] == 2) {
openid_redirect($op_endpoint, $authn_request);
} else {
openid_redirect_http($op_endpoint, $authn_request);
}
}
/**
@ -83,29 +87,27 @@ function openid_begin($claimed_id, $return_to = '', $form_values = array())
* @return $response Response values for further processing with
* $response['status'] set to one of 'success', 'failed' or 'cancel'.
*/
function openid_complete($response)
{
// Default to failed response
$response['status'] = 'failed';
if (isset($_SESSION['openid_op_endpoint']) && isset($_SESSION['openid_claimed_id'])) {
_openid_fix_post($response);
$op_endpoint = $_SESSION['openid_op_endpoint'];
$claimed_id = $_SESSION['openid_claimed_id'];
unset($_SESSION['openid_op_endpoint']);
unset($_SESSION['openid_claimed_id']);
if (isset($response['openid.mode'])) {
if ($response['openid.mode'] == 'cancel') {
$response['status'] = 'cancel';
}
else {
if (openid_verify_assertion($op_endpoint, $response)) {
$response['openid.identity'] = $claimed_id;
$response['status'] = 'success';
function openid_complete($response) {
// Default to failed response
$response['status'] = 'failed';
if (isset($_SESSION['openid_op_endpoint']) && isset($_SESSION['openid_claimed_id'])) {
_openid_fix_post($response);
$op_endpoint = $_SESSION['openid_op_endpoint'];
$claimed_id = $_SESSION['openid_claimed_id'];
unset($_SESSION['openid_op_endpoint']);
unset($_SESSION['openid_claimed_id']);
if (isset($response['openid.mode'])) {
if ($response['openid.mode'] == 'cancel') {
$response['status'] = 'cancel';
} else {
if (openid_verify_assertion($op_endpoint, $response)) {
$response['openid.identity'] = $claimed_id;
$response['status'] = 'success';
}
}
}
}
}
}
return $response;
return $response;
}
/**
@ -118,63 +120,61 @@ function openid_complete($response)
*/
function openid_discovery($claimed_id) {
$services = array();
$services = array();
$xrds_url = $claimed_id;
if (_openid_is_xri($claimed_id)) {
$xrds_url = 'http://xri.net/'. $claimed_id;
}
$url = @parse_url($xrds_url);
if ($url['scheme'] == 'http' || $url['scheme'] == 'https') {
// For regular URLs, try Yadis resolution first, then HTML-based discovery
$headers = array('Accept' => 'application/xrds+xml');
//TODO
$result = openid_http_request($xrds_url, $headers);
if (!isset($result->error)) {
if (isset($result->headers['Content-Type']) && preg_match("/application\/xrds\+xml/", $result->headers['Content-Type'])) {
// Parse XML document to find URL
$services = xrds_parse($result->data);
}
else {
$xrds_url = NULL;
if (isset($result->headers['X-XRDS-Location'])) {
$xrds_url = $result->headers['X-XRDS-Location'];
}
else {
// Look for meta http-equiv link in HTML head
$xrds_url = _openid_meta_httpequiv('X-XRDS-Location', $result->data);
}
if (!empty($xrds_url)) {
$headers = array('Accept' => 'application/xrds+xml');
//TODO
$xrds_result = openid_http_request($xrds_url, $headers);
if (!isset($xrds_result->error)) {
$services = xrds_parse($xrds_result->data);
}
}
}
// Check for HTML delegation
if (count($services) == 0) {
// Look for 2.0 links
$uri = _openid_link_href('openid2.provider', $result->data);
$delegate = _openid_link_href('openid2.local_id', $result->data);
$version = 2;
// 1.0 links
if (empty($uri)) {
$uri = _openid_link_href('openid.server', $result->data);
$delegate = _openid_link_href('openid.delegate', $result->data);
$version = 1;
}
if (!empty($uri)) {
$services[] = array('uri' => $uri, 'delegate' => $delegate, 'version' => $version);
$xrds_url = $claimed_id;
if (_openid_is_xri($claimed_id)) {
$xrds_url = 'http://xri.net/' . $claimed_id;
}
$url = @parse_url($xrds_url);
if ($url['scheme'] == 'http' || $url['scheme'] == 'https') {
// For regular URLs, try Yadis resolution first, then HTML-based discovery
$headers = array('Accept' => 'application/xrds+xml');
//TODO
$result = openid_http_request($xrds_url, $headers);
if (!isset($result->error)) {
if (isset($result->headers['Content-Type']) && preg_match("/application\/xrds\+xml/", $result->headers['Content-Type'])) {
// Parse XML document to find URL
$services = xrds_parse($result->data);
} else {
$xrds_url = NULL;
if (isset($result->headers['X-XRDS-Location'])) {
$xrds_url = $result->headers['X-XRDS-Location'];
} else {
// Look for meta http-equiv link in HTML head
$xrds_url = _openid_meta_httpequiv('X-XRDS-Location', $result->data);
}
if (!empty($xrds_url)) {
$headers = array('Accept' => 'application/xrds+xml');
//TODO
$xrds_result = openid_http_request($xrds_url, $headers);
if (!isset($xrds_result->error)) {
$services = xrds_parse($xrds_result->data);
}
}
}
// Check for HTML delegation
if (count($services) == 0) {
// Look for 2.0 links
$uri = _openid_link_href('openid2.provider', $result->data);
$delegate = _openid_link_href('openid2.local_id', $result->data);
$version = 2;
// 1.0 links
if (empty($uri)) {
$uri = _openid_link_href('openid.server', $result->data);
$delegate = _openid_link_href('openid.delegate', $result->data);
$version = 1;
}
if (!empty($uri)) {
$services[] = array('uri' => $uri, 'delegate' => $delegate, 'version' => $version);
}
}
}
}
}
}
return $services;
return $services;
}
/**
@ -185,51 +185,50 @@ function openid_discovery($claimed_id) {
* @return $assoc_handle The association handle.
*/
function openid_association($op_endpoint) {
//@todo Remove Old Associations:
$openid_association = Database::get_main_table(TABLE_MAIN_OPENID_ASSOCIATION);
$sql = "DELETE FROM $openid_association WHERE created + expires_in < '" . api_get_utc_datetime() . "'";
Database::query($sql);
// Check to see if we have an association for this IdP already
$op_endpoint = Database::escape_string($op_endpoint);
$sql = "SELECT assoc_handle FROM $openid_association WHERE idp_endpoint_uri = '$op_endpoint'";
$assoc_handle = Database::query($sql);
if (Database::num_rows($assoc_handle) <= 1) {
$mod = OPENID_DH_DEFAULT_MOD;
$gen = OPENID_DH_DEFAULT_GEN;
$r = _openid_dh_rand($mod);
$private = bcadd($r, 1);
$public = bcpowmod($gen, $private, $mod);
// If there is no existing association, then request one
$assoc_request = openid_association_request($public);
$assoc_message = _openid_encode_message(_openid_create_message($assoc_request));
$assoc_headers = array('Content-Type' => 'application/x-www-form-urlencoded; charset=utf-8');
//TODO
$assoc_result = openid_http_request($op_endpoint, $assoc_headers, 'POST', $assoc_message);
if (isset($assoc_result->error)) {
return FALSE;
}
// Remove Old Associations:
//TODO
$openid_association = Database::get_main_table(TABLE_MAIN_OPENID_ASSOCIATION);
Database::query("DELETE FROM $openid_association WHERE created + expires_in < %d", time());
// Check to see if we have an association for this IdP already
$assoc_handle = Database::query("SELECT assoc_handle FROM $openid_association WHERE idp_endpoint_uri = '%s'", $op_endpoint);
if (Database::num_rows($assoc_handle)<=1) {
$mod = OPENID_DH_DEFAULT_MOD;
$gen = OPENID_DH_DEFAULT_GEN;
$r = _openid_dh_rand($mod);
$private = bcadd($r, 1);
$public = bcpowmod($gen, $private, $mod);
// If there is no existing association, then request one
$assoc_request = openid_association_request($public);
$assoc_message = _openid_encode_message(_openid_create_message($assoc_request));
$assoc_headers = array('Content-Type' => 'application/x-www-form-urlencoded; charset=utf-8');
//TODO
$assoc_result = openid_http_request($op_endpoint, $assoc_headers, 'POST', $assoc_message);
if (isset($assoc_result->error)) {
return FALSE;
}
$assoc_response = _openid_parse_message($assoc_result->data);
if (isset($assoc_response['mode']) && $assoc_response['mode'] == 'error') {
return FALSE;
}
$assoc_response = _openid_parse_message($assoc_result->data);
if (isset($assoc_response['mode']) && $assoc_response['mode'] == 'error') {
return FALSE;
}
if ($assoc_response['session_type'] == 'DH-SHA1') {
$spub = _openid_dh_base64_to_long($assoc_response['dh_server_public']);
$enc_mac_key = base64_decode($assoc_response['enc_mac_key']);
$shared = bcpowmod($spub, $private, $mod);
$assoc_response['mac_key'] = base64_encode(_openid_dh_xorsecret($shared, $enc_mac_key));
}
//TODO
$openid_association = Database::get_main_table(TABLE_MAIN_OPENID_ASSOCIATION);
Database::query(sprintf("INSERT INTO $openid_association (idp_endpoint_uri, session_type, assoc_handle, assoc_type, expires_in, mac_key, created) VALUES('%s', '%s', '%s', '%s', %d, '%s', %d)", $op_endpoint, $assoc_response['session_type'], $assoc_response['assoc_handle'], $assoc_response['assoc_type'], $assoc_response['expires_in'], $assoc_response['mac_key'], api_get_utc_datetime()));
if ($assoc_response['session_type'] == 'DH-SHA1') {
$spub = _openid_dh_base64_to_long($assoc_response['dh_server_public']);
$enc_mac_key = base64_decode($assoc_response['enc_mac_key']);
$shared = bcpowmod($spub, $private, $mod);
$assoc_response['mac_key'] = base64_encode(_openid_dh_xorsecret($shared, $enc_mac_key));
$assoc_handle = $assoc_response['assoc_handle'];
}
//TODO
$openid_association = Database::get_main_table(TABLE_MAIN_OPENID_ASSOCIATION);
Database::query(sprintf("INSERT INTO $openid_association (idp_endpoint_uri, session_type, assoc_handle, assoc_type, expires_in, mac_key, created) VALUES('%s', '%s', '%s', '%s', %d, '%s', %d)",
$op_endpoint, $assoc_response['session_type'], $assoc_response['assoc_handle'], $assoc_response['assoc_type'], $assoc_response['expires_in'], $assoc_response['mac_key'], time()));
$assoc_handle = $assoc_response['assoc_handle'];
}
return $assoc_handle;
return $assoc_handle;
}
/**
@ -256,34 +255,33 @@ function openid_association_request($public) {
*/
function openid_authentication_request($claimed_id, $identity, $return_to = '', $assoc_handle = '', $version = 2) {
$realm = ($return_to) ? $return_to : api_get_self();
$ns = ($version == 2) ? OPENID_NS_2_0 : OPENID_NS_1_0;
$request = array(
'openid.ns' => $ns,
'openid.mode' => 'checkid_setup',
'openid.identity' => $identity,
'openid.claimed_id' => $claimed_id,
'openid.assoc_handle' => $assoc_handle,
'openid.return_to' => $return_to,
);
if ($version == 2) {
$request['openid.realm'] = $realm;
}
else {
$request['openid.trust_root'] = $realm;
}
// Simple Registration - we don't ask lastname and firstname because the only
// available similar data is "fullname" and we would have to guess where to split
$request['openid.sreg.required'] = 'nickname,email';
$request['openid.ns.sreg'] = "http://openid.net/extensions/sreg/1.1";
//$request = array_merge($request, module_invoke_all('openid', 'request', $request));
//$request = array_merge($request);
return $request;
$realm = ($return_to) ? $return_to : api_get_self();
$ns = ($version == 2) ? OPENID_NS_2_0 : OPENID_NS_1_0;
$request = array(
'openid.ns' => $ns,
'openid.mode' => 'checkid_setup',
'openid.identity' => $identity,
'openid.claimed_id' => $claimed_id,
'openid.assoc_handle' => $assoc_handle,
'openid.return_to' => $return_to,
);
if ($version == 2) {
$request['openid.realm'] = $realm;
} else {
$request['openid.trust_root'] = $realm;
}
// Simple Registration - we don't ask lastname and firstname because the only
// available similar data is "fullname" and we would have to guess where to split
$request['openid.sreg.required'] = 'nickname,email';
$request['openid.ns.sreg'] = "http://openid.net/extensions/sreg/1.1";
//$request = array_merge($request, module_invoke_all('openid', 'request', $request));
//$request = array_merge($request);
return $request;
}
/**
@ -296,173 +294,169 @@ function openid_authentication_request($claimed_id, $identity, $return_to = '',
*/
function openid_verify_assertion($op_endpoint, $response) {
$valid = FALSE;
//TODO
$openid_association = Database::get_main_table(TABLE_MAIN_OPENID_ASSOCIATION);
$sql = sprintf("SELECT * FROM $openid_association WHERE assoc_handle = '%s'", $response['openid.assoc_handle']);
$res = Database::query($sql);
$association = Database::fetch_object($res);
if ($association && isset($association->session_type)) {
$keys_to_sign = explode(',', $response['openid.signed']);
$self_sig = _openid_signature($association, $response, $keys_to_sign);
if ($self_sig == $response['openid.sig']) {
$valid = TRUE;
}
else {
$valid = FALSE;
}
}
else {
$request = $response;
$request['openid.mode'] = 'check_authentication';
$message = _openid_create_message($request);
$headers = array('Content-Type' => 'application/x-www-form-urlencoded; charset=utf-8');
$result = openid_http_request($op_endpoint, $headers, 'POST', _openid_encode_message($message));
if (!isset($result->error)) {
$response = _openid_parse_message($result->data);
if (strtolower(trim($response['is_valid'])) == 'true') {
$valid = TRUE;
}
else {
$valid = FALSE;
}
$valid = FALSE;
//TODO
$openid_association = Database::get_main_table(TABLE_MAIN_OPENID_ASSOCIATION);
$sql = sprintf("SELECT * FROM $openid_association WHERE assoc_handle = '%s'", $response['openid.assoc_handle']);
$res = Database::query($sql);
$association = Database::fetch_object($res);
if ($association && isset($association->session_type)) {
$keys_to_sign = explode(',', $response['openid.signed']);
$self_sig = _openid_signature($association, $response, $keys_to_sign);
if ($self_sig == $response['openid.sig']) {
$valid = TRUE;
} else {
$valid = FALSE;
}
} else {
$request = $response;
$request['openid.mode'] = 'check_authentication';
$message = _openid_create_message($request);
$headers = array('Content-Type' => 'application/x-www-form-urlencoded; charset=utf-8');
$result = openid_http_request($op_endpoint, $headers, 'POST', _openid_encode_message($message));
if (!isset($result->error)) {
$response = _openid_parse_message($result->data);
if (strtolower(trim($response['is_valid'])) == 'true') {
$valid = TRUE;
} else {
$valid = FALSE;
}
}
}
}
return $valid;
return $valid;
}
/**
* Make a HTTP request - This function has been copied straight over from Drupal 6 code (drupal_http_request)
*/
function openid_http_request($url, $headers = array(), $method = 'GET', $data = NULL, $retry = 3) {
$result = new stdClass();
// Parse the URL and make sure we can handle the schema.
$uri = parse_url($url);
switch ($uri['scheme']) {
case 'http':
$port = isset($uri['port']) ? $uri['port'] : 80;
$host = $uri['host'] . ($port != 80 ? ':'. $port : '');
$fp = @fsockopen($uri['host'], $port, $errno, $errstr, 15);
break;
case 'https':
// Note: Only works for PHP 4.3 compiled with OpenSSL.
$port = isset($uri['port']) ? $uri['port'] : 443;
$host = $uri['host'] . ($port != 443 ? ':'. $port : '');
$fp = @fsockopen('ssl://'. $uri['host'], $port, $errno, $errstr, 20);
break;
default:
$result->error = 'invalid schema '. $uri['scheme'];
return $result;
}
// Make sure the socket opened properly.
if (!$fp) {
// When a network error occurs, we make sure that it is a negative number so
// it can clash with the HTTP status codes.
$result->code = -$errno;
$result->error = trim($errstr);
return $result;
}
// Construct the path to act on.
$path = isset($uri['path']) ? $uri['path'] : '/';
if (isset($uri['query'])) {
$path .= '?'. $uri['query'];
}
// Create HTTP request.
$defaults = array(
// RFC 2616: "non-standard ports MUST, default ports MAY be included".
// We don't add the port to prevent from breaking rewrite rules checking the
// host that do not take into account the port number.
'Host' => "Host: $host",
'User-Agent' => 'User-Agent: Dokeos (+http://dokeos.com/)',
'Content-Length' => 'Content-Length: '. strlen($data)
);
// If the server url has a user then attempt to use basic authentication
if (isset($uri['user'])) {
$defaults['Authorization'] = 'Authorization: Basic '. base64_encode($uri['user'] . (!empty($uri['pass']) ? ":". $uri['pass'] : ''));
}
foreach ($headers as $header => $value) {
$defaults[$header] = $header .': '. $value;
}
$request = $method .' '. $path ." HTTP/1.0\r\n";
$request .= implode("\r\n", $defaults);
$request .= "\r\n\r\n";
if ($data) {
$request .= $data ."\r\n";
}
$result->request = $request;
fwrite($fp, $request);
// Fetch response.
$response = '';
while (!feof($fp) && $chunk = fread($fp, 1024)) {
$response .= $chunk;
}
fclose($fp);
// Parse response.
list($split, $result->data) = explode("\r\n\r\n", $response, 2);
$split = preg_split("/\r\n|\n|\r/", $split);
list($protocol, $code, $text) = explode(' ', trim(array_shift($split)), 3);
$result->headers = array();
// Parse headers.
while ($line = trim(array_shift($split))) {
list($header, $value) = explode(':', $line, 2);
if (isset($result->headers[$header]) && $header == 'Set-Cookie') {
// RFC 2109: the Set-Cookie response header comprises the token Set-
// Cookie:, followed by a comma-separated list of one or more cookies.
$result->headers[$header] .= ','. trim($value);
$result = new stdClass();
// Parse the URL and make sure we can handle the schema.
$uri = parse_url($url);
switch ($uri['scheme']) {
case 'http':
$port = isset($uri['port']) ? $uri['port'] : 80;
$host = $uri['host'] . ($port != 80 ? ':' . $port : '');
$fp = @fsockopen($uri['host'], $port, $errno, $errstr, 15);
break;
case 'https':
// Note: Only works for PHP 4.3 compiled with OpenSSL.
$port = isset($uri['port']) ? $uri['port'] : 443;
$host = $uri['host'] . ($port != 443 ? ':' . $port : '');
$fp = @fsockopen('ssl://' . $uri['host'], $port, $errno, $errstr, 20);
break;
default:
$result->error = 'invalid schema ' . $uri['scheme'];
return $result;
}
// Make sure the socket opened properly.
if (!$fp) {
// When a network error occurs, we make sure that it is a negative number so
// it can clash with the HTTP status codes.
$result->code = -$errno;
$result->error = trim($errstr);
return $result;
}
else {
$result->headers[$header] = trim($value);
// Construct the path to act on.
$path = isset($uri['path']) ? $uri['path'] : '/';
if (isset($uri['query'])) {
$path .= '?' . $uri['query'];
}
// Create HTTP request.
$defaults = array(
// RFC 2616: "non-standard ports MUST, default ports MAY be included".
// We don't add the port to prevent from breaking rewrite rules checking the
// host that do not take into account the port number.
'Host' => "Host: $host",
'User-Agent' => 'User-Agent: Dokeos (+http://dokeos.com/)',
'Content-Length' => 'Content-Length: ' . strlen($data)
);
// If the server url has a user then attempt to use basic authentication
if (isset($uri['user'])) {
$defaults['Authorization'] = 'Authorization: Basic ' . base64_encode($uri['user'] . (!empty($uri['pass']) ? ":" . $uri['pass'] : ''));
}
foreach ($headers as $header => $value) {
$defaults[$header] = $header . ': ' . $value;
}
}
$responses = array(
100 => 'Continue', 101 => 'Switching Protocols',
200 => 'OK', 201 => 'Created', 202 => 'Accepted', 203 => 'Non-Authoritative Information', 204 => 'No Content', 205 => 'Reset Content', 206 => 'Partial Content',
300 => 'Multiple Choices', 301 => 'Moved Permanently', 302 => 'Found', 303 => 'See Other', 304 => 'Not Modified', 305 => 'Use Proxy', 307 => 'Temporary Redirect',
400 => 'Bad Request', 401 => 'Unauthorized', 402 => 'Payment Required', 403 => 'Forbidden', 404 => 'Not Found', 405 => 'Method Not Allowed', 406 => 'Not Acceptable', 407 => 'Proxy Authentication Required', 408 => 'Request Time-out', 409 => 'Conflict', 410 => 'Gone', 411 => 'Length Required', 412 => 'Precondition Failed', 413 => 'Request Entity Too Large', 414 => 'Request-URI Too Large', 415 => 'Unsupported Media Type', 416 => 'Requested range not satisfiable', 417 => 'Expectation Failed',
500 => 'Internal Server Error', 501 => 'Not Implemented', 502 => 'Bad Gateway', 503 => 'Service Unavailable', 504 => 'Gateway Time-out', 505 => 'HTTP Version not supported'
);
// RFC 2616 states that all unknown HTTP codes must be treated the same as the
// base code in their class.
if (!isset($responses[$code])) {
$code = floor($code / 100) * 100;
}
switch ($code) {
case 200: // OK
case 304: // Not modified
break;
case 301: // Moved permanently
case 302: // Moved temporarily
case 307: // Moved temporarily
$location = $result->headers['Location'];
if ($retry) {
$result = openid_http_request($result->headers['Location'], $headers, $method, $data, --$retry);
$result->redirect_code = $result->code;
}
$result->redirect_url = $location;
break;
default:
$result->error = $text;
}
$result->code = $code;
return $result;
$request = $method . ' ' . $path . " HTTP/1.0\r\n";
$request .= implode("\r\n", $defaults);
$request .= "\r\n\r\n";
if ($data) {
$request .= $data . "\r\n";
}
$result->request = $request;
fwrite($fp, $request);
// Fetch response.
$response = '';
while (!feof($fp) && $chunk = fread($fp, 1024)) {
$response .= $chunk;
}
fclose($fp);
// Parse response.
list($split, $result->data) = explode("\r\n\r\n", $response, 2);
$split = preg_split("/\r\n|\n|\r/", $split);
list($protocol, $code, $text) = explode(' ', trim(array_shift($split)), 3);
$result->headers = array();
// Parse headers.
while ($line = trim(array_shift($split))) {
list($header, $value) = explode(':', $line, 2);
if (isset($result->headers[$header]) && $header == 'Set-Cookie') {
// RFC 2109: the Set-Cookie response header comprises the token Set-
// Cookie:, followed by a comma-separated list of one or more cookies.
$result->headers[$header] .= ',' . trim($value);
} else {
$result->headers[$header] = trim($value);
}
}
$responses = array(
100 => 'Continue', 101 => 'Switching Protocols',
200 => 'OK', 201 => 'Created', 202 => 'Accepted', 203 => 'Non-Authoritative Information', 204 => 'No Content', 205 => 'Reset Content', 206 => 'Partial Content',
300 => 'Multiple Choices', 301 => 'Moved Permanently', 302 => 'Found', 303 => 'See Other', 304 => 'Not Modified', 305 => 'Use Proxy', 307 => 'Temporary Redirect',
400 => 'Bad Request', 401 => 'Unauthorized', 402 => 'Payment Required', 403 => 'Forbidden', 404 => 'Not Found', 405 => 'Method Not Allowed', 406 => 'Not Acceptable', 407 => 'Proxy Authentication Required', 408 => 'Request Time-out', 409 => 'Conflict', 410 => 'Gone', 411 => 'Length Required', 412 => 'Precondition Failed', 413 => 'Request Entity Too Large', 414 => 'Request-URI Too Large', 415 => 'Unsupported Media Type', 416 => 'Requested range not satisfiable', 417 => 'Expectation Failed',
500 => 'Internal Server Error', 501 => 'Not Implemented', 502 => 'Bad Gateway', 503 => 'Service Unavailable', 504 => 'Gateway Time-out', 505 => 'HTTP Version not supported'
);
// RFC 2616 states that all unknown HTTP codes must be treated the same as the
// base code in their class.
if (!isset($responses[$code])) {
$code = floor($code / 100) * 100;
}
switch ($code) {
case 200: // OK
case 304: // Not modified
break;
case 301: // Moved permanently
case 302: // Moved temporarily
case 307: // Moved temporarily
$location = $result->headers['Location'];
if ($retry) {
$result = openid_http_request($result->headers['Location'], $headers, $method, $data, --$retry);
$result->redirect_code = $result->code;
}
$result->redirect_url = $location;
break;
default:
$result->error = $text;
}
$result->code = $code;
return $result;
}

459
main/auth/openid/openid.lib.php
Unescape View File

@ -1,4 +1,5 @@
<?php
/* For licensing terms, see /license.txt */
/**
* OpenID utility functions. Taken from Drupal 6 code (from dries)
@ -8,11 +9,11 @@
* Code
*/
// Diffie-Hellman Key Exchange Default Value.
define('OPENID_DH_DEFAULT_MOD', '155172898181473697471232257763715539915724801'.
'966915404479707795314057629378541917580651227423698188993727816152646631'.
'438561595825688188889951272158842675419950341258706556549803580104870537'.
'681476726513255747040765857479291291572334510643245094715007229621094194'.
'349783925984760375594985848253359305585439638443');
define('OPENID_DH_DEFAULT_MOD', '155172898181473697471232257763715539915724801' .
'966915404479707795314057629378541917580651227423698188993727816152646631' .
'438561595825688188889951272158842675419950341258706556549803580104870537' .
'681476726513255747040765857479291291572334510643245094715007229621094194' .
'349783925984760375594985848253359305585439638443');
// Constants for Diffie-Hellman key exchange computations.
define('OPENID_DH_DEFAULT_GEN', '2');
@ -29,121 +30,114 @@ define('OPENID_NS_1_0', 'http://openid.net/signon/1.0');
* This function should be deprecated for 1.8.6.2 needs documentation
*/
function openid_redirect_http($url, $message) {
$query = array();
foreach ($message as $key => $val) {
$query[] = $key .'='. urlencode($val);
}
$sep = (strpos($url, '?') === FALSE) ? '?' : '&';
header('Location: '. $url . $sep . implode('&', $query), TRUE, 302);
//exit;
$query = array();
foreach ($message as $key => $val) {
$query[] = $key . '=' . urlencode($val);
}
$sep = (strpos($url, '?') === FALSE) ? '?' : '&';
header('Location: ' . $url . $sep . implode('&', $query), TRUE, 302);
//exit;
}
/**
* Creates a js auto-submit redirect for (for the 2.x protocol)
* This function should be deprecated for 1.8.6.2 needs documentation
*/
function openid_redirect($url, $message) {
$output = '<html><head><title>'.get_lang('OpenIDRedirect'). "</title></head>\n<body>";
//$output .= drupal_get_form('openid_redirect_form', $url, $message);
$output .= '<form method="post" action="'.$url.'" id="openid-redirect-form">';
foreach($message as $key => $value)
{
$output .='<input type="hidden" name="'.$key.'" value="'.$value.'">';
}
//$output .= '<input type="text" name=""></input></form>';
$output .= '<noscript><input type="submit" name="submit" value="'.get_lang('Send').'"/></noscript>';
$output .= '</form>';
$output .= '<script type="text/javascript">document.getElementById("openid-redirect-form").submit();</script>';
$output .= "</body></html>\n";
//print $output;
return $output;
exit;
function openid_redirect($url, $message) {
$output = '<html><head><title>' . get_lang('OpenIDRedirect') . "</title></head>\n<body>";
$output .= '<form method="post" action="' . $url . '" id="openid-redirect-form">';
foreach ($message as $key => $value) {
$output .='<input type="hidden" name="' . $key . '" value="' . $value . '">';
}
$output .= '<noscript><input type="submit" name="submit" value="' . get_lang('Send') . '"/></noscript>';
$output .= '</form>';
$output .= '<script type="text/javascript">document.getElementById("openid-redirect-form").submit();</script>';
$output .= "</body></html>";
return $output;
}
/**
* Determine if the given identifier is an XRI ID.
*/
function _openid_is_xri($identifier) {
$firstchar = substr($identifier, 0, 1);
if ($firstchar == "@" || $firstchar == "=")
return TRUE;
$firstchar = substr($identifier, 0, 1);
if ($firstchar == "@" || $firstchar == "=")
return TRUE;
if (stristr($identifier, 'xri://') !== FALSE) {
return TRUE;
}
if (stristr($identifier, 'xri://') !== FALSE) {
return TRUE;
}
return FALSE;
return FALSE;
}
/**
* Normalize the given identifier as per spec.
*/
function _openid_normalize($identifier) {
if (_openid_is_xri($identifier)) {
return _openid_normalize_xri($identifier);
}
else {
return _openid_normalize_url($identifier);
}
if (_openid_is_xri($identifier)) {
return _openid_normalize_xri($identifier);
} else {
return _openid_normalize_url($identifier);
}
}
function _openid_normalize_xri($xri) {
$normalized_xri = $xri;
if (stristr($xri, 'xri://') !== FALSE) {
$normalized_xri = substr($xri, 6);
}
return $normalized_xri;
$normalized_xri = $xri;
if (stristr($xri, 'xri://') !== FALSE) {
$normalized_xri = substr($xri, 6);
}
return $normalized_xri;
}
function _openid_normalize_url($url) {
$normalized_url = $url;
$normalized_url = $url;
if (stristr($url, '://') === FALSE) {
$normalized_url = 'http://'. $url;
}
if (stristr($url, '://') === FALSE) {
$normalized_url = 'http://' . $url;
}
if (substr_count($normalized_url, '/') < 3) {
$normalized_url .= '/';
}
if (substr_count($normalized_url, '/') < 3) {
$normalized_url .= '/';
}
return $normalized_url;
return $normalized_url;
}
/**
* Create a serialized message packet as per spec: $key:$value\n .
*/
function _openid_create_message($data) {
$serialized = '';
$serialized = '';
foreach ($data as $key => $value) {
if ((strpos($key, ':') !== FALSE) || (strpos($key, "\n") !== FALSE) || (strpos($value, "\n") !== FALSE)) {
return null;
foreach ($data as $key => $value) {
if ((strpos($key, ':') !== FALSE) || (strpos($key, "\n") !== FALSE) || (strpos($value, "\n") !== FALSE)) {
return null;
}
$serialized .= "$key:$value\n";
}
$serialized .= "$key:$value\n";
}
return $serialized;
return $serialized;
}
/**
* Encode a message from _openid_create_message for HTTP Post
*/
function _openid_encode_message($message) {
$encoded_message = '';
$items = explode("\n", $message);
foreach ($items as $item) {
$parts = explode(':', $item, 2);
if (count($parts) == 2) {
if ($encoded_message != '') {
$encoded_message .= '&';
}
$encoded_message .= rawurlencode(trim($parts[0])) .'='. rawurlencode(trim($parts[1]));
$encoded_message = '';
$items = explode("\n", $message);
foreach ($items as $item) {
$parts = explode(':', $item, 2);
if (count($parts) == 2) {
if ($encoded_message != '') {
$encoded_message .= '&';
}
$encoded_message .= rawurlencode(trim($parts[0])) . '=' . rawurlencode(trim($parts[1]));
}
}
}
return $encoded_message;
return $encoded_message;
}
/**
@ -151,55 +145,55 @@ function _openid_encode_message($message) {
* into an associative array.
*/
function _openid_parse_message($message) {
$parsed_message = array();
$parsed_message = array();
$items = explode("\n", $message);
foreach ($items as $item) {
$parts = explode(':', $item, 2);
$items = explode("\n", $message);
foreach ($items as $item) {
$parts = explode(':', $item, 2);
if (count($parts) == 2) {
$parsed_message[$parts[0]] = $parts[1];
if (count($parts) == 2) {
$parsed_message[$parts[0]] = $parts[1];
}
}
}
return $parsed_message;
return $parsed_message;
}
/**
* Return a nonce value - formatted per OpenID spec.
*/
function _openid_nonce() {
// YYYY-MM-DDThh:mm:ssTZD UTC, plus some optional extra unique chars
return gmstrftime('%Y-%m-%dT%H:%M:%S%Z') .
chr(mt_rand(0, 25) + 65) .
chr(mt_rand(0, 25) + 65) .
chr(mt_rand(0, 25) + 65) .
chr(mt_rand(0, 25) + 65);
// YYYY-MM-DDThh:mm:ssTZD UTC, plus some optional extra unique chars
return gmstrftime('%Y-%m-%dT%H:%M:%S%Z') .
chr(mt_rand(0, 25) + 65) .
chr(mt_rand(0, 25) + 65) .
chr(mt_rand(0, 25) + 65) .
chr(mt_rand(0, 25) + 65);
}
/**
* Pull the href attribute out of an html link element.
*/
function _openid_link_href($rel, $html) {
$rel = preg_quote($rel);
preg_match('|<link\s+rel=["\'](.*)'. $rel .'(.*)["\'](.*)/?>|iU', $html, $matches);
if (isset($matches[3])) {
preg_match('|href=["\']([^"]+)["\']|iU', $matches[0], $href);
return trim($href[1]);
}
return FALSE;
$rel = preg_quote($rel);
preg_match('|<link\s+rel=["\'](.*)' . $rel . '(.*)["\'](.*)/?>|iU', $html, $matches);
if (isset($matches[3])) {
preg_match('|href=["\']([^"]+)["\']|iU', $matches[0], $href);
return trim($href[1]);
}
return FALSE;
}
/**
* Pull the http-equiv attribute out of an html meta element
*/
function _openid_meta_httpequiv($equiv, $html) {
preg_match('|<meta\s+http-equiv=["\']'. $equiv .'["\'](.*)/?>|iU', $html, $matches);
if (isset($matches[1])) {
preg_match('|content=["\']([^"]+)["\']|iU', $matches[1], $content);
return $content[1];
}
return FALSE;
preg_match('|<meta\s+http-equiv=["\']' . $equiv . '["\'](.*)/?>|iU', $html, $matches);
if (isset($matches[1])) {
preg_match('|content=["\']([^"]+)["\']|iU', $matches[1], $content);
return $content[1];
}
return FALSE;
}
/**
@ -211,201 +205,200 @@ function _openid_meta_httpequiv($equiv, $html) {
* 'openid.' appended)
*/
function _openid_signature($association, $message_array, $keys_to_sign) {
$signature = '';
$sign_data = array();
$signature = '';
$sign_data = array();
foreach ($keys_to_sign as $key) {
if (isset($message_array['openid.'. $key])) {
$sign_data[$key] = $message_array['openid.'. $key];
foreach ($keys_to_sign as $key) {
if (isset($message_array['openid.' . $key])) {
$sign_data[$key] = $message_array['openid.' . $key];
}
}
}
$message = _openid_create_message($sign_data);
$secret = base64_decode($association->mac_key);
$signature = _openid_hmac($secret, $message);
$message = _openid_create_message($sign_data);
$secret = base64_decode($association->mac_key);
$signature = _openid_hmac($secret, $message);
return base64_encode($signature);
return base64_encode($signature);
}
function _openid_hmac($key, $text) {
if (strlen($key) > OPENID_SHA1_BLOCKSIZE) {
$key = _openid_sha1($key, true);
}
if (strlen($key) > OPENID_SHA1_BLOCKSIZE) {
$key = _openid_sha1($key, true);
}
$key = str_pad($key, OPENID_SHA1_BLOCKSIZE, chr(0x00));
$ipad = str_repeat(chr(0x36), OPENID_SHA1_BLOCKSIZE);
$opad = str_repeat(chr(0x5c), OPENID_SHA1_BLOCKSIZE);
$hash1 = _openid_sha1(($key ^ $ipad) . $text, true);
$hmac = _openid_sha1(($key ^ $opad) . $hash1, true);
$key = str_pad($key, OPENID_SHA1_BLOCKSIZE, chr(0x00));
$ipad = str_repeat(chr(0x36), OPENID_SHA1_BLOCKSIZE);
$opad = str_repeat(chr(0x5c), OPENID_SHA1_BLOCKSIZE);
$hash1 = _openid_sha1(($key ^ $ipad) . $text, true);
$hmac = _openid_sha1(($key ^ $opad) . $hash1, true);
return $hmac;
return $hmac;
}
function _openid_sha1($text) {
$hex = sha1($text);
$raw = '';
for ($i = 0; $i < 40; $i += 2) {
$hexcode = substr($hex, $i, 2);
$charcode = (int)base_convert($hexcode, 16, 10);
$raw .= chr($charcode);
}
return $raw;
$hex = sha1($text);
$raw = '';
for ($i = 0; $i < 40; $i += 2) {
$hexcode = substr($hex, $i, 2);
$charcode = (int) base_convert($hexcode, 16, 10);
$raw .= chr($charcode);
}
return $raw;
}
function _openid_dh_base64_to_long($str) {
$b64 = base64_decode($str);
$b64 = base64_decode($str);
return _openid_dh_binary_to_long($b64);
return _openid_dh_binary_to_long($b64);
}
function _openid_dh_long_to_base64($str) {
return base64_encode(_openid_dh_long_to_binary($str));
return base64_encode(_openid_dh_long_to_binary($str));
}
function _openid_dh_binary_to_long($str) {
$bytes = array_merge(unpack('C*', $str));
$bytes = array_merge(unpack('C*', $str));
$n = 0;
foreach ($bytes as $byte) {
$n = bcmul($n, pow(2, 8));
$n = bcadd($n, $byte);
}
$n = 0;
foreach ($bytes as $byte) {
$n = bcmul($n, pow(2, 8));
$n = bcadd($n, $byte);
}
return $n;
return $n;
}
function _openid_dh_long_to_binary($long) {
$cmp = bccomp($long, 0);
if ($cmp < 0) {
return FALSE;
}
$cmp = bccomp($long, 0);
if ($cmp < 0) {
return FALSE;
}
if ($cmp == 0) {
return "\x00";
}
if ($cmp == 0) {
return "\x00";
}
$bytes = array();
$bytes = array();
while (bccomp($long, 0) > 0) {
array_unshift($bytes, bcmod($long, 256));
$long = bcdiv($long, pow(2, 8));
}
while (bccomp($long, 0) > 0) {
array_unshift($bytes, bcmod($long, 256));
$long = bcdiv($long, pow(2, 8));
}
if ($bytes && ($bytes[0] > 127)) {
array_unshift($bytes, 0);
}
if ($bytes && ($bytes[0] > 127)) {
array_unshift($bytes, 0);
}
$string = '';
foreach ($bytes as $byte) {
$string .= pack('C', $byte);
}
$string = '';
foreach ($bytes as $byte) {
$string .= pack('C', $byte);
}
return $string;
return $string;
}
function _openid_dh_xorsecret($shared, $secret) {
$dh_shared_str = _openid_dh_long_to_binary($shared);
$sha1_dh_shared = _openid_sha1($dh_shared_str);
$xsecret = "";
for ($i = 0; $i < strlen($secret); $i++) {
$xsecret .= chr(ord($secret[$i]) ^ ord($sha1_dh_shared[$i]));
}
return $xsecret;
$dh_shared_str = _openid_dh_long_to_binary($shared);
$sha1_dh_shared = _openid_sha1($dh_shared_str);
$xsecret = "";
for ($i = 0; $i < strlen($secret); $i++) {
$xsecret .= chr(ord($secret[$i]) ^ ord($sha1_dh_shared[$i]));
}
return $xsecret;
}
function _openid_dh_rand($stop) {
static $duplicate_cache = array();
static $duplicate_cache = array();
// Used as the key for the duplicate cache
$rbytes = _openid_dh_long_to_binary($stop);
// Used as the key for the duplicate cache
$rbytes = _openid_dh_long_to_binary($stop);
if (array_key_exists($rbytes, $duplicate_cache)) {
list($duplicate, $nbytes) = $duplicate_cache[$rbytes];
}
else {
if ($rbytes[0] == "\x00") {
$nbytes = strlen($rbytes) - 1;
}
else {
$nbytes = strlen($rbytes);
}
if (array_key_exists($rbytes, $duplicate_cache)) {
list($duplicate, $nbytes) = $duplicate_cache[$rbytes];
} else {
if ($rbytes[0] == "\x00") {
$nbytes = strlen($rbytes) - 1;
} else {
$nbytes = strlen($rbytes);
}
$mxrand = bcpow(256, $nbytes);
$mxrand = bcpow(256, $nbytes);
// If we get a number less than this, then it is in the
// duplicated range.
$duplicate = bcmod($mxrand, $stop);
// If we get a number less than this, then it is in the
// duplicated range.
$duplicate = bcmod($mxrand, $stop);
if (count($duplicate_cache) > 10) {
$duplicate_cache = array();
}
if (count($duplicate_cache) > 10) {
$duplicate_cache = array();
}
$duplicate_cache[$rbytes] = array($duplicate, $nbytes);
}
$duplicate_cache[$rbytes] = array($duplicate, $nbytes);
}
do {
$bytes = "\x00" . _openid_get_bytes($nbytes);
$n = _openid_dh_binary_to_long($bytes);
// Keep looping if this value is in the low duplicated range.
} while (bccomp($n, $duplicate) < 0);
do {
$bytes = "\x00" . _openid_get_bytes($nbytes);
$n = _openid_dh_binary_to_long($bytes);
// Keep looping if this value is in the low duplicated range.
} while (bccomp($n, $duplicate) < 0);
return bcmod($n, $stop);
return bcmod($n, $stop);
}
function _openid_get_bytes($num_bytes) {
static $f = null;
$bytes = '';
if (!isset($f)) {
$f = @fopen(OPENID_RAND_SOURCE, "r");
}
if (!$f) {
// pseudorandom used
static $f = null;
$bytes = '';
for ($i = 0; $i < $num_bytes; $i += 4) {
$bytes .= pack('L', mt_rand());
if (!isset($f)) {
$f = @fopen(OPENID_RAND_SOURCE, "r");
}
if (!$f) {
// pseudorandom used
$bytes = '';
for ($i = 0; $i < $num_bytes; $i += 4) {
$bytes .= pack('L', mt_rand());
}
$bytes = substr($bytes, 0, $num_bytes);
} else {
$bytes = fread($f, $num_bytes);
}
$bytes = substr($bytes, 0, $num_bytes);
}
else {
$bytes = fread($f, $num_bytes);
}
return $bytes;
return $bytes;
}
/**
* Fix PHP's habit of replacing '.' by '_' in posted data.
*/
function _openid_fix_post(&$post) {
//$extensions = module_invoke_all('openid', 'extension');
foreach ($post as $key => $value) {
if (strpos($key, 'openid_') === 0) {
$fixed_key = str_replace('openid_', 'openid.', $key);
$fixed_key = str_replace('openid.ns_', 'openid.ns.', $fixed_key);
$fixed_key = str_replace('openid.sreg_', 'openid.sreg.', $fixed_key);
//foreach ($extensions as $ext) {
// $fixed_key = str_replace('openid.'.$ext.'_', 'openid.'.$ext.'.', $fixed_key);
//}
unset($post[$key]);
$post[$fixed_key] = $value;
//$extensions = module_invoke_all('openid', 'extension');
foreach ($post as $key => $value) {
if (strpos($key, 'openid_') === 0) {
$fixed_key = str_replace('openid_', 'openid.', $key);
$fixed_key = str_replace('openid.ns_', 'openid.ns.', $fixed_key);
$fixed_key = str_replace('openid.sreg_', 'openid.sreg.', $fixed_key);
//foreach ($extensions as $ext) {
// $fixed_key = str_replace('openid.'.$ext.'_', 'openid.'.$ext.'.', $fixed_key);
//}
unset($post[$key]);
$post[$fixed_key] = $value;
}
}
}
}
/**
* Provide bcpowmod support for PHP4.
*/
if (!function_exists('bcpowmod')) {
function bcpowmod($base, $exp, $mod) {
$square = bcmod($base, $mod);
$result = 1;
while (bccomp($exp, 0) > 0) {
if (bcmod($exp, 2)) {
$result = bcmod(bcmul($result, $square), $mod);
}
$square = bcmod(bcmul($square, $square), $mod);
$exp = bcdiv($exp, 2);
function bcpowmod($base, $exp, $mod) {
$square = bcmod($base, $mod);
$result = 1;
while (bccomp($exp, 0) > 0) {
if (bcmod($exp, 2)) {
$result = bcmod(bcmul($result, $square), $mod);
}
$square = bcmod(bcmul($square, $square), $mod);
$exp = bcdiv($exp, 2);
}
return $result;
}
return $result;
}
}

21
main/auth/openid/whatis.php
Unescape View File

@ -7,21 +7,8 @@
/**
* Code
*/
require('../../inc/global.inc.php');
require_once '../../inc/global.inc.php';
Display::display_header('OpenID', NULL);
?>
<p>
<?php echo get_lang('OpenIDWhatIs');?>
<br />
<?php echo get_lang('OpenIDDescription');?>
</p>
<p>
<a href="<?php
if (strpos($_SERVER['HTTP_REFERER'],$_SERVER['HTTP_HOST'])) {
echo Security::remove_XSS($_SERVER['HTTP_REFERER']);
}
?>">Return to the previous page</a>
</p>
<?php
Display::display_footer();
?>
echo Display::page_header(get_lang('OpenIDWhatIs'));
echo get_lang('OpenIDDescription');
Display::display_footer();

6
main/css/base.css
Unescape View File

@ -3161,6 +3161,10 @@ form .formw .freeze {
text-align: left;
}
.form_login {
padding: 3px 15px;
}
#formLogin label {
color:#666666;
}
@ -3262,7 +3266,7 @@ div#no-data-view div.controls {
/* styles for the star rater */
/* styles for the star rater */
.star-rating{
list-style:none;
margin: 0px;

472
main/inc/lib/auth.lib.php
Unescape View File

@ -1,4 +1,5 @@
<?php
/* For licensing terms, see /license.txt */
/**
* This file contains a class used like library provides functions for auth tool. It's also used like model to courses_controller (MVC pattern)
@ -8,45 +9,46 @@
/**
* Code
*/
require_once api_get_path(LIBRARY_PATH).'tracking.lib.php';
require_once api_get_path(LIBRARY_PATH) . 'tracking.lib.php';
/**
* Auth can be used to instanciate objects or as a library to manage courses
* @package chamilo.auth
*/
class Auth
{
class Auth {
/**
* Constructor
*/
public function __construct() {
}
public function __construct() {
}
/**
* retrieves all the courses that the user has already subscribed to
* @param int User id
* @return array an array containing all the information of the courses of the given user
*/
*/
public function get_courses_of_user($user_id) {
$TABLECOURS = Database::get_main_table(TABLE_MAIN_COURSE);
$TABLECOURSUSER = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$TABLE_COURSE_FIELD = Database::get_main_table(TABLE_MAIN_COURSE_FIELD);
$TABLE_COURSE_FIELD_VALUE = Database::get_main_table(TABLE_MAIN_COURSE_FIELD_VALUES);
$TABLECOURS = Database::get_main_table(TABLE_MAIN_COURSE);
$TABLECOURSUSER = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$TABLE_COURSE_FIELD = Database::get_main_table(TABLE_MAIN_COURSE_FIELD);
$TABLE_COURSE_FIELD_VALUE = Database::get_main_table(TABLE_MAIN_COURSE_FIELD_VALUES);
// get course list auto-register
$sql = "SELECT course_code FROM $TABLE_COURSE_FIELD_VALUE tcfv INNER JOIN $TABLE_COURSE_FIELD tcf ON " .
" tcfv.field_id = tcf.id WHERE tcf.field_variable = 'special_course' AND tcfv.field_value = 1 ";
" tcfv.field_id = tcf.id WHERE tcf.field_variable = 'special_course' AND tcfv.field_value = 1 ";
$special_course_result = Database::query($sql);
if (Database::num_rows($special_course_result)>0) {
if (Database::num_rows($special_course_result) > 0) {
$special_course_list = array();
while ($result_row = Database::fetch_array($special_course_result)) {
$special_course_list[] = '"'.$result_row['course_code'].'"';
$special_course_list[] = '"' . $result_row['course_code'] . '"';
}
}
$without_special_courses = '';
if (!empty($special_course_list)) {
$without_special_courses = ' AND course.code NOT IN ('.implode(',',$special_course_list).')';
$without_special_courses = ' AND course.code NOT IN (' . implode(',', $special_course_list) . ')';
}
// Secondly we select the courses that are in a category (user_course_cat<>0) and sort these according to the sort of the category
@ -56,8 +58,8 @@ class Auth
course_rel_user.sort sort, course_rel_user.user_course_cat user_course_cat
FROM $TABLECOURS course, $TABLECOURSUSER course_rel_user
WHERE course.code = course_rel_user.course_code
AND course_rel_user.relation_type<>".COURSE_RELATION_TYPE_RRHH."
AND course_rel_user.user_id = '".$user_id."' $without_special_courses
AND course_rel_user.relation_type<>" . COURSE_RELATION_TYPE_RRHH . "
AND course_rel_user.user_id = '" . $user_id . "' $without_special_courses
ORDER BY course_rel_user.sort ASC";
$result = Database::query($sql_select_courses);
while ($row = Database::fetch_array($result)) {
@ -70,49 +72,49 @@ class Auth
/**
* retrieves the user defined course categories
* @return array containing all the IDs of the user defined courses categories, sorted by the "sort" field
*/
*/
public function get_user_course_categories() {
$user_id = api_get_user_id();
$table_category = Database::get_user_personal_table(TABLE_USER_COURSE_CATEGORY);
$sql = "SELECT * FROM ".$table_category." WHERE user_id=$user_id ORDER BY sort ASC";
$sql = "SELECT * FROM " . $table_category . " WHERE user_id=$user_id ORDER BY sort ASC";
$result = Database::query($sql);
$output = array();
while ($row = Database::fetch_array($result)) {
$output[] = $row;
$output[] = $row;
}
return $output;
}
/**
* This function get all the courses in the particular user category;
* @param int User category id
* @return string: the name of the user defined course category
*/
* This function get all the courses in the particular user category;
* @param int User category id
* @return string: the name of the user defined course category
*/
public function get_courses_in_category() {
$user_id = api_get_user_id();
// table definitions
$TABLECOURS = Database::get_main_table(TABLE_MAIN_COURSE);
$TABLECOURS = Database::get_main_table(TABLE_MAIN_COURSE);
$TABLECOURSUSER = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$TABLE_USER_COURSE_CATEGORY = Database::get_user_personal_table(TABLE_USER_COURSE_CATEGORY);
$TABLE_COURSE_FIELD = Database :: get_main_table(TABLE_MAIN_COURSE_FIELD);
$TABLE_COURSE_FIELD_VALUE = Database :: get_main_table(TABLE_MAIN_COURSE_FIELD_VALUES);
$TABLE_COURSE_FIELD = Database :: get_main_table(TABLE_MAIN_COURSE_FIELD);
$TABLE_COURSE_FIELD_VALUE = Database :: get_main_table(TABLE_MAIN_COURSE_FIELD_VALUES);
// get course list auto-register
$sql = "SELECT course_code FROM $TABLE_COURSE_FIELD_VALUE tcfv INNER JOIN $TABLE_COURSE_FIELD tcf ON " .
" tcfv.field_id = tcf.id WHERE tcf.field_variable = 'special_course' AND tcfv.field_value = 1 ";
" tcfv.field_id = tcf.id WHERE tcf.field_variable = 'special_course' AND tcfv.field_value = 1 ";
$special_course_result = Database::query($sql);
if(Database::num_rows($special_course_result)>0) {
$special_course_list = array();
while ($result_row = Database::fetch_array($special_course_result)) {
$special_course_list[] = '"'.$result_row['course_code'].'"';
}
if (Database::num_rows($special_course_result) > 0) {
$special_course_list = array();
while ($result_row = Database::fetch_array($special_course_result)) {
$special_course_list[] = '"' . $result_row['course_code'] . '"';
}
}
$without_special_courses = '';
if (!empty($special_course_list)) {
$without_special_courses = ' AND course.code NOT IN ('.implode(',',$special_course_list).')';
$without_special_courses = ' AND course.code NOT IN (' . implode(',', $special_course_list) . ')';
}
$sql_select_courses = "SELECT course.code, course.visual_code, course.subscribe subscr, course.unsubscribe unsubscr,
@ -121,8 +123,8 @@ class Auth
FROM $TABLECOURS course,
$TABLECOURSUSER course_rel_user
WHERE course.code = course_rel_user.course_code
AND course_rel_user.user_id = '".$user_id."'
AND course_rel_user.relation_type <> ".COURSE_RELATION_TYPE_RRHH."
AND course_rel_user.user_id = '" . $user_id . "'
AND course_rel_user.relation_type <> " . COURSE_RELATION_TYPE_RRHH . "
$without_special_courses
ORDER BY course_rel_user.user_course_cat, course_rel_user.sort ASC";
$result = Database::query($sql_select_courses);
@ -132,7 +134,6 @@ class Auth
$data[$course['user_course_cat']][] = $course;
}
return $data;
}
/**
@ -140,7 +141,7 @@ class Auth
* @param string Course code
* @param int Category id
* @return bool True if it success
*/
*/
public function store_changecoursecategory($course_code, $newcategory) {
$course_code = Database::escape_string($course_code);
$newcategory = intval($newcategory);
@ -150,9 +151,11 @@ class Auth
$TABLECOURSUSER = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$max_sort_value = api_max_sort_value($newcategory, $current_user); // max_sort_value($newcategory);
Database::query("UPDATE $TABLECOURSUSER SET user_course_cat='".$newcategory."', sort='".($max_sort_value + 1)."' WHERE course_code='".$course_code."' AND user_id='".$current_user."' AND relation_type<>".COURSE_RELATION_TYPE_RRHH." ");
Database::query("UPDATE $TABLECOURSUSER SET user_course_cat='" . $newcategory . "', sort='" . ($max_sort_value + 1) . "' WHERE course_code='" . $course_code . "' AND user_id='" . $current_user . "' AND relation_type<>" . COURSE_RELATION_TYPE_RRHH . " ");
if (Database::affected_rows()) { $result = true; }
if (Database::affected_rows()) {
$result = true;
}
return $result;
}
@ -162,7 +165,7 @@ class Auth
* @param string Course code
* @param int Category id
* @return bool True if it success
*/
*/
public function move_course($direction, $course2move, $category) {
// definition of tables
@ -175,30 +178,32 @@ class Auth
// we need only the courses of the category we are moving in
$user_courses = array();
foreach ($all_user_courses as $key => $course) {
if ($course['user_course_category'] == $category) {
$user_courses[] = $course;
}
if ($course['user_course_category'] == $category) {
$user_courses[] = $course;
}
}
foreach ($user_courses as $key => $course) {
if ($course2move == $course['code']) {
// source_course is the course where we clicked the up or down icon
$source_course = $course;
// target_course is the course before/after the source_course (depending on the up/down icon)
if ($direction == 'up') {
$target_course = $user_courses[$key - 1];
} else {
$target_course = $user_courses[$key + 1];
}
}
if ($course2move == $course['code']) {
// source_course is the course where we clicked the up or down icon
$source_course = $course;
// target_course is the course before/after the source_course (depending on the up/down icon)
if ($direction == 'up') {
$target_course = $user_courses[$key - 1];
} else {
$target_course = $user_courses[$key + 1];
}
}
}
if (count($target_course) > 0 && count($source_course) > 0) {
$sql_update1 = "UPDATE $TABLECOURSUSER SET sort='".$target_course['sort']."' WHERE course_code='".$source_course['code']."' AND user_id='".$current_user_id."' AND relation_type<>".COURSE_RELATION_TYPE_RRHH." ";
$sql_update2 = "UPDATE $TABLECOURSUSER SET sort='".$source_course['sort']."' WHERE course_code='".$target_course['code']."' AND user_id='".$current_user_id."' AND relation_type<>".COURSE_RELATION_TYPE_RRHH." ";
Database::query($sql_update2);
Database::query($sql_update1);
if (Database::affected_rows()) { $result = true; }
$sql_update1 = "UPDATE $TABLECOURSUSER SET sort='" . $target_course['sort'] . "' WHERE course_code='" . $source_course['code'] . "' AND user_id='" . $current_user_id . "' AND relation_type<>" . COURSE_RELATION_TYPE_RRHH . " ";
$sql_update2 = "UPDATE $TABLECOURSUSER SET sort='" . $source_course['sort'] . "' WHERE course_code='" . $target_course['code'] . "' AND user_id='" . $current_user_id . "' AND relation_type<>" . COURSE_RELATION_TYPE_RRHH . " ";
Database::query($sql_update2);
Database::query($sql_update1);
if (Database::affected_rows()) {
$result = true;
}
}
return $result;
}
@ -220,27 +225,27 @@ class Auth
$result = false;
foreach ($user_coursecategories as $key => $category) {
$category_id = $category['id'];
if ($category2move == $category_id) {
// source_course is the course where we clicked the up or down icon
$source_category = $user_course_categories_info[$category2move];
// target_course is the course before/after the source_course (depending on the up/down icon)
if ($direction == 'up') {
$target_category = $user_course_categories_info[$user_coursecategories[$key - 1]['id']];
} else {
$target_category = $user_course_categories_info[$user_coursecategories[$key + 1]['id']];
}
$category_id = $category['id'];
if ($category2move == $category_id) {
// source_course is the course where we clicked the up or down icon
$source_category = $user_course_categories_info[$category2move];
// target_course is the course before/after the source_course (depending on the up/down icon)
if ($direction == 'up') {
$target_category = $user_course_categories_info[$user_coursecategories[$key - 1]['id']];
} else {
$target_category = $user_course_categories_info[$user_coursecategories[$key + 1]['id']];
}
}
}
if (count($target_category) > 0 && count($source_category) > 0) {
$sql_update1="UPDATE $table_user_defined_category SET sort='".Database::escape_string($target_category['sort'])."' WHERE id='".intval($source_category['id'])."' AND user_id='".$current_user_id."'";
$sql_update2="UPDATE $table_user_defined_category SET sort='".Database::escape_string($source_category['sort'])."' WHERE id='".intval($target_category['id'])."' AND user_id='".$current_user_id."'";
Database::query($sql_update2);
Database::query($sql_update1);
if (Database::affected_rows()) {
$result = true;
}
$sql_update1 = "UPDATE $table_user_defined_category SET sort='" . Database::escape_string($target_category['sort']) . "' WHERE id='" . intval($source_category['id']) . "' AND user_id='" . $current_user_id . "'";
$sql_update2 = "UPDATE $table_user_defined_category SET sort='" . Database::escape_string($source_category['sort']) . "' WHERE id='" . intval($target_category['id']) . "' AND user_id='" . $current_user_id . "'";
Database::query($sql_update2);
Database::query($sql_update1);
if (Database::affected_rows()) {
$result = true;
}
}
return $result;
}
@ -248,14 +253,14 @@ class Auth
/**
* Retrieves the user defined course categories and all the info that goes with it
* @return array containing all the info of the user defined courses categories with the id as key of the array
*/
*/
public function get_user_course_categories_info() {
$current_user_id = api_get_user_id();
$table_category = Database::get_user_personal_table(TABLE_USER_COURSE_CATEGORY);
$sql = "SELECT * FROM ".$table_category." WHERE user_id='".$current_user_id."' ORDER BY sort ASC";
$sql = "SELECT * FROM " . $table_category . " WHERE user_id='" . $current_user_id . "' ORDER BY sort ASC";
$result = Database::query($sql);
while ($row = Database::fetch_array($result)) {
$output[$row['id']] = $row;
$output[$row['id']] = $row;
}
return $output;
}
@ -265,16 +270,18 @@ class Auth
* @param string Category title
* @param int Category id
* @return bool True if it success
*/
*/
public function store_edit_course_category($title, $category_id) {
// protect data
$title = Database::escape_string($title);
$category_id = intval($category_id);
$result = false;
$tucc = Database::get_user_personal_table(TABLE_USER_COURSE_CATEGORY);
$sql_update = "UPDATE $tucc SET title='".api_htmlentities($title, ENT_QUOTES, api_get_system_encoding())."' WHERE id='".$category_id."'";
$sql_update = "UPDATE $tucc SET title='" . api_htmlentities($title, ENT_QUOTES, api_get_system_encoding()) . "' WHERE id='" . $category_id . "'";
Database::query($sql_update);
if (Database::affected_rows()) { $result = true; }
if (Database::affected_rows()) {
$result = true;
}
return $result;
}
@ -282,18 +289,20 @@ class Auth
* deletes a course category and moves all the courses that were in this category to main category
* @param int Category id
* @return bool True if it success
*/
*/
public function delete_course_category($category_id) {
$current_user_id = api_get_user_id();
$tucc = Database::get_user_personal_table(TABLE_USER_COURSE_CATEGORY);
$TABLECOURSUSER = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$category_id = intval($category_id);
$result = false;
$sql_delete = "DELETE FROM $tucc WHERE id='".$category_id."' and user_id='".$current_user_id."'";
$sql_delete = "DELETE FROM $tucc WHERE id='" . $category_id . "' and user_id='" . $current_user_id . "'";
Database::query($sql_delete);
if (Database::affected_rows()) { $result = true; }
$sql_update = "UPDATE $TABLECOURSUSER SET user_course_cat='0' WHERE user_course_cat='".$category_id."' AND user_id='".$current_user_id."' AND relation_type<>".COURSE_RELATION_TYPE_RRHH." ";
Database::query($sql_update);
if (Database::affected_rows()) {
$result = true;
}
$sql_update = "UPDATE $TABLECOURSUSER SET user_course_cat='0' WHERE user_course_cat='" . $category_id . "' AND user_id='" . $current_user_id . "' AND relation_type<>" . COURSE_RELATION_TYPE_RRHH . " ";
Database::query($sql_update);
return $result;
}
@ -301,7 +310,7 @@ class Auth
* unsubscribe the user from a given course
* @param string Course code
* @return bool True if it success
*/
*/
public function remove_user_from_course($course_code) {
$tbl_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
@ -314,22 +323,22 @@ class Auth
// we check (once again) if the user is not course administrator
// because the course administrator cannot unsubscribe himself
// (s)he can only delete the course
$sql_check = "SELECT * FROM $tbl_course_user WHERE user_id='".$current_user_id."' AND course_code='".$course_code."' AND status='1' ";
$sql_check = "SELECT * FROM $tbl_course_user WHERE user_id='" . $current_user_id . "' AND course_code='" . $course_code . "' AND status='1' ";
$result_check = Database::query($sql_check);
$number_of_rows = Database::num_rows($result_check);
if ($number_of_rows > 0) {
$result = false;
$result = false;
}
CourseManager::unsubscribe_user($current_user_id, $course_code);
return $result;
return $result;
}
/**
* stores the user course category in the chamilo_user database
* @param string Category title
* @return bool True if it success
*/
*/
public function store_course_category($category_title) {
$tucc = Database::get_user_personal_table(TABLE_USER_COURSE_CATEGORY);
@ -340,20 +349,22 @@ class Auth
$result = false;
// step 1: we determine the max value of the user defined course categories
$sql = "SELECT sort FROM $tucc WHERE user_id='".$current_user_id."' ORDER BY sort DESC";
$sql = "SELECT sort FROM $tucc WHERE user_id='" . $current_user_id . "' ORDER BY sort DESC";
$rs_sort = Database::query($sql);
$maxsort = Database::fetch_array($rs_sort);
$nextsort = $maxsort['sort'] + 1;
// step 2: we check if there is already a category with this name, if not we store it, else we give an error.
$sql = "SELECT * FROM $tucc WHERE user_id='".$current_user_id."' AND title='".$category_title."'ORDER BY sort DESC";
$sql = "SELECT * FROM $tucc WHERE user_id='" . $current_user_id . "' AND title='" . $category_title . "'ORDER BY sort DESC";
$rs = Database::query($sql);
if (Database::num_rows($rs) == 0) {
$sql_insert = "INSERT INTO $tucc (user_id, title,sort) VALUES ('".$current_user_id."', '".api_htmlentities($category_title, ENT_QUOTES, api_get_system_encoding())."', '".$nextsort."')";
Database::query($sql_insert);
if (Database::affected_rows()) { $result = true; }
$sql_insert = "INSERT INTO $tucc (user_id, title,sort) VALUES ('" . $current_user_id . "', '" . api_htmlentities($category_title, ENT_QUOTES, api_get_system_encoding()) . "', '" . $nextsort . "')";
Database::query($sql_insert);
if (Database::affected_rows()) {
$result = true;
}
} else {
$result = false;
$result = false;
}
return $result;
}
@ -362,39 +373,39 @@ class Auth
* Counts the number of courses in a given course category
* @param string Category code
* @return int Count of courses
*/
*/
public function count_courses_in_category($category_code) {
$tbl_course = Database::get_main_table(TABLE_MAIN_COURSE);
$TABLE_COURSE_FIELD = Database :: get_main_table(TABLE_MAIN_COURSE_FIELD);
$TABLE_COURSE_FIELD_VALUE = Database :: get_main_table(TABLE_MAIN_COURSE_FIELD_VALUES);
$TABLE_COURSE_FIELD = Database :: get_main_table(TABLE_MAIN_COURSE_FIELD);
$TABLE_COURSE_FIELD_VALUE = Database :: get_main_table(TABLE_MAIN_COURSE_FIELD_VALUES);
// get course list auto-register
$sql = "SELECT course_code FROM $TABLE_COURSE_FIELD_VALUE tcfv INNER JOIN $TABLE_COURSE_FIELD tcf ON " .
" tcfv.field_id = tcf.id WHERE tcf.field_variable = 'special_course' AND tcfv.field_value = 1 ";
" tcfv.field_id = tcf.id WHERE tcf.field_variable = 'special_course' AND tcfv.field_value = 1 ";
$special_course_result = Database::query($sql);
if(Database::num_rows($special_course_result)>0) {
$special_course_list = array();
while ($result_row = Database::fetch_array($special_course_result)) {
$special_course_list[] = '"'.$result_row['course_code'].'"';
}
if (Database::num_rows($special_course_result) > 0) {
$special_course_list = array();
while ($result_row = Database::fetch_array($special_course_result)) {
$special_course_list[] = '"' . $result_row['course_code'] . '"';
}
}
$without_special_courses = '';
if (!empty($special_course_list)) {
$without_special_courses = ' AND course.code NOT IN ('.implode(',',$special_course_list).')';
$without_special_courses = ' AND course.code NOT IN (' . implode(',', $special_course_list) . ')';
}
$sql = "SELECT * FROM $tbl_course WHERE category_code".(empty($category_code) ? " IS NULL" : "='".$category_code."'").$without_special_courses;
$sql = "SELECT * FROM $tbl_course WHERE category_code" . (empty($category_code) ? " IS NULL" : "='" . $category_code . "'") . $without_special_courses;
// Showing only the courses of the current Dokeos access_url_id.
global $_configuration;
if ($_configuration['multiple_access_urls']) {
$url_access_id = api_get_current_access_url_id();
if ($url_access_id != -1) {
$tbl_url_rel_course = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$sql = "SELECT * FROM $tbl_course as course INNER JOIN $tbl_url_rel_course as url_rel_course
$url_access_id = api_get_current_access_url_id();
if ($url_access_id != -1) {
$tbl_url_rel_course = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$sql = "SELECT * FROM $tbl_course as course INNER JOIN $tbl_url_rel_course as url_rel_course
ON (url_rel_course.course_code=course.code)
WHERE access_url_id = $url_access_id AND category_code".(empty($category_code) ? " IS NULL" : "='".$category_code."'").$without_special_courses;
}
WHERE access_url_id = $url_access_id AND category_code" . (empty($category_code) ? " IS NULL" : "='" . $category_code . "'") . $without_special_courses;
}
}
return Database::num_rows(Database::query($sql));
}
@ -418,116 +429,115 @@ class Auth
}
}
return $categories;
}
}
/**
* Display all the courses in the given course category. I could have used a parameter here
* @param string Category code
* @return array Courses data
*/
*/
public function browse_courses_in_category($category_code, $random_value = null) {
global $_configuration;
$tbl_course = Database::get_main_table(TABLE_MAIN_COURSE);
$TABLE_COURSE_FIELD = Database::get_main_table(TABLE_MAIN_COURSE_FIELD);
global $_configuration;
$tbl_course = Database::get_main_table(TABLE_MAIN_COURSE);
$TABLE_COURSE_FIELD = Database::get_main_table(TABLE_MAIN_COURSE_FIELD);
$TABLE_COURSE_FIELD_VALUE = Database::get_main_table(TABLE_MAIN_COURSE_FIELD_VALUES);
// Get course list auto-register
$sql = "SELECT course_code FROM $TABLE_COURSE_FIELD_VALUE tcfv INNER JOIN $TABLE_COURSE_FIELD tcf ON tcfv.field_id = tcf.id
WHERE tcf.field_variable = 'special_course' AND tcfv.field_value = 1 ";
$special_course_result = Database::query($sql);
if (Database::num_rows($special_course_result)>0) {
if (Database::num_rows($special_course_result) > 0) {
$special_course_list = array();
while ($result_row = Database::fetch_array($special_course_result)) {
$special_course_list[] = '"'.$result_row['course_code'].'"';
$special_course_list[] = '"' . $result_row['course_code'] . '"';
}
}
$without_special_courses = '';
if (!empty($special_course_list)) {
$without_special_courses = ' AND course.code NOT IN ('.implode(',',$special_course_list).')';
}
$without_special_courses = ' AND course.code NOT IN (' . implode(',', $special_course_list) . ')';
}
if (!empty($random_value)) {
$random_value = intval($random_value);
$sql = "SELECT COUNT(*) FROM $tbl_course";
$result = Database::query($sql);
list($num_records) = Database::fetch_row($result);
if ($_configuration['multiple_access_urls']) {
$url_access_id = api_get_current_access_url_id();
$url_access_id = api_get_current_access_url_id();
$tbl_url_rel_course = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$sql = "SELECT COUNT(*) FROM $tbl_course course INNER JOIN $tbl_url_rel_course as url_rel_course ON (url_rel_course.course_code=course.code)
WHERE access_url_id = $url_access_id ";
$result = Database::query($sql);
list($num_records) = Database::fetch_row($result);
$sql = "SELECT course.id FROM $tbl_course course INNER JOIN $tbl_url_rel_course as url_rel_course
ON (url_rel_course.course_code=course.code)
WHERE access_url_id = $url_access_id AND
RAND()*$num_records< $random_value
$without_special_courses ORDER BY RAND() LIMIT 0, $random_value";
$without_special_courses ORDER BY RAND() LIMIT 0, $random_value";
} else {
$sql = "SELECT id FROM $tbl_course course WHERE RAND()*$num_records< $random_value $without_special_courses ORDER BY RAND() LIMIT 0, $random_value";
}
$result = Database::query($sql);
$id_in = null;
while (list($id) = Database::fetch_row($result)){
while (list($id) = Database::fetch_row($result)) {
if ($id_in) {
$id_in.=",$id";
} else {
$id_in="$id";
$id_in.=",$id";
} else {
$id_in = "$id";
}
}
}
$sql = "SELECT * FROM $tbl_course WHERE id IN($id_in)";
} else {
$category_code = Database::escape_string($category_code);
$sql = "SELECT * FROM $tbl_course WHERE category_code='$category_code' $without_special_courses ORDER BY title ";
//showing only the courses of the current Chamilo access_url_id
if ($_configuration['multiple_access_urls']) {
$url_access_id = api_get_current_access_url_id();
$url_access_id = api_get_current_access_url_id();
$tbl_url_rel_course = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$sql = "SELECT * FROM $tbl_course as course INNER JOIN $tbl_url_rel_course as url_rel_course
ON (url_rel_course.course_code=course.code)
WHERE access_url_id = $url_access_id AND category_code='$category_code' $without_special_courses ORDER BY title";
}
WHERE access_url_id = $url_access_id AND category_code='$category_code' $without_special_courses ORDER BY title";
}
}
$result = Database::query($sql);
$courses = array();
while ($row = Database::fetch_array($result)) {
while ($row = Database::fetch_array($result)) {
$row['registration_code'] = !empty($row['registration_code']);
$count_users = CourseManager::get_users_count_in_course($row['code']);
$count_connections_last_month = Tracking::get_course_connections_count($row['code'], 0, api_get_utc_datetime(time()-(30*86400)));
$count_users = CourseManager::get_users_count_in_course($row['code']);
$count_connections_last_month = Tracking::get_course_connections_count($row['code'], 0, api_get_utc_datetime(time() - (30 * 86400)));
if ($row['tutor_name'] == '0') {
$row['tutor_name'] = get_lang('NoManager');
}
}
$point_info = CourseManager::get_course_ranking($row['id'], 0);
$courses[] = array(
'real_id' => $row['id'],
'point_info' => $point_info,
'code' => $row['code'],
'directory' => $row['directory'],
'db' => $row['db_name'],
'visual_code' => $row['visual_code'],
'title' => $row['title'],
'tutor' => $row['tutor_name'],
'subscribe' => $row['subscribe'],
'unsubscribe' => $row['unsubscribe'],
'registration_code' => $row['registration_code'],
'creation_date' => $row['creation_date'],
'visibility' => $row['visibility'],
'count_users' => $count_users,
'count_connections' => $count_connections_last_month
);
'real_id' => $row['id'],
'point_info' => $point_info,
'code' => $row['code'],
'directory' => $row['directory'],
'db' => $row['db_name'],
'visual_code' => $row['visual_code'],
'title' => $row['title'],
'tutor' => $row['tutor_name'],
'subscribe' => $row['subscribe'],
'unsubscribe' => $row['unsubscribe'],
'registration_code' => $row['registration_code'],
'creation_date' => $row['creation_date'],
'visibility' => $row['visibility'],
'count_users' => $count_users,
'count_connections' => $count_connections_last_month
);
}
return $courses;
@ -538,108 +548,108 @@ class Auth
* The search is done on the code, title and tutor field of the course table.
* @param string $search_term: the string that the user submitted, what we are looking for
* @return array an array containing a list of all the courses (the code, directory, dabase, visual_code, title, ... ) matching the the search term.
*/
*/
public function search_courses($search_term) {
$TABLECOURS = Database::get_main_table(TABLE_MAIN_COURSE);
$TABLE_COURSE_FIELD = Database :: get_main_table(TABLE_MAIN_COURSE_FIELD);
$TABLE_COURSE_FIELD_VALUE = Database :: get_main_table(TABLE_MAIN_COURSE_FIELD_VALUES);
$TABLECOURS = Database::get_main_table(TABLE_MAIN_COURSE);
$TABLE_COURSE_FIELD = Database :: get_main_table(TABLE_MAIN_COURSE_FIELD);
$TABLE_COURSE_FIELD_VALUE = Database :: get_main_table(TABLE_MAIN_COURSE_FIELD_VALUES);
// get course list auto-register
$sql = "SELECT course_code FROM $TABLE_COURSE_FIELD_VALUE tcfv INNER JOIN $TABLE_COURSE_FIELD tcf ON tcfv.field_id = tcf.id
WHERE tcf.field_variable = 'special_course' AND tcfv.field_value = 1 ";
$special_course_result = Database::query($sql);
if (Database::num_rows($special_course_result)>0) {
if (Database::num_rows($special_course_result) > 0) {
$special_course_list = array();
while ($result_row = Database::fetch_array($special_course_result)) {
$special_course_list[] = '"'.$result_row['course_code'].'"';
$special_course_list[] = '"' . $result_row['course_code'] . '"';
}
}
$without_special_courses = '';
if (!empty($special_course_list)) {
$without_special_courses = ' AND course.code NOT IN ('.implode(',',$special_course_list).')';
$without_special_courses = ' AND course.code NOT IN (' . implode(',', $special_course_list) . ')';
}
$search_term_safe = Database::escape_string($search_term);
$sql_find = "SELECT * FROM $TABLECOURS WHERE (code LIKE '%".$search_term_safe."%' OR title LIKE '%".$search_term_safe."%' OR tutor_name LIKE '%".$search_term_safe."%') $without_special_courses ORDER BY title, visual_code ASC";
$sql_find = "SELECT * FROM $TABLECOURS WHERE (code LIKE '%" . $search_term_safe . "%' OR title LIKE '%" . $search_term_safe . "%' OR tutor_name LIKE '%" . $search_term_safe . "%') $without_special_courses ORDER BY title, visual_code ASC";
global $_configuration;
if ($_configuration['multiple_access_urls']) {
$url_access_id = api_get_current_access_url_id();
if ($url_access_id != -1) {
$tbl_url_rel_course = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$sql_find = "SELECT * FROM $TABLECOURS as course INNER JOIN $tbl_url_rel_course as url_rel_course
$url_access_id = api_get_current_access_url_id();
if ($url_access_id != -1) {
$tbl_url_rel_course = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$sql_find = "SELECT * FROM $TABLECOURS as course INNER JOIN $tbl_url_rel_course as url_rel_course
ON (url_rel_course.course_code=course.code)
WHERE access_url_id = $url_access_id AND (code LIKE '%".$search_term_safe."%' OR title LIKE '%".$search_term_safe."%' OR tutor_name LIKE '%".$search_term_safe."%' ) $without_special_courses ORDER BY title, visual_code ASC ";
}
WHERE access_url_id = $url_access_id AND (code LIKE '%" . $search_term_safe . "%' OR title LIKE '%" . $search_term_safe . "%' OR tutor_name LIKE '%" . $search_term_safe . "%' ) $without_special_courses ORDER BY title, visual_code ASC ";
}
}
$result_find = Database::query($sql_find);
$courses = array();
while ($row = Database::fetch_array($result_find)) {
$row['registration_code'] = !empty($row['registration_code']);
$count_users = count(CourseManager::get_user_list_from_course_code($row['code']));
$count_connections_last_month = Tracking::get_course_connections_count($row['code'], 0, api_get_utc_datetime(time()-(30*86400)));
$count_connections_last_month = Tracking::get_course_connections_count($row['code'], 0, api_get_utc_datetime(time() - (30 * 86400)));
$courses[] = array(
'code' => $row['code'],
'directory' => $row['directory'],
'db' => $row['db_name'],
'visual_code' => $row['visual_code'],
'title' => $row['title'],
'tutor' => $row['tutor_name'],
'subscribe' => $row['subscribe'],
'unsubscribe' => $row['unsubscribe'],
'registration_code' => $row['registration_code'],
'creation_date' => $row['creation_date'],
'visibility' => $row['visibility'],
'count_users' => $count_users,
'count_connections' => $count_connections_last_month
);
'code' => $row['code'],
'directory' => $row['directory'],
'db' => $row['db_name'],
'visual_code' => $row['visual_code'],
'title' => $row['title'],
'tutor' => $row['tutor_name'],
'subscribe' => $row['subscribe'],
'unsubscribe' => $row['unsubscribe'],
'registration_code' => $row['registration_code'],
'creation_date' => $row['creation_date'],
'visibility' => $row['visibility'],
'count_users' => $count_users,
'count_connections' => $count_connections_last_month
);
}
return $courses;
}
/**
* Subscribe the user to a given course
* @param string Course code
* @return string Message about results
/**
* Subscribe the user to a given course
* @param string Course code
* @return string Message about results
*/
public function subscribe_user($course_code) {
global $_user;
$all_course_information = CourseManager::get_course_information($course_code);
$user_id = api_get_user_id();
$all_course_information = CourseManager::get_course_information($course_code);
if ($all_course_information['registration_code'] == '' || $_POST['course_registration_code'] == $all_course_information['registration_code']) {
if (api_is_platform_admin()) {
$status_user_in_new_course = COURSEMANAGER;
} else {
$status_user_in_new_course=null;
}
if (CourseManager::add_user_to_course($_user['user_id'], $course_code, $status_user_in_new_course)) {
$send = api_get_course_setting('email_alert_to_teacher_on_new_user_in_course', $course_code);
if ($send == 1) {
CourseManager::email_to_tutor($_user['user_id'], $course_code, $send_to_tutor_also = false);
} else if ($send == 2){
CourseManager::email_to_tutor($_user['user_id'], $course_code, $send_to_tutor_also = true);
}
return get_lang('EnrollToCourseSuccessful');
} else {
return get_lang('ErrorContactPlatformAdmin');
if (api_is_platform_admin()) {
$status_user_in_new_course = COURSEMANAGER;
} else {
$status_user_in_new_course = null;
}
if (CourseManager::add_user_to_course($user_id, $course_code, $status_user_in_new_course)) {
$send = api_get_course_setting('email_alert_to_teacher_on_new_user_in_course', $course_code);
if ($send == 1) {
CourseManager::email_to_tutor($user_id, $course_code, $send_to_tutor_also = false);
} else if ($send == 2) {
CourseManager::email_to_tutor($user_id, $course_code, $send_to_tutor_also = true);
}
$message = get_lang('EnrollToCourseSuccessful');
} else {
$message = get_lang('ErrorContactPlatformAdmin');
}
return array('message' => $message);
} else {
$return = '';
if (isset($_POST['course_registration_code']) && $_POST['course_registration_code'] != $all_course_information['registration_code']) {
return false;
}
$return .= get_lang('CourseRequiresPassword').'<br />';
$return .= $all_course_information['visual_code'].' - '.$all_course_information['title'];
$return .= "<form action=\"".api_get_path(WEB_CODE_PATH)."auth/courses.php?action=subscribe_course&sec_token=".$_SESSION['sec_token']."&subscribe_course=".$all_course_information['code']."&category_code=".$all_course_information['category_code']." \" method=\"post\">";
$return .= '<input type="hidden" name="token" value="'.$_SESSION['sec_token'].'" />';
//$return .= "<input type=\"hidden\" name=\"subscribe\" value=\"".$all_course_information['code']."\" />";
//$return .= "<input type=\"hidden\" name=\"category_code\" value=\"".$all_course_information['category_code']."\" />";
$return .= "<input type=\"text\" name=\"course_registration_code\" value=\"".$_POST['course_registration_code']."\" />";
$return .= "<input type=\"submit\" name=\"submit_course_registration_code\" value=\"OK\" alt=\"".get_lang('SubmitRegistrationCode')."\" /></form>";
return $return;
if (isset($_POST['course_registration_code']) && $_POST['course_registration_code'] != $all_course_information['registration_code']) {
return false;
}
$message = get_lang('CourseRequiresPassword') . '<br />';
$message .= $all_course_information['title'].' ('.$all_course_information['visual_code'].') ';
$action = api_get_path(WEB_CODE_PATH) . "auth/courses.php?action=subscribe_user_with_password&sec_token=" . $_SESSION['sec_token'];
$form = new FormValidator('subscribe_user_with_password', 'post', $action);
$form->addElement('hidden', 'sec_token', $_SESSION['sec_token']);
$form->addElement('hidden', 'subscribe_user_with_password', $all_course_information['code']);
$form->addElement('text', 'course_registration_code');
$form->addElement('button', 'submit', get_lang('SubmitRegistrationCode'));
$content = $form->return_form();
return array('message' => $message, 'content' => $content);
}
}
}
}

3
main/inc/lib/database.lib.php
Unescape View File

@ -686,7 +686,8 @@ class Database {
if (strpos($query, 'c_')) {
//Check if the table contains inner joins
if (
strpos($query, 'assoc_handle') === false &&
strpos($query, 'olpc_peru_filter') === false &&
strpos($query, 'allow_public_certificates') === false &&
strpos($query, 'DROP TABLE IF EXISTS') === false &&

3
main/inc/lib/export.lib.inc.php
Unescape View File

@ -193,8 +193,7 @@ class Export {
$headers = $data[0];
unset($data[0]);
$header_attributes = isset($params['header_attributes']) ? $params['header_attributes'] : array();
$header_attributes = isset($params['header_attributes']) ? $params['header_attributes'] : array();
$table = new HTML_Table(array('class' => 'data_table', 'repeat_header' => '1'));
$row = 0;
$column = 0;

6
main/inc/local.inc.php
Unescape View File

@ -463,13 +463,13 @@ if (!empty($_SESSION['_user']['user_id']) && !($login || $logout)) {
}//end logout ... else ... login
} elseif (api_get_setting('openid_authentication')=='true') {
if (!empty($_POST['openid_url'])) {
include 'main/auth/openid/login.php';
openid_begin(trim($_POST['openid_url']),api_get_path(WEB_PATH).'index.php');
include api_get_path(SYS_CODE_PATH).'auth/openid/login.php';
openid_begin(trim($_POST['openid_url']), api_get_path(WEB_PATH).'index.php');
//this last function should trigger a redirect, so we can die here safely
die('Openid login redirection should be in progress');
} elseif (!empty($_GET['openid_identity'])) {
//it's usual for PHP to replace '.' (dot) by '_' (underscore) in URL parameters
include('main/auth/openid/login.php');
include(api_get_path(SYS_CODE_PATH).'auth/openid/login.php');
$res = openid_complete($_GET);
if ($res['status'] == 'success') {
$id1 = Database::escape_string($res['openid.identity']);

3
main/lang/english/admin.inc.php
Unescape View File

@ -1257,6 +1257,8 @@ $SessionStartDate = "Access start date";
$SessionDisplayEndDate = "End date to display";
$SessionDisplayStartDate = "Start date to display";
$UserHasNoCourse = "This user is not subscribed to any course";
$SessionTutorsCanSeeExpiredSessionsResultsComment = "Can session tutors see the reports for their session after it has expired?";
$SessionTutorsCanSeeExpiredSessionsResultsTitle = "Session tutors reports visibility";
$TheXMLImportLetYouAddMoreInfoAndCreateResources = "The XML import lets you add more info and create resources (courses, users). The CSV import will only create sessions and let you assign existing resources to them.";
$ShowLinkBugNotificationTitle = "Show link to report bug";
$ShowLinkBugNotificationComment = "Show a link in the header to report a bug inside of our support platform (http://support.chamilo.org). When clicking on the link, the user is sent to the support platform, on a wiki page that describes the bug reporting process.";
@ -1265,6 +1267,7 @@ $GradebookActivateScoreDisplayCustom = "Enable competence level labelling in ord
$GradebookScoreDisplayCustomValues = "Competence levels custom values";
$GradebookNumberDecimals = "Number of decimals";
$GradebookNumberDecimalsComment = "Allows you to set the number of decimals allowed in a score";
$EditExtraFieldOptions = "Edit extra field options";
$ManageSessionFields = "Manage session fields";
$EditSessionsToURL = "Edit sessions for a URL";
$AddSessionsToURL = "Add sessions to URL";

1
main/lang/english/agenda.inc.php
Unescape View File

@ -75,6 +75,7 @@ $AgendaSortChronologicallyDown = "Descending";
$ItemForUserSelection = "Users selection list";
$IsNotiCalFormatFile = "This file is not in iCal format";
$RepeatEvent = "Repeat event";
$SessionCalendar = "Session calendar";
$RepeatDate = "Repeat date";
$EndDateMustBeMoreThanStartDate = "End date must be more than the start date";
$SelectACourse = "Select a course";

1
main/lang/english/exercice.inc.php
Unescape View File

@ -369,6 +369,7 @@ $ReUseACopyInCurrentTest = "Re-use a copy inside the current test";
$Copy = "Copy";
$ScoreAverageFromAllAttempts = "Score average from all attempts";
$DefaultContent = "Generate default content";
$ExerciseDescriptionLabel = "Description";
$ExerciseEditionNotAvailableInSession = "You can't edit this course exercise from inside a session";
$UniqueAnswerNoOption = "Unique answer with unknown";
$MultipleAnswerTrueFalse = "Multiple answer true/false/don't know";

10
main/lang/english/trad4all.inc.php
Unescape View File

@ -976,6 +976,15 @@ $NumberOfCoursesPrivate = "Number of private courses";
$NumberOfCoursesClosed = "Number of closed courses";
$NumberOfCoursesTotal = "Total number of courses";
$NumberOfUsersActive = "Number of active users";
$CourseTutor = "Course tutor";
$StudentInSessionCourse = "Student in session course";
$StudentInCourse = "Student in course";
$SessionGeneralCoach = "Session general coach";
$SessionCourseCoach = "Session course coach";
$Admin = "Admin";
$UserNotAttendedSymbol = "NP";
$UserAttendedSymbol = "P";
$Order = "Order";
$GlobalPlatformInformation = "Global platform information";
$ReportABug = "Report a bug";
$Letters = "Letters";
@ -992,6 +1001,7 @@ $SendInformation = "Send information";
$YouMustAcceptLicence = "You must accept the licence";
$SelectOne = "Select one";
$ContactInformationHasBeenSent = "Contact information has been sent";
$UserInactivedSinceX = "User inactive since %s";
$ContactInformationDescription = "Dear user,<br />
<br />You are about to start using one of the best open-source e-learning platform on the market. Like many other open-source project, this project is backed up by a large community of students, teachers, developers and content creators who would like to promote the project better.<br />
<br />

1
main/lang/spanish/admin.inc.php
Unescape View File

@ -1261,6 +1261,7 @@ $GradebookActivateScoreDisplayCustom = "Habilitar el etiquetado de nivel de comp
$GradebookScoreDisplayCustomValues = "Niveles de competencia valores personalizados";
$GradebookNumberDecimals = "Número de decimales";
$GradebookNumberDecimalsComment = "Establecer el número de decimales permitidos en una puntuación";
$EditExtraFieldOptions = "Editar opciones de los campos extras";
$ManageSessionFields = "Gestionar los campos de sesión";
$EditSessionsToURL = "Editar sesiones de una URL";
$AddSessionsToURL = "Añadir sesiones a una URL";

1
main/lang/spanish/agenda.inc.php
Unescape View File

@ -75,6 +75,7 @@ $AgendaSortChronologicallyDown = "Ordenar eventos (recientes / antiguos)";
$ItemForUserSelection = "Evento dirigido a una selección de usuarios";
$IsNotiCalFormatFile = "No es un archivo de formato iCal";
$RepeatEvent = "Repetir evento";
$SessionCalendar = "Calendario de sesión";
$RepeatDate = "Repetir fecha";
$EndDateMustBeMoreThanStartDate = "La fecha de finalización debe ser posterior a la fecha de inicio";
$SelectACourse = "Seleccione un curso";

1
main/lang/spanish/exercice.inc.php
Unescape View File

@ -369,6 +369,7 @@ $ReUseACopyInCurrentTest = "Reutilizar una copia de esta pregunta en el ejercici
$Copy = "Copia";
$ScoreAverageFromAllAttempts = "Promedio de todos los intentos en ejercicios";
$DefaultContent = "Generar contenido por defecto";
$ExerciseDescriptionLabel = "Descripción";
$ExerciseEditionNotAvailableInSession = "Edición de ejercicio de curso no autorizada desde la sesión";
$UniqueAnswerNoOption = "Respuesta única con no-se";
$MultipleAnswerTrueFalse = "Respuestas múltiples v/f/no-se";

7
main/lang/spanish/trad4all.inc.php
Unescape View File

@ -112,7 +112,7 @@ $langSave = "Guardar";
$langMove = "Mover";
$Help = "Ayuda";
$langOk = "Aceptar";
$langAdd = "añadir";
$langAdd = "Añadir";
$langAddIntro = "Añadir un texto de introducción";
$langBackList = "Volver a la lista";
$langText = "Texto";
@ -977,6 +977,9 @@ $NumberOfCoursesPrivate = "Número de cursos privados";
$NumberOfCoursesClosed = "Número de cursos cerrados";
$NumberOfCoursesTotal = "Número total de cursos";
$NumberOfUsersActive = "Número de usuarios activos";
$UserNotAttendedSymbol = "F";
$UserAttendedSymbol = "P";
$Order = "Orden";
$GlobalPlatformInformation = "Información global de plataforma";
$ReportABug = "Comunicar un error";
$Letters = "Letras";
@ -993,6 +996,7 @@ $SendInformation = "Enviar la información";
$YouMustAcceptLicence = "Debe aceptar la licencia para poder usar este software";
$SelectOne = "Seleccione uno";
$ContactInformationHasBeenSent = "Información de contacto enviada";
$UserInactivedSinceX = "Usuario inactivo desde %s";
$ContactInformationDescription = "Estimado usuario,
está a punto de instalar una de las mejores plataformas e-learning de código abierto que existen en el mercado. Al igual de muchos otros proyectos de código abierto, Chamilo está respaldado por una amplia comunidad de profesores, estudiantes, desarrolladores y creadores de contenido.
@ -1373,5 +1377,4 @@ $DataTableSearch = "Buscar";
$HideColumn = "Ocultar columna";
$DisplayColumn = "Mostrar columna";
$LegalAgreementAccepted = "Condiciones legales aceptadas";
$UserInactivedSinceX = "Usuario inactivo desde %s";
?>

13
main/newscorm/learnpath.class.php
Unescape View File

@ -7762,12 +7762,13 @@ class learnpath {
//$preq_max = $row['max_score'];
$return = $this->display_manipulate($item_id, TOOL_DOCUMENT);
$return .= '<div class="sectioncomment">';
$return .= '<form method="POST">';
$return = '<legend>';
$return .= get_lang('AddEditPrerequisites');
$return .= '</legend>';
$return .= '<div class="sectioncomment">';
$return .= '<form method="POST">';
$return .= '<table class="data_table" style="width:650px">';
$return .= '<tr>';
@ -7853,10 +7854,10 @@ class learnpath {
$return .= '</tr>';
$return .= '</table>';
$return .= '<div style="padding-top:3px;">';
$return .= '<button class="save" name="submit_button" type="submit">' . get_lang('ModifyPrerequisites') . ' </button></td>';
$return .= '<button class="save" name="submit_button" type="submit">' . get_lang('ModifyPrerequisites') . '</button>';
$return .= '</div>';
$return .= '</form>';
$return .= '</div>';
// $return .= '</div>';
return $return;
}
@ -9295,4 +9296,4 @@ if (!function_exists('trim_value')) {
function trim_value(& $value) {
$value = trim($value);
}
}
}

6
main/newscorm/lp_controller.php
Unescape View File

@ -430,7 +430,9 @@ switch ($action) {
$_SESSION['oLP']->set_modified_on();
$_SESSION['refresh'] = 1;
$_SESSION['oLP']->edit_item_prereq($_GET['id'], $_POST['prerequisites'], $_POST['min_' . $_POST['prerequisites']], $_POST['max_' . $_POST['prerequisites']]);
if ($_SESSION['oLP']->edit_item_prereq($_GET['id'], $_POST['prerequisites'], $_POST['min_' . $_POST['prerequisites']], $_POST['max_' . $_POST['prerequisites']])) {
$is_success = true;
}
}
require 'lp_edit_item_prereq.php';
}
@ -947,4 +949,4 @@ switch ($action) {
if (!empty($_SESSION['oLP'])) {
$_SESSION['lpobject'] = serialize($_SESSION['oLP']);
if ($debug > 0) error_log('New LP - lpobject is serialized in session', 0);
}
}

76
main/newscorm/lp_edit_item_prereq.php
Unescape View File

@ -9,7 +9,6 @@
* @author Yannick Warnier <ywarnier@beeznest.org> - cleaning and update for new SCORM tool
* @package chamilo.learnpath
*/
$this_section = SECTION_COURSES;
api_protect_course_script();
@ -31,19 +30,19 @@ $tbl_lp = Database::get_course_table(TABLE_LP_MAIN);
$tbl_lp_item = Database::get_course_table(TABLE_LP_ITEM);
$tbl_lp_view = Database::get_course_table(TABLE_LP_VIEW);
$isStudentView = (int) $_REQUEST['isStudentView'];
$learnpath_id = (int) $_REQUEST['lp_id'];
$submit = $_POST['submit_button'];
$isStudentView = (int) $_REQUEST['isStudentView'];
$learnpath_id = (int) $_REQUEST['lp_id'];
$submit = $_POST['submit_button'];
/* MAIN CODE */
// Using the resource linker as a tool for adding resources to the learning path.
if ($action == 'add' and $type == 'learnpathitem') {
$htmlHeadXtra[] = "<script language='JavaScript' type='text/javascript'> window.location=\"../resourcelinker/resourcelinker.php?source_id=5&action=$action&learnpath_id=$learnpath_id&chapter_id=$chapter_id&originalresource=no\"; </script>";
$htmlHeadXtra[] = "<script language='JavaScript' type='text/javascript'> window.location=\"../resourcelinker/resourcelinker.php?source_id=5&action=$action&learnpath_id=$learnpath_id&chapter_id=$chapter_id&originalresource=no\"; </script>";
}
if ((! $is_allowed_to_edit) || ($isStudentView)) {
if ((!$is_allowed_to_edit) || ($isStudentView)) {
error_log('New LP - User not authorized in lp_edit_item_prereq.php');
header('location:lp_controller.php?action=view&lp_id='.$learnpath_id);
header('location:lp_controller.php?action=view&lp_id=' . $learnpath_id);
}
$course_id = api_get_course_int_id();
@ -54,74 +53,65 @@ $therow = Database::fetch_array($result);
/* SHOWING THE ADMIN TOOLS */
if (isset($_SESSION['gradebook'])){
if (isset($_SESSION['gradebook'])) {
$gradebook = $_SESSION['gradebook'];
}
if (!empty($gradebook) && $gradebook == 'view') {
$interbreadcrumb[] = array (
'url' => '../gradebook/'.$_SESSION['gradebook_dest'],
'name' => get_lang('ToolGradebook')
);
$interbreadcrumb[] = array(
'url' => '../gradebook/' . $_SESSION['gradebook_dest'],
'name' => get_lang('ToolGradebook')
);
}
$interbreadcrumb[] = array('url' => 'lp_controller.php?action=list', 'name' => get_lang('LearningPaths'));
$interbreadcrumb[] = array('url' => api_get_self()."?action=build&lp_id=$learnpath_id", 'name' => stripslashes("{$therow['name']}"));
$interbreadcrumb[] = array('url' => api_get_self()."?action=add_item&type=step&lp_id=$learnpath_id", 'name' => get_lang('NewStep'));
$interbreadcrumb[] = array('url' => api_get_self() . "?action=build&lp_id=$learnpath_id", 'name' => stripslashes("{$therow['name']}"));
$interbreadcrumb[] = array('url' => api_get_self() . "?action=add_item&type=step&lp_id=$learnpath_id", 'name' => get_lang('NewStep'));
// Theme calls.
$show_learn_path = true;
$lp_theme_css = $_SESSION['oLP']->get_theme();
Display::display_header(get_lang('Prerequisites'),'Path');
Display::display_header(get_lang('Prerequisites'), 'Path');
$suredel = trim(get_lang('AreYouSureToDelete'));
?>
<script type='text/javascript'>
/* <![CDATA[ */
function stripslashes(str) {
str=str.replace(/\\'/g,'\'');
str=str.replace(/\\"/g,'"');
str=str.replace(/\\\\/g,'\\');
str=str.replace(/\\0/g,'\0');
return str;
}
function confirmation(name)
{
name=stripslashes(name);
if (confirm("<?php echo $suredel; ?> " + name + " ?"))
{
return true;
<script>
/* <![CDATA[ */
function stripslashes(str) {
str=str.replace(/\\'/g,'\'');
str=str.replace(/\\"/g,'"');
str=str.replace(/\\\\/g,'\\');
str=str.replace(/\\0/g,'\0');
return str;
}
else
{
return false;
function confirmation(name) {
name=stripslashes(name);
if (confirm("<?php echo $suredel; ?> " + name + " ?")) {
return true;
} else {
return false;
}
}
}
</script>
<?php
//echo $admin_output;
/* DISPLAY SECTION */
echo $_SESSION['oLP']->build_action_menu();
echo '<div class="row-fluid">';
echo '<div class="span3">';
echo $_SESSION['oLP']->return_new_tree();
echo $_SESSION['oLP']->return_new_tree();
echo '</div>';
echo '<div class="span9">';
if (isset($is_success) && $is_success === true) {
echo '<div class="lp_message" style="margin:3px 10px;">';
echo get_lang("PrerequisitesAdded");
echo '</div>';
if (isset($is_success) && $is_success == true) {
echo $_SESSION['oLP']->display_manipulate($_GET['id'], null);
echo Display::return_message(get_lang("PrerequisitesAdded"));
} else {
echo $_SESSION['oLP']->display_manipulate($_GET['id'], null);
echo $_SESSION['oLP']->display_item_prerequisites_form($_GET['id']);
}
echo '</div>';
/* FOOTER */
Display::display_footer();

11
main/template/default/auth/courses_categories.php
Unescape View File

@ -8,7 +8,7 @@
*/
$stok = Security::get_token();
?>
<script type="text/javascript">
<script>
$(document).ready( function() {
$('.star-rating li a').live('click', function(event) {
var id = $(this).parents('ul').attr('id');
@ -111,6 +111,8 @@ $stok = Security::get_token();
<?php
if (!empty($message)) { Display::display_confirmation_message($message, false); }
if (!empty($error)) { Display::display_error_message($error, false); }
if (!empty($content)) { echo $content; }
if (!empty($search_term)) {
echo "<p><strong>".get_lang('SearchResultsFor')." ".Security::remove_XSS($_POST['search_term'])."</strong><br />";
@ -185,7 +187,7 @@ $stok = Security::get_token();
// If user is already subscribed to the course
if (!api_is_anonymous() && in_array($course['code'], $user_coursecodes)) {
if ($course['unsubscribe'] == UNSUBSCRIBE_ALLOWED) {
if ($course['unsubscribe'] == UNSUBSCRIBE_ALLOWED) {
echo ' <a class="btn btn-primary" href="'. api_get_self().'?action=unsubscribe&amp;sec_token='.$stok.'&amp;unsubscribe='.$course['code'].'&amp;search_term='.$search_term.'&amp;category_code='.$code.'">'.get_lang('Unsubscribe').'</a>';
}
echo '<br />';
@ -193,16 +195,15 @@ $stok = Security::get_token();
echo Display::label(get_lang("AlreadyRegisteredToCourse"), "info");
}
echo '</div>';
echo '</p>';
echo '</div>';
echo '<div class="span2">';
echo '<div class="course-block-popularity"><span>'.get_lang('ConnectionsLastMonth').'</span><div class="course-block-popularity-score">'.$count_connections.'</div></div>';
echo '</div>';
echo '</div></div>';
}
} else {
} else {
if (!isset($_POST['subscribe_user_with_password']))
echo Display::display_warning_message(get_lang('ThereAreNoCoursesInThisCategory'));
}
?>

2
main/work/work.php
Unescape View File

@ -867,7 +867,7 @@ switch ($action) {
if (!empty($_POST['type1']) || !empty($_POST['type2'])) {
echo $sql_add_homework = "INSERT INTO $TSTDPUBASG SET
$sql_add_homework = "INSERT INTO $TSTDPUBASG SET
c_id = $course_id ,
expires_on = '".((isset($_POST['type1']) && $_POST['type1']==1) ? api_get_utc_datetime(get_date_from_select('expires')) : '0000-00-00 00:00:00'). "',
ends_on = '".((isset($_POST['type2']) && $_POST['type2']==1) ? api_get_utc_datetime(get_date_from_select('ends')) : '0000-00-00 00:00:00')."',

Write Preview
Loading…
Cancel
Save