chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

blocking modifications in course categories -refs #6314

Browse Source
1.9.x
Yoselyn Castillo 13 years ago
parent ad5b66254e
commit 8e4e779448
1 changed files with 118 additions and 101 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 219
      main/admin/course_category.php

219
main/admin/course_category.php
Unescape View File

@ -25,13 +25,22 @@ $tbl_course = Database::get_main_table(TABLE_MAIN_COURSE);
$tbl_category = Database::get_main_table(TABLE_MAIN_CATEGORY);
$errorMsg = '';
$delError = 0;
if (!empty($action)) {
if ($action == 'delete') {
deleteNode($_GET['id']);
header('Location: ' . api_get_self() . '?category=' . Security::remove_XSS($category));
exit();
if (api_get_multiple_access_url()) {
if (api_get_current_access_url_id() != 1) {
deleteNode($_GET['id']);
header('Location: ' . api_get_self() . '?category=' . Security::remove_XSS($category));
exit();
} else {
$delError = 1;
}
} else {
deleteNode($_GET['id']);
header('Location: ' . api_get_self() . '?category=' . Security::remove_XSS($category));
exit();
}
} elseif (($action == 'add' || $action == 'edit') && $_POST['formSent']) {
$_POST['categoryCode'] = trim($_POST['categoryCode']);
$_POST['categoryName'] = trim($_POST['categoryName']);
@ -92,103 +101,107 @@ if (empty($action)) {
}
if ($action == 'add' || $action == 'edit') {
?>
<div class="actions">
<a href="<?php echo api_get_self(); ?>?category=<?php echo Security::remove_XSS($category); ?>"><?php echo Display::return_icon('folder_up.png', get_lang("Back"), '', ICON_SIZE_MEDIUM);
if (!empty($category)) echo ' (' . Security::remove_XSS($category) . ')'; ?></a>
</div>
<?php
$form_title = ($action == 'add') ? get_lang('AddACategory') : get_lang('EditNode');
if (!empty($category)) {
$form_title .= ' ' . get_lang('Into') . ' ' . Security::remove_XSS($category);
}
$form = new FormValidator('course_category');
$form->addElement('header', '', $form_title);
$form->display();
?>
<form method="post" action="<?php echo api_get_self(); ?>?action=<?php echo Security::remove_XSS($action); ?>&category=<?php echo Security::remove_XSS($category); ?>&amp;id=<?php echo Security::remove_XSS($_GET['id']); ?>">
<input type="hidden" name="formSent" value="1" />
<table border="0" cellpadding="5" cellspacing="0">
<?php
if (!empty($errorMsg)) {
?>
<tr>
<td colspan="2">
<?php
Display::display_normal_message($errorMsg); //main API
?>
</td>
</tr>
<?php
}
?>
<tr>
<td nowrap="nowrap"><?php echo get_lang("CategoryCode"); ?> :</td>
<td><input type="text" name="categoryCode" size="20" maxlength="20" value="<?php echo api_htmlentities(stripslashes($categoryCode), ENT_QUOTES, $charset); ?>" /></td>
</tr>
<tr>
<td nowrap="nowrap"><?php echo get_lang("CategoryName"); ?> :</td>
<td><input type="text" name="categoryName" size="20" maxlength="100" value="<?php echo api_htmlentities(stripslashes($categoryName), ENT_QUOTES, $charset); ?>" /></td>
</tr>
<tr>
<td nowrap="nowrap"><?php echo get_lang("AllowCoursesInCategory"); ?></td>
<td>
<input class="checkbox" type="radio" name="canHaveCourses" value="0" <?php if (($action == 'edit' && !$canHaveCourses) || ($action == 'add' && $formSent && !$canHaveCourses)) echo 'checked="checked"'; ?> /><?php echo get_lang("No"); ?>
<input class="checkbox" type="radio" name="canHaveCourses" value="1" <?php if (($action == 'edit' && $canHaveCourses) || ($action == 'add' && !$formSent || $canHaveCourses)) echo 'checked="checked"'; ?> /><?php echo get_lang("Yes"); ?>
</td>
</tr>
<tr>
<td>&nbsp;</td>
<?php
if (isset($_GET['id']) && !empty($_GET['id'])) {
$class = "save";
$text = get_lang('CategoryMod');
} else {
$class = "add";
$text = get_lang('AddCategory');
}
?>
<td><button type="submit" class="<?php echo $class; ?>" value="<?php echo $text; ?>" ><?php echo $text; ?></button></td>
</tr>
</table>
</form>
if ((api_get_multiple_access_url() && api_get_current_access_url_id() != 1) || !api_get_multiple_access_url() ) {
?> <div class="actions">
<a href="<?php echo api_get_self(); ?>?category=<?php echo Security::remove_XSS($category); ?>"><?php echo Display::return_icon('folder_up.png', get_lang("Back"), '', ICON_SIZE_MEDIUM);
if (!empty($category)) echo ' (' . Security::remove_XSS($category) . ')'; ?></a>
</div>
<?php
$form_title = ($action == 'add') ? get_lang('AddACategory') : get_lang('EditNode');
if (!empty($category)) {
$form_title .= ' ' . get_lang('Into') . ' ' . Security::remove_XSS($category);
}
$form = new FormValidator('course_category');
$form->addElement('header', '', $form_title);
$form->display();
?>
<form method="post" action="<?php echo api_get_self(); ?>?action=<?php echo Security::remove_XSS($action); ?>&category=<?php echo Security::remove_XSS($category); ?>&amp;id=<?php echo Security::remove_XSS($_GET['id']); ?>">
<input type="hidden" name="formSent" value="1" />
<table border="0" cellpadding="5" cellspacing="0">
<?php
if (!empty($errorMsg)) {
?>
<tr>
<td colspan="2">
<?php
Display::display_normal_message($errorMsg); //main API
?>
</td>
</tr>
<?php
}
?>
<tr>
<td nowrap="nowrap"><?php echo get_lang("CategoryCode"); ?> :</td>
<td><input type="text" name="categoryCode" size="20" maxlength="20" value="<?php echo api_htmlentities(stripslashes($categoryCode), ENT_QUOTES, $charset); ?>" /></td>
</tr>
<tr>
<td nowrap="nowrap"><?php echo get_lang("CategoryName"); ?> :</td>
<td><input type="text" name="categoryName" size="20" maxlength="100" value="<?php echo api_htmlentities(stripslashes($categoryName), ENT_QUOTES, $charset); ?>" /></td>
</tr>
<tr>
<td nowrap="nowrap"><?php echo get_lang("AllowCoursesInCategory"); ?></td>
<td>
<input class="checkbox" type="radio" name="canHaveCourses" value="0" <?php if (($action == 'edit' && !$canHaveCourses) || ($action == 'add' && $formSent && !$canHaveCourses)) echo 'checked="checked"'; ?> /><?php echo get_lang("No"); ?>
<input class="checkbox" type="radio" name="canHaveCourses" value="1" <?php if (($action == 'edit' && $canHaveCourses) || ($action == 'add' && !$formSent || $canHaveCourses)) echo 'checked="checked"'; ?> /><?php echo get_lang("Yes"); ?>
</td>
</tr>
<tr>
<td>&nbsp;</td>
<?php
if (isset($_GET['id']) && !empty($_GET['id'])) {
$class = "save";
$text = get_lang('CategoryMod');
} else {
$class = "add";
$text = get_lang('AddCategory');
}
?>
<td><button type="submit" class="<?php echo $class; ?>" value="<?php echo $text; ?>" ><?php echo $text; ?></button></td>
</tr>
</table>
</form>
<?php } elseif (api_get_multiple_access_url() && api_get_current_access_url_id() == 1) {
Display :: display_error_message(get_lang('CourseCategoriesAreGlobal'));
}
} else {
if ($delError == 0) { ?>
<div class="actions">
<?php
if (!empty($category) && empty($action)) {
$myquery = "SELECT parent_id FROM $tbl_category WHERE code='$category'";
$result = Database::query($myquery);
$parent_id = 0;
if (Database::num_rows($result) > 0) {
$parent_id = Database::fetch_array($result);
}
$parent_id['parent_id'] ? $link = ' (' . $parent_id['parent_id'] . ')' : $link = '';
?>
<div class="actions">
<a href="<?php echo api_get_self(); ?>?category=<?php echo $parent_id['parent_id']; ?>"><?php echo Display::return_icon('folder_up.png', get_lang("Back"), '', ICON_SIZE_MEDIUM);
if (!empty($parent_id)) echo $link ?></a>
<?php
if (!empty($category) && empty($action)) {
$myquery = "SELECT parent_id FROM $tbl_category WHERE code='$category'";
$result = Database::query($myquery);
$parent_id = 0;
if (Database::num_rows($result) > 0) {
$parent_id = Database::fetch_array($result);
}
$parent_id['parent_id'] ? $link = ' (' . $parent_id['parent_id'] . ')' : $link = '';
?>
<a href="<?php echo api_get_self(); ?>?category=<?php echo $parent_id['parent_id']; ?>"><?php echo Display::return_icon('folder_up.png', get_lang("Back"), '', ICON_SIZE_MEDIUM);
if (!empty($parent_id)) echo $link ?></a>
}
?>
<?php
}
?>
<?php
if (!empty($category)) {
$CategoryInto = ' ' . get_lang('Into') . ' ' . Security::remove_XSS($category);
} else {
$CategoryInto = '';
}
?>
<a href="<?php echo api_get_self(); ?>?category=<?php echo Security::remove_XSS($category); ?>&amp;action=add"><?php echo Display::return_icon('new_folder.png', get_lang("AddACategory") . $CategoryInto, '', ICON_SIZE_MEDIUM); ?></a>
</div>
<ul>
if (!empty($category)) {
$CategoryInto = ' ' . get_lang('Into') . ' ' . Security::remove_XSS($category);
} else {
$CategoryInto = '';
}
?>
<a href="<?php echo api_get_self(); ?>?category=<?php echo Security::remove_XSS($category); ?>&amp;action=add"><?php echo Display::return_icon('new_folder.png', get_lang("AddACategory") . $CategoryInto, '', ICON_SIZE_MEDIUM); ?></a>
</div>
<ul>
<?php
if (count($Categories) > 0) {
@ -197,7 +210,7 @@ if ($action == 'add' || $action == 'edit') {
<li>
<a href="<?php echo api_get_self(); ?>?category=<?php echo Security::remove_XSS($enreg['code']); ?>"><?php Display::display_icon('folder_document.gif', get_lang('OpenNode')); ?></a>
<a href="<?php echo api_get_self(); ?>?category=<?php echo Security::remove_XSS($category); ?>&amp;action=edit&amp;id=<?php echo Security::remove_XSS($enreg['code']); ?>"><?php Display::display_icon('edit.gif', get_lang('EditNode')); ?></a>
<a href="<?php echo api_get_self(); ?>?category=<?php echo Security::remove_XSS($category); ?>&amp;action=delete&amp;id=<?php echo Security::remove_XSS($enreg['code']); ?>" onclick="javascript:if (!confirm('<?php echo addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES, $charset)); ?>'))
<a href="<?php echo api_get_self(); ?>?category=<?php echo Security::remove_XSS($category); ?>&amp;action=delete&amp;id=<?php echo Security::remove_XSS($enreg['code']);?>" onclick="javascript:if (!confirm('<?php echo addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES, $charset)); ?>'))
return false;"><?php Display::display_icon('delete.gif', get_lang('DeleteNode')); ?></a>
<a href="<?php echo api_get_self(); ?>?category=<?php echo Security::remove_XSS($category); ?>&amp;action=moveUp&amp;id=<?php echo Security::remove_XSS($enreg['code']); ?>&amp;tree_pos=<?php echo $enreg['tree_pos']; ?>"><?php Display::display_icon('up.gif', get_lang('UpInSameLevel')); ?></a>
<?php echo $enreg['name']; ?>
@ -206,10 +219,14 @@ if ($action == 'add' || $action == 'edit') {
<?php
}
unset($Categories);
} else {
echo get_lang("NoCategories");
}
} else {
echo get_lang("NoCategories");
}
?>
Display :: display_error_message(get_lang('CourseCategoriesAreGlobal'));
}?>
</ul>

Write Preview
Loading…
Cancel
Save