chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Extends global legal feature. Now you can block the login or acces to any course see BT#11196

Browse Source
pull/2487/head
jmontoyaa 9 years ago
parent 25ad9c5574
commit 90f1794804
13 changed files with 304 additions and 233 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 3
      app/Migrations/Schema/V111/Version111.php
  2. 14
      main/admin/configure_inscription.php
  3. 239
      main/admin/legal_add.php
  4. 23
      main/auth/conditional_login/conditional_login.php
  5. 45
      main/auth/inscription.php
  6. 2
      main/course_home/activity.php
  7. 3
      main/course_home/course_home.php
  8. 6
      main/create_course/add_course.php
  9. 2
      main/inc/lib/api.lib.php
  10. 85
      main/inc/lib/course.lib.php
  11. 4
      main/inc/lib/login.lib.php
  12. 104
      main/inc/local.inc.php
  13. 7
      main/install/data.sql

3
app/Migrations/Schema/V111/Version111.php
Unescape View File

@ -262,10 +262,13 @@ class Version111 extends AbstractMigrationChamilo
$this->addSql("INSERT INTO settings_current (variable, subkey, type, category, selected_value, title, comment, scope, subkeytext, access_url_changeable) VALUES ('ticket_allow_category_edition', NULL, 'radio','Ticket', 'false','TicketAllowCategoryEditionTitle','TicketAllowCategoryEditionComment',NULL,NULL, 0)");
$this->addSql("INSERT INTO settings_current (variable, subkey, type, category, selected_value, title, comment, scope, subkeytext, access_url_changeable) VALUES ('ticket_send_warning_to_all_admins', NULL, 'radio','Ticket', 'false','TicketSendWarningToAllAdminsTitle','TicketSendWarningToAllAdminsComment',NULL,NULL, 0)");
$this->addSql("INSERT INTO settings_current (variable, subkey, type, category, selected_value, title, comment, scope, subkeytext, access_url_changeable) VALUES ('ticket_warn_admin_no_user_in_category', NULL, 'radio','Ticket', 'false','TicketWarnAdminNoUserInCategoryTitle','TicketWarnAdminNoUserInCategoryComment',NULL,NULL, 0)");
$this->addSql("INSERT INTO settings_current (variable, subkey, type, category, selected_value, title, comment, scope, subkeytext, access_url_changeable) VALUES ('load_term_conditions_section', NULL, 'radio','Platform', 'login','LoadTermConditionsSectionTitle','LoadTermConditionsSectionDescription',NULL,NULL, 0)");
$this->addSql("INSERT INTO settings_options (variable, value, display_text) VALUES ('ticket_allow_student_add', 'true', 'Yes'), ('ticket_allow_student_add', 'false', 'No')");
$this->addSql("INSERT INTO settings_options (variable, value, display_text) VALUES ('ticket_allow_category_edition', 'true', 'Yes'), ('ticket_allow_category_edition', 'false', 'No')");
$this->addSql("INSERT INTO settings_options (variable, value, display_text) VALUES ('ticket_send_warning_to_all_admins', 'true', 'Yes'), ('ticket_send_warning_to_all_admins', 'false', 'No')");
$this->addSql("INSERT INTO settings_options (variable, value, display_text) VALUES ('ticket_warn_admin_no_user_in_category', 'true', 'Yes'), ('ticket_warn_admin_no_user_in_category', 'false', 'No')");
$this->addSql("INSERT INTO settings_options (variable, value, display_text) VALUES ('load_term_conditions_section', 'login', 'Login'), ('load_term_conditions_section', 'course', 'Course')");
$this->addSql("ALTER TABLE c_quiz_question_rel_category ADD INDEX idx_qqrc_qid (question_id)");
$this->addSql("ALTER TABLE c_quiz_answer ADD INDEX idx_cqa_q (question_id)");

14
main/admin/configure_inscription.php
Unescape View File

@ -173,7 +173,7 @@ if (!empty($_GET['openid_msg']) && $_GET['openid_msg'] == 'idnotfound') {
}
$form = new FormValidator('registration');
if (api_get_setting('allow_terms_conditions') == 'true') {
if (api_get_setting('allow_terms_conditions') === 'true') {
$display_all_form = !isset($_SESSION['update_term_and_condition']['user_id']);
} else {
$display_all_form = true;
@ -300,13 +300,19 @@ if (api_get_setting('allow_terms_conditions') == 'true') {
$term_preview = LegalManager::get_last_condition($language);
}
}
// Version and language //password
$form->addElement('hidden', 'legal_accept_type', $term_preview['version'].':'.$term_preview['language_id']);
$form->addElement('hidden', 'legal_info', $term_preview['legal_id'].':'.$term_preview['language_id']);
if ($term_preview['type'] == 1) {
$form->addElement('checkbox', 'legal_accept', null, get_lang('IHaveReadAndAgree').'&nbsp;<a href="inscription.php?legal" target="_blank">'.get_lang('TermsAndConditions').'</a>');
$form->addRule('extra_legal_accept', get_lang('ThisFieldIsRequired'), 'required');
$form->addElement(
'checkbox',
'legal_accept',
null,
get_lang('IHaveReadAndAgree').'&nbsp;<a href="inscription.php?legal" target="_blank">'.get_lang('TermsAndConditions').'</a>'
);
$form->addRule('extra_legal_accept', get_lang('ThisFieldIsRequired'), 'required');
} else {
if (!empty($term_preview['content'])) {
$preview = LegalManager::show_last_condition($term_preview);

239
main/admin/legal_add.php
Unescape View File

@ -1,160 +1,143 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Management of legal conditions
* @package chamilo.admin
*/
/**
* Code
*/
$cidReset = true;
require_once '../inc/global.inc.php';
$this_section = SECTION_PLATFORM_ADMIN;
api_protect_admin_script();
if (api_get_setting('allow_terms_conditions') !== 'true') {
api_not_allowed(true);
}
// Create the form
$form = new FormValidator('addlegal');
$defaults = array();
$term_preview = array(
'type' => 0,
'content' => '',
'changes' => '',
'type' => 0,
'content' => '',
'changes' => ''
);
if ($form->validate()) {
$check = Security::check_token('post');
if ($check) {
$values = $form->getSubmitValues();
$lang = $values['language'];
//language id
$lang = api_get_language_id($lang);
if (isset($values['type'])) {
$type = $values['type'];
} else {
$type = 0;
}
if (isset($values['content'])) {
$content = $values['content'];
} else {
$content = '';
}
if (isset($values['changes'])) {
$changes = $values['changes'];
} else {
$changes = '';
}
$navigator_info = api_get_navigator();
if ($navigator_info['name']=='Internet Explorer' && $navigator_info['version']=='6') {
if (isset($values['preview'])) {
$submit ='preview';
} elseif (isset($values['save'])) {
$submit ='save';
} elseif (isset($values['back'])) {
$submit ='back';
}
} else {
$submit = $values['send'];
}
$default['content'] = $content;
if (isset($values['language'])) {
if ($submit == 'back') {
header('Location: legal_add.php');
exit;
} elseif ($submit == 'save') {
$insert_result = LegalManager::add($lang, $content, $type, $changes);
if ($insert_result ) {
$message = get_lang('TermAndConditionSaved');
} else {
$message = get_lang('TermAndConditionNotSaved');
}
Security::clear_token();
$tok = Security::get_token();
header('Location: legal_list.php?action=show_message&message='.urlencode($message).'&sec_token='.$tok);
exit();
} elseif ($submit=='preview') {
$defaults['type'] = $type;
$defaults['content'] = $content;
$defaults['changes'] = $changes;
$term_preview = $defaults;
$term_preview['type'] = intval($_POST['type']);
} else {
$my_lang = $_POST['language'];
if (isset($_POST['language'])){
$all_langs = api_get_languages();
if (in_array($my_lang, $all_langs['folder'])){
$language = api_get_language_id($my_lang);
$term_preview = LegalManager::get_last_condition($language);
$defaults = $term_preview;
if (!$term_preview) {
// there are not terms and conditions
$term_preview['type']=-1;
$defaults['type']=0;
}
}
}
}
}
}
$check = Security::check_token('post');
if ($check) {
$values = $form->getSubmitValues();
$lang = $values['language'];
//language id
$lang = api_get_language_id($lang);
if (isset($values['type'])) {
$type = $values['type'];
} else {
$type = 0;
}
if (isset($values['content'])) {
$content = $values['content'];
} else {
$content = '';
}
if (isset($values['changes'])) {
$changes = $values['changes'];
} else {
$changes = '';
}
$submit = $values['send'];
$default['content'] = $content;
if (isset($values['language'])) {
if ($submit == 'back') {
header('Location: legal_add.php');
exit;
} elseif ($submit == 'save') {
$insert_result = LegalManager::add($lang, $content, $type, $changes);
if ($insert_result) {
$message = get_lang('TermAndConditionSaved');
} else {
$message = get_lang('TermAndConditionNotSaved');
}
Security::clear_token();
$tok = Security::get_token();
Display::addFlash(Display::return_message($message));
header('Location: legal_list.php?sec_token='.$tok);
exit();
} elseif ($submit=='preview') {
$defaults['type'] = $type;
$defaults['content'] = $content;
$defaults['changes'] = $changes;
$term_preview = $defaults;
$term_preview['type'] = intval($_POST['type']);
} else {
$my_lang = $_POST['language'];
if (isset($_POST['language'])) {
$all_langs = api_get_languages();
if (in_array($my_lang, $all_langs['folder'])) {
$language = api_get_language_id($my_lang);
$term_preview = LegalManager::get_last_condition($language);
$defaults = $term_preview;
if (!$term_preview) {
// there are not terms and conditions
$term_preview['type']=-1;
$defaults['type']=0;
}
}
}
}
}
}
}
$form->setDefaults($defaults);
if (isset($_POST['send'])) {
Security::clear_token();
Security::clear_token();
}
$token = Security::get_token();
$form->addElement('hidden','sec_token');
//$form->setConstants(array('sec_token' => $token));
$form->addElement('hidden', 'sec_token');
$defaults['sec_token'] = $token;
$form->addElement('header', get_lang('DisplayTermsConditions'));
if (isset($_POST['language'])) {
$form->addElement('static', Security::remove_XSS($_POST['language']));
$form->addElement('hidden', 'language',Security::remove_XSS($_POST['language']));
$form->addHtmlEditor('content', get_lang('Content'), true, false, array('ToolbarSet' => 'terms_and_conditions', 'Width' => '100%', 'Height' => '250'));
$form->addElement('radio', 'type', '', get_lang('HTMLText') ,'0');
$form->addElement('radio', 'type', '', get_lang('PageLink') ,'1');
$form->addElement('textarea', 'changes', get_lang('ExplainChanges'),array('width'=>'20'));
$preview = LegalManager::show_last_condition($term_preview);
if ($term_preview['type']!=-1) {
$form->addElement('label', get_lang('Preview'), $preview);
}
// Submit & preview button
$navigator_info = api_get_navigator();
//ie6 fix
if ($navigator_info['name']=='Internet Explorer' && $navigator_info['version']=='6') {
$buttons = '<div class="row" align="center">
<div class="formw">
<input type="submit" name="back" value="'.get_lang('Back').'"/>
<input type="submit" name="preview" value="'.get_lang('Preview').'"/>
<input type="submit" name="save" value="'.get_lang('Save').'"/>
</div>
</div>';
$form->addElement('html',$buttons);
} else {
$buttons = '<div class="row" align="center">
<div class="formw">
<button type="submit" class="back" name="send" value="back">'.get_lang('Back').'</button>
<button type="submit" class="search" name="send" value="preview">'.get_lang('Preview').'</button>
<button type="submit" class="save" name="send" value="save">'.get_lang('Save').'</button>
</div>
</div>';
$form->addElement('html',$buttons);
}
$form->addElement('hidden', 'language', Security::remove_XSS($_POST['language']));
$form->addHtmlEditor(
'content',
get_lang('Content'),
true,
false,
array('ToolbarSet' => 'terms_and_conditions', 'Width' => '100%', 'Height' => '250')
);
$form->addElement('radio', 'type', '', get_lang('HTMLText'), '0');
$form->addElement('radio', 'type', '', get_lang('PageLink'), '1');
$form->addElement('textarea', 'changes', get_lang('ExplainChanges'), array('width' => '20'));
$preview = LegalManager::show_last_condition($term_preview);
if ($term_preview['type'] != -1) {
$form->addElement('label', get_lang('Preview'), $preview);
}
// Submit & preview button
$buttons = '<div class="row" align="center">
<div class="formw">
<button type="submit" class="btn btn-default back" name="send" value="back">'.get_lang('Back').'</button>
<button type="submit" class="btn btn-default search" name="send" value="preview">'.get_lang('Preview').'</button>
<button type="submit" class="btn btn-primary save" name="send" value="save">'.get_lang('Save').'</button>
</div>
</div>';
$form->addElement('html', $buttons);
} else {
$form->addElement('select_language', 'language', get_lang('Language'),null,array());
$form->addElement('button', 'send', get_lang('Load'));
$form->addButtonSearch(get_lang('Load'), 'send');
}
@ -164,7 +147,6 @@ Display :: display_header($tool_name);
echo '<script>
function sendlang(){
//document.addlegal.send.value=\'load\';
document.addlegal.sec_token.value=\''.$token.'\';
document.addlegal.submit();
}
@ -172,17 +154,10 @@ function sendlang(){
// action menu
echo '<div class="actions">';
echo '<a href="'.api_get_path(WEB_CODE_PATH).'admin/legal_list.php">'.Display::return_icon('search.gif',get_lang('EditTermsAndConditions'),'').get_lang('AllVersions').'</a>';
echo '<a href="'.api_get_path(WEB_CODE_PATH).'admin/legal_list.php">'.
Display::return_icon('search.gif', get_lang('EditTermsAndConditions'), '').get_lang('AllVersions').'</a>';
echo '</div>';
if (isset ($_GET['action'])) {
switch ($_GET['action']) {
case 'show_message' :
Display :: display_normal_message(stripslashes($_GET['message']));
break;
}
}
$form->setDefaults($defaults);
$form->display();
Display :: display_footer();

23
main/auth/conditional_login/conditional_login.php
Unescape View File

@ -1,6 +1,8 @@
<?php
/* For licensing terms, see /license.txt */
use ChamiloSession as Session;
/*
This script is included by local.inc.php to redirect users to some url if some conditions are satisfied.
* Please populate the $login_conditions array with a conditional function and an url.
@ -15,7 +17,7 @@
*/
$login_conditions = array();
//"Term and conditions" condition
// "Terms and conditions" condition
array_push(
$login_conditions,
array(
@ -47,26 +49,23 @@ function dc_check_phone_number($user)
*/
function check_platform_legal_conditions($user)
{
if (api_get_setting('allow_terms_conditions') == 'true') {
$term_and_condition_status = api_check_term_condition($user['user_id']);
if (api_get_setting('allow_terms_conditions') === 'true' &&
api_get_setting('load_term_conditions_section') === 'login'
) {
$termAndConditionStatus = api_check_term_condition($user['user_id']);
// @todo not sure why we need the login password and update_term_status
if ($term_and_condition_status == false) {
$_SESSION['term_and_condition'] = array(
'user_id' => $user['user_id'],
//'login' => $user['username'],
//'password' => $user['password'],
//'update_term_status' => true,
);
if ($termAndConditionStatus === false) {
Session::write('term_and_condition', array('user_id' => $user['user_id']));
return false;
} else {
unset($_SESSION['term_and_condition']);
Session::erase('term_and_condition');
return true;
}
} else {
//No validation user can pass
// No validation user can pass
return true;
}
}

45
main/auth/inscription.php
Unescape View File

@ -283,7 +283,6 @@ if ($user_already_registered_show_terms == false) {
');
}
// LANGUAGE
if (in_array('language', $allowedFields)) {
if (api_get_setting('registration', 'language') == 'true') {
@ -294,6 +293,7 @@ if ($user_already_registered_show_terms == false) {
);
}
}
// STUDENT/TEACHER
if (api_get_setting('allow_registration_as_teacher') != 'false') {
if (in_array('status', $allowedFields)) {
@ -411,8 +411,8 @@ if (!empty($_GET['phone'])) {
if (api_get_setting('openid_authentication') == 'true' && !empty($_GET['openid'])) {
$defaults['openid'] = Security::remove_XSS($_GET['openid']);
}
$defaults['status'] = STUDENT;
$defaults['status'] = STUDENT;
$defaults['extra_mail_notify_invitation'] = 1;
$defaults['extra_mail_notify_message'] = 1;
$defaults['extra_mail_notify_group_message'] = 1;
@ -437,14 +437,14 @@ if (!CustomPages::enabled()) {
$term_preview = LegalManager::get_last_condition($language);
}
$tool_name = get_lang('TermsAndConditions');
Display :: display_header($tool_name);
Display::display_header($tool_name);
if (!empty($term_preview['content'])) {
echo $term_preview['content'];
} else {
echo get_lang('ComingSoon');
}
Display :: display_footer();
Display::display_footer();
exit;
}
}
@ -452,7 +452,7 @@ if (!CustomPages::enabled()) {
$tool_name = get_lang('Registration', null, (!empty($_POST['language'])?$_POST['language']: $_user['language']));
if (api_get_setting('allow_terms_conditions') == 'true' && $user_already_registered_show_terms) {
if (api_get_setting('allow_terms_conditions') === 'true' && $user_already_registered_show_terms) {
$tool_name = get_lang('TermsAndConditions');
}
@ -475,7 +475,7 @@ if (!CustomPages::enabled()) {
$open = str_replace('{rel_path}', api_get_path(REL_PATH), $home_top_temp);
$open = api_to_system_encoding($open, api_detect_encoding(strip_tags($open)));
if (!empty($open)) {
$content = '<div class="well_border">'.$open.'</div>';
$content = '<div class="well_border">'.$open.'</div>';
}
}
@ -484,7 +484,7 @@ if (!CustomPages::enabled()) {
api_not_allowed(true, get_lang('RegistrationDisabled'));
}
if (api_get_setting('allow_registration') == 'approval') {
if (api_get_setting('allow_registration') === 'approval') {
$content .= Display::return_message(get_lang('YourAccountHasToBeApproved'));
}
@ -516,6 +516,7 @@ if (api_get_setting('allow_terms_conditions') == 'true') {
// Version and language
$form->addElement('hidden', 'legal_accept_type', $term_preview['version'].':'.$term_preview['language_id']);
$form->addElement('hidden', 'legal_info', $term_preview['legal_id'].':'.$term_preview['language_id']);
$form->addElement('hidden', 'legal_course_id', api_get_course_int_id());
if ($term_preview['type'] == 1) {
$form->addElement(
@ -524,7 +525,7 @@ if (api_get_setting('allow_terms_conditions') == 'true') {
null,
get_lang('IHaveReadAndAgree').'&nbsp;<a href="inscription.php?legal" target="_blank">'.get_lang('TermsAndConditions').'</a>'
);
$form->addRule('legal_accept', get_lang('ThisFieldIsRequired'), 'required');
$form->addRule('legal_accept', get_lang('ThisFieldIsRequired'), 'required');
} else {
$preview = LegalManager::show_last_condition($term_preview);
$form->addElement('label', null, $preview);
@ -692,7 +693,7 @@ if ($form->validate()) {
/* If the account has to be approved then we set the account to inactive,
sent a mail to the platform admin and exit the page.*/
if (api_get_setting('allow_registration') == 'approval') {
if (api_get_setting('allow_registration') === 'approval') {
$TABLE_USER = Database::get_main_table(TABLE_MAIN_USER);
// 1. set account inactive
$sql = "UPDATE $TABLE_USER SET active='0' WHERE user_id = ".$user_id;
@ -770,7 +771,7 @@ if ($form->validate()) {
$_user['language'] = $values['language'];
$_user['user_id'] = $user_id;
$is_allowedCreateCourse = isset($values['status']) && $values['status'] == 1;
$usersCanCreateCourse = api_get_setting('allow_users_to_create_courses') == 'true';
$usersCanCreateCourse = api_get_setting('allow_users_to_create_courses') === 'true';
Session::write('_user', $_user);
Session::write('is_allowedCreateCourse', $is_allowedCreateCourse);
@ -794,10 +795,17 @@ if ($form->validate()) {
'action' => api_get_path(WEB_PATH).'user_portal.php'
);
if (api_get_setting('allow_terms_conditions') == 'true' && $user_already_registered_show_terms) {
$form_data['action'] = api_get_path(WEB_PATH).'user_portal.php';
if (api_get_setting('allow_terms_conditions') === 'true' && $user_already_registered_show_terms) {
if (api_get_setting('load_term_conditions_section') === 'login') {
$form_data['action'] = api_get_path(WEB_PATH).'user_portal.php';
} else {
$courseInfo = api_get_course_info();
$form_data['action'] = $courseInfo['course_public_url'].'?id_session='.api_get_session_id();
$cidReset = true;
Session::erase('_course');
Session::erase('_cid');
}
} else {
if (!empty($values['email'])) {
$text_after_registration.= '<p>'.get_lang('MailHasBeenSent', null, $_user['language']).'.</p>';
}
@ -806,9 +814,9 @@ if ($form->validate()) {
if ($usersCanCreateCourse) {
$form_data['message'] = '<p>'. get_lang('NowGoCreateYourCourse', null, $_user['language']). "</p>";
}
$form_data['action'] = '../create_course/add_course.php';
$form_data['action'] = api_get_path(WEB_CODE_PATH).'create_course/add_course.php';
if (api_get_setting('course_validation') == 'true') {
if (api_get_setting('course_validation') === 'true') {
$form_data['button'] = Display::button(
'next',
get_lang('CreateCourseRequest', null, $_user['language']),
@ -821,7 +829,10 @@ if ($form->validate()) {
array('class' => 'btn btn-primary btn-large')
);
$form_data['go_button'] = '&nbsp;&nbsp;<a href="'.api_get_path(WEB_PATH).'index.php'.'">'.
Display::span(get_lang('Next', null, $_user['language']), array('class' => 'btn btn-primary btn-large')).'</a>';
Display::span(
get_lang('Next', null, $_user['language']),
array('class' => 'btn btn-primary btn-large')
).'</a>';
}
} else {
if (api_get_setting('allow_students_to_browse_courses') == 'true') {
@ -863,9 +874,7 @@ if ($form->validate()) {
array('info' => $text_after_registration)
);
} else {
$tpl = new Template($tool_name);
$tpl->assign('inscription_content', $content);
$tpl->assign('text_after_registration', $text_after_registration);
$tpl->assign('hide_header', $hideHeaders);

2
main/course_home/activity.php
Unescape View File

@ -48,7 +48,7 @@ if ($enabled == 'true') {
// COURSE ADMIN ONLY VIEW
// Start of tools for CourseAdmins (teachers/tutors)
if ($session_id == 0 && api_is_course_admin() && api_is_allowed_to_edit(null, true)) {
if ($session_id === 0 && api_is_course_admin() && api_is_allowed_to_edit(null, true)) {
$content .= '<div class="alert alert-success" style="border:0px; margin-top: 0px;padding:0px;">
<div class="normal-message" id="id_normal_message" style="display:none">';
$content .= '<img src="'.api_get_path(WEB_PATH).'main/inc/lib/javascript/indicator.gif"/>&nbsp;&nbsp;';

3
main/course_home/course_home.php
Unescape View File

@ -151,7 +151,7 @@ if (api_is_invitee()) {
}
}
//Deleting group session
// Deleting group session
Session::erase('toolgroup');
Session::erase('_gid');
@ -167,6 +167,7 @@ if ($isSpecialCourse) {
}
}
}
if (isset($_GET['action']) && $_GET['action'] == 'subscribe') {
if (Security::check_token('get')) {
Security::clear_token();

6
main/create_course/add_course.php
Unescape View File

@ -182,7 +182,7 @@ if ($course_validation_feature) {
// then we may get the URL from Chamilo's module "Terms and conditions",
// if it is activated.
if (empty($terms_and_conditions_url)) {
if (api_get_setting('allow_terms_conditions') == 'true') {
if (api_get_setting('allow_terms_conditions') === 'true') {
$terms_and_conditions_url = api_get_path(WEB_CODE_PATH).'auth/inscription.php?legal';
}
}
@ -196,8 +196,10 @@ if ($course_validation_feature) {
get_lang('IAcceptTermsAndConditions'),
1
);
$form->addRule(
'legal', get_lang('YouHaveToAcceptTermsAndConditions'),
'legal',
get_lang('YouHaveToAcceptTermsAndConditions'),
'required'
);
// Link to terms and conditions.

2
main/inc/lib/api.lib.php
Unescape View File

@ -1021,6 +1021,7 @@ function api_protect_course_script($print_headers = false, $allow_session_admins
if (api_is_platform_admin($allow_session_admins)) {
return true;
}
if (isset($course_info) && isset($course_info['visibility'])) {
switch ($course_info['visibility']) {
default:
@ -5932,6 +5933,7 @@ function api_check_term_condition($user_id)
if (api_get_setting('allow_terms_conditions') == 'true') {
//check if exists terms and conditions
if (LegalManager::count() == 0) {
return true;
}

85
main/inc/lib/course.lib.php
Unescape View File

@ -1869,7 +1869,7 @@ class CourseManager
return $teachers;
}
/**
* Return user info array of all teacher-users registered in a course
* This only returns the users that are registered in this actual course, not linked courses.
@ -1900,7 +1900,7 @@ class CourseManager
cu.status = 1 ";
$rs = Database::query($sql);
$listTeachers = array();
$teachers = array();
$teachers = array();
while ($teacher = Database::fetch_array($rs)) {
$userPicture = UserManager::getUserPicture($teacher['user_id'], USER_IMAGE_SIZE_SMALL);
$teachers['id'] = $teacher['user_id'];
@ -1915,7 +1915,7 @@ class CourseManager
}
return $listTeachers;
}
/**
* Returns a string list of teachers assigned to the given course
* @param string $course_code
@ -2952,7 +2952,7 @@ class CourseManager
$sql = "SELECT * FROM $table_categories WHERE code = '$code';";
return Database::fetch_array(Database::query($sql));
}
/**
* Returns the details of a course category
*
@ -3374,7 +3374,7 @@ class CourseManager
if (!empty($special_course_list)) {
$with_special_courses = ' course.code IN ("' . implode('","', $special_course_list) . '")';
}
$courseList = [];
if (!empty($with_special_courses)) {
$sql = "SELECT
@ -3428,12 +3428,12 @@ class CourseManager
$params['document'] .= Display::div('', ['id' => 'document_result_' . $course_info['real_id'] . '_0', 'class' => 'document_preview_container']);
}
}
$params['visibility'] = $course_info['visibility'];
$params['status'] = $course_info['status'];
$params['category'] = $course_info['categoryName'];
$params['icon'] = Display::return_icon('drawing-pin.png',null, null, ICON_SIZE_LARGE, null);
if (api_get_setting('display_coursecode_in_courselist') == 'true') {
$params['code_course'] = '(' . $course_info['visual_code'] . ')';
}
@ -3452,16 +3452,16 @@ class CourseManager
if ($course_info['visibility'] != COURSE_VISIBILITY_CLOSED) {
$params['notifications'] = $show_notification;
}
$courseList[] = $params;
}
}
}
return $courseList;
}
/**
* Display courses (without special courses) as several HTML divs
* of course categories, as class userportal-catalog-item.
@ -3509,7 +3509,7 @@ class CourseManager
return $listItems;
}
/**
* Display courses inside a category (without special courses) as HTML dics of
* class userportal-course-item.
@ -3576,7 +3576,7 @@ class CourseManager
}
$course_info['id_session'] = null;
$course_info['status'] = $course['status'];
// For each course, get if there is any notification icon to show
// (something that would have changed since the user's last visit).
$showNotification = Display::show_notification($course_info);
@ -3588,18 +3588,18 @@ class CourseManager
}
$params = array();
$thumbnails = null;
$image = null;
if ($showCustomIcon === 'true' && $iconName != 'course.png') {
$thumbnails = $course_info['course_image'];
$image = $course_info['course_image_large'];
}else{
$image = Display::return_icon('session_default.png', null, null, null,null, true);
}
$params['course_id'] = $course['id'];
$params['edit_actions'] = '';
$params['document'] = '';
@ -3623,13 +3623,13 @@ class CourseManager
if (api_get_setting('display_teacher_in_courselist') === 'true') {
$teachers = CourseManager::getTeachersFromCourseByCode($course['code']);
}
$params['status'] = $course['status'];
if (api_get_setting('display_coursecode_in_courselist') == 'true') {
$params['code_course'] = '(' . $course_info['visual_code'] . ') ';
}
$params['visibility'] = $course_info['visibility'];
$params['link'] = $courseUrl;
$params['thumbnails'] = $thumbnails;
@ -3637,7 +3637,7 @@ class CourseManager
$params['title'] = $course_info['title'];
$params['category'] = $course_info['categoryName'];
$params['teachers'] = $teachers;
if ($course_info['visibility'] != COURSE_VISIBILITY_CLOSED) {
$params['notifications'] = $showNotification;
@ -3647,14 +3647,14 @@ class CourseManager
if (empty($user_category_id)) {
$isSubContent = false;
}
$courseList[] = $params;
}
return $courseList;
}
/**
@ -3729,7 +3729,7 @@ class CourseManager
$thumbnails = null;
$image = null;
$iconName = basename($course_info['course_image']);
if ($showCustomIcon === 'true' && $iconName != 'course.png') {
$thumbnails = $course_info['course_image'];
@ -3754,8 +3754,8 @@ class CourseManager
. Display::returnFontAwesomeIcon('folder-open') . '</a>';
$params['document'] .= Display::div('', array('id' => 'document_result_' . $course_info['real_id'] . '_0', 'class' => 'document_preview_container'));
}
$course_title_url = '';
$course_title_url = api_get_path(WEB_COURSE_PATH) . $course_info['path'] . '/index.php?id_session=0';
@ -3763,11 +3763,11 @@ class CourseManager
$teachers = CourseManager::getTeachersFromCourseByCode($course['code']);
}
$params['status'] = $course['status'];
if (api_get_setting('display_coursecode_in_courselist') == 'true') {
$params['code_course'] = '(' . $course_info['visual_code'] . ') ';
}
$params['visibility'] = $course_info['visibility'];
$params['link'] = $course_title_url;
$params['thumbnails'] = $thumbnails;
@ -3779,19 +3779,19 @@ class CourseManager
if ($course_info['visibility'] != COURSE_VISIBILITY_CLOSED) {
$params['notifications'] = $showNotification;
}
$isSubContent = true;
if (empty($user_category_id)) {
$isSubContent = false;
}
$courseList[] = $params;
}
return $courseList;
}
/**
* Retrieves the user defined course categories
* @param string $userId
@ -3948,7 +3948,7 @@ class CourseManager
array(),
ICON_SIZE_LARGE,
null,
true
true
);
// Display the "what's new" icons
@ -3987,12 +3987,12 @@ class CourseManager
} else {
$session_title = $course_info['name'];
}
$thumbnails = null;
$image = null;
$showCustomIcon = api_get_setting('course_images_in_courses_list');
$iconName = basename($course_info['course_image']);
if ($showCustomIcon === 'true' && $iconName != 'course.png') {
$thumbnails = $course_info['course_image'];
$image = $course_info['course_image_large'];
@ -4005,7 +4005,7 @@ class CourseManager
$params['title'] = $session_title;
$params['edit_actions'] = '';
$params['document'] = '';
if ($course_visibility != COURSE_VISIBILITY_CLOSED &&
$course_visibility != COURSE_VISIBILITY_HIDDEN
) {
@ -4031,7 +4031,7 @@ class CourseManager
$teacher_list = CourseManager::getTeachersFromCourseByCode(
$course_info['code']
);
$course_coachs = self::get_coachs_from_course(
$course_info['id_session'],
$course_info['real_id']
@ -4045,7 +4045,7 @@ class CourseManager
}
*/
$params['teachers'] = $teacher_list;
if (($course_info['status'] == STUDENT && !empty($course_info['id_session'])) ||
($is_coach && $course_info['status'] != COURSEMANAGER)
) {
@ -4663,7 +4663,7 @@ class CourseManager
$courses = Database::store_result($result, 'ASSOC');
$courses = self::process_hot_course_item($courses, $my_course_code_list);
}
return $courses;
}
@ -5725,7 +5725,6 @@ class CourseManager
if (in_array($course_info['visibility'],
array(COURSE_VISIBILITY_OPEN_PLATFORM, COURSE_VISIBILITY_OPEN_WORLD))
) {
if (CourseManager::is_user_subscribed_in_course($user_id, $course_info['code'])) {
$form_data['action'] = $course_info['course_public_url'];

4
main/inc/lib/login.lib.php
Unescape View File

@ -358,6 +358,7 @@ class Login
/**
*
* @deprecated
* @global bool $is_platformAdmin
* @global bool $is_allowedCreateCourse
* @global object $_user
@ -583,7 +584,7 @@ class Login
$sql = "SELECT * FROM $course_user_table
WHERE
user_id = '" . $user_id . "' AND
relation_type <> " . COURSE_RELATION_TYPE_RRHH . " AND
relation_type <> ".COURSE_RELATION_TYPE_RRHH." AND
course_code = '$course_id'";
$result = Database::query($sql);
@ -602,6 +603,7 @@ class Login
$_course['id'],
$session_id
);
if (!$user_is_subscribed) {
$url = api_get_path(WEB_CODE_PATH) . 'course_info/legal.php?course_code=' . $_course['code'] . '&session_id=' . $session_id;
header('Location: ' . $url);

104
main/inc/local.inc.php
Unescape View File

@ -1,6 +1,8 @@
<?php
/* For licensing terms, see /license.txt */
use ChamiloSession as Session;
/**
*
* SCRIPT PURPOSE
@ -111,8 +113,6 @@
// Verified if exists the username and password in session current
use ChamiloSession as Session;
// Facebook connexion, if activated
if (api_is_facebook_auth_activated() && !api_get_user_id()) {
require_once api_get_path(SYS_PATH).'main/auth/external_login/facebook.inc.php';
@ -127,10 +127,10 @@ if (isset($_SESSION['conditional_login']['uid']) && $_SESSION['conditional_login
ConditionalLogin::check_conditions($uData);
$_user['user_id'] = $_SESSION['conditional_login']['uid'];
$_user['status'] = $uData['status'];
$_user['status'] = $uData['status'];
Session::write('_user', $_user);
Session::erase('conditional_login');
$uidReset=true;
$uidReset = true;
Event::event_login($_user['user_id']);
}
@ -192,13 +192,17 @@ if (!empty($_SESSION['_user']['user_id']) && !($login || $logout)) {
unset($_user['user_id']);
}
$termsAndCondition = Session::read('term_and_condition');
// Platform legal terms and conditions
if (api_get_setting('allow_terms_conditions') == 'true') {
if (api_get_setting('allow_terms_conditions') === 'true' &&
api_get_setting('load_term_conditions_section') === 'login'
) {
if (isset($_POST['login']) && isset($_POST['password']) &&
isset($_SESSION['term_and_condition']['user_id'])
isset($termsAndCondition['user_id'])
) {
// user id
$user_id = $_SESSION['term_and_condition']['user_id'];
$user_id = $termsAndCondition['user_id'];
// Update the terms & conditions
$legal_type = null;
//verify type of terms and conditions
@ -210,7 +214,7 @@ if (!empty($_SESSION['_user']['user_id']) && !($login || $logout)) {
);
}
//is necessary verify check
// is necessary verify check
if ($legal_type == 1) {
if ((isset($_POST['legal_accept']) && $_POST['legal_accept']=='1')) {
$legal_option = true;
@ -219,9 +223,9 @@ if (!empty($_SESSION['_user']['user_id']) && !($login || $logout)) {
}
}
//no is check option
// no is check option
if ($legal_type == 0) {
$legal_option=true;
$legal_option = true;
}
if (isset($_POST['legal_accept_type']) && $legal_option === true) {
@ -239,7 +243,7 @@ if (!empty($_SESSION['_user']['user_id']) && !($login || $logout)) {
}
}
//IF cas is activated and user isn't logged in
// IF cas is activated and user isn't logged in
if (api_get_setting('cas_activate') == 'true') {
$cas_activated = true;
} else {
@ -728,7 +732,7 @@ if (!empty($_SESSION['_user']['user_id']) && !($login || $logout)) {
}
}
} else {
//Redirect to the subscription form
// Redirect to the subscription form
header(
'Location: '.api_get_path(WEB_CODE_PATH)
.'auth/inscription.php?username='.$res['openid.sreg.nickname']
@ -930,9 +934,7 @@ if (isset($cidReset) && $cidReset) {
WHERE id="'.intval($_GET['id_session']) . '"';
$rs = Database::query($sql);
if (Database::num_rows($rs)) {
list($_SESSION['session_name']) = Database::fetch_array(
$rs
);
list($_SESSION['session_name']) = Database::fetch_array($rs);
$_SESSION['id_session'] = intval($_GET['id_session']);
} else {
api_not_allowed(true);
@ -1072,15 +1074,83 @@ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) {
$user_pass_open_course = true;
}
//Checking if the user filled the course legal agreement
// Checking if the user filled the course legal agreement
if ($_course['activate_legal'] == 1 && !api_is_platform_admin() && !api_is_anonymous()) {
$user_is_subscribed = CourseManager::is_user_accepted_legal($user_id, $_course['id'], $session_id) || $user_pass_open_course;
$user_is_subscribed = CourseManager::is_user_accepted_legal(
$user_id,
$_course['id'],
$session_id
) || $user_pass_open_course;
if (!$user_is_subscribed) {
$url = api_get_path(WEB_CODE_PATH).'course_info/legal.php?course_code='.$_course['code'].'&session_id='.$session_id;
header('Location: '.$url);
exit;
}
}
// Platform legal terms and conditions
if (api_get_setting('allow_terms_conditions') === 'true' &&
api_get_setting('load_term_conditions_section') === 'course'
) {
$termAndConditionStatus = api_check_term_condition($user_id);
// @todo not sure why we need the login password and update_term_status
if ($termAndConditionStatus === false) {
Session::write('term_and_condition', array('user_id' => $user_id));
} else {
Session::erase('term_and_condition');
}
$termsAndCondition = Session::read('term_and_condition');
if (isset($termsAndCondition['user_id'])) {
// user id
$user_id = $termsAndCondition['user_id'];
// Update the terms & conditions
$legal_type = null;
// Verify type of terms and conditions
if (isset($_POST['legal_info'])) {
$info_legal = explode(':', $_POST['legal_info']);
$legal_type = LegalManager::get_type_of_terms_and_conditions(
$info_legal[0],
$info_legal[1]
);
}
// is necessary verify check
if ($legal_type === 1) {
if (isset($_POST['legal_accept']) && $_POST['legal_accept'] == '1') {
$legal_option = true;
} else {
$legal_option = false;
}
}
// no is check option
if ($legal_type == 0) {
$legal_option = true;
}
if (isset($_POST['legal_accept_type']) && $legal_option === true) {
$cond_array = explode(':', $_POST['legal_accept_type']);
if (!empty($cond_array[0]) && !empty($cond_array[1])) {
$time = time();
$condition_to_save = intval($cond_array[0]).':'.intval($cond_array[1]).':'.$time;
UserManager::update_extra_field_value(
$user_id,
'legal_accept',
$condition_to_save
);
}
}
$url = api_get_path(WEB_CODE_PATH).'auth/inscription.php';
header("Location:". $url);
exit;
}
}
}
if (isset($user_id) && $user_id && isset($_real_cid) && $_real_cid) {

7
main/install/data.sql
Unescape View File

@ -312,7 +312,8 @@ VALUES
('ticket_allow_student_add', NULL, 'radio','Ticket', 'false','TicketAllowStudentAddTitle','TicketAllowStudentAddComment',NULL,NULL, 0),
('ticket_send_warning_to_all_admins', NULL, 'radio','Ticket', 'false','TicketSendWarningToAllAdminsTitle','TicketSendWarningToAllAdminsComment',NULL,NULL, 0),
('ticket_warn_admin_no_user_in_category', NULL, 'radio','Ticket', 'false','TicketWarnAdminNoUserInCategoryTitle','TicketWarnAdminNoUserInCategoryComment',NULL,NULL, 0),
('ticket_allow_category_edition', NULL, 'radio','Ticket', 'false','TicketAllowCategoryEditionTitle','TicketAllowCategoryEditionComment',NULL,NULL, 0);
('ticket_allow_category_edition', NULL, 'radio','Ticket', 'false','TicketAllowCategoryEditionTitle','TicketAllowCategoryEditionComment',NULL,NULL, 0),
('load_term_conditions_section', NULL, 'radio','Platform', 'login','LoadTermConditionsSectionTitle','LoadTermConditionsSectionDescription',NULL,NULL, 0);
INSERT INTO settings_options (variable, value, display_text)
VALUES
@ -640,7 +641,9 @@ VALUES
('ticket_send_warning_to_all_admins', 'true', 'Yes'),
('ticket_send_warning_to_all_admins', 'false', 'No'),
('ticket_warn_admin_no_user_in_category', 'true', 'Yes'),
('ticket_warn_admin_no_user_in_category', 'false', 'No');
('ticket_warn_admin_no_user_in_category', 'false', 'No')
('load_term_conditions_section', 'login', 'Login'),
('load_term_conditions_section', 'course', 'Course');
INSERT INTO language (original_name, english_name, isocode, dokeos_folder, available) VALUES
('&#1575;&#1604;&#1593;&#1585;&#1576;&#1610;&#1577;','arabic','ar','arabic',0),

Write Preview
Loading…
Cancel
Save