From e2cb70b26677535dc36e52a03688a692ea9ffe05 Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Mon, 19 Dec 2011 12:06:11 +0100 Subject: [PATCH 01/49] Adding status column in the session list see BT#3368 --- main/admin/session_list.php | 8 +++-- main/inc/ajax/model.ajax.php | 2 +- main/inc/lib/sessionmanager.lib.php | 55 +++++++++++++++++++++++------ 3 files changed, 51 insertions(+), 14 deletions(-) diff --git a/main/admin/session_list.php b/main/admin/session_list.php index ce35633c21..7acad4b77a 100644 --- a/main/admin/session_list.php +++ b/main/admin/session_list.php @@ -43,7 +43,8 @@ Display::display_header($tool_name); $url = api_get_path(WEB_AJAX_PATH).'model.ajax.php?a=get_sessions'; //The order is important you need to check the the $column variable in the model.ajax.php file -$columns = array(get_lang('Name'), get_lang('NumberOfCourses'), get_lang('SessionCategoryName'), get_lang('StartDate'), get_lang('EndDate'), get_lang('Coach'), get_lang('Visibility'), get_lang('Actions')); +$columns = array(get_lang('Name'), get_lang('NumberOfCourses'), get_lang('SessionCategoryName'), + get_lang('StartDate'), get_lang('EndDate'), get_lang('Coach'), get_lang('Status'), get_lang('Visibility'), get_lang('Actions')); //Column config $column_model = array( @@ -52,7 +53,8 @@ $column_model = array( array('name'=>'category_name', 'index'=>'sc.name', 'width'=>'80', 'align'=>'left', 'search' => 'true'), array('name'=>'date_start', 'index'=>'s.date_start', 'width'=>'40', 'align'=>'left', 'search' => 'true'), array('name'=>'date_end', 'index'=>'s.date_end', 'width'=>'40', 'align'=>'left', 'search' => 'true'), - array('name'=>'coach_name', 'index'=>'coach_name', 'width'=>'80', 'align'=>'left', 'search' => 'false'), + array('name'=>'coach_name', 'index'=>'coach_name', 'width'=>'80', 'align'=>'left', 'search' => 'false'), + array('name'=>'status', 'index'=>'session_active', 'width'=>'20', 'align'=>'left', 'search' => 'false'), array('name'=>'visibility', 'index'=>'visibility', 'width'=>'40', 'align'=>'left', 'search' => 'false'), array('name'=>'actions', 'index'=>'actions', 'width'=>'100', 'align'=>'left','formatter'=>'action_formatter','sortable'=>'false', 'search' => 'false') ); @@ -67,7 +69,7 @@ $extra_params['rowList'] = array(10, 20 ,30); //With this function we can add actions to the jgrid (edit, delete, etc) $action_links = 'function action_formatter(cellvalue, options, rowObject) { - return \''.Display::return_icon('edit.png',get_lang('Edit'),'',22).''. + return \''.Display::return_icon('edit.png',get_lang('Edit'),'',22).''. ' '.Display::return_icon('user_subscribe_session.png',get_lang('SubscribeUsersToSession'),'',22).''. ' '.Display::return_icon('courses_to_session.png',get_lang('SubscribeCoursesToSession'),'',22).''. ' '.Display::return_icon('copy.png',get_lang('Copy'),'',22).''. diff --git a/main/inc/ajax/model.ajax.php b/main/inc/ajax/model.ajax.php index 02f8129c2c..fc5fdb90a1 100644 --- a/main/inc/ajax/model.ajax.php +++ b/main/inc/ajax/model.ajax.php @@ -120,7 +120,7 @@ if ($_REQUEST['oper'] == 'del') { $columns = array(); switch ($action) { case 'get_sessions': - $columns = array('name', 'nbr_courses','category_name', 'date_start','date_end', 'coach_name', 'visibility'); + $columns = array('name', 'nbr_courses','category_name', 'date_start','date_end', 'coach_name', 'session_active', 'visibility'); $result = SessionManager::get_sessions_admin(array('where'=> $where_condition, 'order'=>"$sidx $sord", 'limit'=> "$start , $limit")); break; case 'get_gradebooks': diff --git a/main/inc/lib/sessionmanager.lib.php b/main/inc/lib/sessionmanager.lib.php index d04ce5a78c..39d6514d7b 100644 --- a/main/inc/lib/sessionmanager.lib.php +++ b/main/inc/lib/sessionmanager.lib.php @@ -193,11 +193,12 @@ class SessionManager { $num = $recorset['total_rows']; return $num; } + /** * Gets the admin session list callback of the admin/session_list.php page * @param array order and limit keys */ - function get_sessions_admin($options) { + public function get_sessions_admin($options) { $tbl_session = Database::get_main_table(TABLE_MAIN_SESSION); $tbl_session_category = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY); $tbl_user = Database::get_main_table(TABLE_MAIN_USER); @@ -213,13 +214,34 @@ class SessionManager { } $coach_name = " CONCAT (u.lastname , ' ', u.firstname) as coach_name "; + if (api_is_western_name_order()) { $coach_name = " CONCAT (u.firstname, ' ', u.lastname) as coach_name "; } - $query = "SELECT s.name, nbr_courses, s.date_start, s.date_end, $coach_name , sc.name as category_name, s.visibility, u.user_id, s.id ". - " FROM $tbl_session s ". - " LEFT JOIN $tbl_session_category sc ON s.session_category_id = sc.id ". - " INNER JOIN $tbl_user u ON s.id_coach = u.user_id ". + + $start_filter = $year."-".$month."-".$day." 00:00:00"; + $start_filter = api_get_utc_datetime($start_filter); + $end_filter = $year."-".$month."-".$day." 23:59:59"; + $end_filter = api_get_utc_datetime($end_filter); + + $today = api_get_utc_datetime(); + $today = api_strtotime($today); + + $today = date('Y-m-d', $today); + + $select = "SELECT + IF ( + (s.date_start <= '$today' AND '$today' < s.date_end) OR + (s.date_start = '0000-00-00' AND s.date_end = '0000-00-00' ) OR + (s.date_start <= '$today' AND '0000-00-00' = s.date_end) OR + ('$today' < s.date_end AND '0000-00-00' = s.date_start) + , 1, 0) + as session_active, + s.name, nbr_courses, s.date_start, s.date_end, $coach_name, sc.name as category_name, s.visibility, u.user_id, s.id"; + + $query = "$select FROM $tbl_session s + LEFT JOIN $tbl_session_category sc ON s.session_category_id = sc.id + INNER JOIN $tbl_user u ON s.id_coach = u.user_id ". $where; if ($_configuration['multiple_access_urls']) { @@ -227,7 +249,7 @@ class SessionManager { $access_url_id = api_get_current_access_url_id(); if ($access_url_id != -1) { $where.= " AND ar.access_url_id = $access_url_id "; - $query = "SELECT s.id, s.name, s.nbr_courses, s.date_start, s.date_end, u.firstname, u.lastname , sc.name as category_name , s.visibility, u.user_id + $query = "$select FROM $tbl_session s LEFT JOIN $tbl_session_category sc ON s.session_category_id = sc.id INNER JOIN $tbl_user u ON s.id_coach = u.user_id @@ -236,22 +258,35 @@ class SessionManager { } } $query .= "ORDER BY ".$options['order']." LIMIT ".$options['limit']; - - $result = Database::query($query); + //echo $query; + $result = Database::query($query); $formatted_sessions = array(); if (Database::num_rows($result)) { $sessions = Database::store_result($result); foreach ($sessions as $session) { $session['name'] = Display::url($session['name'], "resume_session.php?id_session=".$session['id']); - $session['coach_name'] = Display::url($session['coach_name'], "user_information.php?user_id=".$session['user_id']); + $session['coach_name'] = Display::url($session['coach_name'], "user_information.php?user_id=".$session['user_id']); + + if ($session['date_start'] == '0000-00-00' && $session['date_end'] == '0000-00-00') { + // $session['session_active'] = 1; + } + + if ($session['session_active'] == 1) { + $session['session_active'] = Display::return_icon('accept.png', get_lang('Active'), array(), 22); + } else { + $session['session_active'] = Display::return_icon('error.png', get_lang('Inactive'), array(), 22); + } + if ($session['date_start'] == '0000-00-00') { $session['date_start'] = ''; } if ($session['date_end'] == '0000-00-00') { $session['date_end'] = ''; - } + } + + switch ($session['visibility']) { case SESSION_VISIBLE_READ_ONLY: //1 $session['visibility'] = get_lang('ReadOnly'); From e9e9aa14d7ffa1525ef8febf9e6db0e6a5e79f04 Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Mon, 19 Dec 2011 14:09:57 +0100 Subject: [PATCH 02/49] Some fixes in the document tool due the new single database see #3910 --- main/admin/settings.php | 54 +++---- main/document/document.php | 7 +- main/document/edit_document.php | 138 +++++++----------- main/inc/lib/document.lib.php | 10 +- .../ImageManager/Classes/ImageManager.php | 10 +- main/inc/lib/main_api.lib.php | 3 +- 6 files changed, 98 insertions(+), 124 deletions(-) mode change 100755 => 100644 main/inc/lib/fckeditor/editor/plugins/ImageManager/Classes/ImageManager.php diff --git a/main/admin/settings.php b/main/admin/settings.php index 8401e42cef..77cd4e9768 100644 --- a/main/admin/settings.php +++ b/main/admin/settings.php @@ -39,6 +39,14 @@ $_SESSION['this_section'] = $this_section; // Access restrictions. api_protect_admin_script(); +// Settings to avoid +$settings_to_avoid = array( + 'gradebook_enable' => 'false', + 'use_document_title' => 'true', + 'example_material_course_creation' => 'true' // ON by default - now we have this option when we create a course +); + + // Submit stylesheets. if (isset($_POST['submit_stylesheets'])) { $message = store_stylesheets(); @@ -88,7 +96,6 @@ if (isset($_GET['action']) && $_GET['action'] == 'delete_grading') { api_delete_setting_option($id); } - // Build the form. if (!empty($_GET['category']) && !in_array($_GET['category'], array('Plugins', 'stylesheets', 'Search'))) { $form = new FormValidator('settings', 'post', 'settings.php?category='.$_GET['category']); @@ -145,17 +152,6 @@ if (!empty($_GET['category']) && !in_array($_GET['category'], array('Plugins', ' } } - - //Settings to avoid - - // Settings to avoid - $settings_to_avoid = array( - 'gradebook_enable', // - 'use_document_title', // ON by default - 'example_material_course_creation', // ON by default - now we have this option when we create a course - ); - - $default_values = array(); foreach ($settings as $row) { if (in_array($row['variable'], $settings_to_avoid)) { continue; } @@ -490,7 +486,7 @@ if (!empty($_GET['category']) && !in_array($_GET['category'], array('Plugins', ' if ($form->validate()) { $values = $form->exportValues(); $pdf_export_watermark_path = $_FILES['pdf_export_watermark_path']; - + if (isset($pdf_export_watermark_path) && !empty($pdf_export_watermark_path['name'])) { $pdf_export_watermark_path_result = PDF::upload_watermark($pdf_export_watermark_path['name'], $pdf_export_watermark_path['tmp_name']); if ($pdf_export_watermark_path_result) { @@ -501,21 +497,20 @@ if (!empty($_GET['category']) && !in_array($_GET['category'], array('Plugins', ' unset($update_values['pdf_export_watermark_path']); } - // Set true for allow_message_tool variable if social tool is actived. + // Set true for allow_message_tool variable if social tool is actived - - $values['dropbox_max_filesize'] = $values['dropbox_max_filesize']*1024*1024; + $values['dropbox_max_filesize'] = $values['dropbox_max_filesize']*1024*1024; $values['message_max_upload_filesize'] = $values['message_max_upload_filesize']*1024*1024; - if ($values['allow_social_tool'] == 'true') { $values['allow_message_tool'] = 'true'; } // quick patch to avoid gradebook_enable's value to be blanked + /* if ($my_category == 'Gradebook') { $gb = 'false'; $gb = api_get_setting('gradebook_enable'); - } + }*/ // The first step is to set all the variables that have type=checkbox of the category // to false as the checkbox that is unchecked is not in the $_POST data and can @@ -525,14 +520,21 @@ if (!empty($_GET['category']) && !in_array($_GET['category'], array('Plugins', ' $r = api_set_settings_category($my_category, 'false', $_configuration['access_url'], array('checkbox', 'radio')); // quick patch to avoid gradebook_enable's value to be blanked if ($my_category == 'Gradebook') { - api_set_setting('gradebook_enable', $gb, null, $my_category, $_configuration['access_url']); + //api_set_setting('gradebook_enable', $gb, null, $my_category, $_configuration['access_url']); } - //$sql = "UPDATE $table_settings_current SET selected_value='false' WHERE category='$my_category' AND type='checkbox'"; - //$result = Database::query($sql); + + foreach($settings_to_avoid as $key => $value) { + api_set_setting($key, $value, null, null, $_configuration['access_url']); + } + + + // Save the settings. $keys = array(); - //$gradebook_score_display_custom_values = array(); - foreach ($values as $key => $value) { + + foreach ($values as $key => $value) { + if (in_array($key, $settings_to_avoid)) { continue; } + // Treat gradebook values in separate function. //if (strpos($key, 'gradebook_score_display_custom_values') === false) { if (!is_array($value)) { @@ -603,7 +605,7 @@ if (!empty($_GET['category']) && !in_array($_GET['category'], array('Plugins', ' $keys[] = $key; break; } - } + } foreach ($value as $subkey => $subvalue) { $result = api_set_setting($key, 'true', $subkey, null, $_configuration['access_url']); } @@ -615,11 +617,11 @@ if (!empty($_GET['category']) && !in_array($_GET['category'], array('Plugins', ' $user_id = api_get_user_id(); $category = $_GET['category']; event_system(LOG_CONFIGURATION_SETTINGS_CHANGE, LOG_CONFIGURATION_SETTINGS_CATEGORY, $category, api_get_utc_datetime(), $user_id); - - + // Add event configuration settings variable to the system log. if (is_array($keys) && count($keys) > 0) { foreach ($keys as $variable) { + if (in_array($key, $settings_to_avoid)) { continue; } event_system(LOG_CONFIGURATION_SETTINGS_CHANGE, LOG_CONFIGURATION_SETTINGS_VARIABLE, $variable, api_get_utc_datetime(), $user_id); } } diff --git a/main/document/document.php b/main/document/document.php index 16b4e583ca..ad85c8bc7a 100644 --- a/main/document/document.php +++ b/main/document/document.php @@ -57,6 +57,11 @@ unset($_SESSION['paint_dir']); DocumentManager::create_directory_certificate_in_course(api_get_course_id()); $course_info = api_get_course_info(); + +if (empty($course_info)) { + api_not_allowed(); +} + $course_dir = $course_info['path'].'/document'; $sys_course_path = api_get_path(SYS_COURSE_PATH); $base_work_dir = $sys_course_path.$course_dir; @@ -944,7 +949,7 @@ if (isset($docs_and_folders) && is_array($docs_and_folders)) { // Size (or total size of a directory) $size = $document_data['filetype'] == 'folder' ? get_total_folder_size($document_data['path'], $is_allowed_to_edit) : $document_data['size']; - // Get the title or the basename depending on what we're using + // Get the title or the basename depending on what we're using if ($use_document_title == 'true' && $document_data['title'] != '') { $document_name = $document_data['title']; } else { diff --git a/main/document/edit_document.php b/main/document/edit_document.php index 111812aa9d..3c354405a3 100644 --- a/main/document/edit_document.php +++ b/main/document/edit_document.php @@ -87,7 +87,7 @@ if (api_is_in_group()) { } if (isset($_GET['id'])) { - $document_data = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id()); + $document_data = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id(), true); $document_id = $document_data['id']; $file = $document_data['path']; $parent_id = DocumentManager::get_document_id(api_get_course_info(), dirname($file)); @@ -96,12 +96,12 @@ if (isset($_GET['id'])) { $doc = basename($file); $my_cur_dir_path = Security::remove_XSS($_GET['curdirpath']); + $readonly = $document_data['readonly']; } if (empty($document_data)) { api_not_allowed(); -} - +} /* //I'm in the certification module? @@ -153,31 +153,6 @@ $noPHP_SELF = true; /* Other initialization code */ -/* Please, do not modify this dirname formatting */ - -if (strstr($dir, '..')) { - $dir = '/'; -} - -if ($dir[0] == '.') { - $dir = substr($dir, 1); -} - -if ($dir[0] != '/') { - $dir = '/'.$dir; -} - -if ($dir[strlen($dir) - 1] != '/') { - $dir .= '/'; -} - -$filepath = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document'.$dir; - -if (!is_dir($filepath)) { - $filepath = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document/'; - $dir = '/'; -} - $dbTable = Database::get_course_table(TABLE_DOCUMENT); $course_id = api_get_course_int_id(); @@ -193,6 +168,19 @@ if (!$is_certificate_mode) else $interbreadcrumb[]= array ( 'url' => '../gradebook/'.$_SESSION['gradebook_dest'], 'name' => get_lang('Gradebook')); + +// Interbreadcrumb for the current directory root path +if (empty($document_data['parents'])) { + $interbreadcrumb[] = array('url' => '#', 'name' => $document_data['title']); +} else { + foreach($document_data['parents'] as $document_sub_data) { + if ($document_data['title'] == $document_sub_data['title']) { + continue; + } + $interbreadcrumb[] = array('url' => $document_sub_data['document_url'], 'name' => $document_sub_data['title']); + } +} + if (!is_allowed_to_edit) { api_not_allowed(true); } @@ -208,9 +196,7 @@ if (!is_allowed_to_edit()) { /* MAIN TOOL CODE */ -/* Code to change the comment - Step 2. React on POST data - (Step 1 see below) */ +/* Code to change the comment */ if (isset($_POST['comment'])) { // Fixing the path if it is wrong @@ -222,31 +208,16 @@ if (isset($_POST['comment'])) { $info_message = get_lang('fileModified'); } -/* Code to change the name - Step 2. react on POST data - change the name - (Step 1 see below) */ - +/* Code to rename the file name */ +//var_dump($_POST['renameTo']); if (isset($_POST['renameTo'])) { - $info_message = change_name($baseWorkDir, $_GET['sourceFile'], $_POST['renameTo'], $dir, $doc); -} - -/* Code to change the comment - Step 1. Create dialog box. */ - -/** TODO: Check whether this code is still used **/ -/* Search the old comment */ // RH: metadata: added 'id,' -$result = Database::query("SELECT id, comment, title FROM $dbTable WHERE c_id = $course_id AND id = ".$document_id); - -while ($row = Database::fetch_array($result, 'ASSOC')) { - $oldComment = $row['comment']; - $oldTitle = $row['title']; - $docId = $row['id']; // RH: metadata + $info_message = change_name($baseWorkDir, $_GET['sourceFile'], $_POST['renameTo'], $dir, $doc); } /* WYSIWYG HTML EDITOR - Program Logic */ if ($is_allowed_to_edit) { - if ($_POST['formSent'] == 1) { + if ($_POST['formSent'] == 1) { if (isset($_POST['renameTo'])) { $_POST['filename'] = disable_dangerous_file($_POST['renameTo']); $extension = explode('.', $_POST['filename']); @@ -262,11 +233,7 @@ if ($is_allowed_to_edit) { if (!strstr($content, '/css/frames.css')) { $content=str_replace('', '', $content); } - /* - if (!ctype_alnum($_POST['extension'])) { - header('Location: document.php?msg=WeirdExtensionDeniedInPost'); - exit (); - }*/ + $extension = $_POST['extension']; $file = $dir.$filename.'.'.$extension; $read_only_flag = $_POST['readonly']; @@ -277,16 +244,13 @@ if ($is_allowed_to_edit) { if (empty($filename)) { $msgError = get_lang('NoFileName'); - } else { - if ($document_data['filetype'] == 'file') { - $file_size = filesize($filepath.$filename.'.'.$extension); - } else { - $file_size = filesize($filepath.$filename); - } + } else { + + $file_size = filesize($document_data['absolute_path']); + if ($read_only_flag == 0) { if (!empty($content)) { - if ($fp = @fopen($filepath.$filename.'.'.$extension, 'w')) { - $content = text_filter($content); + if ($fp = @fopen($document_data['absolute_path'], 'w')) { // For flv player, change absolute paht temporarely to prevent from erasing it in the following lines $content = str_replace(array('flv=h', 'flv=/'), array('flv=h|', 'flv=/|'), $content); @@ -300,7 +264,10 @@ if ($is_allowed_to_edit) { fputs($fp, $content); fclose($fp); - if (!is_dir($filepath.'css')) { + + $filepath = $document_data['absolute_parent_path']; + + if (!is_dir($filepath.'css')) { mkdir($filepath.'css', api_get_permissions_for_new_directories()); $doc_id = add_document($_course, $dir.'css', 'folder', 0, 'css'); api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'FolderCreated', api_get_user_id(), null, null, null, null, $current_session_id); @@ -328,9 +295,8 @@ if ($is_allowed_to_edit) { //header('Location: document.php?id='.urlencode($dir)); $my_id = DocumentManager::get_document_id($_course, $dir_modified); - header('Location: document.php?id='.$my_id); - - exit (); + header('Location: document.php?id='.$my_id); + exit; } else { //$msgError = get_lang('Impossible'); } @@ -352,25 +318,24 @@ if ($is_allowed_to_edit) { } // Replace relative paths by absolute web paths (e.g. './' => 'http://www.chamilo.org/courses/ABC/document/') -if (file_exists($filepath.$doc)) { - $extension = explode('.', $doc); - $extension = $extension[sizeof($extension) - 1]; - $filename = str_replace('.'.$extension, '', $doc); - $extension = strtolower($extension); +if (file_exists($document_data['absolute_path'])) { + $path_info = pathinfo($document_data['absolute_path']); + $filename = $path_info['filename']; + $extension = $path_info['extension']; if (in_array($extension, array('html', 'htm'))) { - $content = file($filepath.$doc); + $content = file($document_data['absolute_path']); $content = implode('', $content); $path_to_append = api_get_path(WEB_COURSE_PATH).$_course['path'].'/document'.$dir; - $content = str_replace('="./', '="'.$path_to_append, $content); - $content = str_replace('mp3player.swf?son=.%2F', 'mp3player.swf?son='.urlencode($path_to_append), $content); + // $content = str_replace('="./', '="'.$path_to_append, $content); + //$content = str_replace('mp3player.swf?son=.%2F', 'mp3player.swf?son='.urlencode($path_to_append), $content); } } /* Display user interface */ // Display the header -$nameTools = get_lang('EditDocument') . ': '.Security::remove_XSS($oldTitle); +$nameTools = get_lang('EditDocument') . ': '.Security::remove_XSS($document_data['title']); Display::display_header($nameTools, 'Doc'); @@ -386,15 +351,8 @@ if (isset($info_message)) { } } - -// Readonly -$sql = 'SELECT id, readonly FROM '.$dbTable.' WHERE path LIKE BINARY "'.$dir.$doc.'"'; -$rs = Database::query($sql); -$readonly = Database::result($rs, 0, 'readonly'); -$doc_id = Database::result($rs, 0, 'id'); - // Owner -$document_info = api_get_item_property_info(api_get_course_int_id(),'document', $doc_id); +$document_info = api_get_item_property_info(api_get_course_int_id(),'document', $document_id); $owner_id = $document_info['insert_user_id']; $last_edit_date = $document_info['lastedit_date']; @@ -416,9 +374,10 @@ if ($owner_id == api_get_user_id() || api_is_platform_admin() || $is_allowed_to_ $form->addElement('hidden', 'origin'); $form->addElement('hidden', 'origin_opt'); - if ($use_document_title) { - $form->add_textfield('title', get_lang('Title')); - $defaults['title'] = $oldTitle; + $form->add_textfield('title', get_lang('Title')); + + if ($use_document_title) { + $defaults['title'] = $document_data['title']; } else { $form->addElement('hidden', 'renameTo'); } @@ -443,7 +402,7 @@ if ($owner_id == api_get_user_id() || api_is_platform_admin() || $is_allowed_to_ } if (!$group_document && !is_my_shared_folder(api_get_user_id(), $my_cur_dir_path, $current_session_id)) { - $metadata_link = ''.get_lang('AddMetadata').''; + $metadata_link = ''.get_lang('AddMetadata').''; //Updated on field $last_edit_date = api_get_local_time($last_edit_date, null, date_default_timezone_get()); @@ -474,7 +433,7 @@ if ($owner_id == api_get_user_id() || api_is_platform_admin() || $is_allowed_to_ $defaults['file_path'] = Security::remove_XSS($_GET['file']); $defaults['commentPath'] = $file; $defaults['renameTo'] = $file_name; - $defaults['comment'] = $oldComment; + $defaults['comment'] = $document_data['comment']; $defaults['origin'] = Security::remove_XSS($_GET['origin']); $defaults['origin_opt'] = Security::remove_XSS($_GET['origin_opt']); @@ -520,6 +479,7 @@ Display::display_footer(); It returns nothing. */ function change_name($base_work_dir, $source_file, $rename_to, $dir, $doc) { + var_dump($source_file, $rename_to); $file_name_for_change = $base_work_dir.$dir.$source_file; //api_display_debug_info("call my_rename: params $file_name_for_change, $rename_to"); $rename_to = disable_dangerous_file($rename_to); // Avoid renaming to .htaccess file diff --git a/main/inc/lib/document.lib.php b/main/inc/lib/document.lib.php index 101c2844d7..0e23d86b27 100755 --- a/main/inc/lib/document.lib.php +++ b/main/inc/lib/document.lib.php @@ -1053,6 +1053,14 @@ return 'application/octet-stream'; $row['url'] = api_get_path(WEB_CODE_PATH).'document/showinframes.php?cidReq='.$course_code.'&id='.$id; $row['document_url'] = api_get_path(WEB_CODE_PATH).'document/document.php?cidReq='.$course_code.'&id='.$id; + + $row['absolute_path'] = api_get_path(SYS_COURSE_PATH).$course_info['path'].'/document'.$row['path']; + + $pathinfo = pathinfo($row['path']); + + $row['absolute_parent_path'] = api_get_path(SYS_COURSE_PATH).$course_info['path'].'/document'.$pathinfo['dirname'].'/'; + + $row['direct_url'] = $www.$path; if (dirname($row['path']) == '.') { @@ -2192,7 +2200,7 @@ return 'application/octet-stream'; if (!empty($comment)) { $params['comment'] = trim($comment); } - Database::update($table_document, $params, array('id = ?' =>$docid)); + Database::update($table_document, $params, array('id = ? AND c_id = ? ' => array($docid, $course_info['real_id']))); } // Showing message when sending zip files diff --git a/main/inc/lib/fckeditor/editor/plugins/ImageManager/Classes/ImageManager.php b/main/inc/lib/fckeditor/editor/plugins/ImageManager/Classes/ImageManager.php old mode 100755 new mode 100644 index 1f703639a3..f70f3f7f7c --- a/main/inc/lib/fckeditor/editor/plugins/ImageManager/Classes/ImageManager.php +++ b/main/inc/lib/fckeditor/editor/plugins/ImageManager/Classes/ImageManager.php @@ -117,8 +117,7 @@ class ImageManager } $user_id = api_get_user_id(); - while (false !== ($entry = $d->read())) - { + while (false !== ($entry = $d->read())) { //If it is a directory, and it doesn't start with // a dot, and if is it not the thumbnail directory if(is_dir($base.$entry) @@ -133,15 +132,14 @@ class ImageManager $relative = Files::fixPath($path.$entry); $fullpath = Files::fixPath($base.$entry); - if ($in_group && strpos($fullpath, '_groupdocs') !== false && strpos($fullpath, $group_directory) === false) - { + if ($in_group && strpos($fullpath, '_groupdocs') !== false && strpos($fullpath, $group_directory) === false) { continue; } global $_course; - if (isset($_course['dbName']) && $_course<>'-1') { + if (!empty($_course)) { $base_dir = substr($fullpath, 0, strpos($fullpath,'/document/')+9); // $new_dir = substr($fullpath, strlen($base_dir),-1); // - $doc_id = DocumentManager::get_document_id($_course, $new_dir ); + $doc_id = DocumentManager::get_document_id($_course, $new_dir); $visible_status= api_get_item_visibility($_course,TOOL_DOCUMENT,$doc_id); } diff --git a/main/inc/lib/main_api.lib.php b/main/inc/lib/main_api.lib.php index 7c40e9cf14..2d8f9361d2 100644 --- a/main/inc/lib/main_api.lib.php +++ b/main/inc/lib/main_api.lib.php @@ -1152,7 +1152,8 @@ function api_get_course_info($course_code = null) { } return $_course; } - global $_course; + global $_course; + if ($_course == '-1') $_course = array(); return $_course; } From a0902e166b34cc6253ceb919cad11dd10501cf66 Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Mon, 19 Dec 2011 15:02:04 +0100 Subject: [PATCH 03/49] Some minor fixes in the test category, removing warnings/notices --- main/exercice/testcategory.class.php | 21 ++++++++++++------ main/exercice/tests_category.php | 33 +++++++++++----------------- 2 files changed, 27 insertions(+), 27 deletions(-) diff --git a/main/exercice/testcategory.class.php b/main/exercice/testcategory.class.php index 04fa8c079d..0ce217e883 100644 --- a/main/exercice/testcategory.class.php +++ b/main/exercice/testcategory.class.php @@ -14,7 +14,7 @@ class Testcategory { If you give an in_id and no in_name, you get info concerning the category of id=in_id otherwise, you've got an category objet avec your in_id, in_name, in_descr */ - function Testcategory($in_id=0, $in_name, $in_description="") { + function Testcategory($in_id=0, $in_name = '', $in_description="") { if ($in_id != 0 && $in_name == "") { $tmpobj = new Testcategory(); $tmpobj->getCategory($in_id); @@ -69,9 +69,13 @@ class Testcategory { } } - /** remove catagory with id=in_id from the database if no question use this category + /** + * Removes the category with id=in_id from the database if no question use this category + * @todo I'm removing the $in_id parameter because it seems that you're using $this->id instead of $in_id after confirmation delete this + * jmontoya */ - function removeCategory($in_id) { + //function removeCategory($in_id) { + function removeCategory($in_id) { $t_cattable = Database :: get_course_table(TABLE_QUIZ_QUESTION_CATEGORY); $v_id = Database::escape_string($this->id); $sql = "DELETE FROM $t_cattable WHERE id=$v_id AND c_id=".api_get_course_int_id(); @@ -102,18 +106,21 @@ class Testcategory { } } - /** get number of question of category id=in_id + /** + * Gets the number of question of category id=in_id + * @todo I'm removing the $in_id parameter because it seems that you're using $this->id instead of $in_id after confirmation delete this + * jmontoya */ - function getCategoryQuestionsNumber($in_id) { + //function getCategoryQuestionsNumber($in_id) { + function getCategoryQuestionsNumber() { $t_reltable = Database::get_course_table(TABLE_QUIZ_QUESTION_REL_CATEGORY); $in_id = Database::escape_string($this->id); $sql = "SELECT count(*) AS nb FROM $t_reltable WHERE category_id=$in_id AND c_id=".api_get_course_int_id(); - $res = Database::query($sql, __FILE__, __LINE__); + $res = Database::query($sql); $row = Database::fetch_array($res); return $row['nb']; } - function display($in_color="#E0EBF5") { echo " From 2dff2a39a31ae1d27545f03fc2c6bf38262b4dbf Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Wed, 21 Dec 2011 15:58:25 +0100 Subject: [PATCH 22/49] Fixing queries due the single database see #3910 --- main/group/group.php | 2 +- main/inc/lib/database.lib.php | 2 +- main/mySpace/index.php | 8 ++++---- main/mySpace/myStudents.php | 18 +++++++++--------- main/mySpace/myspace.lib.php | 3 +-- main/mySpace/student.php | 3 +++ main/tracking/courseLog.php | 18 +++++++++++------- main/tracking/exams.php | 4 ++-- 8 files changed, 32 insertions(+), 26 deletions(-) diff --git a/main/group/group.php b/main/group/group.php index 453a79bd6b..67c9229118 100644 --- a/main/group/group.php +++ b/main/group/group.php @@ -156,7 +156,7 @@ if (api_is_allowed_to_edit(false, true)) { echo '
'; if (api_is_allowed_to_edit(false, true)) { echo ''.Display::return_icon('new_group.png', get_lang('NewGroupCreate'),'','32').''; - if (Database::count_rows(Database::get_course_table(TABLE_GROUP)) > 0) { + if (CourseManager::count_rows_course_table(Database::get_course_table(TABLE_GROUP),api_get_session_id(), api_get_course_int_id())) > 0) { //echo ''.Display::return_icon('group_view.gif').' '.get_lang('GroupOverview').' '; echo ''.Display::return_icon('group_summary.png', get_lang('GroupOverview'),'','32').''; } diff --git a/main/inc/lib/database.lib.php b/main/inc/lib/database.lib.php index 2a03ef58bb..0d889eb389 100644 --- a/main/inc/lib/database.lib.php +++ b/main/inc/lib/database.lib.php @@ -378,7 +378,7 @@ class Database { * @return int The number of rows in the given table. */ public static function count_rows($table) { - $obj = self::fetch_object(self::query("SELECT COUNT(*) AS n FROM $table WHERE c_id = ".api_get_course_int_id())); // + $obj = self::fetch_object(self::query("SELECT COUNT(*) AS n FROM $table")); // return $obj->n; } diff --git a/main/mySpace/index.php b/main/mySpace/index.php index cbc73b050f..6d303eead0 100644 --- a/main/mySpace/index.php +++ b/main/mySpace/index.php @@ -367,10 +367,10 @@ if (api_is_allowed_to_create_course() && $view == 'teacher') { $table->set_additional_parameters($parameters); $table -> set_header(0, get_lang('CourseTitle'), false, 'align="center"'); $table -> set_header(1, get_lang('NbStudents'), false); - $table -> set_header(2, get_lang('AvgTimeSpentInTheCourse').Display :: return_icon('info3.gif', get_lang('TimeOfActiveByTraining'), array('align' => 'absmiddle', 'hspace' => '3px')), false); - $table -> set_header(3, get_lang('AvgStudentsProgress').Display :: return_icon('info3.gif', get_lang('AvgAllUsersInAllCourses'), array('align' => 'absmiddle', 'hspace' => '3px')), false); - $table -> set_header(4, get_lang('AvgCourseScore').Display :: return_icon('info3.gif', get_lang('AvgAllUsersInAllCourses'), array('align' => 'absmiddle', 'hspace' => '3px')), false); - $table -> set_header(5, get_lang('AvgExercisesScore').Display :: return_icon('info3.gif', get_lang('AvgAllUsersInAllCourses'), array('align' => 'absmiddle', 'hspace' => '3px')), false); + $table -> set_header(2, get_lang('AvgTimeSpentInTheCourse').' '.Display :: return_icon('info3.gif', get_lang('TimeOfActiveByTraining'), array('align' => 'absmiddle', 'hspace' => '3px')), false); + $table -> set_header(3, get_lang('AvgStudentsProgress').' '.Display :: return_icon('info3.gif', get_lang('AvgAllUsersInAllCourses'), array('align' => 'absmiddle', 'hspace' => '3px')), false); + $table -> set_header(4, get_lang('AvgCourseScore').' '.Display :: return_icon('info3.gif', get_lang('AvgAllUsersInAllCourses'), array('align' => 'absmiddle', 'hspace' => '3px')), false); + $table -> set_header(5, get_lang('AvgExercisesScore').' '.Display :: return_icon('info3.gif', get_lang('AvgAllUsersInAllCourses'), array('align' => 'absmiddle', 'hspace' => '3px')), false); $table -> set_header(6, get_lang('AvgMessages'), false); $table -> set_header(7, get_lang('AvgAssignments'), false); $table -> set_header(8, get_lang('Details'), false); diff --git a/main/mySpace/myStudents.php b/main/mySpace/myStudents.php index 2e3e82ad2b..630ea7c811 100644 --- a/main/mySpace/myStudents.php +++ b/main/mySpace/myStudents.php @@ -511,11 +511,11 @@ if (!empty($student_id)) { - 'absmiddle', 'hspace' => '3px'));?> + 'absmiddle', 'hspace' => '3px'));?> - 'absmiddle', 'hspace' => '3px')); ?> + 'absmiddle', 'hspace' => '3px')); ?> @@ -634,7 +634,7 @@ if (empty($_GET['details'])) { $scoretotal_display = '0/0 (0%)'; if (!empty($scoretotal)) { - $scoretotal_display = round($scoretotal[0],2).'/'.round($scoretotal[1],2).'('.round(($scoretotal[0] / $scoretotal[1]) * 100,2) . ' %)'; + $scoretotal_display = round($scoretotal[0],1).'/'.round($scoretotal[1],1).' ('.round(($scoretotal[0] / $scoretotal[1]) * 100,2) . ' %)'; } $progress = Tracking::get_avg_student_progress($info_user['user_id'], $course_code, null, $session_id); @@ -712,11 +712,11 @@ if (empty($_GET['details'])) { - - - - - + + + + + '.get_lang('Details').''; if (api_is_course_admin()) { @@ -841,7 +841,7 @@ if (empty($_GET['details'])) {
'absmiddle', 'hspace' => '3px')); ?> 'absmiddle', 'hspace' => '3px')); ?> 'absmiddle', 'hspace' => '3px')); ?> 'absmiddle','hspace' => '3px')); ?> 'absmiddle','hspace' => '3px')); ?> 'absmiddle', 'hspace' => '3px')); ?> 'absmiddle', 'hspace' => '3px')); ?> 'absmiddle', 'hspace' => '3px')); ?> 'absmiddle','hspace' => '3px')); ?> 'absmiddle','hspace' => '3px')); ?>
- + diff --git a/main/mySpace/myspace.lib.php b/main/mySpace/myspace.lib.php index 35083b6f4a..6fbebc5706 100644 --- a/main/mySpace/myspace.lib.php +++ b/main/mySpace/myspace.lib.php @@ -2,7 +2,6 @@ /* For licensing terms, see /license.txt */ require_once api_get_path(LIBRARY_PATH).'export.lib.inc.php'; require_once api_get_path(LIBRARY_PATH).'tracking.lib.php'; -require_once api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php'; class MySpace { @@ -1346,7 +1345,7 @@ class MySpace { // database table definition $access_url_id = api_get_current_access_url_id(); $tbl_url_rel_user = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER); - $main_user_table = Database :: get_main_table(TABLE_MAIN_USER); + $main_user_table = Database::get_main_table(TABLE_MAIN_USER); if ($_configuration['multiple_access_urls']) { $condition_multi_url = ", $tbl_url_rel_user as url_user WHERE user.user_id=url_user.user_id AND access_url_id='$access_url_id'"; diff --git a/main/mySpace/student.php b/main/mySpace/student.php index a56a2fecdf..821b7e582c 100644 --- a/main/mySpace/student.php +++ b/main/mySpace/student.php @@ -280,6 +280,9 @@ if (api_is_allowed_to_create_course() || api_is_drh()) { $row[] = $string_date; if ($export_csv) { + + $row[count($row) - 1] = strip_tags($row[count($row) - 1]); + $row[count($row) - 2] = strip_tags($row[count($row) - 2]); $csv_content[] = $row; } diff --git a/main/tracking/courseLog.php b/main/tracking/courseLog.php index 9cef919b0d..7f294c7e22 100644 --- a/main/tracking/courseLog.php +++ b/main/tracking/courseLog.php @@ -12,7 +12,7 @@ $pathopen = isset($_REQUEST['pathopen']) ? $_REQUEST['pathopen'] : null; // Language files that need to be included. $language_file = array('admin', 'tracking','scorm'); -// Including the global initialization file. +// Including the global initialization file require_once '../inc/global.inc.php'; $from_myspace = false; @@ -534,16 +534,21 @@ if ($_GET['studentlist'] == 'false') { $table->set_header(10, get_lang('Survey'), false); $table->set_header(11, get_lang('FirstLogin'), false, 'align="center"'); $table->set_header(12, get_lang('LatestLogin'), false, 'align="center"'); - $table->set_header(13, get_lang('AdditionalProfileField'), false); - $table->set_header(14, get_lang('Details'), false); + if (isset($_GET['additional_profile_field']) AND is_numeric($_GET['additional_profile_field'])) { + $table->set_header(13, $extra_info['field_display_text'], false); + $table->set_header(14, get_lang('Details'), false); + } else { + $table->set_header(13, get_lang('Details'), false); + } + } else { $table->set_header(10, get_lang('FirstLogin'), false, 'align="center"'); $table->set_header(11, get_lang('LatestLogin'), false, 'align="center"'); if (isset($_GET['additional_profile_field']) AND is_numeric($_GET['additional_profile_field'])) { $table->set_header(12, $extra_info['field_display_text'], false); - $table->set_header(13, get_lang('Details'), false); - } else { + $table->set_header(13, get_lang('Details'), false); + } else { $table->set_header(12, get_lang('Details'), false); } } @@ -577,8 +582,7 @@ if ($_GET['studentlist'] == 'false') { } $csv_headers[] = get_lang('FirstLogin', ''); - $csv_headers[] = get_lang('LatestLogin', ''); - + $csv_headers[] = get_lang('LatestLogin', ''); if (isset($_GET['additional_profile_field']) AND is_numeric($_GET['additional_profile_field'])) { $csv_headers[] = $extra_info['field_display_text']; diff --git a/main/tracking/exams.php b/main/tracking/exams.php index 78e4e8df9d..ca6c3882df 100644 --- a/main/tracking/exams.php +++ b/main/tracking/exams.php @@ -120,7 +120,7 @@ if (!$export_to_xls) { if ($global) { $html_result .= '
'absmiddle', 'hspace' => '3px')) ?> 'absmiddle', 'hspace' => '3px')) ?>
'; $html_result .= ''; - $html_result .= ''; + $html_result .= ''; $html_result .= ''; $html_result .= ''; $html_result .= ''; @@ -129,7 +129,7 @@ if ($global) { $html_result .= ''; } else { $html_result .= '
'.get_lang('Courses').''.get_lang('Exercises').''.get_lang('Quiz').''.get_lang('ExamTaken').''.get_lang('ExamNotTaken').''.sprintf(get_lang('ExamPassX'), $filter_score).'%
'; - $html_result .= ''; + $html_result .= ''; $html_result .= ''; //$html_result .= ''; $html_result .= ''; From 610a0218e9b26c6cad0fa93f93e6b5e26fa485a6 Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Wed, 21 Dec 2011 15:59:38 +0100 Subject: [PATCH 23/49] Minor - Showing admin setting with tabs (This funcionality is off) --- main/admin/index.php | 6 +-- .../template/default/admin/settings_index.tpl | 49 +++++++++++++------ 2 files changed, 36 insertions(+), 19 deletions(-) diff --git a/main/admin/index.php b/main/admin/index.php index 09b67f675f..62bb71a390 100644 --- a/main/admin/index.php +++ b/main/admin/index.php @@ -24,6 +24,7 @@ $this_section = SECTION_PLATFORM_ADMIN; api_protect_admin_script(true); $nameTools = get_lang('PlatformAdmin'); +$htmlHeadXtra[] = api_get_jquery_ui_js(); // Displaying the header $message = ''; @@ -271,10 +272,7 @@ if (api_is_platform_admin()) { $items[] = array('url'=>'../../documentation/optimization.html', 'label' => get_lang('OptimizationGuide')); $items[] = array('url'=>'http://www.chamilo.org/extensions', 'label' => get_lang('ChamiloExtensions')); - $blocks['chamilo']['items'] = $items; - - - + $blocks['chamilo']['items'] = $items; // Try to display a maximum before we check the chamilo version and all that. //session_write_close(); //close session to avoid blocking concurrent access diff --git a/main/template/default/admin/settings_index.tpl b/main/template/default/admin/settings_index.tpl index 3abddfc052..12af5ae505 100644 --- a/main/template/default/admin/settings_index.tpl +++ b/main/template/default/admin/settings_index.tpl @@ -1,16 +1,35 @@ + -{foreach $blocks as $key => $block } -
-

{$block.icon} {$block.label}

-
- {$block.search_form} -
- {if $block.items} -
    - {foreach $block.items as $url} -
  • {$url.label}
    • - {/foreach} -
- {/if} -
-{/foreach} \ No newline at end of file +
+ + {foreach $blocks as $key => $block name=block_loop } +
+

{$block.icon} {$block.label}

+
+ {$block.search_form} +
+ {if $block.items} +
    + {foreach $block.items as $url} +
  • {$url.label}
    • + {/foreach} +
+ {/if} +
+ {/foreach} +
From 641711ed27edecd1cb13f6d7364280a0c9ad84dc Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Wed, 21 Dec 2011 17:17:25 +0100 Subject: [PATCH 24/49] Minor corrections in exercises --- main/exercice/exercice.php | 1 + main/exercice/exercise_submit.php | 2 +- main/exercice/hotspot.class.php | 6 +++--- main/exercice/testcategory.class.php | 8 ++++---- main/metadata/md_document.php | 15 +++++++-------- 5 files changed, 16 insertions(+), 16 deletions(-) mode change 100755 => 100644 main/exercice/hotspot.class.php mode change 100755 => 100644 main/metadata/md_document.php diff --git a/main/exercice/exercice.php b/main/exercice/exercice.php index 1504eee9f5..6d524bfb19 100644 --- a/main/exercice/exercice.php +++ b/main/exercice/exercice.php @@ -34,6 +34,7 @@ require_once 'exercise.class.php'; require_once 'exercise.lib.php'; require_once 'question.class.php'; require_once 'answer.class.php'; +require_once 'testcategory.class.php'; require_once api_get_path(LIBRARY_PATH) . 'fileManage.lib.php'; require_once api_get_path(LIBRARY_PATH) . 'fileUpload.lib.php'; require_once 'hotpotatoes.lib.php'; diff --git a/main/exercice/exercise_submit.php b/main/exercice/exercise_submit.php index 15310e3214..718286391b 100644 --- a/main/exercice/exercise_submit.php +++ b/main/exercice/exercise_submit.php @@ -853,7 +853,7 @@ if (!empty($error)) { data: "'.$params.'&type=simple&question_id="+question_id+"&"+my_choice+"&"+hotspot+"&"+remind_list, success: function(return_value) { if (return_value == "ok") { - $("#save_for_now_"+question_id).html("'.addslashes(Display::return_icon('accept.png', get_lang('Ok'), array(), 22)).'"); + $("#save_for_now_"+question_id).html("'.addslashes(Display::return_icon('save.png', get_lang('Saved'), array(), 22)).'"); } else if (return_value == "error") { $("#save_for_now_"+question_id).html("'.addslashes(Display::return_icon('error.png', get_lang('Error'), array(), 22)).'"); } else if (return_value == "one_per_page") { diff --git a/main/exercice/hotspot.class.php b/main/exercice/hotspot.class.php old mode 100755 new mode 100644 index c7a0dd7b75..d388be7ea0 --- a/main/exercice/hotspot.class.php +++ b/main/exercice/hotspot.class.php @@ -41,14 +41,14 @@ class HotSpot extends Question { global $text, $class; if(!isset($_GET['editQuestion'])) { $renderer = $form->defaultRenderer(); - $form->addElement('html', '
'.get_lang('UploadJpgPicture').'
'); - $form->addElement('file','imageUpload','*'); + //$form->addElement('html', '
'.get_lang('UploadJpgPicture').'
'); + $form->addElement('file','imageUpload',array('*', get_lang('UploadJpgPicture')) ); // setting the save button here and not in the question class.php // Saving a question $form->addElement('style_submit_button','submitQuestion',get_lang('GoToQuestion'), 'class="'.$class.'"'); - $renderer->setElementTemplate('
{label}
{element}
','imageUpload'); + $renderer->setElementTemplate('
{label}
{element}{label_2}
','imageUpload'); $form->addRule('imageUpload', get_lang('OnlyImagesAllowed'), 'filetype', array ('jpg', 'jpeg', 'png', 'gif')); $form->addRule('imageUpload', get_lang('NoImage'), 'uploadedfile'); } else { diff --git a/main/exercice/testcategory.class.php b/main/exercice/testcategory.class.php index 0ce217e883..39179962c2 100644 --- a/main/exercice/testcategory.class.php +++ b/main/exercice/testcategory.class.php @@ -75,15 +75,14 @@ class Testcategory { * jmontoya */ //function removeCategory($in_id) { - function removeCategory($in_id) { + function removeCategory() { $t_cattable = Database :: get_course_table(TABLE_QUIZ_QUESTION_CATEGORY); $v_id = Database::escape_string($this->id); $sql = "DELETE FROM $t_cattable WHERE id=$v_id AND c_id=".api_get_course_int_id(); $res = Database::query($sql); if (Database::affected_rows() <= 0) { return false; - } - else { + } else { return true; } } @@ -91,7 +90,8 @@ class Testcategory { /** modify category name or description of category with id=in_id */ - function modifyCategory($in_id, $in_name, $in_description) { + //function modifyCategory($in_id, $in_name, $in_description) { + function modifyCategory() { $t_cattable = Database :: get_course_table(TABLE_QUIZ_QUESTION_CATEGORY); $v_id = Database::escape_string($this->id); $v_name = Database::escape_string($this->name); diff --git a/main/metadata/md_document.php b/main/metadata/md_document.php old mode 100755 new mode 100644 index e174a9e6a8..26afa70e4f --- a/main/metadata/md_document.php +++ b/main/metadata/md_document.php @@ -149,9 +149,9 @@ function mdo_add_breadcrump_nav() } -function mdobject($_course, $id) -{ +function mdobject($_course, $id) { global $ieee_dcmap_e, $ieee_dcmap_v; // md_funcs + $course_id = api_get_course_int_id(); $this->mdo_course = $_course; $this->mdo_type = 'Document'; $this->mdo_id = $id; $this->mdo_eid = $this->mdo_type . '.' . $id; @@ -159,10 +159,9 @@ function mdobject($_course, $id) $this->mdo_dcmap_e = $ieee_dcmap_e; $this->mdo_dcmap_v = $ieee_dcmap_v; $document_table = Database::get_course_table(TABLE_DOCUMENT); - if (($docinfo = @Database::fetch_array(Database::query( - "SELECT path,title,comment,filetype FROM $document_table WHERE id='" . - addslashes($id) . "'")))) - { + $sql = "SELECT path,title,comment,filetype FROM $document_table WHERE c_id = $course_id AND id='" .intval($id) . "'"; + + if (($docinfo = Database::fetch_array(Database::query($sql)))) { $this->mdo_path = $docinfo['path']; $this->mdo_title = $docinfo['title']; $this->mdo_comment = $docinfo['comment']; @@ -170,8 +169,8 @@ function mdobject($_course, $id) $this->mdo_group = ''; // 2005-05-30: find group_id, if any $group_info = Database::get_course_table(TABLE_GROUP); - if (($result = Database::query( - "SELECT id,secret_directory FROM $group_info"))) + $sql = "SELECT id,secret_directory FROM $group_info WHERE c_id = $course_id"; + if (($result = Database::query($sql))) while (($row = Database::fetch_array($result))) if (($secdir = $row['secret_directory'] . '/') == substr($this->mdo_path, 0, strlen($secdir))) From d267cbc1af54adfbaf15e6c0f9ecccada5d1315c Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Wed, 21 Dec 2011 18:03:45 +0100 Subject: [PATCH 25/49] Fixing queries due the single database changes see #3910 --- main/group/group.php | 2 +- main/group/group_space.php | 2 +- main/inc/local.inc.php | 4 ++-- main/link/link.php | 2 +- main/metadata/md_link.php | 12 +++++++----- 5 files changed, 12 insertions(+), 10 deletions(-) mode change 100755 => 100644 main/metadata/md_link.php diff --git a/main/group/group.php b/main/group/group.php index 67c9229118..e6444acbab 100644 --- a/main/group/group.php +++ b/main/group/group.php @@ -156,7 +156,7 @@ if (api_is_allowed_to_edit(false, true)) { echo '
'; if (api_is_allowed_to_edit(false, true)) { echo ''.Display::return_icon('new_group.png', get_lang('NewGroupCreate'),'','32').''; - if (CourseManager::count_rows_course_table(Database::get_course_table(TABLE_GROUP),api_get_session_id(), api_get_course_int_id())) > 0) { + if (CourseManager::count_rows_course_table(Database::get_course_table(TABLE_GROUP),api_get_session_id(), api_get_course_int_id()) > 0) { //echo ''.Display::return_icon('group_view.gif').' '.get_lang('GroupOverview').' '; echo ''.Display::return_icon('group_summary.png', get_lang('GroupOverview'),'','32').''; } diff --git a/main/group/group_space.php b/main/group/group_space.php index 18a2cc9f7d..f2572711dd 100644 --- a/main/group/group_space.php +++ b/main/group/group_space.php @@ -53,7 +53,7 @@ if ($current_group['doc_state'] != 1 && $current_group['calendar_state'] != 1 && /* Header */ -Display::display_header($nameTools.' '.stripslashes($current_group['name']), 'Group'); +Display::display_header($nameTools.' '.Security::remove_XSS($current_group['name']), 'Group'); /* Introduction section (editable by course admin) */ diff --git a/main/inc/local.inc.php b/main/inc/local.inc.php index 230902df16..33749b6058 100644 --- a/main/inc/local.inc.php +++ b/main/inc/local.inc.php @@ -1070,8 +1070,8 @@ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) { // ses if ((isset($gidReset) && $gidReset) || (isset($cidReset) && $cidReset)) { // session data refresh requested if ($gidReq && $_cid ) { // have keys to search data - $group_table = Database::get_course_table(TABLE_GROUP); - $sql = "SELECT * FROM $group_table WHERE id = '$gidReq'"; + $group_table = Database::get_course_table(TABLE_GROUP); + $sql = "SELECT * FROM $group_table WHERE c_id = ".$_course['real_id']." AND id = '$gidReq'"; $result = Database::query($sql); if (Database::num_rows($result) > 0) { // This group has recorded status related to this course $gpData = Database::fetch_array($result); diff --git a/main/link/link.php b/main/link/link.php index 99c6e3456c..376912945c 100644 --- a/main/link/link.php +++ b/main/link/link.php @@ -218,7 +218,7 @@ if (api_is_allowed_to_edit(null, true) && isset($_GET['action'])) { } echo '
- * '.get_lang('Url').' + * URL
diff --git a/main/metadata/md_link.php b/main/metadata/md_link.php old mode 100755 new mode 100644 index 877fef4d28..b84b22773e --- a/main/metadata/md_link.php +++ b/main/metadata/md_link.php @@ -135,6 +135,8 @@ function mdo_override(&$xmlDoc) // by ref! function mdo_storeback(&$xmlDoc) // by ref! { + $course_id = api_get_course_int_id(); + if (!$this->mdo_url) return; // no record in link table, most probably if (!($v = $xmlDoc->xmd_value('metadata/lom/technical/location'))) return; @@ -164,7 +166,7 @@ function mdo_storeback(&$xmlDoc) // by ref! $link_table = Database::get_course_table(TABLE_LINK); if ($u) Database::query("UPDATE $link_table SET " . substr($u, 2) . - " WHERE id='" . addslashes($this->mdo_id) . "'"); + " WHERE c_id = $course_id AND id='" . addslashes($this->mdo_id) . "'"); } @@ -186,7 +188,8 @@ function mdo_add_breadcrump_nav() function mdobject($_course, $id) { global $ieee_dcmap_e, $ieee_dcmap_v; // md_funcs - + $course_id = api_get_course_int_id(); + $this->mdo_course = $_course; $this->mdo_type = 'Link'; $this->mdo_id = $id; $this->mdo_eid = $this->mdo_type . '.' . $id; @@ -194,8 +197,7 @@ function mdobject($_course, $id) $link_table = Database::get_course_table(TABLE_LINK); if (($linkinfo = @Database::fetch_array(Database::query( - "SELECT url,title,description,category_id FROM $link_table WHERE id='" . - addslashes($id) . "'")))) + "SELECT url,title,description,category_id FROM $link_table WHERE c_id = $course_id AND id='" .intval($id) . "'")))) { $this->mdo_url = $linkinfo['url']; $this->mdo_title = $linkinfo['title']; @@ -204,7 +206,7 @@ function mdobject($_course, $id) $linkcat_table = Database::get_course_table(TABLE_LINK_CATEGORY); if (($catinfo = @Database::fetch_array(Database::query( - "SELECT category_title FROM $linkcat_table WHERE id='" . + "SELECT category_title FROM $linkcat_table WHERE c_id = $course_id AND id='" . addslashes($lci) . "'")))) $this->mdo_category_title = $catinfo['category_title']; } From 7db54fb732e60acb11a7364d3027abcf8e0e0b16 Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Wed, 21 Dec 2011 18:49:14 +0100 Subject: [PATCH 26/49] Now we can add as an announcement with the new interface of the agenda --- main/calendar/agenda.lib.php | 78 +++++++++++++++++++++++++- main/inc/ajax/agenda.ajax.php | 20 +++++-- main/template/default/agenda/month.tpl | 35 +++++++++--- 3 files changed, 118 insertions(+), 15 deletions(-) diff --git a/main/calendar/agenda.lib.php b/main/calendar/agenda.lib.php index dee2a59dae..2e359ef254 100644 --- a/main/calendar/agenda.lib.php +++ b/main/calendar/agenda.lib.php @@ -41,7 +41,7 @@ class Agenda { * @param string agendaDay, agendaWeek, month * @param string personal, course or global (only works for personal by now) */ - function add_event($start, $end, $all_day, $view, $title, $content, $users_to_send = array()) { + function add_event($start, $end, $all_day, $view, $title, $content, $users_to_send = array(), $add_as_announcement = false) { $start = date('Y-m-d H:i:s', $start); $end = date('Y-m-d H:i:s', $end); @@ -74,7 +74,7 @@ class Agenda { //simple course event $id = Database::insert($this->tbl_course_agenda, $attributes); - if ($id) { + if ($id) { //api_item_property_update($this->course, TOOL_CALENDAR_EVENT, $id, "AgendaAdded", api_get_user_id(), '','',$start, $end); $group_id = api_get_group_id(); if ((!is_null($users_to_send)) or (!empty($group_id))) { @@ -99,6 +99,10 @@ class Agenda { } } } + + if (isset($add_as_announcement) && !empty($add_as_announcement)) { + self::store_agenda_item_as_announcement($id); + } } @@ -115,6 +119,76 @@ class Agenda { } return $id; } + + + /* copycat of the agenda.inc.php @todo try to fix it */ + + function store_agenda_item_as_announcement($item_id){ + $table_agenda = Database::get_course_table(TABLE_AGENDA); + $table_ann = Database::get_course_table(TABLE_ANNOUNCEMENT); + $course_id = api_get_course_int_id(); + //check params + if(empty($item_id) or $item_id != strval(intval($item_id))) {return -1;} + //get the agenda item + + $item_id = Database::escape_string($item_id); + $sql = "SELECT * FROM $table_agenda WHERE c_id = $course_id AND id = ".$item_id; + $res = Database::query($sql); + + if (Database::num_rows($res)>0) { + $row = Database::fetch_array($res); + + //we have the agenda event, copy it + //get the maximum value for display order in announcement table + $sql_max = "SELECT MAX(display_order) FROM $table_ann WHERE c_id = $course_id "; + $res_max = Database::query($sql_max); + $row_max = Database::fetch_array($res_max); + $max = intval($row_max[0])+1; + //build the announcement text + $content = $row['content']; + //insert announcement + $session_id = api_get_session_id(); + + + $sql_ins = "INSERT INTO $table_ann (c_id, title,content,end_date,display_order,session_id) " . + "VALUES ($course_id, '".Database::escape_string($row['title'])."','".Database::escape_string($content)."','".Database::escape_string($row['end_date'])."','$max','$session_id')"; + $res_ins = Database::query($sql_ins); + if ($res > 0) { + $ann_id = Database::insert_id(); + //Now also get the list of item_properties rows for this agenda_item (calendar_event) + //and copy them into announcement item_properties + $table_props = Database::get_course_table(TABLE_ITEM_PROPERTY); + $sql_props = "SELECT * FROM $table_props WHERE c_id = $course_id AND tool ='calendar_event' AND ref='$item_id'"; + $res_props = Database::query($sql_props); + if(Database::num_rows($res_props)>0) { + while($row_props = Database::fetch_array($res_props)) { + //insert into announcement item_property + $time = api_get_utc_datetime(); + $sql_ins_props = "INSERT INTO $table_props " . + "(c_id, tool, insert_user_id, insert_date, " . + "lastedit_date, ref, lastedit_type," . + "lastedit_user_id, to_group_id, to_user_id, " . + "visibility, start_visible, end_visible)" . + " VALUES " . + "($course_id, 'announcement','".$row_props['insert_user_id']."','".$time."'," . + "'$time','$ann_id','AnnouncementAdded'," . + "'".$row_props['last_edit_user_id']."','".$row_props['to_group_id']."','".$row_props['to_user_id']."'," . + "'".$row_props['visibility']."','".$row_props['start_visible']."','".$row_props['end_visible']."')"; + $res_ins_props = Database::query($sql_ins_props); + if($res_ins_props <= 0){ + return -1; + } else { + //copy was a success + return $ann_id; + } + } + } + } else { + return -1; + } + } + return -1; + } function edit_event($id, $start, $end, $all_day, $view, $title, $content) { $start = date('Y-m-d H:i:s', $start); diff --git a/main/inc/ajax/agenda.ajax.php b/main/inc/ajax/agenda.ajax.php index d82f60eeb6..acca4f6662 100644 --- a/main/inc/ajax/agenda.ajax.php +++ b/main/inc/ajax/agenda.ajax.php @@ -19,24 +19,34 @@ $agenda->type = $type; //course,admin or personal switch ($action) { case 'add_event': - echo $agenda->add_event($_REQUEST['start'], $_REQUEST['end'], $_REQUEST['all_day'], $_REQUEST['view'], $_REQUEST['title'], $_REQUEST['content'], $_REQUEST['users_to_send']); + if (!api_is_allowed_to_edit(null, true) && $type == 'course') { + break; + } + echo $agenda->add_event($_REQUEST['start'], $_REQUEST['end'], $_REQUEST['all_day'], $_REQUEST['view'], + $_REQUEST['title'], $_REQUEST['content'], $_REQUEST['users_to_send'], $_REQUEST['add_as_annonuncement']); break; case 'edit_event': - $id_list = explode('_', $_REQUEST['id']); - //$type = $id_list[0]; + if (!api_is_allowed_to_edit(null, true) && $type == 'course') { + break; + } + $id_list = explode('_', $_REQUEST['id']); $id = $id_list[1]; $agenda->edit_event($id, $_REQUEST['start'], $_REQUEST['end'], $_REQUEST['all_day'], $_REQUEST['view'], $_REQUEST['title'], $_REQUEST['content']); break; case 'delete_event': + if (!api_is_allowed_to_edit(null, true) && $type == 'course') { + break; + } $id_list = explode('_', $_REQUEST['id']); - //$type = $id_list[0]; $id = $id_list[1]; $agenda->delete_event($id); break; case 'move_event': + if (!api_is_allowed_to_edit(null, true) && $type == 'course') { + break; + } $day_delta = $_REQUEST['day_delta']; $minute_delta = $_REQUEST['minute_delta']; - //$type = $_REQUEST['type'][0]; $id = explode('_', $_REQUEST['id']); $id = $id[1]; $agenda->move_event($id, $day_delta, $minute_delta); diff --git a/main/template/default/agenda/month.tpl b/main/template/default/agenda/month.tpl index 9a467d2465..9bfe4722e4 100644 --- a/main/template/default/agenda/month.tpl +++ b/main/template/default/agenda/month.tpl @@ -29,7 +29,7 @@ $(document).ready(function() { autoOpen: false, modal : false, width : 550, - height : 400 + height : 450 }); var title = $( "#title" ), @@ -88,7 +88,8 @@ $(document).ready(function() { var start_date = Math.round(start.getTime() / 1000); var end_date = Math.round(end.getTime() / 1000); - $('#visible_to_input').show(); + $('#visible_to_input').show(); + $('#add_as_announcement_div').show(); //Cleans the selected attr clean_user_select(); @@ -123,7 +124,7 @@ $(document).ready(function() { $("#dialog-form").dialog({ buttons: { - "Add event": function() { + {"Add"|get_lang}: function() { var bValid = true; bValid = bValid && checkLength( title, "title", 1, 255 ); //bValid = bValid && checkLength( content, "content", 1, 255 ); @@ -169,6 +170,8 @@ $(document).ready(function() { } $('#visible_to_input').hide(); + $('#add_as_announcement_div').hide(); + $('#color_calendar').html('{$type_label}'); $('#color_calendar').addClass('label_tag'); @@ -191,7 +194,7 @@ $(document).ready(function() { $("#dialog-form").dialog({ buttons: { - "Edit" : function() { + {"Edit"|get_lang} : function() { var bValid = true; bValid = bValid && checkLength( title, "title", 1, 255 ); @@ -215,7 +218,7 @@ $(document).ready(function() { } }); }, - "Delete": function() { + {"Delete"|get_lang}: function() { $.ajax({ url: delete_url, success:function() { @@ -258,8 +261,9 @@ $(document).ready(function() { From 309a69423c476a6d8edfb00902384527533a6942 Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Thu, 22 Dec 2011 13:45:00 +0100 Subject: [PATCH 27/49] Fixing queries due the single database changes see #3910 --- main/chat/chat_functions.lib.php | 49 ++++--- main/chat/chat_hidden.php | 20 ++- main/chat/chat_whoisonline.php | 2 +- main/inc/lib/display.lib.php | 2 +- main/inc/lib/link.lib.php | 2 +- main/survey/fillsurvey.php | 106 +++++++-------- main/survey/preview.php | 15 +-- main/survey/question.php | 8 +- main/survey/reporting.php | 6 - main/survey/survey.lib.php | 214 +++++++++++++++++-------------- main/survey/survey.php | 23 ++-- main/survey/survey_invite.php | 16 +-- main/work/work.lib.php | 11 +- main/work/work.php | 21 ++- 14 files changed, 254 insertions(+), 241 deletions(-) mode change 100755 => 100644 main/chat/chat_functions.lib.php mode change 100755 => 100644 main/survey/question.php mode change 100755 => 100644 main/survey/reporting.php diff --git a/main/chat/chat_functions.lib.php b/main/chat/chat_functions.lib.php old mode 100755 new mode 100644 index cc2c979b11..431ec2f7d0 --- a/main/chat/chat_functions.lib.php +++ b/main/chat/chat_functions.lib.php @@ -10,10 +10,11 @@ */ function exit_of_chat($user_id) { $user_id = intval($user_id); + $course_id = api_get_course_int_id(); $list_course = array(); $list_course = CourseManager::get_courses_list_by_user_id($user_id); - $group_id = intval($_SESSION['id_group']); + $group_id = intval($_SESSION['id_group']); $session_id = intval($_SESSION['id_session']); $extra_condition = ''; @@ -22,11 +23,11 @@ function exit_of_chat($user_id) { } else { $extra_condition = api_get_session_condition($session_id); } - + $extra_condition.= " AND course_id = $course_id"; foreach ($list_course as $courses) { - $response = user_connected_in_chat($user_id,$courses['db_name']); + $response = user_connected_in_chat($user_id); if ($response === true) { - $tbl_chat_connected = Database::get_course_chat_connected_table($courses['db_name']); + $tbl_chat_connected = Database::get_course_table(CHAT_CONNECTED_TABLE); $sql = 'DELETE FROM '.$tbl_chat_connected.' WHERE user_id='.$user_id.$extra_condition; Database::query($sql); } @@ -39,12 +40,14 @@ function exit_of_chat($user_id) { * @param string the database name * @return boolean */ -function user_connected_in_chat ($user_id, $database_name) { - $tbl_chat_connected = Database::get_course_chat_connected_table($database_name); +function user_connected_in_chat ($user_id) { + $tbl_chat_connected = Database::get_course_table(CHAT_CONNECTED_TABLE); $group_id = intval($_SESSION['id_group']); $session_id = intval($_SESSION['id_session']); $user_id = intval($user_id); + $course_id = api_get_course_int_id(); + $extra_condition = ''; if (!empty($group_id)) { @@ -53,7 +56,7 @@ function user_connected_in_chat ($user_id, $database_name) { $extra_condition = api_get_session_condition($session_id); } - $sql = 'SELECT COUNT(*) AS count FROM '.$tbl_chat_connected .' c WHERE user_id='.$user_id.$extra_condition; + $sql = 'SELECT COUNT(*) AS count FROM '.$tbl_chat_connected .' c WHERE c_id = '.$course_id.' AND user_id='.$user_id.$extra_condition; $result = Database::query($sql); $count = Database::fetch_array($result,'ASSOC'); return $count['count'] == 1; @@ -63,16 +66,12 @@ function user_connected_in_chat ($user_id, $database_name) { * @param string $database_name (optional) * @return void */ -function disconnect_user_of_chat($database_name = '') { - +function disconnect_user_of_chat() { $list_info_user_in_chat = array(); - - if (!empty($database_name)) { - $list_info_user_in_chat = users_list_in_chat($database_name); - } else { - $list_info_user_in_chat = users_list_in_chat(); - } - + $course_id = api_get_course_int_id(); + $list_info_user_in_chat = users_list_in_chat(); + $course_id = api_get_course_int_id(); + $cd_date = date('Y-m-d',time()); $cdate_h = date('H',time()); $cdate_m = date('i',time()); @@ -87,14 +86,9 @@ function disconnect_user_of_chat($database_name = '') { $date_db_s = date('s', strtotime($list_info_user['last_connection'])); $date_count_time_seconds=$date_db_h*3600 + $date_db_m*60 + $date_db_s; if ($cd_date == $date_db_date) { - if (($cd_count_time_seconds - $date_count_time_seconds) > 5) { - - $tbl_chat_connected = Database::get_course_chat_connected_table(); - if (!empty($database_name)) { - $tbl_chat_connected = Database::get_course_chat_connected_table($database_name); - } - - $sql = 'DELETE FROM '.$tbl_chat_connected.' WHERE user_id='.$list_info_user['user_id']; + if (($cd_count_time_seconds - $date_count_time_seconds) > 5) { + $tbl_chat_connected = Database::get_course_table(CHAT_CONNECTED_TABLE); + $sql = 'DELETE FROM '.$tbl_chat_connected.' WHERE c_id = '.$course_id.' AND user_id ='.$list_info_user['user_id']; Database::query($sql); } } @@ -106,9 +100,11 @@ function disconnect_user_of_chat($database_name = '') { * @param string $database_name (optional) * @return array user list in chat */ -function users_list_in_chat ($database_name = '') { +function users_list_in_chat() { $list_users_in_chat = array(); - $tbl_chat_connected = Database::get_course_chat_connected_table($database_name); + $tbl_chat_connected = Database::get_course_table(CHAT_CONNECTED_TABLE); + $course_id = api_get_course_int_id(); + $group_id = intval($_SESSION['id_group']); $session_id = intval($_SESSION['id_session']); $extra_condition = ''; @@ -117,6 +113,7 @@ function users_list_in_chat ($database_name = '') { } else{ $extra_condition = api_get_session_condition($session_id, false); } + $extra_condition.= " AND c_id = $course_id "; $sql = 'SELECT user_id,last_connection FROM '.$tbl_chat_connected.$extra_condition; $result = Database::query($sql); while ($row = Database::fetch_array($result, 'ASSOC')) { diff --git a/main/chat/chat_hidden.php b/main/chat/chat_hidden.php index 4202b799ef..c923560831 100644 --- a/main/chat/chat_hidden.php +++ b/main/chat/chat_hidden.php @@ -16,12 +16,13 @@ define('FRAME', 'hidden'); $language_file = array('chat'); require_once '../inc/global.inc.php'; -require_once api_get_path(LIBRARY_PATH).'course.lib.php'; require_once api_get_path(LIBRARY_PATH).'groupmanager.lib.php'; require_once 'chat_functions.lib.php'; $tbl_user = Database::get_main_table(TABLE_MAIN_USER); -$tbl_chat_connected = Database::get_course_chat_connected_table(); +$tbl_chat_connected = Database::get_course_table(CHAT_CONNECTED_TABLE); + +$course_id = api_get_course_int_id(); $query = "SELECT username FROM $tbl_user WHERE user_id='".$_user['user_id']."'"; $result = Database::query($query); @@ -31,10 +32,6 @@ list($pseudo_user) = Database::fetch_row($result); $isAllowed = !(empty($pseudo_user) || !$_cid); $isMaster = (bool)$is_courseAdmin; -/*if(!$isAllowed) { - exit(); -}*/ - $date_now = date('Y-m-d'); $group_id = intval($_SESSION['_gid']); @@ -49,6 +46,8 @@ if (!empty($group_id)) { $extra_condition = $session_condition; } +$extra_condition.= " AND c_id = $course_id"; + // get chat path $chat_path = ''; $document_path = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document'; @@ -83,9 +82,9 @@ $result = Database::query($sql); // The user_id exists so we must do an UPDATE and not a INSERT $current_time = date('Y-m-d H:i:s'); if (Database::num_rows($result) == 0) { - $query = "INSERT INTO $tbl_chat_connected(user_id,last_connection,session_id,to_group_id) VALUES('".$_user['user_id']."','$current_time','$session_id','$group_id')"; + $query = "INSERT INTO $tbl_chat_connected(c_id, user_id,last_connection,session_id,to_group_id) VALUES($course_id, '".$_user['user_id']."','$current_time','$session_id','$group_id')"; } else { - $query = "UPDATE $tbl_chat_connected set last_connection='".$current_time."' WHERE user_id='".$_user['user_id']."' AND session_id='$session_id' AND to_group_id='$group_id'"; + $query = "UPDATE $tbl_chat_connected set last_connection='".$current_time."' WHERE c_id = $course_id AND user_id='".$_user['user_id']."' AND session_id='$session_id' AND to_group_id='$group_id'"; } Database::query($query); @@ -112,12 +111,10 @@ if (api_get_setting('show_navigation_menu') != 'false') { } } ?> -
- ".COURSE_RELATION_TYPE_RRHH." AND t3.course_code = '".$_course['sysCode']."' AND t2.last_connection>'".$date_inter."' $extra_condition - ORDER BY username"; + ORDER BY username"; $result = Database::query($query); $users = Database::store_result($result); } else { diff --git a/main/inc/lib/display.lib.php b/main/inc/lib/display.lib.php index 1f8f64d118..9d9a0f2e52 100644 --- a/main/inc/lib/display.lib.php +++ b/main/inc/lib/display.lib.php @@ -1098,7 +1098,7 @@ class Display { // If it's a survey, make sure the user's invited. Otherwise drop it. if ($item_property['tool'] == TOOL_SURVEY) { $survey_info = survey_manager::get_survey($item_property['ref'], 0, $course_code); - $invited_users = SurveyUtil::get_invited_users($survey_info['code'], $course_database); + $invited_users = SurveyUtil::get_invited_users($survey_info['code'], $course_code); if (!in_array($user_id, $invited_users['course_users'])) continue; } // If it's a learning path, ensure it is currently visible to the user diff --git a/main/inc/lib/link.lib.php b/main/inc/lib/link.lib.php index ae4a4666a6..133691bdf1 100644 --- a/main/inc/lib/link.lib.php +++ b/main/inc/lib/link.lib.php @@ -401,7 +401,7 @@ function editlinkcategory($type) { "category_id='" . Database :: escape_string($_POST['selectcategory']) . "', " . "display_order='" . $max_display_order . "', " . "on_homepage='" . Database :: escape_string($onhomepage) . " ' $mytarget " . - " WHERE id='" . intval($_POST['id']) . "'"; + " WHERE c_id = $course_id AND id='" . intval($_POST['id']) . "'"; Database :: query($sql); // Update search enchine and its values table if enabled. diff --git a/main/survey/fillsurvey.php b/main/survey/fillsurvey.php index 1afee88c24..ee47f19d4e 100644 --- a/main/survey/fillsurvey.php +++ b/main/survey/fillsurvey.php @@ -24,7 +24,7 @@ if (!isset($_GET['cidReq'])) { } // Including the global initialization file -require '../inc/global.inc.php'; +require_once '../inc/global.inc.php'; // Including additional libraries //require_once api_get_path(LIBRARY_PATH).'survey.lib.php'; @@ -41,14 +41,18 @@ Display :: display_header(get_lang('ToolSurvey')); // getting all the course information $_course = CourseManager::get_course_information($_GET['course']); +$course_id = api_get_course_int_id(); + // Database table definitions -$table_survey = Database :: get_course_table(TABLE_SURVEY, $_course['db_name']); -$table_survey_answer = Database :: get_course_table(TABLE_SURVEY_ANSWER, $_course['db_name']); -$table_survey_question = Database :: get_course_table(TABLE_SURVEY_QUESTION, $_course['db_name']); -$table_survey_question_option = Database :: get_course_table(TABLE_SURVEY_QUESTION_OPTION, $_course['db_name']); +$table_survey = Database :: get_course_table(TABLE_SURVEY); +$table_survey_answer = Database :: get_course_table(TABLE_SURVEY_ANSWER); +$table_survey_question = Database :: get_course_table(TABLE_SURVEY_QUESTION); +$table_survey_question_option = Database :: get_course_table(TABLE_SURVEY_QUESTION_OPTION); +$table_survey_invitation = Database :: get_course_table(TABLE_SURVEY_INVITATION); + $table_course = Database :: get_main_table(TABLE_MAIN_COURSE); $table_user = Database :: get_main_table(TABLE_MAIN_USER); -$table_survey_invitation = Database :: get_course_table(TABLE_SURVEY_INVITATION, $_course['db_name']); + // First we check if the needed parameters are present if ((!isset($_GET['course']) || !isset($_GET['invitationcode']))&& !isset($_GET['user_id'])) { @@ -69,7 +73,7 @@ if ($invitationcode == 'auto' && isset($_GET['scode'])){ $scode = Database::escape_string($_GET['scode']); // Survey_code of the survey $autoInvitationcode = "auto-$userid-$scode"; // New invitation code from userid // The survey code must exist in this course, or the URL is invalid - $sql = "SELECT * FROM $table_survey WHERE code ='" . $scode . "'"; + $sql = "SELECT * FROM $table_survey WHERE c_id = $course_id AND code ='" . $scode . "'"; $result = Database::query($sql); if (Database :: num_rows($result) > 0) { // Ok // Check availability @@ -77,11 +81,11 @@ if ($invitationcode == 'auto' && isset($_GET['scode'])){ $tempdata = survey_manager :: get_survey($row['survey_id']); check_time_availability($tempdata); //exit if survey not available anymore // Check for double invitation records (insert should be done once) - $sql = "SELECT user from $table_survey_invitation WHERE invitation_code = '".Database::escape_string($autoInvitationcode)."'"; + $sql = "SELECT user from $table_survey_invitation WHERE c_id = $course_id AND invitation_code = '".Database::escape_string($autoInvitationcode)."'"; $result = Database::query($sql); if (Database :: num_rows($result) == 0) { // Ok $sql = "INSERT INTO $table_survey_invitation (c_id, survey_code,user, invitation_code, invitation_date) "; - $sql .= " values ($course_id, \"$scode\", \"$userid\", \"$autoInvitationcode\", now())"; + $sql .= " VALUES ($course_id, \"$scode\", \"$userid\", \"$autoInvitationcode\", now())"; Database::query($sql); } // From here we use the new invitationcode auto-userid-surveycode string @@ -91,7 +95,7 @@ if ($invitationcode == 'auto' && isset($_GET['scode'])){ } // Now we check if the invitationcode is valid -$sql = "SELECT * FROM $table_survey_invitation WHERE invitation_code = '" . Database :: escape_string($invitationcode) . "'"; +$sql = "SELECT * FROM $table_survey_invitation WHERE c_id = $course_id AND invitation_code = '" . Database :: escape_string($invitationcode) . "'"; $result = Database::query($sql); // false = suppress errors if (Database::num_rows($result) < 1) { Display :: display_error_message(get_lang('WrongInvitationCode'), false); @@ -109,7 +113,7 @@ if ($survey_invitation['answered'] == 1 && !isset($_GET['user_id'])) { // Checking if there is another survey with this code. // If this is the case there will be a language choice -$sql = "SELECT * FROM $table_survey WHERE code='".Database::escape_string($survey_invitation['survey_code'])."'"; +$sql = "SELECT * FROM $table_survey WHERE c_id = $course_id AND code='".Database::escape_string($survey_invitation['survey_code'])."'"; $result = Database::query($sql); if (Database::num_rows($result) > 1) { @@ -129,7 +133,7 @@ if (Database::num_rows($result) > 1) { exit(); } } else { - $row=Database::fetch_array($result, 'ASSOC'); + $row = Database::fetch_array($result, 'ASSOC'); $survey_invitation['survey_id'] = $row['survey_id']; } @@ -141,12 +145,13 @@ $survey_data['survey_id'] = $survey_invitation['survey_id']; if (count($_POST) > 0) { if ($survey_data['survey_type'] === '0') { // Getting all the types of the question (because of the special treatment of the score question type - $sql = "SELECT * FROM $table_survey_question WHERE survey_id = '".Database::escape_string($survey_invitation['survey_id'])."'"; + $sql = "SELECT * FROM $table_survey_question WHERE c_id = $course_id AND survey_id = '".Database::escape_string($survey_invitation['survey_id'])."'"; $result = Database::query($sql); while ($row = Database::fetch_array($result, 'ASSOC')) { $types[$row['question_id']] = $row['type']; } + // Looping through all the post values foreach ($_POST as $key => & $value) { @@ -174,7 +179,7 @@ if (count($_POST) > 0) { // All the other question types (open question, multiple choice, percentage, ...) else { if ($types[$survey_question_id] == 'percentage') { - $sql = "SELECT * FROM $table_survey_question_option WHERE question_option_id='".Database::escape_string($value)."'"; + $sql = "SELECT * FROM $table_survey_question_option WHERE c_id = $course_id AND question_option_id='".Database::escape_string($value)."'"; $result = Database::query($sql); $row = Database::fetch_array($result, 'ASSOC'); $option_value = $row['option_text']; @@ -200,7 +205,7 @@ if (count($_POST) > 0) { $shuffle= ' ORDER BY RAND() '; } $sql = "SELECT * FROM $table_survey_question - WHERE survey_id = '".Database::escape_string($survey_invitation['survey_id'])."' + WHERE c_id = $course_id AND survey_id = '".Database::escape_string($survey_invitation['survey_id'])."' AND survey_group_pri='0' $shuffle"; $result = Database::query($sql); // There is only one question type for conditional surveys @@ -215,7 +220,7 @@ if (count($_POST) > 0) { // Finding the question id by removing 'question' $survey_question_id = str_replace('question', '', $key); // We select the correct answer and the puntuacion - $sql = "SELECT value FROM $table_survey_question_option WHERE question_option_id='".Database::escape_string($value)."'"; + $sql = "SELECT value FROM $table_survey_question_option WHERE c_id = $course_id AND question_option_id='".Database::escape_string($value)."'"; $result = Database::query($sql); $row = Database::fetch_array($result, 'ASSOC'); $option_value = $row['value']; @@ -271,8 +276,7 @@ if ($survey_data['form_fields']!='' && $survey_data['anonymous'] == 0 && is_arra } } - // We use the same form as in auth/profile.php - require_once api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php'; + // We use the same form as in auth/profile.php $form = new FormValidator('profile', 'post', api_get_self() . "?" . str_replace('&show_form=1', '&show_form=1', $_SERVER['QUERY_STRING']), null, array('style' => 'width: 75%; float: ' . ($text_dir == 'rtl' ? 'right;' : 'left;')) ); @@ -573,7 +577,7 @@ if (isset($_GET['show']) || isset($_POST['personality'])) { if ($survey_data['survey_type'] === '0') { if (empty($_SESSION['paged_questions'])) { $sql = "SELECT * FROM $table_survey_question - WHERE survey_id = '".Database::escape_string($survey_invitation['survey_id'])."' + WHERE c_id = $course_id AND survey_id = '".Database::escape_string($survey_invitation['survey_id'])."' ORDER BY sort ASC"; $result = Database::query($sql); while ($row = Database::fetch_array($result, 'ASSOC')) { @@ -602,10 +606,9 @@ if (isset($_GET['show']) || isset($_POST['personality'])) { survey_question_option.question_option_id, survey_question_option.option_text, survey_question_option.sort as option_sort FROM $table_survey_question survey_question LEFT JOIN $table_survey_question_option survey_question_option - ON survey_question.question_id = survey_question_option.question_id + ON survey_question.question_id = survey_question_option.question_id AND survey_question_option.c_id = $course_id WHERE survey_question.survey_id = '" . Database :: escape_string($survey_invitation['survey_id']) . "' - AND survey_question.question_id NOT IN (SELECT sa.question_id FROM ".$table_survey_answer." sa WHERE sa.user='".$my_user_id."') AND - survey_question_option.c_id = $course_id AND + AND survey_question.question_id NOT IN (SELECT sa.question_id FROM ".$table_survey_answer." sa WHERE sa.user='".$my_user_id."') AND survey_question.c_id = $course_id ORDER BY survey_question.sort, survey_question_option.sort ASC"; } else { @@ -613,11 +616,10 @@ if (isset($_GET['show']) || isset($_POST['personality'])) { survey_question.question_id, survey_question.survey_id, survey_question.survey_question, survey_question.display, survey_question.sort, survey_question.type, survey_question.max_value, survey_question_option.question_option_id, survey_question_option.option_text, survey_question_option.sort as option_sort FROM $table_survey_question survey_question - LEFT JOIN $table_survey_question_option survey_question_option - ON survey_question.question_id = survey_question_option.question_id + LEFT JOIN $table_survey_question_option survey_question_option + ON survey_question.question_id = survey_question_option.question_id AND survey_question_option.c_id = $course_id WHERE survey_question.survey_id = '".Database::escape_string($survey_invitation['survey_id'])."' AND - survey_question.question_id IN (".implode(',',$paged_questions[$_GET['show']]).") AND - survey_question_option.c_id = $course_id AND + survey_question.question_id IN (".implode(',',$paged_questions[$_GET['show']]).") AND survey_question.c_id = $course_id ORDER BY survey_question.sort, survey_question_option.sort ASC"; } @@ -666,8 +668,10 @@ if (isset($_GET['show']) || isset($_POST['personality'])) { $sql = "SELECT survey_group_pri, user, SUM(value) as value FROM $table_survey_answer as survey_answer INNER JOIN $table_survey_question as survey_question ON (survey_question.question_id = survey_answer.question_id) - WHERE survey_answer.survey_id='".$my_survey_id."' AND - survey_answer.user='".$current_user."' + WHERE survey_answer.survey_id='".$my_survey_id."' AND + survey_answer.user='".$current_user."' AND + survey_answer.c_id = $course_id AND + survey_question.c_id = $course_id AND GROUP BY survey_group_pri ORDER BY survey_group_pri "; @@ -684,12 +688,19 @@ if (isset($_GET['show']) || isset($_POST['personality'])) { // Get the total score for each group of questions $totals = array(); $sql = "SELECT SUM(temp.value) as value, temp.survey_group_pri FROM - (SELECT MAX(value) as value, survey_group_pri, survey_question.question_id + ( + SELECT MAX(value) as value, survey_group_pri, survey_question.question_id FROM $table_survey_question as survey_question INNER JOIN $table_survey_question_option as survey_question_option ON (survey_question.question_id = survey_question_option.question_id) - WHERE survey_question.survey_id='".$my_survey_id."' AND survey_group_sec1='0' AND survey_group_sec2='0' - GROUP BY survey_group_pri, survey_question.question_id) as temp + WHERE survey_question.survey_id='".$my_survey_id."' AND + survey_question.c_id = $course_id AND + survey_question_option.c_id = $course_id AND + survey_group_sec1='0' AND + survey_group_sec2='0' + GROUP BY survey_group_pri, survey_question.question_id + ) as temp + GROUP BY temp.survey_group_pri ORDER BY temp.survey_group_pri"; @@ -716,14 +727,7 @@ if (isset($_GET['show']) || isset($_POST['personality'])) { // Sort the results by score (getting a list of group IDs by score into $groups) arsort($final_results); - $groups=array_keys($final_results); - /* - echo '
';
-			echo 'Group id =>  %';
-			echo '
';
-			print_r($final_results);
-            echo '
'; - */ + $groups=array_keys($final_results); $result = array(); $count_result = 0; foreach ($final_results as $key => & $sub_result) { @@ -778,8 +782,6 @@ if (isset($_GET['show']) || isset($_POST['personality'])) { // We force the exit of the survey undeterminated $equal_count=10; } - //echo '
';
-			//print_r($result);
 
             // If we have only 3 or less equal scores (i.e. 0,1 or 2 equalities), then we can use the three first groups
 			if ($equal_count < 4) {
@@ -857,7 +859,7 @@ if (isset($_GET['show']) || isset($_POST['personality'])) {
 					if (empty($_SESSION['page_questions_sec']) && !is_array($_SESSION['page_questions_sec']) && count($_SESSION['page_questions_sec'] == 0)) {
 
     					$sql = "SELECT * FROM $table_survey_question
-    								 WHERE survey_id = '".$my_survey_id."'
+    								 WHERE c_id = $course_id AND survey_id = '".$my_survey_id."'
     							  	 AND ($secondary )
     								 ORDER BY sort ASC";
     					$result = Database::query($sql);
@@ -898,9 +900,10 @@ if (isset($_GET['show']) || isset($_POST['personality'])) {
 								survey_question_option.question_option_id, survey_question_option.option_text, survey_question_option.sort as option_sort
 								FROM $table_survey_question survey_question
 								LEFT JOIN $table_survey_question_option survey_question_option
-								ON survey_question.question_id = survey_question_option.question_id
-								WHERE survey_question.survey_id = '".$my_survey_id."'
-								AND survey_question.question_id IN (".implode(',',$paged_questions_sec[$val]).")
+								ON survey_question.question_id = survey_question_option.question_id AND survey_question_option.c_id = $course_id 
+								WHERE   survey_question.survey_id = '".$my_survey_id."' AND
+								        survey_question.c_id = $course_id AND 
+								        survey_question.question_id IN (".implode(',',$paged_questions_sec[$val]).")
 								ORDER  $shuffle ";
 
 						$result = Database::query($sql);
@@ -952,7 +955,7 @@ if (isset($_GET['show']) || isset($_POST['personality'])) {
 
             if (empty($_SESSION['paged_questions'])) {
     			$sql = "SELECT * FROM $table_survey_question
-    						 WHERE survey_id = '".Database::escape_string($survey_invitation['survey_id'])."'
+    						 WHERE c_id = $course_id AND survey_id = '".Database::escape_string($survey_invitation['survey_id'])."'
     					  	 AND survey_group_sec1='0' AND survey_group_sec2='0'
     						 ORDER ".$order_sql." ";
     			//echo '
'; echo '
';
@@ -1001,9 +1004,10 @@ if (isset($_GET['show']) || isset($_POST['personality'])) {
 							survey_question_option.question_option_id, survey_question_option.option_text, survey_question_option.sort as option_sort
 							FROM $table_survey_question survey_question
 							LEFT JOIN $table_survey_question_option survey_question_option
-							ON survey_question.question_id = survey_question_option.question_id
-							WHERE survey_question.survey_id = '" . Database :: escape_string($survey_invitation['survey_id']) . "'
-							AND survey_question.question_id IN (" .$imploded. ")
+							ON survey_question.question_id = survey_question_option.question_id AND survey_question_option.c_id = $course_id 
+							WHERE    survey_question.survey_id = '" . Database :: escape_string($survey_invitation['survey_id']) . "' AND
+							         survey_question.c_id = $course_id  AND
+							         survey_question.question_id IN (" .$imploded. ")
 							ORDER $order_sql ";
 					$result = Database::query($sql);
 					$question_counter_max = Database :: num_rows($result);
@@ -1042,7 +1046,7 @@ if (isset($_GET['show']) || isset($_POST['personality'])) {
 }
 
 // Selecting the maximum number of pages
-$sql = "SELECT * FROM $table_survey_question WHERE type='".Database::escape_string('pagebreak')."' AND survey_id='".Database::escape_string($survey_invitation['survey_id'])."'";
+$sql = "SELECT * FROM $table_survey_question WHERE c_id = $course_id AND type='".Database::escape_string('pagebreak')."' AND survey_id='".Database::escape_string($survey_invitation['survey_id'])."'";
 $result = Database::query($sql);
 $numberofpages = Database::num_rows($result) + 1;
 
@@ -1208,4 +1212,4 @@ function check_time_availability($surv_data) {
         Display :: display_footer();
         exit;
     }
-}
+}
\ No newline at end of file
diff --git a/main/survey/preview.php b/main/survey/preview.php
index 4540824334..09bd74dc5c 100644
--- a/main/survey/preview.php
+++ b/main/survey/preview.php
@@ -27,6 +27,8 @@ $table_survey_question_option 	= Database :: get_course_table(TABLE_SURVEY_QUEST
 $table_course 					= Database :: get_main_table(TABLE_MAIN_COURSE);
 $table_user 					= Database :: get_main_table(TABLE_MAIN_USER);
 
+$course_id = api_get_course_int_id();
+
 // We exit here if ther is no valid $_GET parameter
 if (!isset($_GET['survey_id']) || !is_numeric($_GET['survey_id'])){
 	Display :: display_header(get_lang('SurveyPreview'));
@@ -94,8 +96,8 @@ if (api_is_course_admin() || (api_is_course_admin() && $_GET['isStudentView'] ==
 		$questions_displayed = array();
 		$paged_questions = array();
 		$counter = 0;
-		$sql = "SELECT * FROM $table_survey_question
-			WHERE survey_id = '".Database::escape_string($survey_id)."'
+		$sql = "SELECT * FROM $table_survey_question 
+		        WHERE c_id = $course_id AND survey_id = '".Database::escape_string($survey_id)."'
 				ORDER BY sort ASC";
 		$result = Database::query($sql);
 
@@ -107,16 +109,13 @@ if (api_is_course_admin() || (api_is_course_admin() && $_GET['isStudentView'] ==
 			}
 		}
 		
-		$course_id = api_get_course_int_id();
-		
 		if (array_key_exists($_GET['show'], $paged_questions)) {
 			$sql = "SELECT survey_question.question_id, survey_question.survey_id, survey_question.survey_question, survey_question.display, survey_question.sort, survey_question.type, survey_question.max_value,
 							survey_question_option.question_option_id, survey_question_option.option_text, survey_question_option.sort as option_sort
 					FROM $table_survey_question survey_question LEFT JOIN $table_survey_question_option survey_question_option
-					ON survey_question.question_id = survey_question_option.question_id
+					ON survey_question.question_id = survey_question_option.question_id AND survey_question_option.c_id = $course_id 
 					WHERE 	survey_question.survey_id = '".Database::escape_string($survey_id)."' AND 
-							survey_question.question_id IN (".Database::escape_string(implode(',',$paged_questions[$_GET['show']])).") AND
-							survey_question_option.c_id = $course_id AND
+							survey_question.question_id IN (".Database::escape_string(implode(',',$paged_questions[$_GET['show']])).") AND							
 							survey_question.c_id =  $course_id 
 					ORDER BY survey_question.sort, survey_question_option.sort ASC";
 
@@ -143,7 +142,7 @@ if (api_is_course_admin() || (api_is_course_admin() && $_GET['isStudentView'] ==
 		}
 	}
 	// Selecting the maximum number of pages
-	$sql = "SELECT * FROM $table_survey_question WHERE type='".Database::escape_string('pagebreak')."' AND survey_id='".Database::escape_string($survey_id)."'";
+	$sql = "SELECT * FROM $table_survey_question WHERE c_id = $course_id AND type='".Database::escape_string('pagebreak')."' AND survey_id='".Database::escape_string($survey_id)."'";
 	$result = Database::query($sql);
 	$numberofpages = Database::num_rows($result) + 1;
 	// Displaying the form with the questions
diff --git a/main/survey/question.php b/main/survey/question.php
old mode 100755
new mode 100644
index 95b782edfe..64e5f5c7da
--- a/main/survey/question.php
+++ b/main/survey/question.php
@@ -12,10 +12,9 @@
 $language_file = 'survey';
 
 // Including the global initialization file
-require '../inc/global.inc.php';
+require_once '../inc/global.inc.php';
 
 // Including additional libraries
-//require_once api_get_path(LIBRARY_PATH).'survey.lib.php';
 require_once 'survey.lib.php';
 
 $htmlHeadXtra[] = '';
 
 $extra .= '
';
-    $extra .= Display::tag('p', Display::input('radio', 'export_format', 'csv', array('checked'=>'1', 'id'=>'export_format_csv_label')). Display::tag('label', get_lang('ExportAsCSV'), array('for'=>'export_format_csv_label')));
-    $extra .= Display::tag('p', Display::input('radio', 'export_format', 'xls', array('id'=>'export_format_xls_label')). Display::tag('label', get_lang('ExportAsXLS'), array('for'=>'export_format_xls_label')));   
-    $extra .= Display::tag('p', Display::input('checkbox', 'load_extra_data',  '0',array('id'=>'load_extra_data_id')). Display::tag('label', get_lang('LoadExtraData'), array('for'=>'load_extra_data_id')));
+$extra .= Display::tag('p', Display::input('radio', 'export_format', 'csv', array('checked'=>'1', 'id'=>'export_format_csv_label')). Display::tag('label', get_lang('ExportAsCSV'), array('for'=>'export_format_csv_label')));
+$extra .= Display::tag('p', Display::input('radio', 'export_format', 'xls', array('id'=>'export_format_xls_label')). Display::tag('label', get_lang('ExportAsXLS'), array('for'=>'export_format_xls_label')));   
+$extra .= Display::tag('p', Display::input('checkbox', 'load_extra_data',  '0',array('id'=>'load_extra_data_id')). Display::tag('label', get_lang('LoadExtraData'), array('for'=>'load_extra_data_id')));
 $extra .= '
';
 if ($is_allowedToEdit) 
     echo $extra;
diff --git a/main/exercice/live_stats.php b/main/exercice/live_stats.php
index 48074d1051..9287be591c 100644
--- a/main/exercice/live_stats.php
+++ b/main/exercice/live_stats.php
@@ -10,6 +10,13 @@ require_once 'exercise.lib.php';
 $this_section = SECTION_COURSES;
 $exercise_id = (isset($_GET['exerciseId']) && !empty($_GET['exerciseId'])) ? intval($_GET['exerciseId']) : 0;
 
+// Access control
+api_protect_course_script(true);
+
+if (!api_is_allowed_to_edit()) {
+    api_not_allowed();
+}
+
 $objExercise = new Exercise();
 $result = $objExercise->read($exercise_id);
 
@@ -29,20 +36,19 @@ Display::display_header($tool_name);
 
 //jqgrid will use this URL to do the selects
 
-$minutes = 60;
-
-$url = api_get_path(WEB_AJAX_PATH).'exercise.ajax.php?a=get_live_stats&exercise_id='.$objExercise->id.'&minutes='.$minutes;
+$minutes = 30;
+$url     = api_get_path(WEB_AJAX_PATH).'exercise.ajax.php?a=get_live_stats&exercise_id='.$objExercise->id.'&minutes='.$minutes;
 
 //The order is important you need to check the the $column variable in the model.ajax.php file 
-$columns        = array(get_lang('Firstname'), get_lang('Lastname'), get_lang('Date'), get_lang('QuestionsAlreadyAnswered'), get_lang('Score'));
+$columns        = array(get_lang('FirstName'), get_lang('LastName'), get_lang('Date'), get_lang('QuestionsAlreadyAnswered'), get_lang('Score'));
 
 //Column config
 $column_model   = array(
-                        array('name'=>'firstname',  'index'=>'firstname',   'width'=>'100', 'align'=>'left'),
-                        array('name'=>'lastname',   'index'=>'lastname',    'width'=>'100', 'align'=>'left'),
-                        array('name'=>'start_date', 'index'=>'start_date',   'width'=>'100', 'align'=>'left'),
-                        array('name'=>'question',   'index'=>'count_questions',    'width'=>'100', 'align'=>'left'),
-                        array('name'=>'score',      'index'=>'score',       'width'=>'100', 'align'=>'left','sortable'=>'false'),
+                        array('name'=>'firstname',  'index'=>'firstname',       'width'=>'100', 'align'=>'left'),
+                        array('name'=>'lastname',   'index'=>'lastname',        'width'=>'100', 'align'=>'left'),
+                        array('name'=>'start_date', 'index'=>'start_date',      'width'=>'100', 'align'=>'left'),
+                        array('name'=>'question',   'index'=>'count_questions', 'width'=>'100', 'align'=>'left'),
+                        array('name'=>'score',      'index'=>'score',           'width'=>'100', 'align'=>'left','sortable'=>'false'),
                        );            
 //Autowidth             
 $extra_params['autowidth'] = 'true';
@@ -59,16 +65,30 @@ $action_links = 'function action_formatter(cellvalue, options, rowObject) {
   */                      
 ?>
 
 ' . Display :: return_icon('back.png', get_lang('GoBackToQuestionList'),'','32').'';
+echo $actions = Display::div($actions, array('class'=> 'actions'));
+
 echo '
'.$objExercise->name.'
';
 
+echo Display::tag('h4', get_lang('StudentsWhoAreTakingTheExerciseRightNow'));
+
 echo Display::grid_html('live_stats');  
 
 Display::display_footer();
\ No newline at end of file
diff --git a/main/exercice/overview.php b/main/exercice/overview.php
index 52b3541c24..26a8afa87e 100644
--- a/main/exercice/overview.php
+++ b/main/exercice/overview.php
@@ -114,9 +114,9 @@ if (!empty($attempts)) {
 		$counter--;
 		$score = show_score($attempt_result['exe_result'], $attempt_result['exe_weighting']);
 		$attempt_url 	= api_get_path(WEB_CODE_PATH).'exercice/result.php?'.api_get_cidreq().'&id='.$attempt_result['exe_id'].'&id_session='.api_get_session_id().'&height=500&width=750';
-		$attempt_link 	= Display::url(get_lang('Show'), $attempt_url, array('class'=>'thickbox'));
+		$attempt_link 	= Display::url(get_lang('Show'), $attempt_url, array('class'=>'thickbox a_button white small'));
 		
-		$teacher_revised = Display::span(get_lang('Validated'), array('class'=>'label_tag notice'));
+		$teacher_revised = Display::span(get_lang('Validated'), array('class'=>'label_tag success'));
 			//$attempt_link = get_lang('NoResult');
 			//$attempt_link = Display::return_icon('quiz_na.png', get_lang('NoResult'), array(), 22);
 		if ($attempt_result['attempt_revised'] == 0) {
diff --git a/main/img/icons/32/activity_monitor.png b/main/img/icons/32/activity_monitor.png
new file mode 100644
index 0000000000000000000000000000000000000000..539879b3b0ab299ebe534cabeb0b568f6952fc1b
GIT binary patch
literal 1360
zcmV-W1+V&vP)r?6?D1~tN1{~jp9yR
ziHg%k@UbfuMWnuM>$KH@X-U(hNhX=(p5x-Xxw)CibQBaf9!UQAKF+=8od5rv@7}=w
z_8*(Xevbp2fz$vW3qOPQyJidSXMh_JvkFWDN8+2?rlzLeZ?#%#|FV_K<+*2`e&#t~
zeZ;_~O&jh!a^&}SE0qeJb_WUbR=^>c`Qj1+DuSqmlo(DNhJ{=hiXkGH`a1+>I6zG>
zRfdN0oT^mH8^^|O2KFTZuDt4+Edb?mnO(bfQ7je*F!wjDD~JJN7{bJjH!?Xn$=HSs
zqrlk!Nnff7Kt7+RSS(_hG^_JN1cf|_YW*L>y~VvuPCnO{rvngYo2L4#O~u7$9PxyJ=>AqyQ}pEs2dwE&yO|
z>lR#V9?X{Q0he3hV@SUQeJ7R1vWr(7$Hs-5BA?bdYyNT%Xk#v9If`LD2D&?eV&Nhv
zfe^avOrK_}2fPn@GKKgo%QZjaXW
zD=sE?;8)T!$I;e^`50LpbCvUrf
z6L;Ulho?saV7u=
zk5)zth!bShN}O|jm^<*R_ZiA9dk|%^86Va9C2;Y;8uU8EPF5mR)q$A$<2b3=64V;Y
z9z@M%)5lmahRMEkV%gcqFapS`mELmzW)B`EbMP4CbF=|>h9fzV&-t~r7c(Fs37w$h
zgJV#x`ix7b&_D-b_Pc|ud;Tq`HAsaIt)&Wz@){@6(X5nq%lOiWDhaj{5aejZn;
zpv#~gp6-=13zA5nGc&k!dJ*0{F+rda1HFUj&~LvT2gqhKJpAw@Jo@M(hzOV(;Lyzx1-p&vzQQZlxxmDkSJu*nQts#hi=y5fczZ#1toj;UEA>
z;QS@dM5p#leG41{_QewbSOu($=_3m;{?Er2VE3V>;qQh1F6OVm3{c~L1O5aWyW2w2
SQ2i+Y0000
Date: Thu, 22 Dec 2011 18:00:44 +0100
Subject: [PATCH 33/49] Changing default values (should be updated by the user
 in a form) see #4100

---
 main/exercice/live_stats.php | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/main/exercice/live_stats.php b/main/exercice/live_stats.php
index 9287be591c..5b9301f183 100644
--- a/main/exercice/live_stats.php
+++ b/main/exercice/live_stats.php
@@ -36,7 +36,7 @@ Display::display_header($tool_name);
 
 //jqgrid will use this URL to do the selects
 
-$minutes = 30;
+$minutes = 60;
 $url     = api_get_path(WEB_AJAX_PATH).'exercise.ajax.php?a=get_live_stats&exercise_id='.$objExercise->id.'&minutes='.$minutes;
 
 //The order is important you need to check the the $column variable in the model.ajax.php file 
@@ -69,15 +69,14 @@ $action_links = 'function action_formatter(cellvalue, options, rowObject) {
 function refreshGrid() {
     var grid = $("#live_stats");
     grid.trigger("reloadGrid");
-    t = setTimeout("refreshGrid()", 5000);
+    t = setTimeout("refreshGrid()", 10000);
 }
 
 $(function() {
     
-    refreshGrid(); 
- 
+    refreshGrid();
 });
 
 
Date: Thu, 22 Dec 2011 19:08:46 +0100
Subject: [PATCH 34/49] Minor - Fixing work/user lists + changing exercise
 category lang variable

---
 main/exercice/tests_category.php |  3 ++-
 main/user/user.php               | 12 ++++++++----
 main/work/work.lib.php           |  2 +-
 3 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/main/exercice/tests_category.php b/main/exercice/tests_category.php
index aae82967c8..e8c6a54c5b 100644
--- a/main/exercice/tests_category.php
+++ b/main/exercice/tests_category.php
@@ -222,7 +222,8 @@ function display_categories() {
 		$tmpobj = new Testcategory($row['id']);
 		$nb_question = $tmpobj->getCategoryQuestionsNumber();
 		echo '
';
-		echo "".$nb_question.' '.get_lang('NbCategory')."";
+        $nb_question_label = $nb_question == 1 ? $nb_question.' '.get_lang('Question') : $nb_question.' '.get_lang('Questions'); 
+		echo "".$nb_question_label."";
 		echo $row['title'];
 		echo '
';
 		echo '
';
diff --git a/main/user/user.php b/main/user/user.php
index eb0b6a4a47..05b6c7d6e6 100644
--- a/main/user/user.php
+++ b/main/user/user.php
@@ -536,7 +536,7 @@ function get_user_data($from, $number_of_items, $column, $direction) {
 
 			$groups_name = GroupManager :: get_user_group_name($user_id);
 			$temp = array();
-			if (api_is_allowed_to_edit(null, true)) {				
+			if (api_is_allowed_to_edit(null, true)) {
 				if (api_get_setting('allow_user_course_subscription_by_course_admin') == 'true') {
                 	$temp[] = $user_id;
                 }
@@ -558,7 +558,7 @@ function get_user_data($from, $number_of_items, $column, $direction) {
 					$temp[] = $o_course_user['firstname'];
 				}
 
-                $temp[] = $o_course_user['username'];   // 
+                $temp[] = $o_course_user['username'];
 				$temp[] = isset($o_course_user['role']) ? $o_course_user['role'] : null;
 				$temp[] = implode(', ', $groups_name); //Group
 				
@@ -571,6 +571,7 @@ function get_user_data($from, $number_of_items, $column, $direction) {
 				} else {
 					$temp[] = '-';
 				}
+
 				$temp[] = $o_course_user['active'];
 				$temp[] = $user_id;
 			} else {
@@ -582,7 +583,9 @@ function get_user_data($from, $number_of_items, $column, $direction) {
 				} else {
 					$photo= '
'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'
';
 				}
+                
 				$temp[] = $photo;
+                $temp[] = $o_course_user['official_code'];
 
 				if ($is_western_name_order) {
 					$temp[] = $o_course_user['firstname'];
@@ -590,10 +593,11 @@ function get_user_data($from, $number_of_items, $column, $direction) {
 				} else {
 					$temp[] = $o_course_user['lastname'];
 					$temp[] = $o_course_user['firstname'];
-				}
+				}				
+				$temp[] = $o_course_user['username'];
 				$temp[] = $o_course_user['role'];
 				$temp[] = implode(', ', $groups_name);//Group
-				$temp[] = $o_course_user['official_code'];				
+				//$temp[] = $o_course_user['official_code'];				
 			}
 			$a_users[$user_id] = $temp;
 		}
diff --git a/main/work/work.lib.php b/main/work/work.lib.php
index 2a3f486abc..9a906649b8 100644
--- a/main/work/work.lib.php
+++ b/main/work/work.lib.php
@@ -444,7 +444,7 @@ function display_student_publications_list($id, $link_target_parameter, $dateFor
 		}
 	}
 	
-	$table_header[] = array(get_lang('Date'), true, 'style="width:180px"');
+	$table_header[] = array(get_lang('Date'), true, 'style="width:200px"');
 
 	if ($is_allowed_to_edit) {
 		$table_header[] = array(get_lang('Actions'), false, 'style="width:90px"');

From 59682e41acb17aa2767332602dfb308be5f462ec Mon Sep 17 00:00:00 2001
From: Julio Montoya 
Date: Fri, 23 Dec 2011 11:17:08 +0100
Subject: [PATCH 35/49] Setting session_category_id = 0 when deleting session
 categories see BT#3389

---
 main/inc/lib/sessionmanager.lib.php | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/main/inc/lib/sessionmanager.lib.php b/main/inc/lib/sessionmanager.lib.php
index 859b10a743..18b03767ce 100644
--- a/main/inc/lib/sessionmanager.lib.php
+++ b/main/inc/lib/sessionmanager.lib.php
@@ -1120,11 +1120,16 @@ class SessionManager {
 	public static function delete_session_category($id_checked, $delete_session = false,$from_ws = false){
 		$tbl_session_category = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY);
 		$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
-		if(is_array($id_checked)) {
-			$id_checked=Database::escape_string(implode(',',$id_checked));
+		if (is_array($id_checked)) {
+			$id_checked = Database::escape_string(implode(',',$id_checked));
 		} else {
-			$id_checked=intval($id_checked);
+			$id_checked = intval($id_checked);
 		}
+		
+		//Setting session_category_id to 0
+		$sql = "UPDATE $tbl_session SET session_category_id = 0 WHERE session_category_id IN (".$id_checked.")";
+        $result = Database::query($sql);
+        
 		$sql = "SELECT id FROM $tbl_session WHERE session_category_id IN (".$id_checked.")";
 		$result = @Database::query($sql);
 		while ($rows = Database::fetch_array($result)) {
@@ -1143,6 +1148,7 @@ class SessionManager {
 
 		// Add event to system log		
 		$user_id = api_get_user_id();
+        
 		event_system(LOG_SESSION_CATEGORY_DELETE, LOG_SESSION_CATEGORY_ID, $id_checked, api_get_utc_datetime(), $user_id);
 
 

From 8811a617aee6fc8ce7a03303d811ddddaf99cb4e Mon Sep 17 00:00:00 2001
From: Julio Montoya 
Date: Fri, 23 Dec 2011 15:19:34 +0100
Subject: [PATCH 36/49] Some fixes in the calendar layout + minor code style
 fixes in the session category list

---
 main/admin/session_category_list.php   |   9 +-
 main/calendar/agenda.lib.php           | 122 +++++++++++++++++--------
 main/css/base.css                      |   7 ++
 main/inc/ajax/agenda.ajax.php          |   5 +
 main/template/default/agenda/month.tpl |  36 ++++++--
 5 files changed, 131 insertions(+), 48 deletions(-)
 mode change 100755 => 100644 main/admin/session_category_list.php

diff --git a/main/admin/session_category_list.php b/main/admin/session_category_list.php
old mode 100755
new mode 100644
index b5af86add8..a87a48b535
--- a/main/admin/session_category_list.php
+++ b/main/admin/session_category_list.php
@@ -5,12 +5,11 @@ $language_file='admin';
 $cidReset=true;
 
 require_once  '../inc/global.inc.php';
-require_once api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php';
-require_once api_get_path(LIBRARY_PATH).'sessionmanager.lib.php';
 
 api_protect_admin_script(true);
+
 // setting the section (for the tabs)
-$this_section=SECTION_PLATFORM_ADMIN;
+$this_section = SECTION_PLATFORM_ADMIN;
 $htmlHeadXtra[] = '';
 
-$tbl_session_category = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY);
-$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
+$tbl_session_category   = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY);
+$tbl_session            = Database::get_main_table(TABLE_MAIN_SESSION);
 
 $page=intval($_GET['page']);
 $action= Security::remove_XSS($_REQUEST['action']);
diff --git a/main/calendar/agenda.lib.php b/main/calendar/agenda.lib.php
index 2e359ef254..87b3c6d8cb 100644
--- a/main/calendar/agenda.lib.php
+++ b/main/calendar/agenda.lib.php
@@ -57,7 +57,7 @@ class Agenda {
 				$attributes['title'] 	= $title;
 				$attributes['text'] 	= $content;
 				$attributes['date'] 	= $start;
-				$attributes['enddate'] 	= $end;
+				$attributes['enddate'] 	= $end;                
 				$attributes['all_day'] 	= $all_day;
 				$id = Database::insert($this->tbl_personal_agenda, $attributes);
 				break;
@@ -67,7 +67,7 @@ class Agenda {
 				$attributes['content'] 		= $content;
 				$attributes['start_date'] 	= $start;
 				$attributes['end_date'] 	= $end;
-				$attributes['all_day'] 		= $all_day;
+				$attributes['all_day'] 		= $all_day;                
 				$attributes['session_id'] 	= api_get_session_id();
 				$attributes['c_id'] 		= $this->course['real_id'];
 				
@@ -103,8 +103,7 @@ class Agenda {
                     if (isset($add_as_announcement) && !empty($add_as_announcement)) {
                       self::store_agenda_item_as_announcement($id);
                     }  
-                }                              
-                              
+                }             
 			
 				break;
 			case 'admin':				
@@ -264,12 +263,18 @@ class Agenda {
 				break;
 			case 'personal':
 			default:
+                //Getting personal events
 				$this->get_personal_events($start, $end);
+                
+                //Getting platform/admin events
 				$this->get_platform_events($start, $end);
+                
+                //Getting course events
 				$my_course_list = array();
+                
 				if (!api_is_anonymous()) {
 					$my_course_list = CourseManager::get_courses_list_by_user_id(api_get_user_id(), true);
-				}				
+				}
 				if (!empty($my_course_list)) {
 					foreach($my_course_list as $course_info_item) {
 						if (isset($course_id) && !empty($course_id)) {
@@ -364,6 +369,7 @@ class Agenda {
 		$start  = api_get_utc_datetime($start);	
 		$end  	= api_get_utc_datetime($end);
 		$user_id = api_get_user_id();
+        
 		$sql 	= "SELECT * FROM ".$this->tbl_personal_agenda."
 				   WHERE date >= '".$start."' AND (enddate <='".$end."' OR enddate IS NULL) AND user = $user_id";
 		
@@ -376,6 +382,9 @@ class Agenda {
 				$event['className'] 	= 'personal';
 				$event['borderColor'] 	= $event['backgroundColor'] = $this->event_personal_color;
 				$event['editable'] 		= true;
+                
+                $event['sent_to']       = get_lang('Me');
+                $event['type']          = 'personal';
 				
 				if (!empty($row['date']) && $row['date'] != '0000-00-00 00:00:00') {
 					$event['start'] = $this->format_event_date($row['date']);
@@ -384,7 +393,7 @@ class Agenda {
 				if (!empty($row['enddate']) && $row['enddate'] != '0000-00-00 00:00:00') {
 					$event['end'] = $this->format_event_date($row['enddate']);				
 				}
-				$event['description'] = $row['text']; 
+				$event['description'] = $row['text'];
 				$event['allDay'] = isset($row['all_day']) && $row['all_day'] == 1 ? $row['all_day'] : 0;
 				$my_events[] = $event;
 				$this->events[]= $event;
@@ -397,7 +406,21 @@ class Agenda {
         
 		$course_id = $course_info['real_id'];
         
-		$group_memberships 	= GroupManager::get_group_ids($course_id, api_get_user_id());	
+        $group_list = GroupManager::get_group_list(null, $course_info['code']);        
+        $group_name_list = array();
+        
+        if (!empty($group_list)) {
+            foreach($group_list as $group) {
+                $group_name_list[$group['id']]= $group['name'];
+            }
+        }
+        
+        if (!api_is_allowed_to_edit()) {
+            $group_memberships 	= GroupManager::get_group_ids($course_id, api_get_user_id());
+        } else {
+            $group_memberships = array_keys($group_name_list);            
+        }
+        
 		$tlb_course_agenda	= Database::get_course_table(TABLE_AGENDA);
 		$tbl_property 		= Database::get_course_table(TABLE_ITEM_PROPERTY);
 	
@@ -408,36 +431,38 @@ class Agenda {
         }
 	
 		if (is_array($group_memberships) && count($group_memberships) >0 ) {
-			$sql = "SELECT DISTINCT agenda.*, ip.visibility, ip.to_group_id, ip.insert_user_id, ip.ref
-					FROM ".$tlb_course_agenda." agenda, ".$tbl_property." ip
-	                WHERE 	agenda.id 		= ip.ref  AND 
-	                		ip.tool			='".TOOL_CALENDAR_EVENT."' AND 
-	                		( ip.to_user_id=$user_id OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).") ) AND 
-	                		ip.visibility	= '1' AND
-	                		agenda.c_id     = $course_id AND
-	                		ip.c_id         = $course_id";
+		    if (api_is_allowed_to_edit()) {
+		        $where_condition = "( ip.to_group_id is null OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).") ) ";
+            } else {
+                $where_condition = "( ip.to_user_id = $user_id OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).") ) ";
+            }
+            
+            $sql = "SELECT DISTINCT agenda.*, ip.visibility, ip.to_group_id, ip.insert_user_id, ip.ref
+                    FROM ".$tlb_course_agenda." agenda, ".$tbl_property." ip
+                    WHERE   agenda.id       = ip.ref  AND 
+                            ip.tool         ='".TOOL_CALENDAR_EVENT."' AND 
+                            $where_condition  AND
+                            ip.visibility   = '1' AND
+                            agenda.c_id     = $course_id AND
+                            ip.c_id         = $course_id";
+                            
+		    
+			
 		} else {
-			if (api_is_allowed_to_edit()) {
-    	         $sql="SELECT DISTINCT agenda.*, ip.visibility, ip.to_group_id, ip.insert_user_id, ip.ref
-                                FROM ".$tlb_course_agenda." agenda, ".$tbl_property." ip
-                                WHERE agenda.id = ip.ref
-                                AND ip.tool='".TOOL_CALENDAR_EVENT."'                                
-                                AND ip.visibility='1' AND 
-                                agenda.c_id = $course_id AND
-                                ip.c_id = $course_id
-                                ";				
-			} else {
-		        $sql="SELECT DISTINCT agenda.*, ip.visibility, ip.to_group_id, ip.insert_user_id, ip.ref
-                        FROM ".$tlb_course_agenda." agenda, ".$tbl_property." ip
-                        WHERE agenda.id = ip.ref 
-                            AND ip.tool='".TOOL_CALENDAR_EVENT."'
-                            AND ( ip.to_user_id=$user_id OR ip.to_group_id='0')
-                            AND ip.visibility='1' AND 
-                            agenda.c_id = $course_id AND
-                            ip.c_id = $course_id ";
-			    
-		
-			}
+		    if (api_is_allowed_to_edit()) {
+		        $where_condition = "";                
+            } else {
+                $where_condition = "( ip.to_user_id=$user_id OR ip.to_group_id='0')";
+            }         
+            $sql="SELECT DISTINCT agenda.*, ip.visibility, ip.to_group_id, ip.insert_user_id, ip.ref
+                    FROM ".$tlb_course_agenda." agenda, ".$tbl_property." ip
+                    WHERE agenda.id = ip.ref AND
+                    ip.tool='".TOOL_CALENDAR_EVENT."' AND
+                    $where_condition AND                                 
+                    ip.visibility='1' AND 
+                    agenda.c_id = $course_id AND
+                    ip.c_id = $course_id";  
+			
 		}
 		
 		$result = Database::query($sql);
@@ -467,6 +492,7 @@ class Agenda {
 				}
 				
 				$event['editable'] 		= false;
+				
 				if (api_is_allowed_to_edit() && $this->type == 'course') {
 					$event['editable'] 		= true;
 				}	
@@ -477,6 +503,28 @@ class Agenda {
 				if (!empty($row['end_date']) && $row['end_date'] != '0000-00-00 00:00:00') {
 					$event['end'] = $this->format_event_date($row['end_date']);
 				}	
+                
+                $event['sent_to'] = '';
+                $event['type']    = $this->type;
+                
+                
+                //Event Sent to a group?
+                if (isset($row['to_group_id']) && !empty($row['to_group_id'])) {                    
+                    $event['sent_to'] = $group_name_list[$row['to_group_id']];
+                    $event['type']    = 'group';    
+                }
+
+                //Event sent to a user?
+                if (isset($row['to_user_id'])) {
+                    $event['sent_to'] = $row['to_user_id'];
+                }
+                
+                //Event sent to everyone!
+                if (empty($event['sent_to'])) {
+                    $event['sent_to'] = get_lang('Everyone');
+                }
+                
+                
 				$event['description'] = $row['content'];
 				
 				$event['allDay'] = isset($row['all_day']) && $row['all_day'] == 1 ? $row['all_day'] : 0;					
@@ -512,6 +560,8 @@ class Agenda {
 				$event['allDay'] 	  	= 'false';
 				$event['borderColor'] 	= $event['backgroundColor'] = $this->event_platform_color;
 				$event['editable'] 		= false;
+                
+                $event['type']          = 'admin';
 				
 				if (api_is_platform_admin() && $this->type == 'admin') {
 					$event['editable'] 		= true;
diff --git a/main/css/base.css b/main/css/base.css
index 642ddd1328..300d336f79 100644
--- a/main/css/base.css
+++ b/main/css/base.css
@@ -3790,10 +3790,17 @@ form div.error input, form div.error textarea {
 .label_tag.admin_event { 
      background:red;
 }
+
 .label_tag.course_event { 
      background:#458B00;
 }
 
+.label_tag.group_event { 
+     background:#A0522D;
+}
+
+
+
 
 .label_tag.important {
     background-color: #c43c35;
diff --git a/main/inc/ajax/agenda.ajax.php b/main/inc/ajax/agenda.ajax.php
index acca4f6662..a75bc2a427 100644
--- a/main/inc/ajax/agenda.ajax.php
+++ b/main/inc/ajax/agenda.ajax.php
@@ -13,6 +13,11 @@ require_once api_get_path(SYS_CODE_PATH).'calendar/agenda.lib.php';
 $action = isset($_REQUEST['a']) ? $_REQUEST['a'] : null;
 $type   = isset($_REQUEST['type']) && in_array($_REQUEST['type'], array('personal', 'course', 'admin')) ? $_REQUEST['type'] : 'personal';
 
+if ($type =='course') {
+    // Access control
+    api_protect_course_script(true);
+}
+
 $agenda = new Agenda();
 
 $agenda->type = $type; //course,admin or personal
diff --git a/main/template/default/agenda/month.tpl b/main/template/default/agenda/month.tpl
index 9bfe4722e4..4ff9ac5398 100644
--- a/main/template/default/agenda/month.tpl
+++ b/main/template/default/agenda/month.tpl
@@ -82,6 +82,7 @@ $(document).ready(function() {
 		dayNamesShort: 	{$day_names_short},		
 		selectable	: true,
 		selectHelper: true,
+		//add event
 		select: function(start, end, allDay, jsEvent, view) {
 			/* When selecting one day or several days */
 			
@@ -89,7 +90,9 @@ $(document).ready(function() {
 			var end_date 	= Math.round(end.getTime() / 1000);
 			
 			$('#visible_to_input').show();
-			$('#add_as_announcement_div').show();		
+			$('#add_as_announcement_div').show();
+			
+			$('#visible_to_read_only').hide();
 			
 			//Cleans the selected attr 	
 		    clean_user_select();
@@ -116,7 +119,8 @@ $(document).ready(function() {
 					$('#end_date').html(' - ' + end.toDateString());					
 				}
 				$('#color_calendar').html('{$type_label}');
-				$('#color_calendar').addClass('label_tag');
+				$('#color_calendar').removeClass('group_event');
+				$('#color_calendar').addClass('label_tag');				
 				$('#color_calendar').addClass('{$type}_event');
 				
 				allFields.removeClass( "ui-state-error" );		
@@ -160,7 +164,7 @@ $(document).ready(function() {
 	        
 	    },
 		eventClick: function(calEvent, jsEvent, view) {
-			
+			//edit event
 			if (calEvent.editable) {									
 				var start_date 	= Math.round(calEvent.start.getTime() / 1000);
 				if (calEvent.allDay == 1) {				
@@ -170,12 +174,19 @@ $(document).ready(function() {
 				}
 				
 				$('#visible_to_input').hide();
+				$('#visible_to_read_only').show();				
 				$('#add_as_announcement_div').hide();
 				
+				$("#visible_to_read_only_users").html(calEvent.sent_to);
 				
 				$('#color_calendar').html('{$type_label}');
 				$('#color_calendar').addClass('label_tag');
-				$('#color_calendar').addClass('{$type}_event');
+								
+				$('#color_calendar').removeClass('course_event');
+				$('#color_calendar').removeClass('personal_event');
+				$('#color_calendar').removeClass('group_event');
+				
+				$('#color_calendar').addClass(calEvent.type+'_event');
 				
 				$('#start_date').html(calEvent.start.getDate() +"/"+ calEvent.start.getMonth() +"/"+calEvent.start.getFullYear());
 				
@@ -206,9 +217,10 @@ $(document).ready(function() {
 								success:function() {
 									calEvent.title 			= $("#title").val();
 									calEvent.start 			= calEvent.start;
-									calEvent.end 			= calEvent.end;
+									calEvent.end 			= calEvent.end;									
 									calEvent.allDay 		= calEvent.allDay;
-									calEvent.description 	= $("#content").val();								
+									calEvent.description 	= $("#content").val();
+																	
 									calendar.fullCalendar('updateEvent', 
 											calEvent,
 											true // make the event "stick"
@@ -269,10 +281,20 @@ $(document).ready(function() {
                     
                 

                 

-                    {$visible_to}
+                    {$visible_to}
{/if} + + +
From 8d4d136bd52f026b1eb190db63e7f5c5f57a3ed3 Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Fri, 23 Dec 2011 15:59:16 +0100 Subject: [PATCH 37/49] Replacing lang variables see #3994 --- main/inc/lib/message.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main/inc/lib/message.lib.php b/main/inc/lib/message.lib.php index b672f4c44e..f3323bdd86 100644 --- a/main/inc/lib/message.lib.php +++ b/main/inc/lib/message.lib.php @@ -953,7 +953,7 @@ class MessageManager $html .= '
'; $items = $topic['count']; - $reply_label = ($items == 1) ? get_lang('Reply'): get_lang('Replies'); + $reply_label = ($items == 1) ? get_lang('GroupReply'): get_lang('GroupReplies'); $html .= '
'.get_lang('Exercises').'
'.get_lang('Quiz').''.get_lang('User').''.sprintf(get_lang('ExamPassX'), $filter_score).''.get_lang('Percentage').' %
- + ', - '', - ''.stripslashes($blog['blog_subtitle']) . '', - '', - ''; - }*/ } } From 1010374191f31a353716ee2b9ef24b26d1b7c684 Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Fri, 23 Dec 2011 19:15:50 +0100 Subject: [PATCH 43/49] Adding lang variables --- main/admin/skills_profile.php | 9 ++-- main/inc/lib/skill.lib.php | 4 +- main/template/default/skill/profile.tpl | 58 ++++++++----------------- 3 files changed, 23 insertions(+), 48 deletions(-) diff --git a/main/admin/skills_profile.php b/main/admin/skills_profile.php index a6a99a7a0a..42df55cce4 100644 --- a/main/admin/skills_profile.php +++ b/main/admin/skills_profile.php @@ -65,7 +65,7 @@ $user_list = array(); $count_skills = count($skills); $users = $skill_rel_user->get_user_by_skills($skills); - + if (!empty($users)) { foreach($users as $user) { $user_info = api_get_user_info($user['user_id']); @@ -74,6 +74,7 @@ if (!empty($users)) { $user_skills = array(); $found_counts = 0 ; foreach($my_user_skills as $my_skill) { + $found = false; if (in_array($my_skill['skill_id'], $skills)) { $found = true; @@ -94,7 +95,7 @@ if (!empty($users)) { } } -//var_dump($user_list); + //$tpl->assign('user_list', $user_list); $tpl->assign('order_user_list', $ordered_user_list); @@ -116,12 +117,10 @@ if (!empty($skills)) { $total_skills_to_search = $skill->get_skills_info($total_skills_to_search); $skill_list = array(); -foreach($total_skills_to_search as &$skill_info) { +foreach($total_skills_to_search as $skill_info) { $skill_list[$skill_info['id']] = $skill_info; } - - $action = isset($_REQUEST['a']) ? $_REQUEST['a'] : null; $id = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : null; diff --git a/main/inc/lib/skill.lib.php b/main/inc/lib/skill.lib.php index 52026852fd..95159dac2a 100644 --- a/main/inc/lib/skill.lib.php +++ b/main/inc/lib/skill.lib.php @@ -331,6 +331,7 @@ class Skill extends Model { $sql = "SELECT id, name, description, parent_id, relation_type FROM {$this->table} s INNER JOIN {$this->table_skill_rel_skill} ss ON (s.id = ss.skill_id) $id_condition"; + $result = Database::query($sql); $skills = array(); @@ -507,11 +508,10 @@ class Skill extends Model { public function get_user_skills($user_id, $get_skill_data = false) { $user_id = intval($user_id); - //$sql = 'SELECT skill.*, user.* FROM '.$this->table_skill_rel_user.' user INNER JOIN '.$this->table_skill.' skill - $sql = 'SELECT DISTINCT s.id, s.name FROM '.$this->table_skill_rel_user.' u INNER JOIN '.$this->table.' s ON u.skill_id = s.id WHERE user_id = '.$user_id; + $result = Database::query($sql); $skills = Database::store_result($result, 'ASSOC'); $clean_skill = array(); diff --git a/main/template/default/skill/profile.tpl b/main/template/default/skill/profile.tpl index 1e04c8b8f7..9e8ef435f9 100644 --- a/main/template/default/skill/profile.tpl +++ b/main/template/default/skill/profile.tpl @@ -37,25 +37,7 @@ $(document).ready( function() { $.ajax({ url: '{$url}?a=save_profile&'+params, - success:function(data) { - - /*jsPlumb.connect({ - source : "block_2", - target : "block_1", - overlays : overlays - });*/ - - /* - calEvent.title = $("#name").val(); - calEvent.start = calEvent.start; - calEvent.end = calEvent.end; - calEvent.allDay = calEvent.allDay; - calEvent.description = $("#content").val(); - calendar.fullCalendar('updateEvent', - calEvent, - true // make the event "stick" - );*/ - + success:function(data) { $("#dialog-form").dialog("close"); } }); @@ -67,16 +49,11 @@ $(document).ready( function() { } }); - $("#add_profile").click(function() { - + $("#add_profile").click(function() { $("#name").attr('value', ''); - $("#description").attr('value', ''); - + $("#description").attr('value', ''); $("#dialog-form").dialog("open"); - - }); - - + }); }); function check_skills() { @@ -147,7 +124,6 @@ function checkLength( o, n, min, max ) { {/if} - {if !empty($order_user_list) } {foreach $order_user_list as $count => $user_list}

{"Matches"|get_lang} {$count}/{$total_search_skills}

@@ -159,16 +135,18 @@ function checkLength( o, n, min, max ) {
-

Skills {$user.total_found_skills} / {$total_search_skills}

-
    - +

    {"Skills"|get_lang} {$user.total_found_skills} / {$total_search_skills}

    +
      {foreach $user['skills'] as $skill_data}
    • - {$skill_list[$skill_data.skill_id].name} - {if $skill_data.found} - * I have this skill * - {/if} - + {if !empty({$skill_list[$skill_data.skill_id].name})} + {$skill_list[$skill_data.skill_id].name} + {else} + {"SkillNotFound"|get_lang} + {/if} + {if $skill_data.found} + *{"IHaveThisSkill"|get_lang}* + {/if}
      • {/foreach}
    @@ -177,15 +155,13 @@ function checkLength( o, n, min, max ) { {/foreach} {/foreach} {else} -
    {"No results"|get_lang}
    +
    {"NoResults"|get_lang}
    {/if} - -
'; $html .= Display::div(Display::tag('span', $items).$reply_label, array('class' =>'group_discussions_replies')); $html .= ''; From 66e244282fffc41aac912aff8a9c540adc1731d7 Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Fri, 23 Dec 2011 15:59:45 +0100 Subject: [PATCH 38/49] Improving icons + fixing forms, fixing styles --- main/admin/resume_session.php | 2 +- main/admin/user_information.php | 2 +- main/css/base.css | 4 ++-- main/social/group_add.php | 11 +---------- main/social/group_edit.php | 11 +---------- main/social/groups.php | 12 ++++++------ 6 files changed, 12 insertions(+), 30 deletions(-) diff --git a/main/admin/resume_session.php b/main/admin/resume_session.php index 7c5f882a1e..233dc50630 100644 --- a/main/admin/resume_session.php +++ b/main/admin/resume_session.php @@ -256,7 +256,7 @@ else { //hide_course_breadcrumb the parameter has been added to hide the name of the course, that appeared in the default $interbreadcrumb echo '
'.$course['title'].' ('.$course['visual_code'].')'.Display::url($course['title'].' ('.$course['visual_code'].')', api_get_path(WEB_COURSE_PATH).$course['code'].'/?id_session='.$id_session),' '.$coach.' '.$course['nbr_users'].' diff --git a/main/admin/user_information.php b/main/admin/user_information.php index 35c2cf4747..f7bec76133 100644 --- a/main/admin/user_information.php +++ b/main/admin/user_information.php @@ -216,7 +216,7 @@ if ($_configuration['multiple_access_urls']) { $url_list= UrlManager::get_access_url_from_user($user['user_id']); if (count($url_list) > 0) { $header = array(); - $header[] = array (get_lang('URL'), true); + $header[] = array ('URL', true); $data = array (); foreach ($url_list as $url) { $row = array(); diff --git a/main/css/base.css b/main/css/base.css index 300d336f79..ddc4df7a73 100644 --- a/main/css/base.css +++ b/main/css/base.css @@ -1368,9 +1368,9 @@ a.personal_agenda:hover, a.personal_agenda:hover { font-size: 0.8em; margin-right: 10px; overflow: hidden; - padding: 7px 10px; + padding: 13px; text-align: center; - width: 40px; + width: 47px; margin-bottom: 65px; } diff --git a/main/social/group_add.php b/main/social/group_add.php index 08aab12a36..3faa3bc093 100644 --- a/main/social/group_add.php +++ b/main/social/group_add.php @@ -36,16 +36,7 @@ function text_longitud(){ textarea = document.forms[0].description.value; } } - - -'; +'; $table_message = Database::get_main_table(TABLE_MESSAGE); diff --git a/main/social/group_edit.php b/main/social/group_edit.php index 90c547f8f7..dfb6e5290c 100644 --- a/main/social/group_edit.php +++ b/main/social/group_edit.php @@ -36,16 +36,7 @@ function textarea_maxlength(){ textarea = document.forms[0].description.value; } } - - -'; +'; $group_id = isset($_GET['id']) ? intval($_GET['id']) : intval($_POST['id']); $tool_name = get_lang('GroupEdit'); diff --git a/main/social/groups.php b/main/social/groups.php index 21d777238e..9069052cd9 100644 --- a/main/social/groups.php +++ b/main/social/groups.php @@ -274,9 +274,9 @@ if ($group_id != 0 ) { $content = MessageManager::display_messages_for_group($group_id); if ($is_group_member) { if (empty($content)) { - $create_thread_link = ''.get_lang('YouShouldCreateATopic').''; + $create_thread_link = ''.get_lang('YouShouldCreateATopic').''; } else { - $create_thread_link = ''.get_lang('NewTopic').''; + $create_thread_link = ''.get_lang('NewTopic').''; } } @@ -478,11 +478,11 @@ if ($group_id != 0 ) { $my_group_content = Display::return_sortable_grid('mygroups', array(), $grid_my_groups, array('hide_navigation'=>true, 'per_page' => 2), $query_vars, false, array(true, true, true,false)); } if (api_get_setting('allow_students_to_create_groups_in_social') == 'true') { - $create_group_item = ''.get_lang('CreateASocialGroup').''; + $create_group_item = ''.get_lang('CreateASocialGroup').''; //$my_group_content = $create_group_item. $my_group_content; } else { if (api_is_allowed_to_edit(null,true)) { - $create_group_item = ''.get_lang('CreateASocialGroup').''; + $create_group_item = ''.get_lang('CreateASocialGroup').''; //$my_group_content = $create_group_item. $my_group_content; } } @@ -514,11 +514,11 @@ if ($group_id != 0 ) { $my_group_content = Display::return_sortable_grid('mygroups', array(), $grid_my_groups, array('hide_navigation'=>true, 'per_page' => 2), $query_vars, false, array(true, true, true,false)); } if (api_get_setting('allow_students_to_create_groups_in_social') == 'true') { - $create_group_item = ''.get_lang('CreateASocialGroup').''; + $create_group_item = ''.get_lang('CreateASocialGroup').''; //$my_group_content = $create_group_item. $my_group_content; } else { if (api_is_allowed_to_edit(null,true)) { - $create_group_item = ''.get_lang('CreateASocialGroup').''; + $create_group_item = ''.get_lang('CreateASocialGroup').''; //$my_group_content = $create_group_item. $my_group_content; } } From 9718b575624a69b24cbe80cf95274c4f1656234f Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Fri, 23 Dec 2011 16:13:49 +0100 Subject: [PATCH 39/49] Fixing user list order see #3872 --- main/user/user.php | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/main/user/user.php b/main/user/user.php index 05b6c7d6e6..27fc44ef0f 100644 --- a/main/user/user.php +++ b/main/user/user.php @@ -494,27 +494,30 @@ function get_user_data($from, $number_of_items, $column, $direction) { $direction = 'ASC'; } - // order by - if (api_is_allowed_to_edit()) { - $column--; - } + if (api_is_allowed_to_edit()) { + $column--; + } + switch ($column) { - case 1: + case 1: + $order_by = 'ORDER BY user.official_code '.$direction; + break; + case 2: if ($is_western_name_order) { $order_by = 'ORDER BY user.firstname '.$direction.', user.lastname '.$direction; } else { $order_by = 'ORDER BY user.lastname '.$direction.', user.firstname '.$direction; } break; - case 2: + case 3: if ($is_western_name_order) { $order_by = 'ORDER BY user.lastname '.$direction.', user.firstname '.$direction; } else { $order_by = 'ORDER BY user.firstname '.$direction.', user.lastname '.$direction; } break; - case 5: - $order_by = 'ORDER BY user.official_code '.$direction; + case 4: + $order_by = 'ORDER BY user.username '.$direction; break; default: if ($sort_by_first_name) { From 3783b375ded28f6a3ea4bda70f17c0c95b599978 Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Fri, 23 Dec 2011 16:45:03 +0100 Subject: [PATCH 40/49] Adding report by question page see #3864 --- main/exercice/exercise_report.php | 33 ++++++++++++++++--------------- main/exercice/stats.php | 21 ++++++++++++++------ main/inc/lib/template.lib.php | 13 ++++++++++++ main/user/subscribe_user.php | 2 +- 4 files changed, 46 insertions(+), 23 deletions(-) diff --git a/main/exercice/exercise_report.php b/main/exercice/exercise_report.php index ec917a0eb5..51042acdf1 100644 --- a/main/exercice/exercise_report.php +++ b/main/exercice/exercise_report.php @@ -60,13 +60,18 @@ $TBL_LP_ITEM_VIEW = Database :: get_course_table(TABLE_LP_ITEM_VIEW); $TBL_LP_ITEM = Database :: get_course_table(TABLE_LP_ITEM); -$course_id = api_get_course_int_id(); -$exercise_id = isset($_REQUEST['exerciseId']) ? intval($_REQUEST['exerciseId']) : null; +$course_id = api_get_course_int_id(); +$exercise_id = isset($_REQUEST['exerciseId']) ? intval($_REQUEST['exerciseId']) : null; if (empty($exercise_id)) { api_not_allowed(); } +if (!empty($exercise_id)) + $parameters['exerciseId'] = $exercise_id; +if (!empty($_GET['path'])) { + $parameters['path'] = Security::remove_XSS($_GET['path']); +} // filter display by student group // if $_GET['filterByGroup'] = -1 => do not filter @@ -266,7 +271,6 @@ if ($_GET['delete'] == 'delete' && ($is_allowedToEdit || api_is_coach()) && !emp exit; } - if (api_is_allowed_to_edit(null,true)) { if (!$_GET['filter']) { $filter_by_not_revised = true; @@ -286,6 +290,13 @@ if (api_is_allowed_to_edit(null,true)) { default : null; } + + //Report by question + $actions .= Display::url(Display::return_icon('statistics_admin.gif', get_lang("ReportByQuestion")), 'stats.php?exerciseId='.$exercise_id); + + //Live results + $actions .=''.Display :: return_icon('activity_monitor.png', get_lang('LiveResults'),'',32).''; + if (!empty($_GET['exerciseId']) && empty($_GET['filter_by_user'])) { if ($_GET['filter'] == '1' or !isset ($_GET['filter']) or $_GET['filter'] == 0 ) { $view_result = ''.Display :: return_icon('exercice_check.png', get_lang('ShowCorrectedOnly'),'','32').''; @@ -293,14 +304,12 @@ if (api_is_allowed_to_edit(null,true)) { $view_result = ''.Display :: return_icon('exercice_uncheck.png', get_lang('ShowUnCorrectedOnly'),'','32').''; } $actions .= $view_result; - // + // filter by student group menu - // - $exercice_id = intval($_GET['exerciseId']); $actions .= ""; @@ -308,19 +317,11 @@ if (api_is_allowed_to_edit(null,true)) { $actions .= Display::return_icon('group.gif', get_lang("FilterByGroup")); $actions .= displayGroupMenu("groupFilter", $filterByGroup, "doFilterByGroup()")." "; } - //Live results - $actions .=''.Display :: return_icon('activity_monitor.png', get_lang('LiveResults'),'',32).''; + } - - $parameters=array('cidReq'=>Security::remove_XSS($_GET['cidReq']),'filter' => Security::remove_XSS($_GET['filter']),'gradebook' =>Security::remove_XSS($_GET['gradebook'])); -if (!empty($exercise_id)) - $parameters['exerciseId'] = $exercise_id; -if (!empty($_GET['path'])) { - $parameters['path'] = Security::remove_XSS($_GET['path']); -} $table = new SortableTable('quiz_results', 'get_count_exam_results', 'get_exam_results_data', 1, 10); $table->set_additional_parameters($parameters); diff --git a/main/exercice/stats.php b/main/exercice/stats.php index d355509073..95a7d463f8 100644 --- a/main/exercice/stats.php +++ b/main/exercice/stats.php @@ -8,6 +8,7 @@ $language_file = array('exercice', 'tracking'); require_once '../inc/global.inc.php'; require_once 'exercise.lib.php'; $this_section = SECTION_COURSES; + $exercise_id = (isset($_GET['exerciseId']) && !empty($_GET['exerciseId'])) ? intval($_GET['exerciseId']) : 0; $objExercise = new Exercise(); @@ -29,7 +30,7 @@ $headers = array( get_lang('LowestScore'), get_lang('AverageScore'), get_lang('HighestScore'), - get_lang('MaximumScore') + get_lang('Weighting') ); if (!empty($question_list)) { @@ -39,10 +40,10 @@ if (!empty($question_list)) { $data[$question_id]['name'] = cut($question_obj->question, 100); $data[$question_id]['students_who_try_exercise'] = $exercise_stats['users']; - $data[$question_id]['lowest_score'] = $exercise_stats['min']; - $data[$question_id]['average_score'] = $exercise_stats['average']; - $data[$question_id]['highest_score'] = $exercise_stats['max']; - $data[$question_id]['max_score'] = $question_obj->weighting; + $data[$question_id]['lowest_score'] = round($exercise_stats['min'], 2); + $data[$question_id]['average_score'] = round($exercise_stats['average'], 2); + $data[$question_id]['highest_score'] = round($exercise_stats['max'], 2); + $data[$question_id]['max_score'] = round($question_obj->weighting, 2); } } @@ -80,6 +81,14 @@ $headers = array( $interbreadcrumb[] = array ("url" => "exercice.php?gradebook=$gradebook", "name" => get_lang('Exercices')); $interbreadcrumb[] = array ("url" => "admin.php?exerciseId=$exercise_id","name" => $objExercise->name); -$tpl = new Template(get_lang('Stats')); +$tpl = new Template(get_lang('ReportByQuestion')); + +//$actions = array(); +//$actions[]= array(get_lang('Back'), Display::return_icon('back.png', get_lang('Back'), 'exercise_report.php?'.$exercise_id)); +//$tpl->set_actions($actions); + +$actions = '' . Display :: return_icon('back.png', get_lang('GoBackToQuestionList'),'','32').''; +$actions = Display::div($actions, array('class'=> 'actions')); +$content = $actions.$content; $tpl->assign('content', $content); $tpl->display_one_col_template(); diff --git a/main/inc/lib/template.lib.php b/main/inc/lib/template.lib.php index 3ca379b33e..2f71ab024e 100644 --- a/main/inc/lib/template.lib.php +++ b/main/inc/lib/template.lib.php @@ -53,6 +53,19 @@ class Template extends Smarty { $this->assign('style', $this->style); } + /* + * Use smarty to parse the actions menu + * @todo finish it! + * */ + function set_actions($actions) { + $action_string = ''; + if (!empty($actions)) { + foreach($actions as $action) { + } + } + $this->assign('actions', $actions); + } + /** * Shortcut to display a 1 col layout (index.php) * */ diff --git a/main/user/subscribe_user.php b/main/user/subscribe_user.php index 88eb382ffc..e51c1a4c0d 100644 --- a/main/user/subscribe_user.php +++ b/main/user/subscribe_user.php @@ -643,7 +643,7 @@ function email_filter($email) { */ function reg_filter($user_id) { if(isset($_REQUEST['type']) && $_REQUEST['type']=='teacher') $type='teacher'; else $type='student'; - $result = ''.get_lang("reg").''; + $result = ''.get_lang("reg").''; return $result; } From 240648443d30757c26d66d697af46a992416dfcb Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Fri, 23 Dec 2011 17:04:36 +0100 Subject: [PATCH 41/49] Send announcements only to active users see #3855 --- main/admin/system_announcements.php | 4 ++-- main/announcements/announcements.php | 24 +++++++++++++---------- main/inc/lib/system_announcements.lib.php | 13 +++++++++--- 3 files changed, 26 insertions(+), 15 deletions(-) diff --git a/main/admin/system_announcements.php b/main/admin/system_announcements.php index 41c706170c..3513353451 100644 --- a/main/admin/system_announcements.php +++ b/main/admin/system_announcements.php @@ -122,8 +122,8 @@ if (isset ($_GET['action']) && $_GET['action'] == 'edit') { $values['visible_guest'] = $announcement->visible_guest ; $values['lang'] = $announcement->lang; $values['action'] = 'edit'; - $groups = SystemAnnouncementManager :: get_announcement_groups($announcement->id); - $values['group'] = isset($groups[0]['group_id']) ? $groups[0]['group_id'] : 0; + $groups = SystemAnnouncementManager :: get_announcement_groups($announcement->id); + $values['group'] = isset($groups[0]['group_id']) ? $groups[0]['group_id'] : 0; $action_todo = true; } diff --git a/main/announcements/announcements.php b/main/announcements/announcements.php index 97b281285e..034e0dc12d 100644 --- a/main/announcements/announcements.php +++ b/main/announcements/announcements.php @@ -427,24 +427,25 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed // send to the created 'userlist' $sqlmail = "SELECT user_id, lastname, firstname, email FROM $tbl_user - WHERE user_id IN (".$userlist.")"; + WHERE active = 1 AND user_id IN (".$userlist.")"; } else if (empty($_POST['not_selected_form'])) { if(empty($_SESSION['id_session']) || api_get_setting('use_session_mode')=='false') { // send to everybody $sqlmail = "SELECT user.user_id, user.email, user.lastname, user.firstname FROM $tbl_course_user, $tbl_user - WHERE course_code='".Database::escape_string($_course['sysCode'])."' - AND course_rel_user.user_id = user.user_id AND relation_type <>".COURSE_RELATION_TYPE_RRHH." "; + WHERE active = 1 AND + course_code='".Database::escape_string($_course['sysCode'])."' AND + course_rel_user.user_id = user.user_id AND + relation_type <>".COURSE_RELATION_TYPE_RRHH." "; } else { $sqlmail = "SELECT user.user_id, user.email, user.lastname, user.firstname - FROM $tbl_user - INNER JOIN $tbl_session_course_user - ON $tbl_user.user_id = $tbl_session_course_user.id_user - AND $tbl_session_course_user.course_code = '".$_course['id']."' - AND $tbl_session_course_user.id_session = ".api_get_session_id(); + FROM $tbl_user INNER JOIN $tbl_session_course_user + ON $tbl_user.user_id = $tbl_session_course_user.id_user AND + active = 1 AND + $tbl_session_course_user.course_code = '".$_course['id']."' AND + $tbl_session_course_user.id_session = ".api_get_session_id(); } } - if ($sqlmail != '') { $rs_mail = Database::query($sqlmail); @@ -482,7 +483,10 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed $data_file = array('path' => $path_attach,'filename' => $filename_attach); } @api_mail_html($recipient_name, $mailid, stripslashes($emailSubject), $mail_body, $sender_name, $sender_email, null, $data_file, true); + //@todo who uses the $table_reminder?? + + /* if ($_REQUEST['reminder']=="1") { $time=getdate(); $time = $time['yday']; @@ -501,7 +505,7 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed $time = $time+30; $sql="INSERT INTO $table_reminder(sid,db_name,email,subject,content,reminder_choice,reminder_time,avail_till) values('$surveyid','$db_name','$mailid','".addslashes($emailSubject)."','".addslashes($mail_body)."','1','$time','$end_date')"; Database::query($sql); - } + }*/ } AnnouncementManager::update_mail_sent($insert_id); $message = $added_and_sent; diff --git a/main/inc/lib/system_announcements.lib.php b/main/inc/lib/system_announcements.lib.php index b0689a429a..f8f5952e93 100644 --- a/main/inc/lib/system_announcements.lib.php +++ b/main/inc/lib/system_announcements.lib.php @@ -531,14 +531,17 @@ class SystemAnnouncementManager { $user_table = Database :: get_main_table(TABLE_MAIN_USER); if ($teacher <> 0 AND $student == 0) { - $sql = "SELECT firstname, lastname, email, status FROM $user_table u $url_condition WHERE email<>'' AND status = '1' AND active = 1"; + $sql = "SELECT firstname, lastname, email, status FROM $user_table u $url_condition WHERE status = '1' "; } + if ($teacher == 0 AND $student <> 0) { - $sql = "SELECT firstname, lastname, email, status FROM $user_table u $url_condition WHERE email<>'' AND status = '5' AND active = 1 "; + $sql = "SELECT firstname, lastname, email, status FROM $user_table u $url_condition WHERE status = '5' "; } + if ($teacher<> 0 AND $student <> 0) { - $sql = "SELECT firstname, lastname, email FROM $user_table u $url_condition WHERE email<>'' AND active = 1 "; + $sql = "SELECT firstname, lastname, email FROM $user_table u $url_condition WHERE 1=1 "; } + if (!empty($language)) { //special condition because language was already treated for SQL insert before $sql .= " AND language = '".Database::escape_string($language)."' "; } @@ -547,10 +550,14 @@ class SystemAnnouncementManager { if ($_configuration['multiple_access_urls']) { $sql .= " AND access_url_id = '".$current_access_url_id."' "; } + + //Sent to active users + $sql .= " AND email <>'' AND active = 1 "; if ((empty($teacher) or $teacher == '0') AND (empty($student) or $student == '0')) { return true; } + $result = Database::query($sql); if ($result === false) { return false; From 41ad44b86c3281e36e068896d7da04e17c8029f2 Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Fri, 23 Dec 2011 18:26:49 +0100 Subject: [PATCH 42/49] Fixing SQL queries adding c_id see #3910 --- main/calendar/agenda.lib.php | 6 ++--- main/inc/lib/blog.lib.php | 49 +++++++----------------------------- 2 files changed, 12 insertions(+), 43 deletions(-) diff --git a/main/calendar/agenda.lib.php b/main/calendar/agenda.lib.php index 87b3c6d8cb..b6b3354ada 100644 --- a/main/calendar/agenda.lib.php +++ b/main/calendar/agenda.lib.php @@ -441,7 +441,7 @@ class Agenda { FROM ".$tlb_course_agenda." agenda, ".$tbl_property." ip WHERE agenda.id = ip.ref AND ip.tool ='".TOOL_CALENDAR_EVENT."' AND - $where_condition AND + $where_condition AND ip.visibility = '1' AND agenda.c_id = $course_id AND ip.c_id = $course_id"; @@ -452,13 +452,13 @@ class Agenda { if (api_is_allowed_to_edit()) { $where_condition = ""; } else { - $where_condition = "( ip.to_user_id=$user_id OR ip.to_group_id='0')"; + $where_condition = "( ip.to_user_id=$user_id OR ip.to_group_id='0') AND "; } $sql="SELECT DISTINCT agenda.*, ip.visibility, ip.to_group_id, ip.insert_user_id, ip.ref FROM ".$tlb_course_agenda." agenda, ".$tbl_property." ip WHERE agenda.id = ip.ref AND ip.tool='".TOOL_CALENDAR_EVENT."' AND - $where_condition AND + $where_condition ip.visibility='1' AND agenda.c_id = $course_id AND ip.c_id = $course_id"; diff --git a/main/inc/lib/blog.lib.php b/main/inc/lib/blog.lib.php index ccf924e03c..1e94fab234 100644 --- a/main/inc/lib/blog.lib.php +++ b/main/inc/lib/blog.lib.php @@ -357,8 +357,7 @@ class Blog { $current_date = date('Y-m-d H:i:s',time()); $course_id = api_get_course_int_id(); - if(!empty($_FILES['user_upload']['name'])) - { + if(!empty($_FILES['user_upload']['name'])) { require_once('fileUpload.lib.php'); $upload_ok = process_uploaded_file($_FILES['user_upload']); $has_attachment=true; @@ -379,8 +378,7 @@ class Blog { $last_id=Database::insert_id(); - if ($has_attachment) - { + if ($has_attachment) { $courseDir = $_course['path'].'/upload/blog'; $sys_course_path = api_get_path(SYS_COURSE_PATH); $updir = $sys_course_path.$courseDir; @@ -461,7 +459,7 @@ class Blog { */ public static function create_task ($blog_id, $title, $description, $articleDelete, $articleEdit, $commentsDelete, $color) { // Init - $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS); + $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS); $tbl_tasks_permissions = Database::get_course_table(TABLE_BLOGS_TASKS_PERMISSIONS); $course_id = api_get_course_int_id(); @@ -518,7 +516,7 @@ class Blog { */ public static function edit_task($blog_id, $task_id, $title, $description, $articleDelete, $articleEdit, $commentsDelete, $color) { // Init - $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS); + $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS); $tbl_tasks_permissions = Database::get_course_table(TABLE_BLOGS_TASKS_PERMISSIONS); $course_id = api_get_course_int_id(); @@ -2611,8 +2609,7 @@ class Blog { -
- '; +
'; } @@ -2621,10 +2618,10 @@ class Blog { * */ public static function display_edit_blog_form ($blog_id) { - // Init + $course_id = api_get_course_int_id(); $tbl_blogs = Database::get_course_table(TABLE_BLOGS); - $sql = "SELECT blog_id, blog_name, blog_subtitle FROM $tbl_blogs WHERE blog_id = '".(int)$blog_id."'"; + $sql = "SELECT blog_id, blog_name, blog_subtitle FROM $tbl_blogs WHERE c_id = $course_id AND blog_id = '".(int)$blog_id."'"; $result = Database::query($sql); $blog = Database::fetch_array($result); @@ -2679,6 +2676,7 @@ class Blog { */ public static function display_blog_list () { global $charset, $_user; + $course_id = api_get_course_int_id(); // Init $counter = 0; @@ -2688,7 +2686,7 @@ class Blog { $session_id = api_get_session_id(); $condition_session = api_get_session_condition($session_id, false); - $sql = 'SELECT blog_name,blog_subtitle,visibility,blog_id FROM '.$tbl_blogs.' ORDER BY date_creation DESC '; + $sql = "SELECT blog_name,blog_subtitle,visibility,blog_id FROM $tbl_blogs WHERE c_id = $course_id ORDER BY date_creation DESC"; $result = Database::query($sql); if (Database::num_rows($result)) { while ($row_project=Database::fetch_row($result)) { @@ -2742,35 +2740,6 @@ class Blog { $table->set_header(2, get_lang('Modify')); $table->display(); } - - /*$sql = "SELECT blog_id, blog_name, blog_subtitle, visibility FROM $tbl_blogs ORDER BY blog_name"; - $result = Database::query($sql); - - while($blog = Database::fetch_array($result)) - { - $counter++; - $css_class = (($counter % 2)==0) ? "row_odd" : "row_even"; - $visibility_icon = ($blog['visibility'] == '0') ? "invisible.gif" : "visible.gif"; - $visibility_class = ($blog['visibility'] == '0') ? ' class="invisible"' : ""; - $visibility_set = ($blog['visibility'] == '0') ? 1 : 0; - - echo '
'.stripslashes($blog['blog_name']) . '', - '', - '', - "\n", - '', - '', - "\n", - '', - '', - "\n", - '