[svn r13750] Fixed many problems with user headings - reported in FS#2068

18 years ago · 91fda5cc88
parent 75106d3e1c
commit 91fda5cc88
2 changed files with 130 additions and 137 deletions
--- a/main/user/userInfo.php
+++ b/main/user/userInfo.php
@ -42,7 +42,7 @@
 ==============================================================================
 */
 $editMainUserInfo = $_REQUEST['editMainUserInfo'];
-$uInfo = intval($_REQUEST['uInfo']);
+$uInfo = strval(intval($_REQUEST['uInfo']));
 // name of the language file that needs to be included
 $language_file = array ('registration', 'userInfo');
@ -54,6 +54,7 @@ $this_section = SECTION_COURSES;
 $nameTools = get_lang("Users");
 api_protect_course_script();
 //prepare variables used in userInfoLib.php functions
 $TBL_USERINFO_DEF 		= Database :: get_course_table(TABLE_USER_INFO);
 $TBL_USERINFO_CONTENT 	= Database :: get_course_table(TABLE_USER_INFO_CONTENT);
@ -104,12 +105,6 @@ $is_allowedToTrack = api_is_allowed_to_edit() && $_configuration['tracking_enabl
 // Library connection
 include ("userInfoLib.php");
 // clean field submitted by the user
 foreach ($_POST as $key => $value)
 {
 	$$key = replace_dangerous_char($value);
 }
 /*
 ==============================================================================
 	   FUNCTIONS
@ -126,54 +121,54 @@ $displayMode = "viewContentList";
 if ($allowedToEditDef)
 {
-	if ($submitDef)
+	if (!empty($_POST['submitDef']))
 	{
-		if ($id)
+		if (!empty($_POST['id']))
 		{
-			edit_cat_def($id, $title, $comment, $nbline);
+			edit_cat_def($_POST['id'], $_POST['title'], $_POST['comment'], $_POST['nbline']);
 		}
 		else
 		{
-			create_cat_def($title, $comment, $nbline);
+			create_cat_def($_POST['title'], $_POST['comment'], $_POST['nbline']);
 		}
 		$displayMode = "viewDefList";
 	}
-	elseif ($removeDef)
+	elseif (!empty($_GET['removeDef']))
 	{
-		remove_cat_def($removeDef, true);
+		remove_cat_def($_GET['removeDef'], true);
 		$displayMode = "viewDefList";
 	}
-	elseif ($editDef)
+	elseif (!empty($_GET['editDef']))
 	{
 		$displayMode = "viewDefEdit";
 	}
-	elseif (isset ($addDef))
+	elseif (!empty ($_POST['addDef']))
 	{
 		$displayMode = "viewDefEdit";
 	}
-	elseif ($moveUpDef)
+	elseif (!empty($_GET['moveUpDef']))
 	{
-		move_cat_rank($moveUpDef, "up");
+		move_cat_rank($_GET['moveUpDef'], "up");
 		$displayMode = "viewDefList";
 	}
-	elseif ($moveDownDef)
+	elseif (!empty($_GET['moveDownDef']))
 	{
-		move_cat_rank($moveDownDef, "down");
+		move_cat_rank($_GET['moveDownDef'], "down");
 		$displayMode = "viewDefList";
 	}
-	elseif ($viewDefList)
+	elseif (!empty($_POST['viewDefList']))
 	{
 		$displayMode = "viewDefList";
 	}
-	elseif ($editMainUserInfo)
+	elseif (!empty($_GET['editMainUserInfo']))
 	{
-		$userIdViewed = $editMainUserInfo;
+		$userIdViewed = strval(intval($_GET['editMainUserInfo']));
 		$displayMode = "viewMainInfoEdit";
 	}
-	elseif ($submitMainUserInfo)
+	elseif (!empty($_GET['submitMainUserInfo']))
 	{
-		$userIdViewed = $submitMainUserInfo;
+		$userIdViewed = strval(intval($_GET['submitMainUserInfo']));
 		$promoteCourseAdmin ? $userProperties['status'] = 1 : $userProperties['status'] = 5;
 		$promoteTutor ? $userProperties['tutor'] = 1 : $userProperties['tutor'] = 0;
@ -190,24 +185,24 @@ if ($allowedToEditDef)
 if ($allowedToEditContent)
 {
-	if ($submitContent)
+	if (isset($_POST['submitContent']))
 	{
-		if ($cntId) // submit a content change
+		if ($_POST['cntId']) // submit a content change
 		{
-			edit_cat_content($catId, $userIdViewer, $content, $REMOTE_ADDR);
+			edit_cat_content($_POST['catId'], $userIdViewed, $_POST['content'], $_SERVER['REMOTE_ADDR']);
 		}
 		else // submit a totally new content
-			{
+		{
-			fill_new_cat_content($catId, $userIdViewer, $content, $REMOTE_ADDR);
+			fill_new_cat_content($_POST['catId'], $userIdViewed, $_POST['content'], $_SERVER['REMOTE_ADDR']);
 		}
 		$displayMode = "viewContentList";
 	}
-	elseif ($editContent)
+	elseif (!empty($_GET['editContent']))
 	{
 		$displayMode = "viewContentEdit";
-		$userIdViewed = $userIdViewer;
+		$userIdViewed = $userIdViewed;
 	}
 }
@ -223,7 +218,7 @@ if ($displayMode == "viewDefEdit")
 {
 	/*>>>>>>>>>>>> CATEGORIES DEFINITIONS : EDIT <<<<<<<<<<<<*/
-	$catToEdit = get_cat_def($editDef);
+	$catToEdit = get_cat_def($_GET['editDef']);
 	$edit_heading_form = new FormValidator('edit_heading_form');
 	$edit_heading_form->addElement('hidden', 'id');
 	$edit_heading_form->add_textfield('title', get_lang('Title'));
@ -281,8 +276,7 @@ elseif ($displayMode == "viewContentEdit")
 {
 	/*>>>>>>>>>>>> CATEGORIES CONTENTS : EDIT <<<<<<<<<<<<*/
-	$catToEdit = get_cat_content($userIdViewed, $editContent);
+	$catToEdit = get_cat_content($userIdViewed, $_GET['editContent']);
 	$content_heading_form = new FormValidator('content_heading_form');
 	$content_heading_form->addElement('hidden', 'cntId');
 	$content_heading_form->addElement('hidden', 'catId');
--- a/main/user/userInfoLib.php
+++ b/main/user/userInfoLib.php
@ -34,7 +34,7 @@
 * create a new category definition for the user information
 *
 * @author - Hugues peeters <peeters@ipm.ucl.ac.be>
- * @author - Christophe Gesché <gesche@ipm.ucl.ac.be>
+ * @author - Christophe Gesch<EFBFBD> <gesche@ipm.ucl.ac.be>
 * @param  - string $title - category title
 * @param  - string $comment - title comment
 * @param  - int$nbline - lines number for the field the user will fill.
@ -43,29 +43,30 @@
 function create_cat_def($title="", $comment="", $nbline="5")
 {
-	global $TBL_USERINFO_DEF;
+	global $TBL_USERINFO_DEF; //taken from userInfo.php
 	$title = Database::escape_string(trim($title));
 	$comment = Database::escape_string(trim($comment));
 	$nbline = strval(intval($nbline));
 	if ( 0 == (int) $nbline || empty($title))
 	{
 		return false;
 	}
-	$sql = "SELECT MAX(`rank`) maxRank FROM ".$TBL_USERINFO_DEF."";
+	$sql = "SELECT MAX(rank) as maxRank FROM ".$TBL_USERINFO_DEF;
 	$result = api_sql_query($sql,__FILE__,__LINE__);
-	if ($result) $maxRank = mysql_fetch_array($result);
+	if ($result) $maxRank = Database::fetch_array($result);
 	$maxRank = $maxRank['maxRank'];
 	$thisRank = $maxRank + 1;
-	$title   = trim($title);
+	$sql = "INSERT INTO $TBL_USERINFO_DEF SET
-	$comment = trim($comment);
+			title		= '$title',
-
+			comment		= '$comment',
-	$sql = "INSERT INTO ".$TBL_USERINFO_DEF." SET
+			line_count	= '$nbline',
-			`title`		= '$title',
+			rank		= '$thisRank'";
 			`comment`	= '$comment',
 			`line_count`	= '$nbline',
 			`rank`		= '$thisRank'";
 	api_sql_query($sql,__FILE__,__LINE__);
@ -76,7 +77,7 @@ function create_cat_def($title="", $comment="", $nbline="5")
 * modify the definition of a user information category
 *
 * @author - Hugues peeters <peeters@ipm.ucl.ac.be>
- * @author - Christophe Gesché <gesche@ipm.ucl.ac.be>
+ * @author - Christophe Gesch<EFBFBD> <gesche@ipm.ucl.ac.be>
 * @param  - int $id - id of the category
 * @param  - string $title - category title
 * @param  - string $comment - title comment
@ -88,19 +89,20 @@ function edit_cat_def($id, $title, $comment, $nbline)
 {
 	global $TBL_USERINFO_DEF;
-	if ( 0 == (int) $nbline || 0 == (int) $id )
+	if ( 0 == $nbline || 0 == $id )
 	{
 		return false;
 	}
-	$title   = trim($title);
+	$id = strval(intval($id)); //make sure id is integer
-	$comment = trim($comment);
+	$title   = Database::escape_string(trim($title));
 	$comment = Database::escape_string(trim($comment));
 	$nbline = strval(intval($nbline));
 	$sql = "UPDATE ".$TBL_USERINFO_DEF." SET
-			`title`		= '$title',
+			title		= '$title',
-			`comment`	= '$comment',
+			comment		= '$comment',
-			`line_count`	= '$nbline'
+			line_count	= '$nbline'
 			WHERE id	= '$id'";
 	api_sql_query($sql,__FILE__,__LINE__);
 	return true;
@ -110,7 +112,7 @@ function edit_cat_def($id, $title, $comment, $nbline)
 * remove a category from the category list
 *
 * @author - Hugues peeters <peeters@ipm.ucl.ac.be>
- * @author - Christophe Gesché <gesche@ipm.ucl.ac.be>
+ * @author - Christophe Gesche <gesche@ipm.ucl.ac.be>
 *
 * @param  - int $id - id of the category
 *				or "ALL" for all category
@ -124,31 +126,24 @@ function edit_cat_def($id, $title, $comment, $nbline)
 function remove_cat_def($id, $force = false)
 {
 	global $TBL_USERINFO_CONTENT, $TBL_USERINFO_DEF;
 	$id = strval(intval($id));
 	if ( (0 == (int) $id || $id == "ALL") || ! is_bool($force))
 	{
 		return false;
 	}
-
+	$sqlCondition = " WHERE id = '$id'";
 	if ( $id != "ALL")
 	{
 		$sqlCondition = " WHERE id = '$id'";
 	} else {
 		$sqlCondition = "";
 	}
 	if ($force == false)
 	{
-		$sql = "SELECT * FROM ".$TBL_USERINFO_CONTENT." ".$sqlCondition;
+		$sql = "SELECT * FROM $TBL_USERINFO_CONTENT $sqlCondition";
 		$result = api_sql_query($sql,__FILE__,__LINE__);
-		if ( mysql_num_rows($result) > 0)
+		if ( Database::num_rows($result) > 0)
 		{
 			return false;
 		}
 	}
-
+	$sql = "DELETE FROM $TBL_USERINFO_DEF $sqlCondition";
 	$sql = "DELETE FROM ".$TBL_USERINFO_DEF." ".$sqlCondition;
 	api_sql_query($sql,__FILE__,__LINE__);
 }
@ -156,7 +151,7 @@ function remove_cat_def($id, $force = false)
 * move a category in the category list
 *
 * @author - Hugues peeters <peeters@ipm.ucl.ac.be>
- * @author - Christophe Gesché <gesche@ipm.ucl.ac.be>
+ * @author - Christophe Gesch<EFBFBD> <gesche@ipm.ucl.ac.be>
 *
 * @param  - int $id - id of the category
 * @param  - direction "up" or "down" :
@ -169,22 +164,23 @@ function remove_cat_def($id, $force = false)
 function move_cat_rank($id, $direction) // up & down.
 {
 	global $TBL_USERINFO_DEF;
 	$id = strval(intval($id));
 	if ( 0 == (int) $id || ! ($direction == "up" || $direction == "down") )
 	{
 		return false;
 	}
-	$sql = "SELECT rank FROM ".$TBL_USERINFO_DEF." WHERE id = '$id'";
+	$sql = "SELECT rank FROM $TBL_USERINFO_DEF WHERE id = '$id'";
 	$result = api_sql_query($sql,__FILE__,__LINE__);
-	if (mysql_num_rows($result) < 1)
+	if (Database::num_rows($result) < 1)
 	{
 		return false;
 	}
-	$cat = mysql_fetch_array($result);
+	$cat = Database::fetch_array($result);
-	$rank = (int) $cat["rank"];
+	$rank = (int) $cat['rank'];
 	return move_cat_rank_by_rank($rank, $direction);
 }
@ -192,7 +188,7 @@ function move_cat_rank($id, $direction) // up & down.
 * move a category in the category list
 *
 * @author - Hugues peeters <peeters@ipm.ucl.ac.be>
- * @author - Christophe Gesché <gesche@ipm.ucl.ac.be>
+ * @author - Christophe Gesche <gesche@ipm.ucl.ac.be>
 *
 * @param  - int $rank - actual rank of the category
 * @param  - direction "up" or "down" :
@ -228,13 +224,13 @@ function move_cat_rank_by_rank($rank, $direction) // up & down.
 	$result = api_sql_query($sql,__FILE__,__LINE__);
-	if (mysql_num_rows($result) < 2)
+	if (Database::num_rows($result) < 2)
 	{
 		return false;
 	}
-	$thisCat = mysql_fetch_array($result);
+	$thisCat = Database::fetch_array($result);
-	$nextCat = mysql_fetch_array($result);
+	$nextCat = Database::fetch_array($result);
 	$sql1 = "UPDATE ".$TBL_USERINFO_DEF." SET rank ='".$nextCat['rank'].
 			"' WHERE id = '".$thisCat['id']."'";
@ -259,15 +255,19 @@ function move_cat_rank_by_rank($rank, $direction) // up & down.
 function update_user_course_properties($user_id, $course_code, $properties)
 {
 	global $tbl_coursUser,$_user;
-        $sqlChangeStatus = "";
+    $sqlChangeStatus = "";
-        if ($user_id != $_user['user_id'])
+    $user_id = strval(intval($user_id));//filter integer
-            $sqlChangeStatus = "`status`     = '".$properties['status']."',";
+    $course_code = Database::escape_string($course_code);
    if ($user_id != $_user['user_id'])
    {
    	$sqlChangeStatus = "status     = '".$properties['status']."',";
    }
 	$result = api_sql_query("UPDATE $tbl_coursUser
-	                        SET     `role`       = '".$properties['role']."',
+	                        SET     role      		= '".$properties['role']."',
 	                                ".$sqlChangeStatus."
-	                                `tutor_id`      = '".$properties['tutor']."'
+	                                tutor_id      	= '".$properties['tutor']."'
-	                        WHERE   `user_id`    = '".$user_id."'
+	                        WHERE   user_id	    	= '".$user_id."'
-	                        AND     `course_code` = '".$course_code."'",__FILE__,__LINE__);
+	                        AND     course_code		= '".$course_code."'",__FILE__,__LINE__);
 	if (mysql_affected_rows() > 0)
 	{
@ -295,7 +295,7 @@ function update_user_course_properties($user_id, $course_code, $properties)
 * fill a bloc for information category
 *
 * @author - Hugues peeters <peeters@ipm.ucl.ac.be>
- * @author - Christophe Gesché <gesche@ipm.ucl.ac.be>
+ * @author - Christophe Gesche <gesche@ipm.ucl.ac.be>
 * @param  - $definition_id,
 * @param  - $user_id,
 * @param  - $user_ip,
@ -309,14 +309,14 @@ function fill_new_cat_content($definition_id, $user_id, $content="", $user_ip=""
 	if (empty($user_ip))
 	{
-		global $REMOTE_ADDR;
+		$user_ip = $_SERVER['REMOTE_ADDR'];
 		$user_ip = $REMOTE_ADDR;
 	}
 	$definition_id 	= strval(intval($definition_id));
 	$user_id		= strval(intval($user_id));
 	$content		= Database::escape_string(trim($content));
 	$user_ip		= Database::escape_string(trim($user_ip));
-	$content = trim($content);
+	if ( 0 == $definition_id || 0 == $user_id || $content == "")
 	if ( 0 == (int) $definition_id || 0 == (int) $user_id || $content == "")
 	{
 		// Here we should introduce an error handling system...
@ -326,68 +326,65 @@ function fill_new_cat_content($definition_id, $user_id, $content="", $user_ip=""
 	// Do not create if already exist
 	$sql = "SELECT id FROM ".$TBL_USERINFO_CONTENT."
-			WHERE	`definition_id`	= '$definition_id'
+			WHERE	definition_id	= '$definition_id'
-			AND		`user_id`	= '$user_id'";
+			AND		user_id			= '$user_id'";
 	$result = api_sql_query($sql,__FILE__,__LINE__);
-	if (mysql_num_rows($result) > 0)
+	if (Database::num_rows($result) > 0)
 	{
 		return false;
 	}
 	$sql = "INSERT INTO ".$TBL_USERINFO_CONTENT." SET
-			`content`	= '$content',
+			content			= '$content',
-			`definition_id`	= '$definition_id',
+			definition_id	= '$definition_id',
-			`user_id`	= '$user_id',
+			user_id			= '$user_id',
-			`editor_ip`		= '$user_ip',
+			editor_ip		= '$user_ip',
-			`edition_time`	= now()";
+			edition_time	= now()";
 	api_sql_query($sql,__FILE__,__LINE__);
 	return true;
 }
 /**
- * edit a bloc for information category
+ * Edit a bloc for information category
 *
 * @author - Hugues peeters <peeters@ipm.ucl.ac.be>
- * @author - Christophe Gesché <gesche@ipm.ucl.ac.be>
+ * @author - Christophe Gesche <gesche@ipm.ucl.ac.be>
 * @param  - $definition_id,
 * @param  - $user_id,
 * @param  - $user_ip, DEFAULT $REMOTE_ADDR
 * @param  - $content ; if empty call delete the bloc
 * @return - boolean true if succeed, else bolean false
 */
 function edit_cat_content($definition_id, $user_id, $content ="", $user_ip="")
 {
 	global $TBL_USERINFO_CONTENT;
-
+	$definition_id 	= strval(intval($definition_id));
 	$user_id 		= strval(intval($user_id));
 	$content 		= Database::escape_string(trim($content));
 	if (empty($user_ip))
 	{
-		global $REMOTE_ADDR;
+		$user_ip = $_SERVER['REMOTE_ADDR'];
 		$user_ip = $REMOTE_ADDR;
 	}
 	$user_ip = Database::escape_string($user_ip);
-	if (0 == (int) $user_id || 0 == (int) $definition_id)
+	if (0 == $user_id || 0 == $definition_id)
 	{
 		return false;
 	}
-	$content = trim($content);
+	if ( $content == "")
 	if ( trim($content) == "")
 	{
 		return cleanout_cat_content($user_id, $definition_id);
 	}
 	$sql= "UPDATE ".$TBL_USERINFO_CONTENT." SET
-			`content`	= '$content',
+			content			= '$content',
-			`editor_ip`		= '$user_ip',
+			editor_ip		= '$user_ip',
-			`edition_time`	= now()
+			edition_time	= now()
 			WHERE definition_id = '$definition_id' AND user_id = '$user_id'";
 	api_sql_query($sql,__FILE__,__LINE__);
@ -399,7 +396,7 @@ function edit_cat_content($definition_id, $user_id, $content ="", $user_ip="")
 * clean the content of a bloc for information category
 *
 * @author - Hugues peeters <peeters@ipm.ucl.ac.be>
- * @author - Christophe Gesché <gesche@ipm.ucl.ac.be>
+ * @author - Christophe Gesche <gesche@ipm.ucl.ac.be>
 * @param  - $definition_id,
 * @param  - $user_id
 * @return - boolean true if succeed, else bolean false
@ -408,8 +405,10 @@ function edit_cat_content($definition_id, $user_id, $content ="", $user_ip="")
 function cleanout_cat_content($user_id, $definition_id)
 {
 	global $TBL_USERINFO_CONTENT;
 	$user_id 		= strval(intval($user_id));
 	$definition_id 	= strval(intval($definition_id));
-	if (0 == (int) $user_id || 0 == (int) $definition_id)
+	if (0 == $user_id || 0 == $definition_id)
 	{
 		return false;
 	}
@ -431,7 +430,7 @@ function cleanout_cat_content($user_id, $definition_id)
 /**
 * get the user info from the user id
 * @author - Hugues Peeters <peeters@ipm.ucl.ac.be>
- * @author - Christophe Gesché <gesche@ipm.ucl.ac.be>
+ * @author - Christophe Gesche <gesche@ipm.ucl.ac.be>
 * @param - int $user_id user id as stored in the Dokeos main db
 * @return - array containg user info sort by categories rank
 *           each rank contains 'title', 'comment', 'content', 'cat_id'
@ -450,9 +449,9 @@ function get_course_user_info($user_id)
 	$result = api_sql_query($sql,__FILE__,__LINE__);
-	if (mysql_num_rows($result) > 0)
+	if (Database::num_rows($result) > 0)
 	{
-		while ($userInfo = mysql_fetch_array($result, MYSQL_ASSOC))
+		while ($userInfo = Database::fetch_array($result, 'ASSOC'))
 		{
 			$userInfos[]=$userInfo;
 		}
@ -468,7 +467,7 @@ function get_course_user_info($user_id)
 /**
 * get the main user information
 * @author - Hugues Peeters <peeters@ipm.ucl.ac.be>
- * @author - Christophe Gesché <gesche@ipm.ucl.ac.be>
+ * @author - Christophe Gesche <gesche@ipm.ucl.ac.be>
 * @param -  int $user_id user id as stored in the Dokeos main db
 * @return - array containing user info as 'lastName', 'firstName'
 *           'email', 'role'
@ -476,7 +475,9 @@ function get_course_user_info($user_id)
 function get_main_user_info($user_id, $courseCode)
 {
-	if (0 == (int) $user_id)
+	$user_id 	= strval(intval($user_id));
 	$courseCode = Database::escape_string($courseCode); 
 	if (0 == $user_id)
 	{
 		return false;
 	}
@ -486,7 +487,7 @@ function get_main_user_info($user_id, $courseCode)
 	$table_user = Database::get_main_table(TABLE_MAIN_USER);
 	$sql = "SELECT	u.*, u.lastname lastName, u.firstname firstName, 
 	                u.email, u.picture_uri picture, cu.role, 
-	                cu.`status` `status`, cu.tutor_id
+	                cu.status status, cu.tutor_id
 	        FROM    $table_user u, $table_course_user cu
 	        WHERE   u.user_id = cu.user_id
 	        AND     u.user_id = '$user_id'
@ -494,9 +495,9 @@ function get_main_user_info($user_id, $courseCode)
 	$result = api_sql_query($sql,__FILE__,__LINE__);
-	if (mysql_num_rows($result) > 0)
+	if (Database::num_rows($result) > 0)
 	{
-		$userInfo = mysql_fetch_array($result, MYSQL_ASSOC);
+		$userInfo = Database::fetch_array($result, 'ASSOC');
 		$userInfo['password']='';
 		return $userInfo;
 	}
@ -510,7 +511,7 @@ function get_main_user_info($user_id, $courseCode)
 /**
 * get the user content of a categories plus the categories definition
 * @author - Hugues Peeters <peeters@ipm.ucl.ac.be>
- * @author - Christophe Gesché <gesche@ipm.ucl.ac.be>
+ * @author - Christophe Gesche <gesche@ipm.ucl.ac.be>
 * @param  - int $userId - id of the user
 * @param  - int $catId - id of the categories
 * @return - array containing 'catId', 'title', 'comment',
@ -521,6 +522,8 @@ function get_cat_content($userId, $catId)
 {
 	global $TBL_USERINFO_CONTENT, $TBL_USERINFO_DEF;
 	$userId = strval(intval($userId));
 	$catId 	= strval(intval($catId));
 	$sql = "SELECT	cat.id catId,	cat.title,
 					cat.comment ,	cat.line_count,
 					content.id contentId, 	content.content
@ -528,12 +531,11 @@ function get_cat_content($userId, $catId)
 			ON cat.id = content.definition_id
 			AND content.user_id = '$userId'
 			WHERE cat.id = '$catId' ";
 	$result = api_sql_query($sql,__FILE__,__LINE__);
-	if (mysql_num_rows($result) > 0)
+	if (Database::num_rows($result) > 0)
 	{
-		$catContent = mysql_fetch_array($result, MYSQL_ASSOC);
+		$catContent = Database::fetch_array($result, 'ASSOC');
 		$catContent['nbline'] = $catContent['line_count'];
 		return $catContent;
 	}
@ -545,24 +547,23 @@ function get_cat_content($userId, $catId)
 /**
 * get the definition of a category
 *
- * @author - Christophe Gesché <gesche@ipm.ucl.ac.be>
+ * @author - Christophe Gesche <gesche@ipm.ucl.ac.be>
 * @author - Hugues Peeters <peeters@ipm.ucl.ac.be>
 * @param  - int $catId - id of the categories
 * @return - array containing 'id', 'title', 'comment', and 'nbline',
 */
 function get_cat_def($catId)
 {
 	global $TBL_USERINFO_DEF;
 	$catId = strval(intval($catId));
 	$sql = "SELECT id, title, comment, line_count, rank FROM ".$TBL_USERINFO_DEF." WHERE id = '$catId'";
 	$result = api_sql_query($sql,__FILE__,__LINE__);
-	if (mysql_num_rows($result) > 0)
+	if (Database::num_rows($result) > 0)
 	{
-		$catDef = mysql_fetch_array($result, MYSQL_ASSOC);
+		$catDef = Database::fetch_array($result, 'ASSOC');
 		$catDef['nbline'] = $catDef['line_count'];
 		return $catDef;
 	}
@ -574,14 +575,12 @@ function get_cat_def($catId)
 /**
 * get list of all this course categories
 *
- * @author - Christophe Gesché <gesche@ipm.ucl.ac.be>
+ * @author - Christophe Gesche <gesche@ipm.ucl.ac.be>
 * @author - Hugues Peeters <peeters@ipm.ucl.ac.be>
 * @return - array containing a list of arrays.
 *           And each of these arrays contains
 *           'catId', 'title', 'comment', and 'nbline',
 */
 function get_cat_def_list()
 {
 	global $TBL_USERINFO_DEF;
@ -592,9 +591,9 @@ function get_cat_def_list()
 	$result = api_sql_query($sql,__FILE__,__LINE__);
-	if (mysql_num_rows($result) > 0)
+	if (Database::num_rows($result) > 0)
 	{
-		while ($cat_def = mysql_fetch_array($result, MYSQL_ASSOC))
+		while ($cat_def = Database::fetch_array($result, 'ASSOC'))
 		{
 			$cat_def_list[]=$cat_def;
 		}