chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Feature #306 - Trimming whitespace from some system library files at the top level, from include-files and from some configuration files.

Browse Source
skala
Ivan Tcholakov 17 years ago
parent 89d78750b3
commit 96acaa4bd4
42 changed files with 2309 additions and 2309 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 30
      main/inc/banner.inc.php
  2. 6
      main/inc/conf/course_info.conf.dist.php
  3. 24
      main/inc/conf/mail.conf.dist.php
  4. 24
      main/inc/footer.inc.php
  5. 12
      main/inc/header.inc.php
  6. 18
      main/inc/introductionSection.inc.php
  7. 28
      main/inc/latex.php
  8. 220
      main/inc/lib/add_course.lib.inc.php
  9. 10
      main/inc/lib/array.lib.php
  10. 498
      main/inc/lib/blog.lib.php
  11. 32
      main/inc/lib/classmanager.lib.php
  12. 20
      main/inc/lib/debug.lib.inc.php
  13. 236
      main/inc/lib/document.lib.php
  14. 14
      main/inc/lib/events.lib.inc.php
  15. 32
      main/inc/lib/export.lib.inc.php
  16. 44
      main/inc/lib/fileDisplay.lib.php
  17. 2
      main/inc/lib/fileManage.lib.php
  18. 42
      main/inc/lib/fileUpload.lib.php
  19. 86
      main/inc/lib/groupmanager.lib.php
  20. 24
      main/inc/lib/image.lib.php
  21. 26
      main/inc/lib/import.lib.php
  22. 102
      main/inc/lib/legal.lib.php
  23. 2
      main/inc/lib/mail.lib.inc.php
  24. 32
      main/inc/lib/message.lib.php
  25. 88
      main/inc/lib/online.inc.php
  26. 60
      main/inc/lib/security.lib.php
  27. 54
      main/inc/lib/social.lib.php
  28. 66
      main/inc/lib/sortabletable.class.php
  29. 8
      main/inc/lib/specific_fields_manager.lib.php
  30. 244
      main/inc/lib/stats.lib.inc.php
  31. 102
      main/inc/lib/statsUtils.lib.inc.php
  32. 296
      main/inc/lib/surveymanager.lib.php
  33. 20
      main/inc/lib/system_announcements.lib.php
  34. 80
      main/inc/lib/tablesort.lib.php
  35. 142
      main/inc/lib/text.lib.php
  36. 604
      main/inc/lib/tracking.lib.php
  37. 6
      main/inc/lib/upload.xajax.php
  38. 398
      main/inc/lib/urlmanager.lib.php
  39. 218
      main/inc/lib/xht.lib.php
  40. 462
      main/inc/lib/xmd.lib.php
  41. 180
      main/inc/local.inc.php
  42. 26
      main/inc/tool_navigation_menu.inc.php

30
main/inc/banner.inc.php
Unescape View File

@ -13,7 +13,7 @@
<div id="header">
<div id="header1">
<div id="top_corner"></div>
<div id="top_corner"></div>
<div id="institution">
<a href="<?php echo api_get_path(WEB_PATH);?>index.php" target="_top"><?php echo api_get_setting('siteName') ?></a>
<?php
@ -44,7 +44,7 @@ if (!empty($_cid) and $_cid != -1 and isset($_course)) {
echo $_course['official_code'];
}
if(api_get_setting("use_session_mode") == "true" && isset($_SESSION['session_name'])) {
if(api_get_setting("use_session_mode") == "true" && isset($_SESSION['session_name'])) {
echo ' ('.$_SESSION['session_name'].')';
}
if (api_get_setting("display_coursecode_in_courselist") == "true" AND api_get_setting("display_teacher_in_courselist") == "true") {
@ -89,14 +89,14 @@ if (isset($_course['extLink']) && $_course['extLink']['name'] != "") {
} else {
echo $_course['extLink']['name'];
}
}
?>
</div>
<div id="header2">
<div id="Header2Right">
<ul>
<?php
<?php
if ((api_get_setting('showonline','world') == "true" AND !$_user['user_id']) OR (api_get_setting('showonline','users') == "true" AND $_user['user_id']) OR (api_get_setting('showonline','course') == "true" AND $_user['user_id'] AND $_cid)) {
if (api_get_setting("use_session_mode") == "true" && isset($_user['user_id']) && api_is_coach()) {
echo ' <li><a href="'.api_get_path(WEB_PATH).'whoisonlinesession.php?id_coach='.$_user['user_id'].'&amp;referer='.urlencode($_SERVER['REQUEST_URI']).'" target="_top">'.get_lang('UsersConnectedToMySessions').'</a></li>';
@ -110,7 +110,7 @@ if ((api_get_setting('showonline','world') == "true" AND !$_user['user_id']) OR
} else {
$number_online_in_course = 0;
}
echo "<li>";
// Display the who's online of the platform
if ((api_get_setting('showonline','world') == "true" AND !$_user['user_id']) OR (api_get_setting('showonline','users') == "true" AND $_user['user_id'])) {
@ -148,7 +148,7 @@ if ( api_is_allowed_to_edit() ) {
</div>
<div class="clear">&nbsp;</div>
</div>
<div id="header3">
<?php
/*
@ -162,7 +162,7 @@ if ($_user['user_id']) {
$login = '('.get_lang('Anonymous').')';
} else {
$uinfo = api_get_user_info(api_get_user_id());
$login = '('.$uinfo['username'].')';
$login = '('.$uinfo['username'].')';
}
?>
<!-- start user section line with name, my course, my profile, scorm info, etc -->
@ -216,7 +216,7 @@ if ($_user['user_id'] && !api_is_anonymous()) {
$menu_navigation['mygradebook'] = $possible_tabs['mygradebook'];
}
}
// Reporting
if (api_get_setting('show_tabs', 'reporting') == 'true') {
if(api_is_allowed_to_create_course() || $_user['status'] == DRH) {
@ -231,8 +231,8 @@ if ($_user['user_id'] && !api_is_anonymous()) {
$menu_navigation['session_my_space'] = $possible_tabs['session_my_progress'];
}
}
if(api_is_platform_admin(true)) {
if (api_get_setting('show_tabs', 'platform_administration') == 'true') {
$navigation['platform_admin'] = $possible_tabs['platform_admin'];
@ -254,7 +254,7 @@ foreach($navigation as $section => $navigation_info) {
?>
</ul>
<div style="clear: both;" class="clear"> </div>
</div>
</div>
<?php
/*
* if the user is a coach he can see the users who are logged in its session
@ -308,7 +308,7 @@ foreach($navigation as $index => $navigation_info) {
}
if (!empty($final_navigation)) {
echo '<div id="header4">';
echo '<div id="header4">';
echo implode(' &gt; ',$final_navigation);
echo '</div>';
}
@ -363,8 +363,8 @@ if (!$chat) {
-----------------------------------------------------------------------------
*/
if(api_get_setting('show_navigation_menu') != 'false' && api_get_setting('show_navigation_menu') != 'icons') {
Display::show_course_navigation_menu($_GET['isHidden']);
$course_id = api_get_course_id();
Display::show_course_navigation_menu($_GET['isHidden']);
$course_id = api_get_course_id();
if (!empty($course_id) && ($course_id != -1)) {
echo '<div id="menuButton">';
echo $output_string_menu;
@ -431,7 +431,7 @@ function get_tabs() {
// Gradebook
if (api_get_setting('gradebook_enable') == 'true') {
$navigation['mygradebook']['url'] = api_get_path(WEB_CODE_PATH).'gradebook/gradebook.php'.(!empty($_course['path']) ? '?coursePath='.$_course['path'].'&amp;courseCode='.$_course['official_code'] : '' );
$navigation['mygradebook']['url'] = api_get_path(WEB_CODE_PATH).'gradebook/gradebook.php'.(!empty($_course['path']) ? '?coursePath='.$_course['path'].'&amp;courseCode='.$_course['official_code'] : '' );
$navigation['mygradebook']['title'] = get_lang('MyGradebook');
}

6
main/inc/conf/course_info.conf.dist.php
Unescape View File

@ -36,7 +36,7 @@ $showLinkToExportThisCourse = TRUE;
$showLinkToBackupThisCourse = TRUE;
$showLinkToRecycleThisCourse = TRUE;
$showLinkToRestoreCourse = TRUE;
$showLinkToCopyThisCourse = TRUE;
$showLinkToCopyThisCourse = TRUE;
*/
// If true, these fileds keep the previous content.
/*
@ -58,8 +58,8 @@ $showExpirationDate = TRUE;
$showCreationDate = TRUE;
$showLastEdit = TRUE;
$showLastVisit = TRUE;
$canReportExpirationDate = TRUE; // need to be true
// if ScriptToReportExpirationDate
$canReportExpirationDate = TRUE; // need to be true
// if ScriptToReportExpirationDate
// is not automaticly called
//$linkToChangeDiskQuota = "changeQuota.php";
$urlScriptToReportExpirationDate = "postpone.php"; // external script to postpone the expiration of course.

24
main/inc/conf/mail.conf.dist.php
Unescape View File

@ -1,20 +1,20 @@
<?php
// ============================== mail =================================
// ============================== mail =================================
// smtp values for phpmailer Class
$platform_email['SMTP_FROM_EMAIL'] = $administrator["email"];
$platform_email['SMTP_FROM_NAME'] = $administrator["name"];
$platform_email['SMTP_HOST'] = 'localhost';
$platform_email['SMTP_PORT'] = 25;
$platform_email['SMTP_MAILER'] = 'mail'; //mail, sendmail or smtp
$platform_email['SMTP_AUTH'] = 0;
$platform_email['SMTP_USER'] = '';
// smtp values for phpmailer Class
$platform_email['SMTP_FROM_EMAIL'] = $administrator["email"];
$platform_email['SMTP_FROM_NAME'] = $administrator["name"];
$platform_email['SMTP_HOST'] = 'localhost';
$platform_email['SMTP_PORT'] = 25;
$platform_email['SMTP_MAILER'] = 'mail'; //mail, sendmail or smtp
$platform_email['SMTP_AUTH'] = 0;
$platform_email['SMTP_USER'] = '';
$platform_email['SMTP_PASS'] = '';
$platform_email['SMTP_CHARSET'] = 'ISO-8859-15';
$platform_email['SMTP_CHARSET'] = 'ISO-8859-15';
global $charset;
if (!empty($charset) && $charset != $platform_email['SMTP_CHARSET']) {
$platform_email['SMTP_CHARSET'] = $charset;
if (!empty($charset) && $charset != $platform_email['SMTP_CHARSET']) {
$platform_email['SMTP_CHARSET'] = $charset;
}
// ====================================================================
?>

24
main/inc/footer.inc.php
Unescape View File

@ -34,7 +34,7 @@ if (api_get_setting('show_navigation_menu') != 'false') {
</div> <!-- end of #wrapper section -->
<div id="footer"> <!-- start of #footer section -->
<div id="bottom_corner"></div>
<div id="bottom_corner"></div>
<div class="copyright">
<?php
global $_configuration;
@ -56,16 +56,16 @@ if (api_is_platform_admin()) {
-----------------------------------------------------------------------------
*/
api_plugin('footer');
if (api_get_setting('show_administrator_data')=='true') {
// Platform manager
echo '<span id="platformmanager">', get_lang('Manager'), ' : ', Display::encrypted_mailto_link(api_get_setting('emailAdministrator'), api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname')));
}
if (api_get_setting('show_tutor_data')=='true'){
// course manager
$id_course=api_get_course_id();
$id_session=api_get_session_id();
@ -75,21 +75,21 @@ if (api_get_setting('show_tutor_data')=='true'){
$mail=CourseManager::get_email_of_tutor_to_session($id_session);
echo '&nbsp;'.get_lang('Tutor')." : ";
foreach ($mail as $v=>$k) {
echo Display::encrypted_mailto_link($v,$k);
echo Display::encrypted_mailto_link($v,$k);
}
}
echo '</span>';
}
}
}
if (api_get_setting('show_teacher_data')=='true') {
if (api_get_setting('show_teacher_data')=='true') {
// course manager
$id_course=api_get_course_id();
if (isset($id_course) && $id_course!=-1) {
echo '<span id="coursemanager">';
$mail=CourseManager::get_emails_of_tutors_to_course($id_course);
if (!empty($mail)) {
if (!empty($mail)) {
if (count($mail)>1){
$bar='&nbsp;|&nbsp;';
echo '&nbsp;'.get_lang('Teachers').' : ';
@ -99,13 +99,13 @@ if (api_get_setting('show_teacher_data')=='true') {
}
foreach ($mail as $value=>$key) {
foreach ($key as $email=>$name){
echo Display::encrypted_mailto_link($email,$name).$bar;
echo Display::encrypted_mailto_link($email,$name).$bar;
}
}
}
echo '</span>';
}
}
}

12
main/inc/header.inc.php
Unescape View File

@ -170,18 +170,18 @@ if ( ( navigator.userAgent.toLowerCase().indexOf('msie') != -1 ) && ( navigator.
window.attachEvent( 'onunload', function()
{
window['__flash__removeCallback'] = function ( instance, name )
{
{
try
{
{
if ( instance )
{
instance[name] = null ;
}
{
instance[name] = null ;
}
}
catch ( flashEx )
{
}
}
} ;
}
) ;

18
main/inc/introductionSection.inc.php
Unescape View File

@ -93,10 +93,10 @@ if ($intro_editAllowed) {
if ( $intro_cmdUpdate ) {
if ( $form->validate()) {
$form_values = $form->exportValues();
$intro_content = Security::remove_XSS(stripslashes(api_html_entity_decode($form_values['intro_content'])), COURSEMANAGERLOWSECURITY);
if ( ! empty($intro_content) ) {
$sql = "REPLACE $TBL_INTRODUCTION SET id='$moduleId',intro_text='".Database::escape_string($intro_content)."'";
api_sql_query($sql,__FILE__,__LINE__);
@ -104,7 +104,7 @@ if ($intro_editAllowed) {
} else {
$intro_cmdDel = true; // got to the delete command
}
} else {
$intro_cmdEdit = true;
}
@ -138,7 +138,7 @@ if ($intro_cmdEdit || $intro_cmdAdd) {
$intro_dispForm = true;
$intro_dispCommand = false;
} else {
$intro_dispDefault = true;
$intro_dispForm = false;
@ -147,7 +147,7 @@ if ($intro_cmdEdit || $intro_cmdAdd) {
} else {
$intro_dispCommand = false;
}
}
/* Executes the display */
@ -181,9 +181,9 @@ if ($intro_dispCommand) {
echo "<a href=\"".api_get_self()."?intro_cmdAdd=1\">\n".get_lang('AddIntro')."</a>\n";
}
echo "</p>\n</div>";
} else {
// displays "edit intro && delete intro" Commands
echo "<div id=\"courseintro_icons\"><p>\n";
if (!empty ($GLOBALS["_cid"])) {
@ -194,8 +194,8 @@ if ($intro_dispCommand) {
echo "<a href=\"".api_get_self()."?intro_cmdDel=1\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang('ConfirmYourChoice'),ENT_QUOTES,$charset))."')) return false;\"><img src=\"".api_get_path(WEB_CODE_PATH)."img/delete.gif\" alt=\"".get_lang('Delete')."\" border=\"0\" /></a>\n";
}
echo "</p>\n</div>";
}
}
?>

28
main/inc/latex.php
Unescape View File

@ -9,50 +9,50 @@
/*
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2004-2006 Dokeos S.A.
Copyright (c) 2003 Ghent University (UGent)
Copyright (c) Patrick Cool <patrick.cool@UGent.be>, Ghent University
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact address: Dokeos, 44 rue des palais, B-1030 Brussels, Belgium
Mail: info@dokeos.com
==============================================================================
*/
/*
==============================================================================
INIT SECTION
==============================================================================
*/
include("../inc/global.inc.php");
*/
include("../inc/global.inc.php");
/*
==============================================================================
FUNCTIONS
==============================================================================
*/
*/
// put your functions here
// if the list gets large, divide them into different sections:
// display functions, tool logic functions, database functions
// display functions, tool logic functions, database functions
// try to place your functions into an API library or separate functions file - it helps reuse
/*
==============================================================================
MAIN CODE
==============================================================================
*/
*/
$code = Security::remove_XSS($_GET['code']);
@ -68,9 +68,9 @@ echo '<img src="'.api_get_path(WEB_COURSE_PATH).$_course['path'].'/temp/'.$code.
echo '</div>';
/*
==============================================================================
FOOTER
FOOTER
==============================================================================
*/
*/
?>
</body>
</html>

220
main/inc/lib/add_course.lib.inc.php
Unescape View File

@ -83,7 +83,7 @@ function generate_course_code($course_title, $encoding = null)
function define_course_keys($wantedCode, $prefix4all = "", $prefix4baseName = "", $prefix4path = "", $addUniquePrefix = false, $useCodeInDepedentKeys = true)
{
global $prefixAntiNumber, $_configuration;
$course_table = Database :: get_main_table(TABLE_MAIN_COURSE);
$course_table = Database :: get_main_table(TABLE_MAIN_COURSE);
$wantedCode = generate_course_code($wantedCode);
$keysCourseCode = $wantedCode;
if(!$useCodeInDepedentKeys)
@ -290,7 +290,7 @@ function update_Db_course($courseDbName)
// Student Publication
$TABLETOOLWORKS = $courseDbName . 'student_publication';
$TABLETOOLWORKSASS = $courseDbName . 'student_publication_assignment';
// Document
$TABLETOOLDOCUMENT = $courseDbName . 'document';
@ -376,11 +376,11 @@ function update_Db_course($courseDbName)
// Course settings
$TABLESETTING = $courseDbName . 'course_setting';
// Glossary
$TBL_GLOSSARY = $courseDbName . 'glossary';
// Notebook
// Notebook
$TBL_NOTEBOOK = $courseDbName . 'notebook';
/*
-----------------------------------------------------------
@ -401,7 +401,7 @@ function update_Db_course($courseDbName)
api_sql_query($sql, __FILE__, __LINE__);
$sql = "ALTER TABLE `".$TABLETOOLANNOUNCEMENTS . "` ADD INDEX ( session_id ) ";
api_sql_query($sql, __FILE__, __LINE__);
/*
-----------------------------------------------------------
@ -520,7 +520,7 @@ function update_Db_course($courseDbName)
api_sql_query($sql, __FILE__, __LINE__);
$sql = "ALTER TABLE `".$TABLETOOLFORUMTHREAD . "` ADD INDEX idx_forum_thread_forum_id (forum_id)";
api_sql_query($sql, __FILE__, __LINE__);
// Forum Posts
$sql = "
CREATE TABLE `".$TABLETOOLFORUMPOST . "` (
@ -555,8 +555,8 @@ function update_Db_course($courseDbName)
) TYPE=MyISAM";
api_sql_query($sql, __FILE__, __LINE__);
// Forum Attachment
$sql = "CREATE TABLE `".$TABLETOOLFORUMATTACHMENT."` (
id int NOT NULL auto_increment,
@ -568,7 +568,7 @@ function update_Db_course($courseDbName)
PRIMARY KEY (id)
)";
api_sql_query($sql, __FILE__, __LINE__);
// Forum notification
$sql = "CREATE TABLE `".$TABLETOOLFORUMNOTIFICATION."` (
user_id int,
@ -578,8 +578,8 @@ function update_Db_course($courseDbName)
KEY user_id (user_id),
KEY forum_id (forum_id)
)";
api_sql_query($sql, __FILE__, __LINE__);
api_sql_query($sql, __FILE__, __LINE__);
// Forum thread qualify :Add table forum_thread_qualify
$sql = "CREATE TABLE `".$TABLETOOLFORUMQUALIFY."` (
id int unsigned PRIMARY KEY AUTO_INCREMENT,
@ -593,7 +593,7 @@ function update_Db_course($courseDbName)
api_sql_query($sql, __FILE__, __LINE__);
$sql = "ALTER TABLE `".$TABLETOOLFORUMQUALIFY . "` ADD INDEX (user_id, thread_id)";
api_sql_query($sql, __FILE__, __LINE__);
//Forum thread qualify: Add table forum_thread_qualify_historical
$sql = "CREATE TABLE `".$TABLETOOLFORUMQUALIFYLOG."` (
id int unsigned PRIMARY KEY AUTO_INCREMENT,
@ -648,7 +648,7 @@ function update_Db_course($courseDbName)
api_sql_query($sql, __FILE__, __LINE__);
$sql = "ALTER TABLE `".$TABLEQUIZQUESTIONLIST . "` ADD INDEX (position)";
api_sql_query($sql, __FILE__, __LINE__);
// Exercise tool - answers
$sql = "
CREATE TABLE `".$TABLEQUIZANSWERSLIST . "` (
@ -734,22 +734,22 @@ function update_Db_course($courseDbName)
$sql = "
CREATE TABLE `".$TABLETOOLAGENDAREPEAT. "` (
cal_id INT DEFAULT 0 NOT NULL,
cal_type VARCHAR(20),
cal_end INT,
cal_frequency INT DEFAULT 1,
cal_days CHAR(7),
cal_type VARCHAR(20),
cal_end INT,
cal_frequency INT DEFAULT 1,
cal_days CHAR(7),
PRIMARY KEY (cal_id)
)";
api_sql_query($sql,__FILE__,__LINE__);
$sql = "
CREATE TABLE `".$TABLETOOLAGENDAREPEATNOT."` (
cal_id INT NOT NULL,
cal_date INT NOT NULL,
cal_id INT NOT NULL,
cal_date INT NOT NULL,
PRIMARY KEY ( cal_id, cal_date )
)";
api_sql_query($sql,__FILE__,__LINE__);
// Agenda Attachment
$sql = "CREATE TABLE `".$TABLETOOLAGENDAATTACHMENT."` (
id int NOT NULL auto_increment,
@ -760,7 +760,7 @@ function update_Db_course($courseDbName)
filename varchar(255) NOT NULL,
PRIMARY KEY (id)
)";
api_sql_query($sql, __FILE__, __LINE__);
api_sql_query($sql, __FILE__, __LINE__);
/*
-----------------------------------------------------------
Document tool
@ -807,8 +807,8 @@ function update_Db_course($courseDbName)
PRIMARY KEY (id)
)";
api_sql_query($sql, __FILE__, __LINE__);
$sql = "
$sql = "
CREATE TABLE `".$TABLETOOLWORKSASS."` (
id int NOT NULL auto_increment,
expires_on datetime NOT NULL default '0000-00-00 00:00:00',
@ -852,10 +852,10 @@ function update_Db_course($courseDbName)
/*
-----------------------------------------------------------
Wiki
Wiki
-----------------------------------------------------------
*/
$sql = "CREATE TABLE `".$TABLETOOLWIKI . "` (
id int NOT NULL auto_increment,
page_id int NOT NULL default 0,
@ -864,14 +864,14 @@ function update_Db_course($courseDbName)
content mediumtext NOT NULL,
user_id int NOT NULL default 0,
group_id int DEFAULT NULL,
dtime datetime NOT NULL default '0000-00-00 00:00:00',
dtime datetime NOT NULL default '0000-00-00 00:00:00',
addlock int NOT NULL default 1,
editlock int NOT NULL default 0,
visibility int NOT NULL default 1,
visibility int NOT NULL default 1,
addlock_disc int NOT NULL default 1,
visibility_disc int NOT NULL default 1,
ratinglock_disc int NOT NULL default 1,
assignment int NOT NULL default 0,
ratinglock_disc int NOT NULL default 1,
assignment int NOT NULL default 0,
comment text NOT NULL,
progress text NOT NULL,
score int NULL default 0,
@ -879,19 +879,19 @@ function update_Db_course($courseDbName)
is_editing int NOT NULL default 0,
time_edit datetime NOT NULL default '0000-00-00 00:00:00',
hits int default 0,
linksto text NOT NULL,
tag text NOT NULL,
user_ip varchar(39) NOT NULL,
linksto text NOT NULL,
tag text NOT NULL,
user_ip varchar(39) NOT NULL,
PRIMARY KEY (id),
KEY reflink (reflink),
KEY group_id (group_id),
KEY page_id (page_id)
)";
api_sql_query($sql, __FILE__, __LINE__);
//
$sql = "CREATE TABLE `".$TABLEWIKICONF . "` (
page_id int NOT NULL default 0,
page_id int NOT NULL default 0,
task text NOT NULL,
feedback1 text NOT NULL,
feedback2 text NOT NULL,
@ -906,24 +906,24 @@ function update_Db_course($courseDbName)
enddate_assig datetime NOT NULL default '0000-00-00 00:00:00',
delayedsubmit int NOT NULL default 0,
KEY page_id (page_id)
)";
)";
api_sql_query($sql, __FILE__, __LINE__);
//
$sql = "CREATE TABLE `".$TABLEWIKIDISCUSS . "` (
id int NOT NULL auto_increment,
publication_id int NOT NULL default 0,
userc_id int NOT NULL default 0,
comment text NOT NULL,
p_score varchar(255) default NULL,
dtime datetime NOT NULL default '0000-00-00 00:00:00',
dtime datetime NOT NULL default '0000-00-00 00:00:00',
PRIMARY KEY (id)
)";
api_sql_query($sql, __FILE__, __LINE__);
//
$sql = "CREATE TABLE `".$TABLEWIKIMAILCUE . "` (
id int NOT NULL,
user_id int NOT NULL,
@ -931,10 +931,10 @@ function update_Db_course($courseDbName)
group_id int DEFAULT NULL,
KEY (id)
)";
api_sql_query($sql, __FILE__, __LINE__);
api_sql_query($sql, __FILE__, __LINE__);
/*
-----------------------------------------------------------
Online
@ -1072,9 +1072,9 @@ function update_Db_course($courseDbName)
PRIMARY KEY (id),
UNIQUE KEY UN_filename (filename)
)", __FILE__, __LINE__);
api_sql_query("ALTER TABLE `$TABLETOOLDROPBOXFILE` ADD INDEX ( `session_id` )", __FILE__, __LINE__);
api_sql_query("
CREATE TABLE `".$TABLETOOLDROPBOXPOST . "` (
file_id int unsigned NOT NULL,
@ -1085,7 +1085,7 @@ function update_Db_course($courseDbName)
session_id SMALLINT UNSIGNED NOT NULL,
PRIMARY KEY (file_id,dest_user_id)
)", __FILE__, __LINE__);
api_sql_query("ALTER TABLE `$TABLETOOLDROPBOXPOST` ADD INDEX ( `session_id` )", __FILE__, __LINE__);
api_sql_query("
@ -1139,10 +1139,10 @@ function update_Db_course($courseDbName)
"prevent_reinit tinyint unsigned not null default 1," . //stores the default behaviour regarding items re-initialisation when viewed a second time after success
"js_lib tinytext not null default ''," . //the JavaScript library to load for this lp
"debug tinyint unsigned not null default 0," . //stores the default behaviour regarding items re-initialisation when viewed a second time after success
"theme varchar(255) not null default '', " . //stores the theme of the LP
"theme varchar(255) not null default '', " . //stores the theme of the LP
"preview_image varchar(255) not null default '', " . //stores the theme of the LP
"author varchar(255) not null default '', " . //stores the theme of the LP
"session_id int unsigned not null default 0 " . //the session_id
"session_id int unsigned not null default 0 " . //the session_id
")";
if(!api_sql_query($sql, __FILE__, __LINE__))
{
@ -1170,7 +1170,7 @@ function update_Db_course($courseDbName)
{
error_log($sql,0);
}
$sql = "CREATE TABLE IF NOT EXISTS `$TABLELPITEM` (" .
"id int unsigned primary key auto_increment," . //unique ID from MySQL
"lp_id int unsigned not null," . //lp_id from 'lp'
@ -1254,7 +1254,7 @@ function update_Db_course($courseDbName)
{
error_log($sql,0);
}
$sql = "CREATE TABLE IF NOT EXISTS `$TABLELPIVOBJECTIVE`(" .
"id bigint unsigned primary key auto_increment," .
"lp_iv_id bigint unsigned not null," . //identifier of the related sco_view
@ -1387,7 +1387,7 @@ function update_Db_course($courseDbName)
{
error_log($sql, 0);
}
$sql ="CREATE TABLE `" .$tbl_blogs_attachment."` (
id int unsigned NOT NULL auto_increment,
path varchar(255) NOT NULL COMMENT 'the real filename',
@ -1399,14 +1399,14 @@ function update_Db_course($courseDbName)
comment_id int NOT NULL default '0',
PRIMARY KEY (id)
)";
if(!api_sql_query($sql, __FILE__, __LINE__))
{
error_log($sql, 0);
}
$sql = "
CREATE TABLE `" . $tbl_permission_group . "` (
@ -1547,14 +1547,14 @@ function update_Db_course($courseDbName)
mail_subject VARCHAR( 255 ) NOT NULL,
anonymous enum('0','1') NOT NULL default '0',
access_condition TEXT DEFAULT NULL,
shuffle bool NOT NULL default '0',
one_question_per_page bool NOT NULL default '0',
survey_version varchar(255) NOT NULL default '',
parent_id int unsigned NOT NULL,
shuffle bool NOT NULL default '0',
one_question_per_page bool NOT NULL default '0',
survey_version varchar(255) NOT NULL default '',
parent_id int unsigned NOT NULL,
survey_type int NOT NULL default 0,
show_form_profile int NOT NULL default 0,
form_fields TEXT NOT NULL,
session_id SMALLINT unsigned NOT NULL default 0,
form_fields TEXT NOT NULL,
session_id SMALLINT unsigned NOT NULL default 0,
PRIMARY KEY (survey_id)
)";
@ -1598,7 +1598,7 @@ function update_Db_course($courseDbName)
survey_id int unsigned NOT NULL,
option_text text NOT NULL,
sort int NOT NULL,
value int NOT NULL default '0',
value int NOT NULL default '0',
PRIMARY KEY (question_option_id)
)";
$result = api_sql_query($sql, __FILE__, __LINE__) or die(mysql_error($sql));
@ -1617,30 +1617,30 @@ function update_Db_course($courseDbName)
$sql = "CREATE TABLE `".$TABLESURVEYGROUP."` (
id int unsigned NOT NULL auto_increment,
name varchar(20) NOT NULL,
description varchar(255) NOT NULL,
description varchar(255) NOT NULL,
survey_id int unsigned NOT NULL,
PRIMARY KEY (id)
)";
$result = api_sql_query($sql, __FILE__, __LINE__) or die(mysql_error($sql));
// table glosary
$sql = "CREATE TABLE `".$TBL_GLOSSARY."` (
glossary_id int unsigned NOT NULL auto_increment,
glossary_id int unsigned NOT NULL auto_increment,
name varchar(255) NOT NULL,
description text not null,
display_order int,
display_order int,
PRIMARY KEY (glossary_id)
)";
$result = api_sql_query($sql, __FILE__, __LINE__) or die(mysql_error($sql));
// table notebook
$sql = "CREATE TABLE `".$TBL_NOTEBOOK."` (
notebook_id int unsigned NOT NULL auto_increment,
user_id int unsigned NOT NULL,
course varchar(40) not null,
course varchar(40) not null,
session_id int NOT NULL default 0,
title varchar(255) NOT NULL,
title varchar(255) NOT NULL,
description text NOT NULL,
creation_date datetime NOT NULL default '0000-00-00 00:00:00',
update_date datetime NOT NULL default '0000-00-00 00:00:00',
@ -1648,7 +1648,7 @@ function update_Db_course($courseDbName)
PRIMARY KEY (notebook_id)
)";
$result = api_sql_query($sql, __FILE__, __LINE__) or die(mysql_error($sql));
return 0;
}
@ -1673,7 +1673,7 @@ function browse_folders($path, $files, $media)
if(is_dir($path))
{
$handle = opendir($path);
while (false !== ($file = readdir($handle)))
while (false !== ($file = readdir($handle)))
{
if(is_dir($path.$file) && strpos($file,'.')!==0)
{
@ -1756,7 +1756,7 @@ function fill_course_repository($courseRepository)
}
$handle = opendir($img_code_path);
foreach($pictures_array as $key => $value)
{
if($value["dir"]!="")
@ -1769,20 +1769,20 @@ function fill_course_repository($courseRepository)
chmod($course_documents_folder_images.$value["file"],$perm_file);
}
}
//trainer thumbnails fix
$path_thumb=mkdir($course_documents_folder_images.'trainer/.thumbs',$perm);
$handle = opendir($img_code_path.'trainer/.thumbs/');
while (false !== ($file = readdir($handle)))
$path_thumb=mkdir($course_documents_folder_images.'trainer/.thumbs',$perm);
$handle = opendir($img_code_path.'trainer/.thumbs/');
while (false !== ($file = readdir($handle)))
{
if (is_file($img_code_path.'trainer/.thumbs/'.$file))
{
copy($img_code_path.'trainer/.thumbs/'.$file,$course_documents_folder_images.'trainer/.thumbs/'.$file);
chmod($course_documents_folder_images.'trainer/.thumbs/'.$file,$perm_file);
}
}
}
}
$default_document_array['images']=$pictures_array;
@ -1977,7 +1977,7 @@ function fill_Db_course($courseDbName, $courseRepository, $language,$default_doc
api_sql_query("INSERT INTO `" . $tbl_course_homepage . "` VALUES (NULL, '" . TOOL_GROUP . "','group/group.php','group.gif','".string2binary(api_get_setting('course_create_active_tools', 'groups')) . "','0','squaregrey.gif','NO','_self','interaction')", __FILE__, __LINE__);
api_sql_query("INSERT INTO `" . $tbl_course_homepage . "` VALUES (NULL, '" . TOOL_CHAT . "','chat/chat.php','chat.gif','".string2binary(api_get_setting('course_create_active_tools', 'chat')) . "','0','squaregrey.gif','NO','_self','interaction')", __FILE__, __LINE__);
api_sql_query("INSERT INTO `" . $tbl_course_homepage . "` VALUES (NULL, '" . TOOL_STUDENTPUBLICATION . "','work/work.php','works.gif','".string2binary(api_get_setting('course_create_active_tools', 'student_publications')) . "','0','squaregrey.gif','NO','_self','interaction')", __FILE__, __LINE__);
api_sql_query("INSERT INTO `" . $tbl_course_homepage . "` VALUES (NULL, '" . TOOL_SURVEY."','survey/survey_list.php','survey.gif','".string2binary(api_get_setting('course_create_active_tools', 'survey')) . "','0','squaregrey.gif','NO','_self','interaction')", __FILE__, __LINE__);
api_sql_query("INSERT INTO `" . $tbl_course_homepage . "` VALUES (NULL, '" . TOOL_SURVEY."','survey/survey_list.php','survey.gif','".string2binary(api_get_setting('course_create_active_tools', 'survey')) . "','0','squaregrey.gif','NO','_self','interaction')", __FILE__, __LINE__);
api_sql_query("INSERT INTO `" . $tbl_course_homepage . "` VALUES (NULL, '" . TOOL_WIKI ."','wiki/index.php','wiki.gif','".string2binary(api_get_setting('course_create_active_tools', 'wiki')) . "','0','squaregrey.gif','NO','_self','interaction')", __FILE__, __LINE__);
api_sql_query("INSERT INTO `" . $tbl_course_homepage . "` VALUES (NULL, '" . TOOL_GRADEBOOK."','gradebook/index.php','gradebook.gif','".string2binary(api_get_setting('course_create_active_tools', 'gradebook')). "','0','squaregrey.gif','NO','_self','authoring')", __FILE__, __LINE__);
api_sql_query("INSERT INTO `" . $tbl_course_homepage . "` VALUES (NULL, '" . TOOL_GLOSSARY."','glossary/index.php','glossary.gif','".string2binary(api_get_setting('course_create_active_tools', 'glossary')). "','0','squaregrey.gif','NO','_self','authoring')", __FILE__, __LINE__);
@ -2030,15 +2030,15 @@ function fill_Db_course($courseDbName, $courseRepository, $language,$default_doc
Course homepage tools for platform admin only
-----------------------------------------------------------
*/
/*
-----------------------------------------------------------
Group tool
-----------------------------------------------------------
*/
api_sql_query("INSERT INTO `".$TABLEGROUPCATEGORIES . "` ( id , title , description , max_student , self_reg_allowed , self_unreg_allowed , groups_per_user , display_order ) VALUES ('2', '".lang2db(get_lang('DefaultGroupCategory')) . "', '', '8', '0', '0', '0', '0');", __FILE__, __LINE__);
/*
-----------------------------------------------------------
@ -2046,10 +2046,10 @@ function fill_Db_course($courseDbName, $courseRepository, $language,$default_doc
-----------------------------------------------------------
*/
global $language_interface;
// Example material in the same language
// Example material in the same language
$language_interface_tmp=$language_interface;
$language_interface=$language;
$language_interface=$language;
if(api_get_setting('example_material_course_creation')<>'false')
{
@ -2122,7 +2122,7 @@ function fill_Db_course($courseDbName, $courseRepository, $language,$default_doc
$image_id = Database :: get_last_insert_id();
api_sql_query("INSERT INTO `".$TABLEITEMPROPERTY . "` (tool,insert_user_id,insert_date,lastedit_date,ref,lastedit_type,lastedit_user_id,to_group_id,to_user_id,visibility) VALUES ('document',1,NOW(),NOW(),$image_id,'DocumentAdded',1,0,NULL,0)", __FILE__, __LINE__);
}
if($value["file"]!="")
{
$temp=explode("/",$value["file"]);
@ -2183,15 +2183,15 @@ function fill_Db_course($courseDbName, $courseRepository, $language,$default_doc
Introduction text
-----------------------------------------------------------
*/
$intro_text='<table width="100%" border="0" cellpadding="0" cellspacing="0"><tr><td width="110" valign="middle" align="left"><img src="'.api_get_path(REL_CODE_PATH).'img/mr_dokeos.png" alt="mr. Dokeos" title="mr. Dokeos" /></td><td valign="middle" align="left">'.lang2db(get_lang('IntroductionText')).'</td></tr></table>';
api_sql_query("INSERT INTO `".$TABLEINTROS . "` VALUES ('" . TOOL_COURSE_HOMEPAGE . "','".$intro_text. "')", __FILE__, __LINE__);
api_sql_query("INSERT INTO `".$TABLEINTROS . "` VALUES ('" . TOOL_STUDENTPUBLICATION . "','".lang2db(get_lang('IntroductionTwo')) . "')", __FILE__, __LINE__);
//wiki intro
$intro_wiki='<table width="100%" border="0" cellpadding="0" cellspacing="0"><tr><td width="110" valign="top" align="left"></td><td valign="top" align="left">'.lang2db(get_lang('IntroductionWiki')).'</td></tr></table>';
api_sql_query("INSERT INTO `".$TABLEINTROS . "` VALUES ('" . TOOL_WIKI . "','".$intro_wiki. "')",__FILE__,__LINE__);
api_sql_query("INSERT INTO `".$TABLEINTROS . "` VALUES ('" . TOOL_WIKI . "','".$intro_wiki. "')",__FILE__,__LINE__);
/*
-----------------------------------------------------------
Exercise tool
@ -2227,8 +2227,8 @@ function fill_Db_course($courseDbName, $courseRepository, $language,$default_doc
api_sql_query("INSERT INTO `$TABLEFORUMPOSTS` VALUES (1, '".lang2db(get_lang('ExampleThread'))."', '".lang2db(get_lang('ExampleThreadContent'))."', 1, 1, 1, '', NOW(), 0, 0, 1)", __FILE__, __LINE__);
}
$language_interface=$language_interface_tmp;
$language_interface=$language_interface_tmp;
return 0;
};
@ -2333,14 +2333,14 @@ function register_course($courseSysCode, $courseScreenCode, $courseRepository, $
last_visit = NULL,
tutor_name = '".Database :: escape_string($titular) . "',
visual_code = '".Database :: escape_string($courseScreenCode) . "'";
api_sql_query($sql, __FILE__, __LINE__);
$sort = api_max_sort_value('0', api_get_user_id());
require_once (api_get_path(LIBRARY_PATH).'course.lib.php');
$i_course_sort = CourseManager :: userCourseSort($uidCreator,$courseSysCode);
$sql = "INSERT INTO ".$TABLECOURSUSER . " SET
course_code = '".addslashes($courseSysCode) . "',
user_id = '".Database::escape_string($uidCreator) . "',
@ -2367,22 +2367,22 @@ function register_course($courseSysCode, $courseScreenCode, $courseRepository, $
//adding the course to an URL
global $_configuration;
require_once (api_get_path(LIBRARY_PATH).'urlmanager.lib.php');
if ($_configuration['multiple_access_urls']==true) {
$url_id=1;
if ($_configuration['multiple_access_urls']==true) {
$url_id=1;
if (api_get_current_access_url_id()!=-1) {
$url_id=api_get_current_access_url_id();
}
UrlManager::add_course_to_url($courseSysCode,$url_id);
}
UrlManager::add_course_to_url($courseSysCode,$url_id);
} else {
UrlManager::add_course_to_url($courseSysCode,1);
}
// add event to system log
// add event to system log
$time = time();
$user_id = api_get_user_id();
$user_id = api_get_user_id();
event_system(LOG_COURSE_CREATE, LOG_COURSE_CODE, $courseSysCode, $time, $user_id, $courseSysCode);
}
return 0;
}
@ -2413,8 +2413,8 @@ function readPropertiesInArchive($archive, $isCompressed = TRUE) {
Before PHP 4.0.6, the behaviour of tempnam() depended of the underlying OS.
Under Windows, the "TMP" environment variable replaces the dir parameter;
under Linux, the "TMPDIR" environment variable has priority, while for the
OSes based on system V R4, the dir parameter will always be used if the
directory which it represents exists. Consult your documentation for more
OSes based on system V R4, the dir parameter will always be used if the
directory which it represents exists. Consult your documentation for more
details.
tempnam() returns the temporary filename, or the string NULL upon failure.
*/

10
main/inc/lib/array.lib.php
Unescape View File

@ -1,4 +1,4 @@
<?php
<?php
/* For licensing terms, see /dokeos_license.txt */
/**
==============================================================================
@ -18,9 +18,9 @@
/**
* Removes duplicate values from a dimensional array
*
* @param array a dimensional array
* @return array an array with unique values
*
* @param array a dimensional array
* @return array an array with unique values
*/
function array_unique_dimensional($array)
{
@ -30,7 +30,7 @@ function array_unique_dimensional($array)
foreach ($array as &$myvalue){
$myvalue=serialize($myvalue);
}
$array=array_unique($array);
foreach ($array as &$myvalue){

498
main/inc/lib/blog.lib.php
View File

File diff suppressed because it is too large Load Diff

32
main/inc/lib/classmanager.lib.php
Unescape View File

@ -1,32 +1,32 @@
<?php
/*
==============================================================================
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2004 Dokeos S.A.
Copyright (c) 2003 Ghent University (UGent)
Copyright (c) 2001 Universite catholique de Louvain (UCL)
Copyright (c) Bart Mollet, Hogeschool Gent
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact address: Dokeos, 44 rue des palais, B-1030 Brussels, Belgium
Mail: info@dokeos.com
==============================================================================
==============================================================================
*/
/**
==============================================================================
==============================================================================
* This is the class library for Dokeos.
* @package dokeos.library
==============================================================================
==============================================================================
*/
require_once (api_get_path(LIBRARY_PATH).'course.lib.php');
/**
@ -83,7 +83,7 @@ class ClassManager
}
/**
* Delete a class
* @param int $class_id
* @param int $class_id
* @todo Add option to unsubscribe class-members from the courses where the
* class was subscibed to
*/
@ -102,7 +102,7 @@ class ClassManager
/**
* Get all users from a class
* @param int $class_id
* @return array
* @return array
*/
function get_users($class_id)
{
@ -165,7 +165,7 @@ class ClassManager
/**
* Get all courses in which a class is subscribed
* @param int $class_id
* @return array
* @return array
*/
function get_courses($class_id)
{
@ -200,7 +200,7 @@ class ClassManager
}
}
/**
* Unsubscribe a class from a course.
* Unsubscribe a class from a course.
* Only students are unsubscribed. If a user is member of 2 classes which
* are both subscribed to the course, the user stays in the course.
* @param int $class_id The class id
@ -227,11 +227,11 @@ class ClassManager
$sql = "DELETE FROM $tbl_course_class WHERE course_code = '".mysql_real_escape_string($course_code)."' AND class_id = '".mysql_real_escape_string($class_id)."'";
api_sql_query($sql, __FILE__, __LINE__);
}
/**
* Get the class-id
* Get the class-id
* @param string $name The class name
* @return int the ID of the class
* @return int the ID of the class
*/
function get_class_id($name)
{

20
main/inc/lib/debug.lib.inc.php
Unescape View File

@ -1,34 +1,34 @@
<?php
/*
==============================================================================
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2004 Dokeos S.A.
Copyright (c) 2003 Ghent University (UGent)
Copyright (c) 2001 Universite catholique de Louvain (UCL)
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact: Dokeos, 181 rue Royale, B-1000 Brussels, Belgium, info@dokeos.com
==============================================================================
==============================================================================
*/
/**
==============================================================================
==============================================================================
* This is the debug library for Dokeos.
* Include/require it in your code to use its functionality.
*
* debug functions
*
* @package dokeos.library
==============================================================================
==============================================================================
*/
/**
@ -94,7 +94,7 @@ function debug_paths()
echo 'INCLUDE_PATH :'.api_get_path(INCLUDE_PATH).'<br />';
echo 'LIBRARY_PATH :'.api_get_path(LIBRARY_PATH).'<br />';
echo 'CONFIGURATION_PATH :'.api_get_path(CONFIGURATION_PATH).'<br />';
}

236
main/inc/lib/document.lib.php
Unescape View File

@ -2,27 +2,27 @@
/*
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2004-2008 Dokeos SPRL
Copyright (c) 2003 Ghent University (UGent)
Copyright (c) Roan Embrechts, Vrije Universiteit Brussel
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact address: Dokeos, rue du Corbeau, 108, B-1030 Brussels, Belgium
Mail: info@dokeos.com
==============================================================================
*/
/**
==============================================================================
==============================================================================
* This is the document library for Dokeos.
* It is / will be used to provide a service layer to all document-using tools.
* and eliminate code duplication fro group documents, scorm documents, main documents.
@ -30,20 +30,20 @@
*
* @version 1.1, January 2005
* @package dokeos.library
==============================================================================
==============================================================================
*/
/*
==============================================================================
==============================================================================
DOCUMENTATION
use the functions like this: DocumentManager::get_course_quota()
==============================================================================
==============================================================================
*/
/*
==============================================================================
==============================================================================
CONSTANTS
==============================================================================
==============================================================================
*/
define("DISK_QUOTA_FIELD", "disk_quota"); //name of the database field
@ -51,9 +51,9 @@ define("DISK_QUOTA_FIELD", "disk_quota"); //name of the database field
define("DEFAULT_DOCUMENT_QUOTA", api_get_setting('default_document_quotum'));
/*
==============================================================================
==============================================================================
VARIABLES
==============================================================================
==============================================================================
*/
$sys_course_path = api_get_path(SYS_COURSE_PATH);
@ -62,10 +62,10 @@ $baseServUrl = $_configuration['url_append']."/";
$baseWorkDir = $sys_course_path.(!empty($courseDir)?$courseDir:'');
/*
==============================================================================
==============================================================================
DocumentManager CLASS
the class and its functions
==============================================================================
==============================================================================
*/
/**
@ -73,7 +73,7 @@ $baseWorkDir = $sys_course_path.(!empty($courseDir)?$courseDir:'');
*/
class DocumentManager {
private function __construct() {
}
/**
* @return the document folder quuta of the current course, in bytes
@ -148,7 +148,7 @@ class DocumentManager {
"ez" => "application/andrew-inset",
"gif" => "image/gif",
"gtar" => "application/x-gtar",
"gz" => "application/x-gzip",
"gz" => "application/x-gzip",
"hdf" => "application/x-hdf",
"hqx" => "application/mac-binhex40",
"htm" => "text/html",
@ -259,8 +259,8 @@ class DocumentManager {
"wmlc" => "application/vnd.wap.wmlc",
"wmls" => "text/vnd.wap.wmlscript",
"wmlsc" => "application/vnd.wap.wmlscriptc",
"wma" => "video/x-ms-wma",
"wmv" => "audio/x-ms-wmv",
"wma" => "video/x-ms-wma",
"wmv" => "audio/x-ms-wmv",
"wrl" => "model/vrml",
"xbm" => "image/x-xbitmap",
"xht" => "application/xhtml+xml",
@ -273,12 +273,12 @@ class DocumentManager {
"xyz" => "chemical/x-xyz",
"zip" => "application/zip"
);
if ($filename === TRUE)
if ($filename === TRUE)
{
return $mime_types;
}
//get the extension of the file
$extension = explode('.', $filename);
@ -317,7 +317,7 @@ class DocumentManager {
$tbl_item_property = $this_course.'item_property';
$doc_url = Database::escape_string($doc_url);
//$doc_url = addslashes($doc_url);
$query = "SELECT 1 FROM $tbl_document AS docs,$tbl_item_property AS props
$query = "SELECT 1 FROM $tbl_document AS docs,$tbl_item_property AS props
WHERE props.tool = 'document' AND docs.id=props.ref AND props.visibility <> '1' AND docs.path = '$doc_url'";
//echo $query;
$result = api_sql_query($query, __FILE__, __LINE__);
@ -479,7 +479,7 @@ class DocumentManager {
* @param int $to_group_id
* @param int $to_user_id
* @param boolean $can_see_invisible
* @return array with all document data
* @return array with all document data
*/
public static function get_all_document_data ($_course, $path = '/', $to_group_id = 0, $to_user_id = NULL, $can_see_invisible = false) {
$TABLE_ITEMPROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY, $_course['dbName']);
@ -520,9 +520,9 @@ class DocumentManager {
WHERE docs.id = last.ref
AND docs.path LIKE '".$path.$added_slash."%'
AND docs.path NOT LIKE '".$path.$added_slash."%/%'
AND last.tool = '".TOOL_DOCUMENT."'
AND last.tool = '".TOOL_DOCUMENT."'
AND ".$to_field." = ".$to_value."
AND last.visibility".$visibility_bit;
AND last.visibility".$visibility_bit;
$result = api_sql_query($sql);
@ -531,13 +531,13 @@ class DocumentManager {
while ($row = Database::fetch_array($result,'ASSOC'))
//while ($row = Database::fetch_array($result,MYSQL_NUM))
{
if($row['filetype']=='file' && pathinfo($row['path'],PATHINFO_EXTENSION)=='html'){
//Templates management
$table_template = Database::get_main_table(TABLE_MAIN_TEMPLATES);
$sql_is_template = "SELECT id FROM $table_template
WHERE course_code='".$_course['id']."'
$sql_is_template = "SELECT id FROM $table_template
WHERE course_code='".$_course['id']."'
AND user_id='".api_get_user_id()."'
AND ref_doc='".$row['id']."'";
$template_result = api_sql_query($sql_is_template);
@ -548,7 +548,7 @@ class DocumentManager {
$row['is_template'] = 0;
}
}
$document_data[$row['id']] = $row;
//$document_data[] = $row;
}
@ -577,19 +577,19 @@ class DocumentManager {
} else {
$to_group_id = Database::escape_string($to_group_id);
}*/
if (!empty($to_group_id)) {
$to_group_id = intval($to_group_id);
}
if ($can_see_invisible)
{
$sql = "SELECT path
FROM ".$TABLE_ITEMPROPERTY." AS last, ".$TABLE_DOCUMENT." AS docs
WHERE docs.id = last.ref
AND docs.filetype = 'folder'
AND last.tool = '".TOOL_DOCUMENT."'
AND last.to_group_id = ".$to_group_id."
AND docs.filetype = 'folder'
AND last.tool = '".TOOL_DOCUMENT."'
AND last.to_group_id = ".$to_group_id."
AND last.visibility <> 2";
$result = api_sql_query($sql, __FILE__, __LINE__);
@ -619,9 +619,9 @@ class DocumentManager {
$visible_sql = "SELECT path
FROM ".$TABLE_ITEMPROPERTY." AS last, ".$TABLE_DOCUMENT." AS docs
WHERE docs.id = last.ref
AND docs.filetype = 'folder'
AND last.tool = '".TOOL_DOCUMENT."'
AND last.to_group_id = ".$to_group_id."
AND docs.filetype = 'folder'
AND last.tool = '".TOOL_DOCUMENT."'
AND last.to_group_id = ".$to_group_id."
AND last.visibility = 1";
$visibleresult = api_sql_query($visible_sql, __FILE__, __LINE__);
while ($all_visible_folders = Database::fetch_array($visibleresult,'ASSOC'))
@ -630,25 +630,25 @@ class DocumentManager {
//echo "visible folders: ".$all_visible_folders['path']."<br>";
}
//get invisible folders
$invisible_sql = "SELECT path
$invisible_sql = "SELECT path
FROM ".$TABLE_ITEMPROPERTY." AS last, ".$TABLE_DOCUMENT." AS docs
WHERE docs.id = last.ref
AND docs.filetype = 'folder'
AND last.tool = '".TOOL_DOCUMENT."'
AND last.to_group_id = ".$to_group_id."
AND docs.filetype = 'folder'
AND last.tool = '".TOOL_DOCUMENT."'
AND last.to_group_id = ".$to_group_id."
AND last.visibility = 0";
$invisibleresult = api_sql_query($invisible_sql, __FILE__, __LINE__);
while ($invisible_folders = Database::fetch_array($invisibleresult,'ASSOC'))
{
//get visible folders in the invisible ones -> they are invisible too
//echo "invisible folders: ".$invisible_folders['path']."<br>";
$folder_in_invisible_sql = "SELECT path
$folder_in_invisible_sql = "SELECT path
FROM ".$TABLE_ITEMPROPERTY." AS last, ".$TABLE_DOCUMENT." AS docs
WHERE docs.id = last.ref
AND docs.path LIKE '".Database::escape_string($invisible_folders['path'])."/%'
AND docs.filetype = 'folder'
AND last.tool = '".TOOL_DOCUMENT."'
AND last.to_group_id = ".$to_group_id."
AND docs.path LIKE '".Database::escape_string($invisible_folders['path'])."/%'
AND docs.filetype = 'folder'
AND last.tool = '".TOOL_DOCUMENT."'
AND last.to_group_id = ".$to_group_id."
AND last.visibility = 1";
$folder_in_invisible_result = api_sql_query($folder_in_invisible_sql, __FILE__, __LINE__);
while ($folders_in_invisible_folder = Database::fetch_array($folder_in_invisible_result,'ASSOC'))
@ -681,26 +681,26 @@ class DocumentManager {
return false;
}
}
}
}
/**
* This check if a document has the readonly property checked, then see if the user
* is the owner of this file, if all this is true then return true.
*
*
* @param array $_course
* @param int $user_id id of the current user
* @param string $file path stored in the database
* @param int $document_id in case you dont have the file path ,insert the id of the file here and leave $file in blank ''
* @return boolean true/false
* @return boolean true/false
**/
public static function check_readonly ($_course,$user_id,$file,$document_id='',$to_delete=false) {
if(!(!empty($document_id) && is_numeric($document_id)))
{
{
$document_id = self::get_document_id($_course, $file);
}
}
$TABLE_PROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY, $_course['dbName']);
$TABLE_DOCUMENT = Database::get_course_table(TABLE_DOCUMENT, $_course['dbName']);
if ($to_delete)
{
if (self::is_folder($_course, $document_id))
@ -708,83 +708,83 @@ class DocumentManager {
if (!empty($file))
{
$path = Database::escape_string($file);
$what_to_check_sql = "SELECT td.id, readonly, tp.insert_user_id FROM ".$TABLE_DOCUMENT." td , $TABLE_PROPERTY tp
$what_to_check_sql = "SELECT td.id, readonly, tp.insert_user_id FROM ".$TABLE_DOCUMENT." td , $TABLE_PROPERTY tp
WHERE tp.ref= td.id and (path='".$path."' OR path LIKE BINARY '".$path."/%' ) ";
//get all id's of documents that are deleted
$what_to_check_result = api_sql_query($what_to_check_sql, __FILE__, __LINE__);
if ($what_to_check_result && Database::num_rows($what_to_check_result) != 0)
{
// file with readonly set to 1 exist?
$readonly_set=false;
while ($row = Database::fetch_array($what_to_check_result))
{
//query to delete from item_property table
//query to delete from item_property table
//echo $row['id']; echo "<br>";
if ($row['readonly']==1)
{
if ($row['readonly']==1)
{
if (!($row['insert_user_id'] == $user_id))
{
{
$readonly_set=true;
break;
}
}
}
}
if ($readonly_set)
{
return true;
}
}
}
return false;
}
return false;
}
}
if (!empty($document_id))
{
{
$sql= 'SELECT a.insert_user_id, b.readonly FROM '.$TABLE_PROPERTY.' a,'.$TABLE_DOCUMENT.' b
WHERE a.ref = b.id and a.ref='.$document_id.' LIMIT 1';
$resultans = api_sql_query($sql, __FILE__, __LINE__);
$doc_details = Database ::fetch_array($resultans,'ASSOC');
if($doc_details['readonly']==1)
{
if ( $doc_details['insert_user_id'] == $user_id || api_is_platform_admin() )
{
return false;
{
if ( $doc_details['insert_user_id'] == $user_id || api_is_platform_admin() )
{
return false;
}
else
{
return true;
}
}
{
return true;
}
}
}
return false;
}
/**
* This check if a document is a folder or not
* This check if a document is a folder or not
* @param array $_course
* @param int $document_id of the item
* @return boolean true/false
* @return boolean true/false
**/
public static function is_folder ($_course, $document_id) {
public static function is_folder ($_course, $document_id) {
$TABLE_DOCUMENT = Database::get_course_table(TABLE_DOCUMENT, $_course['dbName']);
//if (!empty($document_id))
$document_id = Database::escape_string($document_id);
$resultans = api_sql_query('SELECT filetype FROM '.$TABLE_DOCUMENT.' WHERE id='.$document_id.'', __FILE__, __LINE__);
$resultans = api_sql_query('SELECT filetype FROM '.$TABLE_DOCUMENT.' WHERE id='.$document_id.'', __FILE__, __LINE__);
$result= Database::fetch_array($resultans,'ASSOC');
if ($result['filetype']=='folder') {
return true;
return true;
} else {
return false;
}
}
}
/**
* This deletes a document by changing visibility to 2, renaming it to filename_DELETED_#id
* Files/folders that are inside a deleted folder get visibility 2
@ -808,7 +808,7 @@ class DocumentManager {
$what_to_delete_sql = "SELECT id FROM ".$TABLE_DOCUMENT." WHERE path='".$path."' OR path LIKE BINARY '".$path."/%'";
//get all id's of documents that are deleted
$what_to_delete_result = api_sql_query($what_to_delete_sql, __FILE__, __LINE__);
if ($what_to_delete_result && Database::num_rows($what_to_delete_result) != 0)
{
//needed to deleted medadata
@ -821,10 +821,10 @@ class DocumentManager {
{
//query to delete from item_property table
//avoid wrong behavior
//$remove_from_item_property_sql = "DELETE FROM ".$TABLE_ITEMPROPERTY." WHERE ref = ".$row['id']." AND tool='".TOOL_DOCUMENT."'";
api_item_property_update($_course, TOOL_DOCUMENT, $row['id'], 'delete', api_get_user_id());
//query to delete from document table
$remove_from_document_sql = "DELETE FROM ".$TABLE_DOCUMENT." WHERE id = ".$row['id']."";
self::unset_document_as_template($row['id'],$_course, api_get_user_id());
@ -855,13 +855,13 @@ class DocumentManager {
else //set visibility to 2 and rename file/folder to qsdqsd_DELETED_#id
{
if (api_item_property_update($_course, TOOL_DOCUMENT, $document_id, 'delete', api_get_user_id()))
{
{
//echo('item_property_update OK');
if (is_file($base_work_dir.$path) || is_dir($base_work_dir.$path) )
{
if(rename($base_work_dir.$path, $base_work_dir.$new_path))
{
self::unset_document_as_template($document_id, api_get_course_id(), api_get_user_id());
self::unset_document_as_template($document_id, api_get_course_id(), api_get_user_id());
$sql = "UPDATE $TABLE_DOCUMENT set path='".$new_path."' WHERE id='".$document_id."'";
if (api_sql_query($sql, __FILE__, __LINE__))
{
@ -875,7 +875,7 @@ class DocumentManager {
//echo('to delete also: id '.$deleted_items['id']);
api_item_property_update($_course, TOOL_DOCUMENT, $deleted_items['id'], 'delete', api_get_user_id());
//Change path of subfolders and documents in database
$old_item_path = $deleted_items['path'];
$old_item_path = $deleted_items['path'];
$new_item_path = $new_path.substr($old_item_path, strlen($path));
/*/
* trying to fix this bug FS#2681
@ -887,18 +887,18 @@ class DocumentManager {
*/
self::unset_document_as_template($deleted_items['id'], api_get_course_id(), api_get_user_id());
$sql = "UPDATE $TABLE_DOCUMENT set path = '".$new_item_path."' WHERE id = ".$deleted_items['id'];
api_sql_query($sql, __FILE__, __LINE__);
api_sql_query($sql, __FILE__, __LINE__);
}
}
self::delete_document_from_search_engine(api_get_course_id(), $document_id);
return true;
}
}
else
{
//Couldn't rename - file permissions problem?
//Couldn't rename - file permissions problem?
error_log(__FILE__.' '.__LINE__.': Error renaming '.$base_work_dir.$path.' to '.$base_work_dir.$new_path.'. This is probably due to file permissions',0);
}
}
@ -914,13 +914,13 @@ class DocumentManager {
self::delete_document_from_search_engine(api_get_course_id(), $document_id);
while ( $row = Database::fetch_array($res) )
while ( $row = Database::fetch_array($res) )
{
$sqlipd = "DELETE FROM $TABLE_ITEMPROPERTY WHERE ref = ".$row['id']." AND tool='".TOOL_DOCUMENT."'";
$resipd = Database::query($sqlipd,__FILE__,__LINE__);
self::unset_document_as_template($row['id'],api_get_course_id(), api_get_user_id());
$sqldd = "DELETE FROM $TABLE_DOCUMENT WHERE id = ".$row['id'];
$resdd = Database::query($sqldd,__FILE__,__LINE__);
$resdd = Database::query($sqldd,__FILE__,__LINE__);
}
}
}
@ -949,7 +949,7 @@ class DocumentManager {
require_once(api_get_path(LIBRARY_PATH) .'search/DokeosIndexer.class.php');
$di = new DokeosIndexer();
$di->remove_document((int)$row2['search_did']);
}
}
$sql = 'DELETE FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=%s LIMIT 1';
$sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_DOCUMENT, $document_id);
api_sql_query($sql, __FILE__, __LINE__);
@ -969,7 +969,7 @@ class DocumentManager {
*/
public static function get_document_id ($_course, $path) {
$TABLE_DOCUMENT = Database :: get_course_table(TABLE_DOCUMENT, $_course['dbName']);
$path = Database::escape_string($path);
$path = Database::escape_string($path);
$sql = "SELECT id FROM $TABLE_DOCUMENT WHERE path LIKE BINARY '$path'";
$result = api_sql_query($sql, __FILE__, __LINE__);
if ($result && Database::num_rows($result) == 1) {
@ -979,8 +979,8 @@ class DocumentManager {
return false;
}
}
/**
* Allow to set a specific document as a new template for FCKEditor for a particular user in a particular course
*
@ -993,8 +993,8 @@ class DocumentManager {
public static function set_document_as_template ($title, $description, $document_id_for_template, $couse_code, $user_id, $image) {
// Database table definition
$table_template = Database::get_main_table(TABLE_MAIN_TEMPLATES);
// creating the sql statement
// creating the sql statement
$sql = "INSERT INTO ".$table_template."
(title, description, course_code, user_id, ref_doc, image)
VALUES (
@ -1003,13 +1003,13 @@ class DocumentManager {
'".Database::escape_string($couse_code)."',
'".Database::escape_string($user_id)."',
'".Database::escape_string($document_id_for_template)."',
'".Database::escape_string($image)."')";
'".Database::escape_string($image)."')";
api_sql_query($sql);
return true;
}
/**
* Unset a document as template
*
@ -1018,23 +1018,23 @@ class DocumentManager {
* @param int $user_id
*/
public static function unset_document_as_template ($document_id, $course_code, $user_id) {
$table_template = Database::get_main_table(TABLE_MAIN_TEMPLATES);
$course_code = Database::escape_string($course_code);
$user_id = Database::escape_string($user_id);
$document_id = Database::escape_string($document_id);
$sql = 'SELECT id FROM '.$table_template.' WHERE course_code="'.$course_code.'" AND user_id="'.$user_id.'" AND ref_doc="'.$document_id.'"';
$result = api_sql_query($sql);
$template_id = Database::result($result,0,0);
include_once(api_get_path(LIBRARY_PATH) . 'fileManage.lib.php');
my_delete(api_get_path(SYS_CODE_PATH).'upload/template_thumbnails/'.$template_id.'.jpg');
$sql = 'DELETE FROM '.$table_template.' WHERE course_code="'.$course_code.'" AND user_id="'.$user_id.'" AND ref_doc="'.$document_id.'"';
api_sql_query($sql);
}
/**
* return true if the documentpath have visibility=1 as item_property
@ -1048,7 +1048,7 @@ class DocumentManager {
//note the extra / at the end of doc_path to match every path in the
// document table that is part of the document path
$doc_path = Database::escape_string($doc_path);
$sql = "SELECT path FROM $docTable d, $propTable ip " .
"where d.id=ip.ref AND ip.tool='".TOOL_DOCUMENT."' AND d.filetype='file' AND visibility=0 AND ".
"locate(concat(path,'/'),'".$doc_path."/')=1";
@ -1058,10 +1058,10 @@ class DocumentManager {
//echo "$row[0] not visible";
return false;
}
//improved protection of documents viewable directly through the url: incorporates the same protections of the course at the url of documents: access allowed for the whole world Open, access allowed for users registered on the platform Private access, document accessible only to course members (see the Users list), Completely closed; the document is only accessible to the course admin and teaching assistants.
if ($_SESSION ['is_allowed_in_course'] || api_is_platform_admin())
{
{
return true; // ok, document is visible
}
else

14
main/inc/lib/events.lib.inc.php
Unescape View File

@ -134,7 +134,7 @@ function event_access_course()
if(api_get_setting('use_session_mode')=='true' && isset($_SESSION['id_session']))
{
$id_session = intval($_SESSION['id_session']);
}
}
else
{
$id_session = 0;
@ -364,7 +364,7 @@ function event_link($link_id)
// anonymous
$user_id = "0";
}
$sql = "INSERT INTO ".$TABLETRACK_LINKS."
( links_user_id,
links_cours_id,
@ -405,7 +405,7 @@ function update_event_exercice($exeid,$exo_id, $score, $weighting,$session_id,$l
exe_result = '".Database::escape_string($score)."',
exe_weighting = '".Database::escape_string($weighting)."',
session_id = '".Database::escape_string($session_id)."',
orig_lp_id = '".Database::escape_string($learnpath_id)."',
orig_lp_id = '".Database::escape_string($learnpath_id)."',
orig_lp_item_id = '".Database::escape_string($learnpath_item_id)."',
exe_duration = '".Database::escape_string($duration)."',
exe_date= FROM_UNIXTIME(".$reallyNow."),status = '', data_tracking='',start_date =FROM_UNIXTIME(".Database::escape_string($_SESSION['exercice_start_date']).")
@ -472,7 +472,7 @@ function exercise_attempt($score,$answer,$quesId,$exeId,$j)
$quesId = Database::escape_string($quesId);
$exeId = Database::escape_string($exeId);
$j = Database::escape_string($j);
global $_configuration, $_user, $_cid;
$TBL_TRACK_ATTEMPT = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_ATTEMPT);
@ -542,7 +542,7 @@ function exercise_attempt($score,$answer,$quesId,$exeId,$j)
* @param int Whether this answer is correct (1) or not (0)
* @param string Coordinates of this point (e.g. 123;324)
* @return boolean Result of the insert query
* @uses Course code and user_id from global scope $_cid and $_user
* @uses Course code and user_id from global scope $_cid and $_user
*/
function exercise_attempt_hotspot($exe_id, $question_id, $answer_id, $correct, $coords)
{
@ -581,14 +581,14 @@ function event_system($event_type, $event_value_type, $event_value, $timestamp =
global $_configuration;
global $_user;
global $TABLETRACK_DEFAULT;
$event_type = Database::escape_string($event_type);
$event_value_type = Database::escape_string($event_value_type);
$event_value = Database::escape_string($event_value);
$timestamp = Database::escape_string($timestamp);
$user_id = Database::escape_string($user_id);
$course_code = Database::escape_string($course_code);
// if tracking is disabled record nothing
if (!$_configuration['tracking_enabled'])

32
main/inc/lib/export.lib.inc.php
Unescape View File

@ -35,34 +35,34 @@
require_once ('document.lib.php');
class Export {
private function __construct() {
}
/**
* Export tabular data to CSV-file
* @param array $data
* @param string $filename
*/
public static function export_table_csv ($data, $filename = 'export') {
public static function export_table_csv ($data, $filename = 'export') {
$file = api_get_path(SYS_ARCHIVE_PATH).uniqid('').'.csv';
$handle = @fopen($file, 'a+');
$handle = @fopen($file, 'a+');
if(is_array($data))
{
foreach ($data as $index => $row)
{
$line='';
if(is_array($row))
{
foreach($row as $value)
{
{
foreach($row as $value)
{
$line .= '"'.str_replace('"','""',$value).'";';
}
}
@fwrite($handle, $line."\n");
@fwrite($handle, $line."\n");
}
}
@fclose($handle);
DocumentManager :: file_send_for_download($file, true, $filename.'.csv');
@fclose($handle);
DocumentManager :: file_send_for_download($file, true, $filename.'.csv');
exit();
}
/**
@ -72,11 +72,11 @@ class Export {
*/
public static function export_table_xls ($data, $filename = 'export') {
$file = api_get_path(SYS_ARCHIVE_PATH).uniqid('').'.xls';
$handle = @fopen($file, 'a+');
foreach ($data as $index => $row)
{
@fwrite($handle, implode("\t", $row)."\n");
}
$handle = @fopen($file, 'a+');
foreach ($data as $index => $row)
{
@fwrite($handle, implode("\t", $row)."\n");
}
@fclose($handle);
DocumentManager :: file_send_for_download($file, true, $filename.'.xls');
exit();
@ -132,7 +132,7 @@ class Export {
$file = api_get_path(SYS_ARCHIVE_PATH).'/'.uniqid('').'.xml';
$handle = fopen($file, 'a+');
fwrite($handle, '<?xml version="1.0" encoding="'.$encoding.'"?>'."\n");
if (!is_null($wrapper_tagname))
{
fwrite($handle, '<'.$wrapper_tagname.'>');

44
main/inc/lib/fileDisplay.lib.php
Unescape View File

@ -1,40 +1,40 @@
<?php
/*
vim: set expandtab tabstop=4 shiftwidth=4:
==============================================================================
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2004 Dokeos S.A.
Copyright (c) 2003 Ghent University (UGent)
Copyright (c) 2001 Universite catholique de Louvain (UCL)
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact: Dokeos, 181 rue Royale, B-1000 Brussels, Belgium, info@dokeos.com
==============================================================================
==============================================================================
*/
/**
==============================================================================
==============================================================================
* This is the file display library for Dokeos.
* Include/require it in your code to use its functionality.
*
* @package dokeos.library
==============================================================================
==============================================================================
*/
/*
==============================================================================
==============================================================================
GENERIC FUNCTIONS : FOR OLDER PHP VERSIONS
==============================================================================
==============================================================================
*/
if ( ! function_exists('array_search') )
{
@ -62,10 +62,10 @@ if ( ! function_exists('array_search') )
}
/*
==============================================================================
==============================================================================
FILE DISPLAY FUNCTIONS
==============================================================================
*/
==============================================================================
*/
/**
* Define the image to display for each file extension.
* This needs an existing image repository to work.
@ -236,9 +236,9 @@ function folder_size($dir_name)
if ($dir_handle = opendir($dir_name))
{
while (($entry = readdir($dir_handle)) !== false)
while (($entry = readdir($dir_handle)) !== false)
{
if($entry == '.' || $entry == '..')
if($entry == '.' || $entry == '..')
continue;
if(is_dir($dir_name.'/'.$entry))
@ -246,7 +246,7 @@ function folder_size($dir_name)
else
$size += filesize($dir_name.'/'.$entry);
}
closedir($dir_handle);
}
@ -262,11 +262,11 @@ function folder_size($dir_name)
* @return Total size
*/
function get_total_folder_size($path, $can_see_invisible = false)
{
{
$table_itemproperty = Database::get_course_table(TABLE_ITEM_PROPERTY);
$table_document = Database::get_course_table(TABLE_DOCUMENT);
$tool_document = TOOL_DOCUMENT;
$visibility_rule = 'props.visibility ' . ($can_see_invisible ? '<> 2' : '= 1');
$sql = <<<EOQ
@ -279,15 +279,15 @@ SELECT SUM(size)
EOQ;
$result = api_sql_query($sql,__FILE__,__LINE__);
if($result && mysql_num_rows($result) != 0)
{
{
$row = mysql_fetch_row($result);
return $row[0] == null ? 0 : $row[0];
}
else
{
return 0;
}
}
}
?>

2
main/inc/lib/fileManage.lib.php
Unescape View File

@ -819,7 +819,7 @@ class FileManager
else
{
FileManager :: mkdirs(dirname($path), $mode);
//mkdir($path, $mode);
//mkdir($path, $mode);
return true;
}
}

42
main/inc/lib/fileUpload.lib.php
Unescape View File

@ -74,7 +74,7 @@ function api_replace_parameter($upload_path, $buffer, $param_name="src")
/**
* Replaces all accentuated characters by non-accentuated characters for filenames, as
* well as special HTML characters by their HTML entity's first letter.
*
*
* Although this method is not absolute, it gives good results in general. It first
* transforms the string to HTML entities (&ocirc;, @oslash;, etc) then removes the
* HTML character part to result in simple characters (o, o, etc).
@ -253,10 +253,10 @@ function handle_uploaded_document($_course,$uploaded_file,$base_work_dir,$upload
Display::display_error_message(get_lang('UplNotEnoughSpace'));
return false;
}
//if the want to unzip, check if the file has a .zip (or ZIP,Zip,ZiP,...) extension
if ($unzip == 1 && preg_match("/.zip$/", strtolower($uploaded_file['name'])) )
{
{
return unzip_uploaded_document($uploaded_file, $upload_path, $base_work_dir, $maxFilledSpace, $output, $to_group_id);
//display_message("Unzipping file");
}
@ -305,16 +305,16 @@ function handle_uploaded_document($_course,$uploaded_file,$base_work_dir,$upload
$document_name = get_document_title($uploaded_file['name']);
//size of the uploaded file (in bytes)
$file_size = $uploaded_file['size'];
$files_perm = api_get_setting('permissions_for_new_files');
$files_perm = octdec(!empty($files_perm)?$files_perm:'0770');
//what to do if the target file exists
switch ($what_if_file_exists)
{
//overwrite the file if it exists
case 'overwrite':
//check if the target file exists, so we can give another message
if (file_exists($store_path))
{
@ -368,17 +368,17 @@ function handle_uploaded_document($_course,$uploaded_file,$base_work_dir,$upload
return false;
}
break;
//rename the file if it exists
case 'rename':
$new_name = unique_name($where_to_save, $clean_name);
$store_path = $where_to_save.$new_name;
$new_file_path = $upload_path.$new_name;
if (@move_uploaded_file($uploaded_file['tmp_name'], $store_path))
{
chmod($store_path,$files_perm);
//put the document data in the database
$document_id = add_document($_course,$new_file_path,'file',$file_size,$document_name);
if ($document_id)
@ -400,7 +400,7 @@ function handle_uploaded_document($_course,$uploaded_file,$base_work_dir,$upload
return false;
}
break;
//only save the file if it doesn't exist or warn user if it does exist
default:
if (file_exists($store_path))
@ -410,9 +410,9 @@ function handle_uploaded_document($_course,$uploaded_file,$base_work_dir,$upload
else
{
if (@move_uploaded_file($uploaded_file['tmp_name'], $store_path))
{
{
chmod($store_path,$files_perm);
//put the document data in the database
$document_id = add_document($_course,$file_path,'file',$file_size,$document_name);
if ($document_id)
@ -903,13 +903,13 @@ function unzip_uploaded_document($uploaded_file, $upload_path, $base_work_dir, $
global $_user;
global $to_user_id;
global $to_group_id;
$zip_file = new pclZip($uploaded_file['tmp_name']);
// Check the zip content (real size and file extension)
$zip_content_array = $zip_file->listContent();
foreach((array) $zip_content_array as $this_content)
{
$real_filesize += $this_content['size'];
@ -935,7 +935,7 @@ function unzip_uploaded_document($uploaded_file, $upload_path, $base_work_dir, $
$save_dir = getcwd();
chdir($base_work_dir.$upload_path);
//we extract using a callback function that "cleans" the path
$unzipping_state = $zip_file->extract(PCLZIP_CB_PRE_EXTRACT, 'clean_up_files_in_zip');
$unzipping_state = $zip_file->extract(PCLZIP_CB_PRE_EXTRACT, 'clean_up_files_in_zip');
// Add all documents in the unzipped folder to the database
add_all_documents_in_folder_to_database($_course,$_user['user_id'],$base_work_dir,$upload_path == '/' ? '' : $upload_path, $to_group_id);
//Display::display_normal_message(get_lang('UplZipExtractSuccess'));
@ -1081,7 +1081,7 @@ function clean_up_path(&$path)
/**
* Check if the file is dangerous, based on extension and/or mimetype.
* The list of extensions accepted/rejected can be found from
* The list of extensions accepted/rejected can be found from
* api_get_setting('upload_extensions_exclude') and api_get_setting('upload_extensions_include')
* @param string filename passed by reference. The filename will be modified if filter rules say so! (you can include path but the filename should look like 'abc.html')
* @return int 0 to skip file, 1 to keep file
@ -1193,7 +1193,7 @@ function get_document_id() moved to document.lib.php
* @return boolean true /false
*/
function update_existing_document($_course,$document_id,$filesize,$readonly=0)
{
{
$document_table = Database::get_course_table(TABLE_DOCUMENT,$_course['dbName']);
$sql="UPDATE $document_table SET size = '$filesize' , readonly = '$readonly' WHERE id='$document_id'";
if(api_sql_query($sql,__FILE__,__LINE__))
@ -1838,7 +1838,7 @@ function build_missing_files_form($missing_files,$upload_path,$file_name)
}
$form .= "</table>\n"
."<button type='submit' name=\"cancel_submit_image\" value=\"".get_lang('Cancel')."\" class=\"cancel\">".get_lang('Cancel')."</button>"
."<button type='submit' name=\"submit_image\" value=\"".get_lang('Ok')."\" class=\"save\">".get_lang('Ok')."</button>"
."<button type='submit' name=\"submit_image\" value=\"".get_lang('Ok')."\" class=\"save\">".get_lang('Ok')."</button>"
."</form>\n";
return $form;
}
@ -1856,7 +1856,7 @@ function add_all_documents_in_folder_to_database($_course,$user_id,$base_work_di
{
$path = $base_work_dir.$current_path;
//open dir
$handle=opendir($path);
//run trough
@ -1866,7 +1866,7 @@ function add_all_documents_in_folder_to_database($_course,$user_id,$base_work_di
$completepath="$path/$file";
//directory?
if (is_dir($completepath))
{
$title=get_document_title($file);
@ -1889,7 +1889,7 @@ function add_all_documents_in_folder_to_database($_course,$user_id,$base_work_di
//rename
$safe_file=disable_dangerous_file(replace_dangerous_char($file));
@rename($base_work_dir.$current_path.'/'.$file,$base_work_dir.$current_path.'/'.$safe_file);
if(!DocumentManager::get_document_id($_course, $current_path.'/'.$safe_file))
{
$title=get_document_title($file);

86
main/inc/lib/groupmanager.lib.php
Unescape View File

@ -90,7 +90,7 @@ class GroupManager {
* GROUP FUNCTIONS
==============================================================================*/
private function __construct() {
}
/**
* Get list of groups for current course.
@ -118,7 +118,7 @@ class GroupManager {
$session_id=isset($_SESSION['id_session']) ? $_SESSION['id_session'] : 0;
$session_condition = intval($session_id)==0 ? '' : ' g.session_id = '.intval($session_id).' ';
$my_status_of_user_in_course=CourseManager::get_user_in_course_status($my_user_id,$my_course_code);
$is_student_in_session=false;
if (is_null($my_status_of_user_in_course) || $my_status_of_user_in_course=='') {//into session
if ($session_id>0) {
@ -144,7 +144,7 @@ class GroupManager {
ON `ug`.`group_id` = `g`.`id` AND `ug`.`user_id` = '".$_user['user_id']."'
LEFT JOIN ".$table_group_user." `ug2`
ON `ug2`.`group_id` = `g`.`id`";
} elseif ($my_status_of_user_in_course==STUDENT || $is_student_in_session===true || $_SESSION['studentview'] == 'studentview') {
$sql = "SELECT g.id ,
g.name ,
@ -163,7 +163,7 @@ class GroupManager {
LEFT JOIN ".$table_group_user." `ug2`
ON `ug2`.`group_id` = `g`.`id`";
}
if ($category != null){
$sql .= " WHERE g.category_id = '".Database::escape_string($category)."' ";
if(!empty($session_condition))
@ -214,12 +214,12 @@ class GroupManager {
$table_group = Database :: get_course_table(TABLE_GROUP);
$table_forum = Database :: get_course_table(TABLE_FORUM);
$category = self :: get_category($category_id);
if (intval($places) == 0) //if the amount of users per group is not filled in, use the setting from the category
{
$places = $category['max_student'];
}
$sql = "INSERT INTO ".$table_group." SET
$sql = "INSERT INTO ".$table_group." SET
category_id='".Database::escape_string($category_id)."', max_student = '".$places."', doc_state = '".$category['doc_state']."',
calendar_state = '".$category['calendar_state']."', work_state = '".$category['work_state']."', announcements_state = '".$category['announcements_state']."', forum_state = '".$category['forum_state']."', wiki_state = '".$category['wiki_state']."', self_registration_allowed = '".$category['self_reg_allowed']."', self_unregistration_allowed = '".$category['self_unreg_allowed']."', session_id='".Database::escape_string($my_id_session)."'";
api_sql_query($sql,__FILE__,__LINE__);
@ -236,12 +236,12 @@ class GroupManager {
/* Stores the directory path into the group table */
$sql = "UPDATE ".$table_group." SET name = '".Database::escape_string($name)."', secret_directory = '".$dir_name."' WHERE id ='".$lastId."'";
api_sql_query($sql,__FILE__,__LINE__);
// create a forum if needed
if ($category['forum_state'] >= 0) {
include_once(api_get_path(SYS_CODE_PATH).'forum/forumconfig.inc.php');
include_once(api_get_path(SYS_CODE_PATH).'forum/forumfunction.inc.php');
$forum_categories = get_forum_categories();
$values['forum_title'] = $name;
$counter = 0;
@ -262,7 +262,7 @@ class GroupManager {
$values['allow_attachments_group']['allow_attachments'] = 1;
$values['allow_new_threads_group']['allow_new_threads'] = 1;
$values['default_view_type_group']['default_view_type']=api_get_setting('default_forum_view');
$values['group_forum'] = $lastId;
$values['group_forum'] = $lastId;
if ($category['forum_state'] == '1') {
$values['public_private_group_forum_group']['public_private_group_forum']='public';
} elseif ($category['forum_state'] == '2') {
@ -382,7 +382,7 @@ class GroupManager {
{
$course = api_get_course_info();
}
// Database table definitions
$group_table = Database :: get_course_table(TABLE_GROUP, $course_db);
$group_user_table = Database :: get_course_table(TABLE_GROUP_USER, $course_db);
@ -390,9 +390,9 @@ class GroupManager {
$forum_post_table = Database :: get_course_table(TABLE_FORUM_POST, $course_db);
//$forum_post_text_table = Database :: get_course_table(TOOL_FORUM_POST_TEXT_TABLE, $course_db);
$forum_topic_table = Database :: get_course_table(TABLE_FORUM_POST, $course_db);
$group_ids = is_array($group_ids) ? $group_ids : array ($group_ids);
if(api_is_course_coach())
{ //a coach can only delete courses from his session
for($i=0 ; $i<count($group_ids) ; $i++)
@ -406,8 +406,8 @@ class GroupManager {
if(count($group_ids)==0)
return 0;
}
// define repository for deleted element
$group_garbage = api_get_path(SYS_ARCHIVE_PATH).$course['path']."/group/";
$perm = api_get_setting('permissions_for_new_directories');
@ -433,10 +433,10 @@ class GroupManager {
// delete the groups
$sql = "DELETE FROM ".$group_table." WHERE id IN ('".implode("' , '", $group_ids)."')";
api_sql_query($sql,__FILE__,__LINE__);
$sql2 = "DELETE FROM ".$forum_table." WHERE forum_of_group IN ('".implode("' , '", $group_ids)."')";
api_sql_query($sql2,__FILE__,__LINE__);
return Database::affected_rows();
}
@ -492,7 +492,7 @@ class GroupManager {
$table_group = Database :: get_course_table(TABLE_GROUP);
$table_forum = Database :: get_course_table(TABLE_FORUM);
//$forum_id = get_forums_of_group($group_id);
$group_id = Database::escape_string($group_id);
$group_id = Database::escape_string($group_id);
$sql = "UPDATE ".$table_group."
SET name='".Database::escape_string(trim($name))."',
doc_state = '".Database::escape_string($doc_state)."',
@ -505,9 +505,9 @@ class GroupManager {
max_student=".Database::escape_string($maximum_number_of_students).",
self_registration_allowed='".Database::escape_string($self_registration_allowed)."',
self_unregistration_allowed='".Database::escape_string($self_unregistration_allowed)."'
WHERE id=".$group_id;
WHERE id=".$group_id;
$result = api_sql_query($sql,__FILE__,__LINE__);
//Here we are updating a field in the table forum_forum that perhaps duplicates the table group_info.forum_state cvargas
//Here we are updating a field in the table forum_forum that perhaps duplicates the table group_info.forum_state cvargas
$forum_state = (int) $forum_state;
$sql2 = "UPDATE ".$table_forum." SET ";
if ($forum_state===1) {
@ -519,7 +519,7 @@ class GroupManager {
}
$sql2 .=" WHERE forum_of_group=".$group_id;
$result2 = api_sql_query($sql2,__FILE__,__LINE__);
return $result;
}
/**
@ -653,7 +653,7 @@ class GroupManager {
doc_state = '".Database::escape_string($doc_state)."',
work_state = '".Database::escape_string($work_state)."',
calendar_state = '".Database::escape_string($calendar_state)."',
announcements_state = '".Database::escape_string($announcements_state)."',
announcements_state = '".Database::escape_string($announcements_state)."',
forum_state = '".Database::escape_string($forum_state)."',
wiki_state = '".Database::escape_string($wiki_state)."',
groups_per_user = '".Database::escape_string($groups_per_user)."',
@ -700,15 +700,15 @@ class GroupManager {
WHERE id=$id";
api_sql_query($sql,__FILE__,__LINE__);
}
/**
* Returns the number of groups of the user with the greatest number of
* subscribtions in the given category
*/
public static function get_current_max_groups_per_user ($category_id = null, $course_code = null) {
$course_db = '';
if ($course_code != null)
{
$course_info = Database :: get_course_info($course_code);
@ -735,7 +735,7 @@ class GroupManager {
$table_group_cat = Database :: get_course_table(TABLE_GROUP_CATEGORY);
$id1 = Database::escape_string($id1);
$id2 = Database::escape_string($id2);
$sql = "SELECT id,display_order FROM $table_group_cat WHERE id IN ($id1,$id2)";
$res = api_sql_query($sql,__FILE__,__LINE__);
$cat1 = Database::fetch_object($res);
@ -794,7 +794,7 @@ class GroupManager {
*/
public static function fill_groups ($group_ids) {
$group_ids = is_array($group_ids) ? $group_ids : array ($group_ids);
if(api_is_course_coach())
{
for($i=0 ; $i<count($group_ids) ; $i++)
@ -808,7 +808,7 @@ class GroupManager {
if(count($group_ids)==0)
return false;
}
global $_course;
$category = self :: get_category_from_group($group_ids[0]);
$groups_per_user = $category['groups_per_user'];
@ -841,7 +841,7 @@ class GroupManager {
*/
for ($i = 0; $i < count($complete_user_list); $i ++)
{
//find # of groups the user is enrolled in
$number_of_groups = self :: user_in_number_of_groups($complete_user_list[$i]["user_id"],$category['id']);
//add # of groups to user list
@ -856,7 +856,7 @@ class GroupManager {
$userToken = array ();
foreach ($complete_user_list as $this_user)
{
if ($this_user['number_groups_left'] > 0)
{
$userToken[$this_user['user_id']] = $this_user['number_groups_left'];
@ -874,7 +874,7 @@ class GroupManager {
$changed = true;
while ($changed)
{
$changed = false;
reset($group_available_place);
arsort($group_available_place);
@ -886,7 +886,7 @@ class GroupManager {
{
if (self :: can_user_subscribe($user_id, $group_id))
{
self :: subscribe_users($user_id, $group_id);
$group_available_place[$group_id]--;
$userToken[$user_id]--;
@ -941,7 +941,7 @@ class GroupManager {
$table_group = Database :: get_course_table(TABLE_GROUP);
$user_id = Database::escape_string($user_id);
$cat_id = Database::escape_string($cat_id);
$sql = 'SELECT COUNT(*) AS number_of_groups FROM '.$table_group_user.' gu, '.$table_group.' g WHERE gu.user_id = \''.$user_id.'\' AND g.id = gu.group_id AND g.category_id= \''.$cat_id.'\'';
$db_result = api_sql_query($sql,__FILE__,__LINE__);
$db_object = Database::fetch_object($db_result);
@ -1066,7 +1066,7 @@ class GroupManager {
* (user_id, firstname, lastname, email)
*/
public static function get_subscribed_tutors ($group_id,$id_only=false) {
$table_user = Database :: get_main_table(TABLE_MAIN_USER);
$table_user = Database :: get_main_table(TABLE_MAIN_USER);
$table_group_tutor = Database :: get_course_table(TABLE_GROUP_TUTOR);
$order_clause = api_sort_by_first_name() ? ' ORDER BY `u`.`firstname`, `u`.`lastname`' : ' ORDER BY `u`.`lastname`, `u`.`firstname`';
$group_id = Database::escape_string($group_id);
@ -1129,7 +1129,7 @@ class GroupManager {
$table_group_tutor = Database :: get_course_table(TABLE_GROUP_TUTOR);
$user_id = Database::escape_string($user_id);
$group_id = Database::escape_string($group_id);
$sql = "INSERT INTO ".$table_group_tutor." (user_id, group_id) VALUES ('".$user_id."', '".$group_id."')";
$result &= api_sql_query($sql,__FILE__,__LINE__);
}
@ -1157,7 +1157,7 @@ class GroupManager {
$group_ids = is_array($group_ids) ? $group_ids : array ($group_ids);
if( count($group_ids) > 0)
{
if(api_is_course_coach())
{
for($i=0 ; $i<count($group_ids) ; $i++)
@ -1173,7 +1173,7 @@ class GroupManager {
return false;
}
}
$table_group_user = Database :: get_course_table(TABLE_GROUP_USER);
$sql = 'DELETE FROM '.$table_group_user.' WHERE group_id IN ('.implode(',', $group_ids).')';
$result = api_sql_query($sql,__FILE__,__LINE__);
@ -1213,7 +1213,7 @@ class GroupManager {
$table_group_tutor = Database :: get_course_table(TABLE_GROUP_TUTOR);
$user_id = Database::escape_string($user_id);
$group_id = Database::escape_string($group_id);
$sql = "SELECT * FROM ".$table_group_tutor." WHERE user_id='".$user_id."' AND group_id='".$group_id."'";
$result = api_sql_query($sql,__FILE__,__LINE__);
if (Database::num_rows($result)>0)
@ -1285,8 +1285,8 @@ class GroupManager {
public static function is_tutor ($user_id) {
global $_course;
$course_user_table = Database :: get_main_table(TABLE_MAIN_COURSE_USER);
$user_id = Database::escape_string($user_id);
$user_id = Database::escape_string($user_id);
$sql = "SELECT tutor_id FROM ".$course_user_table."
WHERE `user_id`='".$user_id."'
AND `course_code`='".$_course['sysCode']."'"."AND tutor_id=1";
@ -1478,7 +1478,7 @@ class GroupManager {
break;
case GROUP_TOOL_WIKI :
$state_key = 'wiki_state';
break;
break;
default:
return false;
}
@ -1508,13 +1508,13 @@ class GroupManager {
* Get all groups where a specific user is subscribed
*/
public static function get_user_group_name ($user_id) {
$table_group_user=Database::get_course_table(TABLE_GROUP_USER);
$table_group=Database::get_course_table(TABLE_GROUP);
$user_id = Database::escape_string($user_id);
$user_id = Database::escape_string($user_id);
$sql_groups = 'SELECT name FROM '.$table_group.' g,'.$table_group_user.' gu WHERE gu.user_id="'.$user_id.'" AND gu.group_id=g.id';
$res = api_sql_query($sql_groups,__FILE__,__LINE__);
$groups=array();
while($group = Database::fetch_array($res))
{

24
main/inc/lib/image.lib.php
Unescape View File

@ -9,20 +9,20 @@ class image {
var $bgx;
var $bgy;
var $fontfile='./verdana';
var $color;
function image($bgfile='') {
image::addbackground($bgfile);
}
function createimagefromtype($file,$handler) {
$size = @getimagesize(api_url_to_local_path($file));
$type=$size[2];
switch ($type) {
case 2 : $imhandler = @imagecreatefromjpeg($file);
break;
@ -35,7 +35,7 @@ class image {
$xtmpstr=$handler.'x';
$ytmpstr=$handler.'y';
$this->$xtmpstr=$size[0];
$this->$ytmpstr=$size[1];
@ -63,7 +63,7 @@ class image {
$scale = ($size[0] > 0 && $size[1] >0)?min($thumbw/$size[0], $thumbh/$size[1]):0;
$width = (int)($size[0]*$scale);
$height = (int)($size[1]*$scale);
$deltaw = 0;
$deltah = 0;
$dst_img = @ImageCreateTrueColor($width, $height);
@ -81,8 +81,8 @@ class image {
}
function addbackground($bgfile) {
if ( !empty($bgfile) && file_exists($bgfile) ) { $this->bg = image::createimagefromtype($bgfile,'bg');
@imagealphablending( $this->bg ,TRUE );
}
@ -115,7 +115,7 @@ class image {
putenv('GDFONTPATH=' . realpath('.'));
$this->fontfile='verdana';
$text= preg_replace('`(?<!\r)\n`',"\r\n",$text);
$box=@imagettfbbox ( $size, $angle, $this->fontfile, $text );
if ($x<0) {
$x=$this->bgx - max($box[2],$box[4]) + $x;
@ -127,9 +127,9 @@ class image {
} else {
$y=max(-$box[7],-$box[5]) + $y;
}
@imagettftext($this->bg, $size, $angle, $x, $y, $this->color, $this->fontfile , $text );
}
function send_image($type,$file='',$compress=-1) {
@ -154,7 +154,7 @@ class image {
break;
default: return 0;
}
// TODO: Occupied memory is not released, because the following fragment of code is actually dead.
@imagedestroy($this->bg);
@imagedestroy($this->logo);

26
main/inc/lib/import.lib.php
Unescape View File

@ -1,45 +1,45 @@
<?php
// $Id: import.lib.php 13806 2007-11-28 06:29:03Z yannoo $
// $Id: import.lib.php 13806 2007-11-28 06:29:03Z yannoo $
/*
==============================================================================
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2004,2005 Dokeos S.A.
Copyright (c) Bart Mollet, Hogeschool Gent
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact address: Dokeos, 44 rue des palais, B-1030 Brussels, Belgium
Mail: info@dokeos.com
==============================================================================
==============================================================================
*/
/**
==============================================================================
==============================================================================
* This class provides some functions which can be used when importing data from
* external files into Dokeos
* @package dokeos.library
==============================================================================
==============================================================================
*/
class Import
{
/**
* Reads a CSV-file into an array. The first line of the CSV-file should
* contain the array-keys.
* contain the array-keys.
* Example:
* FirstName;LastName;Email
* John;Doe;john.doe@mail.com
* Adam;Adams;adam@mail.com
* returns
* $result [0]['FirstName'] = 'John';
* $result [0]['LastName'] = 'Doe';
* $result [0]['LastName'] = 'Doe';
* $result [0]['Email'] = 'john.doe@mail. com';
* $result [1]['FirstName'] = 'Adam';
* ...
@ -57,7 +57,7 @@ class Import
$keys = fgetcsv($handle, 1000, ";");
while (($row_tmp = fgetcsv($handle, 1000, ";")) !== FALSE)
{
$row = array ();
foreach ($row_tmp as $index => $value)
{

102
main/inc/lib/legal.lib.php
Unescape View File

@ -7,7 +7,7 @@
* @package dokeos.legal
*
*/
class LegalManager {
private function __construct () {
//void
@ -17,12 +17,12 @@ class LegalManager {
* @param int language id
* @param string the content
* @param int term and condition type (0 or 1)
* @param string explain changes
* @param string explain changes
* @return boolean sucess
*/
public function add ($language, $content, $type, $changes) {
$legal_table = Database::get_main_table(TABLE_MAIN_LEGAL);
$last = self::get_last_condition($language);
$legal_table = Database::get_main_table(TABLE_MAIN_LEGAL);
$last = self::get_last_condition($language);
$language = Database::escape_string($language);
$content = Database::escape_string($content);
$type = intval($type);
@ -50,7 +50,7 @@ class LegalManager {
date = '".$time."'
WHERE legal_id= $id ";
$result = Database::query($sql, __FILE__, __LINE__);
return true;
return true;
} else {
return false;
}
@ -63,13 +63,13 @@ class LegalManager {
$sql = "DELETE FROM $legal_table WHERE legal_id = '".$id."'";
*/
}
/**
* Gets the last version of a Term and condition by language
* @param int the language id
* @return array all the info of a Term and condition
*/
* @param int the language id
* @return array all the info of a Term and condition
*/
public function get_last_condition_version ($language) {
$legal_conditions_table = Database::get_main_table(TABLE_MAIN_LEGAL);
$language= Database::escape_string($language);
@ -77,16 +77,16 @@ class LegalManager {
$result = Database::query($sql, __FILE__, __LINE__);
$row = Database::fetch_array($result);
if (Database::num_rows($result)>0) {
return $row['version'];
return $row['version'];
} else {
return 0;
}
}
/**
* Gets the data of a Term and condition by language
* @param int the language id
* @return array all the info of a Term and condition
*/
* @param int the language id
* @return array all the info of a Term and condition
*/
public function get_last_condition ($language) {
$legal_conditions_table = Database::get_main_table(TABLE_MAIN_LEGAL);
$language= Database::escape_string($language);
@ -94,11 +94,11 @@ class LegalManager {
$result = Database::query($sql, __FILE__, __LINE__);
return Database::fetch_array($result);
}
/**
* Gets the last version of a Term and condition by language
* @param int the language id
* @return boolean | int the version or false if does not exist
* @param int the language id
* @return boolean | int the version or false if does not exist
*/
public function get_last_version ($language) {
$legal_conditions_table = Database::get_main_table(TABLE_MAIN_LEGAL);
@ -107,15 +107,15 @@ class LegalManager {
$result = Database::query($sql, __FILE__, __LINE__);
if (Database::num_rows($result)>0){
$version = Database::fetch_array($result);
$version = explode(':',$version[0]);
$version = explode(':',$version[0]);
return $version[0];
} else {
} else {
return false;
}
}
}
/**
* Show the last condition
* Show the last condition
* @param array with type and content i.e array('type'=>'1', 'content'=>'hola');
* @return string html preview
*/
@ -144,15 +144,15 @@ class LegalManager {
'.get_lang('TermsAndConditions').'
</label>
</div>
</fieldset>';
</fieldset>';
break;*/
// html
case 0:
case 0:
$preview = '<div class="legal-terms"> '.$term_preview['content'].' </div>';
$preview .= '<br/>'.get_lang('ByClickingRegisterYouAgreeTermsAndConditions');
break;
// page link
case 1:
// page link
case 1:
$preview ='<fieldset>
<legend>'.get_lang('TermsAndConditions').'</legend>';
$preview .= '<div id="legal-accept-wrapper" class="form-item">
@ -164,64 +164,64 @@ class LegalManager {
</div>
</fieldset>';
break;
default:
break;
default:
break;
}
return $preview;
return $preview;
}
/**
* Get the terms and condition table (only for maintenance)
* @param int offset
* @param int offset
* @param int number of items
* @param int column
* @return array
* @return array
*/
public function get_legal_data ($from, $number_of_items, $column) {
$legal_conditions_table = Database::get_main_table(TABLE_MAIN_LEGAL);
$lang_table = Database::get_main_table(TABLE_MAIN_LANGUAGE);
$from = intval($from);
$number_of_items = intval($number_of_items);
$number_of_items = intval($number_of_items);
$column = intval($column);
$sql = "SELECT version, original_name as language, content, changes, type, FROM_UNIXTIME(date)
FROM $legal_conditions_table inner join $lang_table l on(language_id = l.id) ";
$sql = "SELECT version, original_name as language, content, changes, type, FROM_UNIXTIME(date)
FROM $legal_conditions_table inner join $lang_table l on(language_id = l.id) ";
$sql .= "ORDER BY language, version ASC ";
$sql .= "LIMIT $from,$number_of_items ";
$result = Database::query($sql, __FILE__, __LINE__);
$result = Database::query($sql, __FILE__, __LINE__);
$legals = array ();
$versions = array ();
while ($legal = Database::fetch_array($result)) {
// max 2000 chars
// max 2000 chars
//echo strlen($legal[1]); echo '<br>';
$versions[]=$legal[0];
$languages[]=$legal[1];
if (strlen($legal[2])>2000)
$legal[2]= substr($legal[2],0,2000).' ... ';
$legal[2]= substr($legal[2],0,2000).' ... ';
if ($legal[4]==0)
$legal[4]= get_lang('HTMLText');
elseif($legal[4]==1)
$legal[4]=get_lang('PageLink');
$legal[4]=get_lang('PageLink');
$legals[] = $legal;
}
return $legals;
return $legals;
}
/**
* Gets the number of terms and conditions available
* @return int
* Gets the number of terms and conditions available
* @return int
*/
public function count() {
$legal_conditions_table = Database::get_main_table(TABLE_MAIN_LEGAL);
$sql = "SELECT count(*) as count_result FROM $legal_conditions_table ORDER BY legal_id DESC ";
$result = Database::query($sql, __FILE__, __LINE__);
$url = Database::fetch_array($result,'ASSOC');
$result = $url['count_result'];
return $result;
$url = Database::fetch_array($result,'ASSOC');
$result = $url['count_result'];
return $result;
}
/**
* Get type of terms and conditions
* @param int The legal id
@ -230,8 +230,8 @@ class LegalManager {
*/
public function get_type_of_terms_and_conditions ($legal_id,$language_id) {
$legal_conditions_table = Database::get_main_table(TABLE_MAIN_LEGAL);
$legal_id=Database::escape_string($legal_id);
$language_id=Database::escape_string($language_id);
$legal_id=Database::escape_string($legal_id);
$language_id=Database::escape_string($language_id);
$sql='SELECT type FROM '.$legal_conditions_table.' WHERE legal_id="'.$legal_id.'" AND language_id="'.$language_id.'"';
$rs=Database::query($sql,__FILE__,__LINE__);
return Database::result($rs,0,'type');

2
main/inc/lib/mail.lib.inc.php
Unescape View File

@ -30,7 +30,7 @@ function api_mail($recipient_name, $recipient_email, $subject, $message, $sender
$mail->Mailer = $platform_email['SMTP_MAILER'];
$mail->Host = $platform_email['SMTP_HOST'];
$mail->Port = $platform_email['SMTP_PORT'];
$mail->CharSet = $platform_email['SMTP_CHARSET'];
$mail->CharSet = $platform_email['SMTP_CHARSET'];
$mail->WordWrap = 200; // stay far below SMTP protocol 980 chars limit
if($platform_email['SMTP_AUTH'])

32
main/inc/lib/message.lib.php
Unescape View File

@ -18,7 +18,7 @@
Contact address: Dokeos, rue du Corbeau, 108, B-1030 Brussels, Belgium
Mail: info@dokeos.com
==============================================================================
*/
@ -32,16 +32,16 @@ function inbox_display() {
echo '<a onclick="compose_and_show_message(\'show\',\'1\')" href="javascript:void(0)">'.Display::return_icon('message_new.png',api_xml_http_response_encode(get_lang('ComposeMessage'))).api_xml_http_response_encode(get_lang('ComposeMessage')).'</a>';
echo '<a class="refresh" href="javascript:window.location.reload()">'.api_convert_encoding(get_lang('Refresh'),'UTF-8',$charset).'</a>';
echo '</div>';
echo '</div>';
echo '</div>';
$charset = api_get_setting('platform_charset');
$table_message = Database::get_main_table(TABLE_MESSAGE);
$table_message = Database::get_main_table(TABLE_MESSAGE);
$request=api_is_xml_http_request();
if ($_SESSION['social_exist']===true) {
$redirect="#remote-tab-2";
$redirect="#remote-tab-2";
if (api_get_setting('allow_social_tool')=='true' && api_get_setting('allow_message_tool')=='true') {
$success= get_lang('SelectedMessagesDeleted');
} else {
$success= get_lang('SelectedMessagesDeleted');
$success= get_lang('SelectedMessagesDeleted');
}
} else {
$success= get_lang('SelectedMessagesDeleted');
@ -82,7 +82,7 @@ function inbox_display() {
echo '<a href="javascript:void(0)" onclick="selectall_cheks()">'.api_xml_http_response_encode(get_lang('SelectAll')).'</a>&nbsp;&nbsp;&nbsp;';
echo '<a href="javascript:void(0)" onclick="unselectall_cheks()">'.api_xml_http_response_encode(get_lang('UnSelectAll')).'</a>&nbsp;&nbsp;&nbsp;';
echo '<button class="save" name="delete" type="button" value="'.api_xml_http_response_encode(get_lang('DeleteSelectedMessages')).'" onclick="submit_form(\'inbox\')">'.api_xml_http_response_encode(get_lang('DeleteSelectedMessages')).'</button>';
}
} else {
$table->set_form_actions(array ('delete' => get_lang('DeleteSelectedMessages')));
@ -95,23 +95,23 @@ function get_number_of_messages_mask() {
}
function get_message_data_mask($from, $number_of_items, $column, $direction) {
$column='3';
$direction='desc';
//non set by SortableTable ?
$direction='desc';
//non set by SortableTable ?
$number_of_items=get_number_of_messages_mask();
return MessageManager::get_message_data($from, $number_of_items, $column, $direction);
}
function outbox_display() {
$table_message = Database::get_main_table(TABLE_MESSAGE);
$table_message = Database::get_main_table(TABLE_MESSAGE);
$request=api_is_xml_http_request();
global $charset;
if ($_SESSION['social_exist']===true) {
$redirect="#remote-tab-3";
$redirect="#remote-tab-3";
if (api_get_setting('allow_social_tool')=='true' && api_get_setting('allow_message_tool')=='true') {
$success= get_lang('SelectedMessagesDeleted')."&nbsp<br><a href=\""."../social/index.php?$redirect\">".get_lang('BackToOutbox')."</a>";
}else {
$success=get_lang('SelectedMessagesDeleted')."&nbsp<br><a href=\""."../social/index.php?$redirect\">".get_lang('BackToOutbox')."</a>";
$success=get_lang('SelectedMessagesDeleted')."&nbsp<br><a href=\""."../social/index.php?$redirect\">".get_lang('BackToOutbox')."</a>";
}
} else {
$success= get_lang('SelectedMessagesDeleted')."&nbsp</b>"."<br><a href=\""."outbox.php\">".get_lang('BackToOutbox')."</a>";
}
@ -121,15 +121,15 @@ if (isset ($_REQUEST['action'])) {
$number_of_selected_messages = count($_POST['id']);
if ($number_of_selected_messages!=0) {
foreach ($_POST['id'] as $index => $message_id) {
MessageManager::delete_message_by_user_receiver(api_get_user_id(), $message_id);
MessageManager::delete_message_by_user_receiver(api_get_user_id(), $message_id);
}
}
}
Display::display_normal_message(api_xml_http_response_encode($success),false);
break;
case 'deleteone' :
MessageManager::delete_message_by_user_receiver(api_get_user_id(), $_GET['id']);
Display::display_confirmation_message(api_xml_http_response_encode($success),false);
echo '<br/>';
echo '<br/>';
break;
}
}
@ -168,7 +168,7 @@ function get_message_data_send_mask($from, $number_of_items, $column, $direction
$column='3';
$direction='desc';
//non set by SortableTable ?
$number_of_items=get_number_of_messages_send_mask();
$number_of_items=get_number_of_messages_send_mask();
return MessageManager::get_message_data_sent($from, $number_of_items, $column, $direction);
}
?>

88
main/inc/lib/online.inc.php
Unescape View File

@ -1,27 +1,27 @@
<?php
/*
==============================================================================
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2004-2008 Dokeos SPRL
Copyright (c) Istvan Mandak
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact address: Dokeos, rue du Corbeau, 108, B-1030 Brussels, Belgium
Mail: info@dokeos.com
==============================================================================
==============================================================================
*/
/**
==============================================================================
==============================================================================
* Code library for showing Who is online
*
* @author Istvan Mandak, principal author
@ -29,7 +29,7 @@
* @author Bart Mollet
* @author Roan Embrechts, cleaning and bugfixing
* @package dokeos.whoisonline
==============================================================================
==============================================================================
*/
/**
* Insert a login reference for the current user into the track_e_online stats table.
@ -50,7 +50,7 @@ function LoginCheck($uid)
$login_ip = Database::escape_string($_SERVER['REMOTE_ADDR']);
}
$reallyNow = time();
$login_date = date("Y-m-d H:i:s",$reallyNow);
$login_date = date("Y-m-d H:i:s",$reallyNow);
// if the $_course array exists this means we are in a course and we have to store this in the who's online table also
// to have the x users in this course feature working
if (is_array($_course) && count($_course)>0 && !empty($_course['id']))
@ -59,7 +59,7 @@ function LoginCheck($uid)
}
else
{
$query = "REPLACE INTO ".$online_table ." (login_id,login_user_id,login_date,login_ip) VALUES ($uid,$uid,'$login_date','$login_ip')";
$query = "REPLACE INTO ".$online_table ." (login_id,login_user_id,login_date,login_ip) VALUES ($uid,$uid,'$login_date','$login_ip')";
}
@api_sql_query($query,__FILE__,__LINE__);
@ -90,19 +90,19 @@ function online_logout() {
if (Database::num_rows($q_last_connection)>0) {
$i_id_last_connection=Database::result($q_last_connection,0,"login_id");
}
if (!isset($_SESSION['login_as'])) {
$current_date=date('Y-m-d H:i:s',time());
$s_sql_update_logout_date="UPDATE $tbl_track_login SET logout_date='".$current_date."' WHERE login_id='$i_id_last_connection'";
api_sql_query($s_sql_update_logout_date);
}
LoginDelete($uid, $_configuration['statistics_database']); //from inc/lib/online.inc.php - removes the "online" status
//the following code enables the use of an external logout function.
//example: define a $extAuthSource['ldap']['logout']="file.php" in configuration.php
// then a function called ldap_logout() inside that file
// (using *authent_name*_logout as the function name) and the following code
// will find and execute it
// then a function called ldap_logout() inside that file
// (using *authent_name*_logout as the function name) and the following code
// will find and execute it
$uinfo = api_get_user_info($uid);
if (($uinfo['auth_source'] != PLATFORM_AUTH_SOURCE) && is_array($extAuthSource)) {
if (is_array($extAuthSource[$uinfo['auth_source']])) {
@ -133,7 +133,7 @@ function online_logout() {
*/
function LoginDelete($user_id)
{
$online_table = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_ONLINE);
$online_table = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_ONLINE);
$user_id = (int) $user_id;
$query = "DELETE FROM ".$online_table ." WHERE login_user_id = '".Database::escape_string($user_id)."'";
@api_sql_query($query,__FILE__,__LINE__);
@ -148,34 +148,34 @@ function LoginDelete($user_id)
* @todo remove parameter $statistics_database which is no longer necessary
*/
function WhoIsOnline($uid=0,$statistics_database='',$valid)
{
{
$valid = (int) $valid;
$current_date=date('Y-m-d H:i:s',time());
$track_online_table = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_ONLINE);
$query = "SELECT login_user_id,login_date FROM ".$track_online_table ." WHERE DATE_ADD(login_date,INTERVAL $valid MINUTE) >= '".$current_date."' ";
global $_configuration;
if ($_configuration['multiple_access_urls']==true) {
$tbl_user_rel_access_url= Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
global $_configuration;
if ($_configuration['multiple_access_urls']==true) {
$tbl_user_rel_access_url= Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1){
$query = "SELECT login_user_id,login_date FROM ".$track_online_table ." track
$query = "SELECT login_user_id,login_date FROM ".$track_online_table ." track
INNER JOIN $tbl_user_rel_access_url user_rel_url
ON (user_rel_url.user_id = track.login_user_id)
WHERE access_url_id = $access_url_id AND DATE_ADD(login_date,INTERVAL $valid MINUTE) >= '".$current_date."' ";
ON (user_rel_url.user_id = track.login_user_id)
WHERE access_url_id = $access_url_id AND DATE_ADD(login_date,INTERVAL $valid MINUTE) >= '".$current_date."' ";
}
}
$result = @api_sql_query($query,__FILE__,__LINE__);
}
$result = @api_sql_query($query,__FILE__,__LINE__);
if (count($result)>0)
{
$rtime = time();
$rdate = date("Y-m-d H:i:s",$rtime);
$validtime = mktime(date("H"),date("i")-$valid,date("s"),date("m"),date("d"),date("Y"));
$rarray = array();
while(list($login_user_id,$login_date)= Database::fetch_row($result))
{
{
$barray = array();
array_push($barray,$login_user_id);
array_push($barray,$login_date);
@ -189,15 +189,15 @@ function WhoIsOnline($uid=0,$statistics_database='',$valid)
$year = substr($login_date,0,4);
// db timestamp
$dbtime = mktime($hour,$minute,$secund,$month,$day,$year);
if ($dbtime>$validtime)
{
array_push($rarray,$barray);
}
}
}
return $rarray;
}
else
else
{
return false;
}
@ -234,7 +234,7 @@ function GetFullUserName($uid)
function chatcall() {
global $_user, $_cid;
if (!$_user['user_id'])
{
return (false);
@ -270,10 +270,10 @@ function chatcall() {
. get_lang("No")
."</a>"
."</p>";
return($message);
}
else
else
{
return(false);
}
@ -288,23 +288,23 @@ function chatcall() {
* @return array Each line gives a user id and a login time
*/
function who_is_online_in_this_course($uid, $valid, $coursecode=null)
{
{
if(empty($coursecode)) return false;
$track_online_table = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_ONLINE);
$coursecode = Database::escape_string($coursecode);
$valid = Database::escape_string($valid);
$query = "SELECT login_user_id,login_date FROM ".$track_online_table ." WHERE course='".$coursecode."' AND DATE_ADD(login_date,INTERVAL $valid MINUTE) >= NOW() ";
$result = api_sql_query($query,__FILE__,__LINE__);
$query = "SELECT login_user_id,login_date FROM ".$track_online_table ." WHERE course='".$coursecode."' AND DATE_ADD(login_date,INTERVAL $valid MINUTE) >= NOW() ";
$result = api_sql_query($query,__FILE__,__LINE__);
if (count($result)>0)
{
$rtime = time();
$rdate = date("Y-m-d H:i:s",$rtime);
$validtime = mktime(date("H"),date("i")-$valid,date("s"),date("m"),date("d"),date("Y"));
$rarray = array();
while(list($login_user_id,$login_date)= mysql_fetch_row($result))
{
{
$barray = array();
array_push($barray,$login_user_id);
array_push($barray,$login_date);
@ -322,10 +322,10 @@ function who_is_online_in_this_course($uid, $valid, $coursecode=null)
{
array_push($rarray,$barray);
}
}
}
return $rarray;
}
else
else
{
return false;
}

60
main/inc/lib/security.lib.php
Unescape View File

@ -1,23 +1,23 @@
<?php
/*
==============================================================================
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2007 Dokeos S.A.
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
==============================================================================
==============================================================================
*/
/**
==============================================================================
==============================================================================
* This is the security library for Dokeos.
*
* This library is based on recommendations found in the PHP5 Certification
@ -25,36 +25,36 @@
* http://www.phpsec.org/
* The principles here are that all data is tainted (most scripts of Dokeos are
* open to the public or at least to a certain public that could be malicious
* under specific circumstances). We use the white list approach, where as we
* consider that data can only be used in the database or in a file if it has
* under specific circumstances). We use the white list approach, where as we
* consider that data can only be used in the database or in a file if it has
* been filtered.
*
*
* For session fixation, use ...
* For session hijacking, use get_ua() and check_ua()
* For Cross-Site Request Forgeries, use get_token() and check_tocken()
* For basic filtering, use filter()
* For files inclusions (using dynamic paths) use check_rel_path() and check_abs_path()
*
*
* @package dokeos.library
==============================================================================
==============================================================================
*/
/**
* Security class
*
* Include/require it in your code and call Security::function()
* Include/require it in your code and call Security::function()
* to use its functionalities.
*
*
* This class can also be used as a container for filtered data, by creating
* a new Security object and using $secure->filter($new_var,[more options])
* and then using $secure->clean['var'] as a filtered equivalent, although
* a new Security object and using $secure->filter($new_var,[more options])
* and then using $secure->clean['var'] as a filtered equivalent, although
* this is *not* mandatory at all.
*
*
* @author Yannick Warnier <yannick.warnier@dokeos.com>
*/
class Security {
public static $clean = array();
/**
* Checks if the absolute path (directory) given is really under the
* Checks if the absolute path (directory) given is really under the
* checker path (directory)
* @param string Absolute path to be checked (with trailing slash)
* @param string Checker path under which the path should be (absolute path, with trailing slash, get it from api_get_path(SYS_COURSE_PATH))
@ -62,9 +62,9 @@ class Security {
*/
public static function check_abs_path ($abs_path,$checker_path) {
if (empty($checker_path)) {return false;} //checker path must be set
$true_path=str_replace("\\", "/", realpath($abs_path));
$found = strpos($true_path.'/',$checker_path);
if ($found===0) {
return true;
@ -72,7 +72,7 @@ class Security {
return false;
}
/**
* Checks if the relative path (directory) given is really under the
* Checks if the relative path (directory) given is really under the
* checker path (directory)
* @param string Relative path to be checked (relative to the current directory) (with trailing slash)
* @param string Checker path under which the path should be (absolute path, with trailing slash, get it from api_get_path(SYS_COURSE_PATH))
@ -119,7 +119,7 @@ class Security {
case 'post':
if (isset($_SESSION['sec_token']) && isset($_POST['sec_token']) && $_SESSION['sec_token'] === $_POST['sec_token']) {
return true;
}
}
return false;
default:
if (isset($_SESSION['sec_token']) && isset($array) && $_SESSION['sec_token'] === $array) {
@ -130,7 +130,7 @@ class Security {
return false; //just in case, don't let anything slip
}
/**
* Checks the user agent of the client as recorder by get_ua() to prevent
* Checks the user agent of the client as recorder by get_ua() to prevent
* most session hijacking attacks.
* @return bool True if the user agent is the same, false otherwise
*/
@ -186,7 +186,7 @@ class Security {
$_SESSION['sec_ua_seed'] = uniqid(rand(),TRUE);
$_SESSION['sec_ua'] = $_SERVER['HTTP_USER_AGENT'].$_SESSION['sec_ua_seed'];
}
/**
/**
* This function filters a variable to the type given, with the options given
* @param mixed The variable to be filtered
* @param string The type of variable we expect (bool,int,float,string)
@ -212,7 +212,7 @@ class Security {
$result = (float) $var;
break;
case 'string':
break;
case 'array':
//an array variable shouldn't be given to the filter
@ -241,18 +241,18 @@ class Security {
* This function tackles the XSS injections.
* Filtering for XSS is very easily done by using the htmlentities() function.
* This kind of filtering prevents JavaScript snippets to be understood as such.
* @param mixed The variable to filter for XSS, this params can be a string or an array (example : array(x,y))
* @param mixed The variable to filter for XSS, this params can be a string or an array (example : array(x,y))
* @param integer The user status,constant allowed(STUDENT,COURSEMANAGER,ANONYMOUS,COURSEMANAGERLOWSECURITY)
* @return mixed Filtered string or array
*/
public static function remove_XSS ($var,$user_status=ANONYMOUS) {
global $charset;
$purifier = new HTMLPurifier(null,$user_status);
$purifier = new HTMLPurifier(null,$user_status);
if (is_array($var)) {
return $purifier->purifyArray($var);
return $purifier->purifyArray($var);
} else {
return $purifier->purify($var);
return $purifier->purify($var);
}
}
}

54
main/inc/lib/social.lib.php
Unescape View File

@ -8,10 +8,10 @@ define(SOCIALGOODFRIEND,4);
define(SOCIALENEMY,5);
define(SOCIALDELETED,6);
class UserFriend extends UserManager {
class UserFriend extends UserManager {
private function __construct() {
}
/**
* Allow to register contact to social network
@ -28,8 +28,8 @@ class UserFriend extends UserManager {
$result = Database::query($sql, __FILE__, __LINE__);
$row = Database :: fetch_array($result, 'ASSOC');
if ($row['count'] == 0) {
$current_date=date('Y-m-d H:i:s');
$sql_i = 'INSERT INTO ' . $tbl_my_friend . '(friend_user_id,user_id,relation_type,last_edit)values(' . ((int)$friend_id) . ','.((int)$my_user_id).','.((int)$relation_type).',"'.$current_date.'");';
$current_date=date('Y-m-d H:i:s');
$sql_i = 'INSERT INTO ' . $tbl_my_friend . '(friend_user_id,user_id,relation_type,last_edit)values(' . ((int)$friend_id) . ','.((int)$my_user_id).','.((int)$relation_type).',"'.$current_date.'");';
Database::query($sql_i, __FILE__, __LINE__);
} else {
$sql = 'SELECT COUNT(*) as count FROM ' . $tbl_my_friend . ' WHERE friend_user_id=' . ((int)$friend_id) . ' AND user_id='.((int)$my_user_id);
@ -41,7 +41,7 @@ class UserFriend extends UserManager {
}
}
}
/**
* Allow to delete contact to social network
*@author isaac flores paz <isaac.flores@dokeos.com>
@ -61,11 +61,11 @@ class UserFriend extends UserManager {
$sql_j = 'UPDATE ' . $tbl_my_message . ' SET msg_status=7 WHERE user_receiver_id=' . ((int)$user_id).' AND user_sender_id='.((int)$friend_id);
//Delete user
$sql_ij = 'UPDATE ' . $tbl_my_friend . ' SET relation_type=6 WHERE user_id=' . ((int)$friend_id).' AND friend_user_id='.((int)$user_id);
$sql_ji = 'UPDATE ' . $tbl_my_message . ' SET msg_status=7 WHERE user_receiver_id=' . ((int)$friend_id).' AND user_sender_id='.((int)$user_id);
$sql_ji = 'UPDATE ' . $tbl_my_message . ' SET msg_status=7 WHERE user_receiver_id=' . ((int)$friend_id).' AND user_sender_id='.((int)$user_id);
Database::query($sql_i, __FILE__, __LINE__);
Database::query($sql_j, __FILE__, __LINE__);
Database::query($sql_ij, __FILE__, __LINE__);
Database::query($sql_ji, __FILE__, __LINE__);
Database::query($sql_ji, __FILE__, __LINE__);
}
}
/**
@ -88,12 +88,12 @@ class UserFriend extends UserManager {
} else {
return $friend_relation_list;
}
}
/**
* Get relation type contact by name
* @author isaac flores paz <florespaz@bidsoftperu.com>
* @param string names of the kind of relation
* @param string names of the kind of relation
* @return int
*/
public static function get_relation_type_by_name ($relation_type_name) {
@ -103,7 +103,7 @@ class UserFriend extends UserManager {
if (strtolower($value_type_friend['title'])==$relation_type_name) {
return $value_type_friend['id'];
}
}
}
}
/**
* Get the kind of relation between contacts
@ -120,7 +120,7 @@ class UserFriend extends UserManager {
$res=Database::query($sql,__FILE__,__LINE__);
$row=Database::fetch_array($res,'ASSOC');
if (Database::num_rows($res)>0) {
return $row['id'];
return $row['id'];
} else {
return USERUNKNOW;
}
@ -136,7 +136,7 @@ class UserFriend extends UserManager {
public static function get_list_id_friends_by_user_id ($user_id,$id_group=null,$search_name=null) {
$list_ids_friends=array();
$tbl_my_friend = Database :: get_main_table(TABLE_MAIN_USER_FRIEND);
$tbl_my_user = Database :: get_main_table(TABLE_MAIN_USER);
$tbl_my_user = Database :: get_main_table(TABLE_MAIN_USER);
$sql='SELECT friend_user_id FROM '.$tbl_my_friend.' WHERE relation_type<>6 AND friend_user_id<>'.((int)$user_id).' AND user_id='.((int)$user_id);
if (isset($id_group) && $id_group>0) {
$sql.=' AND relation_type='.$id_group;
@ -156,13 +156,13 @@ class UserFriend extends UserManager {
* @param int user id
* @param int group id
* @param string name to search
* @param array
* @param array
*/
public static function get_list_path_web_by_user_id ($user_id,$id_group=null,$search_name=null) {
$list_paths=array();
$list_path_friend=array();
$array_path_user=array();
$combine_friend = array();
$combine_friend = array();
$list_ids = self::get_list_id_friends_by_user_id ($user_id,$id_group,$search_name);
if (is_array($list_ids)) {
foreach ($list_ids as $values_ids) {
@ -186,7 +186,7 @@ class UserFriend extends UserManager {
$list_path_image_friend[] = UserManager::get_user_picture_path_by_id($values_ids['user_sender_id'],'web',false,true);
}
return $list_path_image_friend;
}
}
/**
* allow to sent an invitation to my contacts
* @author isaac flores paz <florespaz@bidsoftperu.com>
@ -206,21 +206,21 @@ class UserFriend extends UserManager {
if ($row_exist['count']==0) {
$sql='INSERT INTO '.$tbl_message.'(user_sender_id,user_receiver_id,msg_status,send_date,title,content) VALUES('.((int)$user_id).','.((int)$friend_id).','.((int)$status_invitation).',"'.$current_date.'","'.$message_title.'","'.$message_content.'")';
Database::query($sql,__FILE__,__LINE__);
return true;
return true;
} elseif ($row_exist['count']==1) {
$sql_if_exist='SELECT COUNT(*) AS count FROM '.$tbl_message.' WHERE user_sender_id='.((int)$user_id).' AND user_receiver_id='.((int)$friend_id).' AND msg_status=7';
$res_if_exist=Database::query($sql_if_exist,__FILE__,__LINE__);
$row_if_exist=Database::fetch_array($res_if_exist,'ASSOC');
if ($row_if_exist['count']==1) {
$sql_if_exist_up='UPDATE '.$tbl_message.'SET msg_status=5 WHERE user_sender_id='.((int)$user_id).' AND user_receiver_id='.((int)$friend_id).';';
$sql_if_exist_up='UPDATE '.$tbl_message.'SET msg_status=5 WHERE user_sender_id='.((int)$user_id).' AND user_receiver_id='.((int)$friend_id).';';
Database::query($sql_if_exist_up,__FILE__,__LINE__);
return true;
} else {
return false;
return false;
}
} else {
return false;
return false;
}
}
@ -278,7 +278,7 @@ class UserFriend extends UserManager {
$tbl_message=Database::get_main_table(TABLE_MAIN_MESSAGE);
$msg_status=7;
$sql='UPDATE '.$tbl_message.' SET msg_status='.$msg_status.' WHERE user_sender_id='.((int)$user_send_id).' AND user_receiver_id='.((int)$user_receiver_id).';';
Database::query($sql,__FILE__,__LINE__);
Database::query($sql,__FILE__,__LINE__);
}
/**
* allow attach to group
@ -291,7 +291,7 @@ class UserFriend extends UserManager {
$tbl_user_friend=Database::get_main_table(TABLE_MAIN_USER_FRIEND);
$user_id=api_get_user_id();
$sql='UPDATE '.$tbl_user_friend.' SET relation_type='.((int)$type_qualify).' WHERE user_id='.((int)$user_id).' AND friend_user_id='.((int)$id_friend_qualify).';';
Database::query($sql,__FILE__,__LINE__);
Database::query($sql,__FILE__,__LINE__);
}
/**
* Send invitation a your friends
@ -305,11 +305,11 @@ class UserFriend extends UserManager {
$user_info=api_get_user_info($userfriend_id);
$succes=get_lang('MessageSentTo');
$succes.= ' : '.api_get_person_name($user_info['firstName'], $user_info['lastName']);
if (isset($subject_message) && isset($content_message) && isset($userfriend_id)) {
if (isset($subject_message) && isset($content_message) && isset($userfriend_id)) {
$send_message = MessageManager::send_message(((int)$userfriend_id),Database::escape_string($subject_message), Database::escape_string($content_message));
if ($send_message) {
echo Display::display_confirmation_message($succes,true);
} else {
} else {
echo Display::display_error_message($succes,true);
}
exit;
@ -326,10 +326,10 @@ class UserFriend extends UserManager {
if ($count_is_true) {
echo Display::display_normal_message(get_lang('InvitationHasBeenSent'));
}else {
echo Display::display_error_message(get_lang('InvitationHasBeenNotSent'));
echo Display::display_error_message(get_lang('InvitationHasBeenNotSent'));
}
}
}
}
}
}

66
main/inc/lib/sortabletable.class.php
Unescape View File

@ -107,7 +107,7 @@ class SortableTable extends HTML_Table {
* table
*/
public $other_tables;
/**
* Create a new SortableTable
@ -128,19 +128,19 @@ class SortableTable extends HTML_Table {
$this->table_name = $table_name;
$this->additional_parameters = array ();
$this->param_prefix = $table_name.'_';
$this->page_nr = isset ($_SESSION[$this->param_prefix.'page_nr']) ? intval($_SESSION[$this->param_prefix.'page_nr']) : 1;
$this->page_nr = isset ($_GET[$this->param_prefix.'page_nr']) ? intval($_GET[$this->param_prefix.'page_nr']) : $this->page_nr;
$this->column = isset ($_SESSION[$this->param_prefix.'column']) ? intval($_SESSION[$this->param_prefix.'column']) : $default_column;
$this->column = isset ($_GET[$this->param_prefix.'column']) ? intval($_GET[$this->param_prefix.'column']) : $this->column;
//$this->direction = isset ($_SESSION[$this->param_prefix.'direction']) ? $_SESSION[$this->param_prefix.'direction'] : $default_order_direction;
if (isset($_SESSION[$this->param_prefix.'direction'])) {
$my_session_direction = $_SESSION[$this->param_prefix.'direction'];
if(!in_array($my_session_direction, array('ASC','DESC'))){
$this->direction = 'ASC';
$this->direction = 'ASC';
} else {
if ($my_session_direction=='ASC') {
$this->direction = 'ASC';
@ -148,12 +148,12 @@ class SortableTable extends HTML_Table {
$this->direction = 'DESC';
}
}
}
}
if (isset($_GET[$this->param_prefix.'direction'])) {
$my_get_direction = $_GET[$this->param_prefix.'direction'];
$my_get_direction = $_GET[$this->param_prefix.'direction'];
if(!in_array($my_get_direction, array('ASC','DESC'))){
$this->direction = 'ASC';
$this->direction = 'ASC';
} else {
if ($my_get_direction=='ASC') {
$this->direction = 'ASC';
@ -165,10 +165,10 @@ class SortableTable extends HTML_Table {
//allow to change paginate in multiples tabs
unset($_SESSION[$this->param_prefix.'per_page']);
$this->per_page = isset ($_SESSION[$this->param_prefix.'per_page']) ? intval($_SESSION[$this->param_prefix.'per_page']) : $default_items_per_page;
$this->per_page = isset ($_GET[$this->param_prefix.'per_page']) ? intval($_GET[$this->param_prefix.'per_page']) : $this->per_page;
$_SESSION[$this->param_prefix.'per_page'] = $this->per_page;
$_SESSION[$this->param_prefix.'direction'] = $this->direction ;
$_SESSION[$this->param_prefix.'page_nr'] = $this->page_nr;
@ -237,7 +237,7 @@ class SortableTable extends HTML_Table {
$message_empty=get_lang('TheListIsEmpty');
}
$this->setCellContents(1, 0,$message_empty);
$empty_table = true;
}
$html='';
@ -462,7 +462,7 @@ class SortableTable extends HTML_Table {
$param[$tablename.'_direction'] = 'ASC';
} else {
$param[$tablename.'_direction'] = $my_get_direction;
}
}
}
if( isset($_GET[$tablename.'_page_nr']))
$param[$tablename.'_page_nr'] = intval($_GET[$tablename.'_page_nr']);
@ -559,7 +559,7 @@ class SortableTable extends HTML_Table {
$row[0] .= '/>';
}
}
foreach ($row as $index => $value) {
if (strlen($row[$index]) == 0)
{
@ -636,61 +636,61 @@ class SortableTableFromArray extends SortableTable {
/**
* Sortable table which can be used for data available in an array
*
*
* Is a variation of SortableTableFromArray because we add 2 new arrays $column_show and $column_order
* $column_show is an array that lets us decide which are going to be the columns to show
* $column_order is an array that lets us decide the ordering of the columns
* $column_order is an array that lets us decide the ordering of the columns
* i.e: $column_header=array('a','b','c','d','e'); $column_order=array(1,2,5,4,5);
* These means that the 3th column (letter "c") will be sort like the order we use in the 5th column
* These means that the 3th column (letter "c") will be sort like the order we use in the 5th column
*/
class SortableTableFromArrayConfig extends SortableTable {
class SortableTableFromArrayConfig extends SortableTable {
/**
* The array containing the columns that will be show i.e $column_show=array('1','0','0'); we will show only the 1st column
*/
private $column_show;
/**
*The array containing the real sort column $column_order=array('1''4','3','4'); The 2nd column will be order like the 4th column
*The array containing the real sort column $column_order=array('1''4','3','4'); The 2nd column will be order like the 4th column
*/
private $column_order;
private $column_order;
/**
* The array containing all data for this table
*/
private $table_data;
/**
* Constructor
* @param array $table_data All the information of the table
* @param int $default_column Default column that will be use in the sorts functions
* @param int $default_column Default column that will be use in the sorts functions
* @param int $default_items_per_page quantity of pages that we are going to see
* @param int $tablename Name of the table
* @param array $column_show An array with binary values 1: we show the column 2: we don't show it
* @param array $column_order An array of integers that let us decide how the columns are going to be sort.
*/
* @param array $column_show An array with binary values 1: we show the column 2: we don't show it
* @param array $column_order An array of integers that let us decide how the columns are going to be sort.
*/
public function __construct ($table_data, $default_column = 1, $default_items_per_page = 20, $tablename = 'tablename',$column_show=null,$column_order=null,$direction='ASC') {
$this->column_show=$column_show;
$this->column_order=$column_order;
parent :: __construct ($tablename, null, null, $default_column, $default_items_per_page,$direction);
$this->table_data = $table_data;
}
/**
* Get table data to show on current page
* @see SortableTable#get_table_data
*/
public function get_table_data($from = 1) {
public function get_table_data($from = 1) {
$content = TableSort :: sort_table_config($this->table_data, $this->column, $this->direction == 'ASC' ? SORT_ASC : SORT_DESC ,$this->column_show, $this->column_order);
return array_slice($content, $from, $this->per_page);
}
/**
* Get total number of items
* @see SortableTable#get_total_number_of_items
*/
public function get_total_number_of_items () {
return count($this->table_data);
}
}
}
?>

8
main/inc/lib/specific_fields_manager.lib.php
Unescape View File

@ -45,7 +45,7 @@ function delete_specific_field($id) {
$sql = 'DELETE FROM %s WHERE id=%s LIMIT 1';
$sql = sprintf($sql, $table_sf, $id);
$result = api_sql_query($sql,__FILE__,__LINE__);
//TODO also delete the corresponding values
//TODO also delete the corresponding values
}
/**
@ -180,7 +180,7 @@ function delete_all_specific_field_value($course_id, $id_specific_field, $tool_i
}
/**
* Delete all values from a specific item (course_id, tool_id and ref_id).
* Delete all values from a specific item (course_id, tool_id and ref_id).
* To be used when deleting such item from Dokeos
* @param string Course code
* @param string Tool ID
@ -210,14 +210,14 @@ function get_specific_field_code_from_name($name) {
$code = strtoupper(substr($name,0,1));
//if no code exists in DB, return current one
if (Database::num_rows($res)<1) { return $code;}
$existing_list = array();
while ($row = Database::fetch_array($res)) {
$existing_list[] = $row['code'];
}
//if the current code doesn't exist in DB, return current one
if (!in_array($code,$existing_list)) { return $code;}
$idx = array_search($code,$list);
$c = count($list);
for ($i = $idx+1, $j=0 ; $j<$c ; $i++, $j++) {

244
main/inc/lib/stats.lib.inc.php
Unescape View File

@ -1,43 +1,43 @@
<?php // $Id: stats.lib.inc.php 10082 2006-11-21 19:08:15Z pcool $
<?php // $Id: stats.lib.inc.php 10082 2006-11-21 19:08:15Z pcool $
/*
==============================================================================
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2004 Dokeos S.A.
Copyright (c) 2003 Ghent University (UGent)
Copyright (c) 2001 Universite catholique de Louvain (UCL)
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact: Dokeos, 181 rue Royale, B-1000 Brussels, Belgium, info@dokeos.com
==============================================================================
==============================================================================
*/
/**
==============================================================================
==============================================================================
* This is the statistics library for Dokeos.
* Include/require it in your code to use its functionality.
*
* @author Sebastien Piraux
* @package dokeos.library
*
*
* @todo use the Database libraries
==============================================================================
==============================================================================
*/
/*
List of functions :
/*
List of functions :
-------------------
addBrowser -- OK
addCountry -- OK
addOs -- OK
@ -62,10 +62,10 @@
*/
/*
==============================================================================
==============================================================================
Variables
==============================================================================
*/
==============================================================================
*/
// regroup table names for maintenance purpose
$TABLETRACK_OPEN = $_configuration['statistics_database']."`.`track_e_open";
@ -78,12 +78,12 @@ $TABLESTATS_REFERERS = $_configuration['statistics_database']."`.`track_c_ref
/*
==============================================================================
==============================================================================
Main : decodeOpenInfos launch all processes
==============================================================================
==============================================================================
*/
/**
* @author Sebastien Piraux <piraux_seb@hotmail.com>
@ -91,11 +91,11 @@ $TABLESTATS_REFERERS = $_configuration['statistics_database']."`.`track_c_ref
information, to count occurences (for os, provider,...)
and to increment the number of occurrences of each
different element into the corresponding tables
*/
*/
function decodeOpenInfos()
{
global $TABLETRACK_OPEN;
// record initial value of ignore_user_abort
$ignore = ignore_user_abort();
// prevent script from being stopped while executing, the following can be considered
@ -103,7 +103,7 @@ function decodeOpenInfos()
ignore_user_abort(1) ;
// we take the last event id to prevent miss of some recorded event
// only processed record have to be cleaned
$sql = "SELECT open_id
$sql = "SELECT open_id
FROM `$TABLETRACK_OPEN`
WHERE open_date <= NOW()
ORDER BY open_id DESC
@ -117,30 +117,30 @@ function decodeOpenInfos()
$res = @mysql_fetch_array($query);
$processBegin = $res[0];
// process
//--Providers And Countries-------------------------------------------//
$sql = "SELECT open_remote_host
FROM `$TABLETRACK_OPEN`
$sql = "SELECT open_remote_host
FROM `$TABLETRACK_OPEN`
WHERE open_remote_host != ''
AND open_id <= '".$processBegin."' ";
$query = mysql_query( $sql );
if( mysql_num_rows($query) != 0 )
{
// load list of countries
// load list of countries
$list_countries = loadCountries();
while ($row = mysql_fetch_row ($query) )
while ($row = mysql_fetch_row ($query) )
{
$remote_host = $row[0];
/*****Provider*****/
//extract provider
//extract provider
$provider = extractProvider( $remote_host );
// add or increment provider in the providers array
$providers_array = addProvider( $provider,$providers_array );
/*****Countries*****/
// extract country
// extract country
$country = extractCountry( $remote_host, $list_countries );
// increment country in the countries table
$countries_array = addCountry( $country, $countries_array );
@ -151,11 +151,11 @@ function decodeOpenInfos()
fillCountriesTable( $countries_array );
}
// provider and countries done
//--Browsers and OS---------------------------------------------------//
$sql = "SELECT open_agent
FROM `$TABLETRACK_OPEN`
FROM `$TABLETRACK_OPEN`
WHERE open_remote_host != ''
AND open_id <= '".$processBegin."' ";
$query = mysql_query( $sql );
@ -166,8 +166,8 @@ function decodeOpenInfos()
$list_browsers = loadBrowsers();
// of OS
$list_os = loadOs();
while ( $row = mysql_fetch_row ($query) )
while ( $row = mysql_fetch_row ($query) )
{
$agent = $row[0];
/*****Browser and OS*****/
@ -177,15 +177,15 @@ function decodeOpenInfos()
$browsers_array = addBrowser( $browser , $browsers_array );
$os_array = addOs( $os , $os_array );
}
fillBrowsersTable( $browsers_array );
fillOsTable( $os_array );
}
// browsers and OS done
//--Referers----------------------------------------------------------//
// browsers and OS done
//--Referers----------------------------------------------------------//
$sql = "SELECT open_referer
FROM `$TABLETRACK_OPEN`
@ -197,22 +197,22 @@ function decodeOpenInfos()
{
$i=0;
while ($row = mysql_fetch_row ($query) )
while ($row = mysql_fetch_row ($query) )
{
$ref = $row[0];
$referers_array = addReferer( $ref , $referers_array );
}
fillReferersTable( $referers_array );
}
// referers done
// referers done
//-------------------------------------------------------------------//
// end of process
// cleaning of $TABLETRACK_OPEN table
cleanProcessedRecords($processBegin);
// reset to the initial value
ignore_user_abort($ignore);
}
@ -230,23 +230,23 @@ function decodeOpenInfos()
* @author Sebastien Piraux <piraux_seb@hotmail.com>
* @param limit : all records BEFORE $limit will be affected
* @desc this function will delete the remote_host, user_agent
and referer rows from the track_open table recorded before
and referer rows from the track_open table recorded before
the date $limit. OPTIMIZE is called to get back the memory
espaces deleted
*/
function cleanProcessedRecords( $limit )
{
global $TABLETRACK_OPEN;
$sql = "UPDATE `".$TABLETRACK_OPEN."`
$sql = "UPDATE `".$TABLETRACK_OPEN."`
SET open_remote_host = '',
open_agent = '',
open_referer =''
WHERE open_id <= '".$limit."'";
$query = mysql_query( $sql );
mysql_query("OPTIMIZE TABLE $TABLETRACK_OPEN");
}
@ -261,41 +261,41 @@ function cleanProcessedRecords( $limit )
* @author Sebastien Piraux <piraux_seb@hotmail.com>
* @param remhost : must be @getHostByAddr($_SERVER['REMOTE_ADDR']
* @desc this function will extract the provider name from a given
remote host and record this occurence in the corresponding
* @desc this function will extract the provider name from a given
remote host and record this occurence in the corresponding
table
*/
function extractProvider($remhost)
{
if($remhost == "Unknown")
return $remhost;
$explodedRemhost = explode(".", $remhost);
$provider = $explodedRemhost[sizeof( $explodedRemhost )-2]
."."
.$explodedRemhost[sizeof( $explodedRemhost )-1];
if($provider == "co.uk" || $provider == "co.jp")
return $explodedRemhost[sizeof( $explodedRemhost )-3].$provider;
else return $provider;
}
/**
* @author Sebastien Piraux <piraux_seb@hotmail.com>
* @param provider : name of the provider
* @param provider : name of the provider
* @param providers_array : list of providers and their counter
* @desc this function will :
- if the provider is already in the array it will increment
* @desc this function will :
- if the provider is already in the array it will increment
the corresponding value
- if the provider doesn't exist it will be added and set to 1
*/
function addProvider($provider,$providers_array)
{
if( isset( $providers_array[$provider] ) )
if( isset( $providers_array[$provider] ) )
{
// add one unity to this provider occurrences
$providers_array[$provider] = $providers_array[$provider] + 1;
@ -317,7 +317,7 @@ function addProvider($provider,$providers_array)
function fillProvidersTable($providers_array)
{
global $TABLESTATS_PROVIDERS;
if(is_array($providers_array))
{
foreach ( $providers_array as $prov=>$number )
@ -326,7 +326,7 @@ function fillProvidersTable($providers_array)
FROM `".$TABLESTATS_PROVIDERS."`
WHERE `provider` = '".$prov."'";
$res = mysql_query($sql);
// if this provider already exists in the DB
if( $row = mysql_num_rows($res) )
{
@ -338,13 +338,13 @@ function fillProvidersTable($providers_array)
else
{
// insert
$sql2 = "INSERT INTO `".$TABLESTATS_PROVIDERS."`
(`provider`,`counter`)
$sql2 = "INSERT INTO `".$TABLESTATS_PROVIDERS."`
(`provider`,`counter`)
VALUES ('".$prov."','".$number."')";
}
mysql_query($sql2);
}
}
}
}
}
/***************************************************************************
@ -357,23 +357,23 @@ function fillProvidersTable($providers_array)
* @author Sebastien Piraux <piraux_seb@hotmail.com>
* @return a 2D array filled with code and name of countries
* @desc This function is used to build an array containing
* @desc This function is used to build an array containing
countries informations
*/
function loadCountries()
{
{
global $TABLESTATS_COUNTRIES;
$sql = "SELECT code, country
FROM `".$TABLESTATS_COUNTRIES."`";
$res = mysql_query( $sql );
$i = 0 ;
while( $row = mysql_fetch_array( $res ) ) {
while( $row = mysql_fetch_array( $res ) ) {
$list_countries[$i][0] = $row["code"];
$list_countries[$i][1] = $row["country"];
$i++;
$i++;
}
return $list_countries;
mysql_free_result($res);
@ -384,7 +384,7 @@ function loadCountries()
* @author Sebastien Piraux <piraux_seb@hotmail.com>
* @param remhost : must be @getHostByAddr($_SERVER['REMOTE_ADDR']
* @param list_countries : list of countries -__-
* @param list_countries : list of countries -__-
* @return Name of the country or "Unknown" if not found
* @desc this function will extract the country from a given remote
host and increment the good value in the corresponding table
@ -396,7 +396,7 @@ function extractCountry($remhost,$list_countries)
// country code is the last value of remote host
$explodedRemhost = explode(".",$remhost);
$countryCode = $explodedRemhost[sizeof( $explodedRemhost )-1];
for($i = 0 ; $i < sizeof( $list_countries );$i++)
{
if($list_countries[$i][0] == $countryCode)
@ -408,15 +408,15 @@ function extractCountry($remhost,$list_countries)
/**
* @author Sebastien Piraux <piraux_seb@hotmail.com>
* @param country : name of the country or 'Unknown'
* @param countries_array : list of countries and their
* @param country : name of the country or 'Unknown'
* @param countries_array : list of countries and their
number of occurence
* @desc this function will increment number of occurrence
* @desc this function will increment number of occurrence
for $country in the countries' tables
*/
function addCountry($country,$countries_array)
{
if( isset( $countries_array[$country] ) )
if( isset( $countries_array[$country] ) )
{
// add one unity to this provider occurrences
$countries_array[$country] = $countries_array[$country] + 1;
@ -427,7 +427,7 @@ function addCountry($country,$countries_array)
$countries_array[$country] = 1;
}
return $countries_array;
}
@ -440,7 +440,7 @@ function addCountry($country,$countries_array)
function fillCountriesTable($countries_array)
{
global $TABLESTATS_COUNTRIES;
if(is_array($countries_array) )
if(is_array($countries_array) )
{
foreach ( $countries_array as $country=>$number )
{
@ -451,7 +451,7 @@ function fillCountriesTable($countries_array)
WHERE `country` = '".$country."'";
mysql_query($sql);
}
}
}
}
@ -465,11 +465,11 @@ function fillCountriesTable($countries_array)
* @author Sebastien Piraux <piraux_seb@hotmail.com>
* @return a 2D array filled with code and name of browsers
* @desc This function is used to build an array containing
* @desc This function is used to build an array containing
browser informations
*/
function loadBrowsers()
{
{
$buffer = split ("#","Gecko|Gecko#Mozilla/3|Mozilla 3.x#Mozilla/4.0|Mozilla 4.0x#Mozilla/4.5|Mozilla 4.5x#Mozilla/4.6|Mozilla 4.6x#Mozilla/4.7|Mozilla 4.7x#Mozilla/5.0|Mozilla 5.0x#MSIE 1.2|MSIE 1.2#MSIE 3.01|MSIE 3.x#MSIE 3.02|MSIE 3.x#MSIE 4.0|MSIE 4.x#MSIE 4.01|MSIE 4.x#MSIE 4.5|MSIE 4.5#MSIE 5.0b1|MSIE 5.0x#MSIE 5.0b2|MSIE 5.0x#MSIE 5.0|MSIE 5.0x#MSIE 5.01|MSIE 5.0x#MSIE 5.1|MSIE 5.1#MSIE 5.1b1|MSIE 5.1#MSIE 5.5|MSIE 5.5#MSIE 5.5b1|MSIE 5.5#MSIE 5.5b2|MSIE 5.5#MSIE 6.0|MSIE 6#MSIE 6.0b|MSIE 6#MSIE 6.5a|MSIE 6.5#Lynx/2.8.0|Lynx 2#Lynx/2.8.1|Lynx 2#Lynx/2.8.2|Lynx 2#Lynx/2.8.3|Lynx 2#Lynx/2.8.4|Lynx 2#Lynx/2.8.5|Lynx 2#HTTrack 3.0x|HTTrack#OmniWeb/4.0.1|OmniWeb#Opera 3.60|Opera 3.60#Opera 4.0|Opera 4#Opera 4.01|Opera 4#Opera 4.02|Opera 4#Opera 5|Opera 5#Opera/3.60|Opera 3.60#Opera/4|Opera 4#Opera/5|Opera 5#Opera/6|Opera 6#Opera 6|Opera 6#Netscape6|NS 6#Netscape/6|NS 6#Netscape7|NS 7#Netscape/7|NS 7#Konqueror/2.0|Konqueror 2#Konqueror/2.0.1|Konqueror 2#Konqueror/2.1|Konqueror 2#Konqueror/2.1.1|Konqueror 2#Konqueror/2.1.2|Konqueror 2#Konqueror/2.2|Konqueror 2#Teleport Pro|Teleport Pro#WebStripper|WebStripper#WebZIP|WebZIP#Netcraft Web|NetCraft#Googlebot|Googlebot#WebCrawler|WebCrawler#InternetSeer|InternetSeer#ia_archiver|ia archiver");
@ -487,11 +487,11 @@ function loadBrowsers()
* @author Sebastien Piraux <piraux_seb@hotmail.com>
* @return a 2D array filled with code and name of OS
* @desc This function is used to build an array containing
* @desc This function is used to build an array containing
OS informations
*/
function loadOs()
{
{
$buffer = split ("#","Windows 95|Win 95#Windows_95|Win 95#Windows 98|Win 98#Windows NT|Win NT#Windows NT 5.0|Win 2000#Windows NT 5.1|Win XP#Windows 2000|Win 2000#Windows XP|Win XP#Windows ME|Win Me#Win95|Win 95#Win98|Win 98#WinNT|Win NT#linux-2.2|Linux 2#Linux|Linux#Linux 2|Linux 2#Macintosh|Mac#Mac_PPC|Mac#Mac_PowerPC|Mac#SunOS 5|SunOS 5#SunOS 6|SunOS 6#FreeBSD|FreeBSD#beOS|beOS#InternetSeer|InternetSeer#Googlebot|Googlebot#Teleport Pro|Teleport Pro");
$i=0;
foreach( $buffer as $buffer1 ) {
@ -506,9 +506,9 @@ function loadOs()
* @param remhost : must be $_SERVER['HTTP_USER_AGENT']
* @param list_browsers : browsers list :x
* @param list_os : os list :x
* @return a string formatted like : browser|OS
* @return a string formatted like : browser|OS
browser and OS are the 'viewable' names
* @desc this function will extract browser and OS from
* @desc this function will extract browser and OS from
$_SERVER['HTTP_USER_AGENT']
*/
function extractAgent( $user_agent, $list_browsers, $list_os )
@ -516,44 +516,44 @@ function extractAgent( $user_agent, $list_browsers, $list_os )
// default values, if nothing corresponding found
$viewable_browser = "Unknown";
$viewable_os = "Unknown";
// search for corresponding pattern in $_SERVER['HTTP_USER_AGENT']
// for browser
for($i = 0; $i < count( $list_browsers ); $i++)
{
$pos = strpos( $user_agent, $list_browsers[$i][0] );
if( $pos !== false )
{
{
$viewable_browser = $list_browsers[$i][1];
}
}
}
// for os
for($i = 0; $i < count($list_os); $i++)
{
$pos = strpos( $user_agent, $list_os[$i][0] );
if( $pos !== false )
{
{
$viewable_os = $list_os[$i][1];
}
}
return $viewable_browser."|".$viewable_os;
}
}
/**
* @author Sebastien Piraux <piraux_seb@hotmail.com>
* @param browser : name of the browser or 'Unknown'
* @param browsers_array :
* @desc this function will :
- if the browser is already in the table it will increment
* @desc this function will :
- if the browser is already in the table it will increment
the corresponding value
- if the browser doesn't exist it will be added and set to 1
*/
function addBrowser($browser,$browsers_array)
{
if( isset( $browsers_array[$browser] ) )
if( isset( $browsers_array[$browser] ) )
{
// add one unity to this provider occurrences
$browsers_array[$browser] = $browsers_array[$browser] + 1;
@ -564,7 +564,7 @@ function addBrowser($browser,$browsers_array)
$browsers_array[$browser] = 1;
}
return $browsers_array;
}
/**
@ -572,14 +572,14 @@ function addBrowser($browser,$browsers_array)
* @author Sebastien Piraux <piraux_seb@hotmail.com>
* @param os : name of the OS or 'Unknown'
* @param os_array : list of os and number of occurences
* @desc this function will :
- if the os is already in the table it will increment
* @desc this function will :
- if the os is already in the table it will increment
the corresponding value
- if the os doesn't exist it will be added and set to 1
*/
function addOs($os,$os_array)
{
if( isset( $os_array[$os] ) )
if( isset( $os_array[$os] ) )
{
// add one unity to this provider occurrences
$os_array[$os] = $os_array[$os] + 1;
@ -590,7 +590,7 @@ function addOs($os,$os_array)
$os_array[$os] = 1;
}
return $os_array;
}
/**
@ -602,7 +602,7 @@ function addOs($os,$os_array)
function fillBrowsersTable($browsers_array)
{
global $TABLESTATS_BROWSERS;
if ( is_array($browsers_array ) )
if ( is_array($browsers_array ) )
{
foreach ( $browsers_array as $browser=>$number )
{
@ -622,12 +622,12 @@ function fillBrowsersTable($browsers_array)
else
{
// insert
$sql2 = "INSERT INTO `".$TABLESTATS_BROWSERS."`
(`browser`,`counter`)
$sql2 = "INSERT INTO `".$TABLESTATS_BROWSERS."`
(`browser`,`counter`)
VALUES ('".$browser."','".$number."')";
}
mysql_query($sql2);
}
}
}
}
@ -660,12 +660,12 @@ function fillOsTable($os_array)
else
{
// insert
$sql2 = "INSERT INTO `".$TABLESTATS_OS."`
(`os`,`counter`)
$sql2 = "INSERT INTO `".$TABLESTATS_OS."`
(`os`,`counter`)
VALUES ('".$os."','".$number."')";
}
mysql_query($sql2);
}
}
}
}
@ -681,14 +681,14 @@ function fillOsTable($os_array)
* @author Sebastien Piraux <piraux_seb@hotmail.com>
* @param referer : name of the referer
* @param referers_array : list of referer and number of occurences
* @desc this function will :
- if the referer is already in the table it will increment
* @desc this function will :
- if the referer is already in the table it will increment
the corresponding value
- if the referer doesn't exist it will be added and set to 1
*/
function addReferer($referer,$referers_array)
{
if( isset( $referers_array[$referer] ) )
if( isset( $referers_array[$referer] ) )
{
// add one unity to this provider occurrences
$referers_array[$referer] = $referers_array[$referer] + 1;
@ -699,9 +699,9 @@ function addReferer($referer,$referers_array)
$referers_array[$referer] = 1;
}
return $referers_array;
}
/**
@ -712,7 +712,7 @@ function addReferer($referer,$referers_array)
function fillReferersTable($referers_array)
{
global $TABLESTATS_REFERERS;
if (is_array($referers_array) )
if (is_array($referers_array) )
{
foreach ( $referers_array as $referer=>$number )
{
@ -720,7 +720,7 @@ function fillReferersTable($referers_array)
FROM `".$TABLESTATS_REFERERS."`
WHERE `referer` = '".$referer."'";
$res = mysql_query($sql);
// if this provider already exists in the DB
if( $row = mysql_num_rows($res) )
{
@ -732,8 +732,8 @@ function fillReferersTable($referers_array)
else
{
// insert
$sql2 = "INSERT INTO `".$TABLESTATS_REFERERS."`
(`referer`,`counter`)
$sql2 = "INSERT INTO `".$TABLESTATS_REFERERS."`
(`referer`,`counter`)
VALUES ('".$referer."','".$number."')";
}
mysql_query($sql2);

102
main/inc/lib/statsUtils.lib.inc.php
Unescape View File

@ -1,39 +1,39 @@
<?php
/*
==============================================================================
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2004 Dokeos S.A.
Copyright (c) 2003 Ghent University (UGent)
Copyright (c) 2001 Universite catholique de Louvain (UCL)
Copyright (c) various contributors
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact: Dokeos, 181 rue Royale, B-1000 Brussels, Belgium, info@dokeos.com
==============================================================================
==============================================================================
*/
/**
==============================================================================
==============================================================================
* This is the statistic utility functions library for Dokeos.
* Include/require it in your code to use its functionality.
*
* @package dokeos.library
==============================================================================
==============================================================================
*/
/*
==============================================================================
==============================================================================
FUNCTIONS
==============================================================================
==============================================================================
*/
/**
@ -62,7 +62,7 @@ function getOneResult($sql)
* @desc Return many results of a query in a 1 column tab
*/
function getManyResults1Col($sql)
{
{
$res = mysql_query($sql);
if (mysql_errno())
@ -73,7 +73,7 @@ function getManyResults1Col($sql)
{
$i = 0;
while ($resA = mysql_fetch_array($res))
{
{
$resu[$i++] = $resA[0];
}
}
@ -88,7 +88,7 @@ function getManyResults1Col($sql)
* @desc Return many results of a query
*/
function getManyResults2Col($sql)
{
{
$res = mysql_query($sql);
if (mysql_errno())
@ -99,13 +99,13 @@ function getManyResults2Col($sql)
{
$i = 0;
while ($resA = mysql_fetch_array($res))
{
{
$resu[$i][0] = $resA[0];
$resu[$i][1] = $resA[1];
$i++;
}
}
return $resu;
}
@ -117,7 +117,7 @@ function getManyResults2Col($sql)
in $resu[$i][0], $resu[$i][1],$resu[$i][2]
*/
function getManyResults3Col($sql)
{
{
$res = mysql_query($sql);
if (mysql_errno())
@ -128,14 +128,14 @@ function getManyResults3Col($sql)
{
$i = 0;
while ($resA = mysql_fetch_array($res))
{
{
$resu[$i][0]=$resA[0];
$resu[$i][1]=$resA[1];
$resu[$i][2]=$resA[2];
$i++;
$i++;
}
}
return $resu;
}
@ -146,12 +146,12 @@ function getManyResults3Col($sql)
* @desc Return many results of a query in a X column tab
in $resu[$i][0], $resu[$i][1],$resu[$i][2],...
this function is more 'standard' but use a little
more ressources
more ressources
So I encourage to use the dedicated for 1, 2 or 3
columns of results
*/
function getManyResultsXCol($sql,$X)
{
{
$res = mysql_query($sql);
if (mysql_errno())
@ -162,22 +162,22 @@ function getManyResultsXCol($sql,$X)
{
$i = 0;
while ($resA = mysql_fetch_array($res))
{
{
for($j = 0; $j < $X ; $j++)
{
$resu[$i][$j]=$resA[$j];
}
$i++;
$i++;
}
}
return $resu;
}
/**
* @author Sebastien Piraux <piraux_seb@hotmail.com>
* @param sql : a sql query (as a string)
* @return hours_array
* @return hours_array
* @desc Return an assoc array. Keys are the hours, values are
the number of time this hours was found.
key 'total' return the sum of all number of time hours
@ -187,7 +187,7 @@ function hoursTab($sql)
{
$hours_array = array('total' => 0);
$res = mysql_query($sql);
if (mysql_errno())
{
echo "\n<!-- **** ".mysql_errno().": ".mysql_error()." In : $sql **** -->\n";
@ -212,7 +212,7 @@ function hoursTab($sql)
}
mysql_free_result($res);
}
return $hours_array;
}
@ -255,7 +255,7 @@ function daysTab($sql)
}
mysql_free_result($res);
}
return $days_array;
}
@ -263,7 +263,7 @@ function daysTab($sql)
* @author Sebastien Piraux <piraux_seb@hotmail.com>
* @param sql : a sql query (as a string)
* @return month_array
* @return month_array
* @desc Return an assoc array. Keys are the days, values are
the number of time this hours was found.
key "total" return the sum of all number of time days
@ -274,7 +274,7 @@ function monthTab($sql)
$MonthsLong = array (get_lang('JanuaryLong'), get_lang('FebruaryLong'), get_lang('MarchLong'), get_lang('AprilLong'), get_lang('MayLong'), get_lang('JuneLong'), get_lang('JulyLong'), get_lang('AugustLong'), get_lang('SeptemberLong'), get_lang('OctoberLong'), get_lang('NovemberLong'), get_lang('DecemberLong'));
$month_array = array('total' => 0);
$res = mysql_query($sql);
if (mysql_errno())
{
echo "\n<!-- **** ".mysql_errno().": ".mysql_error()." In : $sql **** -->\n";
@ -295,7 +295,7 @@ function monthTab($sql)
}
mysql_free_result($res);
}
return $month_array;
}
@ -304,7 +304,7 @@ function monthTab($sql)
* @author Sebastien Piraux <piraux_seb@hotmail.com>
* @param period_array : an array provided by hoursTab($sql) or daysTab($sql)
* @param periodTitle : title of the first column, type of period
* @param linkOnPeriod :
* @param linkOnPeriod :
* @desc Display a 4 column array
Columns are : hour of day, graph, number of hits and %
First line are titles
@ -334,7 +334,7 @@ function makeHitsTable($period_array, $periodTitle, $linkOnPeriod = '???')
$maxSize = $factor * 100; //pixels
while(list($periodPiece, $cpt) = each($period_array))
{
if($periodPiece != 'total')
if($periodPiece != 'total')
{
$pourcent = round(100 * $cpt / $period_array['total']);
$barwidth = $factor * $pourcent ;
@ -345,12 +345,12 @@ function makeHitsTable($period_array, $periodTitle, $linkOnPeriod = '???')
<td width='60%' style='padding-top: 3px;' align='center'>"
// display hitbar
."<img src='../img/bar_1.gif' width='1' height='12' alt='$periodPiece : $cpt hits &ndash; $pourcent %' />";
if($pourcent != 0)
if($pourcent != 0)
echo "<img src='../img/bar_1u.gif' width='$barwidth' height='12' alt='$periodPiece : $cpt hits &ndash; $pourcent %' />";
// display 100% bar
if($pourcent != 100 && $pourcent != 0)
echo "<img src='../img/bar_1m.gif' width='1' height='12' alt='$periodPiece : $cpt hits &ndash; $pourcent %' />";
if($pourcent != 100)
if($pourcent != 100)
echo "<img src='../img/bar_1r.gif' width='".($maxSize-$barwidth)."' height='12' alt='$periodPiece : $cpt hits &ndash; $pourcent %' />";
echo "<img src='../img/bar_1.gif' width='1' height='12' alt='$periodPiece : $cpt hits &ndash; $pourcent %' />
</td>
@ -369,13 +369,13 @@ function makeHitsTable($period_array, $periodTitle, $linkOnPeriod = '???')
".get_lang('Total')."
</td>
<td align='right' width='60%'>
&nbsp;
&nbsp;
</td>
<td align='center' width='10%'>
".$period_array['total']."
".$period_array['total']."
</td>
<td width='15%'>
&nbsp;
&nbsp;
</td>
</tr>
";
@ -392,7 +392,7 @@ function makeHitsTable($period_array, $periodTitle, $linkOnPeriod = '???')
titles of columns are title1 and title2
*/
function buildTab2col($array_of_results, $title1, $title2)
{
{
echo "<table cellpadding='2' cellspacing='1' border='1' align='center'>\n";
echo "<tr>
<td bgcolor='#E6E6E6'>
@ -404,10 +404,10 @@ function buildTab2col($array_of_results, $title1, $title2)
</tr>\n";
if (is_array($array_of_results))
{
{
for($j = 0 ; $j < count($array_of_results) ; $j++)
{
echo '<tr>';
echo '<tr>';
echo '<td bgcolor="#eeeeee">'.$array_of_results[$j][0].'</td>';
echo '<td align="right">'.$array_of_results[$j][1].'</td>';
echo "</tr>\n";
@ -415,7 +415,7 @@ function buildTab2col($array_of_results, $title1, $title2)
}
else
{
echo '<tr>';
echo '<tr>';
echo '<td colspan="2" align="center">'.get_lang('NoResult').'</td>';
echo "</tr>\n";
}
@ -458,22 +458,22 @@ function buildTab2ColNoTitle($array_of_results)
* @param array_of_results : a 2 columns array
* @desc this function is used to display
integrity errors in the platform
if array_of_results is not an array there is
if array_of_results is not an array there is
no error, else errors are displayed
*/
function buildTabDefcon($array_of_results)
{
echo "<table width='60%' cellpadding='2' cellspacing='1' border='0' align=center class='minitext'>\n";
if (is_array($array_of_results))
{
// there are some strange cases...
echo '<tr>';
{
// there are some strange cases...
echo '<tr>';
echo '<td colspan="2" align="center" bgcolor="#eeeeee"><font color="#ff0000">'.get_lang('Defcon').'</font></td>';
echo "</tr>\n";
for($j = 0 ; $j < count($array_of_results) ; $j++)
{
{
if($array_of_results[$j][0] == "")
{
$key = get_lang('NULLValue');
@ -482,7 +482,7 @@ function buildTabDefcon($array_of_results)
{
$key = $array_of_results[$j][0];
}
echo '<tr>';
echo '<tr>';
echo '<td width="70%" class="content">'.$key.'</td>';
echo '<td width="30%" align="right">'.$array_of_results[$j][1].'</td>';
echo "</tr>\n";
@ -491,7 +491,7 @@ function buildTabDefcon($array_of_results)
else
{
// all right
echo '<tr>';
echo '<tr>';
echo '<td colspan="2" align="center"><font color="#00ff00">'.get_lang('AllRight').'</font></td>';
echo "</tr>\n";
}

296
main/inc/lib/surveymanager.lib.php
Unescape View File

@ -32,7 +32,7 @@
*/
class SurveyManager {
private function __construct() {
}
/**
* Creates a new survey for the platform
@ -82,8 +82,8 @@ class SurveyManager {
* Possible deprecated method
*/
function create_group($survey_id,$group_title,$introduction,$table_group)
{
{
$sql_query = "SELECT * FROM $table_group WHERE groupname='".Database::escape_string($group_title)."' AND survey_id=".Database::escape_string($survey_id);
$res = api_sql_query($sql_query, __FILE__, __LINE__);
if(mysql_num_rows($res))
@ -155,11 +155,11 @@ class SurveyManager {
/**
* Possible deprecated method
*/
function insert_into_group ($survey_id,$group_title,$introduction,$tb) {
function insert_into_group ($survey_id,$group_title,$introduction,$tb) {
$survey_id = Database::escape_string($survey_id);
$group_title = Database::escape_string($group_title);
$introduction = Database::escape_string($introduction);
$introduction = Database::escape_string($introduction);
$sql="INSERT INTO $tb (group_id,survey_id,group_title,introduction) values('','$survey_id','$group_title','$introduction')";
$result=api_sql_query($sql);
return mysql_insert_id();
@ -453,7 +453,7 @@ class SurveyManager {
}
/**
* Possible deprecated method
*/
*/
function get_surveyname_display($sid)
{
$sid = Database::escape_string($sid);
@ -463,7 +463,7 @@ class SurveyManager {
$code=@mysql_result($res,0,'title');
return($code);
}
/*
function join_survey($question_type)
{
@ -478,7 +478,7 @@ class SurveyManager {
*/
/**
* Possible deprecated method
*/
*/
function import_questions($import_type, $ids)
{
//$groupname=surveymanager::get_groupname($gid_arr[$index]);
@ -529,7 +529,7 @@ class SurveyManager {
$table_question = Database :: get_course_table(TABLE_MAIN_SURVEYQUESTION);
$survey_id = Database::escape_string($survey_id);
// Deleting the survey
$sql = "DELETE FROM $table_survey WHERE survey_id='".$survey_id."'";
api_sql_query($sql,__FILE__,__LINE__);
@ -1771,100 +1771,100 @@ function getUserAnswersDetails($id_userAnswers, $params=''){
/**
*
*
* Manage the "versioning" of a conditional survey
*
*
* */
class SurveyTree {
public $surveylist;
public $surveylist;
public $plainsurveylist;
public $numbersurveys;
/**
* Sets the surveylist and the plainsurveylist
*/
public function __construct() {
public function __construct() {
// Database table definitions
$table_survey = Database :: get_course_table(TABLE_SURVEY);
$table_survey_question = Database :: get_course_table(TABLE_SURVEY_QUESTION);
$table_user = Database :: get_main_table(TABLE_MAIN_USER);
// searching
$search_restriction = SurveyUtil::survey_search_restriction();
if ($search_restriction) {
$search_restriction = ' AND '.$search_restriction;
}
$sql = "SELECT survey.survey_id , survey.parent_id, survey_version, survey.code as name
FROM $table_survey survey
LEFT JOIN $table_survey_question survey_question
ON survey.survey_id = survey_question.survey_id , $table_user user
WHERE survey.author = user.user_id
FROM $table_survey survey
LEFT JOIN $table_survey_question survey_question
ON survey.survey_id = survey_question.survey_id , $table_user user
WHERE survey.author = user.user_id
GROUP BY survey.survey_id";
$res = api_sql_query($sql, __FILE__, __LINE__);
$surveys_parents = array ();
$surveys_parents = array ();
$refs = array();
$list = array();
$last=array();
$last=array();
$plain_array=array();
while ($survey = Database::fetch_array($res,'ASSOC'))
{
$plain_array[$survey['survey_id']]=$survey;
$surveys_parents[]=$survey['survey_version'];
$thisref = &$refs[ $survey['survey_id'] ];
$surveys_parents[]=$survey['survey_version'];
$thisref = &$refs[ $survey['survey_id'] ];
$thisref['parent_id'] = $survey['parent_id'];
$thisref['name'] = $survey['name'];
$thisref['id'] = $survey['survey_id'];
$thisref['survey_version'] = $survey['survey_version'];
if ($survey['parent_id'] == 0)
$thisref['survey_version'] = $survey['survey_version'];
if ($survey['parent_id'] == 0)
{
$list[ $survey['survey_id'] ] = &$thisref;
}
else
$list[ $survey['survey_id'] ] = &$thisref;
}
else
{
$refs[ $survey['parent_id'] ]['children'][ $survey['survey_id'] ] = &$thisref;
}
}
$refs[ $survey['parent_id'] ]['children'][ $survey['survey_id'] ] = &$thisref;
}
}
$this->surveylist = $list;
$this->plainsurveylist = $plain_array;
$this->plainsurveylist = $plain_array;
}
/*
/*
function read_children($space=array(),$i=0)
{
{
foreach ( $this->surveylist as $key=>$node)
{
if (is_array($node['children']))
{
{
if (($node['parent_id']==0))
{
//echo '1<br>';
{
//echo '1<br>';
}
else
{
$space[]='2>';
$space[]='2>';
}
//if have children
//if have children
for ($j=0;$j<count($space);$j++)
{
//echo $space[$j]; echo 'dd<br>';
}
//echo $node['name']; echo '3<br>';
read_children($node['children'],$space,$i);
read_children($node['children'],$space,$i);
}
else
{
{
for ($j=0;$j<count($space);$j++)
{
echo $space[$j]; echo '4<br>';
}
}
echo $node['name']; echo '5<br>';
}
}
}
}
*/
/*
@ -1872,19 +1872,19 @@ class SurveyTree {
{
echo $node['name']; echo '<br>';
//$node['children']=array();
return $node['children'];
return $node['children'];
}
else
{
{
if (is_array($node['children']))
{
{
return SurveyTree::get_children($node['children'],$id);
}
else
{
//return SurveyTree::get_children($node, $id);
}
}
}
*/
/**
@ -1894,52 +1894,52 @@ class SurveyTree {
* @param id the id of the survey
* @return array the children of a given survey id
*
* @author Julio Montoya <gugli100@gmail.com>, Dokeos
* @author Julio Montoya <gugli100@gmail.com>, Dokeos
* @version September 2008
*/
public function get_children ($list,$id) {
public function get_children ($list,$id) {
$result=array();
foreach ($list as $key=>$node)
{
if ($key==$id)
{
$result = $node['children'];
break;
}
$result = $node['children'];
break;
}
if (is_array($node['children']))
{
//echo $key; echo '--<br>';
{
//echo $key; echo '--<br>';
$re=self::get_children($node['children'],$id);
if (!empty($re))
{
$result=$re;
}
}
}
else
{
//echo $key; echo '-<br>';
}
{
//echo $key; echo '-<br>';
}
}
return $result;
}
/**
* This function gets the parent id of a survey
*
* @param int survey id
* @return int survey parent id
*
* @author Julio Montoya <gugli100@gmail.com>, Dokeos
* @author Julio Montoya <gugli100@gmail.com>, Dokeos
* @version September 2008
*/
public function getParentId ($id) {
public function getParentId ($id) {
$node = $this->plainsurveylist[$id];
if (is_array($node)&& !empty($node['parent_id']))
return $node['parent_id'];
else
return -1;
return -1;
}
/**
* This function gets all the siblings of a given survey id
*
@ -1947,91 +1947,91 @@ class SurveyTree {
* @param id the id of the survey
* @return array the children of a given survey id
*
* @author Julio Montoya <gugli100@gmail.com>, Dokeos
* @author Julio Montoya <gugli100@gmail.com>, Dokeos
* @version September 2008
*/
public function nextSibling($id) {
$result=array();
$parent_id = self::getParentId($id);
$parent_id = self::getParentId($id);
$siblings = self::get_children($this->surveylist ,$parent_id);
//print_r($siblings);
if (count($siblings) > 1)
{
// $key> $id means that the siblings are order 1 2 3 and we suppose that you can't change that order
//print_r($siblings);
if (count($siblings) > 1)
{
// $key> $id means that the siblings are order 1 2 3 and we suppose that you can't change that order
foreach ($siblings as $key=>$bro)
{
if ($key> $id && $key != $id)
{
$result[$key]=($bro);
}
}
}
}
}
return $result;
return $result;
}
/**
*
*
* This function shows the last sibling from a given list of surveys
* @param id of the survey
* @author Julio Montoya <gugli100@gmail.com>, Dokeos
* @author Julio Montoya <gugli100@gmail.com>, Dokeos
* @version September 2008
*
*
*/
public function lastSibling($id) {
public function lastSibling($id) {
$result=array();
$parent_id = self::getParentId($id);
$parent_id = self::getParentId($id);
$siblings = self::get_children($this->surveylist ,$parent_id);
//print_r($siblings);
if (count($siblings) > 1)
{
//print_r($siblings);
if (count($siblings) > 1)
{
// $key> $id means that the siblings are order 1 2 3 and we suppose that you can't change that order
$i=0;
$i=0;
foreach ($siblings as $key=>$bro)
{
if ($key> $id && $key != $id&& $i==count($siblings)-1)
{
$result[$key]=($bro);
}
$i++;
}
}
$i++;
}
}
return $result;
return $result;
}
/**
*
* This function shows the last children of a branch
*
* This function shows the last children of a branch
* @param list of nodes
* @return array of the lastest node
* @author Julio Montoya <gugli100@gmail.com>, Dokeos
* @author Julio Montoya <gugli100@gmail.com>, Dokeos
* @version September 2008
*
*
*/
public function get_last_children_from_branch($list) {
$result=array();
public function get_last_children_from_branch($list) {
$result=array();
foreach ($list as $key=>$node)
{
{
//echo 'frist<br>'; echo $key;
//print_r($node);
if ($node['parent_id']!=0)
{
$list_bros = self::lastSibling($key);
//echo ' list_bro <br>';
{
$list_bros = self::lastSibling($key);
//echo ' list_bro <br>';
//print_r($list_bros);
if (is_array($list_bros) && !empty($list_bros))
if (is_array($list_bros) && !empty($list_bros))
{
foreach ($list_bros as $bro)
{
//echo '0';
{
//echo '0';
if (is_array($bro['children']))
{
//print_r($bro['children']);
//print_r($bro['children']);
return $result[]=self::get_last_children_from_branch($bro['children']);
}
else
{
//echo 'esl';
{
//echo 'esl';
$result=$bro;
//print_r($bro);
return $result;
@ -2049,12 +2049,12 @@ class SurveyTree {
{
return $result[]=self::get_last_children_from_branch($node['children']);
}
else
{
//return $result[]=SurveyTree::get_last_children_from_branch($node['children']);
return $result[]=$node;
else
{
//return $result[]=SurveyTree::get_last_children_from_branch($node['children']);
return $result[]=$node;
}
}
}
else
@ -2064,85 +2064,85 @@ class SurveyTree {
{
$result[]=self::get_last_children_from_branch($node['children']);
}
else
else
{
$result[]=$node;
$result[]=$node;
}
}
}
}
return $result;
}
/*
*
*
* This function show the last children of list
*
* This function show the last children of list
* @param id
* @param array
* @param array
* @return array of the lastest node
* @author Julio Montoya <gugli100@gmail.com>, Dokeos
* @author Julio Montoya <gugli100@gmail.com>, Dokeos
* @version September 2008
*
*
function get_last_children($id,$last)
{
{
foreach ( $this->_list as $key=>$node)
{
if (($node['parent_id']==$id))
{
$last=$node['name']; echo '<br>';
$last=$node['name']; echo '<br>';
}
else
{
if (is_array($node['children']))
{
return $last = get_last_children($node['children'],$id);
}
}
return $last = get_last_children($node['children'],$id);
}
}
}
return $last;
}
*/
/**
* This function creates a list of all surveys id
* This function creates a list of all surveys id
* @param list of nodes
* @return array with the structure survey_id => survey_name
* @author Julio Montoya <gugli100@gmail.com>, Dokeos
* @return array with the structure survey_id => survey_name
* @author Julio Montoya <gugli100@gmail.com>, Dokeos
* @version September 2008
*
*
*/
public function createList ($list) {
$result=array();
$result=array();
foreach ($list as $key=>$node)
{
{
if (is_array($node['children']))
{
{
//echo $key; echo '--<br>';
//print_r($node);
//echo '<br>';
$result[$key]= $node['name'];
$result[$key]= $node['name'];
$re=self::createList($node['children']);
if (!empty($re))
{
{
if (is_array($re))
foreach ($re as $key=>$r)
{
{
$result[$key]=''.$r;
}
else
else
{
$result[]=$re;
}
}
}
}
else
{
{
//echo $key; echo '-<br>';
$result[$key]=$node['name'];
}
}
$result[$key]=$node['name'];
}
}
return $result;
}
}
}
?>

20
main/inc/lib/system_announcements.lib.php
Unescape View File

@ -262,7 +262,7 @@ class SystemAnnouncementManager
if (!checkdate($date_start[1], $date_start[2], $date_start[0])) {
Display :: display_normal_message(get_lang('InvalidStartDate'));
return false;
}
}
if (($date_end[1] || $date_end[2] || $date_end[0]) && !checkdate($date_end[1], $date_end[2], $date_end[0])) {
Display :: display_normal_message(get_lang('InvalidEndDate'));
return false;
@ -278,9 +278,9 @@ class SystemAnnouncementManager
$lang = is_null($lang) ? 'NULL' : "'".Database::escape_string($lang)."'";
$sql = "INSERT INTO ".$db_table." (title,content,date_start,date_end,visible_teacher,visible_student,visible_guest, lang)
VALUES ('".$title."','".$content."','".$start."','".$end."','".$visible_teacher."','".$visible_student."','".$visible_guest."',".$lang.")";
if ($send_mail==1) {
SystemAnnouncementManager::send_system_announcement_by_email($title, $content,$visible_teacher, $visible_student);
}
if ($send_mail==1) {
SystemAnnouncementManager::send_system_announcement_by_email($title, $content,$visible_teacher, $visible_student);
}
return api_sql_query($sql,__FILE__,__LINE__);
}
/**
@ -324,9 +324,9 @@ class SystemAnnouncementManager
$id = intval($id);
$sql = "UPDATE ".$db_table." SET lang=$lang,title='".$title."',content='".$content."',date_start='".$start."',date_end='".$end."', ";
$sql .= " visible_teacher = '".$visible_teacher."', visible_student = '".$visible_student."', visible_guest = '".$visible_guest."' WHERE id='".$id."'";
if ($send_mail==1) {
SystemAnnouncementManager::send_system_announcement_by_email($title, $content,$visible_teacher, $visible_student);
SystemAnnouncementManager::send_system_announcement_by_email($title, $content,$visible_teacher, $visible_student);
}
return api_sql_query($sql,__FILE__,__LINE__);
}
@ -369,12 +369,12 @@ class SystemAnnouncementManager
$sql = "UPDATE ".$db_table." SET ".$field." = '".$visible."' WHERE id='".$announcement_id."'";
return api_sql_query($sql,__FILE__,__LINE__);
}
function send_system_announcement_by_email($title,$content,$teacher, $student)
{
global $_user;
global $_user;
global $_setting;
global $charset;
global $charset;
$user_table = Database :: get_main_table(TABLE_MAIN_USER);
if ($teacher<>0 AND $student == '0') {
$sql = "SELECT * FROM $user_table WHERE email<>'' AND status = '1'";
@ -388,7 +388,7 @@ class SystemAnnouncementManager
if ($teacher == '0' AND $student == '0') {
return true;
}
$result = api_sql_query($sql,__FILE__,__LINE__);
while($row = Database::fetch_array($result,'ASSOC'))
{

80
main/inc/lib/tablesort.lib.php
Unescape View File

@ -1,33 +1,33 @@
<?php
/*
==============================================================================
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2004-2008 Dokeos S.A.
Copyright (c) 2003 Ghent University (UGent)
Copyright (c) 2001 Universite catholique de Louvain (UCL)
Copyright (c) Bart Mollet (bart.mollet@hogent.be)
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact address: Dokeos, 44 rue des palais, B-1030 Brussels, Belgium
Mail: info@dokeos.com
==============================================================================
==============================================================================
*/
/**
==============================================================================
==============================================================================
* This is a library with some functions to sort tabular data
*
* @package dokeos.library
==============================================================================
==============================================================================
*/
define('SORT_DATE', 3);
@ -97,9 +97,9 @@ class TableSort
}
$function_body = '$el1 = $a['.$column.']; $el2 = $b['.$column.']; return ('.$direction.' == SORT_ASC ? ('.$compare_function.') : !('.$compare_function.'));';
// Sort the content
usort($data, create_function('$a,$b', $function_body));
return $data;
}
/**
@ -129,20 +129,20 @@ class TableSort
* @author bart.mollet@hogent.be
*/
function is_date_column($data, $column)
{
{
$is_date = true;
foreach ($data as $index => $row)
{
if(strlen(strip_tags($row[$column])) != 0 )
{
$check_date = strtotime(strip_tags($row[$column]));
// strtotime Returns a timestamp on success, FALSE otherwise.
// Previous to PHP 5.1.0, this function would return -1 on failure.
// strtotime Returns a timestamp on success, FALSE otherwise.
// Previous to PHP 5.1.0, this function would return -1 on failure.
$is_date &= ($check_date != -1 && $check_date != false);
}
else
{
$is_date &= false;
$is_date &= false;
}
}
return $is_date;
@ -165,39 +165,39 @@ class TableSort
}
return $is_image;
}
/**
* Sort 2-dimensional table. It is possile of change the columns that will be show and the way that the columns are sorted.
* @param array $data The data to be sorted.
* @param int $column The column on which the data should be sorted (default = 0)
* @param string $direction The direction to sort (SORT_ASC (default) orSORT_DESC)
* @param array $column_show The columns that we will show in the table i.e: $column_show=array('1','0','1') we will show the 1st and the 3th column.
* @param array $column_show The columns that we will show in the table i.e: $column_show=array('1','0','1') we will show the 1st and the 3th column.
* @param array $column_order Changes how the columns will be sorted ie. $column_order=array('1','4','3','4') The 2nd column will be sorted like the 4 column
* @param constant $type How should data be sorted (SORT_REGULAR, SORT_NUMERIC,SORT_STRING,SORT_DATE,SORT_IMAGE) *
* @param constant $type How should data be sorted (SORT_REGULAR, SORT_NUMERIC,SORT_STRING,SORT_DATE,SORT_IMAGE) *
* @return array The sorted dataset
* @author bart.mollet@hogent.be
*/
function sort_table_config($data, $column = 0, $direction = SORT_ASC, $column_show=null, $column_order=null,$type = SORT_REGULAR)
{
if(!is_array($data) or count($data)==0){return array();}
if($column != strval(intval($column))){return $data;} //probably an attack
if(!in_array($direction,array(SORT_ASC,SORT_DESC))){return $data;} // probably an attack
$compare_function = '';
// Change columns sort
$compare_function = '';
// Change columns sort
// Here we say that the real way of how the columns are going to be order is manage by the $column_order array
if(is_array($column_order))
if(is_array($column_order))
{
for($i=0;$i<count($column_order);$i++)
{
if ($column== $i+1)
{
$column=$column_order[$i];
}
}
}
}
switch ($type)
{
case SORT_REGULAR :
@ -228,42 +228,42 @@ class TableSort
default:
$compare_function = 'strnatcmp(TableSort::orderingstring(strip_tags($el1)),TableSort::orderingstring(strip_tags($el2))) > 0';
break;
}
}
$function_body = '$el1 = $a['.$column.']; ' .
'$el2 = $b['.$column.']; ' .
'return ('.$direction.' == SORT_ASC ? ('.$compare_function.') : !('.$compare_function.'));';
// Sort the content
usort($data, create_function('$a,$b', $function_body));
// We show only the columns data that were set up on the $column_show array
// We show only the columns data that were set up on the $column_show array
$new_order_data=array();
if(is_array($column_show))
{
{
for ($j=0;$j<count($data);$j++)
{
$k=0;
$k=0;
for ($i=0;$i<count($column_show);$i++)
{
if ($column_show[$i])
{
$new_order_data[$j][$k]=$data[$j][$i];
$new_order_data[$j][$k]=$data[$j][$i];
}
$k++;
}
}
$k++;
}
}
//replace the multi-arrays
$data=$new_order_data;
}
else
{
return $data;
}
return $data;
}
return $data;
}
}
?>

142
main/inc/lib/text.lib.php
Unescape View File

@ -100,7 +100,7 @@ function format_locale_date($date_format, $time_stamp = -1, $language = null)
/**
* @desc this function does some parsing on the text that gets inputted. This parsing can be of any kind
* LaTeX notation, Word Censoring, Glossary Terminology (extension will available soon), Musical Notations, ...
* The inspiration for this filter function came from Moodle an phpBB who both use a similar approach
* The inspiration for this filter function came from Moodle an phpBB who both use a similar approach
* @param $input string. some text
* @return $output string. some text that contains the parsed elements.
* @example [tex]\sqrt(2)[/tex]
@ -111,48 +111,48 @@ function text_filter($input, $filter=true)
{
//$input=stripslashes($input);
if ($filter==true)
{
// *** parse [tex]...[/tex] tags *** //
// which will return techexplorer or image html depending on the capabilities of the
// browser of the user (using some javascript that checks if the browser has the TechExplorer plugin installed or not)
$input=_text_parse_tex($input);
// *** parse [teximage]...[/teximage] tags *** //
// these force the gif rendering of LaTeX using the mimetex gif renderer
//$input=_text_parse_tex_image($input);
// *** parse [texexplorer]...[/texexplorer] tags *** //
// these force the texeplorer LaTeX notation
$input=_text_parse_texexplorer($input);
// *** Censor Words *** //
// censor words. This function removes certain words by [censored]
// this can be usefull when the campus is open to the world.
// this can be usefull when the campus is open to the world.
// $input=text_censor_words($input);
// *** parse [?]...[/?] tags *** //
// for the glossary tool (see http://www.dokeos.com/extensions)
$input=_text_parse_glossary($input);
// parse [wiki]...[/wiki] tags
// this is for the coolwiki plugin.
// $input=text_parse_wiki($input);
// this is for the coolwiki plugin.
// $input=text_parse_wiki($input);
// parse [tool]...[/tool] tags
// this parse function adds a link to a certain tool
// $input=text_parse_tool($input);
// parse [user]...[/user] tags
// parse [email]...[/email] tags
// parse [code]...[/code] tags
}
return $input;
}
@ -170,10 +170,10 @@ function _text_parse_tex($textext)
{
//$textext = str_replace(array ("[tex]", "[/tex]"), array ('[*****]', '[/*****]'), $textext);
//$textext=stripslashes($texttext);
$input_array=preg_split("/(\[tex]|\[\/tex])/",$textext,-1, PREG_SPLIT_DELIM_CAPTURE);
foreach ($input_array as $key=>$value)
{
if ($key>0 && $input_array[$key-1]=='[tex]' AND $input_array[$key+1]=='[/tex]')
@ -184,7 +184,7 @@ function _text_parse_tex($textext)
//echo 'LaTeX: <embed type="application/x-techexplorer" texdata="'.stripslashes($value).'" autosize="true" pluginspage="http://www.integretechpub.com/techexplorer/"><br />';
}
}
$output=implode('',$input_array);
return $output;
}
@ -229,7 +229,7 @@ function _text_parse_tool($input)
// an array with all the valid tools
$tools[]=array(TOOL_ANNOUNCEMENT, 'announcements/announcements.php');
$tools[]=array(TOOL_CALENDAR_EVENT, 'calendar/agenda.php');
// check if the name between the [tool] [/tool] tags is a valid one
}
@ -242,41 +242,41 @@ function _text_parse_tool($input)
*/
function latex_gif_renderer($latex_code)
{
global $_course;
global $_course;
// setting the paths and filenames
$mimetex_path=api_get_path(LIBRARY_PATH).'mimetex/';
$temp_path=api_get_path(SYS_COURSE_PATH).$_course['path'].'/temp/';
$latex_filename=md5($latex_code).'.gif';
if(!file_exists($temp_path.$latex_filename) OR isset($_GET['render']))
{
if ((PHP_OS == "WINNT") || (PHP_OS == "WIN32") || (PHP_OS == "Windows"))
{
$mimetex_command=$mimetex_path.'mimetex.exe -e "'.$temp_path.md5($latex_code).'.gif" '.escapeshellarg($latex_code).'';
}
else
else
{
$mimetex_command=$mimetex_path.'mimetex.linux -e "'.$temp_path.md5($latex_code).'.gif" '.escapeshellarg($latex_code);
}
exec($mimetex_command);
//echo 'volgende shell commando werd uitgevoerd:<br /><pre>'.$mimetex_command.'</pre><hr>';
exec($mimetex_command);
//echo 'volgende shell commando werd uitgevoerd:<br /><pre>'.$mimetex_command.'</pre><hr>';
}
$return = "<a href=\"\" onclick=\"newWindow=window.open('".api_get_path(WEB_CODE_PATH)."inc/latex.php?code=".urlencode($latex_code)."&amp;filename=$latex_filename','latexCode','toolbar=no,location=no,scrollbars=yes,resizable=yes,status=yes,width=375,height=250,left=200,top=100');\">";
$return .= '<img src="'.api_get_path(WEB_COURSE_PATH).$_course['path'].'/temp/'.$latex_filename.'" alt="'.$latex_code.'" border="0" /></a>';
return $return;
return $return;
}
/**
* Returns the difference between the current date (date(now)) with the parameter $date in a string format like "2 days, 1 hour"
* Example: $date="2008-03-07 15:44:08";
* date_to_str($date) it will return 3 days, 20 hours
*
* Returns the difference between the current date (date(now)) with the parameter $date in a string format like "2 days, 1 hour"
* Example: $date="2008-03-07 15:44:08";
* date_to_str($date) it will return 3 days, 20 hours
*
* @param string The string has to be the result of a date function in this format -> date("Y-m-d H:i:s",time());
* @return string The difference between the current date and the parameter in a literal way "3 days, 2 hour" *
* @author Julio Montoya
* @return string The difference between the current date and the parameter in a literal way "3 days, 2 hour" *
* @author Julio Montoya
*/
function date_to_str_ago($date)
@ -298,7 +298,7 @@ function date_to_str_ago($date)
$min_day=get_lang('MinDay');
$min_hour=get_lang('MinHour');
$min_minute=get_lang('MinMinute');
$min_decades=get_lang('MinDecades');
$min_years=get_lang('MinYears');
$min_months=get_lang('MinMonths');
@ -306,11 +306,11 @@ function date_to_str_ago($date)
$min_days=get_lang('MinDays');
$min_hours=get_lang('MinHours');
$min_minutes=get_lang('MinMinutes');
// original 1
//$sec_time=array("century"=>3.1556926*pow(10,9),"decade"=>315569260,"year"=>31556926,"month"=>2629743.83,"week"=>604800,"day"=>86400,"hour"=>3600,"minute"=>60,"second"=>1);
//$sec_time=array(get_lang('MinDecade')=>315569260,get_lang('MinYear')=>31556926,get_lang('MinMonth')=>2629743.83,get_lang('MinWeek')=>604800,get_lang('MinDay')=>86400,get_lang('MinHour')=>3600,get_lang('MinMinute')=>60);
$sec_time_time=array(315569260,31556926,2629743.83,604800,86400,3600,60);
$sec_time_time=array(315569260,31556926,2629743.83,604800,86400,3600,60);
$sec_time_sing=array($min_decade,$min_year,$min_month,$min_week,$min_day,$min_hour,$min_minute);
$sec_time_plu =array($min_decades,$min_years,$min_months,$min_weeks,$min_days,$min_hours,$min_minutes);
$initialized = true;
@ -335,68 +335,68 @@ function date_to_str_ago($date)
$act_day=date('d');
$act_mth=date('n');
$act_yr = date('Y');
if ($dst_day==$act_day && $dst_mth==$act_mth && $dst_yr == $act_yr ) {
return $today;
}
if ($dst_day==$act_day-1 && $dst_mth==$act_mth && $dst_yr == $act_yr ) {
return $yesterday;
}
$str_result=array();
}
$str_result=array();
$time_result=array();
$key_result=array();
$str='';
$i=0;
$i=0;
for ($i=0;$i<count($sec_time_time);$i++) {
$seconds=$sec_time_time[$i];
$seconds=$sec_time_time[$i];
if($seconds > $time) {
continue;
}
}
$current_value=intval($time/$seconds);
if ($current_value != 1) {
if ($current_value != 1) {
$date_str= $sec_time_plu[$i];
} else {
$date_str= $sec_time_sing[$i];
}
}
$key_result[]=$sec_time_sing[$i];
$str_result[]=$current_value.' '.$date_str;
$time_result[]= $current_value;
$str.=$current_value.$date_str;
$time%=$seconds;
$str_result[]=$current_value.' '.$date_str;
$time_result[]= $current_value;
$str.=$current_value.$date_str;
$time%=$seconds;
}
if ($key_result[0]== $min_day && $key_result[1]== $min_minute) {
$key_result[1]=' 0 '.$min_hours;
$str_result[0]=$time_result[0].' '.$key_result[0];
$str_result[1]=$key_result[1];
$str_result[1]=$key_result[1];
}
if ($key_result[0]== $min_year && ($key_result[1]== $min_day || $key_result[1]== $min_week)) {
$key_result[1]=' 0 '.$min_months;
$str_result[0]=$time_result[0].' '.$key_result[0];
$str_result[1]=$key_result[1];
$str_result[1]=$key_result[1];
}
if (!empty($str_result[1])) {
$str=$str_result[0].', '.$str_result[1];
} else {
$str=$str_result[0];
}
return $str;
}
return $str;
}
/**
* This functions cuts a paragraph
* This functions cuts a paragraph
* i.e cut('Merry Xmas from Lima',13) = "Merry Xmas fr..."
* @param string the text to "cut"
* @param string the text to "cut"
* @param int count of chars
* @param bool Whether to embed in a <span title="...">...</span>
* @return string
* @return string
* */
function cut($text,$maxchar,$embed=false)
{
@ -407,17 +407,17 @@ function cut($text,$maxchar,$embed=false)
return api_substr($text, 0, $maxchar).'...' ;
} else {
return $text;
}
}
}
/**
* Show a number as only integers if no decimals, but will show 2 decimals if exist.
*
* @param mixed number to convert
*
* @param mixed number to convert
* @param int decimal points 0=never, 1=if needed, 2=always
* @return mixed an integer or a float depends on the parameter
*/
function float_format($number, $flag = 1)
{
function float_format($number, $flag = 1)
{
if (is_numeric($number)) { // a number
if (!$number) { // zero
$result = ($flag == 2 ? '0.00' : '0'); // output zero

604
main/inc/lib/tracking.lib.php
View File

File diff suppressed because it is too large Load Diff

6
main/inc/lib/upload.xajax.php
Unescape View File

@ -1,7 +1,7 @@
<?php
include(dirname(__FILE__).'/../global.inc.php');
require_once api_get_path(LIBRARY_PATH).'xajax/xajax.inc.php';
require_once api_get_path(LIBRARY_PATH).'xajax/xajax.inc.php';
$xajax_upload = new Xajax();
$xajax_upload -> registerFunction ('updateProgress');
$xajax_upload -> processRequests();
@ -13,14 +13,14 @@ $xajax_upload -> processRequests();
*/
function updateProgress($div_id, $upload_id, $waitAfterupload = false) {
$objResponse = new XajaxResponse();
$objResponse = new XajaxResponse();
$ul_info = uploadprogress_get_info($upload_id);
$percent = intval($ul_info['bytes_uploaded']*100/$ul_info['bytes_total']);
if($waitAfterupload && $ul_info['est_sec']<2) {
$percent = 100;
$objResponse -> addAssign($div_id.'_label' , 'innerHTML', get_lang('UploadFile').' : '.$percent.' %');
$objResponse -> addAssign($div_id.'_waiter_frame','innerHTML','<img src="'.api_get_path(WEB_CODE_PATH).'img/progress_bar.gif" />');
$objResponse -> addScript('clearInterval("myUpload.__progress_bar_interval")');
$objResponse -> addScript('clearInterval("myUpload.__progress_bar_interval")');
}
$objResponse -> addAssign($div_id.'_label' , 'innerHTML', get_lang('UploadFile').' : '.$percent.' %');
$objResponse -> addAssign($div_id.'_filled' , 'style.width', $percent.'%');

398
main/inc/lib/urlmanager.lib.php
Unescape View File

@ -31,17 +31,17 @@ class UrlManager
{
/**
* Creates a new url access to Dokeos
*
*
* @author Julio Montoya <gugli100@gmail.com>,
*
* @param string The URL of the site
* @param string The URL of the site
* @param string The description of the site
* @param int is active or not
* @param int is active or not
* @param int the user_id of the owner
* @return boolean if success
*/
function add($url, $description, $active)
{
{
$tms = time();
$table_access_url= Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$sql = "INSERT INTO $table_access_url
@ -52,22 +52,22 @@ class UrlManager
tms = FROM_UNIXTIME(".$tms.")";
$result = api_sql_query($sql, __FILE__, __LINE__);
return $result;
}
}
/**
* Updates an URL access to Dokeos
* Updates an URL access to Dokeos
* @author Julio Montoya <gugli100@gmail.com>,
*
* @param int The url id
* @param int The url id
* @param string The description of the site
* @param int is active or not
* @param int is active or not
* @param int the user_id of the owner
* @return boolean if success
* @return boolean if success
*/
function udpate($url_id, $url, $description, $active)
{
$table_access_url= Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$tms = time();
$tms = time();
$sql = "UPDATE $table_access_url
SET url = '".Database::escape_string($url)."',
description = '".Database::escape_string($description)."',
@ -78,69 +78,69 @@ class UrlManager
$result = api_sql_query($sql, __FILE__, __LINE__);
return $result;
}
/**
* Deletes an url
* Deletes an url
* @author Julio Montoya
* @param int url id
* @return boolean true if success
* */
function delete($id)
{
$table_access_url= Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$table_access_url= Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$sql= "DELETE FROM $table_access_url WHERE id = ".Database::escape_string($id);
$result = api_sql_query($sql, __FILE__, __LINE__);
return $result;
}
}
/**
*
*
* */
function url_exist($url)
{
{
$table_access_url= Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$sql = "SELECT id FROM $table_access_url WHERE url = '".Database::escape_string($url)."' ";
$res = api_sql_query($sql,__FILE__,__LINE__);
$num = Database::num_rows($res);
$sql = "SELECT id FROM $table_access_url WHERE url = '".Database::escape_string($url)."' ";
$res = api_sql_query($sql,__FILE__,__LINE__);
$num = Database::num_rows($res);
return $num;
}
/**
*
*
* */
function url_id_exist($url)
{
function url_id_exist($url)
{
$table_access_url= Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$sql = "SELECT id FROM $table_access_url WHERE id = '".Database::escape_string($url)."' ";
$res = api_sql_query($sql,__FILE__,__LINE__);
$num = Database::num_rows($res);
$sql = "SELECT id FROM $table_access_url WHERE id = '".Database::escape_string($url)."' ";
$res = api_sql_query($sql,__FILE__,__LINE__);
$num = Database::num_rows($res);
return $num;
}
}
/**
* This function get the quantity of URLs
* This function get the quantity of URLs
* @author Julio Montoya
* @return int count of urls
* */
function url_count()
function url_count()
{
$table_access_url= Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$table_access_url= Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$sql = "SELECT count(id) as count_result FROM $table_access_url";
$res = api_sql_query($sql, __FILE__, __LINE__);
$url = Database::fetch_array($res,'ASSOC');
$result = $url['count_result'];
return $result;
$url = Database::fetch_array($res,'ASSOC');
$result = $url['count_result'];
return $result;
}
/**
* Gets the id, url, description, and active status of ALL URLs
* @author Julio Montoya
* @return array
* @return array
* */
function get_url_data()
function get_url_data()
{
$table_access_url= Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$table_access_url= Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$sql = "SELECT id, url, description, active FROM $table_access_url";
$res = api_sql_query($sql, __FILE__, __LINE__);
$urls = array ();
@ -149,21 +149,21 @@ class UrlManager
}
return $urls;
}
/**
* Gets the id, url, description, and active status of ALL URLs
* @author Julio Montoya
* @return array
* @return array
* */
function get_url_data_from_id($url_id)
function get_url_data_from_id($url_id)
{
$table_access_url= Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$table_access_url= Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$sql = "SELECT id, url, description, active FROM $table_access_url WHERE id = ".Database::escape_string($url_id);
$res = api_sql_query($sql, __FILE__, __LINE__);
$row = Database::fetch_array($res);
$res = api_sql_query($sql, __FILE__, __LINE__);
$row = Database::fetch_array($res);
return $row;
}
/** Gets the inner join of users and urls table
* @author Julio Montoya
* @return int access url id
@ -172,23 +172,23 @@ class UrlManager
function get_url_rel_user_data($access_url_id='')
{
$where = '';
$table_url_rel_user = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$table_url_rel_user = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$tbl_user = Database :: get_main_table(TABLE_MAIN_USER);
if (!empty($access_url_id)) {
$where ="WHERE $table_url_rel_user.access_url_id = ".Database::escape_string($access_url_id);
}
$order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname, username' : ' ORDER BY lastname, firstname, username';
$sql="SELECT u.user_id, lastname, firstname, username, access_url_id
FROM $tbl_user u
FROM $tbl_user u
INNER JOIN $table_url_rel_user
ON $table_url_rel_user.user_id = u.user_id
$where".$order_clause;
$result=api_sql_query($sql,__FILE__,__LINE__);
$result=api_sql_query($sql,__FILE__,__LINE__);
$users=api_store_result($result);
return $users;
return $users;
}
/** Gets the inner join of access_url and the course table
* @author Julio Montoya
* @return int access url id
@ -197,24 +197,24 @@ class UrlManager
function get_url_rel_course_data($access_url_id='')
{
$where ='';
$table_url_rel_course = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$table_url_rel_course = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$tbl_course = Database :: get_main_table(TABLE_MAIN_COURSE);
if (!empty($access_url_id))
$where ="WHERE $table_url_rel_course.access_url_id = ".Database::escape_string($access_url_id);
$sql="SELECT course_code, title, access_url_id
FROM $tbl_course u
FROM $tbl_course u
INNER JOIN $table_url_rel_course
ON $table_url_rel_course.course_code = code
$where
ORDER BY title, code";
$result=api_sql_query($sql,__FILE__,__LINE__);
$result=api_sql_query($sql,__FILE__,__LINE__);
$courses=api_store_result($result);
return $courses;
}
return $courses;
}
/** Gets the inner join of access_url and the session table
* @author Julio Montoya
* @return int access url id
@ -223,49 +223,49 @@ class UrlManager
function get_url_rel_session_data($access_url_id='')
{
$where ='';
$table_url_rel_session = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION);
$table_url_rel_session = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION);
$tbl_session = Database :: get_main_table(TABLE_MAIN_SESSION);
if (!empty($access_url_id))
$where ="WHERE $table_url_rel_session.access_url_id = ".Database::escape_string($access_url_id);
$sql="SELECT id, name, access_url_id
FROM $tbl_session u
FROM $tbl_session u
INNER JOIN $table_url_rel_session
ON $table_url_rel_session.session_id = id
$where
ORDER BY name, id";
$result=api_sql_query($sql,__FILE__,__LINE__);
$result=api_sql_query($sql,__FILE__,__LINE__);
$sessions=api_store_result($result);
return $sessions;
}
return $sessions;
}
/**
* Sets the status of an URL 1 or 0
* Sets the status of an URL 1 or 0
* @author Julio Montoya
* @param string lock || unlock
* @param int url id
* */
function set_url_status($status, $url_id)
{
$url_table = Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$url_table = Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
if ($status=='lock') {
$status_db='0';
$status_db='0';
}
if ($status=='unlock') {
$status_db='1';
}
$status_db='1';
}
if(($status_db=='1' OR $status_db=='0') AND is_numeric($url_id)) {
$sql="UPDATE $url_table SET active='".Database::escape_string($status_db)."' WHERE id='".Database::escape_string($url_id)."'";
$result = api_sql_query($sql, __FILE__, __LINE__);
}
}
}
/**
* Checks the relationship between an URL and a User (return the num_rows)
* Checks the relationship between an URL and a User (return the num_rows)
* @author Julio Montoya
* @param int user id
* @param int url id
@ -273,15 +273,15 @@ class UrlManager
* */
function relation_url_user_exist($user_id, $url_id)
{
$table_url_rel_user= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$table_url_rel_user= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$sql= "SELECT user_id FROM $table_url_rel_user WHERE access_url_id = ".Database::escape_string($url_id)." AND user_id = ".Database::escape_string($user_id)." ";
$result = api_sql_query($sql, __FILE__, __LINE__);
$num = Database::num_rows($result);
$num = Database::num_rows($result);
return $num;
}
/**
* Checks the relationship between an URL and a Course (return the num_rows)
* Checks the relationship between an URL and a Course (return the num_rows)
* @author Julio Montoya
* @param int user id
* @param int url id
@ -289,16 +289,16 @@ class UrlManager
* */
function relation_url_course_exist($course_id, $url_id)
{
$table_url_rel_course= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$table_url_rel_course= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$sql= "SELECT course_code FROM $table_url_rel_course WHERE access_url_id = ".Database::escape_string($url_id)." AND course_code = '".Database::escape_string($course_id)."'";
$result = api_sql_query($sql, __FILE__, __LINE__);
$num = Database::num_rows($result);
$num = Database::num_rows($result);
return $num;
}
/**
* Checks the relationship between an URL and a Session (return the num_rows)
* Checks the relationship between an URL and a Session (return the num_rows)
* @author Julio Montoya
* @param int user id
* @param int url id
@ -306,14 +306,14 @@ class UrlManager
* */
function relation_url_session_exist($session_id, $url_id)
{
$table_url_rel_session= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION);
$table_url_rel_session= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION);
$sql= "SELECT session_id FROM $table_url_rel_session WHERE access_url_id = ".Database::escape_string($url_id)." AND session_id = ".Database::escape_string($session_id);
$result = api_sql_query($sql, __FILE__, __LINE__);
$num = Database::num_rows($result);
$num = Database::num_rows($result);
return $num;
}
}
/**
* Add a group of users into a group of URLs
* @author Julio Montoya
@ -321,30 +321,30 @@ class UrlManager
* @param array of url_ids
* */
function add_users_to_urls($user_list, $url_list)
{
{
$table_url_rel_user= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$result_array=array();
if (is_array($user_list) && is_array($url_list)){
foreach ($url_list as $url_id) {
foreach ($url_list as $url_id) {
foreach ($user_list as $user_id) {
$count = UrlManager::relation_url_user_exist($user_id,$url_id);
$count = UrlManager::relation_url_user_exist($user_id,$url_id);
if ($count==0) {
$sql = "INSERT INTO $table_url_rel_user
SET user_id = ".Database::escape_string($user_id).", access_url_id = ".Database::escape_string($url_id);
$result = api_sql_query($sql, __FILE__, __LINE__);
if($result)
if($result)
$result_array[$url_id][$user_id]=1;
else
$result_array[$url_id][$user_id]=0;
}
}
}
}
}
return $result_array;
}
/**
* Add a group of courses into a group of URLs
* @author Julio Montoya
@ -352,30 +352,30 @@ class UrlManager
* @param array of url_ids
* */
function add_courses_to_urls($course_list,$url_list)
{
{
$table_url_rel_course= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$result_array=array();
if (is_array($course_list) && is_array($url_list)){
foreach ($url_list as $url_id) {
foreach ($course_list as $course_code) {
$count = UrlManager::relation_url_course_exist($course_code,$url_id);
foreach ($url_list as $url_id) {
foreach ($course_list as $course_code) {
$count = UrlManager::relation_url_course_exist($course_code,$url_id);
if ($count==0) {
$sql = "INSERT INTO $table_url_rel_course
SET course_code = '".Database::escape_string($course_code)."', access_url_id = ".Database::escape_string($url_id);
$result = api_sql_query($sql, __FILE__, __LINE__);
if($result)
if($result)
$result_array[$url_id][$course_code]=1;
else
$result_array[$url_id][$course_code]=0;
}
}
}
}
}
return $result_array;
}
/**
* Add a group of sessions into a group of URLs
* @author Julio Montoya
@ -383,31 +383,31 @@ class UrlManager
* @param array of url_ids
* */
function add_sessions_to_urls($session_list,$url_list)
{
{
$table_url_rel_session= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION);
$result_array=array();
if (is_array($session_list) && is_array($url_list)){
foreach ($url_list as $url_id) {
foreach ($session_list as $session_id) {
$count = UrlManager::relation_url_session_exist($session_id,$url_id);
foreach ($url_list as $url_id) {
foreach ($session_list as $session_id) {
$count = UrlManager::relation_url_session_exist($session_id,$url_id);
if ($count==0) {
$sql = "INSERT INTO $table_url_rel_session
SET session_id = ".Database::escape_string($session_id).", access_url_id = ".Database::escape_string($url_id);
$result = api_sql_query($sql, __FILE__, __LINE__);
if($result)
if($result)
$result_array[$url_id][$session_id]=1;
else
$result_array[$url_id][$session_id]=0;
}
}
}
}
}
return $result_array;
}
/**
* Add a user into a url
* @author Julio Montoya
@ -416,46 +416,46 @@ class UrlManager
* @return boolean true if success
* */
function add_user_to_url($user_id, $url_id=1)
{
{
$table_url_rel_user= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
if (empty($url_id)) $url_id=1;
if (empty($url_id)) $url_id=1;
$count = UrlManager::relation_url_user_exist($user_id,$url_id);
if (empty($count)) {
if (empty($count)) {
$sql = "INSERT INTO $table_url_rel_user
SET user_id = ".Database::escape_string($user_id).", access_url_id = ".Database::escape_string($url_id);
$result = api_sql_query($sql, __FILE__, __LINE__);
}
return $result;
return $result;
}
function add_course_to_url($course_code, $url_id=1)
{
{
$table_url_rel_course= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
if (empty($url_id)) $url_id=1;
if (empty($url_id)) $url_id=1;
$count = UrlManager::relation_url_course_exist($course_code,$url_id);
if (empty($count)) {
if (empty($count)) {
$sql = "INSERT INTO $table_url_rel_course
SET course_code = '".Database::escape_string($course_code)."', access_url_id = ".Database::escape_string($url_id);
$result = api_sql_query($sql, __FILE__, __LINE__);
}
return $result;
return $result;
}
function add_session_to_url($session_id, $url_id=1)
{
{
$table_url_rel_session= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION);
if (empty($url_id)) $url_id=1;
if (empty($url_id)) $url_id=1;
$count = UrlManager::relation_url_session_exist($session_id,$url_id);
if (empty($count)) {
if (empty($count)) {
$sql = "INSERT INTO $table_url_rel_session
SET session_id = ".Database::escape_string($session_id).", access_url_id = ".Database::escape_string($url_id);
$result = api_sql_query($sql, __FILE__, __LINE__);
}
return $result;
return $result;
}
/**
* Deletes an url and user relationship
* @author Julio Montoya
@ -465,12 +465,12 @@ class UrlManager
* */
function delete_url_rel_user($user_id, $url_id)
{
$table_url_rel_user= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$table_url_rel_user= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$sql= "DELETE FROM $table_url_rel_user WHERE user_id = ".Database::escape_string($user_id)." AND access_url_id=".Database::escape_string($url_id)." ";
$result = api_sql_query($sql, __FILE__, __LINE__);
return $result;
}
}
/**
* Deletes an url and course relationship
* @author Julio Montoya
@ -480,12 +480,12 @@ class UrlManager
* */
function delete_url_rel_course($course_code, $url_id)
{
$table_url_rel_course= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$table_url_rel_course= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$sql= "DELETE FROM $table_url_rel_course WHERE course_code = '".Database::escape_string($course_code)."' AND access_url_id=".Database::escape_string($url_id)." ";
$result = api_sql_query($sql, __FILE__, __LINE__);
return $result;
}
/**
* Deletes an url and session relationship
* @author Julio Montoya
@ -495,137 +495,137 @@ class UrlManager
* */
function delete_url_rel_session($session_id, $url_id)
{
$table_url_rel_session = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION);
$table_url_rel_session = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION);
$sql= "DELETE FROM $table_url_rel_session WHERE session_id = ".Database::escape_string($session_id)." AND access_url_id=".Database::escape_string($url_id)." ";
$result = api_sql_query($sql, __FILE__, __LINE__);
return $result;
}
/**
* Updates the access_url_rel_user table with a given user list
* @author Julio Montoya
* @param array user list
* @param int access_url_id
* @param int access_url_id
* */
function update_urls_rel_user($user_list,$access_url_id)
{
$table_access_url = Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$table_url_rel_user = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$table_url_rel_user = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$sql = "SELECT user_id FROM $table_url_rel_user WHERE access_url_id=".Database::escape_string($access_url_id);
$result = api_sql_query($sql,__FILE__,__LINE__ );
$existingUsers = array();
while($row = Database::fetch_array($result)){
$existingUsers[] = $row['user_id'];
}
}
//adding users
foreach($user_list as $enreg_user) {
if(!in_array($enreg_user, $existingUsers)) {
UrlManager::add_user_to_url($enreg_user,$access_url_id);
UrlManager::add_user_to_url($enreg_user,$access_url_id);
}
}
//deleting old users
//deleting old users
foreach($existingUsers as $existing_user) {
if(!in_array($existing_user, $user_list)) {
UrlManager::delete_url_rel_user($existing_user,$access_url_id);
UrlManager::delete_url_rel_user($existing_user,$access_url_id);
}
}
}
}
/**
* Updates the access_url_rel_course table with a given user list
* @author Julio Montoya
* @param array user list
* @param int access_url_id
* @param int access_url_id
* */
function update_urls_rel_course($course_list,$access_url_id)
{
$table_course = Database :: get_main_table(TABLE_MAIN_COURSE);
$table_url_rel_course = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$table_url_rel_course = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$sql = "SELECT course_code FROM $table_url_rel_course WHERE access_url_id=".Database::escape_string($access_url_id);
$result = api_sql_query($sql,__FILE__,__LINE__ );
$existing_courses = array();
$existing_courses = array();
while($row = Database::fetch_array($result)){
$existing_courses[] = $row['course_code'];
}
}
//adding courses
foreach($course_list as $course) {
if(!in_array($course, $existing_courses)) {
UrlManager::add_course_to_url($course,$access_url_id);
UrlManager::add_course_to_url($course,$access_url_id);
}
}
//deleting old courses
//deleting old courses
foreach($existing_courses as $existing_course) {
if(!in_array($existing_course, $course_list)) {
UrlManager::delete_url_rel_course($existing_course,$access_url_id);
UrlManager::delete_url_rel_course($existing_course,$access_url_id);
}
}
}
}
/**
* Updates the access_url_rel_session table with a given user list
* @author Julio Montoya
* @param array user list
* @param int access_url_id
* @param int access_url_id
* */
function update_urls_rel_session($session_list,$access_url_id)
{
$table_session = Database :: get_main_table(TABLE_MAIN_SESSION);
$table_url_rel_session = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION);
$table_url_rel_session = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION);
$sql = "SELECT session_id FROM $table_url_rel_session WHERE access_url_id=".Database::escape_string($access_url_id);
$result = api_sql_query($sql,__FILE__,__LINE__ );
$existing_sessions = array();
$existing_sessions = array();
while($row = Database::fetch_array($result)){
$existing_sessions[] = $row['session_id'];
}
}
//adding users
foreach($session_list as $session) {
if(!in_array($session, $existing_sessions)) {
UrlManager::add_session_to_url($session,$access_url_id);
UrlManager::add_session_to_url($session,$access_url_id);
}
}
//deleting old users
//deleting old users
foreach($existing_sessions as $existing_session) {
if(!in_array($existing_session, $session_list)) {
UrlManager::delete_url_rel_session($existing_session,$access_url_id);
UrlManager::delete_url_rel_session($existing_session,$access_url_id);
}
}
}
}
function get_access_url_from_user($user_id) {
$table_url_rel_user = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$table_url = Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$sql = "SELECT url, access_url_id FROM $table_url_rel_user url_rel_user INNER JOIN $table_url u
$table_url = Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$sql = "SELECT url, access_url_id FROM $table_url_rel_user url_rel_user INNER JOIN $table_url u
ON (url_rel_user.access_url_id = u.id)
WHERE user_id = ".Database::escape_string($user_id);
$result = api_sql_query($sql, __FILE__, __LINE__);
$url_list = api_store_result($result);
return $url_list;
}
$result = api_sql_query($sql, __FILE__, __LINE__);
$url_list = api_store_result($result);
return $url_list;
}
/**
*
*
* */
function get_url_id($url)
{
$table_access_url= Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
{
$table_access_url= Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$sql = "SELECT id FROM $table_access_url WHERE url = '".Database::escape_string($url)."'";
$result = api_sql_query($sql);
$result = api_sql_query($sql);
$access_url_id = Database::result($result, 0, 0);
return $access_url_id;
}
}
}
?>

218
main/inc/lib/xht.lib.php
Unescape View File

@ -7,34 +7,34 @@
*/
/**
==============================================================================
==============================================================================
* This is an XML HTML template library.
* Include/require it in your code to use its functionality.
*
* This library defines function xht_htmlwchars & class xhtdoc with methods:
* - xht_fill_template($template_name)
* - xht_substitute($subtext)
*
*
* Check htt_error after defining a new xhtdoc(htt_file_contents).
*
* Assign xht_xmldoc (, xht_get_lang, xht_resource, xht_dbgn)
*
* Assign xht_xmldoc (, xht_get_lang, xht_resource, xht_dbgn)
* before calling the class methods.
*
* @package dokeos.library
==============================================================================
==============================================================================
*/
function xht_htmlwchars($s) // use only where ISO-8859-1 is not required!
{
//return ereg_replace('\[((/?(b|big|i|small|sub|sup|u))|br/)\]', '<\\1>',
// str_replace('@§@', '&',
// htmlspecialchars(ereg_replace('&#([0-9]+);', '@§@#\\1;', $s))));
//return ereg_replace('\[((/?(b|big|i|small|sub|sup|u))|br/)\]', '<\\1>',
// str_replace('@<EFBFBD>@', '&',
// htmlspecialchars(ereg_replace('&#([0-9]+);', '@<EFBFBD>@#\\1;', $s))));
global $charset;
return api_ereg_replace('\[((/?(b|big|i|small|sub|sup|u))|br/)\]', '<\\1>',
str_replace('@§@', '&',
htmlspecialchars(api_ereg_replace('&#([0-9]+);', '@§@#\\1;', $s), ENT_QUOTES, $charset)));
str_replace('@<EFBFBD>@', '&',
htmlspecialchars(api_ereg_replace('&#([0-9]+);', '@<EFBFBD>@#\\1;', $s), ENT_QUOTES, $charset)));
// replaces htmlspecialchars for double-escaped xml chars like '&amp;#nnn;'
// and when html tags <...> are represented as [...]
}
@ -47,12 +47,12 @@ function xht_is_assoclist($s) // ":key1:value1,, key2:value2,, ..."
function xht_explode_assoclist($s)
{
$result = array(); if (!xht_is_assoclist($s)) return $result;
foreach (explode(',,', api_substr($s, 1)) as $keyplusvalue)
if ($cp = api_strpos($keyplusvalue, api_substr($s, 0, 1)))
$result[trim(api_substr($keyplusvalue, 0, $cp))] =
$result[trim(api_substr($keyplusvalue, 0, $cp))] =
api_substr($keyplusvalue, $cp+1);
return $result;
}
@ -79,27 +79,27 @@ function xht_fill_template($template_name, $cur_elem = 0)
$template_name = trim($template_name);
if (!$template_name || (api_strpos($template_name, ' ') !== FALSE)) return '';
if (!is_string($httext = $this->htt_array[$template_name])) return '';
if ($this->xht_dbgn) $this->xht_dbgo .= '<!-- ' . XHT_LP . $template_name .
if ($this->xht_dbgn) $this->xht_dbgo .= '<!-- ' . XHT_LP . $template_name .
' ' . XHT_RP . $this->_show_param() . " -->\n";
$prev_lpp = 0; $prev_sub = ''; $scanpos = 0;
while (($rpp = api_strpos($httext, XHT_RP, $scanpos)) !== FALSE) // first -}
{
if (($lpp = api_strpos($httext, XHT_LP)) === FALSE) break; // no {- for -}
if ($lpp > $rpp) break; // no {- preceding -}
while (($next_lpp = api_strpos($httext, XHT_LP, $lpp + XHT_PL)) !== FALSE)
if ($next_lpp > $rpp) break;
else $lpp = $next_lpp; // find {- closest to -}
$subtext = api_substr($httext, $lpp + XHT_PL, $rpp - $lpp - XHT_PL);
$httext = api_substr($httext, 0, $lpp) .
$this->xht_substitute($subtext, $cur_elem, XHT_LP, XHT_RP) .
$httext = api_substr($httext, 0, $lpp) .
$this->xht_substitute($subtext, $cur_elem, XHT_LP, XHT_RP) .
api_substr($httext, $rpp + XHT_PL); // substitute or leave intact
if ($lpp == $prev_lpp && $subtext == $prev_sub) // prevent looping
{
$scanpos = $rpp + 1; $prev_lpp = 0; $prev_sub = '';
@ -109,7 +109,7 @@ function xht_fill_template($template_name, $cur_elem = 0)
$prev_lpp = $lpp; $prev_sub = $subtext;
}
}
return $httext;
}
@ -119,20 +119,20 @@ function xht_substitute($subtext, $cur_elem = 0, $pre = '', $post = '')
global $charset;
$regs = array(); // for use with ereg()
if (!api_ereg(XHT_SUBS2, $subtext, $regs) && !api_ereg(XHT_SUBS1, $subtext, $regs))
if (!api_ereg(XHT_SUBS2, $subtext, $regs) && !api_ereg(XHT_SUBS1, $subtext, $regs))
return $pre . $subtext . $post;
$type = $regs[1]; $text = $regs[2]; $result = ''; $subnum = FALSE;
$subtext = isset($regs[3]) ? $regs[3] : '';
$subtext = isset($regs[3]) ? $regs[3] : '';
if ($this->xht_dbgn) // generate debugging output, with new number $subnum
{
$subnum = ++ $this->xht_dbgn;
$this->xht_dbgo .= '<!-- ' . XHT_LP . $type . $subnum . '+ ' .
htmlspecialchars($text, ENT_QUOTES, $charset) . ' ' . XHT_RP .
$subnum = ++ $this->xht_dbgn;
$this->xht_dbgo .= '<!-- ' . XHT_LP . $type . $subnum . '+ ' .
htmlspecialchars($text, ENT_QUOTES, $charset) . ' ' . XHT_RP .
$this->_show_param() . " -->\n";
}
if ($type == 'D') // Define, e.g. {-D key value-}
{
// Assign the value to parameter [key]
@ -142,7 +142,7 @@ function xht_substitute($subtext, $cur_elem = 0, $pre = '', $post = '')
elseif ($type == 'E') // Escape, e.g. {-E userFunction subtext-}
{
$result = call_user_func($text, FALSE); // get cached result, if any
if ($result === FALSE) // no cached result available
{
$result = $this->xht_substitute($subtext, $cur_elem);
@ -153,7 +153,7 @@ function xht_substitute($subtext, $cur_elem = 0, $pre = '', $post = '')
{
$rdepthn = 'rdepth' . (++ $this->xht_param['rdepth']);
$n = 0; $this->xht_param['number'] = '0';
if (is_array($a = $this->_lang($text, $cur_elem))) // repeat on array
{
foreach ($a as $key => $value)
@ -182,9 +182,9 @@ function xht_substitute($subtext, $cur_elem = 0, $pre = '', $post = '')
}
else // repeat on XML elements
{
$sub_elems =
$sub_elems =
$this->xht_xmldoc->xmd_select_elements($text, $cur_elem);
foreach ($sub_elems as $subElem)
{
$this->xht_param['number'] = (string) (++ $n);
@ -194,10 +194,10 @@ function xht_substitute($subtext, $cur_elem = 0, $pre = '', $post = '')
}
// removed 2004/10/05: template_array (security)
// added 2005/03/08: associative list (lang arrays deprecated)
$this->xht_param['rdepth'] --;
// As there is only one ['number'] or one set ['key'] + ['value'],
// As there is only one ['number'] or one set ['key'] + ['value'],
// using them in nested repeats may not have the desired result.
}
elseif ($type == 'T') // Test, e.g. {-T key1 == key2 text-}
@ -205,18 +205,18 @@ function xht_substitute($subtext, $cur_elem = 0, $pre = '', $post = '')
if (api_ereg('^(=|==|<=|<|!=|<>|>|>=) +([^ ]+) +(.*)$', $subtext, $regs))
{
// Comparand= parameter value if set, else languagevar value
$cmp1 = isset($this->xht_param[$text]) ?
$cmp1 = isset($this->xht_param[$text]) ?
$this->xht_param[$text] : $this->_lang($text, $cur_elem);
$cmp3 = isset($this->xht_param[$cmp3 = $regs[2]]) ?
$cmp3 = isset($this->xht_param[$cmp3 = $regs[2]]) ?
$this->xht_param[$cmp3] : $this->_lang($cmp3, $cur_elem);
$cmp = strcmp($cmp1, $cmp3); $op = ' ' . $regs[1] . ' ';
if ($subnum) $this->xht_dbgo .= '<!-- ' . XHT_LP . $type . $subnum .
if ($subnum) $this->xht_dbgo .= '<!-- ' . XHT_LP . $type . $subnum .
' ' . htmlspecialchars($cmp1.$op.$cmp3.' = '.$cmp, ENT_QUOTES, $charset) .
' ' . XHT_RP . " -->\n"; // debugging output
if ( ($cmp < 0 && api_strpos(' <= < != <> ', $op)) ||
if ( ($cmp < 0 && api_strpos(' <= < != <> ', $op)) ||
($cmp == 0 && api_strpos(' = == <= >= ', $op)) ||
($cmp > 0 && api_strpos(' != <> > >= ', $op)) )
$result = $this->xht_substitute($regs[3], $cur_elem);
@ -231,7 +231,7 @@ function xht_substitute($subtext, $cur_elem = 0, $pre = '', $post = '')
{
if (api_strpos('CLPVX', $type) !== FALSE) // used to be always
$text = $this->xht_substitute($text, $cur_elem); // nested escape
if ($type == 'C') // Call, e.g. {-C SUBTEMPLATE-}
$result = $this->xht_fill_template($text, $cur_elem);
elseif ($type == 'H') $result = htmlspecialchars($text, ENT_QUOTES, $charset);
@ -245,29 +245,29 @@ function xht_substitute($subtext, $cur_elem = 0, $pre = '', $post = '')
}
else // $type == 'V' or 'X'
{
if (api_ereg('^(.*)=/(.+)$', $text, $regs)) // special resource-marker
{
$path = $regs[1]; $text = $regs[2];
if (api_substr($path, -1) == '/') $path = api_substr($path, 0, -1);
if ($path) $cur_elem = $this->xht_xmldoc->
xmd_select_single_element($path, $cur_elem);
$cur_elem = call_user_func($this->xht_resource, $cur_elem);
}
$result = ($type == 'V') ?
$this->xht_xmldoc->xmd_value($text, $cur_elem) :
$result = ($type == 'V') ?
$this->xht_xmldoc->xmd_value($text, $cur_elem) :
$this->xht_xmldoc->
xmd_html_value($text, $cur_elem, 'xht_htmlwchars');
}
}
if ($subnum) $this->xht_dbgo .= '<!-- ' . XHT_LP . $type . $subnum . '- ' .
htmlspecialchars((api_strlen($result) <= 60) ?
if ($subnum) $this->xht_dbgo .= '<!-- ' . XHT_LP . $type . $subnum . '- ' .
htmlspecialchars((api_strlen($result) <= 60) ?
$result . ' ': api_substr($result, 0, 57).'...', ENT_QUOTES, $charset) . XHT_RP . " -->\n";
return $result;
}
@ -277,10 +277,10 @@ function xht_add_template($template_name, $httext)
$this->htt_array[$template_name] = $httext;
// removed 2004/10/05: (substr($httext, 0, 6) == 'array(') ?
// removed 2004/10/05: @eval('return ' . $httext . ';') : $httext;
if (!$this->htt_array[$template_name])
{
$this->htt_error = 'template ' . $template_name .
$this->htt_error = 'template ' . $template_name .
' is empty or invalid'; return;
}
}
@ -290,58 +290,58 @@ function xhtdoc($htt_file_contents)
{
$htt_file_contents = // normalize \r (Mac) and \r\n (Windows) to \n
str_replace("\r", "\n", str_replace("\r\n", "\n", $htt_file_contents));
while (api_substr($htt_file_contents, -1) == "\n")
$htt_file_contents = api_substr($htt_file_contents, 0, -1);
$last_line = api_strrchr($htt_file_contents, "\n"); $this->htt_error = '';
if (api_strlen($last_line) < 12 || api_substr($last_line, 0, 6) != "\n<!-- "
if (api_strlen($last_line) < 12 || api_substr($last_line, 0, 6) != "\n<!-- "
|| api_strlen($last_line) % 2 != 0 || api_substr($last_line, -4) != " -->")
{
$this->htt_error = 'last line must be of the form <!-- {--} -->';
return;
}
define('XHT_PL', (int) (api_strlen($last_line) - 10) / 2); // Parentheses Lth
define('XHT_LP', api_substr($last_line, 6, XHT_PL)); // Left Par
define('XHT_RP', api_substr($last_line, 6 + XHT_PL, XHT_PL)); // Right Par
if (XHT_LP == XHT_RP)
if (XHT_LP == XHT_RP)
{
$this->htt_error =
$this->htt_error =
'parentheses in last line <!-- {--} --> must not be identical';
return;
}
$this->htt_array = array(); // named elements are arrays and strings
foreach (explode("\n<!-- " . XHT_LP, "\n" . $htt_file_contents)
foreach (explode("\n<!-- " . XHT_LP, "\n" . $htt_file_contents)
as $name_and_text)
{
if (($name_length = api_strpos($name_and_text, XHT_RP . " -->\n")))
{
$template_name = trim(api_substr($name_and_text, 0, $name_length));
if (api_strpos($template_name, ' ') !== FALSE) give_up('Template ' .
if (api_strpos($template_name, ' ') !== FALSE) give_up('Template ' .
$template_name . ' has a space in its name');
$httext = api_substr($name_and_text, $name_length + XHT_PL + 5);
while (api_substr($httext, 0, 1) == "\n") $httext = api_substr($httext, 1);
while (api_substr($httext, -1) == "\n") $httext = api_substr($httext,0,-1);
$this->xht_add_template($template_name, $httext);
}
}
define('XHT_SUBS1', '^(C|H|L|P|U|V|W|X) +(.*)$'); // substitution types 1:
// Call, Htmlchars, Lang, Param, Urlencode, Value, Wchars, Xvalue
define('XHT_SUBS2', '^(D|E|R|T) +([^ ]+) +(.*)$'); // substitution types 2:
// Define, Escape, Repeat, Test
$this->xht_dbgo = '';
$this->xht_param = array(0 => '0', 1 => '1',
$this->xht_param = array(0 => '0', 1 => '1',
'' => '', 'empty' => '', 'rdepth' => 0);
$this->_prev_param = $this->xht_param;
// empty: {-R * P empty-} puts the number of subelements in {-P number-}
@ -355,14 +355,14 @@ function _show_param() // for debugging info
global $charset;
$result = '';
foreach ($this->xht_param as $k => $v)
if ($v !== $this->_prev_param[$k])
{
$this->_prev_param[$k] = $v; $result .= ', ' . $k . ': ' .
$this->_prev_param[$k] = $v; $result .= ', ' . $k . ': ' .
((api_strlen($v) <= 20) ? $v : api_substr($v, 0, 17).'...');
}
return $result ? htmlspecialchars(api_substr($result, 1), ENT_QUOTES, $charset) : '';
}
@ -392,39 +392,39 @@ function _lang($var, $cur_elem = 0)
A word of explanation...
The last line of a template file (example below) defines the special markers
that are used around template names such as INPUT and OPTION and around HTML
escapes such as 'P value' and 'L Store', { and } in the example. You can also
use markers of more than one character as long as both have the same length,
e.g. <% and %>. The markers must not be equal. In templates with JavaScript
The last line of a template file (example below) defines the special markers
that are used around template names such as INPUT and OPTION and around HTML
escapes such as 'P value' and 'L Store', { and } in the example. You can also
use markers of more than one character as long as both have the same length,
e.g. <% and %>. The markers must not be equal. In templates with JavaScript
or <style>, the use of { and } might be confusing; however, it does work.
A template starts with a special comment line giving the name of the template
A template starts with a special comment line giving the name of the template
and ends where the next template starts.
Templates contain escapes of the form {one-letter the-rest}, e.g.
{L IdentifierTip}, where the-rest can contain a nested-escape as in e.g.
Templates contain escapes of the form {one-letter the-rest}, e.g.
{L IdentifierTip}, where the-rest can contain a nested-escape as in e.g.
{R metadata/lom/general/keyword C KEYWORDTEMPLATE}.
Multiple spaces count as one in many places, but not in all. Best is to use
correct spacing. In particular, a T escape such as the example below requires
Multiple spaces count as one in many places, but not in all. Best is to use
correct spacing. In particular, a T escape such as the example below requires
a space at the end of the first line:
{T x == y
{T x == y
text
}
Names (of templates, parameters, langvars and user-functions)
Names (of templates, parameters, langvars and user-functions)
are case sensitive and cannot contain spaces.
Templates are called with a certain currency in the XML doc, usually the root
Templates are called with a certain currency in the XML doc, usually the root
element; for an xml-path repeat, the found element is the current one.
One single array with named elements and string values contains the
One single array with named elements and string values contains the
template parameters; they are shared for all template processing.
Initially, params contains
0 => '0', 1 => '1', '' => '', 'empty' => '', 'rdepth' => 0.
rdepth keeps track of the current number of nested repeats. In a repeat,
Initially, params contains
0 => '0', 1 => '1', '' => '', 'empty' => '', 'rdepth' => 0.
rdepth keeps track of the current number of nested repeats. In a repeat,
params number, key, value and rdepthN (N is 1, 2, ...) get assigned values.
Types of escapes:
@ -442,10 +442,10 @@ V xml-path/nested-escape Value from XML document element or attribute
W text xht_htmlwchars (see below)
X extended-xml-path/nested-esc eXtended Value from XML (see below)
nested-escape= without the special markers. Nesting with special markers is
always possible and in that case the inner nesting is evaluated first.
Note that as from the 2005/03/15 version, some implicit nestings are no
longer possible, e.g. {H {P key}} and {D label {L Keyword}} now require
nested-escape= without the special markers. Nesting with special markers is
always possible and in that case the inner nesting is evaluated first.
Note that as from the 2005/03/15 version, some implicit nestings are no
longer possible, e.g. {H {P key}} and {D label {L Keyword}} now require
the inner markers.
Escape allows the caller to cache template output:
@ -484,8 +484,8 @@ xht_htmlwchars is like HtmlSpecialChars, but moreover translates:
[b] to <b>, likewise for big, i, small, sub, sup, u, br, and closing tags;
&amp;#nnn; to &#nnn; (double-escape for non-UTF8-channels)
eXtended Value: see method xmd_html_value of the XML Mini-DOM;
the values (but not the pre-, in- and suffixes) are always W-processed;
eXtended Value: see method xmd_html_value of the XML Mini-DOM;
the values (but not the pre-, in- and suffixes) are always W-processed;
extended-xml-path examples:
'keyword/string ,' generates e.g. 'kwd1,kwd2,kwd3'
'keyword/string , ' generates e.g. 'kwd1, kwd2, kwd3'
@ -493,15 +493,15 @@ eXtended Value: see method xmd_html_value of the XML Mini-DOM;
but will generate nothing if no keywords are found in the XML doc;
note that the special markers ' -% ' and ' %- ' must have the spaces.
V and X escapes can have an xml-path containing '=/': this calls a user-supplied
function for finding an associated element. It can e.g. be used when reading
V and X escapes can have an xml-path containing '=/': this calls a user-supplied
function for finding an associated element. It can e.g. be used when reading
a SCORM manifest, for finding the <resource> of an <item>.
L also calls a user-supplied function. Its main target is language-dependent
texts, e.g. Dokeos 'get_lang'. But the current element is passed as second
L also calls a user-supplied function. Its main target is language-dependent
texts, e.g. Dokeos 'get_lang'. But the current element is passed as second
argument, allowing other functionality in the callback.
Array templates functionality has been removed on 2004/10/05, because of a
Array templates functionality has been removed on 2004/10/05, because of a
security issue when users can submit templates.
--------------------------------------------------------------------------------
@ -547,7 +547,7 @@ Example template file:
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

462
main/inc/lib/xmd.lib.php
View File

File diff suppressed because it is too large Load Diff

180
main/inc/local.inc.php
Unescape View File

@ -1,8 +1,8 @@
<?php
/*
==============================================================================
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2004-2009 Dokeos SPRL
Copyright (c) 2003-2005 Ghent University (UGent)
Copyright (c) 2001 Universite catholique de Louvain (UCL)
@ -11,20 +11,20 @@
Copyright (c) Patrick Cool
Copyright (c) Julio Montoya Armas
Copyright (c) Isaac flores paz
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact address: Dokeos, rue du Corbeau, 108, B-1030 Brussels, Belgium
Mail: info@dokeos.com
==============================================================================
==============================================================================
*/
/**
==============================================================================
@ -157,10 +157,10 @@ The course id is stored in $_cid session variable.
variables should be initialised here
==============================================================================
*/
// verified if exists the username and password in session current
// verified if exists the username and password in session current
if (isset($_SESSION['info_current_user'][1]) && isset($_SESSION['info_current_user'][2])) {
require_once (api_get_path(LIBRARY_PATH).'usermanager.lib.php');
require_once (api_get_path(LIBRARY_PATH).'legal.lib.php');
require_once (api_get_path(LIBRARY_PATH).'legal.lib.php');
}
// parameters passed via GET
$logout = isset($_GET["logout"]) ? $_GET["logout"] : '';
@ -179,7 +179,7 @@ $cidReset = isset($cidReset) ? Database::escape_string($cidReset) : '';
$cidReset = (isset($_GET['cidReq']) && ((isset($_SESSION['_cid']) && $_GET['cidReq']!=$_SESSION['_cid']) || (!isset($_SESSION['_cid'])))) ? Database::escape_string($_GET["cidReq"]) : $cidReset;
// $cDir is a special url param sent by courses/.htaccess
$cDir = (!empty($_GET['cDir']) ? $_GET['cDir'] : null);
$cDir = (!empty($_GET['cDir']) ? $_GET['cDir'] : null);
$gidReset = isset($gidReset) ? $gidReset : '';
// $gidReset can be set in URL-parameter
@ -200,22 +200,22 @@ if (!empty($_SESSION['_user']['user_id']) && ! ($login || $logout)) {
// uid is in session => login already done, continue with this value
$_user['user_id'] = $_SESSION['_user']['user_id'];
} else {
if (isset($_user['user_id'])) {
unset($_user['user_id']);
if (isset($_user['user_id'])) {
unset($_user['user_id']);
}
//$_SESSION['info_current_user'][1] is user name
//$_SESSION['info_current_user'][2] is current password encrypted
//$_SESSION['update_term_and_condition'][1] is current user id, of user in session
if (api_get_setting('allow_terms_conditions')=='true') {
if (isset($_POST['login']) && isset($_POST['password']) && isset($_SESSION['update_term_and_condition'][1])) {
$user_id=$_SESSION['update_term_and_condition'][1]; // user id
// update the terms & conditions
//verify type of terms and conditions
$info_legal = explode(':',$_POST['legal_info']);
$legal_type=LegalManager::get_type_of_terms_and_conditions($info_legal[0],$info_legal[1]);
$legal_type=LegalManager::get_type_of_terms_and_conditions($info_legal[0],$info_legal[1]);
//is necessary verify check
if ($legal_type==1) {
@ -223,24 +223,24 @@ if (api_get_setting('allow_terms_conditions')=='true') {
$legal_option=true;
} else {
$legal_option=false;
}
}
//no is check option
if ($legal_type==0) {
$legal_option=true;
}
if (isset($_POST['legal_accept_type']) && $legal_option===true) {
$cond_array = explode(':',$_POST['legal_accept_type']);
if (!empty($cond_array[0]) && !empty($cond_array[1])){
$time = time();
$condition_to_save = intval($cond_array[0]).':'.intval($cond_array[1]).':'.$time;
UserManager::update_extra_field_value($user_id,'legal_accept',$condition_to_save);
}
}
}
}
}
}
@ -254,9 +254,9 @@ if (api_get_setting('allow_terms_conditions')=='true') {
$sql = "SELECT user_id, username, password, auth_source, active, expiration_date
FROM $user_table
WHERE username = '".trim(addslashes($login))."'";
$result = api_sql_query($sql,__FILE__,__LINE__);
if (Database::num_rows($result) > 0) {
$uData = Database::fetch_array($result);
@ -273,10 +273,10 @@ if (api_get_setting('allow_terms_conditions')=='true') {
if (isset($_POST['password']) && isset($_SESSION['info_current_user'][2]) && $_POST['password']==$_SESSION['info_current_user'][2]) {
$password=$_POST['password'];
} else {
$password = api_get_encrypted_password($password);
}
$password = api_get_encrypted_password($password);
}
} else {
$password = api_get_encrypted_password($password);
$password = api_get_encrypted_password($password);
}
if (api_get_setting('allow_terms_conditions')=='true') {
if ($password == $uData['password'] AND (trim($login) == $uData['username'])) {
@ -286,15 +286,15 @@ if (api_get_setting('allow_terms_conditions')=='true') {
$_SESSION['update_term_and_condition']=array(true,$temp_user_id);
$_SESSION['info_current_user']=array(true,$login,$password);
header('Location: '.api_get_path(WEB_CODE_PATH).'auth/inscription.php');
exit;
exit;
} else {
unset($_SESSION['update_term_and_condition']);
unset($_SESSION['info_current_user']);
}
}
}
}
// check the user's password
if ($password == $uData['password'] AND (trim($login) == $uData['username'])) {
// check if the account is active (not locked)
@ -304,36 +304,36 @@ if (api_get_setting('allow_terms_conditions')=='true') {
global $_configuration;
if ($_configuration['multiple_access_urls']==true) {
//check the access_url configuration setting if the user is registered in the access_url_rel_user table
//getting the current access_url_id of the platform
//getting the current access_url_id of the platform
$current_access_url_id = api_get_current_access_url_id();
// my user is subscribed in these sites => $my_url_list
// my user is subscribed in these sites => $my_url_list
$my_url_list = api_get_access_url_from_user($uData['user_id']);
if (is_array($my_url_list) && count($my_url_list)>0 ){
// the user have the permissions to enter at this site
if (in_array($current_access_url_id, $my_url_list)) {
if (in_array($current_access_url_id, $my_url_list)) {
$_user['user_id'] = $uData['user_id'];
api_session_register('_user');
event_login();
api_session_register('_user');
event_login();
} else {
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=access_url_inactive');
exit;
}
}
} else {
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=access_url_inactive');
exit;
exit;
}
} else {
} else {
$_user['user_id'] = $uData['user_id'];
api_session_register('_user');
event_login();
}
} else {
$loginFailed = true;
@ -377,13 +377,13 @@ if (api_get_setting('allow_terms_conditions')=='true') {
//huh... nothing to do... we shouldn't get here
error_log('Dokeos Authentication file '. $extAuthSource[$uData['auth_source']]['login']. ' could not be found - this might prevent your system from doing the corresponding authentication process',0);
}
if (!empty($_SESSION['request_uri'])) {
$req = $_SESSION['request_uri'];
unset($_SESSION['request_uri']);
header('location: '.$req);
} else {
if (isset($param)) {
if (isset($param)) {
header('location: '.api_get_path(WEB_PATH).api_get_setting('page_after_login').$param);
} else {
@ -391,7 +391,7 @@ if (api_get_setting('allow_terms_conditions')=='true') {
header('location: '.api_get_path(WEB_PATH).api_get_setting('page_after_login'));
}
}
} else {
// login failed, mysql_num_rows($result) <= 0
@ -471,7 +471,7 @@ if (api_get_setting('allow_terms_conditions')=='true') {
$sql = "SELECT user_id, username, password, auth_source, active, expiration_date
FROM $user_table
WHERE username = '".trim(addslashes($sso['username']))."'";
$result = api_sql_query($sql,__FILE__,__LINE__);
if (Database::num_rows($result) > 0) {
@ -492,18 +492,18 @@ if (api_get_setting('allow_terms_conditions')=='true') {
global $_configuration;
if ($_configuration['multiple_access_urls']==true) {
//check the access_url configuration setting if the user is registered in the access_url_rel_user table
//getting the current access_url_id of the platform
//getting the current access_url_id of the platform
$current_access_url_id = api_get_current_access_url_id();
// my user is subscribed in these sites => $my_url_list
// my user is subscribed in these sites => $my_url_list
$my_url_list = api_get_access_url_from_user($uData['user_id']);
if (is_array($my_url_list) && count($my_url_list)>0 ) {
if (in_array($current_access_url_id, $my_url_list)) {
// the user has permission to enter at this site
$_user['user_id'] = $uData['user_id'];
api_session_register('_user');
event_login();
// Redirect to homepage
$sso_target = isset($sso['target']) ? $sso['target'] : api_get_path(WEB_PATH) .'.index.php';
@ -514,24 +514,24 @@ if (api_get_setting('allow_terms_conditions')=='true') {
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=access_url_inactive');
exit;
}
}
} else {
// there is no URL in the multiple urls list for this user
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=access_url_inactive');
exit;
exit;
}
} else {
//single URL access
$_user['user_id'] = $uData['user_id'];
api_session_register('_user');
event_login();
// Redirect to homepage
$sso_target = isset($sso['target']) ? $sso['target'] : api_get_path(WEB_PATH) .'.index.php';
header('Location: '. $sso_target);
header('Location: '. $sso_target);
}
} else {
// user account expired
@ -602,19 +602,19 @@ if (api_get_setting('allow_terms_conditions')=='true') {
if (Database::num_rows($result)>0) {
//$row = Database::fetch_array($res);
$uData = Database::fetch_array($result);
if ($uData['auth_source'] == PLATFORM_AUTH_SOURCE) {
//the authentification of this user is managed by Dokeos itself
// check if the account is active (not locked)
if ($uData['active']=='1') {
// check if the expiration date has not been reached
if ($uData['expiration_date']>date('Y-m-d H:i:s') OR $uData['expiration_date']=='0000-00-00 00:00:00') {
$_user['user_id'] = $uData['user_id'];
api_session_register('_user');
event_login();
} else {
$loginFailed = true;
api_session_unregister('_uid');
@ -627,7 +627,7 @@ if (api_get_setting('allow_terms_conditions')=='true') {
header('Location: index.php?loginFailed=1&error=account_inactive');
exit;
}
if (isset($uData['creator_id']) && $_user['user_id'] != $uData['creator_id'])
{
//first login for a not self registred
@ -797,17 +797,17 @@ if (isset($cidReset) && $cidReset) { // course session data refresh requested or
api_session_register('_cid');
api_session_register('_course');
if ($_configuration['tracking_enabled'] && !isset($_SESSION['login_as'])) {
//We add a new record in the course tracking table
$course_tracking_table = Database :: get_statistic_table(TABLE_STATISTIC_TRACK_E_COURSE_ACCESS);
$course_tracking_table = Database :: get_statistic_table(TABLE_STATISTIC_TRACK_E_COURSE_ACCESS);
$time = api_get_datetime();
$sql="INSERT INTO $course_tracking_table(course_code, user_id, login_course_date, logout_course_date, counter)" .
"VALUES('".$_course['sysCode']."', '".$_user['user_id']."', '$time', '$time', '1')";
api_sql_query($sql,__FILE__,__LINE__);
}
// if a session id has been given in url, we store the session
if (api_get_setting('use_session_mode')=='true') {
// Database Table Definitions
@ -815,7 +815,7 @@ if (isset($cidReset) && $cidReset) { // course session data refresh requested or
$tbl_user = Database::get_main_table(TABLE_MAIN_USER);
$tbl_session_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
$tbl_session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
if (!empty($_GET['id_session'])) {
$_SESSION['id_session'] = Database::escape_string($_GET['id_session']);
$sql = 'SELECT name FROM '.$tbl_session . ' WHERE id="'.$_SESSION['id_session'] . '"';
@ -824,7 +824,7 @@ if (isset($cidReset) && $cidReset) { // course session data refresh requested or
} else {
api_session_unregister('session_name');
api_session_unregister('id_session');
}
}
}
} else {
//exit("WARNING UNDEFINED CID !! ");
@ -842,7 +842,7 @@ if (isset($cidReset) && $cidReset) { // course session data refresh requested or
} else {
$_cid = $_SESSION['_cid' ];
$_course = $_SESSION['_course'];
// these lines are usefull for tracking. Indeed we can have lost the id_session and not the cid.
// Moreover, if we want to track a course with another session it can be usefull
if (!empty($_GET['id_session'])) {
@ -861,19 +861,19 @@ if (isset($cidReset) && $cidReset) { // course session data refresh requested or
$result=api_sql_query($sql,__FILE__,__LINE__);
if (Database::num_rows($result)>0) {
$i_course_access_id = Database::result($result,0,0);
//We update the course tracking table
$sql="UPDATE $course_tracking_table " .
"SET logout_course_date = '$time', " .
"counter = counter+1 " .
"WHERE course_access_id=".intval($i_course_access_id);
api_sql_query($sql,__FILE__,__LINE__);
} else {
$sql="INSERT INTO $course_tracking_table(course_code, user_id, login_course_date, logout_course_date, counter)" .
"VALUES('".$_course['sysCode']."', '".$_user['user_id']."', '$time', '$time', '1')";
api_sql_query($sql,__FILE__,__LINE__);
}
api_sql_query($sql,__FILE__,__LINE__);
}
}
}
}
@ -912,7 +912,7 @@ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) { // ses
} else {
$tbl_course_user = Database :: get_main_table(TABLE_MAIN_COURSE_USER);
$sql = "SELECT * FROM ".$tbl_course_user."
WHERE user_id = '".$_user['user_id']."'
AND course_code = '$cidReq'";
@ -926,16 +926,16 @@ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) { // ses
$is_courseMember = true;
$is_courseTutor = (bool) ($cuData['tutor_id' ] == 1 );
$is_courseAdmin = (bool) ($cuData['status'] == 1 );
api_session_register('_courseUser');
}
if (empty($is_courseAdmin)) { // this user has no status related to this course
// is it the session coach or the session admin ?
$tbl_session = Database :: get_main_table(TABLE_MAIN_SESSION);
$tbl_session_course = Database :: get_main_table(TABLE_MAIN_SESSION_COURSE);
$tbl_session_course_user = Database :: get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
$sql = "SELECT session.id_coach, session_admin_id
FROM ".$tbl_session." as session
INNER JOIN ".$tbl_session_course."
@ -944,20 +944,20 @@ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) { // ses
$result = api_sql_query($sql,__FILE__,__LINE__);
$row = api_store_result($result);
if ($row[0]['id_coach']==$_user['user_id']) {
$_courseUser['role'] = 'Professor';
$is_courseMember = true;
$is_courseTutor = true;
$is_courseCoach = true;
$is_sessionAdmin = false;
if (api_get_setting('extend_rights_for_coach')=='true') {
$is_courseAdmin = true;
} else {
$is_courseAdmin = false;
}
api_session_register('_courseUser');
} elseif ($row[0]['session_admin_id']==$_user['user_id']) {
$_courseUser['role'] = 'Professor';
@ -979,32 +979,32 @@ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) { // ses
$is_courseTutor = true;
$is_courseCoach = true;
$is_sessionAdmin = false;
if (api_get_setting('extend_rights_for_coach')=='true') {
$is_courseAdmin = true;
} else {
$is_courseAdmin = false;
}
api_session_register('_courseUser');
} else {
// Check if the user is a student is this session
$sql = "SELECT * FROM ".$tbl_session_course_user."
$sql = "SELECT * FROM ".$tbl_session_course_user."
WHERE id_user = '".$_user['user_id']."'
AND course_code = '$cidReq'";
$result = api_sql_query($sql,__FILE__,__LINE__);
if (Database::num_rows($result) > 0) { // this user have a recorded state for this course
while($row = Database::fetch_array($result)){
$is_courseMember = true;
$is_courseTutor = false;
$is_courseAdmin = false;
$is_sessionAdmin = false;
api_session_register('_courseUser');
}
}
}
}
@ -1050,7 +1050,7 @@ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) { // ses
if (isset($_SESSION ['_courseUser'])) {
$_courseUser = $_SESSION ['_courseUser'];
}
$is_courseMember = $_SESSION ['is_courseMember' ];
$is_courseAdmin = $_SESSION ['is_courseAdmin' ];
//$is_courseAllowed = $_SESSION ['is_courseAllowed']; //deprecated
@ -1086,7 +1086,7 @@ if ((isset($gidReset) && $gidReset) || (isset($cidReset) && $cidReset)) { // ses
$_gid = -1;
}
//set variable according to student_view_enabled choices
if (api_get_setting('student_view_enabled') == "true") {
if (api_get_setting('student_view_enabled') == "true") {
if (isset($_GET['isStudentView'])) {
if ($_GET['isStudentView'] == 'true') {
if (isset($_SESSION['studentview'])) {
@ -1101,14 +1101,14 @@ if (api_get_setting('student_view_enabled') == "true") {
// switching to teacherview
$_SESSION['studentview'] = 'teacherview';
}
}
}
}
}
} elseif (!empty($_SESSION['studentview'])) {
//all is fine, no change to that, obviously
} elseif (empty($_SESSION['studentview'])) {
// We are in teacherview here
$_SESSION['studentview'] = 'teacherview';
}
}
}
if (isset($_cid)) {

26
main/inc/tool_navigation_menu.inc.php
Unescape View File

@ -42,7 +42,7 @@ function get_navigation_items($include_admin_tools = false)
global $is_courseMember;
global $_user;
global $_course;
if (!empty($_course['db_name']))
{
$database = $_course['db_name'];
@ -181,7 +181,7 @@ function show_navigation_menu()
toolnavlist_el = document.getElementById('toolnavlist');
center_el = document.getElementById('center');
swap_menu_link_el = document.getElementById('swap_menu_link');
if(toolnavlist_el.style.display == 'none')
{
toolnavlist_el.style.display = '';
@ -214,16 +214,16 @@ function show_navigation_menu()
echo '<dd>';
$url_item = parse_url($navigation_item['link']);
$url_current = parse_url($_SERVER['REQUEST_URI']);
if (strpos($navigation_item['link'],'chat')!==false && api_get_course_setting('allow_open_chat_window',$course_id)==true)
{
echo '<a href="javascript: void(0);" onclick="window.open(\''.$navigation_item['link'].'\',\'window_chat'.$_SESSION['_cid'].'\',config=\'height=\'+380+\', width=\'+625+\', left=2, top=2, toolbar=no, menubar=no, scrollbars=yes, resizable=yes, location=no, directories=no, status=no\')" target="' . $navigation_item['target'] . '"';
}
}
else
{
echo '<a href="'.$navigation_item['link'].'" target="_self" ';
}
echo '<a href="'.$navigation_item['link'].'" target="_self" ';
}
if (stristr($url_item['path'],$url_current['path']))
{
if(! isset($_GET['learnpath_id']) || strpos($url_item['query'],'learnpath_id='.$_GET['learnpath_id']) === 0)
@ -237,8 +237,8 @@ function show_navigation_menu()
echo '<div align="left"><img src="'.api_get_path(WEB_IMG_PATH).$navigation_item['image'].'" alt="'.$navigation_item['name'].'"/></div>';
}
if (api_get_setting('show_navigation_menu') != 'icons')
{
echo $navigation_item['name'];
{
echo $navigation_item['name'];
}
echo '</a>';
echo '</dd>';
@ -267,7 +267,7 @@ function show_navigation_tool_shortcuts($orientation = SHORTCUTS_HORIZONTAL)
$navigation_items = get_navigation_items(false);
foreach ($navigation_items as $key => $navigation_item)
{
if (strpos($navigation_item['link'],'chat')!==false && api_get_course_setting('allow_open_chat_window')==true)
{
/*
@ -277,9 +277,9 @@ function show_navigation_tool_shortcuts($orientation = SHORTCUTS_HORIZONTAL)
}
else
{
echo '<a href="'.$navigation_item['link'].'"';
}
echo '<a href="'.$navigation_item['link'].'"';
}
if (strpos(api_get_self(), $navigation_item['link']) !== false)
{
echo ' id="here"';

Write Preview
Loading…
Cancel
Save