[svn r19197] logic changes - allow acces to forum and blog - (partial FS#3902)

16 years ago · 9895e50e8d
parent e94cc6eed2
commit 9895e50e8d
6 changed files with 124 additions and 57 deletions
--- a/main/forum/forumfunction.inc.php
+++ b/main/forum/forumfunction.inc.php
@ -3800,8 +3800,12 @@ function get_thread_user_post($course_db, $thread_id, $user_id )
 	 		$threads = get_threads($forum['forum_id']); 		
 	 		if (is_array($threads)) { 		
 	 			echo '<div id="social-forum">';
-	 			echo Display::return_icon('forum.gif'); 		
-	 			echo $forum['forum_title'];
+	 			/*echo Display::return_icon('forum.gif'); 		
+	 			echo $forum['forum_title'];*/
+	 			$my_course_db=explode('_',$course_db);
+	 			$my_course_code=$my_course_db[1];
+	 			echo '<div class="clear"></div><br />';
+	 			echo '<div class="actions" style="margin-left:5px;margin-right:5px;">'.Display::return_icon('forum.gif').'&nbsp;&nbsp;&nbsp;&nbsp;'.$forum['forum_title'].'&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<div style="float:right;margin-top:-18px"><a href="../forum/viewforum.php?cidReq='.$my_course_code.'&gidReq=&forum='.$forum['forum_id'].' " >'.get_lang('SeeForum').'</a></div></div>';
 	 			echo '<br / >';	echo '<br / >'; 
 	 			$i=0;			
 		 		foreach($threads as $thread) {
--- a/main/inc/lib/blog.lib.php
+++ b/main/inc/lib/blog.lib.php
@ -2863,9 +2863,13 @@ function get_blog_post_from_user($course_db_name, $user_id) {
 				ORDER BY post.date_creation DESC ";
 		$result = api_sql_query($sql, __FILE__, __LINE__);
 		$return_data = '';
+		$my_course_info=explode('_',$course_db_name);
 		if (Database::num_rows($result)!=0) {
 			while ($row=Database::fetch_array($result)) {
-				$return_data.= '<strong>'.$row['title'].'</strong>'; echo '<br>';
+				$return_data.=  '<div class="clear"></div><br />';
+	 			$return_data.=  '<div class="actions" style="margin-left:5px;margin-right:5px;">'.$row['title'].'&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<div style="float:right;margin-top:-18px"><a href="../blog/blog.php?blog_id='.$row['blog_id'].'&gidReq=&cidReq='.$my_course_info[1].' " >'.get_lang('SeeBlog').'</a></div></div>';
+	 			$return_data.=  '<br / >';
+				//$return_data.= '<strong>'.$row['title'].'</strong>'; echo '<br>';
 				$return_data.= $row['full_text'];
 				$return_data.= '<br /><br />';				
 			}
@ -2889,9 +2893,13 @@ function get_blog_comment_from_user($course_db_name, $user_id) {
 				ORDER BY blog_name";
 		$result = api_sql_query($sql, __FILE__, __LINE__);
 		$return_data = '';
+		$my_course_info=explode('_',$course_db_name);
 		if (Database::num_rows($result)!=0) {
-			while ($row=Database::fetch_array($result)) {				
-				$return_data.=  '<strong>'.$row['title'].'</strong>'; echo '<br>';
+			while ($row=Database::fetch_array($result)) {
+				$return_data.=  '<div class="clear"></div><br />';
+	 			$return_data.=  '<div class="actions" style="margin-left:5px;margin-right:5px;">'.$row['title'].'&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<div style="float:right;margin-top:-18px"><a href="../blog/blog.php?blog_id='.$row['blog_id'].'&gidReq=&cidReq='.$my_course_info[1].' " >'.get_lang('SeeBlog').'</a></div></div>';
+	 			$return_data.=  '<br / >';				
+				//$return_data.=  '<strong>'.$row['title'].'</strong>'; echo '<br>';*/
 				$return_data.=  $row['comment'];
 				$return_data.=  '<br />';
 			}
--- a/main/inc/lib/main_api.lib.php
+++ b/main/inc/lib/main_api.lib.php
@ -14,6 +14,7 @@
 	Copyright (c) Olivier Brouckaert
 	Copyright (c) Toon Van Hoecke
 	Copyright (c) Denes Nagy
+	Copyright (c) Isaac Flores

 	For a full list of contributors, see "credits.txt".
 	The full license can be read in "license.txt".
@ -3186,6 +3187,9 @@ if ( !function_exists('sys_get_temp_dir') )
        }
    }
 }
+/**
+ * This function allow know when request sent is XMLHttpRequest
+ */
 function api_is_xml_http_request() {
 	if ($_SERVER['HTTP_X_REQUESTED_WITH']=='XMLHttpRequest') {
 		return true;
@ -3230,3 +3234,19 @@ function api_is_valid_secret_key($original_key_secret,$segurity_key) {
        return false;
    }       
 }
+
+/**
+ * Check if a user is into course
+ * @param string $course_id - the course id
+ * @param string $user_id - the user id
+ */
+function api_is_user_of_course ($course_id,$user_id) {
+	$tbl_course_rel_user=Database :: get_main_table(TABLE_MAIN_COURSE_USER);
+	$sql='SELECT user_id FROM '.$tbl_course_rel_user.' WHERE course_code="'.Database::escape_string($course_id).'" AND user_id="'.Database::escape_string($user_id).'"';
+	$result=api_sql_query($sql,__FILE__,__LINE__);
+	if (Database::num_rows($result)==1) {
+		return true;
+	} else {
+		return false;
+	}
+}
--- a/main/messages/send_message_to_userfriend.inc.php
+++ b/main/messages/send_message_to_userfriend.inc.php
@ -39,7 +39,8 @@ if (api_get_setting('allow_message_tool')<>'true' && api_get_setting('allow_soci
    if ( isset($_REQUEST['user_friend']) ) {
 		$info_user_friend=array();
 		$info_path_friend=array();
-     	$userfriend_id=$_REQUEST['user_friend'];
+     	$userfriend_id=Security::remove_XSS($_REQUEST['user_friend']);
+     	$panel=Security::remove_XSS($_REQUEST['view_panel']);
     	$info_user_friend=api_get_user_info($userfriend_id);
     	$info_path_friend=UserManager::get_user_picture_path_by_id($userfriend_id,'web',false,true);
    }
@ -81,8 +82,24 @@ if (api_get_setting('allow_message_tool')<>'true' && api_get_setting('allow_soci
 ?>
 <?php       
 			if (api_get_setting('allow_message_tool')=='true') {
+				if  (isset($_REQUEST['view_panel'])) {
 ?>
-				<dd><a href="javascript:void(0)" onclick="change_panel('1','<?php echo $userfriend_id; ?>')"><?php echo mb_convert_encoding(get_lang('SendMessage'),'UTF-8',$charset);?></a></dd>
+<?php 
+			   		$user_info=api_get_user_info($userfriend_id);
+			  		 echo mb_convert_encoding(get_lang('To'),'UTF-8',$charset); ?> &nbsp;:&nbsp;&nbsp;&nbsp;&nbsp;<?php echo mb_convert_encoding($user_info['firstName'],'UTF-8',$charset); ?>
+			 		 <br/><?php echo mb_convert_encoding(get_lang('subject'),'UTF-8',$charset); ?> :<br/><input id="txt_subject_id" type="text" style="width:200px;">
+			   		 <br/><?php echo mb_convert_encoding(get_lang('Message'),'UTF-8',$charset); ?> :<br/><textarea id="txt_area_invite" rows="3" cols="25"></textarea>
+			    	 <input type="button" value="<?php echo mb_convert_encoding(get_lang('NewMessage'),'UTF-8',$charset); ?>" onclick="hide_display_message()" />&nbsp;&nbsp;&nbsp; 
+			   		 <input type="button" value="<?php echo get_lang('SendMessage'); ?>" onclick="action_database_panel('5','<?php echo $userfriend_id;?>')" />
+
+<?php
+				} else {
+?>
+	<dd><a href="javascript:void(0)" onclick="change_panel('1','<?php echo $userfriend_id; ?>')"><?php echo mb_convert_encoding(get_lang('SendMessage'),'UTF-8',$charset);?></a></dd>
+<?php					
+				}
+?>
+
 <?php
 			}
 ?>
--- a/main/social/data_personal.inc.php
+++ b/main/social/data_personal.inc.php
@ -40,41 +40,53 @@ if (isset($_POST['load_ajax'])) {
 			$course_db =  $_POST['course_code'];
 			// @todo goto the course link							
 			//echo '<a href="'.api_get_path(WEB_COURSE_PATH).$course_directory.'/?id_session='.$my_course['id_session'].'">'.get_lang('GotoCourse').'</a>';
-		
-			//------Forum messages
-			api_display_tool_title(get_lang('Forum'));
-			//print_r($course);
-			$table_forums 			= Database :: get_course_table(TABLE_FORUM,$course_db);
-			$table_threads 			= Database :: get_course_table(TABLE_FORUM_THREAD,$course_db);
-			$table_posts 			= Database :: get_course_table(TABLE_FORUM_POST,$course_db);
-			$table_item_property 	= Database :: get_course_table(TABLE_ITEM_PROPERTY,$course_db);
-			$table_users 			= Database :: get_main_table(TABLE_MAIN_USER);
-			
-			//------Forum messages
-			echo '<div class="rounded social-profile-post" style="background:#FAF9F6; padding:0px;" >';			
-			get_all_post_from_user($user_id, $course_db);
-			echo '</div>';	
-			echo '<br />';			
-			
-			//------Blog posts				
-					
-			$result = get_blog_post_from_user($course_db, $user_id); 
-			if (!empty($result)) {
-				api_display_tool_title(get_lang('BlogPosts'));				
-				echo '<div class="rounded social-profile-post" style="background:#FAF9F6; padding:0px;">';
-				echo $result;
-				echo '</div>';
-				echo '<br />';				
-			}
-			
-			//------Blog comments			
-			$result = get_blog_comment_from_user($course_db, $user_id); 
-			if (!empty($result)) {
-				api_display_tool_title(get_lang('BlogComments'));							
-				echo '<div class="rounded social-profile-post" style="background:#FAF9F6; padding:0px;">';
-				echo $result;
-				echo '</div>';
-				echo '<br />';				
+			$my_course_info_db=explode('_',$course_db);
+			$course_id=$my_course_info_db[1];
+			if (api_is_user_of_course($course_id,api_get_user_id())) {
+				//------Forum messages
+				api_display_tool_title(get_lang('Forum'));
+				//print_r($course);
+				$table_forums 			= Database :: get_course_table(TABLE_FORUM,$course_db);
+				$table_threads 			= Database :: get_course_table(TABLE_FORUM_THREAD,$course_db);
+				$table_posts 			= Database :: get_course_table(TABLE_FORUM_POST,$course_db);
+				$table_item_property 	= Database :: get_course_table(TABLE_ITEM_PROPERTY,$course_db);
+				$table_users 			= Database :: get_main_table(TABLE_MAIN_USER);
+				
+				//------Forum messages
+				echo '<div class="rounded social-profile-post" style="background:#FAF9F6; padding:0px;" >';			
+				get_all_post_from_user($user_id, $course_db);
+				echo '</div>';	
+				echo '<br />';			
+				
+				//------Blog posts				
+						
+				$result = get_blog_post_from_user($course_db, $user_id); 
+				if (!empty($result)) {
+					echo '<div class="clear"></div><br />';
+					api_display_tool_title(get_lang('BlogPosts'));				
+					echo '<div class="rounded social-profile-post" style="background:#FAF9F6; padding:0px;">';
+					echo $result;
+					echo '</div>';
+					echo '<br />';				
+				}
+				
+				//------Blog comments			
+				$result = get_blog_comment_from_user($course_db, $user_id); 
+				if (!empty($result)) {
+					api_display_tool_title(get_lang('BlogComments'));							
+					echo '<div class="rounded social-profile-post" style="background:#FAF9F6; padding:0px;">';
+					echo $result;
+					echo '</div>';
+					echo '<br />';				
+				}
+			} else {
+					echo '<div class="clear"></div><br />';
+					api_display_tool_title(get_lang('Details'));	
+					echo '<div class="rounded social-profile-post" style="background:#FAF9F6; padding:0px;">';
+					echo get_lang('UserNonRegisteredAtTheCourse');
+					echo '<div class="clear"></div><br />';
+					echo '</div>';
+					echo '<div class="clear"></div><br />';
 			}
 			break;
 		case 'unload_course' :
--- a/main/social/profile.php
+++ b/main/social/profile.php
@ -99,19 +99,21 @@ function toogle_function (element_html, course_code){
 	id_button="#btn_"+id_elem[1]; 
 	elem_src=$(id_button).attr("src"); 
 	image_show=elem_src.split("/");
-	my_image=image_show[2]; 
+	my_image=image_show[2];
+	var content = \'social_content\' + id_elem[1]; 
 	if (my_image=="nolines_plus.gif") {
-		$(ident).hide("slow");	
-		$(id_button).attr("src","../img/nolines_minus.gif"); var action = "load_course"; 
+		$(id_button).attr("src","../img/nolines_minus.gif"); var action = "load_course";
+		$("div#"+content).show("slow");	
 	} else {
-		$(ident).show("slow");	
+		$("div#"+content).hide("slow");	
 		$(id_button).attr("src","../img/nolines_plus.gif"); var action = "unload";
+		return false;
 	}
-	var content = \'social_content\' + id_elem[1]; 
+
 	 $.ajax({
 		contentType: "application/x-www-form-urlencoded",
 		beforeSend: function(objeto) {
-		$("#id_response").html("'.get_lang('Loading').'"); },
+		$("div#"+content).html("<img src=\'../inc/lib/javascript/indicator.gif\' />"); },
 		type: "POST",
 		url: "../social/data_personal.inc.php",
 		data: "load_ajax="+id_elem+"&action="+action+"&course_code="+course_code,
@ -134,7 +136,7 @@ function change_panel (mypanel_id,myuser_id) {
 		$.ajax({
 			contentType: "application/x-www-form-urlencoded",
 			beforeSend: function(objeto) {
-			$("#id_content_panel").html("'.get_lang('Loading').'"); },
+			$("#id_content_panel").html("<img src=\'../inc/lib/javascript/indicator.gif\' />"); },
 			type: "POST",
 			url: "../messages/send_message.php",
 			data: "panel_id="+mypanel_id+"&user_id="+myuser_id,
@ -160,7 +162,7 @@ function action_database_panel (option_id,myuser_id) {
 	$.ajax({
 		contentType: "application/x-www-form-urlencoded",
 		beforeSend: function(objeto) {
-		$("#display_response_id").html("'.get_lang('Loading').'"); },
+		$("#display_response_id").html("<img src=\'../inc/lib/javascript/indicator.gif\' />"); },
 		type: "POST",
 		url: "../messages/send_message.php",
 		data: "panel_id="+option_id+"&user_id="+myuser_id+"&txt_subject="+my_txt_subject+"&txt_content="+my_txt_content,
@ -193,7 +195,7 @@ function register_friend(element_input) {
 		 $.ajax({
 			contentType: "application/x-www-form-urlencoded",
 			beforeSend: function(objeto) {
-			$("#id_response").html("'.get_lang('Loading').'"); },
+			$("div#dpending_"+user_friend_id).html("<img src=\'../inc/lib/javascript/indicator.gif\' />"); },
 			type: "POST",
 			url: "../social/register_friend.php",
 			data: "friend_id="+user_friend_id+"&is_my_friend="+"friend",
@ -258,6 +260,7 @@ function get_logged_user_course_html($my_course, $count) {
 	$course_teacher = $my_course['t'];
 	$course_teacher_email = isset($my_course['email'])?$my_course['email']:'';
 	$course_info = Database :: get_course_info($course_system_code);
+	//error_log(print_r($course_info,true));
 	$course_access_settings = CourseManager :: get_access_settings($course_system_code);
 	
 	$course_visibility = $course_access_settings['visibility'];
@ -284,7 +287,6 @@ function get_logged_user_course_html($my_course, $count) {
 		$course_display_title = $course_title;
 		$course_display_code = $course_visual_code;
 	}
-
 	$s_course_status=$my_course['s'];
 	$s_htlm_status_icon="";

@ -306,7 +308,7 @@ function get_logged_user_course_html($my_course, $count) {
 	
 	//show a hyperlink to the course, unless the course is closed and user is not course admin
 	if ($course_visibility != COURSE_VISIBILITY_CLOSED || $user_in_course_status == COURSEMANAGER) {
-		$result .= '<a href="#" id="ln_'.$count.'"  onclick=toogle_function(this,\''.$course_database.'\');>&nbsp;'.$course_title.'</a></h2>';
+		$result .= '<a href="javascript:void(0)" id="ln_'.$count.'"  onclick=toogle_function(this,\''.$course_database.'\');>&nbsp;'.$course_title.'</a></h2>';
 		/*
 		if(api_get_setting('use_session_mode')=='true' && !$nosession) {
 			if(empty($my_course['id_session'])) {
@ -345,7 +347,6 @@ function get_logged_user_course_html($my_course, $count) {
 	$current_course_settings = CourseManager :: get_access_settings($my_course['k']);
 	// display the what's new icons
 	//	$result .= show_notification($my_course);
-
 	if ((CONFVAL_showExtractInfo == SCRIPTVAL_InCourseList || CONFVAL_showExtractInfo == SCRIPTVAL_Both) && $nbDigestEntries > 0) {
 		reset($digest);
 		$result .= '<ul>';
@ -420,6 +421,7 @@ function get_logged_user_course_html($my_course, $count) {
 	} else {
 		$output = array ($my_course['user_course_cat'], $result);
 	}	
+	//$my_course['creation_date'];
 	return $output;
 }

@ -446,8 +448,12 @@ $course_list_code = array();
 $i=1;
 //print_r($personal_course_list);
 foreach ($personal_course_list as $my_course) {
-	$list[] = get_logged_user_course_html($my_course,$i);	
-	$course_list_code[] = array('code'=>$my_course['c'],'dbName'=>$my_course['db'], 'title'=>$my_course['i']);
+	if ($i<=10) {
+		$list[] = get_logged_user_course_html($my_course,$i);	
+		$course_list_code[] = array('code'=>$my_course['c'],'dbName'=>$my_course['db'], 'title'=>$my_course['i']);
+	} else {
+		break;
+	}
 	$i++;
 }
 					
@ -605,7 +611,7 @@ echo '<div id="social-profile-container">';
    	  		echo '&nbsp;&nbsp;<a href="../auth/profile.php?show=1">'.get_lang('EditInformation').'</a>';
    	  			
    	  	} else {
-    	  		echo '&nbsp;&nbsp;<a href="../messages/send_message_to_userfriend.inc.php?height=365&width=610&user_friend='.$user_id.'&view=profile" class="thickbox" title="'.get_lang('SendMessage').'">'.Display::return_icon('message_new.png').'&nbsp;&nbsp;'.get_lang('SendMessage').'</a><br />'; 
+    	  		echo '&nbsp;&nbsp;<a href="../messages/send_message_to_userfriend.inc.php?height=365&width=610&user_friend='.$user_id.'&view=profile&view_panel=true" class="thickbox" title="'.get_lang('SendMessage').'">'.Display::return_icon('message_new.png').'&nbsp;&nbsp;'.get_lang('SendMessage').'</a><br />'; 
    	  		//echo '&nbsp;&nbsp;<a href="#">'.get_lang('SendMessage').'</a>';	
    	  	}
    	  	echo '<br /><br />';