chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fixing SQL queries

Browse Source
skala
Julio Montoya 14 years ago
parent de1b80f272
commit 9b744b08b5
12 changed files with 40 additions and 48 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 3
      main/admin/calendar.php
  2. 3
      main/admin/calendar_ical_export.php
  3. 29
      main/admin/configure_extensions.php
  4. 4
      main/admin/course_list.php
  5. 15
      main/admin/user_move_stats.php
  6. 5
      main/auth/lostPassword.php
  7. 1
      main/blog/blog.php
  8. 2
      main/blog/blog_admin.php
  9. 4
      main/blog/download.php
  10. 2
      main/chat/chat_whoisonline.php
  11. 14
      main/course_home/3column.php
  12. 6
      main/inc/lib/course.lib.php

3
main/admin/calendar.php
Unescape View File

@ -121,11 +121,8 @@ $MonthsLong = api_get_months_long();
// Database table definitions
$TABLEAGENDA = Database::get_main_table(TABLE_MAIN_SYSTEM_CALENDAR);
$TABLE_ITEM_PROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY);
$tbl_user = Database::get_main_table(TABLE_MAIN_USER);
$tbl_courseUser = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$tbl_group = Database::get_course_table(TABLE_GROUP);
$tbl_groupUser = Database::get_course_table(TABLE_GROUP_USER);
/*
ACCESS RIGHTS

3
main/admin/calendar_ical_export.php
Unescape View File

@ -87,8 +87,7 @@ if(!empty($_GET['id']) && $_GET['id']==strval(intval($_GET['id'])))
break;
case 'course':
$TABLEAGENDA =Database::get_main_table(TABLE_MAIN_SYSTEM_CALENDAR);
//$TABLE_ITEM_PROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY);
require_once (api_get_path(SYS_CODE_PATH).'admin/calendar.lib.php');
require_once api_get_path(SYS_CODE_PATH).'admin/calendar.lib.php';
$ai = get_agenda_item($_GET['id']);
$vevent->setProperty( 'summary', api_convert_encoding($ai['title'],'UTF-8',$charset));
if(empty($ai['start_date'])){header('location:'.$_SERVER['REFERER_URI']);}

29
main/admin/configure_extensions.php
Unescape View File

@ -14,31 +14,26 @@ $message = '';
require_once api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php';
if(isset($_POST['activeExtension'])){
switch ($_POST['extension_code']){
if(isset($_POST['activeExtension'])) {
switch ($_POST['extension_code']) {
case 'visio' :
$sql = 'UPDATE '.$tbl_settings_current.' SET
selected_value="true"
WHERE variable="service_visio"
AND subkey="active"';
$rs = Database::query($sql);
if(Database::affected_rows()>0)
{
if(Database::affected_rows()>0) {
// select all the courses and insert the tool inside
$sql = 'SELECT db_name FROM '.Database::get_main_table(TABLE_MAIN_COURSE);
$sql = 'SELECT id FROM '.Database::get_main_table(TABLE_MAIN_COURSE);
$rs = Database::query($sql);
while($row = Database::fetch_array($rs)){
if(!empty($_POST['visio_host']))
{
$tool_table = Database::get_course_table(TABLE_TOOL_LIST,$row['db_name']);
$select = "SELECT id FROM $tool_table WHERE name='".TOOL_VISIO_CONFERENCE."'";
if(!empty($_POST['visio_host'])) {
$tool_table = Database::get_course_table(TABLE_TOOL_LIST);
$select = "SELECT id FROM $tool_table WHERE c_id =".$row['id']." AND name='".TOOL_VISIO_CONFERENCE."'";
$selectres = Database::query($select);
if(Database::num_rows($selectres)<1)
{
if (Database::num_rows($selectres)<1) {
$sql = 'INSERT INTO '.$tool_table.' SET
c_id = '.$row['id'].',
name="'.TOOL_VISIO_CONFERENCE.'",
link="conference/index.php?type=conference",
image="visio.gif",
@ -49,11 +44,11 @@ if(isset($_POST['activeExtension'])){
category="interaction"';
Database::query($sql);
}
$select = "SELECT id FROM $tool_table WHERE name='".TOOL_VISIO_CLASSROOM."'";
$select = "SELECT id FROM $tool_table WHERE c_id =".$row['id']." AND name='".TOOL_VISIO_CLASSROOM."'";
$selectres = Database::query($select);
if(Database::num_rows($selectres)<1)
{
if(Database::num_rows($selectres)<1) {
$sql = 'INSERT INTO '.$tool_table.' SET
c_id = '.$row['id'].',
name="'.TOOL_VISIO_CLASSROOM.'",
link="conference/index.php?type=classroom",
image="visio.gif",

4
main/admin/course_list.php
Unescape View File

@ -16,8 +16,6 @@ require_once '../inc/global.inc.php';
$this_section = SECTION_PLATFORM_ADMIN;
api_protect_admin_script();
require_once api_get_path(LIBRARY_PATH).'course.lib.php';
require_once api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php';
require_once '../gradebook/lib/be/gradebookitem.class.php';
require_once '../gradebook/lib/be/category.class.php';
@ -238,7 +236,7 @@ if (isset ($_GET['search']) && $_GET['search'] == 'advanced') {
$form->addElement('style_submit_button', 'submit', get_lang('SearchCourse'), 'class="search"');
$form->addElement('static', 'search_advanced_link', null, '<a href="course_list.php?search=advanced">'.get_lang('AdvancedSearch').'</a>');
$actions .= '<div style="float: right; margin-top: 5px; margin-right: 5px;">';
$actions .= '<div style="float: right; ">';
$actions .= '<a href="course_add.php">'.Display::return_icon('new_course.png', get_lang('AddCourse'),'','32').'</a> ';
if (api_get_setting('course_validation') == 'true') {

15
main/admin/user_move_stats.php
Unescape View File

@ -118,9 +118,7 @@ if (isset($_REQUEST['load_ajax'])) {
$TBL_DROPBOX_FILE = Database::get_course_table(TABLE_DROPBOX_FILE);
$TBL_DROPBOX_POST = Database::get_course_table(TABLE_DROPBOX_POST);
$TBL_AGENDA = Database::get_course_table(TABLE_AGENDA);
//$TBL_DROPBOX_CATEGORY = Database::get_course_table(TABLE_DROPBOX_CATEGORY, $course_info['dbName']);
$course_code = Database::escape_string($course_code);
//1. track_e_exercises
@ -243,14 +241,14 @@ if (isset($_REQUEST['load_ajax'])) {
if (!empty($list))
foreach ($list as $id=>$data) {
if ($update_database) {
$sql = "UPDATE $TBL_LP_VIEW SET session_id = '$new_session_id' WHERE id = $id ";
$sql = "UPDATE $TBL_LP_VIEW SET session_id = '$new_session_id' WHERE c_id = $course_id AND id = $id ";
if ($debug) var_dump($sql);
$res = Database::query($sql);
if ($debug) var_dump($res);
$result_message[$TBL_LP_VIEW]++;
} else {
//Getting all information of that lp_item_id
$score = Tracking::get_avg_student_score($user_id, $origin_course_code, array($data['lp_id']),$origin_session_id);
$score = Tracking::get_avg_student_score($user_id, $origin_course_code, array($data['lp_id']),$origin_session_id);
$progress = Tracking::get_avg_student_progress($user_id, $origin_course_code, array($data['lp_id']),$origin_session_id);
$result_message['LP_VIEW'][$data['lp_id']] = array('score' => $score, 'progress' =>$progress);
}
@ -467,7 +465,7 @@ if (isset($_REQUEST['load_ajax'])) {
while($row = Database::fetch_array($res,'ASSOC')) {
$id = $row['id'];
if ($update_database) {
$sql = "UPDATE $TBL_DROPBOX_FILE SET session_id = '$new_session_id' WHERE id = $id";
$sql = "UPDATE $TBL_DROPBOX_FILE SET session_id = '$new_session_id' WHERE c_id = $course_id AND id = $id";
if ($debug) var_dump($sql);
$res = Database::query($sql);
if ($debug) var_dump($res);
@ -482,13 +480,14 @@ if (isset($_REQUEST['load_ajax'])) {
//11. Notebook
$sql = "SELECT notebook_id FROM $TBL_NOTEBOOK WHERE user_id = $user_id AND session_id = $origin_session_id AND course = '$origin_course_code' AND c_id = $course_id";
$sql = "SELECT notebook_id FROM $TBL_NOTEBOOK
WHERE user_id = $user_id AND session_id = $origin_session_id AND course = '$origin_course_code' AND c_id = $course_id";
if ($debug) var_dump($sql);
$res = Database::query($sql);
while($row = Database::fetch_array($res,'ASSOC')) {
$id = $row['notebook_id'];
if ($update_database) {
$sql = "UPDATE $TBL_NOTEBOOK SET session_id = '$new_session_id' WHERE notebook_id = $id";
$sql = "UPDATE $TBL_NOTEBOOK SET session_id = '$new_session_id' WHERE c_id = $course_id AND notebook_id = $id";
if ($debug) var_dump($sql);
$res = Database::query($sql);
if ($debug) var_dump($res);

5
main/auth/lostPassword.php
Unescape View File

@ -69,8 +69,7 @@ if (api_get_setting('use_custom_pages') == 'true') {
}
$msg = Login::reset_password($_GET["reset"], $_GET["id"], true);
CustomPages::displayPage('lostpassword-feedback');
}
else {
} else {
CustomPages::displayPage('lostpassword');
}
}
@ -87,7 +86,7 @@ if (api_get_setting('allow_lostpassword') == 'false') {
if (isset ($_GET['reset']) && isset ($_GET['id'])) {
//$msg = Login::reset_password($_GET["reset"], $_GET["id"], true);
$msg1= '<a href="'.api_get_path(WEB_CODE_PATH).'auth/lostPassword.php" class="fake_button_back" >'.get_lang('Back').'</a>';
$msg1= '<a href="'.api_get_path(WEB_CODE_PATH).'auth/lostPassword.php" class="a_button gray" >'.get_lang('Back').'</a>';
echo '<br /><br /><div class="actions" >'.$msg1.'</div>';
} else {
$form = new FormValidator('lost_password');

1
main/blog/blog.php
Unescape View File

@ -27,7 +27,6 @@ if(isset($_GET['id_session'])) {
}
$lib_path = api_get_path(LIBRARY_PATH);
require_once $lib_path.'display.lib.php';
require_once $lib_path.'blog.lib.php';
require_once $lib_path.'fckeditor/fckeditor.php';

2
main/blog/blog_admin.php
Unescape View File

@ -13,7 +13,7 @@ $language_file = 'blog';
require_once '../inc/global.inc.php';
$this_section=SECTION_COURSES;
$this_section = SECTION_COURSES;
$blog_table_attachment = Database::get_course_table(TABLE_BLOGS_ATTACHMENT);

4
main/blog/download.php
Unescape View File

@ -50,11 +50,13 @@ if (is_dir($full_file_name)) {
}
$tbl_blogs_attachment = Database::get_course_table(TABLE_BLOGS_ATTACHMENT);
$course_id = api_get_course_int_id();
// launch event
event_download($doc_url);
$sql = 'SELECT filename FROM '.$tbl_blogs_attachment.' WHERE path LIKE BINARY "'.Database::escape_string($doc_url).'"';
$sql = 'SELECT filename FROM '.$tbl_blogs_attachment.'
WHERE c_id = '.$course_id.' AND path LIKE BINARY "'.Database::escape_string($doc_url).'"';
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
$row = Database::fetch_array($result);

2
main/chat/chat_whoisonline.php
Unescape View File

@ -53,7 +53,7 @@ if (!empty($course)) {
if (empty($session_id)) {
$query = "SELECT DISTINCT t1.user_id,username,firstname,lastname,picture_uri,t3.status
FROM $tbl_user t1,$tbl_chat_connected t2,$tbl_course_user t3
FROM $tbl_user t1,$tbl_chat_connected t2, $tbl_course_user t3
WHERE t2.c_id = $course_id,
t1.user_id=t2.user_id AND
t3.user_id=t2.user_id AND

14
main/course_home/3column.php
Unescape View File

@ -22,6 +22,8 @@ $id = isset($_GET['id']) ? intval($_GET['id']) : null;
$TABLE_TOOLS = Database::get_main_table(TABLE_MAIN_COURSE_MODULE);
$TBL_ACCUEIL = Database::get_course_table(TABLE_TOOL_LIST);
$course_id = api_get_course_int_id();
// WORK with data post askable by admin of course
if (api_is_allowed_to_edit(null, true)) {
@ -59,7 +61,7 @@ if (api_is_allowed_to_edit(null, true)) {
*/
if ($remove) {
$sql = "SELECT * FROM $TBL_ACCUEIL WHERE id=$id";
$sql = "SELECT * FROM $TBL_ACCUEIL WHERE c_id = $course_id AND id=$id";
$result = Database::query($sql);
$tool = Database::fetch_array($result);
$tool_name = @htmlspecialchars($tool['name'] != '' ? $tool['name'] : $tool['link'], ENT_QUOTES, api_get_system_encoding());
@ -94,20 +96,20 @@ if (api_is_allowed_to_edit(null, true)) {
*/
elseif ($destroy) {
Database::query("UPDATE $TBL_ACCUEIL SET visibility='2' WHERE id=$id");
Database::query("UPDATE $TBL_ACCUEIL SET visibility='2' WHERE c_id = $course_id AND id = $id");
}
/* HIDE */
elseif ($hide) { // visibility 1 -> 0
Database::query("UPDATE $TBL_ACCUEIL SET visibility=0 WHERE id=$id");
Database::query("UPDATE $TBL_ACCUEIL SET visibility=0 WHERE c_id = $course_id AND id=$id");
Display::display_confirmation_message(get_lang('ToolIsNowHidden'));
}
/* REACTIVATE */
elseif ($restore) { // visibility 0,2 -> 1
Database::query("UPDATE $TBL_ACCUEIL SET visibility=1 WHERE id=$id");
Database::query("UPDATE $TBL_ACCUEIL SET visibility=1 WHERE c_id = $course_id AND id=$id");
Display::display_confirmation_message(get_lang('ToolIsNowVisible'));
}
@ -117,7 +119,7 @@ elseif ($restore) { // visibility 0,2 -> 1
elseif (isset($update) && $update) {
$result = Database::query("SELECT * FROM $TBL_ACCUEIL WHERE id=$id");
$result = Database::query("SELECT * FROM $TBL_ACCUEIL WHERE c_id = $course_id AND id=$id");
$tool = Database::fetch_array($result);
$racine = $_configuration['root_sys'].'/'.$currentCourseID.'/images/';
$chemin = $racine;
@ -198,7 +200,7 @@ if ($is_platformAdmin && api_is_allowed_to_edit(null, true) && !api_is_coach())
*/
elseif (isset($delete) && $delete) {
Database::query("DELETE FROM $TBL_ACCUEIL WHERE id=$id AND added_tool=1");
Database::query("DELETE FROM $TBL_ACCUEIL WHERE c_id = $course_id AND id = $id AND added_tool=1");
}
}

6
main/inc/lib/course.lib.php
Unescape View File

@ -2472,9 +2472,11 @@ class CourseManager {
$condition_session = " AND session_id = '$session_id' ";
}
if (!empty($course_id)) {
$course_id = intval($course_id);
$condition_session .= " AND c_id = '$course_id' ";
$course_id = intval($course_id);
} else {
$course_id = api_get_course_int_id();
}
$condition_session .= " AND c_id = '$course_id' ";
$sql = "SELECT COUNT(*) AS n FROM $table WHERE 1=1 $condition_session ";
$rs = Database::query($sql);

Write Preview
Loading…
Cancel
Save