chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge with 1.9.x

Browse Source
skala
Julio Montoya 12 years ago
parent 23e7c84515 3eee47d8a1
commit 9b85836c4a
121 changed files with 2355 additions and 1059 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 1
      archive/index.html
  2. 38
      documentation/changelog.html
  3. 1
      documentation/credits.html
  4. 20
      main/admin/archive_cleanup.php
  5. 3
      main/admin/course_list.php
  6. 24
      main/admin/settings.lib.php
  7. 2
      main/admin/special_exports.php
  8. 2
      main/admin/user_import.php
  9. 13
      main/announcements/announcements.php
  10. 99
      main/auth/external_login/ldap.inc.php
  11. 22
      main/auth/external_login/ldap_import_all_users.php
  12. 2
      main/auth/external_login/login.ldap.php
  13. 4
      main/auth/inscription.php
  14. 80
      main/auth/ldap/authldap.php
  15. 8
      main/auth/ldap/syncro_users.php
  16. 6
      main/auth/openid/login.php
  17. 9
      main/blog/blog.php
  18. 298
      main/calendar/agenda.inc.php
  19. 56
      main/calendar/agenda.lib.php
  20. 25
      main/calendar/agenda.php
  21. 8
      main/calendar/agenda_js.php
  22. 4
      main/calendar/myagenda.inc.php
  23. 6
      main/chat/chat.php
  24. 2
      main/chat/chat_hidden.php
  25. 6
      main/chat/chat_message.php
  26. 5
      main/chat/header_frame.inc.php
  27. 5
      main/coursecopy/classes/CourseArchiver.class.php
  28. 2
      main/coursecopy/copy_course.php
  29. 2
      main/coursecopy/copy_course_session.php
  30. 2
      main/coursecopy/create_backup.php
  31. 2
      main/coursecopy/import_backup.php
  32. 10
      main/coursecopy/recycle_course.php
  33. 18
      main/css/base.css
  34. 2
      main/css/base_chamilo.css
  35. 5
      main/dashboard/index.php
  36. 6
      main/document/document.php
  37. 33
      main/document/document_quota.php
  38. 9
      main/document/file.php
  39. 23
      main/document/slideshow.php
  40. 44
      main/exercice/exercise.class.php
  41. 6
      main/exercice/exercise.lib.php
  42. 7
      main/exercice/exercise_reminder.php
  43. 18
      main/exercice/exercise_result.class.php
  44. 4
      main/exercice/hotspot_admin.inc.php
  45. 10
      main/forum/editpost.php
  46. 16
      main/forum/forumfunction.inc.php
  47. 3
      main/forum/reply.php
  48. 6
      main/gradebook/index.php
  49. 16
      main/gradebook/lib/be/category.class.php
  50. 1
      main/gradebook/lib/gradebook_functions.inc.php
  51. 2
      main/group/group_edit.php
  52. 1
      main/inc/ajax/agenda.ajax.php
  53. 1
      main/inc/ajax/chat.ajax.php
  54. 16
      main/inc/lib/access.class.php
  55. 51
      main/inc/lib/access_token.class.php
  56. 26
      main/inc/lib/access_url_edit_courses_to_url_functions.lib.php
  57. 27
      main/inc/lib/access_url_edit_sessions_to_url_functions.lib.php
  58. 39
      main/inc/lib/access_url_edit_users_to_url_functions.lib.php
  59. 23
      main/inc/lib/add_courses_to_session_functions.lib.php
  60. 22
      main/inc/lib/add_many_session_to_category_functions.lib.php
  61. 21
      main/inc/lib/ajax_controller.class.php
  62. 4
      main/inc/lib/auth.lib.php
  63. 41
      main/inc/lib/chamilo_session.class.php
  64. 56
      main/inc/lib/chat.lib.php
  65. 3
      main/inc/lib/course.lib.php
  66. 3
      main/inc/lib/diagnoser.lib.php
  67. 4
      main/inc/lib/display.lib.php
  68. 9
      main/inc/lib/events.lib.inc.php
  69. 2
      main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/ajaxfilemanager.php
  70. 7
      main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/inc/config.base.php
  71. 2
      main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/jscripts/thickbox.js
  72. 2
      main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/theme/default/css/thickbox.css
  73. 8
      main/inc/lib/group_portal_manager.lib.php
  74. 7
      main/inc/lib/javascript/chat/js/chat.js
  75. 4
      main/inc/lib/link.lib.php
  76. 2
      main/inc/lib/main_api.lib.php
  77. 106
      main/inc/lib/notification.lib.php
  78. 33
      main/inc/lib/online.inc.php
  79. 6
      main/inc/lib/pdf.lib.php
  80. 13
      main/inc/lib/portfolio.class.php
  81. 14
      main/inc/lib/security.lib.php
  82. 4
      main/inc/lib/sessionmanager.lib.php
  83. 40
      main/inc/lib/social.lib.php
  84. 4
      main/inc/lib/tracking.lib.php
  85. 51
      main/inc/lib/usermanager.lib.php
  86. 84
      main/install/install.lib.php
  87. 5
      main/install/install_db.inc.php
  88. 1
      main/mySpace/index.php
  89. 10
      main/newscorm/learnpath.class.php
  90. 15
      main/newscorm/lp_controller.php
  91. 18
      main/newscorm/lp_impress.php
  92. 13
      main/newscorm/lp_list.php
  93. 2
      main/social/myfiles.php
  94. 29
      main/survey/survey.lib.php
  95. 46
      main/template/default/agenda/month.tpl
  96. 21
      main/template/default/auth/courses_categories.php
  97. 2
      main/template/default/layout/head.tpl
  98. 2
      main/webservices/courses_list.soap.php
  99. 87
      main/webservices/registration.soap.php
  100. 18
      main/webservices/user_info.soap.php
  101. Some files were not shown because too many files have changed in this diff Show More

1
archive/index.html
Unescape View File

@ -4,3 +4,4 @@
<body>
</body></html>

38
documentation/changelog.html
Unescape View File

@ -61,6 +61,44 @@
<li></li>
</ul>
<h1>Chamilo 1.9.6 - Mystery, 18th of April, 2013</h1>
<h3>Release notes - summary</h3>
<p>Chamilo 1.9.6 is a minor stable version with a series of improvements on top of 1.9.4.</p>
<h3>Release name</h3>
<p><a href="http://en.wikipedia.org/wiki/Mystery">Mystery</a> is a name we give new versions before we know their name. </p>
<h3>New Features</h3>
<ul>
<li></li>
</ul>
<h3>Improvements</h3>
<ul>
<li></li>
</ul>
<h3>Debugging</h3>
<ul>
<li></li>
</ul>
<h3>Third-Party Libraries additions/updates</h3>
<ul>
<li></li>
</ul>
<h3>Removals</h3>
<ul>
<li></li>
</ul>
<h3>Stylesheets and theming</h3>
<ul>
<li></li>
</ul>
<h3>Web services</h3>
<ul>
<li>Removed Dok€os prefixes from services in user_info.soap.php</li>
</ul>
------
<h1>Chamilo 1.9.4 - Puebla, 18th of January, 2013</h1>
<h3>Release notes - summary</h3>
<p>Chamilo 1.9.4 is a minor stable version with a series of improvements on top of 1.9.2.</p>

1
documentation/credits.html
Unescape View File

@ -666,6 +666,7 @@ Note that we are infinitely grateful to our translators, having made the spread
<li>Ricel Leite, for bug reports and fixes in LMS 1.9.4</li>
<li>Fausto Puppo, for bug reports and testing on exercises and learning paths in LMS 1.9.4</li>
<li>Alexander Hu, for bug reports in LMS 1.9.4</li>
<li>Fernando Muñoz (occasionally via Secunia SVCRP) for multiple security vulnerability reports in Chamilo 1.8-1.9</li>
<li>All the supporting parents, partners, children, friends, colleagues and sometimes students, of the very special geeks that we are, for their continous support and inspiration</li>
</ul>

20
main/admin/archive_cleanup.php
Unescape View File

@ -17,7 +17,6 @@ $this_section = SECTION_PLATFORM_ADMIN;
// Access restrictions
api_protect_admin_script(true);
//api_protect_global_admin_script();
// setting breadcrumbs
$interbreadcrumb[]=array('url' => 'index.php','name' => get_lang('PlatformAdmin'));
@ -25,6 +24,8 @@ $interbreadcrumb[]=array('url' => 'index.php','name' => get_lang('PlatformAdmin'
$form = new FormValidator('archive_cleanup_form');
$form->addElement('style_submit_button','proceed', get_lang('ArchiveDirCleanupProceedButton'),'class="save"');
$message = null;
if ($form->validate()) {
$archive_path = api_get_path(SYS_ARCHIVE_PATH);
$htaccess = @file_get_contents($archive_path.'.htaccess');
@ -40,11 +41,26 @@ if ($form->validate()) {
$message = 'ArchiveDirCleanupFailed';
$type = 'error';
}
header('Location: index.php?msg='.$message.'&type='.$type);
header('Location: '.api_get_self().'?msg='.$message.'&type='.$type);
exit;
}
Display::display_header(get_lang('ArchiveDirCleanup'));
Display::display_normal_message(get_lang('ArchiveDirCleanupDescr'));
if (isset($_GET['msg']) && isset($_GET['type'])) {
if (in_array($_GET['msg'], array('ArchiveDirCleanupSucceeded', 'ArchiveDirCleanupFailed')))
switch($_GET['type']) {
case 'error':
$message = Display::return_message(get_lang($_GET['msg']), 'error');
break;
case 'confirmation':
$message = Display::return_message(get_lang($_GET['msg']), 'confirm');
}
}
if (!empty($message)) {
echo $message;
}
$form->display();
Display::display_footer();

3
main/admin/course_list.php
Unescape View File

@ -105,7 +105,8 @@ function get_course_data($from, $number_of_items, $column, $direction) {
$courses = array ();
while ($course = Database::fetch_array($res)) {
// Place colour icons in front of courses.
$course[1] = get_course_visibility_icon($course[8]).'<a href="'.api_get_path(WEB_COURSE_PATH).$course[9].'/index.php">'.$course[1].'</a> '.Display::label($course['visual_code'], 'info');
$show_visual_code = $course['visual_code'] != $course[2] ? Display::label($course['visual_code'], 'info') : null;
$course[1] = get_course_visibility_icon($course[8]).'<a href="'.api_get_path(WEB_COURSE_PATH).$course[9].'/index.php">'.$course[1].'</a> '.$show_visual_code;
$course[5] = $course[5] == SUBSCRIBE_ALLOWED ? get_lang('Yes') : get_lang('No');
$course[6] = $course[6] == UNSUBSCRIBE_ALLOWED ? get_lang('Yes') : get_lang('No');
$course_rem = array($course[0], $course[1], $course[2], $course[3], $course[4], $course[5], $course[6], $course[7]);

24
main/admin/settings.lib.php
Unescape View File

@ -231,17 +231,9 @@ function handle_stylesheets()
$url_info = api_get_access_url($_configuration['access_url']);
if ($style_info[0]['access_url_changeable'] == 1 && $url_info['active'] == 1) {
$is_style_changeable = true;
/*echo '<div class="actions" id="stylesheetuploadlink">';
Display::display_icon('upload_stylesheets.png',get_lang('UploadNewStylesheet'),'',ICON_SIZE_MEDIUM);
echo '<a href="" onclick="javascript: document.getElementById(\'newstylesheetform\').style.display = \'block\'; document.getElementById(\'stylesheetuploadlink\').style.display = \'none\'; return false; ">'.get_lang('UploadNewStylesheet').'</a>';
echo '</div>';*/
}
} else {
$is_style_changeable = true;
/*echo '<div class="actions" id="stylesheetuploadlink">';
Display::display_icon('upload_stylesheets.png',get_lang('UploadNewStylesheet'),'',ICON_SIZE_MEDIUM);
echo '<a href="" onclick="javascript: document.getElementById(\'newstylesheetform\').style.display = \'block\'; document.getElementById(\'stylesheetuploadlink\').style.display = \'none\'; return false; ">'.get_lang('UploadNewStylesheet').'</a>';
echo '</div>';*/
}
$form = new FormValidator('stylesheet_upload', 'post', 'settings.php?category=Stylesheets#tabs-2');
@ -254,7 +246,7 @@ function handle_stylesheets()
);
$form->addRule('name_stylesheet', get_lang('ThisFieldIsRequired'), 'required');
$form->addElement('file', 'new_stylesheet', get_lang('UploadNewStylesheet'));
$allowed_file_types = array('css', 'zip', 'jpeg', 'jpg', 'png', 'gif', 'ico');
$allowed_file_types = array('css', 'zip', 'jpeg', 'jpg', 'png', 'gif', 'ico','psd');
$form->addRule(
'new_stylesheet',
@ -272,11 +264,9 @@ function handle_stylesheets()
} else {
// Uploading a new stylesheet.
if ($_configuration['access_url'] == 1) {
//$form->display();
$show_upload_form = true;
} else {
if ($is_style_changeable) {
//$form->display();
$show_upload_form = true;
}
}
@ -449,7 +439,7 @@ function upload_stylesheet($values, $picture)
$file = $zip->statIndex($i);
if (substr($file['name'], -1) != '/') {
$path_parts = pathinfo($file['name']);
if (!in_array($path_parts['extension'], array('jpg', 'jpeg', 'png', 'gif', 'css', 'ico'))) {
if (!in_array($path_parts['extension'], array('jpg', 'jpeg', 'png', 'gif', 'css', 'ico','psd'))) {
$valid = false;
$invalid_files[] = $file['name'];
}
@ -593,13 +583,11 @@ function store_plugins()
*/
function store_stylesheets()
{
global $_configuration;
// Insert the stylesheet.
$style = Database::escape_string($_POST['style']);
if (is_style($style)) {
api_set_setting('stylesheets', $style, null, 'stylesheets', $_configuration['access_url']);
api_set_setting('stylesheets', $style, null, 'stylesheets', api_get_current_access_url_id());
api_set_setting_last_update();
}
@ -638,10 +626,6 @@ function handle_search()
$form = new FormValidator('search-options', 'post', api_get_self().'?category=Search');
//$renderer = & $form->defaultRenderer();
//$renderer->setHeaderTemplate('<div class="sectiontitle">{header}</div>'."\n");
//$renderer->setElementTemplate('<div class="sectioncomment">{label}</div>'."\n".'<div class="sectionvalue">{element}</div>'."\n");
//$renderer->setElementTemplate('<div class="row"><div class="label">{label}</div><div class="formw">{element}<!-- BEGIN label_2 --><span class="help-block">{label_2}</span><!-- END label_2 --></div></div>');
$values = api_get_settings_options('search_enabled');
$form->addElement('header', null, get_lang('SearchEnabledTitle'));
@ -1220,7 +1204,7 @@ function delete_template($id)
// Now we remove it from the database.
$sql = "DELETE FROM $table_system_template WHERE id = '".Database::escape_string($id)."'";
$result = Database::query($sql);
Database::query($sql);
// Display a feedback message.
Display::display_confirmation_message(get_lang('TemplateDeleted'));

2
main/admin/special_exports.php
Unescape View File

@ -30,7 +30,7 @@ require_once '../coursecopy/classes/CourseRestorer.class.php';
require_once '../coursecopy/classes/CourseSelectForm.class.php';
if (function_exists('ini_set')) {
ini_set('memory_limit','256M');
api_set_memory_limit('256M');
ini_set('max_execution_time',0);
}

2
main/admin/user_import.php
Unescape View File

@ -121,7 +121,7 @@ function save_data($users) {
foreach ($users as $index => $user) {
$user = complete_missing_data($user);
$user['Status'] = api_status_key($user['Status']);
$user_id = UserManager :: create_user($user['FirstName'], $user['LastName'], $user['Status'], $user['Email'], $user['UserName'], $user['Password'], $user['OfficialCode'], api_get_setting('PlatformLanguage'), $user['PhoneNumber'], '', $user['AuthSource'], null, 1, 0, null, null, $send_mail);
$user_id = UserManager :: create_user($user['FirstName'], $user['LastName'], $user['Status'], $user['Email'], $user['UserName'], $user['Password'], $user['OfficialCode'], $user['language'], $user['PhoneNumber'], '', $user['AuthSource'], null, 1, 0, null, null, $send_mail);
if (!is_array($user['Courses']) && !empty($user['Courses'])) {
$user['Courses'] = array($user['Courses']);
}

13
main/announcements/announcements.php
Unescape View File

@ -101,6 +101,7 @@ if (!empty($_POST['To']) and ($select_groupusers_status == "show")) {
$_SESSION['select_groupusers'] = "hide";
}
$origin = empty($_GET['origin']) ? '' : Security::remove_XSS($_GET['origin']);
/* Action handling */
// display the form
@ -559,7 +560,7 @@ if (AnnouncementManager::user_can_edit_announcement()) {
echo '<div class="actions">';
if (isset($_GET['action']) && in_array($_GET['action'], array('add', 'modify', 'view'))) {
echo "<a href='".api_get_self()."?".api_get_cidreq(
)."&origin=".(empty($_GET['origin']) ? '' : $_GET['origin'])."'>".Display::return_icon(
)."&origin=".$origin."'>".Display::return_icon(
'back.png',
get_lang('Back'),
'',
@ -567,7 +568,7 @@ if (AnnouncementManager::user_can_edit_announcement()) {
)."</a>";
} else {
echo "<a href='".api_get_self()."?".api_get_cidreq(
)."&action=add&origin=".(empty($_GET['origin']) ? '' : $_GET['origin'])."'>".Display::return_icon(
)."&action=add&origin=".$origin."'>".Display::return_icon(
'new_announce.png',
get_lang('AddAnnouncement'),
'',
@ -579,7 +580,7 @@ if (AnnouncementManager::user_can_edit_announcement()) {
if (isset($_GET['action']) && in_array($_GET['action'], array('view'))) {
echo '<div class="actions">';
echo "<a href='".api_get_self()."?".api_get_cidreq(
)."&origin=".(empty($_GET['origin']) ? '' : $_GET['origin'])."'>".Display::return_icon(
)."&origin=".$origin."'>".Display::return_icon(
'back.png',
get_lang('Back'),
'',
@ -1032,7 +1033,7 @@ if ($display_announcement_list) {
echo Display::url(
get_lang('AddAnnouncement'),
api_get_self()."?".api_get_cidreq(
)."&action=add&origin=".(empty($_GET['origin']) ? '' : $_GET['origin']),
)."&action=add&origin=".$origin,
array('class' => 'btn')
);
echo '</div>';
@ -1136,9 +1137,7 @@ if ($display_announcement_list) {
$alt_visibility = get_lang('Visible');
}
$modify_icons .= "<a href=\"".api_get_self()."?".api_get_cidreq(
)."&origin=".(!empty($_GET['origin']) ? Security::remove_XSS(
$_GET['origin']
) : '')."&action=showhide&id=".$myrow['id']."&sec_token=".$stok."\">".
)."&origin=".$origin."&action=showhide&id=".$myrow['id']."&sec_token=".$stok."\">".
Display::return_icon(
$image_visibility.'.png',
$alt_visibility,

99
main/auth/external_login/ldap.inc.php
Unescape View File

@ -221,3 +221,102 @@ function extldap_get_user_search_string($username) {
return $filter;
}
/**
* Imports all LDAP users into Chamilo
* @return bool false on error, true otherwise
*/
function extldap_import_all_users() {
global $extldap_config;
//echo "Connecting...\n";
$ds = extldap_connect();
if (!$ds) {
return false;
}
//echo "Binding...\n";
$ldapbind = false;
//Connection as admin to search dn of user
$ldapbind = @ldap_bind($ds, $extldap_config['admin_dn'], $extldap_config['admin_password']);
if ($ldapbind === false) {
error_log('EXTLDAP ERROR : cannot connect with admin login/password');
return false;
}
//browse ASCII values from a to z to avoid 1000 results limit of LDAP
$count = 0;
$alphanum = array('0','1','2','3','4','5','6','7','8','9');
for ($a=97;$a<=122;$a++) {
$alphanum[] = chr($a);
}
foreach ($alphanum as $char1) {
foreach ($alphanum as $char2) {
//$user_search = "uid=*";
$user_search = "sAMAccountName=$char1$char2*";
//Search distinguish name of user
$sr = ldap_search($ds, $extldap_config['base_dn'], $user_search);
if (!$sr) {
error_log('EXTLDAP ERROR : ldap_search(' . $ds . ', ' . $extldap_config['base_dn'] . ", $user_search) failed");
return false;
}
//echo "Getting entries\n";
$users = ldap_get_entries($ds, $sr);
//echo "Entries: ".$users['count']."\n";
for ($key = 0; $key < $users['count']; $key ++) {
$user_id = extldap_add_user_by_array($users[$key], true);
$count ++;
if ($user_id) {
// echo "User #$user_id created or updated\n";
} else {
// echo "User was not created\n";
}
}
}
}
//echo "Found $count users in total\n";
@ldap_close($ds);
}
/**
* Insert users from an array of user fields
*/
function extldap_add_user_by_array($data, $update_if_exists = true) {
$lastname = api_convert_encoding($data['sn'][0], api_get_system_encoding(), 'UTF-8');
$firstname = api_convert_encoding($data['cn'][0], api_get_system_encoding(), 'UTF-8');
$email = $data['mail'][0];
// Get uid from dn
$dn_array=ldap_explode_dn($data['dn'],1);
$username = $dn_array[0]; // uid is first key
$outab[] = $data['edupersonprimaryaffiliation'][0]; // Here, "student"
//$val = ldap_get_values_len($ds, $entry, "userPassword");
//$val = ldap_get_values_len($ds, $data, "userPassword");
//$password = $val[0];
// TODO the password, if encrypted at the source, will be encrypted twice, which makes it useless. Try to fix that.
$password = $data['userPassword'][0];
$structure=$data['edupersonprimaryorgunitdn'][0];
$array_structure=explode(",", $structure);
$array_val=explode("=", $array_structure[0]);
$etape=$array_val[1];
$array_val=explode("=", $array_structure[1]);
$annee=$array_val[1];
// To ease management, we add the step-year (etape-annee) code
$official_code=$etape."-".$annee;
$auth_source='ldap';
// No expiration date for students (recover from LDAP's shadow expiry)
$expiration_date='0000-00-00 00:00:00';
$active=1;
if(empty($status)){$status = 5;}
if(empty($phone)){$phone = '';}
if(empty($picture_uri)){$picture_uri = '';}
// Adding user
$user_id = 0;
if (UserManager::is_username_available($username)) {
//echo "$username\n";
$user_id = UserManager::create_user($firstname,$lastname,$status,$email,$username,$password,$official_code,api_get_setting('platformLanguage'),$phone,$picture_uri,$auth_source,$expiration_date,$active);
} else {
if ($update_if_exists) {
$user = UserManager::get_user_info($username);
$user_id=$user['user_id'];
//echo "$username\n";
UserManager::update_user($user_id, $firstname, $lastname, $username, null, null, $email, $status, $official_code, $phone, $picture_uri, $expiration_date, $active);
}
}
return $user_id;
}

22
main/auth/external_login/ldap_import_all_users.php
Unescape View File

@ -0,0 +1,22 @@
<?php
/* For licensing terms, see /license.txt */
/**
* This script executes the importation of all users in the LDAP repository
* into Chamilo
* @package chamilo.auth.ldap
*/
/**
* Init
*/
if (PHP_SAPI != 'cli') {
die ('For security reasons, this script can only be launched from cron or from the command line');
}
use \ChamiloSession as Session;
require dirname(__FILE__) . '/../../inc/global.inc.php';
require dirname(__FILE__) . '/ldap.inc.php';
require dirname(__FILE__) . '/../../inc/conf/auth.conf.php';
/**
* Code execution
*/
extldap_import_all_users();

2
main/auth/external_login/login.ldap.php
Unescape View File

@ -71,5 +71,7 @@ if ($ldap_user !== false) {
error_log('extldap_authenticate error');
$loginFailed = true;
$uidReset = false;
if (isset($_user) && isset($_user['user_id'])) {
unset($_user['user_id']);
}
}

4
main/auth/inscription.php
Unescape View File

@ -16,6 +16,10 @@ if (!empty($_POST['language'])) { //quick hack to adapt the registration form re
require_once '../inc/global.inc.php';
require_once api_get_path(CONFIGURATION_PATH).'profile.conf.php';
if (api_get_setting('allow_registration') === 'false') {
api_not_allowed(true);
}
if (!empty($_SESSION['user_language_choice'])) {
$user_selected_language = $_SESSION['user_language_choice'];
} elseif (!empty($_SESSION['_user']['language'])) {

80
main/auth/ldap/authldap.php
Unescape View File

@ -478,6 +478,7 @@ function ldap_add_user($login) {
global $ldap_basedn, $ldap_host, $ldap_port, $ldap_rdn, $ldap_pass;
$ds = ldap_connect($ldap_host, $ldap_port);
ldap_set_version($ds);
$user_id = 0;
if ($ds) {
$str_query="(uid=".$login.")";
$r = false;
@ -487,19 +488,30 @@ function ldap_add_user($login) {
$info = ldap_get_entries($ds, $sr);
for ($key = 0; $key < $info['count']; $key ++) {
$lastname = api_convert_encoding($info[$key]['sn'][0], api_get_system_encoding(), 'UTF-8');
$firstname = api_convert_encoding($info[$key]['cn'][0], api_get_system_encoding(), 'UTF-8');
$email = $info[$key]['mail'][0];
$user_id = ldap_add_user_by_array($info[$key]);
}
} else {
Display :: display_error_message(get_lang('LDAPConnectionError'));
}
return $user_id;
}
function ldap_add_user_by_array($data, $update_if_exists = true) {
$lastname = api_convert_encoding($data['sn'][0], api_get_system_encoding(), 'UTF-8');
$firstname = api_convert_encoding($data['cn'][0], api_get_system_encoding(), 'UTF-8');
$email = $data['mail'][0];
// Get uid from dn
$dn_array=ldap_explode_dn($info[$key]['dn'],1);
$dn_array=ldap_explode_dn($data['dn'],1);
$username = $dn_array[0]; // uid is first key
$outab[] = $info[$key]['edupersonprimaryaffiliation'][0]; // Here, "student"
$outab[] = $data['edupersonprimaryaffiliation'][0]; // Here, "student"
//$val = ldap_get_values_len($ds, $entry, "userPassword");
//$val = ldap_get_values_len($ds, $info[$key], "userPassword");
//$val = ldap_get_values_len($ds, $data, "userPassword");
//$password = $val[0];
// TODO the password, if encrypted at the source, will be encrypted twice, which makes it useless. Try to fix that.
$password = $info[$key]['userPassword'][0];
$structure=$info[$key]['edupersonprimaryorgunitdn'][0];
$password = $data['userPassword'][0];
$structure=$data['edupersonprimaryorgunitdn'][0];
$array_structure=explode(",", $structure);
$array_val=explode("=", $array_structure[0]);
$etape=$array_val[1];
@ -515,19 +527,17 @@ function ldap_add_user($login) {
if(empty($phone)){$phone = '';}
if(empty($picture_uri)){$picture_uri = '';}
// Adding user
$user_id = 0;
if (UserManager::is_username_available($username)) {
$user_id = UserManager::create_user($firstname,$lastname,$status,$email,$username,$password,$official_code,api_get_setting('platformLanguage'),$phone,$picture_uri,$auth_source,$expiration_date,$active);
} else {
if ($update_if_exists) {
$user = UserManager::get_user_info($username);
$user_id=$user['user_id'];
UserManager::update_user($user_id, $firstname, $lastname, $username, null, null, $email, $status, $official_code, $phone, $picture_uri, $expiration_date, $active);
}
}
} else {
Display :: display_error_message(get_lang('LDAPConnectionError'));
}
return $user_id;;
return $user_id;
}
/**
@ -591,3 +601,47 @@ function ldap_add_user_to_session($UserList, $id_session) {
Database::query("UPDATE $tbl_session SET nbr_users=$nbr_users ".
" WHERE id='$id_session'");
}
function syncro_users() {
global $ldap_basedn, $ldap_host, $ldap_port, $ldap_rdn, $ldap_pass, $ldap_search_dn;
echo "Connecting ...";
$ldap_connect = ldap_connect( $ldap_host, $ldap_port);
ldap_set_version($ldap_connect);
if ($ldap_connect) {
//echo " Connect to LDAP server successful ";
//echo "Binding ...";
$ldap_bind = false;
$ldap_bind_res = ldap_handle_bind($ldap_connect,$ldap_bind);
if ($ldap_bind_res) {
//echo " LDAP bind successful... ";
//echo " Searching for uid... ";
// Search surname entry
//OLD: $sr=ldap_search($ldapconnect,"dc=rug, dc=ac, dc=be", "uid=$login");
//echo "<p> ldapDc = '$LDAPbasedn' </p>";
$all_user_query = "uid=*";
if(!empty($ldap_search_dn)) {
$sr = ldap_search($ldap_connect, $ldap_search_dn, $all_user_query);
} else {
$sr = ldap_search($ldap_connect, $ldap_basedn, $all_user_query);
}
//echo " Number of entries returned is ".ldap_count_entries($ldapconnect,$sr);
//echo " Getting entries ...";
$info = ldap_get_entries($ldap_connect, $sr);
for ($key = 0; $key < $info['count']; $key ++) {
$user_id = ldap_add_user_by_array($info[$key], false);
if ($user_id) {
echo "User #$user_id created ";
} else {
echo "User was not created ";
}
}
//echo "Data for ".$info["count"]." items returned:<p>";
} else {
//echo "LDAP bind failed...";
}
//echo "Closing LDAP connection<hr>";
ldap_close($ldap_connect);
} else {
//echo "<h3>Unable to connect to LDAP server</h3>";
}
}

8
main/auth/ldap/syncro_users.php
Unescape View File

@ -0,0 +1,8 @@
<?php
use \ChamiloSession as Session;
require_once '../../inc/global.inc.php';
require_once 'authldap.php';
syncro_users();

6
main/auth/openid/login.php
Unescape View File

@ -72,9 +72,9 @@ function openid_begin($claimed_id, $return_to = '', $form_values = array()) {
}
$authn_request = openid_authentication_request($claimed_id, $identity, $return_to, $assoc_handle, $services[0]['version']);
if ($services[0]['version'] == 2) {
openid_redirect($op_endpoint, $authn_request);
echo openid_redirect($op_endpoint, $authn_request);
} else {
openid_redirect_http($op_endpoint, $authn_request);
echo openid_redirect_http($op_endpoint, $authn_request);
}
}
@ -375,7 +375,7 @@ function openid_http_request($url, $headers = array(), $method = 'GET', $data =
// We don't add the port to prevent from breaking rewrite rules checking the
// host that do not take into account the port number.
'Host' => "Host: $host",
'User-Agent' => 'User-Agent: Dokeos (+http://dokeos.com/)',
'User-Agent' => 'User-Agent: Chamilo (+http://www.chamilo.org/)',
'Content-Length' => 'Content-Length: ' . strlen($data)
);

9
main/blog/blog.php
Unescape View File

@ -10,9 +10,14 @@
*/
// name of the language file that needs to be included
$language_file = "blog";
require_once '../inc/global.inc.php';
$blog_id = intval($_GET['blog_id']);
require_once '../inc/global.inc.php';
if (empty($blog_id)) {
api_not_allowed(true);
}
$this_section = SECTION_COURSES;
$current_course_tool = TOOL_BLOGS;
@ -282,7 +287,7 @@ Blog :: display_minimonthcalendar($month, $year, $blog_id);
<form action="blog.php" method="get" enctype="multipart/form-data">
<input type="hidden" name="blog_id" value="<?php echo $blog_id ?>" />
<input type="hidden" name="action" value="view_search_result" />
<input type="text" size="20" name="q" value="<?php echo (isset($_GET['q']) ? $_GET['q'] : ''); ?>" /><button class="btn search" type="submit"><?php echo get_lang('Search'); ?></button>
<input type="text" size="20" name="q" value="<?php echo isset($_GET['q']) ? Security::remove_XSS($_GET['q']) : ''; ?>" /><button class="btn search" type="submit"><?php echo get_lang('Search'); ?></button>
</form>
</td>
</tr>

298
main/calendar/agenda.inc.php
Unescape View File

@ -24,8 +24,8 @@ function setFocus(){
}
$(function() {
setFocus();
$("#selected_form_id").change(function() {
var temp ="&user_id="+$("#selected_form_id").val();
$("#selected_form_id_search").change(function() {
var temp ="&user_id="+$("#selected_form_id_search").val();
url = window.location+temp;
window.location.replace(url);
});
@ -1021,12 +1021,11 @@ function get_course_groups()
/**
* this function shows the form for sending a message to a specific group or user.
* @author: Patrick Cool <patrick.cool@UGent.be>, Ghent University
*
* @return html code
*/
function show_to_form($to_already_selected)
{
/* $user_list = get_course_users();
$group_list = get_course_groups(); */
$order = 'lastname';
if (api_is_western_name_order()) {
$order = 'firstname';
@ -1045,16 +1044,16 @@ function show_to_form($to_already_selected)
*/
function construct_not_selected_select_form($group_list = null, $user_list = null, $to_already_selected = array())
{
echo '<select data-placeholder="'.get_lang(
'Select'
).'" style="width:150px;" class="chzn-select" id="selected_form_id" name="selected_form[]" multiple="multiple">';
// adding the groups to the select form
echo '<option value="everyone">'.get_lang('Everyone').'</option>';
echo '<select data-placeholder="'.get_lang('Select').'" style="width:150px;" class="chzn-select" id="selected_form_id" name="selected_form[]" multiple="multiple">';
// Adding the groups to the select form
if (isset($to_already_selected) && $to_already_selected === 'everyone') {
echo '<option selected="selected" value="everyone">'.get_lang('Everyone').'</option>';
//} else {
} else {
echo '<option value="everyone">'.get_lang('Everyone').'</option>';
}
if (is_array($group_list)) {
echo '<optgroup label="'.get_lang('Groups').'">';
foreach ($group_list as $this_group) {
@ -1085,11 +1084,10 @@ function construct_not_selected_select_form($group_list = null, $user_list = nul
}
echo "</optgroup>";
}
}
echo "</select>";
}
function show_to($filter = 0)
function show_to($filter = 0, $id = null)
{
$order = 'lastname';
if (api_is_western_name_order()) {
@ -1099,15 +1097,16 @@ function show_to($filter = 0)
$user_list = CourseManager::get_user_list_from_course_code(api_get_course_id(), api_get_session_id(), null, $order);
$group_list = CourseManager::get_group_list_of_course(api_get_course_id(), api_get_session_id());
return construct_to_select_form($group_list, $user_list, $filter);
return construct_to_select_form($group_list, $user_list, $filter, $id);
}
function construct_to_select_form($group_list = null, $user_list = null, $filter = 0)
function construct_to_select_form($group_list = null, $user_list = null, $filter = 0, $id = null)
{
$result = '<form class="form-search">';
$result .= '<select data-placeholder= "'.get_lang(
'Everyone'
).'" name="sel_to" class="chzn-select" id="selected_form_id">';
if (empty($id)) {
$id = 'selected_form_id';
}
$result .= '<select data-placeholder= "'.get_lang('Everyone').'" name="sel_to" class="chzn-select" id="'.$id.'">';
// adding the groups to the select form
$result .= '<option value=""></option>';
@ -1657,8 +1656,9 @@ function load_edit_users($tool, $id)
$tool = Database::escape_string($tool);
$id = Database::escape_string($id);
$TABLE_ITEM_PROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY);
$course_id = api_get_course_int_id();
$sql = "SELECT * FROM $TABLE_ITEM_PROPERTY WHERE tool='$tool' AND ref='$id'";
$sql = "SELECT * FROM $TABLE_ITEM_PROPERTY WHERE c_id = $course_id AND tool='$tool' AND ref='$id'";
$result = Database::query($sql) or die(Database::error());
while ($row = Database::fetch_array($result)) {
$to_group = $row['to_group_id'];
@ -1710,31 +1710,22 @@ function change_visibility($tool, $id, $visibility)
*/
function display_courseadmin_links($filter = 0)
{
if (!api_get_course_int_id()) {
$type = isset($_REQUEST['type']) ? Security::remove_XSS($_REQUEST['type']) : 'personal';
if ($type == 'platform') {
$type = 'admin';
}
return "<a href='agenda_js.php?type=$type'>".Display::return_icon('calendar.png', get_lang('Agenda'), '', ICON_SIZE_MEDIUM)."</a>";
}
$form = null;
if (!isset($_GET['action'])) {
$form = show_to($filter);
$actions = "<a href='agenda_js.php?type=course&".api_get_cidreq()."'>".Display::return_icon(
'calendar_na.png',
get_lang('Agenda'),
'',
ICON_SIZE_MEDIUM
)."</a>";
$form = show_to($filter, 'selected_form_id_search');
$actions = "<a href='agenda_js.php?type=course&".api_get_cidreq()."'>".Display::return_icon('calendar_na.png', get_lang('Agenda'), '', ICON_SIZE_MEDIUM)."</a>";
} else {
$actions = "<a href='agenda_js.php?type=course&".api_get_cidreq()."'>".Display::return_icon(
'calendar.png',
get_lang('Agenda'),
'',
ICON_SIZE_MEDIUM
)."</a>";
$actions = "<a href='agenda_js.php?type=course&".api_get_cidreq()."'>".Display::return_icon('calendar.png', get_lang('Agenda'), '', ICON_SIZE_MEDIUM)."</a>";
}
$actions .= "<a href='agenda.php?".api_get_cidreq()."&amp;sort=asc&amp;toolgroup=".api_get_group_id(
)."&action=add'>".Display::return_icon('new_event.png', get_lang('AgendaAdd'), '', ICON_SIZE_MEDIUM)."</a>";
$actions .= "<a href='agenda.php?".api_get_cidreq()."&action=importical'>".Display::return_icon(
'import_calendar.png',
get_lang('ICalFileImport'),
'',
ICON_SIZE_MEDIUM
)."</a>";
$actions .= "<a href='agenda.php?".api_get_cidreq()."&amp;sort=asc&amp;toolgroup=".api_get_group_id()."&action=add'>".Display::return_icon('new_event.png', get_lang('AgendaAdd'), '', ICON_SIZE_MEDIUM)."</a>";
$actions .= "<a href='agenda.php?".api_get_cidreq()."&action=importical'>".Display::return_icon('import_calendar.png', get_lang('ICalFileImport'), '', ICON_SIZE_MEDIUM)."</a>";
$actions .= $form;
return $actions;
@ -1768,16 +1759,13 @@ function display_student_links()
$today_url = api_get_self()."?action=view".$day_url."&toolgroup=".api_get_group_id();
echo Display::url(get_lang('Today'), $today_url, array('class' => 'btn'));
//@todo Add next events and all events? ...
//echo Display::url(get_lang('AllEvents'), $all_url, array('class'=>'a_button white medium'));
//echo Display::url(get_lang('Next events'), $all_url, array('class'=>'a_button white medium'));
}
/**
* get all the information of the agenda_item from the database
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
* @param integer the id of the agenda item we are getting all the information of
* @return an associative array that contains all the information of the agenda item. The keys are the database fields
* @return array an associative array that contains all the information of the agenda item. The keys are the database fields
*/
function get_agenda_item($id)
{
@ -1809,7 +1797,7 @@ function get_agenda_item($id)
$_SESSION['allow_individual_calendar'] = "show";
}
$item['repeat'] = false;
$sql = "SELECT * FROM $t_agenda_repeat WHERE cal_id = $id";
$sql = "SELECT * FROM $t_agenda_repeat WHERE c_id = $course_id AND cal_id = $id";
$res = Database::query($sql);
if (Database::num_rows($res) > 0) {
//this event is repetitive
@ -1833,31 +1821,43 @@ function get_agenda_item($id)
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
* @author Julio Montoya Adding UTC support
*/
function store_edited_agenda_item($id_attach, $file_comment)
function store_edited_agenda_item($event_id, $id_attach, $file_comment)
{
global $_course;
// database definitions
$TABLE_ITEM_PROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY);
// STEP 1: editing the calendar_event table
// 1.a. some filtering of the input data
$id = (int)$_POST['id'];
$id = $event_id;
$title = strip_tags(trim($_POST['title'])); // no html allowed in the title
$content = trim($_POST['content']);
$start_date = (int)$_POST['fyear']."-".(int)$_POST['fmonth']."-".(int)$_POST['fday']." ".(int)$_POST['fhour'].":".(int)$_POST['fminute'].":00";
$end_date = (int)$_POST['end_fyear']."-".(int)$_POST['end_fmonth']."-".(int)$_POST['end_fday']." ".(int)$_POST['end_fhour'].":".(int)$_POST['end_fminute'].":00";
$to = $_POST['selectedform'];
$start_date = api_get_utc_datetime($start_date);
$end_date = api_get_utc_datetime($end_date);
if ($_POST['empty_end_date'] == 'on') {
$end_date = "0000-00-00 00:00:00";
}
$course_info = api_get_course_info();
// 1.b. the actual saving in calendar_event table
$edit_result = save_edit_agenda_item($id, $title, $content, $start_date, $end_date);
$agendaObj = new Agenda();
if (empty($course_info)) {
$agendaObj->type = 'personal';
} else {
$agendaObj->set_course($course_info);
$agendaObj->type = 'course';
if (api_is_course_coach() && !api_is_element_in_the_session(TOOL_AGENDA, $event_id)) {
return false;
}
if (!api_is_allowed_to_edit(null, true)) {
return false;
}
}
$all_day = isset($_REQUEST['all_day']) && !empty($_REQUEST['all_day']) ? 1 : 0;
$agendaObj->edit_event($id, $start_date, $end_date, $all_day, null, $title, $content);
if (empty($id_attach)) {
add_agenda_attachment_file($file_comment, $id);
@ -1865,10 +1865,10 @@ function store_edited_agenda_item($id_attach, $file_comment)
edit_agenda_attachment_file($file_comment, $id, $id_attach);
}
// step 2: editing the item_propery table (=delete all and add the new destination users/groups)
if ($edit_result = true) {
// step 2: editing the item_property table (=delete all and add the new destination users/groups)
/*if ($edit_result = true) {
// 2.a. delete everything for the users
$sql_delete = "DELETE FROM ".$TABLE_ITEM_PROPERTY." WHERE ref='$id' AND tool='".TOOL_CALENDAR_EVENT."'";
$sql_delete = "DELETE FROM ".$TABLE_ITEM_PROPERTY." WHERE c_id = $course_id AND ref='$id' AND tool='".TOOL_CALENDAR_EVENT."'";
$result = Database::query($sql_delete) or die(Database::error());
// 2.b. storing the new users/groups
@ -1877,50 +1877,20 @@ function store_edited_agenda_item($id_attach, $file_comment)
// storing the selected groups
if (is_array($send_to['groups'])) {
foreach ($send_to['groups'] as $group) {
api_item_property_update(
$_course,
TOOL_CALENDAR_EVENT,
$id,
"AgendaModified",
api_get_user_id(),
$group,
'',
$start_date,
$end_date
);
api_item_property_update($_course, TOOL_CALENDAR_EVENT, $id, "AgendaModified", api_get_user_id(), $group, '', $start_date, $end_date);
}
}
// storing the selected users
if (is_array($send_to['users'])) {
foreach ($send_to['users'] as $user) {
api_item_property_update(
$_course,
TOOL_CALENDAR_EVENT,
$id,
"AgendaModified",
api_get_user_id(),
'',
$user,
$start_date,
$end_date
);
api_item_property_update($_course, TOOL_CALENDAR_EVENT, $id, "AgendaModified", api_get_user_id(), '', $user, $start_date, $end_date);
}
}
} else {
// the message is sent to everyone, so we set the group to 0
api_item_property_update(
$_course,
TOOL_CALENDAR_EVENT,
$id,
"AgendaModified",
api_get_user_id(),
'',
'',
$start_date,
$end_date
);
api_item_property_update($_course, TOOL_CALENDAR_EVENT, $id, "AgendaModified", api_get_user_id(), '', '', $start_date, $end_date);
}
} //if ($edit_result=true)
}*/
// step 3: update the attachments (=delete all and add those in the session
update_added_resources("Agenda", $id);
@ -1955,7 +1925,7 @@ function save_edit_agenda_item($id, $title, $content, $start_date, $end_date)
/**
* This is the function that deletes an agenda item.
* The agenda item is no longer fycically deleted but the visibility in the item_property table is set to 2
* The agenda item is no longer physically deleted but the visibility in the item_property table is set to 2
* which means that it is invisible for the student AND course admin. Only the platform administrator can see it.
* This will in a later stage allow the platform administrator to recover resources that were mistakenly deleted
* by the course administrator
@ -2520,7 +2490,7 @@ function display_one_agenda_item($agenda_id)
* @param integer id, the id of the agenda item we are editing. By default this is empty which means that we are adding an
* agenda item.
*/
function show_add_form($id = '')
function show_add_form($id = '', $type = null)
{
global $MonthsLong;
@ -2584,37 +2554,58 @@ function show_add_form($id = '')
}
$default_no_empty_end_date = 0;
$course_info = null;
// if the id is set then we are editing an agenda item
if (!empty($id)) {
//echo "before get_agenda_item".$_SESSION['allow_individual_calendar'];
$item_2_edit = get_agenda_item($id);
$course_info = api_get_course_info();
$agendaObj = new Agenda();
if (!empty($course_info)) {
$agendaObj->set_course($course_info);
$agendaObj->type = 'course';
} else {
if (api_is_platform_admin() && $type == 'platform') {
$agendaObj->type = 'admin';
} else {
$agendaObj->type = 'personal';
}
}
$agendaItem = $agendaObj->get_event($id);
$title = $item_2_edit['title'];
$content = $item_2_edit['content'];
$title = $agendaItem['title'];
$content = $agendaItem['description'];
// start date
if ($item_2_edit['start_date'] != '0000-00-00 00:00:00') {
$item_2_edit['start_date'] = api_get_local_time($item_2_edit['start_date']);
list($datepart, $timepart) = split(" ", $item_2_edit['start_date']);
if ($agendaItem['start_date'] != '0000-00-00 00:00:00') {
$agendaItem['start_date'] = api_get_local_time($agendaItem['start_date']);
list($datepart, $timepart) = explode(" ", $agendaItem['start_date']);
list($year, $month, $day) = explode("-", $datepart);
list($hours, $minutes, $seconds) = explode(":", $timepart);
}
// end date
if ($item_2_edit['end_date'] != '0000-00-00 00:00:00') {
$item_2_edit['end_date'] = api_get_local_time($item_2_edit['end_date']);
if (!empty($agendaItem['end_date']) && $agendaItem['end_date'] != '0000-00-00 00:00:00') {
list($datepart, $timepart) = split(" ", $item_2_edit['end_date']);
$agendaItem['end_date'] = api_get_local_time($agendaItem['end_date']);
list($datepart, $timepart) = explode(" ", $agendaItem['end_date']);
list($end_year, $end_month, $end_day) = explode("-", $datepart);
list($end_hours, $end_minutes, $end_seconds) = explode(":", $timepart);
} elseif ($item_2_edit['end_date'] == '0000-00-00 00:00:00') {
$default_no_empty_end_date = 1;
} else {
if ($agendaItem['all_day']) {
$end_year = $year;
$end_month = $month;
$end_day = $day;
$end_hours = $hours;
$end_minutes = $minutes;
$end_seconds = $seconds;
}
}
// attachments
edit_added_resources("Agenda", $id);
$to = $item_2_edit['to'];
//edit_added_resources("Agenda", $id);
//$to = $item_2_edit['to'];
} else {
$to = load_edit_users(TOOL_CALENDAR_EVENT, $id);
}
$content = stripslashes($content);
$title = stripslashes($title);
@ -2624,23 +2615,15 @@ function show_add_form($id = '')
unset_session_resources();
}
$origin = isset($_GET['origin']) ? Security::remove_XSS($_GET['origin']) : null;
$course_url = empty($course_info) ? null : api_get_cidreq();
?>
<!-- START OF THE FORM -->
<form class="form-horizontal" enctype="multipart/form-data"
action="<?php echo api_get_self().'?origin='.$origin.'&'.api_get_cidreq(
)."&sort=asc&toolgroup=".Security::remove_XSS($_GET['toolgroup']).'&action='.Security::remove_XSS(
$_GET['action']
); ?>" method="post" name="new_calendar_item">
<input type="hidden" name="id" value="<?php if (isset($id)) {
echo $id;
} ?>"/>
<input type="hidden" name="action" value="<?php if (isset($_GET['action'])) {
echo $_GET['action'];
} ?>"/>
<input type="hidden" name="id_attach"
value="<?php echo isset($_REQUEST['id_attach']) ? intval($_REQUEST['id_attach']) : null; ?>"/>
<form class="form-horizontal" enctype="multipart/form-data" action="<?php echo api_get_self().'?type='.Security::remove_XSS($type).'&origin='.$origin.'&'.$course_url."&sort=asc&toolgroup=".api_get_group_id().'&action='.Security::remove_XSS($_GET['action']); ?>" method="post" name="new_calendar_item">
<input type="hidden" name="id" value="<?php if (isset($id)) echo $id; ?>" />
<input type="hidden" name="action" value="<?php if (isset($_GET['action'])) echo $_GET['action']; ?>" />
<input type="hidden" name="id_attach" value="<?php echo isset($_REQUEST['id_attach']) ? intval($_REQUEST['id_attach']) : null; ?>" />
<input type="hidden" name="sort" value="asc"/>
<input type="hidden" name="submit_event" value="ok"/>
<?php
@ -2671,30 +2654,21 @@ function show_add_form($id = '')
// selecting the users / groups
$group_id = api_get_group_id();
if (empty($id)) {
if (isset($group_id) && !empty($group_id)) {
echo '<input type="hidden" name="selected_form[0]" value="GROUP:'.$group_id.'"/>';
echo '<input type="hidden" name="To" value="true"/>';
} else {
echo '<div class="control-group">
<label class="control-label">
'.Display::return_icon(
'group.png',
get_lang('To'),
array('align' => 'absmiddle'),
ICON_SIZE_SMALL
).' '.get_lang('To').'</a>
'.Display::return_icon('group.png', get_lang('To'), array('align' => 'absmiddle'), ICON_SIZE_SMALL).' '.get_lang('To').'</a>
</label>
<div class="controls">';
/* if ((isset($_GET['id']) && $to=='everyone') || !isset($_GET['id'])) {
echo get_lang('Everybody').'&nbsp;';
} */
show_to_form($to);
/* if (isset($_GET['id']) && $to!='everyone') {
echo '<script>document.getElementById(\'recipient_list\').style.display=\'block\';</script>';
} */
echo '</div>
</div>';
}
}
// start date and time
echo '<div class="control-group">';
@ -2774,7 +2748,6 @@ function show_add_form($id = '')
</select>
<select name="fminute" onchange="javascript:document.new_calendar_item.end_fminute.value=this.value;">
<!-- <option value="<?php echo $minutes ?>"><?php echo $minutes; ?></option> -->
<!-- <option value="--">--</option> -->
<?php
foreach (range(0, 59) as $i) {
// values have to have double digits
@ -2848,6 +2821,7 @@ function show_add_form($id = '')
?>
</select>
<select id="end_fyear" name="end_fyear">
<option value="<?php echo ($end_year - 2) ?>"><?php echo ($end_year - 2) ?></option>
<option value="<?php echo ($end_year - 1) ?>"><?php echo ($end_year - 1) ?></option>
<option value="<?php echo $end_year ?>" selected> <?php echo $end_year ?> </option>
<?php
@ -2910,17 +2884,14 @@ function show_add_form($id = '')
<label class="control-label"></label>
<div class="controls">
<a href="javascript://" onclick="return plus_repeated_event();"><span id="plus2">
<img style="vertical-align:middle;" src="../img/div_show.gif" alt="" />&nbsp;'.get_lang(
'RepeatEvent'
).'</span>
<img style="vertical-align:middle;" src="../img/div_show.gif" alt="" />&nbsp;'.get_lang('RepeatEvent').'</span>
</a>';
?>
<table id="options2" style="display: none;">
<tr>
<td>
<label for="repeat_id">
<input id="repeat_id" type="checkbox"
name="repeat" <?php echo ($repeat ? 'checked="checked"' : ''); ?>/>
<input id="repeat_id" type="checkbox" name="repeat" <?php echo ($repeat ? 'checked="checked"' : ''); ?>/>
<?php echo get_lang('RepeatEvent'); ?>
</label></td>
@ -2928,7 +2899,7 @@ function show_add_form($id = '')
</td>
</tr>
<tr>
<td><label for="repeat_type"><?php echo get_lang('RepeatType'); ?></label></td>
<td><label><?php echo get_lang('RepeatType'); ?></label></td>
<td>
<select name="repeat_type">
<option value="daily"><?php echo get_lang('RepeatDaily'); ?></option>
@ -2941,7 +2912,7 @@ function show_add_form($id = '')
</td>
</tr>
<tr>
<td><label for="repeat_end_day"><?php echo get_lang('RepeatEnd'); ?></label></td>
<td><label><?php echo get_lang('RepeatEnd'); ?></label></td>
<td>
<select name="repeat_end_day">
<?php
@ -2985,11 +2956,7 @@ function show_add_form($id = '')
?>
</select>
<a href="javascript:openCalendar('new_calendar_item', 'repeat_end_')">
<?php Display::display_icon(
'calendar_select.gif',
get_lang('Select'),
array('style' => 'vertical-align: middle;')
); ?>
<?php Display::display_icon('calendar_select.gif', get_lang('Select'), array('style' => 'vertical-align: middle;')); ?>
</a>
</td>
</tr>
@ -2997,7 +2964,20 @@ function show_add_form($id = '')
<?php
echo ' </div>
</div>';
}//only show repeat fields if adding, not if editing
}
if (isset($agendaItem['all_day'])) {
$checked = null;
if ($agendaItem['all_day']) {
$checked = 'checked';
}
echo ' <div class="control-group">
<label class="control-label"></label>
<div class="controls">
<input type="checkbox" '.$checked.' name="all_day"/> '.get_lang('AllDay').'
</div>
</div>';
}
//only show repeat fields if adding, not if editing
// the main area of the agenda item: the wysiwyg editor
echo ' <div class="control-group">
<label class="control-label">
@ -3019,22 +2999,7 @@ function show_add_form($id = '')
echo '</div>
</div>';
// the added resources
/* echo ' <div class="row">
<div class="label">
'.get_lang('AddedResources').'
</div>
<div class="controls">';
if ($_SESSION['allow_individual_calendar']=='show')
show_addresource_button('onclick="selectAll(this.form.elements[6],true)"');
else
show_addresource_button();
$form_elements=$_SESSION['formelements'];
echo display_resources(0);
$test=$_SESSION['addedresource'];
echo ' </div>
</div>';
*/
if ($agendaObj->type == 'course') {
// File attachment
echo ' <div class="control-group">
@ -3049,6 +3014,7 @@ function show_add_form($id = '')
}
// the submit button for storing the calendar item
echo ' <div class="control-group">
<label class="control-label">
@ -4789,8 +4755,8 @@ function add_agenda_attachment_file($file_comment, $last_id)
"VALUES ($course_id, '".$safe_file_name."', '".$safe_file_comment."', '".$safe_new_file_name."' , '".$last_id."', '".intval(
$_FILES['user_upload']['size']
)."' )";
$result = Database::query($sql);
$message .= ' / '.get_lang('FileUploadSucces').'<br />';
Database::query($sql);
//$message .= ' / '.get_lang('FileUploadSucces').'<br />';
$last_id_file = Database::insert_id();
api_item_property_update(
@ -4852,7 +4818,7 @@ function edit_agenda_attachment_file($file_comment, $agenda_id, $id_attach)
$_FILES['user_upload']['size']
)."'
WHERE id = '$safe_id_attach'";
$result = Database::query($sql);
Database::query($sql);
api_item_property_update(
$_course,
'calendar_event_attachment',

56
main/calendar/agenda.lib.php
Unescape View File

@ -5,11 +5,13 @@
* @author: Julio Montoya <gugli100@gmail.com> Implementing a real agenda lib
*/
class Agenda {
class Agenda
{
var $events = array();
var $type = 'personal'; // personal, admin or course
function __construct() {
function __construct()
{
//Table definitions
$this->tbl_global_agenda = Database::get_main_table(TABLE_MAIN_SYSTEM_CALENDAR);
$this->tbl_personal_agenda = Database::get_user_personal_table(TABLE_PERSONAL_AGENDA);
@ -32,7 +34,8 @@ class Agenda {
$this->event_personal_color = 'steel blue'; //steel blue
}
function set_course($course_info) {
function set_course($course_info)
{
$this->course = $course_info;
}
@ -109,6 +112,7 @@ class Agenda {
}
break;
case 'admin':
if (api_is_platform_admin()) {
$attributes['title'] = $title;
$attributes['content'] = $content;
$attributes['start_date'] = $start;
@ -116,6 +120,7 @@ class Agenda {
$attributes['all_day'] = $all_day;
$attributes['access_url_id']= api_get_current_access_url_id();
$id = Database::insert($this->tbl_global_agenda, $attributes);
}
break;
}
return $id;
@ -176,6 +181,10 @@ class Agenda {
switch($this->type) {
case 'personal':
$eventInfo = $this->get_event($id);
if ($eventInfo['user'] != api_get_user_id()) {
break;
}
$attributes['title'] = $title;
$attributes['text'] = $content;
$attributes['date'] = $start;
@ -184,38 +193,46 @@ class Agenda {
break;
case 'course':
$course_id = api_get_course_int_id();
if (!empty($course_id) && api_is_allowed_to_edit(null, true)) {
$attributes['title'] = $title;
$attributes['content'] = $content;
$attributes['start_date'] = $start;
$attributes['end_date'] = $end;
if (!empty($course_id)) {
$attributes['all_day'] = $all_day;
Database::update($this->tbl_course_agenda, $attributes, array('id = ? AND c_id = ?' => array($id, $course_id)));
}
break;
case 'admin':
if (api_is_platform_admin()) {
$attributes['title'] = $title;
$attributes['content'] = $content;
$attributes['start_date'] = $start;
$attributes['end_date'] = $end;
Database::update($this->tbl_global_agenda, $attributes, array('id = ?' => $id));
break;
}
break;
}
}
function delete_event($id) {
function delete_event($id)
{
switch($this->type) {
case 'personal':
$eventInfo = $this->get_event($id);
if ($eventInfo['user'] == api_get_user_id()) {
Database::delete($this->tbl_personal_agenda, array('id = ?' => $id));
}
break;
case 'course':
$course_id = api_get_course_int_id();
if (!empty($course_id)) {
if (!empty($course_id) && api_is_allowed_to_edit(null, true)) {
Database::delete($this->tbl_course_agenda, array('id = ? AND c_id = ?' => array($id, $course_id)));
}
break;
case 'admin':
if (api_is_platform_admin()) {
Database::delete($this->tbl_global_agenda, array('id = ?' => $id));
}
break;
}
}
@ -318,7 +335,8 @@ class Agenda {
}
function move_event($id, $day_delta, $minute_delta) {
function move_event($id, $day_delta, $minute_delta)
{
// we convert the hour delta into minutes and add the minute delta
$delta = ($day_delta * 60 * 24) + $minute_delta;
$delta = intval($delta);
@ -354,9 +372,12 @@ class Agenda {
/**
* Gets a single event
*
* @param int event id
* @return array
*/
function get_event($id) {
function get_event($id)
{
// make sure events of the personal agenda can only be seen by the user himself
$id = intval($id);
$event = null;
@ -367,6 +388,8 @@ class Agenda {
if (Database::num_rows($result)) {
$event = Database::fetch_array($result, 'ASSOC');
$event['description'] = $event['text'];
$event['start_date'] = $event['date'];
$event['end_date'] = $event['enddate'];
}
break;
case 'course':
@ -701,7 +724,8 @@ class Agenda {
* Format needed for the Fullcalendar js lib
* @param string UTC time
*/
function format_event_date($utc_time) {
function format_event_date($utc_time)
{
return date('c', api_strtotime(api_get_local_time($utc_time)));
}
@ -710,10 +734,15 @@ class Agenda {
* @author: Patrick Cool <patrick.cool@UGent.be>, Ghent University
* @return html code
*/
static function construct_not_selected_select_form($group_list = null, $user_list = null, $to_already_selected = array()) {
static function construct_not_selected_select_form($group_list = null, $user_list = null, $to_already_selected = array())
{
$html = '<select id="users_to_send_id" data-placeholder="'.get_lang('Select').'" name="users_to_send[]" multiple="multiple" style="width:250px" class="chzn-select">';
if ($to_already_selected == 'everyone') {
$html .= '<option value="everyone" checked="checked">'.get_lang('Everyone').'</option>';
} else {
$html .= '<option value="everyone">'.get_lang('Everyone').'</option>';
}
if (is_array($group_list)) {
$html .= '<optgroup label="'.get_lang('Groups').'">';
@ -724,7 +753,6 @@ class Agenda {
$count_users = " &ndash; $count_users ".get_lang('Users');
$html .= '<option value="GROUP:'.$this_group['id'].'"> '.$this_group['name'].$count_users.'</option>';
//$html .= "<option value=\"GROUP:".$this_group['id']."\"> ".$this_group['name']." ".get_lang('Users')."</option>";
}
}
$html .= '</optgroup>';
@ -739,7 +767,6 @@ class Agenda {
if (!is_array($to_already_selected) || !in_array("USER:".$this_user['user_id'],$to_already_selected)) {
$username = api_htmlentities(sprintf(get_lang('LoginX'), $this_user['username']), ENT_QUOTES);
// @todo : add title attribute $username in the jqdialog window. wait for a chosen version to inherit title attribute
// from <option> to <li>
$html .= '<option title="'.$username.'" value="USER:'.$this_user['user_id'].'">'.api_get_person_name($this_user['firstname'], $this_user['lastname']).' ('.$this_user['username'].') </option>';
}
}
@ -750,7 +777,8 @@ class Agenda {
return $html;
}
static function construct_not_selected_select_form_validator($form, $group_list = null, $user_list = null, $to_already_selected = array()) {
static function construct_not_selected_select_form_validator($form, $group_list = null, $user_list = null, $to_already_selected = array())
{
$params = array(
'id' => 'users_to_send_id',

25
main/calendar/agenda.php
Unescape View File

@ -17,7 +17,11 @@ $use_anonymous = true;
require_once '../inc/global.inc.php';
$current_course_tool = TOOL_CALENDAR_EVENT;
$course_info = api_get_course_info();
if (!empty($course_info)) {
api_protect_course_script(true);
}
//session
if (isset($_GET['id_session'])) {
@ -214,10 +218,21 @@ if (api_is_allowed_to_edit(false, true) OR
echo display_courseadmin_links();
}
//display_student_links();
echo '</div>';
$event_id = isset($_GET['id']) ? $_GET['id'] : null;
$event_id = isset($_REQUEST['id']) ? $_REQUEST['id'] : null;
$type = $event_type = isset($_GET['type']) ? $_GET['type'] : null;
if ($type == 'fromjs') {
$id_list = explode('_', $event_id);
$event_id = $id_list[1];
$event_type = $id_list[0];
}
if (!api_is_allowed_to_edit(null, true) && $event_type == 'course') {
api_not_allowed();
}
$course_info = api_get_course_info();
if (api_is_allowed_to_edit(false, true) OR
@ -315,14 +330,12 @@ if (api_is_allowed_to_edit(false, true) OR
}
break;
case 'edit':
if (!(api_is_course_coach() && !api_is_element_in_the_session(TOOL_AGENDA, intval($_REQUEST['id'])))) {
// a coach can only delete an element belonging to his session
if ($_POST['submit_event']) {
store_edited_agenda_item($_REQUEST['id_attach'], $_REQUEST['file_comment']);
store_edited_agenda_item($event_id, $_REQUEST['id_attach'], $_REQUEST['file_comment']);
$action = 'view';
} else {
show_add_form($event_id);
}
show_add_form($event_id, $event_type);
}
break;
case "delete":

8
main/calendar/agenda_js.php
Unescape View File

@ -111,10 +111,12 @@ $tpl->assign('month_names', json_encode($months));
$tpl->assign('month_names_short', json_encode($months_short));
$tpl->assign('day_names', json_encode($days));
$tpl->assign('day_names_short', json_encode($day_short));
$tpl->assign('button_text', json_encode(array( 'today' => get_lang('Today'),
$tpl->assign('button_text', json_encode(array(
'today' => get_lang('Today'),
'month' => get_lang('Month'),
'week' => get_lang('Week'),
'day' => get_lang('Day'))));
'day' => get_lang('Day')
)));
//see http://docs.jquery.com/UI/Datepicker/$.datepicker.formatDate
@ -191,7 +193,7 @@ if ((api_is_allowed_to_edit() || $is_group_tutor) && $course_code != '-1' && $ty
$agenda = new Agenda();
//This will fill the select called #users_to_send_id
$select = $agenda->construct_not_selected_select_form($group_list, $user_list);
$select = $agenda->construct_not_selected_select_form($group_list, $user_list, array());
$tpl->assign('visible_to', $select);
}
$tpl->display('default/agenda/month.tpl');

4
main/calendar/myagenda.inc.php
Unescape View File

@ -966,7 +966,7 @@ function get_personal_agenda_items_between_dates($user_id, $date_start='', $date
if (is_array($group_memberships) && count($group_memberships)>0)
{
$sqlquery = "SELECT " .
" agenda.*, ip.visibility, ip.to_group_id, ip.insert_user_id, ip.ref ".
"DISTINCT agenda.*, ip.visibility, ip.to_group_id, ip.insert_user_id, ip.ref ".
" FROM ".$t_a." agenda, ".
$t_ip." ip ".
" WHERE agenda.id = ip.ref ".
@ -978,7 +978,7 @@ function get_personal_agenda_items_between_dates($user_id, $date_start='', $date
" ORDER BY start_date ";
} else {
$sqlquery = "SELECT ".
" agenda.*, ip.visibility, ip.to_group_id, ip.insert_user_id, ip.ref ".
"DISTINCT agenda.*, ip.visibility, ip.to_group_id, ip.insert_user_id, ip.ref ".
" FROM ".$t_a." agenda, ".
$t_ip." ip ".
" WHERE agenda.id = ip.ref ".

6
main/chat/chat.php
Unescape View File

@ -21,8 +21,8 @@ if ($_GET["origin"] != 'whoisonline') {
} else {
$origin = $_SESSION['origin'];
$target = $_SESSION['target'];
$_SESSION['origin']=$_GET["origin"];
$_SESSION['target']=$_GET["target"];
$_SESSION['origin']= Security::remove_XSS($_GET["origin"]);
$_SESSION['target']= Security::remove_XSS($_GET["target"]);
}
/* TRACKING */
@ -71,7 +71,7 @@ if ($_SESSION['_gid'] OR $_GET['group_id']) {
$group_properties = GroupManager :: get_group_properties($_clean['group_id']);
$interbreadcrumb[] = array('url' => '../group/group.php', 'name' => get_lang('Groups'));
$interbreadcrumb[] = array('url' => '../group/group_space.php?gidReq='.$_SESSION['_gid'], 'name' => get_lang('GroupSpace').' '.$group_properties['name']);
$interbreadcrumb[] = array('url' => '../group/group_space.php?gidReq='.api_get_group_id(), 'name' => get_lang('GroupSpace').' '.$group_properties['name']);
$noPHP_SELF = true;
$shortBanner = false;
$add_group_to_title = ' ('.$group_properties['name'].')';

2
main/chat/chat_hidden.php
Unescape View File

@ -98,7 +98,7 @@ list($connected_new) = Database::fetch_row($result);
disconnect_user_of_chat ();
require 'header_frame.inc.php';
?>
<form name="formHidden" method="post" action="<?php echo api_get_self().'?cidReq='.$_GET['cidReq']; ?>">
<form name="formHidden" method="post" action="<?php echo api_get_self().'?'.api_get_cidreq(); ?>">
<input type="hidden" name="chat_size_old" value="<?php echo $chat_size_new; ?>">
<input type="hidden" name="connected_old" value="<?php echo $connected_new; ?>">
</form>

6
main/chat/chat_message.php
Unescape View File

@ -21,13 +21,13 @@ require_once '../inc/global.inc.php';
require_once api_get_path(LIBRARY_PATH).'groupmanager.lib.php';
$course = api_get_course_id();
$session_id = intval($_SESSION['id_session']);
$group_id = intval($_SESSION['_gid']);
$session_id = api_get_session_id();
$group_id = api_get_group_id();
// Juan Carlos Raña inserted smileys and self-closing window.
?>
<script type="text/javascript">
<script >
function insert_smile(text) {
if (text.createTextRange) {
text.smile = document.selection.createRange().duplicate();

5
main/chat/header_frame.inc.php
Unescape View File

@ -66,7 +66,7 @@ function updateChat()
{
if ('<?php echo $chat_size_old; ?>' != '<?php echo $chat_size_new; ?>')
{
parent.chat_chat.location.href='chat_chat.php?size=<?php echo $chat_size_new.'&cidReq='.$_GET['cidReq']; ?>#bottom';
parent.chat_chat.location.href='chat_chat.php?size=<?php echo $chat_size_new.'&'.api_get_cidreq(); ?>#bottom';
}
}
@ -87,9 +87,8 @@ function eventMessage()
{
<?php if($chat_size): ?>
parent.chat_hidden.document.formHidden.chat_size_old.value='<?php echo $chat_size; ?>';
parent.chat_chat.location.href='chat_chat.php?size=<?php echo $chat_size.'&cidReq='.$_GET['cidReq']; ?>#bottom';
parent.chat_chat.location.href='chat_chat.php?size=<?php echo $chat_size.'&'.api_get_cidreq(); ?>#bottom';
<?php endif; ?>
document.formMessage.message.focus();
}

5
main/coursecopy/classes/CourseArchiver.class.php
Unescape View File

@ -46,7 +46,8 @@ class CourseArchiver {
$course_info_file = $backup_dir . 'course_info.dat';
$zip_dir = api_get_path(SYS_ARCHIVE_PATH);
$user = api_get_user_info();
$zip_file = $user['user_id'] . '_' . $course->code . '_' . date("Ymd-His") . '.zip';
$date = new DateTime(api_get_local_time());
$zip_file = $user['user_id'] . '_' . $course->code . '_' . $date->format('Ymd-His') . '.zip';
$php_errormsg = '';
$res = @mkdir($backup_dir, $perm_dirs);
if ($res === false) {
@ -183,7 +184,7 @@ class CourseArchiver {
// unzip the archive
$zip = new PclZip($unzip_dir . '/backup.zip');
@chdir($unzip_dir);
$zip->extract();
$zip->extract(PCLZIP_OPT_TEMP_FILE_ON);
// remove the archive-file
if ($delete) {
@unlink(api_get_path(SYS_ARCHIVE_PATH) . '' . $filename);

2
main/coursecopy/copy_course.php
Unescape View File

@ -26,7 +26,7 @@ if (!api_is_allowed_to_edit()) {
// Remove memory and time limits as much as possible as this might be a long process...
if (function_exists('ini_set')) {
ini_set('memory_limit', '256M');
api_set_memory_limit('256M');
ini_set('max_execution_time', 1800);
//ini_set('post_max_size', "512M");
}

2
main/coursecopy/copy_course_session.php
Unescape View File

@ -35,7 +35,7 @@ if (!api_is_allowed_to_edit() && !api_is_session_admin()) {
// Remove memory and time limits as much as possible as this might be a long process...
if (function_exists('ini_set')) {
ini_set('memory_limit', '256M');
api_set_memory_limit('256M');
ini_set('max_execution_time', 1800);
}

2
main/coursecopy/create_backup.php
Unescape View File

@ -27,7 +27,7 @@ if (!api_is_allowed_to_edit()) {
// Remove memory and time limits as much as possible as this might be a long process...
if (function_exists('ini_set')) {
ini_set('memory_limit', '256M');
api_set_memory_limit('256M');
ini_set('max_execution_time', 1800);
}

2
main/coursecopy/import_backup.php
Unescape View File

@ -26,7 +26,7 @@ if (!api_is_allowed_to_edit()) {
// Remove memory and time limits as much as possible as this might be a long process...
if (function_exists('ini_set')) {
ini_set('memory_limit', '256M');
api_set_memory_limit('256M');
ini_set('max_execution_time', 1800);
}

10
main/coursecopy/recycle_course.php
Unescape View File

@ -50,8 +50,16 @@ if ((isset($_POST['action']) && $_POST['action'] == 'course_select_form') || (is
$cb = new CourseBuilder();
$course = $cb->build();
}
$recycle_type = "";
if (isset($_POST['recycle_option']) && $_POST['recycle_option'] == 'full_backup') {
$recycle_type = 'full_backup';
}
else if (isset($_POST['action']) && $_POST['action'] == 'course_select_form') {
$recycle_type = 'select_items';
}
$cr = new CourseRecycler($course);
$cr->recycle($_POST['recycle_option']);
$cr->recycle($recycle_type);
Display::display_confirmation_message(get_lang('RecycleFinished'));
} elseif (isset($_POST['recycle_option']) && $_POST['recycle_option'] == 'select_items') {
$cb = new CourseBuilder();

18
main/css/base.css
Unescape View File

@ -175,6 +175,10 @@ header {
margin-bottom: 0px;
}
.breadcrumb a, .breadcrumb li {
text-shadow:none;
font-size: 13px;
}
/* To fix the increase/decrease buttons */
label, input, button, select, textarea, p {
font-size: inherit;
@ -394,6 +398,20 @@ footer .container .row {
vertical-align: middle;
}
.actions .actions-pagination {
float:right;
margin-top:2px;
}
.actions .actions-pagination * {
display:inline-block;
float:none;
margin:0;
padding:0;
}
.actions .actions-pagination img {
margin:6px;
padding:0;
}
.actions form {
margin-bottom: 0px;
}

2
main/css/base_chamilo.css
Unescape View File

@ -236,6 +236,8 @@ footer a:link, footer a:visited {
width: 25px;
height: 25px;
margin: 0 4px 0 0;
*margin: 0 2px 0 0; /* IE7 and below */
margin: 0 2px 0 0\0/IE8+9; /* IE8 + 9 + IE10pp4 */
}
/* Hide from IE5-mac. Only IE-win sees this. \*/
* html #toolnav {

5
main/dashboard/index.php
Unescape View File

@ -1,12 +1,13 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Template (front controller in MVC pattern) used for distpaching to the controllers depend on the current action
* @author Christian Fasanando <christian1827@gmail.com>
* @package chamilo.dashboard
*/
/**
* Init
*/
// name of the language file that needs to be included
$language_file = array ('index', 'tracking', 'userInfo', 'admin', 'gradebook');
$cidReset = true;

6
main/document/document.php
Unescape View File

@ -205,7 +205,7 @@ switch ($action) {
) {
$document_info = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id(), true);
$parent_id = $document_info['parent_id'];
$my_path = UserManager::get_user_picture_path_by_id(api_get_user_id(), 'system');
$my_path = UserManager::get_user_picture_path_by_id(api_get_user_id(), 'system', true);
$user_folder = $my_path['dir'].'my_files/';
$my_path = null;
@ -1103,7 +1103,7 @@ if (isset($_GET['keyword']) && !empty($_GET['keyword'])) {
);
}
if (api_get_group_id() != 0) {
if (GroupManager::is_subscribed(api_get_user_id(), api_get_group_id()) || GroupManager :: is_tutor_of_group(
if (api_is_allowed_to_edit() || GroupManager::is_subscribed(api_get_user_id(), api_get_group_id()) || GroupManager :: is_tutor_of_group(
api_get_user_id(),
api_get_group_id()
) || UserManager::is_admin(api_get_user_id())
@ -1266,7 +1266,7 @@ $table_footer = '';
$total_size = 0;
if (isset($docs_and_folders) && is_array($docs_and_folders)) {
if (api_get_group_id() == 0 || (GroupManager::is_subscribed(
if (api_get_group_id() == 0 || (api_is_allowed_to_edit() || GroupManager::is_subscribed(
api_get_user_id(),
api_get_group_id()
) || GroupManager :: is_tutor_of_group(api_get_user_id(), api_get_group_id()) || UserManager::is_admin(

33
main/document/document_quota.php
Unescape View File

@ -32,8 +32,13 @@ $course_code = api_get_course_id();
$course_id = api_get_course_int_id();
$session_id = api_get_session_id();
$group_id = api_get_group_id();
$user_id = api_get_user_id();
$user_info = api_get_user_info($user_id);
$session = array();
$user_name = $user_info['complete_name'];
$course_list = SessionManager::get_course_list_by_session_id ($session_id);
$session_list = SessionManager::get_session_by_course($course_code);
$total_quota_bytes = DocumentManager::get_course_quota();
@ -77,6 +82,34 @@ if (!empty($group_list)) {
$session[] = array(addslashes(get_lang('Group').': '.$group_data['name']).' ('.format_file_size($quota_bytes).')', $quota_percentage);
}
}
//Showing weight of documents uploaded by user
$document_list = DocumentManager::get_all_document_data($_course);
if (is_array($document_list)) {
foreach ($document_list as $document_data) {
if ($document_data['insert_user_id'] == api_get_user_id() && $document_data['filetype'] == 'file') {
$quota_bytes += $document_data['size'];
}
}
if ($quota_bytes != 0) {
$quota_percentage = round($quota_bytes/$total_quota_bytes, 2)*100;
}
$session[] = array(addslashes(get_lang('Teacher').': '.$user_name).' ('.format_file_size($quota_bytes).')', $quota_percentage);
//if a sesson is active
if ($session_id != 0) {
if (!empty($course_list)) {
$total_courses_quota = 0;
$total_quota_bytes = 0;
foreach ($course_list as $course_data) {
$total_quota_bytes += DocumentManager::get_course_quota($course_data['id']);
}
if ($quota_bytes != 0) {
$quota_percentage = round($quota_bytes/$total_quota_bytes, 2)*100;
}
}
$session[] = array(addslashes(get_lang('Teacherinsession').': '.$user_name), $quota_percentage);
}
}
$quota_percentage = round(($total_quota_bytes - $used_quota_bytes)/$total_quota_bytes, 2)*100;
$session[] = array(addslashes(get_lang('ShowCourseQuotaUse')).' ('.format_file_size($total_quota_bytes - $used_quota_bytes).') ', $quota_percentage);

9
main/document/file.php
Unescape View File

@ -1,5 +1,12 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Document download/view script
* @package chamilo.document
*/
/**
* Init
*/
Use Model\Document;
Use Model\Course;

23
main/document/slideshow.php
Unescape View File

@ -79,18 +79,15 @@ if ($slide_id != 'all') {
$image = $sys_course_path.$_course['path'].'/document'.$folder.$image_files_only[$slide];
if (file_exists($image)) {
echo '<div style="float: right; vertical-align: middle; padding-top: 3px; padding-bottom: 3px;"><nobr>';
$a_style = 'margin-left: 0px; margin-right: 0px; padding-left: 0px; padding-right: 0px;';
$img_style = 'margin-left: 5px; margin-right: 5px; padding-left: 0px; padding-right: 0px;';
echo '<div class="actions-pagination">';
// Back forward buttons
if ($slide == 0) {
$imgp = 'action_prev_na.png';
$first = '<img src="'.api_get_path(WEB_IMG_PATH).'action_first_na.png" style="'.$img_style.'">';
$first = '<img src="'.api_get_path(WEB_IMG_PATH).'action_first_na.png">';
} else {
$imgp = 'action_prev.png';
$first = '<a href="slideshow.php?slide_id=0&curdirpath='.$pathurl.'" style="'.$a_style.'"><img src="'.api_get_path(WEB_IMG_PATH).'action_first.png" style="'.$img_style.'" title="'.get_lang('FirstSlide').'" alt="'.get_lang('FirstSlide').'"></a>';
$first = '<a href="slideshow.php?slide_id=0&curdirpath='.$pathurl.'"><img src="'.api_get_path(WEB_IMG_PATH).'action_first.png" title="'.get_lang('FirstSlide').'" alt="'.get_lang('FirstSlide').'"></a>';
}
// First slide
@ -98,9 +95,9 @@ if ($slide_id != 'all') {
// Previous slide
if ($slide > 0) {
echo '<a href="slideshow.php?slide_id='.$previous_slide.'&amp;curdirpath='.$pathurl.'" style="'.$a_style.'">';
echo '<a href="slideshow.php?slide_id='.$previous_slide.'&amp;curdirpath='.$pathurl.'">';
}
echo '<img src="'.api_get_path(WEB_IMG_PATH).$imgp.'" style="'.$img_style.'" title="'.get_lang('Previous').'" alt="'.get_lang('Previous').'">';
echo '<img src="'.api_get_path(WEB_IMG_PATH).$imgp.'" title="'.get_lang('Previous').'" alt="'.get_lang('Previous').'">';
if ($slide > 0) {
echo '</a>';
}
@ -110,16 +107,16 @@ if ($slide_id != 'all') {
// Next slide
if ($slide < $total_slides - 1) {
echo '<a href="slideshow.php?slide_id='.$next_slide.'&curdirpath='.$pathurl.'" style="'.$a_style.'">';
echo '<a href="slideshow.php?slide_id='.$next_slide.'&curdirpath='.$pathurl.'">';
}
if ($slide == $total_slides - 1) {
$imgn = 'action_next_na.png';
$last = '<img src="'.api_get_path(WEB_IMG_PATH).'action_last_na.png" style="'.$img_style.'" title="'.get_lang('LastSlide').'" alt="'.get_lang('LastSlide').'">';
$last = '<img src="'.api_get_path(WEB_IMG_PATH).'action_last_na.png" title="'.get_lang('LastSlide').'" alt="'.get_lang('LastSlide').'">';
} else {
$imgn = 'action_next.png';
$last = '<a href="slideshow.php?slide_id='.($total_slides-1).'&curdirpath='.$pathurl.'" style="'.$a_style.'"><img src="'.api_get_path(WEB_IMG_PATH).'action_last.png" style="'.$img_style.'" title="'.get_lang('LastSlide').'" alt="'.get_lang('LastSlide').'"></a>';
$last = '<a href="slideshow.php?slide_id='.($total_slides-1).'&curdirpath='.$pathurl.'"><img src="'.api_get_path(WEB_IMG_PATH).'action_last.png" title="'.get_lang('LastSlide').'" alt="'.get_lang('LastSlide').'"></a>';
}
echo '<img src="'.api_get_path(WEB_IMG_PATH).$imgn.'" style="'.$img_style.'" title="'.get_lang('Next').'" alt="'.get_lang('Next').'">';
echo '<img src="'.api_get_path(WEB_IMG_PATH).$imgn.'" title="'.get_lang('Next').'" alt="'.get_lang('Next').'">';
if ($slide > 0) {
echo '</a>';
}
@ -127,7 +124,7 @@ if ($slide_id != 'all') {
// Last slide
echo $last;
echo '</nobr></div>';
echo '</div>';
}
}

44
main/exercice/exercise.class.php
Unescape View File

@ -3093,7 +3093,7 @@ class Exercise
)
)
) {
if ($origin != 'learnpath') {
ExerciseShowFunctions::display_unique_or_multiple_answer(
$answerType,
$studentChoice,
@ -3104,9 +3104,9 @@ class Exercise
0,
0
);
}
} elseif ($answerType == MULTIPLE_ANSWER_TRUE_FALSE) {
if ($origin != 'learnpath') {
ExerciseShowFunctions::display_multiple_answer_true_false(
$answerType,
$studentChoice,
@ -3117,9 +3117,9 @@ class Exercise
$questionId,
0
);
}
} elseif ($answerType == MULTIPLE_ANSWER_COMBINATION_TRUE_FALSE) {
if ($origin != 'learnpath') {
ExerciseShowFunctions::display_multiple_answer_combination_true_false(
$answerType,
$studentChoice,
@ -3130,43 +3130,43 @@ class Exercise
0,
0
);
}
} elseif ($answerType == FILL_IN_BLANKS) {
if ($origin != 'learnpath') {
ExerciseShowFunctions::display_fill_in_blanks_answer($answer, 0, 0);
}
} elseif ($answerType == FREE_ANSWER) {
if ($origin != 'learnpath') {
ExerciseShowFunctions::display_free_answer(
$choice,
$exeId,
$questionId,
$questionScore
);
}
} elseif ($answerType == ORAL_EXPRESSION) {
// to store the details of open questions in an array to be used in mail
if ($origin != 'learnpath') {
ExerciseShowFunctions::display_oral_expression_answer($choice, 0, 0, $nano);
}
} elseif ($answerType == HOT_SPOT) {
if ($origin != 'learnpath') {
// if ($origin != 'learnpath') {
ExerciseShowFunctions::display_hotspot_answer(
$answerId,
$answer,
$studentChoice,
$answerComment
);
}
// }
} elseif ($answerType == HOT_SPOT_ORDER) {
if ($origin != 'learnpath') {
// if ($origin != 'learnpath') {
ExerciseShowFunctions::display_hotspot_order_answer(
$answerId,
$answer,
$studentChoice,
$answerComment
);
}
// }
} elseif ($answerType == HOT_SPOT_DELINEATION) {
$user_answer = $_SESSION['exerciseResultCoordinates'][$questionId];
@ -3323,13 +3323,13 @@ class Exercise
}
}
} elseif ($answerType == MATCHING) {
if ($origin != 'learnpath') {
//if ($origin != 'learnpath') {
echo '<tr>';
echo '<td>'.$answer_matching[$answerId].'</td><td>'.$user_answer.' / <b><span style="color: #008000;">'.text_filter(
$answer_matching[$answerCorrect]
).'</span></b></td>';
echo '</tr>';
}
//}
}
}
} else {
@ -3604,11 +3604,11 @@ class Exercise
break;
case DRAGGABLE:
case MATCHING:
if ($origin != 'learnpath') {
//if ($origin != 'learnpath') {
echo '<tr>';
echo '<td>'.$answer_matching[$answerId].'</td><td>'.$user_answer.' / <b><span style="color: #008000;">'.$answer_matching[$answerCorrect].'</span></b></td>';
echo '</tr>';
}
//}
break;
}
}
@ -3837,7 +3837,7 @@ class Exercise
// We made an extra table for the answers
if ($show_result) {
if ($origin != 'learnpath') {
//if ($origin != 'learnpath') {
echo '</table></td></tr>';
echo '<tr>
<td colspan="2">';
@ -3854,7 +3854,7 @@ class Exercise
</object>';
echo '</td>
</tr>';
}
//}
}
}

6
main/exercice/exercise.lib.php
Unescape View File

@ -1329,8 +1329,10 @@ function get_exam_results_data($from, $number_of_items, $column, $direction, $ex
if ($locked == false || api_is_platform_admin()) {
$ip = TrackingUserLog::get_ip_from_user_event($results[$i]['exe_user_id'], $results[$i]['exe_date'], false);
$actions .= '<a href="http://www.whatsmyip.org/ip-geo-location/?ip='.$ip.'" target="_blank"><img src="'.api_get_path(WEB_CODE_PATH).'img/icons/22/info.png" title="'.$ip.'" /></a>';
$actions .=' <a href="exercise_report.php?'.api_get_cidreq().'&filter_by_user='.intval($_GET['filter_by_user']).'&filter='.$filter.'&exerciseId='.$exercise_id.'&delete=delete&did='.$id.'" onclick="javascript:if(!confirm(\''.sprintf(get_lang('DeleteAttempt'), $user, $dt).'\')) return false;">'.Display :: return_icon('delete.png', get_lang('Delete')).'</a>';
$actions .='&nbsp;';
$delete_link = '<a href="exercise_report.php?'.api_get_cidreq().'&filter_by_user='.intval($_GET['filter_by_user']).'&filter=' . $filter . '&exerciseId='.$exercise_id.'&delete=delete&did=' . $id . '"
onclick="javascript:if(!confirm(\'' . sprintf(get_lang('DeleteAttempt'), $results[$i]['username'], $dt) . '\')) return false;">'.Display :: return_icon('delete.png', get_lang('Delete')).'</a>';
$delete_link = utf8_encode($delete_link);
$actions .= $delete_link.'&nbsp;';
}
} else {
$attempt_url = api_get_path(WEB_CODE_PATH).'exercice/result.php?'.api_get_cidreq().'&id='.$results[$i]['exe_id'].'&id_session='.api_get_session_id().'&height=500&width=750';

7
main/exercice/exercise_reminder.php
Unescape View File

@ -4,12 +4,11 @@
* Exercise reminder overview
* Then it shows the results on the screen.
* @package chamilo.exercise
* @author Julio Montoya Armas switchable fill in blank option added
*/
/* INIT SECTION */
/**
* INIT SECTION
*/
require_once 'exercise.class.php';
require_once 'question.class.php';
require_once 'answer.class.php';

18
main/exercice/exercise_result.class.php
Unescape View File

@ -285,6 +285,7 @@ class ExerciseResult
}
}
$data .= get_lang('Email').';';
$data .= get_lang('Groups').';';
if ($export_user_fields) {
//show user fields section with a big th colspan that spans over all fields
@ -316,6 +317,7 @@ class ExerciseResult
}
$data .= str_replace("\r\n",' ',api_html_entity_decode(strip_tags($row['email']), ENT_QUOTES, $charset)).';';
$data .= str_replace("\r\n",' ',implode(", ", GroupManager :: get_user_group_name($row['user_id']))).';';
if ($export_user_fields) {
//show user fields data, if any, for this user
@ -389,10 +391,6 @@ class ExerciseResult
if ($with_column_user) {
$worksheet->write($line,$column,get_lang('Email'));
$column++;
if (api_is_western_name_order()) {
$worksheet->write($line,$column,get_lang('FirstName'));
$column++;
@ -404,7 +402,11 @@ class ExerciseResult
$worksheet->write($line,$column,get_lang('FirstName'));
$column++;
}
$worksheet->write($line,$column,get_lang('Email'));
$column++;
}
$worksheet->write($line,$column,get_lang('Groups'));
$column++;
if ($export_user_fields) {
//show user fields section with a big th colspan that spans over all fields
@ -436,9 +438,6 @@ class ExerciseResult
$column = 0;
if ($with_column_user) {
$worksheet->write($line,$column,api_html_entity_decode(strip_tags($row['email']), ENT_QUOTES, $charset));
$column++;
if (api_is_western_name_order()) {
$worksheet->write($line,$column,api_html_entity_decode(strip_tags($row['first_name']), ENT_QUOTES, $charset));
$column++;
@ -450,8 +449,13 @@ class ExerciseResult
$worksheet->write($line,$column,api_html_entity_decode(strip_tags($row['first_name']), ENT_QUOTES, $charset));
$column++;
}
$worksheet->write($line,$column,api_html_entity_decode(strip_tags($row['email']), ENT_QUOTES, $charset));
$column++;
}
$worksheet->write($line,$column,api_html_entity_decode(strip_tags(implode(", ", GroupManager :: get_user_group_name($row['user_id']))), ENT_QUOTES, $charset));
$column++;
if ($export_user_fields) {
//show user fields data, if any, for this user
$user_fields_values = UserManager::get_extra_user_data($row['user_id'],false,false, false, true);

4
main/exercice/hotspot_admin.inc.php
Unescape View File

@ -6,7 +6,9 @@
* @package chamilo.exercise
* @author Toon Keppens
*/
/**
* Init
*/
use \ChamiloSession as Session;
$modifyAnswers = intval($_GET['hotspotadmin']);

10
main/forum/editpost.php
Unescape View File

@ -21,7 +21,6 @@
*
* @package chamilo.forum
*/
/* INIT SECTION */
// Language files that need to be included.
@ -100,7 +99,6 @@ if ($origin == 'group') {
$interbreadcrumb[] = array('url' => '../group/group_space.php?gidReq='.$_SESSION['toolgroup'], 'name' => get_lang('GroupSpace').' '.$group_properties['name']);
$interbreadcrumb[] = array('url' => 'viewforum.php?origin='.$origin.'&amp;gidReq='.$_SESSION['toolgroup'].'&amp;forum='.Security::remove_XSS($_GET['forum']), 'name' => prepare4display($current_forum['forum_title']));
$interbreadcrumb[] = array('url' => 'javascript: void (0);', 'name' => get_lang('EditPost'));
} else {
$interbreadcrumb[] = array('url' => 'index.php?gradebook='.$gradebook, 'name' => $nameTools);
$interbreadcrumb[] = array('url' => 'viewforumcategory.php?forumcategory='.$current_forum_category['cat_id'], 'name' => prepare4display($current_forum_category['cat_title']));
@ -187,13 +185,13 @@ if ($origin != 'learnpath') {
/* Display Forum Category and the Forum information */
echo "<table class=\"forum_table\" width=\"100%\">\n";
echo "<table class=\"forum_table\" width=\"100%\">";
// The forum category
echo "<tr><th class=\"forum_head\" colspan=\"2\">";
echo '<a href="viewforum.php?&amp;origin='.$origin.'&amp;forum='.$current_forum['forum_id'].'" '.class_visible_invisible($current_forum['visibility']).'>'.prepare4display($current_forum['forum_title']).'</a><br />';
echo '<span class="forum_description">'.prepare4display($current_forum['forum_comment']).'</span>';echo "</th>\n";
echo "</th>\n";
echo "\t</tr>\n";
echo '<span class="forum_description">'.prepare4display($current_forum['forum_comment']).'</span>';
echo "</th>";
echo "</tr>";
echo '</table>';
// The form for the reply

16
main/forum/forumfunction.inc.php
Unescape View File

@ -3058,25 +3058,29 @@ function store_edit_post($values)
// First we check if the change affects the thread and if so we commit the changes (sticky and post_title=thread_title are relevant).
//if (array_key_exists('is_first_post_of_thread',$values) AND $values['is_first_post_of_thread']=='1') {
$posts = get_posts($values['thread_id']);
$first_post = null;
if (!empty($posts)) {
$first_post = $posts[0];
}
if (!empty($first_post) && $first_post['post_id'] == $values['post_id']) {
$sql = "UPDATE $table_threads SET
thread_title ='".Database::escape_string($values['post_title'])."',
thread_sticky ='".Database::escape_string(
isset($values['thread_sticky']) ? $values['thread_sticky'] : null
)."',".
thread_sticky ='".Database::escape_string(isset($values['thread_sticky']) ? $values['thread_sticky'] : null)."'," .
"thread_title_qualify ='".Database::escape_string($values['calification_notebook_title'])."',".
"thread_qualify_max ='".Database::escape_string($values['numeric_calification'])."',".
"thread_weight ='".Database::escape_string($values['weight_calification'])."'".
" WHERE c_id = $course_id AND thread_id='".intval($values['thread_id'])."'";
Database::query($sql);
}
//}
// Update the post_title and the post_text.
$sql = "UPDATE $table_posts SET
post_title ='".Database::escape_string($values['post_title'])."',
post_text ='".Database::escape_string($values['post_text'])."',
post_notification ='".Database::escape_string(
isset($values['post_notification']) ? $values['post_notification'] : null
)."'
post_notification ='".Database::escape_string(isset($values['post_notification'])?$values['post_notification']:null)."'
WHERE c_id = $course_id AND post_id='".intval($values['post_id'])."'";
Database::query($sql);

3
main/forum/reply.php
Unescape View File

@ -164,10 +164,9 @@ if (!empty($values) AND isset($_POST['SubmitPost'])) {
$url = 'viewthread.php?forum='.$current_thread['forum_id'].'&gradebook='.$gradebook.'&thread='.intval($_GET['thread']).'&gidReq='.api_get_group_id().'&origin='.$origin.'&msg='.$result['msg'].'&type='.$result['type'];
echo '
<script type="text/javascript">
<script>
window.location = "'.$url.'";
</script>';
//header('Location: );
}
if ($origin != 'learnpath') {

6
main/gradebook/index.php
Unescape View File

@ -1,9 +1,12 @@
<?php
/* For licensing terms, see /license.txt */
/**
*
* Gradebook controller
* @package chamilo.gradebook
*/
/**
* Init
*/
$language_file= 'gradebook';
// $cidReset : This is the main difference with gradebook.php, here we say,
// basically, that we are inside a course, and many things depend from that
@ -687,6 +690,7 @@ if (isset($_GET['studentoverview'])) {
$cat->set_parent_id(0);
$cat->set_weight(100);
$cat->set_visible(0);
$cat->set_certificate_min_score(75);
$can_edit = api_is_allowed_to_edit(true, true);
if ($can_edit) {
$cat->add();

16
main/gradebook/lib/be/category.class.php
Unescape View File

@ -5,13 +5,16 @@
* @package chamilo.gradebook
*/
/**
* Class
* @package chamilo.gradebook
* Init
*/
require_once api_get_path(LIBRARY_PATH).'skill.lib.php';
require_once api_get_path(LIBRARY_PATH).'gradebook.lib.php';
require_once api_get_path(LIBRARY_PATH).'grade_model.lib.php';
/**
* Class
* @package chamilo.gradebook
*/
class Category implements GradebookItem
{
@ -325,6 +328,10 @@ class Category implements GradebookItem
if (isset($this->grade_model_id)) {
$sql .= ', grade_model_id ';
}
if (isset($this->certificate_min_score) && !empty($this->certificate_min_score)) {
$sql .= ', certif_min_score ';
}
/*
$setting = api_get_setting('tool_visible_by_default_at_creation');
@ -355,6 +362,9 @@ class Category implements GradebookItem
}
if (isset($this->grade_model_id)) {
$sql .= ', '.intval($this->get_grade_model_id());
}
if (isset($this->certificate_min_score) && !empty($this->certificate_min_score)) {
$sql .= ', '.Database::escape_string($this->get_certificate_min_score());
}
$sql .= ')';
Database::query($sql);

1
main/gradebook/lib/gradebook_functions.inc.php
Unescape View File

@ -643,6 +643,7 @@ function create_default_course_gradebook($course_code = null, $gradebook_model_i
$default_weight = isset($default_weight_setting) && !empty($default_weight_setting) ? $default_weight_setting : 100;
$cat->set_weight($default_weight);
$cat->set_grade_model_id($gradebook_model_id);
$cat->set_certificate_min_score(75);
$cat->set_visible(0);
$cat->add();
$category_id = $cat->get_id();

2
main/group/group_edit.php
Unescape View File

@ -411,7 +411,7 @@ $form->addGroup(
);
// submit button
$form->addElement('style_submit_button', 'submit', get_lang('PropModify'), 'class="save"');
$form->addElement('style_submit_button', 'submit', get_lang('SaveSettings'), 'class="save"');
if ($form->validate()) {
$values = $form->exportValues();

1
main/inc/ajax/agenda.ajax.php
Unescape View File

@ -17,7 +17,6 @@ require_once api_get_path(SYS_CODE_PATH).'calendar/agenda.lib.php';
$action = isset($_REQUEST['a']) ? $_REQUEST['a'] : null;
$group_id = api_get_group_id();
//var_dump($group_id);
if ($type == 'course') {
api_protect_course_script(true);

1
main/inc/ajax/chat.ajax.php
Unescape View File

@ -30,7 +30,6 @@ if (!isset($_SESSION['openChatBoxes'])) {
}
$chat = new Chat();
if ($chat->is_chat_blocked_by_exercises()) {
//Desconnecting the user
$chat->set_user_status(0);

16
main/inc/lib/access.class.php
Unescape View File

@ -1,5 +1,9 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Definition of the Access class
* @package chamilo.library
*/
/**
* Authorize or deny calls.
*
@ -14,7 +18,6 @@
* (form, javascript for javascript, etc) can get access to the same token.
*
* @author Laurent Opprecht <laurent@opprecht.info> for the Univesity of Geneva
* @license /license.txt
*/
abstract class Access
{
@ -25,6 +28,7 @@ abstract class Access
* Return view and edit access.
*
* @return \Access
* @assert () !== null
*/
public static function all()
{
@ -35,6 +39,7 @@ abstract class Access
* Return no access.
*
* @return \Access
* @assert () === null
*/
public static function forbidden()
{
@ -48,6 +53,7 @@ abstract class Access
* Returns true if security token is valid, false otherwise.
*
* @return bool
* @assert () === false
*/
public function is_token_valid()
{
@ -64,6 +70,7 @@ abstract class Access
* Stores the token for further reuse so that it can be changed in session.
*
* @return string
* @assert () !== null
*/
public function get_session_token()
{
@ -81,6 +88,7 @@ abstract class Access
*
* Stores the existing session token before saving the new one so that
* the current call can still be validated after calling this function.
* @assert () === ''
*/
public function get_token()
@ -111,6 +119,10 @@ abstract class Access
*/
public abstract function can_view();
/**
* Returns whether this access is authorized or not. Synonym for can_view()
* @assert () === false
*/
public function authorize()
{
return $this->can_view();

51
main/inc/lib/access_token.class.php
Unescape View File

@ -1,5 +1,9 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Definition of the AccessToken class
* @package chamilo.library
*/
/**
* An access token. Can be passed between applications to grant access.
*
@ -26,12 +30,16 @@
* $token = new AccessToken(1, 1, '+*ç*%ç*ç');
* $url = '.....?access_token=' . $token;
*
* @license see /license.txt
* @author Laurent Opprecht <laurent@opprecht.info> for the Univesity of Geneva
*/
class AccessToken
{
/**
* Makes sure the static token exists and is a reference to an AccessToken
* object
* @assert () !== null
*/
static function empty_token()
{
static $result = null;
@ -42,9 +50,12 @@ class AccessToken
}
/**
*
* @param type $string
* Parses a given string to find a token
* @param string A base64-encoded string
* @return AccessToken
* @assert ('') !== null
* @assert (base64_encode('a/b')) !== null
* @assert (base64_encode('a/b/c')) !== null
*/
static function parse($string)
{
@ -66,11 +77,12 @@ class AccessToken
}
/**
*
* @param int $id
* @param int $user_id
* @param string $key
* Creates a token based on an ID, an user ID and a key
* @param int ID
* @param int User id
* @param string Key
* @return AccessToken
* @assert (0, 0, 'a') !== null
*/
static function create($id, $user_id, $key)
{
@ -83,10 +95,11 @@ class AccessToken
protected $key = '';
/**
*
* @param int $id
* @param int $user_id
* @param string $key
* Constructor
* @param int ID
* @param int User ID
* @param string Key
* @assert (1,1,1) === null
*/
function __construct($id, $user_id, $key)
{
@ -97,8 +110,8 @@ class AccessToken
/**
* The user_api_key id.
*
* @return int
* @assert () > 0
*/
function get_id()
{
@ -106,9 +119,9 @@ class AccessToken
}
/**
* User id.
*
* User id
* @return string
* @assert () > 0
*/
function get_user_id()
{
@ -117,8 +130,8 @@ class AccessToken
/**
* User api key.
*
* @return string
* @assert () !== null
*/
function get_key()
{
@ -127,8 +140,8 @@ class AccessToken
/**
* True if the token is an empty token. I.e. a no access token.
*
* @return bool
* @assert () === true
*/
function is_empty()
{
@ -138,8 +151,8 @@ class AccessToken
/**
* Validate token against the database. Returns true if token is valid,
* false otherwise.
*
* @return boolean
* @assert () === false
*/
function is_valid()
{
@ -168,8 +181,8 @@ class AccessToken
/**
* Returns a string representation of the token that can be passed in a url or a form.
* The string representation can be parsed by calling AccessToken::parse();
*
* @return string
* @assert () !== null
*/
function __toString()
{

26
main/inc/lib/access_url_edit_courses_to_url_functions.lib.php
Unescape View File

@ -16,6 +16,14 @@ require_once ('xajax/xajax.inc.php');
class Accessurleditcoursestourl
{
/**
* Search for a list of available courses by title or code, based on
* a given string
* @param string String to search for
* @param int Deprecated param
* @return string A formatted, xajax answer block
* @assert () === false
*/
function search_courses($needle, $id)
{
@ -29,22 +37,18 @@ class Accessurleditcoursestourl
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$needle = Database::escape_string($needle);
// search courses where username or firstname or lastname begins likes $needle
$sql = 'SELECT code, title FROM '.$tbl_course.' u
WHERE (title LIKE "'.$needle.'%"
OR code LIKE "'.$needle.'%"
)
ORDER BY title, code
LIMIT 11';
$sql = 'SELECT code, title FROM '.$tbl_course.' u '.
' WHERE (title LIKE "'.$needle.'%" '.
' OR code LIKE "'.$needle.'%" '.
' ) '.
' ORDER BY title, code '.
' LIMIT 11';
$rs = Database::query($sql);
$i = 0;
while ($course = Database :: fetch_array($rs)) {
$i++;
if ($i <= 10) {
$return .= '<a href="javascript: void(0);" onclick="javascript: add_user_to_url(\''.addslashes(
$course['code']
).'\',\''.addslashes($course['title']).' ('.addslashes(
$course['code']
).')'.'\')">'.$course['title'].' ('.$course['code'].')</a><br />';
$return .= '<a href="javascript: void(0);" onclick="javascript: add_user_to_url(\''.addslashes($course['code']).'\',\''.addslashes($course['title']).' ('.addslashes($course['code']).')'.'\')">'.$course['title'].' ('.$course['code'].')</a><br />';
} else {
$return .= '...<br />';
}

27
main/inc/lib/access_url_edit_sessions_to_url_functions.lib.php
Unescape View File

@ -1,7 +1,15 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Access_url_edit_session_to_url class
* Definition of the Accessurleditsessiontourl class
* @package chamilo.library
*/
/**
* Init
*/
require_once ('xajax/xajax.inc.php');
/**
* Accessurleditsessiontourl class
* Contains several functions dealing with displaying,
* editing,... of a Access_url_edit_session_to_url_functions
*
@ -9,18 +17,16 @@
* @author Toon Keppens <toon@vi-host.net>
* @author Julio Montoya - Cleaning code
* @author Ricardo Rodriguez - Separated the function and code
* @package chamilo.include
*/
class Accessurleditsessionstourl
{
/**
* Code
*/
require_once ('xajax/xajax.inc.php');
/**
* Class
* @package chamilo.include
* Search sessions by name, based on a search string
* @param string Search string
* @param int Deprecated param
* @return string Xajax response block
* @assert () === false
*/
class Accessurleditsessionstourl {
function search_sessions($needle, $id)
{
global $tbl_session;
@ -53,4 +59,3 @@ class Accessurleditsessionstourl {
}
}
?>

39
main/inc/lib/access_url_edit_users_to_url_functions.lib.php
Unescape View File

@ -1,7 +1,15 @@
<?php
/* For licensing terms, see /chamilo_license.txt */
/* For licensing terms, see /license.txt */
/**
* Access_url_edit_users_to_url class
* Accessurledituserstourl class definition
* @package chamilo.library
*/
/**
* Code
*/
require_once ('xajax/xajax.inc.php');
/**
* Accessurledituserstourl class definition
* Contains several functions dealing with displaying,
* editing,... of a Access_url_edit_users_to_url_functions
*
@ -11,16 +19,16 @@
* @author Ricardo Rodriguez - Separated the function and code
* @package chamilo.library
*/
class Accessurledituserstourl
{
/**
* Code
*/
require_once ('xajax/xajax.inc.php');
/**
* Class
* @package chamilo.library
* Search users by username, firstname or lastname, based on the given
* search string
* @param string Search string
* @param int Deprecated param
* @return string Xajax response block
* @assert () === false
*/
class Accessurledituserstourl{
function search_users($needle, $id)
{
global $tbl_user, $tbl_access_url_rel_user;
@ -34,10 +42,10 @@ class Accessurledituserstourl{
$needle = Database::escape_string($needle);
// search users where username or firstname or lastname begins likes $needle
$order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname, username' : ' ORDER BY lastname, firstname, username';
$sql = 'SELECT u.user_id, username, lastname, firstname FROM '.$tbl_user.' u
WHERE (username LIKE "'.$needle.'%"
OR firstname LIKE "'.$needle.'%"
OR lastname LIKE "'.$needle.'%")'.
$sql = 'SELECT u.user_id, username, lastname, firstname FROM '.$tbl_user.' u '.
' WHERE (username LIKE "'.$needle.'%" '.
' OR firstname LIKE "'.$needle.'%" '.
' OR lastname LIKE "'.$needle.'%") '.
$order_clause .
' LIMIT 11';
@ -56,6 +64,5 @@ class Accessurledituserstourl{
$xajax_response -> addAssign('ajax_list_users','innerHTML',api_utf8_encode($return));
return $xajax_response;
}
}
?>

23
main/inc/lib/add_courses_to_session_functions.lib.php
Unescape View File

@ -1,12 +1,28 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Definition of the AddCourseToSession class
* @package chamilo.library
*/
/**
* Init
*/
require_once (api_get_path(LIBRARY_PATH).'xajax/xajax.inc.php');
//require_once (api_get_path(SYS_CODE_PATH).'admin/add_courses_to_session.php');
/**
* AddCourseToSession class
*/
class AddCourseToSession {
/**
* Searches a course, given a search string and a type of search box
* @param string Search string
* @param string Type of search box ('single' or anything else)
* @return string XajaxResponse
* @assert () !== null
* @assert ('abc', 'single') !== null
* @assert ('abc', 'multiple') !== null
*/
public function search_courses($needle,$type) {
global $tbl_course, $tbl_session_rel_course, $id_session;
@ -103,4 +119,3 @@ class AddCourseToSession {
return $xajax_response;
}
}
?>

22
main/inc/lib/add_many_session_to_category_functions.lib.php
Unescape View File

@ -1,9 +1,25 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Definition of the AddManySessionToCategoryFunctions class
* @package chamilo.library
*/
/**
* Init
*/
require_once (api_get_path(LIBRARY_PATH).'xajax/xajax.inc.php');
/**
* AddManySessionToCategoryFunctions class
*/
class AddManySessionToCategoryFunctions {
/**
* Search for a session based on a given search string
* @param string A search string
* @param string A search box type (single or anything else)
* @return string XajaxResponse
* @assert () !== ''
* @assert ('abc','single') !== ''
*/
function search_courses($needle,$type) {
global $tbl_course, $tbl_session, $id_session;
@ -32,5 +48,3 @@ class AddManySessionToCategoryFunctions {
return $xajax_response;
}
}
?>

21
main/inc/lib/ajax_controller.class.php
Unescape View File

@ -1,5 +1,9 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Definition of the AddManySessionToCategoryFunctions class
* @package chamilo.library
*/
/**
* Ajax controller. Dispatch request and perform required action.
*
@ -14,12 +18,21 @@
*/
class AjaxController extends \Controller
{
/**
* Returns an HTML error message for forbidden access
* @return bool|void
* @assert () === null
*/
function forbidden()
{
$this->response(false, get_lang('YouAreNotAuthorized'));
}
/**
* Returns an HTML error message for unknown action
* @return bool|void
* @assert () === null
*/
public function unknown()
{
$this->response(false, get_lang('UnknownAction'));
@ -27,6 +40,8 @@ class AjaxController extends \Controller
/**
* Action exists but implementation is missing.
* @return bool|void
* @assert () === null
*/
public function missing()
{
@ -39,6 +54,8 @@ class AjaxController extends \Controller
* @param bool $success
* @param string $message
* @param object $data
* @return bool|void
* @assert () === null
*/
public function response($success = false, $message = '', $data = null)
{

4
main/inc/lib/auth.lib.php
Unescape View File

@ -494,7 +494,11 @@ class Auth {
$sql = "SELECT * FROM $tbl_course WHERE id IN($id_in)";
} else {
$category_code = Database::escape_string($category_code);
if (empty($category_code)) {
$sql = "SELECT * FROM $tbl_course WHERE 1=1 $without_special_courses ORDER BY title ";
} else {
$sql = "SELECT * FROM $tbl_course WHERE category_code='$category_code' $without_special_courses ORDER BY title ";
}
//showing only the courses of the current Chamilo access_url_id
if (api_is_multiple_url_enabled()) {

41
main/inc/lib/chamilo_session.class.php
Unescape View File

@ -19,13 +19,16 @@
* @author Laurent Opprecht <laurent@opprecht.info> for the Univesity of Geneva
*/
/**
* ChamiloSession class definition
*/
class ChamiloSession extends System\Session
{
const NAME = 'ch_sid';
/**
*
* Generate new session instance
* @return ChamiloSession
*/
static function instance()
@ -38,6 +41,10 @@ class ChamiloSession extends System\Session
return $result;
}
/**
* Returns the session lifetime
* @return int The session lifetime as defined in the config file, in seconds
*/
static function session_lifetime()
{
global $_configuration;
@ -45,6 +52,11 @@ class ChamiloSession extends System\Session
return isset($_configuration['session_lifetime']) ? $_configuration['session_lifetime'] : 3600;
}
/**
* Returns whether the sessions are stored in the database (or not)
* @return bool True if session data are stored in the database, false if they're stored on disk
* @assert (null) === false
*/
static function session_stored_in_db()
{
return self::read('session_stored_in_db', false);
@ -60,6 +72,7 @@ class ChamiloSession extends System\Session
*
* @author Olivier Brouckaert
* @param string variable - the variable name to save into the session
* @return void
*/
static function start($alreadyInstalled = true)
{
@ -130,8 +143,7 @@ class ChamiloSession extends System\Session
}
/**
* Session start time: that is the last time the user accesseed the application.
*
* Session start time: that is the last time the user loaded a page (before this time)
* @return int timestamp
*/
function start_time()
@ -140,9 +152,9 @@ class ChamiloSession extends System\Session
}
/**
* Session end time: when the session expires.
*
* @return int timestamp
* Session end time: when the session expires. This is made of the last page
* load time + a number of seconds
* @return int UNIX timestamp (server's timezone)
*/
function end_time()
{
@ -155,8 +167,7 @@ class ChamiloSession extends System\Session
/**
* Returns true if the session is stalled. I.e. if session end time is
* greater than now. Returns false otherwise.
*
* @return bool
* @return bool True if the session is expired. False otherwise
*/
function is_stalled()
{
@ -164,8 +175,8 @@ class ChamiloSession extends System\Session
}
/**
* Returns true if the session is valid - if it is not stalled - false otherwise.
* @return bool
* Returns whether the session is not stalled
* @return bool True if the session is still valid, false otherwise
*/
public function is_valid()
{
@ -174,8 +185,7 @@ class ChamiloSession extends System\Session
/**
* The current (logged in) user.
*
* @return CurrentUser
* @return CurrentUser The current user instance
*/
public function user()
{
@ -188,8 +198,8 @@ class ChamiloSession extends System\Session
}
/**
*
* @return CurrentCourse
* Returns the current (active) course
* @return CurrentCourse The current course instance
*/
public function course()
{
@ -204,8 +214,7 @@ class ChamiloSession extends System\Session
/**
* The current group for the current (logged in) user.
*
* @return int
* @return int the current group id
*/
public function group_id()
{

56
main/inc/lib/chat.lib.php
Unescape View File

@ -6,20 +6,22 @@
*
* @package chamilo.library.chat
*/
/**
* Chat class
*/
class Chat extends Model {
var $table;
var $columns = array('id', 'from_user','to_user','message','sent','recd');
var $window_list = array();
class Chat extends Model
{
public $table;
public $columns = array('id', 'from_user', 'to_user', 'message', 'sent', 'recd');
public $window_list = array();
/**
* The contructor sets the chat table name and the window_list attribute
* @return object Object reference
*/
public function __construct() {
public function __construct()
{
$this->table = Database::get_main_table(TABLE_MAIN_CHAT);
$this->window_list = $_SESSION['window_list'] = isset($_SESSION['window_list']) ? $_SESSION['window_list'] : array();
}
@ -28,7 +30,8 @@ class Chat extends Model {
* Get user chat status
* @return int 0 if disconnected, 1 if connected
*/
function get_user_status() {
function get_user_status()
{
$status = UserManager::get_extra_user_data_by_field(api_get_user_id(), 'user_chat_status', false, true);
return $status['user_chat_status'];
}
@ -38,7 +41,9 @@ class Chat extends Model {
* @param int 0 if disconnected, 1 if connected
* @return void
*/
function set_user_status($status) {
function set_user_status($status)
{
UserManager::update_extra_field_value(api_get_user_id(), 'user_chat_status', $status);
}
@ -46,13 +51,17 @@ class Chat extends Model {
* Starts a chat session and returns JSON array of status and chat history
* @return void (prints output in JSON format)
*/
public function start_session() {
public function start_session()
{
$items = array();
if (isset($_SESSION['chatHistory'])) {
$items = $_SESSION['chatHistory'];
}
//print_r($items);
$return = array('user_status' => $this->get_user_status(), 'me' => get_lang('Me'), 'items' => $items);
$return = array(
'user_status' => $this->get_user_status(),
'me' => get_lang('Me'),
'items' => $items
);
echo json_encode($return);
exit;
}
@ -61,7 +70,8 @@ class Chat extends Model {
* Refreshes the chat windows (usually called every x seconds through AJAX)
* @return void (prints JSON array of chat windows)
*/
public function heartbeat() {
public function heartbeat()
{
$to_user_id = api_get_user_id();
$minutes = 60;
$now = time() - $minutes * 60;
@ -142,13 +152,14 @@ class Chat extends Model {
}
echo json_encode(array('items' => $items));
}
/*
* Returns an array of messages inside a chat session with a specific user
* @param int The ID of the user with whom the current user is chatting
* @return array Messages list
*/
function box_session($user_id) {
function box_session($user_id)
{
$items = array();
if (isset($_SESSION['chatHistory'][$user_id])) {
$items = $_SESSION['chatHistory'][$user_id];
@ -161,10 +172,12 @@ class Chat extends Model {
* @param int The ID of the user with whom the current user is chatting
* @return void
*/
function save_window($user_id){
function save_window($user_id)
{
$this->window_list[$user_id] = true;
$_SESSION['window_list'] = $this->window_list;
}
/**
* Sends a message from one user to another user
* @param int The ID of the user sending the message
@ -172,7 +185,8 @@ class Chat extends Model {
* @param string Message
* @return void Prints "1"
*/
function send($from_user_id, $to_user_id, $message) {
function send($from_user_id, $to_user_id, $message)
{
$user_friend_relation = SocialManager::get_relation_between_contacts($from_user_id, $to_user_id);
if ($user_friend_relation == USER_RELATION_TYPE_FRIEND) {
@ -214,11 +228,13 @@ class Chat extends Model {
exit;
}
}
/**
* Close a specific chat box (user ID taken from $_POST['chatbox'])
* @return void Prints "1"
*/
function close() {
function close()
{
unset($_SESSION['openChatBoxes'][$_POST['chatbox']]);
unset($_SESSION['chatHistory'][$_POST['chatbox']]);
echo "1";
@ -230,7 +246,8 @@ class Chat extends Model {
* @param string Unfiltered message
* @return string Filterd mssage
*/
function sanitize($text) {
function sanitize($text)
{
$text = htmlspecialchars($text, ENT_QUOTES);
$text = str_replace("\n\r", "\n", $text);
$text = str_replace("\r\n", "\n", $text);
@ -238,7 +255,8 @@ class Chat extends Model {
return $text;
}
function is_chat_blocked_by_exercises() {
function is_chat_blocked_by_exercises()
{
if (isset($_SESSION['current_exercises'])) {
foreach ($_SESSION['current_exercises'] as $attempt_status) {
if ($attempt_status == true) {

3
main/inc/lib/course.lib.php
Unescape View File

@ -579,6 +579,7 @@ class CourseManager {
* @param string Original course id
* @param string Original field name
* @return int Course id
* @assert ('', '') === false
*/
public static function get_course_code_from_original_id($original_course_id_value, $original_course_id_name) {
$t_cfv = Database::get_main_table(TABLE_MAIN_COURSE_FIELD_VALUES);
@ -598,6 +599,7 @@ class CourseManager {
*
* @param int Course id
* @return string Course code
* @assert ('') === false
*/
public static function get_course_code_from_course_id($id) {
$table = Database::get_main_table(TABLE_MAIN_COURSE);
@ -622,6 +624,7 @@ class CourseManager {
* @param string $status (optional) The user's status in the course
*
* @return boolean true if subscription succeeds, boolean false otherwise.
* @assert ('', '') === false
*/
public static function add_user_to_course($user_id, $course_code, $status = STUDENT) {
$debug = false;

3
main/inc/lib/diagnoser.lib.php
Unescape View File

@ -85,6 +85,9 @@ class Diagnoser
$status = $exists ? self :: STATUS_WARNING : self :: STATUS_OK;
$array[] = $this->build_setting($status, '[FILES]', get_lang('DirectoryExists') . ': /install', 'http://be2.php.net/file_exists', $exists, 0, 'yes_no', get_lang('DirectoryShouldBeRemoved'));
$app_version = api_get_setting('chamilo_database_version');
$array[] = $this->build_setting(self :: STATUS_INFORMATION, '[DB]', 'chamilo_database_version', '#', $app_version, 0, null, 'Chamilo DB version');
return $array;
}

4
main/inc/lib/display.lib.php
Unescape View File

@ -996,7 +996,7 @@ class Display
} else {
$obj->datatype = 'local';
}
$column_names = array_map("utf8_encode", $column_names);
$obj->colNames = $column_names;
$obj->colModel = $column_model;
$obj->pager = '#'.$div_id.'_pager';
@ -1054,8 +1054,6 @@ class Display
if (!empty($data)) {
$data_var = $div_id.'_data';
$json .= ' var '.$data_var.' = '.json_encode($data).';';
/* $json.='for(var i=0;i<='.$data_var.'.length;i++)
jQuery("#'.$div_id.'").jqGrid(\'addRowData\',i+1,'.$data_var.'[i]);';*/
$obj->data = $data_var;
$obj->datatype = 'local';
$json .= "\n";

9
main/inc/lib/events.lib.inc.php
Unescape View File

@ -589,19 +589,23 @@ function exercise_attempt_hotspot($exe_id, $question_id, $answer_id, $correct, $
}
/**
* @author Yannick Warnier <yannick.warnier@dokeos.com>
* @desc Record information for common (or admin) events (in the track_e_default table)
* Records information for common (or admin) events (in the track_e_default table)
* @author Yannick Warnier <yannick.warnier@beeznest.com>
* @param string Type of event
* @param string Type of value
* @param string Value
* @param string Timestamp (defaults to null)
* @param integer User ID (defaults to null)
* @param string Course code (defaults to null)
* @assert ('','','') === false
*/
function event_system($event_type, $event_value_type, $event_value, $datetime = null, $user_id = null, $course_code = null)
{
global $TABLETRACK_DEFAULT;
if (empty($event_type)) {
return false;
}
$event_type = Database::escape_string($event_type);
$event_value_type = Database::escape_string($event_value_type);
@ -672,6 +676,7 @@ function event_system($event_type, $event_value_type, $event_value, $datetime =
*
* @param int $etId
* @return type
* @assert () !== false
*/
function get_all_event_types()
{

2
main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/ajaxfilemanager.php
Unescape View File

@ -435,7 +435,7 @@ if(!empty($_GET['view'])) {
<td>
<!-- comment these lines while integrating into Chamilo -->
<b><?php //echo LBL_SEARCH_NAME; ?></b> <br />
<input type="text" class="input inputSearch" name="search_name" id="search_name" />
<input type="text" class="input inputSearch" name="search_name" id="search_name" size="18"/>
</td>
</tr>

7
main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/inc/config.base.php
Unescape View File

@ -100,6 +100,13 @@ if(!empty($_course['path']) && Security::remove_XSS($_GET['editor'])!="stand_alo
} else {
//my profile
$my_path = UserManager::get_user_picture_path_by_id(api_get_user_id(),'none');
$dir = api_get_path(SYS_CODE_PATH).$my_path['dir'];
if (!is_dir($dir)) {
mkdir($dir);
}
if (!is_dir($dir.'my_files')) {
mkdir($dir.'my_files');
}
$PathChamiloAjaxFileManager = '../../../../../../../main/'.$my_path['dir'].'my_files/';
}
}

2
main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/jscripts/thickbox.js
Unescape View File

@ -186,7 +186,7 @@ function tb_show(caption, url, imageGroup) {//function called when the user clic
TB_WIDTH = (params['width']*1) + 30 || 630; //defaults to 630 if no paramaters were added to URL
TB_HEIGHT = (params['height']*1) + 40 || 40; //defaults to 440 if no paramaters were added to URL. Chamilo change 440 by 40
ajaxContentW = TB_WIDTH - 30;
ajaxContentW = TB_WIDTH - 5;
ajaxContentH = TB_HEIGHT - 45;
if(url.indexOf('TB_iframe') != -1){// either iframe or ajax window

2
main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/theme/default/css/thickbox.css
Unescape View File

@ -119,7 +119,7 @@ margin-top: expression(0 - parseInt(this.offsetHeight / 2) + (TBWindowMargin = d
}
#TB_ajaxContent.TB_modal{
padding:15px;
padding:15px 15px 15px 0px;
}
#TB_ajaxContent p{

8
main/inc/lib/group_portal_manager.lib.php
Unescape View File

@ -792,10 +792,10 @@ class GroupPortalManager
$normal = self::resize_picture($source_file, 200);
$big = new Image($source_file); // This is the original picture.
$ok = $small->send_image($path.'small_'.$filename)
&& $medium->send_image($path.'medium_'.$filename)
&& $normal->send_image($path.'big_'.$filename)
&& $big->send_image($path.$filename);
$ok = $small && $small->send_image($path.'small_'.$filename)
&& $medium && $medium->send_image($path.'medium_'.$filename)
&& $normal && $normal->send_image($path.'big_'.$filename)
&& $big && $big->send_image($path.$filename);
return $ok ? $filename : false;
}

7
main/inc/lib/javascript/chat/js/chat.js
Unescape View File

@ -331,6 +331,13 @@ function chatWith(user_id, user_name, status) {
$("#chatbox_"+user_id+" .chatboxtextarea").focus();
}
function chatNotYetWith(message) {
$("#message_ajax_reponse").html(message);
$("#message_ajax_reponse").css('display', 'block');
$("#message_ajax_reponse").attr('class', 'alert');
$('#message_ajax_reponse').alert()
}
/**
* Creates a div
*/

4
main/inc/lib/link.lib.php
Unescape View File

@ -635,11 +635,11 @@ function showlinksofcategory($catid) {
echo '<a href="link_goto.php?'.api_get_cidreq().'&amp;link_id='.$myrow['id'].'&amp;link_url='.urlencode($myrow['url']).'" target="_blank">
<img src="../../main/img/link.gif" border="0" alt="'.get_lang('Link').'"/></a></td>
<td width="80%" valign="top"><a href="link_goto.php?'.api_get_cidreq().'&amp;link_id='.$myrow['id'].'&amp;link_url='.urlencode($myrow['url']).'" target="'.$myrow['target'].'">';
echo Security :: remove_XSS($myrow['url']);
echo Security :: remove_XSS($myrow['title']);
echo '</a>';
echo $link_validator;
echo $session_img;
echo '<br />'.$myrow['title'];
echo '<br />'.$myrow['description'];
} else {
if (api_is_allowed_to_edit(null, true)) {
echo '<tr class="'.$css_class.'">';

2
main/inc/lib/main_api.lib.php
Unescape View File

@ -164,6 +164,7 @@ define('LOG_CONFIGURATION_SETTINGS_CHANGE', 'settings_changed');
define('LOG_PLATFORM_LANGUAGE_CHANGE', 'platform_language_changed');
define('LOG_SUBSCRIBE_USER_TO_COURSE', 'user_subscribed');
define('LOG_UNSUBSCRIBE_USER_FROM_COURSE', 'user_unsubscribed');
define('LOG_ATTEMPTED_FORCED_LOGIN', 'attempted_forced_login');
define('LOG_HOMEPAGE_CHANGED', 'homepage_changed');
define('LOG_PROMOTION_CREATE', 'promotion_created');
@ -1127,6 +1128,7 @@ function _api_format_user($user, $add_password = false) {
$firstname = $user['firstName'];
$lastname = $user['lastName'];
}
$result['phone']= $user['phone'];
$result['complete_name'] = api_get_person_name($firstname, $lastname);

106
main/inc/lib/notification.lib.php
Unescape View File

@ -9,52 +9,45 @@
* Code
*/
/**
* Notification class
* @package chamilo.library
*/
class Notification extends Model
{
public $table;
public $columns = array('id', 'dest_user_id', 'dest_mail', 'title', 'content', 'send_freq', 'created_at', 'sent_at');
public $max_content_length = 254; //Max lenght of the notification.content field
public $debug = false;
//@todo put constants in an array
public $type;
public $admin_name;
public $admin_email;
//default values
const NOTIFY_MESSAGE_AT_ONCE = 1;
const NOTIFY_MESSAGE_DAILY = 8;
const NOTIFY_MESSAGE_WEEKLY = 12;
const NOTIFY_MESSAGE_NO = 0;
//mail_notify_message ("At once", "Daily", "No")
define('NOTIFY_MESSAGE_AT_ONCE', '1');
define('NOTIFY_MESSAGE_DAILY', '8');
define('NOTIFY_MESSAGE_WEEKLY', '12');
define('NOTIFY_MESSAGE_NO', '0');
const NOTIFY_INVITATION_AT_ONCE = 1;
const NOTIFY_INVITATION_DAILY = 8;
const NOTIFY_INVITATION_WEEKLY = 12;
const NOTIFY_INVITATION_NO = 0;
//mail_notify_invitation ("At once", "Daily", "No")
define('NOTIFY_INVITATION_AT_ONCE', '1');
define('NOTIFY_INVITATION_DAILY', '8');
define('NOTIFY_INVITATION_WEEKLY', '12');
define('NOTIFY_INVITATION_NO', '0');
const NOTIFY_GROUP_AT_ONCE = 1;
const NOTIFY_GROUP_DAILY = 8;
const NOTIFY_GROUP_WEEKLY = 12;
const NOTIFY_GROUP_NO = 0;
const NOTIFICATION_TYPE_MESSAGE = 1;
const NOTIFICATION_TYPE_INVITATION = 2;
const NOTIFICATION_TYPE_GROUP = 3;
// mail_notify_group_message ("At once", "Daily", "No")
define('NOTIFY_GROUP_AT_ONCE', '1');
define('NOTIFY_GROUP_DAILY', '8');
define('NOTIFY_GROUP_WEEKLY', '12');
define('NOTIFY_GROUP_NO', '0');
define('NOTIFICATION_TYPE_MESSAGE', 1);
define('NOTIFICATION_TYPE_INVITATION', 2);
define('NOTIFICATION_TYPE_GROUP', 3);
/**
* Notification class
* @package chamilo.library
*/
class Notification extends Model {
var $table;
var $columns = array('id', 'dest_user_id', 'sender_id', 'dest_mail', 'title', 'content', 'send_freq', 'created_at', 'sent_at');
var $max_content_length = 254; //Max lenght of the notification.content field
var $debug = false;
/* message, invitation, group messages */
var $type;
var $sender_name;
var $sender_email;
var $extra_headers = array();
var $send_email_as_user = false; //False, chamilo will sent an email as the user (not recommended)
public function __construct() {
public function __construct()
{
$this->table = Database::get_main_table(TABLE_NOTIFICATION);
$this->sender_email = api_get_setting('noreply_email_address');
@ -135,17 +128,17 @@ class Notification extends Model {
$avoid_my_self = false;
switch ($this->type) {
case NOTIFICATION_TYPE_MESSAGE;
case self::NOTIFICATION_TYPE_MESSAGE;
$setting_to_check = 'mail_notify_message';
$default_status = NOTIFY_MESSAGE_AT_ONCE;
$default_status = self::NOTIFY_MESSAGE_AT_ONCE;
break;
case NOTIFICATION_TYPE_INVITATION;
case self::NOTIFICATION_TYPE_INVITATION;
$setting_to_check = 'mail_notify_invitation';
$default_status = NOTIFY_INVITATION_AT_ONCE;
$default_status = self::NOTIFY_INVITATION_AT_ONCE;
break;
case NOTIFICATION_TYPE_GROUP;
case self::NOTIFICATION_TYPE_GROUP;
$setting_to_check = 'mail_notify_group_message';
$default_status = NOTIFY_GROUP_AT_ONCE;
$default_status = self::NOTIFY_GROUP_AT_ONCE;
$avoid_my_self = true;
break;
}
@ -172,17 +165,24 @@ class Notification extends Model {
switch ($user_setting) {
//No notifications
case NOTIFY_MESSAGE_NO:
case NOTIFY_INVITATION_NO:
case NOTIFY_GROUP_NO:
case self::NOTIFY_MESSAGE_NO:
case self::NOTIFY_INVITATION_NO:
case self::NOTIFY_GROUP_NO:
break;
//Send notification right now!
case NOTIFY_MESSAGE_AT_ONCE:
case NOTIFY_INVITATION_AT_ONCE:
case NOTIFY_GROUP_AT_ONCE:
case self::NOTIFY_MESSAGE_AT_ONCE:
case self::NOTIFY_INVITATION_AT_ONCE:
case self::NOTIFY_GROUP_AT_ONCE:
if (!empty($user_info['mail'])) {
$name = api_get_person_name($user_info['firstname'], $user_info['lastname']);
api_mail_html($name, $user_info['mail'], Security::filter_terms($title), Security::filter_terms($content), $this->sender_name, $this->sender_email, $this->extra_headers);
if (!empty($sender_info['complete_name']) && !empty($sender_info['email'])) {
$extra_headers = array();
$extra_headers['reply_to']['mail'] = $sender_info['email'];
$extra_headers['reply_to']['name'] = $sender_info['complete_name'];
api_mail_html($name, $user_info['mail'], Security::filter_terms($title), Security::filter_terms($content), $sender_info['complete_name'], $sender_info['email'], $extra_headers);
} else {
api_mail_html($name, $user_info['mail'], Security::filter_terms($title), Security::filter_terms($content), $sender_info['complete_name'], $sender_info['email']);
}
}
$params['sent_at'] = api_get_utc_datetime();
//Saving the notification to be sent some day
@ -209,14 +209,14 @@ class Notification extends Model {
$new_message_text = $link_to_new_message = '';
switch ($this->type) {
case NOTIFICATION_TYPE_MESSAGE:
case self::NOTIFICATION_TYPE_MESSAGE:
if (!empty($sender_info)) {
$sender_name = api_get_person_name($sender_info['firstname'], $sender_info['lastname'], null, PERSON_NAME_EMAIL_ADDRESS);
$new_message_text = sprintf(get_lang('YouHaveANewMessageFromX'), $sender_name);
}
$link_to_new_message = Display::url(get_lang('SeeMessage'), api_get_path(WEB_CODE_PATH).'messages/inbox.php');
break;
case NOTIFICATION_TYPE_INVITATION:
case self::NOTIFICATION_TYPE_INVITATION:
if (!empty($sender_info)) {
$sender_name = api_get_person_name($sender_info['firstname'], $sender_info['lastname'], null, PERSON_NAME_EMAIL_ADDRESS);
//$sender_mail = $sender_info['email'] ;
@ -224,7 +224,7 @@ class Notification extends Model {
}
$link_to_new_message = Display::url(get_lang('SeeInvitation'), api_get_path(WEB_CODE_PATH).'social/invitations.php');
break;
case NOTIFICATION_TYPE_GROUP:
case self::NOTIFICATION_TYPE_GROUP:
$topic_page = intval($_REQUEST['topics_page_nr']);
if (!empty($sender_info)) {
$sender_name = $sender_info['group_info']['name'];

33
main/inc/lib/online.inc.php
Unescape View File

@ -237,15 +237,17 @@ function who_is_online($from, $number_of_items, $column = null, $direction = nul
$result = Database::query($query);
if ($result) {
$valid_date_time = new DateTime();
/*$valid_date_time = new DateTime();
$diff = "PT".$time_limit.'M';
$valid_date_time->sub(new DateInterval($diff));
$valid_date_time->sub(new DateInterval($diff));*/
$users_online = array();
while(list($login_user_id, $login_date) = Database::fetch_row($result)) {
$user_login_date = new DateTime($login_date);
if ($user_login_date->format('Y-m-d H:i:s') > $valid_date_time->format('Y-m-d H:i:s')) {
$users_online[] = $login_user_id;
}
/*$user_login_date = new DateTime($login_date);
var_dump($user_login_date->format('Y-m-d H:i:s'), $valid_date_time->format('Y-m-d H:i:s'));
if ($user_login_date->format('Y-m-d H:i:s') > $valid_date_time->format('Y-m-d H:i:s')) {
}*/
}
return $users_online;
} else {
@ -261,11 +263,9 @@ function who_is_online_count($time_limit = null, $friends = false) {
}
$track_online_table = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_ONLINE);
$friend_user_table = Database::get_main_table(TABLE_MAIN_USER_REL_USER);
$table_user = Database::get_main_table(TABLE_MAIN_USER);
$query = '';
/*$current_date = api_get_utc_datetime();
$current_date = api_strtotime($current_date, 'UTC');
$current_date = date('Y-m-d H:i:s', $current_date);*/
$online_time = time() - $time_limit*60;
$current_date = api_get_utc_datetime($online_time);
@ -277,8 +277,9 @@ function who_is_online_count($time_limit = null, $friends = false) {
WHERE login_date >= '$current_date' AND friend_user_id <> '".api_get_user_id()."' AND relation_type='".USER_RELATION_TYPE_FRIEND."' AND user_id = '".api_get_user_id()."' ";
} else {
// All users online
$query = "SELECT count(login_id) as count FROM $track_online_table
WHERE login_user_id <> 2 AND login_date >= '$current_date' ";
$query = "SELECT count(login_id) as count
FROM $track_online_table track INNER JOIN $table_user u ON (u.user_id=track.login_user_id)
WHERE u.status != ".ANONYMOUS." AND login_date >= '$current_date' ";
}
if (api_get_multiple_access_url()) {
@ -293,7 +294,8 @@ function who_is_online_count($time_limit = null, $friends = false) {
} else {
// all users online
$query = "SELECT count(login_id) as count FROM $track_online_table track
WHERE login_user_id <> 2 AND track.access_url_id = $access_url_id AND login_date >= '$current_date' ";
INNER JOIN $table_user u ON (u.user_id=track.login_user_id)
WHERE u.status != ".ANONYMOUS." AND track.access_url_id = $access_url_id AND login_date >= '$current_date' ";
}
}
}
@ -343,17 +345,16 @@ function who_is_online_in_this_course($from, $number_of_items, $uid, $time_limit
$result = Database::query($query);
if ($result) {
$valid_date_time = new DateTime();
/*$valid_date_time = new DateTime();
$diff = "PT".$time_limit.'M';
$valid_date_time->sub(new DateInterval($diff));
$valid_date_time->sub(new DateInterval($diff));*/
$users_online = array();
while (list($login_user_id, $login_date) = Database::fetch_row($result)) {
$user_login_date = new DateTime($login_date);
if ($user_login_date > $valid_date_time->format('Y-m-d H:i:s')) {
/*$user_login_date = new DateTime($login_date);
if ($user_login_date > $valid_date_time->format('Y-m-d H:i:s')) {*/
$users_online[] = $login_user_id;
}
}
return $users_online;
} else {
return false;

6
main/inc/lib/pdf.lib.php
Unescape View File

@ -211,10 +211,12 @@ if($complete_style === false) { error_log(__FUNCTION__.' with no style'); }
if (strpos($old_src, 'http') === false) {
if (strpos($old_src, '/main/default_course_document') === false) {
$old_src_fixed = '';
if (api_get_path(REL_PATH) != '/') {
$old_src = str_replace(api_get_path(REL_PATH), '', $old_src);
}
$old_src_fixed = str_replace(api_get_path(REL_PATH).'courses/'.$course_data['path'].'/document/', '', $old_src);
} else {
$old_src_fixed = str_replace('courses/'.$course_data['path'].'/document/', '', $old_src);
}
$new_path = $document_path.$old_src_fixed;
$document_html= str_replace($old_src, $new_path, $document_html);
}

13
main/inc/lib/portfolio.class.php
Unescape View File

@ -1,13 +1,16 @@
<?php
/* For licensing terms, see /license.txt */
/*
* This file contains several classes related to portfolios management to avoid
* having too much files under the lib/.
*
* Once external libraries are moved to their own directory it would be worth
* moving them to their own files under a common portfolio directory.
* @package chamilo.portfolio
*/
/**
* Init
*/
use Model\Document;
use Model\Course;
@ -27,12 +30,10 @@ use Model\Course;
* - portfolio action
*
* Note:
*
*
* @license see /license.txt
* @author Laurent Opprecht <laurent@opprecht.info> for the Univesity of Geneva
*/
class Portfolio extends Portfolio\Portfolio
//class Portfolio extends Portfolio\Portfolio
class Portfolio
{
/**

14
main/inc/lib/security.lib.php
Unescape View File

@ -66,15 +66,12 @@ class Security
}
}
// Code specific to courses directory stored on other disk.
$checker_path = str_replace(
api_get_path(SYS_COURSE_PATH),
$_configuration['symbolic_course_folder_abs'],
$checker_path
);
/*
$checker_path = str_replace(api_get_path(SYS_COURSE_PATH), $_configuration['symbolic_course_folder_abs'], $checker_path);
$found = strpos($true_path.'/', $checker_path);
if ($found === 0) {
return true;
}
}*/
}
return false;
@ -111,9 +108,8 @@ class Security
* Filters dangerous filenames (*.php[.]?* and .htaccess) and returns it in
* a non-executable form (for PHP and htaccess, this is still vulnerable to
* other languages' files extensions)
* @param string $filename Unfiltered filename
*
* @return string
* @param string Unfiltered filename
* @param string Filtered filename
*/
public static function filter_filename($filename)
{

4
main/inc/lib/sessionmanager.lib.php
Unescape View File

@ -2133,7 +2133,7 @@ class SessionManager {
* @param $copy_users
* @param $create_new_courses
* @param $set_exercises_lp_invisible
* @return unknown_type
* @return int
*/
public function copy_session($id, $copy_courses = true, $copy_users = true, $create_new_courses = false, $set_exercises_lp_invisible = false) {
$id = intval($id);
@ -2162,7 +2162,7 @@ class SessionManager {
if ($create_new_courses) {
//Just in case
if (function_exists('ini_set')) {
ini_set('memory_limit','256M');
api_set_memory_limit('256M');
ini_set('max_execution_time',0);
}
$params = array();

40
main/inc/lib/social.lib.php
Unescape View File

@ -197,7 +197,7 @@ class SocialManager extends UserManager {
$sender_info = api_get_user_info($user_id);
$notification = new Notification();
$notification->save_notification(NOTIFICATION_TYPE_INVITATION, array($friend_id), $message_title, $message_content, $sender_info);
$notification->save_notification(Notification::NOTIFICATION_TYPE_INVITATION, array($friend_id), $message_title, $message_content, $sender_info);
return true;
} else {
@ -349,16 +349,25 @@ class SocialManager extends UserManager {
* @author Yannick Warnier
* @since Dokeos 1.8.6.1
*/
public static function get_user_feeds($user, $limit=5) {
if (!function_exists('fetch_rss')) { return '';}
public static function get_user_feeds($user, $limit = 5)
{
if (!function_exists('fetch_rss')) {
return '';
}
$feeds = array();
$feed = UserManager::get_extra_user_data_by_field($user,'rssfeeds');
if(empty($feed)) { return ''; }
if (empty($feed)) {
return '';
}
$feeds = explode(';',$feed['rssfeeds']);
if (count($feeds)==0) { return ''; }
if (count($feeds) == 0) {
return '';
}
$res = '';
foreach ($feeds as $url) {
if (empty($url)) { continue; }
if (empty($url)) {
continue;
}
$rss = @fetch_rss($url);
$i = 1;
if (!empty($rss->items)) {
@ -369,7 +378,9 @@ class SocialManager extends UserManager {
$res .= '<h2>'.$rss->channel['title'].''.$icon_rss.'</h2>';
$res .= '<div class="social-rss-channel-items">';
foreach ($rss->items as $item) {
if ($limit>=0 and $i>$limit) {break;}
if ($limit >= 0 and $i > $limit) {
break;
}
$res .= '<h3><a href="'.$item['link'].'">'.$item['title'].'</a></h3>';
$res .= '<div class="social-rss-item-date">'.api_get_datetime($item['date_timestamp']).'</div>';
$res .= '<div class="social-rss-item-content">'.$item['description'].'</div><br />';
@ -569,17 +580,28 @@ class SocialManager extends UserManager {
}
//@todo check if user is online and if it's a friend to show the chat link
if (api_is_global_chat_enabled() && $user_friend_relation == USER_RELATION_TYPE_FRIEND) {
if (api_is_global_chat_enabled()) {
$user_name = $user_info['complete_name'];
if ($user_friend_relation == USER_RELATION_TYPE_FRIEND) {
if ($user_id != api_get_user_id()) {
//Only show chat if I'm available to talk
if ($current_user_info['user_is_online_in_chat'] == 1) {
$user_name = $user_info['complete_name'];
$options = array('onclick' => "javascript:chatWith('".$user_id."', '".Security::remove_XSS($user_name)."', '".$user_info['user_is_online_in_chat']."')");
$chat_icon = $user_info['user_is_online_in_chat'] ? Display::return_icon('online.png', get_lang('Online')) : Display::return_icon('offline.png', get_lang('Offline'));
$html .= Display::tag('li', Display::url($chat_icon.'&nbsp;&nbsp;'.get_lang('Chat'), 'javascript:void(0);', $options));
}
}
} else {
// Do something?
if ($user_id != api_get_user_id()) {
if ($current_user_info['user_is_online_in_chat'] == 1) {
$message = Security::remove_XSS(sprintf(get_lang("YouHaveToAddXAsAFriendFirst", $user_name)));
$options = array('onclick' => "javascript:chatNotYetWith('".$message."')");
$chat_icon = $user_info['user_is_online_in_chat'] ? Display::return_icon('online.png', get_lang('Online')) : Display::return_icon('offline.png', get_lang('Offline'));
$html .= Display::tag('li', Display::url($chat_icon.'&nbsp;&nbsp;'.get_lang('Chat'), 'javascript:void(0);', $options));
}
}
}
}

4
main/inc/lib/tracking.lib.php
Unescape View File

@ -2397,7 +2397,7 @@ class Tracking
if (!empty($course_in_session)) {
$main_session_graph = '';
if (!isset($_GET['session_id']) && !isset($_GET['course'])) {
//if (!isset($_GET['session_id']) && !isset($_GET['course'])) {
//Load graphics only when calling to an specific session
$session_graph = array();
@ -2481,7 +2481,7 @@ class Tracking
//var_dump($final_all_exercise_graph_name_list, $final_all_user_results, $final_all_exercise_graph_list);
$main_session_graph = self::generate_session_exercise_graph($final_all_exercise_graph_name_list, $my_results_final, $final_all_exercise_graph_list);
}
}
//}
$html .= Display::page_subheader(Display::return_icon('session.png', get_lang('Sessions'), array(), ICON_SIZE_SMALL).' '.get_lang('Sessions'));

51
main/inc/lib/usermanager.lib.php
Unescape View File

@ -410,10 +410,13 @@ class UserManager {
* @assert (null) === false
* @assert ('abc') === false
*/
public static function delete_user($user_id) {
public static function delete_user($user_id)
{
if ($user_id != strval(intval($user_id))) return false;
if ($user_id === false) return false;
if ($user_id != strval(intval($user_id)))
return false;
if ($user_id === false)
return false;
if (!self::can_delete_user($user_id)) {
return false;
@ -465,6 +468,7 @@ class UserManager {
// Delete user picture
// TODO: Logic about api_get_setting('split_users_upload_directory') === 'true' , a user has 4 differnt sized photos to be deleted.
$user_info = api_get_user_info($user_id);
if (strlen($user_info['picture_uri']) > 0) {
$img_path = api_get_path(SYS_CODE_PATH).'upload/users/'.$user_id.'/'.$user_info['picture_uri'];
if (file_exists($img_path))
@ -493,10 +497,9 @@ class UserManager {
$sql = 'DELETE FROM '.$gradebook_results_table.' WHERE user_id = '.$user_id;
Database::query($sql);
$user = Database::fetch_array($res);
$t_ufv = Database::get_main_table(TABLE_MAIN_USER_FIELD_VALUES);
$sqlv = "DELETE FROM $t_ufv WHERE user_id = $user_id";
$resv = Database::query($sqlv);
Database::query($sqlv);
require_once api_get_path(LIBRARY_PATH).'urlmanager.lib.php';
if (api_get_multiple_access_url()) {
@ -521,9 +524,10 @@ class UserManager {
//Delete user from friend lists
SocialManager::remove_user_rel_user($user_id, true);
}
survey_manager::delete_all_survey_invitations_by_user($user_id);
// Delete students works
$sqlw = "DELETE FROM $table_work WHERE user_id = $user_id";
$resw = Database::query($sqlw);
Database::query($sqlw);
unset($sqlw);
// Add event to system log
$user_id_manager = api_get_user_id();
@ -1335,11 +1339,10 @@ class UserManager {
$big = new Image($source_file); // This is the original picture.
$ok = false;
$ok = $small->send_image($path.'small_'.$filename) &&
$medium->send_image($path.'medium_'.$filename) &&
$normal->send_image($path.$filename) &&
$big->send_image( $path.'big_'.$filename);
$ok = $small && $small->send_image($path.'small_'.$filename) &&
$medium && $medium->send_image($path.'medium_'.$filename) &&
$normal && $normal->send_image($path.$filename) &&
$big && $big->send_image($path.'big_'.$filename);
return $ok ? $filename : false;
}
@ -1349,7 +1352,8 @@ class UserManager {
* @param int $user_id The user internal identitfication number.
* @return string/bool Returns empty string on success, FALSE on error.
*/
public static function delete_user_picture($user_id) {
public static function delete_user_picture($user_id)
{
return self::update_user_picture($user_id);
}
@ -2651,6 +2655,21 @@ class UserManager {
}
}
}
} else {
//check if user is general coach for this session
$s = api_get_session_info($session_id);
if ($s['id_coach'] == $user_id) {
if (count($course_list)==0) {
$course_list = SessionManager::get_course_list_by_session_id($session_id);
if (!empty($course_list)) {
foreach ($course_list as $course) {
if (!in_array($course['code'],$courses)) {
$personal_course_list[] = $course;
}
}
}
}
}
}
return $personal_course_list;
}
@ -2668,8 +2687,12 @@ class UserManager {
$t_user = Database::get_main_table(TABLE_MAIN_USER);
$sql = "SELECT user_id FROM $t_user WHERE username = '$username'";
$res = Database::query($sql);
if ($res === false) { return false; }
if (Database::num_rows($res) !== 1) { return false; }
if ($res === false) {
return false;
}
if (Database::num_rows($res) !== 1) {
return false;
}
$row = Database::fetch_array($res);
return $row['user_id'];
}

84
main/install/install.lib.php
Unescape View File

@ -1363,18 +1363,24 @@ function display_requirements(
}
$fil_perm_verified = 0666;
$file_course_test_was_created = false;
if (is_dir($course_dir)) {
foreach ($perms_fil as $perm) {
$r = @touch($course_dir.'/test.txt', $perm);
if ($file_course_test_was_created == true) {
break;
}
$r = @touch($course_dir.'/test.php',$perm);
if ($r === true) {
$fil_perm_verified = $perm;
break;
if (check_course_script_interpretation($course_dir, $course_attempt_name, 'test.php')) {
$file_course_test_was_created = true;
}
}
}
}
@unlink($course_dir.'/test.txt');
@unlink($course_dir.'/test.php');
@rmdir($course_dir);
$_SESSION['permissions_for_new_directories'] = $_setting['permissions_for_new_directories'] = $dir_perm_verified;
@ -1383,10 +1389,7 @@ function display_requirements(
$dir_perm = Display::label('0'.decoct($dir_perm_verified), 'info');
$file_perm = Display::label('0'.decoct($fil_perm_verified), 'info');
$course_test_was_created = $course_test_was_created == true ? Display::label(
get_lang('Yes'),
'success'
) : Display::label(get_lang('No'), 'warning');
$course_test_was_created = ($course_test_was_created == true && $file_course_test_was_created == true) ? Display::label(get_lang('Yes'), 'success') : Display::label(get_lang('No'), 'warning');
echo '<table class="table">
<tr>
@ -1526,7 +1529,7 @@ function display_requirements(
@chmod($checked_writable, $perm);
}
if ($course_test_was_created == false) {
if ($course_test_was_created == false || $file_course_test_was_created == false) {
$error = true;
}
@ -2658,6 +2661,71 @@ function compare_setting_values($current_value, $wanted_value)
}
function check_course_script_interpretation($course_dir, $course_attempt_name, $file = 'test.php'){
$output = false;
//Write in file
$file_name = $course_dir.'/'.$file;
$content = '<?php echo "123"; exit;';
if (is_writable($file_name)) {
if ($handler = @fopen($file_name, "w")) {
//write content
if (fwrite($handler , $content)) {
$sock_errno = ''; $sock_errmsg = '';
$url = api_get_path(WEB_COURSE_PATH).'/'.$course_attempt_name.'/'.$file;
$parsed_url = parse_url($url);
//$scheme = isset($parsedUrl['scheme']) ? $parsedUrl['scheme'] : ''; //http
$host = isset($parsed_url['host']) ? $parsed_url['host'] : '';
$path = isset($parsed_url['path']) ? $parsed_url['path'] : '/';
$port = isset($parsed_url['port']) ? $parsed_url['port'] : '80';
//Check fsockopen
if ($fp = @fsockopen(str_replace('http://', '', $url), -1, $sock_errno, $sock_errmsg, 60)) {
$out = "GET $path HTTP/1.1\r\n";
$out .= "Host: $host\r\n";
$out .= "Connection: Close\r\n\r\n";
fwrite($fp, $out);
while (!feof($fp)) {
$result = str_replace("\r\n", '',fgets($fp, 128));
if (!empty($result) && $result == '123') {
$output = true;
}
}
fclose($fp);
//Check allow_url_fopen
} elseif (ini_get('allow_url_fopen')) {
if ($fp = @fopen($url, 'r')) {
while ($result = fgets($fp, 1024)) {
if (!empty($result) && $result == '123') {
$output = true;
}
}
fclose($fp);
}
// Check if has support for cURL
} elseif (function_exists('curl_init')) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_URL, $url);
//curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$result = curl_exec ($ch);
if (!empty($result) && $result == '123') {
$output = true;
}
curl_close($ch);
}
}
@fclose($handler);
}
}
return $output;
}
/* Executed only before create_course_tables() */
function drop_course_tables()
{

5
main/install/install_db.inc.php
Unescape View File

@ -1,6 +1,5 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Install the Chamilo database
* Notice : This script has to be included by index.php
@ -10,7 +9,9 @@
/* This page is called only during a NEW chamilo installation */
/* This page can only be access through including from the install script. */
/**
* Init checks
*/
if (!defined('SYSTEM_INSTALLATION')) {
echo 'You are not allowed here!';
exit;

1
main/mySpace/index.php
Unescape View File

@ -31,6 +31,7 @@ $csv_content = array();
$nameTools = get_lang('MySpace');
$user_id = api_get_user_id();
$is_coach = api_is_coach($_GET['session_id']); // This is used?
$session_id = isset($_GET['session_id']) ? intval($_GET['session_id']) : 0;

10
main/newscorm/learnpath.class.php
Unescape View File

@ -9293,15 +9293,7 @@ class learnpath
// Remove memory and time limits as much as possible as this might be a long process...
if (function_exists('ini_set')) {
$mem = ini_get('memory_limit');
if (substr($mem, -1, 1) == 'M') {
$mem_num = substr($mem, 0, -1);
if ($mem_num < 128) {
ini_set('memory_limit', '128M');
}
} else {
ini_set('memory_limit', '128M');
}
api_set_memory_limit('128M');
ini_set('max_execution_time', 600);
}

15
main/newscorm/lp_controller.php
Unescape View File

@ -199,10 +199,6 @@ if ($debug > 0) error_log('New LP - Passed oLP creation check', 0);
$is_allowed_to_edit = api_is_allowed_to_edit(false, true, false, false);
/**
* Actions switching
*/
if (isset($_SESSION['oLP'])) {
$_SESSION['oLP']->update_queue = array(); // Reinitialises array used by javascript to update items in the TOC.
$_SESSION['oLP']->message = ''; // Should use ->clear_message() method but doesn't work.
@ -221,6 +217,7 @@ if (isset($_GET['isStudentView']) && $_GET['isStudentView'] == 'true') {
if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'view' && !isset($_REQUEST['exeId'])) {
$_REQUEST['action'] = 'build';
}
$_SESSION['studentview'] = null;
}
}
@ -699,9 +696,12 @@ switch ($action) {
}
$_SESSION['oLP']->set_theme($_REQUEST['lp_theme']);
if (isset($_REQUEST['hide_toc_frame'])) {
$_SESSION['oLP']->set_hide_toc_frame($_REQUEST['hide_toc_frame']);
if (isset($_REQUEST['hide_toc_frame']) && $_REQUEST['hide_toc_frame'] == 1) {
$hide_toc_frame = $_REQUEST['hide_toc_frame'];
} else {
$hide_toc_frame = null;
}
$_SESSION['oLP']->set_hide_toc_frame($hide_toc_frame);
$_SESSION['oLP']->set_prerequisite($_REQUEST['prerequisites']);
$_SESSION['oLP']->set_use_max_score($_REQUEST['use_max_score']);
@ -929,11 +929,12 @@ switch ($action) {
case 'switch_view_mode':
if ($debug > 0) error_log('New LP - switch_view_mode action triggered', 0);
if (!$lp_found) { error_log('New LP - No learnpath given for switch', 0); require 'lp_list.php'; }
if (Security::check_token('get')) {
$_SESSION['refresh'] = 1;
$_SESSION['oLP']->update_default_view_mode();
}
require 'lp_list.php';
break;
case 'switch_force_commit':
if ($debug > 0) error_log('New LP - switch_force_commit action triggered', 0);
if (!$lp_found) { error_log('New LP - No learnpath given for switch', 0); require 'lp_list.php'; }

18
main/newscorm/lp_impress.php
Unescape View File

@ -40,7 +40,7 @@ if (!api_is_allowed_to_edit(null, true) && intval($visibility) == 0) {
}
if (empty($_SESSION['oLP'])) {
api_not_allowed();
api_not_allowed(true);
}
$debug = 0;
@ -56,6 +56,16 @@ $htmlHeadXtra[] = api_get_css(api_get_path(WEB_LIBRARY_PATH).'javascript/impress
$list = $_SESSION['oLP']->get_toc();
$is_allowed_to_edit = api_is_allowed_to_edit(null, true, false, false);
if ($is_allowed_to_edit) {
echo '<div style="position: fixed; top: 0px; left: 0px; pointer-events: auto;width:100%">';
global $interbreadcrumb;
$interbreadcrumb[] = array('url' => 'lp_controller.php?action=list&isStudentView=false', 'name' => get_lang('LearningPaths'));
$interbreadcrumb[] = array('url' => api_get_self()."?action=add_item&type=step&lp_id=".$_SESSION['oLP']->lp_id."&isStudentView=false", 'name' => $_SESSION['oLP']->get_name());
$interbreadcrumb[] = array('url' => '#', 'name' => get_lang('Preview'));
echo return_breadcrumb($interbreadcrumb, null, null);
echo '</div>';
}
$html = '';
$step = 1;
foreach ($list as $toc) {
@ -68,13 +78,13 @@ foreach ($list as $toc) {
$src = $_SESSION['oLP']->get_link('http', $toc['id']);
//just showing the src in a iframe ...
$html .= '<iframe border="0" frameborder="0" style="width:100%;height:600px" src="'.$src.'"></iframe>';
$html .= "</div>\n";
$html .= "</div>";
$step++;
}
//Setting the template
$tpl = new Template($tool_name);
$tpl = new Template($tool_name, false, false, true);
$tpl->assign('html', $html);
$content = $tpl->fetch('default/learnpath/impress.tpl');
$tpl->assign('content', $content);
$tpl->display_no_layout_template();
$tpl->display_one_col_template();

13
main/newscorm/lp_list.php
Unescape View File

@ -101,6 +101,7 @@ if ($is_allowed_to_edit) {
echo '</div>';
}
$token = Security::get_token();
/* DISPLAY SCORM LIST */
$categories_temp = learnpath::get_categories(api_get_course_int_id());
@ -175,10 +176,11 @@ foreach ($categories as $item) {
}
echo '</tr>';
$test_mode = api_get_setting('server_type');
$max = count($flat_list);
$counter = 0;
$current = 0;
$autolaunch_exists = false;
$autolunch_exists = false;
foreach ($flat_list as $id => $details) {
// Validation when belongs to a session
@ -260,7 +262,9 @@ foreach ($categories as $item) {
$dsp_desc = '';
$dsp_export = '';
$dsp_edit = '';
$dsp_build = '';
$dsp_edit_close = '';
$dsp_delete = '';
$dsp_visible = '';
$dsp_default_view = '';
@ -285,6 +289,7 @@ foreach ($categories as $item) {
$dsp_edit = '<td class="td_actions">';
$dsp_edit_close = '</td>';
$token_parameter = "&sec_token=$token";
if ($is_allowed_to_edit) {
// EDIT LP
if ($current_session == $details['lp_session']) {
@ -418,9 +423,10 @@ foreach ($categories as $item) {
}
/* Auto Lunch LP code */
$lp_auto_lunch_icon = '';
if (api_get_course_setting('enable_lp_auto_launch') == 1) {
if ($details['autolaunch'] == 1 && $autolaunch_exists == false) {
$autolaunch_exists = true;
if ($details['autolaunch'] == 1 && $autolunch_exists == false) {
$autolunch_exists = true;
$lp_auto_lunch_icon = '<a href="'.api_get_self().'?'.api_get_cidreq().'&action=auto_launch&status=0&lp_id='.$id.'">
<img src="../img/launch.png" border="0" title="'.get_lang('DisableLPAutoLaunch').'" /></a>';
} else {
@ -428,7 +434,6 @@ foreach ($categories as $item) {
<img src="../img/launch_na.png" border="0" title="'.get_lang('EnableLPAutoLaunch').'" /></a>';
}
}
//if (api_get_setting('pdf_export_watermark_enable') == 'true') {
$export_icon = ' <a href="'.api_get_self().'?'.api_get_cidreq().'&action=export_to_pdf&lp_id='.$id.'">
'.Display::return_icon('pdf.png', get_lang('ExportToPDFOnlyHTMLAndImages'), '', ICON_SIZE_SMALL).'</a>';

2
main/social/myfiles.php
Unescape View File

@ -101,7 +101,7 @@ if (isset($_GET['cidReq'])){
$actions = '<a href="'.api_get_path(WEB_CODE_PATH).'document/document.php?cidReq='.Security::remove_XSS($_GET['cidReq']).'&amp;id_session='.Security::remove_XSS($_GET['id_session']).'&amp;gidReq='.Security::remove_XSS($_GET['gidReq']).'&amp;id='.Security::remove_XSS($_GET['parent_id']).'">'.Display::return_icon('back.png',get_lang('BackTo').' '.get_lang('Documents').' ('.get_lang('Course').')').'</a>';
}
$social_right_content = '<div class="span9">';
$social_right_content .= '<iframe name="fileManager" id="fileManager" src="'.api_get_path(WEB_PATH).'main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/ajaxfilemanager.php?editor=stand_alone" scrolling="no" noresize="noresize" frameborder="no" style="height:450px; width:100%; float:left"></iframe>';
$social_right_content .= '<iframe name="fileManager" id="fileManager" src="'.api_get_path(WEB_PATH).'main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/ajaxfilemanager.php?editor=stand_alone" scrolling="no" noresize="noresize" frameborder="no" style="height:480px; width:100%; float:left"></iframe>';
$social_right_content .= '</div>';

29
main/survey/survey.lib.php
Unescape View File

@ -2,6 +2,8 @@
/* For licensing terms, see /license.txt */
/**
* Survey manager class
*
* @package chamilo.survey
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University: cleanup, refactoring and rewriting large parts (if not all) of the code
* @author Julio Montoya Armas <gugli100@gmail.com>, Chamilo: Personality Test modification and rewriting large parts of the code
@ -65,7 +67,7 @@ class survey_manager
*/
/**
* This function retrieves all the survey information
* Retrieves all the survey information
*
* @param integer $survey_id the id of the survey
* @param boolean $shared this parameter determines if we have to get the information of a survey from the central (shared) database or from the
@ -74,7 +76,8 @@ class survey_manager
*
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
* @version February 2007
* @assert('0') === false
* @assert ('') === false
*
* @todo this is the same function as in create_new_survey.php
*/
static function get_survey($survey_id, $shared = 0, $course_code = '', $simple_return = false)
@ -1832,27 +1835,13 @@ class ch_yesno extends survey_question
$this->html .= ' <tr>';
$this->html .= ' <td align="right"><label for="answers[0]">1</label></td>';
$this->html .= ' <td width="550">'.api_return_html_area(
'answers[0]',
stripslashes($form_content['answers'][0]),
'',
'',
null,
array('ToolbarSet' => 'Survey', 'Width' => '100%', 'Height' => '120')
).'</td>';
$this->html .= ' <td width="550">'.api_return_html_area('answers[0]', stripslashes($form_content['answers'][0]), '', '', null, array('ToolbarSet' => 'Survey', 'Width' => '100%', 'Height' => '120')).'</td>';
$this->html .= ' <td><input style="width:22px" src="../img/icons/22/down.png" type="image" class="down" value="move_down[0]" name="move_down[0]"/></td>';
$this->html .= ' </tr>';
$this->html .= ' <tr>';
$this->html .= ' <td align="right"><label for="answers[1]">2</label></td>';
//$this->html .= ' <td><input type="text" name="answers[1]" id="answers[1]" value="'.$form_content['answers'][1].'" /></td>';
$this->html .= ' <td width="550">'.api_return_html_area(
'answers[1]',
stripslashes($form_content['answers'][1]),
'',
'',
null,
array('ToolbarSet' => 'Survey', 'Width' => '100%', 'Height' => '120')
).'</td>';
$this->html .= ' <td width="550">'.api_return_html_area('answers[1]', stripslashes($form_content['answers'][1]), '', '', null, array('ToolbarSet' => 'Survey', 'Width' => '100%', 'Height' => '120')).'</td>';
$this->html .= ' <td><input style="width:22px" type="image" src="../img/icons/22/up.png" value="move_up[1]" name="move_up[1]" /></td>';
$this->html .= ' </tr>';
$this->html .= ' </table>';
@ -1873,7 +1862,11 @@ class ch_yesno extends survey_question
if (is_array($form_content['options'])) { // Check if data is correct
foreach ($form_content['options'] as $key => & $value) {
if ($form_content['display'] == 'vertical') {
$this->html .= '<label class="radio">';
} else {
$this->html .= '<label class="radio inline">';
}
$value_to_show = $value;
if (substr_count($value, '<p>') == 1) {

46
main/template/default/agenda/month.tpl
Unescape View File

@ -94,13 +94,13 @@ $(document).ready(function() {
header: {
left: 'today prev,next',
center: 'title',
right: 'month,agendaWeek,agendaDay',
right: 'month,agendaWeek,agendaDay'
},
{% if use_google_calendar == 1 %}
eventSources: [
'{{ google_calendar_url }}', //if you want to add more just add URL in this array
{
className: 'gcal-event', // an option!
className: 'gcal-event' // an option!
}
],
{% endif %}
@ -186,7 +186,7 @@ $(document).ready(function() {
$("#dialog-form").dialog("close");
}
});
},
}
},
close: function() {
$("#title").attr('value', '');
@ -219,7 +219,7 @@ $(document).ready(function() {
delay: 2000
},
content: event.description,
position: { at:'top left' , my:'bottom left'},
position: { at:'top left' , my:'bottom left'}
});
}
@ -265,6 +265,14 @@ $(document).ready(function() {
$('#end_date').html(' '+calEvent.end.getDate() +"/"+ my_end_month +"/"+calEvent.end.getFullYear());
}
/*$("#title").attr('value', calEvent.title);
$("#content").attr('value', calEvent.description);*/
$("#title_edit").html(calEvent.title);
$("#content_edit").html(calEvent.description);
$("#title_edit").show();
$("#content_edit").show();
$("#title").attr('value', calEvent.title);
$("#content").attr('value', calEvent.description);
@ -289,6 +297,7 @@ $(document).ready(function() {
url = "ical_export.php?id=" + calEvent.id+'&course_id='+calEvent.course_id+"&class=public";
window.location.href = url;
},
{% if type == 'not_available' %}
'{{ "Edit"|get_lang }}' : function() {
var bValid = true;
@ -313,6 +322,13 @@ $(document).ready(function() {
}
});
},
{% endif %}
'{{ "Edit"|get_lang }}' : function() {
url = "agenda.php?action=edit&type=fromjs&id=" + calEvent.id+'&course_id='+calEvent.course_id+"";
window.location.href = url;
$("#dialog-form").dialog( "close" );
},
'{{ "Delete"|get_lang }}': function() {
$.ajax({
url: delete_url,
@ -330,6 +346,14 @@ $(document).ready(function() {
close: function() {
$("#title").attr('value', '');
$("#content").attr('value', '');
$("#title").show();
$("#content").show();
$("#title_edit").html('');
$("#content_edit").html('');
$("#title").attr('value', '');
$("#content").attr('value', '');
}
});
} else { //simple form
@ -426,41 +450,43 @@ $(document).ready(function() {
{% if visible_to is not null %}
<div id="visible_to_input" class="control-group">
<label class="control-label" for="date">{{"To"|get_lang}}</label>
<label class="control-label">{{ "To"|get_lang }}</label>
<div class="controls">
{{visible_to}}
</div>
</div>
{% endif %}
<div id="visible_to_read_only" class="control-group" style="display:none">
<label class="control-label" for="date">{{"To"|get_lang}}</label>
<label class="control-label">{{ "To"|get_lang }}</label>
<div class="controls">
<div id="visible_to_read_only_users"></div>
</div>
</div>
<div class="control-group">
<label class="control-label" for="date">{{"Agenda"|get_lang}}</label>
<label class="control-label">{{ "Agenda"|get_lang }}</label>
<div class="controls">
<div id="color_calendar"></div>
</div>
</div>
<div class="control-group">
<label class="control-label" for="date">{{"Date"|get_lang}}</label>
<label class="control-label" for="end_date">{{"Date"|get_lang}}</label>
<div class="controls">
<span id="start_date"></span><span id="end_date"></span>
</div>
</div>
<div class="control-group">
<label class="control-label" for="name">{{"Title"|get_lang}}</label>
<label class="control-label" for="title">{{ "Title"|get_lang }}</label>
<div class="controls">
<input type="text" name="title" id="title" size="40" />
<span id="title_edit"></span>
</div>
</div>
<div class="control-group">
<label class="control-label" for="name">{{"Description"|get_lang}}</label>
<label class="control-label" for="content">{{ "Description"|get_lang }}</label>
<div class="controls">
<textarea name="content" id="content" class="span3" rows="5"></textarea>
<span id="content_edit"></span>
</div>
</div>

21
main/template/default/auth/courses_categories.php
Unescape View File

@ -29,14 +29,26 @@ $stok = Security::get_token();
});
</script>
<?php if (!isset($_GET['hidden_links']) || ($_GET['hidden_links']) != 1) { ?>
<div class="row">
<div class="span3">
<div id="course_category_well" class="well">
<ul class="nav nav-list">
<?php if (intval($_GET['hidden_links']) != 1) { ?>
<div class="actions">
<form class="form-search" method="post" action="<?php echo api_get_self(); ?>?action=subscribe&amp;hidden_links=0">
<fieldset>
<input type="hidden" name="sec_token" value="<?php echo $stok; ?>">
<input type="hidden" name="search_course" value="1" />
<input type="text" name="search_term" value="<?php echo (empty($_POST['search_term']) ? '' : api_htmlentities(Security::remove_XSS($_POST['search_term']))); ?>" />
&nbsp;<button class="search" type="submit"><?php echo get_lang('SearchCourse'); ?></button>
<div class="control-group">
<div class="controls">
<div class="input-append">
<input class="span2" type="text" name="search_term" value="<?php echo (empty($_POST['search_term']) ? '' : api_htmlentities(Security::remove_XSS($_POST['search_term']))); ?>" />
<button class="btn" type="submit"><?php echo get_lang('Search'); ?></button>
</div>
</div>
</div>
</fieldset>
</form>
</div>
<?php
@ -97,7 +109,7 @@ $stok = Security::get_token();
if ($code == $subcategory2_code) {
$subcategory2_link = '<strong>'.$subcategory2_name.' ('.$count_courses_lv3.')</strong>';
} else {
$subcategory2_link = '<a href="'. api_get_self().'?action=display_courses&amp;category_code='.$subcategory2_code.'&amp;hidden_links='.$hidden_links.'">'.$subcategory2_name.' ('.$count_courses_lv3.') </a>';
$subcategory2_link = '<a href="'. api_get_self().'?action=display_courses&amp;category_code='.$subcategory2_code.'&amp;hidden_links='.$hidden_links.'">'.$subcategory2_name.'</a> ('.$count_courses_lv3.')';
}
echo '<li style="margin-left:40px;">'.$subcategory2_link.'</li>';
@ -120,6 +132,7 @@ $stok = Security::get_token();
}
}
}
}
?>
</div>
</div>

2
main/template/default/layout/head.tpl
Unescape View File

@ -229,7 +229,7 @@ $(function() {
active: false, // all items closed by default
collapsible: true,
header: ".accordion-heading"
})
});
//Global popup
$('.ajax').on('click', function() {

2
main/webservices/courses_list.soap.php
Unescape View File

@ -93,7 +93,7 @@ function WSCourseList($username, $signature, $visibilities = 'public') {
if (!api_is_valid_secret_key($signature, $local_key)) {
return -1; // The secret key is incorrect.
}
//public-registered = open
$vis = array('public' => '3', 'public-registered' => '2', 'private' => '1', 'closed' => '0');
$courses_list = array();

87
main/webservices/registration.soap.php
Unescape View File

@ -1432,6 +1432,14 @@ function WSEditUsers($params)
if (!is_null($auth_source)) {
$sql .= " auth_source='".Database::escape_string($auth_source)."',";
}
$sqladmin = "SELECT user_id FROM $t_admin WHERE user_id = ".intval($user_id);
$resadmin = Database::query($sqladmin);
$is_admin = Database::num_rows($resadmin);
if (empty($status) && $is_admin) {
$status = 1;
} else {
$status = 5;
}
$sql .= "
email='".Database::escape_string($email)."',
status='".Database::escape_string($status)."',
@ -1581,6 +1589,14 @@ function WSEditUser($params)
if (!is_null($auth_source)) {
$sql .= " auth_source='".Database::escape_string($auth_source)."',";
}
$sqladmin = "SELECT user_id FROM $t_admin WHERE user_id = ".intval($user_id);
$resadmin = Database::query($sqladmin);
$is_admin = Database::num_rows($resadmin);
if (empty($status) && $is_admin) {
$status = 1;
} else {
$status = 5;
}
$sql .= "
email='".Database::escape_string($email)."',
status='".Database::escape_string($status)."',
@ -1803,6 +1819,14 @@ function WSEditUsersPasswordCrypted($params)
if (!is_null($auth_source)) {
$sql .= " auth_source='".Database::escape_string($auth_source)."',";
}
$sqladmin = "SELECT user_id FROM $t_admin WHERE user_id = ".intval($user_id);
$resadmin = Database::query($sqladmin);
$is_admin = Database::num_rows($resadmin);
if (empty($status) && $is_admin) {
$status = 1;
} else {
$status = 5;
}
$sql .= "
email='".Database::escape_string($email)."',
status='".Database::escape_string($status)."',
@ -1977,6 +2001,14 @@ function WSEditUserPasswordCrypted($params)
if (!is_null($auth_source)) {
$sql .= " auth_source='".Database::escape_string($auth_source)."',";
}
$sqladmin = "SELECT user_id FROM $t_admin WHERE user_id = ".intval($user_id);
$resadmin = Database::query($sqladmin);
$is_admin = Database::num_rows($resadmin);
if (empty($status) && $is_admin) {
$status = 1;
} else {
$status = 5;
}
$sql .= "
email='".Database::escape_string($email)."',
status='".Database::escape_string($status)."',
@ -4101,8 +4133,7 @@ $server->wsdl->addComplexType(
);
// Register the method to expose
$server->register(
'WSGetUser', // method name
$server->register('WSGetUser', // method name
array('GetUser' => 'tns:GetUserArg'), // input parameters
array('return' => 'tns:User'), // output parameters
'urn:WSRegistration', // namespace
@ -4113,8 +4144,7 @@ $server->register(
);
// define the method WSSubscribeUserToCourse
function WSGetUser($params)
{
function WSGetUser($params) {
global $debug;
if ($debug) {
error_log('WSGetUser');
@ -4146,7 +4176,56 @@ function WSGetUser($params)
$result['firstname'] = $user_data['firstname'];
$result['lastname'] = $user_data['lastname'];
}
return $result;
}
$server->wsdl->addComplexType(
'GetUserArgUsername',
'complexType',
'struct',
'all',
'',
array(
'username' => array('name' => 'username', 'type' => 'xsd:string'),
'secret_key' => array('name' => 'secret_key','type' => 'xsd:string')
)
);
// Register the method to expose
$server->register('WSGetUserFromUsername', // method name
array('GetUserFromUsername' => 'tns:GetUserArgUsername'),// input params
array('return' => 'tns:User'), // output parameters
'urn:WSRegistration', // namespace
'urn:WSRegistration#WSGetUserFromUsername', // soapaction
'rpc', // style
'encoded', // use
'This service get user information by username' // documentation
);
// define the method WSSubscribeUserToCourse
function WSGetUserFromUsername($params) {
global $debug;
if ($debug) error_log('WSGetUserFromUsername');
if ($debug) error_log('$params: '.print_r($params, 1));
if (!WSHelperVerifyKey($params)) {
return return_error(WS_ERROR_SECRET_KEY);
}
$result = array();
// Get user id
$user_data = UserManager::get_user_info($params['username']);
if (empty($user_data)) {
// If user was not found, there was a problem
$result['user_id'] = '';
$result['firstname'] = '';
$result['lastname'] = '';
} else {
$result['user_id'] = $user_data['user_id'];
$result['firstname'] = $user_data['firstname'];
$result['lastname'] = $user_data['lastname'];
}
return $result;
}

18
main/webservices/user_info.soap.php
Unescape View File

@ -17,7 +17,7 @@ $server = new soap_server();
// Initialize WSDL support
$server->configureWSDL('WSUserInfo', 'urn:WSUserInfo');
/* Register DokeosWSCourseList function */
/* Register WSCourseList function */
// Register the data structures used by the service
$server->wsdl->addComplexType(
@ -50,12 +50,12 @@ $server->wsdl->addComplexType(
);
// Register the method to expose
$server->register('DokeosWSCourseListOfUser', // method name
$server->register('WSCourseListOfUser', // method name
array('username' => 'xsd:string',
'signature' => 'xsd:string'), // input parameters
array('return' => 'xsd:Array'), // output parameters
'urn:WSUserInfo', // namespace
'urn:WSUserInfo#DokeosWSUserInfo', // soapaction
'urn:WSUserInfo#WSUserInfo', // soapaction
'rpc', // style
'encoded', // use
'This service returns a list of courses' // documentation
@ -65,11 +65,11 @@ $server->register('DokeosWSCourseListOfUser', // method name
* Get a list of courses (code, url, title, teacher, language) for a specific
* user and return to caller
* Function registered as service. Returns strings in UTF-8.
* @param string User name in Dokeos
* @param string User name in Chamilo
* @param string Signature (composed of the sha1(username+apikey)
* @return array Courses list (code=>[title=>'title',url='http://...',teacher=>'...',language=>''],code=>[...],...)
*/
function DokeosWSCourseListOfUser($username, $signature) {
function WSCourseListOfUser($username, $signature) {
if (empty($username) or empty($signature)) { return -1; }
global $_configuration;
@ -96,7 +96,7 @@ function DokeosWSCourseListOfUser($username, $signature) {
return $courses_list;
}
/* Register DokeosWSEventsList function */
/* Register WSEventsList function */
// Register the data structures used by the service
$server->wsdl->addComplexType(
'eventDetails',
@ -128,14 +128,14 @@ $server->wsdl->addComplexType(
);
// Register the method to expose
$server->register('DokeosWSEventsList', // method name
$server->register('WSEventsList', // method name
array('username' => 'xsd:string',
'signature' => 'xsd:string',
'datestart' => 'xsd:int',
'dateend' => 'xsd:int'), // input parameters
array('return' => 'xsd:Array'), // output parameters
'urn:WSUserInfo', // namespace
'urn:WSUserInfo#DokeosWSEventsList', // soapaction
'urn:WSUserInfo#WSEventsList', // soapaction
'rpc', // style
'encoded', // use
'This service returns a list of events of the courses the given user is subscribed to' // documentation
@ -150,7 +150,7 @@ $server->register('DokeosWSEventsList', // method name
* @param int End date, in YYYYMMDD format
* @return array Events list
*/
function DokeosWSEventsList($username, $signature, $datestart = 0, $dateend = 0) {
function WSEventsList($username, $signature, $datestart = 0, $dateend = 0) {
if (empty($username) or empty($signature)) { return -1; }
global $_configuration;

Some files were not shown because too many files have changed in this diff Show More

Write Preview
Loading…
Cancel
Save