chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

More fixes in the terms and condition page see #4851

Browse Source
skala
Julio Montoya 14 years ago
parent 8609d06019
commit 9cf3677546
5 changed files with 205 additions and 234 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 3
      index.php
  2. 11
      main/admin/configure_inscription.php
  3. 114
      main/auth/inscription.php
  4. 14
      main/inc/lib/main_api.lib.php
  5. 41
      main/inc/local.inc.php

3
index.php
Unescape View File

@ -77,8 +77,7 @@ if (isset($_GET['submitAuth']) && $_GET['submitAuth'] == 1) {
// Delete session neccesary for legal terms
if (api_get_setting('allow_terms_conditions') == 'true') {
unset($_SESSION['update_term_and_condition']);
unset($_SESSION['info_current_user']);
unset($_SESSION['term_and_condition']);
}
//If we are not logged in and customapages activated
if (!api_get_user_id() && CustomPages::enabled()) {

11
main/admin/configure_inscription.php
Unescape View File

@ -184,7 +184,7 @@ if (!empty($_GET['openid_msg']) && $_GET['openid_msg'] == 'idnotfound') {
$form = new FormValidator('registration');
if (get_setting('allow_terms_conditions') == 'true') {
$display_all_form = !isset($_SESSION['update_term_and_condition'][1]);
$display_all_form = !isset($_SESSION['update_term_and_condition']['user_id']);
} else {
$display_all_form = true;
}
@ -300,10 +300,11 @@ if (get_setting('allow_terms_conditions') == 'true') {
// Version and language //password
$form->addElement('hidden', 'legal_accept_type', $term_preview['version'].':'.$term_preview['language_id']);
$form->addElement('hidden', 'legal_info', $term_preview['legal_id'].':'.$term_preview['language_id']);
if (isset($_SESSION['info_current_user'][1]) && isset($_SESSION['info_current_user'][2])) {
$form->addElement('hidden', 'login', $_SESSION['info_current_user'][1]);
$form->addElement('hidden', 'password', $_SESSION['info_current_user'][2]);
}
/*if (isset($_SESSION['term_and_condition']['user_id']) && isset($_SESSION['term_and_condition']['password'])) {
$form->addElement('hidden', 'login', $_SESSION['term_and_condition']['user_id']);
$form->addElement('hidden', 'password', $_SESSION['term_and_condition']['password']);
}*/
if ($term_preview['type'] == 1) {
$form->addElement('checkbox', 'legal_accept', null, get_lang('IHaveReadAndAgree').'&nbsp;<a href="inscription.php?legal" target="_blank">'.get_lang('TermsAndConditions').'</a>');
$form->addRule('extra_legal_accept', get_lang('ThisFieldIsRequired'), 'required');

114
main/auth/inscription.php
Unescape View File

@ -9,6 +9,7 @@
use \ChamiloSession as Session;
$language_file = array('registration', 'admin');
if (!empty($_POST['language'])) { //quick hack to adapt the registration form result to the selected registration language
$_GET['language'] = $_POST['language'];
}
@ -23,15 +24,16 @@ if (!empty($_SESSION['user_language_choice'])) {
} else {
$user_selected_language = get_setting('platformLanguage');
}
$form = new FormValidator('registration');
if (api_get_setting('allow_terms_conditions') == 'true') {
$display_all_form = !isset($_SESSION['update_term_and_condition'][1]);
$user_already_registered_show_terms = isset($_SESSION['term_and_condition']['user_id']);
} else {
$display_all_form = true;
$user_already_registered_show_terms = false;
}
if ($display_all_form) {
if ($user_already_registered_show_terms == false) {
if (api_is_western_name_order()) {
// FIRST NAME and LAST NAME
$form->addElement('text', 'firstname', get_lang('FirstName'), array('size' => 40));
@ -87,6 +89,7 @@ if ($display_all_form) {
$form->addRule('pass1', get_lang('ThisFieldIsRequired'), 'required');
$form->addRule('pass2', get_lang('ThisFieldIsRequired'), 'required');
$form->addRule(array('pass1', 'pass2'), get_lang('PassTwo'), 'compare');
if (CHECK_PASS_EASY_TO_FIND)
$form->addRule('password1', get_lang('PassTooEasy').': '.api_generate_password(), 'callback', 'api_check_password');
@ -202,11 +205,11 @@ if (!CustomPages::enabled()) {
$tool_name = get_lang('Registration', null, (!empty($_POST['language'])?$_POST['language']:$_user['language']));
if (api_get_setting('allow_terms_conditions') == 'true') {
if (api_get_setting('allow_terms_conditions') == 'true' && $user_already_registered_show_terms) {
$tool_name = get_lang('TermsAndConditions');
}
Display :: display_header($tool_name);
Display :: display_header($tool_name);
echo Display::page_header($tool_name);
$home = api_get_path(SYS_PATH).'home/';
@ -268,11 +271,7 @@ if (api_get_setting('allow_terms_conditions') == 'true') {
// Version and language
$form->addElement('hidden', 'legal_accept_type', $term_preview['version'].':'.$term_preview['language_id']);
$form->addElement('hidden', 'legal_info', $term_preview['legal_id'].':'.$term_preview['language_id']);
// Password
if (isset($_SESSION['info_current_user'][1]) && isset($_SESSION['info_current_user'][2])) {
$form->addElement('hidden', 'login', $_SESSION['info_current_user'][1]);
$form->addElement('hidden', 'password', $_SESSION['info_current_user'][2]);
}
if ($term_preview['type'] == 1) {
$form->addElement('checkbox', 'legal_accept', null, get_lang('IHaveReadAndAgree').'&nbsp;<a href="inscription.php?legal" target="_blank">'.get_lang('TermsAndConditions').'</a>');
$form->addRule('legal_accept', get_lang('ThisFieldIsRequired'), 'required');
@ -287,11 +286,7 @@ if (api_get_setting('allow_terms_conditions') == 'true') {
$form->addElement('button', 'submit', get_lang('RegisterUser'));
if ($form->validate()) {
/*
STORE THE NEW USER DATA INSIDE THE MAIN DATABASE
*/
$values = $form->exportValues();
$values['username'] = api_substr($values['username'], 0, USERNAME_MAX_LENGTH); //make *sure* the login isn't too long
if (api_get_setting('allow_registration_as_teacher') == 'false') {
@ -306,22 +301,14 @@ if ($form->validate()) {
$values['username'] = $values['email'];
}
// creating a new user
if ($user_already_registered_show_terms && api_get_setting('allow_terms_conditions') == 'true') {
$user_id = $_SESSION['term_and_condition']['user_id'];
$is_admin = UserManager::is_admin($user_id);
Session::write('is_platformAdmin', $is_admin);
} else {
// Creates a new user
$user_id = UserManager::create_user($values['firstname'], $values['lastname'], $values['status'], $values['email'], $values['username'], $values['pass1'], $values['official_code'], $values['language'], $values['phone'], $picture_uri, PLATFORM_AUTH_SOURCE, null, 1, 0, null, null, true);
// Terms & Conditions
if (api_get_setting('allow_terms_conditions') == 'true') {
// update the terms & conditions
if (isset($values['legal_accept_type'])) {
$cond_array = explode(':', $values['legal_accept_type']);
if (!empty($cond_array[0]) && !empty($cond_array[1])) {
$time = time();
$condition_to_save = intval($cond_array[0]).':'.intval($cond_array[1]).':'.$time;
UserManager::update_extra_field_value($user_id, 'legal_accept', $condition_to_save);
}
}
}
// Register extra fields
$extras = array();
foreach ($values as $key => $value) {
@ -334,7 +321,7 @@ if ($form->validate()) {
$count_extra_field = count($extras);
if ($count_extra_field > 0) {
foreach ($extras as $key => $value) {
$myres = UserManager::update_extra_field_value($user_id, $key, $value);
UserManager::update_extra_field_value($user_id, $key, $value);
}
}
@ -422,6 +409,22 @@ if ($form->validate()) {
}
exit;
}
}
}
// Terms & Conditions
if (api_get_setting('allow_terms_conditions') == 'true') {
// update the terms & conditions
if (isset($values['legal_accept_type'])) {
$cond_array = explode(':', $values['legal_accept_type']);
if (!empty($cond_array[0]) && !empty($cond_array[1])) {
$time = time();
$condition_to_save = intval($cond_array[0]).':'.intval($cond_array[1]).':'.$time;
UserManager::update_extra_field_value($user_id, 'legal_accept', $condition_to_save);
}
}
$values = api_get_user_info($user_id);
}
/* SESSION REGISTERING */
$_user['firstName'] = stripslashes($values['firstname']);
@ -430,56 +433,32 @@ if ($form->validate()) {
$_user['language'] = $values['language'];
$_user['user_id'] = $user_id;
$is_allowedCreateCourse = $values['status'] == 1;
Session::write('_user', $_user);
Session::write('is_allowedCreateCourse', $is_allowedCreateCourse);
//stats
event_login();
// last user login date is now
$user_last_login_datetime = 0; // used as a unix timestamp it will correspond to : 1 1 1970
Session::write('user_last_login_datetime', $user_last_login_datetime);
/* EMAIL NOTIFICATION */
//already added in UserManager::add_user();
/*
if (strpos($values['email'], '@') !== false) {
// Let us predefine some variables. Be sure to change the from address!
$recipient_name = api_get_person_name($values['firstname'], $values['lastname']);
$email = $values['email'];
$emailfromaddr = api_get_setting('emailAdministrator');
$emailfromname = api_get_setting('siteName');
$emailsubject = '['.api_get_setting('siteName').'] '.get_lang('YourReg',null,$_user['language']).' '.api_get_setting('siteName');
// The body can be as long as you wish, and any combination of text and variables
$portal_url = $_configuration['root_web'];
if ($_configuration['multiple_access_urls']) {
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1 ){
$url = api_get_access_url($access_url_id);
$portal_url = $url['url'];
}
}
$emailbody = get_lang('Dear',null,$_user['language']).' '.stripslashes(Security::remove_XSS($recipient_name)).",\n\n".get_lang('YouAreReg',null,$_user['language']).' '.api_get_setting('siteName').' '.get_lang('WithTheFollowingSettings',null,$_user['language'])."\n\n".get_lang('Username',null,$_user['language']).' : '.$values['username']."\n".get_lang('Pass',null,$_user['language']).' : '.stripslashes($values['pass1'])."\n\n".get_lang('Address',null,$_user['language']).' '.api_get_setting('siteName').' '.get_lang('Is',null,$_user['language']).' : '.$portal_url."\n\n".get_lang('Problem',null,$_user['language'])."\n\n".get_lang('Formula',null,$_user['language']).",\n\n".api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'))."\n".get_lang('Manager',null,$_user['language']).' '.api_get_setting('siteName')."\nT. ".api_get_setting('administratorTelephone')."\n".get_lang('Email',null,$_user['language']).' : '.api_get_setting('emailAdministrator');
// Here we are forming one large header line
// Every header must be followed by a \n except the last
$sender_name = api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'), null, PERSON_NAME_EMAIL_ADDRESS);
$email_admin = api_get_setting('emailAdministrator');
@api_mail($recipient_name, $email, $emailsubject, $emailbody, $sender_name, $email_admin);
}*/
}
$recipient_name = api_get_person_name($values['firstname'], $values['lastname']);
$display_text = '<p>'.get_lang('Dear',null, $_user['language']).' '.stripslashes(Security::remove_XSS($recipient_name)).',<br /><br />'.get_lang('PersonalSettings',null,$_user['language']).".</p>\n";
if (api_get_setting('allow_terms_conditions') == 'true' && $user_already_registered_show_terms) {
$button_text = get_lang('Next',null,$_user['language']);
$action_url = api_get_path(WEB_PATH).'user_portal.php';
} else {
if (!empty ($values['email'])) {
$display_text.= '<p>'.get_lang('MailHasBeenSent',null,$_user['language']).'.</p>';
}
$button_text = '';
if ($is_allowedCreateCourse) {
$display_text .= '<p>'. get_lang('NowGoCreateYourCourse',null,$_user['language']). ".</p>\n";
$display_text .= '<p>'. get_lang('NowGoCreateYourCourse',null,$_user['language']). ".</p>";
$action_url = '../create_course/add_course.php';
$button_text = api_get_setting('course_validation') == 'true'
? get_lang('CreateCourseRequest', null, $_user['language'])
@ -489,13 +468,12 @@ if ($form->validate()) {
$action_url = 'courses.php?action=subscribe';
else
$action_url = api_get_path(WEB_PATH).'user_portal.php';
$display_text.='<p>'. get_lang('NowGoChooseYourCourses',null,$_user['language']). ".</p>\n";
$display_text.='<p>'. get_lang('NowGoChooseYourCourses',null,$_user['language']). ".</p>";
$button_text = get_lang('Next',null,$_user['language']);
}
// ?uidReset=true&uidReq=$_user['user_id']
$display_text .= '<form action="'. $action_url. '" method="post">'. "\n". '<button type="submit" class="next" name="next" value="'. get_lang('Next',null,$_user['language']). '" validationmsg=" '. get_lang('Next',null,$_user['language']). ' ">'. $button_text. '</button>'. "\n". '</form><br />'. "\n";
}
$display_text .= '<form action="'. $action_url. '" method="post">
<button type="submit" class="next" name="next" value="'. get_lang('Next', null, $_user['language']). '" validationmsg=" '. get_lang('Next',null,$_user['language']). ' ">'. $button_text. '</button>'. "\n". '</form><br />'. "\n";
if (CustomPages::enabled()) {
CustomPages::display(CustomPages::REGISTRATION_FEEDBACK, array('info' => $display_text));
}

14
main/inc/lib/main_api.lib.php
Unescape View File

@ -5122,19 +5122,21 @@ function api_get_tools_lists($my_tool = null) {
*/
function api_check_term_condition($user_id) {
if (api_get_setting('allow_terms_conditions') == 'true') {
require_once api_get_path(LIBRARY_PATH).'legal.lib.php';
$t_uf = Database::get_main_table(TABLE_MAIN_USER_FIELD);
$t_ufv = Database::get_main_table(TABLE_MAIN_USER_FIELD_VALUES);
//check if exists terms and conditions
if (LegalManager::count() == 0) {
return true;
}
// Check the last user version_id passed
$sqlv = "SELECT field_value FROM $t_ufv ufv inner join $t_uf uf on ufv.field_id= uf.id
WHERE field_variable = 'legal_accept' AND user_id = ".intval($user_id);
$resv = Database::query($sqlv);
if (Database::num_rows($resv) > 0) {
$rowv = Database::fetch_row($resv);
$sql = "SELECT field_value FROM $t_ufv ufv inner join $t_uf uf on ufv.field_id= uf.id
WHERE field_value <> '' AND field_variable = 'legal_accept' AND user_id = ".intval($user_id);
$res = Database::query($sql);
if (Database::num_rows($res) > 0) {
$rowv = Database::fetch_row($res);
$rowv = $rowv[0];
$user_conditions = explode(':', $rowv);
$version = $user_conditions[0];

41
main/inc/local.inc.php
Unescape View File

@ -132,11 +132,6 @@
//require_once api_get_path(LIBRARY_PATH).'conditionallogin.lib.php'; moved to autologin
// verified if exists the username and password in session current
//moved to autologin
//if (isset($_SESSION['info_current_user'][1]) && isset($_SESSION['info_current_user'][2])) {
// require_once api_get_path(LIBRARY_PATH).'legal.lib.php';
//}
use \ChamiloSession as Session;
//Conditional login
@ -192,17 +187,16 @@ if (!empty($_SESSION['_user']['user_id']) && ! ($login || $logout)) {
unset($_user['user_id']);
}
//$_SESSION['info_current_user'][1] is user name
//$_SESSION['info_current_user'][2] is current password encrypted
//$_SESSION['update_term_and_condition'][1] is current user id, of user in session
if (api_get_setting('allow_terms_conditions')=='true') {
if (isset($_POST['login']) && isset($_POST['password']) && isset($_SESSION['update_term_and_condition'][1])) {
$user_id = $_SESSION['update_term_and_condition'][1]; // user id
if (isset($_POST['login']) && isset($_POST['password']) && isset($_SESSION['term_and_condition']['user_id'])) {
$user_id = $_SESSION['term_and_condition']['user_id']; // user id
// update the terms & conditions
$legal_type = null;
//verify type of terms and conditions
if (isset($_POST['legal_info'])) {
$info_legal = explode(':', $_POST['legal_info']);
$legal_type = LegalManager::get_type_of_terms_and_conditions($info_legal[0], $info_legal[1]);
}
//is necessary verify check
if ($legal_type == 1) {
@ -213,6 +207,7 @@ if (!empty($_SESSION['_user']['user_id']) && ! ($login || $logout)) {
}
}
//no is check option
if ($legal_type == 0) {
$legal_option=true;
@ -242,6 +237,7 @@ if (!empty($_SESSION['_user']['user_id']) && ! ($login || $logout)) {
$cas_login = cas_is_authenticated();
}
if ( ( isset($_POST['login']) AND isset($_POST['password']) ) OR ($cas_login) ) {
// $login && $password are given to log in
if ( $cas_login && empty($_POST['login']) ) {
$login = $cas_login;
@ -261,29 +257,24 @@ if (!empty($_SESSION['_user']['user_id']) && ! ($login || $logout)) {
if ($uData['auth_source'] == PLATFORM_AUTH_SOURCE || $uData['auth_source'] == CAS_AUTH_SOURCE) {
//the authentification of this user is managed by Chamilo itself
$password = trim(stripslashes($password));
$password = api_get_encrypted_password(trim(stripslashes($password)));
if (api_get_setting('allow_terms_conditions')=='true') {
if (isset($_POST['password']) && isset($_SESSION['info_current_user'][2]) && $_POST['password']==$_SESSION['info_current_user'][2]) {
$password=$_POST['password'];
} else {
$password = api_get_encrypted_password($password);
}
} else {
$password = api_get_encrypted_password($password);
}
if (api_get_setting('allow_terms_conditions')=='true') {
if ($password == $uData['password'] AND (trim($login) == $uData['username']) OR $cas_login ) {
$temp_user_id = $uData['user_id'];
$term_and_condition_status = api_check_term_condition($temp_user_id);//false or true
if ($term_and_condition_status === false) {
$_SESSION['update_term_and_condition']=array(true,$temp_user_id);
$_SESSION['info_current_user']=array(true,$login,$password);
$_SESSION['term_and_condition'] = array('user_id' => $temp_user_id,
'login' => $login,
'password' => $password,
'update_term_status' => true,
);
header('Location: '.api_get_path(WEB_CODE_PATH).'auth/inscription.php');
exit;
} else {
unset($_SESSION['update_term_and_condition']);
unset($_SESSION['info_current_user']);
unset($_SESSION['term_and_condition']);
}
}
}

Write Preview
Loading…
Cancel
Save