From 9cf881588cab10d34022d1145711359772bf05e4 Mon Sep 17 00:00:00 2001 From: Julio Date: Fri, 22 Mar 2019 15:49:55 +0100 Subject: [PATCH] Fix template twig class errors #2857 --- main/inc/lib/UnserializeApi.php | 123 ++++++++++++++++++++++ main/inc/lib/api.lib.php | 175 ++++++++++++++++++++++++++++++-- main/inc/lib/template.lib.php | 74 +++++--------- main/inc/lib/tracking.lib.php | 34 +++++++ 4 files changed, 354 insertions(+), 52 deletions(-) create mode 100644 main/inc/lib/UnserializeApi.php diff --git a/main/inc/lib/UnserializeApi.php b/main/inc/lib/UnserializeApi.php new file mode 100644 index 0000000000..e99ce56c7e --- /dev/null +++ b/main/inc/lib/UnserializeApi.php @@ -0,0 +1,123 @@ + $allowedClasses] + ); + } + + return Unserialize::unserialize( + $serialized, + ['allowed_classes' => $allowedClasses] + ); + } +} diff --git a/main/inc/lib/api.lib.php b/main/inc/lib/api.lib.php index 9b7adbebe0..5f2783338a 100644 --- a/main/inc/lib/api.lib.php +++ b/main/inc/lib/api.lib.php @@ -281,6 +281,7 @@ define('LOG_MY_FOLDER_NEW_PATH', 'new_path'); define('LOG_TERM_CONDITION_ACCEPTED', 'term_condition_accepted'); define('LOG_USER_CONFIRMED_EMAIL', 'user_confirmed_email'); define('LOG_USER_REMOVED_LEGAL_ACCEPT', 'user_removed_legal_accept'); + define('LOG_USER_DELETE_ACCOUNT_REQUEST', 'user_delete_account_request'); define('LOG_QUESTION_CREATED', 'question_created'); @@ -475,7 +476,9 @@ define('RESULT_DISABLE_SHOW_FINAL_SCORE_ONLY_WITH_CATEGORIES', 3); //Show final define('RESULT_DISABLE_SHOW_SCORE_ATTEMPT_SHOW_ANSWERS_LAST_ATTEMPT', 4); define('RESULT_DISABLE_DONT_SHOW_SCORE_ONLY_IF_USER_FINISHES_ATTEMPTS_SHOW_ALWAYS_FEEDBACK', 5); define('RESULT_DISABLE_RANKING', 6); -// 4: Show final score only with categories and show expected answers only on the last attempt +define('RESULT_DISABLE_SHOW_ONLY_IN_CORRECT_ANSWER', 7); + +// 4: Show final score only with and show expected answers only on the last attempt define('EXERCISE_MAX_NAME_SIZE', 80); @@ -582,6 +585,7 @@ define('MESSAGE_STATUS_WALL', '8'); define('MESSAGE_STATUS_WALL_DELETE', '9'); define('MESSAGE_STATUS_WALL_POST', '10'); define('MESSAGE_STATUS_CONVERSATION', '11'); +define('MESSAGE_STATUS_FORUM', '12'); // Images define('IMAGE_WALL_SMALL_SIZE', 200); @@ -1259,6 +1263,8 @@ function api_protect_admin_script($allow_sessions_admins = false, $allow_drh = f * Function used to protect a teacher script. * The function blocks access when the user has no teacher rights. * + * @return bool True if the current user can access the script, false otherwise + * * @author Yoselyn Castillo */ function api_protect_teacher_script($allow_sessions_admins = false) @@ -1697,11 +1703,11 @@ function api_get_user_info( $result = Database::query($sql); if (Database::num_rows($result) > 0) { $result_array = Database::fetch_array($result); + $result_array['user_is_online_in_chat'] = 0; if ($checkIfUserOnline) { $use_status_in_platform = user_is_online($user_id); $result_array['user_is_online'] = $use_status_in_platform; $user_online_in_chat = 0; - if ($use_status_in_platform) { $user_status = UserManager::get_extra_user_data_by_field( $user_id, @@ -1918,7 +1924,7 @@ function api_get_anonymous_id() $table = Database::get_main_table(TABLE_STATISTIC_TRACK_E_LOGIN); $tableU = Database::get_main_table(TABLE_MAIN_USER); $ip = Database::escape_string(api_get_real_ip()); - $max = api_get_configuration_value('max_anonymous_users'); + $max = (int) api_get_configuration_value('max_anonymous_users'); if ($max >= 2) { $sql = "SELECT * FROM $table as TEL JOIN $tableU as U @@ -1931,7 +1937,7 @@ function api_get_anonymous_id() if (empty(Database::num_rows($result))) { $login = uniqid('anon_'); $anonList = UserManager::get_user_list(['status' => ANONYMOUS], ['registration_date ASC']); - if (count($anonList) == $max) { + if (count($anonList) >= $max) { foreach ($anonList as $userToDelete) { UserManager::delete_user($userToDelete['user_id']); break; @@ -2857,8 +2863,11 @@ function api_get_plugin_setting($plugin, $variable) if (isset($result[$plugin])) { $value = $result[$plugin]; - if (@unserialize($value) !== false) { - $value = unserialize($value); + + $unserialized = UnserializeApi::unserialize('not_allowed_classes', $value, true); + + if (false !== $unserialized) { + $value = $unserialized; } return $value; @@ -9219,3 +9228,157 @@ function api_get_relative_path($from, $to) return implode('/', $relPath); } + +/** + * Unserialize content using Brummann\Polyfill\Unserialize. + * + * @param string $type + * @param string $serialized + * @param bool $ignoreErrors. Optional. + * + * @return mixed + */ +function api_unserialize_content($type, $serialized, $ignoreErrors = false) +{ + switch ($type) { + case 'career': + case 'sequence_graph': + $allowedClasses = [Graph::class, VerticesMap::class, Vertices::class, Edges::class]; + break; + case 'lp': + $allowedClasses = [ + learnpath::class, + learnpathItem::class, + aicc::class, + aiccBlock::class, + aiccItem::class, + aiccObjective::class, + aiccResource::class, + scorm::class, + scormItem::class, + scormMetadata::class, + scormOrganization::class, + scormResource::class, + Link::class, + LpItem::class, + ]; + break; + case 'course': + $allowedClasses = [ + Course::class, + Announcement::class, + Attendance::class, + CalendarEvent::class, + CourseCopyLearnpath::class, + CourseCopyTestCategory::class, + CourseDescription::class, + CourseSession::class, + Document::class, + Forum::class, + ForumCategory::class, + ForumPost::class, + ForumTopic::class, + Glossary::class, + GradeBookBackup::class, + Link::class, + LinkCategory::class, + Quiz::class, + QuizQuestion::class, + QuizQuestionOption::class, + ScormDocument::class, + Survey::class, + SurveyInvitation::class, + SurveyQuestion::class, + Thematic::class, + ToolIntro::class, + Wiki::class, + Work::class, + stdClass::class, + ]; + break; + case 'not_allowed_classes': + default: + $allowedClasses = false; + } + + if ($ignoreErrors) { + return @Unserialize::unserialize( + $serialized, + ['allowed_classes' => $allowedClasses] + ); + } + + return Unserialize::unserialize( + $serialized, + ['allowed_classes' => $allowedClasses] + ); +} + +/** + * Set the From and ReplyTo properties to PHPMailer instance. + * + * @param PHPMailer $mailer + * @param array $sender + * @param array $replyToAddress + * + * @throws phpmailerException + */ +function api_set_noreply_and_from_address_to_mailer(PHPMailer $mailer, array $sender, array $replyToAddress = []) +{ + $platformEmail = $GLOBALS['platform_email']; + + $noReplyAddress = api_get_setting('noreply_email_address'); + $avoidReplyToAddress = false; + + if (!empty($noReplyAddress)) { + $avoidReplyToAddress = api_get_configuration_value('mail_no_reply_avoid_reply_to'); + } + + $notification = new Notification(); + + // If the parameter is set don't use the admin. + $senderName = !empty($sender['name']) ? $sender['name'] : $notification->getDefaultPlatformSenderName(); + $senderEmail = !empty($sender['email']) ? $sender['email'] : $notification->getDefaultPlatformSenderEmail(); + + // Reply to first + if (!$avoidReplyToAddress) { + $mailer->AddCustomHeader('Errors-To: '.$notification->getDefaultPlatformSenderEmail()); + + if ( + !empty($replyToAddress) && + $platformEmail['SMTP_UNIQUE_REPLY_TO'] && + PHPMailer::ValidateAddress($replyToAddress['mail']) + ) { + $mailer->AddReplyTo($replyToAddress['email'], $replyToAddress['name']); + // Errors to sender + $mailer->AddCustomHeader('Errors-To: '.$replyToAddress['mail']); + $mailer->Sender = $replyToAddress['mail']; + } + } + + //If the SMTP configuration only accept one sender + if ( + isset($platformEmail['SMTP_UNIQUE_SENDER']) && + $platformEmail['SMTP_UNIQUE_SENDER'] + ) { + $senderName = $platformEmail['SMTP_FROM_NAME']; + $senderEmail = $platformEmail['SMTP_FROM_EMAIL']; + + if (PHPMailer::ValidateAddress($senderEmail)) { + //force-set Sender to $senderEmail, otherwise SetFrom only does it if it is currently empty + $mailer->Sender = $senderEmail; + } + } + + $mailer->SetFrom($senderEmail, $senderName, !$avoidReplyToAddress); +} + +/** + * @param string $template + * + * @return string + */ +function api_find_template($template) +{ + return Template::findTemplateFilePath($template); +} diff --git a/main/inc/lib/template.lib.php b/main/inc/lib/template.lib.php index 599ef91c1f..471278589f 100755 --- a/main/inc/lib/template.lib.php +++ b/main/inc/lib/template.lib.php @@ -123,40 +123,6 @@ class Template } } - /** - * @param string $image - * @param int $size - * - * @return string - */ - public static function get_icon_path($image, $size = ICON_SIZE_SMALL) - { - return Display::return_icon($image, '', [], $size, false, true); - } - - /** - * @param string $image - * @param int $size - * @param string $name - * - * @return string - */ - public static function get_image($image, $size = ICON_SIZE_SMALL, $name = '') - { - return Display::return_icon($image, $name, [], $size); - } - - /** - * @param string $timestamp - * @param string $format - * - * @return string - */ - public static function format_date($timestamp, $format = null) - { - return api_format_date($timestamp, $format); - } - /** * Return the item's url key:. * @@ -382,34 +348,50 @@ class Template /** * Returns the sub-folder and filename for the given tpl file. - * If template not found in overrides/ or custom template folder, the - * default template will be used. + * + * If template not found in overrides/ or custom template folder, the default template will be used. * * @param string $name * * @return string */ - public function get_template($name) + public static function findTemplateFilePath($name) { + $sysTemplatePath = api_get_path(SYS_TEMPLATE_PATH); + // Check if the tpl file is present in the main/template/overrides/ dir // Overrides is a special directory meant for temporary template // customization. It must be taken into account before anything else - $file = api_get_path(SYS_CODE_PATH).'template/overrides/'.$name; - if (is_readable($file)) { - return 'overrides/'.$name; + if (is_readable($sysTemplatePath."overrides/$name")) { + return "overrides/$name"; } + + $defaultFolder = api_get_configuration_value('default_template'); + // If a template folder has been manually defined, search for the right // file, and if not found, go for the same file in the default template - if ($this->templateFolder !== 'default') { + if ($defaultFolder && $defaultFolder != 'default') { // Avoid missing template error, use the default file. - $file = api_get_path(SYS_CODE_PATH).'template/'.$this->templateFolder.'/'.$name; - if (!file_exists($file)) { - return 'default/'.$name; + if (file_exists($sysTemplatePath."$defaultFolder/$name")) { + return "$defaultFolder/$name"; } } - $name = str_replace('tpl', 'html.twig', $name); - return $this->templateFolder.'/'.$name; + return "default/$name"; + } + + /** + * Call non-static for Template::findTemplateFilePath. + * + * @see Template::findTemplateFilePath() + * + * @param string $name + * + * @return string + */ + public function get_template($name) + { + return api_find_template($name); } /** diff --git a/main/inc/lib/tracking.lib.php b/main/inc/lib/tracking.lib.php index 257227ce7a..35336a5b1b 100755 --- a/main/inc/lib/tracking.lib.php +++ b/main/inc/lib/tracking.lib.php @@ -1613,6 +1613,40 @@ class Tracking } } + /** + * Checks if the "lp_minimum_time" feature is available for the course. + * + * @param int $sessionId + * @param int $courseId + * + * @return bool + */ + public static function minimunTimeAvailable($sessionId, $courseId) + { + if (!api_get_configuration_value('lp_minimum_time')) { + return false; + } + + if (!empty($sessionId)) { + $extraFieldValue = new ExtraFieldValue('session'); + $value = $extraFieldValue->get_values_by_handler_and_field_variable($sessionId, 'new_tracking_system'); + + if ($value && isset($value['value']) && $value['value'] == 1) { + return true; + } + } else { + if ($courseId) { + $extraFieldValue = new ExtraFieldValue('course'); + $value = $extraFieldValue->get_values_by_handler_and_field_variable($courseId, 'new_tracking_system'); + if ($value && isset($value['value']) && $value['value'] == 1) { + return true; + } + } + } + + return false; + } + /** * Calculates the time spent on the course. *