chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Replace use of $_SESSION

Browse Source
pull/2487/head
Julio 7 years ago
parent e765e4283a
commit a8ed36b0f8
5 changed files with 60 additions and 46 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 8
      main/course_progress/thematic_controller.php
  2. 6
      main/course_progress/thematic_plan.php
  3. 18
      main/lp/learnpath.class.php
  4. 70
      main/lp/lp_controller.php
  5. 4
      main/lp/openoffice_text.class.php

8
main/course_progress/thematic_controller.php
Unescape View File

@ -1,6 +1,8 @@
<?php
/* For licensing terms, see /license.txt */
use ChamiloSession as Session;
/**
* Thematic Controller script.
* Prepares the common background variables to give to the scripts corresponding to
@ -398,7 +400,8 @@ class ThematicController
($_POST['action'] == 'thematic_plan_add' || $_POST['action'] == 'thematic_plan_edit')
) {
if (isset($_POST['title'])) {
if ($_POST['thematic_plan_token'] == $_SESSION['thematic_plan_token']) {
$token = Session::read('thematic_plan_token');
if ($_POST['thematic_plan_token'] == $token) {
if (api_is_allowed_to_edit(null, true)) {
$title_list = $_REQUEST['title'];
$description_list = $_REQUEST['description'];
@ -431,8 +434,7 @@ class ThematicController
]);
} else {
$saveRedirect .= 'thematic_plan_save_message=ok';
unset($_SESSION['thematic_plan_token']);
Session::erase('thematic_plan_token');
$data['message'] = 'ok';
}

6
main/course_progress/thematic_plan.php
Unescape View File

@ -1,6 +1,8 @@
<?php
/* For licensing terms, see /license.txt */
use ChamiloSession as Session;
/**
* View (MVC patter) for thematic plan
* @author Christian Fasanando <christian1827@gmail.com>
@ -36,7 +38,7 @@ if (isset($message) && $message == 'ok') {
if ($action === 'thematic_plan_list') {
$token = Security::get_token();
ChamiloSession::write('thematic_plan_token', $token);
Session::write('thematic_plan_token', $token);
$form = new FormValidator(
'thematic_plan_add',
@ -105,7 +107,7 @@ if ($action === 'thematic_plan_list') {
}
if (!$error) {
$token = md5(uniqid(rand(), true));
$_SESSION['thematic_plan_token'] = $token;
Session::write('thematic_plan_token', $token);
}
// display form

18
main/lp/learnpath.class.php
Unescape View File

@ -6201,7 +6201,7 @@ class learnpath
'lp_controller.php?'.api_get_cidreq().'&'.http_build_query([
'gradebook' => $gradebook,
'action' => 'view',
'lp_id' => $_SESSION['oLP']->lp_id,
'lp_id' => $this->lp_id,
'isStudentView' => 'true'
])
);
@ -6209,7 +6209,7 @@ class learnpath
Display:: return_icon('upload_audio.png', get_lang('UpdateAllAudioFragments'), '', ICON_SIZE_MEDIUM),
'lp_controller.php?'.api_get_cidreq().'&'.http_build_query([
'action' => 'admin_view',
'lp_id' => $_SESSION['oLP']->lp_id,
'lp_id' => $this->lp_id,
'updateaudio' => 'true'
])
);
@ -6219,7 +6219,7 @@ class learnpath
Display::return_icon('settings.png', get_lang('CourseSettings'), '', ICON_SIZE_MEDIUM),
'lp_controller.php?'.api_get_cidreq().'&'.http_build_query([
'action' => 'edit',
'lp_id' => $_SESSION['oLP']->lp_id
'lp_id' => $this->lp_id
])
);
} else {
@ -6227,7 +6227,7 @@ class learnpath
Display::return_icon('edit.png', get_lang('Edit'), '', ICON_SIZE_MEDIUM),
'lp_controller.php?'.http_build_query([
'action' => 'build',
'lp_id' => $_SESSION['oLP']->lp_id
'lp_id' => $this->lp_id
]).'&'.api_get_cidreq()
);
}
@ -6247,18 +6247,22 @@ class learnpath
'title' => get_lang('SetPrerequisiteForEachItem'),
'href' => 'lp_controller.php?'.api_get_cidreq().'&'.http_build_query([
'action' => 'set_previous_step_as_prerequisite',
'lp_id' => $_SESSION['oLP']->lp_id
'lp_id' => $this->lp_id
])
),
array(
'title' => get_lang('ClearAllPrerequisites'),
'href' => 'lp_controller.php?'.api_get_cidreq().'&'.http_build_query([
'action' => 'clear_prerequisites',
'lp_id' => $_SESSION['oLP']->lp_id
'lp_id' => $this->lp_id
])
),
);
$actionsRight = Display::groupButtonWithDropDown(get_lang('PrerequisitesOptions'), $buttons, true);
$actionsRight = Display::groupButtonWithDropDown(
get_lang('PrerequisitesOptions'),
$buttons,
true
);
}
$toolbar = Display::toolbarAction('actions-lp-controller', array($actionsLeft, $actionsRight));

70
main/lp/lp_controller.php
Unescape View File

@ -205,8 +205,8 @@ api_protect_course_script(true);
$lpfound = false;
$myrefresh = 0;
$myrefresh_id = 0;
if (!empty($_SESSION['refresh']) && $_SESSION['refresh'] == 1) {
$refresh = Session::read('refresh');
if ($refresh == 1) {
// Check if we should do a refresh of the oLP object (for example after editing the LP).
// If refresh is set, we regenerate the oLP object from the database (kind of flush).
Session::erase('refresh');
@ -222,10 +222,10 @@ if (!empty($_REQUEST['dialog_box'])) {
$lp_controller_touched = 1;
$lp_found = false;
if (isset($_SESSION['lpobject'])) {
$lpObject = Session::read('lpobject');
if (!empty($lpObject)) {
if ($debug > 0) error_log('New LP - SESSION[lpobject] is defined', 0);
$oLP = unserialize($_SESSION['lpobject']);
$oLP = unserialize($lpObject);
if (isset($oLP) && is_object($oLP)) {
if ($debug > 0) error_log('New LP - oLP is object', 0);
if ($myrefresh == 1 ||
@ -235,12 +235,14 @@ if (isset($_SESSION['lpobject'])) {
$oLP->scorm_debug == '1'
) {
if ($debug > 0) error_log('New LP - Course has changed, discard lp object', 0);
if ($myrefresh == 1) { $myrefresh_id = $oLP->get_id(); }
if ($myrefresh == 1) {
$myrefresh_id = $oLP->get_id();
}
$oLP = null;
Session::erase('oLP');
Session::erase('lpobject');
} else {
$_SESSION['oLP'] = $oLP;
Session::write('oLP', $oLP);
$lp_found = true;
}
}
@ -320,7 +322,7 @@ if (!$lp_found || (!empty($_REQUEST['lp_id']) && $_SESSION['oLP']->get_id() != $
if ($debug > 0) error_log('New LP - Request[lp_id] and refresh_id were empty', 0);
}
if ($lp_found) {
$_SESSION['oLP'] = $oLP;
Session::write('oLP', $oLP);
}
}
@ -357,7 +359,11 @@ $action = (!empty($_REQUEST['action']) ? $_REQUEST['action'] : '');
$post_title = "";
if (isset($_POST['title'])) {
$post_title = Security::remove_XSS($_POST['title']);
if (isset($_POST['type']) && isset($_POST['title']) && $_POST['type'] == TOOL_QUIZ && !empty($_POST['title'])) {
if (isset($_POST['type']) &&
isset($_POST['title']) &&
$_POST['type'] == TOOL_QUIZ &&
!empty($_POST['title'])
) {
$post_title = Exercise::format_title_variable($_POST['title']);
}
}
@ -379,7 +385,7 @@ switch ($action) {
}
require 'lp_list.php';
} else {
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
if (isset($_POST['submit_button']) && !empty($post_title)) {
// If a title was submitted:
@ -391,7 +397,7 @@ switch ($action) {
// Check post_time to ensure ??? (counter-hacking measure?)
require 'lp_add_item.php';
} else {
$_SESSION['post_time'] = $_POST['post_time'];
Session::write('post_time', $_POST['post_time']);
$directoryParentId = isset($_POST['directory_parent_id']) ? $_POST['directory_parent_id'] : 0;
$courseInfo = api_get_course_info();
if (empty($directoryParentId)) {
@ -469,7 +475,7 @@ switch ($action) {
}
require 'lp_list.php';
} else {
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
if (isset($_REQUEST['id'])) {
$lp_item_obj = new learnpathItem($_REQUEST['id']);
@ -542,12 +548,12 @@ switch ($action) {
}
if (isset($_REQUEST['lp_name']) && !empty($_REQUEST['lp_name'])) {
$_REQUEST['lp_name'] = trim($_REQUEST['lp_name']);
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
if (isset($_SESSION['post_time']) && $_SESSION['post_time'] == $_REQUEST['post_time']) {
require 'lp_add.php';
} else {
$_SESSION['post_time'] = $_REQUEST['post_time'];
Session::write('post_time', $_POST['post_time']);
if (isset($_REQUEST['activate_start_date_check']) &&
$_REQUEST['activate_start_date_check'] == 1
@ -605,7 +611,7 @@ switch ($action) {
error_log('New LP - No learnpath given for admin_view', 0);
require 'lp_list.php';
} else {
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
require 'lp_admin_view.php';
}
break;
@ -633,7 +639,7 @@ switch ($action) {
error_log('New LP - No learnpath given for build', 0);
require 'lp_list.php';
} else {
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
//require 'lp_build.php';
$url = api_get_self().'?action=add_item&type=step&lp_id='.intval($_SESSION['oLP']->lp_id).'&'.api_get_cidreq();
header('Location: '.$url);
@ -648,7 +654,7 @@ switch ($action) {
error_log('New LP - No learnpath given for edit item', 0);
require 'lp_list.php';
} else {
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
if (isset($_POST['submit_button']) && !empty($post_title)) {
//Updating the lp.modified_on
$_SESSION['oLP']->set_modified_on();
@ -703,9 +709,9 @@ switch ($action) {
require 'lp_list.php';
} else {
if (isset($_POST['submit_button'])) {
//Updating the lp.modified_on
// Updating the lp.modified_on
$_SESSION['oLP']->set_modified_on();
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
$editPrerequisite = $_SESSION['oLP']->edit_item_prereq(
$_GET['id'],
$_POST['prerequisites'],
@ -734,7 +740,7 @@ switch ($action) {
error_log('New LP - No learnpath given for move item', 0);
require 'lp_list.php';
} else {
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
if (isset($_POST['submit_button'])) {
//Updating the lp.modified_on
$_SESSION['oLP']->set_modified_on();
@ -769,7 +775,7 @@ switch ($action) {
if (!$lp_found) {
error_log('New LP - No learnpath given for view item', 0); require 'lp_list.php';
} else {
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
require 'lp_view_item.php';
}
break;
@ -845,7 +851,7 @@ switch ($action) {
error_log('New LP - No learnpath given for delete', 0);
require 'lp_list.php';
} else {
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
$_SESSION['oLP']->delete(null, $_GET['lp_id'], 'remove');
Display::addFlash(Display::return_message(get_lang('Deleted')));
Session::erase('oLP');
@ -933,7 +939,7 @@ switch ($action) {
error_log('New LP - No learnpath given for edit', 0);
require 'lp_list.php';
} else {
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
require 'lp_edit.php';
}
break;
@ -945,7 +951,7 @@ switch ($action) {
error_log('New LP - No learnpath given for edit', 0);
require 'lp_list.php';
} else {
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
$lp_name = Security::remove_XSS($_REQUEST['lp_name']);
$_SESSION['oLP']->set_name($lp_name);
$author = $_REQUEST['lp_author'];
@ -1062,7 +1068,7 @@ switch ($action) {
error_log('New LP - No learnpath given for add sub item', 0);
require 'lp_list.php';
} else {
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
if (!empty($_REQUEST['parent_item_id'])) {
$_SESSION['from_learnpath'] = 'yes';
$_SESSION['origintoolurl'] = 'lp_controller.php?action=admin_view&lp_id='.intval($_REQUEST['lp_id']);
@ -1182,7 +1188,7 @@ switch ($action) {
break;
case 'list':
if ($lp_found) {
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
$_SESSION['oLP']->save_last();
}
require 'lp_list.php';
@ -1207,7 +1213,7 @@ switch ($action) {
require 'lp_list.php';
}
if (Security::check_token('get')) {
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
$_SESSION['oLP']->update_default_view_mode();
}
require 'lp_list.php';
@ -1217,7 +1223,7 @@ switch ($action) {
error_log('New LP - No learnpath given for switch', 0);
require 'lp_list.php';
}
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
$_SESSION['oLP']->update_default_scorm_commit();
require 'lp_list.php';
break;
@ -1237,13 +1243,13 @@ switch ($action) {
*/
case 'switch_attempt_mode':
if (!$lp_found) { error_log('New LP - No learnpath given for switch', 0); require 'lp_list.php'; }
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
$_SESSION['oLP']->switch_attempt_mode();
require 'lp_list.php';
break;
case 'switch_scorm_debug':
if (!$lp_found) { error_log('New LP - No learnpath given for switch', 0); require 'lp_list.php'; }
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
$_SESSION['oLP']->update_scorm_debug();
require 'lp_list.php';
break;
@ -1311,7 +1317,7 @@ switch ($action) {
require 'lp_list.php';
}
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
$_SESSION['oLP']->set_seriousgame_mode();
require 'lp_list.php';
break;
@ -1428,7 +1434,7 @@ switch ($action) {
break;
}
$_SESSION['refresh'] = 1;
Session::write('refresh', 1);
if (!isset($_POST['submit']) || empty($post_title)) {
break;
}

4
main/lp/openoffice_text.class.php
Unescape View File

@ -169,7 +169,7 @@ class OpenofficeText extends OpenofficeDocument
TOOL_DOCUMENT,
$document_id,
'DocumentAdded',
$_SESSION['_uid'],
api_get_user_id(),
0,
0,
null,
@ -234,7 +234,7 @@ class OpenofficeText extends OpenofficeDocument
TOOL_DOCUMENT,
$document_id,
'DocumentAdded',
$_SESSION['_uid'],
api_get_user_id(),
0,
0,
null,

Write Preview
Loading…
Cancel
Save