chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Partial merge from 1.11.x

Browse Source
pull/3063/head
Julio Montoya 7 years ago
parent e262fe6717
commit b6b663885a
30 changed files with 231 additions and 249 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      main/announcements/announcements.php
  2. 6
      main/auth/courses_controller.php
  3. 4
      main/auth/profile.php
  4. 10
      main/badge/assertion.php
  5. 19
      main/badge/class.php
  6. 45
      main/badge/criteria.php
  7. 7
      main/calendar/download.php
  8. 2
      main/course_info/about.php
  9. 4
      main/course_info/legal.php
  10. 2
      main/course_info/tools.php
  11. 2
      main/coursecopy/copy_course_session.php
  12. 2
      main/coursecopy/copy_course_session_selected.php
  13. 1
      main/document/create_audio.php
  14. 3
      main/document/create_document.php
  15. 6
      main/document/document.php
  16. 2
      main/document/document_quota.php
  17. 3
      main/document/remote.php
  18. 15
      main/document/upload.php
  19. 80
      main/dropbox/dropbox_functions.inc.php
  20. 2
      main/dropbox/dropbox_init.inc.php
  21. 2
      main/dropbox/index.php
  22. 12
      main/extra/myStudents.php
  23. 2
      main/extrafield/translate.php
  24. 10
      main/forum/forumfunction.inc.php
  25. 19
      main/forum/viewforum.php
  26. 23
      main/forum/viewthread.php
  27. 42
      main/glossary/glossary_ajax_request.php
  28. 15
      main/glossary/index.php
  29. 40
      main/inc/lib/api.lib.php
  30. 96
      main/inc/lib/social.lib.php

4
main/announcements/announcements.php
Unescape View File

@ -523,7 +523,7 @@ switch ($action) {
$form->addHtml(" $form->addHtml("
<script> <script>
$(document).on('ready', function () { $(function () {
$('#announcement_preview').on('click', function() { $('#announcement_preview').on('click', function() {
var users = []; var users = [];
$('#users_to option').each(function() { $('#users_to option').each(function() {
@ -566,7 +566,7 @@ switch ($action) {
$form->addHtml( $form->addHtml(
" "
<script> <script>
$(document).on('ready', function () { $(function () {
$('#choose_recipients').click(); $('#choose_recipients').click();
}); });
</script> </script>

6
main/auth/courses_controller.php
Unescape View File

@ -645,12 +645,12 @@ class CoursesController
public function sessionsList($action, $nameTools, $limit = []) public function sessionsList($action, $nameTools, $limit = [])
{ {
$date = isset($_POST['date']) ? $_POST['date'] : date('Y-m-d'); $date = isset($_POST['date']) ? $_POST['date'] : date('Y-m-d');
$hiddenLinks = isset($_GET['hidden_links']) ? intval($_GET['hidden_links']) == 1 : false; $hiddenLinks = isset($_GET['hidden_links']) ? $_GET['hidden_links'] == 1 : false;
$limit = isset($limit) ? $limit : self::getLimitArray(); $limit = isset($limit) ? $limit : self::getLimitArray();
$countSessions = SessionManager::countSessionsByEndDate($date); $countSessions = SessionManager::countSessionsByEndDate($date);
$sessions = CoursesAndSessionsCatalog::browseSessions($date, $limit); $sessions = CoursesAndSessionsCatalog::browseSessions($date, $limit);
$pageTotal = intval(intval($countSessions) / $limit['length']); $pageTotal = ceil($countSessions / $limit['length']);
// Do NOT show pagination if only one page or less // Do NOT show pagination if only one page or less
$cataloguePagination = $pageTotal > 1 ? CourseCategory::getCatalogPagination($limit['current'], $limit['length'], $pageTotal) : ''; $cataloguePagination = $pageTotal > 1 ? CourseCategory::getCatalogPagination($limit['current'], $limit['length'], $pageTotal) : '';
$sessionsBlocks = $this->getFormattedSessionsBlock($sessions); $sessionsBlocks = $this->getFormattedSessionsBlock($sessions);
@ -667,7 +667,7 @@ class CoursesController
$tpl = new Template(); $tpl = new Template();
$tpl->assign('show_courses', CoursesAndSessionsCatalog::showCourses()); $tpl->assign('show_courses', CoursesAndSessionsCatalog::showCourses());
$tpl->assign('show_sessions', CoursesAndSessionsCatalog::showSessions()); $tpl->assign('show_sessions', CoursesAndSessionsCatalog::showSessions());
$tpl->assign('show_tutor', api_get_setting('show_session_coach') === 'true' ? true : false); $tpl->assign('show_tutor', api_get_setting('show_session_coach') === 'true');
$tpl->assign('course_url', $courseUrl); $tpl->assign('course_url', $courseUrl);
$tpl->assign('catalog_pagination', $cataloguePagination); $tpl->assign('catalog_pagination', $cataloguePagination);
$tpl->assign('hidden_links', $hiddenLinks); $tpl->assign('hidden_links', $hiddenLinks);

4
main/auth/profile.php
Unescape View File

@ -40,7 +40,7 @@ $htmlHeadXtra[] = api_get_password_checker_js('#username', '#password1');
$htmlHeadXtra[] = api_get_css_asset('cropper/dist/cropper.min.css'); $htmlHeadXtra[] = api_get_css_asset('cropper/dist/cropper.min.css');
$htmlHeadXtra[] = api_get_asset('cropper/dist/cropper.min.js'); $htmlHeadXtra[] = api_get_asset('cropper/dist/cropper.min.js');
$htmlHeadXtra[] = '<script> $htmlHeadXtra[] = '<script>
$(document).ready(function() { $(function() {
$("#id_generate_api_key").on("click", function (e) { $("#id_generate_api_key").on("click", function (e) {
e.preventDefault(); e.preventDefault();
@ -350,7 +350,7 @@ $jquery_ready_content = $return['jquery_ready_content'];
// the $jquery_ready_content variable collects all functions that // the $jquery_ready_content variable collects all functions that
// will be load in the $(document).ready javascript function // will be load in the $(document).ready javascript function
$htmlHeadXtra[] = '<script> $htmlHeadXtra[] = '<script>
$(document).ready(function(){ $(function() {
'.$jquery_ready_content.' '.$jquery_ready_content.'
}); });
</script>'; </script>';

10
main/badge/assertion.php
Unescape View File

@ -8,14 +8,12 @@
* *
* @package chamilo.badge * @package chamilo.badge
*/ */
header('Content-Type: application/json');
require_once __DIR__.'/../inc/global.inc.php'; require_once __DIR__.'/../inc/global.inc.php';
$userId = isset($_GET['user']) ? intval($_GET['user']) : 0; $userId = isset($_GET['user']) ? (int) $_GET['user'] : 0;
$skillId = isset($_GET['skill']) ? intval($_GET['skill']) : 0; $skillId = isset($_GET['skill']) ? (int) $_GET['skill'] : 0;
$courseId = isset($_GET['course']) ? intval($_GET['course']) : 0; $courseId = isset($_GET['course']) ? (int) $_GET['course'] : 0;
$sessionId = isset($_GET['session']) ? intval($_GET['session']) : 0; $sessionId = isset($_GET['session']) ? (int) $_GET['session'] : 0;
if ($userId === 0 || $skillId === 0) { if ($userId === 0 || $skillId === 0) {
exit; exit;

19
main/badge/class.php
Unescape View File

@ -10,17 +10,20 @@
*/ */
require_once __DIR__.'/../inc/global.inc.php'; require_once __DIR__.'/../inc/global.inc.php';
$skillId = isset($_GET['id']) ? intval($_GET['id']) : 0; $skillId = isset($_GET['id']) ? (int) $_GET['id'] : 0;
$objSkill = new Skill(); $objSkill = new Skill();
$skill = $objSkill->get($skillId); $skill = $objSkill->get($skillId);
$json = [];
$json = [ if ($skill) {
'name' => $skill['name'], $json = [
'description' => $skill['description'], 'name' => $skill['name'],
'image' => api_get_path(WEB_UPLOAD_PATH)."badges/{$skill['icon']}", 'description' => $skill['description'],
'criteria' => api_get_path(WEB_CODE_PATH)."badge/criteria.php?id=$skillId", 'image' => api_get_path(WEB_UPLOAD_PATH)."badges/{$skill['icon']}",
'issuer' => api_get_path(WEB_CODE_PATH)."badge/issuer.php", 'criteria' => api_get_path(WEB_CODE_PATH)."badge/criteria.php?id=$skillId",
]; 'issuer' => api_get_path(WEB_CODE_PATH).'badge/issuer.php',
];
}
header('Content-Type: application/json'); header('Content-Type: application/json');

45
main/badge/criteria.php
Unescape View File

@ -10,33 +10,40 @@
*/ */
require_once __DIR__.'/../inc/global.inc.php'; require_once __DIR__.'/../inc/global.inc.php';
$skillId = isset($_GET['id']) ? $_GET['id'] : 0;
if (empty($skillId)) {
exit;
}
$entityManager = Database::getManager(); $entityManager = Database::getManager();
/** @var \Chamilo\CoreBundle\Entity\Skill $skill */ /** @var \Chamilo\CoreBundle\Entity\Skill $skill */
$skill = $entityManager->find('ChamiloCoreBundle:Skill', $_GET['id']); $skill = $entityManager->find('ChamiloCoreBundle:Skill', $_GET['id']);
if (!$skill) { if ($skill) {
Display::addFlash( $skillInfo = [
Display::return_message(get_lang('SkillNotFound'), 'error') 'name' => $skill->getName(),
'short_code' => $skill->getShortCode(),
'description' => $skill->getDescription(),
'criteria' => $skill->getCriteria(),
'badge_image' => Skill::getWebIconPath($skill),
];
$template = new Template();
$template->assign('skill_info', $skillInfo);
$content = $template->fetch(
$template->get_template('skill/criteria.tpl')
); );
header('Location: '.api_get_path(WEB_PATH)); $template->assign('content', $content);
$template->display_one_col_template();
exit; exit;
} }
$skillInfo = [ Display::addFlash(
'name' => $skill->getName(), Display::return_message(get_lang('SkillNotFound'), 'error')
'short_code' => $skill->getShortCode(),
'description' => $skill->getDescription(),
'criteria' => $skill->getCriteria(),
'badge_image' => Skill::getWebIconPath($skill),
];
$template = new Template();
$template->assign('skill_info', $skillInfo);
$content = $template->fetch(
$template->get_template('skill/criteria.tpl')
); );
$template->assign('content', $content); header('Location: '.api_get_path(WEB_PATH));
$template->display_one_col_template(); exit;

7
main/calendar/download.php
Unescape View File

@ -19,11 +19,9 @@ header('Expires: Wed, 01 Jan 1990 00:00:00 GMT');
header('Cache-Control: public'); header('Cache-Control: public');
header('Pragma: no-cache'); header('Pragma: no-cache');
$course_id = intval($_REQUEST['course_id']); $course_id = isset($_REQUEST['course_id']) ? $_REQUEST['course_id'] : 0;
$user_id = api_get_user_id(); $user_id = api_get_user_id();
$course_info = api_get_course_info_by_id($course_id); $course_info = api_get_course_info_by_id($course_id);
$doc_url = $_REQUEST['file'];
$session_id = api_get_session_id();
if (empty($course_id)) { if (empty($course_id)) {
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
@ -32,6 +30,9 @@ if (empty($course_id) || empty($doc_url)) {
api_not_allowed(); api_not_allowed();
} }
$doc_url = $_REQUEST['file'];
$session_id = api_get_session_id();
$is_user_is_subscribed = CourseManager::is_user_subscribed_in_course( $is_user_is_subscribed = CourseManager::is_user_subscribed_in_course(
$user_id, $user_id,
$course_info['code'], $course_info['code'],

2
main/course_info/about.php
Unescape View File

@ -131,7 +131,7 @@ $topics = [
$subscriptionUser = CourseManager::is_user_subscribed_in_course($userId, $course->getCode()); $subscriptionUser = CourseManager::is_user_subscribed_in_course($userId, $course->getCode());
$allowSubscribe = false; $allowSubscribe = false;
if ($course->getSubscribe() == true || api_is_platform_admin()) { if ($course->getSubscribe() || api_is_platform_admin()) {
$allowSubscribe = true; $allowSubscribe = true;
} }
$plugin = BuyCoursesPlugin::create(); $plugin = BuyCoursesPlugin::create();

4
main/course_info/legal.php
Unescape View File

@ -8,8 +8,8 @@ $cidReset = true;
require_once __DIR__.'/../inc/global.inc.php'; require_once __DIR__.'/../inc/global.inc.php';
$this_section = SECTION_COURSES; $this_section = SECTION_COURSES;
$course_code = isset($_REQUEST['course_code']) ? $_REQUEST['course_code'] : null; $course_code = isset($_REQUEST['course_code']) ? Security::remove_XSS($_REQUEST['course_code']) : null;
$session_id = isset($_REQUEST['session_id']) ? intval($_REQUEST['session_id']) : null; $session_id = isset($_REQUEST['session_id']) ? (int) $_REQUEST['session_id'] : null;
$user_id = api_get_user_id(); $user_id = api_get_user_id();
if (empty($course_code)) { if (empty($course_code)) {

2
main/course_info/tools.php
Unescape View File

@ -19,7 +19,7 @@ if (!api_is_allowed_to_edit()) {
} }
$action = isset($_GET['action']) ? $_GET['action'] : ''; $action = isset($_GET['action']) ? $_GET['action'] : '';
$id = isset($_GET['id']) ? intval($_GET['id']) : ''; $id = isset($_GET['id']) ? (int) $_GET['id'] : '';
$toolName = get_lang('CustomizeIcons'); $toolName = get_lang('CustomizeIcons');

2
main/coursecopy/copy_course_session.php
Unescape View File

@ -9,7 +9,7 @@ use ChamiloSession as Session;
/** /**
* Copy resources from one course in a session to another one. * Copy resources from one course in a session to another one.
* *
* @author Christian Fasanando <christian.fasanando@dokeos.com> * @author Christian Fasanando
* @author Julio Montoya <gugli100@gmail.com> Lots of bug fixes/improvements * @author Julio Montoya <gugli100@gmail.com> Lots of bug fixes/improvements
* *
* @package chamilo.backup * @package chamilo.backup

2
main/coursecopy/copy_course_session_selected.php
Unescape View File

@ -9,7 +9,7 @@ use ChamiloSession as Session;
/** /**
* Copy resources from one course in a session to another one. * Copy resources from one course in a session to another one.
* *
* @author Christian Fasanando <christian.fasanando@dokeos.com> * @author Christian Fasanando
* @author Julio Montoya <gugli100@gmail.com> Lots of bug fixes/improvements * @author Julio Montoya <gugli100@gmail.com> Lots of bug fixes/improvements
* @author Angel Fernando Quiroz Campos <angel.quiroz@beeznest.com> Code conventions * @author Angel Fernando Quiroz Campos <angel.quiroz@beeznest.com> Code conventions
* *

1
main/document/create_audio.php
Unescape View File

@ -113,7 +113,6 @@ if (!($is_allowed_to_edit || $groupRights ||
api_not_allowed(true); api_not_allowed(true);
} }
/* Header */
Event::event_access_tool(TOOL_DOCUMENT); Event::event_access_tool(TOOL_DOCUMENT);
$display_dir = $dir; $display_dir = $dir;

3
main/document/create_document.php
Unescape View File

@ -63,10 +63,9 @@ if (isset($_REQUEST['certificate']) && $_REQUEST['certificate'] == 'true') {
$is_certificate_mode = true; $is_certificate_mode = true;
} }
$nameTools = get_lang('CreateDocument');
if ($is_certificate_mode) { if ($is_certificate_mode) {
$nameTools = get_lang('CreateCertificate'); $nameTools = get_lang('CreateCertificate');
} else {
$nameTools = get_lang('CreateDocument');
} }
/* Constants and variables */ /* Constants and variables */

6
main/document/document.php
Unescape View File

@ -777,7 +777,7 @@ function confirmation (name) {
} }
} }
$(document).ready(function() { $(function() {
$(".convertAction").click(function() { $(".convertAction").click(function() {
var id = $(this).attr("data-documentId"); var id = $(this).attr("data-documentId");
var format = $(this).attr("data-formatType"); var format = $(this).attr("data-formatType");
@ -943,7 +943,7 @@ if (!empty($documentAndFolders)) {
$htmlHeadXtra[] = ' $htmlHeadXtra[] = '
<script> <script>
$(document).ready( function() { $(function() {
//Experimental changes to preview mp3, ogg files' //Experimental changes to preview mp3, ogg files'
.$jquery.' .$jquery.'
}); });
@ -2161,7 +2161,7 @@ $ajaxURL = api_get_path(WEB_AJAX_PATH).'document.ajax.php?a=get_document_quota&'
if (count($documentAndFolders) > 1) { if (count($documentAndFolders) > 1) {
echo '<script> echo '<script>
$(document).ready(function() { $(function() {
$.ajax({ $.ajax({
url:"'.$ajaxURL.'", url:"'.$ajaxURL.'",
success:function(data){ success:function(data){

2
main/document/document_quota.php
Unescape View File

@ -8,6 +8,8 @@
*/ */
require_once __DIR__.'/../inc/global.inc.php'; require_once __DIR__.'/../inc/global.inc.php';
api_protect_course_script(true);
if (!api_is_allowed_to_edit(null, true)) { if (!api_is_allowed_to_edit(null, true)) {
api_not_allowed(true); api_not_allowed(true);
} }

3
main/document/remote.php
Unescape View File

@ -16,9 +16,12 @@
* *
* @return string JSON output * @return string JSON output
*/ */
/* FIX for IE cache when using https */ /* FIX for IE cache when using https */
session_cache_limiter('none'); session_cache_limiter('none');
require_once __DIR__.'/../inc/global.inc.php'; require_once __DIR__.'/../inc/global.inc.php';
api_protect_course_script(true);
api_block_anonymous_users(); api_block_anonymous_users();
/*==== Variables initialisation ====*/ /*==== Variables initialisation ====*/
$action = $_REQUEST['action']; //safe as only used in if()'s $action = $_REQUEST['action']; //safe as only used in if()'s

15
main/document/upload.php
Unescape View File

@ -32,12 +32,11 @@
* *
* @package chamilo.document * @package chamilo.document
*/ */
// Including the global initialization file
require_once __DIR__.'/../inc/global.inc.php'; require_once __DIR__.'/../inc/global.inc.php';
// Including additional libraries
require_once api_get_path(LIBRARY_PATH).'specific_fields_manager.lib.php'; require_once api_get_path(LIBRARY_PATH).'specific_fields_manager.lib.php';
api_protect_course_script(true);
// Adding extra javascript to the form // Adding extra javascript to the form
$htmlHeadXtra[] = api_get_jquery_libraries_js(['jquery-ui', 'jquery-upload']); $htmlHeadXtra[] = api_get_jquery_libraries_js(['jquery-ui', 'jquery-upload']);
@ -49,7 +48,7 @@ $courseDir = $_course['path'].'/document';
$sys_course_path = api_get_path(SYS_COURSE_PATH); $sys_course_path = api_get_path(SYS_COURSE_PATH);
$base_work_dir = $sys_course_path.$courseDir; $base_work_dir = $sys_course_path.$courseDir;
$sessionId = api_get_session_id(); $sessionId = api_get_session_id();
$selectcat = isset($_GET['selectcat']) ? Security::remove_XSS($_GET['selectcat']) : null; $selectcat = isset($_GET['selectcat']) ? (int) $_GET['selectcat'] : null;
$document_data = []; $document_data = [];
@ -86,14 +85,10 @@ $group_properties = [];
$htmlHeadXtra[] = '<script> $htmlHeadXtra[] = '<script>
function check_unzip() { function check_unzip() {
if (document.upload.unzip.checked){ if (document.upload.unzip.checked) {
//document.upload.if_exists[0].disabled=true; document.upload.if_exists[1].checked=true;
document.upload.if_exists[1].checked=true;
//document.upload.if_exists[2].disabled=true;
} else { } else {
document.upload.if_exists[2].checked=true; document.upload.if_exists[2].checked=true;
//document.upload.if_exists[0].disabled=false;
//document.upload.if_exists[2].disabled=false;
} }
} }

80
main/dropbox/dropbox_functions.inc.php
Unescape View File

@ -61,7 +61,7 @@ function handle_multiple_actions()
return get_lang('CheckAtLeastOneFile'); return get_lang('CheckAtLeastOneFile');
} }
// STEP 3A: deleting // Deleting
if ($_POST['action'] == 'delete_received' || $_POST['action'] == 'delete_sent') { if ($_POST['action'] == 'delete_received' || $_POST['action'] == 'delete_sent') {
$dropboxfile = new Dropbox_Person($_user['user_id'], $is_courseAdmin, $is_courseTutor); $dropboxfile = new Dropbox_Person($_user['user_id'], $is_courseAdmin, $is_courseTutor);
foreach ($checked_file_ids as $key => $value) { foreach ($checked_file_ids as $key => $value) {
@ -78,13 +78,7 @@ function handle_multiple_actions()
return $message; return $message;
} }
// STEP 3B: giving comment // moving
if ($_POST['actions'] == 'comment') {
// This has not been implemented.
// The idea was that it would be possible to write the same feedback for the selected documents.
}
// STEP 3C: moving
if (strstr($_POST['action'], 'move_')) { if (strstr($_POST['action'], 'move_')) {
// check move_received_n or move_sent_n command // check move_received_n or move_sent_n command
if (strstr($_POST['action'], 'received')) { if (strstr($_POST['action'], 'received')) {
@ -291,7 +285,9 @@ function get_dropbox_categories($filter = '')
$result = Database::query($sql); $result = Database::query($sql);
while ($row = Database::fetch_array($result)) { while ($row = Database::fetch_array($result)) {
if (($filter == 'sent' && $row['sent'] == 1) || ($filter == 'received' && $row['received'] == 1) || $filter == '') { if (($filter == 'sent' && $row['sent'] == 1) ||
($filter == 'received' && $row['received'] == 1) || $filter == ''
) {
$return_array[$row['cat_id']] = $row; $return_array[$row['cat_id']] = $row;
} }
} }
@ -309,9 +305,12 @@ function get_dropbox_categories($filter = '')
function get_dropbox_category($id) function get_dropbox_category($id)
{ {
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
if (empty($id) or $id != intval($id)) { $id = (int) $id;
if (empty($id)) {
return []; return [];
} }
$sql = "SELECT * FROM ".Database::get_course_table(TABLE_DROPBOX_CATEGORY)." $sql = "SELECT * FROM ".Database::get_course_table(TABLE_DROPBOX_CATEGORY)."
WHERE c_id = $course_id AND cat_id='".$id."'"; WHERE c_id = $course_id AND cat_id='".$id."'";
$res = Database::query($sql); $res = Database::query($sql);
@ -386,7 +385,8 @@ function store_addcategory()
]; ];
$id = Database::insert(Database::get_course_table(TABLE_DROPBOX_CATEGORY), $params); $id = Database::insert(Database::get_course_table(TABLE_DROPBOX_CATEGORY), $params);
if ($id) { if ($id) {
$sql = "UPDATE ".Database::get_course_table(TABLE_DROPBOX_CATEGORY)." SET cat_id = iid WHERE iid = $id"; $sql = "UPDATE ".Database::get_course_table(TABLE_DROPBOX_CATEGORY)." SET cat_id = iid
WHERE iid = $id";
Database::query($sql); Database::query($sql);
} }
@ -420,22 +420,24 @@ function store_addcategory()
/** /**
* This function displays the form to add a new category. * This function displays the form to add a new category.
* *
* @param $category_name this parameter is the name of the category (used when no section is selected) * @param string $category_name this parameter is the name of the category (used when no section is selected)
* @param $id this is the id of the category we are editing * @param int $id this is the id of the category we are editing
* *
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
* *
* @version march 2006 * @version march 2006
*/ */
function display_addcategory_form($category_name = '', $id = '', $action) function display_addcategory_form($category_name = '', $id = 0, $action = '')
{ {
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
$title = get_lang('AddNewCategory'); $title = get_lang('AddNewCategory');
if (isset($id) && $id != '') { $id = (int) $id;
if (!empty($id)) {
// retrieve the category we are editing // retrieve the category we are editing
$sql = "SELECT * FROM ".Database::get_course_table(TABLE_DROPBOX_CATEGORY)." $sql = "SELECT * FROM ".Database::get_course_table(TABLE_DROPBOX_CATEGORY)."
WHERE c_id = $course_id AND cat_id = ".intval($id); WHERE c_id = $course_id AND cat_id = ".$id;
$result = Database::query($sql); $result = Database::query($sql);
$row = Database::fetch_array($result); $row = Database::fetch_array($result);
@ -474,8 +476,8 @@ function display_addcategory_form($category_name = '', $id = '', $action)
); );
$form->addElement('header', $title); $form->addElement('header', $title);
if (isset($id) && $id != '') { if (!empty($id)) {
$form->addElement('hidden', 'edit_id', intval($id)); $form->addElement('hidden', 'edit_id', $id);
} }
$form->addElement('hidden', 'action', Security::remove_XSS($action)); $form->addElement('hidden', 'action', Security::remove_XSS($action));
$form->addElement('hidden', 'target', Security::remove_XSS($target)); $form->addElement('hidden', 'target', Security::remove_XSS($target));
@ -485,7 +487,7 @@ function display_addcategory_form($category_name = '', $id = '', $action)
$form->addButtonSave($text, 'StoreCategory'); $form->addButtonSave($text, 'StoreCategory');
$defaults = []; $defaults = [];
$defaults['category_name'] = $category_name; $defaults['category_name'] = Security::remove_XSS($category_name);
$form->setDefaults($defaults); $form->setDefaults($defaults);
$form->display(); $form->display();
} }
@ -755,22 +757,6 @@ function display_add_form($viewReceivedCategory, $viewSentCategory, $view, $id =
); );
} }
/**
* @param string $user_id
*
* @return bool indicating if user with user_id=$user_id is a course member
*
* @todo check if this function is still necessary. There might be a library function for this.
*/
function isCourseMember($user_id)
{
$_course = api_get_course_info();
$course_code = $_course['code'];
$is_course_member = CourseManager::is_user_subscribed_in_course($user_id, $course_code, true);
return $is_course_member;
}
/** /**
* Checks if there are files in the dropbox_file table that aren't used anymore in dropbox_person table. * Checks if there are files in the dropbox_file table that aren't used anymore in dropbox_person table.
* If there are, all entries concerning the file are deleted from the db + the file is deleted from the server. * If there are, all entries concerning the file are deleted from the db + the file is deleted from the server.
@ -817,7 +803,7 @@ function getUserOwningThisMailing($mailingPseudoId, $owner = 0, $or_die = '')
{ {
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
$mailingPseudoId = intval($mailingPseudoId); $mailingPseudoId = (int) $mailingPseudoId;
$sql = "SELECT f.uploader_id $sql = "SELECT f.uploader_id
FROM ".Database::get_course_table(TABLE_DROPBOX_FILE)." f FROM ".Database::get_course_table(TABLE_DROPBOX_FILE)." f
LEFT JOIN ".Database::get_course_table(TABLE_DROPBOX_POST)." p LEFT JOIN ".Database::get_course_table(TABLE_DROPBOX_POST)." p
@ -853,7 +839,7 @@ function removeMoreIfMailing($file_id)
// for all content files, delete mailingPseudoId from person-table // for all content files, delete mailingPseudoId from person-table
// 2. finding the owner (getUserOwningThisMailing) is no longer possible, so // 2. finding the owner (getUserOwningThisMailing) is no longer possible, so
// for all content files, replace mailingPseudoId by owner as uploader // for all content files, replace mailingPseudoId by owner as uploader
$file_id = intval($file_id); $file_id = (int) $file_id;
$sql = "SELECT p.dest_user_id $sql = "SELECT p.dest_user_id
FROM ".Database::get_course_table(TABLE_DROPBOX_POST)." p FROM ".Database::get_course_table(TABLE_DROPBOX_POST)." p
WHERE c_id = $course_id AND p.file_id = '".$file_id."'"; WHERE c_id = $course_id AND p.file_id = '".$file_id."'";
@ -899,12 +885,19 @@ function store_add_dropbox($file = [], $work = null)
// Check if all the recipients are valid // Check if all the recipients are valid
$thisIsAMailing = false; $thisIsAMailing = false;
$thisIsJustUpload = false; $thisIsJustUpload = false;
foreach ($_POST['recipients'] as $rec) { foreach ($_POST['recipients'] as $rec) {
if ($rec == 'mailing') { if ($rec == 'mailing') {
$thisIsAMailing = true; $thisIsAMailing = true;
} elseif ($rec == 'upload') { } elseif ($rec == 'upload') {
$thisIsJustUpload = true; $thisIsJustUpload = true;
} elseif (strpos($rec, 'user_') === 0 && !isCourseMember(substr($rec, strlen('user_')))) { } elseif (strpos($rec, 'user_') === 0 &&
!CourseManager::is_user_subscribed_in_course(
substr($rec, strlen('user_')),
$_course['code'],
true
)
) {
Display::addFlash( Display::addFlash(
Display::return_message( Display::return_message(
get_lang('InvalideUserDetected'), get_lang('InvalideUserDetected'),
@ -1222,8 +1215,8 @@ function feedback_form($url)
function user_can_download_file($id, $user_id) function user_can_download_file($id, $user_id)
{ {
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
$id = intval($id); $id = (int) $id;
$user_id = intval($user_id); $user_id = (int) $user_id;
$sql = "SELECT file_id $sql = "SELECT file_id
FROM ".Database::get_course_table(TABLE_DROPBOX_PERSON)." FROM ".Database::get_course_table(TABLE_DROPBOX_PERSON)."
@ -1245,7 +1238,7 @@ function user_can_download_file($id, $user_id)
// add feedback since the other users will never get to see the feedback. // add feedback since the other users will never get to see the feedback.
function check_if_file_exist($id) function check_if_file_exist($id)
{ {
$id = intval($id); $id = (int) $id;
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
$sql = "SELECT file_id $sql = "SELECT file_id
FROM ".Database::get_course_table(TABLE_DROPBOX_PERSON)." FROM ".Database::get_course_table(TABLE_DROPBOX_PERSON)."
@ -1451,12 +1444,13 @@ function generate_html_overview($files, $dont_show_columns = [], $make_link = []
* *
* @version march 2006 * @version march 2006
*/ */
function get_total_number_feedback($file_id = '') function get_total_number_feedback()
{ {
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
$sql = "SELECT COUNT(feedback_id) AS total, file_id $sql = "SELECT COUNT(feedback_id) AS total, file_id
FROM ".Database::get_course_table(TABLE_DROPBOX_FEEDBACK)." FROM ".Database::get_course_table(TABLE_DROPBOX_FEEDBACK)."
WHERE c_id = $course_id GROUP BY file_id"; WHERE c_id = $course_id
GROUP BY file_id";
$result = Database::query($sql); $result = Database::query($sql);
$return = []; $return = [];
while ($row = Database::fetch_array($result)) { while ($row = Database::fetch_array($result)) {

2
main/dropbox/dropbox_init.inc.php
Unescape View File

@ -180,7 +180,7 @@ if (empty($session_id)) {
// only when it is needed. // only when it is needed.
if ($action == 'add') { if ($action == 'add') {
$dropbox_person = new Dropbox_Person( $dropbox_person = new Dropbox_Person(
$_user['user_id'], $user_id,
$is_courseAdmin, $is_courseAdmin,
$is_courseTutor $is_courseTutor
); );

2
main/dropbox/index.php
Unescape View File

@ -4,6 +4,8 @@
// The file that contains all the initialisation stuff (and includes all the configuration stuff) // The file that contains all the initialisation stuff (and includes all the configuration stuff)
require_once 'dropbox_init.inc.php'; require_once 'dropbox_init.inc.php';
$_course = api_get_course_info();
$last_access = ''; $last_access = '';
// get the last time the user accessed the tool // get the last time the user accessed the tool
if (isset($_SESSION[$_course['id']]) && if (isset($_SESSION[$_course['id']]) &&

12
main/extra/myStudents.php
Unescape View File

@ -323,17 +323,7 @@ $isDrhOfCourse = CourseManager::isUserSubscribedInCourseAsDrh(
if (api_is_drh() && !api_is_platform_admin()) { if (api_is_drh() && !api_is_platform_admin()) {
if (!empty($studentId)) { if (!empty($studentId)) {
if (api_drh_can_access_all_session_content()) { if (!api_drh_can_access_all_session_content()) {
//@todo securize drh with student id
/*$users = SessionManager::getAllUsersFromCoursesFromAllSessionFromStatus('drh_all', api_get_user_id());
$userList = [];
foreach ($users as $user) {
$userList[] = $user['user_id'];
}
if (!in_array($student_id, $userList)) {
api_not_allowed(true);
}*/
} else {
if (!($isDrhOfCourse)) { if (!($isDrhOfCourse)) {
if (api_is_drh() && if (api_is_drh() &&
!UserManager::is_user_followed_by_drh($studentId, api_get_user_id()) !UserManager::is_user_followed_by_drh($studentId, api_get_user_id())

2
main/extrafield/translate.php
Unescape View File

@ -31,7 +31,7 @@ if (!$extraField || empty($variableLanguage) || empty($originalName)) {
api_not_allowed(true); api_not_allowed(true);
} }
$languageId = isset($_GET['sub_language']) ? intval($_GET['sub_language']) : 0; $languageId = isset($_GET['sub_language']) ? (int) $_GET['sub_language'] : 0;
$languages = $em $languages = $em
->getRepository('ChamiloCoreBundle:Language') ->getRepository('ChamiloCoreBundle:Language')

10
main/forum/forumfunction.inc.php
Unescape View File

@ -3200,13 +3200,13 @@ function show_add_post_form($current_forum, $action, $form_values = '', $showPre
$iframe = null; $iframe = null;
if ($showPreview) { if ($showPreview) {
$myThread = Security::remove_XSS($myThread); $myThread = Security::remove_XSS($myThread);
if ($action != 'newthread' && !empty($myThread)) { if ($action != 'newthread' && !empty($myThread)) {
$iframe = "<iframe style=\"border: 1px solid black\" src=\"iframe_thread.php?".api_get_cidreq( $iframe = "<iframe style=\"border: 1px solid black\" src=\"iframe_thread.php?".api_get_cidreq(
)."&forum=".$forumId."&thread=".$myThread."#".$my_post."\" width=\"100%\"></iframe>"; )."&forum=".$forumId."&thread=".$myThread."#".$my_post."\" width=\"100%\"></iframe>";
} }
if (!empty($iframe)) { if (!empty($iframe)) {
$form->addElement('label', get_lang('Thread'), $iframe); $form->addElement('label', get_lang('Thread'), $iframe);
} }
} }

19
main/forum/viewforum.php
Unescape View File

@ -476,10 +476,7 @@ if (is_array($threads)) {
} }
$_user = api_get_user_info($row['user_id']); $_user = api_get_user_info($row['user_id']);
$urlImg = api_get_path(WEB_IMG_PATH); $iconStatus = $_user['icon_status'];
$iconStatus = null;
$isAdmin = UserManager::is_admin($row['user_id']);
$last_post_info = get_last_post_by_thread( $last_post_info = get_last_post_by_thread(
$row['c_id'], $row['c_id'],
$row['thread_id'], $row['thread_id'],
@ -498,20 +495,6 @@ if (is_array($threads)) {
); );
} }
if ($_user['status'] == 5) {
if ($_user['has_certificates']) {
$iconStatus = '<img src="'.$urlImg.'icons/svg/identifier_graduated.svg" width="22px" height="22px">';
} else {
$iconStatus = '<img src="'.$urlImg.'icons/svg/identifier_student.svg" width="22px" height="22px">';
}
} elseif ($_user['status'] == 1) {
if ($isAdmin) {
$iconStatus = '<img src="'.$urlImg.'icons/svg/identifier_admin.svg" width="22px" height="22px">';
} else {
$iconStatus = '<img src="'.$urlImg.'icons/svg/identifier_teacher.svg" width="22px" height="22px">';
}
}
$html .= '<div class="thumbnail">'.display_user_image($row['user_id'], $name, $origin).'</div>'; $html .= '<div class="thumbnail">'.display_user_image($row['user_id'], $name, $origin).'</div>';
$html .= '</div>'; $html .= '</div>';
$html .= '<div class="col-md-10">'; $html .= '<div class="col-md-10">';

23
main/forum/viewthread.php
Unescape View File

@ -327,26 +327,7 @@ foreach ($posts as $post) {
); );
$_user = api_get_user_info($posterId); $_user = api_get_user_info($posterId);
$urlImg = api_get_path(WEB_IMG_PATH); $iconStatus = $_user['icon_status'];
$iconStatus = null;
$isAdmin = UserManager::is_admin($posterId);
if ($_user['status'] == 5) {
if ($_user['has_certificates']) {
$iconStatus = '<img src="'.$urlImg.'icons/svg/identifier_graduated.svg" width="22px" height="22px">';
} else {
$iconStatus = '<img src="'.$urlImg.'icons/svg/identifier_student.svg" width="22px" height="22px">';
}
} else {
if ($_user['status'] == 1) {
if ($isAdmin) {
$iconStatus = '<img src="'.$urlImg.'icons/svg/identifier_admin.svg" width="22px" height="22px">';
} else {
$iconStatus = '<img src="'.$urlImg.'icons/svg/identifier_teacher.svg" width="22px" height="22px">';
}
}
}
$post['user_data'] .= '<div class="user-type text-center">'.$iconStatus.'</div>'; $post['user_data'] .= '<div class="user-type text-center">'.$iconStatus.'</div>';
} else { } else {
if ($allowUserImageForum) { if ($allowUserImageForum) {
@ -688,7 +669,7 @@ if (!api_is_allowed_to_edit(false, true) &&
if (!api_is_allowed_to_edit(false, true) && if (!api_is_allowed_to_edit(false, true) &&
( (
( $current_forum_category && $current_forum_category['locked'] != 0) || ($current_forum_category && $current_forum_category['locked'] != 0) ||
$current_forum['locked'] != 0 || $current_thread['locked'] != 0 $current_forum['locked'] != 0 || $current_thread['locked'] != 0
) )
) { ) {

42
main/glossary/glossary_ajax_request.php
Unescape View File

@ -9,58 +9,50 @@
*/ */
require_once __DIR__.'/../inc/global.inc.php'; require_once __DIR__.'/../inc/global.inc.php';
api_protect_course_script(true);
/** /**
* Search a term and return description from a glossary. * Search a term and return description from a glossary.
*/ */
$charset = api_get_system_encoding(); $charset = api_get_system_encoding();
//replace image path // Replace image path
$path_image = api_get_path(WEB_COURSE_PATH).api_get_course_path(); $path_image = api_get_path(WEB_COURSE_PATH).api_get_course_path();
$path_image_search = '../..'.api_get_path(REL_COURSE_PATH).api_get_course_path(); $path_image_search = '../..'.api_get_path(REL_COURSE_PATH).api_get_course_path();
$glossaryId = isset($_POST['glossary_id']) ? (int) $_POST['glossary_id'] : 0;
$description = get_lang('NoResults');
if (isset($_POST['glossary_id']) && if (!empty($glossaryId)) {
$_POST['glossary_id'] == strval(intval($_POST['glossary_id'])) $description = GlossaryManager::get_glossary_term_by_glossary_id($glossaryId);
) { $description = str_replace($path_image_search, $path_image, $description);
$glossary_description_by_id = GlossaryManager::get_glossary_term_by_glossary_id(
$_POST['glossary_id']
);
$glossary_description_by_id = str_replace(
$path_image_search,
$path_image,
$glossary_description_by_id
);
echo api_xml_http_response_encode($glossary_description_by_id);
} elseif (isset($_POST['glossary_data']) && $_POST['glossary_data'] == 'true') { } elseif (isset($_POST['glossary_data']) && $_POST['glossary_data'] == 'true') {
//get_glossary_terms // get_glossary_terms
$glossary_data = GlossaryManager::get_glossary_terms(); $glossary_data = GlossaryManager::get_glossary_terms();
$glossary_all_data = []; $glossary_all_data = [];
if (count($glossary_data) > 0) { if (count($glossary_data) > 0) {
foreach ($glossary_data as $glossary_index => $glossary_value) { foreach ($glossary_data as $glossary_index => $glossary_value) {
$glossary_all_data[] = $glossary_value['id'].'__|__|'.$glossary_value['name']; $glossary_all_data[] = $glossary_value['id'].'__|__|'.$glossary_value['name'];
} }
$glossary_all_data = implode('[|.|_|.|-|.|]', $glossary_all_data); $description = implode('[|.|_|.|-|.|]', $glossary_all_data);
echo api_xml_http_response_encode($glossary_all_data);
} }
} elseif (isset($_POST['glossary_name'])) { } elseif (isset($_POST['glossary_name'])) {
$my_glossary_name = Security::remove_XSS($_POST['glossary_name']); $my_glossary_name = Security::remove_XSS($_POST['glossary_name']);
$my_glossary_name = api_convert_encoding($my_glossary_name, $charset, 'UTF-8'); $my_glossary_name = api_convert_encoding($my_glossary_name, $charset, 'UTF-8');
$my_glossary_name = trim($my_glossary_name); $my_glossary_name = trim($my_glossary_name);
$glossaryInfo = GlossaryManager::get_glossary_term_by_glossary_name( $glossaryInfo = GlossaryManager::get_glossary_term_by_glossary_name($my_glossary_name);
$my_glossary_name
);
$glossary_description = str_replace( $description = str_replace(
$path_image_search, $path_image_search,
$path_image, $path_image,
$glossaryInfo['description'] $glossaryInfo['description']
); );
if (is_null($glossary_description) || strlen(trim($glossary_description)) == 0) { if (is_null($description) || strlen(trim($description)) == 0) {
echo api_xml_http_response_encode(get_lang('NoResults')); $description = get_lang('NoResults');
} else { } else {
echo api_xml_http_response_encode($glossary_description); $description = str_replace('class="glossary"', '', $description);
} }
} else {
echo api_xml_http_response_encode(get_lang('NoResults'));
} }
echo api_xml_http_response_encode($description);

15
main/glossary/index.php
Unescape View File

@ -380,26 +380,26 @@ switch ($action) {
if (count($termsDeleted) > 0) { if (count($termsDeleted) > 0) {
Display::addFlash( Display::addFlash(
Display::return_message(get_lang("TermDeleted").': '.implode(', ', $termsDeleted)) Display::return_message(get_lang('TermDeleted').': '.implode(', ', $termsDeleted))
); );
} }
if (count($updatedList) > 0) { if (count($updatedList) > 0) {
Display::addFlash( Display::addFlash(
Display::return_message(get_lang("TermsUpdated").': '.implode(', ', $updatedList)) Display::return_message(get_lang('TermsUpdated').': '.implode(', ', $updatedList))
); );
} }
if (count($addedList) > 0) { if (count($addedList) > 0) {
Display::addFlash( Display::addFlash(
Display::return_message(get_lang("TermsAdded").': '.implode(', ', $addedList)) Display::return_message(get_lang('TermsAdded').': '.implode(', ', $addedList))
); );
} }
if (count($badList) > 0) { if (count($badList) > 0) {
Display::addFlash( Display::addFlash(
Display::return_message( Display::return_message(
get_lang("GlossaryTermAlreadyExists").': '.implode(', ', $badList), get_lang('GlossaryTermAlreadyExists').': '.implode(', ', $badList),
'error' 'error'
) )
); );
@ -408,7 +408,7 @@ switch ($action) {
if (count($doubles) > 0) { if (count($doubles) > 0) {
Display::addFlash( Display::addFlash(
Display::return_message( Display::return_message(
get_lang("TermsDuplicatedInFile").': '.implode(', ', $doubles), get_lang('TermsDuplicatedInFile').': '.implode(', ', $doubles),
'warning' 'warning'
) )
); );
@ -448,18 +448,19 @@ switch ($action) {
break; break;
default: default:
$tool_name = get_lang('List'); $tool_name = get_lang('List');
$htmlHeadXtra[] = '<script type="text/javascript" src="'.api_get_path(WEB_CODE_PATH).'glossary/glossary.js.php?add_ready=1&'.api_get_cidreq().'"></script>';
$htmlHeadXtra[] = api_get_js('jquery.highlight.js');
$content = GlossaryManager::display_glossary(); $content = GlossaryManager::display_glossary();
break; break;
} }
Display::display_header($tool_name); Display::display_header($tool_name);
// Tool introduction
Display::display_introduction_section(TOOL_GLOSSARY); Display::display_introduction_section(TOOL_GLOSSARY);
echo $content; echo $content;
$extra = '<div id="dialog-confirm" title="'.get_lang("ConfirmYourChoice").'">'; $extra = '<div id="dialog-confirm" title="'.get_lang('ConfirmYourChoice').'">';
$form = new FormValidator( $form = new FormValidator(
'report', 'report',
'post', 'post',

40
main/inc/lib/api.lib.php
Unescape View File

@ -1525,6 +1525,15 @@ function _api_format_user($user, $add_password = false, $loadAvatars = true)
// Maintain the user_id index for backwards compatibility // Maintain the user_id index for backwards compatibility
$result['user_id'] = $result['id'] = $user_id; $result['user_id'] = $result['id'] = $user_id;
$hasCertificates = Certificate::getCertificateByUser($user_id);
$result['has_certificates'] = 0;
if (!empty($hasCertificates)) {
$result['has_certificates'] = 1;
}
$result['icon_status'] = '';
$result['is_admin'] = UserManager::is_admin($user_id);
// Getting user avatar. // Getting user avatar.
if ($loadAvatars) { if ($loadAvatars) {
$result['avatar'] = ''; $result['avatar'] = '';
@ -1571,6 +1580,31 @@ function _api_format_user($user, $add_password = false, $loadAvatars = true)
} else { } else {
$result['avatar_medium'] = $user['avatar_medium']; $result['avatar_medium'] = $user['avatar_medium'];
} }
$iconStatus = '';
$urlImg = api_get_path(WEB_IMG_PATH);
switch ($result['status']) {
case STUDENT:
if ($result['has_certificates']) {
$iconStatus = '<img class="pull-left" src="'.$urlImg.'icons/svg/identifier_graduated.svg" width="22px" height="22px">';
} else {
$iconStatus = '<img class="pull-left" src="'.$urlImg.'icons/svg/identifier_student.svg" width="22px" height="22px">';
}
break;
case COURSEMANAGER:
if ($result['is_admin']) {
$iconStatus = '<img class="pull-left" src="'.$urlImg.'icons/svg/identifier_admin.svg" width="22px" height="22px">';
} else {
$iconStatus = '<img class="pull-left" src="'.$urlImg.'icons/svg/identifier_teacher.svg" width="22px" height="22px">';
}
break;
case STUDENT_BOSS:
$iconStatus = '<img class="pull-left" src="'.$urlImg.'icons/svg/identifier_teacher.svg" width="22px" height="22px">';
break;
}
$result['icon_status'] = $iconStatus;
} }
if (isset($user['user_is_online'])) { if (isset($user['user_is_online'])) {
@ -1590,12 +1624,6 @@ function _api_format_user($user, $add_password = false, $loadAvatars = true)
$result['profile_url'] = api_get_path(WEB_CODE_PATH).'social/profile.php?u='.$user_id; $result['profile_url'] = api_get_path(WEB_CODE_PATH).'social/profile.php?u='.$user_id;
$hasCertificates = Certificate::getCertificateByUser($user_id);
$result['has_certificates'] = 0;
if (!empty($hasCertificates)) {
$result['has_certificates'] = 1;
}
// Send message link // Send message link
$sendMessage = api_get_path(WEB_AJAX_PATH).'user_manager.ajax.php?a=get_user_popup&user_id='.$user_id; $sendMessage = api_get_path(WEB_AJAX_PATH).'user_manager.ajax.php?a=get_user_popup&user_id='.$user_id;
$result['complete_name_with_message_link'] = Display::url( $result['complete_name_with_message_link'] = Display::url(

96
main/inc/lib/social.lib.php
Unescape View File

@ -1859,31 +1859,12 @@ class SocialManager extends UserManager
$currentUserId = api_get_user_id(); $currentUserId = api_get_user_id();
$userIdLoop = $message['user_sender_id']; $userIdLoop = $message['user_sender_id'];
$receiverId = $message['user_receiver_id']; $receiverId = $message['user_receiver_id'];
$urlImg = api_get_path(WEB_IMG_PATH);
if (!isset($users[$userIdLoop])) { if (!isset($users[$userIdLoop])) {
$users[$userIdLoop] = api_get_user_info($userIdLoop); $users[$userIdLoop] = api_get_user_info($userIdLoop);
} }
$iconStatus = ''; $iconStatus = $users[$userIdLoop]['icon_status'];
$userStatus = (int) $users[$userIdLoop]['status'];
$isAdmin = self::is_admin($users[$userIdLoop]['id']);
if ($userStatus === 5) {
if ($users[$userIdLoop]['has_certificates']) {
$iconStatus = '<img src="'.$urlImg.'icons/svg/identifier_graduated.svg" width="22px" height="22px">';
} else {
$iconStatus = '<img src="'.$urlImg.'icons/svg/identifier_student.svg" width="22px" height="22px">';
}
} else {
if ($userStatus === 1) {
if ($isAdmin) {
$iconStatus = '<img src="'.$urlImg.'icons/svg/identifier_admin.svg" width="22px" height="22px">';
} else {
$iconStatus = '<img src="'.$urlImg.'icons/svg/identifier_teacher.svg" width="22px" height="22px">';
}
}
}
$nameComplete = $users[$userIdLoop]['complete_name']; $nameComplete = $users[$userIdLoop]['complete_name'];
$url = api_get_path(WEB_CODE_PATH).'social/profile.php?u='.$userIdLoop; $url = api_get_path(WEB_CODE_PATH).'social/profile.php?u='.$userIdLoop;
@ -2180,7 +2161,7 @@ class SocialManager extends UserManager
$userInfo['has_certificates'] = 1; $userInfo['has_certificates'] = 1;
} }
$userInfo['is_admin'] = Usermanager::is_admin($userId); $userInfo['is_admin'] = UserManager::is_admin($userId);
$languageId = api_get_language_id($userInfo['language']); $languageId = api_get_language_id($userInfo['language']);
$languageInfo = api_get_language_info($languageId); $languageInfo = api_get_language_info($languageId);
@ -2201,8 +2182,10 @@ class SocialManager extends UserManager
} }
$extraFieldBlock = self::getExtraFieldBlock($userId, true); $extraFieldBlock = self::getExtraFieldBlock($userId, true);
$showLanguageFlag = api_get_configuration_value('social_show_language_flag_in_profile');
$template->assign('user', $userInfo); $template->assign('user', $userInfo);
$template->assign('show_language_flag', $showLanguageFlag);
$template->assign('extra_info', $extraFieldBlock); $template->assign('extra_info', $extraFieldBlock);
$template->assign('social_avatar_block', $socialAvatarBlock); $template->assign('social_avatar_block', $socialAvatarBlock);
$template->assign('profile_edition_link', $profileEditionLink); $template->assign('profile_edition_link', $profileEditionLink);
@ -2382,11 +2365,54 @@ class SocialManager extends UserManager
$j++; $j++;
} }
$friendHtml .= '</div>'; $friendHtml .= '</div>';
} else {
$friendHtml = Display::return_message(get_lang('NoFriendsInYourContactList'), 'warning');
} }
return $friendHtml; return $friendHtml;
} }
/**
* @return string Get the JS code necessary for social wall to load open graph from URLs.
*/
public static function getScriptToGetOpenGraph()
{
return '<script>
$(function() {
$("[name=\'social_wall_new_msg_main\']").on("paste", function(e) {
$.ajax({
contentType: "application/x-www-form-urlencoded",
beforeSend: function() {
$("[name=\'wall_post_button\']").prop( "disabled", true );
$(".panel-preview").hide();
$(".spinner").html("'
.'<div class=\'text-center\'>'
.'<em class=\'fa fa-spinner fa-pulse fa-1x\'></em>'
.'<p>'.get_lang('Loading').' '.get_lang('Preview').'</p>'
.'</div>'
.'");
},
type: "POST",
url: "'.api_get_path(WEB_AJAX_PATH).'social.ajax.php?a=read_url_with_open_graph",
data: "social_wall_new_msg_main=" + e.originalEvent.clipboardData.getData("text"),
success: function(response) {
$("[name=\'wall_post_button\']").prop("disabled", false);
if (!response == false) {
$(".spinner").html("");
$(".panel-preview").show();
$(".url_preview").html(response);
$("[name=\'url_content\']").val(response);
$(".url_preview img").addClass("img-responsive");
} else {
$(".spinner").html("");
}
}
});
});
});
</script>';
}
/** /**
* @param string $urlForm * @param string $urlForm
* *
@ -3127,7 +3153,8 @@ class SocialManager extends UserManager
} }
} else { } else {
// Load my groups // Load my groups
$results = $userGroup->get_groups_by_user($userId, $results = $userGroup->get_groups_by_user(
$userId,
[ [
GROUP_USER_PERMISSION_ADMIN, GROUP_USER_PERMISSION_ADMIN,
GROUP_USER_PERMISSION_READER, GROUP_USER_PERMISSION_READER,
@ -3234,30 +3261,7 @@ class SocialManager extends UserManager
$currentUserId = api_get_user_id(); $currentUserId = api_get_user_id();
$authorId = (int) $authorInfo['user_id']; $authorId = (int) $authorInfo['user_id'];
$receiverId = (int) $receiverInfo['user_id']; $receiverId = (int) $receiverInfo['user_id'];
$userStatus = (int) $authorInfo['status']; $iconStatus = $authorInfo['icon_status'];
$urlImg = api_get_path(WEB_IMG_PATH);
$isAdmin = self::is_admin($authorId);
$iconStatus = '';
switch ($userStatus) {
case STUDENT:
if ($authorInfo['has_certificates']) {
$iconStatus = '<img class="pull-left" src="'.$urlImg.'icons/svg/identifier_graduated.svg" width="22px" height="22px">';
} else {
$iconStatus = '<img class="pull-left" src="'.$urlImg.'icons/svg/identifier_student.svg" width="22px" height="22px">';
}
break;
case COURSEMANAGER:
if ($isAdmin) {
$iconStatus = '<img class="pull-left" src="'.$urlImg.'icons/svg/identifier_admin.svg" width="22px" height="22px">';
} else {
$iconStatus = '<img class="pull-left" src="'.$urlImg.'icons/svg/identifier_teacher.svg" width="22px" height="22px">';
}
break;
case STUDENT_BOSS:
$iconStatus = '<img class="pull-left" src="'.$urlImg.'icons/svg/identifier_teacher.svg" width="22px" height="22px">';
break;
}
$date = Display::dateToStringAgoAndLongDate($message['send_date']); $date = Display::dateToStringAgoAndLongDate($message['send_date']);
$avatarAuthor = $authorInfo['avatar']; $avatarAuthor = $authorInfo['avatar'];

Write Preview
Loading…
Cancel
Save