chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

merge

Browse Source
skala
cvargas 15 years ago
parent ad430e9bf4 ea112baa0f
commit c18d531ae6
17 changed files with 679 additions and 672 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 6
      main/forum/forumfunction.inc.php
  2. 2
      main/forum/reply.php
  3. 9
      main/forum/viewthread_flat.inc.php
  4. 9
      main/forum/viewthread_nested.inc.php
  5. 20
      main/forum/viewthread_threaded.inc.php
  6. 26
      main/inc/lib/main_api.lib.php
  7. 1244
      main/install/install.lib.php
  8. 3
      main/install/update-db-1.6.x-1.8.0.inc.php
  9. 2
      main/install/update-db-1.8.0-1.8.2.inc.php
  10. 4
      main/install/update-db-1.8.2-1.8.3.inc.php
  11. 3
      main/install/update-db-1.8.3-1.8.4.inc.php
  12. 3
      main/install/update-db-1.8.4-1.8.5.inc.php
  13. 2
      main/install/update-db-1.8.5-1.8.6.inc.php
  14. 2
      main/install/update-db-1.8.6-1.8.6.1.inc.php
  15. 2
      main/install/update-db-1.8.6.1-1.8.6.2.inc.php
  16. 2
      main/install/update-db-1.8.6.2-1.8.7.inc.php
  17. 12
      main/work/work.php

6
main/forum/forumfunction.inc.php
Unescape View File

@ -2229,8 +2229,8 @@ function store_reply($values) {
if ($upload_ok) {
// We first store an entry in the forum_post table
$sql="INSERT INTO $table_posts (post_title, post_text, thread_id, forum_id, poster_id, post_date, post_notification, post_parent_id, visible)
VALUES ('".Database::escape_string(Security::remove_XSS($values['post_title']))."',
'".Database::escape_string(isset($values['post_text']) ? Security::remove_XSS(stripslashes(api_html_entity_decode($values['post_text'])),COURSEMANAGERLOWSECURITY) : null)."',
VALUES ('".Database::escape_string($values['post_title'])."',
'".Database::escape_string(isset($values['post_text']) ? (api_html_entity_decode($values['post_text'])) : null)."',
'".Database::escape_string($values['thread_id'])."',
'".Database::escape_string($values['forum_id'])."',
'".Database::escape_string($_user['user_id'])."',
@ -2265,7 +2265,7 @@ function store_reply($values) {
// Storing the attachments if any
if ($result) {
$sql='INSERT INTO '.$forum_table_attachment.'(filename,comment, path, post_id,size) '.
"VALUES ( '".Database::escape_string($file_name)."', '".Database::escape_string($comment)."', '".Database::escape_string($new_file_name)."' , '".$new_post_id."', '".$_FILES['user_upload']['size']."' )";
"VALUES ( '".Database::escape_string($file_name)."', '".Database::escape_string($comment)."', '".Database::escape_string($new_file_name)."' , '".$new_post_id."', '".intval($_FILES['user_upload']['size'])."' )";
$result=Database::query($sql);
$message.=' / '.get_lang('FileUploadSucces');
$last_id=Database::insert_id();

2
main/forum/reply.php
Unescape View File

@ -215,7 +215,7 @@ $my_elements = isset($_SESSION['formelements']) ? $_SESSION['formelements'] : ''
$values=show_add_post_form(Security::remove_XSS($my_action,$my_post, $my_elements)); // note: this has to be cleaned first
if (!empty($values) AND isset($_POST['SubmitPost'])) {
store_reply(Security::remove_XSS($values));
store_reply($values);
}
/*

9
main/forum/viewthread_flat.inc.php
Unescape View File

@ -107,17 +107,12 @@ foreach ($rows as $row) {
$post_image.=icon('../img/forumnotification.gif',get_lang('YouWillBeNotified'));
}
// The post title
echo "\t\t<td class=\"$titleclass\">".prepare4display($row['post_title'])."</td>\n";
echo "\t\t<td class=\"$titleclass\">".prepare4display(Security::remove_XSS($row['post_title'], STUDENT))."</td>\n";
echo "\t</tr>\n";
// The post message
//we can see now the html tags
$row['post_text']= Security::remove_XSS($row['post_text'], STUDENT);
echo "\t<tr>\n";
echo "\t\t<td class=\"$messageclass\">".prepare4display($row['post_text'])."</td>\n";
echo "\t\t<td class=\"$messageclass\">".prepare4display(Security::remove_XSS($row['post_text'], STUDENT))."</td>\n";
echo "\t</tr>\n";
// The check if there is an attachment

9
main/forum/viewthread_nested.inc.php
Unescape View File

@ -105,15 +105,12 @@ foreach ($rows as $post) {
$post_image.=icon('../img/forumnotification.gif',get_lang('YouWillBeNotified'));
}
// The post title
echo "\t\t<td class=\"$titleclass\">".prepare4display($post['post_title'])."</td>\n";
echo "\t\t<td class=\"$titleclass\">".prepare4display(Security::remove_XSS($post['post_title'], STUDENT))."</td>\n";
echo "\t</tr>\n";
// The post message
$post['post_text']= Security::remove_XSS($post['post_text'], STUDENT);
// The post message
echo "\t<tr>\n";
echo "\t\t<td class=\"$messageclass\">".prepare4display($post['post_text'])."</td>\n";
echo "\t\t<td class=\"$messageclass\">".prepare4display(Security::remove_XSS($post['post_text'], STUDENT))."</td>\n";
echo "\t</tr>\n";

20
main/forum/viewthread_threaded.inc.php
Unescape View File

@ -33,8 +33,9 @@
**************************************************************************
*/
$rows=get_posts($_GET['thread']); // note: this has to be cleaned first
$rows=calculate_children($rows);
$rows = get_posts($_GET['thread']); // note: this has to be cleaned first
$rows = calculate_children($rows);
if ($_GET['post']) {
$display_post_id = intval($_GET['post']); // note: this has to be cleaned first
@ -62,8 +63,7 @@ $thread_structure="<div class=\"structure\">".get_lang('Structure')."</div>";
$counter=0;
$count=0;
$prev_next_array=array();
foreach ($rows as $post)
{
foreach ($rows as $post) {
$counter++;
$indent=$post['indent_cnt']*'20';
$thread_structure.= "<div style=\"margin-left: ".$indent."px;\">";
@ -79,7 +79,7 @@ foreach ($rows as $post)
$thread_structure.= $post_image;
if ($_GET['post']==$post['post_id'] OR ($counter==1 AND !isset($_GET['post'])))
{
$thread_structure.='<strong>'.prepare4display($post['post_title']).'</strong></div>';
$thread_structure.='<strong>'.prepare4display(Security::remove_XSS($post['post_title'],STUDENT)).'</strong></div>';
$prev_next_array[]=$post['post_id'];
}
else
@ -93,7 +93,7 @@ foreach ($rows as $post)
$class='';
}
$count_loop=($count==0)?'&id=1' : '';
$thread_structure.= "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;post=".$post['post_id']."&amp;origin=$origin$count_loop\" $class>".prepare4display($post['post_title'])."</a></div>\n";
$thread_structure.= "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;post=".$post['post_id']."&amp;origin=$origin$count_loop\" $class>".prepare4display(Security::remove_XSS($post['post_title'],STUDENT))."</a></div>\n";
$prev_next_array[]=$post['post_id'];
}
$count++;
@ -159,8 +159,7 @@ echo '</center>';
//--------------------------------------------------------------------------------------------
// the style depends on the status of the message: approved or not
if ($rows[$display_post_id]['visible']=='0')
{
if ($rows[$display_post_id]['visible']=='0') {
$titleclass='forum_message_post_title_2_be_approved';
$messageclass='forum_message_post_text_2_be_approved';
$leftclass='forum_message_left_2_be_approved';
@ -277,13 +276,12 @@ if ($rows[$display_post_id]['post_notification']=='1' AND $rows[$display_post_id
$post_image.=icon('../img/forumnotification.gif',get_lang('YouWillBeNotified'));
}
// The post title
echo "\t\t<td class=\"$titleclass\">".prepare4display(Security::remove_XSS($rows[$display_post_id]['post_title']))."</td>\n";
echo "\t\t<td class=\"$titleclass\">".prepare4display(Security::remove_XSS($rows[$display_post_id]['post_title'], STUDENT))."</td>\n";
echo "\t</tr>\n";
// The post message
echo "\t<tr>\n";
echo "\t\t<td class=\"$messageclass\">".prepare4display(Security::remove_XSS($rows[$display_post_id]['post_text']), STUDENT)."</td>\n";
echo "\t\t<td class=\"$messageclass\">".prepare4display(Security::remove_XSS($rows[$display_post_id]['post_text'], STUDENT))."</td>\n";
echo "\t</tr>\n";
// The check if there is an attachment

26
main/inc/lib/main_api.lib.php
Unescape View File

@ -4036,20 +4036,24 @@ function api_get_access_url_from_user($user_id) {
}
/**
* @author florespaz@bidsoftperu.com
* @param integer $user_id
* @param string $course_code
* @return integer status
* Gets the status of a user in a course
* @param int user_id
* @param string course_code
* @return int user status
*/
function api_get_status_of_user_in_course ($user_id, $course_code) {
$tbl_rel_course_user = Database :: get_main_table(TABLE_MAIN_COURSE_USER);
$user_id = Database::escape_string(intval($user_id));
$course_code = Database::escape_string($course_code);
$sql = 'SELECT status FROM '.$tbl_rel_course_user.'
WHERE user_id='.$user_id.' AND course_code="'.$course_code.'";';
$result = Database::query($sql);
$row_status = Database::fetch_array($result, 'ASSOC');
return $row_status['status'];
if (!empty($user_id) && !empty($course_code)) {
$user_id = Database::escape_string(intval($user_id));
$course_code = Database::escape_string($course_code);
$sql = 'SELECT status FROM '.$tbl_rel_course_user.'
WHERE user_id='.$user_id.' AND course_code="'.$course_code.'";';
$result = Database::query($sql);
$row_status = Database::fetch_array($result, 'ASSOC');
return $row_status['status'];
} else {
return 0;
}
}
/**

1244
main/install/install.lib.php
View File

File diff suppressed because it is too large Load Diff

3
main/install/update-db-1.6.x-1.8.0.inc.php
Unescape View File

@ -26,7 +26,8 @@
// Check if we come from index.php or update_courses.php - otherwise display error msg
if (defined('SYSTEM_INSTALLATION') || defined('DOKEOS_COURSE_UPDATE')) {
// Check if the current Dokeos install is elligible for update
// Check if the current Dokeos install is eligible for update
if (empty($updateFromConfigFile) || !file_exists($_POST['updatePath'].$updateFromConfigFile) || !in_array(get_config_param('clarolineVersion'), $update_from_version_6)) {
echo '<strong>'.get_lang('Error').' !</strong> Dokeos '.implode('|', $updateFromVersion).' '.get_lang('HasNotBeenFound').'.<br /><br />

2
main/install/update-db-1.8.0-1.8.2.inc.php
Unescape View File

@ -27,7 +27,7 @@
// Check if we come from index.php or update_courses.php - otherwise display error msg
if (defined('SYSTEM_INSTALLATION') || defined('DOKEOS_COURSE_UPDATE')) {
//check if the current Dokeos install is elligible for update
// Check if the current Dokeos install is eligible for update
if (!file_exists('../inc/conf/configuration.php')) {
echo '<strong>'.get_lang('Error').' !</strong> Dokeos '.implode('|', $updateFromVersion).' '.get_lang('HasNotBeenFound').'.<br /><br />
'.get_lang('PleasGoBackToStep1').'.

4
main/install/update-db-1.8.2-1.8.3.inc.php
Unescape View File

@ -24,10 +24,10 @@
==============================================================================
*/
//check if we come from index.php or update_courses.php - otherwise display error msg
// Check if we come from index.php or update_courses.php - otherwise display error msg
if (defined('SYSTEM_INSTALLATION') || defined('DOKEOS_COURSE_UPDATE')) {
// Check if the current Dokeos install is elligible for update
// Check if the current Dokeos install is eligible for update
if (!file_exists('../inc/conf/configuration.php')) {
echo '<strong>'.get_lang('Error').' !</strong> Dokeos '.implode('|', $updateFromVersion).' '.get_lang('HasNotBeenFound').'.<br /><br />
'.get_lang('PleasGoBackToStep1').'.

3
main/install/update-db-1.8.3-1.8.4.inc.php
Unescape View File

@ -26,7 +26,8 @@
// Check if we come from index.php or update_courses.php - otherwise display error msg
if (defined('SYSTEM_INSTALLATION') || defined('DOKEOS_COURSE_UPDATE')) {
//check if the current Dokeos install is elligible for update
// Check if the current Dokeos install is eligible for update
if (!file_exists('../inc/conf/configuration.php')) {
echo '<strong>'.get_lang('Error').' !</strong> Dokeos '.implode('|', $updateFromVersion).' '.get_lang('HasNotBeenFound').'.<br /><br />
'.get_lang('PleasGoBackToStep1').'.

3
main/install/update-db-1.8.4-1.8.5.inc.php
Unescape View File

@ -29,7 +29,8 @@ $new_file_version = '1.8.5';
// Check if we come from index.php or update_courses.php - otherwise display error msg
if (defined('SYSTEM_INSTALLATION') || defined('DOKEOS_COURSE_UPDATE')) {
//check if the current Dokeos install is elligible for update
// Check if the current Dokeos install is eligible for update
if (!file_exists('../inc/conf/configuration.php')) {
echo '<strong>'.get_lang('Error').' !</strong> Dokeos '.implode('|', $updateFromVersion).' '.get_lang('HasNotBeenFound').'.<br /><br />
'.get_lang('PleasGoBackToStep1').'.

2
main/install/update-db-1.8.5-1.8.6.inc.php
Unescape View File

@ -30,7 +30,7 @@ $new_file_version = '1.8.6';
// Check if we come from index.php or update_courses.php - otherwise display error msg
if (defined('SYSTEM_INSTALLATION') || defined('DOKEOS_COURSE_UPDATE')) {
// Check if the current Dokeos install is elligible for update
// Check if the current Dokeos install is eligible for update
if (!file_exists('../inc/conf/configuration.php')) {
echo '<strong>'.get_lang('Error').' !</strong> Dokeos '.implode('|', $updateFromVersion).' '.get_lang('HasNotBeenFound').'.<br /><br />
'.get_lang('PleasGoBackToStep1').'.

2
main/install/update-db-1.8.6-1.8.6.1.inc.php
Unescape View File

@ -30,7 +30,7 @@ $new_file_version = '1.8.6.1';
//check if we come from index.php or update_courses.php - otherwise display error msg
if (defined('SYSTEM_INSTALLATION') || defined('DOKEOS_COURSE_UPDATE')) {
//check if the current Dokeos install is elligible for update
// Check if the current Dokeos install is eligible for update
if (!file_exists('../inc/conf/configuration.php')) {
echo '<strong>'.get_lang('Error').' !</strong> Dokeos '.implode('|', $updateFromVersion).' '.get_lang('HasNotBeenFound').'.<br /><br />
'.get_lang('PleasGoBackToStep1').'.

2
main/install/update-db-1.8.6.1-1.8.6.2.inc.php
Unescape View File

@ -30,7 +30,7 @@ $new_file_version = '1.8.6.2';
// Check if we come from index.php or update_courses.php - otherwise display error msg
if (defined('SYSTEM_INSTALLATION') || defined('DOKEOS_COURSE_UPDATE')) {
// Check if the current Dokeos install is elligible for update
// Check if the current Dokeos install is eligible for update
if (!file_exists('../inc/conf/configuration.php')) {
echo '<strong>'.get_lang('Error').' !</strong> Dokeos '.implode('|', $updateFromVersion).' '.get_lang('HasNotBeenFound').'.<br /><br />
'.get_lang('PleasGoBackToStep1').'.

2
main/install/update-db-1.8.6.2-1.8.7.inc.php
Unescape View File

@ -30,7 +30,7 @@ $new_file_version = '1.8.7';
// Check if we come from index.php or update_courses.php - otherwise display error msg
if (defined('SYSTEM_INSTALLATION') || defined('DOKEOS_COURSE_UPDATE')) {
// Check if the current Dokeos install is elligible for update
// Check if the current Dokeos install is eligible for update
if (!file_exists('../inc/conf/configuration.php')) {
echo '<strong>'.get_lang('Error').' !</strong> Dokeos '.implode('|', $updateFromVersion).' '.get_lang('HasNotBeenFound').'.<br /><br />
'.get_lang('PleasGoBackToStep1').'.

12
main/work/work.php
Unescape View File

@ -1259,7 +1259,9 @@ if ($is_course_member) {
if (!empty ($error_message)) {
Display :: display_error_message($error_message);
}
if ($submitGroupWorkUrl) {
$show_progress_bar = false;
if ($submitGroupWorkUrl) {
// For user comming from group space to publish his work
$realUrl = str_replace($_configuration['root_sys'], $_configuration['root_web'], str_replace("\\", "/", realpath($submitGroupWorkUrl)));
$form->addElement('hidden', 'newWorkUrl', $submitGroupWorkUrl);
@ -1281,6 +1283,7 @@ if ($is_course_member) {
} else {
// else standard upload option
$form->addElement('file', 'file', get_lang('UploadADocument'), 'size="40" onchange="updateDocumentTitle(this.value)"');
$show_progress_bar = true;
}
$titleWork = $form->addElement('text', 'title', get_lang("TitleWork"), 'id="file_upload" style="width: 350px;"');
@ -1334,8 +1337,11 @@ if ($is_course_member) {
if (!empty($_POST['submitWork']) || $edit) {
$form->addElement('style_submit_button', 'cancelForm', get_lang('Cancel'),'class="cancel"');
}
$form->add_real_progress_bar('uploadWork', 'DownloadFile');
if ($show_progress_bar) {
$form->add_real_progress_bar('uploadWork', 'file');
}
$form->setDefaults($defaults);
//$form->addRule('file', '<div class="required">'.get_lang('ThisFieldIsRequired'), 'required');
$form->display();

Write Preview
Loading…
Cancel
Save