chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Feature #5397 - Cleaning code in main/auth directory.

Browse Source
skala
Ivan Tcholakov 16 years ago
parent 5b44dc53c8
commit c1cc5c603f
8 changed files with 551 additions and 716 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 822
      main/auth/courses.php
  2. 16
      main/auth/generate_api_key.inc.php
  3. 249
      main/auth/inscription.php
  4. 24
      main/auth/lostPassword.php
  5. 50
      main/auth/lost_password.lib.php
  6. 98
      main/auth/my_progress.php
  7. 6
      main/auth/profile.php
  8. 2
      main/inc/lib/course.lib.php

822
main/auth/courses.php
View File

File diff suppressed because it is too large Load Diff

16
main/auth/generate_api_key.inc.php
Unescape View File

@ -1,15 +1,15 @@
<?php
require '../inc/global.inc.php';
require_once (api_get_path(LIBRARY_PATH).'usermanager.lib.php');
$array_list_key=array();
$user_id=api_get_user_id();
$api_service='dokeos';
$num=UserManager::update_api_key($user_id,$api_service);
$array_list_key=UserManager::get_api_keys($user_id,$api_service);
require_once api_get_path(LIBRARY_PATH).'usermanager.lib.php';
$array_list_key = array();
$user_id = api_get_user_id();
$api_service = 'dokeos';
$num = UserManager::update_api_key($user_id, $api_service);
$array_list_key = UserManager::get_api_keys($user_id, $api_service);
?>
<div class="row">
<div class="label"><?php echo get_lang('MyApiKey') ?></div>
<div class="label"><?php echo get_lang('MyApiKey'); ?></div>
<div class="formw">
<input type="text" name="api_key_generate" id="id_api_key_generate" size="40" value="<?php echo $array_list_key[$num]?>"/>
<input type="text" name="api_key_generate" id="id_api_key_generate" size="40" value="<?php echo $array_list_key[$num]; ?>"/>
</div>
</div>

249
main/auth/inscription.php
Unescape View File

@ -7,44 +7,45 @@
==============================================================================
*/
// name of the language file that needs to be included
$language_file = array('registration','admin');
$language_file = array('registration', 'admin');
include ("../inc/global.inc.php");
require '../inc/global.inc.php';
require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php');
require_once (api_get_path(LIBRARY_PATH).'usermanager.lib.php');
require_once (api_get_path(CONFIGURATION_PATH).'profile.conf.php');
require_once(api_get_path(INCLUDE_PATH).'lib/mail.lib.inc.php');
require_once(api_get_path(INCLUDE_PATH).'lib/legal.lib.php');
require_once api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php';
require_once api_get_path(LIBRARY_PATH).'usermanager.lib.php';
require_once api_get_path(CONFIGURATION_PATH).'profile.conf.php';
require_once api_get_path(LIBRARY_PATH).'mail.lib.inc.php';
require_once api_get_path(LIBRARY_PATH).'legal.lib.php';
//require_once(api_get_path(LIBRARY_PATH).'fileManage.lib.php');
//require_once(api_get_path(LIBRARY_PATH).'fileUpload.lib.php');
//require_once (api_get_path(LIBRARY_PATH).'image.lib.php');
// Load terms & conditions from the current lang
if (api_get_setting('allow_terms_conditions')=='true') {
if (api_get_setting('allow_terms_conditions') == 'true') {
$get = array_keys($_GET);
if (isset($get)) {
if ($get[0]=='legal'){
if ($get[0] == 'legal'){
//$language = api_get_setting('platformLanguage');
$language = api_get_interface_language();
$language = api_get_language_id($language);
$term_preview= LegalManager::get_last_condition($language);
if ($term_preview==false) {
$term_preview = LegalManager::get_last_condition($language);
if (!$term_preview) {
//look for the default language
$language = api_get_setting('platformLanguage');
$language = api_get_language_id($language);
$term_preview= LegalManager::get_last_condition($language);
$term_preview = LegalManager::get_last_condition($language);
}
$tool_name = get_lang('TermsAndConditions');
Display :: display_header('');
echo '<div class="actions-title">';
echo $tool_name;
echo '</div>';
if (!empty($term_preview['content']))
if (!empty($term_preview['content'])) {
echo $term_preview['content'];
else
} else {
echo get_lang('ComingSoon');
}
Display :: display_footer();
exit;
}
@ -62,7 +63,7 @@ if (api_get_setting('allow_registration') == 'false') {
api_not_allowed();
}
//api_display_tool_title($tool_name);
if (api_get_setting('allow_registration')=='approval') {
if (api_get_setting('allow_registration') == 'approval') {
Display::display_normal_message(get_lang('YourAccountHasToBeApproved'));
}
//if openid was not found
@ -71,16 +72,16 @@ if (!empty($_GET['openid_msg']) && $_GET['openid_msg'] == 'idnotfound') {
}
$form = new FormValidator('registration');
if (api_get_setting('allow_terms_conditions')=='true') {
if (api_get_setting('allow_terms_conditions') == 'true') {
if (!isset($_SESSION['update_term_and_condition'][1])) {
$display_all_form=true;
$display_all_form = true;
} else {
$display_all_form=false;
$display_all_form = false;
}
} else {
$display_all_form=true;
$display_all_form = true;
}
if ($display_all_form===true) {
if ($display_all_form === true) {
if (api_is_western_name_order()) {
// FIRST NAME and LAST NAME
@ -96,10 +97,11 @@ if ($display_all_form===true) {
$form->addRule('firstname', get_lang('ThisFieldIsRequired'), 'required');
// EMAIL
$form->addElement('text', 'email', get_lang('Email'), array('size' => 40));
if (api_get_setting('registration', 'email') == 'true')
if (api_get_setting('registration', 'email') == 'true') {
$form->addRule('email', get_lang('ThisFieldIsRequired'), 'required');
}
$form->addRule('email', get_lang('EmailWrong'), 'email');
if (api_get_setting('openid_authentication')=='true') {
if (api_get_setting('openid_authentication') == 'true') {
$form->addElement('text', 'openid', get_lang('OpenIDURL'), array('size' => 40));
}
/*
@ -143,50 +145,41 @@ if ($display_all_form===true) {
$form->addElement('select_language', 'language', get_lang('Language'));
}
// STUDENT/TEACHER
if (api_get_setting('allow_registration_as_teacher') <> 'false') {
if (api_get_setting('allow_registration_as_teacher') != 'false') {
$form->addElement('radio', 'status', get_lang('Status'), get_lang('RegStudent'), STUDENT);
$form->addElement('radio', 'status', null, get_lang('RegAdmin'), COURSEMANAGER);
}
// EXTENDED FIELDS
if (api_get_setting('extended_profile') == 'true' AND api_get_setting('extendedprofile_registration','mycomptetences') == 'true')
{
if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'mycomptetences') == 'true') {
$form->add_html_editor('competences', get_lang('MyCompetences'), false, false, array('ToolbarSet' => 'Profile', 'Width' => '100%', 'Height' => '130'));
}
if (api_get_setting('extended_profile') == 'true' AND api_get_setting('extendedprofile_registration','mydiplomas') == 'true')
{
if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'mydiplomas') == 'true') {
$form->add_html_editor('diplomas', get_lang('MyDiplomas'), false, false, array('ToolbarSet' => 'Profile', 'Width' => '100%', 'Height' => '130'));
}
if (api_get_setting('extended_profile') == 'true' AND api_get_setting('extendedprofile_registration','myteach') == 'true')
{
if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'myteach') == 'true') {
$form->add_html_editor('teach', get_lang('MyTeach'), false, false, array('ToolbarSet' => 'Profile', 'Width' => '100%', 'Height' => '130'));
}
if (api_get_setting('extended_profile') == 'true' AND api_get_setting('extendedprofile_registration','mypersonalopenarea') == 'true')
{
if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'mypersonalopenarea') == 'true') {
$form->add_html_editor('openarea', get_lang('MyPersonalOpenArea'), false, false, array('ToolbarSet' => 'Profile', 'Width' => '100%', 'Height' => '130'));
}
if (api_get_setting('extended_profile') == 'true')
{
if (api_get_setting('extendedprofile_registrationrequired','mycomptetences') == 'true')
{
if (api_get_setting('extended_profile') == 'true') {
if (api_get_setting('extendedprofile_registrationrequired', 'mycomptetences') == 'true') {
$form->addRule('competences', get_lang('ThisFieldIsRequired'), 'required');
}
if (api_get_setting('extendedprofile_registrationrequired','mydiplomas') == 'true')
{
if (api_get_setting('extendedprofile_registrationrequired', 'mydiplomas') == 'true') {
$form->addRule('diplomas', get_lang('ThisFieldIsRequired'), 'required');
}
if (api_get_setting('extendedprofile_registrationrequired','myteach') == 'true')
{
if (api_get_setting('extendedprofile_registrationrequired', 'myteach') == 'true') {
$form->addRule('teach', get_lang('ThisFieldIsRequired'), 'required');
}
if (api_get_setting('extendedprofile_registrationrequired','mypersonalopenarea') == 'true')
{
if (api_get_setting('extendedprofile_registrationrequired','mypersonalopenarea') == 'true') {
$form->addRule('openarea', get_lang('ThisFieldIsRequired'), 'required');
}
}
// EXTRA FIELDS
$extra = UserManager::get_extra_fields(0,50,5,'ASC');
$extra_data = UserManager::get_extra_user_data(api_get_user_id(),true);
$extra = UserManager::get_extra_fields(0, 50, 5, 'ASC');
$extra_data = UserManager::get_extra_user_data(api_get_user_id(), true);
foreach ($extra as $id => $field_details) {
if ($field_details[6] == 0) {
continue;
@ -209,7 +202,7 @@ if ($display_all_form===true) {
$group = array();
foreach ($field_details[9] as $option_id => $option_details) {
$options[$option_details[1]] = $option_details[2];
$group[] =& HTML_QuickForm::createElement('radio', 'extra_'.$field_details[1], $option_details[1],$option_details[2].'<br />',$option_details[1]);
$group[] =& HTML_QuickForm::createElement('radio', 'extra_'.$field_details[1], $option_details[1], $option_details[2].'<br />',$option_details[1]);
}
$form->addGroup($group, 'extra_'.$field_details[1], $field_details[3], '');
if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]);
@ -219,7 +212,7 @@ if ($display_all_form===true) {
foreach($field_details[9] as $option_id => $option_details) {
$options[$option_details[1]] = $option_details[2];
}
$form->addElement('select','extra_'.$field_details[1],$field_details[3],$options,'');
$form->addElement('select', 'extra_'.$field_details[1], $field_details[3], $options, '');
if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]);
break;
case USER_FIELD_TYPE_SELECT_MULTIPLE:
@ -227,49 +220,49 @@ if ($display_all_form===true) {
foreach ($field_details[9] as $option_id => $option_details) {
$options[$option_details[1]] = $option_details[2];
}
$form->addElement('select','extra_'.$field_details[1],$field_details[3],$options,array('multiple' => 'multiple'));
$form->addElement('select', 'extra_'.$field_details[1], $field_details[3], $options, array('multiple' => 'multiple'));
if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]);
break;
case USER_FIELD_TYPE_DATE:
$form->addElement('datepickerdate', 'extra_'.$field_details[1], $field_details[3],array('form_name'=>'registration'));
$form->_elements[$form->_elementIndex['extra_'.$field_details[1]]]->setLocalOption('minYear',1900);
$form->addElement('datepickerdate', 'extra_'.$field_details[1], $field_details[3], array('form_name' => 'registration'));
$form->_elements[$form->_elementIndex['extra_'.$field_details[1]]]->setLocalOption('minYear', 1900);
$defaults['extra_'.$field_details[1]] = date('Y-m-d 12:00:00');
$form -> setDefaults($defaults);
if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]);
$form->applyFilter('theme', 'trim');
break;
case USER_FIELD_TYPE_DATETIME:
$form->addElement('datepicker', 'extra_'.$field_details[1], $field_details[3],array('form_name'=>'registration'));
$form->_elements[$form->_elementIndex['extra_'.$field_details[1]]]->setLocalOption('minYear',1900);
$form->addElement('datepicker', 'extra_'.$field_details[1], $field_details[3], array('form_name' => 'registration'));
$form->_elements[$form->_elementIndex['extra_'.$field_details[1]]]->setLocalOption('minYear', 1900);
$defaults['extra_'.$field_details[1]] = date('Y-m-d 12:00:00');
$form -> setDefaults($defaults);
if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]);
$form->applyFilter('theme', 'trim');
break;
case USER_FIELD_TYPE_DOUBLE_SELECT:
foreach ($field_details[9] as $key=>$element) {
foreach ($field_details[9] as $key => $element) {
if ($element[2][0] == '*') {
$values['*'][$element[0]] = str_replace('*','',$element[2]);
$values['*'][$element[0]] = str_replace('*', '', $element[2]);
} else {
$values[0][$element[0]] = $element[2];
}
}
$group='';
$group[] =& HTML_QuickForm::createElement('select', 'extra_'.$field_details[1],'',$values[0],'');
$group[] =& HTML_QuickForm::createElement('select', 'extra_'.$field_details[1].'*','',$values['*'],'');
$group = '';
$group[] =& HTML_QuickForm::createElement('select', 'extra_'.$field_details[1], '', $values[0], '');
$group[] =& HTML_QuickForm::createElement('select', 'extra_'.$field_details[1].'*', '', $values['*'], '');
$form->addGroup($group, 'extra_'.$field_details[1], $field_details[3], '&nbsp;');
if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]);
// recoding the selected values for double : if the user has selected certain values, we have to assign them to the correct select form
if (key_exists('extra_'.$field_details[1], $extra_data)) {
// exploding all the selected values (of both select forms)
$selected_values = explode(';',$extra_data['extra_'.$field_details[1]]);
$selected_values = explode(';', $extra_data['extra_'.$field_details[1]]);
$extra_data['extra_'.$field_details[1]] =array();
// looping through the selected values and assigning the selected values to either the first or second select form
foreach ($selected_values as $key=>$selected_value) {
if (key_exists($selected_value,$values[0])) {
foreach ($selected_values as $key => $selected_value) {
if (key_exists($selected_value, $values[0])) {
$extra_data['extra_'.$field_details[1]]['extra_'.$field_details[1]] = $selected_value;
} else {
$extra_data['extra_'.$field_details[1]]['extra_'.$field_details[1].'*'] = $selected_value;
@ -278,33 +271,33 @@ if ($display_all_form===true) {
}
break;
case USER_FIELD_TYPE_DIVIDER:
$form->addElement('static',$field_details[1], '<br /><strong>'.$field_details[3].'</strong>');
$form->addElement('static', $field_details[1], '<br /><strong>'.$field_details[3].'</strong>');
break;
}
}
}
//------------ Terms and conditions
if (api_get_setting('allow_terms_conditions')=='true') {
if (api_get_setting('allow_terms_conditions') == 'true') {
//$language = api_get_setting('platformLanguage');
$language = api_get_interface_language();
$language = api_get_language_id($language);
$term_preview= LegalManager::get_last_condition($language);
$term_preview = LegalManager::get_last_condition($language);
if ($term_preview==false) {
if (!$term_preview) {
//we load from the platform
$language = api_get_setting('platformLanguage');
$language = api_get_language_id($language);
$term_preview= LegalManager::get_last_condition($language);
$term_preview = LegalManager::get_last_condition($language);
//if is false we load from english
if ($term_preview==false){
if (!$term_preview){
$language = api_get_language_id('english'); //this must work
$term_preview= LegalManager::get_last_condition($language);
$term_preview = LegalManager::get_last_condition($language);
}
}
// Version and language //password
$form->addElement('hidden', 'legal_accept_type',$term_preview['version'].':'.$term_preview['language_id']);
$form->addElement('hidden', 'legal_info',$term_preview['legal_id'].':'.$term_preview['language_id']);
$form->addElement('hidden', 'legal_accept_type', $term_preview['version'].':'.$term_preview['language_id']);
$form->addElement('hidden', 'legal_info', $term_preview['legal_id'].':'.$term_preview['language_id']);
if (isset($_SESSION['info_current_user'][1]) && isset($_SESSION['info_current_user'][2])) {
$form->addElement('hidden', 'login',$_SESSION['info_current_user'][1]);
$form->addElement('hidden', 'password',$_SESSION['info_current_user'][2]);
@ -327,30 +320,25 @@ if (api_get_setting('allow_terms_conditions')=='true') {
}
}
$form->addElement('style_submit_button', 'submit', get_lang('RegisterUser'),'class="save"');
$form->addElement('style_submit_button', 'submit', get_lang('RegisterUser'), 'class="save"');
if(isset($_SESSION["user_language_choice"]) && $_SESSION["user_language_choice"]!=""){
$defaults['language'] = $_SESSION["user_language_choice"];
}
else{
if (isset($_SESSION['user_language_choice']) && $_SESSION['user_language_choice'] != '') {
$defaults['language'] = $_SESSION['user_language_choice'];
} else {
$defaults['language'] = api_get_setting('platformLanguage');
}
if(!empty($_GET['username']))
{
if (!empty($_GET['username'])) {
$defaults['username'] = Security::remove_XSS($_GET['username']);
}
if(!empty($_GET['email']))
{
if (!empty($_GET['email'])) {
$defaults['email'] = Security::remove_XSS($_GET['email']);
}
if(!empty($_GET['phone']))
{
if (!empty($_GET['phone'])) {
$defaults['phone'] = Security::remove_XSS($_GET['phone']);
}
if (api_get_setting('openid_authentication')=='true' && !empty($_GET['openid']))
{
if (api_get_setting('openid_authentication') == 'true' && !empty($_GET['openid'])) {
$defaults['openid'] = Security::remove_XSS($_GET['openid']);
}
$defaults['status'] = STUDENT;
@ -362,7 +350,7 @@ if ($form->validate()) {
-----------------------------------------------------*/
$values = $form->exportValues();
$values['username'] = api_substr($values['username'],0,20); //make *sure* the login isn't too long
$values['username'] = api_substr($values['username'], 0, USERNAME_MAX_LENGTH); //make *sure* the login isn't too long
if (api_get_setting('allow_registration_as_teacher') == 'false') {
$values['status'] = STUDENT;
@ -372,32 +360,32 @@ if ($form->validate()) {
$user_id = UserManager::create_user($values['firstname'],$values['lastname'],$values['status'],$values['email'],$values['username'],$values['pass1'],$values['official_code'], $values['language'],$values['phone'],$picture_uri);
// Terms & Conditions
if (api_get_setting('allow_terms_conditions')=='true') {
if (api_get_setting('allow_terms_conditions') == 'true') {
// update the terms & conditions
if (isset($values['legal_accept_type'])) {
$cond_array = explode(':',$values['legal_accept_type']);
if (!empty($cond_array[0]) && !empty($cond_array[1])){
$cond_array = explode(':', $values['legal_accept_type']);
if (!empty($cond_array[0]) && !empty($cond_array[1])) {
$time = time();
$condition_to_save = intval($cond_array[0]).':'.intval($cond_array[1]).':'.$time;
UserManager::update_extra_field_value($user_id,'legal_accept',$condition_to_save);
UserManager::update_extra_field_value($user_id, 'legal_accept', $condition_to_save);
}
}
}
/****** register extra fields*************/
$extras=array();
foreach($values as $key => $value) {
if (substr($key,0,6)=='extra_') {//an extra field
$extras = array();
foreach ($values as $key => $value) {
if (substr($key, 0, 6) == 'extra_') { //an extra field
$extras[substr($key,6)] = $value;
} else {
$sql .= " $key = '".Database::escape_string($value)."',";
}
}
//update the extra fields
$count_extra_field=count($extras);
if ($count_extra_field>0) {
foreach ($extras as $key=>$value) {
$myres = UserManager::update_extra_field_value($user_id,$key,$value);
$count_extra_field = count($extras);
if ($count_extra_field > 0) {
foreach ($extras as $key => $value) {
$myres = UserManager::update_extra_field_value($user_id, $key, $value);
}
}
@ -406,82 +394,72 @@ if ($form->validate()) {
// storing the extended profile
$store_extended = false;
$sql = "UPDATE ".Database::get_main_table(TABLE_MAIN_USER)." SET ";
if (api_get_setting('extended_profile') == 'true' AND api_get_setting('extendedprofile_registration','mycomptetences') == 'true')
{
if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'mycomptetences') == 'true') {
$sql_set[] = "competences = '".Database::escape_string($values['competences'])."'";
$store_extended = true;
}
if (api_get_setting('extended_profile') == 'true' AND api_get_setting('extendedprofile_registration','mydiplomas') == 'true')
{
if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'mydiplomas') == 'true') {
$sql_set[] = "diplomas = '".Database::escape_string($values['diplomas'])."'";
$store_extended = true;
}
if (api_get_setting('extended_profile') == 'true' AND api_get_setting('extendedprofile_registration','myteach') == 'true')
{
if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'myteach') == 'true') {
$sql_set[] = "teach = '".Database::escape_string($values['teach'])."'";
$store_extended = true;
}
if (api_get_setting('extended_profile') == 'true' AND api_get_setting('extendedprofile_registration','mypersonalopenarea') == 'true')
{
if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'mypersonalopenarea') == 'true') {
$sql_set[] = "openarea = '".Database::escape_string($values['openarea'])."'";
$store_extended = true;
}
if ($store_extended)
{
$sql .= implode(',',$sql_set);
if ($store_extended) {
$sql .= implode(',', $sql_set);
$sql .= " WHERE user_id = '".Database::escape_string($user_id)."'";
Database::query($sql,__FILE__,__LINE__);
Database::query($sql, __FILE__, __LINE__);
}
// if there is a default duration of a valid account then we have to change the expiration_date accordingly
if (api_get_setting('account_valid_duration')<>'')
{
if (api_get_setting('account_valid_duration') != '') {
$sql = "UPDATE ".Database::get_main_table(TABLE_MAIN_USER)."
SET expiration_date='registration_date+1' WHERE user_id='".$user_id."'";
Database::query($sql,__FILE__,__LINE__);
Database::query($sql, __FILE__, __LINE__);
}
// if the account has to be approved then we set the account to inactive, sent a mail to the platform admin and exit the page.
if (api_get_setting('allow_registration')=='approval')
{
if (api_get_setting('allow_registration') == 'approval') {
$TABLE_USER= Database::get_main_table(TABLE_MAIN_USER);
// 1. set account inactive
$sql = "UPDATE ".$TABLE_USER." SET active='0' WHERE user_id='".$user_id."'";
Database::query($sql,__FILE__,__LINE__);
Database::query($sql, __FILE__, __LINE__);
$sql_get_id_admin="SELECT * FROM ".Database::get_main_table(TABLE_MAIN_ADMIN);
$result=Database::query($sql_get_id_admin,__FILE__,__LINE__);
$sql_get_id_admin = "SELECT * FROM ".Database::get_main_table(TABLE_MAIN_ADMIN);
$result = Database::query($sql_get_id_admin, __FILE__, __LINE__);
while ($row = Database::fetch_array($result)) {
$sql_admin_list="SELECT * FROM ".$TABLE_USER." WHERE user_id='".$row['user_id']."'";
$result_list=Database::query($sql_admin_list,__FILE__,__LINE__);
$sql_admin_list = "SELECT * FROM ".$TABLE_USER." WHERE user_id='".$row['user_id']."'";
$result_list = Database::query($sql_admin_list, __FILE__, __LINE__);
$admin_list=Database::fetch_array($result_list);
$emailto = $admin_list['email'];
// 2. send mail to the platform admin
$emailfromaddr = api_get_setting('emailAdministrator');
$emailfromname = api_get_setting('siteName');
$emailsubject = get_lang('ApprovalForNewAccount').': '.$values['username'];
$emailbody = get_lang('ApprovalForNewAccount')."\n";
$emailbody .=get_lang('UserName').': '.$values['username']."\n";
$emailbody .=get_lang('LastName').': '.$values['lastname']."\n";
$emailbody .=get_lang('FirstName').': '.$values['firstname']."\n";
$emailbody .=get_lang('Email').': '.$values['email']."\n";
$emailbody .=get_lang('Status').': '.$values['status']."\n\n";
$emailbody .=get_lang('ManageUser').': '.api_get_path(WEB_CODE_PATH).'admin/user_edit.php?user_id='.$user_id;
$emailfromaddr = api_get_setting('emailAdministrator');
$emailfromname = api_get_setting('siteName');
$emailsubject = get_lang('ApprovalForNewAccount').': '.$values['username'];
$emailbody = get_lang('ApprovalForNewAccount')."\n";
$emailbody .= get_lang('UserName').': '.$values['username']."\n";
$emailbody .= get_lang('LastName').': '.$values['lastname']."\n";
$emailbody .= get_lang('FirstName').': '.$values['firstname']."\n";
$emailbody .= get_lang('Email').': '.$values['email']."\n";
$emailbody .= get_lang('Status').': '.$values['status']."\n\n";
$emailbody .= get_lang('ManageUser').': '.api_get_path(WEB_CODE_PATH).'admin/user_edit.php?user_id='.$user_id;
$sender_name = api_get_setting('administratorName').' '.api_get_setting('administratorSurname');
$email_admin = api_get_setting('emailAdministrator');
@api_mail('', $emailto, $emailsubject, $emailbody, $sender_name,$email_admin);
@api_mail('', $emailto, $emailsubject, $emailbody, $sender_name, $email_admin);
}
// 3. exit the page
unset($user_id);
Display :: display_footer();
exit;
// 3. exit the page
unset($user_id);
Display :: display_footer();
exit;
}
@ -493,7 +471,7 @@ if ($form->validate()) {
$_user['mail'] = $values['email'];
$_user['language'] = $values['language'];
$_user['user_id'] = $user_id;
$is_allowedCreateCourse = ($values['status'] == 1) ? true : false;
$is_allowedCreateCourse = $values['status'] == 1;
api_session_register('_user');
api_session_register('is_allowedCreateCourse');
@ -532,7 +510,7 @@ if ($form->validate()) {
// Every header must be followed by a \n except the last
$sender_name = api_get_setting('administratorName').' '.api_get_setting('administratorSurname');
$email_admin = api_get_setting('emailAdministrator');
@api_mail($recipient_name, $email, $emailsubject, $emailbody, $sender_name,$email_admin);
@api_mail($recipient_name, $email, $emailsubject, $emailbody, $sender_name, $email_admin);
}
}
@ -560,7 +538,7 @@ if ($form->validate()) {
$form->display();
}
?>
<br/>
<br />
<?php
if (!isset($_POST['username'])) {
?>
@ -578,4 +556,3 @@ if (!isset($_POST['username'])) {
*/
Display :: display_footer();
?>

24
main/auth/lostPassword.php
Unescape View File

@ -17,11 +17,13 @@
==============================================================================
*/
// name of the language file that needs to be included
$language_file = "registration";
require ('../inc/global.inc.php');
require_once ('lost_password.lib.php');
require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php');
require_once(api_get_path(INCLUDE_PATH).'lib/mail.lib.inc.php');
$language_file = 'registration';
require '../inc/global.inc.php';
require_once 'lost_password.lib.php';
require_once api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php';
require_once api_get_path(LIBRARY_PATH).'mail.lib.inc.php';
$tool_name = get_lang('LostPassword');
Display :: display_header($tool_name);
@ -29,7 +31,7 @@ $this_section = SECTION_CAMPUS;
$tool_name = get_lang('LostPass');
// Forbidden to retrieve the lost password
if (get_setting('allow_lostpassword') == "false") {
if (api_get_setting('allow_lostpassword') == 'false') {
api_not_allowed();
}
echo '<div class="actions-title">';
@ -40,7 +42,7 @@ if (isset ($_GET["reset"]) && isset ($_GET["id"])) {
$msg = reset_password($_GET["reset"], $_GET["id"], true);
$msg1= '<a href="'.api_get_path(WEB_PATH).'main/auth/lostPassword.php" class="fake_button_back" >'.get_lang('Back').'</a>';
echo '<br/><br/><div class="actions" >'.$msg1.'</div>';
echo '<br /><br /><div class="actions" >'.$msg1.'</div>';
} else {
$form = new FormValidator('lost_password');
@ -65,9 +67,9 @@ if (isset ($_GET["reset"]) && isset ($_GET["id"])) {
$tbl_user = Database :: get_main_table(TABLE_MAIN_USER);
$query = " SELECT user_id AS uid, lastname AS lastName, firstname AS firstName,
username AS loginName, password, email, status AS status,
username AS loginName, password, email, status AS status,
official_code, phone, picture_uri, creator_id
FROM ".$tbl_user."
FROM ".$tbl_user."
WHERE ( username = '".mysql_real_escape_string($user)."' $condition ) ";
$result = Database::query($query, __FILE__, __LINE__);
@ -93,7 +95,7 @@ if (isset ($_GET["reset"]) && isset ($_GET["id"])) {
}
$msg .= '<a href="'.api_get_path(WEB_PATH).'main/auth/lostPassword.php" class="fake_button_back" >'.get_lang('Back').'</a>';
echo '<br/><br/><div class="actions" >'.$msg.'</div>';
echo '<br /><br /><div class="actions" >'.$msg.'</div>';
} else {
@ -105,5 +107,3 @@ if (isset ($_GET["reset"]) && isset ($_GET["id"])) {
}
Display :: display_footer();
//////////////////////////////////////////////////////////////////////////////
?>

50
main/auth/lost_password.lib.php
Unescape View File

@ -7,8 +7,7 @@
* @return string
* @author Olivier Cauberghe <olivier.cauberghe@UGent.be>, Ghent University
*/
function get_email_headers()
{
function get_email_headers() {
global $charset;
$emailHeaders = "From: \"".addslashes(api_get_setting('administratorSurname')." ".api_get_setting('administratorName'))."\" <".api_get_setting('emailAdministrator').">\n";
$emailHeaders .= "Reply-To: ".api_get_setting('emailAdministrator')."\n";
@ -19,6 +18,7 @@ function get_email_headers()
$emailHeaders .= "Mime-Version: 1.0";
return $emailHeaders;
}
/**
* Enter description here...
*
@ -28,21 +28,20 @@ function get_email_headers()
* @return unknown
* @author Olivier Cauberghe <olivier.cauberghe@UGent.be>, Ghent University
*/
function get_user_account_list($user, $reset = false, $by_username = false)
{
function get_user_account_list($user, $reset = false, $by_username = false) {
global $_configuration;
$portal_url = $_configuration['root_web'];
if ($_configuration['multiple_access_urls']==true) {
if ($_configuration['multiple_access_urls']) {
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1 ){
if ($access_url_id != -1 ) {
$url = api_get_access_url($access_url_id);
$portal_url = $url['url'];
}
}
if ($reset == true) {
if ($reset) {
if ($by_username == true) {
if ($by_username) {
$secretword = get_secret_word($user["email"]);
if ($reset) {
@ -76,8 +75,8 @@ function get_user_account_list($user, $reset = false, $by_username = false)
} else {
if ($by_username == false) {
$user = $user[0];
if (!$by_username) {
$user = $user[0];
}
$reset_link = get_lang('Pass')." : $user[password]";
$userAccountList = get_lang('YourRegistrationData')." : \n".get_lang('UserName').' : '.$user['loginName']."\n".$reset_link.'';
@ -85,20 +84,20 @@ function get_user_account_list($user, $reset = false, $by_username = false)
}
return $userAccountList;
}
/**
* This function sends the actual password to the user
*
* @param unknown_type $user
* @author Olivier Cauberghe <olivier.cauberghe@UGent.be>, Ghent University
*/
function send_password_to_user($user, $by_username = false)
{
function send_password_to_user($user, $by_username = false) {
global $charset;
global $_configuration;
$emailHeaders = get_email_headers(); // Email Headers
$emailSubject = "[".get_setting('siteName')."] ".get_lang('LoginRequest'); // SUBJECT
if ($by_username == true) { // Show only for lost password
if ($by_username) { // Show only for lost password
$userAccountList = get_user_account_list($user, false, $by_username); // BODY
$emailTo = $user["email"];
} else {
@ -107,7 +106,7 @@ function send_password_to_user($user, $by_username = false)
}
$portal_url = $_configuration['root_web'];
if ($_configuration['multiple_access_urls'] == true) {
if ($_configuration['multiple_access_urls']) {
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1 ){
$url = api_get_access_url($access_url_id);
@ -126,24 +125,24 @@ function send_password_to_user($user, $by_username = false)
$message = get_lang('SystemUnableToSendEmailContact') . ' ' . Display :: encrypted_mailto_link(get_setting('emailAdministrator'), get_lang('PlatformAdmin')).".</p>";
}
}
/**
* Enter description here...
*
* @param unknown_type $user
* @param unknown_type $user
* @param bool $by_username
* @return unknown
*
* @author Olivier Cauberghe <olivier.cauberghe@UGent.be>, Ghent University
*/
function handle_encrypted_password($user, $by_username = false)
{
function handle_encrypted_password($user, $by_username = false) {
global $charset;
global $_configuration;
$emailHeaders = get_email_headers(); // Email Headers
$emailSubject = "[".get_setting('siteName')."] ".get_lang('LoginRequest'); // SUBJECT
$emailSubject = "[".api_get_setting('siteName')."] ".get_lang('LoginRequest'); // SUBJECT
if ($by_username == true) { // Show only for lost password
if ($by_username) { // Show only for lost password
$userAccountList = get_user_account_list($user, true, $by_username); // BODY
$emailTo = $user["email"];
} else {
@ -157,7 +156,7 @@ function handle_encrypted_password($user, $by_username = false)
$emailBody .= get_lang('PasswordEncryptedForSecurity');
$emailBody .= "\n\n".get_lang('Formula').",\n".get_lang('PlataformAdmin');
$sender_name = get_setting('administratorName').' '.get_setting('administratorSurname');
$email_admin = get_setting('emailAdministrator');
$email_admin = api_get_setting('emailAdministrator');
if (@api_mail('', $emailTo, $emailSubject, $emailBody, $sender_name, $email_admin) == 1) {
Display::display_confirmation_message(get_lang('YourPasswordHasBeenEmailed'));
@ -166,21 +165,21 @@ function handle_encrypted_password($user, $by_username = false)
Display::display_error_message($message, false);
}
}
/**
* Enter description here...
* @author Olivier Cauberghe <olivier.cauberghe@UGent.be>, Ghent University
*/
function get_secret_word($add)
{
function get_secret_word($add) {
global $_configuration;
return $secretword = md5($_configuration['security_key'].$add);
}
/**
* Enter description here...
* @author Olivier Cauberghe <olivier.cauberghe@UGent.be>, Ghent University
*/
function reset_password($secret, $id, $by_username = false)
{
function reset_password($secret, $id, $by_username = false) {
$tbl_user = Database::get_main_table(TABLE_MAIN_USER);
$id = intval($id);
$sql = "SELECT user_id AS uid, lastname AS lastName, firstname AS firstName, username AS loginName, password, email FROM ".$tbl_user." WHERE user_id=$id";
@ -199,7 +198,7 @@ function reset_password($secret, $id, $by_username = false)
$crypted = $user["password"];
$crypted = api_get_encrypted_password($crypted);
$sql = "UPDATE ".$tbl_user." SET password='$crypted' WHERE user_id=$id";
$result = Database::query($sql,__FILE__,__LINE__);
$result = Database::query($sql, __FILE__, __LINE__);
return send_password_to_user($user, $by_username);
} else {
@ -208,4 +207,3 @@ function reset_password($secret, $id, $by_username = false)
}
}
?>

98
main/auth/my_progress.php
Unescape View File

@ -1,19 +1,19 @@
<?php
/* For licensing terms, see /dokeos_license.txt */
// name of the language file that needs to be included
$language_file = array('registration','tracking','exercice','admin');
$language_file = array('registration', 'tracking', 'exercice', 'admin');
$cidReset = true;
$this_section = 'session_my_space';
require ('../inc/global.inc.php');
require '../inc/global.inc.php';
require_once (api_get_path(LIBRARY_PATH).'tracking.lib.php');
require_once (api_get_path(LIBRARY_PATH).'course.lib.php');
require_once (api_get_path(LIBRARY_PATH).'usermanager.lib.php');
require_once ('../newscorm/learnpath.class.php');
require_once api_get_path(LIBRARY_PATH).'tracking.lib.php';
require_once api_get_path(LIBRARY_PATH).'course.lib.php';
require_once api_get_path(LIBRARY_PATH).'usermanager.lib.php';
require_once api_get_path(SYS_CODE_PATH).'newscorm/learnpath.class.php';
$nameTools=get_lang('MyProgress');
$nameTools = get_lang('MyProgress');
api_block_anonymous_users();
@ -34,7 +34,6 @@ $tbl_course_lp = Database :: get_course_table(TABLE_LP_MAIN);
$tbl_course_lp_item = Database :: get_course_table(TABLE_LP_ITEM);
$tbl_course_quiz = Database :: get_course_table(TABLE_QUIZ_TEST);
// get course list
$sql = 'SELECT course_code FROM '.$tbl_course_user.' WHERE user_id='.intval($_user['user_id']);
$rs = Database::query($sql, __FILE__, __LINE__);
@ -53,7 +52,7 @@ while($row = Database :: fetch_array($rs)) {
echo '<div class="actions-title" >';
echo $nameTools;
echo '</div>';
$now=date('Y-m-d');
$now = date('Y-m-d');
?>
<table class="data_table" width="100%">
<tr class="tableName">
@ -80,18 +79,18 @@ $totalScore = 0;
$totalItem = 0;
$totalProgress = 0;
foreach($Courses as $enreg) {
foreach ($Courses as $enreg) {
$weighting = 0;
$lastConnexion = Tracking :: get_last_connection_date_on_the_course($_user['user_id'],$enreg['code']);
$lastConnexion = Tracking :: get_last_connection_date_on_the_course($_user['user_id'], $enreg['code']);
$progress = Tracking :: get_avg_student_progress($_user['user_id'], $enreg['code']);
$total_time_login=Tracking :: get_time_spent_on_the_course($_user['user_id'], $enreg['code']);
$total_time_login = Tracking :: get_time_spent_on_the_course($_user['user_id'], $enreg['code']);
$time = api_time_to_hms($total_time_login);
$pourcentageScore = Tracking :: get_average_test_scorm_and_lp ($_user['user_id'], $enreg['code']);
?>
<tr class='<?php echo $i?'row_odd':'row_even'; ?>'>
<td>
<?php echo api_html_entity_decode($enreg['title'],ENT_QUOTES,$charset); ?>
<?php echo api_html_entity_decode($enreg['title'], ENT_QUOTES, $charset); ?>
</td>
<td align='center'>
<?php echo $time; ?>
@ -109,7 +108,7 @@ foreach($Courses as $enreg) {
?>
</td>
<td align='center' >
<?php echo $lastConnexion ?>
<?php echo $lastConnexion; ?>
</td>
<td align='center'>
<a href="<?php echo api_get_self(); ?>?course=<?php echo $enreg['code']; ?>"> <?php Display::display_icon('2rightarrow.gif', get_lang('Details')); ?> </a>
@ -129,12 +128,12 @@ foreach($Courses as $enreg) {
*
* **********************************************************************************************
*/
if(isset($_GET['course'])) {
if (isset($_GET['course'])) {
$course = Database::escape_string($_GET['course']);
$a_infosCours = CourseManager::get_course_information($course);
//get coach and session_name if there is one and if session_mode is activated
if(api_get_setting('use_session_mode')=='true') {
if (api_get_setting('use_session_mode') == 'true') {
$tbl_user = Database :: get_main_table(TABLE_MAIN_USER);
$tbl_session = Database :: get_main_table(TABLE_MAIN_SESSION);
$tbl_session_course = Database :: get_main_table(TABLE_MAIN_SESSION_COURSE);
@ -145,47 +144,42 @@ foreach($Courses as $enreg) {
WHERE session_course_user.id_user = '.intval($_user['user_id']).'
AND session_course_user.course_code = "'.Database::escape_string($course).'"
ORDER BY id_session DESC';
$rs = Database::query($sql,__FILE__,__LINE__);
$rs = Database::query($sql, __FILE__, __LINE__);
$row=Database::fetch_array($rs);
if (!empty ($row[0]))
{
$session_id =intval($row[0]);
$row = Database::fetch_array($rs);
if (!empty($row[0])) {
$session_id = intval($row[0]);
}
//$session_id =intval(Database::result($rs,0,0));
//$session_id = intval(Database::result($rs, 0, 0));
if($session_id>0)
{
if ($session_id > 0) {
// get session name and coach of the session
$sql = 'SELECT name, id_coach FROM '.$tbl_session.'
WHERE id='.$session_id;
$rs = Database::query($sql,__FILE__,__LINE__);
$session_name = Database::result($rs,0,'name');
$session_coach_id = intval(Database::result($rs,0,'id_coach'));
$rs = Database::query($sql, __FILE__, __LINE__);
$session_name = Database::result($rs, 0, 'name');
$session_coach_id = intval(Database::result($rs, 0, 'id_coach'));
// get coach of the course in the session
$sql = 'SELECT id_coach FROM '.$tbl_session_course.'
WHERE id_session='.$session_id.'
AND course_code = "'.Database::escape_string($_GET['course']).'"';
$rs = Database::query($sql,__FILE__,__LINE__);
$session_course_coach_id = intval(Database::result($rs,0,0));
$session_course_coach_id = intval(Database::result($rs, 0, 0));
if($session_course_coach_id!=0)
{
if ($session_course_coach_id != 0) {
$coach_infos = UserManager :: get_user_info_by_id($session_course_coach_id);
$a_infosCours['tutor_name'] = api_get_person_name($coach_infos['firstname'], $coach_infos['lastname']);
}
else if($session_coach_id!=0)
{
else if($session_coach_id != 0) {
$coach_infos = UserManager :: get_user_info_by_id($session_coach_id);
$a_infosCours['tutor_name'] = api_get_person_name($coach_infos['firstname'], $coach_infos['lastname']);
}
}
} // end if(api_get_setting('use_session_mode')=='true')
} // end if (api_get_setting('use_session_mode') == 'true')
$tableTitle = $a_infosCours['title'].' | Coach : '.$a_infosCours['tutor_name'].((!empty($session_name)) ? ' | '.get_lang('Session').' : '.$session_name : '');
?>
<table class="data_table" width="100%">
<tr class="tableName">
@ -202,9 +196,9 @@ foreach($Courses as $enreg) {
<?php
$sqlLearnpath = "SELECT lp.name,lp.id FROM ".$a_infosCours['db_name'].".".$tbl_course_lp." AS lp";
$resultLearnpath = Database::query($sqlLearnpath);
if(Database::num_rows($resultLearnpath)>0) {
if (Database::num_rows($resultLearnpath) > 0) {
while($a_learnpath = Database::fetch_array($resultLearnpath)) {
$progress = learnpath :: get_db_progress($a_learnpath['id'],$_user['user_id'], '%',$a_infosCours['db_name']);
$progress = learnpath :: get_db_progress($a_learnpath['id'], $_user['user_id'], '%', $a_infosCours['db_name']);
// calculates last connection time
$sql = 'SELECT MAX(start_time)
@ -242,10 +236,9 @@ foreach($Courses as $enreg) {
echo " </td>
<td align='center' width=180px >
";
if($start_time!=''){
if ($start_time != '') {
echo $lastConnexion;
}
else{
} else {
echo '-';
}
echo " </td>
@ -253,9 +246,8 @@ foreach($Courses as $enreg) {
";
}
}
else
{
} else {
echo " <tr>
<td colspan='4'>
".get_lang('NoLearnpath')."
@ -263,9 +255,6 @@ foreach($Courses as $enreg) {
</tr>
";
}
?>
<tr>
<th class="head" style="color:#000"><?php echo get_lang('Exercices'); ?></th>
@ -314,11 +303,11 @@ foreach($Courses as $enreg) {
$exe_id = $a_score['exe_id'];
}
if ($weighting>0) {
if ($weighting > 0) {
// i.e 10.50%
$pourcentageScore = round(($score*100)/$weighting,2);
$pourcentageScore = round(($score * 100) / $weighting, 2);
} else {
$pourcentageScore=0;
$pourcentageScore = 0;
}
$weighting = 0;
@ -328,9 +317,9 @@ foreach($Courses as $enreg) {
echo $a_exercices['title'];
echo '</td>';
if ($a_exercices['results_disabled']==0) {
if ($a_exercices['results_disabled'] == 0) {
echo '<td align="center">';
if ($a_essais['essais']>0) {
if ($a_essais['essais'] > 0) {
echo $pourcentageScore.'%';
} else {
echo '/';
@ -340,8 +329,9 @@ foreach($Courses as $enreg) {
echo $a_essais['essais'];
echo '</td>
<td align="center" width="25">';
if($a_essais['essais']>0)
if ($a_essais['essais'] > 0) {
echo '<a href="../exercice/exercise_show.php?origin=myprogress&id='.$exe_id.'&cidReq='.$a_infosCours['code'].'&id_session='.Security::remove_XSS($_GET['id_session']).'"> '.Display::return_icon('quiz.gif', get_lang('Quiz')).' </a>';
}
echo '</td>';
} else {
// we show or not the results if the teacher wants to
@ -354,22 +344,18 @@ foreach($Courses as $enreg) {
<td align="center" width="25">';
echo ' -- ';
echo '</td>';
}
echo '</tr>';
}
} else {
echo '<tr><td colspan="4">'.get_lang('NoEx').'</td></tr>';
}
}
else{
} else {
echo '<tr><td colspan="4">'.get_lang('NoEx').'</td></tr>';
}
?>
</table>
<?php
}
Display :: display_footer();
?>

6
main/auth/profile.php
Unescape View File

@ -535,7 +535,7 @@ if (!empty($_SESSION['production_uploaded'])) {
}
}
if (empty($user_data['password0']) && !empty($user_data['password1'])) {
$wrong_current_password = true;
$wrong_current_password = true;
}
// upload picture if a new one is provided
@ -609,13 +609,9 @@ if (!empty($_SESSION['production_uploaded'])) {
}
if (isset($_GET['show'])) {
if ((api_get_setting('allow_social_tool') == 'true' && api_get_setting('allow_message_tool') == 'true') || (api_get_setting('allow_social_tool') == 'true')) {
$interbreadcrumb[] = array ('url' => 'javascript: void(0);', 'name' => get_lang('SocialNetwork'));
} elseif ((api_get_setting('allow_social_tool') == 'false' && api_get_setting('allow_message_tool') == 'true')) {
$interbreadcrumb[] = array('url' => 'javascript: void(0);', 'name' => get_lang('MessageTool'));
}
}

2
main/inc/lib/course.lib.php
Unescape View File

@ -2028,6 +2028,7 @@ class CourseManager {
$rs = Database::query($sql, __FILE__, __LINE__);
return Database::result($rs, 0, 'code');
}
/**
* Get the database name of a course by the code
* @param string The course code
@ -2039,6 +2040,7 @@ class CourseManager {
$rs = Database::query($sql,__FILE__,__LINE__);
return Database::result($rs, 0, 'db_name');
}
/**
* Lists details of the course description
* @param array The course description

Write Preview
Loading…
Cancel
Save