chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Feature #5397 - Cleaning code in main/auth directory.

Browse Source
skala
Ivan Tcholakov 16 years ago
parent 5b44dc53c8
commit c1cc5c603f
8 changed files with 551 additions and 716 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 822
      main/auth/courses.php
  2. 16
      main/auth/generate_api_key.inc.php
  3. 249
      main/auth/inscription.php
  4. 24
      main/auth/lostPassword.php
  5. 50
      main/auth/lost_password.lib.php
  6. 98
      main/auth/my_progress.php
  7. 6
      main/auth/profile.php
  8. 2
      main/inc/lib/course.lib.php

822
main/auth/courses.php
View File

File diff suppressed because it is too large Load Diff

16
main/auth/generate_api_key.inc.php
Unescape View File

@ -1,15 +1,15 @@
<?php <?php
require '../inc/global.inc.php'; require '../inc/global.inc.php';
require_once (api_get_path(LIBRARY_PATH).'usermanager.lib.php'); require_once api_get_path(LIBRARY_PATH).'usermanager.lib.php';
$array_list_key=array(); $array_list_key = array();
$user_id=api_get_user_id(); $user_id = api_get_user_id();
$api_service='dokeos'; $api_service = 'dokeos';
$num=UserManager::update_api_key($user_id,$api_service); $num = UserManager::update_api_key($user_id, $api_service);
$array_list_key=UserManager::get_api_keys($user_id,$api_service); $array_list_key = UserManager::get_api_keys($user_id, $api_service);
?> ?>
<div class="row"> <div class="row">
<div class="label"><?php echo get_lang('MyApiKey') ?></div> <div class="label"><?php echo get_lang('MyApiKey'); ?></div>
<div class="formw"> <div class="formw">
<input type="text" name="api_key_generate" id="id_api_key_generate" size="40" value="<?php echo $array_list_key[$num]?>"/> <input type="text" name="api_key_generate" id="id_api_key_generate" size="40" value="<?php echo $array_list_key[$num]; ?>"/>
</div> </div>
</div> </div>

249
main/auth/inscription.php
Unescape View File

@ -7,44 +7,45 @@
============================================================================== ==============================================================================
*/ */
// name of the language file that needs to be included // name of the language file that needs to be included
$language_file = array('registration','admin'); $language_file = array('registration', 'admin');
include ("../inc/global.inc.php"); require '../inc/global.inc.php';
require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php'); require_once api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php';
require_once (api_get_path(LIBRARY_PATH).'usermanager.lib.php'); require_once api_get_path(LIBRARY_PATH).'usermanager.lib.php';
require_once (api_get_path(CONFIGURATION_PATH).'profile.conf.php'); require_once api_get_path(CONFIGURATION_PATH).'profile.conf.php';
require_once(api_get_path(INCLUDE_PATH).'lib/mail.lib.inc.php'); require_once api_get_path(LIBRARY_PATH).'mail.lib.inc.php';
require_once(api_get_path(INCLUDE_PATH).'lib/legal.lib.php'); require_once api_get_path(LIBRARY_PATH).'legal.lib.php';
//require_once(api_get_path(LIBRARY_PATH).'fileManage.lib.php'); //require_once(api_get_path(LIBRARY_PATH).'fileManage.lib.php');
//require_once(api_get_path(LIBRARY_PATH).'fileUpload.lib.php'); //require_once(api_get_path(LIBRARY_PATH).'fileUpload.lib.php');
//require_once (api_get_path(LIBRARY_PATH).'image.lib.php'); //require_once (api_get_path(LIBRARY_PATH).'image.lib.php');
// Load terms & conditions from the current lang // Load terms & conditions from the current lang
if (api_get_setting('allow_terms_conditions')=='true') { if (api_get_setting('allow_terms_conditions') == 'true') {
$get = array_keys($_GET); $get = array_keys($_GET);
if (isset($get)) { if (isset($get)) {
if ($get[0]=='legal'){ if ($get[0] == 'legal'){
//$language = api_get_setting('platformLanguage'); //$language = api_get_setting('platformLanguage');
$language = api_get_interface_language(); $language = api_get_interface_language();
$language = api_get_language_id($language); $language = api_get_language_id($language);
$term_preview= LegalManager::get_last_condition($language); $term_preview = LegalManager::get_last_condition($language);
if ($term_preview==false) { if (!$term_preview) {
//look for the default language //look for the default language
$language = api_get_setting('platformLanguage'); $language = api_get_setting('platformLanguage');
$language = api_get_language_id($language); $language = api_get_language_id($language);
$term_preview= LegalManager::get_last_condition($language); $term_preview = LegalManager::get_last_condition($language);
} }
$tool_name = get_lang('TermsAndConditions'); $tool_name = get_lang('TermsAndConditions');
Display :: display_header(''); Display :: display_header('');
echo '<div class="actions-title">'; echo '<div class="actions-title">';
echo $tool_name; echo $tool_name;
echo '</div>'; echo '</div>';
if (!empty($term_preview['content'])) if (!empty($term_preview['content'])) {
echo $term_preview['content']; echo $term_preview['content'];
else } else {
echo get_lang('ComingSoon'); echo get_lang('ComingSoon');
}
Display :: display_footer(); Display :: display_footer();
exit; exit;
} }
@ -62,7 +63,7 @@ if (api_get_setting('allow_registration') == 'false') {
api_not_allowed(); api_not_allowed();
} }
//api_display_tool_title($tool_name); //api_display_tool_title($tool_name);
if (api_get_setting('allow_registration')=='approval') { if (api_get_setting('allow_registration') == 'approval') {
Display::display_normal_message(get_lang('YourAccountHasToBeApproved')); Display::display_normal_message(get_lang('YourAccountHasToBeApproved'));
} }
//if openid was not found //if openid was not found
@ -71,16 +72,16 @@ if (!empty($_GET['openid_msg']) && $_GET['openid_msg'] == 'idnotfound') {
} }
$form = new FormValidator('registration'); $form = new FormValidator('registration');
if (api_get_setting('allow_terms_conditions')=='true') { if (api_get_setting('allow_terms_conditions') == 'true') {
if (!isset($_SESSION['update_term_and_condition'][1])) { if (!isset($_SESSION['update_term_and_condition'][1])) {
$display_all_form=true; $display_all_form = true;
} else { } else {
$display_all_form=false; $display_all_form = false;
} }
} else { } else {
$display_all_form=true; $display_all_form = true;
} }
if ($display_all_form===true) { if ($display_all_form === true) {
if (api_is_western_name_order()) { if (api_is_western_name_order()) {
// FIRST NAME and LAST NAME // FIRST NAME and LAST NAME
@ -96,10 +97,11 @@ if ($display_all_form===true) {
$form->addRule('firstname', get_lang('ThisFieldIsRequired'), 'required'); $form->addRule('firstname', get_lang('ThisFieldIsRequired'), 'required');
// EMAIL // EMAIL
$form->addElement('text', 'email', get_lang('Email'), array('size' => 40)); $form->addElement('text', 'email', get_lang('Email'), array('size' => 40));
if (api_get_setting('registration', 'email') == 'true') if (api_get_setting('registration', 'email') == 'true') {
$form->addRule('email', get_lang('ThisFieldIsRequired'), 'required'); $form->addRule('email', get_lang('ThisFieldIsRequired'), 'required');
}
$form->addRule('email', get_lang('EmailWrong'), 'email'); $form->addRule('email', get_lang('EmailWrong'), 'email');
if (api_get_setting('openid_authentication')=='true') { if (api_get_setting('openid_authentication') == 'true') {
$form->addElement('text', 'openid', get_lang('OpenIDURL'), array('size' => 40)); $form->addElement('text', 'openid', get_lang('OpenIDURL'), array('size' => 40));
} }
/* /*
@ -143,50 +145,41 @@ if ($display_all_form===true) {
$form->addElement('select_language', 'language', get_lang('Language')); $form->addElement('select_language', 'language', get_lang('Language'));
} }
// STUDENT/TEACHER // STUDENT/TEACHER
if (api_get_setting('allow_registration_as_teacher') <> 'false') { if (api_get_setting('allow_registration_as_teacher') != 'false') {
$form->addElement('radio', 'status', get_lang('Status'), get_lang('RegStudent'), STUDENT); $form->addElement('radio', 'status', get_lang('Status'), get_lang('RegStudent'), STUDENT);
$form->addElement('radio', 'status', null, get_lang('RegAdmin'), COURSEMANAGER); $form->addElement('radio', 'status', null, get_lang('RegAdmin'), COURSEMANAGER);
} }
// EXTENDED FIELDS // EXTENDED FIELDS
if (api_get_setting('extended_profile') == 'true' AND api_get_setting('extendedprofile_registration','mycomptetences') == 'true') if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'mycomptetences') == 'true') {
{
$form->add_html_editor('competences', get_lang('MyCompetences'), false, false, array('ToolbarSet' => 'Profile', 'Width' => '100%', 'Height' => '130')); $form->add_html_editor('competences', get_lang('MyCompetences'), false, false, array('ToolbarSet' => 'Profile', 'Width' => '100%', 'Height' => '130'));
} }
if (api_get_setting('extended_profile') == 'true' AND api_get_setting('extendedprofile_registration','mydiplomas') == 'true') if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'mydiplomas') == 'true') {
{
$form->add_html_editor('diplomas', get_lang('MyDiplomas'), false, false, array('ToolbarSet' => 'Profile', 'Width' => '100%', 'Height' => '130')); $form->add_html_editor('diplomas', get_lang('MyDiplomas'), false, false, array('ToolbarSet' => 'Profile', 'Width' => '100%', 'Height' => '130'));
} }
if (api_get_setting('extended_profile') == 'true' AND api_get_setting('extendedprofile_registration','myteach') == 'true') if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'myteach') == 'true') {
{
$form->add_html_editor('teach', get_lang('MyTeach'), false, false, array('ToolbarSet' => 'Profile', 'Width' => '100%', 'Height' => '130')); $form->add_html_editor('teach', get_lang('MyTeach'), false, false, array('ToolbarSet' => 'Profile', 'Width' => '100%', 'Height' => '130'));
} }
if (api_get_setting('extended_profile') == 'true' AND api_get_setting('extendedprofile_registration','mypersonalopenarea') == 'true') if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'mypersonalopenarea') == 'true') {
{
$form->add_html_editor('openarea', get_lang('MyPersonalOpenArea'), false, false, array('ToolbarSet' => 'Profile', 'Width' => '100%', 'Height' => '130')); $form->add_html_editor('openarea', get_lang('MyPersonalOpenArea'), false, false, array('ToolbarSet' => 'Profile', 'Width' => '100%', 'Height' => '130'));
} }
if (api_get_setting('extended_profile') == 'true') if (api_get_setting('extended_profile') == 'true') {
{ if (api_get_setting('extendedprofile_registrationrequired', 'mycomptetences') == 'true') {
if (api_get_setting('extendedprofile_registrationrequired','mycomptetences') == 'true')
{
$form->addRule('competences', get_lang('ThisFieldIsRequired'), 'required'); $form->addRule('competences', get_lang('ThisFieldIsRequired'), 'required');
} }
if (api_get_setting('extendedprofile_registrationrequired','mydiplomas') == 'true') if (api_get_setting('extendedprofile_registrationrequired', 'mydiplomas') == 'true') {
{
$form->addRule('diplomas', get_lang('ThisFieldIsRequired'), 'required'); $form->addRule('diplomas', get_lang('ThisFieldIsRequired'), 'required');
} }
if (api_get_setting('extendedprofile_registrationrequired','myteach') == 'true') if (api_get_setting('extendedprofile_registrationrequired', 'myteach') == 'true') {
{
$form->addRule('teach', get_lang('ThisFieldIsRequired'), 'required'); $form->addRule('teach', get_lang('ThisFieldIsRequired'), 'required');
} }
if (api_get_setting('extendedprofile_registrationrequired','mypersonalopenarea') == 'true') if (api_get_setting('extendedprofile_registrationrequired','mypersonalopenarea') == 'true') {
{
$form->addRule('openarea', get_lang('ThisFieldIsRequired'), 'required'); $form->addRule('openarea', get_lang('ThisFieldIsRequired'), 'required');
} }
} }
// EXTRA FIELDS // EXTRA FIELDS
$extra = UserManager::get_extra_fields(0,50,5,'ASC'); $extra = UserManager::get_extra_fields(0, 50, 5, 'ASC');
$extra_data = UserManager::get_extra_user_data(api_get_user_id(),true); $extra_data = UserManager::get_extra_user_data(api_get_user_id(), true);
foreach ($extra as $id => $field_details) { foreach ($extra as $id => $field_details) {
if ($field_details[6] == 0) { if ($field_details[6] == 0) {
continue; continue;
@ -209,7 +202,7 @@ if ($display_all_form===true) {
$group = array(); $group = array();
foreach ($field_details[9] as $option_id => $option_details) { foreach ($field_details[9] as $option_id => $option_details) {
$options[$option_details[1]] = $option_details[2]; $options[$option_details[1]] = $option_details[2];
$group[] =& HTML_QuickForm::createElement('radio', 'extra_'.$field_details[1], $option_details[1],$option_details[2].'<br />',$option_details[1]); $group[] =& HTML_QuickForm::createElement('radio', 'extra_'.$field_details[1], $option_details[1], $option_details[2].'<br />',$option_details[1]);
} }
$form->addGroup($group, 'extra_'.$field_details[1], $field_details[3], ''); $form->addGroup($group, 'extra_'.$field_details[1], $field_details[3], '');
if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]); if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]);
@ -219,7 +212,7 @@ if ($display_all_form===true) {
foreach($field_details[9] as $option_id => $option_details) { foreach($field_details[9] as $option_id => $option_details) {
$options[$option_details[1]] = $option_details[2]; $options[$option_details[1]] = $option_details[2];
} }
$form->addElement('select','extra_'.$field_details[1],$field_details[3],$options,''); $form->addElement('select', 'extra_'.$field_details[1], $field_details[3], $options, '');
if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]); if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]);
break; break;
case USER_FIELD_TYPE_SELECT_MULTIPLE: case USER_FIELD_TYPE_SELECT_MULTIPLE:
@ -227,49 +220,49 @@ if ($display_all_form===true) {
foreach ($field_details[9] as $option_id => $option_details) { foreach ($field_details[9] as $option_id => $option_details) {
$options[$option_details[1]] = $option_details[2]; $options[$option_details[1]] = $option_details[2];
} }
$form->addElement('select','extra_'.$field_details[1],$field_details[3],$options,array('multiple' => 'multiple')); $form->addElement('select', 'extra_'.$field_details[1], $field_details[3], $options, array('multiple' => 'multiple'));
if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]); if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]);
break; break;
case USER_FIELD_TYPE_DATE: case USER_FIELD_TYPE_DATE:
$form->addElement('datepickerdate', 'extra_'.$field_details[1], $field_details[3],array('form_name'=>'registration')); $form->addElement('datepickerdate', 'extra_'.$field_details[1], $field_details[3], array('form_name' => 'registration'));
$form->_elements[$form->_elementIndex['extra_'.$field_details[1]]]->setLocalOption('minYear',1900); $form->_elements[$form->_elementIndex['extra_'.$field_details[1]]]->setLocalOption('minYear', 1900);
$defaults['extra_'.$field_details[1]] = date('Y-m-d 12:00:00'); $defaults['extra_'.$field_details[1]] = date('Y-m-d 12:00:00');
$form -> setDefaults($defaults); $form -> setDefaults($defaults);
if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]); if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]);
$form->applyFilter('theme', 'trim'); $form->applyFilter('theme', 'trim');
break; break;
case USER_FIELD_TYPE_DATETIME: case USER_FIELD_TYPE_DATETIME:
$form->addElement('datepicker', 'extra_'.$field_details[1], $field_details[3],array('form_name'=>'registration')); $form->addElement('datepicker', 'extra_'.$field_details[1], $field_details[3], array('form_name' => 'registration'));
$form->_elements[$form->_elementIndex['extra_'.$field_details[1]]]->setLocalOption('minYear',1900); $form->_elements[$form->_elementIndex['extra_'.$field_details[1]]]->setLocalOption('minYear', 1900);
$defaults['extra_'.$field_details[1]] = date('Y-m-d 12:00:00'); $defaults['extra_'.$field_details[1]] = date('Y-m-d 12:00:00');
$form -> setDefaults($defaults); $form -> setDefaults($defaults);
if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]); if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]);
$form->applyFilter('theme', 'trim'); $form->applyFilter('theme', 'trim');
break; break;
case USER_FIELD_TYPE_DOUBLE_SELECT: case USER_FIELD_TYPE_DOUBLE_SELECT:
foreach ($field_details[9] as $key=>$element) { foreach ($field_details[9] as $key => $element) {
if ($element[2][0] == '*') { if ($element[2][0] == '*') {
$values['*'][$element[0]] = str_replace('*','',$element[2]); $values['*'][$element[0]] = str_replace('*', '', $element[2]);
} else { } else {
$values[0][$element[0]] = $element[2]; $values[0][$element[0]] = $element[2];
} }
} }
$group=''; $group = '';
$group[] =& HTML_QuickForm::createElement('select', 'extra_'.$field_details[1],'',$values[0],''); $group[] =& HTML_QuickForm::createElement('select', 'extra_'.$field_details[1], '', $values[0], '');
$group[] =& HTML_QuickForm::createElement('select', 'extra_'.$field_details[1].'*','',$values['*'],''); $group[] =& HTML_QuickForm::createElement('select', 'extra_'.$field_details[1].'*', '', $values['*'], '');
$form->addGroup($group, 'extra_'.$field_details[1], $field_details[3], '&nbsp;'); $form->addGroup($group, 'extra_'.$field_details[1], $field_details[3], '&nbsp;');
if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]); if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]);
// recoding the selected values for double : if the user has selected certain values, we have to assign them to the correct select form // recoding the selected values for double : if the user has selected certain values, we have to assign them to the correct select form
if (key_exists('extra_'.$field_details[1], $extra_data)) { if (key_exists('extra_'.$field_details[1], $extra_data)) {
// exploding all the selected values (of both select forms) // exploding all the selected values (of both select forms)
$selected_values = explode(';',$extra_data['extra_'.$field_details[1]]); $selected_values = explode(';', $extra_data['extra_'.$field_details[1]]);
$extra_data['extra_'.$field_details[1]] =array(); $extra_data['extra_'.$field_details[1]] =array();
// looping through the selected values and assigning the selected values to either the first or second select form // looping through the selected values and assigning the selected values to either the first or second select form
foreach ($selected_values as $key=>$selected_value) { foreach ($selected_values as $key => $selected_value) {
if (key_exists($selected_value,$values[0])) { if (key_exists($selected_value, $values[0])) {
$extra_data['extra_'.$field_details[1]]['extra_'.$field_details[1]] = $selected_value; $extra_data['extra_'.$field_details[1]]['extra_'.$field_details[1]] = $selected_value;
} else { } else {
$extra_data['extra_'.$field_details[1]]['extra_'.$field_details[1].'*'] = $selected_value; $extra_data['extra_'.$field_details[1]]['extra_'.$field_details[1].'*'] = $selected_value;
@ -278,33 +271,33 @@ if ($display_all_form===true) {
} }
break; break;
case USER_FIELD_TYPE_DIVIDER: case USER_FIELD_TYPE_DIVIDER:
$form->addElement('static',$field_details[1], '<br /><strong>'.$field_details[3].'</strong>'); $form->addElement('static', $field_details[1], '<br /><strong>'.$field_details[3].'</strong>');
break; break;
} }
} }
} }
//------------ Terms and conditions //------------ Terms and conditions
if (api_get_setting('allow_terms_conditions')=='true') { if (api_get_setting('allow_terms_conditions') == 'true') {
//$language = api_get_setting('platformLanguage'); //$language = api_get_setting('platformLanguage');
$language = api_get_interface_language(); $language = api_get_interface_language();
$language = api_get_language_id($language); $language = api_get_language_id($language);
$term_preview= LegalManager::get_last_condition($language); $term_preview = LegalManager::get_last_condition($language);
if ($term_preview==false) { if (!$term_preview) {
//we load from the platform //we load from the platform
$language = api_get_setting('platformLanguage'); $language = api_get_setting('platformLanguage');
$language = api_get_language_id($language); $language = api_get_language_id($language);
$term_preview= LegalManager::get_last_condition($language); $term_preview = LegalManager::get_last_condition($language);
//if is false we load from english //if is false we load from english
if ($term_preview==false){ if (!$term_preview){
$language = api_get_language_id('english'); //this must work $language = api_get_language_id('english'); //this must work
$term_preview= LegalManager::get_last_condition($language); $term_preview = LegalManager::get_last_condition($language);
} }
} }
// Version and language //password // Version and language //password
$form->addElement('hidden', 'legal_accept_type',$term_preview['version'].':'.$term_preview['language_id']); $form->addElement('hidden', 'legal_accept_type', $term_preview['version'].':'.$term_preview['language_id']);
$form->addElement('hidden', 'legal_info',$term_preview['legal_id'].':'.$term_preview['language_id']); $form->addElement('hidden', 'legal_info', $term_preview['legal_id'].':'.$term_preview['language_id']);
if (isset($_SESSION['info_current_user'][1]) && isset($_SESSION['info_current_user'][2])) { if (isset($_SESSION['info_current_user'][1]) && isset($_SESSION['info_current_user'][2])) {
$form->addElement('hidden', 'login',$_SESSION['info_current_user'][1]); $form->addElement('hidden', 'login',$_SESSION['info_current_user'][1]);
$form->addElement('hidden', 'password',$_SESSION['info_current_user'][2]); $form->addElement('hidden', 'password',$_SESSION['info_current_user'][2]);
@ -327,30 +320,25 @@ if (api_get_setting('allow_terms_conditions')=='true') {
} }
} }
$form->addElement('style_submit_button', 'submit', get_lang('RegisterUser'),'class="save"'); $form->addElement('style_submit_button', 'submit', get_lang('RegisterUser'), 'class="save"');
if(isset($_SESSION["user_language_choice"]) && $_SESSION["user_language_choice"]!=""){ if (isset($_SESSION['user_language_choice']) && $_SESSION['user_language_choice'] != '') {
$defaults['language'] = $_SESSION["user_language_choice"]; $defaults['language'] = $_SESSION['user_language_choice'];
} } else {
else{
$defaults['language'] = api_get_setting('platformLanguage'); $defaults['language'] = api_get_setting('platformLanguage');
} }
if(!empty($_GET['username'])) if (!empty($_GET['username'])) {
{
$defaults['username'] = Security::remove_XSS($_GET['username']); $defaults['username'] = Security::remove_XSS($_GET['username']);
} }
if(!empty($_GET['email'])) if (!empty($_GET['email'])) {
{
$defaults['email'] = Security::remove_XSS($_GET['email']); $defaults['email'] = Security::remove_XSS($_GET['email']);
} }
if(!empty($_GET['phone'])) if (!empty($_GET['phone'])) {
{
$defaults['phone'] = Security::remove_XSS($_GET['phone']); $defaults['phone'] = Security::remove_XSS($_GET['phone']);
} }
if (api_get_setting('openid_authentication')=='true' && !empty($_GET['openid'])) if (api_get_setting('openid_authentication') == 'true' && !empty($_GET['openid'])) {
{
$defaults['openid'] = Security::remove_XSS($_GET['openid']); $defaults['openid'] = Security::remove_XSS($_GET['openid']);
} }
$defaults['status'] = STUDENT; $defaults['status'] = STUDENT;
@ -362,7 +350,7 @@ if ($form->validate()) {
-----------------------------------------------------*/ -----------------------------------------------------*/
$values = $form->exportValues(); $values = $form->exportValues();
$values['username'] = api_substr($values['username'],0,20); //make *sure* the login isn't too long $values['username'] = api_substr($values['username'], 0, USERNAME_MAX_LENGTH); //make *sure* the login isn't too long
if (api_get_setting('allow_registration_as_teacher') == 'false') { if (api_get_setting('allow_registration_as_teacher') == 'false') {
$values['status'] = STUDENT; $values['status'] = STUDENT;
@ -372,32 +360,32 @@ if ($form->validate()) {
$user_id = UserManager::create_user($values['firstname'],$values['lastname'],$values['status'],$values['email'],$values['username'],$values['pass1'],$values['official_code'], $values['language'],$values['phone'],$picture_uri); $user_id = UserManager::create_user($values['firstname'],$values['lastname'],$values['status'],$values['email'],$values['username'],$values['pass1'],$values['official_code'], $values['language'],$values['phone'],$picture_uri);
// Terms & Conditions // Terms & Conditions
if (api_get_setting('allow_terms_conditions')=='true') { if (api_get_setting('allow_terms_conditions') == 'true') {
// update the terms & conditions // update the terms & conditions
if (isset($values['legal_accept_type'])) { if (isset($values['legal_accept_type'])) {
$cond_array = explode(':',$values['legal_accept_type']); $cond_array = explode(':', $values['legal_accept_type']);
if (!empty($cond_array[0]) && !empty($cond_array[1])){ if (!empty($cond_array[0]) && !empty($cond_array[1])) {
$time = time(); $time = time();
$condition_to_save = intval($cond_array[0]).':'.intval($cond_array[1]).':'.$time; $condition_to_save = intval($cond_array[0]).':'.intval($cond_array[1]).':'.$time;
UserManager::update_extra_field_value($user_id,'legal_accept',$condition_to_save); UserManager::update_extra_field_value($user_id, 'legal_accept', $condition_to_save);
} }
} }
} }
/****** register extra fields*************/ /****** register extra fields*************/
$extras=array(); $extras = array();
foreach($values as $key => $value) { foreach ($values as $key => $value) {
if (substr($key,0,6)=='extra_') {//an extra field if (substr($key, 0, 6) == 'extra_') { //an extra field
$extras[substr($key,6)] = $value; $extras[substr($key,6)] = $value;
} else { } else {
$sql .= " $key = '".Database::escape_string($value)."',"; $sql .= " $key = '".Database::escape_string($value)."',";
} }
} }
//update the extra fields //update the extra fields
$count_extra_field=count($extras); $count_extra_field = count($extras);
if ($count_extra_field>0) { if ($count_extra_field > 0) {
foreach ($extras as $key=>$value) { foreach ($extras as $key => $value) {
$myres = UserManager::update_extra_field_value($user_id,$key,$value); $myres = UserManager::update_extra_field_value($user_id, $key, $value);
} }
} }
@ -406,82 +394,72 @@ if ($form->validate()) {
// storing the extended profile // storing the extended profile
$store_extended = false; $store_extended = false;
$sql = "UPDATE ".Database::get_main_table(TABLE_MAIN_USER)." SET "; $sql = "UPDATE ".Database::get_main_table(TABLE_MAIN_USER)." SET ";
if (api_get_setting('extended_profile') == 'true' AND api_get_setting('extendedprofile_registration','mycomptetences') == 'true') if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'mycomptetences') == 'true') {
{
$sql_set[] = "competences = '".Database::escape_string($values['competences'])."'"; $sql_set[] = "competences = '".Database::escape_string($values['competences'])."'";
$store_extended = true; $store_extended = true;
} }
if (api_get_setting('extended_profile') == 'true' AND api_get_setting('extendedprofile_registration','mydiplomas') == 'true') if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'mydiplomas') == 'true') {
{
$sql_set[] = "diplomas = '".Database::escape_string($values['diplomas'])."'"; $sql_set[] = "diplomas = '".Database::escape_string($values['diplomas'])."'";
$store_extended = true; $store_extended = true;
} }
if (api_get_setting('extended_profile') == 'true' AND api_get_setting('extendedprofile_registration','myteach') == 'true') if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'myteach') == 'true') {
{
$sql_set[] = "teach = '".Database::escape_string($values['teach'])."'"; $sql_set[] = "teach = '".Database::escape_string($values['teach'])."'";
$store_extended = true; $store_extended = true;
} }
if (api_get_setting('extended_profile') == 'true' AND api_get_setting('extendedprofile_registration','mypersonalopenarea') == 'true') if (api_get_setting('extended_profile') == 'true' && api_get_setting('extendedprofile_registration', 'mypersonalopenarea') == 'true') {
{
$sql_set[] = "openarea = '".Database::escape_string($values['openarea'])."'"; $sql_set[] = "openarea = '".Database::escape_string($values['openarea'])."'";
$store_extended = true; $store_extended = true;
} }
if ($store_extended) if ($store_extended) {
{ $sql .= implode(',', $sql_set);
$sql .= implode(',',$sql_set);
$sql .= " WHERE user_id = '".Database::escape_string($user_id)."'"; $sql .= " WHERE user_id = '".Database::escape_string($user_id)."'";
Database::query($sql,__FILE__,__LINE__); Database::query($sql, __FILE__, __LINE__);
} }
// if there is a default duration of a valid account then we have to change the expiration_date accordingly // if there is a default duration of a valid account then we have to change the expiration_date accordingly
if (api_get_setting('account_valid_duration')<>'') if (api_get_setting('account_valid_duration') != '') {
{
$sql = "UPDATE ".Database::get_main_table(TABLE_MAIN_USER)." $sql = "UPDATE ".Database::get_main_table(TABLE_MAIN_USER)."
SET expiration_date='registration_date+1' WHERE user_id='".$user_id."'"; SET expiration_date='registration_date+1' WHERE user_id='".$user_id."'";
Database::query($sql,__FILE__,__LINE__); Database::query($sql, __FILE__, __LINE__);
} }
// if the account has to be approved then we set the account to inactive, sent a mail to the platform admin and exit the page. // if the account has to be approved then we set the account to inactive, sent a mail to the platform admin and exit the page.
if (api_get_setting('allow_registration')=='approval') if (api_get_setting('allow_registration') == 'approval') {
{
$TABLE_USER= Database::get_main_table(TABLE_MAIN_USER); $TABLE_USER= Database::get_main_table(TABLE_MAIN_USER);
// 1. set account inactive // 1. set account inactive
$sql = "UPDATE ".$TABLE_USER." SET active='0' WHERE user_id='".$user_id."'"; $sql = "UPDATE ".$TABLE_USER." SET active='0' WHERE user_id='".$user_id."'";
Database::query($sql,__FILE__,__LINE__); Database::query($sql, __FILE__, __LINE__);
$sql_get_id_admin="SELECT * FROM ".Database::get_main_table(TABLE_MAIN_ADMIN); $sql_get_id_admin = "SELECT * FROM ".Database::get_main_table(TABLE_MAIN_ADMIN);
$result=Database::query($sql_get_id_admin,__FILE__,__LINE__); $result = Database::query($sql_get_id_admin, __FILE__, __LINE__);
while ($row = Database::fetch_array($result)) { while ($row = Database::fetch_array($result)) {
$sql_admin_list="SELECT * FROM ".$TABLE_USER." WHERE user_id='".$row['user_id']."'"; $sql_admin_list = "SELECT * FROM ".$TABLE_USER." WHERE user_id='".$row['user_id']."'";
$result_list=Database::query($sql_admin_list,__FILE__,__LINE__); $result_list = Database::query($sql_admin_list, __FILE__, __LINE__);
$admin_list=Database::fetch_array($result_list); $admin_list=Database::fetch_array($result_list);
$emailto = $admin_list['email']; $emailto = $admin_list['email'];
// 2. send mail to the platform admin // 2. send mail to the platform admin
$emailfromaddr = api_get_setting('emailAdministrator'); $emailfromaddr = api_get_setting('emailAdministrator');
$emailfromname = api_get_setting('siteName'); $emailfromname = api_get_setting('siteName');
$emailsubject = get_lang('ApprovalForNewAccount').': '.$values['username']; $emailsubject = get_lang('ApprovalForNewAccount').': '.$values['username'];
$emailbody = get_lang('ApprovalForNewAccount')."\n"; $emailbody = get_lang('ApprovalForNewAccount')."\n";
$emailbody .=get_lang('UserName').': '.$values['username']."\n"; $emailbody .= get_lang('UserName').': '.$values['username']."\n";
$emailbody .=get_lang('LastName').': '.$values['lastname']."\n"; $emailbody .= get_lang('LastName').': '.$values['lastname']."\n";
$emailbody .=get_lang('FirstName').': '.$values['firstname']."\n"; $emailbody .= get_lang('FirstName').': '.$values['firstname']."\n";
$emailbody .=get_lang('Email').': '.$values['email']."\n"; $emailbody .= get_lang('Email').': '.$values['email']."\n";
$emailbody .=get_lang('Status').': '.$values['status']."\n\n"; $emailbody .= get_lang('Status').': '.$values['status']."\n\n";
$emailbody .=get_lang('ManageUser').': '.api_get_path(WEB_CODE_PATH).'admin/user_edit.php?user_id='.$user_id; $emailbody .= get_lang('ManageUser').': '.api_get_path(WEB_CODE_PATH).'admin/user_edit.php?user_id='.$user_id;
$sender_name = api_get_setting('administratorName').' '.api_get_setting('administratorSurname'); $sender_name = api_get_setting('administratorName').' '.api_get_setting('administratorSurname');
$email_admin = api_get_setting('emailAdministrator'); $email_admin = api_get_setting('emailAdministrator');
@api_mail('', $emailto, $emailsubject, $emailbody, $sender_name,$email_admin); @api_mail('', $emailto, $emailsubject, $emailbody, $sender_name, $email_admin);
} }
// 3. exit the page // 3. exit the page
unset($user_id); unset($user_id);
Display :: display_footer(); Display :: display_footer();
exit; exit;
} }
@ -493,7 +471,7 @@ if ($form->validate()) {
$_user['mail'] = $values['email']; $_user['mail'] = $values['email'];
$_user['language'] = $values['language']; $_user['language'] = $values['language'];
$_user['user_id'] = $user_id; $_user['user_id'] = $user_id;
$is_allowedCreateCourse = ($values['status'] == 1) ? true : false; $is_allowedCreateCourse = $values['status'] == 1;
api_session_register('_user'); api_session_register('_user');
api_session_register('is_allowedCreateCourse'); api_session_register('is_allowedCreateCourse');
@ -532,7 +510,7 @@ if ($form->validate()) {
// Every header must be followed by a \n except the last // Every header must be followed by a \n except the last
$sender_name = api_get_setting('administratorName').' '.api_get_setting('administratorSurname'); $sender_name = api_get_setting('administratorName').' '.api_get_setting('administratorSurname');
$email_admin = api_get_setting('emailAdministrator'); $email_admin = api_get_setting('emailAdministrator');
@api_mail($recipient_name, $email, $emailsubject, $emailbody, $sender_name,$email_admin); @api_mail($recipient_name, $email, $emailsubject, $emailbody, $sender_name, $email_admin);
} }
} }
@ -560,7 +538,7 @@ if ($form->validate()) {
$form->display(); $form->display();
} }
?> ?>
<br/> <br />
<?php <?php
if (!isset($_POST['username'])) { if (!isset($_POST['username'])) {
?> ?>
@ -578,4 +556,3 @@ if (!isset($_POST['username'])) {
*/ */
Display :: display_footer(); Display :: display_footer();
?>

24
main/auth/lostPassword.php
Unescape View File

@ -17,11 +17,13 @@
============================================================================== ==============================================================================
*/ */
// name of the language file that needs to be included // name of the language file that needs to be included
$language_file = "registration"; $language_file = 'registration';
require ('../inc/global.inc.php');
require_once ('lost_password.lib.php'); require '../inc/global.inc.php';
require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php'); require_once 'lost_password.lib.php';
require_once(api_get_path(INCLUDE_PATH).'lib/mail.lib.inc.php'); require_once api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php';
require_once api_get_path(LIBRARY_PATH).'mail.lib.inc.php';
$tool_name = get_lang('LostPassword'); $tool_name = get_lang('LostPassword');
Display :: display_header($tool_name); Display :: display_header($tool_name);
@ -29,7 +31,7 @@ $this_section = SECTION_CAMPUS;
$tool_name = get_lang('LostPass'); $tool_name = get_lang('LostPass');
// Forbidden to retrieve the lost password // Forbidden to retrieve the lost password
if (get_setting('allow_lostpassword') == "false") { if (api_get_setting('allow_lostpassword') == 'false') {
api_not_allowed(); api_not_allowed();
} }
echo '<div class="actions-title">'; echo '<div class="actions-title">';
@ -40,7 +42,7 @@ if (isset ($_GET["reset"]) && isset ($_GET["id"])) {
$msg = reset_password($_GET["reset"], $_GET["id"], true); $msg = reset_password($_GET["reset"], $_GET["id"], true);
$msg1= '<a href="'.api_get_path(WEB_PATH).'main/auth/lostPassword.php" class="fake_button_back" >'.get_lang('Back').'</a>'; $msg1= '<a href="'.api_get_path(WEB_PATH).'main/auth/lostPassword.php" class="fake_button_back" >'.get_lang('Back').'</a>';
echo '<br/><br/><div class="actions" >'.$msg1.'</div>'; echo '<br /><br /><div class="actions" >'.$msg1.'</div>';
} else { } else {
$form = new FormValidator('lost_password'); $form = new FormValidator('lost_password');
@ -65,9 +67,9 @@ if (isset ($_GET["reset"]) && isset ($_GET["id"])) {
$tbl_user = Database :: get_main_table(TABLE_MAIN_USER); $tbl_user = Database :: get_main_table(TABLE_MAIN_USER);
$query = " SELECT user_id AS uid, lastname AS lastName, firstname AS firstName, $query = " SELECT user_id AS uid, lastname AS lastName, firstname AS firstName,
username AS loginName, password, email, status AS status, username AS loginName, password, email, status AS status,
official_code, phone, picture_uri, creator_id official_code, phone, picture_uri, creator_id
FROM ".$tbl_user." FROM ".$tbl_user."
WHERE ( username = '".mysql_real_escape_string($user)."' $condition ) "; WHERE ( username = '".mysql_real_escape_string($user)."' $condition ) ";
$result = Database::query($query, __FILE__, __LINE__); $result = Database::query($query, __FILE__, __LINE__);
@ -93,7 +95,7 @@ if (isset ($_GET["reset"]) && isset ($_GET["id"])) {
} }
$msg .= '<a href="'.api_get_path(WEB_PATH).'main/auth/lostPassword.php" class="fake_button_back" >'.get_lang('Back').'</a>'; $msg .= '<a href="'.api_get_path(WEB_PATH).'main/auth/lostPassword.php" class="fake_button_back" >'.get_lang('Back').'</a>';
echo '<br/><br/><div class="actions" >'.$msg.'</div>'; echo '<br /><br /><div class="actions" >'.$msg.'</div>';
} else { } else {
@ -105,5 +107,3 @@ if (isset ($_GET["reset"]) && isset ($_GET["id"])) {
} }
Display :: display_footer(); Display :: display_footer();
//////////////////////////////////////////////////////////////////////////////
?>

50
main/auth/lost_password.lib.php
Unescape View File

@ -7,8 +7,7 @@
* @return string * @return string
* @author Olivier Cauberghe <olivier.cauberghe@UGent.be>, Ghent University * @author Olivier Cauberghe <olivier.cauberghe@UGent.be>, Ghent University
*/ */
function get_email_headers() function get_email_headers() {
{
global $charset; global $charset;
$emailHeaders = "From: \"".addslashes(api_get_setting('administratorSurname')." ".api_get_setting('administratorName'))."\" <".api_get_setting('emailAdministrator').">\n"; $emailHeaders = "From: \"".addslashes(api_get_setting('administratorSurname')." ".api_get_setting('administratorName'))."\" <".api_get_setting('emailAdministrator').">\n";
$emailHeaders .= "Reply-To: ".api_get_setting('emailAdministrator')."\n"; $emailHeaders .= "Reply-To: ".api_get_setting('emailAdministrator')."\n";
@ -19,6 +18,7 @@ function get_email_headers()
$emailHeaders .= "Mime-Version: 1.0"; $emailHeaders .= "Mime-Version: 1.0";
return $emailHeaders; return $emailHeaders;
} }
/** /**
* Enter description here... * Enter description here...
* *
@ -28,21 +28,20 @@ function get_email_headers()
* @return unknown * @return unknown
* @author Olivier Cauberghe <olivier.cauberghe@UGent.be>, Ghent University * @author Olivier Cauberghe <olivier.cauberghe@UGent.be>, Ghent University
*/ */
function get_user_account_list($user, $reset = false, $by_username = false) function get_user_account_list($user, $reset = false, $by_username = false) {
{
global $_configuration; global $_configuration;
$portal_url = $_configuration['root_web']; $portal_url = $_configuration['root_web'];
if ($_configuration['multiple_access_urls']==true) { if ($_configuration['multiple_access_urls']) {
$access_url_id = api_get_current_access_url_id(); $access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1 ){ if ($access_url_id != -1 ) {
$url = api_get_access_url($access_url_id); $url = api_get_access_url($access_url_id);
$portal_url = $url['url']; $portal_url = $url['url'];
} }
} }
if ($reset == true) { if ($reset) {
if ($by_username == true) { if ($by_username) {
$secretword = get_secret_word($user["email"]); $secretword = get_secret_word($user["email"]);
if ($reset) { if ($reset) {
@ -76,8 +75,8 @@ function get_user_account_list($user, $reset = false, $by_username = false)
} else { } else {
if ($by_username == false) { if (!$by_username) {
$user = $user[0]; $user = $user[0];
} }
$reset_link = get_lang('Pass')." : $user[password]"; $reset_link = get_lang('Pass')." : $user[password]";
$userAccountList = get_lang('YourRegistrationData')." : \n".get_lang('UserName').' : '.$user['loginName']."\n".$reset_link.''; $userAccountList = get_lang('YourRegistrationData')." : \n".get_lang('UserName').' : '.$user['loginName']."\n".$reset_link.'';
@ -85,20 +84,20 @@ function get_user_account_list($user, $reset = false, $by_username = false)
} }
return $userAccountList; return $userAccountList;
} }
/** /**
* This function sends the actual password to the user * This function sends the actual password to the user
* *
* @param unknown_type $user * @param unknown_type $user
* @author Olivier Cauberghe <olivier.cauberghe@UGent.be>, Ghent University * @author Olivier Cauberghe <olivier.cauberghe@UGent.be>, Ghent University
*/ */
function send_password_to_user($user, $by_username = false) function send_password_to_user($user, $by_username = false) {
{
global $charset; global $charset;
global $_configuration; global $_configuration;
$emailHeaders = get_email_headers(); // Email Headers $emailHeaders = get_email_headers(); // Email Headers
$emailSubject = "[".get_setting('siteName')."] ".get_lang('LoginRequest'); // SUBJECT $emailSubject = "[".get_setting('siteName')."] ".get_lang('LoginRequest'); // SUBJECT
if ($by_username == true) { // Show only for lost password if ($by_username) { // Show only for lost password
$userAccountList = get_user_account_list($user, false, $by_username); // BODY $userAccountList = get_user_account_list($user, false, $by_username); // BODY
$emailTo = $user["email"]; $emailTo = $user["email"];
} else { } else {
@ -107,7 +106,7 @@ function send_password_to_user($user, $by_username = false)
} }
$portal_url = $_configuration['root_web']; $portal_url = $_configuration['root_web'];
if ($_configuration['multiple_access_urls'] == true) { if ($_configuration['multiple_access_urls']) {
$access_url_id = api_get_current_access_url_id(); $access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1 ){ if ($access_url_id != -1 ){
$url = api_get_access_url($access_url_id); $url = api_get_access_url($access_url_id);
@ -126,24 +125,24 @@ function send_password_to_user($user, $by_username = false)
$message = get_lang('SystemUnableToSendEmailContact') . ' ' . Display :: encrypted_mailto_link(get_setting('emailAdministrator'), get_lang('PlatformAdmin')).".</p>"; $message = get_lang('SystemUnableToSendEmailContact') . ' ' . Display :: encrypted_mailto_link(get_setting('emailAdministrator'), get_lang('PlatformAdmin')).".</p>";
} }
} }
/** /**
* Enter description here... * Enter description here...
* *
* @param unknown_type $user * @param unknown_type $user
* @param bool $by_username * @param bool $by_username
* @return unknown * @return unknown
* *
* @author Olivier Cauberghe <olivier.cauberghe@UGent.be>, Ghent University * @author Olivier Cauberghe <olivier.cauberghe@UGent.be>, Ghent University
*/ */
function handle_encrypted_password($user, $by_username = false) function handle_encrypted_password($user, $by_username = false) {
{
global $charset; global $charset;
global $_configuration; global $_configuration;
$emailHeaders = get_email_headers(); // Email Headers $emailHeaders = get_email_headers(); // Email Headers
$emailSubject = "[".get_setting('siteName')."] ".get_lang('LoginRequest'); // SUBJECT $emailSubject = "[".api_get_setting('siteName')."] ".get_lang('LoginRequest'); // SUBJECT
if ($by_username == true) { // Show only for lost password if ($by_username) { // Show only for lost password
$userAccountList = get_user_account_list($user, true, $by_username); // BODY $userAccountList = get_user_account_list($user, true, $by_username); // BODY
$emailTo = $user["email"]; $emailTo = $user["email"];
} else { } else {
@ -157,7 +156,7 @@ function handle_encrypted_password($user, $by_username = false)
$emailBody .= get_lang('PasswordEncryptedForSecurity'); $emailBody .= get_lang('PasswordEncryptedForSecurity');
$emailBody .= "\n\n".get_lang('Formula').",\n".get_lang('PlataformAdmin'); $emailBody .= "\n\n".get_lang('Formula').",\n".get_lang('PlataformAdmin');
$sender_name = get_setting('administratorName').' '.get_setting('administratorSurname'); $sender_name = get_setting('administratorName').' '.get_setting('administratorSurname');
$email_admin = get_setting('emailAdministrator'); $email_admin = api_get_setting('emailAdministrator');
if (@api_mail('', $emailTo, $emailSubject, $emailBody, $sender_name, $email_admin) == 1) { if (@api_mail('', $emailTo, $emailSubject, $emailBody, $sender_name, $email_admin) == 1) {
Display::display_confirmation_message(get_lang('YourPasswordHasBeenEmailed')); Display::display_confirmation_message(get_lang('YourPasswordHasBeenEmailed'));
@ -166,21 +165,21 @@ function handle_encrypted_password($user, $by_username = false)
Display::display_error_message($message, false); Display::display_error_message($message, false);
} }
} }
/** /**
* Enter description here... * Enter description here...
* @author Olivier Cauberghe <olivier.cauberghe@UGent.be>, Ghent University * @author Olivier Cauberghe <olivier.cauberghe@UGent.be>, Ghent University
*/ */
function get_secret_word($add) function get_secret_word($add) {
{
global $_configuration; global $_configuration;
return $secretword = md5($_configuration['security_key'].$add); return $secretword = md5($_configuration['security_key'].$add);
} }
/** /**
* Enter description here... * Enter description here...
* @author Olivier Cauberghe <olivier.cauberghe@UGent.be>, Ghent University * @author Olivier Cauberghe <olivier.cauberghe@UGent.be>, Ghent University
*/ */
function reset_password($secret, $id, $by_username = false) function reset_password($secret, $id, $by_username = false) {
{
$tbl_user = Database::get_main_table(TABLE_MAIN_USER); $tbl_user = Database::get_main_table(TABLE_MAIN_USER);
$id = intval($id); $id = intval($id);
$sql = "SELECT user_id AS uid, lastname AS lastName, firstname AS firstName, username AS loginName, password, email FROM ".$tbl_user." WHERE user_id=$id"; $sql = "SELECT user_id AS uid, lastname AS lastName, firstname AS firstName, username AS loginName, password, email FROM ".$tbl_user." WHERE user_id=$id";
@ -199,7 +198,7 @@ function reset_password($secret, $id, $by_username = false)
$crypted = $user["password"]; $crypted = $user["password"];
$crypted = api_get_encrypted_password($crypted); $crypted = api_get_encrypted_password($crypted);
$sql = "UPDATE ".$tbl_user." SET password='$crypted' WHERE user_id=$id"; $sql = "UPDATE ".$tbl_user." SET password='$crypted' WHERE user_id=$id";
$result = Database::query($sql,__FILE__,__LINE__); $result = Database::query($sql, __FILE__, __LINE__);
return send_password_to_user($user, $by_username); return send_password_to_user($user, $by_username);
} else { } else {
@ -208,4 +207,3 @@ function reset_password($secret, $id, $by_username = false)
} }
} }
?>

98
main/auth/my_progress.php
Unescape View File

@ -1,19 +1,19 @@
<?php <?php
/* For licensing terms, see /dokeos_license.txt */ /* For licensing terms, see /dokeos_license.txt */
// name of the language file that needs to be included // name of the language file that needs to be included
$language_file = array('registration','tracking','exercice','admin'); $language_file = array('registration', 'tracking', 'exercice', 'admin');
$cidReset = true; $cidReset = true;
$this_section = 'session_my_space'; $this_section = 'session_my_space';
require ('../inc/global.inc.php'); require '../inc/global.inc.php';
require_once (api_get_path(LIBRARY_PATH).'tracking.lib.php'); require_once api_get_path(LIBRARY_PATH).'tracking.lib.php';
require_once (api_get_path(LIBRARY_PATH).'course.lib.php'); require_once api_get_path(LIBRARY_PATH).'course.lib.php';
require_once (api_get_path(LIBRARY_PATH).'usermanager.lib.php'); require_once api_get_path(LIBRARY_PATH).'usermanager.lib.php';
require_once ('../newscorm/learnpath.class.php'); require_once api_get_path(SYS_CODE_PATH).'newscorm/learnpath.class.php';
$nameTools=get_lang('MyProgress'); $nameTools = get_lang('MyProgress');
api_block_anonymous_users(); api_block_anonymous_users();
@ -34,7 +34,6 @@ $tbl_course_lp = Database :: get_course_table(TABLE_LP_MAIN);
$tbl_course_lp_item = Database :: get_course_table(TABLE_LP_ITEM); $tbl_course_lp_item = Database :: get_course_table(TABLE_LP_ITEM);
$tbl_course_quiz = Database :: get_course_table(TABLE_QUIZ_TEST); $tbl_course_quiz = Database :: get_course_table(TABLE_QUIZ_TEST);
// get course list // get course list
$sql = 'SELECT course_code FROM '.$tbl_course_user.' WHERE user_id='.intval($_user['user_id']); $sql = 'SELECT course_code FROM '.$tbl_course_user.' WHERE user_id='.intval($_user['user_id']);
$rs = Database::query($sql, __FILE__, __LINE__); $rs = Database::query($sql, __FILE__, __LINE__);
@ -53,7 +52,7 @@ while($row = Database :: fetch_array($rs)) {
echo '<div class="actions-title" >'; echo '<div class="actions-title" >';
echo $nameTools; echo $nameTools;
echo '</div>'; echo '</div>';
$now=date('Y-m-d'); $now = date('Y-m-d');
?> ?>
<table class="data_table" width="100%"> <table class="data_table" width="100%">
<tr class="tableName"> <tr class="tableName">
@ -80,18 +79,18 @@ $totalScore = 0;
$totalItem = 0; $totalItem = 0;
$totalProgress = 0; $totalProgress = 0;
foreach($Courses as $enreg) { foreach ($Courses as $enreg) {
$weighting = 0; $weighting = 0;
$lastConnexion = Tracking :: get_last_connection_date_on_the_course($_user['user_id'],$enreg['code']); $lastConnexion = Tracking :: get_last_connection_date_on_the_course($_user['user_id'], $enreg['code']);
$progress = Tracking :: get_avg_student_progress($_user['user_id'], $enreg['code']); $progress = Tracking :: get_avg_student_progress($_user['user_id'], $enreg['code']);
$total_time_login=Tracking :: get_time_spent_on_the_course($_user['user_id'], $enreg['code']); $total_time_login = Tracking :: get_time_spent_on_the_course($_user['user_id'], $enreg['code']);
$time = api_time_to_hms($total_time_login); $time = api_time_to_hms($total_time_login);
$pourcentageScore = Tracking :: get_average_test_scorm_and_lp ($_user['user_id'], $enreg['code']); $pourcentageScore = Tracking :: get_average_test_scorm_and_lp ($_user['user_id'], $enreg['code']);
?> ?>
<tr class='<?php echo $i?'row_odd':'row_even'; ?>'> <tr class='<?php echo $i?'row_odd':'row_even'; ?>'>
<td> <td>
<?php echo api_html_entity_decode($enreg['title'],ENT_QUOTES,$charset); ?> <?php echo api_html_entity_decode($enreg['title'], ENT_QUOTES, $charset); ?>
</td> </td>
<td align='center'> <td align='center'>
<?php echo $time; ?> <?php echo $time; ?>
@ -109,7 +108,7 @@ foreach($Courses as $enreg) {
?> ?>
</td> </td>
<td align='center' > <td align='center' >
<?php echo $lastConnexion ?> <?php echo $lastConnexion; ?>
</td> </td>
<td align='center'> <td align='center'>
<a href="<?php echo api_get_self(); ?>?course=<?php echo $enreg['code']; ?>"> <?php Display::display_icon('2rightarrow.gif', get_lang('Details')); ?> </a> <a href="<?php echo api_get_self(); ?>?course=<?php echo $enreg['code']; ?>"> <?php Display::display_icon('2rightarrow.gif', get_lang('Details')); ?> </a>
@ -129,12 +128,12 @@ foreach($Courses as $enreg) {
* *
* ********************************************************************************************** * **********************************************************************************************
*/ */
if(isset($_GET['course'])) { if (isset($_GET['course'])) {
$course = Database::escape_string($_GET['course']); $course = Database::escape_string($_GET['course']);
$a_infosCours = CourseManager::get_course_information($course); $a_infosCours = CourseManager::get_course_information($course);
//get coach and session_name if there is one and if session_mode is activated //get coach and session_name if there is one and if session_mode is activated
if(api_get_setting('use_session_mode')=='true') { if (api_get_setting('use_session_mode') == 'true') {
$tbl_user = Database :: get_main_table(TABLE_MAIN_USER); $tbl_user = Database :: get_main_table(TABLE_MAIN_USER);
$tbl_session = Database :: get_main_table(TABLE_MAIN_SESSION); $tbl_session = Database :: get_main_table(TABLE_MAIN_SESSION);
$tbl_session_course = Database :: get_main_table(TABLE_MAIN_SESSION_COURSE); $tbl_session_course = Database :: get_main_table(TABLE_MAIN_SESSION_COURSE);
@ -145,47 +144,42 @@ foreach($Courses as $enreg) {
WHERE session_course_user.id_user = '.intval($_user['user_id']).' WHERE session_course_user.id_user = '.intval($_user['user_id']).'
AND session_course_user.course_code = "'.Database::escape_string($course).'" AND session_course_user.course_code = "'.Database::escape_string($course).'"
ORDER BY id_session DESC'; ORDER BY id_session DESC';
$rs = Database::query($sql,__FILE__,__LINE__); $rs = Database::query($sql, __FILE__, __LINE__);
$row=Database::fetch_array($rs); $row = Database::fetch_array($rs);
if (!empty ($row[0])) if (!empty($row[0])) {
{ $session_id = intval($row[0]);
$session_id =intval($row[0]);
} }
//$session_id =intval(Database::result($rs,0,0)); //$session_id = intval(Database::result($rs, 0, 0));
if($session_id>0) if ($session_id > 0) {
{
// get session name and coach of the session // get session name and coach of the session
$sql = 'SELECT name, id_coach FROM '.$tbl_session.' $sql = 'SELECT name, id_coach FROM '.$tbl_session.'
WHERE id='.$session_id; WHERE id='.$session_id;
$rs = Database::query($sql,__FILE__,__LINE__); $rs = Database::query($sql, __FILE__, __LINE__);
$session_name = Database::result($rs,0,'name'); $session_name = Database::result($rs, 0, 'name');
$session_coach_id = intval(Database::result($rs,0,'id_coach')); $session_coach_id = intval(Database::result($rs, 0, 'id_coach'));
// get coach of the course in the session // get coach of the course in the session
$sql = 'SELECT id_coach FROM '.$tbl_session_course.' $sql = 'SELECT id_coach FROM '.$tbl_session_course.'
WHERE id_session='.$session_id.' WHERE id_session='.$session_id.'
AND course_code = "'.Database::escape_string($_GET['course']).'"'; AND course_code = "'.Database::escape_string($_GET['course']).'"';
$rs = Database::query($sql,__FILE__,__LINE__); $rs = Database::query($sql,__FILE__,__LINE__);
$session_course_coach_id = intval(Database::result($rs,0,0)); $session_course_coach_id = intval(Database::result($rs, 0, 0));
if($session_course_coach_id!=0) if ($session_course_coach_id != 0) {
{
$coach_infos = UserManager :: get_user_info_by_id($session_course_coach_id); $coach_infos = UserManager :: get_user_info_by_id($session_course_coach_id);
$a_infosCours['tutor_name'] = api_get_person_name($coach_infos['firstname'], $coach_infos['lastname']); $a_infosCours['tutor_name'] = api_get_person_name($coach_infos['firstname'], $coach_infos['lastname']);
} }
else if($session_coach_id!=0) else if($session_coach_id != 0) {
{
$coach_infos = UserManager :: get_user_info_by_id($session_coach_id); $coach_infos = UserManager :: get_user_info_by_id($session_coach_id);
$a_infosCours['tutor_name'] = api_get_person_name($coach_infos['firstname'], $coach_infos['lastname']); $a_infosCours['tutor_name'] = api_get_person_name($coach_infos['firstname'], $coach_infos['lastname']);
} }
} }
} // end if(api_get_setting('use_session_mode')=='true') } // end if (api_get_setting('use_session_mode') == 'true')
$tableTitle = $a_infosCours['title'].' | Coach : '.$a_infosCours['tutor_name'].((!empty($session_name)) ? ' | '.get_lang('Session').' : '.$session_name : ''); $tableTitle = $a_infosCours['title'].' | Coach : '.$a_infosCours['tutor_name'].((!empty($session_name)) ? ' | '.get_lang('Session').' : '.$session_name : '');
?> ?>
<table class="data_table" width="100%"> <table class="data_table" width="100%">
<tr class="tableName"> <tr class="tableName">
@ -202,9 +196,9 @@ foreach($Courses as $enreg) {
<?php <?php
$sqlLearnpath = "SELECT lp.name,lp.id FROM ".$a_infosCours['db_name'].".".$tbl_course_lp." AS lp"; $sqlLearnpath = "SELECT lp.name,lp.id FROM ".$a_infosCours['db_name'].".".$tbl_course_lp." AS lp";
$resultLearnpath = Database::query($sqlLearnpath); $resultLearnpath = Database::query($sqlLearnpath);
if(Database::num_rows($resultLearnpath)>0) { if (Database::num_rows($resultLearnpath) > 0) {
while($a_learnpath = Database::fetch_array($resultLearnpath)) { while($a_learnpath = Database::fetch_array($resultLearnpath)) {
$progress = learnpath :: get_db_progress($a_learnpath['id'],$_user['user_id'], '%',$a_infosCours['db_name']); $progress = learnpath :: get_db_progress($a_learnpath['id'], $_user['user_id'], '%', $a_infosCours['db_name']);
// calculates last connection time // calculates last connection time
$sql = 'SELECT MAX(start_time) $sql = 'SELECT MAX(start_time)
@ -242,10 +236,9 @@ foreach($Courses as $enreg) {
echo " </td> echo " </td>
<td align='center' width=180px > <td align='center' width=180px >
"; ";
if($start_time!=''){ if ($start_time != '') {
echo $lastConnexion; echo $lastConnexion;
} } else {
else{
echo '-'; echo '-';
} }
echo " </td> echo " </td>
@ -253,9 +246,8 @@ foreach($Courses as $enreg) {
"; ";
} }
} } else {
else
{
echo " <tr> echo " <tr>
<td colspan='4'> <td colspan='4'>
".get_lang('NoLearnpath')." ".get_lang('NoLearnpath')."
@ -263,9 +255,6 @@ foreach($Courses as $enreg) {
</tr> </tr>
"; ";
} }
?> ?>
<tr> <tr>
<th class="head" style="color:#000"><?php echo get_lang('Exercices'); ?></th> <th class="head" style="color:#000"><?php echo get_lang('Exercices'); ?></th>
@ -314,11 +303,11 @@ foreach($Courses as $enreg) {
$exe_id = $a_score['exe_id']; $exe_id = $a_score['exe_id'];
} }
if ($weighting>0) { if ($weighting > 0) {
// i.e 10.50% // i.e 10.50%
$pourcentageScore = round(($score*100)/$weighting,2); $pourcentageScore = round(($score * 100) / $weighting, 2);
} else { } else {
$pourcentageScore=0; $pourcentageScore = 0;
} }
$weighting = 0; $weighting = 0;
@ -328,9 +317,9 @@ foreach($Courses as $enreg) {
echo $a_exercices['title']; echo $a_exercices['title'];
echo '</td>'; echo '</td>';
if ($a_exercices['results_disabled']==0) { if ($a_exercices['results_disabled'] == 0) {
echo '<td align="center">'; echo '<td align="center">';
if ($a_essais['essais']>0) { if ($a_essais['essais'] > 0) {
echo $pourcentageScore.'%'; echo $pourcentageScore.'%';
} else { } else {
echo '/'; echo '/';
@ -340,8 +329,9 @@ foreach($Courses as $enreg) {
echo $a_essais['essais']; echo $a_essais['essais'];
echo '</td> echo '</td>
<td align="center" width="25">'; <td align="center" width="25">';
if($a_essais['essais']>0) if ($a_essais['essais'] > 0) {
echo '<a href="../exercice/exercise_show.php?origin=myprogress&id='.$exe_id.'&cidReq='.$a_infosCours['code'].'&id_session='.Security::remove_XSS($_GET['id_session']).'"> '.Display::return_icon('quiz.gif', get_lang('Quiz')).' </a>'; echo '<a href="../exercice/exercise_show.php?origin=myprogress&id='.$exe_id.'&cidReq='.$a_infosCours['code'].'&id_session='.Security::remove_XSS($_GET['id_session']).'"> '.Display::return_icon('quiz.gif', get_lang('Quiz')).' </a>';
}
echo '</td>'; echo '</td>';
} else { } else {
// we show or not the results if the teacher wants to // we show or not the results if the teacher wants to
@ -354,22 +344,18 @@ foreach($Courses as $enreg) {
<td align="center" width="25">'; <td align="center" width="25">';
echo ' -- '; echo ' -- ';
echo '</td>'; echo '</td>';
} }
echo '</tr>'; echo '</tr>';
} }
} else { } else {
echo '<tr><td colspan="4">'.get_lang('NoEx').'</td></tr>'; echo '<tr><td colspan="4">'.get_lang('NoEx').'</td></tr>';
} }
} } else {
else{
echo '<tr><td colspan="4">'.get_lang('NoEx').'</td></tr>'; echo '<tr><td colspan="4">'.get_lang('NoEx').'</td></tr>';
} }
?> ?>
</table> </table>
<?php <?php
} }
Display :: display_footer(); Display :: display_footer();
?>

6
main/auth/profile.php
Unescape View File

@ -535,7 +535,7 @@ if (!empty($_SESSION['production_uploaded'])) {
} }
} }
if (empty($user_data['password0']) && !empty($user_data['password1'])) { if (empty($user_data['password0']) && !empty($user_data['password1'])) {
$wrong_current_password = true; $wrong_current_password = true;
} }
// upload picture if a new one is provided // upload picture if a new one is provided
@ -609,13 +609,9 @@ if (!empty($_SESSION['production_uploaded'])) {
} }
if (isset($_GET['show'])) { if (isset($_GET['show'])) {
if ((api_get_setting('allow_social_tool') == 'true' && api_get_setting('allow_message_tool') == 'true') || (api_get_setting('allow_social_tool') == 'true')) { if ((api_get_setting('allow_social_tool') == 'true' && api_get_setting('allow_message_tool') == 'true') || (api_get_setting('allow_social_tool') == 'true')) {
$interbreadcrumb[] = array ('url' => 'javascript: void(0);', 'name' => get_lang('SocialNetwork')); $interbreadcrumb[] = array ('url' => 'javascript: void(0);', 'name' => get_lang('SocialNetwork'));
} elseif ((api_get_setting('allow_social_tool') == 'false' && api_get_setting('allow_message_tool') == 'true')) { } elseif ((api_get_setting('allow_social_tool') == 'false' && api_get_setting('allow_message_tool') == 'true')) {
$interbreadcrumb[] = array('url' => 'javascript: void(0);', 'name' => get_lang('MessageTool')); $interbreadcrumb[] = array('url' => 'javascript: void(0);', 'name' => get_lang('MessageTool'));
} }
} }

2
main/inc/lib/course.lib.php
Unescape View File

@ -2028,6 +2028,7 @@ class CourseManager {
$rs = Database::query($sql, __FILE__, __LINE__); $rs = Database::query($sql, __FILE__, __LINE__);
return Database::result($rs, 0, 'code'); return Database::result($rs, 0, 'code');
} }
/** /**
* Get the database name of a course by the code * Get the database name of a course by the code
* @param string The course code * @param string The course code
@ -2039,6 +2040,7 @@ class CourseManager {
$rs = Database::query($sql,__FILE__,__LINE__); $rs = Database::query($sql,__FILE__,__LINE__);
return Database::result($rs, 0, 'db_name'); return Database::result($rs, 0, 'db_name');
} }
/** /**
* Lists details of the course description * Lists details of the course description
* @param array The course description * @param array The course description

Write Preview
Loading…
Cancel
Save