chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[svn r20597] logic changes - added restriction for anonymous user - (partial FS#3985)

Browse Source
skala
Isaac Flores 16 years ago
parent 17d87f5328
commit c4427c1310
11 changed files with 100 additions and 76 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 29
      main/chat/chat_chat.php
  2. 85
      main/chat/chat_message.php
  3. 14
      main/forum/index.php
  4. 11
      main/forum/viewforum.php
  5. 4
      main/forum/viewforumcategory.php
  6. 5
      main/forum/viewthread.php
  7. 6
      main/forum/viewthread_flat.inc.php
  8. 6
      main/forum/viewthread_nested.inc.php
  9. 6
      main/forum/viewthread_threaded.inc.php
  10. 4
      main/inc/lib/events.lib.inc.php
  11. 6
      main/notebook/index.php

29
main/chat/chat_chat.php
Unescape View File

@ -48,7 +48,7 @@ if (!empty($course))
$query="SELECT username FROM $tbl_user WHERE user_id='".$_user['user_id']."'";
$result=api_sql_query($query,__FILE__,__LINE__);
list($pseudoUser)=mysql_fetch_row($result);
list($pseudoUser)=Database::fetch_row($result);
$isAllowed=(empty($pseudoUser) || !$_cid)?false:true;
$isMaster=$is_courseAdmin?true:false;
@ -67,25 +67,24 @@ if (!empty($course))
@unlink($chatPath);
}
$perm = api_get_setting('permissions_for_new_directories');
$perm = octdec(!empty($perm)?$perm:'0770');
@mkdir($chatPath,$perm);
@chmod($chatPath,$perm);
$doc_id=add_document($_course,'/chat_files','folder',0,'chat_files');
api_sql_query("INSERT INTO ".$TABLEITEMPROPERTY . " (tool,insert_user_id,insert_date,lastedit_date,ref,lastedit_type,lastedit_user_id,to_group_id,to_user_id,visibility) VALUES ('document',1,NOW(),NOW(),$doc_id,'DocumentAdded',1,0,NULL,0)");
if (!api_is_anonymous()) {
$perm = api_get_setting('permissions_for_new_directories');
$perm = octdec(!empty($perm)?$perm:'0770');
@mkdir($chatPath,$perm);
@chmod($chatPath,$perm);
$doc_id=add_document($_course,'/chat_files','folder',0,'chat_files');
api_sql_query("INSERT INTO ".$TABLEITEMPROPERTY . " (tool,insert_user_id,insert_te,lastedit_date,ref,lastedit_type,lastedit_user_id,to_group_id,to_user_id,visibility) VALUES ('document',1,NOW(),NOW(),$doc_id,'DocumentAdded',1,0,NULL,0)");
}
}
if(!file_exists($chatPath.'messages-'.$dateNow.'.log.html'))
{
@fclose(fopen($chatPath.'messages-'.$dateNow.'.log.html','w'));
$doc_id=add_document($_course,'/chat_files/messages-'.$dateNow.'.log.html','file',0,'messages-'.$dateNow.'.log.html');
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', $_user['user_id']);
item_property_update_on_folder($_course,'/chat_files', $_user['user_id']);
if (!api_is_anonymous()) {
$doc_id=add_document($_course,'/chat_files/messages-'.$dateNow.'.log.html','file',0,'messages-'.$dateNow.'.log.html');
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', $_user['user_id']);
item_property_update_on_folder($_course,'/chat_files', $_user['user_id']);
}
}
if($reset && $isMaster)

85
main/chat/chat_message.php
Unescape View File

@ -127,14 +127,16 @@ if (!empty($course) && !empty($_user['user_id']))
if(!is_dir($chatPath)) {
if(is_file($chatPath)) {
@unlink($chatPath);
}
if (!api_is_anonymous()) {
$perm = api_get_setting('permissions_for_new_directories');
$perm = octdec(!empty($perm)?$perm:'0770');
@mkdir($chatPath,$perm);
@chmod($chatPath,$perm);
$doc_id=add_document($_course,'/chat_files','folder',0,'chat_files');
$sql_insert = "INSERT INTO ".$TABLEITEMPROPERTY . " (tool,insert_user_id,insert_date,lastedit_date,ref,lastedit_type,lastedit_user_id,to_group_id,to_user_id,visibility) VALUES ('document',1,NOW(),NOW(),$doc_id,'DocumentAdded',1,0,NULL,0)";
api_sql_query($sql_insert ,__FILE__,__LINE__);
}
$perm = api_get_setting('permissions_for_new_directories');
$perm = octdec(!empty($perm)?$perm:'0770');
@mkdir($chatPath,$perm);
@chmod($chatPath,$perm);
$doc_id=add_document($_course,'/chat_files','folder',0,'chat_files');
$sql_insert = "INSERT INTO ".$TABLEITEMPROPERTY . " (tool,insert_user_id,insert_date,lastedit_date,ref,lastedit_type,lastedit_user_id,to_group_id,to_user_id,visibility) VALUES ('document',1,NOW(),NOW(),$doc_id,'DocumentAdded',1,0,NULL,0)";
api_sql_query($sql_insert ,__FILE__,__LINE__);
}
include('header_frame.inc.php');
@ -224,43 +226,44 @@ if (!empty($course) && !empty($_user['user_id']))
$timeNow=date('d/m/y H:i:s');
if(!empty($message))
{
$message=make_clickable($message);
if(!file_exists($chatPath.'messages-'.$dateNow.'.log.html'))
if (!api_is_anonymous()) {
if(!empty($message))
{
$doc_id=add_document($_course,'/chat_files/messages-'.$dateNow.'.log.html','file',0,'messages-'.$dateNow.'.log.html');
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', $_user['user_id']);
$message=make_clickable($message);
if(!file_exists($chatPath.'messages-'.$dateNow.'.log.html'))
{
$doc_id=add_document($_course,'/chat_files/messages-'.$dateNow.'.log.html','file',0,'messages-'.$dateNow.'.log.html');
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', $_user['user_id']);
item_property_update_on_folder($_course,'/chat_files', $_user['user_id']);
}
else
{
$doc_id = DocumentManager::get_document_id($_course,'/chat_files/messages-'.$dateNow.'.log.html');
}
$fp=fopen($chatPath.'messages-'.$dateNow.'.log.html','a');
if($isMaster)
{
$photo= '<img src="'.api_get_path(WEB_IMG_PATH).'teachers.gif" alt="'.get_lang('Teacher').'" width="11" height="11" align="top" title="'.get_lang('Teacher').'" />';
fputs($fp,'<span style="color:#999; font-size: smaller;">['.$timeNow.']</span>'.$photo.' <span id="chat_login_name"><b>'.$firstname.' '.$lastname.'</b></span> : <i>'.$message.'</i><br>'."\n");
}
else
{
$photo= '<img src="'.api_get_path(WEB_IMG_PATH).'students.gif" alt="'.get_lang('Student').'" width="11" height="11" align="top" title="'.get_lang('Student').'" />';
fputs($fp,'<span style="color:#999; font-size: smaller;">['.$timeNow.']</span>'.$photo.' <b>'.$firstname.' '.$lastname.'</b> : <i>'.$message.'</i><br>'."\n");
}
fclose($fp);
$chat_size=filesize($chatPath.'messages-'.$dateNow.'.log.html');
update_existing_document($_course, $doc_id,$chat_size);
item_property_update_on_folder($_course,'/chat_files', $_user['user_id']);
}
else
{
$doc_id = DocumentManager::get_document_id($_course,'/chat_files/messages-'.$dateNow.'.log.html');
}
$fp=fopen($chatPath.'messages-'.$dateNow.'.log.html','a');
if($isMaster)
{
$photo= '<img src="'.api_get_path(WEB_IMG_PATH).'teachers.gif" alt="'.get_lang('Teacher').'" width="11" height="11" align="top" title="'.get_lang('Teacher').'" />';
fputs($fp,'<span style="color:#999; font-size: smaller;">['.$timeNow.']</span>'.$photo.' <span id="chat_login_name"><b>'.$firstname.' '.$lastname.'</b></span> : <i>'.$message.'</i><br>'."\n");
}
else
{
$photo= '<img src="'.api_get_path(WEB_IMG_PATH).'students.gif" alt="'.get_lang('Student').'" width="11" height="11" align="top" title="'.get_lang('Student').'" />';
fputs($fp,'<span style="color:#999; font-size: smaller;">['.$timeNow.']</span>'.$photo.' <b>'.$firstname.' '.$lastname.'</b> : <i>'.$message.'</i><br>'."\n");
}
fclose($fp);
$chat_size=filesize($chatPath.'messages-'.$dateNow.'.log.html');
update_existing_document($_course, $doc_id,$chat_size);
item_property_update_on_folder($_course,'/chat_files', $_user['user_id']);
}
}
?>

14
main/forum/index.php
Unescape View File

@ -214,10 +214,12 @@ if (isset($_GET['action']) && $_GET['action'] == 'notify' AND isset($_GET['conte
$groups_of_user=array();
$groups_of_user=GroupManager::get_group_ids($_course['dbName'], $_user['user_id']);
// all groups in the course (and sorting them as the id of the group = the key of the array
$all_groups=GroupManager::get_group_list();
if(is_array($all_groups)) {
foreach ($all_groups as $group) {
$all_groups[$group['id']]=$group;
if (!api_is_anonymous()) {
$all_groups=GroupManager::get_group_list();
if(is_array($all_groups)) {
foreach ($all_groups as $group) {
$all_groups[$group['id']]=$group;
}
}
}
@ -460,7 +462,9 @@ if (isset($_GET['action']) && $_GET['action'] == 'notify' AND isset($_GET['conte
$iconnotify = 'send_mail_checked.gif';
}
}
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&gradebook=$gradebook&action=notify&amp;content=forum&amp;id=".$forum['forum_id']."\">".icon('../img/'.$iconnotify,get_lang('NotifyMe'))."</a>";
if (!api_is_anonymous()) {
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&gradebook=$gradebook&action=notify&amp;content=forum&amp;id=".$forum['forum_id']."\">".icon('../img/'.$iconnotify,get_lang('NotifyMe'))."</a>";
}
echo "</td>\n";
echo "\t</tr>";
}

11
main/forum/viewforum.php
Unescape View File

@ -322,8 +322,10 @@ if ($origin!='learnpath') {
// 2. the course member is here and new threads are allowed
// 3. a visitor is here and new threads AND allowed AND anonymous posts are allowed
if (api_is_allowed_to_edit(false,true) OR ($current_forum['allow_new_threads']==1 AND isset($_user['user_id'])) OR ($current_forum['allow_new_threads']==1 AND !isset($_user['user_id']) AND $current_forum['allow_anonymous']==1)) {
if ($current_forum['locked'] <> 1 AND $current_forum['locked'] <> 1) {
echo '<a href="newthread.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($my_forum).$origin_string.'">'.Display::return_icon('forumthread_new.gif',get_lang('NewTopic')).' '.get_lang('NewTopic').'</a>';
if ($current_forum['locked'] <> 1 AND $current_forum['locked'] <> 1) {
if (!api_is_anonymous()) {
echo '<a href="newthread.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($my_forum).$origin_string.'">'.Display::return_icon('forumthread_new.gif',get_lang('NewTopic')).' '.get_lang('NewTopic').'</a>';
}
} else {
echo get_lang('ForumLocked');
}
@ -455,7 +457,10 @@ if(is_array($threads)) {
}
}
$icon_liststd = 'group.gif';
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&amp;forum=".Security::remove_XSS($my_forum)."&origin=".$origin."&amp;action=notify&amp;content=thread&amp;gidReq=".$_SESSION['toolgroup']."&amp;id=".$row['thread_id']."\">".icon('../img/'.$iconnotify,get_lang('NotifyMe'))."</a>";
if (!api_is_anonymous()) {
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&amp;forum=".Security::remove_XSS($my_forum)."&origin=".$origin."&amp;action=notify&amp;content=thread&amp;gidReq=".$_SESSION['toolgroup']."&amp;id=".$row['thread_id']."\">".icon('../img/'.$iconnotify,get_lang('NotifyMe'))."</a>";
}
if (api_is_allowed_to_edit() && $origin != 'learnpath') {
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;forum='.Security::remove_XSS($my_forum).'&origin='.$origin.'&amp;action=liststd&amp;content=thread&amp;gidReq='.$_SESSION['toolgroup'].'&amp;id='.$row['thread_id'].'">'.icon('../img/'.$icon_liststd,get_lang('StudentList')).'</a>';
}

4
main/forum/viewforumcategory.php
Unescape View File

@ -399,7 +399,9 @@ if ($action_forums!='add') {
$iconnotify = 'send_mail_checked.gif';
}
}
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&amp;forumcategory=".Security::remove_XSS($_GET['forumcategory'])."&amp;action=notify&amp;content=forum&amp;id=".$forum['forum_id']."\">".icon('../img/'.$iconnotify,get_lang('NotifyMe'))."</a>";
if (!api_is_anonymous()) {
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&amp;forumcategory=".Security::remove_XSS($_GET['forumcategory'])."&amp;action=notify&amp;content=forum&amp;id=".$forum['forum_id']."\">".icon('../img/'.$iconnotify,get_lang('NotifyMe'))."</a>";
}
echo "</td>\n";
echo "\t</tr>";
}

5
main/forum/viewthread.php
Unescape View File

@ -201,8 +201,9 @@ if ($my_message<>'PostDeletedSpecial') {
// The link should only appear when the user is logged in or when anonymous posts are allowed.
if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id'])) {
//reply link
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;action=replythread&origin='.$origin.'">'.Display::return_icon('forumthread_new.gif',get_lang('ReplyToThread')).get_lang('ReplyToThread').'</a>';
if (!api_is_anonymous()) {
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;action=replythread&origin='.$origin.'">'.Display::return_icon('forumthread_new.gif',get_lang('ReplyToThread')).get_lang('ReplyToThread').'</a>';
}
//new thread link
if ((api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session'])) OR ($current_forum['allow_new_threads']==1 AND isset($_user['user_id'])) OR ($current_forum['allow_new_threads']==1 AND !isset($_user['user_id']) AND $current_forum['allow_anonymous']==1)) {
if ($current_forum['locked'] <> 1 AND $current_forum['locked'] <> 1) {

6
main/forum/viewthread_flat.inc.php
Unescape View File

@ -99,8 +99,10 @@ foreach ($rows as $row) {
echo '<br /><br />';
if ($current_forum_category['locked']==0 AND $current_forum['locked']==0 AND $current_thread['locked']==0 OR api_is_allowed_to_edit(false,true)) {
if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id'])) {
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$row['post_id'].'&amp;action=replymessage&origin='.$origin.'">'.get_lang('ReplyToMessage').'</a><br />';
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$row['post_id'].'&amp;action=quote&origin='.$origin.'">'.get_lang('QuoteMessage').'</a><br /><br />';
if (!api_is_anonymous()) {
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$row['post_id'].'&amp;action=replymessage&origin='.$origin.'">'.get_lang('ReplyToMessage').'</a><br />';
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$row['post_id'].'&amp;action=quote&origin='.$origin.'">'.get_lang('QuoteMessage').'</a><br /><br />';
}
}
} else {
if ($current_forum_category['locked']==1) {

6
main/forum/viewthread_nested.inc.php
Unescape View File

@ -98,8 +98,10 @@ foreach ($rows as $post) {
//if (($current_forum_category['locked']==0 AND $current_forum['locked']==0 AND $current_thread['locked']==0) OR api_is_allowed_to_edit())
if ($current_forum_category['locked']==0 AND $current_forum['locked']==0 AND $current_thread['locked']==0 OR api_is_allowed_to_edit(false,true)) {
if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id'])) {
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$post['post_id'].'&amp;action=replymessage&amp;origin='. $origin .'">'.get_lang('ReplyToMessage').'</a><br />';
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$post['post_id'].'&amp;action=quote&amp;origin='. $origin .'">'.get_lang('QuoteMessage').'</a><br /><br />';
if (!api_is_anonymous()) {
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$post['post_id'].'&amp;action=replymessage&amp;origin='. $origin .'">'.get_lang('ReplyToMessage').'</a><br />';
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$post['post_id'].'&amp;action=quote&amp;origin='. $origin .'">'.get_lang('QuoteMessage').'</a><br /><br />';
}
}
} else {
if ($current_forum_category['locked']==1) {

6
main/forum/viewthread_threaded.inc.php
Unescape View File

@ -284,8 +284,10 @@ if ($current_forum_category['locked']==0 AND $current_forum['locked']==0 AND $cu
{
if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id']))
{
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$rows[$display_post_id]['post_id'].'&amp;action=replymessage&amp;origin='. $origin .'">'.get_lang('ReplyToMessage').'</a><br />';
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$rows[$display_post_id]['post_id'].'&amp;action=quote&amp;origin='. $origin .'">'.get_lang('QuoteMessage').'</a><br /><br />';
if (!api_is_anonymous()) {
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$rows[$display_post_id]['post_id'].'&amp;action=replymessage&amp;origin='. $origin .'">'.get_lang('ReplyToMessage').'</a><br />';
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$rows[$display_post_id]['post_id'].'&amp;action=quote&amp;origin='. $origin .'">'.get_lang('QuoteMessage').'</a><br /><br />';
}
}
}
else

4
main/inc/lib/events.lib.inc.php
Unescape View File

@ -1,4 +1,4 @@
<?php // $Id: events.lib.inc.php 20355 2009-05-06 03:46:06Z cvargas1 $
<?php // $Id: events.lib.inc.php 20597 2009-05-13 17:17:35Z iflorespaz $
/* See license terms in /dokeos_license.txt */
/**
==============================================================================
@ -520,7 +520,7 @@ function exercise_attempt($score,$answer,$quesId,$exeId,$j)
}
else // anonymous
{
$user_id = "NULL";
$user_id = api_get_anonymous_id();
}
$sql = "INSERT INTO $TBL_TRACK_ATTEMPT

6
main/notebook/index.php
Unescape View File

@ -284,7 +284,11 @@ function display_notes()
echo '<div class="actions" style="margin-bottom:20px">';
//if (api_is_allowed_to_edit())
//{
echo '<a href="index.php?'.api_get_cidreq().'&action=addnote">'.Display::return_icon('filenew.gif',get_lang('NoteAddNew')).get_lang('NoteAddNew').'</a>';
if (!api_is_anonymous()) {
echo '<a href="index.php?'.api_get_cidreq().'&action=addnote">'.Display::return_icon('filenew.gif',get_lang('NoteAddNew')).get_lang('NoteAddNew').'</a>';
} else {
echo '<a href="javascript:void(0)">'.Display::return_icon('filenew.gif',get_lang('NoteAddNew')).get_lang('NoteAddNew').'</a>';
}
//}
echo '<a href="index.php?'.api_get_cidreq().'&action=changeview&view=creation_date">'.Display::return_icon('calendar_select.gif',get_lang('OrderByCreationDate')).get_lang('OrderByCreationDate').'</a>';
echo '<a href="index.php?'.api_get_cidreq().'&action=changeview&view=update_date">'.Display::return_icon('calendar_select.gif',get_lang('OrderByModificationDate')).get_lang('OrderByModificationDate').'</a>';

Write Preview
Loading…
Cancel
Save