From c8885dc3d2517de6e81d4db1d2925bf67c3b3dad Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Fri, 4 Jun 2021 17:04:21 +0200 Subject: [PATCH] Update from 1.11.x --- .htaccess | 9 +- index.php | 2 +- main/admin/course_information.php | 10 +- main/admin/course_list.php | 6 +- main/admin/gradebook_list.php | 2 +- main/admin/index.php | 1 + main/admin/languages.php | 2 - main/admin/ldap_import_students.php | 2 +- .../admin/ldap_import_students_to_session.php | 2 +- main/admin/legal_list.php | 2 - main/admin/promotions.php | 3 - main/admin/questions.php | 3 - main/admin/skill.php | 2 - main/admin/skill_badge.php | 2 - main/admin/skill_badge_create.php | 2 - main/admin/skill_level.php | 2 - main/admin/skill_list.php | 2 - main/admin/skills.php | 3 - main/admin/skills_gradebook.php | 3 - main/admin/skills_import.php | 1 - main/admin/skills_profile.php | 3 - main/admin/skills_wheel.php | 3 - main/admin/specific_fields_add.php | 2 - main/admin/statistics.php | 3 - main/admin/system_status.php | 2 - main/admin/teacher_time_report.php | 2 +- .../admin/teachers_time_by_session_report.php | 2 - main/attendance/attendance_sheet.php | 6 +- main/blog/blog.php | 5 - main/chat/chat.php | 1 - .../course_description_controller.php | 2 - main/coursecopy/copy_course.php | 2 - plugin/courseblock/install.php | 2 +- .../Entity/NotificationRelUser.php | 2 - plugin/courselegal/install.php | 2 +- plugin/courselegal/user_list.php | 2 +- .../createdrupaluser/src/CreateDrupalUser.php | 20 ++++ plugin/grading_electronic/generate.php | 4 +- plugin/notebookteacher/install.php | 2 +- .../QuestionOptionsEvaluationPlugin.php | 3 - plugin/redirection/admin.php | 2 +- plugin/sepe/install.php | 2 +- plugin/sepe/src/sepe.lib.php | 14 +-- plugin/sepe/src/specialty-tutor-edit.php | 28 ++++-- plugin/sepe/update.php | 2 +- plugin/sepe/view/formative-actions-list.tpl | 2 +- plugin/sepe/ws/Sepe.php | 94 +++++++++++++++---- plugin/sepe/ws/service.php | 3 - plugin/surveyexportcsv/export.php | 1 + 49 files changed, 155 insertions(+), 124 deletions(-) diff --git a/.htaccess b/.htaccess index 5ef3fc17e4..1621a1f5d9 100755 --- a/.htaccess +++ b/.htaccess @@ -14,6 +14,9 @@ RedirectMatch 403 ^/main/default_course_document/images/.*\.ph(p[3457]?|t|tml|ar RedirectMatch 403 ^/main/lang/.*\.ph(p[3457]?|t|tml|ar)$ RedirectMatch 403 ^/web/(!app.php).*\.ph(p[3457]?|t|tml|ar)$ +RewriteRule ^/?app/config/.*\.yml$ - [F,L] +RewriteRule ^/?app/config/.*\.yaml$ - [F,L] + # http://my.chamilo.net/certificates/?id=123 to http://my.chamilo.net/certificates/index.php?id=123 RewriteCond %{QUERY_STRING} ^id=(.*)$ RewriteRule ^certificates/$ certificates/index.php?id=%1 [L] @@ -47,13 +50,13 @@ RewriteRule ^courses/([^/]+)/course-pic.png$ main/inc/ajax/course.ajax.php?a=get RewriteRule ^courses/([^/]+)/(.*)$ app/courses/$1/$2 [QSA,L] # About session -RewriteRule ^session/(\d{1,})/about/?$ main/session/about.php?session_id=$1 [L] +RewriteRule ^session/(\d{1,})/about/?$ main/session/about.php?session_id=$1 [QSA,L] # About course -RewriteRule ^course/(\d{1,})/about/?$ main/course_info/about.php?course_id=$1 [L] +RewriteRule ^course/(\d{1,})/about/?$ main/course_info/about.php?course_id=$1 [QSA,L] # Issued individual badge friendly URL -RewriteRule ^badge/(\d{1,})/?$ main/badge/issued.php?issue=$1 [L] +RewriteRule ^badge/(\d{1,})/?$ main/badge/issued.php?issue=$1 [QSA,L] # Issued badges friendly URL RewriteRule ^skill/(\d{1,})/user/(\d{1,})/?$ main/badge/issued_all.php?skill=$1&user=$2 [L] diff --git a/index.php b/index.php index 2ca9422bbd..58a29dd2be 100755 --- a/index.php +++ b/index.php @@ -61,7 +61,7 @@ if (isset($_GET['submitAuth']) && $_GET['submitAuth'] == 1) { ); echo 'Attempted breakin - sysadmins notified.'; session_destroy(); - die(); + exit(); } // Delete session item necessary to check for legal terms if (api_get_setting('allow_terms_conditions') === 'true') { diff --git a/main/admin/course_information.php b/main/admin/course_information.php index d820f008fb..86892fa403 100755 --- a/main/admin/course_information.php +++ b/main/admin/course_information.php @@ -4,8 +4,6 @@ * This script gives information about a course. * * @author Bart Mollet - * - * @package chamilo.admin */ $cidReset = true; require_once __DIR__.'/../inc/global.inc.php'; @@ -70,8 +68,8 @@ function get_course_usage($course, $session_id = 0) $usage = []; $conditionSession = ''; - if ($session_id !== '') { - $session_id = intval($session_id); + if ('' !== $session_id) { + $session_id = (int) $session_id; $conditionSession = " AND session_id = '$session_id' "; } @@ -131,11 +129,11 @@ $sql = "SELECT *, cu.status as course_status if (api_is_multiple_url_enabled()) { $sql .= " INNER JOIN ".Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER)." url_rel_user ON - u.user_id = url_rel_user.user_id AND + u.id = url_rel_user.user_id AND url_rel_user.access_url_id = ".api_get_current_access_url_id(); } $sql .= " WHERE - cu.user_id = u.user_id AND + cu.user_id = u.id AND cu.c_id = '".$courseId."' AND cu.relation_type <> ".COURSE_RELATION_TYPE_RRHH; $res = Database::query($sql); diff --git a/main/admin/course_list.php b/main/admin/course_list.php index 49727ef9b3..551700891d 100755 --- a/main/admin/course_list.php +++ b/main/admin/course_list.php @@ -444,8 +444,10 @@ if (isset($_GET['search']) && $_GET['search'] === 'advanced') { ]; $tool_name = get_lang('CourseList'); if (isset($_GET['delete_course'])) { - CourseManager::delete_course($_GET['delete_course']); - Display::addFlash(Display::return_message(get_lang('Deleted'))); + $result = CourseManager::delete_course($_GET['delete_course']); + if ($result) { + Display::addFlash(Display::return_message(get_lang('Deleted'))); + } } // Create a search-box $form = new FormValidator( diff --git a/main/admin/gradebook_list.php b/main/admin/gradebook_list.php index 74196097aa..b1a2a185d0 100644 --- a/main/admin/gradebook_list.php +++ b/main/admin/gradebook_list.php @@ -10,7 +10,7 @@ require_once __DIR__.'/../inc/global.inc.php'; api_protect_admin_script(); $allow = api_get_configuration_value('gradebook_dependency'); -if ($allow == false) { +if (false == $allow) { api_not_allowed(true); } diff --git a/main/admin/index.php b/main/admin/index.php index a05cfdde21..fcd2e73a50 100644 --- a/main/admin/index.php +++ b/main/admin/index.php @@ -6,6 +6,7 @@ * Index page of the admin tools. */ +// Resetting the course id. $cidReset = true; // Including some necessary chamilo files. diff --git a/main/admin/languages.php b/main/admin/languages.php index 325c509ad5..c1d11bcd9f 100755 --- a/main/admin/languages.php +++ b/main/admin/languages.php @@ -12,8 +12,6 @@ * @author Roan EMbrechts, code cleaning * * @since Dokeos 1.6 - * - * @package chamilo.admin */ // we are in the admin area so we do not need a course id diff --git a/main/admin/ldap_import_students.php b/main/admin/ldap_import_students.php index b57043edbd..21971b71c1 100755 --- a/main/admin/ldap_import_students.php +++ b/main/admin/ldap_import_students.php @@ -88,7 +88,7 @@ if (empty($annee) && empty($course)) { echo '
'; echo '

'.Display::return_icon('group.gif', get_lang('SelectStudents')).' '.get_lang('SelectStudents').'

'; //echo "Connection ..."; - $ds = ldap_connect($ldap_host, $ldap_port) or die(get_lang('LDAPConnectionError')); + $ds = ldap_connect($ldap_host, $ldap_port) or exit(get_lang('LDAPConnectionError')); ldap_set_version($ds); if ($ds) { diff --git a/main/admin/ldap_import_students_to_session.php b/main/admin/ldap_import_students_to_session.php index 4c555a40b5..97222909a5 100755 --- a/main/admin/ldap_import_students_to_session.php +++ b/main/admin/ldap_import_students_to_session.php @@ -94,7 +94,7 @@ elseif (!empty($annee) && !empty($id_session) && empty($_POST['confirmed'])) { echo '
'; echo '

'.Display::return_icon('group.gif', get_lang('SelectStudents')).' '.get_lang('SelectStudents').'

'; //echo "Connection ..."; - $ds = ldap_connect($ldap_host, $ldap_port) or die(get_lang('LDAPConnectionError')); + $ds = ldap_connect($ldap_host, $ldap_port) or exit(get_lang('LDAPConnectionError')); ldap_set_version($ds); if ($ds) { $r = false; diff --git a/main/admin/legal_list.php b/main/admin/legal_list.php index f3c4a5fcbf..109f970e38 100755 --- a/main/admin/legal_list.php +++ b/main/admin/legal_list.php @@ -5,8 +5,6 @@ use Chamilo\CoreBundle\Entity\Repository\LegalRepository; /** * Sessions list script. - * - * @package chamilo.admin */ $cidReset = true; require_once __DIR__.'/../inc/global.inc.php'; diff --git a/main/admin/promotions.php b/main/admin/promotions.php index 56df7ac203..a5aa7414bf 100755 --- a/main/admin/promotions.php +++ b/main/admin/promotions.php @@ -1,9 +1,6 @@ - * - * @package chamilo.admin.openbadges */ $cidReset = true; diff --git a/main/admin/skill_badge_create.php b/main/admin/skill_badge_create.php index 2aef0dafef..aab0c76766 100644 --- a/main/admin/skill_badge_create.php +++ b/main/admin/skill_badge_create.php @@ -5,8 +5,6 @@ * Show information about Mozilla OpenBadges. * * @author Angel Fernando Quiroz Campos - * - * @package chamilo.admin.openbadges */ $cidReset = true; diff --git a/main/admin/skill_level.php b/main/admin/skill_level.php index 8bfad072db..e7b06c3640 100644 --- a/main/admin/skill_level.php +++ b/main/admin/skill_level.php @@ -5,8 +5,6 @@ use Chamilo\SkillBundle\Entity\Level; /** * Add a skill Level. - * - * @package chamilo.skill */ $cidReset = true; diff --git a/main/admin/skill_list.php b/main/admin/skill_list.php index 0569e05ce8..1f9a0de9af 100644 --- a/main/admin/skill_list.php +++ b/main/admin/skill_list.php @@ -5,8 +5,6 @@ * Skill list for management. * * @author Angel Fernando Quiroz Campos - * - * @package chamilo.admin */ $cidReset = true; diff --git a/main/admin/skills.php b/main/admin/skills.php index 0d8db2379a..e1e0c945d3 100755 --- a/main/admin/skills.php +++ b/main/admin/skills.php @@ -1,9 +1,6 @@ */ $cidReset = true; diff --git a/main/admin/teacher_time_report.php b/main/admin/teacher_time_report.php index 18e1aac190..29990c16ca 100644 --- a/main/admin/teacher_time_report.php +++ b/main/admin/teacher_time_report.php @@ -354,7 +354,7 @@ if (isset($_GET['export'])) { Export::export_table_xls_html($dataToExport, $fileName); break; } - die; + exit; } $form->addSelect( diff --git a/main/admin/teachers_time_by_session_report.php b/main/admin/teachers_time_by_session_report.php index 50321e96d2..bbe335537c 100644 --- a/main/admin/teachers_time_by_session_report.php +++ b/main/admin/teachers_time_by_session_report.php @@ -7,8 +7,6 @@ use Doctrine\Common\Collections\Criteria; /** * Generate a teacher time report in platform by session only. - * - * @package chamilo.admin */ $cidReset = true; diff --git a/main/attendance/attendance_sheet.php b/main/attendance/attendance_sheet.php index 3e8fbde23f..e63daeff67 100755 --- a/main/attendance/attendance_sheet.php +++ b/main/attendance/attendance_sheet.php @@ -208,7 +208,7 @@ if (api_is_allowed_to_edit(null, true) ||
- +
@@ -260,7 +260,7 @@ if (api_is_allowed_to_edit(null, true) || '; - echo '
'; + echo '
'; echo ''; $result = null; if (count($attendant_calendar) > 0) { @@ -436,7 +436,7 @@ if (api_is_allowed_to_edit(null, true) || -
+
diff --git a/main/blog/blog.php b/main/blog/blog.php index 1404ca0345..2d57aeb1a1 100755 --- a/main/blog/blog.php +++ b/main/blog/blog.php @@ -3,8 +3,6 @@ /** * BLOG HOMEPAGE * This file takes care of all blog navigation and displaying. - * - * @package chamilo.blogs */ require_once __DIR__.'/../inc/global.inc.php'; @@ -31,9 +29,6 @@ $MonthsLong = api_get_months_long(); $action = isset($_GET['action']) ? $_GET['action'] : null; -/* - PROCESSING -*/ $safe_post_file_comment = isset($_POST['post_file_comment']) ? Security::remove_XSS($_POST['post_file_comment']) : null; $safe_comment_text = isset($_POST['comment_text']) ? Security::remove_XSS($_POST['comment_text']) : null; diff --git a/main/chat/chat.php b/main/chat/chat.php index 8da7a2b241..f12b7e4203 100755 --- a/main/chat/chat.php +++ b/main/chat/chat.php @@ -16,7 +16,6 @@ $logInfo = [ 'action_details' => 'start-chat', ]; Event::registerLog($logInfo); -// View $externalCSS = [ 'jquery-emojiarea/jquery.emojiarea.css', 'jquery-textcomplete/jquery.textcomplete.css', diff --git a/main/course_description/course_description_controller.php b/main/course_description/course_description_controller.php index 597e0239a5..ed0e242868 100644 --- a/main/course_description/course_description_controller.php +++ b/main/course_description/course_description_controller.php @@ -7,8 +7,6 @@ * it should be included inside a dispatcher file (e.g: index.php). * * @author Christian Fasanando - * - * @package chamilo.course_description */ class CourseDescriptionController { diff --git a/main/coursecopy/copy_course.php b/main/coursecopy/copy_course.php index c0cabadce3..fd41b77009 100755 --- a/main/coursecopy/copy_course.php +++ b/main/coursecopy/copy_course.php @@ -7,8 +7,6 @@ use Chamilo\CourseBundle\Component\CourseCopy\CourseSelectForm; /** * @todo rework file in order to use addFlash - * - * @package chamilo.backup */ // Setting the global file that gets the general configuration, the databases, the languages, ... diff --git a/plugin/courseblock/install.php b/plugin/courseblock/install.php index 4666a6384b..d9e6468921 100644 --- a/plugin/courseblock/install.php +++ b/plugin/courseblock/install.php @@ -4,6 +4,6 @@ require_once __DIR__.'/config.php'; if (!api_is_platform_admin()) { - die('You must have admin permissions to install plugins'); + exit('You must have admin permissions to install plugins'); } CourseBlockPlugin::create()->install(); diff --git a/plugin/coursehomenotify/Entity/NotificationRelUser.php b/plugin/coursehomenotify/Entity/NotificationRelUser.php index 7618bb9179..046747376e 100644 --- a/plugin/coursehomenotify/Entity/NotificationRelUser.php +++ b/plugin/coursehomenotify/Entity/NotificationRelUser.php @@ -68,8 +68,6 @@ class NotificationRelUser } /** - * @param Notification $notification - * * @return NotificationRelUser */ public function setNotification(Notification $notification) diff --git a/plugin/courselegal/install.php b/plugin/courselegal/install.php index d2808a4324..aed0f5677f 100755 --- a/plugin/courselegal/install.php +++ b/plugin/courselegal/install.php @@ -4,6 +4,6 @@ require_once __DIR__.'/config.php'; if (!api_is_platform_admin()) { - die('You must have admin permissions to install plugins'); + exit('You must have admin permissions to install plugins'); } CourseLegalPlugin::create()->install(); diff --git a/plugin/courselegal/user_list.php b/plugin/courselegal/user_list.php index f17567428c..63b276207d 100755 --- a/plugin/courselegal/user_list.php +++ b/plugin/courselegal/user_list.php @@ -39,7 +39,7 @@ switch ($action) { $order = " ORDER BY firstname, lastname"; $userList = $legal->getUserAgreementList($courseId, $sessionId, $order); -$table = new HTML_Table(['class' => 'data_table']); +$table = new HTML_Table(['class' => 'table table-hover table-striped data_table']); $table->setHeaderContents(0, 0, get_lang('User')); $table->setHeaderContents(0, 1, $legal->get_lang('WebAgreement')); $table->setHeaderContents(0, 2, $legal->get_lang('MailAgreement')); diff --git a/plugin/createdrupaluser/src/CreateDrupalUser.php b/plugin/createdrupaluser/src/CreateDrupalUser.php index b1d49dd666..572004bf6a 100644 --- a/plugin/createdrupaluser/src/CreateDrupalUser.php +++ b/plugin/createdrupaluser/src/CreateDrupalUser.php @@ -132,4 +132,24 @@ class CreateDrupalUser extends Plugin implements HookPluginInterface $extraField->delete($extraFieldInfo['id']); } } + /* + public function notifyDocumentAction(HookDocumentActionEventInterface $hook) + { + $data = $hook->getEventData(); + if ($data['type'] === HOOK_EVENT_TYPE_PRE) { + $data['actions'][] = Display::return_icon('edit.png'); + } + + return $data; + } + + public function notifyDocumentItemAction(HookDocumentItemActionEventInterface $hook) + { + $data = $hook->getEventData(); + if ($data['type'] === HOOK_EVENT_TYPE_PRE) { + $data['actions'][] = $data['id'].' - '.$data['title']; + } + + return $data; + }*/ } diff --git a/plugin/grading_electronic/generate.php b/plugin/grading_electronic/generate.php index 297f940339..863f3425a4 100644 --- a/plugin/grading_electronic/generate.php +++ b/plugin/grading_electronic/generate.php @@ -28,9 +28,7 @@ try { $form = $gradingElectronic->getForm(); if (!$form->validate()) { - throw new Exception( - implode('
', $form->_errors) - ); + throw new Exception(implode('
', $form->_errors)); } $em = Database::getManager(); diff --git a/plugin/notebookteacher/install.php b/plugin/notebookteacher/install.php index b8c9113e58..21521e4301 100644 --- a/plugin/notebookteacher/install.php +++ b/plugin/notebookteacher/install.php @@ -9,6 +9,6 @@ */ require_once __DIR__.'/config.php'; if (!api_is_platform_admin()) { - die('You must have admin permissions to install plugins'); + exit('You must have admin permissions to install plugins'); } NotebookTeacherPlugin::create()->install(); diff --git a/plugin/questionoptionsevaluation/QuestionOptionsEvaluationPlugin.php b/plugin/questionoptionsevaluation/QuestionOptionsEvaluationPlugin.php index 6adc53d323..1f469af32c 100644 --- a/plugin/questionoptionsevaluation/QuestionOptionsEvaluationPlugin.php +++ b/plugin/questionoptionsevaluation/QuestionOptionsEvaluationPlugin.php @@ -88,7 +88,6 @@ class QuestionOptionsEvaluationPlugin extends Plugin /** * @param int $formula - * @param Exercise $exercise */ public function saveFormulaForExercise($formula, Exercise $exercise) { @@ -199,7 +198,6 @@ class QuestionOptionsEvaluationPlugin extends Plugin /** * @param int $formula - * @param Exercise $exercise */ private function recalculateQuestionScore($formula, Exercise $exercise) { @@ -234,7 +232,6 @@ class QuestionOptionsEvaluationPlugin extends Plugin $questionPonderation += $ponderation; } - //error_log("question: $questionId -- i: $i -- w: $ponderation"); Database::query("UPDATE $tblAnswer SET ponderation = $ponderation WHERE iid = $iid"); } diff --git a/plugin/redirection/admin.php b/plugin/redirection/admin.php index 121e662f91..bc9bcc419a 100644 --- a/plugin/redirection/admin.php +++ b/plugin/redirection/admin.php @@ -51,7 +51,7 @@ if ($form->validate()) { $content = $form->returnForm(); $content .= '
-
+
diff --git a/plugin/sepe/install.php b/plugin/sepe/install.php index f0f280be78..3c3a071982 100644 --- a/plugin/sepe/install.php +++ b/plugin/sepe/install.php @@ -8,7 +8,7 @@ require_once __DIR__.'/config.php'; if (!api_is_platform_admin()) { - die('You must have admin permissions to install plugins'); + exit('You must have admin permissions to install plugins'); } SepePlugin::create()->install(); diff --git a/plugin/sepe/src/sepe.lib.php b/plugin/sepe/src/sepe.lib.php index 63a6620792..63402b5299 100644 --- a/plugin/sepe/src/sepe.lib.php +++ b/plugin/sepe/src/sepe.lib.php @@ -51,9 +51,9 @@ function checkIdentificationData() $result = Database::query($sql); if (Database::affected_rows($result) > 0) { return true; - } else { - return false; } + + return false; } function getActionId($courseId) @@ -163,7 +163,6 @@ function getInfoSpecialtyTutorial($tutorialId) $tutorialId = (int) $tutorialId; $sql = "SELECT * FROM $tableSepeParticipantsSpecialtyTutorials WHERE id = $tutorialId"; $res = Database::query($sql); - $aux = []; if (Database::num_rows($res) > 0) { $row = Database::fetch_assoc($res); } else { @@ -266,7 +265,6 @@ function getInfoSpecialtyTutor($tutorId) INNER JOIN $tableSepeTutors b ON a.tutor_id=b.id WHERE a.id = $tutorId;"; $res = Database::query($sql); - $aux = []; if (Database::num_rows($res) > 0) { $row['tutor_accreditation'] = Security::remove_XSS(stripslashes($row['tutor_accreditation'])); $row['teaching_competence'] = Security::remove_XSS(stripslashes($row['teaching_competence'])); @@ -489,7 +487,10 @@ function listCourseAction() global $tableSepeActions; global $tableSepeCourseActions; - $sql = "SELECT $tableSepeCourseActions.*, course.title AS title, $tableSepeActions.action_origin AS action_origin, $tableSepeActions.action_code AS action_code + $sql = "SELECT + $tableSepeCourseActions.*, course.title AS title, + $tableSepeActions.action_origin AS action_origin, + $tableSepeActions.action_code AS action_code FROM $tableSepeCourseActions, course, $tableSepeActions WHERE $tableSepeCourseActions.course_id=course.id AND $tableSepeActions.id=$tableSepeCourseActions.action_id"; @@ -558,7 +559,8 @@ function checkInsertNewLog($platformUserId, $actionId) global $tableSepeLogParticipant; $platformUserId = (int) $platformUserId; $actionId = (int) $actionId; - $sql = "SELECT * FROM $tableSepeLogParticipant WHERE platform_user_id = $platformUserId AND action_id = $actionId"; + $sql = "SELECT * FROM $tableSepeLogParticipant + WHERE platform_user_id = $platformUserId AND action_id = $actionId"; $res = Database::query($sql); if (Database::num_rows($res) > 0) { return false; diff --git a/plugin/sepe/src/specialty-tutor-edit.php b/plugin/sepe/src/specialty-tutor-edit.php index 3ee87c283d..4cd26cae39 100644 --- a/plugin/sepe/src/specialty-tutor-edit.php +++ b/plugin/sepe/src/specialty-tutor-edit.php @@ -169,16 +169,28 @@ if (!empty($_POST)) { } if (api_is_platform_admin()) { - $courseId = getCourse(intval($_GET['action_id'])); - $interbreadcrumb[] = ["url" => "/plugin/sepe/src/sepe-administration-menu.php", "name" => $plugin->get_lang('MenuSepe')]; + $actionId = (int) $_GET['action_id']; + $specialtyId = (int) $_GET['specialty_id']; + + $courseId = getCourse($actionId); + $interbreadcrumb[] = [ + "url" => "/plugin/sepe/src/sepe-administration-menu.php", + "name" => $plugin->get_lang('MenuSepe'), + ]; $interbreadcrumb[] = ["url" => "formative-actions-list.php", "name" => $plugin->get_lang('FormativesActionsList')]; - $interbreadcrumb[] = ["url" => "formative-action.php?cid=".$courseId, "name" => $plugin->get_lang('FormativeAction')]; - $interbreadcrumb[] = ["url" => "specialty-action-edit.php?new_specialty=0&specialty_id=".intval($_GET['specialty_id'])."&action_id=".$_GET['action_id'], "name" => $plugin->get_lang('SpecialtyFormativeAction')]; + $interbreadcrumb[] = [ + "url" => "formative-action.php?cid=".$courseId, + "name" => $plugin->get_lang('FormativeAction'), + ]; + $interbreadcrumb[] = [ + "url" => "specialty-action-edit.php?new_specialty=0&specialty_id=".$specialtyId."&action_id=".$actionId, + "name" => $plugin->get_lang('SpecialtyFormativeAction'), + ]; if (isset($_GET['new_tutor']) && intval($_GET['new_tutor']) == 1) { $templateName = $plugin->get_lang('NewSpecialtyTutor'); $tpl = new Template($templateName); - $tpl->assign('action_id', intval($_GET['action_id'])); - $tpl->assign('specialty_id', intval($_GET['specialty_id'])); + $tpl->assign('action_id', $actionId); + $tpl->assign('specialty_id', $specialtyId); $info = []; $tpl->assign('info', $info); $tpl->assign('new_tutor', '1'); @@ -186,8 +198,8 @@ if (api_is_platform_admin()) { } else { $templateName = $plugin->get_lang('EditSpecialtyTutor'); $tpl = new Template($templateName); - $tpl->assign('action_id', intval($_GET['action_id'])); - $tpl->assign('specialty_id', intval($_GET['specialty_id'])); + $tpl->assign('action_id', $actionId); + $tpl->assign('specialty_id', $specialtyId); $tpl->assign('tutor_id', intval($_GET['tutor_id'])); $info = getInfoSpecialtyTutor($_GET['tutor_id']); $tpl->assign('info', $info); diff --git a/plugin/sepe/update.php b/plugin/sepe/update.php index dd6bf03494..f7df21852d 100644 --- a/plugin/sepe/update.php +++ b/plugin/sepe/update.php @@ -8,7 +8,7 @@ require_once __DIR__.'/config.php'; if (!api_is_platform_admin()) { - die('You must have admin permissions to install plugins'); + exit('You must have admin permissions to install plugins'); } SepePlugin::create()->update(); diff --git a/plugin/sepe/view/formative-actions-list.tpl b/plugin/sepe/view/formative-actions-list.tpl index 5e90a2be41..af5d60c23a 100644 --- a/plugin/sepe/view/formative-actions-list.tpl +++ b/plugin/sepe/view/formative-actions-list.tpl @@ -20,7 +20,7 @@
{% if course_action_list|length > 0 %} -
User URL
+
{% for course in course_action_list %} diff --git a/plugin/sepe/ws/Sepe.php b/plugin/sepe/ws/Sepe.php index aa129bf8f7..d575fc2a9a 100644 --- a/plugin/sepe/ws/Sepe.php +++ b/plugin/sepe/ws/Sepe.php @@ -246,6 +246,8 @@ class Sepe // Comprobamos si existen datos almacenados previamente $table = Database::get_main_table('plugin_sepe_actions'); + $actionOrigin = Database::escape_string($actionOrigin); + $actionCode = Database::escape_string($actionCode); $sql = "SELECT action_origin FROM $table WHERE action_origin='".$actionOrigin."' AND action_code='".$actionCode."';"; $rs = Database::query($sql); @@ -263,11 +265,29 @@ class Sepe $startDate = self::fixDate($startDate); $endDate = self::fixDate($endDate); - $sql = "INSERT INTO $table (action_origin, action_code, situation, specialty_origin, professional_area, specialty_code, duration, start_date, end_date, full_itinerary_indicator, financing_type, attendees_count, action_name, global_info, schedule, requirements, contact_action) - VALUES ('".$actionOrigin."','".$actionCode."','".$situation."','".$specialtyOrigin."','".$professionalArea."','".$specialtyCode."','".$duration."','".$startDate."','".$endDate."','".$fullItineraryIndicator."','".$financingType."','".$attendeesCount."','".$actionName."','".$globalInfo."','".$schedule."','".$requerements."','".$contactAction."')"; + $params = [ + 'action_origin' => $actionOrigin, + 'action_code' => $actionCode, + 'situation' => $situation, + 'specialty_origin' => $specialtyOrigin, + 'professional_area' => $professionalArea, + 'specialty_code' => $specialtyCode, + 'duration' => $duration, + 'start_date' => $startDate, + 'end_date' => $endDate, + 'full_itinerary_indicator' => $fullItineraryIndicator, + 'financing_type' => $financingType, + 'attendees_count' => $attendeesCount, + 'action_name' => $actionName, + 'global_info' => $globalInfo, + 'schedule' => $schedule, + 'requirements' => $requerements, + 'contact_actio' => $contactAction, + ]; - $rs = Database::query($sql); - if (!$rs) { + $actionId = Database::insert($table, $params); + + if (!empty($actionId)) { return [ "RESPUESTA_OBT_ACCION" => [ "CODIGO_RETORNO" => "-1", @@ -276,7 +296,6 @@ class Sepe ], ]; } - $actionId = Database::insert_id(); // DATOS ESPECIALIDADES DE LA ACCION $table = Database::get_main_table('plugin_sepe_specialty'); @@ -397,6 +416,8 @@ class Sepe foreach ($centroList as $centro) { $centerOrigin = $centro->ORIGEN_CENTRO; $centerCode = $centro->CODIGO_CENTRO; + $centerOrigin = Database::escape_string($centerOrigin); + $centerCode = Database::escape_string($centerCode); $sql = "SELECT id FROM $tableCenters WHERE center_origin='".$centerOrigin."' AND center_code='".$centerCode."';"; $res = Database::query($sql); @@ -446,8 +467,12 @@ class Sepe $experienceTeleforming = $tutor->EXPERIENCIA_MODALIDAD_TELEFORMACION; $trainingTeleforming = $tutor->FORMACION_MODALIDAD_TELEFORMACION; + $documentType = Database::escape_string($documentType); + $documentNumber = Database::escape_string($documentNumber); + $documentLetter = Database::escape_string($documentLetter); /* check tutor not exists */ - $sql = "SELECT id FROM $tableTutors WHERE + $sql = "SELECT id FROM $tableTutors + WHERE document_type='".$documentType."' AND document_number='".$documentNumber."' AND document_letter='".$documentLetter."';"; @@ -470,9 +495,16 @@ class Sepe ], ]; } - $sql = "INSERT INTO $tableSpecialityTutors (specialty_id, tutor_id, tutor_accreditation, professional_experience, teaching_competence, experience_teleforming, training_teleforming) - VALUES ('".$specialtyId."','".$tutorId."','".$tutorAccreditation."','".$professionalExperience."','".$teachingCompetence."','".$experienceTeleforming."','".$trainingTeleforming."');"; - Database::query($sql); + $params = [ + 'specialty_id' => $specialtyId, + 'tutor_id' => $tutorId, + 'tutor_accreditation' => $tutorAccreditation, + 'professional_experience' => $professionalExperience, + 'teaching_competence' => $teachingCompetence, + 'experience_teleforming' => $experienceTeleforming, + 'training_teleforming' => $trainingTeleforming, + ]; + Database::insert($tableSpecialityTutors, $params); } } } @@ -532,6 +564,9 @@ class Sepe $documentNumberTraining = isset($participant->CONTRATO_FORMACION->ID_TUTOR_FORMACION->NUM_DOCUMENTO) ? $participant->CONTRATO_FORMACION->ID_TUTOR_FORMACION->NUM_DOCUMENTO : null; $documentLetterTraining = isset($participant->CONTRATO_FORMACION->ID_TUTOR_FORMACION->LETRA_NIF) ? $participant->CONTRATO_FORMACION->ID_TUTOR_FORMACION->LETRA_NIF : null; if (!empty($documentTypeTraining) || !empty($documentNumberTraining) || !empty($documentLetterTraining)) { + $documentTypeTraining = Database::escape_string($documentTypeTraining); + $documentNumberTraining = Database::escape_string($documentNumberTraining); + $documentLetterTraining = Database::escape_string($documentLetterTraining); $tmp_f = Database::query( ' SELECT id FROM '.$tableTutorsCompany.' @@ -631,10 +666,23 @@ class Sepe $endDate = self::fixDate($endDate); $table_aux = Database::get_main_table('plugin_sepe_participants_specialty'); - $sql = "INSERT INTO $table_aux (participant_id,specialty_origin,professional_area,specialty_code,registration_date,leaving_date,center_origin,center_code,start_date,end_date,final_result,final_qualification,final_score) - VALUES ('".$participantId."','".$specialtyOrigin."','".$professionalArea."','".$specialtyCode."','".$registrationDate."','".$leavingDate."','".$centerOrigin."','".$centerCode."','".$startDate."','".$endDate."','".$finalResult."','".$finalQualification."','".$finalScore."');"; - Database::query($sql); - $participantSpecialtyId = Database::insert_id(); + $params = [ + 'participant_id' => $participantId, + 'specialty_origin' => $specialtyOrigin, + 'professional_area' => $professionalArea, + 'specialty_code' => $specialtyCode, + 'registration_date' => $registrationDate, + 'leaving_date' => $leavingDate, + 'center_origin' => $centerOrigin, + 'center_code' => $centerCode, + 'start_date' => $startDate, + 'end_date' => $endDate, + 'final_result' => $finalResult, + 'final_qualification' => $finalQualification, + 'final_score' => $finalScore, + ]; + + $participantSpecialtyId = Database::insert($table_aux, $params); if (empty($participantSpecialtyId)) { return [ "RESPUESTA_OBT_ACCION" => [ @@ -661,10 +709,16 @@ class Sepe $endDate = self::fixDate($endDate); $table_aux2 = Database::get_main_table('plugin_sepe_participants_specialty_tutorials'); - $sql = "INSERT INTO $table_aux2 (participant_specialty_id,center_origin,center_code,start_date,end_date) - VALUES ('".$participantSpecialtyId."','".$centerOrigin."','".$centerCode."','".$startDate."','".$endDate."');"; - $rs = Database::query($sql); - if (!$rs) { + $params = [ + 'participant_specialty_id' => $participantSpecialtyId, + 'center_origin' => $centerOrigin, + 'center_code' => $centerCode, + 'start_date' => $startDate, + 'end_date' => $endDate, + ]; + $id = Database::insert($table_aux2, $params); + + if (!empty($id)) { return [ "RESPUESTA_OBT_ACCION" => [ "CODIGO_RETORNO" => "-1", @@ -685,9 +739,7 @@ class Sepe $obtenerAccionInput->ID_ACCION->ORIGEN_ACCION = $actionOrigin; $obtenerAccionInput->ID_ACCION->CODIGO_ACCION = $actionCode; - $result = self::obtenerAccion($obtenerAccionInput); - - return $result; + return self::obtenerAccion($obtenerAccionInput); } public function obtenerAccion($obtenerAccionInput) @@ -724,6 +776,8 @@ class Sepe $participantsSpecialityTable = Database::get_main_table('plugin_sepe_participants_specialty'); $participantsSpecialityTutorialsTable = Database::get_main_table('plugin_sepe_participants_specialty_tutorials'); $tableTutorsCompany = Database::get_main_table('plugin_sepe_tutors_company'); + $actionOrigin = Database::escape_string($actionOrigin); + $actionCode = Database::escape_string($actionCode); // Comprobamos si existen datos almacenados previamente $sql = "SELECT * diff --git a/plugin/sepe/ws/service.php b/plugin/sepe/ws/service.php index 0311388848..6405e2aad6 100644 --- a/plugin/sepe/ws/service.php +++ b/plugin/sepe/ws/service.php @@ -18,9 +18,6 @@ $ns = api_get_path(WEB_PLUGIN_PATH)."sepe/ws/ProveedorCentroTFWS.wsdl"; $wsdl = api_get_path(SYS_PLUGIN_PATH)."sepe/ws/ProveedorCentroTFWS.wsdl"; $serviceUrl = api_get_path(WEB_PLUGIN_PATH).'sepe/ws/service.php'; -/** - * Class CustomServer. - */ class CustomServer extends Zend\Soap\Server { /** diff --git a/plugin/surveyexportcsv/export.php b/plugin/surveyexportcsv/export.php index da678bf370..8472dc3f4c 100644 --- a/plugin/surveyexportcsv/export.php +++ b/plugin/surveyexportcsv/export.php @@ -136,6 +136,7 @@ function getQuestionOptions($user, $courseId, $surveyId, $questionId) AND sqo.iid = sa.optionId WHERE sa.user = :user AND sa.cId = :course AND sa.surveyId = :survey AND sa.questionId = :question' ) + ->setMaxResults(1) ->setParameters( [ 'user' => $user,
{{ 'Course' | get_lang }}: {{ course.title }} -> {{ 'ActionId' | get_plugin_lang('SepePlugin') | upper }}: {{ course.action_origin }} {{ course.action_code }}