diff --git a/main/notebook/index.php b/main/notebook/index.php index 013571136f..cec2ce88ee 100755 --- a/main/notebook/index.php +++ b/main/notebook/index.php @@ -22,11 +22,10 @@ $tool = TOOL_NOTEBOOK; Display::display_header(get_lang(ucfirst($tool))); $user_id = api_get_user_id(); $course_id = api_get_course_id(); -$session_id = $_SESSION['id_session']; +$session_id = $_SESSION['id_session']; $ctok = $_SESSION['sec_token']; $stok = Security::get_token(); -$date = date('Y/m/d H:i:s'); $icon_add = 'kwrite.gif'; $icon_edit ='edit.gif'; $icon_delete ='delete.gif'; @@ -41,9 +40,10 @@ if (isset($_REQUEST['action']) && $_REQUEST['action']=='addnotebook') { echo '
'; echo ''; echo ''; - echo '
'; + echo '
'.get_lang('Title').'
'; + echo '
'.get_lang('Description').'
'; echo '
'; - echo ''; + echo ''; echo '
'; echo ''; echo ''; @@ -53,10 +53,11 @@ if (isset($_REQUEST['action']) && $_REQUEST['action']=='addnotebook') { Add Notebook Details ======================================*/ -if ($ctok==$_POST['sec_token']) { - if ((isset($_REQUEST['action']) && $_REQUEST['action']=='addnotebook') && isset($_REQUEST['description'])) { +if ($ctok==$_REQUEST['sec_token']) { + if ((isset($_REQUEST['action']) && $_REQUEST['action']=='addnotebook') && isset($_REQUEST['description']) && isset($_REQUEST['title'])) { $description = Security::remove_XSS($_REQUEST['description']); - $add_notebook= add_notebook_details($user_id,$course_id,$session_id,$description,$date); + $title = Security::remove_XSS($_REQUEST['title']); + $add_notebook= add_notebook_details($user_id,$course_id,$session_id,$title,$description); if($add_notebook) { Display::display_confirmation_message(get_lang('NoteCreated')); } @@ -66,11 +67,12 @@ if ($ctok==$_POST['sec_token']) { /*====================================== Edit Notebook Details ======================================*/ -if ($ctok==$_POST['sec_token']) { - if (isset($_REQUEST['upd_notebook_id']) && isset($_REQUEST['upd_description'])) { - $notebook_id = Security::remove_XSS($_REQUEST['upd_notebook_id']); +if ($ctok==$_REQUEST['sec_token']) { + if (isset($_REQUEST['upd_notebook_id']) && isset($_REQUEST['upd_title']) && isset($_REQUEST['upd_description'])) { + $notebook_id = Security::remove_XSS($_REQUEST['upd_notebook_id']); + $title = Security::remove_XSS($_REQUEST['upd_title']); $description = Security::remove_XSS($_REQUEST['upd_description']); - $edit_notebook= edit_notebook_details($notebook_id,$user_id,$course_id,$session_id,$description,$date); + $edit_notebook= edit_notebook_details($notebook_id,$user_id,$course_id,$session_id,$title,$description); if($edit_notebook) { Display::display_confirmation_message(get_lang('NoteUpdated')); } @@ -94,48 +96,73 @@ if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'delete_notebook'){ Display Notebook Details ======================================*/ -$notebook_list=get_notebook_details($user_id); + +// order by type (1 = By Creation Date, 2 = By Update Date, 3 = By Title) +isset($_REQUEST['type'])?$type=$_REQUEST['type']:$type=''; +$notebook_list=get_notebook_details($user_id,$course_id,$type); +$max = Database::num_rows($notebook_list); + +echo '
'; +echo ''; +echo '
'; +if ($max > 1) { + echo '
'; + if ($type == 3) { + echo get_lang('OrderBy').' : '.get_lang('CreationDate').' |  + '.get_lang('UpdateDate').' | '.get_lang('Title'); + } elseif ($type == 2) { + echo get_lang('OrderBy').' : '.get_lang('CreationDate').' |  + '.get_lang('UpdateDate').' | '.get_lang('Title').''; + } else { + echo get_lang('OrderBy').' : '.get_lang('CreationDate').' |  + '.get_lang('UpdateDate').' | '.get_lang('Title').''; + } + echo '
'; +} + +if(isset($_REQUEST['action']) && $_REQUEST['action'] == 'search') { + $search_title=$_POST['search_title']; + $notebook_list=get_notebook_details_by_title($user_id,$course_id,$search_title); +} + +//notebook list echo '
'; -$counter = 1; while ($row_notebook_list=Database::fetch_array($notebook_list)){ - - $title= get_lang('Note').' '.$counter; + $notebook_id = $_REQUEST['notebook_id']; echo '
'; - echo '
'; - echo ''.$title.' | '; - echo ''.$row_notebook_list['start_date'].''; - echo '
'; - + if ((isset($_REQUEST['action']) && $_REQUEST['action']=='edit_notebook') && ($row_notebook_list['notebook_id'] == $notebook_id)){ echo '
'; echo '
'; - echo ''; - echo '
'; + echo ''; + echo ''; + echo '
'; + echo ' | '.$row_notebook_list['creation_date'].'

'; + echo '
'; echo '
'; - echo ''; + echo ''; echo '
'; - } else { - echo '
'.$row_notebook_list['description'].'
'; + } else { + echo '
'; + echo ''.$row_notebook_list['title'].' | '; + echo ''.$row_notebook_list['creation_date'].''; + echo '
'; + echo '
'.$row_notebook_list['description'].'
'; echo '
'; - echo ''.Display::return_icon($icon_edit,get_lang('Edit')).' '; - echo ''.Display::return_icon($icon_delete,get_lang('Edit')).''; + echo ''.Display::return_icon($icon_edit,get_lang('Edit')).' '; + echo ''.Display::return_icon($icon_delete,get_lang('Edit')).''; if ( $row_notebook_list['status']==1 ) { - echo '  '.get_lang('LastUpdateDate').' : '.$row_notebook_list['end_date'].''; + echo '  '.get_lang('LastUpdateDate').' : '.$row_notebook_list['update_date'].''; } - echo '
'; + echo '
'; } echo '
'; - -$counter++; } -echo ''; - - - +echo ''; /* ============================================================================== diff --git a/main/notebook/notebookfunction.inc.php b/main/notebook/notebookfunction.inc.php index 93174cac54..c43b8250de 100755 --- a/main/notebook/notebookfunction.inc.php +++ b/main/notebook/notebookfunction.inc.php @@ -5,81 +5,124 @@ * @author Christian Fasanando * This library enables maintenance of the notebook tool */ + /** -* This function retrieves notebook details by users +* This function retrieves notebook details by course +* and order by a type (1 = By Creation Date, 2 = By Update Date, 3 = By Title) +* @param int $user_id - User ID +* @param string course - Course ID * @return array Array of type ([notebook_id=>a,user_id=>b,course=>c,session_id=>d,description=>e,start_date=>f,end_date=>g,status=>h],[]) * @author Christian Fasanando , * @version octubre 2008, dokeos 1.8.6 */ -function get_notebook_details($user_id) { +function get_notebook_details($user_id,$course,$type) { + + if ($user_id != strval(intval($user_id))) { return false; } + if (!empty($type) && $type != strval(intval($type))) { return false; } + $safe_course = Database::escape_string($course); $t_notebook = Database :: get_course_table(TABLE_NOTEBOOK); - $safe_user_id = Database::escape_string($user_id); - $sql = "SELECT note.notebook_id,note.user_id,note.course,note.session_id, - note.description,DATE_FORMAT(note.start_date,'%d/%m/%Y %H:%i:%s') as start_date,DATE_FORMAT(note.end_date,'%d/%m/%Y %H:%i:%s') as end_date,note.status - FROM $t_notebook note where note.user_id='$safe_user_id' ORDER BY note.start_date"; + + if ($type==3) { + $sql = "SELECT note.notebook_id,note.user_id,note.course,note.session_id, + note.title,note.description,DATE_FORMAT(note.creation_date,'%d/%m/%Y %H:%i:%s') as creation_date,DATE_FORMAT(note.update_date,'%d/%m/%Y %H:%i:%s') as update_date,note.status + FROM $t_notebook note where note.user_id='$user_id' AND note.course='$safe_course' ORDER BY note.title"; + } elseif($type==2) { + $sql = "SELECT note.notebook_id,note.user_id,note.course,note.session_id, + note.title,note.description,DATE_FORMAT(note.creation_date,'%d/%m/%Y %H:%i:%s') as creation_date,DATE_FORMAT(note.update_date,'%d/%m/%Y %H:%i:%s') as update_date,note.status + FROM $t_notebook note where note.user_id='$user_id' AND note.course='$safe_course' ORDER BY note.update_date DESC"; + } else { + $sql = "SELECT note.notebook_id,note.user_id,note.course,note.session_id, + note.title,note.description,DATE_FORMAT(note.creation_date,'%d/%m/%Y %H:%i:%s') as creation_date,DATE_FORMAT(note.update_date,'%d/%m/%Y %H:%i:%s') as update_date,note.status + FROM $t_notebook note where note.user_id='$user_id' AND note.course='$safe_course' ORDER BY note.creation_date DESC"; + } + + $result = api_sql_query($sql, __FILE__, __LINE__); + return $result; +} + +/** +* This function retrieves notebook details by title into a course +* @param int $user_id - User ID +* @param string course - Course ID +* @param string title - title you want to search for +* @return array Array of type ([notebook_id=>a,user_id=>b,course=>c,session_id=>d,description=>e,start_date=>f,end_date=>g,status=>h],[]) +* @author Christian Fasanando , +* @version octubre 2008, dokeos 1.8.6 +*/ +function get_notebook_details_by_title($user_id,$course,$title='') { + + if ($user_id != strval(intval($user_id))) { return false; } + $safe_course = Database::escape_string($course); + $safe_title = Database::escape_string($title); + $t_notebook = Database :: get_course_table(TABLE_NOTEBOOK); + + $sql = "SELECT note.notebook_id,note.user_id,note.course,note.session_id, + note.title,note.description,DATE_FORMAT(note.creation_date,'%d/%m/%Y %H:%i:%s') as creation_date,DATE_FORMAT(note.update_date,'%d/%m/%Y %H:%i:%s') as update_date,note.status + FROM $t_notebook note where note.user_id='$user_id' AND note.course='$safe_course' AND title like '$title%' ORDER BY note.creation_date DESC"; + $result = api_sql_query($sql, __FILE__, __LINE__); return $result; } /** -* This function add notebook details by users -* @param user_id type int -* @param course type String -* @param session_id type int -* @param description type String -* @param start_date type Date +* This function add notebook details by course +* @param int $user_id - User ID +* @param string $course - Course ID +* @param int $session_id - Session ID +* @param string $title - A title about the note +* @param string $description - A description about the note * @return boolean * @author Christian Fasanando , * @version octubre 2008, dokeos 1.8 */ -function add_notebook_details($user_id,$course,$session_id,$description,$start_date) { - $t_notebook = Database :: get_course_table(TABLE_NOTEBOOK); - if ($user_id != strval(intval($user_id))) { return false; } - if ($session_id != strval(intval($session_id))) { return false; } - $safe_course = Database::escape_string($course); - $safe_description = Database::escape_string($description); - $safe_start_date = Database::escape_string($start_date); - - if (empty($safe_description) || empty($safe_start_date)) { +function add_notebook_details($user_id,$course,$session_id=0,$title='',$description='') { + if (empty($description)) { return false; } - - $sql = "INSERT INTO $t_notebook(user_id,course,session_id,description,start_date,status) - VALUES('$user_id' , '$safe_course','$session_id','$safe_description','$safe_start_date',0)"; + if ($user_id != strval(intval($user_id))) { return false; } + if (!empty($session_id) && $session_id != strval(intval($session_id))) { return false; } + $safe_course = Database::escape_string($course); + $safe_title = Database::escape_string($title); + $safe_description = Database::escape_string($description); + $date = date('Y-m-d H:i:s'); + + $t_notebook = Database :: get_course_table(TABLE_NOTEBOOK); + $sql = "INSERT INTO $t_notebook(user_id,course,session_id,title,description,creation_date,status) + VALUES('$user_id' , '$safe_course','$session_id','$safe_title','$safe_description','$date',0)"; $result = api_sql_query($sql, __FILE__, __LINE__); return $result; } /** -* This function modify notebook details by users -* @param notebook_id type int -* @param user_id type int -* @param course type String -* @param session_id type int -* @param description type String -* @param end_date type Date +* This function modify notebook details by course +* @param int $notebook_id - Notebook ID +* @param int $user_id - User ID +* @param string $course - Course ID +* @param int $session_id - Session ID +* @param string $title - A title about the note +* @param string $description - A description about the note * @return boolean * @author Christian Fasanando , * @version octubre 2008, dokeos 1.8 */ -function edit_notebook_details($notebook_id,$user_id,$course,$session_id,$description,$end_date) { +function edit_notebook_details($notebook_id,$user_id,$course,$session_id=0,$title='',$description='') { - $t_notebook = Database :: get_course_table(TABLE_NOTEBOOK); - if ($notebook_id != strval(intval($notebook_id))) { return false;} + if (empty($description) || empty($title)) { + return false; + } + if ($notebook_id != strval(intval($notebook_id))) { return false;} if ($user_id != strval(intval($user_id))) { return false; } - if ($session_id != strval(intval($session_id))) { return false; } + if (!empty($session_id) && $session_id != strval(intval($session_id))) { return false; } $safe_notebook_id = (int)$notebook_id; $safe_course = Database::escape_string($course); + $safe_title = Database::escape_string($title); $safe_description = Database::escape_string($description); - $safe_end_date = Database::escape_string($end_date); - - if (empty($description) || empty($end_date)) { - return false; - } + $date = date('Y-m-d H:i:s'); - $sql = "UPDATE $t_notebook SET user_id='$user_id' , course='$safe_course',session_id='$session_id',description='$safe_description',end_date='$end_date',status='1' WHERE notebook_id='$notebook_id'"; + $t_notebook = Database :: get_course_table(TABLE_NOTEBOOK); + $sql = "UPDATE $t_notebook SET user_id='$user_id' , course='$safe_course',session_id='$session_id',title='$safe_title',description='$safe_description',update_date='$date',status='1' WHERE notebook_id='$notebook_id'"; $result = api_sql_query($sql, __FILE__, __LINE__); return $result; @@ -87,7 +130,7 @@ function edit_notebook_details($notebook_id,$user_id,$course,$session_id,$descri /** * This function delete notebook details by users -* @param notebook_id type int +* @param int $notebook_id - Notebook ID * @return boolean * @author Christian Fasanando , * @version octubre 2008, dokeos 1.8 @@ -118,11 +161,16 @@ function to_javascript_notebook() { } function add_notebook() { - msg_error='".get_lang('YouMustWriteANote')."'; - msg='<<".get_lang('WriteYourNoteHere').">>'; - if(document.frm_add_notebook.description.value=='' || document.frm_add_notebook.description.value==msg) { + msg_error_desc='".get_lang('YouMustWriteANote')."'; + msg_error_title='".get_lang('YouMustWriteATitle')."'; + msg_title='<<".get_lang('WriteTheTitleHere').">>'; + msg_description='<<".get_lang('WriteYourNoteHere').">>'; + if(document.frm_add_notebook.title.value=='' || document.frm_add_notebook.title.value==msg_title) { document.getElementById('msg_add_error').style.display='block'; - document.getElementById('msg_add_error').innerHTML=msg_error; + document.getElementById('msg_add_error').innerHTML=msg_error_title; + }else if(document.frm_add_notebook.description.value=='' || document.frm_add_notebook.description.value==msg_description) { + document.getElementById('msg_add_error').style.display='block'; + document.getElementById('msg_add_error').innerHTML=msg_error_desc; } else { document.frm_add_notebook.submit(); } @@ -135,10 +183,14 @@ function to_javascript_notebook() { } function edit_notebook() { - msg_error='".get_lang('YouMustWriteANote')."'; - if(document.frm_edit_notebook.upd_description.value=='') { + msg_error_desc='".get_lang('YouMustWriteANote')."'; + msg_error_title='".get_lang('YouMustWriteATitle')."'; + if(document.frm_edit_notebook.upd_title.value=='') { + document.getElementById('msg_edit_error').style.display='block'; + document.getElementById('msg_edit_error').innerHTML=msg_error_title; + }else if(document.frm_edit_notebook.upd_description.value=='') { document.getElementById('msg_edit_error').style.display='block'; - document.getElementById('msg_edit_error').innerHTML=msg_error; + document.getElementById('msg_edit_error').innerHTML=msg_error_desc; } else { document.frm_edit_notebook.submit(); }