chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge

Browse Source
skala
Julio Montoya 16 years ago
parent 0278c42726 7c8bb2a8ac
commit ca76424e63
30 changed files with 1930 additions and 1968 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 12
      main/admin/add_many_session_to_category.php
  2. 4
      main/admin/resume_session.php
  3. 2
      main/admin/session_add.php
  4. 2
      main/admin/session_category_edit.php
  5. 6
      main/admin/session_category_list.php
  6. 2
      main/admin/session_course_edit.php
  7. 8
      main/admin/session_course_user.php
  8. 2
      main/admin/session_edit.php
  9. 12
      main/admin/special_exports.php
  10. 2
      main/course_description/index.php
  11. 4
      main/course_home/activity.php
  12. 10
      main/coursecopy/classes/CourseBuilder.class.php
  13. 2
      main/coursecopy/classes/CourseRestorer.class.php
  14. 8
      main/coursecopy/copy_course_session.php
  15. 2
      main/exercice/exercice_submit.php
  16. 4
      main/glossary/index.php
  17. 4
      main/inc/lib/add_course.lib.inc.php
  18. 6
      main/inc/lib/course.lib.php
  19. 2
      main/inc/lib/fileUpload.lib.php
  20. 10
      main/inc/lib/main_api.lib.php
  21. 20
      main/inc/lib/sessionmanager.lib.php
  22. 6
      main/inc/lib/usermanager.lib.php
  23. 2
      main/inc/local.inc.php
  24. 2
      main/link/link.php
  25. 2
      main/survey/survey.lib.php
  26. 8
      main/tracking/courseLog.php
  27. 78
      main/wiki/index.php
  28. 168
      main/wiki/wiki.inc.php
  29. 2
      user_portal.php

12
main/admin/add_many_session_to_category.php
Unescape View File

@ -52,7 +52,7 @@ if(isset($_GET['add_type']) && $_GET['add_type']!=''){
if (!api_is_platform_admin()) { if (!api_is_platform_admin()) {
$sql = 'SELECT session_admin_id FROM '.Database :: get_main_table(TABLE_MAIN_SESSION).' WHERE id='.$id_session; $sql = 'SELECT session_admin_id FROM '.Database :: get_main_table(TABLE_MAIN_SESSION).' WHERE id='.$id_session;
$rs = api_sql_query($sql,__FILE__,__LINE__); $rs = Database::query($sql,__FILE__,__LINE__);
if (Database::result($rs,0,0)!=$_user['user_id']) { if (Database::result($rs,0,0)!=$_user['user_id']) {
api_not_allowed(true); api_not_allowed(true);
} }
@ -70,7 +70,7 @@ function search_courses($needle,$type) {
$sql = 'SELECT * FROM '.$tbl_session.' WHERE name LIKE "'.$needle.'%" ORDER BY id'; $sql = 'SELECT * FROM '.$tbl_session.' WHERE name LIKE "'.$needle.'%" ORDER BY id';
$rs = api_sql_query($sql, __FILE__, __LINE__); $rs = Database::query($sql, __FILE__, __LINE__);
$course_list = array(); $course_list = array();
$return .= '<select id="origin" name="NoSessionCategoryList[]" multiple="multiple" size="20" style="width:340px;">'; $return .= '<select id="origin" name="NoSessionCategoryList[]" multiple="multiple" size="20" style="width:340px;">';
@ -132,7 +132,7 @@ if ($_POST['formSent']) {
if($Categoryid != 0 && count($SessionCategoryList)>0 ){ if($Categoryid != 0 && count($SessionCategoryList)>0 ){
$session_id = join(',', $SessionCategoryList); $session_id = join(',', $SessionCategoryList);
$sql = "UPDATE $tbl_session SET session_category_id = $Categoryid WHERE id in ($session_id) "; $sql = "UPDATE $tbl_session SET session_category_id = $Categoryid WHERE id in ($session_id) ";
api_sql_query($sql,__FILE__,__LINE__); Database::query($sql,__FILE__,__LINE__);
header('Location: session_list.php?id_category='.$Categoryid); header('Location: session_list.php?id_category='.$Categoryid);
} else { } else {
header('Location: add_many_session_to_category.php?msg=error'); header('Location: add_many_session_to_category.php?msg=error');
@ -153,16 +153,16 @@ $rows_category_session = array();
if(isset($_POST['CategorySessionId']) && $_POST['formSent'] == 0 ){ if(isset($_POST['CategorySessionId']) && $_POST['formSent'] == 0 ){
$where = 'WHERE session_category_id !='.intval($_POST['CategorySessionId']); $where = 'WHERE session_category_id !='.intval($_POST['CategorySessionId']);
$sql = 'SELECT id, name FROM '.$tbl_session .' WHERE session_category_id ='.intval($_POST['CategorySessionId']).' ORDER BY name'; $sql = 'SELECT id, name FROM '.$tbl_session .' WHERE session_category_id ='.intval($_POST['CategorySessionId']).' ORDER BY name';
$result=api_sql_query($sql,__FILE__,__LINE__); $result=Database::query($sql,__FILE__,__LINE__);
$rows_category_session = api_store_result($result); $rows_category_session = api_store_result($result);
} }
$sql = "SELECT id, name FROM $tbl_session_category ORDER BY name"; $sql = "SELECT id, name FROM $tbl_session_category ORDER BY name";
$result=api_sql_query($sql,__FILE__,__LINE__); $result=Database::query($sql,__FILE__,__LINE__);
$rows_session_category = api_store_result($result); $rows_session_category = api_store_result($result);
$sql = "SELECT id, name FROM $tbl_session $where ORDER BY name"; $sql = "SELECT id, name FROM $tbl_session $where ORDER BY name";
$result=api_sql_query($sql,__FILE__,__LINE__); $result=Database::query($sql,__FILE__,__LINE__);
$rows_session = api_store_result($result); $rows_session = api_store_result($result);
?> ?>
<form name="formulaire" method="post" action="<?php echo api_get_self(); ?>?page=<?php echo $_GET['page']; if(!empty($_GET['add'])) echo '&add=true' ; ?>" style="margin:0px;" <?php if($ajax_search){echo ' onsubmit="valide();"';}?>> <form name="formulaire" method="post" action="<?php echo api_get_self(); ?>?page=<?php echo $_GET['page']; if(!empty($_GET['add'])) echo '&add=true' ; ?>" style="margin:0px;" <?php if($ajax_search){echo ' onsubmit="valide();"';}?>>

4
main/admin/resume_session.php
Unescape View File

@ -55,7 +55,7 @@ if(!api_is_platform_admin() && $session['session_admin_id']!=$_user['user_id'])
} }
$sql = 'SELECT name FROM '.$tbl_session_category.' WHERE id = "'.intval($session['session_category_id']).'"'; $sql = 'SELECT name FROM '.$tbl_session_category.' WHERE id = "'.intval($session['session_category_id']).'"';
$rs = api_sql_query($sql, __FILE__, __LINE__); $rs = Database::query($sql, __FILE__, __LINE__);
$session_category = ''; $session_category = '';
if(mysql_num_rows($rs)>0) { if(mysql_num_rows($rs)>0) {
$rows_session_category = api_store_result($rs); $rows_session_category = api_store_result($rs);
@ -218,7 +218,7 @@ else {
WHERE srcru.id_user = sru.id_user AND srcru.course_code = '".Database::escape_string($course['code'])."' WHERE srcru.id_user = sru.id_user AND srcru.course_code = '".Database::escape_string($course['code'])."'
AND srcru.id_session = '".intval($id_session)."'"; AND srcru.id_session = '".intval($id_session)."'";
$rs = api_sql_query($sql, __FILE__, __LINE__); $rs = Database::query($sql, __FILE__, __LINE__);
$course['nbr_users'] = mysql_result($rs,0,0); $course['nbr_users'] = mysql_result($rs,0,0);
// Get coachs of the courses in session // Get coachs of the courses in session

2
main/admin/session_add.php
Unescape View File

@ -202,7 +202,7 @@ if (intval($count_users)<50) {
$id_session_category = ''; $id_session_category = '';
$tbl_session_category = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY); $tbl_session_category = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY);
$sql = 'SELECT id, name FROM '.$tbl_session_category.' ORDER BY name ASC'; $sql = 'SELECT id, name FROM '.$tbl_session_category.' ORDER BY name ASC';
$result = api_sql_query($sql,__FILE__,__LINE__); $result = Database::query($sql,__FILE__,__LINE__);
$Categories = api_store_result($result); $Categories = api_store_result($result);
?> ?>
<tr> <tr>

2
main/admin/session_category_edit.php
Unescape View File

@ -37,7 +37,7 @@ $tool_name = get_lang('EditSessionCategory');
$interbreadcrumb[]=array('url' => 'index.php',"name" => get_lang('PlatformAdmin')); $interbreadcrumb[]=array('url' => 'index.php',"name" => get_lang('PlatformAdmin'));
$interbreadcrumb[]=array('url' => "session_category_list.php","name" => get_lang('ListSessionCategory')); $interbreadcrumb[]=array('url' => "session_category_list.php","name" => get_lang('ListSessionCategory'));
$sql = "SELECT * FROM $tbl_session_category WHERE id='".$id."' ORDER BY name"; $sql = "SELECT * FROM $tbl_session_category WHERE id='".$id."' ORDER BY name";
$result=api_sql_query($sql,__FILE__,__LINE__); $result=Database::query($sql,__FILE__,__LINE__);
if (!$infos=mysql_fetch_array($result)) { if (!$infos=mysql_fetch_array($result)) {
header('Location: session_list.php'); header('Location: session_list.php');
exit(); exit();

6
main/admin/session_category_list.php
Unescape View File

@ -82,10 +82,10 @@ if (isset ($_GET['search']) && $_GET['search'] == 'advanced') {
FROM $tbl_session_category sc $where "; FROM $tbl_session_category sc $where ";
$order = ($order == 'ASC')? 'DESC': 'ASC'; $order = ($order == 'ASC')? 'DESC': 'ASC';
$result_rows = api_sql_query($query_rows,__FILE__,__LINE__); $result_rows = Database::query($query_rows,__FILE__,__LINE__);
$recorset = Database::fetch_array($result_rows); $recorset = Database::fetch_array($result_rows);
$num = $recorset['total_rows']; $num = $recorset['total_rows'];
$result = api_sql_query($query,__FILE__,__LINE__); $result = Database::query($query,__FILE__,__LINE__);
$Sessions = api_store_result($result); $Sessions = api_store_result($result);
$nbr_results = sizeof($Sessions); $nbr_results = sizeof($Sessions);
$tool_name = get_lang('ListSessionCategory'); $tool_name = get_lang('ListSessionCategory');
@ -159,7 +159,7 @@ if (isset ($_GET['search']) && $_GET['search'] == 'advanced') {
break; break;
} }
$sql = 'SELECT COUNT(session_category_id) FROM '.$tbl_session.' WHERE session_category_id = '.intval($enreg['id']); $sql = 'SELECT COUNT(session_category_id) FROM '.$tbl_session.' WHERE session_category_id = '.intval($enreg['id']);
$rs = api_sql_query($sql, __FILE__, __LINE__); $rs = Database::query($sql, __FILE__, __LINE__);
list($nb_courses) = Database::fetch_array($rs); list($nb_courses) = Database::fetch_array($rs);
?> ?>
<tr class="<?php echo $i?'row_odd':'row_even'; ?>"> <tr class="<?php echo $i?'row_odd':'row_even'; ?>">

2
main/admin/session_course_edit.php
Unescape View File

@ -139,7 +139,7 @@ foreach($coaches as $enreg)
{ {
?> ?>
<option value="<?php echo $enreg['user_id']; ?>" <?php if((!$sent && (is_array($arr_infos) && in_array($enreg['user_id'],$arr_infos))) || ($sent && $enreg['user_id'] == $id_coach)) echo 'selected="selected"'; ?>><?php echo $enreg['lastname'].' '.$enreg['firstname'].' ('.$enreg['username'].')'; ?></option> <option value="<?php echo $enreg['user_id']; ?>" <?php if((!$sent && (is_array($arr_infos) && in_array($enreg['user_id'],$arr_infos))) || ($sent && $enreg['user_id'] == $id_coach)) echo 'selected="selected"'; ?>><?php echo api_get_person_name($enreg['firstname', $enreg['lastname']).' ('.$enreg['username'].')'; ?></option>
<?php <?php
} }

8
main/admin/session_course_user.php
Unescape View File

@ -46,7 +46,7 @@ if (empty($id_user) || empty($id_session)) {
if (!api_is_platform_admin()) { if (!api_is_platform_admin()) {
$sql = 'SELECT session_admin_id FROM '.Database :: get_main_table(TABLE_MAIN_SESSION).' WHERE id='.$id_session; $sql = 'SELECT session_admin_id FROM '.Database :: get_main_table(TABLE_MAIN_SESSION).' WHERE id='.$id_session;
$rs = api_sql_query($sql,__FILE__,__LINE__); $rs = Database::query($sql, __FILE__, __LINE__);
if (Database::result($rs,0,0)!=$_user['user_id']) { if (Database::result($rs,0,0)!=$_user['user_id']) {
api_not_allowed(true); api_not_allowed(true);
} }
@ -72,7 +72,7 @@ if ($_POST['formSent']) {
ON (srcru.id_session = session_rel_course.id_session) ON (srcru.id_session = session_rel_course.id_session)
WHERE id_user = $id_user and session_rel_course.id_session = $id_session"; WHERE id_user = $id_user and session_rel_course.id_session = $id_session";
$rs = api_sql_query($sql); $rs = Database::query($sql, __FILE__, __LINE__);
$existingCourses = api_store_result($rs); $existingCourses = api_store_result($rs);
if (count($CourseList) == count($existingCourses)) { if (count($CourseList) == count($existingCourses)) {
header('Location: session_course_user.php?id_session='.$id_session.'&id_user='.$id_user.'&msg='.get_lang('MaybeYouWantToDeleteThisUserFromSession')); header('Location: session_course_user.php?id_session='.$id_session.'&id_user='.$id_user.'&msg='.get_lang('MaybeYouWantToDeleteThisUserFromSession'));
@ -169,10 +169,10 @@ if ($_configuration['multiple_access_urls']==true) {
} }
}*/ }*/
$result=api_sql_query($sql,__FILE__,__LINE__); $result=Database::query($sql,__FILE__,__LINE__);
$Courses=api_store_result($result); $Courses=api_store_result($result);
$result=api_sql_query($sql_all,__FILE__,__LINE__); $result=Database::query($sql_all,__FILE__,__LINE__);
$CoursesAll=api_store_result($result); $CoursesAll=api_store_result($result);
$course_temp = array(); $course_temp = array();

2
main/admin/session_edit.php
Unescape View File

@ -126,7 +126,7 @@ unset($Coaches);
$tbl_session_category = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY); $tbl_session_category = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY);
//$access_url_id = api_get_current_access_url_id(); //$access_url_id = api_get_current_access_url_id();
$sql = 'SELECT id, name FROM '.$tbl_session_category.' ORDER BY name ASC'; $sql = 'SELECT id, name FROM '.$tbl_session_category.' ORDER BY name ASC';
$result = api_sql_query($sql,__FILE__,__LINE__); $result = Database::query($sql,__FILE__,__LINE__);
$Categories = api_store_result($result); $Categories = api_store_result($result);
?> ?>
<tr> <tr>

12
main/admin/special_exports.php
Unescape View File

@ -58,7 +58,7 @@ if ((isset ($_POST['action']) && $_POST['action'] == 'course_select_form') || (i
$to_group_id = 0; $to_group_id = 0;
$code_course = ''; $code_course = '';
$sql_session = "SELECT id, name FROM $tbl_session "; $sql_session = "SELECT id, name FROM $tbl_session ";
$query_session = api_sql_query($sql_session, __FILE__, __LINE__); $query_session = Database::query($sql_session, __FILE__, __LINE__);
$ListSession = array(); $ListSession = array();
while($rows_session = mysql_fetch_assoc($query_session)) { while($rows_session = mysql_fetch_assoc($query_session)) {
$ListSession[$rows_session['id']] = $rows_session['name']; $ListSession[$rows_session['id']] = $rows_session['name'];
@ -81,7 +81,7 @@ if ((isset ($_POST['action']) && $_POST['action'] == 'course_select_form') || (i
AND `docs`.`session_id` = '0' AND `docs`.`session_id` = '0'
AND `props`.`visibility`<>'2' AND `props`.`visibility`<>'2'
AND `props`.`to_group_id`=".$to_group_id.""; AND `props`.`to_group_id`=".$to_group_id."";
$query = api_sql_query($sql ,__FILE__,__LINE__); $query = Database::query($sql ,__FILE__,__LINE__);
while($rows_course_file = mysql_fetch_assoc($query)) { while($rows_course_file = mysql_fetch_assoc($query)) {
$zip_folder->add($FileZip['PATH_COURSE'].$_course['directory']."/document".$rows_course_file['path'], $zip_folder->add($FileZip['PATH_COURSE'].$_course['directory']."/document".$rows_course_file['path'],
PCLZIP_OPT_ADD_PATH, $_course['directory'], PCLZIP_OPT_ADD_PATH, $_course['directory'],
@ -99,7 +99,7 @@ if ((isset ($_POST['action']) && $_POST['action'] == 'course_select_form') || (i
AND `docs`.`session_id` = '$session_id' AND `docs`.`session_id` = '$session_id'
AND `props`.`visibility`<>'2' AND `props`.`visibility`<>'2'
AND `props`.`to_group_id`=".$to_group_id.""; AND `props`.`to_group_id`=".$to_group_id."";
$query_session_doc = api_sql_query($sql_session_doc, __FILE__, __LINE__); $query_session_doc = Database::query($sql_session_doc, __FILE__, __LINE__);
while($rows_course_session_file = mysql_fetch_assoc($query_session_doc)) { while($rows_course_session_file = mysql_fetch_assoc($query_session_doc)) {
$zip_folder->add($FileZip['PATH_COURSE'].$_course['directory'].'/document'.$rows_course_session_file['path'], $zip_folder->add($FileZip['PATH_COURSE'].$_course['directory'].'/document'.$rows_course_session_file['path'],
PCLZIP_OPT_ADD_PATH, $_course['directory']."/".$ListSession[$session_id], PCLZIP_OPT_ADD_PATH, $_course['directory']."/".$ListSession[$session_id],
@ -193,7 +193,7 @@ function fullexportspecial(){
AND `docs`.`session_id` = '0' AND `docs`.`session_id` = '0'
AND `props`.`visibility`<>'2' AND `props`.`visibility`<>'2'
AND `props`.`to_group_id`=".$to_group_id.""; AND `props`.`to_group_id`=".$to_group_id."";
$query = api_sql_query($sql ,__FILE__,__LINE__); $query = Database::query($sql ,__FILE__,__LINE__);
while($rows_course_file = mysql_fetch_assoc($query)) { while($rows_course_file = mysql_fetch_assoc($query)) {
$rows_course_file['path']; $rows_course_file['path'];
$zip_folder->add($FileZip['PATH_COURSE'].$_course['directory']."/document".$rows_course_file['path'], $zip_folder->add($FileZip['PATH_COURSE'].$_course['directory']."/document".$rows_course_file['path'],
@ -206,7 +206,7 @@ function fullexportspecial(){
$sql_session = "SELECT id, name, course_code FROM $tbl_session_course $sql_session = "SELECT id, name, course_code FROM $tbl_session_course
INNER JOIN $tbl_session ON id_session = id INNER JOIN $tbl_session ON id_session = id
WHERE course_code = '$code_course' "; WHERE course_code = '$code_course' ";
$query_session = api_sql_query($sql_session, __FILE__, __LINE__); $query_session = Database::query($sql_session, __FILE__, __LINE__);
while($rows_session = mysql_fetch_assoc($query_session)) { while($rows_session = mysql_fetch_assoc($query_session)) {
$session_id = $rows_session['id']; $session_id = $rows_session['id'];
$sql_session_doc = "SELECT path FROM $tbl_document AS docs,$tbl_property AS props $sql_session_doc = "SELECT path FROM $tbl_document AS docs,$tbl_property AS props
@ -217,7 +217,7 @@ function fullexportspecial(){
AND `docs`.`session_id` = '$session_id' AND `docs`.`session_id` = '$session_id'
AND `props`.`visibility`<>'2' AND `props`.`visibility`<>'2'
AND `props`.`to_group_id`=".$to_group_id.""; AND `props`.`to_group_id`=".$to_group_id."";
$query_session_doc = api_sql_query($sql_session_doc, __FILE__, __LINE__); $query_session_doc = Database::query($sql_session_doc, __FILE__, __LINE__);
while($rows_course_session_file = mysql_fetch_assoc($query_session_doc)) { while($rows_course_session_file = mysql_fetch_assoc($query_session_doc)) {
$zip_folder->add($FileZip['PATH_COURSE'].$_course['directory'].'/document'.$rows_course_session_file['path'], $zip_folder->add($FileZip['PATH_COURSE'].$_course['directory'].'/document'.$rows_course_session_file['path'],
PCLZIP_OPT_ADD_PATH, $_course['directory']."/".$rows_session['name'], PCLZIP_OPT_ADD_PATH, $_course['directory']."/".$rows_session['name'],

2
main/course_description/index.php
Unescape View File

@ -141,7 +141,7 @@ if (api_is_allowed_to_edit(null,true) && !is_null($description_id) || $action ==
// Delete a description block // Delete a description block
if ($action == 'delete') { if ($action == 'delete') {
$sql = "DELETE FROM $tbl_course_description WHERE id='".$description_id."'"; $sql = "DELETE FROM $tbl_course_description WHERE id='".$description_id."'";
api_sql_query($sql, __FILE__, __LINE__); Database::query($sql, __FILE__, __LINE__);
//update item_property (delete) //update item_property (delete)
api_item_property_update(api_get_course_info(), TOOL_COURSE_DESCRIPTION, Database::escape_string($description_id), 'delete', api_get_user_id()); api_item_property_update(api_get_course_info(), TOOL_COURSE_DESCRIPTION, Database::escape_string($description_id), 'delete', api_get_user_id());
Display :: display_confirmation_message(get_lang('CourseDescriptionDeleted')); Display :: display_confirmation_message(get_lang('CourseDescriptionDeleted'));

4
main/course_home/activity.php
Unescape View File

@ -521,12 +521,12 @@ function show_session_data($id_session) {
ON id_coach = user_id ON id_coach = user_id
WHERE '.$session_table.'.id='.$id_session; WHERE '.$session_table.'.id='.$id_session;
$rs = api_sql_query($sql, __FILE__, __LINE__); $rs = Database::query($sql, __FILE__, __LINE__);
$session = api_store_result($rs); $session = api_store_result($rs);
$session = $session[0]; $session = $session[0];
$sql_category = 'SELECT name FROM '.$session_category_table.' WHERE id = "'.intval($session['session_category_id']).'"'; $sql_category = 'SELECT name FROM '.$session_category_table.' WHERE id = "'.intval($session['session_category_id']).'"';
$rs_category = api_sql_query($sql_category, __FILE__, __LINE__); $rs_category = Database::query($sql_category, __FILE__, __LINE__);
$session_category = ''; $session_category = '';
if (mysql_num_rows($rs_category) > 0) { if (mysql_num_rows($rs_category) > 0) {
$rows_session_category = api_store_result($rs_category); $rows_session_category = api_store_result($rs_category);

10
main/coursecopy/classes/CourseBuilder.class.php
Unescape View File

@ -243,7 +243,7 @@ class CourseBuilder
$sql = "SELECT * FROM $table l, $table_prop p WHERE p.ref=l.id AND p.tool = '".TOOL_LINK."' AND p.visibility != 2 ORDER BY l.display_order"; $sql = "SELECT * FROM $table l, $table_prop p WHERE p.ref=l.id AND p.tool = '".TOOL_LINK."' AND p.visibility != 2 ORDER BY l.display_order";
} }
$db_result = api_sql_query($sql, __FILE__, __LINE__); $db_result = Database::query($sql, __FILE__, __LINE__);
while ($obj = Database::fetch_object($db_result)) while ($obj = Database::fetch_object($db_result))
{ {
$link = new Link($obj->id, $obj->title, $obj->url, $obj->description, $obj->category_id, $obj->on_homepage); $link = new Link($obj->id, $obj->title, $obj->url, $obj->description, $obj->category_id, $obj->on_homepage);
@ -316,7 +316,7 @@ class CourseBuilder
$sql = 'SELECT * FROM '.$table_qui.' WHERE active >=0'; //select only quizzes with active = 0 or 1 (not -1 which is for deleted quizzes) $sql = 'SELECT * FROM '.$table_qui.' WHERE active >=0'; //select only quizzes with active = 0 or 1 (not -1 which is for deleted quizzes)
} }
$db_result = api_sql_query($sql, __FILE__, __LINE__); $db_result = Database::query($sql, __FILE__, __LINE__);
while ($obj = Database::fetch_object($db_result)) while ($obj = Database::fetch_object($db_result))
{ {
if (strlen($obj->sound) > 0) if (strlen($obj->sound) > 0)
@ -555,7 +555,7 @@ class CourseBuilder
$sql = 'SELECT * FROM '.$table_main; $sql = 'SELECT * FROM '.$table_main;
} }
$db_result = api_sql_query($sql, __FILE__, __LINE__); $db_result = Database::query($sql, __FILE__, __LINE__);
while ($obj = Database::fetch_object($db_result)) while ($obj = Database::fetch_object($db_result))
{ {
@ -657,7 +657,7 @@ class CourseBuilder
} }
} }
$db_result = api_sql_query($sql, __FILE__, __LINE__); $db_result = Database::query($sql, __FILE__, __LINE__);
while ($obj = Database::fetch_object($db_result)) while ($obj = Database::fetch_object($db_result))
{ {
$doc = new Glossary($obj->glossary_id, $obj->name, $obj->description, $obj->display_order); $doc = new Glossary($obj->glossary_id, $obj->name, $obj->description, $obj->display_order);
@ -684,7 +684,7 @@ class CourseBuilder
$sql_session = "SELECT id, name, course_code FROM $tbl_session_course $sql_session = "SELECT id, name, course_code FROM $tbl_session_course
INNER JOIN $tbl_session ON id_session = id INNER JOIN $tbl_session ON id_session = id
WHERE course_code = '$code_course' "; WHERE course_code = '$code_course' ";
$query_session = api_sql_query($sql_session, __FILE__, __LINE__); $query_session = Database::query($sql_session, __FILE__, __LINE__);
while($rows_session = mysql_fetch_assoc($query_session)) { while($rows_session = mysql_fetch_assoc($query_session)) {
$session = new CourseSession($rows_session['id'], $rows_session['name']); $session = new CourseSession($rows_session['id'], $rows_session['name']);
$this->course->add_resource($session); $this->course->add_resource($session);

2
main/coursecopy/classes/CourseRestorer.class.php
Unescape View File

@ -328,7 +328,7 @@ class CourseRestorer
} else { } else {
copy($this->course->backup_path.'/'.$document->path, $path.$new_file_name); copy($this->course->backup_path.'/'.$document->path, $path.$new_file_name);
$sql = "INSERT INTO ".$table." SET path = '/".Database::escape_string(substr($new_file_name, 9))."', comment = '".Database::escape_string($document->comment)."', title = '".Database::escape_string($document->title)."' ,filetype='".$document->file_type."', size= '".$document->size."'"; $sql = "INSERT INTO ".$table." SET path = '/".Database::escape_string(substr($new_file_name, 9))."', comment = '".Database::escape_string($document->comment)."', title = '".Database::escape_string($document->title)."' ,filetype='".$document->file_type."', size= '".$document->size."'";
api_sql_query($sql, __FILE__, __LINE__); Database::query($sql, __FILE__, __LINE__);
$this->course->resources[RESOURCE_DOCUMENT][$id]->destination_id = Database::get_last_insert_id(); $this->course->resources[RESOURCE_DOCUMENT][$id]->destination_id = Database::get_last_insert_id();
} }
break; break;

8
main/coursecopy/copy_course_session.php
Unescape View File

@ -144,7 +144,7 @@ function search_courses($id_session,$type) {
FROM $tbl_course c, $tbl_session_rel_course src FROM $tbl_course c, $tbl_session_rel_course src
WHERE src.course_code = c.code WHERE src.course_code = c.code
AND src.id_session = '".intval($id_session)."'"; AND src.id_session = '".intval($id_session)."'";
$rs = api_sql_query($sql, __FILE__, __LINE__); $rs = Database::query($sql, __FILE__, __LINE__);
$course_list = array(); $course_list = array();
@ -170,7 +170,7 @@ function search_courses($id_session,$type) {
FROM $session_table s , $session_category_table sc FROM $session_table s , $session_category_table sc
WHERE s.session_category_id = sc.id AND s.id NOT IN('$id_session')"; WHERE s.session_category_id = sc.id AND s.id NOT IN('$id_session')";
$rs_select_destination = api_sql_query($sql, __FILE__, __LINE__); $rs_select_destination = Database::query($sql, __FILE__, __LINE__);
$select_destination .= '<select name="sessions_list_destination" onchange = "xajax_search_courses(this.value,\'destination\')">'; $select_destination .= '<select name="sessions_list_destination" onchange = "xajax_search_courses(this.value,\'destination\')">';
$select_destination .= '<option value = "0">'.get_lang('SelectASession').'</option>'; $select_destination .= '<option value = "0">'.get_lang('SelectASession').'</option>';
@ -205,7 +205,7 @@ function search_courses($id_session,$type) {
WHERE src.course_code = c.code WHERE src.course_code = c.code
AND src.id_session = '".intval($id_session)."' AND src.id_session = '".intval($id_session)."'
AND c.code IN ($list_courses_origin)"; AND c.code IN ($list_courses_origin)";
$rs = api_sql_query($sql, __FILE__, __LINE__); $rs = Database::query($sql, __FILE__, __LINE__);
$course_list_destination = array(); $course_list_destination = array();
$return .= '<select id="destination" name="SessionCoursesListDestination[]" multiple="multiple" size="20" style="width:320px;" onmouseover="this.disabled=true;" onmouseout="this.disabled=false;">'; $return .= '<select id="destination" name="SessionCoursesListDestination[]" multiple="multiple" size="20" style="width:320px;" onmouseover="this.disabled=true;" onmouseout="this.disabled=false;">';
@ -225,7 +225,7 @@ function search_courses($id_session,$type) {
FROM $tbl_course c, $tbl_session_rel_course src FROM $tbl_course c, $tbl_session_rel_course src
WHERE src.course_code = c.code WHERE src.course_code = c.code
AND src.id_session = '".intval($session_origin)."'"; AND src.id_session = '".intval($session_origin)."'";
$result = api_sql_query($sql, __FILE__, __LINE__); $result = Database::query($sql, __FILE__, __LINE__);
$return_option_disabled = '<select id="origin" name="SessionCoursesListOrigin[]" multiple="multiple" size="20" style="width:320px;" onclick="checkSelected(this.id,\'copy_option_2\',\'title_option2\',\'destination\')">'; $return_option_disabled = '<select id="origin" name="SessionCoursesListOrigin[]" multiple="multiple" size="20" style="width:320px;" onclick="checkSelected(this.id,\'copy_option_2\',\'title_option2\',\'destination\')">';
while($cours = Database :: fetch_array($result)) { while($cours = Database :: fetch_array($result)) {

2
main/exercice/exercice_submit.php
Unescape View File

@ -630,7 +630,7 @@ if ($formSent) {
if ($exe_id != '') { if ($exe_id != '') {
//clean incomplete //clean incomplete
$update_query = 'UPDATE ' . $stat_table . ' SET ' . "status = '', data_tracking='', exe_date = '" . date('Y-m-d H:i:s') . "'" . ' WHERE exe_id = ' . Database::escape_string($exe_id); $update_query = 'UPDATE ' . $stat_table . ' SET ' . "status = '', data_tracking='', exe_date = '" . date('Y-m-d H:i:s') . "'" . ' WHERE exe_id = ' . Database::escape_string($exe_id);
api_sql_query($update_query, __FILE__, __LINE__); Database::query($update_query, __FILE__, __LINE__);
} }
header("Location: exercise_show.php?id=$exe_id&exerciseType=$exerciseType&origin=$origin&learnpath_id=$learnpath_id&learnpath_item_id=$learnpath_item_id"); header("Location: exercise_show.php?id=$exe_id&exerciseType=$exerciseType&origin=$origin&learnpath_id=$learnpath_id&learnpath_item_id=$learnpath_item_id");
} }

4
main/glossary/index.php
Unescape View File

@ -161,7 +161,7 @@ function save_glossary($values)
'".(int)($max_glossary_item + 1)."', '".(int)($max_glossary_item + 1)."',
'".Database::escape_string($session_id)."' '".Database::escape_string($session_id)."'
)"; )";
$result = api_sql_query($sql, __FILE__, __LINE__); $result = Database::query($sql, __FILE__, __LINE__);
$id = Database::get_last_insert_id(); $id = Database::get_last_insert_id();
if ($id>0) { if ($id>0) {
//insert into item_property //insert into item_property
@ -431,7 +431,7 @@ function get_glossary_data($from, $number_of_items, $column, $direction)
$sql .= " ORDER BY col$column $direction "; $sql .= " ORDER BY col$column $direction ";
$sql .= " LIMIT $from,$number_of_items"; $sql .= " LIMIT $from,$number_of_items";
$res = api_sql_query($sql, __FILE__, __LINE__); $res = Database::query($sql, __FILE__, __LINE__);
$return = array(); $return = array();
$array = array(); $array = array();

4
main/inc/lib/add_course.lib.inc.php
Unescape View File

@ -633,7 +633,7 @@ function update_Db_course($courseDbName)
)"; )";
Database::query($sql, __FILE__, __LINE__); Database::query($sql, __FILE__, __LINE__);
$sql = "ALTER TABLE `".$TABLEQUIZ . "` ADD INDEX ( session_id ) "; $sql = "ALTER TABLE `".$TABLEQUIZ . "` ADD INDEX ( session_id ) ";
api_sql_query($sql, __FILE__, __LINE__); Database::query($sql, __FILE__, __LINE__);
// Exercise tool - questions // Exercise tool - questions
$sql = " $sql = "
@ -2185,7 +2185,7 @@ function fill_Db_course($courseDbName, $courseRepository, $language,$default_doc
$add_wikipedia_link_sql = " INSERT INTO `".$TABLETOOLLINK . "` (url, title, description, category_id, display_order, on_homepage, target) $add_wikipedia_link_sql = " INSERT INTO `".$TABLETOOLLINK . "` (url, title, description, category_id, display_order, on_homepage, target)
VALUES ('http://www.wikipedia.org','Wikipedia','".lang2db(get_lang('Wikipedia')) . "','0','1','0','_self')"; VALUES ('http://www.wikipedia.org','Wikipedia','".lang2db(get_lang('Wikipedia')) . "','0','1','0','_self')";
api_sql_query($add_wikipedia_link_sql, __FILE__, __LINE__); Database::query($add_wikipedia_link_sql, __FILE__, __LINE__);
//we need to add the item properties too! //we need to add the item properties too!
$insert_id = Database :: get_last_insert_id(); $insert_id = Database :: get_last_insert_id();
$sql = "INSERT INTO `".$TABLEITEMPROPERTY . "` (tool,insert_user_id,insert_date,lastedit_date,ref,lastedit_type,lastedit_user_id,to_group_id,to_user_id,visibility) VALUES ('" . TOOL_LINK . "',1,NOW(),NOW(),$insert_id,'LinkAdded',1,0,NULL,1)"; $sql = "INSERT INTO `".$TABLEITEMPROPERTY . "` (tool,insert_user_id,insert_date,lastedit_date,ref,lastedit_type,lastedit_user_id,to_group_id,to_user_id,visibility) VALUES ('" . TOOL_LINK . "',1,NOW(),NOW(),$insert_id,'LinkAdded',1,0,NULL,1)";

6
main/inc/lib/course.lib.php
Unescape View File

@ -871,18 +871,18 @@ class CourseManager {
$sql = 'SELECT 1 FROM '.Database :: get_main_table(TABLE_MAIN_SESSION_COURSE_USER).' $sql = 'SELECT 1 FROM '.Database :: get_main_table(TABLE_MAIN_SESSION_COURSE_USER).'
WHERE id_user = '.$user_id.' AND course_code="'.$course_code.'"'; WHERE id_user = '.$user_id.' AND course_code="'.$course_code.'"';
$rs = api_sql_query($sql, __FILE__, __LINE__); $rs = Database::query($sql, __FILE__, __LINE__);
if (Database::num_rows($rs)>0) { if (Database::num_rows($rs)>0) {
return true; return true;
} else { } else {
$sql = 'SELECT 1 FROM '.Database :: get_main_table(TABLE_MAIN_SESSION_COURSE).' $sql = 'SELECT 1 FROM '.Database :: get_main_table(TABLE_MAIN_SESSION_COURSE).'
WHERE id_coach = '.$user_id.' AND course_code="'.$course_code.'"'; WHERE id_coach = '.$user_id.' AND course_code="'.$course_code.'"';
$rs = api_sql_query($sql, __FILE__, __LINE__); $rs = Database::query($sql, __FILE__, __LINE__);
if (Database::num_rows($rs)>0) { if (Database::num_rows($rs)>0) {
return true; return true;
} else { } else {
$sql = 'SELECT 1 FROM '.Database::get_main_table(TABLE_MAIN_SESSION).' WHERE id='.intval($_SESSION['id_session']).' AND id_coach='.$user_id; $sql = 'SELECT 1 FROM '.Database::get_main_table(TABLE_MAIN_SESSION).' WHERE id='.intval($_SESSION['id_session']).' AND id_coach='.$user_id;
$rs = api_sql_query($sql, __FILE__, __LINE__); $rs = Database::query($sql, __FILE__, __LINE__);
if (Database::num_rows($rs)>0) { if (Database::num_rows($rs)>0) {
return true; return true;
} }

2
main/inc/lib/fileUpload.lib.php
Unescape View File

@ -1163,7 +1163,7 @@ function add_document($_course,$path,$filetype,$filesize,$title,$comment=NULL, $
(`path`, `filetype`, `size`, `title`, `comment`, `readonly`, `session_id`) (`path`, `filetype`, `size`, `title`, `comment`, `readonly`, `session_id`)
VALUES ('$path','$filetype','$filesize','". VALUES ('$path','$filetype','$filesize','".
Database::escape_string(htmlspecialchars($title, ENT_QUOTES, $charset))."', '$comment', $readonly, $session_id)"; Database::escape_string(htmlspecialchars($title, ENT_QUOTES, $charset))."', '$comment', $readonly, $session_id)";
if(api_sql_query($sql,__FILE__,__LINE__)) if(Database::query($sql,__FILE__,__LINE__))
{ {
//display_message("Added to database (id ".mysql_insert_id().")!"); //display_message("Added to database (id ".mysql_insert_id().")!");
return Database::insert_id(); return Database::insert_id();

10
main/inc/lib/main_api.lib.php
Unescape View File

@ -1425,7 +1425,7 @@ function api_get_session_info($session_id) {
$sesion_id = intval(Database::escape_string($session_id)); $sesion_id = intval(Database::escape_string($session_id));
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION); $tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$sql = "SELECT * FROM $tbl_session WHERE id = $session_id"; $sql = "SELECT * FROM $tbl_session WHERE id = $session_id";
$result = api_sql_query($sql,__FILE__,__LINE__); $result = Database::query($sql,__FILE__,__LINE__);
if (Database::num_rows($result)>0) { if (Database::num_rows($result)>0) {
$data = Database::fetch_array($result, 'ASSOC'); $data = Database::fetch_array($result, 'ASSOC');
@ -1457,7 +1457,7 @@ function api_get_session_visibility($session_id) {
$sql = "SELECT visibility FROM $tbl_session $sql = "SELECT visibility FROM $tbl_session
WHERE id = $session_id $condition_date_end "; // session is old and is not unlimited WHERE id = $session_id $condition_date_end "; // session is old and is not unlimited
$result = api_sql_query($sql,__FILE__,__LINE__); $result = Database::query($sql,__FILE__,__LINE__);
if (Database::num_rows($result)>0) { if (Database::num_rows($result)>0) {
$row = Database::fetch_array($result, 'ASSOC'); $row = Database::fetch_array($result, 'ASSOC');
@ -1483,7 +1483,7 @@ function api_get_session_visibility_by_user($session_id,$course_code, $user_id)
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION_REL_COURSE_REL_USER); $tbl_session = Database::get_main_table(TABLE_MAIN_SESSION_REL_COURSE_REL_USER);
$sql = "SELECT visibility FROM $tbl_session $sql = "SELECT visibility FROM $tbl_session
WHERE id_session = $session_id AND id_user = $user_id AND course_code = '$course_code'"; // session old WHERE id_session = $session_id AND id_user = $user_id AND course_code = '$course_code'"; // session old
$result = api_sql_query($sql,__FILE__,__LINE__); $result = Database::query($sql,__FILE__,__LINE__);
if (Database::num_rows($result)>0) { if (Database::num_rows($result)>0) {
$row = Database::fetch_array($result, 'ASSOC'); $row = Database::fetch_array($result, 'ASSOC');
$visibility = $row['visibility']; $visibility = $row['visibility'];
@ -1685,7 +1685,7 @@ function api_is_coach($session_id = 0, $course_code = '') {
WHERE session_rc_ru.course_code = '$course_code' AND session_rc_ru.status = 2 AND session_rc_ru.id_session = '$session_id' WHERE session_rc_ru.course_code = '$course_code' AND session_rc_ru.status = 2 AND session_rc_ru.id_session = '$session_id'
ORDER BY date_start, date_end, name"; ORDER BY date_start, date_end, name";
$result = api_sql_query($sql,__FILE__,__LINE__); $result = Database::query($sql,__FILE__,__LINE__);
$sessionIsCoach = api_store_result($result); $sessionIsCoach = api_store_result($result);
$sql = "SELECT DISTINCT id, name, date_start, date_end $sql = "SELECT DISTINCT id, name, date_start, date_end
@ -1694,7 +1694,7 @@ function api_is_coach($session_id = 0, $course_code = '') {
AND id = '$session_id' AND id = '$session_id'
ORDER BY date_start, date_end, name"; ORDER BY date_start, date_end, name";
$result = api_sql_query($sql,__FILE__,__LINE__); $result = Database::query($sql,__FILE__,__LINE__);
$sessionIsCoach = array_merge($sessionIsCoach , api_store_result($result)); $sessionIsCoach = array_merge($sessionIsCoach , api_store_result($result));
return (count($sessionIsCoach) > 0); return (count($sessionIsCoach) > 0);

20
main/inc/lib/sessionmanager.lib.php
Unescape View File

@ -258,7 +258,7 @@ class SessionManager {
/* /*
$sql = "SELECT distinct field_id FROM $t_sfv WHERE session_id = '$id_checked'"; $sql = "SELECT distinct field_id FROM $t_sfv WHERE session_id = '$id_checked'";
$res_field_ids = @api_sql_query($sql,__FILE__,__LINE__); $res_field_ids = @Database::query($sql,__FILE__,__LINE__);
if (Database::num_rows($res_field_ids) > 0) { if (Database::num_rows($res_field_ids) > 0) {
while($row_field_id = Database::fetch_row($res_field_ids)){ while($row_field_id = Database::fetch_row($res_field_ids)){
@ -269,10 +269,10 @@ class SessionManager {
//delete from table_session_field_value from a given session id //delete from table_session_field_value from a given session id
$sql_session_field_value = "DELETE FROM $t_sfv WHERE session_id = '$id_checked'"; $sql_session_field_value = "DELETE FROM $t_sfv WHERE session_id = '$id_checked'";
@api_sql_query($sql_session_field_value,__FILE__,__LINE__); @Database::query($sql_session_field_value,__FILE__,__LINE__);
$sql = "SELECT distinct field_id FROM $t_sfv"; $sql = "SELECT distinct field_id FROM $t_sfv";
$res_field_all_ids = @api_sql_query($sql,__FILE__,__LINE__); $res_field_all_ids = @Database::query($sql,__FILE__,__LINE__);
if (Database::num_rows($res_field_all_ids) > 0) { if (Database::num_rows($res_field_all_ids) > 0) {
while($row_field_all_id = Database::fetch_row($res_field_all_ids)){ while($row_field_all_id = Database::fetch_row($res_field_all_ids)){
@ -287,7 +287,7 @@ class SessionManager {
continue; continue;
} else { } else {
$sql_session_field = "DELETE FROM $t_sf WHERE id = '$field_id'"; $sql_session_field = "DELETE FROM $t_sf WHERE id = '$field_id'";
api_sql_query($sql_session_field,__FILE__,__LINE__); Database::query($sql_session_field,__FILE__,__LINE__);
} }
} }
} }
@ -321,7 +321,7 @@ class SessionManager {
if (empty($visibility)) { if (empty($visibility)) {
$sql = "SELECT visibility FROM $tbl_session WHERE id_session='$id_session'"; $sql = "SELECT visibility FROM $tbl_session WHERE id_session='$id_session'";
$result = api_sql_query($sql,__FILE__,__LINE__); $result = Database::query($sql,__FILE__,__LINE__);
$row = Database::fetch_array($result); $row = Database::fetch_array($result);
$visibility = $row['visibility']; $visibility = $row['visibility'];
if (empty($visibility)) if (empty($visibility))
@ -630,7 +630,7 @@ class SessionManager {
public static function get_session_by_name ($session_name) { public static function get_session_by_name ($session_name) {
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION); $tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$sql = 'SELECT id, id_coach, date_start, date_end FROM '.$tbl_session.' WHERE name="'.Database::escape_string($session_name).'"'; $sql = 'SELECT id, id_coach, date_start, date_end FROM '.$tbl_session.' WHERE name="'.Database::escape_string($session_name).'"';
$result = api_sql_query($sql, __FILE__, __LINE__); $result = Database::query($sql, __FILE__, __LINE__);
$num = Database::num_rows($result); $num = Database::num_rows($result);
if ($num>0){ if ($num>0){
return Database::fetch_array($result); return Database::fetch_array($result);
@ -678,7 +678,7 @@ class SessionManager {
return $msg; return $msg;
} else { } else {
$sql = "INSERT INTO $tbl_session_category(name, date_start, date_end) VALUES('".Database::escape_string($name)."','$date_start','$date_end')"; $sql = "INSERT INTO $tbl_session_category(name, date_start, date_end) VALUES('".Database::escape_string($name)."','$date_start','$date_end')";
api_sql_query($sql ,__FILE__,__LINE__); Database::query($sql ,__FILE__,__LINE__);
$id_session=Database::get_last_insert_id(); $id_session=Database::get_last_insert_id();
// add event to system log // add event to system log
$time = time(); $time = time();
@ -730,7 +730,7 @@ class SessionManager {
} else { } else {
$sql = "UPDATE $tbl_session_category SET name = '".Database::escape_string($name)."', date_start = '$date_start', date_end = '$date_end' $sql = "UPDATE $tbl_session_category SET name = '".Database::escape_string($name)."', date_start = '$date_start', date_end = '$date_end'
WHERE id= '".$id."' "; WHERE id= '".$id."' ";
$result = api_sql_query($sql, __FILE__,__LINE__); $result = Database::query($sql, __FILE__,__LINE__);
return ($result? true:false); return ($result? true:false);
} }
} }
@ -753,7 +753,7 @@ class SessionManager {
$id_checked=intval($id_checked); $id_checked=intval($id_checked);
} }
$sql = "SELECT id FROM $tbl_session WHERE session_category_id IN (".$id_checked.")"; $sql = "SELECT id FROM $tbl_session WHERE session_category_id IN (".$id_checked.")";
$result = @api_sql_query($sql,__FILE__,__LINE__); $result = @Database::query($sql,__FILE__,__LINE__);
while ($rows = Database::fetch_array($result)) { while ($rows = Database::fetch_array($result)) {
$session_id = $rows['id']; $session_id = $rows['id'];
if($delete_session == true){ if($delete_session == true){
@ -765,7 +765,7 @@ class SessionManager {
} }
} }
$sql = "DELETE FROM $tbl_session_category WHERE id IN (".$id_checked.")"; $sql = "DELETE FROM $tbl_session_category WHERE id IN (".$id_checked.")";
$rs = @api_sql_query($sql,__FILE__,__LINE__); $rs = @Database::query($sql,__FILE__,__LINE__);
$result = Database::affected_rows(); $result = Database::affected_rows();
// add event to system log // add event to system log

6
main/inc/lib/usermanager.lib.php
Unescape View File

@ -1643,7 +1643,7 @@ class UserManager {
WHERE id_session=id AND id_user=$user_id WHERE id_session=id AND id_user=$user_id
AND (date_start <= CURDATE() AND date_end >= CURDATE() OR date_start='0000-00-00') AND (date_start <= CURDATE() AND date_end >= CURDATE() OR date_start='0000-00-00')
ORDER BY date_start, date_end, name"; ORDER BY date_start, date_end, name";
$result = api_sql_query($sessions_sql,__FILE__,__LINE__); $result = Database::query($sessions_sql,__FILE__,__LINE__);
$sessions=api_store_result($result); $sessions=api_store_result($result);
$sessions = array_merge($sessions , api_store_result($result)); $sessions = array_merge($sessions , api_store_result($result));
@ -1654,7 +1654,7 @@ class UserManager {
WHERE id_session=id AND id_user=$user_id WHERE id_session=id AND id_user=$user_id
AND (date_end <= CURDATE() AND date_end<>'0000-00-00') AND (visibility = ".SESSION_VISIBLE_READ_ONLY." || visibility = ".SESSION_VISIBLE.") AND (date_end <= CURDATE() AND date_end<>'0000-00-00') AND (visibility = ".SESSION_VISIBLE_READ_ONLY." || visibility = ".SESSION_VISIBLE.")
ORDER BY date_start, date_end, name"; ORDER BY date_start, date_end, name";
$result_out_date = api_sql_query($sessions_out_date_sql,__FILE__,__LINE__); $result_out_date = Database::query($sessions_out_date_sql,__FILE__,__LINE__);
$sessions_out_date=api_store_result($result_out_date); $sessions_out_date=api_store_result($result_out_date);
$sessions = array_merge($sessions , $sessions_out_date); $sessions = array_merge($sessions , $sessions_out_date);
@ -1738,7 +1738,7 @@ class UserManager {
LEFT JOIN $tbl_user as user ON user.user_id = session_course.id_coach LEFT JOIN $tbl_user as user ON user.user_id = session_course.id_coach
WHERE session_course_user.id_user = $user_id ORDER BY i"; WHERE session_course_user.id_user = $user_id ORDER BY i";
$course_list_sql_result = api_sql_query($personal_course_list_sql, __FILE__, __LINE__); $course_list_sql_result = Database::query($personal_course_list_sql, __FILE__, __LINE__);
while ($result_row = Database::fetch_array($course_list_sql_result)) { while ($result_row = Database::fetch_array($course_list_sql_result)) {
$key = $result_row['id_session'].' - '.$result_row['k']; $key = $result_row['id_session'].' - '.$result_row['k'];

2
main/inc/local.inc.php
Unescape View File

@ -980,7 +980,7 @@ if ((isset($uidReset) && $uidReset) || (isset($cidReset) && $cidReset)) { // ses
AND id_session = '".api_get_session_id()."' AND id_session = '".api_get_session_id()."'
AND status = 2"; AND status = 2";
$result = api_sql_query($sql,__FILE__,__LINE__); $result = Database::query($sql,__FILE__,__LINE__);
if ($row = Database::fetch_array($result)) { if ($row = Database::fetch_array($result)) {
$_courseUser['role'] = 'Professor'; $_courseUser['role'] = 'Professor';
$is_courseMember = true; $is_courseMember = true;

2
main/link/link.php
Unescape View File

@ -274,7 +274,7 @@ if(api_get_setting('search_enabled')=='true') {
$sqlcategories = "SELECT * FROM ".$tbl_categories." $condition_session ORDER BY display_order DESC"; $sqlcategories = "SELECT * FROM ".$tbl_categories." $condition_session ORDER BY display_order DESC";
$resultcategories = api_sql_query($sqlcategories,__FILE__,__LINE__); $resultcategories = Database::query($sqlcategories,__FILE__,__LINE__);
if (Database::num_rows($resultcategories)) { if (Database::num_rows($resultcategories)) {
echo ' <div class="row"> echo ' <div class="row">

2
main/survey/survey.lib.php
Unescape View File

@ -4672,7 +4672,7 @@ class SurveyUtil {
$sql .= " GROUP BY survey.survey_id"; $sql .= " GROUP BY survey.survey_id";
$sql .= " ORDER BY col$column $direction "; $sql .= " ORDER BY col$column $direction ";
$sql .= " LIMIT $from,$number_of_items"; $sql .= " LIMIT $from,$number_of_items";
$res = api_sql_query($sql, __FILE__, __LINE__); $res = Database::query($sql, __FILE__, __LINE__);
$surveys = array(); $surveys = array();
$array = array(); $array = array();
while ($survey = Database::fetch_array($res)) { while ($survey = Database::fetch_array($res)) {

8
main/tracking/courseLog.php
Unescape View File

@ -151,7 +151,7 @@ function count_item_resources() {
} }
$sql .= " AND tool IN ('document', 'learnpath', 'quiz', 'glossary', 'link', 'course_description')"; $sql .= " AND tool IN ('document', 'learnpath', 'quiz', 'glossary', 'link', 'course_description')";
$res = api_sql_query($sql, __FILE__, __LINE__); $res = Database::query($sql, __FILE__, __LINE__);
$obj = Database::fetch_object($res); $obj = Database::fetch_object($res);
return $obj->total_number_of_items; return $obj->total_number_of_items;
} }
@ -189,7 +189,7 @@ function get_item_resources_data($from, $number_of_items, $column, $direction) {
$sql .= " LIMIT $from, $number_of_items "; $sql .= " LIMIT $from, $number_of_items ";
$res = api_sql_query($sql, __FILE__, __LINE__) or die(mysql_error()); $res = Database::query($sql, __FILE__, __LINE__) or die(mysql_error());
$resources = array (); $resources = array ();
while ($row = Database::fetch_array($res)) { while ($row = Database::fetch_array($res)) {
@ -199,7 +199,7 @@ function get_item_resources_data($from, $number_of_items, $column, $direction) {
$id = $table_name['id_tool']; $id = $table_name['id_tool'];
$query = "SELECT session.id, session.name, user.username FROM $table_tool tool, $table_session session, $table_user user" . $query = "SELECT session.id, session.name, user.username FROM $table_tool tool, $table_session session, $table_user user" .
" WHERE tool.session_id = session.id AND session.id_coach = user.user_id AND tool.$id = $ref"; " WHERE tool.session_id = session.id AND session.id_coach = user.user_id AND tool.$id = $ref";
$recorset = api_sql_query($query, __FILE__, __LINE__); $recorset = Database::query($query, __FILE__, __LINE__);
if (!empty($recorset)) { if (!empty($recorset)) {
@ -230,7 +230,7 @@ function get_item_resources_data($from, $number_of_items, $column, $direction) {
$condition = 'tool.title as title'; $condition = 'tool.title as title';
$query_document = "SELECT $condition FROM $table_tool tool" . $query_document = "SELECT $condition FROM $table_tool tool" .
" WHERE id = $ref"; " WHERE id = $ref";
$rs_document = api_sql_query($query_document, __FILE__, __LINE__) or die(mysql_error()); $rs_document = Database::query($query_document, __FILE__, __LINE__) or die(mysql_error());
$obj_document = Database::fetch_object($rs_document); $obj_document = Database::fetch_object($rs_document);
$row[4] = $obj_document->title; $row[4] = $obj_document->title;
} }

78
main/wiki/index.php
Unescape View File

@ -427,23 +427,24 @@ echo '<td>';
echo '<li><a href="index.php?cidReq='.$_course[id].'&action=addnew&group_id='.$_clean['group_id'].'"'.is_active_navigation_tab('addnew').'>'.get_lang('AddNew').'</a> '; echo '<li><a href="index.php?cidReq='.$_course[id].'&action=addnew&group_id='.$_clean['group_id'].'"'.is_active_navigation_tab('addnew').'>'.get_lang('AddNew').'</a> ';
} }
// page action: enable or disable the adding of new pages
if (check_addnewpagelock())
{
if(api_is_allowed_to_edit(false,true) || api_is_platform_admin()) if(api_is_allowed_to_edit(false,true) || api_is_platform_admin())
{ {
// page action: enable or disable the adding of new pages
if (check_addnewpagelock()==1)
{
$protect_addnewpage= '<img src="../img/wiki/lockadd.gif" title="'.get_lang('AddOptionProtected').'" alt="'.get_lang('AddOptionProtected').'" width="8" height="8" />'; $protect_addnewpage= '<img src="../img/wiki/lockadd.gif" title="'.get_lang('AddOptionProtected').'" alt="'.get_lang('AddOptionProtected').'" width="8" height="8" />';
} $lock_unlock_addnew='unlockaddnew';
} }
else else
{
if(api_is_allowed_to_edit(false,true) || api_is_platform_admin())
{ {
$protect_addnewpage= '<img src="../img/wiki/unlockadd.gif" title="'.get_lang('AddOptionUnprotected').'" alt="'.get_lang('AddOptionUnprotected').'" width="8" height="8" />'; $protect_addnewpage= '<img src="../img/wiki/unlockadd.gif" title="'.get_lang('AddOptionUnprotected').'" alt="'.get_lang('AddOptionUnprotected').'" width="8" height="8" />';
$lock_unlock_addnew='lockaddnew';
} }
} }
echo '<a href="index.php?action=show&amp;actionpage=addlock&amp;title='.$page.'">'.$protect_addnewpage.'</a></li>'; echo '<a href="index.php?action=show&amp;actionpage='.$lock_unlock_addnew.'&amp;title='.$page.'">'.$protect_addnewpage.'</a></li>';
///menu find ///menu find
echo '<li><a href="index.php?cidReq='.$_course[id].'&action=searchpages&group_id='.$_clean['group_id'].'"'.is_active_navigation_tab('searchpages').'>'.get_lang('SearchPages').'</a></li>'; echo '<li><a href="index.php?cidReq='.$_course[id].'&action=searchpages&group_id='.$_clean['group_id'].'"'.is_active_navigation_tab('searchpages').'>'.get_lang('SearchPages').'</a></li>';
@ -1197,7 +1198,7 @@ if ($_GET['action']=='addnew')
} }
} }
elseif (check_addnewpagelock() && (api_is_allowed_to_edit(false,true)==false || api_is_platform_admin()==false)) elseif (check_addnewpagelock()==1 && (api_is_allowed_to_edit(false,true)==false || api_is_platform_admin()==false))
{ {
Display::display_error_message(get_lang('AddPagesLocked')); Display::display_error_message(get_lang('AddPagesLocked'));
} }
@ -2130,69 +2131,68 @@ if ($_GET['action']=='discuss')
echo '<div id="wikititle">'; echo '<div id="wikititle">';
// discussion action: protecting (locking) the discussion // discussion action: protecting (locking) the discussion
if (check_addlock_discuss())
{
if(api_is_allowed_to_edit(false,true) || api_is_platform_admin()) if(api_is_allowed_to_edit(false,true) || api_is_platform_admin())
{ {
$addlock_disc= '<img src="../img/wiki/lock.gif" title="'.get_lang('LockDiscussExtra').'" alt="'.get_lang('LockDiscussExtra').'" />'; if (check_addlock_discuss()==1)
}
else
{ {
$addlock_disc= '<img src="../img/wiki/lock.gif" title="'.get_lang('LockDiscussExtra').'" alt="'.get_lang('LockDiscussExtra').'" />'; $addlock_disc= '<img src="../img/wiki/unlock.gif" title="'.get_lang('UnlockDiscussExtra').'" alt="'.get_lang('UnlockDiscussExtra').'" />';
$lock_unlock_disc='unlockdisc';
} }
}
else else
{ {
if(api_is_allowed_to_edit(false,true) || api_is_platform_admin()) $addlock_disc= '<img src="../img/wiki/lock.gif" title="'.get_lang('LockDiscussExtra').'" alt="'.get_lang('LockDiscussExtra').'" />';
{ $lock_unlock_disc='lockdisc';
$addlock_disc= '<img src="../img/wiki/unlock.gif" title="'.get_lang('UnlockDiscussExtra').'" alt="'.get_lang('UnlockDiscussExtra').'" />';
} }
} }
echo '<span style="float:right">'; echo '<span style="float:right">';
echo '<a href="index.php?action=discuss&amp;actionpage=addlock_disc&amp;title='.$page.'">'.$addlock_disc.'</a>'; echo '<a href="index.php?action=discuss&amp;actionpage='.$lock_unlock_disc.'&amp;title='.$page.'">'.$addlock_disc.'</a>';
echo '</span>'; echo '</span>';
// discussion action: visibility. Show discussion to students if isn't hidden. Show page to all teachers if is hidden. // discussion action: visibility. Show discussion to students if isn't hidden. Show page to all teachers if is hidden.
if (check_visibility_discuss())
if(api_is_allowed_to_edit(false,true) || api_is_platform_admin())
{ {
//Mode assignments: If is hidden, show pages to student only if student is the author if (check_visibility_discuss()==1)
if(($row['assignment']==2 && $row['visibility_disc']==0 && (api_get_user_id()==$row['user_id']))==false)
{ {
$visibility_disc= '<img src="../img/wiki/invisible.gif" title="'.get_lang('HideDiscussExtra').'" alt="'.get_lang('HideDiscussExtra').'" />'; /// TODO: Fix Mode assignments: If is hidden, show discussion to student only if student is the author
} //if(($row['assignment']==2 && $row['visibility_disc']==0 && (api_get_user_id()==$row['user_id']))==false)
//{
//$visibility_disc= '<img src="../img/wiki/invisible.gif" title="'.get_lang('HideDiscussExtra').'" alt="'.get_lang('HideDiscussExtra').'" />';
//}
$visibility_disc= '<img src="../img/wiki/visible.gif" title="'.get_lang('ShowDiscussExtra').'" alt="'.get_lang('ShowDiscussExtra').'" />';
$hide_show_disc='hidedisc';
} }
else else
{ {
if(api_is_allowed_to_edit(false,true) || api_is_platform_admin()) $visibility_disc= '<img src="../img/wiki/invisible.gif" title="'.get_lang('HideDiscussExtra').'" alt="'.get_lang('HideDiscussExtra').'" />';
{ $hide_show_disc='showdisc';
$visibility_disc= '<img src="../img/wiki/visible.gif" title="'.get_lang('ShowDiscussExtra').'" alt="'.get_lang('ShowDiscussExtra').'" />';
} }
} }
echo '<span style="float:right">'; echo '<span style="float:right">';
echo '<a href="index.php?action=discuss&amp;actionpage=visibility_disc&amp;title='.$page.'">'.$visibility_disc.'</a>'; echo '<a href="index.php?action=discuss&amp;actionpage='.$hide_show_disc.'&amp;title='.$page.'">'.$visibility_disc.'</a>';
echo '</span>'; echo '</span>';
//discussion action: check add rating lock. Show/Hide list to rating for all student //discussion action: check add rating lock. Show/Hide list to rating for all student
if (check_ratinglock_discuss())
if(api_is_allowed_to_edit(false,true) || api_is_platform_admin())
{ {
//Mode assignment: only the teacher can assign scoring if (check_ratinglock_discuss()==1)
if(($row['assignment']==2 && $row['ratinglock_disc']==0 && (api_get_user_id()==$row['user_id']))==false)
{ {
$ratinglock_disc= '<img src="../img/wiki/rating_na.gif" title="'.get_lang('LockRatingDiscussExtra').'" alt="'.get_lang('LockRatingDiscussExtra').'" />'; $ratinglock_disc= '<img src="../img/wiki/rating.gif" title="'.get_lang('UnlockRatingDiscussExtra').'" alt="'.get_lang('UnlockRatingDiscussExtra').'" />';
} $lock_unlock_rating_disc='unlockrating';
} }
else else
{ {
if(api_is_allowed_to_edit(false,true) || api_is_platform_admin()) $ratinglock_disc= '<img src="../img/wiki/rating_na.gif" title="'.get_lang('LockRatingDiscussExtra').'" alt="'.get_lang('LockRatingDiscussExtra').'" />';
{ $lock_unlock_rating_disc='lockrating';
$ratinglock_disc= '<img src="../img/wiki/rating.gif" title="'.get_lang('UnlockRatingDiscussExtra').'" alt="'.get_lang('UnlockRatingDiscussExtra').'" />';
} }
} }
echo '<span style="float:right">'; echo '<span style="float:right">';
echo '<a href="index.php?action=discuss&amp;actionpage=ratinglock_disc&amp;title='.$page.'">'.$ratinglock_disc.'</a>'; echo '<a href="index.php?action=discuss&amp;actionpage='.$lock_unlock_rating_disc.'&amp;title='.$page.'">'.$ratinglock_disc.'</a>';
echo '</span>'; echo '</span>';
//discussion action: email notification //discussion action: email notification

168
main/wiki/wiki.inc.php
Unescape View File

@ -839,46 +839,45 @@ function display_wiki_entry()
echo '<div id="wikititle">'; echo '<div id="wikititle">';
// page action: protecting (locking) the page // page action: protecting (locking) the page
if (check_protect_page())
{
if(api_is_allowed_to_edit(false,true) || api_is_platform_admin()) if(api_is_allowed_to_edit(false,true) || api_is_platform_admin())
{ {
$protect_page= '<img src="../img/wiki/lock.gif" title="'.get_lang('PageLockedExtra').'" alt="'.get_lang('PageLockedExtra').'" />'; if (check_protect_page()==1)
}
else
{ {
$protect_page= '<img src="../img/wiki/lock.gif" title="'.get_lang('PageLockedExtra').'" alt="'.get_lang('PageLockedExtra').'" />'; $protect_page= '<img src="../img/wiki/lock.gif" title="'.get_lang('PageLockedExtra').'" alt="'.get_lang('PageLockedExtra').'" />';
} $lock_unlock_protect='unlock';
} }
else else
{
if(api_is_allowed_to_edit(false,true) || api_is_platform_admin())
{ {
$protect_page= '<img src="../img/wiki/unlock.gif" title="'.get_lang('PageUnlockedExtra').'" alt="'.get_lang('PageUnlockedExtra').'" />'; $protect_page= '<img src="../img/wiki/unlock.gif" title="'.get_lang('PageUnlockedExtra').'" alt="'.get_lang('PageUnlockedExtra').'" />';
$lock_unlock_protect='lock';
} }
} }
echo '<span style="float:right">'; echo '<span style="float:right">';
echo '<a href="index.php?action=showpage&amp;actionpage=lock&amp;title='.$page.'">'.$protect_page.'</a>'; echo '<a href="index.php?action=showpage&amp;actionpage='.$lock_unlock_protect.'&amp;title='.$page.'">'.$protect_page.'</a>';
echo '</span>'; echo '</span>';
//page action: visibility //page action: visibility
if (check_visibility_page()) if(api_is_allowed_to_edit(false,true) || api_is_platform_admin())
{ {
//This hides the icon eye closed to users of work they can see yours if (check_visibility_page()==1)
if(($row['assignment']==2 && $KeyVisibility=="0" && (api_get_user_id()==$row['user_id']))==false)
{ {
$visibility_page= '<img src="../img/wiki/invisible.gif" title="'.get_lang('HidePageExtra').'" alt="'.get_lang('HidePageExtra').'" />'; // TODO: FIX This hides the icon eye closed to users of work they can see yours
} //if(($row['assignment']==2 && $KeyVisibility=="0" && (api_get_user_id()==$row['user_id']))==false)
//{
//
// }
$visibility_page= '<img src="../img/wiki/visible.gif" title="'.get_lang('ShowPageExtra').'" alt="'.get_lang('ShowPageExtra').'" />';
$lock_unlock_visibility='invisible';
} }
else else
{ {
if(api_is_allowed_to_edit(false,true) || api_is_platform_admin()) $visibility_page= '<img src="../img/wiki/invisible.gif" title="'.get_lang('HidePageExtra').'" alt="'.get_lang('HidePageExtra').'" />';
{ $lock_unlock_visibility='visible';
$visibility_page= '<img src="../img/wiki/visible.gif" title="'.get_lang('ShowPageExtra').'" alt="'.get_lang('ShowPageExtra').'" />';
} }
} }
echo '<span style="float:right">'; echo '<span style="float:right">';
echo '<a href="index.php?action=showpage&amp;actionpage=visibility&amp;title='.$page.'">'.$visibility_page.'</a>'; echo '<a href="index.php?action=showpage&amp;actionpage='.$lock_unlock_visibility.'&amp;title='.$page.'">'.$visibility_page.'</a>';
echo '</span>'; echo '</span>';
//page action: notification //page action: notification
@ -1049,6 +1048,7 @@ function is_active_navigation_tab($paramwk)
/** /**
* Lock add pages * Lock add pages
* @author Juan Carlos Raña <herodoto@telefonica.net> * @author Juan Carlos Raña <herodoto@telefonica.net>
* return current database status of protect page and change it if get action
*/ */
function check_addnewpagelock() function check_addnewpagelock()
@ -1066,15 +1066,16 @@ function check_addnewpagelock()
$status_addlock=$row['addlock']; $status_addlock=$row['addlock'];
//change status //change status
if ($_GET['actionpage']=='addlock' && (api_is_allowed_to_edit(false,true) || api_is_platform_admin())) if (api_is_allowed_to_edit(false,true) || api_is_platform_admin())
{ {
if ($row['addlock']==1)
if ($_GET['actionpage']=='lockaddnew' && $status_addlock==0)
{ {
$status_addlock=0; $status_addlock=1;
} }
else if ($_GET['actionpage']=='unlockaddnew' && $status_addlock==1)
{ {
$status_addlock=1; $status_addlock=0;
} }
Database::query('UPDATE '.$tbl_wiki.' SET addlock="'.Database::escape_string($status_addlock).'" WHERE '.$groupfilter.'',__LINE__,__FILE__); Database::query('UPDATE '.$tbl_wiki.' SET addlock="'.Database::escape_string($status_addlock).'" WHERE '.$groupfilter.'',__LINE__,__FILE__);
@ -1086,20 +1087,14 @@ function check_addnewpagelock()
//show status //show status
if ($row['addlock']==1 || ($row['content']=='' AND $row['title']=='' AND $page=='index')) return $row['addlock'];
{
return false;
}
else
{
return true;
}
} }
/** /**
* Protect page * Protect page
* @author Juan Carlos Raña <herodoto@telefonica.net> * @author Juan Carlos Raña <herodoto@telefonica.net>
* return current database status of protect page and change it if get action
*/ */
function check_protect_page() function check_protect_page()
{ {
@ -1118,17 +1113,18 @@ function check_protect_page()
$id=$row['id']; $id=$row['id'];
///change status ///change status
if ($_GET['actionpage']=='lock' && (api_is_allowed_to_edit(false,true) || api_is_platform_admin())) if (api_is_allowed_to_edit(false,true) || api_is_platform_admin())
{ {
if ($row['editlock']==0) if($_GET['actionpage']=='lock' && $status_editlock==0)
{ {
$status_editlock=1; $status_editlock=1;
} }
else if($_GET['actionpage']=='unlock' && $status_editlock==1)
{ {
$status_editlock=0; $status_editlock=0;
} }
$sql='UPDATE '.$tbl_wiki.' SET editlock="'.Database::escape_string($status_editlock).'" WHERE id="'.$id.'"'; $sql='UPDATE '.$tbl_wiki.' SET editlock="'.Database::escape_string($status_editlock).'" WHERE id="'.$id.'"';
Database::query($sql,__FILE__,__LINE__); Database::query($sql,__FILE__,__LINE__);
@ -1140,21 +1136,15 @@ function check_protect_page()
} }
//show status //show status
if ($row['editlock']==0 || ($row['content']=='' AND $row['title']=='' AND $page=='index'))
{
return false;
}
else
{
return true;
}
return $row['editlock'];
} }
/** /**
* Visibility page * Visibility page
* @author Juan Carlos Raña <herodoto@telefonica.net> * @author Juan Carlos Raña <herodoto@telefonica.net>
* return current database status of visibility and change it if get action
*/ */
function check_visibility_page() function check_visibility_page()
{ {
@ -1170,18 +1160,20 @@ function check_visibility_page()
$row=Database::fetch_array($result); $row=Database::fetch_array($result);
$status_visibility=$row['visibility']; $status_visibility=$row['visibility'];
$id=$row['id']; //need ? check. TODO
//change status //change status
if ($_GET['actionpage']=='visibility' && (api_is_allowed_to_edit(false,true) || api_is_platform_admin()))
if (api_is_allowed_to_edit(false,true) || api_is_platform_admin())
{ {
if ($row['visibility']==1) if($_GET['actionpage']=='visible' && $status_visibility==0)
{ {
$status_visibility=0; $status_visibility=1;
} }
else if($_GET['actionpage']=='invisible' && $status_visibility==1)
{ {
$status_visibility=1; $status_visibility=0;
} }
$sql='UPDATE '.$tbl_wiki.' SET visibility="'.Database::escape_string($status_visibility).'" WHERE reflink="'.html_entity_decode(Database::escape_string(stripslashes(urldecode($page)))).'" AND '.$groupfilter; $sql='UPDATE '.$tbl_wiki.' SET visibility="'.Database::escape_string($status_visibility).'" WHERE reflink="'.html_entity_decode(Database::escape_string(stripslashes(urldecode($page)))).'" AND '.$groupfilter;
@ -1195,21 +1187,14 @@ function check_visibility_page()
} }
//show status //show status
if ($row['visibility']=="1" || ($row['content']=='' AND $row['title']=='' AND $page=='index')) return $row['visibility'];
{
return false;
}
else
{
return true;
}
} }
/** /**
* Visibility discussion * Visibility discussion
* @author Juan Carlos Raña <herodoto@telefonica.net> * @author Juan Carlos Raña <herodoto@telefonica.net>
* return current database status of discuss visibility and change it if get action page
*/ */
function check_visibility_discuss() function check_visibility_discuss()
{ {
@ -1225,18 +1210,17 @@ function check_visibility_discuss()
$row=Database::fetch_array($result); $row=Database::fetch_array($result);
$status_visibility_disc=$row['visibility_disc']; $status_visibility_disc=$row['visibility_disc'];
$id=$row['id']; //need ? check. TODO
//change status //change status
if ($_GET['actionpage']=='visibility_disc' && (api_is_allowed_to_edit(false,true) || api_is_platform_admin())) if (api_is_allowed_to_edit(false,true) || api_is_platform_admin())
{ {
if ($row['visibility_disc']==1) if ($_GET['actionpage']=='showdisc' && $status_visibility_disc==0)
{ {
$status_visibility_disc=0; $status_visibility_disc=1;
} }
else if ($_GET['actionpage']=='hidedisc' && $status_visibility_disc==1)
{ {
$status_visibility_disc=1; $status_visibility_disc=0;
} }
$sql='UPDATE '.$tbl_wiki.' SET visibility_disc="'.Database::escape_string($status_visibility_disc).'" WHERE reflink="'.html_entity_decode(Database::escape_string(stripslashes(urldecode($page)))).'" AND '.$groupfilter; $sql='UPDATE '.$tbl_wiki.' SET visibility_disc="'.Database::escape_string($status_visibility_disc).'" WHERE reflink="'.html_entity_decode(Database::escape_string(stripslashes(urldecode($page)))).'" AND '.$groupfilter;
@ -1250,22 +1234,14 @@ function check_visibility_discuss()
} }
//show status //show status
return $row['visibility_disc'];
if ($row['visibility_disc']==1 || ($row['content']=='' AND $row['title']=='' AND $page=='index'))
{
return false;
}
else
{
return true;
}
} }
/** /**
* Lock add discussion * Lock add discussion
* @author Juan Carlos Raña <herodoto@telefonica.net> * @author Juan Carlos Raña <herodoto@telefonica.net>
* return current database status of lock dicuss and change if get action
*/ */
function check_addlock_discuss() function check_addlock_discuss()
{ {
@ -1280,18 +1256,18 @@ function check_addlock_discuss()
$row=Database::fetch_array($result); $row=Database::fetch_array($result);
$status_addlock_disc=$row['addlock_disc']; $status_addlock_disc=$row['addlock_disc'];
$id=$row['id']; //need ? check. TODO
//change status //change status
if ($_GET['actionpage']=='addlock_disc' && (api_is_allowed_to_edit(null,true) || api_is_platform_admin())) if (api_is_allowed_to_edit() || api_is_platform_admin())
{ {
if ($row['addlock_disc']==1)
if ($_GET['actionpage']=='lockdisc' && $status_addlock_disc==0)
{ {
$status_addlock_disc=0; $status_addlock_disc=1;
} }
else if ($_GET['actionpage']=='unlockdisc' && $status_addlock_disc==1)
{ {
$status_addlock_disc=1; $status_addlock_disc=0;
} }
$sql='UPDATE '.$tbl_wiki.' SET addlock_disc="'.Database::escape_string($status_addlock_disc).'" WHERE reflink="'.html_entity_decode(Database::escape_string(stripslashes(urldecode($page)))).'" AND '.$groupfilter; $sql='UPDATE '.$tbl_wiki.' SET addlock_disc="'.Database::escape_string($status_addlock_disc).'" WHERE reflink="'.html_entity_decode(Database::escape_string(stripslashes(urldecode($page)))).'" AND '.$groupfilter;
@ -1305,22 +1281,14 @@ function check_addlock_discuss()
} }
//show status //show status
return $row['addlock_disc'];
if ($row['addlock_disc']==1 || ($row['content']=='' AND $row['title']=='' AND $page=='index'))
{
return false;
} }
else
{
return true;
}
}
/** /**
* Lock rating discussion * Lock rating discussion
* @author Juan Carlos Raña <herodoto@telefonica.net> * @author Juan Carlos Raña <herodoto@telefonica.net>
* Return current database status of rating discuss and change it if get action
*/ */
function check_ratinglock_discuss() function check_ratinglock_discuss()
{ {
@ -1336,18 +1304,18 @@ function check_ratinglock_discuss()
$row=Database::fetch_array($result); $row=Database::fetch_array($result);
$status_ratinglock_disc=$row['ratinglock_disc']; $status_ratinglock_disc=$row['ratinglock_disc'];
$id=$row['id']; //need ? check. TODO
//change status //change status
if ($_GET['actionpage']=='ratinglock_disc' && (api_is_allowed_to_edit(false,true) || api_is_platform_admin())) if (api_is_allowed_to_edit(false,true) || api_is_platform_admin())
{ {
if ($row['ratinglock_disc']==1) if ($_GET['actionpage']=='lockrating' && $status_ratinglock_disc==0)
{ {
$status_ratinglock_disc=0; $status_ratinglock_disc=1;
} }
else if ($_GET['actionpage']=='unlockrating' && $status_ratinglock_disc==1)
{ {
$status_ratinglock_disc=1; $status_ratinglock_disc=0;
} }
$sql='UPDATE '.$tbl_wiki.' SET ratinglock_disc="'.Database::escape_string($status_ratinglock_disc).'" WHERE reflink="'.html_entity_decode(Database::escape_string(stripslashes(urldecode($page)))).'" AND '.$groupfilter; //Visibility. Value to all,not only for the first $sql='UPDATE '.$tbl_wiki.' SET ratinglock_disc="'.Database::escape_string($status_ratinglock_disc).'" WHERE reflink="'.html_entity_decode(Database::escape_string(stripslashes(urldecode($page)))).'" AND '.$groupfilter; //Visibility. Value to all,not only for the first
@ -1361,21 +1329,15 @@ function check_ratinglock_discuss()
} }
//show status //show status
if ($row['ratinglock_disc']==1 || ($row['content']=='' AND $row['title']=='' AND $page=='index'))
{
return false;
}
else
{
return true;
}
return $row['ratinglock_disc'];
} }
/** /**
* Notify page changes * Notify page changes
* @author Juan Carlos Raña <herodoto@telefonica.net> * @author Juan Carlos Raña <herodoto@telefonica.net>
* return the current
*/ */
function check_notify_page($reflink) function check_notify_page($reflink)

2
user_portal.php
Unescape View File

@ -639,7 +639,7 @@ function get_session_title_box($session_id) {
LEFT JOIN '.$main_user_table .' tu LEFT JOIN '.$main_user_table .' tu
ON ts.id_coach = tu.user_id ON ts.id_coach = tu.user_id
WHERE ts.id='.intval($session_id); WHERE ts.id='.intval($session_id);
$rs = api_sql_query($sql, __FILE__, __LINE__); $rs = Database::query($sql, __FILE__, __LINE__);
$session_info = api_store_result($rs); $session_info = api_store_result($rs);
$session_info = $session_info[0]; $session_info = $session_info[0];
$session = array(); $session = array();

Write Preview
Loading…
Cancel
Save