chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch '1.10.x' of github.com:chamilo/chamilo-lms into 1.10.x

Browse Source
1.10.x
Yannick Warnier 10 years ago
parent 7cdcc39adc 95d0a1f5de
commit d22cbfbd13
22 changed files with 642 additions and 437 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 14
      main/announcements/announcements.php
  2. 25
      main/blog/blog_admin.php
  3. 27
      main/exercice/exercise_report.php
  4. 127
      main/exercice/exercise_show.php
  5. 4
      main/gradebook/certificate_report.php
  6. 12
      main/gradebook/gradebook.php
  7. 2
      main/gradebook/gradebook_add_cat.php
  8. 2
      main/gradebook/gradebook_flatview.php
  9. 86
      main/gradebook/gradebook_view_result.php
  10. 3
      main/gradebook/lib/fe/displaygradebook.php
  11. 71
      main/gradebook/lib/fe/exportgradebook.php
  12. 34
      main/group/group_creation.php
  13. 4
      main/inc/lib/AnnouncementManager.php
  14. 1
      main/inc/lib/agenda.lib.php
  15. 1
      main/inc/lib/api.lib.php
  16. 19
      main/inc/lib/formvalidator/FormValidator.class.php
  17. 94
      main/inc/lib/message.lib.php
  18. 6
      main/inc/lib/phpmailer/class.phpmailer.php
  19. 25
      main/inc/lib/usermanager.lib.php
  20. 25
      main/messages/inbox.php
  21. 30
      main/messages/outbox.php
  22. 19
      main/session/session_add.php

14
main/announcements/announcements.php
Unescape View File

@ -51,6 +51,7 @@ $tbl_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY);
$course_id = api_get_course_int_id();
$_course = api_get_course_info_by_id($course_id);
$group_id = api_get_group_id();
$sessionId = api_get_session_id();
api_protect_course_group(GroupManager::GROUP_TOOL_ANNOUNCEMENT);
@ -142,7 +143,7 @@ switch ($action) {
);
$searchForm->addElement('text', 'keyword', get_lang('Title'));
$users = CourseManager::get_user_list_from_course_code(api_get_course_id(), api_get_session_id());
$users = CourseManager::get_user_list_from_course_code(api_get_course_id(), $sessionId);
$userList = array('' => '');
if (!empty($users)) {
foreach ($users as $user) {
@ -270,7 +271,7 @@ switch ($action) {
case 'delete':
/* Delete announcement */
$id = intval($_GET['id']);
if (api_get_session_id() != 0 && api_is_allowed_to_session_edit(false, true) == false) {
if ($sessionId != 0 && api_is_allowed_to_session_edit(false, true) == false) {
api_not_allowed();
}
@ -302,7 +303,7 @@ switch ($action) {
case 'showhide':
if (!isset($_GET['isStudentView']) || $_GET['isStudentView'] != 'false') {
if (isset($_GET['id']) && $_GET['id']) {
if (api_get_session_id() != 0 &&
if ($sessionId != 0 &&
api_is_allowed_to_session_edit(false, true) == false
) {
api_not_allowed();
@ -326,7 +327,7 @@ switch ($action) {
break;
case 'add':
case 'modify':
if (api_get_session_id() != 0 &&
if ($sessionId != 0 &&
api_is_allowed_to_session_edit(false, true) == false
) {
api_not_allowed(true);
@ -371,7 +372,7 @@ switch ($action) {
$to = Tracking:: getInactiveStudentsInCourse(
api_get_course_int_id(),
$since,
api_get_session_id()
$sessionId
);
// setting the variables for the form elements: the users who need to receive the message
foreach ($to as &$user) {
@ -473,7 +474,7 @@ switch ($action) {
$form->addElement('textarea', 'file_comment', get_lang('FileComment'));
$form->addElement('hidden', 'sec_token', $stok);
if (api_get_session_id() == 0) {
if (empty($sessionId)) {
$form->addCheckBox('send_to_users_in_session', null, get_lang('SendToUsersInSessions'));
}
@ -533,6 +534,7 @@ switch ($action) {
$data['users'],
$file,
$file_comment,
null,
$sendToUsersInSession
);
} else {

25
main/blog/blog_admin.php
Unescape View File

@ -5,7 +5,7 @@
* BLOG HOMEPAGE
* This file takes care of all blog navigation and displaying.
* @package chamilo.blogs
*/
*/
require_once '../inc/global.inc.php';
$current_course_tool = TOOL_BLOGS;
@ -33,26 +33,26 @@ if (api_is_allowed_to_edit()) {
$interbreadcrumb[]= array ('url' => 'blog_admin.php?','name' => $nameTools);
$my_url='';
if (isset($_GET['action']) && $_GET['action']=='add') {
$current_section=get_lang('AddBlog');
$current_section = get_lang('AddBlog');
$my_url='action=add';
} elseif (isset($_GET['action']) && $_GET['action']=='edit') {
$current_section=get_lang('EditBlog');
$current_section = get_lang('EditBlog');
$my_url='action=edit&blog_id='.Security::remove_XSS($_GET['blog_id']);
}
Display::display_header('');
}
echo '<div class="actions">';
echo "<a href='".api_get_self()."?".api_get_cidreq()."&action=add'>",
Display::return_icon('new_blog.png',get_lang('AddBlog'),'',ICON_SIZE_MEDIUM)."</a>";
Display::return_icon('new_blog.png', get_lang('AddBlog'),'',ICON_SIZE_MEDIUM)."</a>";
echo '</div>';
if (!empty($_POST['new_blog_submit']) AND !empty($_POST['blog_name'])) {
if (!empty($_POST['new_blog_submit']) && !empty($_POST['blog_name'])) {
if (isset($_POST['blog_name'])) {
Blog::create_blog($_POST['blog_name'], $_POST['blog_subtitle']);
Display::display_confirmation_message(get_lang('BlogStored'));
}
}
if (!empty($_POST['edit_blog_submit']) AND !empty($_POST['blog_name'])) {
if (!empty($_POST['edit_blog_submit']) && !empty($_POST['blog_name'])) {
if (strlen(trim($_POST['blog_name']))>0) {
Blog::edit_blog($_POST['blog_id'], $_POST['blog_name'], $_POST['blog_subtitle']);
Display::display_confirmation_message(get_lang('BlogEdited'));
@ -76,16 +76,7 @@ if (api_is_allowed_to_edit()) {
// we show the form if
// 1. no post data
// 2. there is post data and one of the required form elements is empty
if (!$_POST OR (!empty($_POST) AND (empty($_POST['new_blog_submit']) OR empty($_POST['blog_name'])))) {
// if there is post data there is certainly an error in the form
/*if ($_POST){
Display::display_error_message(get_lang('FormHasErrorsPleaseComplete'));
}*/
/*if (strlen($_POST['blog_name'])==0) {
if (count($_POST)>0) {
Display::display_error_message(get_lang('FormHasErrorsPleaseComplete'));
}
}*/
if (!$_POST || (!empty($_POST) && (empty($_POST['new_blog_submit']) || empty($_POST['blog_name'])))) {
Blog::display_new_blog_form();
}
}
@ -94,7 +85,7 @@ if (api_is_allowed_to_edit()) {
// we show the form if
// 1. no post data
// 2. there is post data and one of the three form elements is empty
if (!$_POST OR (!empty($_POST) AND (empty($_POST['edit_blog_submit']) OR empty($_POST['blog_name']) ))) {
if (!$_POST || (!empty($_POST) && (empty($_POST['edit_blog_submit']) || empty($_POST['blog_name']) ))) {
// if there is post data there is certainly an error in the form
if ($_POST) {
Display::display_error_message(get_lang('FormHasErrorsPleaseComplete'));

27
main/exercice/exercise_report.php
Unescape View File

@ -95,7 +95,7 @@ if (!empty($_REQUEST['export_report']) && $_REQUEST['export_report'] == '1') {
$export->setOnlyBestAttempts($onlyBestAttempts);
switch ($_GET['export_format']) {
case 'xls' :
case 'xls':
$export->exportCompleteReportXLS(
$documentPath,
null,
@ -105,8 +105,8 @@ if (!empty($_REQUEST['export_report']) && $_REQUEST['export_report'] == '1') {
);
exit;
break;
case 'csv' :
default :
case 'csv':
default:
$export->exportCompleteReportCSV(
$documentPath,
null,
@ -130,6 +130,7 @@ if (isset($_REQUEST['comments']) &&
//filtered by post-condition
$id = intval($_GET['exeid']);
$track_exercise_info = ExerciseLib::get_exercise_track_exercise_info($id);
if (empty($track_exercise_info)) {
api_not_allowed();
}
@ -137,8 +138,8 @@ if (isset($_REQUEST['comments']) &&
$student_id = $track_exercise_info['exe_user_id'];
$session_id = $track_exercise_info['session_id'];
$lp_id = $track_exercise_info['orig_lp_id'];
//$lp_item_id = $track_exercise_info['orig_lp_item_id'];
$lp_item_view_id = $track_exercise_info['orig_lp_item_view_id'];
$exerciseId = $track_exercise_info['exe_exo_id'];
$course_info = api_get_course_info();
@ -216,6 +217,7 @@ if (isset($_REQUEST['comments']) &&
$sql = "UPDATE $TBL_TRACK_EXERCISES
SET exe_result = '".floatval($tot)."'
WHERE exe_id = ".$id;
Database::query($sql);
if (isset($_POST['send_notification'])) {
@ -226,9 +228,9 @@ if (isset($_REQUEST['comments']) &&
$message .= '<h3>'.get_lang('CourseName').'</h3><p>'.Security::remove_XSS($course_info['name']).'';
$message .= '<h3>'.get_lang('Exercise').'</h3><p>'.Security::remove_XSS($test);
//Only for exercises not in a LP
// Only for exercises not in a LP
if ($lp_id == 0) {
$message .= '<p>'.get_lang('ClickLinkToViewComment').' <a href="#url#">#url#</a><br />';
$message .= '<p>'.get_lang('ClickLinkToViewComment').' <br /><a href="#url#">#url#</a><br />';
}
$message .= '<p>'.get_lang('Regards').'</p>';
@ -246,23 +248,24 @@ if (isset($_REQUEST['comments']) &&
Display::addFlash(
Display::return_message(get_lang('MessageSent'))
);
header('Location: ' . api_get_path(WEB_PATH));
header('Location: ' . api_get_self().'?'.api_get_cidreq().'&exerciseId='.$exerciseId);
exit;
}
}
//Updating LP score here
if (in_array($origin, array('tracking_course', 'user_course', 'correct_exercise_in_lp'))) {
// Updating LP score here
if (in_array($origin, array('tracking_course', 'user_course', 'correct_exercise_in_lp'))
) {
$sql = "UPDATE $TBL_LP_ITEM_VIEW SET score = '".floatval($tot)."'
WHERE c_id = ".$course_id." AND id = ".$lp_item_view_id;
Database::query($sql);
if ($origin == 'tracking_course') {
//Redirect to the course detail in lp
header('location: exercise.php?course='.Security :: remove_XSS($_GET['course']));
header('location: '.api_get_path(WEB_CODE_PATH).'exercice/exercise.php?course='.Security :: remove_XSS($_GET['course']));
exit;
} else {
//Redirect to the reporting
header('location: ../mySpace/myStudents.php?origin='.$origin.'&student='.$student_id.'&details=true&course='.$course_id.'&session_id='.$session_id);
// Redirect to the reporting
header('Location: '.api_get_path(WEB_CODE_PATH).'mySpace/myStudents.php?origin='.$origin.'&student='.$student_id.'&details=true&course='.$course_id.'&session_id='.$session_id);
exit;
}
}

127
main/exercice/exercise_show.php
Unescape View File

@ -231,7 +231,10 @@ if ($show_results || $show_only_total_score) {
$i = $totalScore = $totalWeighting = 0;
if ($debug > 0){error_log("ExerciseResult: ".print_r($exerciseResult,1)); error_log("QuestionList: ".print_r($questionList,1));}
if ($debug > 0) {
error_log("ExerciseResult: ".print_r($exerciseResult, 1));
error_log("QuestionList: ".print_r($questionList, 1));
}
$arrques = array();
$arrans = array();
@ -323,39 +326,119 @@ foreach ($questionList as $questionId) {
}*/
if ($answerType == MULTIPLE_ANSWER || $answerType == MULTIPLE_ANSWER_TRUE_FALSE) {
$question_result = $objExercise->manage_answer($id, $questionId, $choice,'exercise_show', array(), false, true, $show_results, $objExercise->selectPropagateNeg());
$question_result = $objExercise->manage_answer(
$id,
$questionId,
$choice,
'exercise_show',
array(),
false,
true,
$show_results,
$objExercise->selectPropagateNeg()
);
$questionScore = $question_result['score'];
$totalScore += $question_result['score'];
} elseif ($answerType == MULTIPLE_ANSWER_COMBINATION || $answerType == MULTIPLE_ANSWER_COMBINATION_TRUE_FALSE) {
$choice = array();
$question_result = $objExercise->manage_answer($id, $questionId, $choice,'exercise_show', array(), false, true, $show_results, $objExercise->selectPropagateNeg());
$question_result = $objExercise->manage_answer(
$id,
$questionId,
$choice,
'exercise_show',
array(),
false,
true,
$show_results,
$objExercise->selectPropagateNeg()
);
$questionScore = $question_result['score'];
$totalScore += $question_result['score'];
} elseif ($answerType == UNIQUE_ANSWER || $answerType == UNIQUE_ANSWER_NO_OPTION) {
$question_result = $objExercise->manage_answer($id, $questionId, $choice,'exercise_show', array(), false, true, $show_results, $objExercise->selectPropagateNeg());
$question_result = $objExercise->manage_answer(
$id,
$questionId,
$choice,
'exercise_show',
array(),
false,
true,
$show_results,
$objExercise->selectPropagateNeg()
);
$questionScore = $question_result['score'];
$totalScore += $question_result['score'];
echo '</table>';
} elseif ($answerType == FILL_IN_BLANKS) {
$question_result = $objExercise->manage_answer($id, $questionId, $choice,'exercise_show', array(), false, true, $show_results, $objExercise->selectPropagateNeg());
$question_result = $objExercise->manage_answer(
$id,
$questionId,
$choice,
'exercise_show',
array(),
false,
true,
$show_results,
$objExercise->selectPropagateNeg()
);
$questionScore = $question_result['score'];
$totalScore += $question_result['score'];
} elseif ($answerType == GLOBAL_MULTIPLE_ANSWER) {
$question_result = $objExercise->manage_answer($id, $questionId, $choice,'exercise_show', array(), false, true, $show_results, $objExercise->selectPropagateNeg());
$question_result = $objExercise->manage_answer(
$id,
$questionId,
$choice,
'exercise_show',
array(),
false,
true,
$show_results,
$objExercise->selectPropagateNeg()
);
$questionScore = $question_result['score'];
$totalScore += $question_result['score'];
} elseif ($answerType == FREE_ANSWER) {
$answer = $str;
$question_result = $objExercise->manage_answer($id, $questionId, $choice,'exercise_show', array(), false, true, $show_results, $objExercise->selectPropagateNeg());
$question_result = $objExercise->manage_answer(
$id,
$questionId,
$choice,
'exercise_show',
array(),
false,
true,
$show_results,
$objExercise->selectPropagateNeg()
);
$questionScore = $question_result['score'];
$totalScore += $question_result['score'];
} elseif ($answerType == ORAL_EXPRESSION) {
$answer = $str;
$question_result = $objExercise->manage_answer($id, $questionId, $choice,'exercise_show', array(), false, true, $show_results, $objExercise->selectPropagateNeg());
$question_result = $objExercise->manage_answer(
$id,
$questionId,
$choice,
'exercise_show',
array(),
false,
true,
$show_results,
$objExercise->selectPropagateNeg()
);
$questionScore = $question_result['score'];
$totalScore += $question_result['score'];
} elseif (in_array($answerType, [MATCHING, DRAGGABLE, MATCHING_DRAGGABLE])) {
$question_result = $objExercise->manage_answer($id, $questionId, $choice,'exercise_show', array(), false, true, $show_results, $objExercise->selectPropagateNeg());
$question_result = $objExercise->manage_answer(
$id,
$questionId,
$choice,
'exercise_show',
array(),
false,
true,
$show_results,
$objExercise->selectPropagateNeg()
);
$questionScore = $question_result['score'];
$totalScore += $question_result['score'];
} elseif ($answerType == HOT_SPOT) {
@ -364,7 +447,17 @@ foreach ($questionList as $questionId) {
<td valign="top" align="center" style="padding-left:0px;" >
<table border="1" bordercolor="#A4A4A4" style="border-collapse: collapse;" width="552">';
}
$question_result = $objExercise->manage_answer($id, $questionId, $choice,'exercise_show', array(), false, true, $show_results, $objExercise->selectPropagateNeg());
$question_result = $objExercise->manage_answer(
$id,
$questionId,
$choice,
'exercise_show',
array(),
false,
true,
$show_results,
$objExercise->selectPropagateNeg()
);
$questionScore = $question_result['score'];
$totalScore += $question_result['score'];
@ -394,7 +487,18 @@ foreach ($questionList as $questionId) {
}
} else if($answerType == HOT_SPOT_DELINEATION) {
$question_result = $objExercise->manage_answer($id, $questionId, $choice,'exercise_show', array(), false, true, $show_results, $objExercise->selectPropagateNeg(), 'database');
$question_result = $objExercise->manage_answer(
$id,
$questionId,
$choice,
'exercise_show',
array(),
false,
true,
$show_results,
$objExercise->selectPropagateNeg(),
'database'
);
$questionScore = $question_result['score'];
$totalScore += $question_result['score'];
@ -780,6 +884,7 @@ if ($isFeedbackAllowed) {
if ($origin !='learnpath' && $origin!='student_progress') {
echo '<label><input type= "checkbox" name="send_notification"> '.get_lang('SendEmail').'</label>';
?>
<br />
<button type="submit" class="btn btn-primary" value="<?php echo get_lang('Ok'); ?>" onclick="getFCK('<?php echo $strids; ?>','<?php echo $marksid; ?>');">
<?php echo get_lang('CorrectTest'); ?>
</button>

4
main/gradebook/certificate_report.php
Unescape View File

@ -1,5 +1,6 @@
<?php
/* For licensing terms, see /license.txt */
/**
* List all certificates filtered by session/course and month/year
* @author Angel Fernando Quiroz Campos <angel.quiroz@beeznest.com>
@ -16,7 +17,7 @@ $this_section = SECTION_TRACKING;
api_block_anonymous_users();
$interbreadcrumb[] = array(
"url" => api_get_path(WEB_CODE_PATH) . "mySpace/index.php",
"url" => api_get_path(WEB_CODE_PATH) . "mySpace/index.php?".api_get_cidreq(),
"name" => get_lang("MySpace")
);
@ -27,7 +28,6 @@ $selectedYear = isset($_POST['year']) && !empty($_POST['year']) ? trim($_POST['y
$selectedStudent = isset($_POST['student']) && !empty($_POST['student']) ? intval($_POST['student']) : 0;
$userId = api_get_user_id();
$sessions = $courses = $months = $students = [0 => get_lang('Select')];
if (api_is_student_boss()) {

12
main/gradebook/gradebook.php
Unescape View File

@ -370,12 +370,12 @@ if (isset ($_POST['submit']) && isset ($_POST['keyword'])) {
. '&search='.Security::remove_XSS($_POST['keyword']));
exit;
}
// DISPLAY HEADERS AND MESSAGES -
if (!isset($_GET['exportpdf']) and !isset($_GET['export_certificate'])) {
// DISPLAY HEADERS AND MESSAGES -
if (!isset($_GET['exportpdf']) && !isset($_GET['export_certificate'])) {
if (isset ($_GET['studentoverview'])) {
$interbreadcrumb[]= array (
'url' => $_SESSION['gradebook_dest'].'?selectcat=' . Security::remove_XSS($_GET['selectcat']),
'url' => $_SESSION['gradebook_dest'].'?selectcat=' . Security::remove_XSS($_GET['selectcat'].'&'.api_get_cidreq()),
'name' => get_lang('ToolGradebook')
);
Display :: display_header(get_lang('FlatView'));
@ -401,13 +401,13 @@ if (!isset($_GET['exportpdf']) and !isset($_GET['export_certificate'])) {
}
}
if (isset ($_GET['categorymoved'])) {
if (isset($_GET['categorymoved'])) {
Display :: display_confirmation_message(get_lang('CategoryMoved'),false);
}
if (isset ($_GET['evaluationmoved'])) {
if (isset($_GET['evaluationmoved'])) {
Display :: display_confirmation_message(get_lang('EvaluationMoved'),false);
}
if (isset ($_GET['linkmoved'])) {
if (isset($_GET['linkmoved'])) {
Display :: display_confirmation_message(get_lang('LinkMoved'),false);
}
if (isset ($_GET['addcat'])) {

2
main/gradebook/gradebook_add_cat.php
Unescape View File

@ -99,7 +99,7 @@ if (!$_in_course) {
'name' => get_lang('Gradebook')
);
}
$interbreadcrumb[]= array( 'url' =>'index.php','name' => get_lang('ToolGradebook'));
$interbreadcrumb[] = array('url' => 'index.php?'.api_get_cidreq(), 'name' => get_lang('ToolGradebook'));
Display :: display_header(get_lang('NewCategory'));
$display_form = true;

2
main/gradebook/gradebook_flatview.php
Unescape View File

@ -6,6 +6,8 @@
* @package chamilo.gradebook
*/
require_once '../inc/global.inc.php';
require_once api_get_path(SYS_CODE_PATH).'gradebook/lib/fe/exportgradebook.php';
$current_course_tool = TOOL_GRADEBOOK;
api_protect_course_script(true);

86
main/gradebook/gradebook_view_result.php
Unescape View File

@ -6,6 +6,7 @@
* @package chamilo.gradebook
*/
require_once '../inc/global.inc.php';
require_once api_get_path(SYS_CODE_PATH).'gradebook/lib/fe/exportgradebook.php';
api_block_anonymous_users();
$isDrhOfCourse = CourseManager::isUserSubscribedInCourseAsDrh(
@ -19,11 +20,11 @@ if (!$isDrhOfCourse) {
$interbreadcrumb[] = array(
'url' => $_SESSION['gradebook_dest'],
'name' => get_lang('Gradebook'
));
'name' => get_lang('Gradebook')
);
//load the evaluation & category
$select_eval = Security::remove_XSS($_GET['selecteval']);
$select_eval = intval($_GET['selecteval']);
if (empty($select_eval)) {
api_not_allowed();
}
@ -35,10 +36,11 @@ if ($eval[0]->get_category_id() < 0) {
// if category id is negative, then the evaluation's origin is a link
$link = LinkFactory :: get_evaluation_link($eval[0]->get_id());
$currentcat = Category :: load($link->get_category_id());
} else
$currentcat = Category :: load($eval[0]->get_category_id());
//load the result with the evaluation id
} else {
$currentcat = Category:: load($eval[0]->get_category_id());
}
//load the result with the evaluation id
if (isset($_GET['delete_mark'])) {
$result = Result :: load($_GET['delete_mark']);
if (!empty($result[0])) {
@ -53,7 +55,6 @@ if (isset($_GET['selecteval'])) {
if (isset($_GET['editres'])) {
$edit_res_xml = Security::remove_XSS($_GET['editres']);
$select_eval_edit = Security::remove_XSS($_GET['selecteval']);
$resultedit = Result :: load($edit_res_xml);
$edit_res_form = new EvalForm(
EvalForm :: TYPE_RESULT_EDIT,
@ -61,39 +62,38 @@ if (isset($_GET['editres'])) {
$resultedit[0],
'edit_result_form',
null,
api_get_self() . '?editres=' . $resultedit[0]->get_id() . '&selecteval=' . $select_eval_edit.'&'.api_get_cidreq()
api_get_self() . '?editres=' . $resultedit[0]->get_id() . '&selecteval=' . $select_eval.'&'.api_get_cidreq()
);
if ($edit_res_form->validate()) {
$values = $edit_res_form->exportValues();
$result = new Result();
$resultlog = new Result();
$resultlog->add_result__log($values['hid_user_id'], $select_eval_edit);
$resultlog->add_result__log($values['hid_user_id'], $select_eval);
$result->set_id($edit_res_xml);
$result->set_user_id($values['hid_user_id']);
$result->set_evaluation_id($select_eval_edit);
$result->set_evaluation_id($select_eval);
$row_value = isset($values['score']) ? (float) $values['score'] : 0;
if (!empty($row_value) || $row_value == 0) {
$result->set_score(floatval(number_format($row_value, api_get_setting('gradebook_number_decimals'))));
}
$result->save();
unset($result);
header('Location: gradebook_view_result.php?selecteval=' . $select_eval_edit . '&editresmessage=&'.api_get_cidreq());
header('Location: gradebook_view_result.php?selecteval=' . $select_eval . '&editresmessage=&'.api_get_cidreq());
exit;
}
}
$file_type = null;
if (isset($_GET['import'])) {
$interbreadcrumb[] = array(
'url' => 'gradebook_view_result.php?selecteval=' . Security::remove_XSS($_GET['selecteval']).'&'.api_get_cidreq(),
'url' => api_get_path(WEB_CODE_PATH).'gradebook/gradebook_view_result.php?selecteval=' . $select_eval.'&'.api_get_cidreq(),
'name' => get_lang('ViewResult')
);
$import_result_form = new DataForm(
DataForm :: TYPE_IMPORT,
'import_result_form',
null,
api_get_self() . '?import=&selecteval=' . Security::remove_XSS($_GET['selecteval']),
api_get_self() . '?import=&selecteval=' . $select_eval,
'_blank',
''
);
@ -122,7 +122,7 @@ if (isset($_GET['import'])) {
if (($importedresult['user_id'] == $allresult->get_user_id())) {
if ($importedresult['score'] != $allresult->get_score()) {
if (!isset($values['overwrite'])) {
header('Location: gradebook_view_result.php?selecteval=' . Security::remove_XSS($_GET['selecteval']) . '&import_score_error=' . $importedresult['user_id']);
header('Location: '.api_get_path(WEB_CODE_PATH).'gradebook/gradebook_view_result.php?selecteval=' . $select_eval . '&import_score_error=' . $importedresult['user_id']);
exit;
break;
} else {
@ -140,7 +140,7 @@ if (isset($_GET['import'])) {
}
}
if ($importedresult['user_id'] == null) {
header('Location: gradebook_view_result.php?selecteval=' . Security::remove_XSS($_GET['selecteval']) . '&incorrectdata=');
header('Location: gradebook_view_result.php?selecteval=' . $select_eval . '&incorrectdata=');
exit;
}
$userinfo = api_get_user_info($importedresult['user_id']);
@ -149,13 +149,13 @@ if (isset($_GET['import'])) {
$userinfo['official_code'] != $importedresult['official_code']
) {
if (!isset($values['ignoreerrors'])) {
header('Location: gradebook_view_result.php?selecteval=' . Security::remove_XSS($_GET['selecteval']) . '&import_user_error=' . $importedresult['user_id']);
header('Location: gradebook_view_result.php?selecteval=' . $select_eval . '&import_user_error=' . $importedresult['user_id']);
exit;
}
}
if ($added != '1') {
if ($importedresult['score'] > $eval[0]->get_max()) {
header('Location: gradebook_view_result.php?selecteval=' . Security::remove_XSS($_GET['selecteval']) . '&overwritemax=');
header('Location: gradebook_view_result.php?selecteval=' . $select_eval . '&overwritemax=');
exit;
}
$result = new Result();
@ -168,36 +168,39 @@ if (isset($_GET['import'])) {
} else {
$result->set_date(api_get_utc_datetime());
}
$result->set_evaluation_id($_GET['selecteval']);
$result->set_evaluation_id($select_eval);
$result->add();
$nr_results_added++;
}
}
} else {
header('Location: ' . api_get_self() . '?import=&selecteval=' . Security::remove_XSS($_GET['selecteval']) . '&importnofile=');
header('Location: ' . api_get_self() . '?import=&selecteval=' . $select_eval . '&importnofile=');
exit;
}
if ($overwritescore != 0) {
header('Location: ' . api_get_self() . '?selecteval=' . Security::remove_XSS($_GET['selecteval']) . '&importoverwritescore=' . $overwritescore);
header('Location: ' . api_get_self() . '?selecteval=' . $select_eval. '&importoverwritescore=' . $overwritescore);
exit;
}
if ($nr_results_added == 0) {
header('Location: ' . api_get_self() . '?selecteval=' . Security::remove_XSS($_GET['selecteval']) . '&nothingadded=');
header('Location: ' . api_get_self() . '?selecteval=' . $select_eval. '&nothingadded=');
exit;
}
header('Location: ' . api_get_self() . '?selecteval=' . Security::remove_XSS($_GET['selecteval']) . '&importok=');
header('Location: ' . api_get_self() . '?selecteval=' . $select_eval . '&importok=');
exit;
}
}
if (isset($_GET['export'])) {
$interbreadcrumb[] = array('url' => 'gradebook_view_result.php?selecteval=' . Security::remove_XSS($_GET['selecteval']), 'name' => get_lang('ViewResult'));
$interbreadcrumb[] = array(
'url' => 'gradebook_view_result.php?selecteval='.$select_eval,
'name' => get_lang('ViewResult'),
);
$locked_status = $eval[0]->get_locked();
$export_result_form = new DataForm(
DataForm :: TYPE_EXPORT,
'export_result_form',
null,
api_get_self() . '?export=&selecteval=' . $_GET['selecteval'],
api_get_self() . '?export=&selecteval=' . $select_eval,
'_blank',
$locked_status
);
@ -209,7 +212,7 @@ if (isset($_GET['export'])) {
$export = $export_result_form->exportValues();
$file_type = $export['file_type'];
$filename = 'export_results_' . gmdate('Y-m-d_H-i-s');
$results = Result :: load(null, null, Security::remove_XSS($_GET['selecteval']));
$results = Result :: load(null, null, $select_eval);
$data = array(); //when file type is csv, add a header to the output file
if ($file_type == 'csv') {
$alldata[] = array(
@ -332,11 +335,11 @@ if (isset($_GET['export'])) {
}
switch ($file_type) {
case 'xml' :
case 'xml':
Export :: arrayToXml($alldata, $filename, 'Result', 'XMLResults');
exit;
break;
case 'csv' :
case 'csv':
Export :: arrayToCsv($alldata, $filename);
exit;
break;
@ -347,7 +350,7 @@ if (isset($_GET['export'])) {
if (isset($_GET['resultdelete'])) {
$result = Result :: load($_GET['resultdelete']);
$result[0]->delete();
header('Location: gradebook_view_result.php?deleteresult=&selecteval=' . Security::remove_XSS($_GET['selecteval']));
header('Location: gradebook_view_result.php?deleteresult=&selecteval=' . $select_eval);
exit;
}
@ -357,14 +360,14 @@ if (isset($_POST['action'])) {
Display :: display_warning_message(get_lang('NoItemsSelected'), false);
} else {
switch ($_POST['action']) {
case 'delete' :
case 'delete':
$number_of_deleted_results = 0;
foreach ($_POST['id'] as $indexstr) {
$result = Result :: load($indexstr);
$result[0]->delete();
$number_of_deleted_results++;
}
header('Location: gradebook_view_result.php?massdelete=&selecteval=' . Security::remove_XSS($_GET['selecteval']));
header('Location: gradebook_view_result.php?massdelete=&selecteval=' . $select_eval);
exit;
break;
}
@ -403,8 +406,7 @@ if (isset($_GET['print'])) {
$resulttable = new ResultTable($eval[0], $allresults, $iscourse, $addparams);
}
$htmlHeadXtra[] = '<script type="text/javascript">
$htmlHeadXtra[] = '<script>
function confirmationuser() {
if (confirm("' . get_lang('DeleteUser') . '?"))
{return true;}
@ -421,17 +423,20 @@ function confirmationall () {
</script>';
if (isset($_GET['deleteall'])) {
$eval[0]->delete_results();
header('Location: gradebook_view_result.php?allresdeleted=&selecteval=' . Security::remove_XSS($_GET['selecteval']));
header('Location: '.api_get_path(WEB_CODE_PATH).'gradebook/gradebook_view_result.php?allresdeleted=&selecteval=' . $select_eval.'&'.api_get_cidreq());
exit;
}
if ((!isset($_GET['export'])) && (!isset($_GET['import']))) {
if (!isset($_GET['export']) && (!isset($_GET['import']))) {
if (!isset($_GET['selectcat'])) {
$interbreadcrumb[] = array(
'url' => $_SESSION['gradebook_dest'] . '?selectcat=' . $currentcat[0]->get_id(),
'url' => $_SESSION['gradebook_dest'] . '?selectcat=' . $currentcat[0]->get_id().'&'.api_get_cidreq(),
'name' => get_lang('Details')
);
}
$interbreadcrumb[] = array('url' => 'gradebook_view_result.php' . '?selecteval=' . Security::remove_XSS($_GET['selecteval']), 'name' => get_lang('ViewResult'));
$interbreadcrumb[] = array(
'url' => api_get_path(WEB_CODE_PATH).'gradebook/gradebook_view_result.php?selecteval='.$select_eval.'&'.api_get_cidreq(),
'name' => get_lang('ViewResult'),
);
Display :: display_header('');
}
if (isset($_GET['addresultnostudents'])) {
@ -483,7 +488,9 @@ if (isset($_GET['importoverwritescore'])) {
}
if (isset($_GET['import_user_error'])) {
$userinfo = api_get_user_info($_GET['import_user_error']);
Display :: display_warning_message(get_lang('UserInfoDoesNotMatch') . ' ' . api_get_person_name($userinfo['firstname'], $userinfo['lastname']));
Display:: display_warning_message(
get_lang('UserInfoDoesNotMatch').' '.api_get_person_name($userinfo['firstname'], $userinfo['lastname'])
);
}
if (isset($_GET['allresdeleted'])) {
Display :: display_confirmation_message(get_lang('AllResultDeleted'));
@ -492,7 +499,8 @@ if (isset($_GET['import_score_error'])) {
$userinfo = api_get_user_info($_GET['import_score_error']);
Display :: display_warning_message(get_lang('ScoreDoesNotMatch') . ' ' . api_get_person_name($userinfo['firstname'], $userinfo['lastname']));
}
if ($file_type == null) { //show the result header
if ($file_type == null) {
//show the result header
if (isset($export_result_form) && !(isset($edit_res_form))) {
echo $export_result_form->display();
DisplayGradebook :: display_header_result($eval[0], $currentcat[0]->get_id(), 1);

3
main/gradebook/lib/fe/displaygradebook.php
Unescape View File

@ -20,7 +20,7 @@ class DisplayGradebook
if (api_is_allowed_to_edit(null, true)) {
$header = '<div class="actions">';
if ($page != 'statistics') {
$header .= '<a href="' . Security::remove_XSS($_SESSION['gradebook_dest']) . '?selectcat=' . $selectcat . '">' .
$header .= '<a href="' . Security::remove_XSS($_SESSION['gradebook_dest']) . '?selectcat=' . $selectcat . '&'.api_get_cidreq().'">' .
Display::return_icon(('back.png'), get_lang('FolderView'), '', ICON_SIZE_MEDIUM) . '</a>';
if ($evalobj->get_course_code() == null) {
@ -92,7 +92,6 @@ class DisplayGradebook
$evalinfo .= '<h2>' . $evalobj->get_name() . '</h2><hr>';
$evalinfo .= $description;
$evalinfo .= get_lang('Course') . ' :<b> ' . $course . '</b><br />';
//'<br>' . get_lang('Weight') . ' :<b> ' . $evalobj->get_weight() . '</b><br>' . get_lang('Visible') . ' :<b> ' . $visible . '</b>
$evalinfo .= get_lang('QualificationNumeric') . ' :<b> ' . $evalobj->get_max() . '</b><br>' . $average;
if (!api_is_allowed_to_edit()) {

71
main/gradebook/lib/fe/exportgradebook.php
Unescape View File

@ -4,6 +4,7 @@
* Script
* @package chamilo.gradebook
*/
/**
* Prints an HTML page with a table containing the gradebook data
* @param array Array containing the data to be printed in the table
@ -11,8 +12,9 @@
* @param string View to print as a title for the table
* @param string Course name to print as title for the table
*/
function print_table ($data_array,$header_names,$view,$coursename) {
$printdata= '<!DOCTYPE html
function print_table($data_array,$header_names,$view,$coursename)
{
$printdata = '<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="'.api_get_language_isocode().'" lang="'.api_get_language_isocode().'">
@ -66,7 +68,7 @@ a:active {text-decoration: none; font-weight : bold; color : black;}
$printdata .= '<h2>'.$view.' : '.$coursename.'</h2>';
//@todo not necessary here
//$printdata .= '<h3>'.get_lang('Date').' : '.api_convert_and_format_date(null, DATE_FORMAT_SHORT). ' ' . api_convert_and_format_date(null, TIME_NO_SEC_FORMAT).'</h3>';
$printdata .= '<table border="1" width="90%" cellspacing="1" cellpadding="1">';
foreach ($header_names as $header) {
$printdata .= '<th>'.$header.'</th>';
@ -81,10 +83,10 @@ a:active {text-decoration: none; font-weight : bold; color : black;}
}
$printdata .= '</table></div></body></html>';
return $printdata;
}
/**
* This function get a content html for export inside a pdf file
* @param array table headers
@ -93,17 +95,24 @@ a:active {text-decoration: none; font-weight : bold; color : black;}
* @param array pdf footers
* @return void
*/
function export_pdf_attendance($headers_table, $data_table, $headers_pdf, $footers_pdf, $title_pdf) {
function export_pdf_attendance($headers_table, $data_table, $headers_pdf, $footers_pdf, $title_pdf)
{
$mpdf = new mPDF('UTF-8', 'A4-L', '', '', 15, 10, 35, 20, 4, 2, 'L');
$mpdf->useOnlyCoreFonts = true;
$mpdf->mirrorMargins = 0; // Use different Odd/Even headers and footers and mirror margins
$mpdf->mirrorMargins = 0;
// Use different Odd/Even headers and footers and mirror margins
if (is_array($headers_pdf)) {
// preparing headers pdf
$header = '<table width="100%" cellspacing="1" cellpadding="1" border="0" class="strong">
$header = '
<table width="100%" cellspacing="1" cellpadding="1" border="0" class="strong">
<tr>
<td ROWSPAN="3" style="text-align: left;" class="title"><img src="'.api_get_path(WEB_CSS_PATH).api_get_setting('stylesheets').'/images/header-logo.png"></td><td colspan="3"><h1>'.$title_pdf.'</h1></td>
<td ROWSPAN="3" style="text-align: left;" class="title">
<img src="'.api_get_path(WEB_CSS_PATH).api_get_setting('stylesheets').'/images/header-logo.png">
</td>
<td colspan="3">
<h1>'.$title_pdf.'</h1>
</td>
<tr>
<td></td>
<td><strong>'.$headers_pdf[0][0].'</strong> </td><td> <strong>'.$headers_pdf[0][1].'</strong></td>
@ -133,7 +142,6 @@ function export_pdf_attendance($headers_table, $data_table, $headers_pdf, $foote
$footer .= '</tr>';
}
$footer .= '</table>';
$footer .= '<div align="right" style="font-weight: bold;">{PAGENO}/{nb}</div>';
// preparing content pdf
@ -144,12 +152,14 @@ function export_pdf_attendance($headers_table, $data_table, $headers_pdf, $foote
$css = '';
}
if(count($data_table) > 30)
$items_per_page = (count($data_table)/2);
else
if (count($data_table) > 30) {
$items_per_page = (count($data_table) / 2);
} else {
$items_per_page = count($data_table);
}
$count_pages = ceil(count($data_table) / $items_per_page);
$content_table = '';
for ($x = 0; $x<$count_pages; $x++) {
$content_table .= '<table width="100%" border="1" style="border-collapse:collapse">';
// header table
@ -192,10 +202,8 @@ function export_pdf_attendance($headers_table, $data_table, $headers_pdf, $foote
$content_table .= '</table>';
if ($x < ($count_pages - 1)) { $content_table .= '<pagebreak />'; }
}
$html = $content_table;
// set attributes for pdf
$mpdf->SetHTMLHeader($header);
$mpdf->SetHTMLFooter($footer);
@ -206,6 +214,7 @@ function export_pdf_attendance($headers_table, $data_table, $headers_pdf, $foote
$mpdf->WriteHTML($html);
}
$mpdf->Output(api_replace_dangerous_char($title_pdf.'.pdf'), 'D');
exit;
}
@ -224,9 +233,12 @@ function export_pdf_with_html($headers_table, $data_table, $headers_pdf, $footer
if (is_array($headers_pdf)) {
// preparing headers pdf
$header = '<br/><br/><table width="100%" cellspacing="1" cellpadding="5" border="0" class="strong">
<tr><td width="100%" style="text-align: center;" class="title" colspan="4"><h1>'.$title_pdf.'</h1></td></tr>';
foreach($headers_pdf as $header_pdf) {
$header = '<br/><br/>
<table width="100%" cellspacing="1" cellpadding="5" border="0" class="strong">
<tr>
<td width="100%" style="text-align: center;" class="title" colspan="4">
<h1>'.$title_pdf.'</h1></td></tr>';
foreach ($headers_pdf as $header_pdf) {
if (!empty($header_pdf[0]) && !empty($header_pdf[1])) {
$header.= '<tr><td><strong>'.$header_pdf[0].'</strong> </td><td>'.$header_pdf[1].'</td></tr>';
}
@ -312,21 +324,26 @@ function export_pdf_with_html($headers_table, $data_table, $headers_pdf, $footer
* @param array Table headers
* @param string Format (portrait or landscape)
*/
function export_pdf($pdf,$newarray,$header_names,$format) {
function export_pdf($pdf, $newarray, $header_names, $format)
{
$pdf->selectFont(api_get_path(LIBRARY_PATH).'ezpdf/fonts/Courier.afm');
$pdf->ezSetCmMargins(0,0,0,0);
$pdf->ezSetY(($format=='portrait')?'820':'570');
$pdf->selectFont(api_get_path(LIBRARY_PATH).'ezpdf/fonts/Courier.afm');
//$pdf->ezText(get_lang('FlatView').' ('. api_convert_and_format_date(null, DATE_FORMAT_SHORT). ' ' . api_convert_and_format_date(null, TIME_NO_SEC_FORMAT) .')',12,array('justification'=>'center'));
if ($format=='portrait') {
$pdf->line(40,790,540,790);
$pdf->line(40,40,540,40);
if ($format == 'portrait') {
$pdf->line(40, 790, 540, 790);
$pdf->line(40, 40, 540, 40);
} else {
$pdf->line(40,540,790,540);
$pdf->line(40,40,790,40);
$pdf->line(40, 540, 790, 540);
$pdf->line(40, 40, 790, 40);
}
$pdf->ezSetY(($format=='portrait')?'750':'520');
$pdf->ezTable($newarray,$header_names,'',array('showHeadings'=>1,'shaded'=>1,'showLines'=>1,'rowGap'=>3,'width'=>(($format=='portrait')?'500':'750')));
$pdf->ezTable($newarray, $header_names, '', array(
'showHeadings' => 1,
'shaded' => 1,
'showLines' => 1,
'rowGap' => 3,
'width' => (($format == 'portrait') ? '500' : '750'),
));
$pdf->ezStream();
}

34
main/group/group_creation.php
Unescape View File

@ -10,6 +10,11 @@ $current_course_tool = TOOL_GROUP;
// Notice for unauthorized people.
api_protect_course_script(true);
if (!api_is_allowed_to_edit(false, true)) {
api_not_allowed(true);
}
$currentUrl = api_get_path(WEB_CODE_PATH).'group/group.php?'.api_get_cidreq();
/* Create the groups */
@ -70,13 +75,12 @@ if (isset($_POST['action'])) {
}
$nameTools = get_lang('GroupCreation');
$interbreadcrumb[] = array ('url' => 'group.php', 'name' => get_lang('Groups'));
$interbreadcrumb[] = array(
'url' => api_get_path(WEB_CODE_PATH).'group/group.php?'.api_get_cidreq(),
'name' => get_lang('Groups'),
);
Display :: display_header($nameTools, 'Group');
if (!api_is_allowed_to_edit(false, true)) {
api_not_allowed();
}
if (isset($_POST['number_of_groups'])) {
if (!is_numeric($_POST['number_of_groups']) || intval($_POST['number_of_groups']) < 1) {
Display :: display_error_message(
@ -176,9 +180,20 @@ EOT;
$group_el = array();
$group_el[] = $form->createElement('text', 'group_'.$group_number.'_name');
if (api_get_setting('allow_group_categories') == 'true') {
$group_el[] = $form->createElement('select', 'group_'.$group_number.'_category', null, $cat_options, array('id' => 'category_'.$group_number));
$group_el[] = $form->createElement(
'select',
'group_'.$group_number.'_category',
null,
$cat_options,
array('id' => 'category_'.$group_number)
);
}
$group_el[] = $form->createElement('text', 'group_'.$group_number.'_places', null, array('class' => 'span1', 'id' => 'places_'.$group_number));
$group_el[] = $form->createElement(
'text',
'group_'.$group_number.'_places',
null,
array('class' => 'span1', 'id' => 'places_'.$group_number)
);
if ($_POST['number_of_groups'] < 10000) {
if ($group_id < 10) {
@ -208,11 +223,6 @@ EOT;
$create_groups_form = new FormValidator('create_groups', 'post', api_get_self().'?'.api_get_cidreq());
$create_groups_form->addElement('header', $nameTools);
/* $group_el = array ();
$group_el[] = $create_groups_form->createElement('text', 'number_of_groups', array(get_lang('Create'), '1'));
$group_el[] = $create_groups_form->addButtonCreate(get_lang('ProceedToCreateGroup'), 'submit', true);
$create_groups_form->addGroup($group_el, 'create_groups', get_lang('NumberOfGroupsToCreate'), ' ', false);
*/
$create_groups_form->addText('number_of_groups',get_lang('NumberOfGroupsToCreate'),null,array('value'=>'1'));
$create_groups_form->addButton('submit', get_lang('ProceedToCreateGroup'),'plus','primary');
$defaults = array();

4
main/inc/lib/AnnouncementManager.php
Unescape View File

@ -386,7 +386,6 @@ class AnnouncementManager
if (empty($last_id)) {
return false;
} else {
$sql = "UPDATE $tbl_announcement SET id = iid WHERE iid = $last_id";
Database::query($sql);
@ -399,7 +398,6 @@ class AnnouncementManager
}
// store in item_property (first the groups, then the users
if (empty($sentTo) || !empty($sentTo) &&
isset($sentTo[0]) && $sentTo[0] == 'everyone'
) {
@ -460,6 +458,8 @@ class AnnouncementManager
* @param $to_users
* @param array $file
* @param string $file_comment
* @param bool $sendToUsersInSession
*
* @return bool|int
*/
public static function add_group_announcement(

1
main/inc/lib/agenda.lib.php
Unescape View File

@ -2150,7 +2150,6 @@ class Agenda
);
}
if ($id) {
$form->addButtonUpdate(get_lang('ModifyEvent'));
} else {

1
main/inc/lib/api.lib.php
Unescape View File

@ -7952,7 +7952,6 @@ function api_mail_html(
}
}
}
//$message = str_replace(array("\n\r", "\n", "\r"), '<br />', $message);
$mailView = new Template(null, false, false, false, false, false, false);
$mailView->assign('content', $message);

19
main/inc/lib/formvalidator/FormValidator.class.php
Unescape View File

@ -945,26 +945,17 @@ EOT;
*/
public function returnForm()
{
$error = false;
$returnValue = '';
/** @var HTML_QuickForm_element $element */
foreach ($this->_elements as $element) {
if (!is_null(parent::getElementError($element->getName()))) {
$error = true;
$elementError = parent::getElementError($element->getName());
if (!is_null($elementError)) {
$returnValue .= Display::return_message($elementError, 'warning').'<br />';
break;
}
}
$returnValue = '';
$js = null;
if ($error) {
$returnValue = Display::return_message(
get_lang('FormHasErrorsPleaseComplete'),
'warning'
);
}
$returnValue .= $js;
$returnValue .= parent::toHtml();
// Add div-element which is to hold the progress bar
if (isset($this->with_progress_bar) && $this->with_progress_bar) {

94
main/inc/lib/message.lib.php
Unescape View File

@ -1,6 +1,8 @@
<?php
/* For licensing terms, see /license.txt */
use ChamiloSession as Session;
/**
* Class MessageManager
*
@ -105,11 +107,21 @@ class MessageManager
$condition_msg_status = ' msg_status IN('.MESSAGE_STATUS_NEW.','.MESSAGE_STATUS_UNREAD.') ';
}
$keyword = Session::read('message_search_keyword');
$keywordCondition = '';
if (!empty($keyword)) {
$keyword = Database::escape_string($keyword);
$keywordCondition = " AND (title like '%$keyword%' OR content LIKE '%$keyword%') ";
}
$sql = "SELECT COUNT(*) as number_messages
FROM $table_message
WHERE $condition_msg_status AND user_receiver_id=".api_get_user_id();
$sql_result = Database::query($sql);
$result = Database::fetch_array($sql_result);
WHERE $condition_msg_status AND
user_receiver_id=".api_get_user_id()."
$keywordCondition
";
$result = Database::query($sql);
$result = Database::fetch_array($result);
return $result['number_messages'];
}
@ -134,13 +146,24 @@ class MessageManager
if (!in_array($direction, array('ASC', 'DESC')))
$direction = 'ASC';
}
$keyword = Session::read('message_search_keyword');
$keywordCondition = '';
if (!empty($keyword)) {
$keyword = Database::escape_string($keyword);
$keywordCondition = " AND (title like '%$keyword%' OR content LIKE '%$keyword%') ";
}
$table_message = Database::get_main_table(TABLE_MESSAGE);
$sql = "SELECT id as col0, user_sender_id as col1, title as col2, send_date as col3, msg_status as col4
FROM $table_message
WHERE user_receiver_id=".api_get_user_id()." AND msg_status IN (0,1)
WHERE
user_receiver_id=".api_get_user_id()." AND
msg_status IN (0,1)
$keywordCondition
ORDER BY col$column $direction
LIMIT $from,$number_of_items";
LIMIT $from, $number_of_items";
$sql_result = Database::query($sql);
$i = 0;
@ -244,7 +267,7 @@ class MessageManager
format_file_size(api_get_setting('message_max_upload_filesize'))
);
Display::addFlash(Display::return_message($warning , 'warning'));
Display::addFlash(Display::return_message($warning, 'warning'));
return false;
}
@ -865,12 +888,21 @@ class MessageManager
}
$table_message = Database::get_main_table(TABLE_MESSAGE);
$request = api_is_xml_http_request();
$keyword = Session::read('message_sent_search_keyword');
$keywordCondition = '';
if (!empty($keyword)) {
$keyword = Database::escape_string($keyword);
$keywordCondition = " AND (title like '%$keyword%' OR content LIKE '%$keyword%') ";
}
$sql = "SELECT
id as col0, user_sender_id as col1, title as col2, send_date as col3, user_receiver_id as col4, msg_status as col5
FROM $table_message
WHERE
user_sender_id=".api_get_user_id()." AND
msg_status=".MESSAGE_STATUS_OUTBOX."
$keywordCondition
ORDER BY col$column $direction
LIMIT $from, $number_of_items";
$sql_result = Database::query($sql);
@ -921,10 +953,22 @@ class MessageManager
public static function get_number_of_messages_sent()
{
$table_message = Database::get_main_table(TABLE_MESSAGE);
$keyword = Session::read('message_sent_search_keyword');
$keywordCondition = '';
if (!empty($keyword)) {
$keyword = Database::escape_string($keyword);
$keywordCondition = " AND (title like '%$keyword%' OR content LIKE '%$keyword%') ";
}
$sql = "SELECT COUNT(*) as number_messages FROM $table_message
WHERE msg_status=".MESSAGE_STATUS_OUTBOX." AND user_sender_id=".api_get_user_id();
$sql_result = Database::query($sql);
$result = Database::fetch_array($sql_result);
WHERE
msg_status=".MESSAGE_STATUS_OUTBOX." AND
user_sender_id=".api_get_user_id()."
$keywordCondition
";
$result = Database::query($sql);
$result = Database::fetch_array($result);
return $result['number_messages'];
}
@ -1523,13 +1567,15 @@ class MessageManager
//@todo this functions should be in the message class
public static function inbox_display()
public static function inbox_display($keyword = '')
{
$success = get_lang('SelectedMessagesDeleted');
$success_read = get_lang('SelectedMessagesRead');
$success_unread = get_lang('SelectedMessagesUnRead');
$html = '';
Session::write('message_search_keyword', $keyword);
if (isset($_REQUEST['action'])) {
switch ($_REQUEST['action']) {
case 'mark_as_unread' :
@ -1590,18 +1636,25 @@ class MessageManager
)
);
$html .= $table->return_table();
Session::erase('message_search_keyword');
return $html;
}
/**
* @return string
* @param string $keyword
* @return null|string
*/
static function outbox_display()
public static function outbox_display($keyword = '')
{
$social_link = false;
if (isset($_REQUEST['f']) && $_REQUEST['f'] == 'social') {
$social_link = 'f=social';
}
Session::write('message_sent_search_keyword', $keyword);
$success = get_lang('SelectedMessagesDeleted').'&nbsp</b><br /><a href="outbox.php?'.$social_link.'">'.get_lang('BackToOutbox').'</a>';
$html = null;
@ -1645,6 +1698,8 @@ class MessageManager
$table->set_form_actions(array('delete' => get_lang('DeleteSelectedMessages')));
$html .= $table->return_table();
Session::erase('message_sent_search_keyword');
return $html;
}
@ -1756,4 +1811,19 @@ class MessageManager
return false;
}
/**
* @param string $url
*
* @return FormValidator
*/
public static function getSearchForm($url)
{
$form = new FormValidator('search', 'post', $url, null, [], FormValidator::LAYOUT_INLINE);
$form->addElement('text', 'keyword');
$form->addButtonSearch(get_lang('Search'));
return $form;
}
}

6
main/inc/lib/phpmailer/class.phpmailer.php
Unescape View File

@ -1739,15 +1739,15 @@ class PHPMailer {
switch (strtolower($position)) {
case 'phrase':
$encoded = preg_replace("/([^A-Za-z0-9!*+\/ -])/e", "'='.sprintf('%02X', ord('\\1'))", $encoded);
$encoded = @preg_replace("/([^A-Za-z0-9!*+\/ -])/e", "'='.sprintf('%02X', ord('\\1'))", $encoded);
break;
case 'comment':
$encoded = preg_replace("/([\(\)\"])/e", "'='.sprintf('%02X', ord('\\1'))", $encoded);
$encoded = @preg_replace("/([\(\)\"])/e", "'='.sprintf('%02X', ord('\\1'))", $encoded);
case 'text':
default:
// Replace every high ascii, control =, ? and _ characters
//TODO using /e (equivalent to eval()) is probably not a good idea
$encoded = preg_replace('/([\000-\011\013\014\016-\037\075\077\137\177-\377])/e',
$encoded = @preg_replace('/([\000-\011\013\014\016-\037\075\077\137\177-\377])/e',
"'='.sprintf('%02X', ord('\\1'))", $encoded);
break;
}

25
main/inc/lib/usermanager.lib.php
Unescape View File

@ -2357,7 +2357,6 @@ class UserManager
$result = Database::query($sql);
$categories = array();
if (Database::num_rows($result) > 0) {
while ($row = Database::fetch_array($result, 'ASSOC')) {
@ -2380,7 +2379,10 @@ class UserManager
if (api_is_allowed_to_create_course()) {
// Teachers can access the session depending in the access_coach date
} else {
if (isset($row['access_end_date']) && $row['access_end_date'] != '0000-00-00 00:00:00') {
if (isset($row['access_end_date']) &&
($row['access_end_date'] != '0000-00-00 00:00:00') &&
!empty($row['access_end_date'])
) {
if ($row['access_end_date'] <= $now) {
continue;
}
@ -2410,6 +2412,7 @@ class UserManager
$ignore_visibility_for_admins
);
// Course Coach session visibility.
$blockedCourseCount = 0;
$closedVisibilityList = array(
@ -2426,7 +2429,6 @@ class UserManager
);
$courseIsVisible = !in_array($course['visibility'], $closedVisibilityList);
if ($courseIsVisible == false || $visibility == SESSION_INVISIBLE) {
$blockedCourseCount++;
}
@ -3773,16 +3775,23 @@ class UserManager
} else {
$user_id = api_get_user_id();
$sql = 'SELECT COUNT(*) as count FROM '.$tbl_my_friend.'
WHERE user_id='.$user_id.' AND relation_type NOT IN('.USER_RELATION_TYPE_DELETED.', '.USER_RELATION_TYPE_RRHH.') AND friend_user_id='.$friend_id;
WHERE
user_id='.$user_id.' AND
relation_type NOT IN('.USER_RELATION_TYPE_DELETED.', '.USER_RELATION_TYPE_RRHH.') AND
friend_user_id='.$friend_id;
$result = Database::query($sql);
$row = Database :: fetch_array($result, 'ASSOC');
if ($row['count'] == 1) {
//Delete user rel user
$sql_i = 'UPDATE '.$tbl_my_friend.' SET relation_type='.USER_RELATION_TYPE_DELETED.' WHERE user_id='.$user_id.' AND friend_user_id='.$friend_id;
$sql_j = 'UPDATE '.$tbl_my_message.' SET msg_status='.MESSAGE_STATUS_INVITATION_DENIED.' WHERE user_receiver_id='.$user_id.' AND user_sender_id='.$friend_id.' AND update_date="0000-00-00 00:00:00" ';
$sql_i = 'UPDATE '.$tbl_my_friend.' SET relation_type='.USER_RELATION_TYPE_DELETED.'
WHERE user_id='.$user_id.' AND friend_user_id='.$friend_id;
$sql_j = 'UPDATE '.$tbl_my_message.' SET msg_status='.MESSAGE_STATUS_INVITATION_DENIED.'
WHERE user_receiver_id='.$user_id.' AND user_sender_id='.$friend_id.' AND update_date="0000-00-00 00:00:00" ';
//Delete user
$sql_ij = 'UPDATE '.$tbl_my_friend.' SET relation_type='.USER_RELATION_TYPE_DELETED.' WHERE user_id='.$friend_id.' AND friend_user_id='.$user_id;
$sql_ji = 'UPDATE '.$tbl_my_message.' SET msg_status='.MESSAGE_STATUS_INVITATION_DENIED.' WHERE user_receiver_id='.$friend_id.' AND user_sender_id='.$user_id.' AND update_date="0000-00-00 00:00:00" ';
$sql_ij = 'UPDATE '.$tbl_my_friend.' SET relation_type='.USER_RELATION_TYPE_DELETED.'
WHERE user_id='.$friend_id.' AND friend_user_id='.$user_id;
$sql_ji = 'UPDATE '.$tbl_my_message.' SET msg_status='.MESSAGE_STATUS_INVITATION_DENIED.'
WHERE user_receiver_id='.$friend_id.' AND user_sender_id='.$user_id.' AND update_date="0000-00-00 00:00:00" ';
Database::query($sql_i);
Database::query($sql_j);
Database::query($sql_ij);

25
main/messages/inbox.php
Unescape View File

@ -139,22 +139,25 @@ if (api_get_setting('allow_social_tool') == 'true') {
//Right content
$social_right_content = null;
$keyword = '';
if (api_get_setting('allow_social_tool') == 'true') {
$social_right_content .= '<div class="col-md-12">';
$social_right_content .= '<div class="actions">';
$social_right_content .= '<a href="'.api_get_path(WEB_PATH).'main/messages/new_message.php?f=social">'.
$actionsLeft = '<a href="'.api_get_path(WEB_PATH).'main/messages/new_message.php?f=social">'.
Display::return_icon('new-message.png', get_lang('ComposeMessage'), array(), 32).'</a>';
$social_right_content .= '<a href="'.api_get_path(WEB_PATH).'main/messages/outbox.php?f=social">'.
$actionsLeft .= '<a href="'.api_get_path(WEB_PATH).'main/messages/outbox.php?f=social">'.
Display::return_icon('outbox.png', get_lang('Outbox'), array(), 32).'</a>';
$social_right_content .= '</div>';
$social_right_content .= '</div>';
$social_right_content .= '<div class="col-md-12">';
$form = MessageManager::getSearchForm(api_get_path(WEB_PATH).'main/messages/inbox.php');
if ($form->validate()) {
$values = $form->getSubmitValues();
$keyword = $values['keyword'];
}
$actionsRight = $form->returnForm();
$social_right_content .= Display::toolbarAction('toolbar', [$actionsLeft, $actionsRight]);
}
//MAIN CONTENT
if (!isset($_GET['del_msg'])) {
$social_right_content .= MessageManager::inbox_display();
$social_right_content .= MessageManager::inbox_display($keyword);
} else {
$num_msg = intval($_POST['total']);
for ($i = 0; $i < $num_msg; $i++) {
@ -166,10 +169,6 @@ if (!isset($_GET['del_msg'])) {
$social_right_content .= MessageManager::inbox_display();
}
if (api_get_setting('allow_social_tool') == 'true') {
$social_right_content .= '</div>';
}
$tpl = new Template(null);
// Block Social Avatar
SocialManager::setSocialUserBlock($tpl, $user_id, 'messages');

30
main/messages/outbox.php
Unescape View File

@ -99,15 +99,21 @@ if (isset($_REQUEST['action'])) {
$action = $_REQUEST['action'];
}
$keyword = '';
$social_right_content = '';
if (api_get_setting('allow_social_tool') == 'true') {
//Block Social Menu
$social_menu_block = SocialManager::show_social_menu('messages');
$social_right_content .= '<div class="actions">';
$social_right_content .= '<a href="'.api_get_path(WEB_PATH).'main/messages/inbox.php?f=social">'.
$actionsLeft = '<a href="'.api_get_path(WEB_PATH).'main/messages/inbox.php?f=social">'.
Display::return_icon('back.png', get_lang('Back'), array(), 32).'</a>';
$social_right_content .= '</div>';
$form = MessageManager::getSearchForm(api_get_path(WEB_PATH).'main/messages/outbox.php');
if ($form->validate()) {
$values = $form->getSubmitValues();
$keyword = $values['keyword'];
}
$actionsRight = $form->returnForm();
$social_right_content .= Display::toolbarAction('toolbar', [$actionsLeft, $actionsRight]);
}
//MAIN CONTENT
if ($action == 'delete') {
@ -118,20 +124,19 @@ if ($action == 'delete') {
if (isset($_POST['id'])) {
$delete_list_id=$_POST['id'];
}
for ($i=0;$i<count($delete_list_id);$i++) {
for ($i = 0; $i < count($delete_list_id); $i++) {
MessageManager::delete_message_by_user_sender(api_get_user_id(), $delete_list_id[$i]);
}
$delete_list_id=array();
$social_right_content .= MessageManager::outbox_display();
} elseif($action =='deleteone') {
$delete_list_id=array();
$social_right_content .= MessageManager::outbox_display($keyword);
} elseif ($action == 'deleteone') {
$delete_list_id = array();
$id = Security::remove_XSS($_GET['id']);
MessageManager::delete_message_by_user_sender(api_get_user_id(),$id);
MessageManager::delete_message_by_user_sender(api_get_user_id(), $id);
$delete_list_id=array();
$social_right_content .= MessageManager::outbox_display();
$social_right_content .= MessageManager::outbox_display($keyword);
} else {
$social_right_content .= MessageManager::outbox_display();
$social_right_content .= MessageManager::outbox_display($keyword);
}
$tpl = new Template(get_lang('ComposeMessage'));
@ -146,7 +151,6 @@ if (api_get_setting('allow_social_tool') == 'true') {
} else {
$content = $social_right_content;
$tpl->assign('actions', $actions);
//$tpl->assign('message', $show_message);
$tpl->assign('content', $content);
$tpl->display_one_col_template();
}

19
main/session/session_add.php
Unescape View File

@ -7,7 +7,6 @@
$cidReset = true;
// including the global Chamilo file
require_once '../inc/global.inc.php';
$xajax = new xajax();
@ -23,10 +22,6 @@ api_protect_limit_for_session_admin();
$formSent=0;
$errorMsg='';
/*$interbreadcrumb[] = array(
'url' => 'index.php',
'name' => get_lang('PlatformAdmin'),
);*/
$interbreadcrumb[] = array(
'url' => 'session_list.php',
'name' => get_lang('SessionList'),
@ -159,13 +154,15 @@ $form->setDefaults($formDefaults);
if ($form->validate()) {
$params = $form->getSubmitValues();
$name = $params['name'];
$startDate = $params['access_start_date'];
$endDate = $params['access_end_date'];
$displayStartDate = $params['display_start_date'];
$displayendDate = $params['display_end_date'];
$displayEndDate = $params['display_end_date'];
$coachStartDate = $params['coach_access_start_date'];
if (empty($coachStartDate)) {
$coachStartDate = $displayStartDate;
}
$coachEndDate = $params['coach_access_end_date'];
$coach_username = intval($params['coach_username']);
$id_session_category = $params['session_category'];
@ -173,7 +170,7 @@ if ($form->validate()) {
$duration = isset($params['duration']) ? $params['duration'] : null;
$description = $params['description'];
$showDescription = isset($params['show_description']) ? 1: 0;
$sendSubscritionNotification = isset($params['send_subscription_notification']);
$sendSubscriptionNotification = isset($params['send_subscription_notification']);
$extraFields = array();
foreach ($params as $key => $value) {
@ -187,7 +184,7 @@ if ($form->validate()) {
$startDate,
$endDate,
$displayStartDate,
$displayendDate,
$displayEndDate,
$coachStartDate,
$coachEndDate,
$coach_username,
@ -199,7 +196,7 @@ if ($form->validate()) {
$showDescription,
$extraFields,
null,
$sendSubscritionNotification
$sendSubscriptionNotification
);
if ($return == strval(intval($return))) {
@ -212,7 +209,7 @@ if ($form->validate()) {
Display::display_header($tool_name);
if (!empty($return)) {
Display::display_error_message($return,false);
Display::display_error_message($return, false);
}
echo '<div class="actions">';

Write Preview
Loading…
Cancel
Save