chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fixing groups + announcements due recent DB changes (single DB)

Browse Source
skala
Julio Montoya 14 years ago
parent bcd9bb786f
commit daff5964e1
7 changed files with 116 additions and 68 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 81
      main/announcements/announcements.inc.php
  2. 52
      main/announcements/announcements.php
  3. 6
      main/group/group.php
  4. 4
      main/group/group_edit.php
  5. 12
      main/group/group_space.php
  6. 5
      main/inc/lib/course.lib.php
  7. 24
      main/inc/lib/groupmanager.lib.php

81
main/announcements/announcements.inc.php
Unescape View File

@ -52,11 +52,8 @@ class AnnouncementManager {
* @return array html with the content and count of announcements or false otherwise * @return array html with the content and count of announcements or false otherwise
*/ */
public static function get_all_annoucement_by_course($course_info, $session_id = 0) { public static function get_all_annoucement_by_course($course_info, $session_id = 0) {
if (empty($course_db)) {
return false;
}
$session_id = intval($session_id); $session_id = intval($session_id);
$course_id = $course_info['real_id']; $course_id = $course_info['real_id'];
$tbl_announcement = Database::get_course_table(TABLE_ANNOUNCEMENT); $tbl_announcement = Database::get_course_table(TABLE_ANNOUNCEMENT);
$tbl_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY); $tbl_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY);
@ -141,13 +138,18 @@ class AnnouncementManager {
toolitemproperties.c_id = $course_id toolitemproperties.c_id = $course_id
ORDER BY display_order DESC"; ORDER BY display_order DESC";
} else { } else {
if (api_get_user_id() != 0) {
$group_list = GroupManager::get_group_ids($course_id, api_get_user_id());
if (empty($group_list)) {
$group_list[] = 0;
}
if (api_get_user_id() != 0) {
$sql_query = " SELECT announcement.*, toolitemproperties.* $sql_query = " SELECT announcement.*, toolitemproperties.*
FROM $tbl_announcement announcement, $tbl_item_property toolitemproperties FROM $tbl_announcement announcement, $tbl_item_property toolitemproperties
WHERE announcement.id = toolitemproperties.ref WHERE announcement.id = toolitemproperties.ref
AND announcement.id = '$announcement_id' AND announcement.id = '$announcement_id'
AND toolitemproperties.tool='announcement' AND toolitemproperties.tool='announcement'
AND (toolitemproperties.to_user_id='".api_get_user_id()."' OR toolitemproperties.to_group_id='0') AND (toolitemproperties.to_user_id='".api_get_user_id()."' OR toolitemproperties.to_group_id IN ('0', '".implode("', '",$group_list)."'))
AND toolitemproperties.visibility='1' AND AND toolitemproperties.visibility='1' AND
announcement.c_id = $course_id AND announcement.c_id = $course_id AND
toolitemproperties.c_id = $course_id toolitemproperties.c_id = $course_id
@ -166,6 +168,7 @@ class AnnouncementManager {
"; ";
} }
} }
$sql_result = Database::query($sql_query); $sql_result = Database::query($sql_query);
if (Database::num_rows($sql_result) > 0 ) { if (Database::num_rows($sql_result) > 0 ) {
$result = Database::fetch_array($sql_result, 'ASSOC'); $result = Database::fetch_array($sql_result, 'ASSOC');
@ -207,8 +210,10 @@ class AnnouncementManager {
if ($result['to_group_id']!== '0' and $result['to_group_id']!== 'NULL') { if ($result['to_group_id']!== '0' and $result['to_group_id']!== 'NULL') {
$sent_to_icon = Display::return_icon('group.gif', get_lang('AnnounceSentToUserSelection')); $sent_to_icon = Display::return_icon('group.gif', get_lang('AnnounceSentToUserSelection'));
} }
$sent_to = self::sent_to('announcement', $announcement_id); $sent_to = self::sent_to('announcement', $announcement_id);
$sent_to_form = self::sent_to_form($sent_to); $sent_to_form = self::sent_to_form($sent_to);
echo Display::tag('td', get_lang('SentTo').' : '.$sent_to_form, array('class'=>'announcements_datum')); echo Display::tag('td', get_lang('SentTo').' : '.$sent_to_form, array('class'=>'announcements_datum'));
$attachment_list = self::get_attachment($announcement_id); $attachment_list = self::get_attachment($announcement_id);
@ -226,7 +231,7 @@ class AnnouncementManager {
} }
echo "</table>"; echo "</table>";
} else { } else {
api_not_allowed(); return false;
} }
} }
@ -256,11 +261,11 @@ class AnnouncementManager {
// store in the table announcement // store in the table announcement
$sql = "INSERT INTO $tbl_announcement SET $sql = "INSERT INTO $tbl_announcement SET
c_id = '$course_id', c_id = '$course_id',
content = '$newContent', content = '$newContent',
title = '$emailTitle', end_date = '$now', title = '$emailTitle', end_date = '$now',
display_order ='$order', display_order = '$order',
session_id=".api_get_session_id(); session_id = ".api_get_session_id();
$result = Database::query($sql); $result = Database::query($sql);
if ($result === false) { if ($result === false) {
return false; return false;
@ -315,7 +320,13 @@ class AnnouncementManager {
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
// store in the table announcement // store in the table announcement
$sql = "INSERT INTO $tbl_announcement SET c_id = '$course_id', content = '$newContent', title = '$emailTitle', end_date = '$now', display_order ='$order', session_id=".api_get_session_id(); $sql = "INSERT INTO $tbl_announcement SET
c_id = '$course_id',
content = '$newContent',
title = '$emailTitle',
end_date = '$now',
display_order = '$order',
session_id = ".api_get_session_id();
$result = Database::query($sql); $result = Database::query($sql);
if ($result === false) { if ($result === false) {
return false; return false;
@ -368,6 +379,8 @@ class AnnouncementManager {
*/ */
public static function edit_announcement($id, $emailTitle, $newContent, $to, $file = array(), $file_comment='') { public static function edit_announcement($id, $emailTitle, $newContent, $to, $file = array(), $file_comment='') {
global $_course; global $_course;
$course_id = api_get_course_int_id();
$tbl_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY); $tbl_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY);
$tbl_announcement = Database::get_course_table(TABLE_ANNOUNCEMENT); $tbl_announcement = Database::get_course_table(TABLE_ANNOUNCEMENT);
@ -376,7 +389,7 @@ class AnnouncementManager {
$id = intval($id); $id = intval($id);
// store the modifications in the table announcement // store the modifications in the table announcement
$sql = "UPDATE $tbl_announcement SET content='$newContent', title = '$emailTitle' WHERE id='$id'"; $sql = "UPDATE $tbl_announcement SET content = '$newContent', title = '$emailTitle' WHERE c_id = $course_id AND id='$id'";
$result = Database::query($sql); $result = Database::query($sql);
// save attachment file // save attachment file
@ -392,7 +405,7 @@ class AnnouncementManager {
} }
// we remove everything from item_property for this // we remove everything from item_property for this
$sql_delete="DELETE FROM $tbl_item_property WHERE ref='$id' AND tool='announcement'"; $sql_delete="DELETE FROM $tbl_item_property WHERE c_id = $course_id AND ref='$id' AND tool='announcement'";
$result = Database::query($sql_delete); $result = Database::query($sql_delete);
// store in item_property (first the groups, then the users // store in item_property (first the groups, then the users
@ -430,8 +443,7 @@ class AnnouncementManager {
*/ */
public static function send_announcement_email($user_list, $course_code, $_course, $mail_title, $mail_content) { public static function send_announcement_email($user_list, $course_code, $_course, $mail_title, $mail_content) {
global $_user; global $_user;
foreach ($user_list as $this_user) { foreach ($user_list as $this_user) {
$mail_subject = get_lang('professorMessage').' - '.$_course['official_code'].' - '.$mail_title; $mail_subject = get_lang('professorMessage').' - '.$_course['official_code'].' - '.$mail_title;
$mail_body = '['.$_course['official_code'].'] - ['.$_course['name']."]\n"; $mail_body = '['.$_course['official_code'].'] - ['.$_course['name']."]\n";
$mail_body .= api_get_person_name($this_user['firstname'], $this_user['lastname'], null, PERSON_NAME_EMAIL_ADDRESS).' <'.$this_user["email"]."> \n\n".stripslashes($mail_title)."\n\n".trim(stripslashes(api_html_entity_decode(strip_tags(str_replace(array('<p>','</p>','<br />'),array('',"\n","\n"),$mail_content)), ENT_QUOTES, api_get_system_encoding())))." \n\n-- \n"; $mail_body .= api_get_person_name($this_user['firstname'], $this_user['lastname'], null, PERSON_NAME_EMAIL_ADDRESS).' <'.$this_user["email"]."> \n\n".stripslashes($mail_title)."\n\n".trim(stripslashes(api_html_entity_decode(strip_tags(str_replace(array('<p>','</p>','<br />'),array('',"\n","\n"),$mail_content)), ENT_QUOTES, api_get_system_encoding())))." \n\n-- \n";
@ -730,8 +742,9 @@ class AnnouncementManager {
$tbl_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY); $tbl_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY);
$tool = Database::escape_string($tool); $tool = Database::escape_string($tool);
$id = Database::escape_string($id); $id = Database::escape_string($id);
$course_id = api_get_course_int_id();
$sql = "SELECT * FROM $tbl_item_property WHERE tool='$tool' AND ref='$id'";
$sql = "SELECT * FROM $tbl_item_property WHERE c_id = $course_id AND tool='$tool' AND ref='$id'";
$result = Database::query($sql); $result = Database::query($sql);
while ($row = Database::fetch_array($result)) { while ($row = Database::fetch_array($result)) {
$to_group=$row['to_group_id']; $to_group=$row['to_group_id'];
@ -942,20 +955,20 @@ class AnnouncementManager {
* containing all the id's of the groups (resp. users) who have received this message. * containing all the id's of the groups (resp. users) who have received this message.
* @author Patrick Cool <patrick.cool@> * @author Patrick Cool <patrick.cool@>
*/ */
public static function sent_to_form($sent_to_array) { public static function sent_to_form($sent_to_array) {
// we find all the names of the groups // we find all the names of the groups
$group_names = self::get_course_groups(); $group_names = self::get_course_groups();
// we count the number of users and the number of groups // we count the number of users and the number of groups
if (isset($sent_to_array['users'])) { if (isset($sent_to_array['users'])) {
$number_users=count($sent_to_array['users']); $number_users = count($sent_to_array['users']);
} else { } else {
$number_users=0; $number_users = 0;
} }
if (isset($sent_to_array['groups'])) { if (isset($sent_to_array['groups'])) {
$number_groups=count($sent_to_array['groups']); $number_groups = count($sent_to_array['groups']);
} else { } else {
$number_groups=0; $number_groups = 0;
} }
$total_numbers = $number_users + $number_groups; $total_numbers = $number_users + $number_groups;
@ -1052,8 +1065,9 @@ class AnnouncementManager {
$sent_to_group = array(); $sent_to_group = array();
$sent_to = array(); $sent_to = array();
$course_id = api_get_course_int_id();
$sql="SELECT to_group_id, to_user_id FROM $tbl_item_property WHERE tool = '$tool' AND ref=".$id;
$sql="SELECT to_group_id, to_user_id FROM $tbl_item_property WHERE c_id = $course_id AND tool = '$tool' AND ref=".$id;
$result = Database::query($sql); $result = Database::query($sql);
while ($row = Database::fetch_array($result)) { while ($row = Database::fetch_array($result)) {
@ -1090,8 +1104,10 @@ class AnnouncementManager {
public static function get_attachment($announcement_id) { public static function get_attachment($announcement_id) {
$tbl_announcement_attachment = Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT); $tbl_announcement_attachment = Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT);
$announcement_id= intval($announcement_id); $announcement_id= intval($announcement_id);
$course_id = api_get_course_int_id();
$row=array(); $row=array();
$sql = 'SELECT id,path, filename,comment FROM '. $tbl_announcement_attachment.' WHERE announcement_id = '.$announcement_id.''; $sql = 'SELECT id, path, filename, comment FROM '. $tbl_announcement_attachment.'
WHERE c_id = '.$course_id.' AND announcement_id = '.$announcement_id.'';
$result=Database::query($sql); $result=Database::query($sql);
if (Database::num_rows($result)!=0) { if (Database::num_rows($result)!=0) {
$row = Database::fetch_array($result,'ASSOC'); $row = Database::fetch_array($result,'ASSOC');
@ -1155,6 +1171,7 @@ class AnnouncementManager {
global $_course; global $_course;
$tbl_announcement_attachment = Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT); $tbl_announcement_attachment = Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT);
$return = 0; $return = 0;
$course_id = api_get_course_int_id();
if (is_array($file) && $file['error'] == 0 ) { if (is_array($file) && $file['error'] == 0 ) {
$courseDir = $_course['path'].'/upload/announcements'; // TODO: This path is obsolete. The new document repository scheme should be kept in mind here. $courseDir = $_course['path'].'/upload/announcements'; // TODO: This path is obsolete. The new document repository scheme should be kept in mind here.
@ -1178,7 +1195,7 @@ class AnnouncementManager {
$safe_new_file_name = Database::escape_string($new_file_name); $safe_new_file_name = Database::escape_string($new_file_name);
$id_attach = intval($id_attach); $id_attach = intval($id_attach);
$sql = "UPDATE $tbl_announcement_attachment SET filename = '$safe_file_name', comment = '$safe_file_comment', path = '$safe_new_file_name', size ='".intval($file['size'])."' $sql = "UPDATE $tbl_announcement_attachment SET filename = '$safe_file_name', comment = '$safe_file_comment', path = '$safe_new_file_name', size ='".intval($file['size'])."'
WHERE id = '$id_attach'"; WHERE c_id $course_id AND id = '$id_attach'";
$result = Database::query($sql); $result = Database::query($sql);
if ($result === false) { if ($result === false) {
$return = -1; $return = -1;
@ -1196,11 +1213,11 @@ class AnnouncementManager {
* @param integer attachment file Id * @param integer attachment file Id
* *
*/ */
public static function delete_announcement_attachment_file($id) { public static function delete_announcement_attachment_file($id) {
global $_course;
$tbl_announcement_attachment = Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT); $tbl_announcement_attachment = Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT);
$id = intval($id); $id = intval($id);
$sql = "DELETE FROM $tbl_announcement_attachment WHERE id = $id"; $course_id = api_get_course_int_id();
$sql = "DELETE FROM $tbl_announcement_attachment WHERE c_id $course_id AND id = $id";
$result = Database::query($sql); $result = Database::query($sql);
// update item_property // update item_property
//api_item_property_update($_course, 'announcement_attachment', $id,'AnnouncementAttachmentDeleted', api_get_user_id()); //api_item_property_update($_course, 'announcement_attachment', $id,'AnnouncementAttachmentDeleted', api_get_user_id());

52
main/announcements/announcements.php
Unescape View File

@ -52,7 +52,7 @@ $tbl_user = Database::get_main_table(TABLE_MAIN_USER);
$tbl_courses = Database::get_main_table(TABLE_MAIN_COURSE); $tbl_courses = Database::get_main_table(TABLE_MAIN_COURSE);
$tbl_sessions = Database::get_main_table(TABLE_MAIN_SESSION); $tbl_sessions = Database::get_main_table(TABLE_MAIN_SESSION);
$tbl_session_course_user= Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER); $tbl_session_course_user= Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
$tbl_group = Database::get_course_table(TABLE_GROUP);
$tbl_groupUser = Database::get_course_table(TABLE_GROUP_USER); $tbl_groupUser = Database::get_course_table(TABLE_GROUP_USER);
$tbl_announcement = Database::get_course_table(TABLE_ANNOUNCEMENT); $tbl_announcement = Database::get_course_table(TABLE_ANNOUNCEMENT);
$tbl_announcement_attachment = Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT); $tbl_announcement_attachment = Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT);
@ -69,6 +69,9 @@ require_once $lib.'fckeditor/fckeditor.php';
require_once $lib.'fileUpload.lib.php'; require_once $lib.'fileUpload.lib.php';
require_once 'announcements.inc.php'; require_once 'announcements.inc.php';
$course_id = api_get_course_int_id();
/* Tracking */ /* Tracking */
event_access_tool(TOOL_ANNOUNCEMENT); event_access_tool(TOOL_ANNOUNCEMENT);
@ -113,8 +116,7 @@ if (!empty($_POST['To']) and ($select_groupusers_status=="show")) {
/* Action handling */ /* Action handling */
// display the form // display the form
if (((!empty($_GET['action']) && $_GET['action'] == 'add') && $_GET['origin'] == "") || (!empty($_GET['action']) && $_GET['action'] == 'edit') || !empty($_POST['To'])) if (((!empty($_GET['action']) && $_GET['action'] == 'add') && $_GET['origin'] == "") || (!empty($_GET['action']) && $_GET['action'] == 'edit') || !empty($_POST['To'])) {
{
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) { if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
api_not_allowed(); api_not_allowed();
} }
@ -207,7 +209,6 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
Delete announcement Delete announcement
*/ */
if (!empty($_GET['action']) && $_GET['action']=='delete' && isset($_GET['id'])) { if (!empty($_GET['action']) && $_GET['action']=='delete' && isset($_GET['id'])) {
//Database::query("DELETE FROM $tbl_announcement WHERE id='$delete'");
$id=intval($_GET['id']); $id=intval($_GET['id']);
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) { if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
api_not_allowed(); api_not_allowed();
@ -309,7 +310,10 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
$my_sql = "SELECT announcement.id, announcement.display_order " . $my_sql = "SELECT announcement.id, announcement.display_order " .
"FROM $tbl_announcement announcement, " . "FROM $tbl_announcement announcement, " .
"$tbl_item_property itemproperty " . "$tbl_item_property itemproperty " .
"WHERE itemproperty.ref=announcement.id " . "WHERE
announcement.c_id = $course_id AND
itemproperty.c_id = $course_id AND
itemproperty.ref=announcement.id " .
"AND itemproperty.tool='".TOOL_ANNOUNCEMENT."' " . "AND itemproperty.tool='".TOOL_ANNOUNCEMENT."' " .
"AND itemproperty.visibility<>2 " . "AND itemproperty.visibility<>2 " .
"ORDER BY display_order $sortDirection"; "ORDER BY display_order $sortDirection";
@ -401,7 +405,7 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
$grouplist = "'".implode("', '",$grouplist)."'"; //protect individual elements with surrounding quotes $grouplist = "'".implode("', '",$grouplist)."'"; //protect individual elements with surrounding quotes
$sql = "SELECT user_id $sql = "SELECT user_id
FROM $tbl_groupUser gu FROM $tbl_groupUser gu
WHERE gu.group_id IN (".$grouplist.")"; WHERE c_id = $course_id AND gu.group_id IN (".$grouplist.")";
$groupMemberResult = Database::query($sql); $groupMemberResult = Database::query($sql);
if ($groupMemberResult) { if ($groupMemberResult) {
while ($u = Database::fetch_array($groupMemberResult)) { while ($u = Database::fetch_array($groupMemberResult)) {
@ -537,9 +541,12 @@ if(api_is_allowed_to_edit(false,true)) {
} }
$sql = "SELECT announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id $sql = "SELECT announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
FROM $tbl_announcement announcement, $tbl_item_property ip FROM $tbl_announcement announcement, $tbl_item_property ip
WHERE announcement.id = ip.ref WHERE
AND ip.tool='announcement' announcement.c_id = $course_id AND
AND ip.visibility<>'2' ip.c_id = $course_id AND
announcement.id = ip.ref AND
ip.tool='announcement' AND
ip.visibility<>'2'
$group_condition $group_condition
$condition_session $condition_session
GROUP BY ip.ref GROUP BY ip.ref
@ -574,8 +581,11 @@ if(api_is_allowed_to_edit(false,true)) {
if (is_array($group_memberships) && count($group_memberships)>0) { if (is_array($group_memberships) && count($group_memberships)>0) {
$sql="SELECT announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id $sql="SELECT announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
FROM $tbl_announcement announcement, $tbl_item_property ip FROM $tbl_announcement announcement, $tbl_item_property ip
WHERE announcement.id = ip.ref WHERE
AND ip.tool='announcement' announcement.c_id = $course_id AND
ip.c_id = $course_id AND
announcement.id = ip.ref AND
ip.tool='announcement'
AND ip.visibility='1' AND ip.visibility='1'
$cond_user_id $cond_user_id
$condition_session $condition_session
@ -594,7 +604,10 @@ if(api_is_allowed_to_edit(false,true)) {
} }
$sql="SELECT announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id $sql="SELECT announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
FROM $tbl_announcement announcement, $tbl_item_property ip FROM $tbl_announcement announcement, $tbl_item_property ip
WHERE announcement.id = ip.ref WHERE
announcement.c_id = $course_id AND
ip.c_id = $course_id AND
announcement.id = ip.ref
AND ip.tool='announcement' AND ip.tool='announcement'
AND ip.visibility='1' AND ip.visibility='1'
$cond_user_id $cond_user_id
@ -613,7 +626,10 @@ if(api_is_allowed_to_edit(false,true)) {
// the user is not identiefied => show only the general announcements // the user is not identiefied => show only the general announcements
$sql="SELECT announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id $sql="SELECT announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
FROM $tbl_announcement announcement, $tbl_item_property ip FROM $tbl_announcement announcement, $tbl_item_property ip
WHERE announcement.id = ip.ref WHERE
announcement.c_id = $course_id AND
ip.c_id = $course_id AND
announcement.id = ip.ref
AND ip.tool='announcement' AND ip.tool='announcement'
AND ip.visibility='1' AND ip.visibility='1'
AND ip.to_group_id='0' AND ip.to_group_id='0'
@ -875,13 +891,16 @@ if ($display_announcement_list) {
//$group_id=$_SESSION['group']; //$group_id=$_SESSION['group'];
} }
$group_id = api_get_group_id(); $group_id = api_get_group_id();
$group_memberships = GroupManager::get_group_ids($_course['real_id'],api_get_user_id());
$group_memberships = GroupManager::get_group_ids($course_id, api_get_user_id());
//$is_group_member = GroupManager :: is_tutor(api_get_user_id());
if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) { if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) {
// A.1. you are a course admin with a USER filter // A.1. you are a course admin with a USER filter
// => see only the messages of this specific user + the messages of the group (s)he is member of. // => see only the messages of this specific user + the messages of the group (s)he is member of.
if (!empty($_SESSION['user'])) { if (!empty($_SESSION['user'])) {
if (is_array($group_memberships) && count($group_memberships)>0) { if (is_array($group_memberships) && count($group_memberships)>0) {
$sql = "SELECT announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id, ip.insert_date $sql = "SELECT announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id, ip.insert_date
FROM $tbl_announcement announcement, $tbl_item_property ip FROM $tbl_announcement announcement, $tbl_item_property ip
@ -922,6 +941,7 @@ if ($display_announcement_list) {
GROUP BY ip.ref GROUP BY ip.ref
ORDER BY display_order DESC"; ORDER BY display_order DESC";
} else { } else {
// A.3 you are a course admin without any group or user filter // A.3 you are a course admin without any group or user filter
// A.3.a you are a course admin without user or group filter but WITH studentview // A.3.a you are a course admin without user or group filter but WITH studentview
// => see all the messages of all the users and groups without editing possibilities // => see all the messages of all the users and groups without editing possibilities
@ -954,7 +974,9 @@ if ($display_announcement_list) {
} }
} }
} else { } else {
//STUDENT //STUDENT
if (is_array($group_memberships) && count($group_memberships)>0) { if (is_array($group_memberships) && count($group_memberships)>0) {
if ((api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) { if ((api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) {
if (api_get_group_id() == 0) { if (api_get_group_id() == 0) {

6
main/group/group.php
Unescape View File

@ -224,9 +224,7 @@ foreach ($group_cats as $index => $category) {
if ($in_category) { if ($in_category) {
$totalRegistered = 0; $totalRegistered = 0;
// Determine wether current user is tutor for this course
$user_is_tutor = GroupManager :: is_tutor(api_get_user_id());
$group_data = array(); $group_data = array();
foreach ($group_list as $index => $this_group) { foreach ($group_list as $index => $this_group) {
@ -235,7 +233,7 @@ foreach ($group_cats as $index => $category) {
$session_img = api_get_session_image($this_group['session_id'], $_user['status']); $session_img = api_get_session_image($this_group['session_id'], $_user['status']);
// All the tutors of this group // All the tutors of this group
$tutorsids_of_group=GroupManager::get_subscribed_tutors($this_group['id'], true); $tutorsids_of_group = GroupManager::get_subscribed_tutors($this_group['id'], true);
// Create a new table-row // Create a new table-row
$row = array (); $row = array ();

4
main/group/group_edit.php
Unescape View File

@ -30,7 +30,9 @@ $current_group = GroupManager :: get_group_properties(api_get_group_id());
$nameTools = get_lang('EditGroup'); $nameTools = get_lang('EditGroup');
$interbreadcrumb[] = array ('url' => 'group.php', 'name' => get_lang('Groups')); $interbreadcrumb[] = array ('url' => 'group.php', 'name' => get_lang('Groups'));
if (!api_is_allowed_to_edit(false,true)) { $is_group_member = GroupManager :: is_tutor_of_group(api_get_user_id(), api_get_group_id());
if (!api_is_allowed_to_edit(false,true) && !$is_group_member) {
api_not_allowed(true); api_not_allowed(true);
} }

12
main/group/group_space.php
Unescape View File

@ -83,9 +83,9 @@ echo '<a href="group.php">'.Display::return_icon('back.png',get_lang('BackToGrou
/* /*
* Edit the group * Edit the group
*/ */
if (api_is_allowed_to_edit(false, true) or GroupManager :: is_tutor($_user['user_id'])) { if (api_is_allowed_to_edit(false, true) or GroupManager :: is_tutor_of_group(api_get_user_id(), api_get_group_id())) {
$my_origin = isset($origin) ? $origin : ''; $my_origin = isset($origin) ? $origin : '';
echo '<a href="group_edit.php?origin=$my_origin">'.Display::return_icon('settings.png', get_lang('EditGroup'),'','32').'</a>'; echo '<a href="group_edit.php?origin='.$my_origin.'&gidReq='.api_get_group_id().'">'.Display::return_icon('settings.png', get_lang('EditGroup'),'','32').'</a>';
} }
/* /*
@ -114,22 +114,22 @@ if (isset($_GET['action'])) {
/* Main Display Area */ /* Main Display Area */
$course_code = $_course['sysCode']; $course_code = $_course['sysCode'];
$is_course_member = CourseManager :: is_user_subscribed_in_real_or_linked_course($_SESSION['_user']['user_id'], $course_code); $is_course_member = CourseManager :: is_user_subscribed_in_real_or_linked_course(api_get_user_id(), $course_code);
/* /*
* Group title and comment * Group title and comment
*/ */
//api_display_tool_title($nameTools.' '.stripslashes($current_group['name'])); echo Display::tag('h2', stripslashes($current_group['name']));
if (!empty($current_group['description'])) { if (!empty($current_group['description'])) {
echo '<blockquote>'.stripslashes($current_group['description']).'</blockquote>'; echo '<p>'.stripslashes($current_group['description']).'</p>';
} }
/* /*
* Group Tools * Group Tools
*/ */
// If the user is subscribed to the group or the user is a tutor of the group then // If the user is subscribed to the group or the user is a tutor of the group then
if (api_is_allowed_to_edit(false, true) OR GroupManager :: is_user_in_group($_SESSION['_user']['user_id'], $current_group['id'])) { if (api_is_allowed_to_edit(false, true) OR GroupManager :: is_user_in_group(api_get_user_id(), $current_group['id'])) {
echo '<ul>'; echo '<ul>';
$tools = ''; $tools = '';
// Link to the forum of this group // Link to the forum of this group

5
main/inc/lib/course.lib.php
Unescape View File

@ -1367,13 +1367,12 @@ class CourseManager {
$course_id = $course_info['real_id']; $course_id = $course_info['real_id'];
$group_list = array(); $group_list = array();
$session_id != 0 ? $session_condition = ' WHERE g.session_id IN(1,'.intval($session_id).')' : $session_condition = ' WHERE g.session_id = 0'; $session_id != 0 ? $session_condition = ' WHERE g.session_id IN(1,'.intval($session_id).')' : $session_condition = ' WHERE g.session_id = 0';
$sql="SELECT g.id, g.name, COUNT(gu.id) userNb $sql = "SELECT g.id, g.name, COUNT(gu.id) userNb
FROM ".Database::get_course_table(TABLE_GROUP)." AS g FROM ".Database::get_course_table(TABLE_GROUP)." AS g
LEFT JOIN ".Database::get_course_table(TABLE_GROUP_USER)." gu LEFT JOIN ".Database::get_course_table(TABLE_GROUP_USER)." gu
ON g.id = gu.group_id ON g.id = gu.group_id
$session_condition AND $session_condition AND
g.c_id = $course_id AND g.c_id = $course_id
gu.c_id = $course_id AND
GROUP BY g.id GROUP BY g.id
ORDER BY g.name"; ORDER BY g.name";
$result = Database::query($sql); $result = Database::query($sql);

24
main/inc/lib/groupmanager.lib.php
Unescape View File

@ -1127,7 +1127,7 @@ class GroupManager {
foreach ($user_ids as $index => $user_id) { foreach ($user_ids as $index => $user_id) {
$user_id = Database::escape_string($user_id); $user_id = Database::escape_string($user_id);
$group_id = Database::escape_string($group_id); $group_id = Database::escape_string($group_id);
$sql = "INSERT INTO ".$table_group_tutor." (c_id, user_id, group_id) VALUES ('$course_id', '".$user_id."', '".$group_id."')"; echo $sql = "INSERT INTO ".$table_group_tutor." (c_id, user_id, group_id) VALUES ('$course_id', '".$user_id."', '".$group_id."')";
$result &= Database::query($sql); $result &= Database::query($sql);
} }
return $result; return $result;
@ -1294,20 +1294,30 @@ class GroupManager {
public static function get_group_ids ($course_id, $user_id) { public static function get_group_ids ($course_id, $user_id) {
$groups = array(); $groups = array();
$tbl_group = Database::get_course_table(TABLE_GROUP_USER); $tbl_group = Database::get_course_table(TABLE_GROUP_USER);
$tbl_group_tutor = Database::get_course_table(TABLE_GROUP_TUTOR);
$user_id = intval($user_id); $user_id = intval($user_id);
$course_id = intval($course_id); $course_id = intval($course_id);
$sql = "SELECT group_id FROM $tbl_group WHERE c_id = $course_id AND user_id = '$user_id'"; $sql = "SELECT group_id FROM $tbl_group WHERE c_id = $course_id AND user_id = '$user_id'";
$groupres = Database::query($sql); $groupres = Database::query($sql);
// uncommenting causes a bug in Agenda AND announcements because there we check if the return value of this function is an array or not if ($groupres) {
//$groups=array();
if($groupres) {
while ($myrow= Database::fetch_array($groupres)) while ($myrow= Database::fetch_array($groupres))
$groups[]=$myrow['group_id']; $groups[]=$myrow['group_id'];
} }
//Also loading if i'm the tutor
$sql = "SELECT group_id FROM $tbl_group_tutor WHERE c_id = $course_id AND user_id = '$user_id'";
$groupres = Database::query($sql);
if ($groupres) {
while ($myrow= Database::fetch_array($groupres)) {
$groups[]=$myrow['group_id'];
}
}
if (!empty($groups)) {
array_filter($groups);
}
return $groups; return $groups;
} }
/* /*

Write Preview
Loading…
Cancel
Save