More SQL queries fixes

14 years ago · db93a426c0
parent 178c75fd53
commit db93a426c0
12 changed files with 65 additions and 57 deletions
--- a/main/attendance/attendance_add.php
+++ b/main/attendance/attendance_add.php
@ -30,7 +30,7 @@ $form->addElement('hidden', 'sec_token', $token);

 $form->add_textfield('title', get_lang('Title'), true, array('size'=>'50'));
 $form->applyFilter('title','html_filter');
-$form->add_html_editor('description', get_lang('Description'), false, false, array('ToolbarSet' => 'TrainingDescription', 'Width' => '100%', 'Height' => '200'));
+$form->add_html_editor('description', get_lang('Description'), false, false, array('ToolbarSet' => 'TrainingDescription', 'Width' => '100%', 'Height' => '150'));

 // Adavanced Parameters
 $form->addElement('html', '<div class="row"><div class="label"></div>');
@ -47,7 +47,5 @@ $form->applyFilter('attendance_weight', 'html_filter');
 $form->addElement('html','</div>');

 $form->addElement('html','</div>');
-$form->addElement('html','<div class="clear" style="margin-top:50px;"></div>');
 $form->addElement('style_submit_button', null, get_lang('Save'), 'class="save"');
-$form->display();
-?>
+$form->display();
--- a/main/attendance/attendance_edit.php
+++ b/main/attendance/attendance_edit.php
@ -56,7 +56,7 @@ $form->applyFilter('attendance_weight', 'html_filter');
 $form->addElement('html','</div>');

 $form->addElement('html','</div>');
-$form->addElement('html','<div class="clear" style="margin-top:50px;"></div>');
+//$form->addElement('html','<div class="clear" style="margin-top:50px;"></div>');
 $form->addElement('style_submit_button', null, get_lang('Save'), 'class="save"');

 // set default values
--- a/main/calendar/agenda.inc.php
+++ b/main/calendar/agenda.inc.php
@ -2811,6 +2811,8 @@ function display_upcoming_events() {
    $mycourse   		= api_get_course_info();
    $myuser     		= api_get_user_info();
    $session_id 		= api_get_session_id();
+    
+    $course_id = $mycourse['real_id'];


 	$group_memberships = GroupManager :: get_group_ids($mycourse['real_id'], $myuser['user_id']);
@ -2821,7 +2823,10 @@ function display_upcoming_events() {
 						DISTINCT agenda.*, item_property.*
 						FROM ".$TABLEAGENDA." agenda,
 							 ".$TABLE_ITEMPROPERTY." item_property
-						WHERE agenda.id = item_property.ref
+						WHERE 
+						agenda.c_id = $course_id AND 
+                        item_property.c_id = $course_id AND  
+                        agenda.id = item_property.ref
 						AND item_property.tool='".TOOL_CALENDAR_EVENT."'
 						AND item_property.visibility='1'
 						AND agenda.start_date > NOW()
@ -2837,7 +2842,10 @@ function display_upcoming_events() {
 							agenda.*, item_property.*
 							FROM ".$TABLEAGENDA." agenda,
 								".$TABLE_ITEMPROPERTY." item_property
-							WHERE agenda.id = item_property.ref
+							WHERE
+							agenda.c_id = $course_id AND 
+                            item_property.c_id = $course_id AND   
+							agenda.id = item_property.ref
 							AND item_property.tool='".TOOL_CALENDAR_EVENT."'
 							AND	( item_property.to_user_id='".$myuser['user_id']."' OR item_property.to_group_id IN (0, ".implode(", ", $group_memberships).") )
 							AND item_property.visibility='1'
@ -2849,7 +2857,10 @@ function display_upcoming_events() {
 							agenda.*, item_property.*
 							FROM ".$TABLEAGENDA." agenda,
 							".$TABLE_ITEMPROPERTY." item_property
-							WHERE agenda.id = item_property.ref
+							WHERE
+							agenda.c_id = $course_id AND 
+							item_property.c_id = $course_id AND   
+							agenda.id = item_property.ref
 							AND item_property.tool='".TOOL_CALENDAR_EVENT."'
 							AND ( item_property.to_user_id='".$myuser['user_id']."' OR item_property.to_group_id='0')
 							AND item_property.visibility='1'
--- a/main/course_progress/thematic.php
+++ b/main/course_progress/thematic.php
@ -230,7 +230,7 @@ if ($action == 'thematic_list') {
 		
 	$form->add_textfield('title', get_lang('Title'), true, array('size'=>'50'));
 	$form->add_html_editor('content', get_lang('Content'), false, false, array('ToolbarSet' => 'TrainingDescription', 'Width' => '80%', 'Height' => '150'));	
-	$form->addElement('html','<div class="clear" style="margin-top:50px;"></div>');
+	//$form->addElement('html','<div class="clear" style="margin-top:50px;"></div>');
 	$form->addElement('style_submit_button', null, get_lang('Save'), 'class="save"');
 	
    $show_form = true;
--- a/main/course_progress/thematic_advance.php
+++ b/main/course_progress/thematic_advance.php
@ -76,7 +76,7 @@ if ($action == 'thematic_advance_add' || $action == 'thematic_advance_edit') {
 	$form->add_html_editor('content', get_lang('Content'), false, false, array('ToolbarStartExpanded'=>'false', 'ToolbarSet' => 'TrainingDescription', 'Width' => '80%', 'Height' => '150'));	
 	//$form->addElement('textarea', 'content', get_lang('Content'));
 	
-	$form->addElement('html','<div class="clear" style="margin-top:50px;"></div>');
+	//$form->addElement('html','<div class="clear" style="margin-top:50px;"></div>');
 	
 	if ($action == 'thematic_advance_add') {
 		$form->addElement('style_submit_button', null, get_lang('Save'), 'id="add_button" class="save"');
--- a/main/course_progress/thematic_plan.php
+++ b/main/course_progress/thematic_plan.php
@ -54,7 +54,7 @@ if ($action == 'thematic_plan_list') {
            $form->add_textfield('title['.$id.']', get_lang('Title'), true, array('size'=>'50'));
            $form->add_html_editor('description['.$id.']', get_lang('Description'), false, false, array('ToolbarStartExpanded'=>'false', 'ToolbarSet' => 'TrainingDescription', 'Width' => '80%', 'Height' => '150'));
            //$form->addElement('textarea', 'description['.$id.']', get_lang('Description'));            
-            $form->addElement('html','<div class="clear" style="margin-top:50px;"></div>');              
+            //$form->addElement('html','<div class="clear" style="margin-top:50px;"></div>');              
            if (!empty($thematic_simple_list) && in_array($id, $thematic_simple_list)) {
                $thematic_plan = $new_thematic_plan_data[$id];                 
                // set default values
@ -97,7 +97,7 @@ if ($action == 'thematic_plan_list') {

 	$form->add_textfield('title', get_lang('Title'), true, array('size'=>'50'));
 	$form->add_html_editor('description', get_lang('Description'), false, false, array('ToolbarStartExpanded'=>'false', 'ToolbarSet' => 'TrainingDescription', 'Width' => '80%', 'Height' => '150'));	
-	$form->addElement('html','<div class="clear" style="margin-top:50px;"></div>');
+	//$form->addElement('html','<div class="clear" style="margin-top:50px;"></div>');
 	$form->addElement('style_submit_button', null, get_lang('Save'), 'class="save"');
 	
 	if ($description_type < ADD_THEMATIC_PLAN) {
--- a/main/forum/forumfunction.inc.php
+++ b/main/forum/forumfunction.inc.php
@ -3652,12 +3652,10 @@ function edit_forum_attachment_file($file_comment,$post_id,$id_attach) {
 function get_attachment($post_id) {
    $forum_table_attachment = Database :: get_course_table(TABLE_FORUM_ATTACHMENT);
    $course_id = api_get_course_int_id();
-    
-
    $row = array();
    $post_id = intval($post_id);
-    $sql = 'SELECT id, path, filename,comment FROM '. $forum_table_attachment.' 
-            WHERE c_id = $course_id AND post_id ="'.$post_id.'"';
+    $sql = "SELECT id, path, filename,comment FROM $forum_table_attachment 
+            WHERE c_id = $course_id AND post_id = $post_id";
    $result = Database::query($sql);
    if (Database::num_rows($result) != 0) {
        $row = Database::fetch_array($result);
--- a/main/inc/ajax/thematic.ajax.php
+++ b/main/inc/ajax/thematic.ajax.php
@ -11,10 +11,10 @@ require_once api_get_path(LIBRARY_PATH).'thematic.lib.php';
 api_protect_course_script(true);

 $action = $_GET['a'];
+$thematic = new Thematic();

 switch ($action) {		
 	case 'save_thematic_plan':
-		$thematic = new Thematic();
 		$title_list         = $_REQUEST['title'];
 		$description_list   = $_REQUEST['desc'];
 		//$description_list   = $_REQUEST['description'];
@ -35,9 +35,7 @@ switch ($action) {
 		if (!api_is_allowed_to_edit(null, true)) {
 			echo '';
 			exit;
-		}
-		
-		$thematic = new Thematic();		
+        }        
 		if (($_REQUEST['start_date_type'] == 1 && empty($_REQUEST['start_date_by_attendance'])) || (!empty($_REQUEST['duration_in_hours']) && !is_numeric($_REQUEST['duration_in_hours'])) ) {	    			
 			if ($_REQUEST['start_date_type'] == 1 && empty($_REQUEST['start_date_by_attendance'])) {
        		$start_date_error = true;
--- a/main/inc/lib/certificate.lib.php
+++ b/main/inc/lib/certificate.lib.php
@ -159,8 +159,7 @@ class Certificate extends Model {
            //If the gradebook is related to skills we added the skills to the user
                                
            $skill = new Skill();
-            $skill->add_skill_to_user($this->user_id, $this->certificate_data['cat_id']);
-            
+            $skill->add_skill_to_user($this->user_id, $this->certificate_data['cat_id']);            
 	
 			if (is_dir($this->certification_user_path)) {
 				if (!empty($this->certificate_data)) {	
--- a/main/tracking/exams.php
+++ b/main/tracking/exams.php
@ -9,9 +9,7 @@
 */

 $language_file = array ('registration', 'index', 'tracking', 'exercice','survey');
-
 require_once '../inc/global.inc.php';
-require_once api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php';
 require_once api_get_path(LIBRARY_PATH).'pear/Spreadsheet_Excel_Writer/Writer.php';

 $this_section = SECTION_TRACKING;
@ -141,17 +139,19 @@ if ($global) {
 	$html_result .= '<th>'.get_lang('Attempts').'</th>';
 	$html_result .= '</tr>';
 }
+$table = Database::get_course_table(TABLE_TOOL_LIST);
+$t_quiz = Database::get_course_table(TABLE_QUIZ_TEST);

 $export_array_global = $export_array =  array();
 if(!empty($course_list) && is_array($course_list))
-foreach($course_list as $current_course) {
+foreach ($course_list as $current_course) {
 	$global_row = $row_not_global = array();
+    $course_id = $current_course['real_id'];
    
 	$a_students = CourseManager :: get_student_list_from_course_code($current_course['code'], false);	
 	$total_students = count($a_students);
-	$t_quiz = Database::get_course_table(TABLE_QUIZ_TEST,$current_course['db_name']);
 	
-	$sqlExercices		= "SELECT count(id) as count FROM ".$t_quiz." AS quiz WHERE active='1' AND c_id = {$current_course['real_id']}";
+	$sqlExercices		= "SELECT count(id) as count FROM ".$t_quiz." AS quiz WHERE active='1' AND c_id = $course_id ";
 	$resultExercices 	= Database::query($sqlExercices);
 	$data_exercises  	= Database::store_result($resultExercices);
 	$exercise_count 	= $data_exercises[0]['count'];	
@ -164,22 +164,21 @@ foreach($course_list as $current_course) {
 		$html_result .= $current_course['title'];
 		$html_result .= "</td>";		
 	}
-
-	$sql='SELECT visibility FROM '.$current_course['db_name'].'.'.TABLE_TOOL_LIST.' WHERE name="quiz" ';
+    
+	$sql = "SELECT visibility FROM $table WHERE c_id = $course_id AND name='quiz'";
 	$resultVisibilityQuizz = Database::query($sql);
 	
 	if (Database::result($resultVisibilityQuizz, 0 ,'visibility') == 1) {		
-		$sqlExercices = "	SELECT quiz.title,id FROM ".$t_quiz." AS quiz WHERE active='1' ORDER BY quiz.title ASC";		
+		$sqlExercices = "	SELECT quiz.title,id FROM ".$t_quiz." AS quiz WHERE c_id = $course_id  AND active='1' ORDER BY quiz.title ASC";		
 		//Getting the exam list
 		if (!$global) {
 			if (!empty($exercise_id)) {
-				$sqlExercices = "	SELECT quiz.title,id FROM ".$t_quiz." AS quiz WHERE active='1' AND id = $exercise_id ORDER BY quiz.title ASC";	
+				$sqlExercices = "	SELECT quiz.title,id FROM ".$t_quiz." AS quiz WHERE c_id = $course_id  AND active='1' AND id = $exercise_id ORDER BY quiz.title ASC";	
 			}
 		}		
 		$resultExercices = Database::query($sqlExercices);
 		$i = 0;
-		if (Database::num_rows($resultExercices) > 0) {
-			
+		if (Database::num_rows($resultExercices) > 0) {			
 			while($a_exercices = Database::fetch_array($resultExercices)) {
 				$global_row[]= $current_course['title'];		
 				if (!$global) {
@ -526,4 +525,4 @@ function export_complete_report_xls($filename, $array) {
 		$workbook->close();
 		exit;
 }
-Display :: display_footer();
+Display :: display_footer();
--- a/main/work/work.lib.php
+++ b/main/work/work.lib.php
@ -324,9 +324,15 @@ function display_student_publications_list($id, $link_target_parameter, $dateFor
 	$work_table      = Database::get_course_table(TABLE_STUDENT_PUBLICATION);
 	$iprop_table     = Database::get_course_table(TABLE_ITEM_PROPERTY);
 	$work_assigment  = Database::get_course_table(TABLE_STUDENT_PUBLICATION_ASSIGNMENT);
-
+    
 	$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
-	$user_id 			= api_get_user_id();
+	$user_id 			= api_get_user_id();	
+	
+    //condition for the session
+    $session_id         = api_get_session_id();
+    $condition_session  = api_get_session_condition($session_id);    
+    $course_id          = api_get_course_int_id();
+    
 	$publications_list = array();
 	$sort_params = array();

@ -358,7 +364,7 @@ function display_student_publications_list($id, $link_target_parameter, $dateFor
 	}

 	$qualification_exists = false;
-	if(!empty($my_folder_data['qualification']) && intval($my_folder_data['qualification']) > 0) {
+	if (!empty($my_folder_data['qualification']) && intval($my_folder_data['qualification']) > 0) {
 		$qualification_exists = true;
 	}
 	$work_dir 		= api_get_path(SYS_COURSE_PATH).$_course['path'].'/work';
@ -375,11 +381,6 @@ function display_student_publications_list($id, $link_target_parameter, $dateFor
 		$sub_course_dir = '';
 	}

-	//condition for the session
-	$session_id 		= api_get_session_id();
-	$condition_session  = api_get_session_condition($session_id);
-	
-	$course_id 			= api_get_course_int_id();
 	
 	$contains_file_query = '';	
 	$parent_id = isset($my_folder_data['id']) ? $my_folder_data['id'] : 0;	
@ -388,8 +389,6 @@ function display_student_publications_list($id, $link_target_parameter, $dateFor
 		$contains_file_query = "  OR (contains_file = 0 AND parent_id = $parent_id ) ";
 	}
 	
-	
-	
 	//Get list from database
 	if ($is_allowed_to_edit) {
 		$active_condition = ' active IN (0, 1)';		
@ -443,7 +442,7 @@ function display_student_publications_list($id, $link_target_parameter, $dateFor
 		}
 	}
 	
-	$table_header[] = array(get_lang('Date'), true, 'style="width:160px"');
+	$table_header[] = array(get_lang('Date'), true, 'style="width:170px"');

 	if ($is_allowed_to_edit) {
 		$table_header[] = array(get_lang('Actions'), false, 'style="width:90px"');
@ -504,7 +503,7 @@ function display_student_publications_list($id, $link_target_parameter, $dateFor
 				// form edit directory
 				if (isset($clean_edit_dir) && $clean_edit_dir == $mydir) {
 					if (!empty($row['has_properties'])) {
-						$sql = Database::query('SELECT * FROM '.$work_assigment.' WHERE id = "'.$row['has_properties'].'" LIMIT 1');
+						$sql = Database::query('SELECT * FROM '.$work_assigment.' WHERE c_id = '.$course_id.' AND id = "'.$row['has_properties'].'" LIMIT 1');
 						$homework = Database::fetch_array($sql);
 					}

@ -668,22 +667,28 @@ function display_student_publications_list($id, $link_target_parameter, $dateFor
 							$TABLEAGENDA = Database::get_course_table(TABLE_AGENDA);	
 								
 							$expires_query = ' SET expires_on = '."'".($there_is_a_expire_date ? api_get_utc_datetime(get_date_from_group('expires')) : '0000-00-00 00:00:00')."'";
-							Database::query('UPDATE '.$work_assigment.$expires_query.' WHERE id = '."'".$row['has_properties']."'");
-							$sql_add_publication = "UPDATE ".$work_table." SET has_properties  = '".$row['has_properties'].  "', view_properties=1 where id ='".$row['id']."'";
+							Database::query('UPDATE '.$work_assigment.$expires_query.' WHERE c_id = '.$course_id.' AND id = '."'".$row['has_properties']."'");
+							$sql_add_publication = "UPDATE ".$work_table." SET has_properties  = '".$row['has_properties'].  "', view_properties=1 WHERE c_id = $course_id AND id ='".$row['id']."'";
 							Database::query($sql_add_publication);
 						
 			
 							$ends_query =    ' SET ends_on = '."'".($there_is_a_end_date ? api_get_utc_datetime(get_date_from_group('ends')) : '0000-00-00 00:00:00')."'";
-							Database::query('UPDATE '.$work_assigment.$ends_query.' WHERE id = '."'".$row['has_properties']."'");
-							$sql_add_publication = "UPDATE ".$work_table." SET has_properties  = '".$row['has_properties'].  "', view_properties=1 where id ='".$row['id']."'";
+							Database::query('UPDATE '.$work_assigment.$ends_query.' WHERE c_id = '.$course_id.' AND id = '."'".$row['has_properties']."'");
+							$sql_add_publication = "UPDATE ".$work_table." SET has_properties  = '".$row['has_properties'].  "', view_properties=1 WHERE c_id = '.$course_id.' AND id ='".$row['id']."'";
 							Database::query($sql_add_publication);
 				
-							Database::query('UPDATE '.$work_table.' SET allow_text_assignment = '."'".intval($_POST['allow_text_assignment'])."'".' , description = '."'".Database::escape_string($_POST['description'])."'".', qualification = '."'".Database::escape_string($_POST['qualification']['qualification'])."'".',weight = '."'".Database::escape_string($_POST['weight']['weight'])."'".' WHERE id = '."'".$row['id']."'");
+							Database::query('UPDATE '.$work_table.' SET 
+							                     allow_text_assignment = '."'".intval($_POST['allow_text_assignment'])."'".' , 
+							                     description = '."'".Database::escape_string($_POST['description'])."'".', 
+							                     qualification = '."'".Database::escape_string($_POST['qualification']['qualification'])."'".',
+							                     weight = '."'".Database::escape_string($_POST['weight']['weight'])."'".' 
+							                 WHERE c_id = '.$course_id.' AND id = '.$row['id']);
 								
 							require_once api_get_path(SYS_CODE_PATH).'gradebook/lib/gradebook_functions.inc.php';
 							$link_id = is_resource_in_course_gradebook(api_get_course_id(), 3 , $row['id'], api_get_session_id());
 							if ($link_id !== false) {
-								Database::query('UPDATE '.Database :: get_main_table(TABLE_MAIN_GRADEBOOK_LINK).' SET weight = '."'".Database::escape_string((float)$_POST['weight']['weight'])."'".' WHERE id = '.$link_id);
+								Database::query('UPDATE '.Database :: get_main_table(TABLE_MAIN_GRADEBOOK_LINK).' SET weight = '."'".Database::escape_string((float)$_POST['weight']['weight'])."'".' 
+								                WHERE c_id = '.$course_id.' AND id = '.$link_id);
 							}

 							//we are changing the current work and we want add them into gradebook
@ -703,7 +708,7 @@ function display_student_publications_list($id, $link_target_parameter, $dateFor
 							$display_edit_form = false;

 							// gets calendar_id from student_publication_assigment
-							$sql = "SELECT add_to_calendar FROM $work_assigment WHERE publication_id ='".$row['id']."'";
+							$sql = "SELECT add_to_calendar FROM $work_assigment WHERE c_id = $course_id AND publication_id ='".$row['id']."'";
 							$res = Database::query($sql);
 							$calendar_id = Database::fetch_row($res);
 							$dir_name = sprintf(get_lang('HandingOverOfTaskX'), $dir_name);
@ -721,7 +726,7 @@ function display_student_publications_list($id, $link_target_parameter, $dateFor
 											content  = '".Database::escape_string($_POST['description'])."',
 											start_date = '".$end_date."',
 											end_date   = '".$end_date."'
-										WHERE id='".$calendar_id[0]."'";
+										WHERE c_id = $course_id AND id='".$calendar_id[0]."'";
 								Database::query($sql);
 							}
 							Display::display_confirmation_message(get_lang('FolderEdited'));
@ -1338,7 +1343,7 @@ function update_dir_name($path, $new_name) {
 			$new_dir = $work['url'];
 			$name_with_directory = substr($new_dir, $work_len, strlen($new_dir));
 			$url = $path_to_dir.$new_name.$name_with_directory;
-			$sql = 'UPDATE '.$table.' SET url="/'.$url.'" WHERE c_id = '.$course_id.' AND id= '.$work['id'];
+			$sql = 'UPDATE '.$table.' SET url="/'.$url.'", title = "'.$new_name.'" WHERE c_id = '.$course_id.' AND id= '.$work['id'];
 			Database::query($sql);
 		}
 	}
--- a/main/work/work.php
+++ b/main/work/work.php
@ -727,8 +727,8 @@ switch ($action) {
 	    				                    enable_qualification = '".$enable_calification."',
 	    				                    publication_id = '".$id."'";
 					Database::query($sql_add_homework);
-	
-					$sql_add_publication = "UPDATE ".$work_table." SET "."has_properties  = ".Database::insert_id().", view_properties = 0 ".' where id = '.$id;
+	                $inserted_id = Database::insert_id();
+					$sql_add_publication = "UPDATE $work_table SET has_properties  = $inserted_id, view_properties = 0 WHERE id = $id";
 					Database::query($sql_add_publication);	
 				}