chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[svn r9983] replace $_uid with $_user['user_id']

Browse Source
skala
Patrick Cool 19 years ago
parent 04b7fd5d07
commit dcc71cb73d
8 changed files with 109 additions and 110 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 82
      main/auth/courses.php
  2. 21
      main/auth/inscription.php
  3. 8
      main/auth/inscription_second.php
  4. 6
      main/auth/ldap/authldap.php
  5. 10
      main/auth/ldap/login.php
  6. 4
      main/auth/ldap/newUser.php
  7. 18
      main/auth/my_progress.php
  8. 70
      main/auth/profile.php

82
main/auth/courses.php
Unescape View File

@ -1,4 +1,4 @@
<?php // $Id: courses.php 9721 2006-10-25 08:23:18Z grayd0n $
<?php // $Id: courses.php 9983 2006-11-15 00:21:16Z pcool $
/*
==============================================================================
Dokeos - elearning and course management software
@ -80,7 +80,6 @@ api_display_tool_title($nameTools);
COMMANDS SECTION
==============================================================================
*/
$userId = $_uid;
unset($message);
// we are moving a course or category of the user up/down the list (=Sort My Courses)
if (isset($_GET['move']))
@ -120,7 +119,7 @@ if (isset($_POST['subscribe']))
// we are unsubscribing from a course (=Unsubscribe from course)
if (isset($_POST['unsubscribe']))
{
$message=remove_user_from_course($_uid, $_POST['unsubscribe']);
$message=remove_user_from_course($_user['user_id'], $_POST['unsubscribe']);
}
// we are deleting a course category
if ($_GET['action']=='deletecoursecategory' AND isset($_GET['id']))
@ -157,8 +156,8 @@ switch ($_GET['action'])
break;
case 'unsubscribe':
api_display_tool_title(get_lang('UnsubscribeFromCourse'));
$user_courses=get_courses_of_user($_uid);
display_courses($_uid, true, $user_courses);
$user_courses=get_courses_of_user($_user['user_id']);
display_courses($_user['user_id'], true, $user_courses);
break;
case 'createcoursecategory':
api_display_tool_title(get_lang('CreateCourseCategory'));
@ -168,8 +167,8 @@ switch ($_GET['action'])
case 'sortmycourses':
default:
api_display_tool_title(get_lang('SortMyCourses'));
$user_courses=get_courses_of_user($_uid);
display_courses($_uid, true, $user_courses);
$user_courses=get_courses_of_user($_user['user_id']);
display_courses($_user['user_id'], true, $user_courses);
break;
}
echo '</div>';
@ -195,13 +194,13 @@ Display :: display_footer();
*/
function subscribe_user($course_code)
{
global $_uid;
global $_user;
$all_course_information = CourseManager::get_course_information($course_code);
if ($all_course_information['registration_code']=='' OR $_POST['course_registration_code']==$all_course_information['registration_code'])
{
if (CourseManager::add_user_to_course($_uid, $course_code))
if (CourseManager::add_user_to_course($_user['user_id'], $course_code))
{
return get_lang('EnrollToCourseSuccessful');
}
@ -367,7 +366,7 @@ function browse_courses_in_category()
*/
function display_search_courses()
{
global $_uid;
global $_user;
echo "<p><b>".get_lang("SearchCourse")."</b><br />";
echo "<form class=\"course_list\" method=\"post\" action=\"".$_SERVER['PHP_SELF']."?action=subscribe\">",
"<input type=\"hidden\" name=\"search_course\" value=\"1\" />",
@ -389,9 +388,9 @@ function display_search_courses()
function display_subscribe_to_courses($courses)
{
global $_uid;
global $_user;
// getting all the courses to which the user is subscribed to
$user_courses=get_courses_of_user($_uid);
$user_courses=get_courses_of_user($_user['user_id']);
$user_coursecodes=array();
// we need only the course codes as these will be used to match against the courses of the category
@ -492,14 +491,14 @@ function search_courses($search_term)
*/
function delete_course_category($id)
{
global $_uid, $user_personal_database;
global $_user, $user_personal_database;
$DATABASE_USER_TOOLS = $user_personal_database;
$TABLE_USER_COURSE_CATEGORY = $DATABASE_USER_TOOLS."`.`user_course_category";
$TABLECOURSUSER=Database::get_main_table(MAIN_COURSE_USER_TABLE);
$sql_delete="DELETE FROM `$TABLE_USER_COURSE_CATEGORY` WHERE id='".$id."' and user_id='".$_uid."'";
$sql_update="UPDATE $TABLECOURSUSER SET user_course_cat='0' WHERE user_course_cat='".$id."' AND user_id='".$_uid."'";
$sql_delete="DELETE FROM `$TABLE_USER_COURSE_CATEGORY` WHERE id='".$id."' and user_id='".$_user['user_id']."'";
$sql_update="UPDATE $TABLECOURSUSER SET user_course_cat='0' WHERE user_course_cat='".$id."' AND user_id='".$_user['user_id']."'";
mysql_query($sql_delete) or die(mysql_error());
mysql_query($sql_update) or die(mysql_error());
@ -514,19 +513,19 @@ function delete_course_category($id)
*/
function store_course_category()
{
global $_uid, $user_personal_database;
global $_user, $user_personal_database;
$DATABASE_USER_TOOLS = $user_personal_database;
$TABLE_USER_COURSE_CATEGORY = $DATABASE_USER_TOOLS."`.`user_course_category";
// step 1: we determine the max value of the user defined course categories
$sql="SELECT sort FROM `$TABLE_USER_COURSE_CATEGORY` WHERE user_id='".$_uid."' ORDER BY sort DESC";
$sql="SELECT sort FROM `$TABLE_USER_COURSE_CATEGORY` WHERE user_id='".$_user['user_id']."' ORDER BY sort DESC";
$result=api_sql_query($sql);
$maxsort=mysql_fetch_array($result);
$nextsort=$maxsort['sort']+1;
$sql_insert="INSERT INTO `$TABLE_USER_COURSE_CATEGORY` (user_id, title,sort) VALUES ('".$_uid."', '".htmlentities($_POST['title_course_category'])."', '".$nextsort."')";
$sql_insert="INSERT INTO `$TABLE_USER_COURSE_CATEGORY` (user_id, title,sort) VALUES ('".$_user['user_id']."', '".htmlentities($_POST['title_course_category'])."', '".$nextsort."')";
api_sql_query($sql_insert);
return get_lang("CourseCategoryStored");
}
@ -539,7 +538,7 @@ function store_course_category()
*/
function display_create_course_category_form()
{
global $_uid, $user_personal_database;
global $_user, $user_personal_database;
echo "<form name=\"create_course_category\" method=\"post\" action=\"".$_SERVER['PHP_SELF']."?action=sortmycourses\">\n";
echo "<input type=\"text\" name=\"title_course_category\" />\n";
@ -549,7 +548,7 @@ function display_create_course_category_form()
echo get_lang("ExistingCourseCategories");
$DATABASE_USER_TOOLS = $user_personal_database;
$TABLE_USER_COURSE_CATEGORY = $DATABASE_USER_TOOLS."`.`user_course_category";
$sql="SELECT * FROM `$TABLE_USER_COURSE_CATEGORY` WHERE user_id='".$_uid."'";
$sql="SELECT * FROM `$TABLE_USER_COURSE_CATEGORY` WHERE user_id='".$_user['user_id']."'";
$result=api_sql_query($sql, __LINE__, __FILE__);
if (mysql_num_rows($result)>0)
{
@ -575,12 +574,13 @@ function display_create_course_category_form()
*/
function store_changecoursecategory($course_code, $newcategory)
{
global $_uid;
global $_user;
$TABLECOURSUSER = Database::get_main_table(MAIN_COURSE_USER_TABLE);
$max_sort_value=api_max_sort_value($newcategory,$_uid); //max_sort_value($newcategory);
$max_sort_value=api_max_sort_value($newcategory,$_user['user_id']); //max_sort_value($newcategory);
$sql="UPDATE $TABLECOURSUSER SET user_course_cat='".$newcategory."', sort='".($max_sort_value+1)."' WHERE course_code='".$course_code."' AND user_id='".$_uid."'";
$sql="UPDATE $TABLECOURSUSER SET user_course_cat='".$newcategory."', sort='".($max_sort_value+1)."' WHERE course_code='".$course_code."' AND user_id='".$_user['user_id']."'";
$result=api_sql_query($sql);
return get_lang("EditCourseCategorySucces");
}
@ -593,10 +593,10 @@ function store_changecoursecategory($course_code, $newcategory)
*/
function move_course($direction, $course2move, $category)
{
global $_uid;
global $_user;
$TABLECOURSUSER = Database::get_main_table(MAIN_COURSE_USER_TABLE);
$all_user_courses=get_courses_of_user($_uid);
$all_user_courses=get_courses_of_user($_user['user_id']);
// we need only the courses of the category we are moving in
foreach ($all_user_courses as $key=>$course)
@ -624,8 +624,8 @@ function move_course($direction, $course2move, $category)
} // if ($course2move==$course['code'])
}
$sql_update1="UPDATE $TABLECOURSUSER SET sort='".$target_course['sort']."' WHERE course_code='".$source_course['code']."' AND user_id='".$_uid."'";
$sql_update2="UPDATE $TABLECOURSUSER SET sort='".$source_course['sort']."' WHERE course_code='".$target_course['code']."' AND user_id='".$_uid."'";
$sql_update1="UPDATE $TABLECOURSUSER SET sort='".$target_course['sort']."' WHERE course_code='".$source_course['code']."' AND user_id='".$_user['user_id']."'";
$sql_update2="UPDATE $TABLECOURSUSER SET sort='".$source_course['sort']."' WHERE course_code='".$target_course['code']."' AND user_id='".$_user['user_id']."'";
mysql_query($sql_update2);
mysql_query($sql_update1);
return get_lang("CourseSortingDone");
@ -641,7 +641,7 @@ function move_course($direction, $course2move, $category)
*/
function move_category($direction, $category2move)
{
global $_uid;
global $_user;
// the database definition of the table that stores the user defined course categories
$table_user_defined_category = Database::get_user_personal_table(USER_COURSE_CATEGORY_TABLE);
@ -662,8 +662,8 @@ function move_category($direction, $category2move)
} // if ($course2move==$course['code'])
} // foreach ($user_courses as $key=>$course)
$sql_update1="UPDATE $table_user_defined_category SET sort='".$target_category['sort']."' WHERE id='".$source_category['id']."' AND user_id='".$_uid."'";
$sql_update2="UPDATE $table_user_defined_category SET sort='".$source_category['sort']."' WHERE id='".$target_category['id']."' AND user_id='".$_uid."'";
$sql_update1="UPDATE $table_user_defined_category SET sort='".$target_category['sort']."' WHERE id='".$source_category['id']."' AND user_id='".$_user['user_id']."'";
$sql_update2="UPDATE $table_user_defined_category SET sort='".$source_category['sort']."' WHERE id='".$target_category['id']."' AND user_id='".$_user['user_id']."'";
mysql_query($sql_update2);
mysql_query($sql_update1);
return get_lang("CategorySortingDone");
@ -680,7 +680,7 @@ function move_category($direction, $category2move)
function display_courses($user_id, $show_course_icons, $user_courses)
{
global $_uid, $user_personal_database;
global $_user, $user_personal_database;
echo "<table cellpadding=\"4\">\n";
@ -695,7 +695,7 @@ function display_courses($user_id, $show_course_icons, $user_courses)
// Step 1: we get all the categories of the user
$DATABASE_USER_TOOLS = $user_personal_database;
$TABLE_USER_COURSE_CATEGORY = $DATABASE_USER_TOOLS."`.`user_course_category";
$sql="SELECT * FROM `$TABLE_USER_COURSE_CATEGORY` WHERE user_id=$_uid ORDER BY sort ASC";
$sql="SELECT * FROM `$TABLE_USER_COURSE_CATEGORY` WHERE user_id='".$_user['user_id']."' ORDER BY sort ASC";
$result=api_sql_query($sql);
while ($row=mysql_fetch_array($result))
{
@ -735,7 +735,7 @@ function display_courses($user_id, $show_course_icons, $user_courses)
*/
function display_courses_in_category($user_category_id, $showicons)
{
global $_uid;
global $_user;
// table definitions
$TABLECOURS=Database::get_main_table(MAIN_COURSE_TABLE);
@ -749,7 +749,7 @@ function display_courses_in_category($user_category_id, $showicons)
FROM $TABLECOURS course,
$TABLECOURSUSER course_rel_user
WHERE course.code = course_rel_user.course_code
AND course_rel_user.user_id = '".$_uid."'
AND course_rel_user.user_id = '".$_user['user_id']."'
AND course_rel_user.user_course_cat='".$user_category_id."'
ORDER BY course_rel_user.user_course_cat, course_rel_user.sort ASC";
$result = api_sql_query($sql_select_courses) or die(mysql_error());
@ -804,12 +804,12 @@ function display_courses_in_category($user_category_id, $showicons)
*/
function get_user_course_category($id)
{
global $_uid, $user_personal_database;
global $_user, $user_personal_database;
$DATABASE_USER_TOOLS = $user_personal_database;
$TABLE_USER_COURSE_CATEGORY = $DATABASE_USER_TOOLS."`.`user_course_category";
$sql="SELECT * FROM `".$TABLE_USER_COURSE_CATEGORY."` WHERE user_id='$_uid' AND id='$id'";
$sql="SELECT * FROM `".$TABLE_USER_COURSE_CATEGORY."` WHERE user_id='".$_user['user_id']."' AND id='$id'";
$result=mysql_query($sql) or die(mysql_error());
$row=mysql_fetch_array($result);
return $row;
@ -964,11 +964,11 @@ function display_category_icons($current_category, $all_user_categories)
*/
function display_change_course_category_form($edit_course)
{
global $_uid, $user_personal_database;
global $_user, $user_personal_database;
$DATABASE_USER_TOOLS = $user_personal_database;
$TABLE_USER_COURSE_CATEGORY = $DATABASE_USER_TOOLS."`.`user_course_category";
$sql="SELECT * FROM `$TABLE_USER_COURSE_CATEGORY` WHERE user_id='".$_uid."'";
$sql="SELECT * FROM `$TABLE_USER_COURSE_CATEGORY` WHERE user_id='".$_user['user_id']."'";
$result=api_sql_query($sql);
@ -1051,9 +1051,9 @@ function get_courses_of_user($user_id)
*/
function get_user_course_categories()
{
global $_uid;
global $_user;
$table_category = Database::get_user_personal_table(USER_COURSE_CATEGORY_TABLE);
$sql = "SELECT * FROM ".$table_category." WHERE user_id='".$_uid."' ORDER BY sort ASC";
$sql = "SELECT * FROM ".$table_category." WHERE user_id='".$_user['user_id']."' ORDER BY sort ASC";
$result = api_sql_query($sql,__FILE__,__LINE__);
while ($row = mysql_fetch_array($result))
{
@ -1097,7 +1097,7 @@ function display_edit_course_category_form($edit_course_category)
*/
function store_edit_course_category()
{
global $_uid, $user_personal_database;
global $_user, $user_personal_database;
$DATABASE_USER_TOOLS = $user_personal_database;
$TABLE_USER_COURSE_CATEGORY = $DATABASE_USER_TOOLS."`.`user_course_category";

21
main/auth/inscription.php
Unescape View File

@ -1,5 +1,5 @@
<?php
// $Id: inscription.php 9972 2006-11-14 14:44:37Z pcool $
// $Id: inscription.php 9983 2006-11-15 00:21:16Z pcool $
/*
==============================================================================
Dokeos - elearning and course management software
@ -121,14 +121,14 @@ if ($form->validate())
// TODO: add language to parameter list of UserManager::create_user(...)
$sql = "UPDATE ".Database::get_main_table(MAIN_USER_TABLE)."
SET language = '".mysql_real_escape_string($values['language'])."'
WHERE user_id = '".$_uid."' ";
WHERE user_id = '".$_user['user_id']."' ";
//api_sql_query($sql,__FILE__,__LINE__);
// if there is a default duration of a valid account then we have to change the expiration_date accordingly
if (get_setting('account_valid_duration')<>'')
{
$sql = "UPDATE ".Database::get_main_table(MAIN_USER_TABLE)."
SET expiration_date='registration_date+1' WHERE user_id='".$_uid."'";
SET expiration_date='registration_date+1' WHERE user_id='".$_user['user_id']."'";
api_sql_query($sql,__FILE__,__LINE__);
}
@ -137,7 +137,7 @@ if ($form->validate())
{
// 1. set account inactive
$sql = "UPDATE ".Database::get_main_table(MAIN_USER_TABLE)."
SET active='0' WHERE user_id='".$_uid."'";
SET active='0' WHERE user_id='".$_user['user_id']."'";
api_sql_query($sql,__FILE__,__LINE__);
// 2. send mail to the platform admin
@ -157,7 +157,7 @@ if ($form->validate())
@ api_send_mail($emailto, $emailsubject, $emailbody, $emailheaders);
// 3. exit the page
unset($_uid);
unset($_user['user_id']);
Display :: display_footer();
exit;
}
@ -166,13 +166,12 @@ if ($form->validate())
/*--------------------------------------
SESSION REGISTERING
--------------------------------------*/
$_uid=$user_id;
$_user['firstName'] = stripslashes($values['firstname']);
$_user['lastName'] = stripslashes($values['lastname']);
$_user['mail'] = $values['email'];
$_user['language'] = $values['language'];
$_user['lastName'] = stripslashes($values['lastname']);
$_user['mail'] = $values['email'];
$_user['language'] = $values['language'];
$_user['user_id'] = $values['user_id'];
$is_allowedCreateCourse = ($values['status'] == 1) ? true : false;
api_session_register('_uid');
api_session_register('_user');
api_session_register('is_allowedCreateCourse');
@ -229,7 +228,7 @@ if ($form->validate())
echo "<p>", get_lang('NowGoChooseYourCourses'), ".</p>\n";
$actionUrl = "courses.php?action=subscribe";
}
// ?uidReset=true&uidReq=$_uid
// ?uidReset=true&uidReq=$_user['user_id']
echo "<form action=\"", $actionUrl, "\" method=\"post\">\n", "<input type=\"submit\" name=\"next\" value=\"", get_lang('Next'), "\" validationmsg=\" ", get_lang('Next'), " \">\n", "</form>\n";
}

8
main/auth/inscription_second.php
Unescape View File

@ -1,4 +1,4 @@
<?php // $Id: inscription_second.php 9972 2006-11-14 14:44:37Z pcool $
<?php // $Id: inscription_second.php 9983 2006-11-15 00:21:16Z pcool $
/*
==============================================================================
Dokeos - elearning and course management software
@ -189,10 +189,10 @@ if ($regDataOk)
language = '".$language."'
");
$_uid = mysql_insert_id();
$_user['user_id'] = mysql_insert_id();
if ($_uid)
if ($_user['user_id'])
{
/*--------------------------------------
SESSION REGISTERING
@ -264,7 +264,7 @@ api_display_tool_title($nameTools);
echo "<p>",get_lang('NowGoChooseYourCourses'),".</p>\n";
$actionUrl = "courses.php?action=subscribe";
}
// ?uidReset=true&uidReq=$_uid
// ?uidReset=true&uidReq=$_user['user_id']
echo "<form action=\"",$actionUrl,"\" method=\"post\">\n",
"<input type=\"submit\" name=\"next\" value=\"",get_lang('Next'),"\" validationmsg=\" ",get_lang('Next')," \">\n",
"</form>\n";

6
main/auth/ldap/authldap.php
Unescape View File

@ -1,4 +1,4 @@
<?php // $Id: authldap.php 9730 2006-10-25 09:15:58Z elixir_inter $
<?php // $Id: authldap.php 9983 2006-11-15 00:21:16Z pcool $
/*
==============================================================================
Dokeos - elearning and course management software
@ -214,7 +214,7 @@ include ('ldap_var.inc.php');
global $submitRegistration, $submit, $uname, $email,
$nom, $prenom, $password, $password1, $status;
global $includePath, $platformLanguage;
global $loginFailed, $uidReset, $_uid;
global $loginFailed, $uidReset, $_user;
/*----------------------------------------------------------
1. set the necessary variables
@ -268,7 +268,7 @@ include ('ldap_var.inc.php');
$loginFailed = false;
$uidReset = true;
$_uid = $uData['user_id'];
$_user['user_id'] = $uData['user_id'];
api_session_register('_uid');
}

10
main/auth/ldap/login.php
Unescape View File

@ -1,4 +1,4 @@
<?php // $Id: login.php 9246 2006-09-25 13:24:53Z bmol $
<?php // $Id: login.php 9983 2006-11-15 00:21:16Z pcool $
/*
==============================================================================
Dokeos - elearning and course management software
@ -36,8 +36,8 @@
needs to set
- $loginFailed
- $uidReset
- $_uid
- register the $_uid in the session
- $_user['user_id']
- register the $_user['user_id'] in the session
As the LDAP code shows, this is not as difficult as you might think.
*/
/*
@ -56,13 +56,13 @@
{
$loginFailed = false;
$uidReset = true;
$_uid = $uData['user_id'];
$_user['user_id'] = $uData['user_id'];
api_session_register('_uid');
}
else
{
$loginFailed = true;
unset($_uid);
unset($_user['user_id']);
$uidReset = false;
}
?>

4
main/auth/ldap/newUser.php
Unescape View File

@ -1,4 +1,4 @@
<?php # $Id: newUser.php 9246 2006-09-25 13:24:53Z bmol $
<?php # $Id: newUser.php 9983 2006-11-15 00:21:16Z pcool $
/*
==============================================================================
Dokeos - elearning and course management software
@ -57,7 +57,7 @@ if ($loginLdapSucces)
else
{
$loginFailed = true;
unset($_uid);
unset($_user['user_id']);
$uidReset = false;
}
?>

18
main/auth/my_progress.php
Unescape View File

@ -40,7 +40,7 @@ $tbl_course_lp = Database :: get_course_table('lp');
$tbl_course_lp_item = Database :: get_course_table('lp_item');
$tbl_course_quiz = Database :: get_course_table('quiz');
$result=api_sql_query("SELECT DISTINCT id, name, date_start, date_end FROM session_rel_course_rel_user,session WHERE id_session=id AND id_user=$_uid ORDER BY date_start, date_end, name",__FILE__,__LINE__);
$result=api_sql_query("SELECT DISTINCT id, name, date_start, date_end FROM session_rel_course_rel_user,session WHERE id_session=id AND id_user=".$_user['user_id']." ORDER BY date_start, date_end, name",__FILE__,__LINE__);
$Sessions=api_store_result($result);
@ -52,7 +52,7 @@ if($id_session)
$result=api_sql_query("SELECT code, title, CONCAT(user.lastname,' ',user.firstname) coach, email
FROM $tbl_session_course_user AS session_course_user, $tbl_session_course AS session_course, $tbl_course AS course, $tbl_user AS user
WHERE session_course_user.id_session='$id_session'
AND session_course_user.id_user='$_uid'
AND session_course_user.id_user='".$_user['user_id']."'
AND session_course_user.course_code=course.code
AND session_course_user.id_session=session_course.id_session
AND session_course_user.course_code=session_course.course_code
@ -66,7 +66,7 @@ if($id_session)
ON $tbl_session_course.id_coach = $tbl_user.user_id
INNER JOIN $tbl_session_course_user
ON $tbl_session_course_user.id_session = $tbl_session_course.id_session
AND $tbl_session_course_user.id_user = '$_uid'
AND $tbl_session_course_user.id_user = '".$_user['user_id']."'
INNER JOIN $tbl_session ON $tbl_session.id = $tbl_session_course.id_session
WHERE $tbl_session_course.course_code=code
AND $tbl_session_course.id_session='$id_session'
@ -152,7 +152,7 @@ foreach($Courses as $enreg)
FROM ".$enreg['db_name'].'.'.$tbl_course_lp_view_item." AS lpi
INNER JOIN ".$enreg['db_name'].'.'.$tbl_course_lp_view." AS lpv
ON lpv.lp_id = lpi.lp_view_id
AND lpv.user_id = ".$_uid
AND lpv.user_id = ".$_user['user_id']
;
$result = api_sql_query($sqlTime);
while($totalTime = mysql_fetch_array($result))
@ -162,7 +162,7 @@ foreach($Courses as $enreg)
$sqlScore = "SELECT exe_result,exe_weighting
FROM $tbl_stats_exercices
WHERE exe_user_id = ".$_uid."
WHERE exe_user_id = ".$_user['user_id']."
AND exe_cours_id = '".$enreg['code']."'
";
@ -185,7 +185,7 @@ foreach($Courses as $enreg)
$sqlLastAccess = " SELECT access_date
FROM $tbl_stats_lastaccess
WHERE access_user_id = ".$_uid."
WHERE access_user_id = ".$_user['user_id']."
AND access_cours_code = '".$enreg['code']."'
ORDER BY access_date DESC LIMIT 0,1"
;
@ -207,7 +207,7 @@ foreach($Courses as $enreg)
$sqlProgress = "SELECT COUNT(DISTINCT item_view.lp_item_id) AS nbItem
FROM ".$enreg['db_name'].".".$tbl_course_lp_view_item." AS item_view
INNER JOIN ".$enreg['db_name'].".".$tbl_course_lp_view." AS view
ON view.user_id = ".$_uid."
ON view.user_id = ".$_user['user_id']."
WHERE item_view.status = 'completed'
";
$resultProgress = api_sql_query($sqlProgress);
@ -394,7 +394,7 @@ $progress = round(($totalProgress*100)/$totalItem);
INNER JOIN ".$a_infosCours['db_name'].".".$tbl_course_lp_view." AS view
ON item_view.lp_view_id = view.id
AND view.lp_id = ".$a_learnpath['id']."
AND view.user_id = ".$_uid."
AND view.user_id = ".$_user['user_id']."
WHERE item_view.status = 'completed'
";
$resultProgress = api_sql_query($sqlProgress);
@ -471,7 +471,7 @@ $progress = round(($totalProgress*100)/$totalItem);
$sqlScore = "SELECT exe_result,exe_weighting
FROM $tbl_stats_exercices
WHERE exe_user_id = ".$_uid."
WHERE exe_user_id = ".$_user['user_id']."
AND exe_cours_id = '".$a_infosCours['code']."'
AND exe_exo_id = ".$a_exercices['id']
;

70
main/auth/profile.php
Unescape View File

@ -1,5 +1,5 @@
<?php
// $Id: profile.php 9548 2006-10-18 08:19:15Z elixir_inter $
// $Id: profile.php 9983 2006-11-15 00:21:16Z pcool $
/*
==============================================================================
Dokeos - elearning and course management software
@ -94,7 +94,7 @@ $table_user = Database :: get_main_table(MAIN_USER_TABLE);
/*
* Get initial values for all fields.
*/
$sql = "SELECT * FROM $table_user WHERE user_id = '$_uid'";
$sql = "SELECT * FROM $table_user WHERE user_id = '".$_user['user_id']."'";
$result = api_sql_query($sql, __FILE__, __LINE__);
if ($result)
{
@ -162,7 +162,7 @@ $form->addRule('phone', get_lang('EmailWrong'), 'email');*/
// PICTURE
if (is_profile_editable() && api_get_setting('profile', 'picture') == 'true')
{
$form->addElement('file', 'picture', (get_user_image($_uid) != '' ? get_lang('UpdateImage') : get_lang('AddImage')));
$form->addElement('file', 'picture', (get_user_image($_user['user_id']) != '' ? get_lang('UpdateImage') : get_lang('AddImage')));
$form->add_progress_bar();
if( strlen($user_data['picture_uri']) > 0)
{
@ -202,7 +202,7 @@ if (api_get_setting('extended_profile') == 'true')
// MY PRODUCTIONS
$form->addElement('file', 'production', get_lang('MyProductions'));
if ($production_list = build_production_list($_uid))
if ($production_list = build_production_list($_user['user_id']))
$form->addElement('static', 'productions', null, $production_list);
// MY PERSONAL OPEN AREA
@ -273,13 +273,13 @@ function is_profile_editable()
* Get a user's display picture. If the user doesn't have a picture, this
* function will return an empty string.
*
* @param $_uid User id
* @param $user_id User id
* @return The uri to the picture
*/
function get_user_image($_uid)
function get_user_image($user_id)
{
$table_user = Database :: get_main_table(MAIN_USER_TABLE);
$sql = "SELECT picture_uri FROM $table_user WHERE user_id = '$_uid'";
$sql = "SELECT picture_uri FROM $table_user WHERE user_id = '$user_id'";
$result = api_sql_query($sql, __FILE__, __LINE__);
if ($result && $row = mysql_fetch_array($result, MYSQL_ASSOC))
@ -293,10 +293,10 @@ function get_user_image($_uid)
/**
* Upload a submitted user image.
*
* @param $_uid User id
* @param $user_id User id
* @return The filename of the new picture or FALSE if the upload has failed
*/
function upload_user_image($_uid)
function upload_user_image($user_id)
{
/* Originally added by Miguel (miguel@cesga.es) - 2003-11-04
* Code Refactoring by Hugues Peeters (hugues.peeters@claroline.net) - 2003-11-24
@ -304,7 +304,7 @@ function upload_user_image($_uid)
*/
$image_repository = api_get_path(SYS_CODE_PATH).'upload/users/';
$existing_image = get_user_image($_uid);
$existing_image = get_user_image($user_id);
$file_extension = explode('.', $_FILES['picture']['name']);
$file_extension = strtolower($file_extension[sizeof($file_extension) - 1]);
@ -322,7 +322,7 @@ function upload_user_image($_uid)
else
{
$old_picture_filename = $existing_image;
$picture_filename = (PREFIX_IMAGE_FILENAME_WITH_UID ? 'u'.$_uid.'_' : '').uniqid('').'.'.$file_extension;
$picture_filename = (PREFIX_IMAGE_FILENAME_WITH_UID ? 'u'.$user_id.'_' : '').uniqid('').'.'.$file_extension;
}
if (KEEP_THE_OLD_IMAGE_AFTER_CHANGE)
@ -332,7 +332,7 @@ function upload_user_image($_uid)
}
else
{
$picture_filename = (PREFIX_IMAGE_FILENAME_WITH_UID ? $_uid.'_' : '').uniqid('').'.'.$file_extension;
$picture_filename = (PREFIX_IMAGE_FILENAME_WITH_UID ? $user_id.'_' : '').uniqid('').'.'.$file_extension;
}
if (move_uploaded_file($_FILES['picture']['tmp_name'], $image_repository.$picture_filename))
@ -344,12 +344,12 @@ function upload_user_image($_uid)
/**
* Remove an existing user image.
*
* @param $_uid User id
* @param $user_id User id
*/
function remove_user_image($_uid)
function remove_user_image($user_id)
{
$image_repository = api_get_path(SYS_CODE_PATH).'upload/users/';
$image = get_user_image($_uid);
$image = get_user_image($user_id);
if ($image != '')
{
@ -376,21 +376,21 @@ function remove_user_image($_uid)
* productions on the filesystem before the removal request has been carried
* out because they'll have to be re-read afterwards anyway.
*
* @param $_uid User id
* @param $user_id User id
* @param $force Optional parameter to force building after a removal request
* @return A string containing the XHTML code to dipslay the production list, or FALSE
*/
function build_production_list($_uid, $force = false)
function build_production_list($user_id, $force = false)
{
if (!$force && $_POST['remove_production'])
return true; // postpone reading from the filesystem
$productions = get_user_productions($_uid);
$productions = get_user_productions($user_id);
if (empty($productions))
return false;
$production_dir = api_get_path(WEB_CODE_PATH)."upload/users/$_uid/";
$production_dir = api_get_path(WEB_CODE_PATH)."upload/users/$user_id/";
$del_image = api_get_path(WEB_CODE_PATH).'img/delete.gif';
$del_text = get_lang('Delete');
@ -410,12 +410,12 @@ function build_production_list($_uid, $force = false)
/**
* Returns an array with the user's productions.
*
* @param $_uid User id
* @param $user_id User id
* @return An array containing the user's productions
*/
function get_user_productions($_uid)
function get_user_productions($user_id)
{
$production_repository = api_get_path(SYS_CODE_PATH)."upload/users/$_uid/";
$production_repository = api_get_path(SYS_CODE_PATH)."upload/users/$user_id/";
$productions = array();
if (is_dir($production_repository))
@ -437,12 +437,12 @@ function get_user_productions($_uid)
/**
* Upload a submitted user production.
*
* @param $_uid User id
* @param $user_id User id
* @return The filename of the new production or FALSE if the upload has failed
*/
function upload_user_production($_uid)
function upload_user_production($user_id)
{
$production_repository = api_get_path(SYS_CODE_PATH)."upload/users/$_uid/";
$production_repository = api_get_path(SYS_CODE_PATH)."upload/users/$user_id/";
if (!file_exists($production_repository))
mkpath($production_repository);
@ -459,12 +459,12 @@ function upload_user_production($_uid)
/**
* Remove a user production.
*
* @param $_uid User id
* @param $user_id User id
* @param $production The production to remove
*/
function remove_user_production($_uid, $production)
function remove_user_production($user_id, $production)
{
unlink(api_get_path(SYS_CODE_PATH)."upload/users/$_uid/$production");
unlink(api_get_path(SYS_CODE_PATH)."upload/users/$user_id/$production");
}
/*
@ -481,9 +481,9 @@ if ($_SESSION['profile_update'])
elseif ($_POST['remove_production'])
{
foreach (array_keys($_POST['remove_production']) as $production)
remove_user_production($_uid, urldecode($production));
remove_user_production($_user['user_id'], urldecode($production));
if ($production_list = build_production_list($_uid, true))
if ($production_list = build_production_list($_user['user_id'], true))
$form->insertElementBefore($form->createElement('static', null, null, $production_list), 'productions');
$form->removeElement('productions');
@ -501,20 +501,20 @@ elseif ($form->validate())
// upload picture if a new one is provided
if ($_FILES['picture']['size'])
{
if ($new_picture = upload_user_image($_uid))
if ($new_picture = upload_user_image($_user['user_id']))
$user_data['picture_uri'] = $new_picture;
}
// remove existing picture if asked
elseif ($user_data['remove_picture'])
{
remove_user_image($_uid);
remove_user_image($_user['user_id']);
$user_data['picture_uri'] = '';
}
// upload production if a new one is provided
if ($_FILES['production']['size'])
upload_user_production($_uid);
upload_user_production($_user['user_id']);
// remove values that shouldn't go in the database
unset($user_data['password1'], $user_data['password2'], $user_data['MAX_FILE_SIZE'],
@ -544,7 +544,7 @@ elseif ($form->validate())
$sql = rtrim($sql, ',');
}
$sql .= " WHERE user_id = '$_uid'";
$sql .= " WHERE user_id = '$_user['user_id']'";
api_sql_query($sql, __FILE__, __LINE__);
@ -572,7 +572,7 @@ elseif ($update_success)
Display :: display_normal_message(get_lang('ProfileReg'));
}
// USER PICTURE
$image = get_user_image($_uid);
$image = get_user_image($_user['user_id']);
$image_file = ($image != '' ? api_get_path(WEB_CODE_PATH)."upload/users/$image" : api_get_path(WEB_CODE_PATH).'img/unknown.jpg');
$image_size = @getimagesize($image_file);

Write Preview
Loading…
Cancel
Save