chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Format code, fix PHP warning, add/fix docs

Browse Source
1.10.x
Julio Montoya 10 years ago
parent 39503d9ad0
commit e326572e46
16 changed files with 627 additions and 613 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 73
      main/inc/lib/AnnouncementManager.php
  2. 48
      main/inc/lib/agenda.lib.php
  3. 62
      main/inc/lib/attendance.lib.php
  4. 4
      main/inc/lib/auth.lib.php
  5. 339
      main/inc/lib/blog.lib.php
  6. 2
      main/inc/lib/certificate.lib.php
  7. 3
      main/inc/lib/course_description.lib.php
  8. 6
      main/inc/lib/course_home.lib.php
  9. 7
      main/inc/lib/course_request.lib.php
  10. 458
      main/inc/lib/dashboard.lib.php
  11. 14
      main/inc/lib/event_email_template.class.php
  12. 58
      main/inc/lib/exercise_show_functions.lib.php
  13. 58
      main/inc/lib/export.lib.inc.php
  14. 2
      main/inc/lib/redirect.class.php
  15. 29
      main/newscorm/learnpath.class.php
  16. 77
      main/permissions/blog_permissions.inc.php

73
main/inc/lib/AnnouncementManager.php
Unescape View File

@ -194,52 +194,52 @@ class AnnouncementManager
$course_id = api_get_course_int_id();
if (api_is_allowed_to_edit(false, true) || (api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) {
$sql_query = " SELECT announcement.*, toolitemproperties.*
FROM $tbl_announcement announcement, $tbl_item_property toolitemproperties
WHERE
announcement.id = toolitemproperties.ref AND
announcement.id = '$announcement_id' AND
toolitemproperties.tool='announcement' AND
announcement.c_id = $course_id AND
toolitemproperties.c_id = $course_id
ORDER BY display_order DESC";
$sql = "SELECT announcement.*, toolitemproperties.*
FROM $tbl_announcement announcement, $tbl_item_property toolitemproperties
WHERE
announcement.id = toolitemproperties.ref AND
announcement.id = '$announcement_id' AND
toolitemproperties.tool='announcement' AND
announcement.c_id = $course_id AND
toolitemproperties.c_id = $course_id
ORDER BY display_order DESC";
} else {
$group_list = GroupManager::get_group_ids($course_id, api_get_user_id());
if (empty($group_list)) {
$group_list[] = 0;
}
if (api_get_user_id() != 0) {
$sql_query = " SELECT announcement.*, toolitemproperties.*
FROM $tbl_announcement announcement, $tbl_item_property toolitemproperties
WHERE
announcement.id = toolitemproperties.ref AND
announcement.id = '$announcement_id' AND
toolitemproperties.tool='announcement' AND
(
toolitemproperties.to_user_id='" . api_get_user_id() . "' OR
toolitemproperties.to_group_id IN ('0', '" . implode("', '", $group_list) . "') OR
toolitemproperties.to_group_id IS NULL
) AND
toolitemproperties.visibility='1' AND
announcement.c_id = $course_id AND
toolitemproperties.c_id = $course_id
ORDER BY display_order DESC";
$sql = "SELECT announcement.*, toolitemproperties.*
FROM $tbl_announcement announcement, $tbl_item_property toolitemproperties
WHERE
announcement.id = toolitemproperties.ref AND
announcement.id = '$announcement_id' AND
toolitemproperties.tool='announcement' AND
(
toolitemproperties.to_user_id='" . api_get_user_id() . "' OR
toolitemproperties.to_group_id IN ('0', '" . implode("', '", $group_list) . "') OR
toolitemproperties.to_group_id IS NULL
) AND
toolitemproperties.visibility='1' AND
announcement.c_id = $course_id AND
toolitemproperties.c_id = $course_id
ORDER BY display_order DESC";
} else {
$sql_query = " SELECT announcement.*, toolitemproperties.*
FROM $tbl_announcement announcement, $tbl_item_property toolitemproperties
WHERE
announcement.id = toolitemproperties.ref AND
announcement.id = '$announcement_id' AND
toolitemproperties.tool='announcement' AND
(toolitemproperties.to_group_id='0' OR toolitemproperties.to_group_id IS NULL) AND
toolitemproperties.visibility='1' AND
announcement.c_id = $course_id AND
toolitemproperties.c_id = $course_id
";
$sql = "SELECT announcement.*, toolitemproperties.*
FROM $tbl_announcement announcement, $tbl_item_property toolitemproperties
WHERE
announcement.id = toolitemproperties.ref AND
announcement.id = '$announcement_id' AND
toolitemproperties.tool='announcement' AND
(toolitemproperties.to_group_id='0' OR toolitemproperties.to_group_id IS NULL) AND
toolitemproperties.visibility='1' AND
announcement.c_id = $course_id AND
toolitemproperties.c_id = $course_id
";
}
}
$sql_result = Database::query($sql_query);
$sql_result = Database::query($sql);
$html = null;
if (Database::num_rows($sql_result) > 0) {
$result = Database::fetch_array($sql_result, 'ASSOC');
@ -312,6 +312,7 @@ class AnnouncementManager
$html .= '</td></tr>';
}
$html .= "</table>";
return $html;
}

48
main/inc/lib/agenda.lib.php
Unescape View File

@ -522,7 +522,8 @@ class Agenda
// Get the agenda item.
$item_id = intval($item_id);
$sql = "SELECT * FROM $table_agenda WHERE c_id = $course_id AND id = ".$item_id;
$sql = "SELECT * FROM $table_agenda
WHERE c_id = $course_id AND id = ".$item_id;
$res = Database::query($sql);
if (Database::num_rows($res) > 0) {
@ -538,9 +539,11 @@ class Agenda
$row['end_date']
);
AnnouncementManager::send_email($id);
return $id;
}
return $id;
}
return -1;
}
@ -1088,17 +1091,20 @@ class Agenda
if (!empty($event)) {
switch ($this->type) {
case 'personal':
$sql = "UPDATE $this->tbl_personal_agenda SET all_day = 0, enddate = DATE_ADD(enddate, INTERVAL $delta MINUTE)
$sql = "UPDATE $this->tbl_personal_agenda SET
all_day = 0, enddate = DATE_ADD(enddate, INTERVAL $delta MINUTE)
WHERE id=".intval($id);
Database::query($sql);
break;
case 'course':
$sql = "UPDATE $this->tbl_course_agenda SET all_day = 0, end_date = DATE_ADD(end_date, INTERVAL $delta MINUTE)
$sql = "UPDATE $this->tbl_course_agenda SET
all_day = 0, end_date = DATE_ADD(end_date, INTERVAL $delta MINUTE)
WHERE c_id = ".$this->course['real_id']." AND id=".intval($id);
Database::query($sql);
break;
case 'admin':
$sql = "UPDATE $this->tbl_global_agenda SET all_day = 0, end_date = DATE_ADD(end_date, INTERVAL $delta MINUTE)
$sql = "UPDATE $this->tbl_global_agenda SET
all_day = 0, end_date = DATE_ADD(end_date, INTERVAL $delta MINUTE)
WHERE id=".intval($id);
Database::query($sql);
break;
@ -1129,19 +1135,26 @@ class Agenda
if (!empty($event)) {
switch ($this->type) {
case 'personal':
$sql = "UPDATE $this->tbl_personal_agenda SET all_day = $allDay, date = DATE_ADD(date, INTERVAL $delta MINUTE), enddate = DATE_ADD(enddate, INTERVAL $delta MINUTE)
$sql = "UPDATE $this->tbl_personal_agenda SET
all_day = $allDay, date = DATE_ADD(date, INTERVAL $delta MINUTE),
enddate = DATE_ADD(enddate, INTERVAL $delta MINUTE)
WHERE id=".intval($id);
$result = Database::query($sql);
Database::query($sql);
break;
case 'course':
$sql = "UPDATE $this->tbl_course_agenda SET all_day = $allDay, start_date = DATE_ADD(start_date,INTERVAL $delta MINUTE), end_date = DATE_ADD(end_date, INTERVAL $delta MINUTE)
$sql = "UPDATE $this->tbl_course_agenda SET
all_day = $allDay, start_date = DATE_ADD(start_date,INTERVAL $delta MINUTE),
end_date = DATE_ADD(end_date, INTERVAL $delta MINUTE)
WHERE c_id = ".$this->course['real_id']." AND id=".intval($id);
$result = Database::query($sql);
Database::query($sql);
break;
case 'admin':
$sql = "UPDATE $this->tbl_global_agenda SET all_day = $allDay, start_date = DATE_ADD(start_date,INTERVAL $delta MINUTE), end_date = DATE_ADD(end_date, INTERVAL $delta MINUTE)
$sql = "UPDATE $this->tbl_global_agenda SET
all_day = $allDay,
start_date = DATE_ADD(start_date,INTERVAL $delta MINUTE),
end_date = DATE_ADD(end_date, INTERVAL $delta MINUTE)
WHERE id=".intval($id);
$result = Database::query($sql);
Database::query($sql);
break;
}
}
@ -2542,19 +2555,24 @@ class Agenda
//$form->addButtonFilter(get_lang('Filter'));
//$renderer = $form->defaultRenderer();
//$renderer->setCustomElementTemplate('<div class="col-md-6">{element}</div>');
$form->addButtonReset(get_lang('Reset'));
$form = $form->returnForm();
}
}
}
$actionsRight = '';
if ($view == 'calendar') {
$actionsRight .= $form;
}
$toolbar = Display::toolbarAction('toolbar-agenda', array( 0 => $actionsLeft, 1 => $actionsRight), 2, false);
$toolbar = Display::toolbarAction(
'toolbar-agenda',
array(0 => $actionsLeft, 1 => $actionsRight),
2,
false
);
return $toolbar;
}

62
main/inc/lib/attendance.lib.php
Unescape View File

@ -56,40 +56,39 @@ class Attendance
return $obj->total_number_of_items;
}
/**
* Get attendance list only the id, name and attendance_qualify_max fields
* @param string course db name (optional)
* @param int session id (optional)
* @return array attendances list
*/
public function get_attendances_list($course_id = '', $session_id = null)
{
// Initializing database table and variables
$tbl_attendance = Database :: get_course_table(TABLE_ATTENDANCE);
$data = array();
if (empty($course_id)) {
$course_id = api_get_course_int_id();
} else {
$course_id = intval($course_id);
}
/**
* Get attendance list only the id, name and attendance_qualify_max fields
* @param string course db name (optional)
* @param int session id (optional)
* @return array attendances list
*/
public function get_attendances_list($course_id = '', $session_id = null)
{
$tbl_attendance = Database :: get_course_table(TABLE_ATTENDANCE);
$data = array();
$session_id = isset($session_id)?intval($session_id):api_get_session_id();
$condition_session = api_get_session_condition($session_id);
if (empty($course_id)) {
$course_id = api_get_course_int_id();
} else {
$course_id = intval($course_id);
}
// Get attendance data
$sql = "SELECT id, name, attendance_qualify_max
FROM $tbl_attendance
WHERE c_id = $course_id AND active = 1 $condition_session ";
$rs = Database::query($sql);
if (Database::num_rows($rs) > 0) {
while ($row = Database::fetch_array($rs,'ASSOC')) {
$data[$row['id']] = $row;
}
}
$session_id = isset($session_id)?intval($session_id):api_get_session_id();
$condition_session = api_get_session_condition($session_id);
// Get attendance data
$sql = "SELECT id, name, attendance_qualify_max
FROM $tbl_attendance
WHERE c_id = $course_id AND active = 1 $condition_session ";
$rs = Database::query($sql);
if (Database::num_rows($rs) > 0) {
while ($row = Database::fetch_array($rs,'ASSOC')) {
$data[$row['id']] = $row;
}
}
return $data;
}
return $data;
}
/**
* Get the attendaces to display on the current page (fill the sortable-table)
@ -849,7 +848,6 @@ class Attendance
}
// get count of presences by users inside current attendance and save like results
$count_presences = 0;
if (count($user_ids) > 0) {
foreach ($user_ids as $uid) {
$count_presences = 0;

4
main/inc/lib/auth.lib.php
Unescape View File

@ -102,7 +102,9 @@ class Auth
{
$user_id = api_get_user_id();
$table_category = Database::get_main_table(TABLE_USER_COURSE_CATEGORY);
$sql = "SELECT * FROM " . $table_category . " WHERE user_id=$user_id ORDER BY sort ASC";
$sql = "SELECT * FROM " . $table_category . "
WHERE user_id=$user_id
ORDER BY sort ASC";
$result = Database::query($sql);
$output = array();
while ($row = Database::fetch_array($result)) {

339
main/inc/lib/blog.lib.php
Unescape View File

@ -124,10 +124,15 @@ class Blog
if ($info_count == 0) {
// Create the blog
$sql = "INSERT INTO $tbl_blogs (c_id, blog_name, blog_subtitle, date_creation, visibility, session_id )
VALUES ($course_id, '".Database::escape_string($title)."', '".Database::escape_string($subtitle)."', '".$current_date."', '1', '$session_id');";
Database::query($sql);
$this_blog_id = Database::insert_id();
$params = [
'c_id' => $course_id,
'blog_name' => $title,
'blog_subtitle' => $subtitle,
'date_creation' => $current_date,
'visibility' => 1 ,
'session_id' => $session_id,
];
$this_blog_id = Database::insert($tbl_blogs, $params);
if ($this_blog_id > 0) {
@ -145,10 +150,16 @@ class Blog
}
// Make first post. :)
$sql = "INSERT INTO $tbl_blogs_posts (c_id, title, full_text, date_creation, blog_id, author_id)
VALUES ($course_id, '".get_lang("Welcome")."', '" . get_lang('FirstPostText')."','".$current_date."', '".Database::escape_string((int)$this_blog_id)."', '".Database::escape_string((int)$_user['user_id'])."');";
Database::query($sql);
$postId = Database::insert_id();
$params = [
'c_id' => $course_id,
'title' => get_lang("Welcome"),
'full_text' => get_lang('FirstPostText'),
'date_creation' => $current_date,
'blog_id' => $this_blog_id,
'author_id' => $_user['user_id'],
];
$postId = Database::insert($tbl_blogs_posts, $params);
if ($postId) {
$sql = "UPDATE $tbl_blogs_posts SET post_id = iid WHERE iid = $postId";
Database::query($sql);
@ -165,7 +176,6 @@ class Blog
Database::query($sql);
}
// Subscribe the teacher to this blog
Blog::set_user_subscribed($this_blog_id, $_user['user_id']);
}
@ -180,8 +190,6 @@ class Blog
*/
public static function edit_blog($blog_id, $title, $subtitle)
{
$_user = api_get_user_info();
// Table definitions
$tbl_blogs = Database::get_course_table(TABLE_BLOGS);
$tbl_tool = Database::get_course_table(TABLE_TOOL_LIST);
@ -197,7 +205,6 @@ class Blog
blog_id ='".Database::escape_string((int)$blog_id)."'
LIMIT 1";
Database::query($sql);
$this_blog_id = Database::insert_id();
//update item_property (update)
api_item_property_update(
@ -211,7 +218,7 @@ class Blog
// Update course homepage link
$sql = "UPDATE $tbl_tool SET
name = '".Database::escape_string($title)."'
WHERE c_id = $course_id AND link = 'blog/blog.php?blog_id=".Database::escape_string((int)$blog_id)."' LIMIT 1";
WHERE c_id = $course_id AND link = 'blog/blog.php?blog_id=".(int)$blog_id."' LIMIT 1";
Database::query($sql);
}
@ -357,7 +364,6 @@ class Blog
*/
public static function edit_post($post_id, $title, $full_text, $blog_id)
{
// Init
$tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS);
$course_id = api_get_course_int_id();
@ -420,7 +426,7 @@ class Blog
$upload_ok = true;
$has_attachment = false;
$current_date = date('Y-m-d H:i:s', time());
$current_date = api_get_utc_datetime();
$course_id = api_get_course_int_id();
if (!empty($_FILES['user_upload']['name'])) {
@ -732,7 +738,6 @@ class Blog
{
$_user = api_get_user_info();
// Init
$tbl_blogs = Database::get_course_table(TABLE_BLOGS);
$tbl_blogs_tasks_rel_user = Database::get_course_table(TABLE_BLOGS_TASKS_REL_USER);
$tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS);
@ -741,16 +746,18 @@ class Blog
if ($_user['user_id']) {
$sql = "SELECT task_rel_user.*, task.title, blog.blog_name
FROM $tbl_blogs_tasks_rel_user task_rel_user
INNER JOIN $tbl_blogs_tasks task ON task_rel_user.task_id = task.task_id
INNER JOIN $tbl_blogs blog ON task_rel_user.blog_id = blog.blog_id
AND blog.blog_id = ".intval($_GET['blog_id'])."
WHERE
task.c_id = $course_id AND
blog.c_id = $course_id AND
task_rel_user.c_id = $course_id AND
task_rel_user.user_id = ".(int)$_user['user_id']."
ORDER BY target_date ASC";
FROM $tbl_blogs_tasks_rel_user task_rel_user
INNER JOIN $tbl_blogs_tasks task
ON task_rel_user.task_id = task.task_id
INNER JOIN $tbl_blogs blog
ON task_rel_user.blog_id = blog.blog_id
AND blog.blog_id = ".intval($_GET['blog_id'])."
WHERE
task.c_id = $course_id AND
blog.c_id = $course_id AND
task_rel_user.c_id = $course_id AND
task_rel_user.user_id = ".(int)$_user['user_id']."
ORDER BY target_date ASC";
$result = Database::query($sql);
@ -791,11 +798,11 @@ class Blog
// Change visibility state, remove from course home.
$sql = "UPDATE $tbl_blogs SET visibility = '0'
WHERE c_id = $course_id AND blog_id ='".(int)$blog_id."' LIMIT 1";
$result = Database::query($sql);
Database::query($sql);
$sql = "DELETE FROM $tbl_tool
WHERE c_id = $course_id AND name = '".Database::escape_string($title)."' LIMIT 1";
$result = Database::query($sql);
Database::query($sql);
} else {
// Change visibility state, add to course home.
$sql = "UPDATE $tbl_blogs SET visibility = '1'
@ -826,7 +833,6 @@ class Blog
$tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS);
$tbl_blogs_comments = Database::get_course_table(TABLE_BLOGS_COMMENTS);
$tbl_users = Database::get_main_table(TABLE_MAIN_USER);
global $dateFormatLong;
$course_id = api_get_course_int_id();
@ -844,11 +850,14 @@ class Blog
// Display
if(Database::num_rows($result) > 0) {
$limit = 200;
while($blog_post = Database::fetch_array($result)) {
while ($blog_post = Database::fetch_array($result)) {
// Get number of comments
$sql = "SELECT COUNT(1) as number_of_comments
FROM $tbl_blogs_comments
WHERE c_id = $course_id AND blog_id = '".(int)$blog_id."' AND post_id = '" . (int)$blog_post['post_id']."'";
WHERE
c_id = $course_id AND
blog_id = '".(int)$blog_id."' AND
post_id = '" . (int)$blog_post['post_id']."'";
$tmp = Database::query($sql);
$blog_post_comments = Database::fetch_array($tmp);
@ -931,7 +940,6 @@ class Blog
*/
public static function display_day_results($blog_id, $query_string)
{
// Init
$date_output = $query_string;
$date = explode('-',$query_string);
$query_string = ' DAYOFMONTH(date_creation) =' . intval($date[2]) . ' AND MONTH(date_creation) =' . intval($date[1]) . ' AND YEAR(date_creation) =' . intval($date[0]);
@ -952,7 +960,6 @@ class Blog
*/
public static function display_post($blog_id, $post_id)
{
// Init
$tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS);
$tbl_blogs_comments = Database::get_course_table(TABLE_BLOGS_COMMENTS);
$tbl_users = Database::get_main_table(TABLE_MAIN_USER);
@ -961,20 +968,22 @@ class Blog
$course_id = api_get_course_int_id();
// Get posts and author
$sql = "SELECT post.*, user.lastname, user.firstname, user.username FROM $tbl_blogs_posts post
INNER JOIN $tbl_users user ON post.author_id = user.user_id
WHERE
post.c_id = $course_id AND
post.blog_id = '".(int)$blog_id."' AND
post.post_id = '".(int)$post_id."'
ORDER BY post_id DESC";
$sql = "SELECT post.*, user.lastname, user.firstname, user.username
FROM $tbl_blogs_posts post
INNER JOIN $tbl_users user
ON post.author_id = user.user_id
WHERE
post.c_id = $course_id AND
post.blog_id = '".(int)$blog_id."' AND
post.post_id = '".(int)$post_id."'
ORDER BY post_id DESC";
$result = Database::query($sql);
$blog_post = Database::fetch_array($result);
// Get number of comments
$sql = "SELECT COUNT(1) as number_of_comments FROM $tbl_blogs_comments
$sql = "SELECT COUNT(1) as number_of_comments
FROM $tbl_blogs_comments
WHERE c_id = $course_id AND blog_id = '".(int)$blog_id."' AND post_id = '".(int)$post_id."'";
$result = Database::query($sql);
$blog_post_comments = Database::fetch_array($result);
@ -1057,18 +1066,19 @@ class Blog
// Check if the user has already rated this post/comment
$sql = "SELECT rating_id FROM $tbl_blogs_rating
WHERE c_id = $course_id AND
blog_id = '".(int)$blog_id."'
AND item_id = '".(int)$item_id."'
AND rating_type = '".Database::escape_string($type)."'
AND user_id = '".(int)$_user['user_id']."'";
WHERE
c_id = $course_id AND
blog_id = '".(int)$blog_id."' AND
item_id = '".(int)$item_id."' AND
rating_type = '".Database::escape_string($type)."' AND
user_id = '".(int)$_user['user_id']."'";
$result = Database::query($sql);
// Add rating
if (Database::num_rows($result) == 0) {
$sql = "INSERT INTO $tbl_blogs_rating (c_id, blog_id, rating_type, item_id, user_id, rating )
VALUES ($course_id, '".(int)$blog_id."', '".Database::escape_string($type)."', '".(int)$item_id."', '".(int)$_user['user_id']."', '".Database::escape_string($rating)."')";
$result = Database::query($sql);
Database::query($sql);
$id = Database::insert_id();
if ($id) {
@ -1168,30 +1178,34 @@ class Blog
*/
public static function get_threaded_comments($current = 0, $current_level = 0, $blog_id, $post_id, $task_id = 0)
{
// Init
$tbl_blogs_comments = Database::get_course_table(TABLE_BLOGS_COMMENTS);
$tbl_users = Database::get_main_table(TABLE_MAIN_USER);
$tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS);
global $charset,$dateFormatLong;
$tbl_blogs_comments = Database::get_course_table(TABLE_BLOGS_COMMENTS);
$tbl_users = Database::get_main_table(TABLE_MAIN_USER);
$tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS);
global $charset;
$course_id = api_get_course_int_id();
// Select top level comments
$next_level = $current_level + 1;
$sql = "SELECT comments.*, user.lastname, user.firstname, user.username, task.color
FROM $tbl_blogs_comments comments
INNER JOIN $tbl_users user ON comments.author_id = user.user_id
LEFT JOIN $tbl_blogs_tasks task ON comments.task_id = task.task_id AND task.c_id = $course_id
WHERE comments.c_id = $course_id AND
parent_comment_id = $current AND
comments.blog_id = '".(int)$blog_id."' AND
comments.post_id = '".(int)$post_id."'";
FROM $tbl_blogs_comments comments
INNER JOIN $tbl_users user
ON comments.author_id = user.user_id
LEFT JOIN $tbl_blogs_tasks task
ON comments.task_id = task.task_id AND task.c_id = $course_id
WHERE
comments.c_id = $course_id AND
parent_comment_id = $current AND
comments.blog_id = '".(int)$blog_id."' AND
comments.post_id = '".(int)$post_id."'";
$result = Database::query($sql);
while($comment = Database::fetch_array($result)) {
// Select the children recursivly
$tmp = "SELECT comments.*, user.lastname, user.firstname, user.username FROM $tbl_blogs_comments comments
INNER JOIN $tbl_users user ON comments.author_id = user.user_id
$tmp = "SELECT comments.*, user.lastname, user.firstname, user.username
FROM $tbl_blogs_comments comments
INNER JOIN $tbl_users user
ON comments.author_id = user.user_id
WHERE
comments.c_id = $course_id AND
comment_id = $current
@ -1213,7 +1227,7 @@ class Blog
$border_color = ' border-left: 3px solid #' . $comment['color'];
}
$comment_text=stripslashes($comment_text);
$comment_text = stripslashes($comment_text);
// Output...
$margin = $current_level * 30;
@ -1306,7 +1320,6 @@ class Blog
$blog_post = Database::fetch_array($result);
// Form
$form = new FormValidator(
'edit_post',
'post',
@ -1343,7 +1356,6 @@ class Blog
$course_id = api_get_course_int_id();
if (api_is_allowed('BLOG_' . $blog_id, 'article_add')) {
// Init
$tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS);
$counter = 0;
global $color2;
@ -1367,16 +1379,16 @@ class Blog
$sql = " SELECT
blog_id,
task_id,
blog_id,
title,
description,
color,
system_task
FROM " . $tbl_blogs_tasks . "
WHERE c_id = $course_id AND blog_id = " . (int)$blog_id . "
ORDER BY system_task, title";
blog_id,
task_id,
blog_id,
title,
description,
color,
system_task
FROM " . $tbl_blogs_tasks . "
WHERE c_id = $course_id AND blog_id = " . (int)$blog_id . "
ORDER BY system_task, title";
$result = Database::query($sql);
@ -1438,9 +1450,10 @@ class Blog
FROM $tbl_blogs_tasks_rel_user task_rel_user
INNER JOIN $tbl_blogs_tasks task ON task_rel_user.task_id = task.task_id
INNER JOIN $tbl_users user ON task_rel_user.user_id = user.user_id
WHERE task_rel_user.c_id = $course_id AND
task.c_id = $course_id AND
task_rel_user.blog_id = '".(int)$blog_id."'
WHERE
task_rel_user.c_id = $course_id AND
task.c_id = $course_id AND
task_rel_user.blog_id = '".(int)$blog_id."'
ORDER BY target_date ASC";
$result = Database::query($sql);
@ -1531,22 +1544,22 @@ class Blog
' . get_lang('TaskManager') . '
</label>
<div class="controls">';
echo "\t\t\t" . '<table class="data_table" cellspacing="0" style="border-collapse:collapse; width:446px;">';
echo "\t\t\t\t" . '<tr>';
echo '<th colspan="2" style="width:223px;">' . get_lang('ArticleManager') . '</th>';
echo '<th width:223px;>' . get_lang('CommentManager') . '</th>';
echo "\t\t\t\t" . '</tr>';
echo "\t\t\t\t" . '<tr>';
echo '<th style="width:111px;"><label for="articleDelete">' . get_lang('Delete') . '</label></th>';
echo '<th style="width:112px;"><label for="articleEdit">' . get_lang('Edit') . '</label></th>';
echo '<th style="width:223px;"><label for="commentsDelete">' . get_lang('Delete') . '</label></th>';
echo "\t\t\t\t" . '</tr>';
echo "\t\t\t\t" . '<tr>';
echo '<td style="text-align:center;"><input id="articleDelete" name="chkArticleDelete" type="checkbox" /></td>';
echo '<td style="text-align:center;"><input id="articleEdit" name="chkArticleEdit" type="checkbox" /></td>';
echo '<td style="border:1px dotted #808080; text-align:center;"><input id="commentsDelete" name="chkCommentsDelete" type="checkbox" /></td>';
echo "\t\t\t\t" . '</tr>';
echo "\t\t\t" . '</table>';
echo '<table class="data_table" cellspacing="0" style="border-collapse:collapse; width:446px;">';
echo '<tr>';
echo '<th colspan="2" style="width:223px;">' . get_lang('ArticleManager') . '</th>';
echo '<th width:223px;>' . get_lang('CommentManager') . '</th>';
echo '</tr>';
echo '<tr>';
echo '<th style="width:111px;"><label for="articleDelete">' . get_lang('Delete') . '</label></th>';
echo '<th style="width:112px;"><label for="articleEdit">' . get_lang('Edit') . '</label></th>';
echo '<th style="width:223px;"><label for="commentsDelete">' . get_lang('Delete') . '</label></th>';
echo '</tr>';
echo '<tr>';
echo '<td style="text-align:center;"><input id="articleDelete" name="chkArticleDelete" type="checkbox" /></td>';
echo '<td style="text-align:center;"><input id="articleEdit" name="chkArticleEdit" type="checkbox" /></td>';
echo '<td style="border:1px dotted #808080; text-align:center;"><input id="commentsDelete" name="chkCommentsDelete" type="checkbox" /></td>';
echo '</tr>';
echo '</table>';
echo ' </div>
</div>';
@ -1557,13 +1570,12 @@ class Blog
' . get_lang('Color') . '
</label>
<div class="controls">';
echo ' <select name="task_color" id="color" style="width: 150px; background-color: #eeeeee" onchange="document.getElementById(\'color\').style.backgroundColor=\'#\'+document.getElementById(\'color\').value" onkeypress="document.getElementById(\'color\').style.backgroundColor=\'#\'+document.getElementById(\'color\').value">';
foreach ($colors as $color)
{
$style = 'style="background-color: #' . $color . '"';
echo '<option value="' . $color . '" ' . $style . '>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</option>';
}
echo ' </select>';
echo '<select name="task_color" id="color" style="width: 150px; background-color: #eeeeee" onchange="document.getElementById(\'color\').style.backgroundColor=\'#\'+document.getElementById(\'color\').value" onkeypress="document.getElementById(\'color\').style.backgroundColor=\'#\'+document.getElementById(\'color\').value">';
foreach ($colors as $color) {
$style = 'style="background-color: #' . $color . '"';
echo '<option value="' . $color . '" ' . $style . '>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</option>';
}
echo '</select>';
echo ' </div>
</div>';
@ -1575,7 +1587,6 @@ class Blog
<button class="save" type="submit" name="Submit">' . get_lang('Save') . '</button>
</div>
</div>';
echo '</form>';
echo '<div style="clear:both; margin-bottom: 10px;"></div>';
@ -1622,39 +1633,38 @@ class Blog
while ($row = Database::fetch_array($result))
$arrPermissions[] = $row['action'];
echo "\t" . '<tr>';
echo "\t\t" . '<td style="text-align:right; vertical-align:top;">' . get_lang('TaskManager') . ':&nbsp;&nbsp;</td>';
echo "\t\t" . '<td>';
echo "\t\t\t" . '<table class="data_table" cellspacing="0" style="border-collapse:collapse; width:446px;">';
echo "\t\t\t\t" . '<tr>';
echo '<tr>';
echo '<td style="text-align:right; vertical-align:top;">' . get_lang('TaskManager') . ':&nbsp;&nbsp;</td>';
echo '<td>';
echo '<table class="data_table" cellspacing="0" style="border-collapse:collapse; width:446px;">';
echo '<tr>';
echo '<th colspan="2" style="width:223px;">' . get_lang('ArticleManager') . '</th>';
echo '<th width:223px;>' . get_lang('CommentManager') . '</th>';
echo "\t\t\t\t" . '</tr>';
echo "\t\t\t\t" . '<tr>';
echo '</tr>';
echo '<tr>';
echo '<th style="width:111px;"><label for="articleDelete">' . get_lang('Delete') . '</label></th>';
echo '<th style="width:112px;"><label for="articleEdit">' . get_lang('Edit') . '</label></th>';
echo '<th style="width:223px;"><label for="commentsDelete">' . get_lang('Delete') . '</label></th>';
echo "\t\t\t\t" . '</tr>';
echo "\t\t\t\t" . '<tr>';
echo '</tr>';
echo '<tr>';
echo '<td style="text-align:center;"><input ' . ((in_array('article_delete', $arrPermissions)) ? 'checked ' : '') . 'id="articleDelete" name="chkArticleDelete" type="checkbox" /></td>';
echo '<td style="text-align:center;"><input ' . ((in_array('article_edit', $arrPermissions)) ? 'checked ' : '') . 'id="articleEdit" name="chkArticleEdit" type="checkbox" /></td>';
echo '<td style="text-align:center;"><input ' . ((in_array('article_comments_delete', $arrPermissions)) ? 'checked ' : '') . 'id="commentsDelete" name="chkCommentsDelete" type="checkbox" /></td>';
echo "\t\t\t\t" . '</tr>';
echo "\t\t\t" . '</table>';
echo "\t\t" . '</td>';
echo "\t" . '</tr>';
echo '</tr>';
echo '</table>';
echo '</td>';
echo '</tr>';
/* end of edit */
echo '<tr>
<td align="right">' . get_lang('Color') . ':&nbsp;&nbsp;</td>
<td>
<select name="task_color" id="color" style="width: 150px; background-color: #' . $task['color'] . '" onchange="document.getElementById(\'color\').style.backgroundColor=\'#\'+document.getElementById(\'color\').value" onkeypress="document.getElementById(\'color\').style.backgroundColor=\'#\'+document.getElementById(\'color\').value">';
foreach ($colors as $color)
{
$selected = ($color == $task['color']) ? ' selected' : '';
$style = 'style="background-color: #' . $color . '"';
echo '<option value="' . $color . '" ' . $style . ' ' . $selected . ' >&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</option>';
}
foreach ($colors as $color) {
$selected = ($color == $task['color']) ? ' selected' : '';
$style = 'style="background-color: #' . $color . '"';
echo '<option value="' . $color . '" ' . $style . ' ' . $selected . ' >&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</option>';
}
echo ' </select>
</td>
</tr>
@ -1676,7 +1686,6 @@ class Blog
*/
public static function getTaskForm($blog_id)
{
// Init
$tbl_users = Database::get_main_table(TABLE_MAIN_USER);
$tbl_blogs_rel_user = Database::get_course_table(TABLE_BLOGS_REL_USER);
$tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS);
@ -1692,7 +1701,6 @@ class Blog
$options = array();
while ($user = Database::fetch_array($result)) {
$username = api_htmlentities(sprintf(get_lang('LoginX'), $user['username']), ENT_QUOTES);
$options[$user['user_id']] = api_get_person_name($user['firstname'], $user['lastname']);
}
@ -1706,7 +1714,7 @@ class Blog
description,
color,
system_task
FROM " . $tbl_blogs_tasks . "
FROM $tbl_blogs_tasks
WHERE c_id = $course_id AND blog_id = " . (int)$blog_id . "
ORDER BY system_task, title";
$result = Database::query($sql);
@ -1731,6 +1739,7 @@ class Blog
$form->addHidden('action', '');
$form->addButtonSave(get_lang('Ok'));
return $form;
}
@ -1754,9 +1763,6 @@ class Blog
*/
public static function display_edit_assigned_task_form($blog_id, $task_id, $user_id)
{
$tbl_users = Database::get_main_table(TABLE_MAIN_USER);
$tbl_blogs_rel_user = Database::get_course_table(TABLE_BLOGS_REL_USER);
$tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS);
$tbl_blogs_tasks_rel_user = Database::get_course_table(TABLE_BLOGS_TASKS_REL_USER);
$course_id = api_get_course_int_id();
@ -1829,7 +1835,7 @@ class Blog
'" . Database::escape_string($target_date) . "'
)";
$result = Database::query($sql);
Database::query($sql);
}
}
@ -1881,8 +1887,7 @@ class Blog
task_id = " . (int)$old_task_id . " AND
target_date = '" . Database::escape_string($old_target_date) . "'
";
$result = @Database::query($sql);
Database::query($sql);
}
}
@ -1894,7 +1899,6 @@ class Blog
*/
public static function display_select_task_post($blog_id, $task_id)
{
// Init
$tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS);
$tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS);
$tbl_users = Database::get_main_table(TABLE_MAIN_USER);
@ -1947,12 +1951,12 @@ class Blog
// Subscribe the user
$sql = "INSERT INTO $tbl_blogs_rel_user (c_id, blog_id, user_id )
VALUES ($course_id, '".(int)$blog_id."', '".(int)$user_id."');";
$result = Database::query($sql);
Database::query($sql);
// Give this user basic rights
$sql = "INSERT INTO $tbl_user_permissions (c_id, user_id,tool,action)
VALUES ($course_id, '".(int)$user_id."','BLOG_" . (int)$blog_id."','article_add')";
$result = Database::query($sql);
Database::query($sql);
$id = Database::insert_id();
if ($id) {
@ -1962,7 +1966,7 @@ class Blog
$sql = "INSERT INTO $tbl_user_permissions (c_id, user_id,tool,action)
VALUES ($course_id, '".(int)$user_id."','BLOG_" . (int)$blog_id."','article_comments_add')";
$result = Database::query($sql);
Database::query($sql);
$id = Database::insert_id();
if ($id) {
@ -1988,12 +1992,12 @@ class Blog
// Unsubscribe the user
$sql = "DELETE FROM $tbl_blogs_rel_user
WHERE blog_id = '".(int)$blog_id."' AND user_id = '".(int)$user_id."'";
$result = Database::query($sql);
Database::query($sql);
// Remove this user's permissions.
$sql = "DELETE FROM $tbl_user_permissions
WHERE user_id = '".(int)$user_id."'";
$result = Database::query($sql);
Database::query($sql);
}
/**
@ -2115,7 +2119,7 @@ class Blog
$is_western_name_order = api_is_western_name_order();
// Init
$tbl_users = Database::get_main_table(TABLE_MAIN_USER);
$tbl_users = Database::get_main_table(TABLE_MAIN_USER);
$tbl_blogs_rel_user = Database::get_course_table(TABLE_BLOGS_REL_USER);
echo '<legend>'.get_lang('UnsubscribeMembers').'</legend>';
@ -2214,11 +2218,8 @@ class Blog
*
* @param Integer $blog_id
*/
public static function display_form_user_rights ($blog_id) {
// Init
$tbl_users = Database::get_main_table(TABLE_MAIN_USER);
$tbl_blogs_rel_user = Database::get_course_table(TABLE_BLOGS_REL_USER);
public static function display_form_user_rights ($blog_id)
{
echo '<legend>'.get_lang('RightsManager').'</legend>';
echo '<br />';
@ -2461,14 +2462,16 @@ class Blog
$blog_id= intval($blog_id);
$tbl_blogs = Database::get_course_table(TABLE_BLOGS);
$sql = "SELECT blog_id, blog_name, blog_subtitle FROM $tbl_blogs WHERE c_id = $course_id AND blog_id = '".$blog_id."'";
$sql = "SELECT blog_id, blog_name, blog_subtitle
FROM $tbl_blogs
WHERE c_id = $course_id AND blog_id = '".$blog_id."'";
$result = Database::query($sql);
$blog = Database::fetch_array($result);
// the form contained errors but we do not want to lose the changes the user already did
if ($_POST) {
$blog['blog_name'] = Security::remove_XSS($_POST['blog_name']);
$blog['blog_subtitle'] = Security::remove_XSS($_POST['blog_subtitle']);
$blog['blog_name'] = Security::remove_XSS($_POST['blog_name']);
$blog['blog_subtitle'] = Security::remove_XSS($_POST['blog_subtitle']);
}
$form = new FormValidator('edit_blog', 'post','blog_admin.php?action=edit&blog_id='.intval($_GET['blog_id']));
@ -2490,12 +2493,11 @@ class Blog
/**
* Blog admin | Returns table with blogs in this course
*/
public static function display_blog_list () {
public static function display_blog_list()
{
global $charset;
$_user = api_get_user_info();
$course_id = api_get_course_int_id();
// Init
$counter = 0;
$tbl_blogs = Database::get_course_table(TABLE_BLOGS);
@ -2516,7 +2518,6 @@ class Blog
$list_content_blog = array();
$list_body_blog = array();
$_user = api_get_user_info();
if (is_array($list_info)) {
foreach ($list_info as $key => $info_log) {
@ -2599,7 +2600,8 @@ function get_blog_attachment($blog_id, $post_id=null,$comment_id=null)
$course_id = api_get_course_int_id();
$sql = 'SELECT path, filename, comment FROM '. $blog_table_attachment.' WHERE c_id = '.$course_id.' AND blog_id ="'.intval($blog_id).'" '.$where;
$sql = 'SELECT path, filename, comment FROM '. $blog_table_attachment.'
WHERE c_id = '.$course_id.' AND blog_id ="'.intval($blog_id).'" '.$where;
$result=Database::query($sql);
if (Database::num_rows($result)!=0) {
@ -2629,19 +2631,16 @@ function delete_all_blog_attachment($blog_id,$post_id=null,$comment_id=null)
$where = null;
// delete files in DB
if (!empty ($post_id) && is_numeric($post_id) )
{
$where.=' AND post_id ="'.$post_id.'" ';
}
if (!empty ($post_id) && is_numeric($post_id)) {
$where .= ' AND post_id ="'.$post_id.'" ';
}
if (!empty ($comment_id) && is_numeric($comment_id) )
{
if (!empty ($post_id) )
{
$where.= ' AND ';
}
$where.=' comment_id ="'.$comment_id.'" ';
}
if (!empty ($comment_id) && is_numeric($comment_id)) {
if (!empty ($post_id)) {
$where .= ' AND ';
}
$where .= ' comment_id ="'.$comment_id.'" ';
}
// delete all files in directory
$courseDir = $_course['path'].'/upload/blog';
@ -2659,7 +2658,8 @@ function delete_all_blog_attachment($blog_id,$post_id=null,$comment_id=null)
@ unlink($file);
}
}
$sql = 'DELETE FROM '. $blog_table_attachment.' WHERE c_id = '.$course_id.' AND blog_id ="'.intval($blog_id).'" '.$where;
$sql = 'DELETE FROM '. $blog_table_attachment.'
WHERE c_id = '.$course_id.' AND blog_id ="'.intval($blog_id).'" '.$where;
Database::query($sql);
}
@ -2676,7 +2676,8 @@ function get_blog_post_from_user($course_code, $user_id)
$course_id = $course_info['real_id'];
$sql = "SELECT DISTINCT blog.blog_id, post_id, title, full_text, post.date_creation
FROM $tbl_blogs blog INNER JOIN $tbl_blog_post post
FROM $tbl_blogs blog
INNER JOIN $tbl_blog_post post
ON (blog.blog_id = post.blog_id)
WHERE
blog.c_id = $course_id AND
@ -2705,12 +2706,12 @@ function get_blog_post_from_user($course_code, $user_id)
*/
function get_blog_comment_from_user($course_code, $user_id)
{
$tbl_blogs = Database::get_course_table(TABLE_BLOGS);
$tbl_blog_comment = Database::get_course_table(TABLE_BLOGS_COMMENTS);
$user_id = intval($user_id);
$tbl_blogs = Database::get_course_table(TABLE_BLOGS);
$tbl_blog_comment = Database::get_course_table(TABLE_BLOGS_COMMENTS);
$user_id = intval($user_id);
$course_info = api_get_course_info($course_code);
$course_id = $course_info['real_id'];
$course_info = api_get_course_info($course_code);
$course_id = $course_info['real_id'];
$sql = "SELECT DISTINCT blog.blog_id, comment_id, title, comment, comment.date_creation
FROM $tbl_blogs blog INNER JOIN $tbl_blog_comment comment

2
main/inc/lib/certificate.lib.php
Unescape View File

@ -323,7 +323,6 @@ class Certificate extends Model
*/
public function parse_certificate_variables($array)
{
$text = '';
$headers = $array[0];
$content = $array[1];
$final_content = array();
@ -361,6 +360,7 @@ class Certificate extends Model
get_lang('Date'). ': '.$final_content['date_certificate'].$break_space.
get_lang('Score'). ': '.$final_content['gradebook_grade'].$break_space.
'URL'. ': '.$final_content['certificate_link'];
return $text;
}

3
main/inc/lib/course_description.lib.php
Unescape View File

@ -339,7 +339,8 @@ class CourseDescription
/**
* Get description id by description type
* @param int description type
* @param int $description_type
*
* @return int description id
*/
public function get_id_by_description_type($description_type)

6
main/inc/lib/course_home.lib.php
Unescape View File

@ -994,8 +994,6 @@ class CourseHome
*/
public static function show_session_data($id_session)
{
$session_table = Database::get_main_table(TABLE_MAIN_SESSION);
$user_table = Database::get_main_table(TABLE_MAIN_USER);
$session_category_table = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY);
$sessionInfo = api_get_session_info($id_session);
@ -1332,9 +1330,7 @@ class CourseHome
/**
* @param int $id
* @param int $courseId
* @param int $sessionId
* @param $values
* @param array $values
*/
public static function updateTool($id, $values)
{

7
main/inc/lib/course_request.lib.php
Unescape View File

@ -37,6 +37,7 @@ class CourseRequestManager
$wanted_course_code
);
$result = Database::fetch_array(Database::query($sql));
return $result['number'] > 0;
}
@ -349,7 +350,8 @@ class CourseRequestManager
public static function delete_course_request($id)
{
$id = (int)$id;
$sql = "DELETE FROM ".Database :: get_main_table(TABLE_MAIN_COURSE_REQUEST)." WHERE id = ".$id;
$sql = "DELETE FROM ".Database :: get_main_table(TABLE_MAIN_COURSE_REQUEST)."
WHERE id = ".$id;
$result = Database::query($sql);
return $result !== false;
}
@ -365,7 +367,8 @@ class CourseRequestManager
$sql = "SELECT COUNT(id) AS number FROM ".$course_table;
} else {
$status = (int)$status;
$sql = "SELECT COUNT(id) AS number FROM ".$course_table." WHERE status = ".$status;
$sql = "SELECT COUNT(id) AS number FROM ".$course_table."
WHERE status = ".$status;
}
$result = Database::fetch_array(Database::query($sql));
if (is_array($result)) {

458
main/inc/lib/dashboard.lib.php
Unescape View File

@ -21,237 +21,237 @@ class DashboardManager
*/
public static function handle_dashboard_plugins()
{
$token = Security::get_existing_token();
$tokenCondition = '&amp;sec_token='.$token;
/* We scan the plugin directory. Each folder is a potential plugin. */
$dashboard_pluginpath = api_get_path(SYS_PLUGIN_PATH).'dashboard/';
$possibleplugins = self::get_posible_dashboard_plugins_path();
$table_cols = array('name', 'version', 'description');
echo Display::page_subheader(get_lang('DashboardPlugins'));
echo '<form name="plugins" method="post" action="'.api_get_self().'?category='.Security::remove_XSS($_GET['category']).$tokenCondition.'">';
echo '<table class="data_table">';
echo '<tr>';
echo '<th width="50px">'.get_lang('Enabled').'</th>';
echo '<th width="250px">'.get_lang('Name').'</th>';
echo '<th width="100px">'.get_lang('Version').'</th>';
echo '<th>'.get_lang('Description').'</th>';
echo '</tr>';
$disabled_blocks_data = self::get_block_data_without_plugin();
// We display all the possible enabled or disabled plugins
foreach ($possibleplugins as $testplugin) {
$plugin_info_file = $dashboard_pluginpath.$testplugin."/$testplugin.info";
if (file_exists($plugin_info_file) && is_readable($plugin_info_file)) {
$plugin_info = parse_info_file($plugin_info_file);
// change index to lower case
$plugin_info = array_change_key_case($plugin_info);
echo '<tr>';
self::display_dashboard_plugin_checkboxes($testplugin);
for ($i = 0 ; $i < count($table_cols); $i++) {
if (isset($plugin_info[strtolower($table_cols[$i])])) {
echo '<td>';
echo $plugin_info[$table_cols[$i]];
echo '</td>';
} else {
echo '<td></td>';
}
}
echo '</tr>';
} else {
if ($testplugin != 'css') {
echo Display::tag(
'tr',
Display::tag('td',
get_lang('CheckFilePermissions') . ' ' . Security::remove_XSS($plugin_info_file),
array('colspan' => '3'))
);
}
}
}
// display all disabled block data
if (count($disabled_blocks_data) > 0) {
foreach ($disabled_blocks_data as $disabled_block) {
echo '<tr style="background-color:#eee">';
echo '<td><center><input type="checkbox" name="disabled_block" value="true" checked disabled /></center>';
for ($j = 0 ; $j < count($table_cols); $j++) {
if (isset($disabled_block[strtolower($table_cols[$j])])) {
if ($j == 2) {
echo '<td>';
echo '<font color="#aaa">'.$disabled_block[$table_cols[$j]].'</font><br />';
echo '<font color="red">'.get_lang('ThisPluginHasbeenDeletedFromDashboardPluginDirectory').'</font>';
echo '</td>';
} else {
echo '<td>';
echo '<font color="#aaa">'.$disabled_block[$table_cols[$j]].'</font>';
echo '</td>';
}
} else {
echo '<td>&nbsp;</td>';
}
}
echo '</tr>';
}
}
echo '</table>';
echo '<br />';
echo '<button class="btn btn-default" type="submit" name="submit_dashboard_plugins" value="'.get_lang('EnableDashboardPlugins').'">'.
get_lang('EnableDashboardPlugins').'</button></form>';
}
/**
* display checkboxes for dashboard plugin list
* @param string plugin path
* @return void
*/
public static function display_dashboard_plugin_checkboxes($plugin_path) {
$tbl_block = Database::get_main_table(TABLE_MAIN_BLOCK);
$sql = "SELECT * FROM $tbl_block
WHERE path = '".Database::escape_string($plugin_path)."' AND active = 1";
$rs = Database::query($sql);
$checked = '';
if (Database::num_rows($rs) > 0) {
$checked = "checked";
}
echo "<td align=\"center\">";
echo '<input type="checkbox" name="'.$plugin_path.'" value="true" '.$checked.'/>';
echo "</td>";
}
/**
* This function allows easy activating and inactivating
* of plugins and save them inside db
* @param array $plugin_paths dashboard plugin paths
* return int affected rows
*/
public static function store_dashboard_plugins($plugin_paths)
{
$tbl_block = Database :: get_main_table(TABLE_MAIN_BLOCK);
$affected_rows = 0;
// get all plugins path inside plugin directory
$dashboard_pluginpath = api_get_path(SYS_PLUGIN_PATH).'dashboard/';
$possibleplugins = self::get_posible_dashboard_plugins_path();
if (count($possibleplugins) > 0) {
$selected_plugins = array_intersect(array_keys($plugin_paths), $possibleplugins);
$not_selected_plugins = array_diff($possibleplugins, array_keys($plugin_paths));
// get blocks id from not selected path
$not_selected_blocks_id = array();
foreach ($not_selected_plugins as $plugin) {
$block_data = self::get_enabled_dashboard_blocks($plugin);
if (!empty($block_data[$plugin])) {
$not_selected_blocks_id[] = $block_data[$plugin]['id'];
}
}
/* clean not selected plugins for extra user data and block data */
// clean from extra user data
$field_variable = 'dashboard';
$extra_user_data = UserManager::get_extra_user_data_by_field_variable($field_variable);
foreach ($extra_user_data as $key => $user_data) {
$user_id = $key;
$user_block_data = self::get_user_block_data($user_id);
$user_block_id = array_keys($user_block_data);
// clean disabled block data
foreach ($user_block_id as $block_id) {
if (in_array($block_id, $not_selected_blocks_id)) {
unset($user_block_data[$block_id]);
}
}
// get columns and blocks id for updating extra user data
$columns = array();
$user_blocks_id = array();
foreach ($user_block_data as $data) {
$user_blocks_id[$data['block_id']] = true;
$columns[$data['block_id']] = $data['column'];
}
// update extra user blocks data
$upd_extra_field = self::store_user_blocks($user_id, $user_blocks_id, $columns);
}
// clean from block data
if (!empty($not_selected_blocks_id)) {
$sql_check = "SELECT id FROM $tbl_block WHERE id IN(".implode(',',$not_selected_blocks_id).")";
$rs_check = Database::query($sql_check);
if (Database::num_rows($rs_check) > 0) {
$del = "DELETE FROM $tbl_block WHERE id IN(".implode(',',$not_selected_blocks_id).")";
Database::query($del);
}
}
// store selected plugins
foreach ($selected_plugins as $testplugin) {
$selected_path = Database::escape_string($testplugin);
// check if the path already stored inside block table for updating or adding it
$sql = "SELECT path FROM $tbl_block WHERE path = '$selected_path'";
$rs = Database::query($sql);
if (Database::num_rows($rs) > 0) {
// update
$upd = "UPDATE $tbl_block SET active = 1 WHERE path = '$selected_path'";
$result = Database::query($upd);
$affected_rows = Database::affected_rows($result);
} else {
// insert
$plugin_info_file = $dashboard_pluginpath.$testplugin."/$testplugin.info";
$plugin_info = array();
if (file_exists($plugin_info_file)) {
$plugin_info = parse_info_file($plugin_info_file);
}
// change keys to lower case
$plugin_info = array_change_key_case($plugin_info);
// setting variables
$plugin_name = $testplugin;
$plugin_description = '';
$plugin_controller = '';
$plugin_path = $testplugin;
if (isset($plugin_info['name'])) {
$plugin_name = Database::escape_string($plugin_info['name']);
}
if (isset($plugin_info['description'])) {
$plugin_description = Database::escape_string($plugin_info['description']);
}
if (isset($plugin_info['controller'])) {
$plugin_controller = Database::escape_string($plugin_info['controller']);
}
$ins = "INSERT INTO $tbl_block(name, description, path, controller)
VALUES ('$plugin_name', '$plugin_description', '$plugin_path', '$plugin_controller')";
$result = Database::query($ins);
$affected_rows = Database::affected_rows($result);
}
}
}
return $affected_rows;
}
$token = Security::get_existing_token();
$tokenCondition = '&amp;sec_token='.$token;
/* We scan the plugin directory. Each folder is a potential plugin. */
$dashboard_pluginpath = api_get_path(SYS_PLUGIN_PATH).'dashboard/';
$possibleplugins = self::getPossibleDashboardPluginsPath();
$table_cols = array('name', 'version', 'description');
echo Display::page_subheader(get_lang('DashboardPlugins'));
echo '<form name="plugins" method="post" action="'.api_get_self().'?category='.Security::remove_XSS($_GET['category']).$tokenCondition.'">';
echo '<table class="data_table">';
echo '<tr>';
echo '<th width="50px">'.get_lang('Enabled').'</th>';
echo '<th width="250px">'.get_lang('Name').'</th>';
echo '<th width="100px">'.get_lang('Version').'</th>';
echo '<th>'.get_lang('Description').'</th>';
echo '</tr>';
$disabled_blocks_data = self::get_block_data_without_plugin();
// We display all the possible enabled or disabled plugins
foreach ($possibleplugins as $testplugin) {
$plugin_info_file = $dashboard_pluginpath.$testplugin."/$testplugin.info";
if (file_exists($plugin_info_file) && is_readable($plugin_info_file)) {
$plugin_info = parse_info_file($plugin_info_file);
// change index to lower case
$plugin_info = array_change_key_case($plugin_info);
echo '<tr>';
self::display_dashboard_plugin_checkboxes($testplugin);
for ($i = 0 ; $i < count($table_cols); $i++) {
if (isset($plugin_info[strtolower($table_cols[$i])])) {
echo '<td>';
echo $plugin_info[$table_cols[$i]];
echo '</td>';
} else {
echo '<td></td>';
}
}
echo '</tr>';
} else {
if ($testplugin != 'css') {
echo Display::tag(
'tr',
Display::tag('td',
get_lang('CheckFilePermissions') . ' ' . Security::remove_XSS($plugin_info_file),
array('colspan' => '3'))
);
}
}
}
// display all disabled block data
if (count($disabled_blocks_data) > 0) {
foreach ($disabled_blocks_data as $disabled_block) {
echo '<tr style="background-color:#eee">';
echo '<td><center><input type="checkbox" name="disabled_block" value="true" checked disabled /></center>';
for ($j = 0 ; $j < count($table_cols); $j++) {
if (isset($disabled_block[strtolower($table_cols[$j])])) {
if ($j == 2) {
echo '<td>';
echo '<font color="#aaa">'.$disabled_block[$table_cols[$j]].'</font><br />';
echo '<font color="red">'.get_lang('ThisPluginHasbeenDeletedFromDashboardPluginDirectory').'</font>';
echo '</td>';
} else {
echo '<td>';
echo '<font color="#aaa">'.$disabled_block[$table_cols[$j]].'</font>';
echo '</td>';
}
} else {
echo '<td>&nbsp;</td>';
}
}
echo '</tr>';
}
}
echo '</table>';
echo '<br />';
echo '<button class="btn btn-default" type="submit" name="submit_dashboard_plugins" value="'.get_lang('EnableDashboardPlugins').'">'.
get_lang('EnableDashboardPlugins').'</button></form>';
}
/**
* display checkboxes for dashboard plugin list
* @param string plugin path
* @return void
*/
public static function display_dashboard_plugin_checkboxes($plugin_path) {
$tbl_block = Database::get_main_table(TABLE_MAIN_BLOCK);
$sql = "SELECT * FROM $tbl_block
WHERE path = '".Database::escape_string($plugin_path)."' AND active = 1";
$rs = Database::query($sql);
$checked = '';
if (Database::num_rows($rs) > 0) {
$checked = "checked";
}
echo "<td align=\"center\">";
echo '<input type="checkbox" name="'.$plugin_path.'" value="true" '.$checked.'/>';
echo "</td>";
}
/**
* This function allows easy activating and inactivating
* of plugins and save them inside db
* @param array $plugin_paths dashboard plugin paths
* return int affected rows
*/
public static function store_dashboard_plugins($plugin_paths)
{
$tbl_block = Database :: get_main_table(TABLE_MAIN_BLOCK);
$affected_rows = 0;
// get all plugins path inside plugin directory
$dashboard_pluginpath = api_get_path(SYS_PLUGIN_PATH).'dashboard/';
$possibleplugins = self::getPossibleDashboardPluginsPath();
if (count($possibleplugins) > 0) {
$selected_plugins = array_intersect(array_keys($plugin_paths), $possibleplugins);
$not_selected_plugins = array_diff($possibleplugins, array_keys($plugin_paths));
// get blocks id from not selected path
$not_selected_blocks_id = array();
foreach ($not_selected_plugins as $plugin) {
$block_data = self::get_enabled_dashboard_blocks($plugin);
if (!empty($block_data[$plugin])) {
$not_selected_blocks_id[] = $block_data[$plugin]['id'];
}
}
/* clean not selected plugins for extra user data and block data */
// clean from extra user data
$field_variable = 'dashboard';
$extra_user_data = UserManager::get_extra_user_data_by_field_variable($field_variable);
foreach ($extra_user_data as $key => $user_data) {
$user_id = $key;
$user_block_data = self::get_user_block_data($user_id);
$user_block_id = array_keys($user_block_data);
// clean disabled block data
foreach ($user_block_id as $block_id) {
if (in_array($block_id, $not_selected_blocks_id)) {
unset($user_block_data[$block_id]);
}
}
// get columns and blocks id for updating extra user data
$columns = array();
$user_blocks_id = array();
foreach ($user_block_data as $data) {
$user_blocks_id[$data['block_id']] = true;
$columns[$data['block_id']] = $data['column'];
}
// update extra user blocks data
$upd_extra_field = self::store_user_blocks($user_id, $user_blocks_id, $columns);
}
// clean from block data
if (!empty($not_selected_blocks_id)) {
$sql_check = "SELECT id FROM $tbl_block WHERE id IN(".implode(',',$not_selected_blocks_id).")";
$rs_check = Database::query($sql_check);
if (Database::num_rows($rs_check) > 0) {
$del = "DELETE FROM $tbl_block WHERE id IN(".implode(',',$not_selected_blocks_id).")";
Database::query($del);
}
}
// store selected plugins
foreach ($selected_plugins as $testplugin) {
$selected_path = Database::escape_string($testplugin);
// check if the path already stored inside block table for updating or adding it
$sql = "SELECT path FROM $tbl_block WHERE path = '$selected_path'";
$rs = Database::query($sql);
if (Database::num_rows($rs) > 0) {
// update
$upd = "UPDATE $tbl_block SET active = 1 WHERE path = '$selected_path'";
$result = Database::query($upd);
$affected_rows = Database::affected_rows($result);
} else {
// insert
$plugin_info_file = $dashboard_pluginpath.$testplugin."/$testplugin.info";
$plugin_info = array();
if (file_exists($plugin_info_file)) {
$plugin_info = parse_info_file($plugin_info_file);
}
// change keys to lower case
$plugin_info = array_change_key_case($plugin_info);
// setting variables
$plugin_name = $testplugin;
$plugin_description = '';
$plugin_controller = '';
$plugin_path = $testplugin;
if (isset($plugin_info['name'])) {
$plugin_name = Database::escape_string($plugin_info['name']);
}
if (isset($plugin_info['description'])) {
$plugin_description = Database::escape_string($plugin_info['description']);
}
if (isset($plugin_info['controller'])) {
$plugin_controller = Database::escape_string($plugin_info['controller']);
}
$ins = "INSERT INTO $tbl_block(name, description, path, controller)
VALUES ('$plugin_name', '$plugin_description', '$plugin_path', '$plugin_controller')";
$result = Database::query($ins);
$affected_rows = Database::affected_rows($result);
}
}
}
return $affected_rows;
}
/**
* Get all plugins path inside dashboard directory
* @return array name plugins directories
*/
public static function get_posible_dashboard_plugins_path() {
public static function getPossibleDashboardPluginsPath() {
// get all plugins path inside plugin directory
/* We scan the plugin directory. Each folder is a potential plugin. */
@ -274,7 +274,7 @@ class DashboardManager
public static function get_block_data_without_plugin() {
$tbl_block = Database :: get_main_table(TABLE_MAIN_BLOCK);
$possibleplugins = self::get_posible_dashboard_plugins_path();
$possibleplugins = self::getPossibleDashboardPluginsPath();
// We check if plugin exists inside directory for updating active field
$sql = "SELECT * FROM $tbl_block";
@ -311,7 +311,8 @@ class DashboardManager
* @param string plugin path
* @return array data
*/
public static function get_enabled_dashboard_blocks($path = '') {
public static function get_enabled_dashboard_blocks($path = '')
{
$tbl_block = Database :: get_main_table(TABLE_MAIN_BLOCK);
$condition_path = '';
if (!empty($path)) {
@ -505,7 +506,6 @@ class DashboardManager
$upd_extra_field = self::store_user_blocks($user_id, $user_blocks_id, $columns);
return $upd_extra_field;
}
/**

14
main/inc/lib/event_email_template.class.php
Unescape View File

@ -1,10 +1,5 @@
<?php
/* For licensing terms, see /license.txt */
/**
* This class provides methods for the notebook management.
* Include/require it in your code to use its features.
* @package chamilo.library
*/
/**
* Class EventEmailTemplate
@ -58,10 +53,10 @@ class EventEmailTemplate extends Model
/**
* Returns a Form validator Obj
* @todo the form should be auto generated
* @param string url
* @param string action add, edit
* @return obj form validator obj
* @param string $url
* @param string $action add, edit
*
* @return FormValidator
*/
public function return_form($url, $action)
{
@ -114,6 +109,7 @@ class EventEmailTemplate extends Model
// Setting the rules
$form->addRule('name', get_lang('ThisFieldIsRequired'), 'required');
return $form;
}

58
main/inc/lib/exercise_show_functions.lib.php
Unescape View File

@ -114,37 +114,37 @@ class ExerciseShowFunctions
static function display_oral_expression_answer($feedback_type, $answer, $id, $questionId, $nano = null)
{
if (isset($nano)) {
echo $nano->show_audio_file();
}
if (isset($nano)) {
echo $nano->show_audio_file();
}
if (empty($id)) {
echo '<tr>';
echo Display::tag('td', nl2br(Security::remove_XSS($answer)), array('width'=>'55%'));
echo '</tr>';
if ($feedback_type != EXERCISE_FEEDBACK_TYPE_EXAM) {
echo '<tr>';
echo Display::tag('td',get_lang('notCorrectedYet'), array('width'=>'45%'));
echo '</tr>';
} else {
echo '<tr><td>&nbsp;</td></tr>';
}
} else {
echo '<tr>';
echo '<td>';
if (!empty($answer)) {
echo nl2br(Security::remove_XSS($answer));
}
echo '</td>';
if (empty($id)) {
echo '<tr>';
echo Display::tag('td', nl2br(Security::remove_XSS($answer)), array('width'=>'55%'));
echo '</tr>';
if ($feedback_type != EXERCISE_FEEDBACK_TYPE_EXAM) {
echo '<tr>';
echo Display::tag('td',get_lang('notCorrectedYet'), array('width'=>'45%'));
echo '</tr>';
} else {
echo '<tr><td>&nbsp;</td></tr>';
}
} else {
echo '<tr>';
echo '<td>';
if (!empty($answer)) {
echo nl2br(Security::remove_XSS($answer));
}
echo '</td>';
if (!api_is_allowed_to_edit(null,true) && $feedback_type != EXERCISE_FEEDBACK_TYPE_EXAM) {
echo '<td>';
$comm = Event::get_comments($id,$questionId);
echo '</td>';
}
echo '</tr>';
}
}
if (!api_is_allowed_to_edit(null,true) && $feedback_type != EXERCISE_FEEDBACK_TYPE_EXAM) {
echo '<td>';
$comm = Event::get_comments($id,$questionId);
echo '</td>';
}
echo '</tr>';
}
}
/**
* Displays the answer to a hotspot question

58
main/inc/lib/export.lib.inc.php
Unescape View File

@ -29,16 +29,16 @@ class Export
/**
* Constructor
*/
private function __construct()
public function __construct()
{
}
}
/**
* Export tabular data to CSV-file
* @param array $data
* @param string $filename
*/
public static function arrayToCsv($data, $filename = 'export')
/**
* Export tabular data to CSV-file
* @param array $data
* @param string $filename
*/
public static function arrayToCsv($data, $filename = 'export')
{
if (empty($data)) {
return false;
@ -126,27 +126,27 @@ class Export
$wrapper_tagname = null,
$encoding = null
) {
if (empty($encoding)) {
$encoding = api_get_system_encoding();
}
$file = api_get_path(SYS_ARCHIVE_PATH).'/'.uniqid('').'.xml';
$handle = fopen($file, 'a+');
fwrite($handle, '<?xml version="1.0" encoding="'.$encoding.'"?>'."\n");
if (!is_null($wrapper_tagname)) {
fwrite($handle, "\t".'<'.$wrapper_tagname.'>'."\n");
}
foreach ($data as $row) {
fwrite($handle, '<'.$item_tagname.'>'."\n");
foreach ($row as $key => $value) {
fwrite($handle, "\t\t".'<'.$key.'>'.$value.'</'.$key.'>'."\n");
}
fwrite($handle, "\t".'</'.$item_tagname.'>'."\n");
}
if (!is_null($wrapper_tagname)) {
fwrite($handle, '</'.$wrapper_tagname.'>'."\n");
}
fclose($handle);
DocumentManager :: file_send_for_download($file, true, $filename.'.xml');
if (empty($encoding)) {
$encoding = api_get_system_encoding();
}
$file = api_get_path(SYS_ARCHIVE_PATH).'/'.uniqid('').'.xml';
$handle = fopen($file, 'a+');
fwrite($handle, '<?xml version="1.0" encoding="'.$encoding.'"?>'."\n");
if (!is_null($wrapper_tagname)) {
fwrite($handle, "\t".'<'.$wrapper_tagname.'>'."\n");
}
foreach ($data as $row) {
fwrite($handle, '<'.$item_tagname.'>'."\n");
foreach ($row as $key => $value) {
fwrite($handle, "\t\t".'<'.$key.'>'.$value.'</'.$key.'>'."\n");
}
fwrite($handle, "\t".'</'.$item_tagname.'>'."\n");
}
if (!is_null($wrapper_tagname)) {
fwrite($handle, '</'.$wrapper_tagname.'>'."\n");
}
fclose($handle);
DocumentManager :: file_send_for_download($file, true, $filename.'.xml');
exit;
}

2
main/inc/lib/redirect.class.php
Unescape View File

@ -140,7 +140,7 @@ class Redirect
*/
protected static function navigate($url)
{
session_write_close(); //should not be neeeded
session_write_close(); //should not be needed
header("Location: $url");
exit;
}

29
main/newscorm/learnpath.class.php
Unescape View File

@ -7914,8 +7914,8 @@ class learnpath
$return .= '<tr>';
$return .= '<td class="label"><label for="idParent">' . get_lang('Parent') . '</label></td>';
$return .= '<td class="input">';
$return .= "\t\t\t\t" . '<select id="idParent" name="parent" style="width:100%;" onChange="javascript: load_cbo(this.value);" class="learnpath_item_form" size="1">';
//$parent_item_id = $_SESSION['parent_item_id'];
$return .= '<select id="idParent" name="parent" style="width:100%;" onChange="javascript: load_cbo(this.value);" class="learnpath_item_form" size="1">';
$return .= '<option class="top" value="0">' . $this->name . '</option>';
$arrHide = array (
$id
@ -7979,35 +7979,14 @@ class learnpath
}
}
// Commented the prerequisites, only visible in edit (work).
/*
$return .= '<tr>';
$return .= '<td class="label"><label for="idPrerequisites">'.get_lang('LearnpathPrerequisites').'</label></td>';
$return .= '<td class="input"><select name="prerequisites" id="prerequisites" class="learnpath_item_form"><option value="0">'.get_lang('NoPrerequisites').'</option>';
foreach($arrHide as $key => $value) {
if ($key == $s_selected_position && $action == 'add') {
$return .= '<option value="'.$key.'" selected="selected">'.$value['value'].'</option>';
}
elseif ($key == $id_prerequisite && $action == 'edit') {
$return .= '<option value="'.$key.'" selected="selected">'.$value['value'].'</option>';
}
else {
$return .= '<option value="'.$key.'">'.$value['value'].'</option>';
}
}
$return .= "</select></td>";
*/
$return .= '</tr>';
}
$return .= '<tr>';
if ($action == 'add') {
$return .= '<td>&nbsp</td><td><button class="save" name="submit_button" type="submit">' . get_lang('AddAssignmentToCourse') . '</button></td>';
$return .= '<td>&nbsp</td><td><button class="btn btn-primary" name="submit_button" type="submit">' . get_lang('AddAssignmentToCourse') . '</button></td>';
} else {
$return .= '<td>&nbsp</td><td><button class="save" name="submit_button" type="submit">' . get_lang('EditCurrentStudentPublication') . '</button></td>';
$return .= '<td>&nbsp</td><td><button class="btn btn-primary" name="submit_button" type="submit">' . get_lang('EditCurrentStudentPublication') . '</button></td>';
}
$return .= '</tr>';
$return .= '</table>';

77
main/permissions/blog_permissions.inc.php
Unescape View File

@ -9,9 +9,31 @@
/**
* Init
*/
$rights_full=array("article_add","article_delete","article_edit","article_rate","article_comments_add","article_comments_delete","article_comments_rate","task_management","member_management","role_management");
$rights_limited=array("Add","Edit","Delete");
$rights_blog=array("article_add","article_delete","article_edit","article_rate","article_comments_add","article_comments_delete","article_comments_rate","task_management","member_management","role_management");
$rights_full = array(
"article_add",
"article_delete",
"article_edit",
"article_rate",
"article_comments_add",
"article_comments_delete",
"article_comments_rate",
"task_management",
"member_management",
"role_management",
);
$rights_limited = array("Add", "Edit", "Delete");
$rights_blog = array(
"article_add",
"article_delete",
"article_edit",
"article_rate",
"article_comments_add",
"article_comments_delete",
"article_comments_rate",
"task_management",
"member_management",
"role_management",
);
$course_tool_table = Database::get_course_table(TABLE_TOOL_LIST);
// Get all user
@ -31,32 +53,32 @@ while ($user = Database::fetch_assoc($result)) {
}
//$user_id=$userIdViewed;
if ($mainUserInfo['status']==1)
{
$course_admin=1;
if ($mainUserInfo['status'] == 1) {
$course_admin = 1;
}
include_once('permissions_functions.inc.php');
include_once(api_get_path(LIBRARY_PATH) . "/groupmanager.lib.php");
// ACTIONS
if (isset($_GET['do']))
{
if ( isset($_GET['permission']) AND isset($_GET['tool']) AND ($_GET['do']=='grant' OR $_GET['do']=='revoke'))
{
$result_message=store_one_permission('user', $_GET['do'], $_GET['user_id'], $_GET['tool'], $_GET['permission']);
}
if (isset($_GET['role']) AND ($_GET['do']=='grant' OR $_GET['do']=='revoke'))
{
$result_message=assign_role('user', $_GET['do'], $user_id, $_GET['role'], $_GET['scope']);
}
if (isset($_GET['do'])) {
if (isset($_GET['permission']) AND isset($_GET['tool']) AND ($_GET['do'] == 'grant' OR $_GET['do'] == 'revoke')) {
$result_message = store_one_permission(
'user',
$_GET['do'],
$_GET['user_id'],
$_GET['tool'],
$_GET['permission']
);
}
if (isset($_GET['role']) AND ($_GET['do'] == 'grant' OR $_GET['do'] == 'revoke')) {
$result_message = assign_role(
'user',
$_GET['do'],
$user_id,
$_GET['role'],
$_GET['scope']
);
}
}
/*
if (isset($result_message))
{
Display::display_normal_message($result_message);
}
*/
// ------------------------------------------------------------------
// RETRIEVING THE PERMISSIONS OF THE ROLES OF THE USER
@ -80,17 +102,14 @@ if (api_get_setting('user_roles')=='true') {
// ------------------------------------------------------------------
// RETRIEVING THE PERMISSIONS OF THE ROLES OF THE GROUPS OF THE USER
// ------------------------------------------------------------------
if (api_get_setting('group_roles')=='true')
{
if (api_get_setting('group_roles')=='true') {
// NOTE: DIT MOET NOG VERDER UITGEWERKT WORDEN
foreach ($groups_of_user as $group)
{
foreach ($groups_of_user as $group) {
$this_current_group_role_permissions_of_user=get_roles_permissions('user',$user_id);
//$inherited_permissions[$tool][]=$permission;
}
}
echo "<form method=\"post\" action=\"".str_replace('&', '&amp;', $_SERVER['REQUEST_URI'])."\">";
// ---------------------------------------------------

Write Preview
Loading…
Cancel
Save