Feature #347 - Platform administration tool: All "magic" parameters __FILE__ and __LINE__, passed within the method Database::query() have been removed. They are not needed anymore, the method Database::query() has been upgraded to retrieve alone the corresponding values needed for error message creation.
$sql_insert = "INSERT IGNORE INTO $tbl_session_rel_course_rel_user(id_session,course_code,id_user) VALUES('$id_session','$enreg_course','$enreg_user')";
Database::query($sql_insert,__FILE__,__LINE__);
Database::query($sql_insert);
if(Database::affected_rows()) {
$nbr_users++;
}
}
Database::query("UPDATE $tbl_session_rel_course SET nbr_users=$nbr_users WHERE id_session='$id_session' AND course_code='$enreg_course'",__FILE__,__LINE__);
Database::query("UPDATE $tbl_session_rel_course SET nbr_users=$nbr_users WHERE id_session='$id_session' AND course_code='$enreg_course'");
}
}
@ -161,7 +161,7 @@ if ($_POST['formSent']) {
}
}
$nbr_courses=count($CourseList);
Database::query("UPDATE $tbl_session SET nbr_courses=$nbr_courses WHERE id='$id_session'",__FILE__,__LINE__);
Database::query("UPDATE $tbl_session SET nbr_courses=$nbr_courses WHERE id='$id_session'");
@ -58,7 +58,7 @@ function search_users($needle,$type,$relation_type) {
$sql = "SELECT user_id FROM $tbl_group_rel_user
WHERE group_id = '$group_id'
AND relation_type IN (".GROUP_USER_PERMISSION_ADMIN.",".GROUP_USER_PERMISSION_READER.",".GROUP_USER_PERMISSION_PENDING_INVITATION.",".GROUP_USER_PERMISSION_MODERATOR.") ";
$res = Database::query($sql,__FILE__,__LINE__);
$res = Database::query($sql);
$user_ids = array();
if (Database::num_rows($res) > 0) {
while ($row = Database::fetch_row($res)) {
@ -79,7 +79,7 @@ function search_users($needle,$type,$relation_type) {
INNER JOIN $tbl_user user ON user.user_id = groups.user_id
WHERE groups.group_id = '$group_id' $condition_relation ";
AND relation_type IN (".GROUP_USER_PERMISSION_ADMIN.",".GROUP_USER_PERMISSION_READER.",".GROUP_USER_PERMISSION_PENDING_INVITATION.",".GROUP_USER_PERMISSION_MODERATOR.") ";
$res = Database::query($sql,__FILE__,__LINE__);
$res = Database::query($sql);
$user_ids = array();
if (Database::num_rows($res) > 0) {
while ($row = Database::fetch_row($res)) {
@ -337,7 +337,7 @@ if ($ajax_search) {
AND user.user_id<>'$user_anonymous' $without_user_id $order_clause ";
$myquery="SELECT t1.name,t1.code,t1.parent_id,t1.tree_pos,t1.children_count,COUNT(DISTINCT t3.code) AS nbr_courses FROM $tbl_category t1 LEFT JOIN $tbl_category t2 ON t1.code=t2.parent_id LEFT JOIN $tbl_course t3 ON t3.category_code=t1.code WHERE t1.parent_id ".(empty($category)?"IS NULL":"='$category'")." GROUP BY t1.name,t1.code,t1.parent_id,t1.tree_pos,t1.children_count ORDER BY t1.tree_pos";
$result=Database::query("SELECT parent_id,tree_pos FROM $tbl_category WHERE code='$node'",__FILE__,__LINE__);
$result=Database::query("SELECT parent_id,tree_pos FROM $tbl_category WHERE code='$node'");
if($row=Database::fetch_array($result))
{
if(!empty($row['parent_id']))
{
Database::query("UPDATE $tbl_course SET category_code='".$row['parent_id']."' WHERE category_code='$node'",__FILE__,__LINE__);
Database::query("UPDATE $tbl_category SET parent_id='".$row['parent_id']."' WHERE parent_id='$node'",__FILE__,__LINE__);
Database::query("UPDATE $tbl_course SET category_code='".$row['parent_id']."' WHERE category_code='$node'");
Database::query("UPDATE $tbl_category SET parent_id='".$row['parent_id']."' WHERE parent_id='$node'");
}
else
{
Database::query("UPDATE $tbl_course SET category_code='' WHERE category_code='$node'",__FILE__,__LINE__);
Database::query("UPDATE $tbl_category SET parent_id=NULL WHERE parent_id='$node'",__FILE__,__LINE__);
Database::query("UPDATE $tbl_course SET category_code='' WHERE category_code='$node'");
Database::query("UPDATE $tbl_category SET parent_id=NULL WHERE parent_id='$node'");
}
Database::query("UPDATE $tbl_category SET tree_pos=tree_pos-1 WHERE tree_pos > '".$row['tree_pos']."'",__FILE__,__LINE__);
Database::query("DELETE FROM $tbl_category WHERE code='$node'",__FILE__,__LINE__);
Database::query("UPDATE $tbl_category SET tree_pos=tree_pos-1 WHERE tree_pos > '".$row['tree_pos']."'");
Database::query("DELETE FROM $tbl_category WHERE code='$node'");
if(!empty($row['parent_id']))
{
@ -317,20 +317,20 @@ function addNode($code,$name,$canHaveCourses,$parent_id)
$name = Database::escape_string($name);
$parent_id = Database::escape_string($parent_id);
$result=Database::query("SELECT 1 FROM $tbl_category WHERE code='$code'",__FILE__,__LINE__);
$result=Database::query("SELECT 1 FROM $tbl_category WHERE code='$code'");
if(Database::num_rows($result))
{
return false;
}
$result=Database::query("SELECT MAX(tree_pos) AS maxTreePos FROM $tbl_category",__FILE__,__LINE__);
$result=Database::query("SELECT MAX(tree_pos) AS maxTreePos FROM $tbl_category");
$row=Database::fetch_array($result);
$tree_pos=$row['maxTreePos']+1;
Database::query("INSERT INTO $tbl_category(name,code,parent_id,tree_pos,children_count,auth_course_child) VALUES('$name','$code',".(empty($parent_id)?"NULL":"'$parent_id'").",'$tree_pos','0','$canHaveCourses')",__FILE__,__LINE__);
Database::query("INSERT INTO $tbl_category(name,code,parent_id,tree_pos,children_count,auth_course_child) VALUES('$name','$code',".(empty($parent_id)?"NULL":"'$parent_id'").",'$tree_pos','0','$canHaveCourses')");
updateFils($parent_id);
@ -348,7 +348,7 @@ function editNode($code,$name,$canHaveCourses,$old_code)
if($code != $old_code)
{
$result=Database::query("SELECT 1 FROM $tbl_category WHERE code='$code'",__FILE__,__LINE__);
$result=Database::query("SELECT 1 FROM $tbl_category WHERE code='$code'");
if(Database::num_rows($result))
{
@ -356,7 +356,7 @@ function editNode($code,$name,$canHaveCourses,$old_code)
}
}
Database::query("UPDATE $tbl_category SET name='$name',code='$code',auth_course_child='$canHaveCourses' WHERE code='$old_code'",__FILE__,__LINE__);
Database::query("UPDATE $tbl_category SET name='$name',code='$code',auth_course_child='$canHaveCourses' WHERE code='$old_code'");
return true;
}
@ -368,11 +368,11 @@ function moveNodeUp($code,$tree_pos,$parent_id)
$tree_pos = Database::escape_string($tree_pos);
$parent_id = Database::escape_string($parent_id);
$result=Database::query("SELECT code,tree_pos FROM $tbl_category WHERE parent_id ".(empty($parent_id)?"IS NULL":"='$parent_id'")." AND tree_pos<'$tree_pos' ORDER BY tree_pos DESC LIMIT 0,1",__FILE__,__LINE__);
$result=Database::query("SELECT code,tree_pos FROM $tbl_category WHERE parent_id ".(empty($parent_id)?"IS NULL":"='$parent_id'")." AND tree_pos<'$tree_pos' ORDER BY tree_pos DESC LIMIT 0,1");
if(!$row=Database::fetch_array($result))
{
$result=Database::query("SELECT code,tree_pos FROM $tbl_category WHERE parent_id ".(empty($parent_id)?"IS NULL":"='$parent_id'")." AND tree_pos>'$tree_pos' ORDER BY tree_pos DESC LIMIT 0,1",__FILE__,__LINE__);
$result=Database::query("SELECT code,tree_pos FROM $tbl_category WHERE parent_id ".(empty($parent_id)?"IS NULL":"='$parent_id'")." AND tree_pos>'$tree_pos' ORDER BY tree_pos DESC LIMIT 0,1");
if(!$row=Database::fetch_array($result))
{
@ -380,15 +380,15 @@ function moveNodeUp($code,$tree_pos,$parent_id)
}
}
Database::query("UPDATE $tbl_category SET tree_pos='".$row['tree_pos']."' WHERE code='$code'",__FILE__,__LINE__);
Database::query("UPDATE $tbl_category SET tree_pos='$tree_pos' WHERE code='$row[code]'",__FILE__,__LINE__);
Database::query("UPDATE $tbl_category SET tree_pos='".$row['tree_pos']."' WHERE code='$code'");
Database::query("UPDATE $tbl_category SET tree_pos='$tree_pos' WHERE code='$row[code]'");
}
function updateFils($category)
{
global $tbl_category;
$category = Database::escape_string($category);
$result=Database::query("SELECT parent_id FROM $tbl_category WHERE code='$category'",__FILE__,__LINE__);
$result=Database::query("SELECT parent_id FROM $tbl_category WHERE code='$category'");
if($row=Database::fetch_array($result))
{
@ -397,14 +397,14 @@ function updateFils($category)
$children_count=compterFils($category,0)-1;
Database::query("UPDATE $tbl_category SET children_count='$children_count' WHERE code='$category'",__FILE__,__LINE__);
Database::query("UPDATE $tbl_category SET children_count='$children_count' WHERE code='$category'");
}
function compterFils($pere,$cpt)
{
global $tbl_category;
$pere = Database::escape_string($pere);
$result=Database::query("SELECT code FROM $tbl_category WHERE parent_id='$pere'",__FILE__,__LINE__);
$result=Database::query("SELECT code FROM $tbl_category WHERE parent_id='$pere'");
$order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname' : ' ORDER BY lastname, firstname';
$sql = "SELECT user.user_id,lastname,firstname FROM $table_user as user,$table_course_user as course_user WHERE course_user.status='1' AND course_user.user_id=user.user_id AND course_user.course_code='".$course_code."'".$order_clause;
@ -163,29 +163,29 @@ foreach($Sessions as $session){
// On ajoute la relation entre l'utilisateur et le cours
foreach($UserList as $enreg_user)
{
Database::query("INSERT IGNORE INTO $tbl_session_rel_course_rel_user(id_session,course_code,id_user) VALUES('$id_session','$enreg_course','$enreg_user')",__FILE__,__LINE__);
Database::query("INSERT IGNORE INTO $tbl_session_rel_course_rel_user(id_session,course_code,id_user) VALUES('$id_session','$enreg_course','$enreg_user')");
}
$sql = "SELECT COUNT(id_user) as nbUsers " .
"FROM $tbl_session_rel_course_rel_user " .
"WHERE id_session='$id_session' AND course_code='$enreg_course'";
$rs = Database::query($sql, __FILE__, __LINE__);
$rs = Database::query($sql);
list($nbr_users) = Database::fetch_array($rs);
$sql = "UPDATE $tbl_session_rel_course SET nbr_users=$nbr_users WHERE id_session='$id_session' AND course_code='$enreg_course'";
Database::query($sql,__FILE__,__LINE__);
Database::query($sql);
}
// On ajoute la relation entre l'utilisateur et la session
foreach($UserList as $enreg_user){
$sql = "INSERT IGNORE INTO $tbl_session_rel_user(id_session, id_user) " .
"VALUES('$id_session','$enreg_user')";
Database::query($sql,__FILE__,__LINE__);
Database::query($sql);
}
$sql = "SELECT COUNT(id_user) as nbUsers " .
"FROM $tbl_session_rel_user " .
"WHERE id_session='$id_session'";
$rs = Database::query($sql, __FILE__, __LINE__);
$rs = Database::query($sql);
list($nbr_users) = Database::fetch_array($rs);
$sql = "UPDATE $tbl_session SET nbr_users=$nbr_users WHERE id='$id_session'";
Database::query("DELETE FROM $tbl_session_rel_course WHERE id_session='$id_session' AND course_code IN($idChecked)",__FILE__,__LINE__);
Database::query("DELETE FROM $tbl_session_rel_course WHERE id_session='$id_session' AND course_code IN($idChecked)");
$nbr_affected_rows=Database::affected_rows();
Database::query("DELETE FROM $tbl_session_rel_course_rel_user WHERE id_session='$id_session' AND course_code IN($idChecked)",__FILE__,__LINE__);
Database::query("DELETE FROM $tbl_session_rel_course_rel_user WHERE id_session='$id_session' AND course_code IN($idChecked)");
Database::query("UPDATE $tbl_session SET nbr_courses=nbr_courses-$nbr_affected_rows WHERE id='$id_session'",__FILE__,__LINE__);
Database::query("UPDATE $tbl_session SET nbr_courses=nbr_courses-$nbr_affected_rows WHERE id='$id_session'");
}
if(!empty($_GET['class'])){
Database::query("DELETE FROM $tbl_session_rel_class WHERE session_id='$id_session' AND class_id=".Database::escape_string($_GET['class']),__FILE__,__LINE__);
Database::query("DELETE FROM $tbl_session_rel_class WHERE session_id='$id_session' AND class_id=".Database::escape_string($_GET['class']));
$nbr_affected_rows=Database::affected_rows();
Database::query("UPDATE $tbl_session SET nbr_classes=nbr_classes-$nbr_affected_rows WHERE id='$id_session'",__FILE__,__LINE__);
Database::query("UPDATE $tbl_session SET nbr_classes=nbr_classes-$nbr_affected_rows WHERE id='$id_session'");
}
if (!empty($_GET['user'])) {
Database::query("DELETE FROM $tbl_session_rel_user WHERE id_session='$id_session' AND id_user=".intval($_GET['user']),__FILE__,__LINE__);
Database::query("DELETE FROM $tbl_session_rel_user WHERE id_session='$id_session' AND id_user=".intval($_GET['user']));
$nbr_affected_rows=Database::affected_rows();
Database::query("UPDATE $tbl_session SET nbr_users=nbr_users-$nbr_affected_rows WHERE id='$id_session'",__FILE__,__LINE__);
Database::query("UPDATE $tbl_session SET nbr_users=nbr_users-$nbr_affected_rows WHERE id='$id_session'");
Database::query("DELETE FROM $tbl_session_rel_course_rel_user WHERE id_session='$id_session' AND id_user=".intval($_GET['user']),__FILE__,__LINE__);
Database::query("DELETE FROM $tbl_session_rel_course_rel_user WHERE id_session='$id_session' AND id_user=".intval($_GET['user']));
$nbr_affected_rows=Database::affected_rows();
Database::query("UPDATE $tbl_session_rel_course SET nbr_users=nbr_users-$nbr_affected_rows WHERE id_session='$id_session'",__FILE__,__LINE__);
Database::query("UPDATE $tbl_session_rel_course SET nbr_users=nbr_users-$nbr_affected_rows WHERE id_session='$id_session'");
}
}
@ -208,7 +208,7 @@ else {
AND id_session='$id_session'
ORDER BY title";
$result=Database::query($sql,__FILE__,__LINE__);
$result=Database::query($sql);
$courses=Database::store_result($result);
foreach($courses as $course){
//select the number of users
@ -217,14 +217,14 @@ else {
WHERE srcru.id_user = sru.id_user AND srcru.id_session = sru.id_session AND srcru.course_code = '".Database::escape_string($course['code'])."'
AND srcru.id_session = '".intval($id_session)."'";
$rs = Database::query($sql, __FILE__, __LINE__);
$rs = Database::query($sql);
$course['nbr_users'] = Database::result($rs,0,0);
// Get coachs of the courses in session
$sql = "SELECT user.lastname,user.firstname,user.username FROM $tbl_session_rel_course_rel_user session_rcru, $tbl_user user
WHERE session_rcru.id_user = user.user_id AND session_rcru.id_session = '".intval($id_session)."' AND session_rcru.course_code ='".Database::escape_string($course['code'])."' AND session_rcru.status=2";
$rs = Database::query($sql,__FILE__,__LINE__);
$rs = Database::query($sql);
$coachs = array();
if (Database::num_rows($rs) > 0) {
@ -287,7 +287,7 @@ else {
ON '.$tbl_user.'.user_id = '.$tbl_session_rel_user.'.id_user
AND '.$tbl_session_rel_user.'.id_session = '.$id_session.$order_clause;
$result=Database::query($sql,__FILE__,__LINE__);
$result=Database::query($sql);
$users=Database::store_result($result);
$orig_param = '&origin=resume_session&id_session='.$id_session; // change breadcrumb in destination page
$result = Database::query("SELECT s.name, c.title FROM $tbl_session_course sc,$tbl_session s,$tbl_course c WHERE sc.id_session=s.id AND sc.course_code=c.code AND sc.id_session='$id_session' AND sc.course_code='".addslashes($course_code)."'",__FILE__,__LINE__);
$result = Database::query("SELECT s.name, c.title FROM $tbl_session_course sc,$tbl_session s,$tbl_course c WHERE sc.id_session=s.id AND sc.course_code=c.code AND sc.id_session='$id_session' AND sc.course_code='".addslashes($course_code)."'");
if (!list($session_name,$course_title)=Database::fetch_row($result)) {
$result=Database::query("SELECT code,title,nbr_users FROM $tbl_session_rel_course,$tbl_course WHERE course_code=code AND id_session='$id_session' ORDER BY $sort LIMIT $from,".($limit+1),__FILE__,__LINE__);
$result=Database::query("SELECT code,title,nbr_users FROM $tbl_session_rel_course,$tbl_course WHERE course_code=code AND id_session='$id_session' ORDER BY $sort LIMIT $from,".($limit+1));
$result=Database::query("SELECT name,title FROM $tbl_session,$tbl_course WHERE id='$id_session' AND code='".addslashes($course_code)."'",__FILE__,__LINE__);
$result=Database::query("SELECT name,title FROM $tbl_session,$tbl_course WHERE id='$id_session' AND code='".addslashes($course_code)."'");
Database::query("DELETE FROM $tbl_session_rel_course_rel_user WHERE id_session='$id_session' AND course_code='".addslashes($course_code)."' AND id_user IN($idChecked)",__FILE__,__LINE__);
Database::query("DELETE FROM $tbl_session_rel_course_rel_user WHERE id_session='$id_session' AND course_code='".addslashes($course_code)."' AND id_user IN($idChecked)");
$nbr_affected_rows=Database::affected_rows();
Database::query("UPDATE $tbl_session_rel_course SET nbr_users=nbr_users-$nbr_affected_rows WHERE id_session='$id_session' AND course_code='".addslashes($course_code)."'",__FILE__,__LINE__);
Database::query("UPDATE $tbl_session_rel_course SET nbr_users=nbr_users-$nbr_affected_rows WHERE id_session='$id_session' AND course_code='".addslashes($course_code)."'");
$result=Database::query("SELECT user_id,".($is_western_name_order ? 'firstname,lastname' : 'lastname,firstname').",username FROM $tbl_session_rel_course_rel_user,$tbl_user WHERE user_id=id_user AND id_session='$id_session' AND course_code='".addslashes($course_code)."' ORDER BY $sort LIMIT $from,".($limit+1),__FILE__,__LINE__);
$result=Database::query("SELECT user_id,".($is_western_name_order ? 'firstname,lastname' : 'lastname,firstname').",username FROM $tbl_session_rel_course_rel_user,$tbl_user WHERE user_id=id_user AND id_session='$id_session' AND course_code='".addslashes($course_code)."' ORDER BY $sort LIMIT $from,".($limit+1));
while ($rowkeys = Database::fetch_array($result)) {
if ($rowkeys['variable'] == 'course_create_active_tools' && $rowkeys['subkey'] == 'enable_search') {continue;}
@ -234,7 +234,7 @@ if (!empty($_GET['category']) && !in_array($_GET['category'], array('Plugins', '
$access_url = $_configuration['access_url'];
if(empty($access_url )) $access_url =1;
$sql = "SELECT selected_value FROM settings_current WHERE variable='".$rowkeys['variable']."' AND subkey='".$rowkeys['subkey']."' AND subkeytext='".$rowkeys['subkeytext']."' AND access_url = $access_url";
$sql .= " WHERE category_code = '".Database::escape_string($category_code)."'";
}
$res = Database::query($sql, __FILE__, __LINE__);
$res = Database::query($sql);
$obj = Database::fetch_object($res);
return $obj->number;
}
@ -57,7 +57,7 @@ class Statistics
{
$sql = "SELECT COUNT(DISTINCT(cu.user_id)) AS number FROM $course_user_table cu, $course_table c WHERE cu.status = ".intval(Database::escape_string($status))." AND c.code = cu.course_code AND c.category_code = '".Database::escape_string($category_code)."'";
}
$res = Database::query($sql, __FILE__, __LINE__);
$res = Database::query($sql);
$obj = Database::fetch_object($res);
return $obj->number;
}
@ -78,7 +78,7 @@ class Statistics
$sql .= " AND (user.username LIKE '%".$keyword."%' OR default_event_type LIKE '%".$keyword."%' OR default_value_type LIKE '%".$keyword."%' OR default_value LIKE '%".$keyword."%') ";
$sql = "SELECT * FROM $category_table ORDER BY tree_pos";
$res = Database::query($sql, __FILE__, __LINE__);
$res = Database::query($sql);
$categories = array ();
while ($category = Database::fetch_object($res))
{
@ -244,7 +244,7 @@ class Statistics
$sql = "SELECT DATE_FORMAT( login_date, '%w' ) AS stat_date , count( login_id ) AS number_of_logins FROM ".$table." GROUP BY stat_date ORDER BY DATE_FORMAT( login_date, '%w' ) ";
break;
}
$res = Database::query($sql,__FILE__,__LINE__);
$res = Database::query($sql);
$result = array();
while($obj = Database::fetch_object($res))
{
@ -277,7 +277,7 @@ class Statistics
$sql[get_lang('Total')] = "SELECT count(login_user_id) AS number FROM $table";
$sql = "SELECT access_tool, count( access_id ) AS number_of_logins FROM $table WHERE access_tool IN ('".implode("','",$tools)."') GROUP BY access_tool ";
$sql='SELECT * FROM '.$tbl_admin_languages.' WHERE parent_id="'.Database::escape_string($parent_id).'" AND id="'.Database::escape_string($sub_language_id).'"';
$rs=Database::query($sql,__FILE__,__LINE__);
$rs=Database::query($sql);
$all_information=array();
while ($row=Database::fetch_array($rs,'ASSOC')) {
$all_information=$row;
@ -67,7 +67,7 @@ class SubLanguageManager {
public static function get_all_information_of_language ($parent_id) {
$sql = 'DELETE FROM '.$tbl_admin_languages.' WHERE parent_id="'.Database::escape_string($parent_id).'" AND id="'.Database::escape_string($sub_language_id).'" ';
Database::query($sql, __FILE__, __LINE__);
Database::query($sql);
}
/**
* check if language exist by id
@ -140,7 +140,7 @@ class SubLanguageManager {
public static function check_if_exist_language_by_id ($language_id) {
$sql='INSERT INTO '.$tbl_admin_languages.'(original_name,english_name,isocode,dokeos_folder,available,parent_id) VALUES ("'.api_htmlentities($original_name).'","'.$english_name.'","'.$isocode.'","'.$english_name.'","'.$sublanguage_available.'","'.$parent_id.'")';
Database::query($sql,__FILE__,__LINE__);
Database::query($sql);
}
/**
* check if language exists
@ -46,9 +46,9 @@ function check_if_language_exist ($original_name,$english_name,$isocode,$sublang
$sql_original_name='SELECT count(*) AS count_original_name FROM '.$tbl_admin_languages.' WHERE original_name="'.Database::escape_string(api_htmlentities($original_name)).'" ';
$sql_english_name='SELECT count(*) AS count_english_name FROM '.$tbl_admin_languages.' WHERE english_name="'.Database::escape_string($english_name).'" ';
$sql_isocode='SELECT count(*) AS count_isocode FROM '.$tbl_admin_languages.' WHERE isocode="'.Database::escape_string($isocode).'" ';
$sql = "SELECT id,name FROM $tbl_class WHERE name LIKE '".$first_letter_class."%' ORDER BY ". (count($classes) > 0 ? "(id IN('".implode("','", $classes)."')) DESC," : "")." name";
$sql = "SELECT code,visual_code,title FROM $tbl_course WHERE visual_code LIKE '".$first_letter_course."%' ORDER BY ". (count($courses) > 0 ? "(code IN('".implode("','", $courses)."')) DESC," : "")." visual_code";
$sql = "SELECT u.user_id,lastname,firstname,username FROM $tbl_user u LEFT JOIN $tbl_class_user cu ON u.user_id=cu.user_id AND class_id='$class_id' WHERE ".$target_name." LIKE '".$first_letter_left."%' AND class_id IS NULL ORDER BY ". (count($left_user_list) > 0 ? "(user_id IN(".implode(',', $left_user_list).")) DESC," : "")." ".$target_name;
$sql = "SELECT u.user_id,lastname,firstname,username FROM $tbl_user u,$tbl_class_user cu WHERE cu.user_id=u.user_id AND class_id='$class_id' AND ".$target_name." LIKE '".$first_letter_right."%' ORDER BY ". (count($right_user_list) > 0 ? "(user_id IN(".implode(',', $right_user_list).")) DESC," : "")." ".$target_name;
@ -339,8 +339,8 @@ function move_user_field($direction,$field_id)
$sql1 = "UPDATE ".$table_user_field." SET field_order = '".Database::escape_string($next_order)."' WHERE id = '".Database::escape_string($this_id)."'";
$sql2 = "UPDATE ".$table_user_field." SET field_order = '".Database::escape_string($this_order)."' WHERE id = '".Database::escape_string($next_id)."'";
Database::query($sql1,__FILE__,__LINE__);
Database::query($sql2,__FILE__,__LINE__);
Database::query($sql1);
Database::query($sql2);
return true;
}
@ -364,26 +364,26 @@ function delete_user_fields($field_id)
// delete the fields
$sql = "DELETE FROM $table_user_field WHERE id = '".Database::escape_string($field_id)."'";
@ -132,7 +132,7 @@ function get_options_data($from, $number_of_items, $column, $direction)
id AS col2
FROM $table_userfields_options WHERE field_id='".Database::escape_string($_GET['field_id'])."' ORDER BY option_order ASC";
$sql .= " LIMIT $from,$number_of_items";
$res = Database::query($sql, __FILE__, __LINE__);
$res = Database::query($sql);
$return = array ();
while ($option = Database::fetch_row($res))
{
@ -148,7 +148,7 @@ function get_number_of_options($from=null, $number_of_items=null, $column=null,
// The sql statement
$sql = "SELECT count(id) as total FROM $table_userfields_options WHERE field_id='".Database::escape_string($_GET['field_id'])."' ";
$res = Database::query($sql, __FILE__, __LINE__);
$res = Database::query($sql);
$row = Database::fetch_row($res);
return $row[0];
}
@ -208,7 +208,7 @@ function move_user_field_option($direction,$option_id)
$found = false;
$sql = "SELECT id, option_order FROM $table_userfields_options WHERE field_id='".Database::escape_string($_GET['field_id'])."' ORDER BY option_order $sortdirection";
@ -228,8 +228,8 @@ function move_user_field_option($direction,$option_id)
$sql1 = "UPDATE ".$table_userfields_options." SET option_order = '".Database::escape_string($next_order)."' WHERE id = '".Database::escape_string($this_id)."'";
$sql2 = "UPDATE ".$table_userfields_options." SET option_order = '".Database::escape_string($this_order)."' WHERE id = '".Database::escape_string($next_id)."'";
Ivan Tcholakov
16 years ago