chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix queries to allow to_group_id = NULL

Browse Source
1.10.x
Julio Montoya 11 years ago
parent 06beecba15
commit e72a2944a1
19 changed files with 364 additions and 210 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 56
      main/admin/special_exports.php
  2. 8
      main/chat/chat_functions.lib.php
  3. 5
      main/chat/chat_hidden.php
  4. 30
      main/coursecopy/classes/CourseRestorer.class.php
  5. 23
      main/document/document.php
  6. 33
      main/document/downloadfolder.inc.php
  7. 51
      main/inc/lib/AnnouncementManager.php
  8. 26
      main/inc/lib/add_course.lib.inc.php
  9. 36
      main/inc/lib/agenda.lib.php
  10. 66
      main/inc/lib/api.lib.php
  11. 2
      main/inc/lib/display.lib.php
  12. 44
      main/inc/lib/document.lib.php
  13. 14
      main/newscorm/resourcelinker.inc.php
  14. 20
      main/newscorm/resourcelinker.php
  15. 11
      main/resourcelinker/resourcelinker.inc.php
  16. 13
      main/resourcelinker/resourcelinker.php
  17. 30
      main/upload/upload.document.php
  18. 101
      main/webservices/cm_webservice_announcements.php
  19. 5
      tests/main/inc/course_document.lib.test.php

56
main/admin/special_exports.php
Unescape View File

@ -46,7 +46,9 @@ $error =0;
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$tbl_session_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
if ((isset ($_POST['action']) && $_POST['action'] == 'course_select_form') || (isset ($_POST['backup_option']) && $_POST['backup_option'] == 'full_backup')) {
if ((isset($_POST['action']) && $_POST['action'] == 'course_select_form') ||
(isset ($_POST['backup_option']) && $_POST['backup_option'] == 'full_backup')
) {
$export = false;
if (isset ($_POST['action']) && $_POST['action'] == 'course_select_form') {
$FileZip = create_zip();
@ -58,6 +60,11 @@ if ((isset ($_POST['action']) && $_POST['action'] == 'course_select_form') || (i
$ListSession[$rows_session['id']] = $rows_session['name'];
}
$groupCondition = " props.to_group_id = $to_group_id";
if (empty($to_group_id)) {
$groupCondition = " (props.to_group_id = 0 OR props.to_group_id IS NULL)";
}
$zip_folder=new PclZip($FileZip['TEMP_FILE_ZIP']);
if(!isset($_POST['resource']) || count($_POST['resource']) == 0 ) {
Display::display_error_message(get_lang('ErrorMsgSpecialExport'));
@ -76,15 +83,20 @@ if ((isset ($_POST['action']) && $_POST['action'] == 'course_select_form') || (i
AND docs.id=props.ref
AND docs.path LIKE '".$querypath."/%'
AND docs.filetype='file'
AND docs.session_id = '0'
AND (docs.session_id = '0' OR docs.session_id IS NULL)
AND props.visibility<>'2'
AND props.to_group_id= $to_group_id AND docs.c_id = $course_id AND props.c_id = $course_id";
AND $groupCondition
AND docs.c_id = $course_id
AND props.c_id = $course_id";
$query = Database::query($sql );
while ($rows_course_file = Database::fetch_assoc($query)) {
$zip_folder->add($FileZip['PATH_COURSE'].$_course['directory']."/document".$rows_course_file['path'],
PCLZIP_OPT_ADD_PATH, $_course['directory'],
PCLZIP_OPT_REMOVE_PATH, $FileZip['PATH_COURSE'].$_course['directory']."/document".$FileZip['PATH_REMOVE']
);
$zip_folder->add(
$FileZip['PATH_COURSE'].$_course['directory']."/document".$rows_course_file['path'],
PCLZIP_OPT_ADD_PATH,
$_course['directory'],
PCLZIP_OPT_REMOVE_PATH,
$FileZip['PATH_COURSE'].$_course['directory']."/document".$FileZip['PATH_REMOVE']
);
}
foreach ($Sessions as $IdSession => $value){
@ -97,13 +109,18 @@ if ((isset ($_POST['action']) && $_POST['action'] == 'course_select_form') || (i
AND docs.filetype='file'
AND docs.session_id = '$session_id'
AND props.visibility<>'2'
AND props.to_group_id= $to_group_id AND docs.c_id = $course_id AND props.c_id = $course_id";
AND $groupCondition
AND docs.c_id = $course_id
AND props.c_id = $course_id";
$query_session_doc = Database::query($sql_session_doc);
while ($rows_course_session_file = Database::fetch_assoc($query_session_doc)) {
$zip_folder->add($FileZip['PATH_COURSE'].$_course['directory'].'/document'.$rows_course_session_file['path'],
PCLZIP_OPT_ADD_PATH, $_course['directory']."/".$ListSession[$session_id],
PCLZIP_OPT_REMOVE_PATH, $FileZip['PATH_COURSE'].$_course['directory'].'/document'.$FileZip['PATH_REMOVE']
);
$zip_folder->add(
$FileZip['PATH_COURSE'].$_course['directory'].'/document'.$rows_course_session_file['path'],
PCLZIP_OPT_ADD_PATH,
$_course['directory']."/".$ListSession[$session_id],
PCLZIP_OPT_REMOVE_PATH,
$FileZip['PATH_COURSE'].$_course['directory'].'/document'.$FileZip['PATH_REMOVE']
);
}
}
}
@ -211,6 +228,11 @@ function fullexportspecial(){
$tbl_document = Database::get_course_table(TABLE_DOCUMENT);
$tbl_property = Database::get_course_table(TABLE_ITEM_PROPERTY);
$groupCondition = " props.to_group_id = $to_group_id";
if (empty($to_group_id)) {
$groupCondition = " (props.to_group_id = 0 OR props.to_group_id IS NULL)";
}
if (count($list_course) >0 ) {
foreach($list_course as $_course) {
@ -227,9 +249,11 @@ function fullexportspecial(){
AND docs.id=props.ref
AND docs.path LIKE '".$querypath."/%'
AND docs.filetype='file'
AND docs.session_id = '0'
AND (docs.session_id = '0' OR docs.session_id IS NULL)
AND props.visibility<>'2'
AND props.to_group_id=".$to_group_id." AND docs.c_id = $course_id AND props.c_id = $course_id";
AND $groupCondition
AND docs.c_id = $course_id
AND props.c_id = $course_id";
$query = Database::query($sql );
while ($rows_course_file = Database::fetch_assoc($query)) {
$rows_course_file['path'];
@ -256,7 +280,9 @@ function fullexportspecial(){
AND docs.filetype='file'
AND docs.session_id = '$session_id'
AND props.visibility<>'2'
AND props.to_group_id=".$to_group_id." AND docs.c_id = $course_id AND props.c_id = $course_id ";
AND $groupCondition
AND docs.c_id = $course_id
AND props.c_id = $course_id ";
$query_session_doc = Database::query($sql_session_doc);
while ($rows_course_session_file = Database::fetch_assoc($query_session_doc)) {
$zip_folder->add($FileZip['PATH_COURSE'].$_course['directory'].'/document'.$rows_course_session_file['path'],

8
main/chat/chat_functions.lib.php
Unescape View File

@ -27,10 +27,14 @@ function user_connected_in_chat($user_id)
$extra_condition = api_get_session_condition($session_id);
}
$sql = 'SELECT COUNT(*) AS count FROM '.$tbl_chat_connected .' c
WHERE c_id = '.$course_id.' AND user_id='.$user_id.$extra_condition;
$sql = 'SELECT COUNT(*) AS count
FROM '.$tbl_chat_connected .' c
WHERE
c_id = '.$course_id.' AND
user_id='.$user_id.$extra_condition;
$result = Database::query($sql);
$count = Database::fetch_array($result,'ASSOC');
return $count['count'] == 1;
}

5
main/chat/chat_hidden.php
Unescape View File

@ -70,11 +70,12 @@ if (file_exists($file)) {
$chat_size_new = filesize($file);
}
$sql = "SELECT user_id FROM $tbl_chat_connected WHERE user_id='".$userId."' $extra_condition";
$sql = "SELECT user_id FROM $tbl_chat_connected
WHERE user_id='".$userId."' $extra_condition";
$result = Database::query($sql);
// The user_id exists so we must do an UPDATE and not a INSERT
$current_time = date('Y-m-d H:i:s');
$current_time = api_get_utc_datetime();
if (Database::num_rows($result) == 0) {
$query = "INSERT INTO $tbl_chat_connected(c_id, user_id,last_connection,session_id,to_group_id)
VALUES($course_id, '".$userId."','$current_time','$session_id','$group_id')";

30
main/coursecopy/classes/CourseRestorer.class.php
Unescape View File

@ -218,19 +218,20 @@ class CourseRestorer
values as users/groups possibly not exist in
the target course*/
$sql = "INSERT INTO $table SET
c_id = '".$this->destination_course_id."',
tool = '".self::DBUTF8escapestring($property['tool'])."',
insert_user_id = '".self::DBUTF8escapestring($property['insert_user_id'])."',
insert_date = '".self::DBUTF8escapestring($property['insert_date'])."',
lastedit_date = '".self::DBUTF8escapestring($property['lastedit_date'])."',
ref = '".self::DBUTF8escapestring($resource->destination_id)."',
lastedit_type = '".self::DBUTF8escapestring($property['lastedit_type'])."',
lastedit_user_id = '".self::DBUTF8escapestring($property['lastedit_user_id'])."',
visibility = '".self::DBUTF8escapestring($property['visibility'])."',
start_visible = '".self::DBUTF8escapestring($property['start_visible'])."',
end_visible = '".self::DBUTF8escapestring($property['end_visible'])."',
to_user_id = '".self::DBUTF8escapestring($property['to_user_id'])."',
to_group_id = '0' $condition_session" ;
c_id = '".$this->destination_course_id."',
tool = '".self::DBUTF8escapestring($property['tool'])."',
insert_user_id = '".self::DBUTF8escapestring($property['insert_user_id'])."',
insert_date = '".self::DBUTF8escapestring($property['insert_date'])."',
lastedit_date = '".self::DBUTF8escapestring($property['lastedit_date'])."',
ref = '".self::DBUTF8escapestring($resource->destination_id)."',
lastedit_type = '".self::DBUTF8escapestring($property['lastedit_type'])."',
lastedit_user_id = '".self::DBUTF8escapestring($property['lastedit_user_id'])."',
visibility = '".self::DBUTF8escapestring($property['visibility'])."',
start_visible = '".self::DBUTF8escapestring($property['start_visible'])."',
end_visible = '".self::DBUTF8escapestring($property['end_visible'])."',
to_user_id = '".self::DBUTF8escapestring($property['to_user_id'])."',
to_group_id = NULL
$condition_session" ;
;
Database::query($sql);
}
@ -2352,7 +2353,8 @@ class CourseRestorer
start_visible,
end_visible
FROM '.$item_property_table.' ip
INNER JOIN '.$work_table.' sp ON ip.ref=sp.id
INNER JOIN '.$work_table.' sp
ON ip.ref=sp.id
WHERE
sp.c_id = '.$this->course_origin_id.' AND
ip.c_id = '.$this->course_origin_id.' AND

23
main/document/document.php
Unescape View File

@ -216,6 +216,7 @@ switch ($action) {
);
// Check whether the document is in the database.
if (!empty($documentInfo)) {
$deleteDocument = DocumentManager::delete_document(
$courseInfo,
@ -284,7 +285,8 @@ switch ($action) {
case 'downloadfolder':
if (api_get_setting('students_download_folders') == 'true'
|| api_is_allowed_to_edit()
|| api_is_platform_admin()) {
|| api_is_platform_admin()
) {
// Get the document data from the ID
$document_data = DocumentManager::get_document_data_by_id(
$document_id,
@ -292,6 +294,7 @@ switch ($action) {
false,
$sessionId
);
if ($sessionId != 0 && !$document_data) {
// If there is a session defined and asking for the
// document * from the session* didn't work, try it from the
@ -672,8 +675,9 @@ if (isset($_GET['curdirpath']) &&
// Check whether the tool is actually visible
$table_course_tool = Database::get_course_table(TABLE_TOOL_LIST);
$course_id = api_get_course_int_id();
$tool_sql = 'SELECT visibility FROM '.$table_course_tool.
' WHERE c_id = '.$course_id.' AND name = "'.TOOL_DOCUMENT.'" LIMIT 1';
$tool_sql = 'SELECT visibility FROM '.$table_course_tool.'
WHERE c_id = '.$course_id.' AND name = "'.TOOL_DOCUMENT.'"
LIMIT 1';
$tool_result = Database::query($tool_sql);
$tool_row = Database::fetch_array($tool_result);
$tool_visibility = $tool_row['visibility'];
@ -1335,6 +1339,7 @@ if ($is_allowed_to_edit) {
Display::return_message(get_lang('ViModProb'), 'error')
);
}
header('Location: '.$currentUrl);
exit;
}
@ -1949,7 +1954,7 @@ if (count($documentAndFolders) > 1) {
$table->set_form_actions($form_action, 'ids');
}
}
$flashMessage = Display::getFlashToString();
Display::display_header('', 'Doc');
/* Introduction section (editable by course admins) */
@ -1960,16 +1965,6 @@ if (!empty($groupId)) {
Display::display_introduction_section(TOOL_DOCUMENT);
}
$message = Session::read('message');
if (!empty($message)) {
echo $message;
}
echo $flashMessage;
Session::erase('message');
echo $actions;
echo $templateForm;
echo $moveForm;

33
main/document/downloadfolder.inc.php
Unescape View File

@ -102,6 +102,12 @@ function fixDocumentNameCallback($p_event, &$p_header)
return 1;
}
$groupCondition = " props.to_group_id = ".$groupId;
if (empty($groupId)) {
$groupCondition = " (props.to_group_id = 0 OR props.to_group_id IS NULL ) ";
}
// Admins are allowed to download invisible files
if (api_is_allowed_to_edit()) {
// Set the path that will be used in the query
@ -111,6 +117,7 @@ if (api_is_allowed_to_edit()) {
$querypath = $path;
}
$querypath = Database::escape_string($querypath);
// Search for all files that are not deleted => visibility != 2
$sql = "SELECT
path,
@ -128,8 +135,8 @@ if (api_is_allowed_to_edit()) {
docs.path LIKE '".$querypath."/%' AND
docs.filetype = 'file' AND
props.visibility <> '2' AND
props.to_group_id = ".$groupId." AND
props.session_id IN ('0', '$sessionId') AND
$groupCondition AND
(props.session_id IN ('0', '$sessionId') OR props.session_id IS NULL) AND
docs.c_id = ".$courseId." ";
$sql.= DocumentManager::getSessionFolderFilters($querypath, $sessionId);
@ -181,18 +188,20 @@ if (api_is_allowed_to_edit()) {
*/
$querypath = Database::escape_string($querypath);
$sql = "SELECT path, session_id, docs.id, props.to_group_id, docs.c_id
FROM $doc_table AS docs INNER JOIN $prop_table AS props
FROM $doc_table AS docs
INNER JOIN $prop_table AS props
ON
docs.id = props.ref AND
docs.c_id = props.c_id
WHERE
docs.c_id = $courseId AND
props.tool = '".TOOL_DOCUMENT."' AND
docs.path LIKE '".$querypath."/%' AND
props.visibility = '1' AND
docs.filetype = 'file' AND
props.session_id IN ('0', '$sessionId') AND
props.to_group_id = ".$groupId;
docs.c_id = $courseId AND
props.tool = '".TOOL_DOCUMENT."' AND
docs.path LIKE '".$querypath."/%' AND
props.visibility = '1' AND
docs.filetype = 'file' AND
(props.session_id IN ('0', '$sessionId') OR props.session_id IS NULL) AND
$groupCondition
";
$sql.= DocumentManager::getSessionFolderFilters($querypath, $sessionId);
$result = Database::query($sql);
@ -225,7 +234,7 @@ if (api_is_allowed_to_edit()) {
props.tool = '".TOOL_DOCUMENT."' AND
docs.path LIKE '".$querypath."/%' AND
props.visibility <> '1' AND
props.session_id IN ('0', '$sessionId') AND
(props.session_id IN ('0', '$sessionId') OR props.session_id IS NULL) AND
docs.filetype = 'folder'";
$query2 = Database::query($sql);
@ -247,7 +256,7 @@ if (api_is_allowed_to_edit()) {
props.tool ='".TOOL_DOCUMENT."' AND
docs.path LIKE '".$invisible_folders['path']."/%' AND
docs.filetype ='file' AND
props.session_id IN ('0', '$sessionId') AND
(props.session_id IN ('0', '$sessionId') OR props.session_id IS NULL) AND
props.visibility ='1'";
$query3 = Database::query($sql);
// Add tem to an array

51
main/inc/lib/AnnouncementManager.php
Unescape View File

@ -187,7 +187,8 @@ class AnnouncementManager
toolitemproperties.tool='announcement' AND
(
toolitemproperties.to_user_id='" . api_get_user_id() . "' OR
toolitemproperties.to_group_id IN ('0', '" . implode("', '", $group_list) . "')
toolitemproperties.to_group_id IN ('0', '" . implode("', '", $group_list) . "') OR
toolitemproperties.to_group_id IS NULL
) AND
toolitemproperties.visibility='1' AND
announcement.c_id = $course_id AND
@ -200,7 +201,7 @@ class AnnouncementManager
announcement.id = toolitemproperties.ref AND
announcement.id = '$announcement_id' AND
toolitemproperties.tool='announcement' AND
toolitemproperties.to_group_id='0' AND
(toolitemproperties.to_group_id='0' OR toolitemproperties.to_group_id IS NULL) AND
toolitemproperties.visibility='1' AND
announcement.c_id = $course_id AND
toolitemproperties.c_id = $course_id
@ -675,7 +676,7 @@ class AnnouncementManager
toolitemproperties.tool='announcement' AND
(
toolitemproperties.insert_user_id='$user_id' AND
(toolitemproperties.to_group_id='0' OR toolitemproperties.to_group_id is null)
(toolitemproperties.to_group_id='0' OR toolitemproperties.to_group_id IS NULL)
)
AND toolitemproperties.visibility='1'
AND announcement.session_id = 0
@ -1636,7 +1637,7 @@ class AnnouncementManager
if (api_get_group_id() == 0) {
$group_condition = "";
} else {
$group_condition = " AND (ip.to_group_id='".api_get_group_id()."' OR ip.to_group_id = 0)";
$group_condition = " AND (ip.to_group_id='".api_get_group_id()."' OR ip.to_group_id = 0 OR ip.to_group_id IS NULL)";
}
$sql = "SELECT announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
FROM $tbl_announcement announcement, $tbl_item_property ip
@ -1660,19 +1661,34 @@ class AnnouncementManager
if ((api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) {
if (api_get_group_id() == 0) {
$cond_user_id = " AND (ip.lastedit_user_id = '".$userId."' OR ( ip.to_user_id='".$userId."'" .
"OR ip.to_group_id IN (0, ".implode(", ", $group_memberships)."))) ";
$cond_user_id = " AND (
ip.lastedit_user_id = '".$userId."' OR (
ip.to_user_id='".$userId."' OR
ip.to_group_id IN (0, ".implode(", ", $group_memberships).") OR
ip.to_group_id IS NULL
)
)
";
} else {
$cond_user_id = " AND (ip.lastedit_user_id = '".$userId."'
OR ip.to_group_id IN (0, ".api_get_group_id()."))";
$cond_user_id = " AND (
ip.lastedit_user_id = '".$userId."'OR
ip.to_group_id IN (0, ".api_get_group_id().") OR
ip.to_group_id IS NULL
)";
}
} else {
if (api_get_group_id() == 0) {
$cond_user_id = " AND ( ip.to_user_id='".$userId."'" .
"OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).")) ";
$cond_user_id = " AND (
ip.to_user_id='".$userId."' OR
ip.to_group_id IN (0, ".implode(", ", $group_memberships).") OR
ip.to_group_id IS NULL
) ";
} else {
$cond_user_id = " AND ( ip.to_user_id='".$userId."'" .
"OR ip.to_group_id IN (0, ".api_get_group_id().")) ";
$cond_user_id = " AND (
ip.to_user_id='".$userId."' OR
ip.to_group_id IN (0, ".api_get_group_id().") OR
ip.to_group_id IS NULL
) ";
}
}
@ -1696,9 +1712,12 @@ class AnnouncementManager
// this is an identified user => show the general announcements AND his personal announcements
if ($userId) {
if ((api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) {
$cond_user_id = " AND (ip.lastedit_user_id = '".$userId."' OR ( ip.to_user_id='".$userId."' OR ip.to_group_id='0')) ";
$cond_user_id = " AND (
ip.lastedit_user_id = '".$userId."' OR
( ip.to_user_id='".$userId."' OR ip.to_group_id='0' OR ip.to_group_id IS NULL)
) ";
} else {
$cond_user_id = " AND ( ip.to_user_id='".$userId."' OR ip.to_group_id='0') ";
$cond_user_id = " AND ( ip.to_user_id='".$userId."' OR ip.to_group_id='0' OR ip.to_group_id IS NULL) ";
}
$sql = "SELECT announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
FROM $tbl_announcement announcement, $tbl_item_property ip
@ -1716,7 +1735,9 @@ class AnnouncementManager
} else {
if (api_get_course_setting('allow_user_edit_announcement')) {
$cond_user_id = " AND (ip.lastedit_user_id = '".api_get_user_id()."' OR ip.to_group_id='0') ";
$cond_user_id = " AND (
ip.lastedit_user_id = '".api_get_user_id()."' OR ip.to_group_id='0' OR ip.to_group_id IS NULL
) ";
} else {
$cond_user_id = " AND ip.to_group_id='0' ";
}

26
main/inc/lib/add_course.lib.inc.php
Unescape View File

@ -870,11 +870,9 @@ class AddCourse
);
$image_id = Database:: insert_id();
Database::query(
"INSERT INTO $TABLEITEMPROPERTY (c_id, tool,insert_user_id,insert_date,lastedit_date,ref,lastedit_type,lastedit_user_id,to_group_id,to_user_id,visibility)
VALUES ($course_id,'document',1,'$now','$now',$image_id,'DocumentAdded',1,0,NULL,0)"
VALUES ($course_id,'document',1,'$now','$now',$image_id,'DocumentAdded',1,NULL,NULL,0)"
);
}
}
@ -919,11 +917,14 @@ class AddCourse
$example_cert_id = $image_id;
}
Database::query(
"INSERT INTO $TABLEITEMPROPERTY (c_id, tool,insert_user_id,insert_date,lastedit_date,ref,lastedit_type,lastedit_user_id,to_group_id,to_user_id,visibility) VALUES ($course_id,'document',1,'$now','$now',$image_id,'DocumentAdded',1,0,NULL,1)"
"INSERT INTO $TABLEITEMPROPERTY (c_id, tool,insert_user_id,insert_date,lastedit_date,ref,lastedit_type,lastedit_user_id,to_group_id,to_user_id,visibility)
VALUES ($course_id,'document',1,'$now','$now',$image_id,'DocumentAdded',1,NULL,NULL,1)"
);
$docId = Database:: insert_id();
$sql = "UPDATE $TABLEITEMPROPERTY SET id = iid WHERE iid = $docId";
Database::query($sql);
if ($docId) {
$sql = "UPDATE $TABLEITEMPROPERTY SET id = iid WHERE iid = $docId";
Database::query($sql);
}
}
}
}
@ -1174,15 +1175,14 @@ class AddCourse
Database::query(
"INSERT INTO $tableItem (id, c_id, tool,insert_user_id,insert_date,lastedit_date,ref,lastedit_type,lastedit_user_id,to_group_id,to_user_id,visibility)
VALUES ($counter, $course_id,'document',1,'$now', '$now', $docId, 'DocumentAdded', 1, 0, NULL, 0)"
VALUES ($counter, $course_id,'document',1,'$now', '$now', $docId, 'DocumentAdded', 1, NULL, NULL, 0)"
);
$id = Database:: insert_id();
$sql = "UPDATE $tableItem SET id = iid WHERE iid = $id";
Database::query($sql);
if ($id) {
$sql = "UPDATE $tableItem SET id = iid WHERE iid = $id";
Database::query($sql);
}
}
}
/**
@ -1511,7 +1511,7 @@ class AddCourse
}
/**
* Generate a new id for c_tool table
* Generate a new id for c_tool table
* @param int $courseId The course id
* @return int the new id
*/

36
main/inc/lib/agenda.lib.php
Unescape View File

@ -1176,6 +1176,11 @@ class Agenda
$courseId = intval($courseId);
$sessionId = intval($sessionId);
$sessionCondition = "ip.session_id = $sessionId";
if (empty($sessionId)) {
$sessionCondition = " (ip.session_id = 0 OR ip.session_id IS NULL) ";
}
$tlb_course_agenda = Database::get_course_table(TABLE_AGENDA);
$tbl_property = Database::get_course_table(TABLE_ITEM_PROPERTY);
@ -1185,11 +1190,11 @@ class Agenda
INNER JOIN $tlb_course_agenda agenda
ON (ip.ref = agenda.id AND ip.c_id = agenda.c_id)
WHERE
ip.tool = '".TOOL_CALENDAR_EVENT."' AND
ref = $eventId AND
ip.visibility = '1' AND
ip.tool = '".TOOL_CALENDAR_EVENT."' AND
ref = $eventId AND
ip.visibility = '1' AND
ip.c_id = $courseId AND
ip.session_id = $sessionId
$sessionCondition
";
$result = Database::query($sql);
@ -1273,16 +1278,16 @@ class Agenda
if (api_is_allowed_to_edit()) {
if (!empty($groupId)) {
$where_condition = "( ip.to_group_id IN (0, ".implode(", ", $group_memberships).") ) ";
$where_condition = "( ip.to_group_id IS NULL OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).") ) ";
} else {
if (!empty($user_id)) {
$where_condition = "( ip.to_user_id = $user_id OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).") ) ";
$where_condition = "( ip.to_user_id = $user_id OR (ip.to_group_id IS NULL OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).")) ) ";
} else {
$where_condition = "( ip.to_group_id is null OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).") ) ";
$where_condition = "( ip.to_group_id IS NULL OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).") ) ";
}
}
} else {
$where_condition = "( ip.to_user_id = $user_id OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).") ) ";
$where_condition = "( ip.to_user_id = $user_id OR (ip.to_group_id IS NULL OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).")) ) ";
}
$sql = "SELECT DISTINCT
@ -1309,15 +1314,16 @@ class Agenda
if ($user_id == 0) {
$where_condition = "";
} else {
$where_condition = " ( ip.to_user_id = ".$user_id. " OR ip.to_group_id='0' ) AND ";
$where_condition = " ( ip.to_user_id = ".$user_id. " OR ip.to_group_id='0' OR ip.to_group_id IS NULL ) AND ";
}
$visibilityCondition = " (ip.visibility IN ('1', '0')) AND ";
} else {
$where_condition = " ( ip.to_user_id = $user_id OR ip.to_group_id='0' ) AND ";
$where_condition = " ( ip.to_user_id = $user_id OR ip.to_group_id='0' OR ip.to_group_id IS NULL) AND ";
}
$sql = "SELECT DISTINCT agenda.*, ip.visibility, ip.to_group_id, ip.insert_user_id, ip.ref, to_user_id
FROM $tlb_course_agenda agenda INNER JOIN $tbl_property ip
FROM $tlb_course_agenda agenda
INNER JOIN $tbl_property ip
ON (agenda.id = ip.ref AND agenda.c_id = ip.c_id)
WHERE
ip.tool='".TOOL_CALENDAR_EVENT."' AND
@ -2468,7 +2474,7 @@ class Agenda
AND MONTH(agenda.start_date)='".$month."'
AND YEAR(agenda.start_date)='".$year."'
AND ip.tool='".TOOL_CALENDAR_EVENT."'
AND ( ip.to_user_id='".$user_id."' OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).") )
AND ( ip.to_user_id='".$user_id."' OR (ip.to_group_id IS NULL OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).")) )
AND ip.visibility='1'
ORDER BY start_date ";
} else {
@ -2479,7 +2485,7 @@ class Agenda
AND MONTH(agenda.start_date)='".$month."'
AND YEAR(agenda.start_date)='".$year."'
AND ip.tool='".TOOL_CALENDAR_EVENT."'
AND ( ip.to_user_id='".$user_id."' OR ip.to_group_id='0')
AND ( ip.to_user_id='".$user_id."' OR ip.to_group_id='0' OR ip.to_group_id IS NULL)
AND ip.visibility='1'
ORDER BY start_date ";
}
@ -2963,7 +2969,7 @@ class Agenda
" AND agenda.start_date>='$date_start' ".
" AND agenda.end_date<='$date_end' ".
" AND ip.tool='".TOOL_CALENDAR_EVENT."' ".
" AND ( ip.to_user_id='".$user_id."' OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).") ) ".
" AND ( ip.to_user_id='".$user_id."' OR (ip.to_group_id IS NULL OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).")) ) ".
" AND ip.visibility='1' ".
" ORDER BY start_date ";
} else {
@ -2975,7 +2981,7 @@ class Agenda
" AND agenda.start_date>='$date_start' ".
" AND agenda.end_date<='$date_end' ".
" AND ip.tool='".TOOL_CALENDAR_EVENT."' ".
" AND ( ip.to_user_id='".$user_id."' OR ip.to_group_id='0') ".
" AND ( ip.to_user_id='".$user_id."' OR ip.to_group_id='0' OR ip.to_group_id IS NULL) ".
" AND ip.visibility='1' ".
" ORDER BY start_date ";
}

66
main/inc/lib/api.lib.php
Unescape View File

@ -2375,7 +2375,7 @@ function api_get_session_condition(
$condition_add = $and ? " AND " : " WHERE ";
if ($with_base_content) {
$condition_session = $condition_add." ( $session_field = $session_id OR $session_field = 0) ";
$condition_session = $condition_add." ( $session_field = $session_id OR $session_field = 0 OR $session_field IS NULL) ";
} else {
$condition_session = $condition_add." $session_field = $session_id ";
}
@ -3622,10 +3622,19 @@ function api_item_property_update(
$lastEditTypeNoFilter = $lastedit_type;
$lastedit_type = Database::escape_string($lastedit_type);
$user_id = intval($user_id);
$to_group_id = intval($to_group_id);
$to_user_id = intval($to_user_id);
$start_visible = Database::escape_string($start_visible);
$end_visible = Database::escape_string($end_visible);
$startVisible = "NULL";
if (!empty($start_visible)) {
$start_visible = Database::escape_string($start_visible);
$startVisible = "'$start_visible'";
}
$endVisible = "NULL";
if (!empty($end_visible)) {
$end_visible = Database::escape_string($end_visible);
$endVisible = "'$end_visible'";
}
$to_filter = '';
$time = api_get_utc_datetime();
@ -3644,6 +3653,7 @@ function api_item_property_update(
if (!is_null($to_user_id)) {
// $to_user_id has more priority than $to_group_id
$to_user_id = intval($to_user_id);
$to_field = 'to_user_id';
$to_value = $to_user_id;
} else {
@ -3652,6 +3662,8 @@ function api_item_property_update(
$to_value = $to_group_id;
}
$toValueCondition = empty($to_value) ? "NULL" : "'$to_value'";
// Set filters for $to_user_id and $to_group_id, with priority for $to_user_id
$condition_session = '';
if (!empty($session_id)) {
@ -3670,6 +3682,7 @@ function api_item_property_update(
if (is_null($to_user_id) && is_null($to_group_id)) {
$to_group_id = 0;
}
if (!is_null($to_user_id)) {
// Set filter to intended user.
$to_filter = " AND to_user_id= '$to_user_id' $condition_session";
@ -3709,12 +3722,13 @@ function api_item_property_update(
$result = Database::query($sql);
} else {
$sql = "INSERT INTO $TABLE_ITEMPROPERTY (c_id, tool, ref, insert_date, insert_user_id, lastedit_date, lastedit_type, lastedit_user_id, $to_field, visibility, start_visible, end_visible, session_id)
VALUES ($course_id, '$tool','$item_id','$time', '$user_id', '$time', '$lastedit_type','$user_id', '$to_value', '$visibility', '$start_visible','$end_visible', '$session_id')";
VALUES ($course_id, '$tool','$item_id','$time', '$user_id', '$time', '$lastedit_type','$user_id', $toValueCondition, '$visibility', $startVisible, $endVisible, '$session_id')";
$result = Database::query($sql);
$id = Database::insert_id();
$sql = "UPDATE $TABLE_ITEMPROPERTY SET id = iid WHERE iid = $id";
Database::query($sql);
if ($id) {
$sql = "UPDATE $TABLE_ITEMPROPERTY SET id = iid WHERE iid = $id";
Database::query($sql);
}
}
} else {
$sql = "UPDATE $TABLE_ITEMPROPERTY
@ -3750,9 +3764,8 @@ function api_item_property_update(
$result = Database::query($sql);
} else {
$sql = "INSERT INTO $TABLE_ITEMPROPERTY (c_id, tool, ref, insert_date, insert_user_id, lastedit_date, lastedit_type, lastedit_user_id, $to_field, visibility, start_visible, end_visible, session_id)
VALUES ($course_id, '$tool', '$item_id', '$time', '$user_id', '$time', '$lastedit_type', '$user_id', '$to_value', '$visibility', '$start_visible', '$end_visible', '$session_id')";
VALUES ($course_id, '$tool', '$item_id', '$time', '$user_id', '$time', '$lastedit_type', '$user_id', $toValueCondition, '$visibility', $startVisible, $endVisible, '$session_id')";
$result = Database::query($sql);
$id = Database::insert_id();
if ($id) {
$sql = "UPDATE $TABLE_ITEMPROPERTY SET id = iid WHERE iid = $id";
@ -3793,12 +3806,13 @@ function api_item_property_update(
$result = Database::query($sql);
} else {
$sql = "INSERT INTO $TABLE_ITEMPROPERTY (c_id, tool, ref, insert_date, insert_user_id, lastedit_date, lastedit_type, lastedit_user_id,$to_field, visibility, start_visible, end_visible, session_id)
VALUES ($course_id, '$tool', '$item_id', '$time', '$user_id', '$time', '$lastedit_type', '$user_id', '$to_value', '$visibility', '$start_visible', '$end_visible', '$session_id')";
VALUES ($course_id, '$tool', '$item_id', '$time', '$user_id', '$time', '$lastedit_type', '$user_id', $toValueCondition, '$visibility', $startVisible, $endVisible, '$session_id')";
$result = Database::query($sql);
$id = Database::insert_id();
$sql = "UPDATE $TABLE_ITEMPROPERTY SET id = iid WHERE iid = $id";
Database::query($sql);
if ($id) {
$sql = "UPDATE $TABLE_ITEMPROPERTY SET id = iid WHERE iid = $id";
Database::query($sql);
}
}
} else {
$sql = "UPDATE $TABLE_ITEMPROPERTY
@ -3826,17 +3840,17 @@ function api_item_property_update(
// Insert if no entries are found (can only happen in case of $lastedit_type switch is 'default').
if (Database::affected_rows($result) == 0) {
$sessionCondition = empty($session_id) ? "NULL" : "'$session_id'";
$toValueCondition = empty($to_value) ? "NULL" : "'$to_value'";
$sql = "INSERT INTO $TABLE_ITEMPROPERTY (c_id, tool,ref,insert_date,insert_user_id,lastedit_date,lastedit_type, lastedit_user_id, $to_field, visibility, start_visible, end_visible, session_id)
VALUES ($course_id, '$tool', '$item_id', '$time', '$user_id', '$time', '$lastedit_type', '$user_id', $toValueCondition, '$visibility', '$start_visible', '$end_visible', $sessionCondition)";
VALUES ($course_id, '$tool', '$item_id', '$time', '$user_id', '$time', '$lastedit_type', '$user_id', $toValueCondition, '$visibility', $startVisible, $endVisible, $sessionCondition)";
$res = Database::query($sql);
if (!$res) {
$id = Database::insert_id();
$id = Database::insert_id();
if ($id) {
$sql = "UPDATE $TABLE_ITEMPROPERTY SET id = iid WHERE iid = $id";
Database::query($sql);
return false;
}
}
return true;
}
@ -3999,17 +4013,22 @@ function api_get_track_item_property_history($tool, $ref)
*/
function api_get_item_property_info($course_id, $tool, $ref, $session_id = 0)
{
$course_info = api_get_course_info_by_id($course_id);
$courseInfo = api_get_course_info_by_id($course_id);
if (empty($course_info)) {
if (empty($courseInfo)) {
return false;
}
$tool = Database::escape_string($tool);
$ref = intval($ref);
$course_id = $course_info['real_id'];
$course_id = $courseInfo['real_id'];
$session_id = intval($session_id);
$sessionCondition = " session_id = $session_id";
if (empty($session_id)) {
$sessionCondition = " (session_id = 0 OR session_id IS NULL) ";
}
// Definition of tables.
$table = Database::get_course_table(TABLE_ITEM_PROPERTY);
@ -4018,13 +4037,14 @@ function api_get_item_property_info($course_id, $tool, $ref, $session_id = 0)
c_id = $course_id AND
tool = '$tool' AND
ref = $ref AND
session_id = $session_id ";
$sessionCondition ";
$rs = Database::query($sql);
$row = array();
if (Database::num_rows($rs) > 0) {
$row = Database::fetch_array($rs,'ASSOC');
}
return $row;
}

2
main/inc/lib/display.lib.php
Unescape View File

@ -1467,7 +1467,7 @@ class Display
$my_course['id_session'] = $course_info['id_session'];
}
$label = get_lang('TitleNotification').": ".get_lang($type)." ($lastDate)";
$retvalue .= '<a href="'.api_get_path(WEB_CODE_PATH).$notification['link'].'?cidReq='.$course_code.'&amp;ref='.$notification['ref'].'&amp;gidReq='.$notification['to_group_id'].'&amp;id_session='.$my_course['id_session'].'">'.
$retvalue .= '<a href="'.api_get_path(WEB_CODE_PATH).$notification['link'].'?cidReq='.$course_code.'&ref='.$notification['ref'].'&gidReq='.$notification['to_group_id'].'&id_session='.$my_course['id_session'].'">'.
Display::return_icon($notification['image'], $label).'</a>&nbsp;';
}

44
main/inc/lib/document.lib.php
Unescape View File

@ -520,18 +520,24 @@ class DocumentManager
$TABLE_ITEMPROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY);
$TABLE_DOCUMENT = Database::get_course_table(TABLE_DOCUMENT);
$userGroupFilter = '';
if (!is_null($to_user_id)) {
$to_field = 'last.to_user_id';
$to_value = $to_user_id;
$to_user_id = intval($to_user_id);
$userGroupFilter = "last.to_user_id = $to_user_id";
if (empty($to_user_id)) {
$userGroupFilter = " (last.to_user_id = 0 OR last.to_user_id IS NULL) ";
}
} else {
$to_field = 'last.to_group_id';
$to_value = $to_group_id;
$to_group_id = intval($to_group_id);
$userGroupFilter = "last.to_group_id = $to_group_id";
if (empty($to_group_id)) {
$userGroupFilter = "( last.to_group_id = 0 OR last.to_group_id IS NULL) ";
}
}
// Escape underscores in the path so they don't act as a wildcard
$originalPath = $path;
$path = str_replace('_', '\_', $path);
$to_value = Database::escape_string($to_value);
$visibility_bit = ' <> 2';
@ -541,7 +547,7 @@ class DocumentManager
// Condition for the session
$sessionId = api_get_session_id();
$condition_session = " AND (last.session_id = '$sessionId' OR (last.session_id = '0') )";
$condition_session = " AND (last.session_id = '$sessionId' OR (last.session_id = '0' OR last.session_id IS NULL) )";
$condition_session .= self::getSessionFolderFilters($originalPath, $sessionId);
$sharedCondition = null;
@ -581,13 +587,11 @@ class DocumentManager
docs.path LIKE '" . Database::escape_string($path . $added_slash.'%'). "' AND
docs.path NOT LIKE '" . Database::escape_string($path . $added_slash.'%/%')."' AND
docs.path NOT LIKE '%_DELETED_%' AND
$to_field = $to_value AND
last.visibility
$visibility_bit
$userGroupFilter AND
last.visibility $visibility_bit
$condition_session
$sharedCondition
";
$result = Database::query($sql);
$doc_list = array();
@ -736,6 +740,11 @@ class DocumentManager
}
}
$groupCondition = " last.to_group_id = $to_group_id";
if (empty($to_group_id)) {
$groupCondition = " (last.to_group_id = 0 OR last.to_group_id IS NULL)";
}
if ($can_see_invisible) {
// condition for the session
$session_id = api_get_session_id();
@ -757,7 +766,7 @@ class DocumentManager
)
WHERE
docs.filetype = 'folder' AND
last.to_group_id = " . $to_group_id . " AND
$groupCondition AND
docs.path NOT LIKE '%shared_folder%' AND
docs.path NOT LIKE '%_DELETED_%' AND
last.visibility <> 2
@ -775,7 +784,7 @@ class DocumentManager
WHERE
docs.filetype = 'folder' AND
docs.path NOT LIKE '%_DELETED_%' AND
last.to_group_id = 0 AND
$groupCondition AND
last.visibility <> 2
$show_users_condition $condition_session ";
}
@ -816,7 +825,7 @@ class DocumentManager
docs.id = last.ref AND
docs.filetype = 'folder' AND
last.tool = '" . TOOL_DOCUMENT . "' AND
last.to_group_id = " . $to_group_id . " AND
$groupCondition AND
last.visibility = 1
$condition_session AND
last.c_id = {$_course['real_id']} AND
@ -837,7 +846,7 @@ class DocumentManager
docs.id = last.ref AND
docs.filetype = 'folder' AND
last.tool = '" . TOOL_DOCUMENT . "' AND
last.to_group_id = " . $to_group_id . " AND
$groupCondition AND
last.visibility = 0 $condition_session AND
last.c_id = {$_course['real_id']} AND
docs.c_id = {$_course['real_id']} ";
@ -855,7 +864,7 @@ class DocumentManager
docs.path LIKE '" . Database::escape_string($row['path'].'/%') . "' AND
docs.filetype = 'folder' AND
last.tool = '" . TOOL_DOCUMENT . "' AND
last.to_group_id = " . $to_group_id . " AND
$groupCondition AND
last.visibility = 1 $condition_session AND
last.c_id = {$_course['real_id']} AND
docs.c_id = {$_course['real_id']} ";
@ -1130,6 +1139,7 @@ class DocumentManager
$sessionId
);
if (empty($itemInfo)) {
return false;
}
@ -2917,14 +2927,12 @@ class DocumentManager
}
$group_condition = null;
if (isset($group_id)) {
$group_id = intval($group_id);
$group_condition = " AND props.to_group_id='" . $group_id . "' ";
}
$session_condition = null;
if (isset($session_id)) {
$session_id = intval($session_id);
$session_condition = " AND props.session_id='" . $session_id . "' ";
@ -3232,7 +3240,7 @@ class DocumentManager
$tbl_doc = Database::get_course_table(TABLE_DOCUMENT);
$tbl_item_prop = Database::get_course_table(TABLE_ITEM_PROPERTY);
$condition_session = " AND (last.session_id = '$session_id' OR last.session_id = '0' )";
$condition_session = " AND (last.session_id = '$session_id' OR last.session_id = '0' OR last.session_id IS NULL)";
$add_folder_filter = null;
if (!empty($filter_by_folder)) {

14
main/newscorm/resourcelinker.inc.php
Unescape View File

@ -16,7 +16,7 @@
// Flag to allow for anonymous user - needs to be set before global.inc.php.
use \ChamiloSession as Session;
use ChamiloSession as Session;
$use_anonymous = true;
@ -81,9 +81,15 @@ function show_documents($folder) {
$item_property_table = Database::get_course_table(TABLE_ITEM_PROPERTY);
$document_table = Database::get_course_table(TABLE_DOCUMENT);
$sql = "SELECT * from $document_table docs , $item_property_table ip
WHERE docs.c_id = $course_id AND
ip.c_id = $course_id AND
docs.id=ip.ref AND ip.tool = '".TOOL_DOCUMENT."' AND $visibility AND ip.to_group_id = 0 AND ip.to_user_id IS NULL ORDER BY docs.path ASC";
WHERE
docs.c_id = $course_id AND
ip.c_id = $course_id AND
docs.id=ip.ref AND
ip.tool = '".TOOL_DOCUMENT."' AND
$visibility AND
(ip.to_group_id = 0 OR ip.to_group_id IS NULL)AND
ip.to_user_id IS NULL
ORDER BY docs.path ASC";
$result = Database::query($sql);
while ($row = Database::fetch_array($result)) {
if (!$folder) {

20
main/newscorm/resourcelinker.php
Unescape View File

@ -617,11 +617,12 @@ if ($content == 'Agenda') {
$TABLE_ITEM_PROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY);
$sql = "SELECT agenda.*, toolitemproperties.*
FROM ".$TABLEAGENDA." agenda, ".$TABLE_ITEM_PROPERTY." toolitemproperties
WHERE agenda.id = toolitemproperties.ref
AND toolitemproperties.tool='".TOOL_CALENDAR_EVENT."'
AND toolitemproperties.to_group_id='0'
AND toolitemproperties.visibility='1'";
FROM ".$TABLEAGENDA." agenda, ".$TABLE_ITEM_PROPERTY." toolitemproperties
WHERE
agenda.id = toolitemproperties.ref
AND toolitemproperties.tool='".TOOL_CALENDAR_EVENT."'
AND (toolitemproperties.to_group_id='0' OR toolitemproperties.to_group_id IS NULL)
AND toolitemproperties.visibility='1'";
$result = Database::query($sql);
@ -677,7 +678,14 @@ if ($content == 'Document' || (empty($content) && (api_is_allowed_to_edit() || i
if ($content == 'Ad_Valvas') {
$tbl_announcement = Database :: get_course_table(TABLE_ANNOUNCEMENT);
$sql = "SELECT * FROM ".$tbl_announcement." a, ".$item_property_table." i WHERE i.tool = '".TOOL_ANNOUNCEMENT."' AND a.id=i.ref AND i.visibility='1' AND i.to_group_id = 0 AND i.to_user_id IS NULL ORDER BY a.display_order ASC";
$sql = "SELECT * FROM ".$tbl_announcement." a, ".$item_property_table." i
WHERE
i.tool = '".TOOL_ANNOUNCEMENT."' AND
a.id=i.ref AND
i.visibility='1' AND
(i.to_group_id = 0 OR i.to_group_id IS NULL) AND
i.to_user_id IS NULL
ORDER BY a.display_order ASC";
//error_log($sql, 0);
$result = Database::query($sql);
while ($myrow = Database::fetch_array($result)) {

11
main/resourcelinker/resourcelinker.inc.php
Unescape View File

@ -11,7 +11,7 @@
*/
use \ChamiloSession as Session;
use ChamiloSession as Session;
/**
* INIT SECTION
@ -77,7 +77,14 @@ function show_documents($folder)
$item_property_table = Database::get_course_table(TABLE_ITEM_PROPERTY);
$document_table = Database::get_course_table(TABLE_DOCUMENT);
$sql="SELECT * from $document_table docs, $item_property_table ip WHERE docs.id=ip.ref AND ip.tool = '".TOOL_DOCUMENT."' AND $visibility AND ip.to_group_id = 0 AND ip.to_user_id IS NULL ORDER BY docs.path ASC";
$sql = "SELECT * from $document_table docs, $item_property_table ip
WHERE
docs.id=ip.ref AND
ip.tool = '".TOOL_DOCUMENT."' AND
$visibility AND
(ip.to_group_id = 0 OR i.to_group_id IS NULL) AND
ip.to_user_id IS NULL
ORDER BY docs.path ASC";
$result=Database::query($sql);
while ($row=Database::fetch_array($result))
{

13
main/resourcelinker/resourcelinker.php
Unescape View File

@ -14,7 +14,7 @@
* INIT SECTION
*/
use \ChamiloSession as Session;
use ChamiloSession as Session;
include ('../inc/global.inc.php');
$this_section=SECTION_COURSES;
@ -596,7 +596,7 @@ if ($content == "Agenda")
FROM ".$TABLEAGENDA." agenda, ".$TABLE_ITEM_PROPERTY." toolitemproperties
WHERE agenda.id = toolitemproperties.ref
AND toolitemproperties.tool='".TOOL_CALENDAR_EVENT."'
AND toolitemproperties.to_group_id='0'
AND (toolitemproperties.to_group_id='0' OR toolitemproperties.to_group_id IS NULL)
AND toolitemproperties.visibility='1'";
$result = Database::query($sql);
@ -667,7 +667,14 @@ if ($content == "Document" OR (empty($content) AND (api_is_allowed_to_edit() OR
if ($content == "Ad_Valvas")
{
$tbl_announcement = Database :: get_course_table(TABLE_ANNOUNCEMENT);
$sql = "SELECT * FROM ".$tbl_announcement." a, ".$item_property_table." i WHERE i.tool = '".TOOL_ANNOUNCEMENT."' AND a.id=i.ref AND i.visibility='1' AND i.to_group_id = 0 AND i.to_user_id IS NULL ORDER BY a.display_order ASC";
$sql = "SELECT * FROM ".$tbl_announcement." a, ".$item_property_table." i
WHERE
i.tool = '".TOOL_ANNOUNCEMENT."' AND
a.id=i.ref AND
i.visibility='1' AND
(i.to_group_id = 0 OR i.to_group_id IS NULL) AND
i.to_user_id IS NULL
ORDER BY a.display_order ASC";
$result = Database::query($sql);
while ($myrow = Database::fetch_array($result))

30
main/upload/upload.document.php
Unescape View File

@ -91,7 +91,13 @@ if (isset($_FILES['user_upload'])) {
$missing_files = check_for_missing_files($base_work_dir.$_POST['curdirpath'].$new_path);
if ($missing_files) {
//show a form to upload the missing files
Display::display_normal_message(build_missing_files_form($missing_files,$_POST['curdirpath'],$_FILES['user_upload']['name']));
Display::display_normal_message(
build_missing_files_form(
$missing_files,
$_POST['curdirpath'],
$_FILES['user_upload']['name']
)
);
}
}
}
@ -114,7 +120,16 @@ if (isset($_POST['submit_image'])) {
);
$missing_files_dir = $folderData['path'];
//put the uploaded files in the new directory and get the paths
$paths_to_replace_in_file = move_uploaded_file_collection_into_directory($_course, $_FILES['img_file'],$base_work_dir,$missing_files_dir,$_user['user_id'],$to_group_id,$to_user_id,$max_filled_space);
$paths_to_replace_in_file = move_uploaded_file_collection_into_directory(
$_course,
$_FILES['img_file'],
$base_work_dir,
$missing_files_dir,
$_user['user_id'],
$to_group_id,
$to_user_id,
$max_filled_space
);
//open the html file and replace the paths
replace_img_path_in_html_file(
$_POST['img_file_path'],
@ -129,7 +144,16 @@ if (isset($_POST['submit_image'])) {
if (isset($_POST['create_dir']) && $_POST['dirname']!='') {
$added_slash = ($path=='/')?'':'/';
$dir_name = $path.$added_slash.api_replace_dangerous_char($_POST['dirname']);
$created_dir = create_unexisting_directory($_course,$_user['user_id'],api_get_session_id(), $to_group_id,$to_user_id,$base_work_dir,$dir_name,$_POST['dirname']);
$created_dir = create_unexisting_directory(
$_course,
$_user['user_id'],
api_get_session_id(),
$to_group_id,
$to_user_id,
$base_work_dir,
$dir_name,
$_POST['dirname']
);
if ($created_dir) {
Display::display_normal_message(get_lang('DirCr'));
$path = $created_dir;

101
main/webservices/cm_webservice_announcements.php
Unescape View File

@ -97,71 +97,86 @@ class WSCMAnnouncements extends WSCM
$group_memberships=GroupManager::get_group_ids($course_info['real_id'], $user_id);
if (api_get_group_id() == 0) {
$cond_user_id = " AND ( ip.to_user_id='".$user_id."'" .
"OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).")) ";
$cond_user_id = " AND (
ip.to_user_id='".$user_id."' OR
ip.to_group_id IN (0, ".implode(", ", $group_memberships).") OR
ip.to_group_id IS NULL
) ";
} else {
$cond_user_id = " AND ( ip.to_user_id='".$user_id."'" .
"OR ip.to_group_id IN (0, ".api_get_group_id().")) ";
$cond_user_id = " AND (
ip.to_user_id='".$user_id."' OR
ip.to_group_id IN (0, ".api_get_group_id().") OR
ip.to_group_id IS NULL
) ";
}
// the user is member of several groups => display personal announcements AND his group announcements AND the general announcements
// the user is member of several groups => display personal
// announcements AND his group announcements AND the general announcements
if (is_array($group_memberships) && count($group_memberships)>0) {
$sql="SELECT
announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
FROM $tbl_announcement announcement, $tbl_item_property ip
WHERE announcement.id = ip.ref
AND ip.tool='announcement'
AND ip.visibility='1'
$announcement_id
$cond_user_id
$condition_session
GROUP BY ip.ref
ORDER BY display_order DESC
LIMIT 0,$maximum";
announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
FROM $tbl_announcement announcement, $tbl_item_property ip
WHERE
announcement.id = ip.ref AND
ip.tool='announcement' AND
ip.visibility='1'
$announcement_id
$cond_user_id
$condition_session
GROUP BY ip.ref
ORDER BY display_order DESC
LIMIT 0,$maximum";
} else {
// the user is not member of any group
// this is an identified user => show the general announcements AND his personal announcements
if ($user_id) {
if ((api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) {
$cond_user_id = " AND (ip.lastedit_user_id = '".api_get_user_id()."' OR ( ip.to_user_id='".$user_id."' OR ip.to_group_id='0')) ";
$cond_user_id = " AND (
ip.lastedit_user_id = '".api_get_user_id()."' OR
( ip.to_user_id='".$user_id."' OR ip.to_group_id='0' OR ip.to_group_id IS NULL)
) ";
} else {
$cond_user_id = " AND ( ip.to_user_id='".$user_id."' OR ip.to_group_id='0') ";
$cond_user_id = " AND ( ip.to_user_id='".$user_id."' OR ip.to_group_id='0' OR ip.to_group_id IS NULL) ";
}
$sql="SELECT
announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
FROM $tbl_announcement announcement, $tbl_item_property ip
WHERE announcement.id = ip.ref
AND ip.tool='announcement'
AND ip.visibility='1'
$announcement_id
$cond_user_id
$condition_session
GROUP BY ip.ref
ORDER BY display_order DESC
LIMIT 0,$maximum";
$sql = "SELECT
announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
FROM $tbl_announcement announcement, $tbl_item_property ip
WHERE
announcement.id = ip.ref AND
ip.tool='announcement' AND
ip.visibility='1'
$announcement_id
$cond_user_id
$condition_session
GROUP BY ip.ref
ORDER BY display_order DESC
LIMIT 0,$maximum";
} else {
if (api_get_course_setting('allow_user_edit_announcement')) {
$cond_user_id = " AND (ip.lastedit_user_id = '".api_get_user_id()."' OR ip.to_group_id='0') ";
$cond_user_id = " AND (
ip.lastedit_user_id = '".api_get_user_id()."' OR ip.to_group_id='0' OR ip.to_group_id IS NULL
) ";
} else {
$cond_user_id = " AND ip.to_group_id='0' ";
}
// the user is not identiefied => show only the general announcements
$sql="SELECT
announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
FROM $tbl_announcement announcement, $tbl_item_property ip
WHERE announcement.id = ip.ref
AND ip.tool='announcement'
AND ip.visibility='1'
AND ip.to_group_id='0'
$announcement_id
$condition_session
GROUP BY ip.ref
ORDER BY display_order DESC
LIMIT 0,$maximum";
$sql = "SELECT
announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
FROM $tbl_announcement announcement, $tbl_item_property ip
WHERE announcement.id = ip.ref
AND ip.tool='announcement'
AND ip.visibility='1'
AND ip.to_group_id='0'
$announcement_id
$condition_session
GROUP BY ip.ref
ORDER BY display_order DESC
LIMIT 0,$maximum";
}
}

5
tests/main/inc/course_document.lib.test.php
Unescape View File

@ -32,9 +32,4 @@ class Testcdocu extends UnitTestCase{
$this->assertTrue(is_bool($res));
$this->assertTrue($res === true || $res === false);
}
}
?>

Write Preview
Loading…
Cancel
Save