chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix queries to allow to_group_id = NULL

Browse Source
1.10.x
Julio Montoya 11 years ago
parent 06beecba15
commit e72a2944a1
19 changed files with 364 additions and 210 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 56
      main/admin/special_exports.php
  2. 8
      main/chat/chat_functions.lib.php
  3. 5
      main/chat/chat_hidden.php
  4. 30
      main/coursecopy/classes/CourseRestorer.class.php
  5. 23
      main/document/document.php
  6. 33
      main/document/downloadfolder.inc.php
  7. 51
      main/inc/lib/AnnouncementManager.php
  8. 26
      main/inc/lib/add_course.lib.inc.php
  9. 36
      main/inc/lib/agenda.lib.php
  10. 66
      main/inc/lib/api.lib.php
  11. 2
      main/inc/lib/display.lib.php
  12. 44
      main/inc/lib/document.lib.php
  13. 14
      main/newscorm/resourcelinker.inc.php
  14. 20
      main/newscorm/resourcelinker.php
  15. 11
      main/resourcelinker/resourcelinker.inc.php
  16. 13
      main/resourcelinker/resourcelinker.php
  17. 30
      main/upload/upload.document.php
  18. 101
      main/webservices/cm_webservice_announcements.php
  19. 5
      tests/main/inc/course_document.lib.test.php

56
main/admin/special_exports.php
Unescape View File

@ -46,7 +46,9 @@ $error =0;
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION); $tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$tbl_session_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE); $tbl_session_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
if ((isset ($_POST['action']) && $_POST['action'] == 'course_select_form') || (isset ($_POST['backup_option']) && $_POST['backup_option'] == 'full_backup')) { if ((isset($_POST['action']) && $_POST['action'] == 'course_select_form') ||
(isset ($_POST['backup_option']) && $_POST['backup_option'] == 'full_backup')
) {
$export = false; $export = false;
if (isset ($_POST['action']) && $_POST['action'] == 'course_select_form') { if (isset ($_POST['action']) && $_POST['action'] == 'course_select_form') {
$FileZip = create_zip(); $FileZip = create_zip();
@ -58,6 +60,11 @@ if ((isset ($_POST['action']) && $_POST['action'] == 'course_select_form') || (i
$ListSession[$rows_session['id']] = $rows_session['name']; $ListSession[$rows_session['id']] = $rows_session['name'];
} }
$groupCondition = " props.to_group_id = $to_group_id";
if (empty($to_group_id)) {
$groupCondition = " (props.to_group_id = 0 OR props.to_group_id IS NULL)";
}
$zip_folder=new PclZip($FileZip['TEMP_FILE_ZIP']); $zip_folder=new PclZip($FileZip['TEMP_FILE_ZIP']);
if(!isset($_POST['resource']) || count($_POST['resource']) == 0 ) { if(!isset($_POST['resource']) || count($_POST['resource']) == 0 ) {
Display::display_error_message(get_lang('ErrorMsgSpecialExport')); Display::display_error_message(get_lang('ErrorMsgSpecialExport'));
@ -76,15 +83,20 @@ if ((isset ($_POST['action']) && $_POST['action'] == 'course_select_form') || (i
AND docs.id=props.ref AND docs.id=props.ref
AND docs.path LIKE '".$querypath."/%' AND docs.path LIKE '".$querypath."/%'
AND docs.filetype='file' AND docs.filetype='file'
AND docs.session_id = '0' AND (docs.session_id = '0' OR docs.session_id IS NULL)
AND props.visibility<>'2' AND props.visibility<>'2'
AND props.to_group_id= $to_group_id AND docs.c_id = $course_id AND props.c_id = $course_id"; AND $groupCondition
AND docs.c_id = $course_id
AND props.c_id = $course_id";
$query = Database::query($sql ); $query = Database::query($sql );
while ($rows_course_file = Database::fetch_assoc($query)) { while ($rows_course_file = Database::fetch_assoc($query)) {
$zip_folder->add($FileZip['PATH_COURSE'].$_course['directory']."/document".$rows_course_file['path'], $zip_folder->add(
PCLZIP_OPT_ADD_PATH, $_course['directory'], $FileZip['PATH_COURSE'].$_course['directory']."/document".$rows_course_file['path'],
PCLZIP_OPT_REMOVE_PATH, $FileZip['PATH_COURSE'].$_course['directory']."/document".$FileZip['PATH_REMOVE'] PCLZIP_OPT_ADD_PATH,
); $_course['directory'],
PCLZIP_OPT_REMOVE_PATH,
$FileZip['PATH_COURSE'].$_course['directory']."/document".$FileZip['PATH_REMOVE']
);
} }
foreach ($Sessions as $IdSession => $value){ foreach ($Sessions as $IdSession => $value){
@ -97,13 +109,18 @@ if ((isset ($_POST['action']) && $_POST['action'] == 'course_select_form') || (i
AND docs.filetype='file' AND docs.filetype='file'
AND docs.session_id = '$session_id' AND docs.session_id = '$session_id'
AND props.visibility<>'2' AND props.visibility<>'2'
AND props.to_group_id= $to_group_id AND docs.c_id = $course_id AND props.c_id = $course_id"; AND $groupCondition
AND docs.c_id = $course_id
AND props.c_id = $course_id";
$query_session_doc = Database::query($sql_session_doc); $query_session_doc = Database::query($sql_session_doc);
while ($rows_course_session_file = Database::fetch_assoc($query_session_doc)) { while ($rows_course_session_file = Database::fetch_assoc($query_session_doc)) {
$zip_folder->add($FileZip['PATH_COURSE'].$_course['directory'].'/document'.$rows_course_session_file['path'], $zip_folder->add(
PCLZIP_OPT_ADD_PATH, $_course['directory']."/".$ListSession[$session_id], $FileZip['PATH_COURSE'].$_course['directory'].'/document'.$rows_course_session_file['path'],
PCLZIP_OPT_REMOVE_PATH, $FileZip['PATH_COURSE'].$_course['directory'].'/document'.$FileZip['PATH_REMOVE'] PCLZIP_OPT_ADD_PATH,
); $_course['directory']."/".$ListSession[$session_id],
PCLZIP_OPT_REMOVE_PATH,
$FileZip['PATH_COURSE'].$_course['directory'].'/document'.$FileZip['PATH_REMOVE']
);
} }
} }
} }
@ -211,6 +228,11 @@ function fullexportspecial(){
$tbl_document = Database::get_course_table(TABLE_DOCUMENT); $tbl_document = Database::get_course_table(TABLE_DOCUMENT);
$tbl_property = Database::get_course_table(TABLE_ITEM_PROPERTY); $tbl_property = Database::get_course_table(TABLE_ITEM_PROPERTY);
$groupCondition = " props.to_group_id = $to_group_id";
if (empty($to_group_id)) {
$groupCondition = " (props.to_group_id = 0 OR props.to_group_id IS NULL)";
}
if (count($list_course) >0 ) { if (count($list_course) >0 ) {
foreach($list_course as $_course) { foreach($list_course as $_course) {
@ -227,9 +249,11 @@ function fullexportspecial(){
AND docs.id=props.ref AND docs.id=props.ref
AND docs.path LIKE '".$querypath."/%' AND docs.path LIKE '".$querypath."/%'
AND docs.filetype='file' AND docs.filetype='file'
AND docs.session_id = '0' AND (docs.session_id = '0' OR docs.session_id IS NULL)
AND props.visibility<>'2' AND props.visibility<>'2'
AND props.to_group_id=".$to_group_id." AND docs.c_id = $course_id AND props.c_id = $course_id"; AND $groupCondition
AND docs.c_id = $course_id
AND props.c_id = $course_id";
$query = Database::query($sql ); $query = Database::query($sql );
while ($rows_course_file = Database::fetch_assoc($query)) { while ($rows_course_file = Database::fetch_assoc($query)) {
$rows_course_file['path']; $rows_course_file['path'];
@ -256,7 +280,9 @@ function fullexportspecial(){
AND docs.filetype='file' AND docs.filetype='file'
AND docs.session_id = '$session_id' AND docs.session_id = '$session_id'
AND props.visibility<>'2' AND props.visibility<>'2'
AND props.to_group_id=".$to_group_id." AND docs.c_id = $course_id AND props.c_id = $course_id "; AND $groupCondition
AND docs.c_id = $course_id
AND props.c_id = $course_id ";
$query_session_doc = Database::query($sql_session_doc); $query_session_doc = Database::query($sql_session_doc);
while ($rows_course_session_file = Database::fetch_assoc($query_session_doc)) { while ($rows_course_session_file = Database::fetch_assoc($query_session_doc)) {
$zip_folder->add($FileZip['PATH_COURSE'].$_course['directory'].'/document'.$rows_course_session_file['path'], $zip_folder->add($FileZip['PATH_COURSE'].$_course['directory'].'/document'.$rows_course_session_file['path'],

8
main/chat/chat_functions.lib.php
Unescape View File

@ -27,10 +27,14 @@ function user_connected_in_chat($user_id)
$extra_condition = api_get_session_condition($session_id); $extra_condition = api_get_session_condition($session_id);
} }
$sql = 'SELECT COUNT(*) AS count FROM '.$tbl_chat_connected .' c $sql = 'SELECT COUNT(*) AS count
WHERE c_id = '.$course_id.' AND user_id='.$user_id.$extra_condition; FROM '.$tbl_chat_connected .' c
WHERE
c_id = '.$course_id.' AND
user_id='.$user_id.$extra_condition;
$result = Database::query($sql); $result = Database::query($sql);
$count = Database::fetch_array($result,'ASSOC'); $count = Database::fetch_array($result,'ASSOC');
return $count['count'] == 1; return $count['count'] == 1;
} }

5
main/chat/chat_hidden.php
Unescape View File

@ -70,11 +70,12 @@ if (file_exists($file)) {
$chat_size_new = filesize($file); $chat_size_new = filesize($file);
} }
$sql = "SELECT user_id FROM $tbl_chat_connected WHERE user_id='".$userId."' $extra_condition"; $sql = "SELECT user_id FROM $tbl_chat_connected
WHERE user_id='".$userId."' $extra_condition";
$result = Database::query($sql); $result = Database::query($sql);
// The user_id exists so we must do an UPDATE and not a INSERT // The user_id exists so we must do an UPDATE and not a INSERT
$current_time = date('Y-m-d H:i:s'); $current_time = api_get_utc_datetime();
if (Database::num_rows($result) == 0) { if (Database::num_rows($result) == 0) {
$query = "INSERT INTO $tbl_chat_connected(c_id, user_id,last_connection,session_id,to_group_id) $query = "INSERT INTO $tbl_chat_connected(c_id, user_id,last_connection,session_id,to_group_id)
VALUES($course_id, '".$userId."','$current_time','$session_id','$group_id')"; VALUES($course_id, '".$userId."','$current_time','$session_id','$group_id')";

30
main/coursecopy/classes/CourseRestorer.class.php
Unescape View File

@ -218,19 +218,20 @@ class CourseRestorer
values as users/groups possibly not exist in values as users/groups possibly not exist in
the target course*/ the target course*/
$sql = "INSERT INTO $table SET $sql = "INSERT INTO $table SET
c_id = '".$this->destination_course_id."', c_id = '".$this->destination_course_id."',
tool = '".self::DBUTF8escapestring($property['tool'])."', tool = '".self::DBUTF8escapestring($property['tool'])."',
insert_user_id = '".self::DBUTF8escapestring($property['insert_user_id'])."', insert_user_id = '".self::DBUTF8escapestring($property['insert_user_id'])."',
insert_date = '".self::DBUTF8escapestring($property['insert_date'])."', insert_date = '".self::DBUTF8escapestring($property['insert_date'])."',
lastedit_date = '".self::DBUTF8escapestring($property['lastedit_date'])."', lastedit_date = '".self::DBUTF8escapestring($property['lastedit_date'])."',
ref = '".self::DBUTF8escapestring($resource->destination_id)."', ref = '".self::DBUTF8escapestring($resource->destination_id)."',
lastedit_type = '".self::DBUTF8escapestring($property['lastedit_type'])."', lastedit_type = '".self::DBUTF8escapestring($property['lastedit_type'])."',
lastedit_user_id = '".self::DBUTF8escapestring($property['lastedit_user_id'])."', lastedit_user_id = '".self::DBUTF8escapestring($property['lastedit_user_id'])."',
visibility = '".self::DBUTF8escapestring($property['visibility'])."', visibility = '".self::DBUTF8escapestring($property['visibility'])."',
start_visible = '".self::DBUTF8escapestring($property['start_visible'])."', start_visible = '".self::DBUTF8escapestring($property['start_visible'])."',
end_visible = '".self::DBUTF8escapestring($property['end_visible'])."', end_visible = '".self::DBUTF8escapestring($property['end_visible'])."',
to_user_id = '".self::DBUTF8escapestring($property['to_user_id'])."', to_user_id = '".self::DBUTF8escapestring($property['to_user_id'])."',
to_group_id = '0' $condition_session" ; to_group_id = NULL
$condition_session" ;
; ;
Database::query($sql); Database::query($sql);
} }
@ -2352,7 +2353,8 @@ class CourseRestorer
start_visible, start_visible,
end_visible end_visible
FROM '.$item_property_table.' ip FROM '.$item_property_table.' ip
INNER JOIN '.$work_table.' sp ON ip.ref=sp.id INNER JOIN '.$work_table.' sp
ON ip.ref=sp.id
WHERE WHERE
sp.c_id = '.$this->course_origin_id.' AND sp.c_id = '.$this->course_origin_id.' AND
ip.c_id = '.$this->course_origin_id.' AND ip.c_id = '.$this->course_origin_id.' AND

23
main/document/document.php
Unescape View File

@ -216,6 +216,7 @@ switch ($action) {
); );
// Check whether the document is in the database. // Check whether the document is in the database.
if (!empty($documentInfo)) { if (!empty($documentInfo)) {
$deleteDocument = DocumentManager::delete_document( $deleteDocument = DocumentManager::delete_document(
$courseInfo, $courseInfo,
@ -284,7 +285,8 @@ switch ($action) {
case 'downloadfolder': case 'downloadfolder':
if (api_get_setting('students_download_folders') == 'true' if (api_get_setting('students_download_folders') == 'true'
|| api_is_allowed_to_edit() || api_is_allowed_to_edit()
|| api_is_platform_admin()) { || api_is_platform_admin()
) {
// Get the document data from the ID // Get the document data from the ID
$document_data = DocumentManager::get_document_data_by_id( $document_data = DocumentManager::get_document_data_by_id(
$document_id, $document_id,
@ -292,6 +294,7 @@ switch ($action) {
false, false,
$sessionId $sessionId
); );
if ($sessionId != 0 && !$document_data) { if ($sessionId != 0 && !$document_data) {
// If there is a session defined and asking for the // If there is a session defined and asking for the
// document * from the session* didn't work, try it from the // document * from the session* didn't work, try it from the
@ -672,8 +675,9 @@ if (isset($_GET['curdirpath']) &&
// Check whether the tool is actually visible // Check whether the tool is actually visible
$table_course_tool = Database::get_course_table(TABLE_TOOL_LIST); $table_course_tool = Database::get_course_table(TABLE_TOOL_LIST);
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
$tool_sql = 'SELECT visibility FROM '.$table_course_tool. $tool_sql = 'SELECT visibility FROM '.$table_course_tool.'
' WHERE c_id = '.$course_id.' AND name = "'.TOOL_DOCUMENT.'" LIMIT 1'; WHERE c_id = '.$course_id.' AND name = "'.TOOL_DOCUMENT.'"
LIMIT 1';
$tool_result = Database::query($tool_sql); $tool_result = Database::query($tool_sql);
$tool_row = Database::fetch_array($tool_result); $tool_row = Database::fetch_array($tool_result);
$tool_visibility = $tool_row['visibility']; $tool_visibility = $tool_row['visibility'];
@ -1335,6 +1339,7 @@ if ($is_allowed_to_edit) {
Display::return_message(get_lang('ViModProb'), 'error') Display::return_message(get_lang('ViModProb'), 'error')
); );
} }
header('Location: '.$currentUrl); header('Location: '.$currentUrl);
exit; exit;
} }
@ -1949,7 +1954,7 @@ if (count($documentAndFolders) > 1) {
$table->set_form_actions($form_action, 'ids'); $table->set_form_actions($form_action, 'ids');
} }
} }
$flashMessage = Display::getFlashToString();
Display::display_header('', 'Doc'); Display::display_header('', 'Doc');
/* Introduction section (editable by course admins) */ /* Introduction section (editable by course admins) */
@ -1960,16 +1965,6 @@ if (!empty($groupId)) {
Display::display_introduction_section(TOOL_DOCUMENT); Display::display_introduction_section(TOOL_DOCUMENT);
} }
$message = Session::read('message');
if (!empty($message)) {
echo $message;
}
echo $flashMessage;
Session::erase('message');
echo $actions; echo $actions;
echo $templateForm; echo $templateForm;
echo $moveForm; echo $moveForm;

33
main/document/downloadfolder.inc.php
Unescape View File

@ -102,6 +102,12 @@ function fixDocumentNameCallback($p_event, &$p_header)
return 1; return 1;
} }
$groupCondition = " props.to_group_id = ".$groupId;
if (empty($groupId)) {
$groupCondition = " (props.to_group_id = 0 OR props.to_group_id IS NULL ) ";
}
// Admins are allowed to download invisible files // Admins are allowed to download invisible files
if (api_is_allowed_to_edit()) { if (api_is_allowed_to_edit()) {
// Set the path that will be used in the query // Set the path that will be used in the query
@ -111,6 +117,7 @@ if (api_is_allowed_to_edit()) {
$querypath = $path; $querypath = $path;
} }
$querypath = Database::escape_string($querypath); $querypath = Database::escape_string($querypath);
// Search for all files that are not deleted => visibility != 2 // Search for all files that are not deleted => visibility != 2
$sql = "SELECT $sql = "SELECT
path, path,
@ -128,8 +135,8 @@ if (api_is_allowed_to_edit()) {
docs.path LIKE '".$querypath."/%' AND docs.path LIKE '".$querypath."/%' AND
docs.filetype = 'file' AND docs.filetype = 'file' AND
props.visibility <> '2' AND props.visibility <> '2' AND
props.to_group_id = ".$groupId." AND $groupCondition AND
props.session_id IN ('0', '$sessionId') AND (props.session_id IN ('0', '$sessionId') OR props.session_id IS NULL) AND
docs.c_id = ".$courseId." "; docs.c_id = ".$courseId." ";
$sql.= DocumentManager::getSessionFolderFilters($querypath, $sessionId); $sql.= DocumentManager::getSessionFolderFilters($querypath, $sessionId);
@ -181,18 +188,20 @@ if (api_is_allowed_to_edit()) {
*/ */
$querypath = Database::escape_string($querypath); $querypath = Database::escape_string($querypath);
$sql = "SELECT path, session_id, docs.id, props.to_group_id, docs.c_id $sql = "SELECT path, session_id, docs.id, props.to_group_id, docs.c_id
FROM $doc_table AS docs INNER JOIN $prop_table AS props FROM $doc_table AS docs
INNER JOIN $prop_table AS props
ON ON
docs.id = props.ref AND docs.id = props.ref AND
docs.c_id = props.c_id docs.c_id = props.c_id
WHERE WHERE
docs.c_id = $courseId AND docs.c_id = $courseId AND
props.tool = '".TOOL_DOCUMENT."' AND props.tool = '".TOOL_DOCUMENT."' AND
docs.path LIKE '".$querypath."/%' AND docs.path LIKE '".$querypath."/%' AND
props.visibility = '1' AND props.visibility = '1' AND
docs.filetype = 'file' AND docs.filetype = 'file' AND
props.session_id IN ('0', '$sessionId') AND (props.session_id IN ('0', '$sessionId') OR props.session_id IS NULL) AND
props.to_group_id = ".$groupId; $groupCondition
";
$sql.= DocumentManager::getSessionFolderFilters($querypath, $sessionId); $sql.= DocumentManager::getSessionFolderFilters($querypath, $sessionId);
$result = Database::query($sql); $result = Database::query($sql);
@ -225,7 +234,7 @@ if (api_is_allowed_to_edit()) {
props.tool = '".TOOL_DOCUMENT."' AND props.tool = '".TOOL_DOCUMENT."' AND
docs.path LIKE '".$querypath."/%' AND docs.path LIKE '".$querypath."/%' AND
props.visibility <> '1' AND props.visibility <> '1' AND
props.session_id IN ('0', '$sessionId') AND (props.session_id IN ('0', '$sessionId') OR props.session_id IS NULL) AND
docs.filetype = 'folder'"; docs.filetype = 'folder'";
$query2 = Database::query($sql); $query2 = Database::query($sql);
@ -247,7 +256,7 @@ if (api_is_allowed_to_edit()) {
props.tool ='".TOOL_DOCUMENT."' AND props.tool ='".TOOL_DOCUMENT."' AND
docs.path LIKE '".$invisible_folders['path']."/%' AND docs.path LIKE '".$invisible_folders['path']."/%' AND
docs.filetype ='file' AND docs.filetype ='file' AND
props.session_id IN ('0', '$sessionId') AND (props.session_id IN ('0', '$sessionId') OR props.session_id IS NULL) AND
props.visibility ='1'"; props.visibility ='1'";
$query3 = Database::query($sql); $query3 = Database::query($sql);
// Add tem to an array // Add tem to an array

51
main/inc/lib/AnnouncementManager.php
Unescape View File

@ -187,7 +187,8 @@ class AnnouncementManager
toolitemproperties.tool='announcement' AND toolitemproperties.tool='announcement' AND
( (
toolitemproperties.to_user_id='" . api_get_user_id() . "' OR toolitemproperties.to_user_id='" . api_get_user_id() . "' OR
toolitemproperties.to_group_id IN ('0', '" . implode("', '", $group_list) . "') toolitemproperties.to_group_id IN ('0', '" . implode("', '", $group_list) . "') OR
toolitemproperties.to_group_id IS NULL
) AND ) AND
toolitemproperties.visibility='1' AND toolitemproperties.visibility='1' AND
announcement.c_id = $course_id AND announcement.c_id = $course_id AND
@ -200,7 +201,7 @@ class AnnouncementManager
announcement.id = toolitemproperties.ref AND announcement.id = toolitemproperties.ref AND
announcement.id = '$announcement_id' AND announcement.id = '$announcement_id' AND
toolitemproperties.tool='announcement' AND toolitemproperties.tool='announcement' AND
toolitemproperties.to_group_id='0' AND (toolitemproperties.to_group_id='0' OR toolitemproperties.to_group_id IS NULL) AND
toolitemproperties.visibility='1' AND toolitemproperties.visibility='1' AND
announcement.c_id = $course_id AND announcement.c_id = $course_id AND
toolitemproperties.c_id = $course_id toolitemproperties.c_id = $course_id
@ -675,7 +676,7 @@ class AnnouncementManager
toolitemproperties.tool='announcement' AND toolitemproperties.tool='announcement' AND
( (
toolitemproperties.insert_user_id='$user_id' AND toolitemproperties.insert_user_id='$user_id' AND
(toolitemproperties.to_group_id='0' OR toolitemproperties.to_group_id is null) (toolitemproperties.to_group_id='0' OR toolitemproperties.to_group_id IS NULL)
) )
AND toolitemproperties.visibility='1' AND toolitemproperties.visibility='1'
AND announcement.session_id = 0 AND announcement.session_id = 0
@ -1636,7 +1637,7 @@ class AnnouncementManager
if (api_get_group_id() == 0) { if (api_get_group_id() == 0) {
$group_condition = ""; $group_condition = "";
} else { } else {
$group_condition = " AND (ip.to_group_id='".api_get_group_id()."' OR ip.to_group_id = 0)"; $group_condition = " AND (ip.to_group_id='".api_get_group_id()."' OR ip.to_group_id = 0 OR ip.to_group_id IS NULL)";
} }
$sql = "SELECT announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id $sql = "SELECT announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
FROM $tbl_announcement announcement, $tbl_item_property ip FROM $tbl_announcement announcement, $tbl_item_property ip
@ -1660,19 +1661,34 @@ class AnnouncementManager
if ((api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) { if ((api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) {
if (api_get_group_id() == 0) { if (api_get_group_id() == 0) {
$cond_user_id = " AND (ip.lastedit_user_id = '".$userId."' OR ( ip.to_user_id='".$userId."'" . $cond_user_id = " AND (
"OR ip.to_group_id IN (0, ".implode(", ", $group_memberships)."))) "; ip.lastedit_user_id = '".$userId."' OR (
ip.to_user_id='".$userId."' OR
ip.to_group_id IN (0, ".implode(", ", $group_memberships).") OR
ip.to_group_id IS NULL
)
)
";
} else { } else {
$cond_user_id = " AND (ip.lastedit_user_id = '".$userId."' $cond_user_id = " AND (
OR ip.to_group_id IN (0, ".api_get_group_id()."))"; ip.lastedit_user_id = '".$userId."'OR
ip.to_group_id IN (0, ".api_get_group_id().") OR
ip.to_group_id IS NULL
)";
} }
} else { } else {
if (api_get_group_id() == 0) { if (api_get_group_id() == 0) {
$cond_user_id = " AND ( ip.to_user_id='".$userId."'" . $cond_user_id = " AND (
"OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).")) "; ip.to_user_id='".$userId."' OR
ip.to_group_id IN (0, ".implode(", ", $group_memberships).") OR
ip.to_group_id IS NULL
) ";
} else { } else {
$cond_user_id = " AND ( ip.to_user_id='".$userId."'" . $cond_user_id = " AND (
"OR ip.to_group_id IN (0, ".api_get_group_id().")) "; ip.to_user_id='".$userId."' OR
ip.to_group_id IN (0, ".api_get_group_id().") OR
ip.to_group_id IS NULL
) ";
} }
} }
@ -1696,9 +1712,12 @@ class AnnouncementManager
// this is an identified user => show the general announcements AND his personal announcements // this is an identified user => show the general announcements AND his personal announcements
if ($userId) { if ($userId) {
if ((api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) { if ((api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) {
$cond_user_id = " AND (ip.lastedit_user_id = '".$userId."' OR ( ip.to_user_id='".$userId."' OR ip.to_group_id='0')) "; $cond_user_id = " AND (
ip.lastedit_user_id = '".$userId."' OR
( ip.to_user_id='".$userId."' OR ip.to_group_id='0' OR ip.to_group_id IS NULL)
) ";
} else { } else {
$cond_user_id = " AND ( ip.to_user_id='".$userId."' OR ip.to_group_id='0') "; $cond_user_id = " AND ( ip.to_user_id='".$userId."' OR ip.to_group_id='0' OR ip.to_group_id IS NULL) ";
} }
$sql = "SELECT announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id $sql = "SELECT announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
FROM $tbl_announcement announcement, $tbl_item_property ip FROM $tbl_announcement announcement, $tbl_item_property ip
@ -1716,7 +1735,9 @@ class AnnouncementManager
} else { } else {
if (api_get_course_setting('allow_user_edit_announcement')) { if (api_get_course_setting('allow_user_edit_announcement')) {
$cond_user_id = " AND (ip.lastedit_user_id = '".api_get_user_id()."' OR ip.to_group_id='0') "; $cond_user_id = " AND (
ip.lastedit_user_id = '".api_get_user_id()."' OR ip.to_group_id='0' OR ip.to_group_id IS NULL
) ";
} else { } else {
$cond_user_id = " AND ip.to_group_id='0' "; $cond_user_id = " AND ip.to_group_id='0' ";
} }

26
main/inc/lib/add_course.lib.inc.php
Unescape View File

@ -870,11 +870,9 @@ class AddCourse
); );
$image_id = Database:: insert_id(); $image_id = Database:: insert_id();
Database::query( Database::query(
"INSERT INTO $TABLEITEMPROPERTY (c_id, tool,insert_user_id,insert_date,lastedit_date,ref,lastedit_type,lastedit_user_id,to_group_id,to_user_id,visibility) "INSERT INTO $TABLEITEMPROPERTY (c_id, tool,insert_user_id,insert_date,lastedit_date,ref,lastedit_type,lastedit_user_id,to_group_id,to_user_id,visibility)
VALUES ($course_id,'document',1,'$now','$now',$image_id,'DocumentAdded',1,0,NULL,0)" VALUES ($course_id,'document',1,'$now','$now',$image_id,'DocumentAdded',1,NULL,NULL,0)"
); );
} }
} }
@ -919,11 +917,14 @@ class AddCourse
$example_cert_id = $image_id; $example_cert_id = $image_id;
} }
Database::query( Database::query(
"INSERT INTO $TABLEITEMPROPERTY (c_id, tool,insert_user_id,insert_date,lastedit_date,ref,lastedit_type,lastedit_user_id,to_group_id,to_user_id,visibility) VALUES ($course_id,'document',1,'$now','$now',$image_id,'DocumentAdded',1,0,NULL,1)" "INSERT INTO $TABLEITEMPROPERTY (c_id, tool,insert_user_id,insert_date,lastedit_date,ref,lastedit_type,lastedit_user_id,to_group_id,to_user_id,visibility)
VALUES ($course_id,'document',1,'$now','$now',$image_id,'DocumentAdded',1,NULL,NULL,1)"
); );
$docId = Database:: insert_id(); $docId = Database:: insert_id();
$sql = "UPDATE $TABLEITEMPROPERTY SET id = iid WHERE iid = $docId"; if ($docId) {
Database::query($sql); $sql = "UPDATE $TABLEITEMPROPERTY SET id = iid WHERE iid = $docId";
Database::query($sql);
}
} }
} }
} }
@ -1174,15 +1175,14 @@ class AddCourse
Database::query( Database::query(
"INSERT INTO $tableItem (id, c_id, tool,insert_user_id,insert_date,lastedit_date,ref,lastedit_type,lastedit_user_id,to_group_id,to_user_id,visibility) "INSERT INTO $tableItem (id, c_id, tool,insert_user_id,insert_date,lastedit_date,ref,lastedit_type,lastedit_user_id,to_group_id,to_user_id,visibility)
VALUES ($counter, $course_id,'document',1,'$now', '$now', $docId, 'DocumentAdded', 1, 0, NULL, 0)" VALUES ($counter, $course_id,'document',1,'$now', '$now', $docId, 'DocumentAdded', 1, NULL, NULL, 0)"
); );
$id = Database:: insert_id(); $id = Database:: insert_id();
if ($id) {
$sql = "UPDATE $tableItem SET id = iid WHERE iid = $id"; $sql = "UPDATE $tableItem SET id = iid WHERE iid = $id";
Database::query($sql); Database::query($sql);
}
} }
} }
/** /**
@ -1511,7 +1511,7 @@ class AddCourse
} }
/** /**
* Generate a new id for c_tool table * Generate a new id for c_tool table
* @param int $courseId The course id * @param int $courseId The course id
* @return int the new id * @return int the new id
*/ */

36
main/inc/lib/agenda.lib.php
Unescape View File

@ -1176,6 +1176,11 @@ class Agenda
$courseId = intval($courseId); $courseId = intval($courseId);
$sessionId = intval($sessionId); $sessionId = intval($sessionId);
$sessionCondition = "ip.session_id = $sessionId";
if (empty($sessionId)) {
$sessionCondition = " (ip.session_id = 0 OR ip.session_id IS NULL) ";
}
$tlb_course_agenda = Database::get_course_table(TABLE_AGENDA); $tlb_course_agenda = Database::get_course_table(TABLE_AGENDA);
$tbl_property = Database::get_course_table(TABLE_ITEM_PROPERTY); $tbl_property = Database::get_course_table(TABLE_ITEM_PROPERTY);
@ -1185,11 +1190,11 @@ class Agenda
INNER JOIN $tlb_course_agenda agenda INNER JOIN $tlb_course_agenda agenda
ON (ip.ref = agenda.id AND ip.c_id = agenda.c_id) ON (ip.ref = agenda.id AND ip.c_id = agenda.c_id)
WHERE WHERE
ip.tool = '".TOOL_CALENDAR_EVENT."' AND ip.tool = '".TOOL_CALENDAR_EVENT."' AND
ref = $eventId AND ref = $eventId AND
ip.visibility = '1' AND ip.visibility = '1' AND
ip.c_id = $courseId AND ip.c_id = $courseId AND
ip.session_id = $sessionId $sessionCondition
"; ";
$result = Database::query($sql); $result = Database::query($sql);
@ -1273,16 +1278,16 @@ class Agenda
if (api_is_allowed_to_edit()) { if (api_is_allowed_to_edit()) {
if (!empty($groupId)) { if (!empty($groupId)) {
$where_condition = "( ip.to_group_id IN (0, ".implode(", ", $group_memberships).") ) "; $where_condition = "( ip.to_group_id IS NULL OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).") ) ";
} else { } else {
if (!empty($user_id)) { if (!empty($user_id)) {
$where_condition = "( ip.to_user_id = $user_id OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).") ) "; $where_condition = "( ip.to_user_id = $user_id OR (ip.to_group_id IS NULL OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).")) ) ";
} else { } else {
$where_condition = "( ip.to_group_id is null OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).") ) "; $where_condition = "( ip.to_group_id IS NULL OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).") ) ";
} }
} }
} else { } else {
$where_condition = "( ip.to_user_id = $user_id OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).") ) "; $where_condition = "( ip.to_user_id = $user_id OR (ip.to_group_id IS NULL OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).")) ) ";
} }
$sql = "SELECT DISTINCT $sql = "SELECT DISTINCT
@ -1309,15 +1314,16 @@ class Agenda
if ($user_id == 0) { if ($user_id == 0) {
$where_condition = ""; $where_condition = "";
} else { } else {
$where_condition = " ( ip.to_user_id = ".$user_id. " OR ip.to_group_id='0' ) AND "; $where_condition = " ( ip.to_user_id = ".$user_id. " OR ip.to_group_id='0' OR ip.to_group_id IS NULL ) AND ";
} }
$visibilityCondition = " (ip.visibility IN ('1', '0')) AND "; $visibilityCondition = " (ip.visibility IN ('1', '0')) AND ";
} else { } else {
$where_condition = " ( ip.to_user_id = $user_id OR ip.to_group_id='0' ) AND "; $where_condition = " ( ip.to_user_id = $user_id OR ip.to_group_id='0' OR ip.to_group_id IS NULL) AND ";
} }
$sql = "SELECT DISTINCT agenda.*, ip.visibility, ip.to_group_id, ip.insert_user_id, ip.ref, to_user_id $sql = "SELECT DISTINCT agenda.*, ip.visibility, ip.to_group_id, ip.insert_user_id, ip.ref, to_user_id
FROM $tlb_course_agenda agenda INNER JOIN $tbl_property ip FROM $tlb_course_agenda agenda
INNER JOIN $tbl_property ip
ON (agenda.id = ip.ref AND agenda.c_id = ip.c_id) ON (agenda.id = ip.ref AND agenda.c_id = ip.c_id)
WHERE WHERE
ip.tool='".TOOL_CALENDAR_EVENT."' AND ip.tool='".TOOL_CALENDAR_EVENT."' AND
@ -2468,7 +2474,7 @@ class Agenda
AND MONTH(agenda.start_date)='".$month."' AND MONTH(agenda.start_date)='".$month."'
AND YEAR(agenda.start_date)='".$year."' AND YEAR(agenda.start_date)='".$year."'
AND ip.tool='".TOOL_CALENDAR_EVENT."' AND ip.tool='".TOOL_CALENDAR_EVENT."'
AND ( ip.to_user_id='".$user_id."' OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).") ) AND ( ip.to_user_id='".$user_id."' OR (ip.to_group_id IS NULL OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).")) )
AND ip.visibility='1' AND ip.visibility='1'
ORDER BY start_date "; ORDER BY start_date ";
} else { } else {
@ -2479,7 +2485,7 @@ class Agenda
AND MONTH(agenda.start_date)='".$month."' AND MONTH(agenda.start_date)='".$month."'
AND YEAR(agenda.start_date)='".$year."' AND YEAR(agenda.start_date)='".$year."'
AND ip.tool='".TOOL_CALENDAR_EVENT."' AND ip.tool='".TOOL_CALENDAR_EVENT."'
AND ( ip.to_user_id='".$user_id."' OR ip.to_group_id='0') AND ( ip.to_user_id='".$user_id."' OR ip.to_group_id='0' OR ip.to_group_id IS NULL)
AND ip.visibility='1' AND ip.visibility='1'
ORDER BY start_date "; ORDER BY start_date ";
} }
@ -2963,7 +2969,7 @@ class Agenda
" AND agenda.start_date>='$date_start' ". " AND agenda.start_date>='$date_start' ".
" AND agenda.end_date<='$date_end' ". " AND agenda.end_date<='$date_end' ".
" AND ip.tool='".TOOL_CALENDAR_EVENT."' ". " AND ip.tool='".TOOL_CALENDAR_EVENT."' ".
" AND ( ip.to_user_id='".$user_id."' OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).") ) ". " AND ( ip.to_user_id='".$user_id."' OR (ip.to_group_id IS NULL OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).")) ) ".
" AND ip.visibility='1' ". " AND ip.visibility='1' ".
" ORDER BY start_date "; " ORDER BY start_date ";
} else { } else {
@ -2975,7 +2981,7 @@ class Agenda
" AND agenda.start_date>='$date_start' ". " AND agenda.start_date>='$date_start' ".
" AND agenda.end_date<='$date_end' ". " AND agenda.end_date<='$date_end' ".
" AND ip.tool='".TOOL_CALENDAR_EVENT."' ". " AND ip.tool='".TOOL_CALENDAR_EVENT."' ".
" AND ( ip.to_user_id='".$user_id."' OR ip.to_group_id='0') ". " AND ( ip.to_user_id='".$user_id."' OR ip.to_group_id='0' OR ip.to_group_id IS NULL) ".
" AND ip.visibility='1' ". " AND ip.visibility='1' ".
" ORDER BY start_date "; " ORDER BY start_date ";
} }

66
main/inc/lib/api.lib.php
Unescape View File

@ -2375,7 +2375,7 @@ function api_get_session_condition(
$condition_add = $and ? " AND " : " WHERE "; $condition_add = $and ? " AND " : " WHERE ";
if ($with_base_content) { if ($with_base_content) {
$condition_session = $condition_add." ( $session_field = $session_id OR $session_field = 0) "; $condition_session = $condition_add." ( $session_field = $session_id OR $session_field = 0 OR $session_field IS NULL) ";
} else { } else {
$condition_session = $condition_add." $session_field = $session_id "; $condition_session = $condition_add." $session_field = $session_id ";
} }
@ -3622,10 +3622,19 @@ function api_item_property_update(
$lastEditTypeNoFilter = $lastedit_type; $lastEditTypeNoFilter = $lastedit_type;
$lastedit_type = Database::escape_string($lastedit_type); $lastedit_type = Database::escape_string($lastedit_type);
$user_id = intval($user_id); $user_id = intval($user_id);
$to_group_id = intval($to_group_id);
$to_user_id = intval($to_user_id); $startVisible = "NULL";
$start_visible = Database::escape_string($start_visible); if (!empty($start_visible)) {
$end_visible = Database::escape_string($end_visible); $start_visible = Database::escape_string($start_visible);
$startVisible = "'$start_visible'";
}
$endVisible = "NULL";
if (!empty($end_visible)) {
$end_visible = Database::escape_string($end_visible);
$endVisible = "'$end_visible'";
}
$to_filter = ''; $to_filter = '';
$time = api_get_utc_datetime(); $time = api_get_utc_datetime();
@ -3644,6 +3653,7 @@ function api_item_property_update(
if (!is_null($to_user_id)) { if (!is_null($to_user_id)) {
// $to_user_id has more priority than $to_group_id // $to_user_id has more priority than $to_group_id
$to_user_id = intval($to_user_id);
$to_field = 'to_user_id'; $to_field = 'to_user_id';
$to_value = $to_user_id; $to_value = $to_user_id;
} else { } else {
@ -3652,6 +3662,8 @@ function api_item_property_update(
$to_value = $to_group_id; $to_value = $to_group_id;
} }
$toValueCondition = empty($to_value) ? "NULL" : "'$to_value'";
// Set filters for $to_user_id and $to_group_id, with priority for $to_user_id // Set filters for $to_user_id and $to_group_id, with priority for $to_user_id
$condition_session = ''; $condition_session = '';
if (!empty($session_id)) { if (!empty($session_id)) {
@ -3670,6 +3682,7 @@ function api_item_property_update(
if (is_null($to_user_id) && is_null($to_group_id)) { if (is_null($to_user_id) && is_null($to_group_id)) {
$to_group_id = 0; $to_group_id = 0;
} }
if (!is_null($to_user_id)) { if (!is_null($to_user_id)) {
// Set filter to intended user. // Set filter to intended user.
$to_filter = " AND to_user_id= '$to_user_id' $condition_session"; $to_filter = " AND to_user_id= '$to_user_id' $condition_session";
@ -3709,12 +3722,13 @@ function api_item_property_update(
$result = Database::query($sql); $result = Database::query($sql);
} else { } else {
$sql = "INSERT INTO $TABLE_ITEMPROPERTY (c_id, tool, ref, insert_date, insert_user_id, lastedit_date, lastedit_type, lastedit_user_id, $to_field, visibility, start_visible, end_visible, session_id) $sql = "INSERT INTO $TABLE_ITEMPROPERTY (c_id, tool, ref, insert_date, insert_user_id, lastedit_date, lastedit_type, lastedit_user_id, $to_field, visibility, start_visible, end_visible, session_id)
VALUES ($course_id, '$tool','$item_id','$time', '$user_id', '$time', '$lastedit_type','$user_id', '$to_value', '$visibility', '$start_visible','$end_visible', '$session_id')"; VALUES ($course_id, '$tool','$item_id','$time', '$user_id', '$time', '$lastedit_type','$user_id', $toValueCondition, '$visibility', $startVisible, $endVisible, '$session_id')";
$result = Database::query($sql); $result = Database::query($sql);
$id = Database::insert_id(); $id = Database::insert_id();
$sql = "UPDATE $TABLE_ITEMPROPERTY SET id = iid WHERE iid = $id"; if ($id) {
Database::query($sql); $sql = "UPDATE $TABLE_ITEMPROPERTY SET id = iid WHERE iid = $id";
Database::query($sql);
}
} }
} else { } else {
$sql = "UPDATE $TABLE_ITEMPROPERTY $sql = "UPDATE $TABLE_ITEMPROPERTY
@ -3750,9 +3764,8 @@ function api_item_property_update(
$result = Database::query($sql); $result = Database::query($sql);
} else { } else {
$sql = "INSERT INTO $TABLE_ITEMPROPERTY (c_id, tool, ref, insert_date, insert_user_id, lastedit_date, lastedit_type, lastedit_user_id, $to_field, visibility, start_visible, end_visible, session_id) $sql = "INSERT INTO $TABLE_ITEMPROPERTY (c_id, tool, ref, insert_date, insert_user_id, lastedit_date, lastedit_type, lastedit_user_id, $to_field, visibility, start_visible, end_visible, session_id)
VALUES ($course_id, '$tool', '$item_id', '$time', '$user_id', '$time', '$lastedit_type', '$user_id', '$to_value', '$visibility', '$start_visible', '$end_visible', '$session_id')"; VALUES ($course_id, '$tool', '$item_id', '$time', '$user_id', '$time', '$lastedit_type', '$user_id', $toValueCondition, '$visibility', $startVisible, $endVisible, '$session_id')";
$result = Database::query($sql); $result = Database::query($sql);
$id = Database::insert_id(); $id = Database::insert_id();
if ($id) { if ($id) {
$sql = "UPDATE $TABLE_ITEMPROPERTY SET id = iid WHERE iid = $id"; $sql = "UPDATE $TABLE_ITEMPROPERTY SET id = iid WHERE iid = $id";
@ -3793,12 +3806,13 @@ function api_item_property_update(
$result = Database::query($sql); $result = Database::query($sql);
} else { } else {
$sql = "INSERT INTO $TABLE_ITEMPROPERTY (c_id, tool, ref, insert_date, insert_user_id, lastedit_date, lastedit_type, lastedit_user_id,$to_field, visibility, start_visible, end_visible, session_id) $sql = "INSERT INTO $TABLE_ITEMPROPERTY (c_id, tool, ref, insert_date, insert_user_id, lastedit_date, lastedit_type, lastedit_user_id,$to_field, visibility, start_visible, end_visible, session_id)
VALUES ($course_id, '$tool', '$item_id', '$time', '$user_id', '$time', '$lastedit_type', '$user_id', '$to_value', '$visibility', '$start_visible', '$end_visible', '$session_id')"; VALUES ($course_id, '$tool', '$item_id', '$time', '$user_id', '$time', '$lastedit_type', '$user_id', $toValueCondition, '$visibility', $startVisible, $endVisible, '$session_id')";
$result = Database::query($sql); $result = Database::query($sql);
$id = Database::insert_id(); $id = Database::insert_id();
$sql = "UPDATE $TABLE_ITEMPROPERTY SET id = iid WHERE iid = $id"; if ($id) {
Database::query($sql); $sql = "UPDATE $TABLE_ITEMPROPERTY SET id = iid WHERE iid = $id";
Database::query($sql);
}
} }
} else { } else {
$sql = "UPDATE $TABLE_ITEMPROPERTY $sql = "UPDATE $TABLE_ITEMPROPERTY
@ -3826,17 +3840,17 @@ function api_item_property_update(
// Insert if no entries are found (can only happen in case of $lastedit_type switch is 'default'). // Insert if no entries are found (can only happen in case of $lastedit_type switch is 'default').
if (Database::affected_rows($result) == 0) { if (Database::affected_rows($result) == 0) {
$sessionCondition = empty($session_id) ? "NULL" : "'$session_id'"; $sessionCondition = empty($session_id) ? "NULL" : "'$session_id'";
$toValueCondition = empty($to_value) ? "NULL" : "'$to_value'";
$sql = "INSERT INTO $TABLE_ITEMPROPERTY (c_id, tool,ref,insert_date,insert_user_id,lastedit_date,lastedit_type, lastedit_user_id, $to_field, visibility, start_visible, end_visible, session_id) $sql = "INSERT INTO $TABLE_ITEMPROPERTY (c_id, tool,ref,insert_date,insert_user_id,lastedit_date,lastedit_type, lastedit_user_id, $to_field, visibility, start_visible, end_visible, session_id)
VALUES ($course_id, '$tool', '$item_id', '$time', '$user_id', '$time', '$lastedit_type', '$user_id', $toValueCondition, '$visibility', '$start_visible', '$end_visible', $sessionCondition)"; VALUES ($course_id, '$tool', '$item_id', '$time', '$user_id', '$time', '$lastedit_type', '$user_id', $toValueCondition, '$visibility', $startVisible, $endVisible, $sessionCondition)";
$res = Database::query($sql); $res = Database::query($sql);
if (!$res) { $id = Database::insert_id();
$id = Database::insert_id(); if ($id) {
$sql = "UPDATE $TABLE_ITEMPROPERTY SET id = iid WHERE iid = $id"; $sql = "UPDATE $TABLE_ITEMPROPERTY SET id = iid WHERE iid = $id";
Database::query($sql); Database::query($sql);
return false; return false;
} }
} }
return true; return true;
} }
@ -3999,17 +4013,22 @@ function api_get_track_item_property_history($tool, $ref)
*/ */
function api_get_item_property_info($course_id, $tool, $ref, $session_id = 0) function api_get_item_property_info($course_id, $tool, $ref, $session_id = 0)
{ {
$course_info = api_get_course_info_by_id($course_id); $courseInfo = api_get_course_info_by_id($course_id);
if (empty($course_info)) { if (empty($courseInfo)) {
return false; return false;
} }
$tool = Database::escape_string($tool); $tool = Database::escape_string($tool);
$ref = intval($ref); $ref = intval($ref);
$course_id = $course_info['real_id']; $course_id = $courseInfo['real_id'];
$session_id = intval($session_id); $session_id = intval($session_id);
$sessionCondition = " session_id = $session_id";
if (empty($session_id)) {
$sessionCondition = " (session_id = 0 OR session_id IS NULL) ";
}
// Definition of tables. // Definition of tables.
$table = Database::get_course_table(TABLE_ITEM_PROPERTY); $table = Database::get_course_table(TABLE_ITEM_PROPERTY);
@ -4018,13 +4037,14 @@ function api_get_item_property_info($course_id, $tool, $ref, $session_id = 0)
c_id = $course_id AND c_id = $course_id AND
tool = '$tool' AND tool = '$tool' AND
ref = $ref AND ref = $ref AND
session_id = $session_id "; $sessionCondition ";
$rs = Database::query($sql); $rs = Database::query($sql);
$row = array(); $row = array();
if (Database::num_rows($rs) > 0) { if (Database::num_rows($rs) > 0) {
$row = Database::fetch_array($rs,'ASSOC'); $row = Database::fetch_array($rs,'ASSOC');
} }
return $row; return $row;
} }

2
main/inc/lib/display.lib.php
Unescape View File

@ -1467,7 +1467,7 @@ class Display
$my_course['id_session'] = $course_info['id_session']; $my_course['id_session'] = $course_info['id_session'];
} }
$label = get_lang('TitleNotification').": ".get_lang($type)." ($lastDate)"; $label = get_lang('TitleNotification').": ".get_lang($type)." ($lastDate)";
$retvalue .= '<a href="'.api_get_path(WEB_CODE_PATH).$notification['link'].'?cidReq='.$course_code.'&amp;ref='.$notification['ref'].'&amp;gidReq='.$notification['to_group_id'].'&amp;id_session='.$my_course['id_session'].'">'. $retvalue .= '<a href="'.api_get_path(WEB_CODE_PATH).$notification['link'].'?cidReq='.$course_code.'&ref='.$notification['ref'].'&gidReq='.$notification['to_group_id'].'&id_session='.$my_course['id_session'].'">'.
Display::return_icon($notification['image'], $label).'</a>&nbsp;'; Display::return_icon($notification['image'], $label).'</a>&nbsp;';
} }

44
main/inc/lib/document.lib.php
Unescape View File

@ -520,18 +520,24 @@ class DocumentManager
$TABLE_ITEMPROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY); $TABLE_ITEMPROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY);
$TABLE_DOCUMENT = Database::get_course_table(TABLE_DOCUMENT); $TABLE_DOCUMENT = Database::get_course_table(TABLE_DOCUMENT);
$userGroupFilter = '';
if (!is_null($to_user_id)) { if (!is_null($to_user_id)) {
$to_field = 'last.to_user_id'; $to_user_id = intval($to_user_id);
$to_value = $to_user_id; $userGroupFilter = "last.to_user_id = $to_user_id";
if (empty($to_user_id)) {
$userGroupFilter = " (last.to_user_id = 0 OR last.to_user_id IS NULL) ";
}
} else { } else {
$to_field = 'last.to_group_id'; $to_group_id = intval($to_group_id);
$to_value = $to_group_id; $userGroupFilter = "last.to_group_id = $to_group_id";
if (empty($to_group_id)) {
$userGroupFilter = "( last.to_group_id = 0 OR last.to_group_id IS NULL) ";
}
} }
// Escape underscores in the path so they don't act as a wildcard // Escape underscores in the path so they don't act as a wildcard
$originalPath = $path; $originalPath = $path;
$path = str_replace('_', '\_', $path); $path = str_replace('_', '\_', $path);
$to_value = Database::escape_string($to_value);
$visibility_bit = ' <> 2'; $visibility_bit = ' <> 2';
@ -541,7 +547,7 @@ class DocumentManager
// Condition for the session // Condition for the session
$sessionId = api_get_session_id(); $sessionId = api_get_session_id();
$condition_session = " AND (last.session_id = '$sessionId' OR (last.session_id = '0') )"; $condition_session = " AND (last.session_id = '$sessionId' OR (last.session_id = '0' OR last.session_id IS NULL) )";
$condition_session .= self::getSessionFolderFilters($originalPath, $sessionId); $condition_session .= self::getSessionFolderFilters($originalPath, $sessionId);
$sharedCondition = null; $sharedCondition = null;
@ -581,13 +587,11 @@ class DocumentManager
docs.path LIKE '" . Database::escape_string($path . $added_slash.'%'). "' AND docs.path LIKE '" . Database::escape_string($path . $added_slash.'%'). "' AND
docs.path NOT LIKE '" . Database::escape_string($path . $added_slash.'%/%')."' AND docs.path NOT LIKE '" . Database::escape_string($path . $added_slash.'%/%')."' AND
docs.path NOT LIKE '%_DELETED_%' AND docs.path NOT LIKE '%_DELETED_%' AND
$to_field = $to_value AND $userGroupFilter AND
last.visibility last.visibility $visibility_bit
$visibility_bit
$condition_session $condition_session
$sharedCondition $sharedCondition
"; ";
$result = Database::query($sql); $result = Database::query($sql);
$doc_list = array(); $doc_list = array();
@ -736,6 +740,11 @@ class DocumentManager
} }
} }
$groupCondition = " last.to_group_id = $to_group_id";
if (empty($to_group_id)) {
$groupCondition = " (last.to_group_id = 0 OR last.to_group_id IS NULL)";
}
if ($can_see_invisible) { if ($can_see_invisible) {
// condition for the session // condition for the session
$session_id = api_get_session_id(); $session_id = api_get_session_id();
@ -757,7 +766,7 @@ class DocumentManager
) )
WHERE WHERE
docs.filetype = 'folder' AND docs.filetype = 'folder' AND
last.to_group_id = " . $to_group_id . " AND $groupCondition AND
docs.path NOT LIKE '%shared_folder%' AND docs.path NOT LIKE '%shared_folder%' AND
docs.path NOT LIKE '%_DELETED_%' AND docs.path NOT LIKE '%_DELETED_%' AND
last.visibility <> 2 last.visibility <> 2
@ -775,7 +784,7 @@ class DocumentManager
WHERE WHERE
docs.filetype = 'folder' AND docs.filetype = 'folder' AND
docs.path NOT LIKE '%_DELETED_%' AND docs.path NOT LIKE '%_DELETED_%' AND
last.to_group_id = 0 AND $groupCondition AND
last.visibility <> 2 last.visibility <> 2
$show_users_condition $condition_session "; $show_users_condition $condition_session ";
} }
@ -816,7 +825,7 @@ class DocumentManager
docs.id = last.ref AND docs.id = last.ref AND
docs.filetype = 'folder' AND docs.filetype = 'folder' AND
last.tool = '" . TOOL_DOCUMENT . "' AND last.tool = '" . TOOL_DOCUMENT . "' AND
last.to_group_id = " . $to_group_id . " AND $groupCondition AND
last.visibility = 1 last.visibility = 1
$condition_session AND $condition_session AND
last.c_id = {$_course['real_id']} AND last.c_id = {$_course['real_id']} AND
@ -837,7 +846,7 @@ class DocumentManager
docs.id = last.ref AND docs.id = last.ref AND
docs.filetype = 'folder' AND docs.filetype = 'folder' AND
last.tool = '" . TOOL_DOCUMENT . "' AND last.tool = '" . TOOL_DOCUMENT . "' AND
last.to_group_id = " . $to_group_id . " AND $groupCondition AND
last.visibility = 0 $condition_session AND last.visibility = 0 $condition_session AND
last.c_id = {$_course['real_id']} AND last.c_id = {$_course['real_id']} AND
docs.c_id = {$_course['real_id']} "; docs.c_id = {$_course['real_id']} ";
@ -855,7 +864,7 @@ class DocumentManager
docs.path LIKE '" . Database::escape_string($row['path'].'/%') . "' AND docs.path LIKE '" . Database::escape_string($row['path'].'/%') . "' AND
docs.filetype = 'folder' AND docs.filetype = 'folder' AND
last.tool = '" . TOOL_DOCUMENT . "' AND last.tool = '" . TOOL_DOCUMENT . "' AND
last.to_group_id = " . $to_group_id . " AND $groupCondition AND
last.visibility = 1 $condition_session AND last.visibility = 1 $condition_session AND
last.c_id = {$_course['real_id']} AND last.c_id = {$_course['real_id']} AND
docs.c_id = {$_course['real_id']} "; docs.c_id = {$_course['real_id']} ";
@ -1130,6 +1139,7 @@ class DocumentManager
$sessionId $sessionId
); );
if (empty($itemInfo)) { if (empty($itemInfo)) {
return false; return false;
} }
@ -2917,14 +2927,12 @@ class DocumentManager
} }
$group_condition = null; $group_condition = null;
if (isset($group_id)) { if (isset($group_id)) {
$group_id = intval($group_id); $group_id = intval($group_id);
$group_condition = " AND props.to_group_id='" . $group_id . "' "; $group_condition = " AND props.to_group_id='" . $group_id . "' ";
} }
$session_condition = null; $session_condition = null;
if (isset($session_id)) { if (isset($session_id)) {
$session_id = intval($session_id); $session_id = intval($session_id);
$session_condition = " AND props.session_id='" . $session_id . "' "; $session_condition = " AND props.session_id='" . $session_id . "' ";
@ -3232,7 +3240,7 @@ class DocumentManager
$tbl_doc = Database::get_course_table(TABLE_DOCUMENT); $tbl_doc = Database::get_course_table(TABLE_DOCUMENT);
$tbl_item_prop = Database::get_course_table(TABLE_ITEM_PROPERTY); $tbl_item_prop = Database::get_course_table(TABLE_ITEM_PROPERTY);
$condition_session = " AND (last.session_id = '$session_id' OR last.session_id = '0' )"; $condition_session = " AND (last.session_id = '$session_id' OR last.session_id = '0' OR last.session_id IS NULL)";
$add_folder_filter = null; $add_folder_filter = null;
if (!empty($filter_by_folder)) { if (!empty($filter_by_folder)) {

14
main/newscorm/resourcelinker.inc.php
Unescape View File

@ -16,7 +16,7 @@
// Flag to allow for anonymous user - needs to be set before global.inc.php. // Flag to allow for anonymous user - needs to be set before global.inc.php.
use \ChamiloSession as Session; use ChamiloSession as Session;
$use_anonymous = true; $use_anonymous = true;
@ -81,9 +81,15 @@ function show_documents($folder) {
$item_property_table = Database::get_course_table(TABLE_ITEM_PROPERTY); $item_property_table = Database::get_course_table(TABLE_ITEM_PROPERTY);
$document_table = Database::get_course_table(TABLE_DOCUMENT); $document_table = Database::get_course_table(TABLE_DOCUMENT);
$sql = "SELECT * from $document_table docs , $item_property_table ip $sql = "SELECT * from $document_table docs , $item_property_table ip
WHERE docs.c_id = $course_id AND WHERE
ip.c_id = $course_id AND docs.c_id = $course_id AND
docs.id=ip.ref AND ip.tool = '".TOOL_DOCUMENT."' AND $visibility AND ip.to_group_id = 0 AND ip.to_user_id IS NULL ORDER BY docs.path ASC"; ip.c_id = $course_id AND
docs.id=ip.ref AND
ip.tool = '".TOOL_DOCUMENT."' AND
$visibility AND
(ip.to_group_id = 0 OR ip.to_group_id IS NULL)AND
ip.to_user_id IS NULL
ORDER BY docs.path ASC";
$result = Database::query($sql); $result = Database::query($sql);
while ($row = Database::fetch_array($result)) { while ($row = Database::fetch_array($result)) {
if (!$folder) { if (!$folder) {

20
main/newscorm/resourcelinker.php
Unescape View File

@ -617,11 +617,12 @@ if ($content == 'Agenda') {
$TABLE_ITEM_PROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY); $TABLE_ITEM_PROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY);
$sql = "SELECT agenda.*, toolitemproperties.* $sql = "SELECT agenda.*, toolitemproperties.*
FROM ".$TABLEAGENDA." agenda, ".$TABLE_ITEM_PROPERTY." toolitemproperties FROM ".$TABLEAGENDA." agenda, ".$TABLE_ITEM_PROPERTY." toolitemproperties
WHERE agenda.id = toolitemproperties.ref WHERE
AND toolitemproperties.tool='".TOOL_CALENDAR_EVENT."' agenda.id = toolitemproperties.ref
AND toolitemproperties.to_group_id='0' AND toolitemproperties.tool='".TOOL_CALENDAR_EVENT."'
AND toolitemproperties.visibility='1'"; AND (toolitemproperties.to_group_id='0' OR toolitemproperties.to_group_id IS NULL)
AND toolitemproperties.visibility='1'";
$result = Database::query($sql); $result = Database::query($sql);
@ -677,7 +678,14 @@ if ($content == 'Document' || (empty($content) && (api_is_allowed_to_edit() || i
if ($content == 'Ad_Valvas') { if ($content == 'Ad_Valvas') {
$tbl_announcement = Database :: get_course_table(TABLE_ANNOUNCEMENT); $tbl_announcement = Database :: get_course_table(TABLE_ANNOUNCEMENT);
$sql = "SELECT * FROM ".$tbl_announcement." a, ".$item_property_table." i WHERE i.tool = '".TOOL_ANNOUNCEMENT."' AND a.id=i.ref AND i.visibility='1' AND i.to_group_id = 0 AND i.to_user_id IS NULL ORDER BY a.display_order ASC"; $sql = "SELECT * FROM ".$tbl_announcement." a, ".$item_property_table." i
WHERE
i.tool = '".TOOL_ANNOUNCEMENT."' AND
a.id=i.ref AND
i.visibility='1' AND
(i.to_group_id = 0 OR i.to_group_id IS NULL) AND
i.to_user_id IS NULL
ORDER BY a.display_order ASC";
//error_log($sql, 0); //error_log($sql, 0);
$result = Database::query($sql); $result = Database::query($sql);
while ($myrow = Database::fetch_array($result)) { while ($myrow = Database::fetch_array($result)) {

11
main/resourcelinker/resourcelinker.inc.php
Unescape View File

@ -11,7 +11,7 @@
*/ */
use \ChamiloSession as Session; use ChamiloSession as Session;
/** /**
* INIT SECTION * INIT SECTION
@ -77,7 +77,14 @@ function show_documents($folder)
$item_property_table = Database::get_course_table(TABLE_ITEM_PROPERTY); $item_property_table = Database::get_course_table(TABLE_ITEM_PROPERTY);
$document_table = Database::get_course_table(TABLE_DOCUMENT); $document_table = Database::get_course_table(TABLE_DOCUMENT);
$sql="SELECT * from $document_table docs, $item_property_table ip WHERE docs.id=ip.ref AND ip.tool = '".TOOL_DOCUMENT."' AND $visibility AND ip.to_group_id = 0 AND ip.to_user_id IS NULL ORDER BY docs.path ASC"; $sql = "SELECT * from $document_table docs, $item_property_table ip
WHERE
docs.id=ip.ref AND
ip.tool = '".TOOL_DOCUMENT."' AND
$visibility AND
(ip.to_group_id = 0 OR i.to_group_id IS NULL) AND
ip.to_user_id IS NULL
ORDER BY docs.path ASC";
$result=Database::query($sql); $result=Database::query($sql);
while ($row=Database::fetch_array($result)) while ($row=Database::fetch_array($result))
{ {

13
main/resourcelinker/resourcelinker.php
Unescape View File

@ -14,7 +14,7 @@
* INIT SECTION * INIT SECTION
*/ */
use \ChamiloSession as Session; use ChamiloSession as Session;
include ('../inc/global.inc.php'); include ('../inc/global.inc.php');
$this_section=SECTION_COURSES; $this_section=SECTION_COURSES;
@ -596,7 +596,7 @@ if ($content == "Agenda")
FROM ".$TABLEAGENDA." agenda, ".$TABLE_ITEM_PROPERTY." toolitemproperties FROM ".$TABLEAGENDA." agenda, ".$TABLE_ITEM_PROPERTY." toolitemproperties
WHERE agenda.id = toolitemproperties.ref WHERE agenda.id = toolitemproperties.ref
AND toolitemproperties.tool='".TOOL_CALENDAR_EVENT."' AND toolitemproperties.tool='".TOOL_CALENDAR_EVENT."'
AND toolitemproperties.to_group_id='0' AND (toolitemproperties.to_group_id='0' OR toolitemproperties.to_group_id IS NULL)
AND toolitemproperties.visibility='1'"; AND toolitemproperties.visibility='1'";
$result = Database::query($sql); $result = Database::query($sql);
@ -667,7 +667,14 @@ if ($content == "Document" OR (empty($content) AND (api_is_allowed_to_edit() OR
if ($content == "Ad_Valvas") if ($content == "Ad_Valvas")
{ {
$tbl_announcement = Database :: get_course_table(TABLE_ANNOUNCEMENT); $tbl_announcement = Database :: get_course_table(TABLE_ANNOUNCEMENT);
$sql = "SELECT * FROM ".$tbl_announcement." a, ".$item_property_table." i WHERE i.tool = '".TOOL_ANNOUNCEMENT."' AND a.id=i.ref AND i.visibility='1' AND i.to_group_id = 0 AND i.to_user_id IS NULL ORDER BY a.display_order ASC"; $sql = "SELECT * FROM ".$tbl_announcement." a, ".$item_property_table." i
WHERE
i.tool = '".TOOL_ANNOUNCEMENT."' AND
a.id=i.ref AND
i.visibility='1' AND
(i.to_group_id = 0 OR i.to_group_id IS NULL) AND
i.to_user_id IS NULL
ORDER BY a.display_order ASC";
$result = Database::query($sql); $result = Database::query($sql);
while ($myrow = Database::fetch_array($result)) while ($myrow = Database::fetch_array($result))

30
main/upload/upload.document.php
Unescape View File

@ -91,7 +91,13 @@ if (isset($_FILES['user_upload'])) {
$missing_files = check_for_missing_files($base_work_dir.$_POST['curdirpath'].$new_path); $missing_files = check_for_missing_files($base_work_dir.$_POST['curdirpath'].$new_path);
if ($missing_files) { if ($missing_files) {
//show a form to upload the missing files //show a form to upload the missing files
Display::display_normal_message(build_missing_files_form($missing_files,$_POST['curdirpath'],$_FILES['user_upload']['name'])); Display::display_normal_message(
build_missing_files_form(
$missing_files,
$_POST['curdirpath'],
$_FILES['user_upload']['name']
)
);
} }
} }
} }
@ -114,7 +120,16 @@ if (isset($_POST['submit_image'])) {
); );
$missing_files_dir = $folderData['path']; $missing_files_dir = $folderData['path'];
//put the uploaded files in the new directory and get the paths //put the uploaded files in the new directory and get the paths
$paths_to_replace_in_file = move_uploaded_file_collection_into_directory($_course, $_FILES['img_file'],$base_work_dir,$missing_files_dir,$_user['user_id'],$to_group_id,$to_user_id,$max_filled_space); $paths_to_replace_in_file = move_uploaded_file_collection_into_directory(
$_course,
$_FILES['img_file'],
$base_work_dir,
$missing_files_dir,
$_user['user_id'],
$to_group_id,
$to_user_id,
$max_filled_space
);
//open the html file and replace the paths //open the html file and replace the paths
replace_img_path_in_html_file( replace_img_path_in_html_file(
$_POST['img_file_path'], $_POST['img_file_path'],
@ -129,7 +144,16 @@ if (isset($_POST['submit_image'])) {
if (isset($_POST['create_dir']) && $_POST['dirname']!='') { if (isset($_POST['create_dir']) && $_POST['dirname']!='') {
$added_slash = ($path=='/')?'':'/'; $added_slash = ($path=='/')?'':'/';
$dir_name = $path.$added_slash.api_replace_dangerous_char($_POST['dirname']); $dir_name = $path.$added_slash.api_replace_dangerous_char($_POST['dirname']);
$created_dir = create_unexisting_directory($_course,$_user['user_id'],api_get_session_id(), $to_group_id,$to_user_id,$base_work_dir,$dir_name,$_POST['dirname']); $created_dir = create_unexisting_directory(
$_course,
$_user['user_id'],
api_get_session_id(),
$to_group_id,
$to_user_id,
$base_work_dir,
$dir_name,
$_POST['dirname']
);
if ($created_dir) { if ($created_dir) {
Display::display_normal_message(get_lang('DirCr')); Display::display_normal_message(get_lang('DirCr'));
$path = $created_dir; $path = $created_dir;

101
main/webservices/cm_webservice_announcements.php
Unescape View File

@ -97,71 +97,86 @@ class WSCMAnnouncements extends WSCM
$group_memberships=GroupManager::get_group_ids($course_info['real_id'], $user_id); $group_memberships=GroupManager::get_group_ids($course_info['real_id'], $user_id);
if (api_get_group_id() == 0) { if (api_get_group_id() == 0) {
$cond_user_id = " AND ( ip.to_user_id='".$user_id."'" . $cond_user_id = " AND (
"OR ip.to_group_id IN (0, ".implode(", ", $group_memberships).")) "; ip.to_user_id='".$user_id."' OR
ip.to_group_id IN (0, ".implode(", ", $group_memberships).") OR
ip.to_group_id IS NULL
) ";
} else { } else {
$cond_user_id = " AND ( ip.to_user_id='".$user_id."'" . $cond_user_id = " AND (
"OR ip.to_group_id IN (0, ".api_get_group_id().")) "; ip.to_user_id='".$user_id."' OR
ip.to_group_id IN (0, ".api_get_group_id().") OR
ip.to_group_id IS NULL
) ";
} }
// the user is member of several groups => display personal announcements AND his group announcements AND the general announcements // the user is member of several groups => display personal
// announcements AND his group announcements AND the general announcements
if (is_array($group_memberships) && count($group_memberships)>0) { if (is_array($group_memberships) && count($group_memberships)>0) {
$sql="SELECT $sql="SELECT
announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
FROM $tbl_announcement announcement, $tbl_item_property ip FROM $tbl_announcement announcement, $tbl_item_property ip
WHERE announcement.id = ip.ref WHERE
AND ip.tool='announcement' announcement.id = ip.ref AND
AND ip.visibility='1' ip.tool='announcement' AND
$announcement_id ip.visibility='1'
$cond_user_id $announcement_id
$condition_session $cond_user_id
GROUP BY ip.ref $condition_session
ORDER BY display_order DESC GROUP BY ip.ref
LIMIT 0,$maximum"; ORDER BY display_order DESC
LIMIT 0,$maximum";
} else { } else {
// the user is not member of any group // the user is not member of any group
// this is an identified user => show the general announcements AND his personal announcements // this is an identified user => show the general announcements AND his personal announcements
if ($user_id) { if ($user_id) {
if ((api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) { if ((api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) {
$cond_user_id = " AND (ip.lastedit_user_id = '".api_get_user_id()."' OR ( ip.to_user_id='".$user_id."' OR ip.to_group_id='0')) "; $cond_user_id = " AND (
ip.lastedit_user_id = '".api_get_user_id()."' OR
( ip.to_user_id='".$user_id."' OR ip.to_group_id='0' OR ip.to_group_id IS NULL)
) ";
} else { } else {
$cond_user_id = " AND ( ip.to_user_id='".$user_id."' OR ip.to_group_id='0') "; $cond_user_id = " AND ( ip.to_user_id='".$user_id."' OR ip.to_group_id='0' OR ip.to_group_id IS NULL) ";
} }
$sql="SELECT
announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id $sql = "SELECT
FROM $tbl_announcement announcement, $tbl_item_property ip announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
WHERE announcement.id = ip.ref FROM $tbl_announcement announcement, $tbl_item_property ip
AND ip.tool='announcement' WHERE
AND ip.visibility='1' announcement.id = ip.ref AND
$announcement_id ip.tool='announcement' AND
$cond_user_id ip.visibility='1'
$condition_session $announcement_id
GROUP BY ip.ref $cond_user_id
ORDER BY display_order DESC $condition_session
LIMIT 0,$maximum"; GROUP BY ip.ref
ORDER BY display_order DESC
LIMIT 0,$maximum";
} else { } else {
if (api_get_course_setting('allow_user_edit_announcement')) { if (api_get_course_setting('allow_user_edit_announcement')) {
$cond_user_id = " AND (ip.lastedit_user_id = '".api_get_user_id()."' OR ip.to_group_id='0') "; $cond_user_id = " AND (
ip.lastedit_user_id = '".api_get_user_id()."' OR ip.to_group_id='0' OR ip.to_group_id IS NULL
) ";
} else { } else {
$cond_user_id = " AND ip.to_group_id='0' "; $cond_user_id = " AND ip.to_group_id='0' ";
} }
// the user is not identiefied => show only the general announcements // the user is not identiefied => show only the general announcements
$sql="SELECT $sql = "SELECT
announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id
FROM $tbl_announcement announcement, $tbl_item_property ip FROM $tbl_announcement announcement, $tbl_item_property ip
WHERE announcement.id = ip.ref WHERE announcement.id = ip.ref
AND ip.tool='announcement' AND ip.tool='announcement'
AND ip.visibility='1' AND ip.visibility='1'
AND ip.to_group_id='0' AND ip.to_group_id='0'
$announcement_id $announcement_id
$condition_session $condition_session
GROUP BY ip.ref GROUP BY ip.ref
ORDER BY display_order DESC ORDER BY display_order DESC
LIMIT 0,$maximum"; LIMIT 0,$maximum";
} }
} }

5
tests/main/inc/course_document.lib.test.php
Unescape View File

@ -32,9 +32,4 @@ class Testcdocu extends UnitTestCase{
$this->assertTrue(is_bool($res)); $this->assertTrue(is_bool($res));
$this->assertTrue($res === true || $res === false); $this->assertTrue($res === true || $res === false);
} }
} }
?>

Write Preview
Loading…
Cancel
Save