chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Format code, add docs, fix PHP warnings.

Browse Source
1.10.x
Julio Montoya 10 years ago
parent 65ee1ebf4d
commit ec07e3cb0c
27 changed files with 583 additions and 481 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 22
      main/dashboard/index.php
  2. 113
      main/dropbox/dropbox_class.inc.php
  3. 65
      main/dropbox/dropbox_functions.inc.php
  4. 38
      main/dropbox/dropbox_init.inc.php
  5. 50
      main/dropbox/dropbox_submit.php
  6. 10
      main/dropbox/index.php
  7. 11
      main/dropbox/recover_dropbox_files.php
  8. 5
      main/forum/download.php
  9. 13
      main/forum/editpost.php
  10. 2
      main/forum/forumfunction.inc.php
  11. 1
      main/inc/lib/TeacherTimeReport.php
  12. 61
      main/inc/lib/dashboard.lib.php
  13. 1
      main/inc/lib/internationalization.lib.php
  14. 7
      main/inc/lib/legal.lib.php
  15. 2
      main/inc/lib/link.lib.php
  16. 119
      main/inc/lib/message.lib.php
  17. 212
      main/inc/lib/myspace.lib.php
  18. 16
      main/inc/lib/nanogong.lib.php
  19. 7
      main/inc/lib/online.inc.php
  20. 17
      main/inc/lib/security.lib.php
  21. 2
      main/inc/lib/skill.lib.php
  22. 66
      main/inc/lib/statistics.lib.php
  23. 46
      main/inc/lib/sub_language.class.php
  24. 9
      main/inc/lib/system_announcements.lib.php
  25. 11
      main/inc/lib/thematic.lib.php
  26. 133
      main/inc/lib/tracking.lib.php
  27. 25
      main/inc/lib/usergroup.lib.php

22
main/dashboard/index.php
Unescape View File

@ -41,15 +41,15 @@ if (isset($_GET['path'])) {
// distpacher actions to controller // distpacher actions to controller
switch ($action) { switch ($action) {
case 'listing': case 'listing':
$dashboard_controller->display(); $dashboard_controller->display();
break; break;
case 'store_user_block': case 'store_user_block':
$dashboard_controller->store_user_block(); $dashboard_controller->store_user_block();
break; break;
case 'disable_block': case 'disable_block':
$dashboard_controller->close_user_block($path); $dashboard_controller->close_user_block($path);
break; break;
default : default :
$dashboard_controller->display(); $dashboard_controller->display();
} }

113
main/dropbox/dropbox_class.inc.php
Unescape View File

@ -92,7 +92,6 @@ class Dropbox_Work
*/ */
public function _createNewWork($uploader_id, $title, $description, $author, $filename, $filesize) public function _createNewWork($uploader_id, $title, $description, $author, $filename, $filesize)
{ {
$_user = api_get_user_info();
$dropbox_cnf = getDropboxConf(); $dropbox_cnf = getDropboxConf();
// Fill in the properties // Fill in the properties
@ -184,51 +183,51 @@ class Dropbox_Work
$action = isset($_GET['action']) ? $_GET['action'] : null; $action = isset($_GET['action']) ? $_GET['action'] : null;
// Do some sanity checks // Do some sanity checks
$id = intval($id); $id = intval($id);
// Get the data from DB // Get the data from DB
$sql = "SELECT uploader_id, filename, filesize, title, description, author, upload_date, last_upload_date, cat_id $sql = "SELECT uploader_id, filename, filesize, title, description, author, upload_date, last_upload_date, cat_id
FROM ".$dropbox_cnf['tbl_file']." FROM ".$dropbox_cnf['tbl_file']."
WHERE c_id = $course_id AND id = ".intval($id).""; WHERE c_id = $course_id AND id = ".$id."";
$result = Database::query($sql); $result = Database::query($sql);
$res = Database::fetch_array($result, 'ASSOC'); $res = Database::fetch_array($result, 'ASSOC');
// Check if uploader is still in Chamilo system // Check if uploader is still in Chamilo system
$uploader_id = stripslashes($res['uploader_id']); $uploader_id = stripslashes($res['uploader_id']);
$uploaderName = getUserNameFromId($uploader_id); $uploaderName = getUserNameFromId($uploader_id);
if (!$uploaderName) { if (!$uploaderName) {
//deleted user //deleted user
$this->uploader_id = -1; $this->uploader_id = -1;
$this->uploaderName = get_lang('Unknown', ''); $this->uploaderName = get_lang('Unknown', '');
} else { } else {
$this->uploader_id = $uploader_id; $this->uploader_id = $uploader_id;
$this->uploaderName = $uploaderName; $this->uploaderName = $uploaderName;
} }
// Fill in properties // Fill in properties
$this->id = $id; $this->id = $id;
$this->filename = stripslashes($res['filename']); $this->filename = stripslashes($res['filename']);
$this->filesize = stripslashes($res['filesize']); $this->filesize = stripslashes($res['filesize']);
$this->title = stripslashes($res['title']); $this->title = stripslashes($res['title']);
$this->description = stripslashes($res['description']); $this->description = stripslashes($res['description']);
$this->author = stripslashes($res['author']); $this->author = stripslashes($res['author']);
$this->upload_date = stripslashes($res['upload_date']); $this->upload_date = stripslashes($res['upload_date']);
$this->last_upload_date = stripslashes($res['last_upload_date']); $this->last_upload_date = stripslashes($res['last_upload_date']);
$this->category = $res['cat_id']; $this->category = $res['cat_id'];
// Getting the feedback on the work. // Getting the feedback on the work.
if ($action == 'viewfeedback' AND $this->id == $_GET['id']) { if ($action == 'viewfeedback' AND $this->id == $_GET['id']) {
$feedback2 = array(); $feedback2 = array();
$sql_feedback = "SELECT * FROM ".$dropbox_cnf['tbl_feedback']." $sql_feedback = "SELECT * FROM ".$dropbox_cnf['tbl_feedback']."
WHERE c_id = $course_id AND file_id='".$id."' ORDER BY feedback_id ASC"; WHERE c_id = $course_id AND file_id='".$id."' ORDER BY feedback_id ASC";
$result = Database::query($sql_feedback); $result = Database::query($sql_feedback);
while ($row_feedback = Database::fetch_array($result)) { while ($row_feedback = Database::fetch_array($result)) {
$row_feedback['feedback'] = Security::remove_XSS($row_feedback['feedback']); $row_feedback['feedback'] = Security::remove_XSS($row_feedback['feedback']);
$feedback2[] = $row_feedback; $feedback2[] = $row_feedback;
} }
$this->feedback2= $feedback2; $this->feedback2= $feedback2;
} }
} }
} }
@ -275,7 +274,14 @@ class Dropbox_SentWork extends Dropbox_Work
$_course = api_get_course_info(); $_course = api_get_course_info();
// Call constructor of Dropbox_Work object // Call constructor of Dropbox_Work object
$this->Dropbox_Work($uploader_id, $title, $description, $author, $filename, $filesize); $this->Dropbox_Work(
$uploader_id,
$title,
$description,
$author,
$filename,
$filesize
);
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
@ -416,11 +422,11 @@ class Dropbox_Person
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
// Fill in properties // Fill in properties
$this->userId = $userId; $this->userId = $userId;
$this->isCourseAdmin = $isCourseAdmin; $this->isCourseAdmin = $isCourseAdmin;
$this->isCourseTutor = $isCourseTutor; $this->isCourseTutor = $isCourseTutor;
$this->receivedWork = array(); $this->receivedWork = array();
$this->sentWork = array(); $this->sentWork = array();
// Note: perhaps include an ex coursemember check to delete old files // Note: perhaps include an ex coursemember check to delete old files
@ -585,11 +591,14 @@ class Dropbox_Person
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
$id = intval($id); $id = intval($id);
$sql = "DELETE FROM ".$dropbox_cnf['tbl_file']." WHERE c_id = $course_id AND cat_id = '".$id."' "; $sql = "DELETE FROM ".$dropbox_cnf['tbl_file']."
WHERE c_id = $course_id AND cat_id = '".$id."' ";
if (!Database::query($sql)) return false; if (!Database::query($sql)) return false;
$sql = "DELETE FROM ".$dropbox_cnf['tbl_category']." WHERE c_id = $course_id AND cat_id = '".$id."' "; $sql = "DELETE FROM ".$dropbox_cnf['tbl_category']."
WHERE c_id = $course_id AND cat_id = '".$id."' ";
if (!Database::query($sql)) return false; if (!Database::query($sql)) return false;
$sql = "DELETE FROM ".$dropbox_cnf['tbl_post']." WHERE c_id = $course_id AND cat_id = '".$id."' "; $sql = "DELETE FROM ".$dropbox_cnf['tbl_post']."
WHERE c_id = $course_id AND cat_id = '".$id."' ";
if (!Database::query($sql)) return false; if (!Database::query($sql)) return false;
return true; return true;
} }

65
main/dropbox/dropbox_functions.inc.php
Unescape View File

@ -115,7 +115,8 @@ function getDropboxConf()
/** /**
* This function deletes a dropbox category * This function deletes a dropbox category
* *
* @todo give the user the possibility what needs to be done with the files in this category: move them to the root, download them as a zip, delete them * @todo give the user the possibility what needs to be done with the files
* in this category: move them to the root, download them as a zip, delete them
* *
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
* @version march 2006 * @version march 2006
@ -156,11 +157,13 @@ function delete_category($action, $id, $user_id = null)
} }
// step 1: delete the category // step 1: delete the category
$sql = "DELETE FROM ".$dropbox_cnf['tbl_category']." WHERE c_id = $course_id AND cat_id='".intval($id)."' AND $sentreceived='1'"; $sql = "DELETE FROM ".$dropbox_cnf['tbl_category']."
WHERE c_id = $course_id AND cat_id='".intval($id)."' AND $sentreceived='1'";
Database::query($sql); Database::query($sql);
// step 2: delete all the documents in this category // step 2: delete all the documents in this category
$sql = "SELECT * FROM ".$entries_table." WHERE c_id = $course_id AND cat_id='".intval($id)."'"; $sql = "SELECT * FROM ".$entries_table."
WHERE c_id = $course_id AND cat_id='".intval($id)."'";
$result = Database::query($sql); $result = Database::query($sql);
while($row = Database::fetch_array($result)) { while($row = Database::fetch_array($result)) {
@ -172,6 +175,7 @@ function delete_category($action, $id, $user_id = null)
$dropboxfile->deleteSentWork($row[$id_field]); $dropboxfile->deleteSentWork($row[$id_field]);
} }
} }
return $return_message; return $return_message;
} }
@ -241,6 +245,7 @@ function store_move($id, $target, $part)
} else { } else {
$return_message = get_lang('NotMovedError'); $return_message = get_lang('NotMovedError');
} }
return $return_message; return $return_message;
} }
@ -291,6 +296,7 @@ function display_file_checkbox($id, $part) {
$checked = 'checked'; $checked = 'checked';
} }
$return_value = '<input type="checkbox" name="'.Security::remove_XSS($part).'_'.Security::remove_XSS($id).'" value="'.Security::remove_XSS($id).'" '.$checked.' />'; $return_value = '<input type="checkbox" name="'.Security::remove_XSS($part).'_'.Security::remove_XSS($id).'" value="'.Security::remove_XSS($id).'" '.$checked.' />';
return $return_value; return $return_value;
} }
@ -314,7 +320,8 @@ function get_dropbox_categories($filter = '')
$session_id = api_get_session_id(); $session_id = api_get_session_id();
$condition_session = api_get_session_condition($session_id); $condition_session = api_get_session_condition($session_id);
$sql = "SELECT * FROM ".$dropbox_cnf['tbl_category']." WHERE c_id = $course_id AND user_id='".$_user['user_id']."' $condition_session"; $sql = "SELECT * FROM ".$dropbox_cnf['tbl_category']."
WHERE c_id = $course_id AND user_id='".$_user['user_id']."' $condition_session";
$result = Database::query($sql); $result = Database::query($sql);
while ($row = Database::fetch_array($result)) { while ($row = Database::fetch_array($result)) {
@ -336,7 +343,8 @@ function get_dropbox_category($id)
$dropbox_cnf = getDropboxConf(); $dropbox_cnf = getDropboxConf();
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
if (empty($id) or $id != intval($id)) { return array(); } if (empty($id) or $id != intval($id)) { return array(); }
$sql = "SELECT * FROM ".$dropbox_cnf['tbl_category']." WHERE c_id = $course_id AND cat_id='".$id."'"; $sql = "SELECT * FROM ".$dropbox_cnf['tbl_category']."
WHERE c_id = $course_id AND cat_id='".$id."'";
$res = Database::query($sql); $res = Database::query($sql);
if ($res === false) { if ($res === false) {
return array(); return array();
@ -524,7 +532,11 @@ function display_add_form($dropbox_unid, $viewReceivedCategory, $viewSentCategor
$origin = isset($_GET['origin']) ? $_GET['origin'] : null; $origin = isset($_GET['origin']) ? $_GET['origin'] : null;
$token = Security::get_token(); $token = Security::get_token();
$dropbox_person = new Dropbox_Person(api_get_user_id(), $is_courseAdmin, $is_courseTutor); $dropbox_person = new Dropbox_Person(
api_get_user_id(),
$is_courseAdmin,
$is_courseTutor
);
$form = new FormValidator( $form = new FormValidator(
'sent_form', 'sent_form',
@ -695,6 +707,7 @@ function getLoginFromId($id)
$result = Database::query($sql); $result = Database::query($sql);
$res = Database::fetch_array($result); $res = Database::fetch_array($result);
if (!$res) return false; if (!$res) return false;
return stripslashes($res['username']); return stripslashes($res['username']);
} }
@ -707,6 +720,7 @@ function isCourseMember($user_id)
$_course = api_get_course_info(); $_course = api_get_course_info();
$course_code = $_course['code']; $course_code = $_course['code'];
$is_course_member = CourseManager::is_user_subscribed_in_course($user_id, $course_code, true); $is_course_member = CourseManager::is_user_subscribed_in_course($user_id, $course_code, true);
return $is_course_member; return $is_course_member;
} }
@ -729,9 +743,11 @@ function removeUnusedFiles()
$result = Database::query($sql); $result = Database::query($sql);
while ($res = Database::fetch_array($result)) { while ($res = Database::fetch_array($result)) {
//delete the selected files from the post and file tables //delete the selected files from the post and file tables
$sql = "DELETE FROM " . dropbox_cnf('tbl_post') . " WHERE c_id = $course_id AND file_id = '" . $res['id'] . "'"; $sql = "DELETE FROM " . dropbox_cnf('tbl_post') . "
WHERE c_id = $course_id AND file_id = '" . $res['id'] . "'";
Database::query($sql); Database::query($sql);
$sql = "DELETE FROM " . dropbox_cnf('tbl_file') . " WHERE c_id = $course_id AND id ='" . $res['id'] . "'"; $sql = "DELETE FROM " . dropbox_cnf('tbl_file') . "
WHERE c_id = $course_id AND id ='" . $res['id'] . "'";
Database::query($sql); Database::query($sql);
//delete file from server //delete file from server
@unlink( dropbox_cnf('sysPath') . '/' . $res['filename']); @unlink( dropbox_cnf('sysPath') . '/' . $res['filename']);
@ -758,7 +774,8 @@ function getUserOwningThisMailing($mailingPseudoId, $owner = 0, $or_die = '')
$mailingPseudoId = intval($mailingPseudoId); $mailingPseudoId = intval($mailingPseudoId);
$sql = "SELECT f.uploader_id $sql = "SELECT f.uploader_id
FROM " . $dropbox_cnf['tbl_file'] . " f FROM " . $dropbox_cnf['tbl_file'] . " f
LEFT JOIN " . $dropbox_cnf['tbl_post'] . " p ON (f.id = p.file_id AND f.c_id = $course_id AND p.c_id = $course_id) LEFT JOIN " . $dropbox_cnf['tbl_post'] . " p
ON (f.id = p.file_id AND f.c_id = $course_id AND p.c_id = $course_id)
WHERE WHERE
p.dest_user_id = '" . $mailingPseudoId . "' AND p.dest_user_id = '" . $mailingPseudoId . "' AND
p.c_id = $course_id p.c_id = $course_id
@ -855,7 +872,8 @@ function store_add_dropbox()
} }
// we are doing a just upload but an additional recipient is selected. // we are doing a just upload but an additional recipient is selected.
// note: why can't this be valid? It is like sending a document to yourself AND to a different person (I do this quite often with my e-mails) // note: why can't this be valid? It is like sending a document to
// yourself AND to a different person (I do this quite often with my e-mails)
if ($thisIsJustUpload && (count($_POST['recipients']) != 1)) { if ($thisIsJustUpload && (count($_POST['recipients']) != 1)) {
return get_lang('MailingJustUploadSelectNoOther'); return get_lang('MailingJustUploadSelectNoOther');
} }
@ -881,7 +899,8 @@ function store_add_dropbox()
// check if the filesize does not exceed the allowed size. // check if the filesize does not exceed the allowed size.
if ($dropbox_filesize <= 0 || $dropbox_filesize > $dropbox_cnf['maxFilesize']) { if ($dropbox_filesize <= 0 || $dropbox_filesize > $dropbox_cnf['maxFilesize']) {
return get_lang('DropboxFileTooBig'); // TODO: The "too big" message does not fit in the case of uploading zero-sized file. return get_lang('DropboxFileTooBig');
// TODO: The "too big" message does not fit in the case of uploading zero-sized file.
} }
// check if the file is actually uploaded // check if the file is actually uploaded
@ -914,7 +933,8 @@ function store_add_dropbox()
$_POST['authors'] = getUserNameFromId($_user['user_id']); $_POST['authors'] = getUserNameFromId($_user['user_id']);
} }
// note: I think we could better migrate everything from here on to separate functions: store_new_dropbox, store_new_mailing, store_just_upload // note: I think we could better migrate everything from here on to
// separate functions: store_new_dropbox, store_new_mailing, store_just_upload
if ($dropbox_overwrite) { if ($dropbox_overwrite) {
$dropbox_person = new Dropbox_Person($_user['user_id'], api_is_course_admin(), api_is_course_tutor()); $dropbox_person = new Dropbox_Person($_user['user_id'], api_is_course_admin(), api_is_course_tutor());
@ -995,7 +1015,15 @@ function store_add_dropbox()
} }
} }
new Dropbox_SentWork($_user['user_id'], $dropbox_title, $_POST['description'], strip_tags($_POST['authors']), $dropbox_filename, $dropbox_filesize, $new_work_recipients); new Dropbox_SentWork(
$_user['user_id'],
$dropbox_title,
$_POST['description'],
strip_tags($_POST['authors']),
$dropbox_filename,
$dropbox_filesize,
$new_work_recipients
);
Security::clear_token(); Security::clear_token();
return get_lang('FileUploadSucces'); return get_lang('FileUploadSucces');
@ -1059,7 +1087,8 @@ function feedback_form()
return $return; return $return;
} }
function user_can_download_file($id, $user_id) { function user_can_download_file($id, $user_id)
{
$dropbox_cnf = getDropboxConf(); $dropbox_cnf = getDropboxConf();
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
$id = intval($id); $id = intval($id);
@ -1080,7 +1109,8 @@ function user_can_download_file($id, $user_id) {
// we now check if the other users have not delete this document yet. // we now check if the other users have not delete this document yet.
// If this is the case then it is useless to see the // If this is the case then it is useless to see the
// add feedback since the other users will never get to see the feedback. // add feedback since the other users will never get to see the feedback.
function check_if_file_exist($id) { function check_if_file_exist($id)
{
$dropbox_cnf = getDropboxConf(); $dropbox_cnf = getDropboxConf();
$id = intval($id); $id = intval($id);
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
@ -1096,8 +1126,6 @@ function check_if_file_exist($id) {
return $number_users_who_see_file > 0 || $count > 0; return $number_users_who_see_file > 0 || $count > 0;
} }
/** /**
* @return a language string (depending on the success or failure. * @return a language string (depending on the success or failure.
* *
@ -1276,7 +1304,8 @@ function generate_html_overview($files, $dont_show_columns = array(), $make_link
function get_total_number_feedback($file_id = '') { function get_total_number_feedback($file_id = '') {
$dropbox_cnf = getDropboxConf(); $dropbox_cnf = getDropboxConf();
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
$sql = "SELECT COUNT(feedback_id) AS total, file_id FROM ".$dropbox_cnf['tbl_feedback']." $sql = "SELECT COUNT(feedback_id) AS total, file_id
FROM ".$dropbox_cnf['tbl_feedback']."
WHERE c_id = $course_id GROUP BY file_id"; WHERE c_id = $course_id GROUP BY file_id";
$result = Database::query($sql); $result = Database::query($sql);
$return = array(); $return = array();

38
main/dropbox/dropbox_init.inc.php
Unescape View File

@ -1,7 +1,6 @@
<?php <?php
/* For licensing terms, see /license.txt */ /* For licensing terms, see /license.txt */
/** /**
* @desc The dropbox is a personal (peer to peer) file exchange module that allows * @desc The dropbox is a personal (peer to peer) file exchange module that allows
* you to send documents to a certain (group of) users. * you to send documents to a certain (group of) users.
@ -154,9 +153,18 @@ if (api_is_excluded_user_type()) {
} }
if (empty($session_id)) { if (empty($session_id)) {
$is_course_member = CourseManager::is_user_subscribed_in_course($user_id, $course_code, false); $is_course_member = CourseManager::is_user_subscribed_in_course(
$user_id,
$course_code,
false
);
} else { } else {
$is_course_member = CourseManager::is_user_subscribed_in_course($user_id, $course_code, true, $session_id); $is_course_member = CourseManager::is_user_subscribed_in_course(
$user_id,
$course_code,
true,
$session_id
);
} }
/* Object Initialisation */ /* Object Initialisation */
@ -166,11 +174,14 @@ if (empty($session_id)) {
// @todo consider moving the javascripts in a function that displays the javascripts // @todo consider moving the javascripts in a function that displays the javascripts
// only when it is needed. // only when it is needed.
if ($action == 'add') { if ($action == 'add') {
$dropbox_person = new Dropbox_Person($_user['user_id'], $is_courseAdmin, $is_courseTutor); $dropbox_person = new Dropbox_Person(
$_user['user_id'],
$is_courseAdmin,
$is_courseTutor
);
} }
/* Create javascript and htmlHeaders */ /* Create javascript and htmlHeaders */
$javascript = "<script type=\"text/javascript\"> $javascript = "<script type=\"text/javascript\">
function confirmsend () function confirmsend ()
{ {
@ -204,13 +215,12 @@ $javascript = "<script type=\"text/javascript\">
return true; return true;
} }
} }
"; ";
if (dropbox_cnf('allowOverwrite')) { if (dropbox_cnf('allowOverwrite')) {
//sentArray keeps list of all files still available in the sent files list //sentArray keeps list of all files still available in the sent files list
//of the user. //of the user.
//This is used to show or hide the overwrite file-radio button of the upload form //This is used to show or hide the overwrite file-radio button of the upload form
$javascript .= " $javascript .= "
var sentArray = new Array("; var sentArray = new Array(";
if (isset($dropbox_person)) { if (isset($dropbox_person)) {
@ -287,12 +297,12 @@ $htmlHeadXtra[] = '<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="-1">'; <meta http-equiv="expires" content="-1">';
$checked_files = false; $checked_files = false;
if (!$view OR $view == 'received') { if (!$view || $view == 'received') {
$part = 'received'; $part = 'received';
} elseif ($view = 'sent') { } elseif ($view = 'sent') {
$part = 'sent'; $part = 'sent';
} else { } else {
header ('location: index.php?view='.$view.'&error=Error'); header('location: index.php?view='.$view.'&error=Error');
} }
if (($postAction == 'download_received' || $postAction == 'download_sent') and !$_POST['store_feedback']) { if (($postAction == 'download_received' || $postAction == 'download_sent') and !$_POST['store_feedback']) {
@ -311,11 +321,11 @@ if (($postAction == 'download_received' || $postAction == 'download_sent') and !
*/ */
if ((!$is_allowed_in_course || !$is_course_member) && !api_is_allowed_to_edit(null, true)) { if ((!$is_allowed_in_course || !$is_course_member) && !api_is_allowed_to_edit(null, true)) {
if ($origin != 'learnpath') { if ($origin != 'learnpath') {
api_not_allowed(true);//print headers/footers api_not_allowed(true);//print headers/footers
} else { } else {
api_not_allowed(); api_not_allowed();
} }
exit(); exit();
} }

50
main/dropbox/dropbox_submit.php
Unescape View File

@ -141,32 +141,32 @@ if (isset($_POST['submitWork'])) {
php_flag zlib.output_compression off") or die(get_lang('ErrorCreatingDir').' (code 406)'); php_flag zlib.output_compression off") or die(get_lang('ErrorCreatingDir').' (code 406)');
} }
if ($error) { if ($error) {
} elseif ($thisIsAMailing) { } elseif ($thisIsAMailing) {
if (preg_match(dropbox_cnf('mailingZipRegexp'), $dropbox_title)) { if (preg_match(dropbox_cnf('mailingZipRegexp'), $dropbox_title)) {
$newWorkRecipients = dropbox_cnf('mailingIdBase'); $newWorkRecipients = dropbox_cnf('mailingIdBase');
} else { } else {
$error = true; $error = true;
$errormsg = $dropbox_title . ': ' . get_lang('MailingWrongZipfile'); $errormsg = $dropbox_title . ': ' . get_lang('MailingWrongZipfile');
} }
} elseif ($thisIsJustUpload) { } elseif ($thisIsJustUpload) {
$newWorkRecipients = array(); $newWorkRecipients = array();
} else { } else {
// Creating the array that contains all the users who will receive the file // Creating the array that contains all the users who will receive the file
$newWorkRecipients = array(); $newWorkRecipients = array();
foreach ($_POST['recipients'] as $rec) { foreach ($_POST['recipients'] as $rec) {
if (strpos($rec, 'user_') === 0) { if (strpos($rec, 'user_') === 0) {
$newWorkRecipients[] = substr($rec, strlen('user_')); $newWorkRecipients[] = substr($rec, strlen('user_'));
} elseif (strpos($rec, 'group_') === 0) { } elseif (strpos($rec, 'group_') === 0) {
$userList = GroupManager::get_subscribed_users(substr($rec, strlen('group_'))); $userList = GroupManager::get_subscribed_users(substr($rec, strlen('group_')));
foreach ($userList as $usr) { foreach ($userList as $usr) {
if (!in_array($usr['user_id'], $newWorkRecipients) && $usr['user_id'] != $_user['user_id']) { if (!in_array($usr['user_id'], $newWorkRecipients) && $usr['user_id'] != $_user['user_id']) {
$newWorkRecipients[] = $usr['user_id']; $newWorkRecipients[] = $usr['user_id'];
} }
} }
} }
} }
} }
// After uploading the file, create the db entries // After uploading the file, create the db entries

10
main/dropbox/index.php
Unescape View File

@ -285,15 +285,15 @@ if ($action != 'add') {
?> ?>
<ul class="nav nav-tabs"> <ul class="nav nav-tabs">
<li <?php if (!$view || $view == 'sent') { echo 'class="active"'; } ?> > <li <?php if (!$view || $view == 'sent') { echo 'class="active"'; } ?> >
<a href="index.php?<?php echo api_get_cidreq(); ?>&view=sent" ><?php echo get_lang('SentFiles'); ?></a></li> <a href="index.php?<?php echo api_get_cidreq(); ?>&view=sent" ><?php echo get_lang('SentFiles'); ?></a>
</li>
<li <?php if ($view == 'received') { echo 'class="active"'; } ?> > <li <?php if ($view == 'received') { echo 'class="active"'; } ?> >
<a href="index.php?<?php echo api_get_cidreq(); ?>&view=received" ><?php echo get_lang('ReceivedFiles'); ?></a></li> <a href="index.php?<?php echo api_get_cidreq(); ?>&view=received" ><?php echo get_lang('ReceivedFiles'); ?></a>
</li>
</ul> </ul>
<?php <?php
} }
/* RECEIVED FILES */
/* RECEIVED FILES */
if ($view == 'received' || !$dropbox_cnf['sent_received_tabs']) { if ($view == 'received' || !$dropbox_cnf['sent_received_tabs']) {
// This is for the categories // This is for the categories
if (isset($viewReceivedCategory) AND $viewReceivedCategory != '') { if (isset($viewReceivedCategory) AND $viewReceivedCategory != '') {

11
main/dropbox/recover_dropbox_files.php
Unescape View File

@ -28,7 +28,8 @@ if (isset($_GET['recover_id']) && !empty($_GET['recover_id'])) {
} }
} }
$sql = "SELECT * FROM $file_tbl WHERE c_id = $course_id AND session_id = $session_id"; $sql = "SELECT * FROM $file_tbl
WHERE c_id = $course_id AND session_id = $session_id";
$result = Database::query($sql); $result = Database::query($sql);
if (Database::num_rows($result)) { if (Database::num_rows($result)) {
@ -36,13 +37,17 @@ if (Database::num_rows($result)) {
$rows = array(); $rows = array();
foreach ($files as $file) { foreach ($files as $file) {
//Check if I have this file: //Check if I have this file:
$sql = "SELECT * FROM $person_tbl WHERE c_id = $course_id AND user_id = $user_id AND file_id = {$file['id']}"; $sql = "SELECT * FROM $person_tbl
WHERE c_id = $course_id AND user_id = $user_id AND file_id = {$file['id']}";
$result_person = Database::query($sql); $result_person = Database::query($sql);
if (Database::num_rows($result_person) == 0 ) { if (Database::num_rows($result_person) == 0 ) {
$rows[] = array( $rows[] = array(
$file['filename'], $file['filename'],
api_convert_and_format_date($file['upload_date']), api_convert_and_format_date($file['upload_date']),
Display::url(get_lang('Recover'), api_get_self().'?recover_id='.$file['id'], array('class' => 'btn btn-default')) Display::url(
get_lang('Recover'), api_get_self().'?recover_id='.$file['id'],
array('class' => 'btn btn-default')
)
); );
} }
} }

5
main/forum/download.php
Unescape View File

@ -12,7 +12,7 @@
session_cache_limiter('public'); session_cache_limiter('public');
require_once '../inc/global.inc.php'; require_once '../inc/global.inc.php';
$this_section=SECTION_COURSES; $this_section = SECTION_COURSES;
require_once 'forumconfig.inc.php'; require_once 'forumconfig.inc.php';
@ -48,10 +48,11 @@ if (is_dir($full_file_name)) {
$document_explorer = api_get_path(WEB_COURSE_PATH).api_get_course_path(); $document_explorer = api_get_path(WEB_COURSE_PATH).api_get_course_path();
//redirect //redirect
header('Location: '.$document_explorer); header('Location: '.$document_explorer);
exit;
} }
$tbl_forum_attachment = Database::get_course_table(TABLE_FORUM_ATTACHMENT); $tbl_forum_attachment = Database::get_course_table(TABLE_FORUM_ATTACHMENT);
$tbl_forum_post = Database::get_course_table(TABLE_FORUM_POST); $tbl_forum_post = Database::get_course_table(TABLE_FORUM_POST);
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
$courseInfo = api_get_course_info_by_id($course_id); $courseInfo = api_get_course_info_by_id($course_id);

13
main/forum/editpost.php
Unescape View File

@ -70,8 +70,8 @@ if (!empty($gradebook) && $gradebook == 'view') {
if ($origin == 'group') { if ($origin == 'group') {
$_clean['toolgroup'] = (int) $_SESSION['toolgroup']; $_clean['toolgroup'] = (int) $_SESSION['toolgroup'];
$group_properties = GroupManager :: get_group_properties($_clean['toolgroup']); $group_properties = GroupManager::get_group_properties($_clean['toolgroup']);
$interbreadcrumb[] = array('url' => '../group/group.php', 'name' => get_lang('Groups')); $interbreadcrumb[] = array('url' => '../group/group.php?'.api_get_cidreq(), 'name' => get_lang('Groups'));
$interbreadcrumb[] = array('url' => '../group/group_space.php?gidReq='.$_SESSION['toolgroup'], 'name' => get_lang('GroupSpace').' '.$group_properties['name']); $interbreadcrumb[] = array('url' => '../group/group_space.php?gidReq='.$_SESSION['toolgroup'], 'name' => get_lang('GroupSpace').' '.$group_properties['name']);
$interbreadcrumb[] = array('url' => 'viewforum.php?origin='.$origin.'&gidReq='.$_SESSION['toolgroup'].'&forum='.Security::remove_XSS($_GET['forum']), 'name' => prepare4display($current_forum['forum_title'])); $interbreadcrumb[] = array('url' => 'viewforum.php?origin='.$origin.'&gidReq='.$_SESSION['toolgroup'].'&forum='.Security::remove_XSS($_GET['forum']), 'name' => prepare4display($current_forum['forum_title']));
$interbreadcrumb[] = array('url' => 'javascript: void (0);', 'name' => get_lang('EditPost')); $interbreadcrumb[] = array('url' => 'javascript: void (0);', 'name' => get_lang('EditPost'));
@ -178,11 +178,14 @@ if ($origin != 'learnpath') {
echo '<div class="actions">'; echo '<div class="actions">';
echo '<span style="float:right;">'.search_link().'</span>'; echo '<span style="float:right;">'.search_link().'</span>';
if ($origin == 'group') { if ($origin == 'group') {
echo '<a href="../group/group_space.php?'.api_get_cidreq().'">'.Display::return_icon('back.png', get_lang('BackTo').' '.get_lang('Groups'), '', ICON_SIZE_MEDIUM).'</a>'; echo '<a href="../group/group_space.php?'.api_get_cidreq().'">'.
Display::return_icon('back.png', get_lang('BackTo').' '.get_lang('Groups'), '', ICON_SIZE_MEDIUM).'</a>';
} else { } else {
echo '<a href="index.php?'.api_get_cidreq().'">'.Display::return_icon('back.png', get_lang('BackToForumOverview'), '', ICON_SIZE_MEDIUM).'</a>'; echo '<a href="index.php?'.api_get_cidreq().'">'.
Display::return_icon('back.png', get_lang('BackToForumOverview'), '', ICON_SIZE_MEDIUM).'</a>';
} }
echo '<a href="viewforum.php?forum='.Security::remove_XSS($_GET['forum']).'&gidReq='.Security::remove_XSS($_GET['gidReq']).'&origin='.$origin.'">'.Display::return_icon('forum.png', get_lang('BackToForum'), '', ICON_SIZE_MEDIUM).'</a>'; echo '<a href="viewforum.php?forum='.Security::remove_XSS($_GET['forum']).'&gidReq='.Security::remove_XSS($_GET['gidReq']).'&origin='.$origin.'">'.
Display::return_icon('forum.png', get_lang('BackToForum'), '', ICON_SIZE_MEDIUM).'</a>';
echo '</div>'; echo '</div>';
} }

2
main/forum/forumfunction.inc.php
Unescape View File

@ -208,7 +208,7 @@ function show_add_forumcategory_form($inputvalues = array(), $lp_id)
$form->addElement('hidden', 'lp_id', $lp_id); $form->addElement('hidden', 'lp_id', $lp_id);
// Setting the form elements. // Setting the form elements.
$form->addElement('header', '', get_lang('AddForumCategory')); $form->addElement('header', get_lang('AddForumCategory'));
$form->addElement('text', 'forum_category_title', get_lang('Title'), array('autofocus')); $form->addElement('text', 'forum_category_title', get_lang('Title'), array('autofocus'));
$form->addElement( $form->addElement(
'html_editor', 'html_editor',

1
main/inc/lib/TeacherTimeReport.php
Unescape View File

@ -100,5 +100,4 @@ class TeacherTimeReport
return $dataToExport; return $dataToExport;
} }
} }

61
main/inc/lib/dashboard.lib.php
Unescape View File

@ -8,19 +8,19 @@
*/ */
class DashboardManager class DashboardManager
{ {
/** /**
* Constructor * Constructor
*/ */
public function __construct() public function __construct()
{ {
} }
/** /**
* This function allows easy activating and inactivating of dashboard plugins * This function allows easy activating and inactivating of dashboard plugins
* @return void * @return void
*/ */
public static function handle_dashboard_plugins() public static function handle_dashboard_plugins()
{ {
$token = Security::get_existing_token(); $token = Security::get_existing_token();
$tokenCondition = '&amp;sec_token='.$token; $tokenCondition = '&amp;sec_token='.$token;
@ -107,7 +107,8 @@ class DashboardManager
/** /**
* display checkboxes for dashboard plugin list * display checkboxes for dashboard plugin list
* @param string plugin path * @param string $plugin_path
*
* @return void * @return void
*/ */
public static function display_dashboard_plugin_checkboxes($plugin_path) { public static function display_dashboard_plugin_checkboxes($plugin_path) {
@ -182,7 +183,7 @@ class DashboardManager
} }
// update extra user blocks data // update extra user blocks data
$upd_extra_field = self::store_user_blocks($user_id, $user_blocks_id, $columns); self::store_user_blocks($user_id, $user_blocks_id, $columns);
} }
// clean from block data // clean from block data
@ -239,9 +240,7 @@ class DashboardManager
$result = Database::query($ins); $result = Database::query($ins);
$affected_rows = Database::affected_rows($result); $affected_rows = Database::affected_rows($result);
} }
} }
} }
return $affected_rows; return $affected_rows;
@ -251,8 +250,8 @@ class DashboardManager
* Get all plugins path inside dashboard directory * Get all plugins path inside dashboard directory
* @return array name plugins directories * @return array name plugins directories
*/ */
public static function getPossibleDashboardPluginsPath() { public static function getPossibleDashboardPluginsPath()
{
// get all plugins path inside plugin directory // get all plugins path inside plugin directory
/* We scan the plugin directory. Each folder is a potential plugin. */ /* We scan the plugin directory. Each folder is a potential plugin. */
$possiblePlugins = array(); $possiblePlugins = array();
@ -264,6 +263,7 @@ class DashboardManager
} }
} }
@closedir($handle); @closedir($handle);
return $possiblePlugins; return $possiblePlugins;
} }
@ -271,8 +271,8 @@ class DashboardManager
* Get all blocks data without plugin directory * Get all blocks data without plugin directory
* @return array Block data * @return array Block data
*/ */
public static function get_block_data_without_plugin() { public static function get_block_data_without_plugin()
{
$tbl_block = Database :: get_main_table(TABLE_MAIN_BLOCK); $tbl_block = Database :: get_main_table(TABLE_MAIN_BLOCK);
$possibleplugins = self::getPossibleDashboardPluginsPath(); $possibleplugins = self::getPossibleDashboardPluginsPath();
@ -288,7 +288,8 @@ class DashboardManager
$active = 1; $active = 1;
} }
// update active // update active
$upd = "UPDATE $tbl_block SET active = '$active' WHERE path = '".$row['path']."'"; $upd = "UPDATE $tbl_block SET active = '$active'
WHERE path = '".$row['path']."'";
Database::query($upd); Database::query($upd);
} }
} }
@ -302,6 +303,7 @@ class DashboardManager
$block_data[] = $row_block; $block_data[] = $row_block;
} }
} }
return $block_data; return $block_data;
} }
@ -409,7 +411,6 @@ class DashboardManager
} }
} }
/** /**
* display checkboxes for user dashboard list * display checkboxes for user dashboard list
* @param int User id * @param int User id
@ -451,7 +452,12 @@ class DashboardManager
foreach ($selected_blocks_id as $block_id) { foreach ($selected_blocks_id as $block_id) {
$fvalue[] = $block_id.':'.$columns[$block_id]; $fvalue[] = $block_id.':'.$columns[$block_id];
} }
$upd_extra_field = UserManager::update_extra_field_value($user_id, $fname, $fvalue); $upd_extra_field = UserManager::update_extra_field_value(
$user_id,
$fname,
$fvalue
);
return $upd_extra_field; return $upd_extra_field;
} }
@ -461,8 +467,8 @@ class DashboardManager
* @param int User id * @param int User id
* @return array data (block_id,column) * @return array data (block_id,column)
*/ */
public static function get_user_block_data($user_id) { public static function get_user_block_data($user_id)
{
$user_id = intval($user_id); $user_id = intval($user_id);
$field_variable = 'dashboard'; $field_variable = 'dashboard';
$extra_user_data = UserManager::get_extra_user_data_by_field($user_id, $field_variable); $extra_user_data = UserManager::get_extra_user_data_by_field($user_id, $field_variable);
@ -476,6 +482,7 @@ class DashboardManager
$data[$block_id] = array('block_id' => $block_id, 'column' => $column); $data[$block_id] = array('block_id' => $block_id, 'column' => $column);
} }
} }
return $data; return $data;
} }
@ -485,8 +492,8 @@ class DashboardManager
* @param string plugin path * @param string plugin path
* @return bool * @return bool
*/ */
public static function close_user_block($user_id, $path) { public static function close_user_block($user_id, $path)
{
$enabled_dashboard_blocks = self::get_enabled_dashboard_blocks($path); $enabled_dashboard_blocks = self::get_enabled_dashboard_blocks($path);
$user_block_data = self::get_user_block_data($user_id); $user_block_data = self::get_user_block_data($user_id);

1
main/inc/lib/internationalization.lib.php
Unescape View File

@ -72,6 +72,7 @@ define('LANGUAGE_DETECT_MAX_DELTA', 140000);
* @param string $variable This is the identificator (name) of the translated string to be retrieved. * @param string $variable This is the identificator (name) of the translated string to be retrieved.
* @param string $reserved This parameter has been reserved for future use. * @param string $reserved This parameter has been reserved for future use.
* @param string $language (optional) Language indentificator. If it is omited, the current interface language is assumed. * @param string $language (optional) Language indentificator. If it is omited, the current interface language is assumed.
*
* @return string Returns the requested string in the correspondent language. * @return string Returns the requested string in the correspondent language.
* *
* @author Roan Embrechts * @author Roan Embrechts

7
main/inc/lib/legal.lib.php
Unescape View File

@ -11,10 +11,9 @@ class LegalManager
/** /**
* Constructor * Constructor
*/ */
public function __construct() public function __construct()
{ {
}
}
/** /**
* Add a new Term and Condition * Add a new Term and Condition
@ -28,7 +27,7 @@ class LegalManager
{ {
$legal_table = Database::get_main_table(TABLE_MAIN_LEGAL); $legal_table = Database::get_main_table(TABLE_MAIN_LEGAL);
$last = self::get_last_condition($language); $last = self::get_last_condition($language);
$type = intval($type); $type = intval($type);
$time = time(); $time = time();
if ($last['content'] != $content) { if ($last['content'] != $content) {

2
main/inc/lib/link.lib.php
Unescape View File

@ -161,8 +161,6 @@ class Link extends Model
$session_id = api_get_session_id(); $session_id = api_get_session_id();
if ($type == 'link') { if ($type == 'link') {
$tbl_link = Database:: get_course_table(TABLE_LINK);
$title = Security:: remove_XSS(stripslashes($_POST['title'])); $title = Security:: remove_XSS(stripslashes($_POST['title']));
$urllink = Security:: remove_XSS($_POST['url']); $urllink = Security:: remove_XSS($_POST['url']);
$description = Security:: remove_XSS($_POST['description']); $description = Security:: remove_XSS($_POST['description']);

119
main/inc/lib/message.lib.php
Unescape View File

@ -103,7 +103,8 @@ class MessageManager
$condition_msg_status = ' msg_status IN('.MESSAGE_STATUS_NEW.','.MESSAGE_STATUS_UNREAD.') '; $condition_msg_status = ' msg_status IN('.MESSAGE_STATUS_NEW.','.MESSAGE_STATUS_UNREAD.') ';
} }
$sql = "SELECT COUNT(*) as number_messages FROM $table_message $sql = "SELECT COUNT(*) as number_messages
FROM $table_message
WHERE $condition_msg_status AND user_receiver_id=".api_get_user_id(); WHERE $condition_msg_status AND user_receiver_id=".api_get_user_id();
$sql_result = Database::query($sql); $sql_result = Database::query($sql);
$result = Database::fetch_array($sql_result); $result = Database::fetch_array($sql_result);
@ -682,8 +683,11 @@ class MessageManager
return false; return false;
} }
$table_message = Database::get_main_table(TABLE_MESSAGE); $table_message = Database::get_main_table(TABLE_MESSAGE);
$sql = "UPDATE $table_message SET msg_status = '$type' $sql = "UPDATE $table_message SET
WHERE user_receiver_id=".intval($user_id)." AND id='".intval($message_id)."'"; msg_status = '$type'
WHERE
user_receiver_id=".intval($user_id)." AND
id='".intval($message_id)."'";
Database::query($sql); Database::query($sql);
} }
@ -716,12 +720,12 @@ class MessageManager
$table_message = Database::get_main_table(TABLE_MESSAGE); $table_message = Database::get_main_table(TABLE_MESSAGE);
$group_id = intval($group_id); $group_id = intval($group_id);
$query = "SELECT * FROM $table_message $sql = "SELECT * FROM $table_message
WHERE WHERE
group_id= $group_id AND group_id= $group_id AND
msg_status NOT IN ('".MESSAGE_STATUS_OUTBOX."', '".MESSAGE_STATUS_DELETED."') msg_status NOT IN ('".MESSAGE_STATUS_OUTBOX."', '".MESSAGE_STATUS_DELETED."')
ORDER BY id"; ORDER BY id";
$rs = Database::query($query); $rs = Database::query($sql);
$data = array(); $data = array();
if (Database::num_rows($rs) > 0) { if (Database::num_rows($rs) > 0) {
while ($row = Database::fetch_array($rs, 'ASSOC')) { while ($row = Database::fetch_array($rs, 'ASSOC')) {
@ -743,13 +747,13 @@ class MessageManager
return false; return false;
$table_message = Database::get_main_table(TABLE_MESSAGE); $table_message = Database::get_main_table(TABLE_MESSAGE);
$group_id = intval($group_id); $group_id = intval($group_id);
$query = "SELECT * FROM $table_message $sql = "SELECT * FROM $table_message
WHERE WHERE
group_id = $group_id AND group_id = $group_id AND
msg_status NOT IN ('".MESSAGE_STATUS_OUTBOX."', '".MESSAGE_STATUS_DELETED."') msg_status NOT IN ('".MESSAGE_STATUS_OUTBOX."', '".MESSAGE_STATUS_DELETED."')
ORDER BY id "; ORDER BY id ";
$rs = Database::query($query); $rs = Database::query($sql);
$data = array(); $data = array();
$parents = array(); $parents = array();
if (Database::num_rows($rs) > 0) { if (Database::num_rows($rs) > 0) {
@ -792,16 +796,17 @@ class MessageManager
$condition_limit = " LIMIT $offset,$limit "; $condition_limit = " LIMIT $offset,$limit ";
} }
$query = "SELECT * FROM $table_message $sql = "SELECT * FROM $table_message
WHERE parent_id='$parent_id' AND msg_status <> ".MESSAGE_STATUS_OUTBOX." $condition_group_id WHERE parent_id='$parent_id' AND msg_status <> ".MESSAGE_STATUS_OUTBOX." $condition_group_id
ORDER BY send_date DESC $condition_limit "; ORDER BY send_date DESC $condition_limit ";
$rs = Database::query($query); $rs = Database::query($sql);
$data = array(); $data = array();
if (Database::num_rows($rs) > 0) { if (Database::num_rows($rs) > 0) {
while ($row = Database::fetch_array($rs)) { while ($row = Database::fetch_array($rs)) {
$data[$row['id']] = $row; $data[$row['id']] = $row;
} }
} }
return $data; return $data;
} }
@ -1031,72 +1036,6 @@ class MessageManager
return $message_content; return $message_content;
} }
/**
* display message box sent showing it into outbox
* @return void
*/
public static function show_message_box_sent()
{
$table_message = Database::get_main_table(TABLE_MESSAGE);
$message_id = '';
if (is_numeric($_GET['id_send'])) {
$query = "SELECT * FROM $table_message
WHERE
user_sender_id=".api_get_user_id()." AND
id=".intval($_GET['id_send'])." AND
msg_status = 4;";
$result = Database::query($query);
$message_id = intval($_GET['id_send']);
}
$path = 'outbox.php';
// get file attachments by message id
$files_attachments = self::get_links_message_attachment_files($message_id, 'outbox');
$row = Database::fetch_array($result);
$user_con = self::users_connected_by_id();
$band = 0;
$reply = '';
for ($i = 0; $i < count($user_con); $i++)
if ($row[1] == $user_con[$i])
$band = 1;
echo '<div class=actions>';
echo '<a onclick="close_and_open_outbox()" href="javascript:void(0)">'.Display::return_icon('folder_up.gif', api_xml_http_response_encode(get_lang('BackToOutbox'))).api_xml_http_response_encode(get_lang('BackToOutbox')).'</a>';
echo '<a onclick="delete_one_message_outbox('.$row[0].')" href="javascript:void(0)" >'.Display::return_icon('delete.png', api_xml_http_response_encode(get_lang('DeleteMessage'))).api_xml_http_response_encode(get_lang('DeleteMessage')).'</a>';
echo '</div><br />';
echo '
<table class="message_view_table" >
<TR>
<TD width=10>&nbsp; </TD>
<TD vAlign=top width="100%">
<TABLE>
<TR>
<TD width="100%">
<TR> <h1>'.str_replace("\\", "", api_xml_http_response_encode($row[5])).'</h1></TR>
</TD>
<TR>
<TD>'.api_xml_http_response_encode(get_lang('From').'&nbsp;<b>'.GetFullUserName($row[1]).'</b> '.api_strtolower(get_lang('To')).'&nbsp; <b>'.GetFullUserName($row[2])).'</b> </TD>
</TR>
<TR>
<TD >'.api_xml_http_response_encode(get_lang('Date').'&nbsp; '.$row[4]).'</TD>
</TR>
</TR>
</TABLE>
<br />
<TABLE height="209px" width="100%" bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top>'.str_replace("\\", "", api_xml_http_response_encode($row[6])).'</TD>
</TR>
</TBODY>
</TABLE>
<div id="message-attach">'.(!empty($files_attachments) ? implode('<br />', $files_attachments) : '').'</div>
<DIV class=HT style="PADDING-BOTTOM: 5px"> </DIV></TD>
<TD width=10>&nbsp;</TD>
</TR>
</TABLE>';
}
/** /**
* get user id by user email * get user id by user email
* @param string $user_email * @param string $user_email
@ -1754,14 +1693,15 @@ class MessageManager
$messages = array(); $messages = array();
$sql = "SELECT m.*, u.user_id, u.lastname, u.firstname " $sql = "SELECT m.*, u.user_id, u.lastname, u.firstname
. "FROM $messagesTable as m " FROM $messagesTable as m
. "INNER JOIN $userTable as u " INNER JOIN $userTable as u
. "ON m.user_sender_id = u.user_id " ON m.user_sender_id = u.user_id
. "WHERE m.user_receiver_id = $userId " WHERE
. "AND m.msg_status = " . MESSAGE_STATUS_UNREAD . " " m.user_receiver_id = $userId AND
. "AND m.id > $lastId " m.msg_status = " . MESSAGE_STATUS_UNREAD . "
. "ORDER BY m.send_date DESC"; AND m.id > $lastId
ORDER BY m.send_date DESC";
$result = Database::query($sql); $result = Database::query($sql);
@ -1805,5 +1745,4 @@ class MessageManager
return false; return false;
} }
} }

212
main/inc/lib/myspace.lib.php
Unescape View File

@ -102,10 +102,12 @@ class MySpace
$courseId = intval($courseId); $courseId = intval($courseId);
$session_id = intval($session_id); $session_id = intval($session_id);
$sql = 'SELECT login_course_date, logout_course_date FROM ' . $tbl_track_course . ' $sql = 'SELECT login_course_date, logout_course_date
WHERE user_id = '.$user_id.' AND FROM ' . $tbl_track_course . '
c_id = '.$courseId.' AND WHERE
session_id = '.$session_id.' user_id = '.$user_id.' AND
c_id = '.$courseId.' AND
session_id = '.$session_id.'
ORDER BY login_course_date ASC'; ORDER BY login_course_date ASC';
$rs = Database::query($sql); $rs = Database::query($sql);
$connections = array(); $connections = array();
@ -115,6 +117,7 @@ class MySpace
$timestamp_logout_date = api_strtotime($row['logout_course_date'], 'UTC'); $timestamp_logout_date = api_strtotime($row['logout_course_date'], 'UTC');
$connections[] = array('login' => $timestamp_login_date, 'logout' => $timestamp_logout_date); $connections[] = array('login' => $timestamp_login_date, 'logout' => $timestamp_logout_date);
} }
return $connections; return $connections;
} }
@ -312,7 +315,12 @@ class MySpace
} else { } else {
$order = array(0 => 'lastname', 1 => 'firstname', 2 => ($sort_by_first_name ? 'firstname' : 'lastname'), 3 => 'login_date', 4 => ($sort_by_first_name ? 'firstname' : 'lastname'), 5 => ($sort_by_first_name ? 'firstname' : 'lastname')); $order = array(0 => 'lastname', 1 => 'firstname', 2 => ($sort_by_first_name ? 'firstname' : 'lastname'), 3 => 'login_date', 4 => ($sort_by_first_name ? 'firstname' : 'lastname'), 5 => ($sort_by_first_name ? 'firstname' : 'lastname'));
} }
$table = new SortableTable('tracking_list_coaches_myspace', array('MySpace', 'count_coaches'), null, ($is_western_name_order xor $sort_by_first_name) ? 1 : 0); $table = new SortableTable(
'tracking_list_coaches_myspace',
array('MySpace', 'count_coaches'),
null,
($is_western_name_order xor $sort_by_first_name) ? 1 : 0
);
$parameters['view'] = 'admin'; $parameters['view'] = 'admin';
$table->set_additional_parameters($parameters); $table->set_additional_parameters($parameters);
if ($is_western_name_order) { if ($is_western_name_order) {
@ -532,8 +540,7 @@ class MySpace
$lessons = LearnpathList::get_course_lessons($course['code'], $sessionId); $lessons = LearnpathList::get_course_lessons($course['code'], $sessionId);
//create columns array //create columns array
foreach ($lessons as $lesson_id => $lesson) foreach ($lessons as $lesson_id => $lesson) {
{
$columns[] = $lesson['name']; $columns[] = $lesson['name'];
} }
@ -543,17 +550,43 @@ class MySpace
* Column config * Column config
*/ */
$column_model = array( $column_model = array(
array('name'=>'username', 'index'=>'username', 'align'=>'left', 'search' => 'true', 'wrap_cell' => "true"), array(
array('name'=>'firstname', 'index'=>'firstname', 'align'=>'left', 'search' => 'true'), 'name' => 'username',
array('name'=>'lastname', 'index'=>'lastname', 'align'=>'left', 'search' => 'true'), 'index' => 'username',
'align' => 'left',
'search' => 'true',
'wrap_cell' => "true",
),
array(
'name' => 'firstname',
'index' => 'firstname',
'align' => 'left',
'search' => 'true',
),
array(
'name' => 'lastname',
'index' => 'lastname',
'align' => 'left',
'search' => 'true',
),
); );
//get dinamic column names
foreach ($lessons as $lesson_id => $lesson) // Get dinamic column names
{ foreach ($lessons as $lesson_id => $lesson) {
$column_model[] = array('name'=> $lesson['id'], 'index'=>$lesson['id'], 'align'=>'left', 'search' => 'true'); $column_model[] = array(
'name' => $lesson['id'],
'index' => $lesson['id'],
'align' => 'left',
'search' => 'true',
);
} }
$column_model[] = array('name'=>'total', 'index'=>'total', 'align'=>'left', 'search' => 'true'); $column_model[] = array(
'name' => 'total',
'index' => 'total',
'align' => 'left',
'search' => 'true',
);
$action_links = ''; $action_links = '';
// jqgrid will use this URL to do the selects // jqgrid will use this URL to do the selects
@ -568,7 +601,16 @@ class MySpace
//height auto //height auto
$extra_params['height'] = 'auto'; $extra_params['height'] = 'auto';
$table = Display::grid_js($tableId, $url, $columns, $column_model, $extra_params, array(), $action_links, true); $table = Display::grid_js(
$tableId,
$url,
$columns,
$column_model,
$extra_params,
array(),
$action_links,
true
);
$return = '<script>$(function() {'. $table . $return = '<script>$(function() {'. $table .
'jQuery("#'.$tableId.'").jqGrid("navGrid","#'.$tableId.'_pager",{view:false, edit:false, add:false, del:false, search:false, excel:true}); 'jQuery("#'.$tableId.'").jqGrid("navGrid","#'.$tableId.'_pager",{view:false, edit:false, add:false, del:false, search:false, excel:true});
@ -757,10 +799,10 @@ class MySpace
// jqgrid will use this URL to do the selects // jqgrid will use this URL to do the selects
$url = api_get_path(WEB_AJAX_PATH) . 'model.ajax.php?a=get_exercise_grade&session_id=' . $sessionId . '&course_id=' . $courseId; $url = api_get_path(WEB_AJAX_PATH) . 'model.ajax.php?a=get_exercise_grade&session_id=' . $sessionId . '&course_id=' . $courseId;
//Autowidth // Autowidth
$extra_params['autowidth'] = 'true'; $extra_params['autowidth'] = 'true';
//height auto // height auto
$extra_params['height'] = 'auto'; $extra_params['height'] = 'auto';
$tableId = 'exerciseGradeOverview'; $tableId = 'exerciseGradeOverview';
@ -826,16 +868,25 @@ class MySpace
// jqgrid will use this URL to do the selects // jqgrid will use this URL to do the selects
$url = api_get_path(WEB_AJAX_PATH).'model.ajax.php?a=get_survey_overview&session_id=' . $sessionId . '&course_id=' . $courseId . '&survey_id=' . $surveyId . '&date_to=' . $date_to . '&date_from=' . $date_from; $url = api_get_path(WEB_AJAX_PATH).'model.ajax.php?a=get_survey_overview&session_id=' . $sessionId . '&course_id=' . $courseId . '&survey_id=' . $surveyId . '&date_to=' . $date_to . '&date_from=' . $date_from;
//Table Id // Table Id
$tableId = 'lpProgress'; $tableId = 'lpProgress';
//Autowidth //Autowidth
$extra_params['autowidth'] = 'true'; $extra_params['autowidth'] = 'true';
//height auto // height auto
$extra_params['height'] = 'auto'; $extra_params['height'] = 'auto';
$table = Display::grid_js($tableId, $url, $columns, $column_model, $extra_params, array(), $action_links, true); $table = Display::grid_js(
$tableId,
$url,
$columns,
$column_model,
$extra_params,
array(),
$action_links,
true
);
$return = '<script>$(function() {'. $table . $return = '<script>$(function() {'. $table .
'jQuery("#'.$tableId.'").jqGrid("navGrid","#'.$tableId.'_pager",{view:false, edit:false, add:false, del:false, search:false, excel:true}); 'jQuery("#'.$tableId.'").jqGrid("navGrid","#'.$tableId.'_pager",{view:false, edit:false, add:false, del:false, search:false, excel:true});
@ -961,52 +1012,58 @@ class MySpace
//Autowidth //Autowidth
$extra_params['autowidth'] = 'true'; $extra_params['autowidth'] = 'true';
$extra_params['shrinkToFit'] = 'true'; $extra_params['shrinkToFit'] = 'true';
$extra_params['headertitles'] = 'true'; $extra_params['headertitles'] = 'true';
$extra_params['groupHeaders'] = array( $extra_params['groupHeaders'] = array(
'courses_detail' => array( 'courses_detail' => array(
"startColumnName" => 'courses', "startColumnName" => 'courses',
"numberOfColumns" => 7, "numberOfColumns" => 7,
"titleText" => get_lang('Global'), "titleText" => get_lang('Global'),
), ),
'lessons' => array( 'lessons' => array(
"startColumnName" => 'lessons_total', "startColumnName" => 'lessons_total',
"numberOfColumns" => 4, "numberOfColumns" => 4,
"titleText" => get_lang('LearningPaths'), "titleText" => get_lang('LearningPaths'),
), ),
'exercises' => array( 'exercises' => array(
"startColumnName" => 'exercises_total', "startColumnName" => 'exercises_total',
"numberOfColumns" => 4, "numberOfColumns" => 4,
"titleText" => get_lang('Exercises'), "titleText" => get_lang('Exercises'),
), ),
'forums' => array( 'forums' => array(
"startColumnName" => 'forums_total', "startColumnName" => 'forums_total',
"numberOfColumns" => 4, "numberOfColumns" => 4,
"titleText" => get_lang('Forums'), "titleText" => get_lang('Forums'),
), ),
'assignments' => array( 'assignments' => array(
"startColumnName" => 'assigments_total', "startColumnName" => 'assigments_total',
"numberOfColumns" => 4, "numberOfColumns" => 4,
"titleText" => get_lang('Assignments'), "titleText" => get_lang('Assignments'),
), ),
'wikis' => array( 'wikis' => array(
"startColumnName" => 'wiki_total', "startColumnName" => 'wiki_total',
"numberOfColumns" => 5, "numberOfColumns" => 5,
"titleText" => get_lang('Wiki'), "titleText" => get_lang('Wiki'),
), ),
'surveys' => array( 'surveys' => array(
"startColumnName" => 'surveys_total', "startColumnName" => 'surveys_total',
"numberOfColumns" => 4, "numberOfColumns" => 4,
"titleText" => get_lang('Survey'), "titleText" => get_lang('Survey'),
), ),
); );
//height auto //height auto
$extra_params['height'] = 'auto'; $extra_params['height'] = 'auto';
$table = Display::grid_js($tableId, $url, $columns, $column_model, $extra_params, array(), $action_links, true); $table = Display::grid_js(
$tableId,
$url,
$columns,
$column_model,
$extra_params,
array(),
$action_links,
true
);
$return = '<script>$(function() {'. $table . $return = '<script>$(function() {'. $table .
'jQuery("#'.$tableId.'").jqGrid("navGrid","#'.$tableId.'_pager",{view:false, edit:false, add:false, del:false, search:false, excel:true}); 'jQuery("#'.$tableId.'").jqGrid("navGrid","#'.$tableId.'_pager",{view:false, edit:false, add:false, del:false, search:false, excel:true});
@ -1091,13 +1148,18 @@ class MySpace
*/ */
public static function display_user_overview_export_options() public static function display_user_overview_export_options()
{ {
$message = '';
// include the user manager and formvalidator library // include the user manager and formvalidator library
if (isset($_GET['export']) && $_GET['export'] == 'options') { if (isset($_GET['export']) && $_GET['export'] == 'options') {
// get all the defined extra fields // get all the defined extra fields
$extrafields = UserManager::get_extra_fields(0, 50, 5, 'ASC', false, 1); $extrafields = UserManager::get_extra_fields(0, 50, 5, 'ASC', false, 1);
// creating the form with all the defined extra fields // creating the form with all the defined extra fields
$form = new FormValidator('exportextrafields', 'post', api_get_self()."?view=".Security::remove_XSS($_GET['view']).'&display='.Security::remove_XSS($_GET['display']).'&export='.Security::remove_XSS($_GET['export'])); $form = new FormValidator(
'exportextrafields',
'post',
api_get_self()."?view=".Security::remove_XSS($_GET['view']).'&display='.Security::remove_XSS($_GET['display']).'&export='.Security::remove_XSS($_GET['export'])
);
if (is_array($extrafields) && count($extrafields) > 0) { if (is_array($extrafields) && count($extrafields) > 0) {
foreach ($extrafields as $key => $extra) { foreach ($extrafields as $key => $extra) {
@ -1144,7 +1206,6 @@ class MySpace
} else { } else {
Display::display_confirmation_message(get_lang('NoAdditionalFieldsWillBeExported'), false); Display::display_confirmation_message(get_lang('NoAdditionalFieldsWillBeExported'), false);
} }
$message = '';
} else { } else {
$form->display(); $form->display();
} }
@ -1159,7 +1220,6 @@ class MySpace
} }
Display::display_normal_message(get_lang('FollowingFieldsWillAlsoBeExported').': <br /><ul>'.$message.'</ul>', false); Display::display_normal_message(get_lang('FollowingFieldsWillAlsoBeExported').': <br /><ul>'.$message.'</ul>', false);
$message = '';
} }
} }
} }
@ -1167,9 +1227,8 @@ class MySpace
/** /**
* Display a sortable table that contains an overview of all the reporting progress of all courses * Display a sortable table that contains an overview of all the reporting progress of all courses
*/ */
public static function display_tracking_course_overview() { public static function display_tracking_course_overview()
//MySpace::display_user_overview_export_options(); {
$t_head = ' <table style="width: 100%;border:0;padding:0;border-collapse:collapse;table-layout: fixed">'; $t_head = ' <table style="width: 100%;border:0;padding:0;border-collapse:collapse;table-layout: fixed">';
//$t_head .= ' <caption>'.get_lang('CourseInformation').'</caption>'; //$t_head .= ' <caption>'.get_lang('CourseInformation').'</caption>';
$t_head .= '<tr>'; $t_head .= '<tr>';
@ -1208,6 +1267,7 @@ class MySpace
{ {
// database table definition // database table definition
$main_course_table = Database :: get_main_table(TABLE_MAIN_COURSE); $main_course_table = Database :: get_main_table(TABLE_MAIN_COURSE);
return Database::count_rows($main_course_table); return Database::count_rows($main_course_table);
} }
@ -1503,8 +1563,6 @@ class MySpace
*/ */
public static function display_tracking_session_overview() public static function display_tracking_session_overview()
{ {
//MySpace::display_user_overview_export_options();
$t_head = ' <table style="width: 100%;border:0;padding:0;border-collapse:collapse;table-layout: fixed">'; $t_head = ' <table style="width: 100%;border:0;padding:0;border-collapse:collapse;table-layout: fixed">';
//$t_head .= ' <caption>'.get_lang('CourseInformation').'</caption>'; //$t_head .= ' <caption>'.get_lang('CourseInformation').'</caption>';
$t_head .= '<tr>'; $t_head .= '<tr>';
@ -1558,22 +1616,8 @@ class MySpace
*/ */
public static function get_session_data_tracking_overview($from, $number_of_items, $column, $direction) public static function get_session_data_tracking_overview($from, $number_of_items, $column, $direction)
{ {
//global $_configuration;
// database table definition
//$access_url_id = api_get_current_access_url_id();
//$tbl_url_rel_user = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$main_session_table = Database :: get_main_table(TABLE_MAIN_SESSION); $main_session_table = Database :: get_main_table(TABLE_MAIN_SESSION);
/*if ($_configuration['multiple_access_urls']) {
$condition_multi_url = ", $tbl_url_rel_user as url_user WHERE user.user_id=url_user.user_id AND access_url_id='$access_url_id'";
}
global $export_csv;
if ($export_csv) {
$is_western_name_order = api_is_western_name_order(PERSON_NAME_DATA_EXPORT);
} else {
$is_western_name_order = api_is_western_name_order();
}*/
$sql = "SELECT id AS col0, name AS col1 FROM $main_session_table"; $sql = "SELECT id AS col0, name AS col1 FROM $main_session_table";
$sql .= " ORDER BY col$column $direction "; $sql .= " ORDER BY col$column $direction ";
$sql .= " LIMIT $from,$number_of_items"; $sql .= " LIMIT $from,$number_of_items";
@ -2246,10 +2290,10 @@ class MySpace
lastname AS col1, lastname AS col1,
firstname AS col2, firstname AS col2,
"). ").
"username AS col3, "username AS col3,
user.user_id AS col4 user.user_id AS col4
FROM FROM
$main_user_table as user $condition_multi_url $main_user_table as user $condition_multi_url
"; ";
$sql .= " ORDER BY col$column $direction "; $sql .= " ORDER BY col$column $direction ";
$sql .= " LIMIT $from,$number_of_items"; $sql .= " LIMIT $from,$number_of_items";
@ -2288,8 +2332,6 @@ class MySpace
*/ */
public static function make_username($firstname, $lastname, $username, $language = null, $encoding = null) public static function make_username($firstname, $lastname, $username, $language = null, $encoding = null)
{ {
$table_user = Database::get_main_table(TABLE_MAIN_USER);
$tbl_session_rel_course_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
// if username exist // if username exist
if (!UserManager::is_username_available($username) || empty($username)) { if (!UserManager::is_username_available($username) || empty($username)) {
$i = 0; $i = 0;
@ -2299,7 +2341,12 @@ class MySpace
} else { } else {
$sufix = $i; $sufix = $i;
} }
$desired_username = UserManager::create_username($firstname, $lastname, $language, $encoding); $desired_username = UserManager::create_username(
$firstname,
$lastname,
$language,
$encoding
);
if (UserManager::is_username_available($desired_username.$sufix)) { if (UserManager::is_username_available($desired_username.$sufix)) {
break; break;
} else { } else {
@ -2434,7 +2481,6 @@ class MySpace
foreach ($users as $index => $user) { foreach ($users as $index => $user) {
// database table definition // database table definition
$table_user = Database::get_main_table(TABLE_MAIN_USER); $table_user = Database::get_main_table(TABLE_MAIN_USER);
$tbl_session_rel_course_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
$username = Database::escape_string($user['UserName']); $username = Database::escape_string($user['UserName']);
$sql = "SELECT creator_id FROM $table_user WHERE username='$username' "; $sql = "SELECT creator_id FROM $table_user WHERE username='$username' ";
@ -2456,9 +2502,9 @@ class MySpace
* Validates imported data. * Validates imported data.
* @param list of users * @param list of users
*/ */
function validate_data($users, $id_session = null) { function validate_data($users, $id_session = null)
{
$errors = array(); $errors = array();
$usernames = array();
$new_users = array(); $new_users = array();
foreach ($users as $index => $user) { foreach ($users as $index => $user) {
// 1. Check whether mandatory fields are set. // 1. Check whether mandatory fields are set.
@ -2634,9 +2680,7 @@ class MySpace
} else { } else {
$i = 0; $i = 0;
foreach ($users as $index => $user) { foreach ($users as $index => $user) {
$userInfo = api_get_user_info($user['id']); $userInfo = api_get_user_info($user['id']);
if (($user['added_at_platform'] == 1 && $user['added_at_session'] == 1) || $user['added_at_session'] == 1) { if (($user['added_at_platform'] == 1 && $user['added_at_session'] == 1) || $user['added_at_session'] == 1) {
if ($user['added_at_platform'] == 1) { if ($user['added_at_platform'] == 1) {
$addedto = get_lang('UserCreatedPlatform'); $addedto = get_lang('UserCreatedPlatform');
@ -2782,6 +2826,7 @@ function get_stats($user_id, $courseId, $start_date = null, $end_date = null)
$result = array('avg' => $foo_avg, 'total' => $foo_total, 'times' => $foo_times); $result = array('avg' => $foo_avg, 'total' => $foo_total, 'times' => $foo_times);
} }
} }
return $result; return $result;
} }
@ -2806,7 +2851,7 @@ function add_day_to($end_date) {
function get_connections_to_course_by_date($user_id, $courseId, $start_date, $end_date) function get_connections_to_course_by_date($user_id, $courseId, $start_date, $end_date)
{ {
// Database table definitions // Database table definitions
$tbl_track_course = Database :: get_main_table(TABLE_STATISTIC_TRACK_E_COURSE_ACCESS); $tbl_track_course = Database::get_main_table(TABLE_STATISTIC_TRACK_E_COURSE_ACCESS);
$course_info = api_get_course_info_by_id($courseId); $course_info = api_get_course_info_by_id($courseId);
$user_id = intval($user_id); $user_id = intval($user_id);
$courseId = intval($courseId); $courseId = intval($courseId);
@ -2817,10 +2862,10 @@ function get_connections_to_course_by_date($user_id, $courseId, $start_date, $en
$sql = "SELECT login_course_date, logout_course_date $sql = "SELECT login_course_date, logout_course_date
FROM $tbl_track_course FROM $tbl_track_course
WHERE WHERE
user_id = $user_id AND user_id = $user_id AND
c_id = $courseId AND c_id = $courseId AND
login_course_date BETWEEN '$start_date' AND '$end_date' AND login_course_date BETWEEN '$start_date' AND '$end_date' AND
logout_course_date BETWEEN '$start_date' AND '$end_date' logout_course_date BETWEEN '$start_date' AND '$end_date'
ORDER BY login_course_date ASC"; ORDER BY login_course_date ASC";
$rs = Database::query($sql); $rs = Database::query($sql);
@ -2947,7 +2992,6 @@ function grapher($sql_result, $start_date, $end_date, $type = "")
$myData->setAxisName(0, get_lang('Minutes')); $myData->setAxisName(0, get_lang('Minutes'));
$myData->loadPalette(api_get_path(SYS_CODE_PATH) . 'palettes/pchart/default.color', true); $myData->loadPalette(api_get_path(SYS_CODE_PATH) . 'palettes/pchart/default.color', true);
// Cache definition // Cache definition
$cachePath = api_get_path(SYS_ARCHIVE_PATH); $cachePath = api_get_path(SYS_ARCHIVE_PATH);
$myCache = new pCache(array('CacheFolder' => substr($cachePath, 0, strlen($cachePath) - 1))); $myCache = new pCache(array('CacheFolder' => substr($cachePath, 0, strlen($cachePath) - 1)));

16
main/inc/lib/nanogong.lib.php
Unescape View File

@ -2,13 +2,12 @@
/* For licensing terms, see /license.txt */ /* For licensing terms, see /license.txt */
/** /**
* Class Nanogong
* *
* Files are saved in the path: * Files are saved in the path:
*
* courses/XXX/exercises/(session_id)/(exercise_id)/(question_id)/(user_id)/ * courses/XXX/exercises/(session_id)/(exercise_id)/(question_id)/(user_id)/
* *
* The file name is composed with * The file name is composed with:
*
* (course_id)/(session_id)/(user_id)/(exercise_id)/(question_id)/(exe_id).wav|mp3|ogg * (course_id)/(session_id)/(user_id)/(exercise_id)/(question_id)/(exe_id).wav|mp3|ogg
* *
* *
@ -37,13 +36,10 @@ class Nanogong
*/ */
public function create_user_folder() public function create_user_folder()
{ {
//COURSE123/exercises/session_id/exercise_id/question_id/user_id //COURSE123/exercises/session_id/exercise_id/question_id/user_id
if (empty($this->store_path)) { if (empty($this->store_path)) {
return false; return false;
} }
//@todo use an array to create folders
$folders_to_create = array();
// Trying to create the courses/COURSE123/exercises/ dir just in case. // Trying to create the courses/COURSE123/exercises/ dir just in case.
$directoryPermissions = api_get_permissions_for_new_directories(); $directoryPermissions = api_get_permissions_for_new_directories();

7
main/inc/lib/online.inc.php
Unescape View File

@ -199,8 +199,10 @@ function user_is_online($user_id)
$result = Database::query($query); $result = Database::query($query);
if (Database::num_rows($result)) { if (Database::num_rows($result)) {
return true; return true;
} }
return false; return false;
} }
@ -238,8 +240,8 @@ function who_is_online($from, $number_of_items, $column = null, $direction = nul
$online_time = time() - $time_limit * 60; $online_time = time() - $time_limit * 60;
$current_date = api_get_utc_datetime($online_time); $current_date = api_get_utc_datetime($online_time);
$track_online_table = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ONLINE); $track_online_table = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ONLINE);
$friend_user_table = Database::get_main_table(TABLE_MAIN_USER_REL_USER); $friend_user_table = Database::get_main_table(TABLE_MAIN_USER_REL_USER);
$table_user = Database::get_main_table(TABLE_MAIN_USER); $table_user = Database::get_main_table(TABLE_MAIN_USER);
if ($friends) { if ($friends) {
// who friends from social network is online // who friends from social network is online
@ -464,7 +466,6 @@ function GetFullUserName($uid) {
$query = "SELECT firstname, lastname FROM ".$user_table." WHERE id=$uid"; $query = "SELECT firstname, lastname FROM ".$user_table." WHERE id=$uid";
$result = @Database::query($query); $result = @Database::query($query);
if (count($result)>0) { if (count($result)>0) {
$str = '';
while(list($firstname,$lastname)= Database::fetch_array($result)) { while(list($firstname,$lastname)= Database::fetch_array($result)) {
$str = str_replace(' ', '&nbsp;', api_get_person_name($firstname, $lastname)); $str = str_replace(' ', '&nbsp;', api_get_person_name($firstname, $lastname));
return $str; return $str;

17
main/inc/lib/security.lib.php
Unescape View File

@ -123,21 +123,25 @@ class Security
if (isset($_SESSION['sec_token']) && isset($_REQUEST['sec_token']) && $_SESSION['sec_token'] === $_REQUEST['sec_token']) { if (isset($_SESSION['sec_token']) && isset($_REQUEST['sec_token']) && $_SESSION['sec_token'] === $_REQUEST['sec_token']) {
return true; return true;
} }
return false; return false;
case 'get': case 'get':
if (isset($_SESSION['sec_token']) && isset($_GET['sec_token']) && $_SESSION['sec_token'] === $_GET['sec_token']) { if (isset($_SESSION['sec_token']) && isset($_GET['sec_token']) && $_SESSION['sec_token'] === $_GET['sec_token']) {
return true; return true;
} }
return false; return false;
case 'post': case 'post':
if (isset($_SESSION['sec_token']) && isset($_POST['sec_token']) && $_SESSION['sec_token'] === $_POST['sec_token']) { if (isset($_SESSION['sec_token']) && isset($_POST['sec_token']) && $_SESSION['sec_token'] === $_POST['sec_token']) {
return true; return true;
} }
return false; return false;
default: default:
if (isset($_SESSION['sec_token']) && isset($request_type) && $_SESSION['sec_token'] === $request_type) { if (isset($_SESSION['sec_token']) && isset($request_type) && $_SESSION['sec_token'] === $request_type) {
return true; return true;
} }
return false; return false;
} }
return false; // Just in case, don't let anything slip. return false; // Just in case, don't let anything slip.
@ -153,6 +157,7 @@ class Security
if (isset($_SESSION['sec_ua']) and $_SESSION['sec_ua'] === $_SERVER['HTTP_USER_AGENT'].$_SESSION['sec_ua_seed']) { if (isset($_SESSION['sec_ua']) and $_SESSION['sec_ua'] === $_SERVER['HTTP_USER_AGENT'].$_SESSION['sec_ua_seed']) {
return true; return true;
} }
return false; return false;
} }
@ -180,6 +185,7 @@ class Security
$token = md5(uniqid(rand(), TRUE)); $token = md5(uniqid(rand(), TRUE));
$string = '<input type="hidden" name="sec_token" value="'.$token.'" />'; $string = '<input type="hidden" name="sec_token" value="'.$token.'" />';
$_SESSION['sec_token'] = $token; $_SESSION['sec_token'] = $token;
return $string; return $string;
} }
@ -194,8 +200,9 @@ class Security
*/ */
public static function get_token() public static function get_token()
{ {
$token = md5(uniqid(rand(), TRUE)); $token = md5(uniqid(rand(), true));
$_SESSION['sec_token'] = $token; $_SESSION['sec_token'] = $token;
return $token; return $token;
} }
@ -205,8 +212,10 @@ class Security
public static function get_existing_token() public static function get_existing_token()
{ {
if (isset($_SESSION['sec_token']) && !empty($_SESSION['sec_token'])) { if (isset($_SESSION['sec_token']) && !empty($_SESSION['sec_token'])) {
return $_SESSION['sec_token']; return $_SESSION['sec_token'];
} else { } else {
return self::get_token(); return self::get_token();
} }
} }
@ -218,7 +227,7 @@ class Security
*/ */
public static function get_ua() public static function get_ua()
{ {
$_SESSION['sec_ua_seed'] = uniqid(rand(), TRUE); $_SESSION['sec_ua_seed'] = uniqid(rand(), true);
$_SESSION['sec_ua'] = $_SERVER['HTTP_USER_AGENT'].$_SESSION['sec_ua_seed']; $_SESSION['sec_ua'] = $_SERVER['HTTP_USER_AGENT'].$_SESSION['sec_ua_seed'];
} }
@ -263,6 +272,7 @@ class Security
if (!empty($option['save'])) { if (!empty($option['save'])) {
self::$clean[$name] = $result; self::$clean[$name] = $result;
} }
return $result; return $result;
} }
@ -277,7 +287,8 @@ class Security
if (isset(self::$clean[$varname])) { if (isset(self::$clean[$varname])) {
return self::$clean[$varname]; return self::$clean[$varname];
} }
return NULL;
return null;
} }
/** /**

2
main/inc/lib/skill.lib.php
Unescape View File

@ -116,7 +116,7 @@ class SkillRelProfile extends Model
public function get_skills_by_profile($profileId) public function get_skills_by_profile($profileId)
{ {
$profileId = intval($profileId); $profileId = intval($profileId);
$skills = $this->get_all(array('where' => array('profile_id = ? ' => $profileId))); $skills = $this->get_all(array('where' => array('profile_id = ? ' => $profileId)));
$return = array(); $return = array();
if (!empty($skills)) { if (!empty($skills)) {
foreach ($skills as $skill_data) { foreach ($skills as $skill_data) {

66
main/inc/lib/statistics.lib.php
Unescape View File

@ -39,13 +39,15 @@ class Statistics
$access_url_rel_course_table = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE); $access_url_rel_course_table = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$current_url_id = api_get_current_access_url_id(); $current_url_id = api_get_current_access_url_id();
if (api_is_multiple_url_enabled()) { if (api_is_multiple_url_enabled()) {
$sql = "SELECT COUNT(*) AS number FROM ".$course_table." as c, ".$access_url_rel_course_table." as u $sql = "SELECT COUNT(*) AS number
FROM ".$course_table." as c, ".$access_url_rel_course_table." as u
WHERE u.c_id = c.id AND access_url_id='".$current_url_id."'"; WHERE u.c_id = c.id AND access_url_id='".$current_url_id."'";
if (isset ($categoryCode)) { if (isset ($categoryCode)) {
$sql .= " AND category_code = '".Database::escape_string($categoryCode)."'"; $sql .= " AND category_code = '".Database::escape_string($categoryCode)."'";
} }
} else { } else {
$sql = "SELECT COUNT(*) AS number FROM ".$course_table." "; $sql = "SELECT COUNT(*) AS number
FROM ".$course_table." ";
if (isset ($categoryCode)) { if (isset ($categoryCode)) {
$sql .= " WHERE category_code = '".Database::escape_string($categoryCode)."'"; $sql .= " WHERE category_code = '".Database::escape_string($categoryCode)."'";
} }
@ -108,34 +110,35 @@ class Statistics
if (api_is_multiple_url_enabled()) { if (api_is_multiple_url_enabled()) {
$sql = "SELECT COUNT(DISTINCT(u.user_id)) AS number $sql = "SELECT COUNT(DISTINCT(u.user_id)) AS number
FROM $user_table as u, $access_url_rel_user_table as url FROM $user_table as u, $access_url_rel_user_table as url
WHERE WHERE
u.user_id = url.user_id AND u.user_id = url.user_id AND
access_url_id = '".$current_url_id."' access_url_id = '".$current_url_id."'
$status_filter $active_filter"; $status_filter $active_filter";
if (isset ($categoryCode)) { if (isset ($categoryCode)) {
$sql = "SELECT COUNT(DISTINCT(cu.user_id)) AS number $sql = "SELECT COUNT(DISTINCT(cu.user_id)) AS number
FROM $course_user_table cu, $course_table c, $access_url_rel_user_table as url FROM $course_user_table cu, $course_table c, $access_url_rel_user_table as url
WHERE WHERE
c.id = cu.c_id AND c.id = cu.c_id AND
c.category_code = '".Database::escape_string($categoryCode)."' AND c.category_code = '".Database::escape_string($categoryCode)."' AND
cu.user_id = url.user_id AND cu.user_id = url.user_id AND
access_url_id='".$current_url_id."' access_url_id='".$current_url_id."'
$status_filter $active_filter"; $status_filter $active_filter";
} }
} else { } else {
$sql = "SELECT COUNT(DISTINCT(user_id)) AS number $sql = "SELECT COUNT(DISTINCT(user_id)) AS number
FROM $user_table WHERE 1=1 $status_filter $active_filter"; FROM $user_table
WHERE 1=1 $status_filter $active_filter";
if (isset ($categoryCode)) { if (isset ($categoryCode)) {
$status_filter = isset($status)?' AND status = '.intval($status):''; $status_filter = isset($status)?' AND status = '.intval($status):'';
$sql = "SELECT COUNT(DISTINCT(cu.user_id)) AS number $sql = "SELECT COUNT(DISTINCT(cu.user_id)) AS number
FROM $course_user_table cu, $course_table c FROM $course_user_table cu, $course_table c
WHERE WHERE
c.id = cu.c_id AND c.id = cu.c_id AND
c.category_code = '".Database::escape_string($categoryCode)."' c.category_code = '".Database::escape_string($categoryCode)."'
$status_filter $status_filter
$active_filter $active_filter
"; ";
} }
} }
@ -155,13 +158,16 @@ class Statistics
$access_url_rel_session_table= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION); $access_url_rel_session_table= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION);
if (api_is_multiple_url_enabled()) { if (api_is_multiple_url_enabled()) {
$current_url_id = api_get_current_access_url_id(); $current_url_id = api_get_current_access_url_id();
$sql = "SELECT COUNT(id) AS number FROM ".$session_table." as s, ".$access_url_rel_session_table." as u $sql = "SELECT COUNT(id) AS number
FROM ".$session_table." as s, ".$access_url_rel_session_table." as u
WHERE u.session_id=s.id AND access_url_id='".$current_url_id."'"; WHERE u.session_id=s.id AND access_url_id='".$current_url_id."'";
} else { } else {
$sql = "SELECT COUNT(id) AS number FROM ".$session_table." "; $sql = "SELECT COUNT(id) AS number
FROM ".$session_table." ";
} }
$res = Database::query($sql); $res = Database::query($sql);
$obj = Database::fetch_object($res); $obj = Database::fetch_object($res);
return $obj->number; return $obj->number;
} }
@ -179,7 +185,10 @@ class Statistics
if (api_is_multiple_url_enabled()) { if (api_is_multiple_url_enabled()) {
$sql = "SELECT count(default_id) AS total_number_of_items $sql = "SELECT count(default_id) AS total_number_of_items
FROM $track_e_default, $table_user user, $access_url_rel_user_table url FROM $track_e_default, $table_user user, $access_url_rel_user_table url
WHERE default_user_id = user.user_id AND user.user_id=url.user_id AND access_url_id='".$current_url_id."'"; WHERE
default_user_id = user.user_id AND
user.user_id=url.user_id AND
access_url_id='".$current_url_id."'";
} else { } else {
$sql = "SELECT count(default_id) AS total_number_of_items $sql = "SELECT count(default_id) AS total_number_of_items
FROM $track_e_default, $table_user user FROM $track_e_default, $table_user user
@ -306,8 +315,9 @@ class Statistics
*/ */
public static function getCourseCategories() public static function getCourseCategories()
{ {
$category_table = Database :: get_main_table(TABLE_MAIN_CATEGORY); $categoryTable = Database :: get_main_table(TABLE_MAIN_CATEGORY);
$sql = "SELECT code, name FROM $category_table ORDER BY tree_pos"; $sql = "SELECT code, name FROM $categoryTable
ORDER BY tree_pos";
$res = Database::query($sql); $res = Database::query($sql);
$categories = array (); $categories = array ();
while ($category = Database::fetch_object($res)) { while ($category = Database::fetch_object($res)) {
@ -709,10 +719,10 @@ class Statistics
HAVING c_id <> '' HAVING c_id <> ''
AND DATEDIFF( '".date('Y-m-d h:i:s')."' , access_date ) <= ". $date_diff; AND DATEDIFF( '".date('Y-m-d h:i:s')."' , access_date ) <= ". $date_diff;
} }
$res = Database::query($sql);
$sql .= ' ORDER BY '.$columns[$column].' '.$sql_order[$direction]; $sql .= ' ORDER BY '.$columns[$column].' '.$sql_order[$direction];
$from = ($page_nr -1) * $per_page; $from = ($page_nr -1) * $per_page;
$sql .= ' LIMIT '.$from.','.$per_page; $sql .= ' LIMIT '.$from.','.$per_page;
echo '<p>'.get_lang('LastAccess').' &gt;= '.$date_diff.' '.get_lang('Days').'</p>'; echo '<p>'.get_lang('LastAccess').' &gt;= '.$date_diff.' '.get_lang('Days').'</p>';
$res = Database::query($sql); $res = Database::query($sql);
if (Database::num_rows($res) > 0) { if (Database::num_rows($res) > 0) {

46
main/inc/lib/sub_language.class.php
Unescape View File

@ -38,6 +38,7 @@ class SubLanguageManager
} }
} }
closedir($dh); closedir($dh);
return $content_dir; return $content_dir;
} }
} }
@ -50,14 +51,15 @@ class SubLanguageManager
*/ */
public static function get_all_information_of_sub_language($parent_id, $sub_language_id) public static function get_all_information_of_sub_language($parent_id, $sub_language_id)
{ {
$tbl_admin_languages = Database :: get_main_table(TABLE_MAIN_LANGUAGE); $table = Database :: get_main_table(TABLE_MAIN_LANGUAGE);
$sql = 'SELECT * FROM ' . $tbl_admin_languages . ' $sql = 'SELECT * FROM ' . $table . '
WHERE parent_id= ' . intval($parent_id) . ' AND id= ' . intval($sub_language_id) . ''; WHERE parent_id= ' . intval($parent_id) . ' AND id= ' . intval($sub_language_id) . '';
$rs = Database::query($sql); $rs = Database::query($sql);
$all_information = array(); $all_information = array();
while ($row = Database::fetch_array($rs, 'ASSOC')) { while ($row = Database::fetch_array($rs, 'ASSOC')) {
$all_information = $row; $all_information = $row;
} }
return $all_information; return $all_information;
} }
@ -68,8 +70,8 @@ class SubLanguageManager
*/ */
public static function get_all_information_of_language($parent_id) public static function get_all_information_of_language($parent_id)
{ {
$tbl_admin_languages = Database :: get_main_table(TABLE_MAIN_LANGUAGE); $table = Database :: get_main_table(TABLE_MAIN_LANGUAGE);
$sql = 'SELECT * FROM ' . $tbl_admin_languages . ' WHERE id = "' . intval($parent_id) . '"'; $sql = 'SELECT * FROM ' . $table . ' WHERE id = "' . intval($parent_id) . '"';
$rs = Database::query($sql); $rs = Database::query($sql);
$all_information = array(); $all_information = array();
while ($row = Database::fetch_array($rs, 'ASSOC')) { while ($row = Database::fetch_array($rs, 'ASSOC')) {
@ -116,6 +118,7 @@ class SubLanguageManager
public static function add_file_in_language_directory($system_path_file) public static function add_file_in_language_directory($system_path_file)
{ {
$return_value = @file_put_contents($system_path_file, '<?php' . PHP_EOL); $return_value = @file_put_contents($system_path_file, '<?php' . PHP_EOL);
return $return_value; return $return_value;
} }
@ -158,6 +161,7 @@ class SubLanguageManager
if (is_dir($dir)) { if (is_dir($dir)) {
return true; return true;
} //even if the dir already exists, we reach the objective of having the directory there } //even if the dir already exists, we reach the objective of having the directory there
return @mkdir($dir, api_get_permissions_for_new_directories()); return @mkdir($dir, api_get_permissions_for_new_directories());
} }
@ -172,8 +176,8 @@ class SubLanguageManager
if (empty($parent_id) or (intval($parent_id) != $parent_id) or empty($sub_language_id) or (intval($sub_language_id) != $sub_language_id)) { if (empty($parent_id) or (intval($parent_id) != $parent_id) or empty($sub_language_id) or (intval($sub_language_id) != $sub_language_id)) {
return false; return false;
} }
$tbl_admin_languages = Database :: get_main_table(TABLE_MAIN_LANGUAGE); $table = Database :: get_main_table(TABLE_MAIN_LANGUAGE);
$sql = 'SELECT dokeos_folder FROM ' . $tbl_admin_languages . ' $sql = 'SELECT dokeos_folder FROM ' . $table . '
WHERE parent_id = ' . $parent_id . ' and id = ' . $sub_language_id; WHERE parent_id = ' . $parent_id . ' and id = ' . $sub_language_id;
$res = Database::query($sql); $res = Database::query($sql);
if ($res === false or Database::num_rows($res) < 1) { if ($res === false or Database::num_rows($res) < 1) {
@ -184,7 +188,7 @@ class SubLanguageManager
if ($res === false) { if ($res === false) {
return false; return false;
} //can't delete dir, so do not delete language record } //can't delete dir, so do not delete language record
$sql = 'DELETE FROM ' . $tbl_admin_languages . ' $sql = 'DELETE FROM ' . $table . '
WHERE id= ' . intval($sub_language_id) . ' '; WHERE id= ' . intval($sub_language_id) . ' ';
$res = Database::query($sql); $res = Database::query($sql);
@ -225,9 +229,9 @@ class SubLanguageManager
*/ */
public static function check_if_exist_language_by_id($language_id) public static function check_if_exist_language_by_id($language_id)
{ {
$tbl_admin_languages = Database :: get_main_table(TABLE_MAIN_LANGUAGE); $table = Database :: get_main_table(TABLE_MAIN_LANGUAGE);
$sql = 'SELECT count(*) as count $sql = 'SELECT count(*) as count
FROM ' . $tbl_admin_languages . ' FROM ' . $table . '
WHERE id="' . intval($language_id) . '"'; WHERE id="' . intval($language_id) . '"';
$rs = Database::query($sql); $rs = Database::query($sql);
if (Database::num_rows($rs) > 0) { if (Database::num_rows($rs) > 0) {
@ -248,9 +252,9 @@ class SubLanguageManager
*/ */
public static function get_name_of_language_by_id($language_id) public static function get_name_of_language_by_id($language_id)
{ {
$tbl_admin_languages = Database :: get_main_table(TABLE_MAIN_LANGUAGE); $table = Database :: get_main_table(TABLE_MAIN_LANGUAGE);
$sql = 'SELECT original_name $sql = 'SELECT original_name
FROM ' . $tbl_admin_languages . ' FROM ' . $table . '
WHERE id= ' . intval($language_id) . ''; WHERE id= ' . intval($language_id) . '';
$rs = Database::query($sql); $rs = Database::query($sql);
if (Database::num_rows($rs) > 0) { if (Database::num_rows($rs) > 0) {
@ -262,13 +266,14 @@ class SubLanguageManager
/** /**
* Verified if language is sub-language * Verified if language is sub-language
* @param Integer The language id * @param int $language_id
* @return Boolean *
* @return bool
*/ */
public static function check_if_language_is_sub_language($language_id) public static function check_if_language_is_sub_language($language_id)
{ {
$tbl_admin_languages = Database :: get_main_table(TABLE_MAIN_LANGUAGE); $table = Database :: get_main_table(TABLE_MAIN_LANGUAGE);
$sql = 'SELECT count(*) AS count FROM ' . $tbl_admin_languages . ' $sql = 'SELECT count(*) AS count FROM ' . $table . '
WHERE id = ' . intval($language_id) . ' AND NOT ISNULL(parent_id)'; WHERE id = ' . intval($language_id) . ' AND NOT ISNULL(parent_id)';
$rs = Database::query($sql); $rs = Database::query($sql);
@ -286,8 +291,8 @@ class SubLanguageManager
public static function check_if_language_is_used($language_id) public static function check_if_language_is_used($language_id)
{ {
$language_info = self::get_all_information_of_language($language_id); $language_info = self::get_all_information_of_language($language_id);
$user_table = Database :: get_main_table(TABLE_MAIN_USER); $table = Database :: get_main_table(TABLE_MAIN_USER);
$sql = 'SELECT count(*) AS count FROM ' . $user_table . ' $sql = 'SELECT count(*) AS count FROM ' . $table . '
WHERE language ="' . Database::escape_string($language_info['english_name']).'"'; WHERE language ="' . Database::escape_string($language_info['english_name']).'"';
$rs = Database::query($sql); $rs = Database::query($sql);
if (Database::num_rows($rs) > 0 && Database::result($rs, '0', 'count') >= 1) { if (Database::num_rows($rs) > 0 && Database::result($rs, '0', 'count') >= 1) {
@ -304,8 +309,8 @@ class SubLanguageManager
*/ */
public static function check_if_language_is_father($language_id) public static function check_if_language_is_father($language_id)
{ {
$tbl_admin_languages = Database :: get_main_table(TABLE_MAIN_LANGUAGE); $table = Database :: get_main_table(TABLE_MAIN_LANGUAGE);
$sql = 'SELECT count(*) AS count FROM ' . $tbl_admin_languages . ' $sql = 'SELECT count(*) AS count FROM ' . $table . '
WHERE parent_id= ' . intval($language_id) . ' AND NOT ISNULL(parent_id);'; WHERE parent_id= ' . intval($language_id) . ' AND NOT ISNULL(parent_id);';
$rs = Database::query($sql); $rs = Database::query($sql);
@ -327,6 +332,7 @@ class SubLanguageManager
$sql = "UPDATE $tbl_admin_languages SET available='0' $sql = "UPDATE $tbl_admin_languages SET available='0'
WHERE id = " . intval($language_id) . ""; WHERE id = " . intval($language_id) . "";
$result = Database::query($sql); $result = Database::query($sql);
return $result !== false; //only return false on sql error return $result !== false; //only return false on sql error
} }
@ -341,6 +347,7 @@ class SubLanguageManager
$sql = "UPDATE $tbl_admin_languages SET available='1' $sql = "UPDATE $tbl_admin_languages SET available='1'
WHERE id = " . intval($language_id) . ""; WHERE id = " . intval($language_id) . "";
$result = Database::query($sql); $result = Database::query($sql);
return $result !== false; //only return false on sql error return $result !== false; //only return false on sql error
} }
@ -386,6 +393,7 @@ class SubLanguageManager
return false; return false;
} }
$row = Database::fetch_array($res); $row = Database::fetch_array($res);
return $row['id']; return $row['id'];
} }

9
main/inc/lib/system_announcements.lib.php
Unescape View File

@ -6,7 +6,7 @@
*/ */
class SystemAnnouncementManager class SystemAnnouncementManager
{ {
CONST VISIBLE_GUEST = 1; CONST VISIBLE_GUEST = 1;
CONST VISIBLE_STUDENT = 2; CONST VISIBLE_STUDENT = 2;
CONST VISIBLE_TEACHER = 3; CONST VISIBLE_TEACHER = 3;
@ -235,7 +235,8 @@ class SystemAnnouncementManager
$visibility = api_is_allowed_to_create_course() ? self::VISIBLE_TEACHER : self::VISIBLE_STUDENT; $visibility = api_is_allowed_to_create_course() ? self::VISIBLE_TEACHER : self::VISIBLE_STUDENT;
$user_selected_language = api_get_interface_language(); $user_selected_language = api_get_interface_language();
$db_table = Database :: get_main_table(TABLE_MAIN_SYSTEM_ANNOUNCEMENTS); $db_table = Database :: get_main_table(TABLE_MAIN_SYSTEM_ANNOUNCEMENTS);
$sql = 'SELECT id FROM '.$db_table.' WHERE (lang="'.$user_selected_language.'" OR lang IS NULL) '; $sql = 'SELECT id FROM '.$db_table.'
WHERE (lang="'.$user_selected_language.'" OR lang IS NULL) ';
if (isset($user_id)) { if (isset($user_id)) {
switch ($visibility) { switch ($visibility) {
case self::VISIBLE_GUEST : case self::VISIBLE_GUEST :
@ -605,6 +606,7 @@ class SystemAnnouncementManager
$id = intval($id); $id = intval($id);
$sql = "SELECT * FROM ".$db_table." WHERE id = ".$id; $sql = "SELECT * FROM ".$db_table." WHERE id = ".$id;
$announcement = Database::fetch_object(Database::query($sql)); $announcement = Database::fetch_object(Database::query($sql));
return $announcement; return $announcement;
} }
@ -630,9 +632,11 @@ class SystemAnnouncementManager
$sql = "UPDATE ".$db_table." SET ".$field." = '".$visible."' $sql = "UPDATE ".$db_table." SET ".$field." = '".$visible."'
WHERE id='".$announcement_id."'"; WHERE id='".$announcement_id."'";
$res = Database::query($sql); $res = Database::query($sql);
if ($res === false) { if ($res === false) {
return false; return false;
} }
return true; return true;
} }
@ -828,5 +832,4 @@ class SystemAnnouncementManager
return $template->fetch('default/announcement/view.tpl'); return $template->fetch('default/announcement/view.tpl');
} }
} }

11
main/inc/lib/thematic.lib.php
Unescape View File

@ -51,6 +51,7 @@ class Thematic
WHERE c_id = $course_id AND active = 1 $condition_session "; WHERE c_id = $course_id AND active = 1 $condition_session ";
$res = Database::query($sql); $res = Database::query($sql);
$obj = Database::fetch_object($res); $obj = Database::fetch_object($res);
return $obj->total_number_of_items; return $obj->total_number_of_items;
} }
@ -70,7 +71,7 @@ class Thematic
$condition_session = api_get_session_condition(0); $condition_session = api_get_session_condition(0);
} }
$column = intval($column); $column = intval($column);
$from = intval($from); $from = intval($from);
$number_of_items = intval($number_of_items); $number_of_items = intval($number_of_items);
if (!in_array($direction, array('ASC','DESC'))) { if (!in_array($direction, array('ASC','DESC'))) {
@ -82,7 +83,8 @@ class Thematic
$sql = "SELECT id AS col0, title AS col1, display_order AS col2, session_id $sql = "SELECT id AS col0, title AS col1, display_order AS col2, session_id
FROM $tbl_thematic FROM $tbl_thematic
WHERE c_id = $course_id AND active = 1 $condition_session WHERE c_id = $course_id AND active = 1 $condition_session
ORDER BY col2 LIMIT $from,$number_of_items "; ORDER BY col2
LIMIT $from,$number_of_items ";
$res = Database::query($sql); $res = Database::query($sql);
$thematics = array (); $thematics = array ();
@ -165,7 +167,8 @@ class Thematic
$condition_session = ''; $condition_session = '';
} }
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
$sql = "SELECT MAX(display_order) FROM $tbl_thematic $sql = "SELECT MAX(display_order)
FROM $tbl_thematic
WHERE c_id = $course_id AND active = 1 $condition_session"; WHERE c_id = $course_id AND active = 1 $condition_session";
$rs = Database::query($sql); $rs = Database::query($sql);
$row = Database::fetch_array($rs); $row = Database::fetch_array($rs);
@ -571,6 +574,7 @@ class Thematic
} }
} }
} }
return $data; return $data;
} }
@ -1100,7 +1104,6 @@ class Thematic
$last_description_type = $row['max']; $last_description_type = $row['max'];
if (isset($last_description_type)) { if (isset($last_description_type)) {
$row = Database::fetch_array($rs);
$next_description_type = $last_description_type + 1; $next_description_type = $last_description_type + 1;
} else { } else {
$next_description_type = ADD_THEMATIC_PLAN; $next_description_type = ADD_THEMATIC_PLAN;

133
main/inc/lib/tracking.lib.php
Unescape View File

@ -773,14 +773,6 @@ class Tracking
$output .= "<tr class='$oddclass'>"; $output .= "<tr class='$oddclass'>";
} }
/*if (($is_allowed_to_edit || api_is_drh()) && isset($_GET['lp_id']) && isset($course_code)) {
$lp = new learnpath($course_code, $_GET['lp_id'], api_get_user_id());
$lp->set_course_int_id($course_id);
$item_path_url = $lp->get_link('http', $my_id, false);
$item_path_url .= "&width=600";
$title = Display::url($title, $item_path_url, array('class' => 'ajax'));
}*/
$scoreItem = null; $scoreItem = null;
if ($row['item_type'] == 'quiz') { if ($row['item_type'] == 'quiz') {
if (!$is_allowed_to_edit && $result_disabled_ext_all) { if (!$is_allowed_to_edit && $result_disabled_ext_all) {
@ -1394,14 +1386,20 @@ class Tracking
public static function get_first_connection_date($student_id) public static function get_first_connection_date($student_id)
{ {
$tbl_track_login = Database :: get_main_table(TABLE_STATISTIC_TRACK_E_LOGIN); $tbl_track_login = Database :: get_main_table(TABLE_STATISTIC_TRACK_E_LOGIN);
$sql = 'SELECT login_date FROM ' . $tbl_track_login . ' $sql = 'SELECT login_date
FROM ' . $tbl_track_login . '
WHERE login_user_id = ' . intval($student_id) . ' WHERE login_user_id = ' . intval($student_id) . '
ORDER BY login_date ASC LIMIT 0,1'; ORDER BY login_date ASC
LIMIT 0,1';
$rs = Database::query($sql); $rs = Database::query($sql);
if (Database::num_rows($rs)>0) { if (Database::num_rows($rs)>0) {
if ($first_login_date = Database::result($rs, 0, 0)) { if ($first_login_date = Database::result($rs, 0, 0)) {
return api_convert_and_format_date($first_login_date, DATE_FORMAT_SHORT, date_default_timezone_get()); return api_convert_and_format_date(
$first_login_date,
DATE_FORMAT_SHORT,
date_default_timezone_get()
);
} }
} }
@ -1419,7 +1417,8 @@ class Tracking
public static function get_last_connection_date($student_id, $warning_message = false, $return_timestamp = false) public static function get_last_connection_date($student_id, $warning_message = false, $return_timestamp = false)
{ {
$table = Database :: get_main_table(TABLE_STATISTIC_TRACK_E_LOGIN); $table = Database :: get_main_table(TABLE_STATISTIC_TRACK_E_LOGIN);
$sql = 'SELECT login_date FROM ' . $table . ' $sql = 'SELECT login_date
FROM ' . $table . '
WHERE login_user_id = ' . intval($student_id) . ' WHERE login_user_id = ' . intval($student_id) . '
ORDER BY login_date ORDER BY login_date
DESC LIMIT 0,1'; DESC LIMIT 0,1';
@ -2286,10 +2285,12 @@ class Tracking
// database (and if no list was given, get them all) // database (and if no list was given, get them all)
if (empty($session_id)) { if (empty($session_id)) {
$sql = "SELECT DISTINCT(id), use_max_score FROM $lp_table $sql = "SELECT DISTINCT(id), use_max_score
WHERE c_id = $course_id AND session_id = 0 $condition_lp "; FROM $lp_table
WHERE c_id = $course_id AND (session_id = 0 OR session_id IS NULL ) $condition_lp ";
} else { } else {
$sql = "SELECT DISTINCT(id), use_max_score FROM $lp_table $sql = "SELECT DISTINCT(id), use_max_score
FROM $lp_table
WHERE c_id = $course_id $condition_lp "; WHERE c_id = $course_id $condition_lp ";
} }
@ -2601,9 +2602,9 @@ class Tracking
} }
// Get course tables names // Get course tables names
$lp_table = Database :: get_course_table(TABLE_LP_MAIN); $lp_table = Database :: get_course_table(TABLE_LP_MAIN);
$lp_item_table = Database :: get_course_table(TABLE_LP_ITEM); $lp_item_table = Database :: get_course_table(TABLE_LP_ITEM);
$lp_view_table = Database :: get_course_table(TABLE_LP_VIEW); $lp_view_table = Database :: get_course_table(TABLE_LP_VIEW);
$lp_item_view_table = Database :: get_course_table(TABLE_LP_ITEM_VIEW); $lp_item_view_table = Database :: get_course_table(TABLE_LP_ITEM_VIEW);
// Compose a filter based on optional learning paths list given // Compose a filter based on optional learning paths list given
@ -2667,22 +2668,21 @@ class Tracking
if (!empty($course)) { if (!empty($course)) {
$lp_table = Database :: get_course_table(TABLE_LP_MAIN); $lp_table = Database :: get_course_table(TABLE_LP_MAIN);
$t_lpv = Database :: get_course_table(TABLE_LP_VIEW); $t_lpv = Database :: get_course_table(TABLE_LP_VIEW);
$t_lpiv = Database :: get_course_table(TABLE_LP_ITEM_VIEW); $t_lpiv = Database :: get_course_table(TABLE_LP_ITEM_VIEW);
$course_id = $course['real_id']; $course_id = $course['real_id'];
// Compose a filter based on optional learning paths list given // Compose a filter based on optional learning paths list given
$condition_lp = ""; $condition_lp = "";
if(count($lp_ids) > 0) { if (count($lp_ids) > 0) {
$condition_lp =" AND id IN(".implode(',',$lp_ids).") "; $condition_lp =" AND id IN(".implode(',',$lp_ids).") ";
} }
// Compose a filter based on optional session id // Compose a filter based on optional session id
$condition_session = "";
$session_id = intval($session_id); $session_id = intval($session_id);
$condition_session = "";
if (isset($session_id)) { if (isset($session_id)) {
$condition_session = " AND session_id = $session_id "; $condition_session = " AND session_id = $session_id ";
} }
@ -2750,15 +2750,15 @@ class Tracking
// calculates last connection time // calculates last connection time
if ($count_row_lp > 0) { if ($count_row_lp > 0) {
$sql = 'SELECT MAX(start_time) $sql = 'SELECT MAX(start_time)
FROM ' . $t_lpiv . ' AS item_view FROM ' . $t_lpiv . ' AS item_view
INNER JOIN ' . $t_lpv . ' AS view INNER JOIN ' . $t_lpv . ' AS view
ON item_view.lp_view_id = view.id ON item_view.lp_view_id = view.id
WHERE WHERE
item_view.c_id = '.$course_id.' AND item_view.c_id = '.$course_id.' AND
view.c_id = '.$course_id.' AND view.c_id = '.$course_id.' AND
view.lp_id = '.$lp_id.' view.lp_id = '.$lp_id.'
AND view.user_id = '.$student_id.' AND view.user_id = '.$student_id.'
AND view.session_id = '.$session_id; AND view.session_id = '.$session_id;
$rs = Database::query($sql); $rs = Database::query($sql);
if (Database :: num_rows($rs) > 0) { if (Database :: num_rows($rs) > 0) {
$last_time = Database :: result($rs, 0, 0); $last_time = Database :: result($rs, 0, 0);
@ -2829,15 +2829,15 @@ class Tracking
// Then, courses where $coach_id is coach of the session // // Then, courses where $coach_id is coach of the session //
$sql = 'SELECT session_course_user.user_id $sql = 'SELECT session_course_user.user_id
FROM ' . $tbl_session_course_user . ' as session_course_user FROM ' . $tbl_session_course_user . ' as session_course_user
INNER JOIN '.$tbl_session_user.' sru INNER JOIN '.$tbl_session_user.' sru
ON session_course_user.user_id = sru.user_id AND session_course_user.session_id = sru.session_id ON session_course_user.user_id = sru.user_id AND session_course_user.session_id = sru.session_id
INNER JOIN ' . $tbl_session_course . ' as session_course INNER JOIN ' . $tbl_session_course . ' as session_course
ON session_course.c_id = session_course_user.c_id ON session_course.c_id = session_course_user.c_id
AND session_course_user.session_id = session_course.session_id AND session_course_user.session_id = session_course.session_id
INNER JOIN ' . $tbl_session . ' as session INNER JOIN ' . $tbl_session . ' as session
ON session.id = session_course.session_id ON session.id = session_course.session_id
AND session.id_coach = ' . $coach_id; AND session.id_coach = ' . $coach_id;
if (api_is_multiple_url_enabled()) { if (api_is_multiple_url_enabled()) {
$tbl_session_rel_access_url= Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION); $tbl_session_rel_access_url= Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION);
$access_url_id = api_get_current_access_url_id(); $access_url_id = api_get_current_access_url_id();
@ -3327,7 +3327,7 @@ class Tracking
// Table definition. // Table definition.
$tbl_forum_post = Database :: get_course_table(TABLE_FORUM_POST); $tbl_forum_post = Database :: get_course_table(TABLE_FORUM_POST);
$tbl_forum = Database :: get_course_table(TABLE_FORUM); $tbl_forum = Database :: get_course_table(TABLE_FORUM);
if (is_array($student_id)) { if (is_array($student_id)) {
$studentList = array_map('intval', $student_id); $studentList = array_map('intval', $student_id);
@ -3586,7 +3586,11 @@ class Tracking
$rs = Database::query($sql); $rs = Database::query($sql);
if (Database::num_rows($rs) > 0) { if (Database::num_rows($rs) > 0) {
$row = Database::fetch_array($rs); $row = Database::fetch_array($rs);
$date_time = api_convert_and_format_date($row['access_date'], null, date_default_timezone_get()); $date_time = api_convert_and_format_date(
$row['access_date'],
null,
date_default_timezone_get()
);
} }
return $date_time; return $date_time;
} }
@ -3605,10 +3609,10 @@ class Tracking
$session_id = intval($session_id); $session_id = intval($session_id);
// table definition // table definition
$tbl_stats_links = Database::get_main_table(TABLE_STATISTIC_TRACK_E_LINKS); $table = Database::get_main_table(TABLE_STATISTIC_TRACK_E_LINKS);
$sql = 'SELECT 1 $sql = 'SELECT 1
FROM '.$tbl_stats_links.' FROM '.$table.'
WHERE WHERE
links_user_id= '.$student_id.' AND links_user_id= '.$student_id.' AND
c_id = "'.$courseId.'" AND c_id = "'.$courseId.'" AND
@ -3632,14 +3636,15 @@ class Tracking
$session_id = intval($session_id); $session_id = intval($session_id);
// table definition // table definition
$tbl_stats_documents = Database::get_main_table(TABLE_STATISTIC_TRACK_E_DOWNLOADS); $table = Database::get_main_table(TABLE_STATISTIC_TRACK_E_DOWNLOADS);
$sql = 'SELECT 1 $sql = 'SELECT 1
FROM ' . $tbl_stats_documents . ' FROM ' . $table . '
WHERE down_user_id = '.$student_id.' WHERE down_user_id = '.$student_id.'
AND c_id = "'.$courseId.'" AND c_id = "'.$courseId.'"
AND down_session_id = '.$session_id.' '; AND down_session_id = '.$session_id.' ';
$rs = Database::query($sql); $rs = Database::query($sql);
return Database::num_rows($rs); return Database::num_rows($rs);
} }
@ -3699,11 +3704,11 @@ class Tracking
AND session_course_user.user_id = stats_login.user_id '; AND session_course_user.user_id = stats_login.user_id ';
} }
$sql = 'SELECT user_id, MAX(login_course_date) max_date $sql = 'SELECT user_id, MAX(login_course_date) max_date
FROM '.$tbl_track_login.' stats_login '.$inner.' FROM '.$tbl_track_login.' stats_login '.$inner.'
INNER JOIN '.$tableCourse.' c INNER JOIN '.$tableCourse.' c
ON (c.id = stats_login.c_id) ON (c.id = stats_login.c_id)
GROUP BY user_id GROUP BY user_id
HAVING DATE_SUB( "' . $now . '", INTERVAL '.$since.' DAY) > max_date '; HAVING DATE_SUB( "' . $now . '", INTERVAL '.$since.' DAY) > max_date ';
if ($since == 'never') { if ($since == 'never') {
$sql = 'SELECT course_user.user_id $sql = 'SELECT course_user.user_id
@ -3714,8 +3719,9 @@ class Tracking
INNER JOIN '.$tableCourse.' c INNER JOIN '.$tableCourse.' c
ON (c.id = stats_login.c_id) ON (c.id = stats_login.c_id)
'.$inner.' '.$inner.'
WHERE course_user.c_id = \''.$courseId.'\' WHERE
AND stats_login.login_course_date IS NULL course_user.c_id = \''.$courseId.'\' AND
stats_login.login_course_date IS NULL
GROUP BY course_user.user_id'; GROUP BY course_user.user_id';
} }
$rs = Database::query($sql); $rs = Database::query($sql);
@ -3739,10 +3745,10 @@ class Tracking
$student_id = intval($student_id); $student_id = intval($student_id);
$courseId = intval($courseId); $courseId = intval($courseId);
$session_id = intval($session_id); $session_id = intval($session_id);
$tbl_course_rel_user = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ACCESS); $table = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ACCESS);
$sql = 'SELECT '.$student_id.' $sql = 'SELECT '.$student_id.'
FROM ' . $tbl_course_rel_user . ' FROM ' . $table . '
WHERE WHERE
access_user_id=' . $student_id . ' AND access_user_id=' . $student_id . ' AND
c_id="' . $courseId . '" AND c_id="' . $courseId . '" AND
@ -3851,16 +3857,16 @@ class Tracking
lv.user_id= $user_id AND lv.user_id= $user_id AND
(li.item_type = 'sco' OR li.item_type='quiz') AND (li.item_type = 'sco' OR li.item_type='quiz') AND
liw.lp_view_id = $lp_view_id"; liw.lp_view_id = $lp_view_id";
$tot=0; $tot = 0;
$sum=0; $sum = 0;
$rs_list_view2=Database::query($sql_list_view); $rs_list_view2=Database::query($sql_list_view);
while ($row_list_view=Database::fetch_array($rs_list_view2)) { while ($row_list_view = Database::fetch_array($rs_list_view2)) {
$sum=$sum+$row_list_view['sum_data']; $sum = $sum + $row_list_view['sum_data'];
$tot++; $tot++;
} }
if ($tot==0) { if ($tot == 0) {
$tot=1; $tot = 1;
} }
$average_data2=$sum/$tot; $average_data2=$sum/$tot;
} }
@ -3890,6 +3896,7 @@ class Tracking
if ($lp_with_quiz > 0) { if ($lp_with_quiz > 0) {
$avg_student_score = round(($average_data_sum / $lp_with_quiz * 100), 2); $avg_student_score = round(($average_data_sum / $lp_with_quiz * 100), 2);
} }
return $avg_student_score; return $avg_student_score;
} }

25
main/inc/lib/usergroup.lib.php
Unescape View File

@ -66,6 +66,8 @@ class UserGroup extends Model
} }
/** /**
* @param int $type
*
* @return int * @return int
*/ */
public function get_count($type = -1) public function get_count($type = -1)
@ -389,7 +391,14 @@ class UserGroup extends Model
{ {
if ($this->useMultipleUrl) { if ($this->useMultipleUrl) {
$urlId = api_get_current_access_url_id(); $urlId = api_get_current_access_url_id();
$options = array('where' => array('c.course_id = ? AND access_url_id = ?' => array($course_id, $urlId))); $options = array(
'where' => array(
'c.course_id = ? AND access_url_id = ?' => array(
$course_id,
$urlId,
),
),
);
$from = $this->usergroup_rel_course_table." as c INNER JOIN ".$this->access_url_rel_usergroup." a $from = $this->usergroup_rel_course_table." as c INNER JOIN ".$this->access_url_rel_usergroup." a
ON c.usergroup_id = a.usergroup_id"; ON c.usergroup_id = a.usergroup_id";
} else { } else {
@ -463,7 +472,12 @@ class UserGroup extends Model
} else { } else {
$conditions = array('where' => array('usergroup_id = ?' => $id)); $conditions = array('where' => array('usergroup_id = ?' => $id));
} }
$results = Database::select('user_id', $this->usergroup_rel_user_table, $conditions, true); $results = Database::select(
'user_id',
$this->usergroup_rel_user_table,
$conditions,
true
);
$array = array(); $array = array();
if (!empty($results)) { if (!empty($results)) {
foreach ($results as $row) { foreach ($results as $row) {
@ -482,7 +496,12 @@ class UserGroup extends Model
public function getUsersByUsergroupAndRelation($id, $relation = '') public function getUsersByUsergroupAndRelation($id, $relation = '')
{ {
$conditions = array('where' => array('usergroup_id = ? AND relation_type = ?' => [$id, $relation])); $conditions = array('where' => array('usergroup_id = ? AND relation_type = ?' => [$id, $relation]));
$results = Database::select('user_id', $this->usergroup_rel_user_table, $conditions, true); $results = Database::select(
'user_id',
$this->usergroup_rel_user_table,
$conditions,
true
);
$array = array(); $array = array();
if (!empty($results)) { if (!empty($results)) {
foreach ($results as $row) { foreach ($results as $row) {

Write Preview
Loading…
Cancel
Save