merge

main/admin/group_edit.php

@@ -82,9 +82,14 @@ if (strlen($group_data['picture_uri']) > 0) {
 
 // Status
 $status = array();
+$groups = array();
+$groups = GroupPortalManager::get_groups_list($group_id);
+$groups[0] = get_lang('NoParentship');
+$group_data['parent_group'] = GroupPortalManager::get_parent_group($group_id);
 $status[GROUP_PERMISSION_OPEN] 		= get_lang('Open');
 $status[GROUP_PERMISSION_CLOSED]	= get_lang('Closed');
 
+$form->addElement('select', 'parent_group', get_lang('GroupParentship'), $groups, array());
 $form->addElement('select', 'visibility', get_lang('GroupPermissions'), $status, array());
 
 // Submit button
@@ -112,8 +117,11 @@ if ( $form->validate()) {
 	$description	= $group['description'];
 	$url 			= $group['url'];
 	$status 		= intval($group['visibility']);
+  $parent_group_id = intval($group['parent_group']); 
 
 	GroupPortalManager::update($group_id, $name, $description, $url, $status, $picture_uri);
+  GroupPortalManager::set_parent_group($group_id,$parent_group_id);
+
 	$tok = Security::get_token();
 	header('Location: group_list.php?action=show_message&message='.urlencode(get_lang('GroupUpdated')).'&sec_token='.$tok);
 	exit();

main/admin/settings.php

@@ -473,6 +473,7 @@ $action_images['templates'] 	= 'template.gif';
 $action_images['search']        = 'search.gif';
 $action_images['editor']		= 'html.png';
 $action_images['timezones']		= 'timezones.png';
+$action_images['cas'] = 'loginmanager.gif';
 
 // grabbing the categories
 //$selectcategories = "SELECT DISTINCT category FROM ".$table_settings_current." WHERE category NOT IN ('stylesheets','Plugins')";

main/course_info/infocours.php

@@ -297,6 +297,7 @@ if ($form->validate() && is_settings_editable()) {
 	foreach ($update_values as $index => & $value) {
 		$update_values[$index] = Database::escape_string($value);
 	}
+	unset($value);
 	$table_course = Database :: get_main_table(TABLE_MAIN_COURSE);
 	$sql = "UPDATE $table_course SET
 				title 				= '".Security::remove_XSS($update_values['title'])."',

main/inc/lib/database.lib.php

@@ -66,6 +66,7 @@ define('TABLE_MAIN_USER_REL_TAG',		'user_rel_tag');
 //User groups
 define('TABLE_MAIN_GROUP',				'groups');
 define('TABLE_MAIN_USER_REL_GROUP',		'group_rel_user');
+define('TABLE_MAIN_GROUP_REL_GROUP',		'group_rel_group');
 define('TABLE_MAIN_GROUP_REL_TAG',		'group_rel_tag');
 
 // Search engine

main/inc/lib/group_portal_manager.lib.php

@@ -123,6 +123,26 @@ class GroupPortalManager
 		}
 		return $data;
 	}
+  /**
+   * Gets a list of all group
+   * @param id of a group to not include
+   * @return array : id => name
+   **/
+  public static function get_groups_list($without_this_one = NULL )
+  {
+    $where='';
+    if ( isset($without_this_one) && (intval($without_this_one) == $without_this_one) ) {
+      $where = "WHERE id <> $without_this_one"; 
+    }
+		$table	= Database :: get_main_table(TABLE_MAIN_GROUP);
+		$sql = "SELECT id, name FROM $table $where order by name";
+		$res = Database::query($sql);
+		$list = array ();
+		while ($item = Database::fetch_assoc($res)) {
+			$list[$item['id']] = $item['name'];
+		}
+		return $list;
+	}
 
 	/**
 	 * Gets the group data
@@ -143,6 +163,53 @@ class GroupPortalManager
 		return $item;
 	}
 
+  /**
+   * Set a parent group
+   * @param group_id
+   * @param parent_group, if 0, we delete the parent_group association
+   * @param relation_type
+   * @return true or false
+   **/ 
+  public static function set_parent_group($group_id, $parent_group_id, $relation_type = 1){
+    $table = Database :: get_main_table(TABLE_MAIN_GROUP_REL_GROUP);
+    $group_id = intval($group_id);
+    $parent_group_id = intval($parent_group_id);
+    if ($parent_group_id == 0) {
+      $sql = "DELETE FROM $table WHERE subgroup_id = $group_id";
+    } 
+    else {
+      $sql = "SELECT group_id FROM $table WHERE subgroup_id = $group_id";
+      $res = Database::query($sql);
+      if (Database::num_rows($res)==0) {
+        $sql = "INSERT INTO $table  SET group_id = $parent_group_id, subgroup_id = $group_id, relation_type = $relation_type";
+      } else {
+        $sql = "UPDATE $table SET group_id = $parent_group_id, relation_type = $relation_type  WHERE subgroup_id = $group_id"; 
+      }
+    }
+    $res = Database::query($sql);
+    return($res);
+  }
+  /**
+   * Get the parent group
+   * @param group_id
+   * @param relation_type
+   * @return int parent_group_id or false
+   **/
+  public static function get_parent_group($group_id, $relation_type=1){
+    $table = Database :: get_main_table(TABLE_MAIN_GROUP_REL_GROUP);
+    $group_id=intval($group_id);
+    $parent_group_id=intval($parent_group_id);
+    $sql = "SELECT group_id FROM $table WHERE subgroup_id = $group_id";
+    $res = Database::query($sql);
+    if (Database::num_rows($res)==0) {
+      return 0;
+    }
+    else {
+      $arr = Database::fetch_assoc($res);
+      return $arr['group_id'];
+    }
+  }
+
 	/**
 	 * Gets the tags from a given group
 	 * @param int	group id

main/inc/local.inc.php

@@ -214,10 +214,26 @@ if (!empty($_SESSION['_user']['user_id']) && ! ($login || $logout)) {
 		}
 	}
 
-	if ((isset($_POST['login']) && isset($_POST['password']))) {
+	//IF cas is activated and user isn't logged in	
+	if (api_get_setting('cas_activate') == 'true') { 
+		$cas_activated = true;
+	} else {
+		$cas_activated = false;
+	}
+
+	$cas_login=false;
+	if ($cas_activated  AND !isset($_user['user_id']) and !isset($_POST['login'])  && !$logout) { 
+		require_once(api_get_path(SYS_PATH).'main/auth/cas/authcas.php');
+		$cas_login = cas_is_authenticated();
+	}
+  if ( ( isset($_POST['login']) AND  isset($_POST['password']) ) OR ($cas_login) )  {
     // $login && $password are given to log in
+    if ( $cas_login  && empty($_POST['login']) ) {
+      $login = $cas_login;
+    } else {
       $login = $_POST['login'];
       $password = $_POST['password'];
+    }
 
     //lookup the user in the main database
     $user_table = Database::get_main_table(TABLE_MAIN_USER);
@@ -248,7 +264,7 @@ if (!empty($_SESSION['_user']['user_id']) && ! ($login || $logout)) {
           $password = api_get_encrypted_password($password);
         }
         if (api_get_setting('allow_terms_conditions')=='true') {
-			       if ($password == $uData['password'] AND (trim($login) == $uData['username'])) {
+          if ($password == $uData['password'] AND (trim($login) == $uData['username']) OR $cas_login ) {
             $temp_user_id = $uData['user_id'];
             $term_and_condition_status=api_check_term_condition($temp_user_id);//false or true
             if ($term_and_condition_status===false) {
@@ -265,7 +281,7 @@ if (!empty($_SESSION['_user']['user_id']) && ! ($login || $logout)) {
         }
 
         // Check the user's password
-	            if ($password == $uData['password'] AND (trim($login) == $uData['username'])) {
+        if ( ($password == $uData['password']  OR $cas_login) AND (trim($login) == $uData['username'])) {
           // Check if the account is active (not locked)
           if ($uData['active']=='1') {
             // Check if the expiration date has not been reached