chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fixing agenda events for admins see BT#5949

Browse Source
skala
Julio Montoya 12 years ago
parent c6d5c78e4c
commit f5b89cc0e6
3 changed files with 47 additions and 32 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 20
      main/calendar/agenda.inc.php
  2. 52
      main/calendar/agenda.lib.php
  3. 7
      main/calendar/agenda.php

20
main/calendar/agenda.inc.php
Unescape View File

@ -1556,7 +1556,11 @@ function change_visibility($tool, $id, $visibility)
function display_courseadmin_links($filter = 0) function display_courseadmin_links($filter = 0)
{ {
if (!api_get_course_int_id()) { if (!api_get_course_int_id()) {
return "<a href='agenda_js.php?type=personal'>".Display::return_icon('calendar.png', get_lang('Agenda'), '', ICON_SIZE_MEDIUM)."</a>"; $type = isset($_REQUEST['type']) ? Security::remove_XSS($_REQUEST['type']) : 'personal';
if ($type == 'platform') {
$type = 'admin';
}
return "<a href='agenda_js.php?type=$type'>".Display::return_icon('calendar.png', get_lang('Agenda'), '', ICON_SIZE_MEDIUM)."</a>";
} }
$form = null; $form = null;
if (!isset($_GET['action'])) { if (!isset($_GET['action'])) {
@ -1690,7 +1694,6 @@ function store_edited_agenda_item($event_id, $id_attach, $file_comment)
$agendaObj->edit_event($id, $start_date, $end_date, $all_day, null, $title, $content); $agendaObj->edit_event($id, $start_date, $end_date, $all_day, null, $title, $content);
if (empty($id_attach)) { if (empty($id_attach)) {
add_agenda_attachment_file($file_comment, $id); add_agenda_attachment_file($file_comment, $id);
} else { } else {
@ -2230,7 +2233,7 @@ function display_one_agenda_item($agenda_id)
* @param integer id, the id of the agenda item we are editing. By default this is empty which means that we are adding an * @param integer id, the id of the agenda item we are editing. By default this is empty which means that we are adding an
* agenda item. * agenda item.
*/ */
function show_add_form($id = '') function show_add_form($id = '', $type = null)
{ {
global $MonthsLong; global $MonthsLong;
$htmlHeadXtra[] = to_javascript(); $htmlHeadXtra[] = to_javascript();
@ -2298,13 +2301,16 @@ function show_add_form($id = '')
// if the id is set then we are editing an agenda item // if the id is set then we are editing an agenda item
if (!empty($id)) { if (!empty($id)) {
$course_info = api_get_course_info(); $course_info = api_get_course_info();
$agendaObj = new Agenda(); $agendaObj = new Agenda();
if (!empty($course_info)) { if (!empty($course_info)) {
$agendaObj->set_course($course_info); $agendaObj->set_course($course_info);
$agendaObj->type = 'course'; $agendaObj->type = 'course';
} else { } else {
$agendaObj->type = 'personal'; if (api_is_platform_admin() && $type == 'platform') {
$agendaObj->type = 'admin';
} else {
$agendaObj->type = 'personal';
}
} }
$agendaItem = $agendaObj->get_event($id); $agendaItem = $agendaObj->get_event($id);
@ -2356,7 +2362,7 @@ function show_add_form($id = '')
<!-- START OF THE FORM --> <!-- START OF THE FORM -->
<form class="form-horizontal" enctype="multipart/form-data" action="<?php echo api_get_self().'?origin='.$origin.'&'.$course_url."&sort=asc&toolgroup=".api_get_group_id().'&action='.Security::remove_XSS($_GET['action']); ?>" method="post" name="new_calendar_item"> <form class="form-horizontal" enctype="multipart/form-data" action="<?php echo api_get_self().'?type='.Security::remove_XSS($type).'&origin='.$origin.'&'.$course_url."&sort=asc&toolgroup=".api_get_group_id().'&action='.Security::remove_XSS($_GET['action']); ?>" method="post" name="new_calendar_item">
<input type="hidden" name="id" value="<?php if (isset($id)) echo $id; ?>" /> <input type="hidden" name="id" value="<?php if (isset($id)) echo $id; ?>" />
<input type="hidden" name="action" value="<?php if (isset($_GET['action'])) echo $_GET['action']; ?>" /> <input type="hidden" name="action" value="<?php if (isset($_GET['action'])) echo $_GET['action']; ?>" />
<input type="hidden" name="id_attach" value="<?php echo isset($_REQUEST['id_attach']) ? intval($_REQUEST['id_attach']) : null; ?>" /> <input type="hidden" name="id_attach" value="<?php echo isset($_REQUEST['id_attach']) ? intval($_REQUEST['id_attach']) : null; ?>" />
@ -2723,7 +2729,7 @@ function show_add_form($id = '')
echo '</div> echo '</div>
</div>'; </div>';
if ($agendaObj->type != 'personal') { if ($agendaObj->type == 'course') {
// File attachment // File attachment
echo ' <div class="control-group"> echo ' <div class="control-group">
<label class="control-label"> <label class="control-label">

52
main/calendar/agenda.lib.php
Unescape View File

@ -112,13 +112,15 @@ class Agenda
} }
break; break;
case 'admin': case 'admin':
$attributes['title'] = $title; if (api_is_platform_admin()) {
$attributes['content'] = $content; $attributes['title'] = $title;
$attributes['start_date'] = $start; $attributes['content'] = $content;
$attributes['end_date'] = $end; $attributes['start_date'] = $start;
$attributes['all_day'] = $all_day; $attributes['end_date'] = $end;
$attributes['access_url_id'] = api_get_current_access_url_id(); $attributes['all_day'] = $all_day;
$id = Database::insert($this->tbl_global_agenda, $attributes); $attributes['access_url_id'] = api_get_current_access_url_id();
$id = Database::insert($this->tbl_global_agenda, $attributes);
}
break; break;
} }
return $id; return $id;
@ -192,22 +194,23 @@ class Agenda
break; break;
case 'course': case 'course':
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
$attributes['title'] = $title; if (!empty($course_id) && api_is_allowed_to_edit(null, true)) {
$attributes['content'] = $content; $attributes['title'] = $title;
$attributes['start_date'] = $start; $attributes['content'] = $content;
$attributes['end_date'] = $end; $attributes['start_date'] = $start;
$attributes['all_day'] = $all_day; $attributes['end_date'] = $end;
$attributes['all_day'] = $all_day;
if (!empty($course_id)) {
Database::update($this->tbl_course_agenda, $attributes, array('id = ? AND c_id = ?' => array($id, $course_id))); Database::update($this->tbl_course_agenda, $attributes, array('id = ? AND c_id = ?' => array($id, $course_id)));
} }
break; break;
case 'admin': case 'admin':
$attributes['title'] = $title; if (api_is_platform_admin()) {
$attributes['content'] = $content; $attributes['title'] = $title;
$attributes['start_date'] = $start; $attributes['content'] = $content;
$attributes['end_date'] = $end; $attributes['start_date'] = $start;
Database::update($this->tbl_global_agenda, $attributes, array('id = ?' => $id)); $attributes['end_date'] = $end;
Database::update($this->tbl_global_agenda, $attributes, array('id = ?' => $id));
}
break; break;
} }
} }
@ -216,16 +219,21 @@ class Agenda
{ {
switch ($this->type) { switch ($this->type) {
case 'personal': case 'personal':
Database::delete($this->tbl_personal_agenda, array('id = ?' => $id)); $eventInfo = $this->get_event($id);
if ($eventInfo['user'] == api_get_user_id()) {
Database::delete($this->tbl_personal_agenda, array('id = ?' => $id));
}
break; break;
case 'course': case 'course':
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
if (!empty($course_id)) { if (!empty($course_id) && api_is_allowed_to_edit(null, true)) {
Database::delete($this->tbl_course_agenda, array('id = ? AND c_id = ?' => array($id, $course_id))); Database::delete($this->tbl_course_agenda, array('id = ? AND c_id = ?' => array($id, $course_id)));
} }
break; break;
case 'admin': case 'admin':
Database::delete($this->tbl_global_agenda, array('id = ?' => $id)); if (api_is_platform_admin()) {
Database::delete($this->tbl_global_agenda, array('id = ?' => $id));
}
break; break;
} }
} }

7
main/calendar/agenda.php
Unescape View File

@ -206,14 +206,15 @@ if (api_is_allowed_to_edit(false, true) OR
echo '</div>'; echo '</div>';
$event_id = isset($_REQUEST['id']) ? $_REQUEST['id'] : null; $event_id = isset($_REQUEST['id']) ? $_REQUEST['id'] : null;
$type = isset($_GET['type']) ? $_GET['type'] : null; $type = $event_type = isset($_GET['type']) ? $_GET['type'] : null;
if ($type == 'fromjs') { if ($type == 'fromjs') {
$id_list = explode('_', $event_id); $id_list = explode('_', $event_id);
$event_id = $id_list[1]; $event_id = $id_list[1];
$event_type = $id_list[0];
} }
if (!api_is_allowed_to_edit(null, true) && $type == 'course') { if (!api_is_allowed_to_edit(null, true) && $event_type == 'course') {
api_not_allowed(); api_not_allowed();
} }
@ -289,7 +290,7 @@ if (api_is_allowed_to_edit(false, true) OR
store_edited_agenda_item($event_id, $_REQUEST['id_attach'], $_REQUEST['file_comment']); store_edited_agenda_item($event_id, $_REQUEST['id_attach'], $_REQUEST['file_comment']);
$action = 'view'; $action = 'view';
} else { } else {
show_add_form($event_id); show_add_form($event_id, $event_type);
} }
break; break;
case "delete": case "delete":

Write Preview
Loading…
Cancel
Save