chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Use correct session id see BT#15858

Browse Source
pull/2990/head
Julio 6 years ago
parent 13d8e0bda9
commit f6d3429a0d
9 changed files with 104 additions and 135 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      main/gradebook/lib/be/abstractlink.class.php
  2. 22
      main/gradebook/lib/be/attendancelink.class.php
  3. 19
      main/gradebook/lib/be/evallink.class.php
  4. 19
      main/gradebook/lib/be/exerciselink.class.php
  5. 66
      main/gradebook/lib/be/forumthreadlink.class.php
  6. 10
      main/gradebook/lib/be/learnpathlink.class.php
  7. 13
      main/gradebook/lib/be/studentpublicationlink.class.php
  8. 83
      main/gradebook/lib/be/surveylink.class.php
  9. 3
      main/mySpace/myStudents.php

4
main/gradebook/lib/be/abstractlink.class.php
Unescape View File

@ -108,7 +108,7 @@ abstract class AbstractLink implements GradebookItem
*/
public function get_session_id()
{
return $this->session_id;
return (int) $this->session_id;
}
/**
@ -270,7 +270,7 @@ abstract class AbstractLink implements GradebookItem
*/
public function getCourseId()
{
return $this->course_id;
return (int) $this->course_id;
}
/**

22
main/gradebook/lib/be/attendancelink.class.php
Unescape View File

@ -49,13 +49,14 @@ class AttendanceLink extends AbstractLink
return [];
}
$tbl_attendance = $this->get_attendance_table();
$session_id = api_get_session_id();
$sessionId = $this->get_session_id();
$sql = 'SELECT att.id, att.name, att.attendance_qualify_title
FROM '.$tbl_attendance.' att
WHERE
att.c_id = '.$this->course_id.' AND
att.active = 1 AND
att.session_id = '.$session_id;
att.session_id = '.$sessionId;
$result = Database::query($sql);
@ -77,10 +78,11 @@ class AttendanceLink extends AbstractLink
public function has_results()
{
$tbl_attendance_result = Database::get_course_table(TABLE_ATTENDANCE_RESULT);
$session_id = api_get_session_id();
$sessionId = $this->get_session_id();
$sql = 'SELECT count(*) AS number FROM '.$tbl_attendance_result."
WHERE
session_id = $session_id AND
session_id = $sessionId AND
c_id = '.$this->course_id.' AND
attendance_id = '".$this->get_ref_id()."'";
$result = Database::query($sql);
@ -97,7 +99,7 @@ class AttendanceLink extends AbstractLink
public function calc_score($stud_id = null, $type = null)
{
$tbl_attendance_result = Database::get_course_table(TABLE_ATTENDANCE_RESULT);
$session_id = api_get_session_id();
$sessionId = $this->get_session_id();
// get attendance qualify max
$sql = 'SELECT att.attendance_qualify_max
@ -105,7 +107,7 @@ class AttendanceLink extends AbstractLink
WHERE
att.c_id = '.$this->course_id.' AND
att.id = '.$this->get_ref_id().' AND
att.session_id='.$session_id;
att.session_id = '.$sessionId;
$query = Database::query($sql);
$attendance = Database::fetch_array($query, 'ASSOC');
@ -216,7 +218,6 @@ class AttendanceLink extends AbstractLink
*/
public function is_valid_link()
{
$session_id = api_get_session_id();
$sql = 'SELECT count(att.id) FROM '.$this->get_attendance_table().' att
WHERE att.c_id = '.$this->course_id.' AND att.id = '.$this->get_ref_id();
$result = Database::query($sql);
@ -227,14 +228,14 @@ class AttendanceLink extends AbstractLink
public function get_link()
{
//it was extracts the attendance id
$session_id = api_get_session_id();
// it was extracts the attendance id
$sessionId = $this->get_session_id();
$sql = 'SELECT * FROM '.$this->get_attendance_table().' att
WHERE att.c_id = '.$this->course_id.' AND att.id = '.$this->get_ref_id();
$result = Database::query($sql);
$row = Database::fetch_array($result, 'ASSOC');
$attendance_id = $row['id'];
$url = api_get_path(WEB_PATH).'main/attendance/index.php?action=attendance_sheet_list&gradebook=view&attendance_id='.$attendance_id.'&'.api_get_cidreq_params($this->get_course_code(), $session_id);
$url = api_get_path(WEB_PATH).'main/attendance/index.php?action=attendance_sheet_list&gradebook=view&attendance_id='.$attendance_id.'&'.api_get_cidreq_params($this->get_course_code(), $sessionId);
return $url;
}
@ -263,7 +264,6 @@ class AttendanceLink extends AbstractLink
private function get_attendance_data()
{
$tbl_name = $this->get_attendance_table();
$session_id = api_get_session_id();
if ($tbl_name == '') {
return false;
} elseif (!isset($this->attendance_data)) {

19
main/gradebook/lib/be/evallink.class.php
Unescape View File

@ -11,15 +11,7 @@
*/
abstract class EvalLink extends AbstractLink
{
protected $evaluation = null;
/**
* Constructor.
*/
public function __construct()
{
parent::__construct();
}
protected $evaluation;
/**
* @return bool
@ -50,12 +42,13 @@ abstract class EvalLink extends AbstractLink
// course/platform admin can go to the view_results page
if (api_is_allowed_to_edit()) {
return 'gradebook_view_result.php?'.api_get_cidreq().'&selecteval='.$eval->get_id();
} // students can go to the statistics page (if custom display enabled)
elseif (ScoreDisplay::instance()->is_custom()) {
} elseif (ScoreDisplay::instance()->is_custom()) {
// students can go to the statistics page (if custom display enabled)
return 'gradebook_statistics.php?'.api_get_cidreq().'&selecteval='.$eval->get_id();
} else {
return null;
}
return null;
}
public function get_name()

19
main/gradebook/lib/be/exerciselink.class.php
Unescape View File

@ -11,8 +11,8 @@
*/
class ExerciseLink extends AbstractLink
{
private $course_info = null;
private $exercise_table = null;
private $course_info;
private $exercise_table;
private $exercise_data = [];
private $is_hp;
@ -43,11 +43,11 @@ class ExerciseLink extends AbstractLink
$exerciseTable = $this->get_exercise_table();
$lpItemTable = Database::get_course_table(TABLE_LP_ITEM);
$documentPath = api_get_path(SYS_COURSE_PATH).$this->course_code."/document";
$documentPath = api_get_path(SYS_COURSE_PATH).$this->course_code.'/document';
if (empty($this->course_code)) {
return [];
}
$sessionId = api_get_session_id();
$sessionId = $this->get_session_id();
if (empty($sessionId)) {
$session_condition = api_get_session_condition(0, true);
} else {
@ -149,7 +149,7 @@ class ExerciseLink extends AbstractLink
public function has_results()
{
$tbl_stats = Database::get_main_table(TABLE_STATISTIC_TRACK_E_EXERCISES);
$sessionId = api_get_session_id();
$sessionId = $this->get_session_id();
$course_id = api_get_course_int_id($this->get_course_code());
$sql = "SELECT count(exe_id) AS number
FROM $tbl_stats
@ -430,14 +430,7 @@ class ExerciseLink extends AbstractLink
*/
public function get_link()
{
// Status student
$user_id = api_get_user_id();
$sessionId = api_get_session_id();
$course_code = $this->get_course_code();
$courseInfo = api_get_course_info($course_code);
$courseId = $courseInfo['real_id'];
$status_user = api_get_status_of_user_in_course($user_id, $courseId);
$sessionId = $this->get_session_id();
$data = $this->get_exercise_data();
$exerciseId = $data['id'];
$path = isset($data['path']) ? $data['path'] : '';

66
main/gradebook/lib/be/forumthreadlink.class.php
Unescape View File

@ -10,8 +10,8 @@
*/
class ForumThreadLink extends AbstractLink
{
private $forum_thread_table = null;
private $itemprop_table = null;
private $forum_thread_table;
private $itemprop_table;
/**
* Constructor.
@ -38,45 +38,6 @@ class ForumThreadLink extends AbstractLink
return false;
}
/**
* Generate an array of exercises that a teacher hasn't created a link for.
*
* @return array 2-dimensional array - every element contains 2 subelements (id, name)
*/
public function get_not_created_links()
{
if (empty($this->course_code)) {
return [];
}
$tbl_grade_links = Database::get_main_table(TABLE_MAIN_GRADEBOOK_LINK);
$sql = 'SELECT thread_id,thread_title,thread_title_qualify
FROM '.$this->get_forum_thread_table().'
forum_thread WHERE thread_id NOT IN
(
SELECT ref_id FROM '.$tbl_grade_links.'
WHERE
type = '.LINK_FORUM_THREAD.' AND
c_id = '.intval($this->course_id).'
)
AND forum_thread.session_id='.api_get_session_id();
$result = Database::query($sql);
$cats = [];
while ($data = Database::fetch_array($result)) {
if (isset($data['thread_title_qualify']) && $data['thread_title_qualify'] != "") {
$cats[] = [
$data['thread_id'],
$data['thread_title_qualify'],
];
} else {
$cats[] = [$data['thread_id'], $data['thread_title']];
}
}
return $cats;
}
/**
* Generate an array of all exercises available.
*
@ -90,10 +51,10 @@ class ForumThreadLink extends AbstractLink
$tbl_grade_links = Database::get_course_table(TABLE_FORUM_THREAD);
$tbl_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY);
$session_id = api_get_session_id();
$sessionId = $this->get_session_id();
if ($session_id) {
$session_condition = 'tl.session_id='.api_get_session_id();
if ($sessionId) {
$session_condition = 'tl.session_id='.$sessionId;
} else {
$session_condition = '(tl.session_id = 0 OR tl.session_id IS NULL)';
}
@ -286,9 +247,9 @@ class ForumThreadLink extends AbstractLink
$thread_title_qualify = isset($this->exercise_data['thread_title_qualify']) ? $this->exercise_data['thread_title_qualify'] : '';
if (isset($thread_title_qualify) && $thread_title_qualify != '') {
return $this->exercise_data['thread_title_qualify'];
} else {
return $thread_title;
}
return $thread_title;
}
/**
@ -304,11 +265,12 @@ class ForumThreadLink extends AbstractLink
*/
public function is_valid_link()
{
$sessionId = $this->get_session_id();
$sql = 'SELECT count(id) from '.$this->get_forum_thread_table().'
WHERE
c_id = '.$this->course_id.' AND
thread_id = '.$this->get_ref_id().' AND
session_id='.api_get_session_id();
session_id='.$sessionId;
$result = Database::query($sql);
$number = Database::fetch_row($result);
@ -317,7 +279,7 @@ class ForumThreadLink extends AbstractLink
public function get_link()
{
$sessionId = api_get_session_id();
$sessionId = $this->get_session_id();
//it was extracts the forum id
$sql = 'SELECT * FROM '.$this->get_forum_thread_table()."
WHERE
@ -355,7 +317,7 @@ class ForumThreadLink extends AbstractLink
{
$ref_id = $this->get_ref_id();
if (!empty($ref_id)) {
//Cleans forum
// Cleans forum
$sql = 'UPDATE '.$this->get_forum_thread_table().' SET
thread_qualify_max = 0,
thread_weight = 0,
@ -375,9 +337,9 @@ class ForumThreadLink extends AbstractLink
private function get_exercise_data()
{
$session_id = api_get_session_id();
if ($session_id) {
$session_condition = 'session_id='.api_get_session_id();
$sessionId = $this->get_session_id();
if ($sessionId) {
$session_condition = 'session_id = '.$sessionId;
} else {
$session_condition = '(session_id = 0 OR session_id IS NULL)';
}

10
main/gradebook/lib/be/learnpathlink.class.php
Unescape View File

@ -11,9 +11,9 @@
*/
class LearnpathLink extends AbstractLink
{
private $course_info = null;
private $learnpath_table = null;
private $learnpath_data = null;
private $course_info;
private $learnpath_table;
private $learnpath_data;
/**
* Constructor.
@ -35,7 +35,7 @@ class LearnpathLink extends AbstractLink
return [];
}
$session_id = api_get_session_id();
$session_id = $this->get_session_id();
if (empty($session_id)) {
$session_condition = api_get_session_condition(0, true);
} else {
@ -154,7 +154,7 @@ class LearnpathLink extends AbstractLink
*/
public function get_link()
{
$session_id = api_get_session_id();
$session_id = $this->get_session_id();
$url = api_get_path(WEB_CODE_PATH).'lp/lp_controller.php?'.api_get_cidreq_params(
$this->get_course_code(),
$session_id

13
main/gradebook/lib/be/studentpublicationlink.class.php
Unescape View File

@ -82,7 +82,8 @@ class StudentPublicationLink extends AbstractLink
return [];
}
$em = Database::getManager();
$session = $em->find('ChamiloCoreBundle:Session', api_get_session_id());
$sessionId = $this->get_session_id();
$session = $em->find('ChamiloCoreBundle:Session', $sessionId);
/*
if (empty($session_id)) {
$session_condition = api_get_session_condition(0, true);
@ -128,7 +129,7 @@ class StudentPublicationLink extends AbstractLink
$id = $data['id'];
$em = Database::getManager();
$session = $em->find('ChamiloCoreBundle:Session', api_get_session_id());
$session = $em->find('ChamiloCoreBundle:Session', $this->get_session_id());
$results = $em
->getRepository('ChamiloCourseBundle:CStudentPublication')
->findBy([
@ -155,7 +156,7 @@ class StudentPublicationLink extends AbstractLink
return [];
}
$id = $data['id'];
$session = $em->find('ChamiloCoreBundle:Session', api_get_session_id());
$session = $em->find('ChamiloCoreBundle:Session', $this->get_session_id());
$assignment = $em
->getRepository('ChamiloCourseBundle:CStudentPublication')
@ -302,8 +303,8 @@ class StudentPublicationLink extends AbstractLink
public function get_link()
{
$session_id = api_get_session_id();
$url = api_get_path(WEB_PATH).'main/work/work.php?'.api_get_cidreq_params($this->get_course_code(), $session_id).'&id='.$this->exercise_data['id'].'&gradebook=view';
$sessionId = $this->get_session_id();
$url = api_get_path(WEB_PATH).'main/work/work.php?'.api_get_cidreq_params($this->get_course_code(), $sessionId).'&id='.$this->exercise_data['id'].'&gradebook=view';
return $url;
}
@ -329,7 +330,7 @@ class StudentPublicationLink extends AbstractLink
$sql = 'SELECT count(id) FROM '.$this->get_studpub_table().'
WHERE
c_id = "'.$this->course_id.'" AND
id = '.$id.'';
id = '.$id;
$result = Database::query($sql);
$number = Database::fetch_row($result);

83
main/gradebook/lib/be/surveylink.class.php
Unescape View File

@ -10,7 +10,7 @@
*/
class SurveyLink extends AbstractLink
{
private $survey_table = null;
private $survey_table;
private $survey_data = [];
/**
@ -32,6 +32,9 @@ class SurveyLink extends AbstractLink
return $this->survey_data['code'].': '.self::html_to_text($this->survey_data['title']);
}
/**
* @return string
*/
public function get_description()
{
$this->get_survey_data();
@ -39,6 +42,9 @@ class SurveyLink extends AbstractLink
return $this->survey_data['subtitle'];
}
/**
* @return string
*/
public function get_type_name()
{
return get_lang('Survey');
@ -75,10 +81,11 @@ class SurveyLink extends AbstractLink
die('Error in get_all_links() : course code not set');
}
$tbl_survey = $this->get_survey_table();
$session_id = api_get_session_id();
$course_id = api_get_course_int_id();
$sessionId = $this->get_session_id();
$course_id = $this->getCourseId();
$sql = 'SELECT survey_id, title, code FROM '.$tbl_survey.'
WHERE c_id = '.$course_id.' AND session_id = '.intval($session_id);
WHERE c_id = '.$course_id.' AND session_id = '.$sessionId;
$result = Database::query($sql);
while ($data = Database::fetch_array($result)) {
$links[] = [
@ -99,8 +106,10 @@ class SurveyLink extends AbstractLink
*/
public function has_results()
{
$ref_id = intval($this->get_ref_id());
$session_id = api_get_session_id();
$ref_id = $this->get_ref_id();
$sessionId = $this->get_session_id();
$courseId = $this->getCourseId();
$tbl_survey = Database::get_course_table(TABLE_SURVEY);
$tbl_survey_invitation = Database::get_course_table(TABLE_SURVEY_INVITATION);
$sql = "SELECT
@ -108,10 +117,10 @@ class SurveyLink extends AbstractLink
FROM $tbl_survey AS s
JOIN $tbl_survey_invitation AS i ON s.code = i.survey_code
WHERE
s.c_id = {$this->course_id} AND
i.c_id = {$this->course_id} AND
s.c_id = $courseId AND
i.c_id = $courseId AND
s.survey_id = $ref_id AND
i.session_id = $session_id";
i.session_id = $sessionId";
$sql_result = Database::query($sql);
$data = Database::fetch_array($sql_result);
@ -132,12 +141,11 @@ class SurveyLink extends AbstractLink
// Note: Max score is assumed to be always 1 for surveys,
// only student's participation is to be taken into account.
$max_score = 1;
$ref_id = intval($this->get_ref_id());
$session_id = api_get_session_id();
$ref_id = $this->get_ref_id();
$sessionId = $this->get_session_id();
$courseId = $this->getCourseId();
$tbl_survey = Database::get_course_table(TABLE_SURVEY);
$tbl_survey_invitation = Database::get_course_table(TABLE_SURVEY_INVITATION);
$get_individual_score = !is_null($stud_id);
$sql = "SELECT i.answered
@ -145,10 +153,10 @@ class SurveyLink extends AbstractLink
JOIN $tbl_survey_invitation AS i
ON s.code = i.survey_code
WHERE
s.c_id = {$this->course_id} AND
i.c_id = {$this->course_id} AND
s.c_id = $courseId AND
i.c_id = $courseId AND
s.survey_id = $ref_id AND
i.session_id = $session_id
i.session_id = $sessionId
";
if ($get_individual_score) {
@ -204,12 +212,14 @@ class SurveyLink extends AbstractLink
*/
public function is_valid_link()
{
$session_id = api_get_session_id();
$sessionId = $this->get_session_id();
$courseId = $this->getCourseId();
$sql = 'SELECT count(survey_id) FROM '.$this->get_survey_table().'
WHERE
c_id = '.$this->course_id.' AND
survey_id = '.intval($this->get_ref_id()).' AND
session_id = '.intval($session_id);
c_id = '.$courseId.' AND
survey_id = '.$this->get_ref_id().' AND
session_id = '.$sessionId;
$result = Database::query($sql);
$number = Database::fetch_row($result);
@ -222,20 +232,24 @@ class SurveyLink extends AbstractLink
return null;
}
if (api_is_allowed_to_edit()) { // Let students make access only through "Surveys" tool.
if (api_is_allowed_to_edit()) {
// Let students make access only through "Surveys" tool.
$tbl_name = $this->get_survey_table();
$session_id = api_get_session_id();
$sessionId = $this->get_session_id();
$courseId = $this->getCourseId();
if ($tbl_name != '') {
$sql = 'SELECT survey_id FROM '.$this->get_survey_table().'
$sql = 'SELECT survey_id
FROM '.$this->get_survey_table().'
WHERE
c_id = '.$this->course_id.' AND
survey_id = '.intval($this->get_ref_id()).' AND
session_id = '.intval($session_id).' ';
c_id = '.$courseId.' AND
survey_id = '.$this->get_ref_id().' AND
session_id = '.$sessionId;
$result = Database::query($sql);
$row = Database::fetch_array($result, 'ASSOC');
$survey_id = $row['survey_id'];
return api_get_path(WEB_PATH).'main/survey/reporting.php?'.api_get_cidreq_params($this->get_course_code(), $session_id).'&survey_id='.$survey_id;
return api_get_path(WEB_PATH).'main/survey/reporting.php?'.api_get_cidreq_params($this->get_course_code(), $sessionId).'&survey_id='.$survey_id;
}
}
@ -270,16 +284,18 @@ class SurveyLink extends AbstractLink
private function get_survey_data()
{
$tbl_name = $this->get_survey_table();
$session_id = api_get_session_id();
if ($tbl_name == '') {
return false;
} elseif (empty($this->survey_data)) {
$courseId = $this->getCourseId();
$sessionId = $this->get_session_id();
$sql = 'SELECT * FROM '.$tbl_name.'
WHERE
c_id = '.$this->course_id.' AND
survey_id = '.intval($this->get_ref_id()).' AND
session_id = '.intval($session_id);
c_id = '.$courseId.' AND
survey_id = '.$this->get_ref_id().' AND
session_id = '.$sessionId;
$query = Database::query($sql);
$this->survey_data = Database::fetch_array($query);
}
@ -287,6 +303,11 @@ class SurveyLink extends AbstractLink
return $this->survey_data;
}
/**
* @param string $string
*
* @return string
*/
private static function html_to_text($string)
{
return strip_tags($string);

3
main/mySpace/myStudents.php
Unescape View File

@ -1700,10 +1700,9 @@ if (empty($details)) {
}
$lp_name = !empty($lp_name) ? $lp_name : get_lang('NoLearnpath');
$css_class = 'row_even';
if ($i % 2) {
$css_class = 'row_odd';
} else {
$css_class = 'row_even';
}
echo '<tr class="'.$css_class.'"><td>'.$exercices['title'].'</td>';

Write Preview
Loading…
Cancel
Save