diff --git a/main/work/work.php b/main/work/work.php index ccf91e9b4d..39b20ebcea 100644 --- a/main/work/work.php +++ b/main/work/work.php @@ -4,15 +4,15 @@ use ChamiloSession as Session; /** -* @package chamilo.work -* @author Thomas, Hugues, Christophe - original version -* @author Patrick Cool , Ghent University - ability for course admins to specify wether uploaded documents are visible or invisible by default. -* @author Roan Embrechts, code refactoring and virtual course support -* @author Frederic Vauthier, directories management -* @author Julio Montoya BeezNest 2011 LOTS of bug fixes -* -* @todo refactor more code into functions, use quickforms, coding standards, ... jm -*/ + * @package chamilo.work + * @author Thomas, Hugues, Christophe - original version + * @author Patrick Cool , Ghent University - ability for course admins to specify wether uploaded documents are visible or invisible by default. + * @author Roan Embrechts, code refactoring and virtual course support + * @author Frederic Vauthier, directories management + * @author Julio Montoya BeezNest 2011 LOTS of bug fixes + * + * @todo refactor more code into functions, use quickforms, coding standards, ... jm + */ /** * STUDENT PUBLICATIONS MODULE @@ -24,7 +24,7 @@ use ChamiloSession as Session; * * GOALS * ***** - * Allow student to quickly send documents immediately visible on the Course + * Allow student to quickly send documents immediately visible on the Course * * The script does 5 things: * @@ -37,9 +37,9 @@ use ChamiloSession as Session; * On the long run, the idea is to allow sending realvideo . Which means only * establish a correspondence between RealServer Content Path and the user's * documents path. - * * -*/ + * + */ /* INIT SECTION */ @@ -136,109 +136,109 @@ $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : 'list'; //Download folder if ($action == 'downloadfolder') { - require 'downloadfolder.inc.php'; + require 'downloadfolder.inc.php'; } /* More init stuff */ if (isset ($_POST['cancelForm']) && !empty ($_POST['cancelForm'])) { - header('Location: ' . api_get_self() . '?origin='.$origin.'&gradebook='.$gradebook); - exit; + header('Location: ' . api_get_self() . '?origin='.$origin.'&gradebook='.$gradebook); + exit; } // If the POST's size exceeds 8M (default value in php.ini) the $_POST array is emptied // If that case happens, we set $submitWork to 1 to allow displaying of the error message // The redirection with header() is needed to avoid apache to show an error page on the next request if ($_SERVER['REQUEST_METHOD'] == 'POST' && !sizeof($_POST)) { - if (strstr($_SERVER['REQUEST_URI'], '?')) { - header('Location: ' . $_SERVER['REQUEST_URI'] . '&submitWork=1'); - exit (); - } else { - header('Location: ' . $_SERVER['REQUEST_URI'] . '?submitWork=1'); - exit (); - } + if (strstr($_SERVER['REQUEST_URI'], '?')) { + header('Location: ' . $_SERVER['REQUEST_URI'] . '&submitWork=1'); + exit (); + } else { + header('Location: ' . $_SERVER['REQUEST_URI'] . '?submitWork=1'); + exit (); + } } $group_id = api_get_group_id(); - -$display_upload_form = false; + +$display_upload_form = false; if ($action == 'upload_form') { - $display_upload_form = true; + $display_upload_form = true; } /* Header */ if (!empty($_GET['gradebook']) && $_GET['gradebook'] == 'view') { - $_SESSION['gradebook'] = Security::remove_XSS($_GET['gradebook']); - $gradebook = $_SESSION['gradebook']; + $_SESSION['gradebook'] = Security::remove_XSS($_GET['gradebook']); + $gradebook = $_SESSION['gradebook']; } elseif (empty($_GET['gradebook'])) { - unset($_SESSION['gradebook']); - $gradebook = ''; + unset($_SESSION['gradebook']); + $gradebook = ''; } -if (!empty($gradebook) && $gradebook == 'view') { - $interbreadcrumb[] = array ('url' => '../gradebook/' . $_SESSION['gradebook_dest'],'name' => get_lang('ToolGradebook')); +if (!empty($gradebook) && $gradebook == 'view') { + $interbreadcrumb[] = array ('url' => '../gradebook/' . $_SESSION['gradebook_dest'],'name' => get_lang('ToolGradebook')); } if (!empty($group_id)) { - $group_properties = GroupManager :: get_group_properties($group_id); + $group_properties = GroupManager :: get_group_properties($group_id); $show_work = false; - - if (api_is_allowed_to_edit(false, true)) { + + if (api_is_allowed_to_edit(false, true)) { $show_work = true; } else { - // you are not a teacher + // you are not a teacher $show_work = GroupManager::user_has_access($user_id, $group_id, GroupManager::GROUP_TOOL_WORK); } - + if (!$show_work) { api_not_allowed(); } - - $interbreadcrumb[] = array ('url' => '../group/group.php', 'name' => get_lang('Groups')); - $interbreadcrumb[] = array ('url' => '../group/group_space.php?gidReq='.$group_id, 'name' => get_lang('GroupSpace').' '.$group_properties['name']); - - $url_dir =''; - $interbreadcrumb[] = array ('url' =>'work.php?gidReq='.$group_id,'name' => get_lang('StudentPublications')); - - $url_dir = 'work.php?&id=' . $work_id; - $interbreadcrumb[] = array ('url' => $url_dir,'name' => $my_folder_data['title']); - - if ($action == 'upload_form') { - $interbreadcrumb[] = array ('url' => 'work.php','name' => get_lang('UploadADocument')); - } - - if ($action == 'create_dir') { - $interbreadcrumb[] = array ('url' => 'work.php','name' => get_lang('CreateAssignment')); - } - Display :: display_header(null); -} else { - if (isset($origin) && $origin != 'learnpath') { - - if (isset($_GET['id']) && !empty($_GET['id']) || $display_upload_form || $action == 'settings' || $action == 'create_dir') { + + $interbreadcrumb[] = array ('url' => '../group/group.php', 'name' => get_lang('Groups')); + $interbreadcrumb[] = array ('url' => '../group/group_space.php?gidReq='.$group_id, 'name' => get_lang('GroupSpace').' '.$group_properties['name']); + + $url_dir =''; + $interbreadcrumb[] = array ('url' =>'work.php?gidReq='.$group_id,'name' => get_lang('StudentPublications')); + + $url_dir = 'work.php?&id=' . $work_id; + $interbreadcrumb[] = array ('url' => $url_dir,'name' => $my_folder_data['title']); + + if ($action == 'upload_form') { + $interbreadcrumb[] = array ('url' => 'work.php','name' => get_lang('UploadADocument')); + } + + if ($action == 'create_dir') { + $interbreadcrumb[] = array ('url' => 'work.php','name' => get_lang('CreateAssignment')); + } + Display :: display_header(null); +} else { + if (isset($origin) && $origin != 'learnpath') { + + if (isset($_GET['id']) && !empty($_GET['id']) || $display_upload_form || $action == 'settings' || $action == 'create_dir') { $interbreadcrumb[] = array ('url' => 'work.php', 'name' => get_lang('StudentPublications')); - } else { + } else { $interbreadcrumb[] = array ('url' => '#', 'name' => get_lang('StudentPublications')); } - + $url_dir = 'work.php?id=' . $work_id; - $interbreadcrumb[] = array ('url' => $url_dir,'name' => $my_folder_data['title']); - - if ($action == 'upload_form') { - $interbreadcrumb[] = array ('url' => '#', 'name' => get_lang('UploadADocument')); - } - if ($action == 'settings') { - $interbreadcrumb[] = array ('url' => '#', 'name' => get_lang('EditToolOptions')); - } - if ($action == 'create_dir') { - $interbreadcrumb[] = array ('url' => '#','name' => get_lang('CreateAssignment')); - } - Display :: display_header(null); - - } else { - //we are in the learnpath tool - Display::display_reduced_header(); - } + $interbreadcrumb[] = array ('url' => $url_dir,'name' => $my_folder_data['title']); + + if ($action == 'upload_form') { + $interbreadcrumb[] = array ('url' => '#', 'name' => get_lang('UploadADocument')); + } + if ($action == 'settings') { + $interbreadcrumb[] = array ('url' => '#', 'name' => get_lang('EditToolOptions')); + } + if ($action == 'create_dir') { + $interbreadcrumb[] = array ('url' => '#','name' => get_lang('CreateAssignment')); + } + Display :: display_header(null); + + } else { + //we are in the learnpath tool + Display::display_reduced_header(); + } } @@ -254,13 +254,13 @@ Display :: display_introduction_section(TOOL_STUDENTPUBLICATION); // introduction section if ($origin == 'learnpath') { - echo '
 
'; + echo '
 
'; } /* Display links to upload form and tool options */ if (!in_array($action, array('send_mail','add','create_dir','upload'))) { - $token = Security::get_token(); + $token = Security::get_token(); } $show_tool_options = (in_array($action, array('list', 'add'))) ? true : false; @@ -268,48 +268,48 @@ $show_tool_options = (in_array($action, array('list', 'add'))) ? true : false; $display_upload_link = $action == 'upload_form' ? false : true; if (!empty($my_folder_data)) { - $homework = get_work_assignment_by_id($my_folder_data['id']); - - if ($homework['expires_on'] != '0000-00-00 00:00:00' || $homework['ends_on'] != '0000-00-00 00:00:00') { - $time_now = time(); - - if (!empty($homework['expires_on']) && $homework['expires_on'] != '0000-00-00 00:00:00') { - $time_expires = api_strtotime($homework['expires_on'], 'UTC'); - $difference = $time_expires - $time_now; - if ($difference < 0) { - $has_expired = true; - } - } - + $homework = get_work_assignment_by_id($my_folder_data['id']); + + if ($homework['expires_on'] != '0000-00-00 00:00:00' || $homework['ends_on'] != '0000-00-00 00:00:00') { + $time_now = time(); + + if (!empty($homework['expires_on']) && $homework['expires_on'] != '0000-00-00 00:00:00') { + $time_expires = api_strtotime($homework['expires_on'], 'UTC'); + $difference = $time_expires - $time_now; + if ($difference < 0) { + $has_expired = true; + } + } + if (empty($homework['expires_on']) || $homework['expires_on'] == '0000-00-00 00:00:00') { - $has_expired = false; - } - - if (!empty($homework['ends_on']) && $homework['ends_on'] != '0000-00-00 00:00:00') { - $time_ends = api_strtotime($homework['ends_on'], 'UTC'); - $difference2 = $time_ends - $time_now; - if ($difference2 < 0) { - $has_ended = true; - } - } - - $ends_on = api_convert_and_format_date($homework['ends_on']); - $expires_on = api_convert_and_format_date($homework['expires_on']); - - if ($has_ended) { - //if (!api_is_allowed_to_edit()) { - $display_upload_link = false; + $has_expired = false; + } + + if (!empty($homework['ends_on']) && $homework['ends_on'] != '0000-00-00 00:00:00') { + $time_ends = api_strtotime($homework['ends_on'], 'UTC'); + $difference2 = $time_ends - $time_now; + if ($difference2 < 0) { + $has_ended = true; + } + } + + $ends_on = api_convert_and_format_date($homework['ends_on']); + $expires_on = api_convert_and_format_date($homework['expires_on']); + + if ($has_ended) { + //if (!api_is_allowed_to_edit()) { + $display_upload_link = false; //} - $message = Display::return_message(get_lang('EndDateAlreadyPassed').' '.$ends_on, 'error'); - } elseif ($has_expired) { - $display_upload_link = true; - $message = Display::return_message(get_lang('ExpiryDateAlreadyPassed').' '.$expires_on, 'warning'); - } else { - if ($has_expired) { - $message = Display::return_message(get_lang('ExpiryDateToSendWorkIs').' '.$expires_on); - } - } - } + $message = Display::return_message(get_lang('EndDateAlreadyPassed').' '.$ends_on, 'error'); + } elseif ($has_expired) { + $display_upload_link = true; + $message = Display::return_message(get_lang('ExpiryDateAlreadyPassed').' '.$expires_on, 'warning'); + } else { + if ($has_expired) { + $message = Display::return_message(get_lang('ExpiryDateToSendWorkIs').' '.$expires_on); + } + } + } } display_action_links($work_id, $curdirpath, $show_tool_options, $display_upload_link, $action); @@ -319,191 +319,191 @@ echo $message; //for teachers switch ($action) { - case 'send_mail': - if (Security::check_token('get')) { - $mails_sent_to = send_reminder_users_without_publication($my_folder_data); + case 'send_mail': + if (Security::check_token('get')) { + $mails_sent_to = send_reminder_users_without_publication($my_folder_data); if (empty($mails_sent_to)) { Display::display_warning_message(get_lang('NoResults')); } else { Display::display_confirmation_message(get_lang('MessageHasBeenSent').' '.implode(', ', $mails_sent_to)); - } - Security::clear_token(); - } - break; - case 'settings': - //if posts - if ($is_allowed_to_edit && !empty($_POST['changeProperties'])) { - // changing the tool setting: default visibility of an uploaded document - $query = "UPDATE " . $main_course_table . " SET show_score='" . $uploadvisibledisabled . "' WHERE code='" . api_get_course_id() . "'"; - $res = Database::query($query); + } + Security::clear_token(); + } + break; + case 'settings': + //if posts + if ($is_allowed_to_edit && !empty($_POST['changeProperties'])) { + // changing the tool setting: default visibility of an uploaded document + $query = "UPDATE " . $main_course_table . " SET show_score='" . $uploadvisibledisabled . "' WHERE code='" . api_get_course_id() . "'"; + $res = Database::query($query); /** * Course data are cached in session so we need to update both the database - * and the session data + * and the session data */ $_course['show_score'] = $uploadvisibledisabled; Session::write('_course', $course); - - - // changing the tool setting: is a student allowed to delete his/her own document - // database table definition - $table_course_setting = Database :: get_course_table(TOOL_COURSE_SETTING); - - // counting the number of occurrences of this setting (if 0 => add, if 1 => update) - $query = "SELECT * FROM " . $table_course_setting . " WHERE c_id = $course_id AND variable = 'student_delete_own_publication'"; - $result = Database::query($query); - $number_of_setting = Database::num_rows($result); - - if ($number_of_setting == 1) { - $query = "UPDATE " . $table_course_setting . " SET value='" . Database::escape_string($_POST['student_delete_own_publication']) . "' + + + // changing the tool setting: is a student allowed to delete his/her own document + // database table definition + $table_course_setting = Database :: get_course_table(TOOL_COURSE_SETTING); + + // counting the number of occurrences of this setting (if 0 => add, if 1 => update) + $query = "SELECT * FROM " . $table_course_setting . " WHERE c_id = $course_id AND variable = 'student_delete_own_publication'"; + $result = Database::query($query); + $number_of_setting = Database::num_rows($result); + + if ($number_of_setting == 1) { + $query = "UPDATE " . $table_course_setting . " SET value='" . Database::escape_string($_POST['student_delete_own_publication']) . "' WHERE variable='student_delete_own_publication' AND c_id = $course_id"; - Database::query($query); - } else { - $query = "INSERT INTO " . $table_course_setting . " (c_id, variable, value, category) VALUES + Database::query($query); + } else { + $query = "INSERT INTO " . $table_course_setting . " (c_id, variable, value, category) VALUES ($course_id, 'student_delete_own_publication','" . Database::escape_string($_POST['student_delete_own_publication']) . "','work')"; - Database::query($query); - } - Display::display_confirmation_message(get_lang('Saved')); - } - /* Display of tool options */ - display_tool_options($uploadvisibledisabled, $origin); - break; - case 'mark_work': + Database::query($query); + } + Display::display_confirmation_message(get_lang('Saved')); + } + /* Display of tool options */ + display_tool_options($uploadvisibledisabled, $origin); + break; + case 'mark_work': if (!api_is_allowed_to_edit()) { echo Display::return_message(get_lang('ActionNotAllowed'), 'error'); - Display::display_footer(); + Display::display_footer(); } break; case 'edit': - case 'upload_form': //can be add or edit work - $is_author = false; - if (empty($item_id)) { - $parent_data = get_work_data_by_id($work_id); - $parent_data['qualification'] = intval($parent_data['qualification']); - - if (!empty($parent_data) && !empty($parent_data['qualification'])) { - $count = get_work_count_by_student($user_id, $work_id); - if ($count >= 1 ) { - if (api_get_course_setting('student_delete_own_publication') == '1') { - Display::display_warning_message(get_lang('CantUploadDeleteYourPaperFirst')); - } else { - Display::display_warning_message(get_lang('YouAlreadySentAPaperYouCantUpload')); - } - Display::display_footer(); - exit; - } - } - } else { - //we found the current user is the author - $sql = "SELECT * FROM $work_table WHERE c_id = $course_id AND id = $item_id"; - $result = Database::query($sql); - $work_item = array(); - if ($result) { - $work_item = Database::fetch_array($result); - } - - //Get the author ID for that document from the item_property table - $is_author = user_is_author($item_id); + case 'upload_form': //can be add or edit work + $is_author = false; + if (empty($item_id)) { + $parent_data = get_work_data_by_id($work_id); + $parent_data['qualification'] = intval($parent_data['qualification']); + + if (!empty($parent_data) && !empty($parent_data['qualification'])) { + $count = get_work_count_by_student($user_id, $work_id); + if ($count >= 1 ) { + if (api_get_course_setting('student_delete_own_publication') == '1') { + Display::display_warning_message(get_lang('CantUploadDeleteYourPaperFirst')); + } else { + Display::display_warning_message(get_lang('YouAlreadySentAPaperYouCantUpload')); + } + Display::display_footer(); + exit; + } + } + } else { + //we found the current user is the author + $sql = "SELECT * FROM $work_table WHERE c_id = $course_id AND id = $item_id"; + $result = Database::query($sql); + $work_item = array(); + if ($result) { + $work_item = Database::fetch_array($result); + } + + //Get the author ID for that document from the item_property table + $is_author = user_is_author($item_id); if (!$is_author) { - Display::display_warning_message(get_lang('NotAllowed')); + Display::display_warning_message(get_lang('NotAllowed')); Display::display_footer(); } - } - - $form = new FormValidator('form', 'POST', api_get_self() . "?action=upload&id=".$work_id."&gradebook=".Security::remove_XSS($_GET['gradebook'])."&origin=$origin", '', array('enctype' => "multipart/form-data")); - - // form title - if ($item_id) { - $form_title = get_lang('Edit'); - } else { - $form_title = get_lang('UploadADocument'); - } - $form->addElement('header', $form_title); - - if (!empty ($error_message)) { - Display :: display_error_message($error_message); - } - $show_progress_bar = false; - - if ($submitGroupWorkUrl) { - // For user comming from group space to publish his work - $realUrl = str_replace($_configuration['root_sys'], api_get_path(WEB_PATH), str_replace("\\", '/', realpath($submitGroupWorkUrl))); - $form->addElement('hidden', 'newWorkUrl', $submitGroupWorkUrl); - $text_document = $form->addElement('text', 'document', get_lang('Document')); - $defaults['document'] = '' . $realUrl . ''; - $text_document->freeze(); - } elseif ($item_id && ($is_allowed_to_edit or $is_author)) { - $workUrl = $currentCourseRepositoryWeb . $workUrl; - } else { - // else standard upload option - $form->addElement('file', 'file', get_lang('UploadADocument'), 'size="40" onchange="updateDocumentTitle(this.value)"'); - $show_progress_bar = true; - } - + } + + $form = new FormValidator('form', 'POST', api_get_self() . "?action=upload&id=".$work_id."&gradebook=".Security::remove_XSS($_GET['gradebook'])."&origin=$origin", '', array('enctype' => "multipart/form-data")); + + // form title + if ($item_id) { + $form_title = get_lang('Edit'); + } else { + $form_title = get_lang('UploadADocument'); + } + $form->addElement('header', $form_title); + + if (!empty ($error_message)) { + Display :: display_error_message($error_message); + } + $show_progress_bar = false; + + if ($submitGroupWorkUrl) { + // For user comming from group space to publish his work + $realUrl = str_replace($_configuration['root_sys'], api_get_path(WEB_PATH), str_replace("\\", '/', realpath($submitGroupWorkUrl))); + $form->addElement('hidden', 'newWorkUrl', $submitGroupWorkUrl); + $text_document = $form->addElement('text', 'document', get_lang('Document')); + $defaults['document'] = '' . $realUrl . ''; + $text_document->freeze(); + } elseif ($item_id && ($is_allowed_to_edit or $is_author)) { + $workUrl = $currentCourseRepositoryWeb . $workUrl; + } else { + // else standard upload option + $form->addElement('file', 'file', get_lang('UploadADocument'), 'size="40" onchange="updateDocumentTitle(this.value)"'); + $show_progress_bar = true; + } + $form->addElement('hidden', 'id', $work_id); - if (empty($item_id)) { - $form->addElement('hidden', 'contains_file', 0, array('id'=>'contains_file_id')); - } else { + if (empty($item_id)) { + $form->addElement('hidden', 'contains_file', 0, array('id'=>'contains_file_id')); + } else { $form->addElement('hidden', 'item_id', $item_id); } - $form->addElement('text', 'title', get_lang('Title'), array('id' => 'file_upload', 'class' => 'span4')); - //$form->addElement('html_editor', 'description', get_lang("Description")); + $form->addElement('text', 'title', get_lang('Title'), array('id' => 'file_upload', 'class' => 'span4')); + //$form->addElement('html_editor', 'description', get_lang("Description")); $form->add_html_editor('description', get_lang('Description'), false, false, array('ToolbarSet' => 'Work', 'Width' => '100%', 'Height' => '200')); - - if ($item_id && !empty($work_item)) { - $defaults['title'] = $work_item['title']; - $defaults["description"] = $work_item['description']; - $defaults['qualification'] = $work_item['qualification']; - } - - if ($is_allowed_to_edit && !empty($item_id)) { - // Get qualification from parent_id that'll allow the validation qualification over - $sql = "SELECT qualification FROM $work_table WHERE c_id = $course_id AND id ='$parent_id' "; - $result = Database::query($sql); - $row = Database::fetch_array($result); + + if ($item_id && !empty($work_item)) { + $defaults['title'] = $work_item['title']; + $defaults["description"] = $work_item['description']; + $defaults['qualification'] = $work_item['qualification']; + } + + if ($is_allowed_to_edit && !empty($item_id)) { + // Get qualification from parent_id that'll allow the validation qualification over + $sql = "SELECT qualification FROM $work_table WHERE c_id = $course_id AND id ='$parent_id' "; + $result = Database::query($sql); + $row = Database::fetch_array($result); $qualification_over = $row['qualification']; if (!empty($qualification_over) && intval($qualification_over) > 0) { - $form->addElement('text', 'qualification', array(get_lang('Qualification'), null, " / ".$qualification_over), 'size="10"'); + $form->addElement('text', 'qualification', array(get_lang('Qualification'), null, " / ".$qualification_over), 'size="10"'); $form->addElement('hidden', 'qualification_over', $qualification_over); } - } - - $form->addElement('hidden', 'active', 1); - $form->addElement('hidden', 'accepted', 1); - $form->addElement('hidden', 'item_to_edit', $item_id); + } + + $form->addElement('hidden', 'active', 1); + $form->addElement('hidden', 'accepted', 1); + $form->addElement('hidden', 'item_to_edit', $item_id); $token = Security::get_token(); - $form->addElement('hidden', 'sec_token', $token); - - if ($item_id) { - $text = get_lang('UpdateWork'); - $class = 'save'; - } else { - $text = get_lang('Send'); - $class = 'upload'; - } - - // fix the Ok button when we see the tool in the learn path - if ($origin == 'learnpath') { - $form->addElement('html', '
'); - $form->addElement('style_submit_button', 'submitWork', $text, array('class'=> $class, 'value' => "submitWork")); - $form->addElement('html', '
'); - } else { - if ($item_id) { - $form->addElement('style_submit_button', 'editWork', $text, array('class'=> $class, 'value' => "editWork")); - } else { - $form->addElement('style_submit_button', 'submitWork', $text, array('class'=> $class, 'value' => "submitWork")); - } - } - - if (!empty($_POST['submitWork']) || $item_id) { - $form->addElement('style_submit_button', 'cancelForm', get_lang('Cancel'), 'class="cancel"'); - } - - if ($show_progress_bar) { - $form->add_real_progress_bar('uploadWork', 'file'); - } - $form->setDefaults($defaults); - - //fixes bug when showing modification form + $form->addElement('hidden', 'sec_token', $token); + + if ($item_id) { + $text = get_lang('UpdateWork'); + $class = 'save'; + } else { + $text = get_lang('Send'); + $class = 'upload'; + } + + // fix the Ok button when we see the tool in the learn path + if ($origin == 'learnpath') { + $form->addElement('html', '
'); + $form->addElement('style_submit_button', 'submitWork', $text, array('class'=> $class, 'value' => "submitWork")); + $form->addElement('html', '
'); + } else { + if ($item_id) { + $form->addElement('style_submit_button', 'editWork', $text, array('class'=> $class, 'value' => "editWork")); + } else { + $form->addElement('style_submit_button', 'submitWork', $text, array('class'=> $class, 'value' => "submitWork")); + } + } + + if (!empty($_POST['submitWork']) || $item_id) { + $form->addElement('style_submit_button', 'cancelForm', get_lang('Cancel'), 'class="cancel"'); + } + + if ($show_progress_bar) { + $form->add_real_progress_bar('uploadWork', 'file'); + } + $form->setDefaults($defaults); + + //fixes bug when showing modification form if (!empty($work_id)) { if ($is_allowed_to_edit) { if (api_resource_is_locked_by_gradebook($work_id, LINK_STUDENTPUBLICATION)) { @@ -517,97 +517,97 @@ switch ($action) { } else { Display::display_error_message(get_lang('ActionNotAllowed')); } - } elseif ($student_can_edit_in_session && $has_ended == false) { + } elseif ($student_can_edit_in_session && $has_ended == false) { $form->display(); } else { Display::display_error_message(get_lang('ActionNotAllowed')); } } else { Display::display_error_message(get_lang('ActionNotAllowed')); - } - break; - case 'upload': - $check = Security::check_token('post'); - - if ($student_can_edit_in_session && $check) { - - //check the token inserted into the form - if (isset($_POST['submitWork']) && !empty($is_course_member)) { - $authors = api_get_person_name($currentUserFirstName, $currentUserLastName); - $url = null; + } + break; + case 'upload': + $check = Security::check_token('post'); + + if ($student_can_edit_in_session && $check) { + + //check the token inserted into the form + if (isset($_POST['submitWork']) && !empty($is_course_member)) { + $authors = api_get_person_name($currentUserFirstName, $currentUserLastName); + $url = null; $contains_file = 0; - - if ($_POST['contains_file'] && !empty($_FILES['file']['size'])) { - $updir = $currentCourseRepositorySys . 'work/'; //directory path to upload - - // Try to add an extension to the file if it has'nt one - $new_file_name = add_ext_on_mime(stripslashes($_FILES['file']['name']), $_FILES['file']['type']); - - // Replace dangerous characters - $new_file_name = replace_dangerous_char($new_file_name, 'strict'); - - // Transform any .php file in .phps fo security - $new_file_name = php2phps($new_file_name); - - $filesize = filesize($_FILES['file']['tmp_name']); - - if (empty($filesize)) { - Display :: display_error_message(get_lang('UplUploadFailedSizeIsZero')); - $succeed = false; - } elseif (!filter_extension($new_file_name)) { - //filter extension - Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension')); - $succeed = false; - } - if (!$title) { - $title = $_FILES['file']['name']; - } - - // Compose a unique file name to avoid any conflict - $new_file_name = api_get_unique_id(); + + if ($_POST['contains_file'] && !empty($_FILES['file']['size'])) { + $updir = $currentCourseRepositorySys . 'work/'; //directory path to upload + + // Try to add an extension to the file if it has'nt one + $new_file_name = add_ext_on_mime(stripslashes($_FILES['file']['name']), $_FILES['file']['type']); + + // Replace dangerous characters + $new_file_name = replace_dangerous_char($new_file_name, 'strict'); + + // Transform any .php file in .phps fo security + $new_file_name = php2phps($new_file_name); + + $filesize = filesize($_FILES['file']['tmp_name']); + + if (empty($filesize)) { + Display :: display_error_message(get_lang('UplUploadFailedSizeIsZero')); + $succeed = false; + } elseif (!filter_extension($new_file_name)) { + //filter extension + Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension')); + $succeed = false; + } + if (!$title) { + $title = $_FILES['file']['name']; + } + + // Compose a unique file name to avoid any conflict + $new_file_name = api_get_unique_id(); $curdirpath = basename($my_folder_data['url']); - - //if we come from the group tools the groupid will be saved in $work_table - $result = @move_uploaded_file($_FILES['file']['tmp_name'], $updir.$curdirpath.'/'.$new_file_name); + + //if we come from the group tools the groupid will be saved in $work_table + $result = @move_uploaded_file($_FILES['file']['tmp_name'], $updir.$curdirpath.'/'.$new_file_name); if ($result) { $url = 'work/'.$curdirpath.'/'.$new_file_name; $contains_file = 1; } - } - - if (empty($title)) { - $title = get_lang('Untitled'); - } - + } + + if (empty($title)) { + $title = get_lang('Untitled'); + } + $documents_total_space = DocumentManager::documents_total_space(); $course_max_space = DocumentManager::get_course_quota(); $total_size = $filesize + $documents_total_space; if ($total_size > $course_max_space) { - $error_message = get_lang('NoSpace'); + $error_message = get_lang('NoSpace'); } else { - + $active = '1'; - $sql_add_publication = "INSERT INTO " . $work_table . " SET + $sql_add_publication = "INSERT INTO " . $work_table . " SET c_id = $course_id , url = '" . $url . "', title = '" . Database::escape_string($title) . "', description = '" . Database::escape_string($description) . "', author = '" . Database::escape_string($authors) . "', - contains_file = '".$contains_file."', - active = '" . $active . "', + contains_file = '".$contains_file."', + active = '" . $active . "', accepted = '1', post_group_id = '".$group_id."', sent_date = '".api_get_utc_datetime()."', parent_id = '".$work_id."' , - session_id = '".intval($id_session)."' , + session_id = '".intval($id_session)."' , user_id = '".$user_id."'"; - //var_dump($sql_add_publication);exit; - Database::query($sql_add_publication); - $id = Database::insert_id(); - } - - if ($id) { - api_item_property_update($course_info, 'work', $id, 'DocumentAdded', $user_id, api_get_group_id()); + //var_dump($sql_add_publication);exit; + Database::query($sql_add_publication); + $id = Database::insert_id(); + } + + if ($id) { + api_item_property_update($course_info, 'work', $id, 'DocumentAdded', $user_id, api_get_group_id()); /* * See task #5145 if($uploadvisibledisabled){ @@ -617,178 +617,178 @@ switch ($action) { }else{ //api_item_property_update($course_info, 'work', $id, 'visible', api_get_user_id()); }*/ - $succeed = true; - } - } elseif ($newWorkUrl) { - - // SPECIAL CASE ! For a work coming from another area (i.e. groups) - /* - $url = str_replace('../../' . $_course['path'] . '/', '', $newWorkUrl); - - if (!$title) { - $title = basename($workUrl); - } - $sql = "INSERT INTO " . $work_table . " SET - c_id = $course_id, - url = '" . $url . "', - title = '" . Database::escape_string($title) . "', - description = '" . Database::escape_string($description) . "', - author = '" . Database::escape_string($authors) . "', - post_group_id = '".$group_id."', - sent_date = '".api_get_utc_datetime()."', - session_id = '".intval($id_session)."', - user_id = '".$user_id."'"; - - Database::query($sql); - - $insertId = Database::insert_id(); - api_item_property_update($_course, 'work', $insertId, 'DocumentAdded', $user_id, $group_id); - $succeed = true;*/ - } elseif (isset($_POST['editWork'])) { - /* - * SPECIAL CASE ! For a work edited - */ - //Get the author ID for that document from the item_property table + $succeed = true; + } + } elseif ($newWorkUrl) { + + // SPECIAL CASE ! For a work coming from another area (i.e. groups) + /* + $url = str_replace('../../' . $_course['path'] . '/', '', $newWorkUrl); + + if (!$title) { + $title = basename($workUrl); + } + $sql = "INSERT INTO " . $work_table . " SET + c_id = $course_id, + url = '" . $url . "', + title = '" . Database::escape_string($title) . "', + description = '" . Database::escape_string($description) . "', + author = '" . Database::escape_string($authors) . "', + post_group_id = '".$group_id."', + sent_date = '".api_get_utc_datetime()."', + session_id = '".intval($id_session)."', + user_id = '".$user_id."'"; + + Database::query($sql); + + $insertId = Database::insert_id(); + api_item_property_update($_course, 'work', $insertId, 'DocumentAdded', $user_id, $group_id); + $succeed = true;*/ + } elseif (isset($_POST['editWork'])) { + /* + * SPECIAL CASE ! For a work edited + */ + //Get the author ID for that document from the item_property table $item_to_edit_id = intval($_POST['item_to_edit']); - $is_author = user_is_author($item_to_edit_id); - - if ($is_author) { - $work_data = get_work_data_by_id($item_to_edit_id); - - if (!empty($_POST['title'])) - $title = isset($_POST['title']) ? $_POST['title'] : $work_data['title']; - $description = isset($_POST['description']) ? $_POST['description'] : $work_data['description']; - - if ($is_allowed_to_edit && ($_POST['qualification'] !='' )) { - $add_to_update = ', qualificator_id ='."'".api_get_user_id()."',"; - $add_to_update .= ' qualification = '."'".Database::escape_string($_POST['qualification'])."',"; - $add_to_update .= ' date_of_qualification ='."'".api_get_utc_datetime()."'"; - } - - if ((int)$_POST['qualification'] > (int)$_POST['qualification_over']) { - Display::display_error_message(get_lang('QualificationMustNotBeMoreThanQualificationOver')); - } else { - $sql = "UPDATE " . $work_table . " + $is_author = user_is_author($item_to_edit_id); + + if ($is_author) { + $work_data = get_work_data_by_id($item_to_edit_id); + + if (!empty($_POST['title'])) + $title = isset($_POST['title']) ? $_POST['title'] : $work_data['title']; + $description = isset($_POST['description']) ? $_POST['description'] : $work_data['description']; + + if ($is_allowed_to_edit && ($_POST['qualification'] !='' )) { + $add_to_update = ', qualificator_id ='."'".api_get_user_id()."',"; + $add_to_update .= ' qualification = '."'".Database::escape_string($_POST['qualification'])."',"; + $add_to_update .= ' date_of_qualification ='."'".api_get_utc_datetime()."'"; + } + + if ((int)$_POST['qualification'] > (int)$_POST['qualification_over']) { + Display::display_error_message(get_lang('QualificationMustNotBeMoreThanQualificationOver')); + } else { + $sql = "UPDATE " . $work_table . " SET title = '" . Database::escape_string($title) . "', description = '" . Database::escape_string($description) . "' ".$add_to_update." - WHERE c_id = $course_id AND id = $item_to_edit_id"; - Database::query($sql); - } - api_item_property_update($_course, 'work', $item_to_edit_id, 'DocumentUpdated', $user_id); - $succeed = true; + WHERE c_id = $course_id AND id = $item_to_edit_id"; + Database::query($sql); + } + api_item_property_update($_course, 'work', $item_to_edit_id, 'DocumentUpdated', $user_id); + $succeed = true; Display :: display_confirmation_message(get_lang('ItemUpdated'), false); - } else { - $error_message = get_lang('IsNotPosibleSaveTheDocument'); - } - } else { + } else { + $error_message = get_lang('IsNotPosibleSaveTheDocument'); + } + } else { $error_message = get_lang('IsNotPosibleSaveTheDocument'); - } + } Security::clear_token(); - } else { + } else { //Bad token or can't add works $error_message = get_lang('IsNotPosibleSaveTheDocument'); } - - if (!empty($succeed) && !empty($id)) { - //last value is to check this is not "just" an edit - //YW Tis part serve to send a e-mail to the tutors when a new file is sent - $send = api_get_course_setting('email_alert_manager_on_new_doc'); - - if ($send > 0) { - // Lets predefine some variables. Be sure to change the from address! - if (empty($id_session)) { + + if (!empty($succeed) && !empty($id)) { + //last value is to check this is not "just" an edit + //YW Tis part serve to send a e-mail to the tutors when a new file is sent + $send = api_get_course_setting('email_alert_manager_on_new_doc'); + + if ($send > 0) { + // Lets predefine some variables. Be sure to change the from address! + if (empty($id_session)) { //Teachers $user_list = CourseManager::get_user_list_from_course_code(api_get_course_id(), null, null, null, COURSEMANAGER); - } else { + } else { //Coaches - $user_list = CourseManager::get_user_list_from_course_code(api_get_course_id(), $session_id, null, null, 2); - } - + $user_list = CourseManager::get_user_list_from_course_code(api_get_course_id(), $session_id, null, null, 2); + } + $emailsubject = "[" . api_get_setting('siteName') . "] ".get_lang('SendMailBody')."\n".get_lang('CourseName')." : ".$_course['name']." "; - + foreach ($user_list as $user_data) { - $user_id = $user_data; + $user_id = $user_data['user_id']; $emailbody = get_lang('SendMailBody')."\n".get_lang('CourseName')." : ".$_course['name']."\n"; - //$emailbody .= get_lang('WorkName')." : ".substr($my_cur_dir_path, 0, -1)."\n"; - $emailbody .= get_lang('UserName')." : ".api_get_person_name($user_data['firstname'], $user_data['lastname'])."\n"; - $emailbody .= get_lang('DateSent')." : ".api_format_date(api_get_local_time())."\n"; - $emailbody .= get_lang('WorkName')." : ".$title."\n\n".get_lang('DownloadLink')."\n"; + //$emailbody .= get_lang('WorkName')." : ".substr($my_cur_dir_path, 0, -1)."\n"; + $emailbody .= get_lang('UserName')." : ".api_get_person_name($user_data['firstname'], $user_data['lastname'])."\n"; + $emailbody .= get_lang('DateSent')." : ".api_format_date(api_get_local_time())."\n"; + $emailbody .= get_lang('WorkName')." : ".$title."\n\n".get_lang('DownloadLink')."\n"; $url = api_get_path(WEB_CODE_PATH)."work/work.php?".api_get_cidreq()."&id=".$work_id; - $emailbody .= Display::url($url, $url)." \n\n" . api_get_setting('administratorName') . " " . api_get_setting('administratorSurname') . "\n" . get_lang('Manager') . " " . api_get_setting('siteName') . "\n" . get_lang('Email') . " : " . api_get_setting('emailAdministrator'); - - MessageManager::send_message_simple($user_id, $emailsubject, $emailbody); - } - } - $message = get_lang('DocAdd'); - event_upload($id); - Display :: display_confirmation_message(get_lang('DocAdd'), false); - } else { + $emailbody .= Display::url($url, $url)." \n\n" . api_get_setting('administratorName') . " " . api_get_setting('administratorSurname') . "\n" . get_lang('Manager') . " " . api_get_setting('siteName') . "\n" . get_lang('Email') . " : " . api_get_setting('emailAdministrator'); + + MessageManager::send_message_simple($user_id, $emailsubject, $emailbody); + } + } + $message = get_lang('DocAdd'); + event_upload($id); + Display :: display_confirmation_message(get_lang('DocAdd'), false); + } else { if (!empty($error_message)) { - Display :: display_warning_message($error_message, false); + Display :: display_warning_message($error_message, false); } } - case 'create_dir': - case 'add': - //$check = Security::check_token('post'); + case 'create_dir': + case 'add': + //$check = Security::check_token('post'); //show them the form for the directory name - - if ($is_allowed_to_edit && in_array($action, array('create_dir','add'))) { - //create the form that asks for the directory name + + if ($is_allowed_to_edit && in_array($action, array('create_dir','add'))) { + //create the form that asks for the directory name $form = new FormValidator('form1', 'post', api_get_self().'?action=create_dir&'. api_get_cidreq()); - + $form->addElement('header', get_lang('CreateAssignment').$token); $form->addElement('hidden', 'action', 'add'); - $form->addElement('hidden', 'curdirpath', Security :: remove_XSS($curdirpath)); - // $form->addElement('hidden', 'sec_token', $token); - - $form->addElement('text', 'new_dir', get_lang('AssignmentName')); + $form->addElement('hidden', 'curdirpath', Security :: remove_XSS($curdirpath)); + // $form->addElement('hidden', 'sec_token', $token); + + $form->addElement('text', 'new_dir', get_lang('AssignmentName')); $form->addRule('new_dir', get_lang('ThisFieldIsRequired'), 'required'); - + //$form->addElement('html_editor', 'description', get_lang('Description')); $form->add_html_editor('description', get_lang('Description'), false, false, array('ToolbarSet' => 'Work', 'Width' => '100%', 'Height' => '200')); - + $form->addElement('advanced_settings', ''.Display::return_icon('div_show.gif',get_lang('AdvancedParameters'), array('style' => 'vertical-align:center')).' '.get_lang('AdvancedParameters').''); - + $form->addElement('html', ''); + $form->addElement('checkbox', 'type1', null, get_lang('EnableExpiryDate'), array('id' =>'make_calification_id', 'onclick' => "javascript: if(this.checked){document.getElementById('option2').style.display='block';}else{document.getElementById('option2').style.display='none';}")); - + $form->addElement('html', ''); - - + + $form->addElement('checkbox', 'type2', null, get_lang('EnableEndDate'), array('id' =>'make_calification_id', 'onclick' => "javascript: if(this.checked){document.getElementById('option3').style.display='block';}else{document.getElementById('option3').style.display='none';}")); - + $form->addElement('html', ''); - - $form->addElement('checkbox', 'add_to_calendar', null, get_lang('AddToCalendar')); - $form->addElement('checkbox', 'allow_text_assignment', null, get_lang('AllowTextAssignments')); - $form->addElement('html', ''); + + $form->addElement('checkbox', 'add_to_calendar', null, get_lang('AddToCalendar')); + $form->addElement('checkbox', 'allow_text_assignment', null, get_lang('AllowTextAssignments')); + $form->addElement('html', ''); $form->addElement('style_submit_button', 'submit', get_lang('CreateDirectory')); - + if ($form->validate()) { $directory = Security::remove_XSS($_POST['new_dir']); @@ -810,7 +810,7 @@ switch ($action) { $today = api_get_utc_datetime($time); $sql_add_publication = "INSERT INTO " . $work_table . " SET - c_id = $course_id, + c_id = $course_id, url = '".Database::escape_string($dir_name_sql)."', title = '".Database::escape_string($_POST['new_dir'])."', description = '".Database::escape_string($_POST['description'])."', @@ -827,7 +827,7 @@ switch ($action) { weight = '".Database::escape_string($_POST['weight'])."', session_id = '".intval($id_session)."', allow_text_assignment = '".Database::escape_string($_POST['allow_text_assignment'])."', - contains_file = 0, + contains_file = 0, user_id = '".$user_id."'"; Database::query($sql_add_publication); @@ -840,7 +840,7 @@ switch ($action) { $end_date = ''; if (isset($_POST['add_to_calendar']) && $_POST['add_to_calendar'] == 1) { require_once api_get_path(SYS_CODE_PATH).'calendar/agenda.inc.php'; - require_once api_get_path(SYS_CODE_PATH).'resourcelinker/resourcelinker.inc.php'; + require_once api_get_path(SYS_CODE_PATH).'resourcelinker/resourcelinker.inc.php'; // Setting today date $date = $end_date = $time; @@ -861,13 +861,13 @@ switch ($action) { api_item_property_update($course_info, 'work', $id, 'DirectoryCreated', $user_id, $group_id); Display :: display_confirmation_message(get_lang('DirectoryCreated'), false); - // insert into student_publication_assignment + // insert into student_publication_assignment //return something like this: 2008-02-45 00:00:00 $enable_calification = isset($_POST['qualification_value']) && !empty($_POST['qualification_value']) ? 1 : 0; if (!empty($_POST['type1']) || !empty($_POST['type2'])) { - + $sql_add_homework = "INSERT INTO $TSTDPUBASG SET c_id = $course_id , expires_on = '".((isset($_POST['type1']) && $_POST['type1']==1) ? api_get_utc_datetime(get_date_from_select('expires')) : '0000-00-00 00:00:00'). "', @@ -875,7 +875,7 @@ switch ($action) { add_to_calendar = '$agenda_id', enable_qualification = '$enable_calification', publication_id = '$id'"; - Database::query($sql_add_homework); + Database::query($sql_add_homework); $my_last_id = Database::insert_id(); $sql_add_publication = "UPDATE $work_table SET has_properties = $my_last_id , view_properties = 1 WHERE c_id = $course_id AND id = $id"; Database::query($sql_add_publication); @@ -893,7 +893,7 @@ switch ($action) { Database::query($sql_add_publication); } if (!empty($_POST['category_id'])) { - + if (isset($_POST['make_calification']) && $_POST['make_calification'] == 1) { require_once api_get_path(SYS_CODE_PATH).'gradebook/lib/be/gradebookitem.class.php'; @@ -903,9 +903,9 @@ switch ($action) { $resource_name = $_POST['new_dir']; add_resource_to_course_gradebook($_POST['category_id'], api_get_course_id(), 3, $id, $resource_name, $_POST['weight'], $_POST['qualification_value'], $_POST['description'], 1, api_get_session_id()); - } + } } - + if (api_get_course_setting('email_alert_students_on_new_homework') == 1) { send_email_on_homework_creation(api_get_course_id()); } @@ -913,277 +913,277 @@ switch ($action) { Display :: display_error_message(get_lang('CannotCreateDir')); } } else { - $form->display(); - } + $form->display(); + } } - case 'make_visible': + case 'make_visible': case 'delete': - case 'make_invisible': - case 'move': - case 'move_to': - case 'list': - /* Move file command */ - if ($is_allowed_to_edit && $action == 'move_to') { - $move_to_path = get_work_path($_REQUEST['move_to_id']); - - if ($move_to_path==-1) { - $move_to_path = '/'; - } elseif (substr($move_to_path, -1, 1) != '/') { - $move_to_path = $move_to_path .'/'; - } - - //security fix: make sure they can't move files that are not in the document table - if ($path = get_work_path($item_id)) { - - if (move($course_dir.'/'.$path, $base_work_dir . $move_to_path)) { - //update db - update_work_url($item_id, 'work' . $move_to_path, $_REQUEST['move_to_id']); - - api_item_property_update($_course, 'work', $_REQUEST['move_to_id'], 'FolderUpdated', $user_id); - - /* - // update all the parents in the table item propery - $list_id = get_parent_directories($move_to_path); - for ($i = 0; $i < count($list_id); $i++) { - api_item_property_update($_course, 'work', $list_id[$i], 'FolderUpdated', $user_id); - }*/ - Display :: display_confirmation_message(get_lang('DirMv')); - } else { - Display :: display_error_message(get_lang('Impossible')); - } - } else { - Display :: display_error_message(get_lang('Impossible')); - } - } - - /* Move file form request */ - if ($is_allowed_to_edit && $action == 'move') { - if (!empty($item_id)) { - $folders = array(); - $session_id = api_get_session_id(); - $session_id == 0 ? $withsession = " AND session_id = 0 " : $withsession = " AND session_id='".$session_id."'"; - $sql = "SELECT id, url, title FROM $work_table - WHERE c_id = $course_id AND active IN (0, 1) AND url LIKE '/%' AND post_group_id = '".$group_id."'".$withsession; - $res = Database::query($sql); - while($folder = Database::fetch_array($res)) { - $folders[$folder['id']] = $folder['title']; - } - echo build_work_move_to_selector($folders, $curdirpath, $item_id); - } - } - - /* MAKE VISIBLE WORK COMMAND */ - if ($is_allowed_to_edit && $action == 'make_visible') { - if (!empty($item_id)) { - if (isset($item_id) && $item_id == 'all') { - //never happens - /* - $sql = "ALTER TABLE " . $work_table . " CHANGE accepted accepted TINYINT(1) DEFAULT '1'"; - Database::query($sql); - $sql = "UPDATE " . $work_table . " SET accepted = 1"; - Database::query($sql); - Display::display_confirmation_message(get_lang('AllFilesVisible'));*/ - } else { - $sql = "UPDATE " . $work_table . " SET accepted = 1 WHERE c_id = $course_id AND id = '" . $item_id . "'"; - Database::query($sql); - api_item_property_update($course_info, 'work', $item_id, 'visible', api_get_user_id()); - Display::display_confirmation_message(get_lang('FileVisible')); - } - } - } - - if ($is_allowed_to_edit && $action == 'make_invisible') { - - /* MAKE INVISIBLE WORK COMMAND */ - if (!empty($item_id)) { - if (isset($item_id) && $item_id == 'all') { - /* - $sql = "ALTER TABLE " . $work_table . " - CHANGE accepted accepted TINYINT(1) DEFAULT '0'"; - Database::query($sql); - $sql = "UPDATE " . $work_table . " SET accepted = 0"; - Database::query($sql); - Display::display_confirmation_message(get_lang('AllFilesInvisible'));*/ - } else { - $sql = "UPDATE " . $work_table . " SET accepted = 0 - WHERE c_id = $course_id AND id = '" . $item_id . "'"; - Database::query($sql); - api_item_property_update($course_info, 'work', $item_id, 'invisible', api_get_user_id()); - Display::display_confirmation_message(get_lang('FileInvisible')); - } - } - } - - /* Delete dir command */ - - if ($is_allowed_to_edit && !empty($_REQUEST['delete_dir'])) { - $delete_dir_id = intval($_REQUEST['delete_dir']); - $locked = api_resource_is_locked_by_gradebook($delete_dir_id, LINK_STUDENTPUBLICATION); - - if ($locked == false) { - - $work_to_delete = get_work_data_by_id($delete_dir_id); - del_dir($delete_dir_id); - - // gets calendar_id from student_publication_assigment - $sql = "SELECT add_to_calendar FROM $TSTDPUBASG WHERE c_id = $course_id AND publication_id ='$delete_dir_id'"; - $res = Database::query($sql); - $calendar_id = Database::fetch_row($res); - - // delete from agenda if it exists - if (!empty($calendar_id[0])) { - $t_agenda = Database::get_course_table(TABLE_AGENDA); - $sql = "DELETE FROM $t_agenda WHERE c_id = $course_id AND id ='".$calendar_id[0]."'"; - Database::query($sql); - } - $sql = "DELETE FROM $TSTDPUBASG WHERE c_id = $course_id AND publication_id ='$delete_dir_id'"; + case 'make_invisible': + case 'move': + case 'move_to': +case 'list': + /* Move file command */ + if ($is_allowed_to_edit && $action == 'move_to') { + $move_to_path = get_work_path($_REQUEST['move_to_id']); + + if ($move_to_path==-1) { + $move_to_path = '/'; + } elseif (substr($move_to_path, -1, 1) != '/') { + $move_to_path = $move_to_path .'/'; + } + + //security fix: make sure they can't move files that are not in the document table + if ($path = get_work_path($item_id)) { + + if (move($course_dir.'/'.$path, $base_work_dir . $move_to_path)) { + //update db + update_work_url($item_id, 'work' . $move_to_path, $_REQUEST['move_to_id']); + + api_item_property_update($_course, 'work', $_REQUEST['move_to_id'], 'FolderUpdated', $user_id); + + /* + // update all the parents in the table item propery + $list_id = get_parent_directories($move_to_path); + for ($i = 0; $i < count($list_id); $i++) { + api_item_property_update($_course, 'work', $list_id[$i], 'FolderUpdated', $user_id); + }*/ + Display :: display_confirmation_message(get_lang('DirMv')); + } else { + Display :: display_error_message(get_lang('Impossible')); + } + } else { + Display :: display_error_message(get_lang('Impossible')); + } + } + + /* Move file form request */ + if ($is_allowed_to_edit && $action == 'move') { + if (!empty($item_id)) { + $folders = array(); + $session_id = api_get_session_id(); + $session_id == 0 ? $withsession = " AND session_id = 0 " : $withsession = " AND session_id='".$session_id."'"; + $sql = "SELECT id, url, title FROM $work_table + WHERE c_id = $course_id AND active IN (0, 1) AND url LIKE '/%' AND post_group_id = '".$group_id."'".$withsession; + $res = Database::query($sql); + while($folder = Database::fetch_array($res)) { + $folders[$folder['id']] = $folder['title']; + } + echo build_work_move_to_selector($folders, $curdirpath, $item_id); + } + } + + /* MAKE VISIBLE WORK COMMAND */ + if ($is_allowed_to_edit && $action == 'make_visible') { + if (!empty($item_id)) { + if (isset($item_id) && $item_id == 'all') { + //never happens + /* + $sql = "ALTER TABLE " . $work_table . " CHANGE accepted accepted TINYINT(1) DEFAULT '1'"; + Database::query($sql); + $sql = "UPDATE " . $work_table . " SET accepted = 1"; + Database::query($sql); + Display::display_confirmation_message(get_lang('AllFilesVisible'));*/ + } else { + $sql = "UPDATE " . $work_table . " SET accepted = 1 WHERE c_id = $course_id AND id = '" . $item_id . "'"; Database::query($sql); + api_item_property_update($course_info, 'work', $item_id, 'visible', api_get_user_id()); + Display::display_confirmation_message(get_lang('FileVisible')); + } + } + } + + if ($is_allowed_to_edit && $action == 'make_invisible') { - $link_info = is_resource_in_course_gradebook(api_get_course_id(), 3 , $delete_dir_id, api_get_session_id()); - $link_id = $link_info['id']; - if ($link_info !== false) { - remove_resource_from_course_gradebook($link_id); - } - Display :: display_confirmation_message(get_lang('DirDeleted') . ': '.$work_to_delete['title']); + /* MAKE INVISIBLE WORK COMMAND */ + if (!empty($item_id)) { + if (isset($item_id) && $item_id == 'all') { + /* + $sql = "ALTER TABLE " . $work_table . " + CHANGE accepted accepted TINYINT(1) DEFAULT '0'"; + Database::query($sql); + $sql = "UPDATE " . $work_table . " SET accepted = 0"; + Database::query($sql); + Display::display_confirmation_message(get_lang('AllFilesInvisible'));*/ } else { - Display::display_warning_message(get_lang('ResourceLockedByGradebook')); + $sql = "UPDATE " . $work_table . " SET accepted = 0 + WHERE c_id = $course_id AND id = '" . $item_id . "'"; + Database::query($sql); + api_item_property_update($course_info, 'work', $item_id, 'invisible', api_get_user_id()); + Display::display_confirmation_message(get_lang('FileInvisible')); } - } - - /* DELETE WORK COMMAND */ - - if ($action == 'delete' && $item_id) { - - $file_deleted = false; - $is_author = user_is_author($item_id); - $work_data = get_work_data_by_id($item_id); - $locked = api_resource_is_locked_by_gradebook($work_data['parent_id'], LINK_STUDENTPUBLICATION); - - if ( ($is_allowed_to_edit && $locked == false) || ($locked == false AND $is_author && api_get_course_setting('student_delete_own_publication') == 1 && $work_data['qualificator_id'] == 0)) { - //we found the current user is the author - $queryString1 = "SELECT url, contains_file FROM " . $work_table . " WHERE c_id = $course_id AND id = $item_id"; - $result1 = Database::query($queryString1); - $row = Database::fetch_array($result1); - - if (Database::num_rows($result1) > 0) { - $queryString2 = "UPDATE " . $work_table . " SET active = 2 WHERE c_id = $course_id AND id = $item_id"; - $queryString3 = "DELETE FROM " . $TSTDPUBASG . " WHERE c_id = $course_id AND publication_id = $item_id"; - Database::query($queryString2); - Database::query($queryString3); - api_item_property_update($_course, 'work', $item_id, 'DocumentDeleted', $user_id); - $work = $row['url']; - - if ($row['contains_file'] == 1) { - if (!empty($work)) { - if (api_get_setting('permanently_remove_deleted_files') == 'true') { - my_delete($currentCourseRepositorySys.'/'.$work); + } + } + + /* Delete dir command */ + + if ($is_allowed_to_edit && !empty($_REQUEST['delete_dir'])) { + $delete_dir_id = intval($_REQUEST['delete_dir']); + $locked = api_resource_is_locked_by_gradebook($delete_dir_id, LINK_STUDENTPUBLICATION); + + if ($locked == false) { + + $work_to_delete = get_work_data_by_id($delete_dir_id); + del_dir($delete_dir_id); + + // gets calendar_id from student_publication_assigment + $sql = "SELECT add_to_calendar FROM $TSTDPUBASG WHERE c_id = $course_id AND publication_id ='$delete_dir_id'"; + $res = Database::query($sql); + $calendar_id = Database::fetch_row($res); + + // delete from agenda if it exists + if (!empty($calendar_id[0])) { + $t_agenda = Database::get_course_table(TABLE_AGENDA); + $sql = "DELETE FROM $t_agenda WHERE c_id = $course_id AND id ='".$calendar_id[0]."'"; + Database::query($sql); + } + $sql = "DELETE FROM $TSTDPUBASG WHERE c_id = $course_id AND publication_id ='$delete_dir_id'"; + Database::query($sql); + + $link_info = is_resource_in_course_gradebook(api_get_course_id(), 3 , $delete_dir_id, api_get_session_id()); + $link_id = $link_info['id']; + if ($link_info !== false) { + remove_resource_from_course_gradebook($link_id); + } + Display :: display_confirmation_message(get_lang('DirDeleted') . ': '.$work_to_delete['title']); + } else { + Display::display_warning_message(get_lang('ResourceLockedByGradebook')); + } + } + + /* DELETE WORK COMMAND */ + + if ($action == 'delete' && $item_id) { + + $file_deleted = false; + $is_author = user_is_author($item_id); + $work_data = get_work_data_by_id($item_id); + $locked = api_resource_is_locked_by_gradebook($work_data['parent_id'], LINK_STUDENTPUBLICATION); + + if ( ($is_allowed_to_edit && $locked == false) || ($locked == false AND $is_author && api_get_course_setting('student_delete_own_publication') == 1 && $work_data['qualificator_id'] == 0)) { + //we found the current user is the author + $queryString1 = "SELECT url, contains_file FROM " . $work_table . " WHERE c_id = $course_id AND id = $item_id"; + $result1 = Database::query($queryString1); + $row = Database::fetch_array($result1); + + if (Database::num_rows($result1) > 0) { + $queryString2 = "UPDATE " . $work_table . " SET active = 2 WHERE c_id = $course_id AND id = $item_id"; + $queryString3 = "DELETE FROM " . $TSTDPUBASG . " WHERE c_id = $course_id AND publication_id = $item_id"; + Database::query($queryString2); + Database::query($queryString3); + api_item_property_update($_course, 'work', $item_id, 'DocumentDeleted', $user_id); + $work = $row['url']; + + if ($row['contains_file'] == 1) { + if (!empty($work)) { + if (api_get_setting('permanently_remove_deleted_files') == 'true') { + my_delete($currentCourseRepositorySys.'/'.$work); + Display::display_confirmation_message(get_lang('TheDocumentHasBeenDeleted')); + $file_deleted = true; + } else { + $extension = pathinfo($work, PATHINFO_EXTENSION); + $new_dir = $work.'_DELETED_'.$item_id.'.'.$extension; + + if (file_exists($currentCourseRepositorySys.'/'.$work)) { + rename($currentCourseRepositorySys.'/'.$work, $currentCourseRepositorySys.'/'.$new_dir); Display::display_confirmation_message(get_lang('TheDocumentHasBeenDeleted')); $file_deleted = true; - } else { - $extension = pathinfo($work, PATHINFO_EXTENSION); - $new_dir = $work.'_DELETED_'.$item_id.'.'.$extension; - - if (file_exists($currentCourseRepositorySys.'/'.$work)) { - rename($currentCourseRepositorySys.'/'.$work, $currentCourseRepositorySys.'/'.$new_dir); - Display::display_confirmation_message(get_lang('TheDocumentHasBeenDeleted')); - $file_deleted = true; - } } } - } else { - $file_deleted = true; } - } + } else { + $file_deleted = true; + } } - if (!$file_deleted) { - Display::display_error_message(get_lang('YouAreNotAllowedToDeleteThisDocument')); - } - } - - /* Display list of student publications */ - if ($curdirpath == '/') { - $my_cur_dir_path = ''; - } else { - $my_cur_dir_path = $curdirpath; - } - - if (!empty($my_folder_data['description'])) { - echo '

'.get_lang('Description').':

'.Security::remove_XSS($my_folder_data['description'], STUDENT).'

'; - } - - //User works - if (isset($work_id) && !empty($work_id) && !$display_list_users_without_publication) { - $work_data = get_work_assignment_by_id($work_id); - $check_qualification = intval($my_folder_data['qualification']); - - if (!empty($work_data['enable_qualification']) && !empty($check_qualification)) { - $type = 'simple'; - $columns = array(get_lang('Type'), get_lang('FirstName'), get_lang('LastName'), get_lang('LoginName'), get_lang('Title'), - get_lang('Qualification'), get_lang('Date'), get_lang('Status'), get_lang('Actions')); - $column_model = array ( - array('name'=>'type', 'index'=>'file', 'width'=>'12', 'align'=>'left', 'search' => 'false'), - array('name'=>'firstname', 'index'=>'firstname', 'width'=>'35', 'align'=>'left', 'search' => 'true'), - array('name'=>'lastname', 'index'=>'lastname', 'width'=>'35', 'align'=>'left', 'search' => 'true'), - array('name'=>'username', 'index'=>'username', 'width'=>'30', 'align'=>'left', 'search' => 'true'), - array('name'=>'title', 'index'=>'title', 'width'=>'40', 'align'=>'left', 'search' => 'false', 'wrap_cell' => 'true'), - // array('name'=>'file', 'index'=>'file', 'width'=>'20', 'align'=>'left', 'search' => 'false'), - array('name'=>'qualification', 'index'=>'qualification', 'width'=>'20', 'align'=>'left', 'search' => 'true'), - array('name'=>'sent_date', 'index'=>'sent_date', 'width'=>'50', 'align'=>'left', 'search' => 'true'), - array('name'=>'qualificator_id','index'=>'qualificator_id', 'width'=>'30', 'align'=>'left', 'search' => 'true'), - array('name'=>'actions', 'index'=>'actions', 'width'=>'40', 'align'=>'left', 'search' => 'false', 'sortable'=>'false') - - ); - } else { - $type = 'complex'; - $columns = array(get_lang('Type'), get_lang('FirstName'), get_lang('LastName'), get_lang('LoginName'), get_lang('Title'), - get_lang('Date'), get_lang('Actions')); - $column_model = array ( - array('name'=>'type', 'index'=>'file', 'width'=>'12', 'align'=>'left', 'search' => 'false'), - array('name'=>'firstname', 'index'=>'firstname', 'width'=>'35', 'align'=>'left', 'search' => 'true'), - array('name'=>'lastname', 'index'=>'lastname', 'width'=>'35', 'align'=>'left', 'search' => 'true'), - array('name'=>'username', 'index'=>'username', 'width'=>'30', 'align'=>'left', 'search' => 'true'), - array('name'=>'title', 'index'=>'title', 'width'=>'40', 'align'=>'left', 'search' => 'false', 'wrap_cell' => "true"), - // array('name'=>'file', 'index'=>'file', 'width'=>'20', 'align'=>'left', 'search' => 'false'), - //array('name'=>'qualification', 'index'=>'qualification', 'width'=>'20', 'align'=>'left', 'search' => 'true'), - array('name'=>'sent_date', 'index'=>'sent_date', 'width'=>'50', 'align'=>'left', 'search' => 'true'), - //array('name'=>'qualificator_id','index'=>'qualificator_id', 'width'=>'30', 'align'=>'left', 'search' => 'true'), - array('name'=>'actions', 'index'=>'actions', 'width'=>'40', 'align'=>'left', 'search' => 'false', 'sortable'=>'false') - ); - } - - $extra_params = array(); - - //Autowidth - $extra_params['autowidth'] = 'true'; - - //height auto - $extra_params['height'] = 'auto'; - //$extra_params['excel'] = 'excel'; - - //$extra_params['rowList'] = array(10, 20 ,30); - - $extra_params['sortname'] = 'firstname'; - $url = api_get_path(WEB_AJAX_PATH).'model.ajax.php?a=get_work_user_list&work_id='.$work_id.'&type='.$type; - ?> - -
'.get_lang('Description').':

'.Security::remove_XSS($my_folder_data['description'], STUDENT).'

'; + } + + //User works +if (isset($work_id) && !empty($work_id) && !$display_list_users_without_publication) { + $work_data = get_work_assignment_by_id($work_id); + $check_qualification = intval($my_folder_data['qualification']); + + if (!empty($work_data['enable_qualification']) && !empty($check_qualification)) { + $type = 'simple'; + $columns = array(get_lang('Type'), get_lang('FirstName'), get_lang('LastName'), get_lang('LoginName'), get_lang('Title'), + get_lang('Qualification'), get_lang('Date'), get_lang('Status'), get_lang('Actions')); + $column_model = array ( + array('name'=>'type', 'index'=>'file', 'width'=>'12', 'align'=>'left', 'search' => 'false'), + array('name'=>'firstname', 'index'=>'firstname', 'width'=>'35', 'align'=>'left', 'search' => 'true'), + array('name'=>'lastname', 'index'=>'lastname', 'width'=>'35', 'align'=>'left', 'search' => 'true'), + array('name'=>'username', 'index'=>'username', 'width'=>'30', 'align'=>'left', 'search' => 'true'), + array('name'=>'title', 'index'=>'title', 'width'=>'40', 'align'=>'left', 'search' => 'false', 'wrap_cell' => 'true'), + // array('name'=>'file', 'index'=>'file', 'width'=>'20', 'align'=>'left', 'search' => 'false'), + array('name'=>'qualification', 'index'=>'qualification', 'width'=>'20', 'align'=>'left', 'search' => 'true'), + array('name'=>'sent_date', 'index'=>'sent_date', 'width'=>'50', 'align'=>'left', 'search' => 'true'), + array('name'=>'qualificator_id','index'=>'qualificator_id', 'width'=>'30', 'align'=>'left', 'search' => 'true'), + array('name'=>'actions', 'index'=>'actions', 'width'=>'40', 'align'=>'left', 'search' => 'false', 'sortable'=>'false') + + ); + } else { + $type = 'complex'; + $columns = array(get_lang('Type'), get_lang('FirstName'), get_lang('LastName'), get_lang('LoginName'), get_lang('Title'), + get_lang('Date'), get_lang('Actions')); + $column_model = array ( + array('name'=>'type', 'index'=>'file', 'width'=>'12', 'align'=>'left', 'search' => 'false'), + array('name'=>'firstname', 'index'=>'firstname', 'width'=>'35', 'align'=>'left', 'search' => 'true'), + array('name'=>'lastname', 'index'=>'lastname', 'width'=>'35', 'align'=>'left', 'search' => 'true'), + array('name'=>'username', 'index'=>'username', 'width'=>'30', 'align'=>'left', 'search' => 'true'), + array('name'=>'title', 'index'=>'title', 'width'=>'40', 'align'=>'left', 'search' => 'false', 'wrap_cell' => "true"), + // array('name'=>'file', 'index'=>'file', 'width'=>'20', 'align'=>'left', 'search' => 'false'), + //array('name'=>'qualification', 'index'=>'qualification', 'width'=>'20', 'align'=>'left', 'search' => 'true'), + array('name'=>'sent_date', 'index'=>'sent_date', 'width'=>'50', 'align'=>'left', 'search' => 'true'), + //array('name'=>'qualificator_id','index'=>'qualificator_id', 'width'=>'30', 'align'=>'left', 'search' => 'true'), + array('name'=>'actions', 'index'=>'actions', 'width'=>'40', 'align'=>'left', 'search' => 'false', 'sortable'=>'false') + ); + } + + $extra_params = array(); + + //Autowidth + $extra_params['autowidth'] = 'true'; + + //height auto + $extra_params['height'] = 'auto'; + //$extra_params['excel'] = 'excel'; + + //$extra_params['rowList'] = array(10, 20 ,30); + + $extra_params['sortname'] = 'firstname'; + $url = api_get_path(WEB_AJAX_PATH).'model.ajax.php?a=get_work_user_list&work_id='.$work_id.'&type='.$type; + ?> + +