, Ghent University, Refactoring * @version $Id: index.php 22368 2009-07-24 23:25:57Z iflorespaz $ * @todo check the different @todos in this page and really do them * @todo check if the news management works as expected */ // only this script should have this constant defined. This is used to activate the javascript that // gives the login name automatic focus in header.inc.html. /** @todo Couldn't this be done using the $HtmlHeadXtra array? */ define('DOKEOS_HOMEPAGE', true); // the language file $language_file = array ('courses', 'index'); /* Flag forcing the 'current course' reset, as we're not inside a course anymore */ // maybe we should change this into an api function? an example: Coursemanager::unset(); $cidReset = true; /* ----------------------------------------------------------- Included libraries ----------------------------------------------------------- */ /** @todo make all the library files consistent, use filename.lib.php and not filename.lib.inc.php */ require_once 'main/inc/global.inc.php'; include_once api_get_path(LIBRARY_PATH).'course.lib.php'; include_once api_get_path(LIBRARY_PATH).'debug.lib.inc.php'; include_once api_get_path(LIBRARY_PATH).'events.lib.inc.php'; include_once api_get_path(LIBRARY_PATH).'system_announcements.lib.php'; include_once api_get_path(LIBRARY_PATH).'groupmanager.lib.php'; include_once api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php'; require_once 'main/chat/chat_functions.lib.php'; $loginFailed = isset($_GET['loginFailed']) ? true : isset($loginFailed); $setting_show_also_closed_courses = api_get_setting('show_closed_courses') == 'true'; // the section (for the tabs) $this_section = SECTION_CAMPUS; /* ----------------------------------------------------------- Action Handling ----------------------------------------------------------- */ /** @todo Wouldn't it make more sense if this would be done in local.inc.php so that local.inc.php become the only place where authentication is done? * by doing this you could logout from any page instead of only from index.php. From the moment there is a logout=true in the url you will be logged out * this can be usefull when you are on an open course and you need to log in to edit something and you immediately want to check how anonymous users * will see it. */ $my_user_id = api_get_user_id(); if (!empty($_GET['logout'])) { logout(); } /* ----------------------------------------------------------- Table definitions ----------------------------------------------------------- */ $main_course_table = Database :: get_main_table(TABLE_MAIN_COURSE); $main_category_table = Database :: get_main_table(TABLE_MAIN_CATEGORY); $track_login_table = Database :: get_statistic_table(TABLE_STATISTIC_TRACK_E_LOGIN); /* ----------------------------------------------------------- Constants and CONFIGURATION parameters ----------------------------------------------------------- */ /** @todo these configuration settings should move to the dokeos config settings */ /** defines wether or not anonymous visitors can see a list of the courses on the Dokeos homepage that are open to the world */ $_setting['display_courses_to_anonymous_users'] = 'true'; /** @todo remove this piece of code because this is not used */ if (isset($_user['user_id'])) { $nameTools = api_get_setting('siteName'); } /* ============================================================================== LOGIN ============================================================================== */ /** * @todo This piece of code should probably move to local.inc.php where the actual login / logout procedure is handled. * @todo consider removing this piece of code because does nothing. */ if (isset($_GET['submitAuth']) && $_GET['submitAuth'] == 1) { // nice lie!!! echo 'Attempted breakin - sysadmins notified.'; session_destroy(); die(); } //Delete session neccesary for legal terms if (api_get_setting('allow_terms_conditions')=='true') { unset($_SESSION['update_term_and_condition']); unset($_SESSION['info_current_user']); } /** * @todo This piece of code should probably move to local.inc.php where the actual login procedure is handled. * @todo check if this code is used. I think this code is never executed because after clicking the submit button * the code does the stuff in local.inc.php and then redirects to index.php or user_portal.php depending * on api_get_setting('page_after_login') */ if (!empty($_POST['submitAuth'])) { // the user is already authenticated, we now find the last login of the user. if (isset ($_user['user_id'])) { $sql_last_login = "SELECT UNIX_TIMESTAMP(login_date) FROM $track_login_table WHERE login_user_id = '".$_user['user_id']."' ORDER BY login_date DESC LIMIT 1"; $result_last_login = Database::query($sql_last_login); if (!$result_last_login) { if (Database::num_rows($result_last_login) > 0) { $user_last_login_datetime = Database::fetch_array($result_last_login); $user_last_login_datetime = $user_last_login_datetime[0]; api_session_register('user_last_login_datetime'); } } Database::free_result($result_last_login); //event_login(); if (api_is_platform_admin()) { // decode all open event informations and fill the track_c_* tables include api_get_path(LIBRARY_PATH).'stats.lib.inc.php'; decodeOpenInfos(); } } } // end login -- if ($_POST['submitAuth']) else { // only if login form was not sent because if the form is sent the user was already on the page. event_open(); } // the header Display::display_header(get_lang('Homepage')); /* ============================================================================== MAIN CODE ============================================================================== */ echo '
'; // Plugins for loginpage_main AND campushomepage_main if (!api_get_user_id()) { api_plugin('loginpage_main'); } else { api_plugin('campushomepage_main'); } $home = 'home/'; if ($_configuration['multiple_access_urls']) { $access_url_id = api_get_current_access_url_id(); if ($access_url_id != -1){ $url_info = api_get_access_url($access_url_id); // "http://" and the final "/" replaced //$url = substr($url_info['url'], 7, strlen($url_info['url']) - 8); $url = api_remove_trailing_slash(preg_replace('/https?:\/\//i', '', $url_info['url'])); $clean_url = replace_dangerous_char($url); $clean_url = str_replace('/', '-', $clean_url); $clean_url .= '/'; $home_old = 'home/'; $home = 'home/'.$clean_url; } } // Including the page for the news $page_included = false; if (!empty($_GET['include']) && preg_match('/^[a-zA-Z0-9_-]*\.html$/', $_GET['include'])) { include './'.$home.$_GET['include']; $page_included = true; } else { if (!empty($_SESSION['user_language_choice'])) { $user_selected_language = $_SESSION['user_language_choice']; } elseif (!empty($_SESSION['_user']['language'])) { $user_selected_language = $_SESSION['_user']['language']; } else { $user_selected_language = api_get_setting('platformLanguage'); } if (!file_exists($home.'home_news_'.$user_selected_language.'.html')) { if (file_exists($home.'home_top.html')) { $home_top_temp = file($home.'home_top.html'); } else { $home_top_temp = file($home_old.'home_top.html'); } $home_top_temp = implode('', $home_top_temp); } else { if (file_exists($home.'home_top_'.$user_selected_language.'.html')) { $home_top_temp = file_get_contents($home.'home_top_'.$user_selected_language.'.html'); } else { $home_top_temp = file_get_contents($home.'home_top.html'); } } if(trim($home_top_temp)=='') { $home_top_temp = get_lang('PortalHomepageDefaultIntroduction'); } $open = str_replace('{rel_path}', api_get_path(REL_PATH), $home_top_temp); echo $open; } // Display System announcements $announcement = isset($_GET['announcement']) ? $_GET['announcement'] : -1; $announcement = intval($announcement); if (isset($_user['user_id'])) { $visibility = api_is_allowed_to_create_course() ? VISIBLE_TEACHER : VISIBLE_STUDENT; SystemAnnouncementManager :: display_announcements($visibility, $announcement); } else { SystemAnnouncementManager :: display_announcements(VISIBLE_GUEST, $announcement); } // Display courses and category list if (!$page_included) { if (api_get_setting('display_categories_on_homepage') == 'true') { echo '
'; display_anonymous_course_list(); echo '
'; } } echo '
'; // display right menu: language form, login section + useful weblinks echo ''; /* ============================================================================== FOOTER ============================================================================== */ Display :: display_footer(); /** * This function handles the logout and is called whenever there is a $_GET['logout'] * * @author Patrick Cool , Ghent University */ function logout() { global $_configuration, $extAuthSource; // variable initialisation $query_string = ''; if (!empty($_SESSION['user_language_choice'])) { $query_string = '?language='.$_SESSION['user_language_choice']; } // Database table definition $tbl_track_login = Database :: get_statistic_table(TABLE_STATISTIC_TRACK_E_LOGIN); // selecting the last login of the user $uid = intval($_GET['uid']); $sql_last_connection = "SELECT login_id, login_date FROM $tbl_track_login WHERE login_user_id='$uid' ORDER BY login_date DESC LIMIT 0,1"; $q_last_connection = Database::query($sql_last_connection); if (Database::num_rows($q_last_connection) > 0) { $i_id_last_connection = Database::result($q_last_connection, 0, 'login_id'); } if (!isset($_SESSION['login_as'])) { $current_date = date('Y-m-d H:i:s', time()); $s_sql_update_logout_date = "UPDATE $tbl_track_login SET logout_date='".$current_date."' WHERE login_id='$i_id_last_connection'"; Database::query($s_sql_update_logout_date); } LoginDelete($uid, $_configuration['statistics_database']); //from inc/lib/online.inc.php - removes the "online" status //the following code enables the use of an external logout function. //example: define a $extAuthSource['ldap']['logout']="file.php" in configuration.php // then a function called ldap_logout() inside that file // (using *authent_name*_logout as the function name) and the following code // will find and execute it $uinfo = api_get_user_info($uid); if (($uinfo['auth_source'] != PLATFORM_AUTH_SOURCE) && is_array($extAuthSource)) { if (is_array($extAuthSource[$uinfo['auth_source']])) { $subarray = $extAuthSource[$uinfo['auth_source']]; if (!empty($subarray['logout']) && file_exists($subarray['logout'])) { include_once ($subarray['logout']); $logout_function = $uinfo['auth_source'].'_logout'; if (function_exists($logout_function)) { $logout_function($uinfo); } } } } exit_of_chat($uid); api_session_destroy(); header("Location: index.php$query_string"); exit(); } /** * This function checks if there are courses that are open to the world in the platform course categories (=faculties) * * @param unknown_type $category * @return boolean */ function category_has_open_courses($category) { global $setting_show_also_closed_courses; $user_identified = (api_get_user_id() > 0 && !api_is_anonymous()); $main_course_table = Database :: get_main_table(TABLE_MAIN_COURSE); $sql_query = "SELECT * FROM $main_course_table WHERE category_code='$category'"; $sql_result = Database::query($sql_query); while ($course = Database::fetch_array($sql_result)) { if (!$setting_show_also_closed_courses) { if ((api_get_user_id() > 0 && $course['visibility'] == COURSE_VISIBILITY_OPEN_PLATFORM) || ($course['visibility'] == COURSE_VISIBILITY_OPEN_WORLD)) { return true; //at least one open course } } else { if (isset($course['visibility'])){ return true; //at least one course (does not matter weither it's open or not because $setting_show_also_closed_courses = true } } } return false; } function display_create_course_link() { echo "
  • ".get_lang("CourseCreate")."
  • "; } function display_edit_course_list_links() { echo "
  • ".get_lang("CourseManagement")."
  • "; } /** * Displays the right-hand menu for anonymous users: * login form, useful links, help section * Warning: function defines globals * @version 1.0.1 * @todo does $_plugins need to be global? */ function display_anonymous_right_menu() { global $loginFailed, $_plugins, $_user, $menu_navigation; $platformLanguage = api_get_setting('platformLanguage'); if (!($_user['user_id']) || api_is_anonymous($_user['user_id']) ) { // only display if the user isn't logged in api_display_language_form(true); echo '
    '; display_login_form(); if ($loginFailed) { echo '
    '; handle_login_failed(); } if (api_get_setting('allow_lostpassword') == 'true' || api_get_setting('allow_registration') == 'true') { echo ''; } if (api_number_of_plugins('loginpage_menu') > 0) { echo '
    '; api_plugin('loginpage_menu'); echo '
    '; } } // My Account section if (isset($_SESSION['_user']['user_id']) && $_SESSION['_user']['user_id'] != 0) { // tabs that are deactivated are added here $show_menu = false; $show_create_link = false; $show_course_link = false; $display_add_course_link = api_is_allowed_to_create_course() && ($_SESSION["studentview"] != "studentenview"); if ($display_add_course_link) { //display_create_course_link(); $show_menu = true; $show_create_link = true; } if (api_is_platform_admin() || api_is_course_admin() || api_is_allowed_to_create_course()) { $show_menu = true; $show_course_link = true; } else { if (api_get_setting('allow_students_to_browse_courses') == 'true') { $show_menu = true; $show_course_link = true; } } if ($show_menu){ echo "
    "; echo "".get_lang("MenuUser").""; echo ""; echo "
    "; } //deleting the myprofile link if (api_get_setting('allow_social_tool') == true) { unset($menu_navigation['myprofile']); } if (!empty($menu_navigation)) { echo "
    "; echo "".get_lang("MainNavigation").""; echo ""; echo '
    '; } } // help section /*** hide right menu "general" and other parts on anonymous right menu *****/ $user_selected_language = api_get_interface_language(); global $home, $home_old; if (!isset($user_selected_language)) { $user_selected_language = $platformLanguage; } if (!file_exists($home.'home_menu_'.$user_selected_language.'.html') && file_exists($home.'home_menu.html') && file_get_contents($home.'home_menu.html') != '') { echo "
    ", "".get_lang("MenuGeneral").""; echo "'; echo '
    '; } elseif(file_exists($home.'home_menu_'.$user_selected_language.'.html') && file_get_contents($home.'home_menu_'.$user_selected_language.'.html') != '') { echo "
    ", "".get_lang("MenuGeneral").""; echo "'; echo '
    '; } if ($_user['user_id'] && api_number_of_plugins('campushomepage_menu') > 0) { echo '
    '; api_plugin('campushomepage_menu'); echo '
    '; } // includes for any files to be displayed below anonymous right menu if (!file_exists($home.'home_notice_'.$user_selected_language.'.html') && file_exists($home.'home_notice.html') && file_get_contents($home.'home_notice.html') != '') { echo '
    '; if (file_exists($home.'home_notice.html')) { include ($home.'home_notice.html'); } else { include ($home_old.'home_notice.html'); } echo '
    '; } elseif(file_exists($home.'home_notice_'.$user_selected_language.'.html') && file_get_contents($home.'home_notice_'.$user_selected_language.'.html') != '') { echo '
    '; include($home.'home_notice_'.$user_selected_language.'.html'); echo '
    '; } } /** * Reacts on a failed login: * displays an explanation with * a link to the registration form. * * @version 1.0.1 */ function handle_login_failed() { if (!isset($_GET['error'])) { $message = get_lang("InvalidId"); if (api_is_self_registration_allowed()) { $message = get_lang("InvalidForSelfRegistration"); } } else { switch ($_GET['error']) { case '': $message = get_lang('InvalidId'); if (api_is_self_registration_allowed()) { $message = get_lang('InvalidForSelfRegistration'); } break; case 'account_expired': $message = get_lang('AccountExpired'); break; case 'account_inactive': $message = get_lang('AccountInactive'); break; case 'user_password_incorrect': $message = get_lang('InvalidId'); break; case 'access_url_inactive': $message = get_lang('AccountURLInactive'); break; } } echo "
    ".$message."
    "; } /** * Adds a form to let users login * @version 1.1 */ function display_login_form() { $form = new FormValidator('formLogin'); $form->addElement('text', 'login', get_lang('UserName'), array('size' => 17)); $form->addElement('password', 'password', get_lang('Pass'), array('size' => 17)); $form->addElement('style_submit_button','submitAuth', get_lang('LoginEnter'), array('class' => 'login')); $renderer =& $form->defaultRenderer(); $renderer->setElementTemplate('
    {element}
    '); $form->display(); if (api_get_setting('openid_authentication') == 'true') { include_once 'main/auth/openid/login.php'; echo '
    '.openid_form().'
    '; } } /** * Displays a link to the lost password section */ function display_lost_password_info() { echo "
  • ".get_lang("LostPassword")."
  • "; } /** * Display list of courses in a category. * (for anonymous users) * * @version 1.1 * @author Patrick Cool , Ghent University - refactoring and code cleaning */ function display_anonymous_course_list() { $ctok = $_SESSION['sec_token']; $stok = Security::get_token(); //init $user_identified = (api_get_user_id() > 0 && !api_is_anonymous()); $web_course_path = api_get_path(WEB_COURSE_PATH); $category = Database::escape_string($_GET['category']); global $setting_show_also_closed_courses; // Database table definitions $main_course_table = Database :: get_main_table(TABLE_MAIN_COURSE); $main_category_table = Database :: get_main_table(TABLE_MAIN_CATEGORY); $platformLanguage = api_get_setting('platformLanguage'); //get list of courses in category $category $sql_get_course_list = "SELECT * FROM $main_course_table cours WHERE category_code = '".Database::escape_string($_GET["category"])."' ORDER BY title, UPPER(visual_code)"; //showing only the courses of the current access_url_id global $_configuration; if ($_configuration['multiple_access_urls'] == true) { $url_access_id = api_get_current_access_url_id(); if ($url_access_id !=-1) { $tbl_url_rel_course = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE); $sql_get_course_list = "SELECT * FROM $main_course_table as course INNER JOIN $tbl_url_rel_course as url_rel_course ON (url_rel_course.course_code=course.code) WHERE access_url_id = $url_access_id AND category_code = '".Database::escape_string($_GET["category"])."' ORDER BY title, UPPER(visual_code)"; } } //removed: AND cours.visibility='".COURSE_VISIBILITY_OPEN_WORLD."' $sql_result_courses = Database::query($sql_get_course_list); while ($course_result = Database::fetch_array($sql_result_courses)) { $course_list[] = $course_result; } $platform_visible_courses = ''; // $setting_show_also_closed_courses if($user_identified) { if ($setting_show_also_closed_courses) { $platform_visible_courses = ''; } else { $platform_visible_courses = " AND (t3.visibility='".COURSE_VISIBILITY_OPEN_WORLD."' OR t3.visibility='".COURSE_VISIBILITY_OPEN_PLATFORM."' )"; } } else { if ($setting_show_also_closed_courses) { $platform_visible_courses = ''; } else { $platform_visible_courses = " AND (t3.visibility='".COURSE_VISIBILITY_OPEN_WORLD."' )"; } } $sqlGetSubCatList = " SELECT t1.name,t1.code,t1.parent_id,t1.children_count,COUNT(DISTINCT t3.code) AS nbCourse FROM $main_category_table t1 LEFT JOIN $main_category_table t2 ON t1.code=t2.parent_id LEFT JOIN $main_course_table t3 ON (t3.category_code=t1.code $platform_visible_courses) WHERE t1.parent_id ". (empty ($category) ? "IS NULL" : "='$category'")." GROUP BY t1.name,t1.code,t1.parent_id,t1.children_count ORDER BY t1.tree_pos, t1.name"; //showing only the category of courses of the current access_url_id global $_configuration; if ($_configuration['multiple_access_urls'] == true) { $url_access_id = api_get_current_access_url_id(); if ($url_access_id != -1) { $tbl_url_rel_course = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE); $sqlGetSubCatList = " SELECT t1.name,t1.code,t1.parent_id,t1.children_count,COUNT(DISTINCT t3.code) AS nbCourse FROM $main_category_table t1 LEFT JOIN $main_category_table t2 ON t1.code=t2.parent_id LEFT JOIN $main_course_table t3 ON (t3.category_code=t1.code $platform_visible_courses) INNER JOIN $tbl_url_rel_course as url_rel_course ON (url_rel_course.course_code=t3.code) WHERE access_url_id = $url_access_id AND t1.parent_id ".(empty($category) ? "IS NULL" : "='$category'")." GROUP BY t1.name,t1.code,t1.parent_id,t1.children_count ORDER BY t1.tree_pos, t1.name"; } } $resCats = Database::query($sqlGetSubCatList); $thereIsSubCat = false; if (Database::num_rows($resCats) > 0) { $htmlListCat = "

    ".get_lang("CatList")."

    "."\n"; } echo $htmlTitre; if ($thereIsSubCat) { echo $htmlListCat; } while ($categoryName = Database::fetch_array($resCats)) { echo "

    ", $categoryName['name'], "

    \n"; } $numrows = Database::num_rows($sql_result_courses); $courses_list_string = ''; $courses_shown = 0; if ($numrows > 0) { if ($thereIsSubCat) { $courses_list_string .= "
    \n"; } $courses_list_string .= "

    ".get_lang("CourseList")."

    \n"."\n"; } else { // echo "
    ",get_lang('_No_course_publicly_available'),"
    \n"; } if ($courses_shown > 0) { //only display the list of courses and categories if there was more than // 0 courses visible to the world (we're in the anonymous list here) echo $courses_list_string; } if ($category != '') { echo "

    ", " ", Display :: return_icon('back.png', get_lang('BackToHomePage')), get_lang("BackToHomePage"), "", "

    \n"; } } /** * retrieves all the courses that the user has already subscribed to * @author Patrick Cool , Ghent University, Belgium * @param int $user_id: the id of the user * @return array an array containing all the information of the courses of the given user */ function get_courses_of_user($user_id) { $table_course = Database::get_main_table(TABLE_MAIN_COURSE); $table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER); // Secondly we select the courses that are in a category (user_course_cat <> 0) and sort these according to the sort of the category $user_id = intval($user_id); $sql_select_courses = "SELECT course.code k, course.visual_code vc, course.subscribe subscr, course.unsubscribe unsubscr, course.title i, course.tutor_name t, course.db_name db, course.directory dir, course_rel_user.status status, course_rel_user.sort sort, course_rel_user.user_course_cat user_course_cat FROM $table_course course, $table_course_user course_rel_user WHERE course.code = course_rel_user.course_code AND course_rel_user.user_id = '".$user_id."' AND course_rel_user.relation_type<>".COURSE_RELATION_TYPE_RRHH." ORDER BY course_rel_user.sort ASC"; $result = Database::query($sql_select_courses); while ($row = Database::fetch_array($result)) { // we only need the database name of the course $courses[$row['k']] = array('db' => $row['db'], 'code' => $row['k'], 'visual_code' => $row['vc'], 'title' => $row['i'], 'directory' => $row['dir'], 'status' => $row['status'], 'tutor' => $row['t'], 'subscribe' => $row['subscr'], 'unsubscribe' => $row['unsubscr'], 'sort' => $row['sort'], 'user_course_category' => $row['user_course_cat']); } return $courses; }