\n"; echo "" . $title . "\n"; echo "" . get_lang('AnnouncementPublishedOn') . " : " . api_ucfirst(format_locale_date($dateFormatLong,strtotime($last_post_date) ) ) . "\n"; echo "$content\n"; echo ""; } /*====================================== SHOW_TO_FORM ======================================*/ /** * this function shows the form for sending a message to a specific group or user. */ function show_to_form($to_already_selected) { $user_list=get_course_users(); $group_list=get_course_groups(); if ($to_already_selected == "") $to_already_selected = array(); echo "\n\n"; echo "\t\n"; // the form containing all the groups and all the users of the course echo "\t\t\n"; // the buttons for adding or removing groups/users echo "\n\t\t\n"; echo "\t\n"; echo "

\n"; echo "".get_lang('Users')."
"; construct_not_selected_select_form($group_list,$user_list,$to_already_selected); echo "\t\t

\n"; /*echo "\t\t> \">", "\n\t\t

", "\n\t\t";*/ ?>

\n"; echo "\n\t\t

\n"; // the form containing the selected groups and users echo "".get_lang('DestinationUsers')."
"; construct_selected_select_form($group_list,$user_list,$to_already_selected); echo "\t\t

"; } /*=========================================== CONSTRUCT_NOT_SELECT_SELECT_FORM ===========================================*/ /** * this function shows the form for sending a message to a specific group or user. */ function construct_not_selected_select_form($group_list=null, $user_list=null,$to_already_selected) { echo "\t\t\n"; } /*========================================== CONSTRUCT_SELECTED_SELECT_FORM ==========================================*/ /** * this function shows the form for sending a message to a specific group or user. */ function construct_selected_select_form($group_list=null, $user_list=null,$to_already_selected) { // we separate the $to_already_selected array (containing groups AND users into // two separate arrays $groupuser = array(); if (is_array($to_already_selected)) { $groupuser=separate_users_groups($to_already_selected); } $groups_to_already_selected=$groupuser['groups']; $users_to_already_selected=$groupuser['users']; // we load all the groups and all the users into a reference array that we use to search the name of the group / user $ref_array_groups=get_course_groups(); $ref_array_users=get_course_users(); // we construct the form of the already selected groups / users echo "\t\t\n"; } /** * this function shows the form for sending a message to a specific group or user. */ function show_to_form_group($group_id) { echo "\n\n"; echo "\t\n"; echo "\t\t\n"; // the buttons for adding or removing groups/users echo "\n\t\t\n"; echo "\t\n"; echo "

\n"; echo "\t\t'; echo "\t\t

\n"; /*echo "\t\t> \">", "\n\t\t

", "\n\t\t";*/ ?>

\n"; echo "\n\t\t

\n"; echo "\t\t'; echo "\t\t

"; } /* ============================================================================== DATA FUNCTIONS ============================================================================== */ /** * this function gets all the users of the course, * including users from linked courses */ function get_course_users() { //this would return only the users from real courses: //$user_list = CourseManager::get_user_list_from_course_code(api_get_course_id()); $user_list = CourseManager::get_real_and_linked_user_list(api_get_course_id(), true, $_SESSION['id_session']); return $user_list; } /** * this function gets all the groups of the course, * not including linked courses */ function get_course_groups() { $new_group_list = CourseManager::get_group_list_of_course(api_get_course_id(), intval($_SESSION['id_session'])); return $new_group_list; } /*====================================== LOAD_EDIT_USERS ======================================*/ /** * This tools loads all the users and all the groups who have received * a specific item (in this case an announcement item) */ function load_edit_users($tool, $id) { global $_course; global $tbl_item_property; $tool = Database::escape_string($tool); $id = Database::escape_string($id); $sql="SELECT * FROM $tbl_item_property WHERE tool='$tool' AND ref='$id'"; $result=Database::query($sql,__FILE__,__LINE__) or die (mysql_error()); while ($row=Database::fetch_array($result)) { $to_group=$row['to_group_id']; switch ($to_group) { // it was send to one specific user case null: $to[]="USER:".$row['to_user_id']; break; // it was sent to everyone case 0: return "everyone"; exit; break; default: $to[]="GROUP:".$row['to_group_id']; } } return $to; } /*====================================== USER_GROUP_FILTER_JAVASCRIPT ======================================*/ /** * returns the javascript for setting a filter * this goes into the $htmlHeadXtra[] array */ function user_group_filter_javascript() { return " "; } /*====================================== TO_JAVASCRIPT ========================================*/ /** * returns all the javascript that is required for easily * setting the target people/groups * this goes into the $htmlHeadXtra[] array */ function to_javascript() { return ""; } /*====================================== SENT_TO_FORM ======================================*/ /** * constructs the form to display all the groups and users the message has been sent to * input: $sent_to_array is a 2 dimensional array containing the groups and the users * the first level is a distinction between groups and users: * $sent_to_array['groups'] * and $sent_to_array['users'] * $sent_to_array['groups'] (resp. $sent_to_array['users']) is also an array * containing all the id's of the groups (resp. users) who have received this message. * @author Patrick Cool */ function sent_to_form($sent_to_array) { // we find all the names of the groups $group_names=get_course_groups(); count($sent_to_array); // we count the number of users and the number of groups if (isset($sent_to_array['users'])) { $number_users=count($sent_to_array['users']); } else { $number_users=0; } if (isset($sent_to_array['groups'])) { $number_groups=count($sent_to_array['groups']); } else { $number_groups=0; } $total_numbers=$number_users+$number_groups; // starting the form if there is more than one user/group if ($total_numbers >1) { $output="\n"; } else // there is only one user/group { if (isset($sent_to_array['users']) and is_array($sent_to_array['users'])) { $user_info = api_get_user_info($sent_to_array['users'][0]); echo api_get_person_name($user_info['firstName'], $user_info['lastName']); } if (isset($sent_to_array['groups']) and is_array($sent_to_array['groups']) and $sent_to_array['groups'][0]!==0) { $group_id=$sent_to_array['groups'][0]; echo $group_names[$group_id]['name']; } if (isset($sent_to_array['groups']) and is_array($sent_to_array['groups']) and $sent_to_array['groups'][0]==0) { echo get_lang("Everybody"); } } if(!empty($output)) { echo $output; } } /*====================================== SEPARATE_USERS_GROUPS ======================================*/ /** * This function separates the users from the groups * users have a value USER:XXX (with XXX the dokeos id * groups have a value GROUP:YYY (with YYY the group id) * @param array Array of strings that define the type and id of each destination * @return array Array of groups and users (each an array of IDs) */ function separate_users_groups($to) { foreach($to as $to_item) { list($type, $id) = explode(':', $to_item); switch($type) { case 'GROUP': $grouplist[] = intval($id); break; case 'USER': $userlist[] = intval($id); break; } } $send_to['groups']=$grouplist; $send_to['users']=$userlist; return $send_to; } /*====================================== SENT_TO() ======================================*/ /** * Returns all the users and all the groups a specific announcement item * has been sent to * @param string The tool (announcement, agenda, ...) * @param int ID of the element of the corresponding type * @return array Array of users and groups to whom the element has been sent */ function sent_to($tool, $id) { global $_course; global $tbl_item_property; $tool = Database::escape_string($tool); $id = Database::escape_string($id); $sent_to_group = array(); $sent_to = array(); $sql="SELECT * FROM $tbl_item_property WHERE tool='$tool' AND ref='".$id."'"; $result = Database::query($sql,__FILE__,__LINE__); while ($row=Database::fetch_array($result)) { // if to_group_id is null then it is sent to a specific user // if to_group_id = 0 then it is sent to everybody if ($row['to_group_id'] != 0) { $sent_to_group[]=$row['to_group_id']; } // if to_user_id <> 0 then it is sent to a specific user if ($row['to_user_id'] <> 0) { $sent_to_user[]=$row['to_user_id']; } } if (isset($sent_to_group)) { $sent_to['groups']=$sent_to_group; } if (isset($sent_to_user)) { $sent_to['users']=$sent_to_user; } return $sent_to; } /*=================================================== CHANGE_VISIBILITY($tool,$id) =================================================*/ /** * This functions swithes the visibility a course resource * using the visibility field in 'item_property' * values: 0 = invisibility for * @param string The tool (announcement, agenda, ...) * @param int ID of the element of the corresponding type * @return bool False on failure, True on success */ function change_visibility_announcement($tool,$id) { global $_course; global $tbl_item_property; $tool = Database::escape_string($tool); $id = Database::escape_string($id); $sql="SELECT * FROM $tbl_item_property WHERE tool='$tool' AND ref='$id'"; $result=Database::query($sql,__FILE__,__LINE__) or die (mysql_error()); $row=Database::fetch_array($result); if ($row['visibility']=='1') { $sql_visibility="UPDATE $tbl_item_property SET visibility='0' WHERE tool='$tool' AND ref='$id'"; } else { $sql_visibility="UPDATE $tbl_item_property SET visibility='1' WHERE tool='$tool' AND ref='$id'"; } $result=Database::query($sql_visibility,__FILE__,__LINE__); if ($result === false) { return false; } return true; } /** * Store an announcement in the database (including its attached file if any) * @param string Announcement title (pure text) * @param string Content of the announcement (can be HTML) * @param int Display order in the list of announcements * @param array Array of users and groups to send the announcement to * @param array uploaded file $_FILES * @param string Comment describing the attachment * @return int false on failure, ID of the announcement on success */ function store_advalvas_item($emailTitle, $newContent, $order, $to, $file = array(), $file_comment='') { global $_course; global $nameTools; global $_user; $tbl_announcement = Database::get_course_table(TABLE_ANNOUNCEMENT); $tbl_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY); // filter data $emailTitle = Database::escape_string($emailTitle); $newContent = Database::escape_string($newContent); $order = intval($order); // store in the table announcement $sql = "INSERT INTO $tbl_announcement SET content = '$newContent', title = '$emailTitle', end_date = NOW(), display_order ='$order', session_id=".intval($_SESSION['id_session']); $result = Database::query($sql,__FILE__,__LINE__); if ($result === false) { return false; } //store the attach file $last_id = Database::insert_id(); if (!empty($file)) { $save_attachment = add_announcement_attachment_file($last_id, $file_comment, $_FILES['user_upload']); } // store in item_property (first the groups, then the users if (!is_null($to)) // !is_null($to): when no user is selected we send it to everyone { $send_to=separate_users_groups($to); // storing the selected groups if (is_array($send_to['groups'])) { foreach ($send_to['groups'] as $group) { api_item_property_update($_course, TOOL_ANNOUNCEMENT, $last_id, "AnnouncementAdded", $_user['user_id'], $group); } } // storing the selected users if (is_array($send_to['users'])) { foreach ($send_to['users'] as $user) { api_item_property_update($_course, TOOL_ANNOUNCEMENT, $last_id, "AnnouncementAdded", $_user['user_id'], '', $user); } } } else // the message is sent to everyone, so we set the group to 0 { api_item_property_update($_course, TOOL_ANNOUNCEMENT, $last_id, "AnnouncementAdded", $_user['user_id'], '0'); } return $last_id; } function store_advalvas_group_item($emailTitle,$newContent, $order, $to, $to_users, $file = array(), $file_comment='') { global $_course; global $nameTools; global $_user; // database definitions $tbl_announcement = Database::get_course_table(TABLE_ANNOUNCEMENT); $tbl_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY); $newContent=stripslashes($newContent); $emailTitle = Database::escape_string($emailTitle); $newContent = Database::escape_string($newContent); $order = intval($order); // store in the table announcement $sql = "INSERT INTO $tbl_announcement SET content = '$newContent', title = '$emailTitle', end_date = NOW(), display_order ='$order', session_id=".intval($_SESSION['id_session']); $result = Database::query($sql,__FILE__,__LINE__) or die (mysql_error()); if ($result === false) { return false; } //store the attach file $last_id = Database::insert_id(); if (empty($file)) { $save_attachment = add_announcement_attachment_file($last_id, $file_comment, $file); } // store in item_property (first the groups, then the users if (!isset($to_users)) // !isset($to): when no user is selected we send it to everyone { $send_to=separate_users_groups($to); // storing the selected groups if (is_array($send_to['groups'])) { foreach ($send_to['groups'] as $group) { api_item_property_update($_course, TOOL_ANNOUNCEMENT, $last_id, "AnnouncementAdded", $_user['user_id'], $group); } } } else // the message is sent to everyone, so we set the group to 0 { // storing the selected users if (is_array($to_users)) { foreach ($to_users as $user) { api_item_property_update($_course, TOOL_ANNOUNCEMENT, $last_id, "AnnouncementAdded", $_user['user_id'], '', $user); } } } return $last_id; } /*================================================== EDIT_VALVAS_ITEM ==================================================*/ /** * This function stores the announcement Item in the table announcement * and updates the item_property also */ function edit_advalvas_item($id,$emailTitle,$newContent,$to,$file = array(), $file_comment='') { global $_course; global $nameTools; global $_user; global $tbl_announcement; global $tbl_item_property; $newContent=stripslashes($newContent); $emailTitle = Database::escape_string(Security::remove_XSS($emailTitle)); $newContent = Database::escape_string(Security::remove_XSS($newContent,COURSEMANAGERLOWSECURITY)); $order = intval($order); // store the modifications in the table announcement $sql = "UPDATE $tbl_announcement SET content='$newContent', title = '$emailTitle' WHERE id='$id'"; $result = Database::query($sql,__FILE__,__LINE__) or die (mysql_error()); // save attachment file $row_attach = get_attachment($id); $id_attach = intval($row_attach['id']); if (!empty($file)) { if (empty($id_attach)) { add_announcement_attachment_file($id,$file_comment,$file); } else { edit_announcement_attachment_file($id_attach,$file,$file_comment); } } // we remove everything from item_property for this $sql_delete="DELETE FROM $tbl_item_property WHERE ref='$id' AND tool='announcement'"; $result = Database::query($sql_delete,__FILE__,__LINE__) or die (mysql_error()); // store in item_property (first the groups, then the users if (!is_null($to)) // !is_null($to): when no user is selected we send it to everyone { $send_to=separate_users_groups($to); // storing the selected groups if (is_array($send_to['groups'])) { foreach ($send_to['groups'] as $group) { api_item_property_update($_course, TOOL_ANNOUNCEMENT, $id, "AnnouncementUpdated", $_user['user_id'], $group); } } // storing the selected users if (is_array($send_to['users'])) { foreach ($send_to['users'] as $user) { api_item_property_update($_course, TOOL_ANNOUNCEMENT, $id, "AnnouncementUpdated", $_user['user_id'], 0, $user); } } } else // the message is sent to everyone, so we set the group to 0 { api_item_property_update($_course, TOOL_ANNOUNCEMENT, $id, "AnnouncementUpdated", $_user['user_id'], '0'); } } /* ============================================================================== MAIL FUNCTIONS ============================================================================== */ /** * Sends an announcement by email to a list of users. * Emails are sent one by one to try to avoid antispam. */ function send_announcement_email($user_list, $course_code, $_course, $mail_title, $mail_content) { global $charset; global $_user; foreach ($user_list as $this_user) { /* Header : Bericht van uw lesgever - GES ($course_code) - Morgen geen les! ($mail_title) Body : John Doe (prenom + nom) (email) Morgen geen les! ($mail_title) Morgen is er geen les, de les wordt geschrapt wegens vergadering (newContent) */ $mail_subject = get_lang('professorMessage').' - '.$_course['official_code'].' - '.$mail_title; $mail_body = '['.$_course['official_code'].'] - ['.$_course['name']."]\n"; $mail_body .= api_get_person_name($this_user['firstname'], $this_user['lastname'], null, PERSON_NAME_EMAIL_ADDRESS).' <'.$this_user["email"]."> \n\n".stripslashes($mail_title)."\n\n".trim(stripslashes(api_html_entity_decode(strip_tags(str_replace(array('

','

','
'),array('',"\n","\n"),$mail_content)), ENT_QUOTES, $charset)))." \n\n-- \n"; $mail_body .= api_get_person_name($_user['firstName'], $_user['lastName'], null, PERSON_NAME_EMAIL_ADDRESS).' '; $mail_body .= '<'.$_user['mail'].">\n"; $mail_body .= $_course['official_code'].' '.$_course['name']; //set the charset and use it for the encoding of the email - small fix, not really clean (should check the content encoding origin first) //here we use the encoding used for the webpage where the text is encoded (ISO-8859-1 in this case) if(empty($charset)){$charset='ISO-8859-1';} $encoding = 'Content-Type: text/plain; charset='. $charset; $newmail = api_mail(api_get_person_name($this_user['firstname'], $this_user['lastname'], null, PERSON_NAME_EMAIL_ADDRESS), $this_user['email'], $mail_subject, $mail_body, api_get_person_name($_SESSION['_user']['firstName'], $_SESSION['_user']['lastName'], null, PERSON_NAME_EMAIL_ADDRESS), $_SESSION['_user']['mail'], $encoding); } } function update_mail_sent($insert_id) { global $_course; global $tbl_announcement; if ($insert_id != strval(intval($insert_id))) { return false; } $insert_id = Database::escape_string($insert_id); // store the modifications in the table tbl_annoucement $sql = "UPDATE $tbl_announcement SET email_sent='1' WHERE id='$insert_id'"; Database::query($sql,__FILE__,__LINE__); } /** * Gets all announcements from a user by course * @param string course db * @param int user id * @return array html with the content and count of announcements or false otherwise */ function get_all_annoucement_by_user_course($course_db, $user_id) { if (empty($course_db) || empty($user_id)) { return false; } $tbl_announcement = Database::get_course_table(TABLE_ANNOUNCEMENT, $course_db); $tbl_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY, $course_db); if (!empty($user_id) && is_numeric($user_id)) { $user_id = intval($user_id); $sql="SELECT DISTINCT announcement.title, announcement.content FROM $tbl_announcement announcement, $tbl_item_property toolitemproperties WHERE announcement.id = toolitemproperties.ref AND toolitemproperties.tool='announcement' AND (toolitemproperties.insert_user_id='$user_id' AND (toolitemproperties.to_group_id='0' OR toolitemproperties.to_group_id is null)) AND toolitemproperties.visibility='1' AND announcement.session_id = 0 ORDER BY display_order DESC"; $rs = Database::query($sql,__FILE__,__LINE__); $num_rows = Database::num_rows($rs); $content = ''; $i=0; $result = array(); if ($num_rows>0) { while ($myrow = Database::fetch_array($rs)) { //if ($i<=4) { $content.= ''.$myrow['title'].'

'; $content.= $myrow['content']; /*} else { break; }*/ $i++; } $result['content'] = $content; $result['count'] = $i; return $result; } return false; } return false; } /* ============================================================================== ATTACHMENT FUNCTIONS ============================================================================== */ /** * Show a list with all the attachments according to the post's id * @param int announcement id * @return array with the post info * @author Arthur Portugal * @version November 2009, dokeos 1.8.6.2 */ function get_attachment($announcement_id) { $tbl_announcement_attachment = Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT); $announcement_id=Database::escape_string($announcement_id); $row=array(); $sql = 'SELECT id,path, filename,comment FROM '. $tbl_announcement_attachment.' WHERE announcement_id = '.(int)$announcement_id.''; $result=Database::query($sql, __FILE__, __LINE__); if (Database::num_rows($result)!=0) { $row=Database::fetch_array($result,ASSOC); } return $row; } /** * This function add a attachment file into announcement * @param int announcement id * @param string file comment * @param array uploaded file $_FILES * @return int -1 if failed, 0 if unknown (should not happen), 1 if success */ function add_announcement_attachment_file($announcement_id, $file_comment, $file) { global $_course; $tbl_announcement_attachment = Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT); $return = 0; $announcement_id = intval($announcement_id); if (is_array($file) && $file['error'] == 0 ) { $courseDir = $_course['path'].'/upload/announcements'; $sys_course_path = api_get_path(SYS_COURSE_PATH); $updir = $sys_course_path.$courseDir; // Try to add an extension to the file if it hasn't one $new_file_name = add_ext_on_mime(stripslashes($file['name']), $file['type']); // user's file name $file_name = $file['name']; if (!filter_extension($new_file_name)) { $return = -1; Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension')); } else { $new_file_name = uniqid(''); $new_path = $updir.'/'.$new_file_name; $result = @move_uploaded_file($file['tmp_name'], $new_path); $safe_file_comment = Database::escape_string($file_comment); $safe_file_name = Database::escape_string($file_name); $safe_new_file_name = Database::escape_string($new_file_name); // Storing the attachments if any $sql = 'INSERT INTO '.$tbl_announcement_attachment.'(filename, comment, path, announcement_id, size) '. "VALUES ( '$safe_file_name', '$file_comment', '$safe_new_file_name' , '$announcement_id', '".intval($file['size'])."' )"; $result = Database::query($sql, __LINE__, __FILE__); $return = 1; } } return $return; } /** * This function edit a attachment file into announcement * @param int attach id * @param array uploaded file $_FILES * @param string file comment * @return int */ function edit_announcement_attachment_file($id_attach, $file, $file_comment) { global $_course; $tbl_announcement_attachment = Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT); $return = 0; if (is_array($file) && $file['error'] == 0 ) { $courseDir = $_course['path'].'/upload/announcements'; $sys_course_path = api_get_path(SYS_COURSE_PATH); $updir = $sys_course_path.$courseDir; // Try to add an extension to the file if it hasn't one $new_file_name = add_ext_on_mime(stripslashes($file['name']), $file['type']); // user's file name $file_name =$file ['name']; if (!filter_extension($new_file_name)) { $return -1; Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension')); } else { $new_file_name = uniqid(''); $new_path = $updir.'/'.$new_file_name; $result = @move_uploaded_file($file['tmp_name'], $new_path); $safe_file_comment = Database::escape_string($file_comment); $safe_file_name = Database::escape_string($file_name); $safe_new_file_name = Database::escape_string($new_file_name); $id_attach = intval($id_attach); $sql = "UPDATE $tbl_announcement_attachment SET filename = '$safe_file_name', comment = '$safe_file_comment', path = '$safe_new_file_name', size ='".intval($file['size'])."' WHERE id = '$id_attach'"; $result = Database::query($sql, __FILE__,__LINE__); if ($result === false) { $return = -1; Display :: display_error_message(get_lang('UplUnableToSaveFile')); } else { $return = 1; } } } return $return; } /** * This function delete a attachment file by id * @param integer attachment file Id * */ function delete_announcement_attachment_file($id) { global $_course; $tbl_announcement_attachment = Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT); $id=Database::escape_string($id); $sql="DELETE FROM $tbl_announcement_attachment WHERE id = $id"; error_log($sql); $result=Database::query($sql, __FILE__,__LINE__); // update item_property //api_item_property_update($_course, 'announcement_attachment', $id,'AnnouncementAttachmentDeleted', api_get_user_id()); }