chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Chamilo is a learning management system focused on ease of use and accessibility
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
24292 Commits
17 Branches
107 Tags
957 MiB
 
 
 
 
 
 
Tag: Branch: Tree: 9724271764
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9724271764'
${ noResults }
chamilo-lms/main/inc/lib/api.lib.php

6968 lines
255 KiB
Raw Blame History

<?php
/* For licensing terms, see /license.txt */
/**
* This is a code library for Chamilo.
* It is included by default in every Chamilo file (through including the global.inc.php)
* @todo transform this in a class!
* @package chamilo.library
*/
use \ChamiloSession as Session;
use Symfony\Component\Validator\Constraints as Assert;
use Application\Sonata\UserBundle\Entity\User;
use Chamilo\CoreBundle\Entity\Course;
/**
* Constants declaration
*/
// PHP version requirement.
define('REQUIRED_PHP_VERSION', '5.3.3');
define('REQUIRED_MIN_MEMORY_LIMIT', '32');
define('REQUIRED_MIN_UPLOAD_MAX_FILESIZE', '10');
define('REQUIRED_MIN_POST_MAX_SIZE', '10');
// USER STATUS CONSTANTS
/** global status of a user: course manager */
define('COURSEMANAGER', 1);
define('TEACHER', 1);
// status 2 ??
/** global status of a user: session admin */
define('SESSIONADMIN', 3);
/** global status of a user: human ressource manager */
define('DRH', 4);
/** global status of a user: student */
define('STUDENT', 5);
/** global status of a user: human ressource manager */
define('ANONYMOUS', 6);
/** global status of a user: low security, necessary for inserting data from
* the teacher through HTMLPurifier */
define('COURSEMANAGERLOWSECURITY', 10);
// Soft user status
define('PLATFORM_ADMIN', 11);
define('SESSION_COURSE_COACH', 12);
define('SESSION_GENERAL_COACH', 13);
define('COURSE_STUDENT', 14); //student subscribed in a course
define('SESSION_STUDENT', 15); //student subscribed in a session course
define('COURSE_TUTOR', 16); // student is tutor of a course (NOT in session)
define('QUESTION_MANAGER', 17);
// Table of status
$_status_list[COURSEMANAGER] = 'teacher'; // 1
$_status_list[SESSIONADMIN] = 'session_admin'; // 3
$_status_list[DRH] = 'drh'; // 4
$_status_list[STUDENT] = 'user'; // 5
$_status_list[ANONYMOUS] = 'anonymous'; // 6
// COURSE VISIBILITY CONSTANTS
/** only visible for course admin */
define('COURSE_VISIBILITY_CLOSED', 0);
/** only visible for users registered in the course*/
define('COURSE_VISIBILITY_REGISTERED', 1);
/** Open for all registered users on the platform */
define('COURSE_VISIBILITY_OPEN_PLATFORM', 2);
/** Open for the whole world */
define('COURSE_VISIBILITY_OPEN_WORLD', 3);
/** Invisible to all except admin */
define('COURSE_VISIBILITY_HIDDEN', 4);
// SESSION VISIBILITY CONSTANTS
define('SESSION_VISIBLE_READ_ONLY', 1);
define('SESSION_VISIBLE', 2);
define('SESSION_INVISIBLE', 3); // not available
define('SESSION_AVAILABLE', 4);
define('SUBSCRIBE_ALLOWED', 1);
define('SUBSCRIBE_NOT_ALLOWED', 0);
define('UNSUBSCRIBE_ALLOWED', 1);
define('UNSUBSCRIBE_NOT_ALLOWED', 0);
// CONSTANTS defining all tools, using the english version
/* When you add a new tool you must add it into function api_get_tools_lists() too */
define('TOOL_DOCUMENT', 'document');
define('TOOL_THUMBNAIL', 'thumbnail');
define('TOOL_HOTPOTATOES', 'hotpotatoes');
define('TOOL_CALENDAR_EVENT', 'calendar_event');
define('TOOL_LINK', 'link');
define('TOOL_COURSE_DESCRIPTION', 'course_description');
define('TOOL_SEARCH', 'search');
define('TOOL_LEARNPATH', 'learnpath');
define('TOOL_AGENDA', 'agenda');
define('TOOL_ANNOUNCEMENT', 'announcement');
define('TOOL_FORUM', 'forum');
define('TOOL_FORUM_CATEGORY','forum_category');
define('TOOL_FORUM_THREAD','forum_thread');
define('TOOL_FORUM_POST','forum_post');
define('TOOL_FORUM_ATTACH','forum_attachment');
define('TOOL_FORUM_THREAD_QUALIFY','forum_thread_qualify');
define('TOOL_THREAD', 'thread');
define('TOOL_POST', 'post');
define('TOOL_DROPBOX', 'dropbox');
define('TOOL_QUIZ', 'quiz');
define('TOOL_USER', 'user');
define('TOOL_GROUP', 'group');
define('TOOL_BLOGS', 'blog_management'); // Smartblogs (Kevin Van Den Haute :: kevin@develop-it.be)
define('TOOL_BLOG', 'blog');
define('TOOL_CHAT', 'chat');
define('TOOL_CONFERENCE', 'conference');
define('TOOL_STUDENTPUBLICATION', 'student_publication');
define('TOOL_TRACKING', 'tracking');
define('TOOL_HOMEPAGE_LINK', 'homepage_link');
define('TOOL_COURSE_SETTING', 'course_setting');
define('TOOL_BACKUP', 'backup');
define('TOOL_COPY_COURSE_CONTENT', 'copy_course_content');
define('TOOL_RECYCLE_COURSE', 'recycle_course');
define('TOOL_COURSE_HOMEPAGE', 'course_homepage');
define('TOOL_COURSE_RIGHTS_OVERVIEW', 'course_rights');
define('TOOL_UPLOAD','file_upload');
define('TOOL_COURSE_MAINTENANCE','course_maintenance');
define('TOOL_VISIO','visio');
define('TOOL_VISIO_CONFERENCE','visio_conference');
define('TOOL_VISIO_CLASSROOM','visio_classroom');
define('TOOL_SURVEY','survey');
define('TOOL_WIKI','wiki');
define('TOOL_GLOSSARY','glossary');
define('TOOL_GRADEBOOK','gradebook');
define('TOOL_NOTEBOOK','notebook');
define('TOOL_ATTENDANCE','attendance');
define('TOOL_COURSE_PROGRESS','course_progress');
define('TOOL_CURRICULUM', 'curriculum');
// CONSTANTS defining Chamilo interface sections
define('SECTION_CAMPUS', 'mycampus');
define('SECTION_COURSES', 'mycourses');
define('SECTION_MYPROFILE', 'myprofile');
define('SECTION_MYAGENDA', 'myagenda');
define('SECTION_COURSE_ADMIN', 'course_admin');
define('SECTION_PLATFORM_ADMIN', 'platform_admin');
define('SECTION_MYGRADEBOOK', 'mygradebook');
define('SECTION_TRACKING','session_my_space');
define('SECTION_SOCIAL', 'social');
define('SECTION_DASHBOARD', 'dashboard');
define('SECTION_REPORTS', 'reports');
define('SECTION_GLOBAL', 'global');
// CONSTANT name for local authentication source
define('PLATFORM_AUTH_SOURCE', 'platform');
define('CAS_AUTH_SOURCE', 'cas');
define('LDAP_AUTH_SOURCE', 'extldap');
// CONSTANT defining the default HotPotatoes files directory
define('DIR_HOTPOTATOES','/HotPotatoes_files');
// Event logs types
define('LOG_COURSE_DELETE', 'course_deleted');
define('LOG_COURSE_CREATE', 'course_created');
define('LOG_GROUP_PORTAL_CREATED', 'soc_gr_created');
define('LOG_GROUP_PORTAL_UPDATED', 'soc_gr_updated');
define('LOG_GROUP_PORTAL_DELETED', 'soc_gr_deleted');
define('LOG_GROUP_PORTAL_USER_DELETE_ALL', 'soc_gr_delete_users');
define('LOG_GROUP_PORTAL_ID', 'soc_gr_portal_id');
define('LOG_GROUP_PORTAL_REL_USER_ARRAY', 'soc_gr_user_array');
define('LOG_GROUP_PORTAL_USER_SUBSCRIBED', 'soc_gr_u_subs');
define('LOG_GROUP_PORTAL_USER_UNSUBSCRIBED', 'soc_gr_u_unsubs');
define('LOG_GROUP_PORTAL_USER_UPDATE_ROLE', 'soc_gr_update_role');
define('LOG_USER_DELETE', 'user_deleted');
define('LOG_USER_CREATE', 'user_created');
define('LOG_USER_ENABLE', 'user_enable');
define('LOG_USER_DISABLE', 'user_disable');
define('LOG_USER_FIELD_CREATE', 'user_field_created');
define('LOG_USER_FIELD_DELETE', 'user_field_deleted');
define('LOG_USER_UPDATED', 'user_updated');
define('LOG_USER_ACTIVATED', 'user_activated');
define('LOG_USER_DEACTIVATED', 'user_deactivated');
define('LOG_SESSION_CREATE', 'session_created');
define('LOG_SESSION_DELETE', 'session_deleted');
define('LOG_SESSION_CATEGORY_CREATE', 'session_category_created');
define('LOG_SESSION_CATEGORY_DELETE', 'session_category_deleted');
define('LOG_CONFIGURATION_SETTINGS_CHANGE', 'settings_changed');
define('LOG_PLATFORM_LANGUAGE_CHANGE', 'platform_language_changed');
define('LOG_SUBSCRIBE_USER_TO_COURSE', 'user_subscribed');
define('LOG_UNSUBSCRIBE_USER_FROM_COURSE', 'user_unsubscribed');
define('LOG_ATTEMPTED_FORCED_LOGIN', 'attempted_forced_login');
define('LOG_HOMEPAGE_CHANGED', 'homepage_changed');
define('LOG_PROMOTION_CREATE', 'promotion_created');
define('LOG_PROMOTION_DELETE', 'promotion_deleted');
define('LOG_CAREER_CREATE', 'career_created');
define('LOG_CAREER_DELETE', 'career_deleted');
define('LOG_USER_PERSONAL_DOC_DELETED', 'user_doc_deleted');
define('LOG_WIKI_ACCESS', 'wiki_page_view');
// Event logs data types
define('LOG_COURSE_CODE', 'course_code');
define('LOG_USER_ID', 'user_id');
define('LOG_USER_OBJECT', 'user_object');
define('LOG_USER_FIELD_VARIABLE', 'user_field_variable');
define('LOG_SESSION_ID', 'session_id');
define('LOG_SESSION_CATEGORY_ID', 'session_category_id');
define('LOG_CONFIGURATION_SETTINGS_CATEGORY', 'settings_category');
define('LOG_CONFIGURATION_SETTINGS_VARIABLE', 'settings_variable');
define('LOG_PLATFORM_LANGUAGE', 'default_platform_language');
define('LOG_CAREER_ID', 'career_id');
define('LOG_PROMOTION_ID', 'promotion_id');
define('LOG_GRADEBOOK_LOCKED', 'gradebook_locked');
define('LOG_GRADEBOOK_UNLOCKED', 'gradebook_unlocked');
define('LOG_GRADEBOOK_ID', 'gradebook_id');
define('LOG_WIKI_PAGE_ID', 'wiki_page_id');
define('USERNAME_PURIFIER', '/[^0-9A-Za-z_\.]/');
//used when login_is_email setting is true
define('USERNAME_PURIFIER_MAIL', '/[^0-9A-Za-z_\.@]/');
define('USERNAME_PURIFIER_SHALLOW', '/\s/');
// Constants for detection some important PHP5 subversions.
$php_version = (float) PHP_VERSION;
define('IS_PHP_52', !((float)$php_version < 5.2));
define('IS_PHP_53', !((float)$php_version < 5.3));
define('IS_PHP_SUP_OR_EQ_53', ($php_version >= 5.3));
define('IS_PHP_SUP_OR_EQ_52', ($php_version >= 5.2 && !IS_PHP_53));
define('IS_PHP_SUP_OR_EQ_51', ($php_version >= 5.1 && !IS_PHP_52 && !IS_PHP_53));
// This constant is a result of Windows OS detection, it has a boolean value:
// true whether the server runs on Windows OS, false otherwise.
define('IS_WINDOWS_OS', api_is_windows_os());
// Checks for installed optional php-extensions.
define('INTL_INSTALLED', function_exists('intl_get_error_code')); // intl extension (from PECL), it is installed by default as of PHP 5.3.0
define('MBSTRING_INSTALLED', function_exists('mb_strlen')); // mbstring extension.
// Patterns for processing paths. // Examples:
define('REPEATED_SLASHES_PURIFIER', '/\/{2,}/'); // $path = preg_replace(REPEATED_SLASHES_PURIFIER, '/', $path);
define('VALID_WEB_PATH', '/https?:\/\/[^\/]*(\/.*)?/i'); // $is_valid_path = preg_match(VALID_WEB_PATH, $path);
define('VALID_WEB_SERVER_BASE', '/https?:\/\/[^\/]*/i'); // $new_path = preg_replace(VALID_WEB_SERVER_BASE, $new_base, $path);
// Constants for api_get_path() and api_get_path_type(), etc. - registered path types.
define('WEB_PATH', 'WEB_PATH');
define('SYS_CONFIG_PATH', 'SYS_CONFIG_PATH');
define('REL_PATH', 'REL_PATH');
define('WEB_SERVER_ROOT_PATH', 'WEB_SERVER_ROOT_PATH');
define('SYS_SERVER_ROOT_PATH', 'SYS_SERVER_ROOT_PATH');
define('WEB_COURSE_PATH', 'WEB_COURSE_PATH');
define('SYS_COURSE_PATH', 'SYS_COURSE_PATH');
define('REL_COURSE_PATH', 'REL_COURSE_PATH');
define('REL_CODE_PATH', 'REL_CODE_PATH');
define('WEB_CODE_PATH', 'WEB_CODE_PATH');
define('SYS_CODE_PATH', 'SYS_CODE_PATH');
define('SYS_CSS_PATH', 'SYS_CSS_PATH');
define('SYS_LANG_PATH', 'SYS_LANG_PATH');
define('WEB_IMG_PATH', 'WEB_IMG_PATH');
define('SYS_IMG_PATH', 'SYS_IMG_PATH');
define('WEB_CSS_PATH', 'WEB_CSS_PATH');
define('SYS_PLUGIN_PATH', 'SYS_PLUGIN_PATH');
define('PLUGIN_PATH', 'SYS_PLUGIN_PATH'); // deprecated ?
define('WEB_PLUGIN_PATH', 'WEB_PLUGIN_PATH');
define('SYS_ARCHIVE_PATH', 'SYS_ARCHIVE_PATH');
define('WEB_ARCHIVE_PATH', 'WEB_ARCHIVE_PATH');
define('INCLUDE_PATH', 'INCLUDE_PATH');
define('LIBRARY_PATH', 'LIBRARY_PATH');
define('SYS_LIBRARY_JS_PATH', 'SYS_LIBRARY_JS_PATH');
define('CONFIGURATION_PATH', 'CONFIGURATION_PATH');
define('WEB_LIBRARY_PATH', 'WEB_LIBRARY_PATH');
define('WEB_LIBRARY_JS_PATH', 'WEB_LIBRARY_JS_PATH');
define('WEB_AJAX_PATH', 'WEB_AJAX_PATH');
define('SYS_TEST_PATH', 'SYS_TEST_PATH');
define('WEB_TEMPLATE_PATH', 'WEB_TEMPLATE_PATH');
define('SYS_TEMPLATE_PATH', 'SYS_TEMPLATE_PATH');
// 1.10 new paths
define('WEB_PUBLIC_PATH', 'WEB_PUBLIC_PATH');
define('SYS_WEB_PATH', 'SYS_WEB_PATH');
define('SYS_PATH', 'SYS_PATH');
define('SYS_DATA_PATH', 'SYS_DATA_PATH');
define('SYS_LOG_PATH', 'SYS_LOG_PATH');
define('WEB_DATA_COURSE_PATH', 'WEB_DATA_COURSE_PATH');
define('WEB_DATA_PATH', 'WEB_DATA_PATH');
define('REL_DATA_PATH', 'REL_DATA_PATH');
define('SYS_DEFAULT_COURSE_DOCUMENT_PATH', 'SYS_DEFAULT_COURSE_DOCUMENT_PATH');
define('REL_DEFAULT_COURSE_DOCUMENT_PATH', 'REL_DEFAULT_COURSE_DOCUMENT_PATH');
define('WEB_DEFAULT_COURSE_DOCUMENT_PATH', 'WEB_DEFAULT_COURSE_DOCUMENT_PATH');
// Constants for requesting path conversion.
define('TO_WEB', 'TO_WEB');
define('TO_SYS', 'TO_SYS');
define('TO_REL', 'TO_REL');
// Paths to regidtered specific resource files (scripts, players, etc.)
define('FLASH_PLAYER_AUDIO', '{FLASH_PLAYER_AUDIO}');
define('FLASH_PLAYER_VIDEO', '{FLASH_PLAYER_VIDEO}');
define('SCRIPT_SWFOBJECT', '{SCRIPT_SWFOBJECT}');
define('SCRIPT_ASCIIMATHML', '{SCRIPT_ASCIIMATHML}');
define('DRAWING_ASCIISVG', '{DRAWING_ASCIISVG}');
// Relations type with Human resources manager
define('COURSE_RELATION_TYPE_RRHH', 1);
define('SESSION_RELATION_TYPE_RRHH', 1);
//User image sizes
define('USER_IMAGE_SIZE_ORIGINAL', 1);
define('USER_IMAGE_SIZE_BIG', 2);
define('USER_IMAGE_SIZE_MEDIUM', 3);
define('USER_IMAGE_SIZE_SMALL', 4);
// Relation type between users
define('USER_UNKNOW', 0);
define('USER_RELATION_TYPE_UNKNOW', 1);
define('USER_RELATION_TYPE_PARENT', 2); // should be deprecated is useless
define('USER_RELATION_TYPE_FRIEND', 3);
define('USER_RELATION_TYPE_GOODFRIEND', 4); // should be deprecated is useless
define('USER_RELATION_TYPE_ENEMY', 5); // should be deprecated is useless
define('USER_RELATION_TYPE_DELETED', 6);
define('USER_RELATION_TYPE_RRHH', 7);
//Gradebook link constants
//Please do not change existing values, they are used in the database !
define('LINK_EXERCISE', 1);
define('LINK_DROPBOX', 2);
define('LINK_STUDENTPUBLICATION', 3);
define('LINK_LEARNPATH', 4);
define('LINK_FORUM_THREAD', 5);
//define('LINK_WORK',6);
define('LINK_ATTENDANCE', 7);
define('LINK_SURVEY', 8);
//Course request
define('COURSE_REQUEST_PENDING', 0);
define('COURSE_REQUEST_ACCEPTED', 1);
define('COURSE_REQUEST_REJECTED', 2);
define('SHORTCUTS_HORIZONTAL', 0);
define('SHORTCUTS_VERTICAL', 1);
//Display
define('MAX_LENGTH_BREADCRUMB', 100);
define('ICON_SIZE_TINY', 16);
define('ICON_SIZE_SMALL', 22);
define('ICON_SIZE_MEDIUM', 32);
define('ICON_SIZE_LARGE', 48);
define('ICON_SIZE_BIG', 64);
define('ICON_SIZE_HUGE', 128);
define('SHOW_TEXT_NEAR_ICONS', false);
//Event
define ('EVENT_EMAIL_TEMPLATE_ACTIVE', 1);
define ('EVENT_EMAIL_TEMPLATE_INACTIVE',0);
// Group permissions
define('GROUP_PERMISSION_OPEN' , '1');
define('GROUP_PERMISSION_CLOSED', '2');
// Group user permissions
define('GROUP_USER_PERMISSION_ADMIN', '1'); // the admin of a group
define('GROUP_USER_PERMISSION_READER', '2'); // a normal user
define('GROUP_USER_PERMISSION_PENDING_INVITATION', '3'); // When an admin/moderator invites a user
define('GROUP_USER_PERMISSION_PENDING_INVITATION_SENT_BY_USER', '4'); // an user joins a group
define('GROUP_USER_PERMISSION_MODERATOR', '5'); // a moderator
define('GROUP_USER_PERMISSION_ANONYMOUS', '6'); // an anonymous user
define('GROUP_USER_PERMISSION_HRM', '7'); // a human resources manager
define('GROUP_IMAGE_SIZE_ORIGINAL', 1);
define('GROUP_IMAGE_SIZE_BIG', 2);
define('GROUP_IMAGE_SIZE_MEDIUM', 3);
define('GROUP_IMAGE_SIZE_SMALL', 4);
define('GROUP_TITLE_LENGTH', 50);
// Messages
define('MESSAGE_STATUS_NEW', '0');
define('MESSAGE_STATUS_UNREAD', '1');
//2 ??
define('MESSAGE_STATUS_DELETED', '3');
define('MESSAGE_STATUS_OUTBOX', '4');
define('MESSAGE_STATUS_INVITATION_PENDING', '5');
define('MESSAGE_STATUS_INVITATION_ACCEPTED', '6');
define('MESSAGE_STATUS_INVITATION_DENIED', '7');
define('SESSION_LINK_TARGET', '_self');
/**
* Form validator
*/
define('NO_HTML', 1);
define('STUDENT_HTML', 2);
define('TEACHER_HTML', 3);
define('STUDENT_HTML_FULLPAGE', 4);
define('TEACHER_HTML_FULLPAGE', 5);
// Exercise
define('EXERCISE_NUMBER_OF_DECIMALS', 2);
// @todo add this constants in the Question class
// Question types
define('UNIQUE_ANSWER', 1);
define('MULTIPLE_ANSWER', 2);
define('FILL_IN_BLANKS', 3);
define('MATCHING', 4);
define('FREE_ANSWER', 5);
define('HOT_SPOT', 6);
define('HOT_SPOT_ORDER', 7);
define('HOT_SPOT_DELINEATION', 8);
define('MULTIPLE_ANSWER_COMBINATION', 9);
define('UNIQUE_ANSWER_NO_OPTION', 10);
define('MULTIPLE_ANSWER_TRUE_FALSE', 11);
define('MULTIPLE_ANSWER_COMBINATION_TRUE_FALSE', 12);
define('ORAL_EXPRESSION', 13);
define('GLOBAL_MULTIPLE_ANSWER', 14);
define('MEDIA_QUESTION', 15);
define('UNIQUE_ANSWER_IMAGE', 16);
define('DRAGGABLE', 17);
//Some alias used in the QTI exports
define('MCUA', 1);
define('TF', 1);
define('MCMA', 2);
define('FIB', 3);
/* XML processing functions */
// A regular expression for accessing declared encoding within xml-formatted text.
// Published by Steve Minutillo,
// http://minutillo.com/steve/weblog/2004/6/17/php-xml-and-character-encodings-a-tale-of-sadness-rage-and-data-loss/
define('_PCRE_XML_ENCODING', '/<\?xml.*encoding=[\'"](.*?)[\'"].*\?>/m');
//Social PLUGIN PLACES
define('SOCIAL_LEFT_PLUGIN', 1);
define('SOCIAL_CENTER_PLUGIN', 2);
define('SOCIAL_RIGHT_PLUGIN', 3);
define('CUT_GROUP_NAME', 50);
// Skills
define ('SKILL_TYPE_REQUIREMENT', 'required');
define ('SKILL_TYPE_ACQUIRED', 'acquired');
define ('SKILL_TYPE_BOTH', 'both');
// Tool
define('TOOL_PUBLIC', 'Public');
define('TOOL_PUBLIC_BUT_HIDDEN', 'PublicButHide');
define('TOOL_COURSE_ADMIN', 'courseAdmin');
define('TOOL_PLATFORM_ADMIN', 'platformAdmin');
define('TOOL_AUTHORING', 'toolauthoring');
define('TOOL_INTERACTION', 'toolinteraction');
define('TOOL_COURSE_PLUGIN', 'toolcourseplugin'); //all plugins that can be enabled in courses
define('TOOL_ADMIN', 'tooladmin');
define('TOOL_ADMIN_PLATFORM', 'tooladminplatform');
define('TOOL_STUDENT_VIEW', 'toolstudentview');
define('TOOL_ADMIN_VISIBLE', 'tooladminvisible');
/* PATHS & FILES - ROUTINES */
/**
* Returns a path to a certain resource within the Chamilo area, specifyed through a parameter.
* Also, this function provides conversion between path types, in this case the input path points inside the Chamilo area too.
*
* See $_configuration['course_folder'] in the configuration.php to alter the WEB_COURSE_PATH and SYS_COURSE_PATH parameters.
* @param string $type The requested path type (a defined constant), see the examples.
* @param string $path (optional) A path which type is to be converted. Also, it may be a defined constant for a path.
* This parameter has meaning when $type parameter has one of the following values: TO_WEB, TO_SYS, TO_REL. Otherwise it is ignored.
* @return string The requested path or the converted path.
*
* A terminology note:
* The defined constants used by this function contain the abbreviations WEB, REL, SYS with the following meaning for types:
* WEB - an absolute URL (we often call it web-path),
* example: http://www.mychamilo.org/chamilo/courses/COURSE01/document/lesson01.html;
*
* REL - represents a semi-absolute URL - a web-path, which is relative to the root web-path of the server, without server's base,
* example: /chamilo/courses/COURSE01/document/lesson01.html;
*
* SYS - represents an absolute path inside the scope of server's file system,
* /var/www/chamilo/courses/COURSE01/document/lesson01.html or
* C:/Inetpub/wwwroot/chamilo/courses/COURSE01/document/lesson01.html.
*
* In some abstract sense we can consider these three path types as absolute.
*
* Notes about the current behaviour model:
* 1. Windows back-slashes are converted to slashes in the result.
* 2. A semi-absolute web-path is detected by its leading slash. On Linux systems, absolute system paths start with
* a slash too, so an additional check about presense of leading system server base is implemented. For example, the function is
* able to distinguish type difference between /var/www/chamilo/courses/ (SYS) and /chamilo/courses/ (REL).
* 3. The function api_get_path() returns only these three types of paths, which in some sense are absolute. The function has
* no a mechanism for processing relative web/system paths, such as: lesson01.html, ./lesson01.html, ../css/my_styles.css.
* It has not been identified as needed yet.
* 4. Also, resolving the meta-symbols "." and ".." withiin paths has not been implemented, it is to be identified as needed.
*
* Example:
* Assume that your server root is /var/www/ , Chamilo is installed in a subfolder chamilo/ and the URL of your campus is http://www.mychamilo.org
* The other configuration paramaters have not been changed.
*
* This is how we can retireve mosth used paths, for common purpose:
* api_get_path(REL_PATH) /chamilo/
* api_get_path(REL_COURSE_PATH) /chamilo/courses/
* api_get_path(REL_CODE_PATH) /chamilo/main/
* api_get_path(SYS_SERVER_ROOT_PATH) /var/www/ - This is the physical folder where the system Chamilo has been placed. It is not always equal to $_SERVER['DOCUMENT_ROOT'].
* api_get_path(SYS_PATH) /var/www/chamilo/
*
* api_get_path(SYS_ARCHIVE_PATH) /var/www/chamilo/temp/
* api_get_path(SYS_LOG_PATH) /var/www/chamilo/logs/
* api_get_path(SYS_DATA_PATH) /var/www/chamilo/data/
* api_get_path(SYS_CONFIG_PATH) /var/www/chamilo/config/
* api_get_path(SYS_WEB_PATH) /var/www/chamilo/web/
*
* api_get_path(SYS_COURSE_PATH) /var/www/chamilo/data/courses/
* api_get_path(SYS_CODE_PATH) /var/www/chamilo/main/
* api_get_path(SYS_CSS_PATH) /var/www/chamilo/main/css
* api_get_path(INCLUDE_PATH) /var/www/chamilo/main/inc/
* api_get_path(LIBRARY_PATH) /var/www/chamilo/main/inc/lib/
* api_get_path(SYS_LIBRARY_JS_PATH) /var/www/chamilo/web/Chamilo/js
* api_get_path(CONFIGURATION_PATH) /var/www/chamilo/main/inc/conf/
* api_get_path(SYS_LANG_PATH) /var/www/chamilo/main/lang/
* api_get_path(SYS_PLUGIN_PATH) /var/www/chamilo/plugin/
* api_get_path(SYS_TEST_PATH) /var/www/chamilo/tests/
* api_get_path(SYS_TEMPLATE_PATH) /var/www/chamilo/main/template/
*
* api_get_path(WEB_SERVER_ROOT_PATH) http://www.mychamilo.org/
*
* api_get_path(WEB_PUBLIC_PATH) http://www.mychamilo.org/chamilo/web/
* api_get_path(WEB_PATH) http://www.mychamilo.org/chamilo/
* api_get_path(WEB_COURSE_PATH) http://www.mychamilo.org/chamilo/courses/
* api_get_path(WEB_CODE_PATH) http://www.mychamilo.org/chamilo/main/
* api_get_path(WEB_PLUGIN_PATH) http://www.mychamilo.org/chamilo/plugin/
* api_get_path(WEB_ARCHIVE_PATH) http://www.mychamilo.org/chamilo/archive/
* api_get_path(WEB_IMG_PATH) http://www.mychamilo.org/chamilo/web/chamilo/img/
* api_get_path(SYS_IMG_PATH) /var/www/chamilo/web/bundles/chamilocore/img/
*
* api_get_path(WEB_CSS_PATH) http://www.mychamilo.org/chamilo/main/css/
* api_get_path(WEB_LIBRARY_PATH) http://www.mychamilo.org/chamilo/main/inc/lib/
* api_get_path(WEB_LIBRARY_JS_PATH) http://www.mychamilo.org/chamilo/web/Chamilo/javascript
* api_get_path(WEB_TEMPLATE_PATH) http://www.mychamilo.org/chamilo/main/template/
*
*
* This is how we retrieve paths of "registerd" resource files (scripts, players, etc.):
* api_get_path(TO_WEB, FLASH_PLAYER_AUDIO) http://www.mychamilo.org/chamilo/main/inc/lib/mediaplayer/player.swf
* api_get_path(TO_WEB, FLASH_PLAYER_VIDEO) http://www.mychamilo.org/chamilo/main/inc/lib/mediaplayer/player.swf
* api_get_path(TO_SYS, SCRIPT_SWFOBJECT) /var/www/chamilo/main/inc/lib/swfobject/swfobject.js
* api_get_path(TO_REL, SCRIPT_ASCIIMATHML) /chamilo/main/inc/lib/asciimath/ASCIIMathML.js
* ...
*
* We can convert arbitrary paths, that are not registered (no defined constant).
* For guaranteed result, these paths should point inside the system Chamilo.
* Some random examples:
* api_get_path(TO_WEB, $_SERVER['REQUEST_URI'])
* api_get_path(TO_SYS, $_SERVER['PHP_SELF'])
* api_get_path(TO_REL, __FILE__)
* ...
*/
function api_get_path($path_type, $path = null) {
static $paths = array(
SYS_DATA_PATH => 'data/',
SYS_WEB_PATH => 'web/',
SYS_CONFIG_PATH => 'config/',
SYS_LOG_PATH => 'logs/',
WEB_DATA_COURSE_PATH => 'courses/',
WEB_DATA_PATH => '/',
SYS_COURSE_PATH => 'data/',
SYS_CSS_PATH => 'bundles/chamilocore/css/',
SYS_LANG_PATH => 'lang/',
WEB_IMG_PATH => 'bundles/chamilocore/img/',
SYS_IMG_PATH => 'web/bundles/chamilocore/img/',
WEB_CSS_PATH => 'bundles/chamilocore/css/',
SYS_PLUGIN_PATH => 'plugin/',
WEB_PLUGIN_PATH => 'plugin/',
WEB_ARCHIVE_PATH => 'temp/',
INCLUDE_PATH => 'inc/',
LIBRARY_PATH => 'inc/lib/',
SYS_LIBRARY_JS_PATH => 'bundles/chamilocore//js/',
CONFIGURATION_PATH => 'inc/conf/',
WEB_LIBRARY_PATH => 'inc/lib/',
WEB_LIBRARY_JS_PATH => 'bundles/chamilocore//js/',
WEB_AJAX_PATH => 'inc/ajax/',
SYS_TEST_PATH => 'tests/',
WEB_TEMPLATE_PATH => 'template/',
SYS_TEMPLATE_PATH => 'template/'
);
static $resource_paths = array(
FLASH_PLAYER_AUDIO => 'inc/lib/mediaplayer/player.swf',
FLASH_PLAYER_VIDEO => 'inc/lib/mediaplayer/player.swf',
SCRIPT_SWFOBJECT => 'inc/lib/swfobject/swfobject.js',
SCRIPT_ASCIIMATHML => 'inc/lib/javascript/asciimath/ASCIIMathML.js',
DRAWING_ASCIISVG => 'inc/lib/javascript/asciimath/d.svg'
);
static $is_this_function_initialized;
static $server_base_web; // No trailing slash.
static $server_base_sys; // No trailing slash.
static $root_rel;
static $code_folder;
static $course_folder;
global $_configuration;
// Always load root_web modifications for multiple url features.
// Default $_configuration['root_web'] configuration
//$root_web = isset($_configuration['root_web']) ? $_configuration['root_web'] : $app['url_generator'];
$root_web = Session::getUrlGenerator()->generate('home'); //$_configuration['root_web'];
$rootDir = Session::getRootDir();
// Configuration data for already installed system.
$root_sys = $rootDir;
$load_new_config = false;
if ($path_type == WEB_PATH) {
$urlId = api_get_current_access_url_id();
if (isset($urlId) && $urlId != 1) {
//we look into the DB the function api_get_access_url
$url_info = api_get_current_access_url_info();
$root_web = $url_info['active'] == 1 ? $url_info['url'] : $_configuration['root_web'];
$load_new_config = true;
}
}
if (!$is_this_function_initialized) {
//$root_rel = $_configuration['url_append'];
$code_folder = 'main/';
//$course_folder = isset($_configuration['course_folder']) ? $_configuration['course_folder'] : null;
$course_folder = "courses/";
// Dealing with trailing slashes.
$root_web = api_add_trailing_slash($root_web);
$root_sys = api_add_trailing_slash($root_sys);
//$root_rel = api_add_trailing_slash($root_rel);
$code_folder = api_add_trailing_slash($code_folder);
$course_folder = api_add_trailing_slash($course_folder);
// Web server base and system server base.
//$server_base_web = preg_replace('@'.$root_rel.'$@', '', $root_web); // No trailing slash.
//$server_base_sys = preg_replace('@'.$root_rel.'$@', '', $root_sys); // No trailing slash.
// Initialization of a table that contains common-purpose paths.
$paths[WEB_PATH] = $root_web;
$paths[WEB_PUBLIC_PATH] = $root_web;
$paths[SYS_PATH] = $root_sys;
// Update data path to get it from config file if defined
$paths[SYS_DATA_PATH] = Session::getDataDir();
$paths[SYS_LOG_PATH] = Session::getLogDir();
$paths[SYS_CONFIG_PATH] = Session::getConfigDir();
$paths[SYS_COURSE_PATH] = Session::getCourseDir();
$paths[SYS_DEFAULT_COURSE_DOCUMENT_PATH] = $paths[SYS_DATA_PATH].'default_course_document/';
$paths[SYS_WEB_PATH] = $root_sys.'web/';
$paths[REL_PATH] = $root_rel;
//$paths[WEB_SERVER_ROOT_PATH] = $server_base_web.'/';
//$paths[SYS_SERVER_ROOT_PATH] = $server_base_sys.'/';
$paths[WEB_DATA_PATH] = $paths[WEB_PUBLIC_PATH].'data/';
$paths[WEB_COURSE_PATH] = $root_web.$course_folder;
$paths[WEB_DATA_COURSE_PATH] = $paths[WEB_DATA_PATH].$course_folder;
$paths[REL_COURSE_PATH] = $root_rel.$course_folder;
$paths[REL_CODE_PATH] = $root_rel.$code_folder;
$paths[WEB_CODE_PATH] = $root_web.$code_folder;
$paths[REL_DATA_PATH] = $root_rel.'data/';
$paths[WEB_DEFAULT_COURSE_DOCUMENT_PATH] = $paths[WEB_DATA_PATH].'default_course_document/';
$paths[REL_DEFAULT_COURSE_DOCUMENT_PATH] = $paths[REL_DATA_PATH].'default_course_document/';
$paths[SYS_CODE_PATH] = $root_sys.$code_folder;
// Now we can switch into api_get_path() "terminology".
$paths[SYS_LANG_PATH] = $paths[SYS_CODE_PATH].$paths[SYS_LANG_PATH];
$paths[SYS_PLUGIN_PATH] = $paths[SYS_PATH].$paths[SYS_PLUGIN_PATH];
$paths[SYS_ARCHIVE_PATH] = Session::getTempDir();
$paths[SYS_TEST_PATH] = $paths[SYS_PATH].$paths[SYS_TEST_PATH];
$paths[SYS_TEMPLATE_PATH] = $paths[SYS_CODE_PATH].$paths[SYS_TEMPLATE_PATH];
$paths[SYS_CSS_PATH] = $paths[SYS_PATH].$paths[SYS_CSS_PATH];
$paths[WEB_CSS_PATH] = $paths[WEB_PATH].$paths[WEB_CSS_PATH];
$paths[WEB_IMG_PATH] = $paths[WEB_PATH].$paths[WEB_IMG_PATH];
$paths[SYS_IMG_PATH] = $paths[SYS_PATH].$paths[SYS_IMG_PATH];
$paths[WEB_LIBRARY_PATH] = $paths[WEB_CODE_PATH].$paths[WEB_LIBRARY_PATH];
$paths[WEB_LIBRARY_JS_PATH] = $paths[WEB_PATH].$paths[WEB_LIBRARY_JS_PATH];
$paths[WEB_AJAX_PATH] = $paths[WEB_PUBLIC_PATH].'main/'.$paths[WEB_AJAX_PATH];
$paths[WEB_PLUGIN_PATH] = $paths[WEB_PATH].$paths[WEB_PLUGIN_PATH];
$paths[WEB_ARCHIVE_PATH] = $paths[WEB_PATH].$paths[WEB_ARCHIVE_PATH];
$paths[WEB_TEMPLATE_PATH] = $paths[WEB_CODE_PATH].$paths[WEB_TEMPLATE_PATH];
$paths[INCLUDE_PATH] = $paths[SYS_CODE_PATH].$paths[INCLUDE_PATH];
$paths[LIBRARY_PATH] = $paths[SYS_CODE_PATH].$paths[LIBRARY_PATH];
$paths[SYS_LIBRARY_JS_PATH] = $paths[SYS_PATH].$paths[SYS_LIBRARY_JS_PATH];
$paths[CONFIGURATION_PATH] = $paths[SYS_CODE_PATH].$paths[CONFIGURATION_PATH];
$is_this_function_initialized = true;
} else {
if ($load_new_config) {
// Redefining variables to work well with the "multiple url" feature
// All web paths need to be here
$web_paths = array(
WEB_PATH => '',
WEB_SERVER_ROOT_PATH => '',
WEB_COURSE_PATH => '',
WEB_CODE_PATH => '',
WEB_IMG_PATH => 'img/',
WEB_CSS_PATH => 'css/',
WEB_PLUGIN_PATH => 'plugin/',
WEB_ARCHIVE_PATH => 'archive/',
WEB_LIBRARY_PATH => 'inc/lib/',
WEB_LIBRARY_JS_PATH => 'inc/lib/javascript/',
WEB_AJAX_PATH => 'inc/ajax/',
WEB_PUBLIC_PATH => 'web/',
);
$root_web = api_add_trailing_slash($root_web);
// Web server base and system server base.
$server_base_web = preg_replace('@'.$root_rel.'$@', '', $root_web); // No trailing slash.
// Redefine root webs
$paths[WEB_PATH] = $root_web;
$paths[WEB_SERVER_ROOT_PATH] = $server_base_web.'/';
$paths[WEB_COURSE_PATH] = $root_web.$course_folder;
$paths[WEB_CODE_PATH] = $root_web.$code_folder;
$paths[WEB_IMG_PATH] = $paths[WEB_CODE_PATH].$web_paths[WEB_IMG_PATH];
$paths[WEB_CSS_PATH] = $paths[WEB_CODE_PATH].$web_paths[WEB_CSS_PATH];
$paths[WEB_PLUGIN_PATH] = $paths[WEB_PATH].$web_paths[WEB_PLUGIN_PATH];
$paths[WEB_ARCHIVE_PATH] = $paths[WEB_PATH].$web_paths[WEB_ARCHIVE_PATH];
$paths[WEB_LIBRARY_PATH] = $paths[WEB_CODE_PATH].$web_paths[WEB_LIBRARY_PATH];
$paths[WEB_LIBRARY_JS_PATH] = $paths[WEB_CODE_PATH].$web_paths[WEB_LIBRARY_JS_PATH];
$paths[WEB_AJAX_PATH] = $paths[WEB_CODE_PATH].$web_paths[WEB_AJAX_PATH];
$paths[WEB_PUBLIC_PATH] = $paths[WEB_PATH].$web_paths[WEB_PUBLIC_PATH];
}
}
// Shallow purification and validation of input parameters.
$path_type = trim($path_type);
$path = trim($path);
if (empty($path_type)) {
return null;
}
// Retrieving a common-purpose path.
if (isset($paths[$path_type])) {
return $paths[$path_type];
}
// Retrieving a specific resource path.
if (isset($resource_paths[$path])) {
switch ($path_type) {
case TO_WEB:
return $paths[WEB_CODE_PATH].$resource_paths[$path];
case TO_SYS:
return $paths[SYS_CODE_PATH].$resource_paths[$path];
case TO_REL:
return $paths[REL_CODE_PATH].$resource_paths[$path];
default:
return null;
}
}
// Common-purpose paths as a second parameter - recognition.
if (isset($paths[$path])) {
$path = $paths[$path];
}
// Second purification.
// Replacing Windows back slashes.
$path = str_replace('\\', '/', $path);
// Query strings sometimes mighth wrongly appear in non-URLs.
// Let us check remove them from all types of paths.
if (($pos = strpos($path, '?')) !== false) {
$path = substr($path, 0, $pos);
}
// Detection of the input path type. Conversion to semi-absolute type ( /chamilo/main/inc/.... ).
if (preg_match(VALID_WEB_PATH, $path)) {
// A special case: When a URL points to the document download script directly, without
// mod-rewrite translation, we have to translate it into an "ordinary" web path.
// For example:
// http://localhost/chamilo/main/document/download.php?doc_url=/image.png&cDir=/
// becomes
// http://localhost/chamilo/courses/TEST/document/image.png
// TEST is a course directory name, so called "system course code".
if (strpos($path, 'download.php') !== false) { // Fast detection first.
$path = urldecode($path);
if (preg_match('/(.*)main\/document\/download.php\?doc_url=\/(.*)&cDir=\/(.*)?/', $path, $matches)) {
$sys_course_code =
isset($_SESSION['_course']['sysCode']) // User is inside a course?
? $_SESSION['_course']['sysCode'] // Yes, then use course's directory name.
: '{SYS_COURSE_CODE}'; // No, then use a fake code, it may be processed later.
$path = $matches[1].'courses/'.$sys_course_code.'/document/'.str_replace('//', '/', $matches[3].'/'.$matches[2]);
}
}
// Replacement of the present web server base with a slash '/'.
$path = preg_replace(VALID_WEB_SERVER_BASE, '/', $path);
} elseif (strpos($path, $server_base_sys) === 0) {
$path = preg_replace('@^'.$server_base_sys.'@', '', $path);
} elseif (strpos($path, '/') === 0) {
// Leading slash - we assume that this path is semi-absolute (REL),
// then path is left without further modifications.
} else {
return null; // Probably implementation of this case won't be needed.
}
// Path now is semi-absolute. It is convenient at this moment repeated slashes to be removed.
$path = preg_replace(REPEATED_SLASHES_PURIFIER, '/', $path);
// Path conversion to the requested type.
switch ($path_type) {
case TO_WEB:
return $server_base_web.$path;
case TO_SYS:
return $server_base_sys.$path;
case TO_REL:
return $path;
}
return null;
}
/**
* Gets a modified version of the path for the CDN, if defined in
* configuration.php
* @param string The path of the resource without CDN
* @return string The path of the resource converted to CDN
* @author Yannick Warnier <ywarnier@beeznst.org>
*/
function api_get_cdn_path($web_path) {
global $_configuration;
$web_root = api_get_path(WEB_PATH);
$ext = substr($web_path,strrpos($web_path,'.'));
if (isset($ext[2])) { // faster version of strlen to check if len>2
// Check for CDN definitions
if (!empty($_configuration['cdn_enable']) && !empty($ext)) {
foreach ($_configuration['cdn'] as $host => $exts) {
if (in_array($ext,$exts)) {
//Use host as defined in $_configuration['cdn'], without
// trailing slash
return str_replace($web_root, $host.'/',$web_path);
}
}
}
}
return $web_path;
}
/**
* @return bool Return true if CAS authentification is activated
*
*/
function api_is_cas_activated() {
return api_get_setting('cas_activate') == "true";
}
/**
* @return bool Return true if LDAP authentification is activated
*
*/
function api_is_ldap_activated() {
global $extAuthSource;
return is_array($extAuthSource[LDAP_AUTH_SOURCE]);
}
/**
* @return bool Return true if Facebook authentification is activated
*
*/
function api_is_facebook_auth_activated() {
global $_configuration;
return (isset($_configuration['facebook_auth']) && $_configuration['facebook_auth'] == 1);
}
/**
* This function checks whether a given path points inside the system.
* @param string $path The path to be tesed. It should be full path, web-absolute (WEB), semi-absolute (REL) or system-absolyte (SYS).
* @return bool Returns true when the given path is inside the system, false otherwise.
*/
function api_is_internal_path($path) {
$path = str_replace('\\', '/', trim($path));
if (empty($path)) {
return false;
}
if (strpos($path, api_remove_trailing_slash(api_get_path(WEB_PATH))) === 0) {
return true;
}
if (strpos($path, api_remove_trailing_slash(api_get_path(SYS_PATH))) === 0) {
return true;
}
$server_base_web = api_remove_trailing_slash(api_get_path(REL_PATH));
$server_base_web = empty($server_base_web) ? '/' : $server_base_web;
if (strpos($path, $server_base_web) === 0) {
return true;
}
return false;
}
/**
* Adds to a given path a trailing slash if it is necessary (adds "/" character at the end of the string).
* @param string $path The input path.
* @return string Returns the modified path.
*/
function api_add_trailing_slash($path) {
return substr($path, -1) == '/' ? $path : $path.'/';
}
/**
* Removes from a given path the trailing slash if it is necessary (removes "/" character from the end of the string).
* @param string $path The input path.
* @return string Returns the modified path.
*/
function api_remove_trailing_slash($path) {
return substr($path, -1) == '/' ? substr($path, 0, -1) : $path;
}
/**
* Checks the RFC 3986 syntax of a given URL.
* @param string $url The URL to be checked.
* @param bool $absolute Whether the URL is absolute (beginning with a scheme such as "http:").
* @return bool Returns the URL if it is valid, FALSE otherwise.
* This function is an adaptation from the function valid_url(), Drupal CMS.
* @link http://drupal.org
* Note: The built-in function filter_var($urs, FILTER_VALIDATE_URL) has a bug for some versions of PHP.
* @link http://bugs.php.net/51192
*/
function api_valid_url($url, $absolute = false) {
if ($absolute) {
if (preg_match("
/^ # Start at the beginning of the text
(?:ftp|https?|feed):\/\/ # Look for ftp, http, https or feed schemes
(?: # Userinfo (optional) which is typically
(?:(?:[\w\.\-\+!$&'\(\)*\+,;=]|%[0-9a-f]{2})+:)* # a username or a username and password
(?:[\w\.\-\+%!$&'\(\)*\+,;=]|%[0-9a-f]{2})+@ # combination
)?
(?:
(?:[a-z0-9\-\.]|%[0-9a-f]{2})+ # A domain name or a IPv4 address
|(?:\[(?:[0-9a-f]{0,4}:)*(?:[0-9a-f]{0,4})\]) # or a well formed IPv6 address
)
(?::[0-9]+)? # Server port number (optional)
(?:[\/|\?]
(?:[\w#!:\.\?\+=&@$'~*,;\/\(\)\[\]\-]|%[0-9a-f]{2}) # The path and query (optional)
*)?
$/xi", $url)) {
return $url;
}
return false;
} else {
return preg_match("/^(?:[\w#!:\.\?\+=&@$'~*,;\/\(\)\[\]\-]|%[0-9a-f]{2})+$/i", $url) ? $url : false;
}
}
/**
* Checks whether a given string looks roughly like an email address.
* Tries to use PHP built-in validator in the filter extension (from PHP 5.2), falls back to a reasonably competent regex validator.
* Conforms approximately to RFC2822
* @link http://www.hexillion.com/samples/#Regex Original pattern found here
* This function is an adaptation from the method PHPMailer::ValidateAddress(), PHPMailer module.
* @link http://phpmailer.worxware.com
* @param string $address The e-mail address to be checked.
* @return mixed Returns the e-mail if it is valid, FALSE otherwise.
*/
function api_valid_email($address) {
// disable for now because the results are incoherent - YW 20110926
if (function_exists('filter_var')) { // Introduced in PHP 5.2.
return filter_var($address, FILTER_VALIDATE_EMAIL);
} else {
return preg_match('/^(?:[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+\.)*[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+@(?:(?:(?:[a-zA-Z0-9_](?:[a-zA-Z0-9_\-](?!\.)){0,61}[a-zA-Z0-9_-]?\.)+[a-zA-Z0-9_](?:[a-zA-Z0-9_\-](?!$)){0,61}[a-zA-Z0-9_]?)|(?:\[(?:(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\.){3}(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\]))$/', $address) ? $address : false;
}
}
/* PROTECTION FUNCTIONS
Use these functions to protect your scripts. */
/**
* Function used to protect a course script.
* The function blocks access when
* - there is no $_SESSION["_course"] defined; or
* - $is_allowed_in_course is set to false (this depends on the course
* visibility and user status).
*
* This is only the first proposal, test and improve!
* @param boolean Option to print headers when displaying error message. Default: false
* @param boolean Whether session admins should be allowed or not.
* @return boolean True if the user has access to the current course or is out of a course context, false otherwise
* @todo replace global variable
* @author Roan Embrechts
*/
function api_protect_course_script($print_headers = false, $allow_session_admins = false, $allow_drh = false)
{
return true;
}
/**
* Function used to protect an admin script.
* The function blocks access when the user has no platform admin rights.
* This is only the first proposal, test and improve!
*
* @author Roan Embrechts
*/
function api_protect_admin_script($allow_sessions_admins = false) {
if (!api_is_platform_admin($allow_sessions_admins)) {
api_not_allowed(true);
return false;
}
return true;
}
/**
* Function used to prevent anonymous users from accessing a script.
*
* @author Roan Embrechts
*/
function api_block_anonymous_users($print_headers = true)
{
$_user = Session::read('_user');
if (!(isset($_user['user_id']) && $_user['user_id']) || api_is_anonymous($_user['user_id'])) {
api_not_allowed($print_headers);
return false;
}
return true;
}
/* ACCESSOR FUNCTIONS
Don't access kernel variables directly, use these functions instead. */
/**
* @return an array with the navigator name and version
*/
function api_get_navigator() {
$navigator = 'Unknown';
$version = 0;
if (isset($_SERVER['HTTP_USER_AGENT'])) {
if (strpos($_SERVER['HTTP_USER_AGENT'], 'Opera') !== false) {
$navigator = 'Opera';
list (, $version) = explode('Opera', $_SERVER['HTTP_USER_AGENT']);
} elseif (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false) {
$navigator = 'Internet Explorer';
list (, $version) = explode('MSIE', $_SERVER['HTTP_USER_AGENT']);
} elseif (strpos($_SERVER['HTTP_USER_AGENT'], 'Chrome') !== false) {
$navigator = 'Chrome';
list (, $version) = explode('Chrome', $_SERVER['HTTP_USER_AGENT']);
} elseif (strpos($_SERVER['HTTP_USER_AGENT'], 'Gecko') !== false) {
$navigator = 'Mozilla';
list (, $version) = explode('; rv:', $_SERVER['HTTP_USER_AGENT']);
} elseif (strpos($_SERVER['HTTP_USER_AGENT'], 'Netscape') !== false) {
$navigator = 'Netscape';
list (, $version) = explode('Netscape', $_SERVER['HTTP_USER_AGENT']);
} elseif (strpos($_SERVER['HTTP_USER_AGENT'], 'Konqueror') !== false) {
$navigator = 'Konqueror';
list (, $version) = explode('Konqueror', $_SERVER['HTTP_USER_AGENT']);
} elseif (stripos($_SERVER['HTTP_USER_AGENT'], 'applewebkit') !== false) {
$navigator = 'AppleWebKit';
list (, $version) = explode('Version/', $_SERVER['HTTP_USER_AGENT']);
} elseif (stripos($_SERVER['HTTP_USER_AGENT'], 'safari') !== false) {
$navigator = 'Safari';
list (, $version) = explode('Version/', $_SERVER['HTTP_USER_AGENT']);
}
}
$version = str_replace('/', '', $version);
if (strpos($version, '.') === false) {
$version = number_format(doubleval($version), 1);
}
$return_array = array('name' => $navigator, 'version' => $version);
return $return_array;
}
/**
* @return True if user selfregistration is allowed, false otherwise.
*/
function api_is_self_registration_allowed() {
return isset($GLOBALS['allowSelfReg']) ? $GLOBALS['allowSelfReg'] : false;
}
/**
* This function returns the id of the user which is stored in the $_user array.
*
* example: The function can be used to check if a user is logged in
* if (api_get_user_id())
* @return integer the id of the current user, 0 if is empty
*/
function api_get_user_id() {
$userInfo = Session::read('_user');
if ($userInfo && isset($userInfo['user_id'])) {
return $userInfo['user_id'];
}
return 0;
//return isset($GLOBALS['_user']['user_id']) ? 0 : intval($GLOBALS['_user']['user_id']);
}
/**
* Gets the list of courses a specific user is subscribed to
* @param int User ID
* @param boolean Whether to get session courses or not - NOT YET IMPLEMENTED
* @return array Array of courses in the form [0]=>('code'=>xxx,'db'=>xxx,'dir'=>xxx,'status'=>d)
* @deprecated use the UserManager or CourseManager class
*/
function api_get_user_courses($userid, $fetch_session = true) {
if ($userid != strval(intval($userid))) { return array(); } //get out if not integer
$t_course = Database::get_main_table(TABLE_MAIN_COURSE);
$t_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$sql_select_courses = "SELECT cc.code code, cc.db_name db, cc.directory dir, cu.status status
FROM $t_course cc, $t_course_user cu
WHERE cc.id = cu.c_id
AND cu.user_id = '".$userid."' AND cu.relation_type<>".COURSE_RELATION_TYPE_RRHH." ";
$result = Database::query($sql_select_courses);
if ($result === false) { return array(); }
while ($row = Database::fetch_array($result)) {
// we only need the database name of the course
$courses[] = $row;
}
return $courses;
}
function api_format_user_from_obj($user)
{
$user = (array) $user;
//$user = api_format_user($user);
//Session::write($user);
}
/**
* Formats user information into a standard array
* This function should be only used inside api_get_user_info()
*
* @param array User array
* @param bool add password key in array
*
* @return array user info
*/
function api_format_user($user, $add_password = false) {
$result = array();
// If user is anonymous we don't have anything to provide
if (isset($user['is_anonymous']) && $user['is_anonymous']) {
return $user;
}
$firstname = $lastname = null;
if (isset($user['firstname']) && isset($user['lastname'])) {
$firstname = $user['firstname'];
$lastname = $user['lastname'];
} elseif (isset($user['firstName']) && isset($user['lastName'])) {
$firstname = $user['firstName'];
$lastname = $user['lastName'];
}
$result['phone']= $user['phone'];
$result['complete_name'] = api_get_person_name($firstname, $lastname);
$result['complete_name_with_username'] = $result['complete_name'];
if (!empty($user['username'])) {
$result['complete_name_with_username'] = $result['complete_name'].' ('.$user['username'].')';
}
$result['complete_name_login_as'] = $result['complete_name'];
$result['profile_url'] = api_get_path(WEB_PUBLIC_PATH).'user/'.$user['username'];
if (!empty($user['username'])) {
//$result['complete_name_login_as'] = $result['complete_name'].' ('.sprintf(get_lang('LoginX'), $user['username']).')';
$result['complete_name_login_as'] = $result['complete_name'].' ('.$user['username'].')';
}
$result['firstname'] = $firstname;
$result['lastname'] = $lastname;
// Kept for historical reasons
$result['firstName'] = $firstname;
$result['lastName'] = $lastname;
if (isset($user['email'])) {
$result['mail'] = $user['email'];
$result['email'] = $user['email'];
} else {
$result['mail'] = $user['mail'];
$result['email'] = $user['mail'];
}
$user_id = intval($user['user_id']);
$result['picture_uri'] = $user['picture_uri'];
$result['user_id'] = $user_id;
$result['official_code'] = $user['official_code'];
$result['status'] = $user['status'];
$result['auth_source'] = $user['auth_source'];
$result['active'] = $user['active'];
$result['expiration_date'] = $user['expiration_date'];
$result['registration_date'] = $user['registration_date'];
$result['creator_id'] = $user['creator_id'];
if (isset($user['username'])) {
$result['username'] = $user['username'];
}
$result['theme'] = $user['theme'];
$result['language'] = $user['language'];
if (!empty($result['user_id'])) {
if (!isset($user['lastLogin']) && !isset($user['last_login'])) {
$timestamp = Tracking::get_last_connection_date($result['user_id'], false, true);
// Convert the timestamp back into a datetime
// NOTE: this timestamp has ALREADY been converted to the local timezone in the get_last_connection_date function
$last_login = date('Y-m-d H:i:s', $timestamp);
} else {
if (isset($user['lastLogin'])) {
$last_login = $user['lastLogin'];
} else {
$last_login = $user['last_login'];
}
}
} else {
$last_login = api_get_utc_datetime();
}
$result['last_login'] = $last_login;
// Kept for historical reasons
$result['lastLogin'] = $last_login;
//Getting user avatar
$picture_filename = trim($user['picture_uri']);
$avatar = api_get_path(WEB_IMG_PATH).'unknown.jpg';
$avatar_small = api_get_path(WEB_IMG_PATH).'unknown_22.jpg';
$avatar_sys_path = api_get_path(SYS_IMG_PATH).'unknown.jpg';
$dir = 'upload/users/'.$user_id.'/';
if (!empty($picture_filename)) {
if (api_get_setting('split_users_upload_directory') === 'true') {
$dir = 'upload/users/'.substr((string)$user_id, 0, 1).'/'.$user_id.'/';
}
}
$image_sys_path = api_get_path(SYS_CODE_PATH).$dir.$picture_filename;
if (file_exists($image_sys_path) && !is_dir($image_sys_path)) {
$avatar = api_get_path(WEB_CODE_PATH).$dir.$picture_filename;
$avatar_small = api_get_path(WEB_CODE_PATH).$dir.'small_'.$picture_filename;
$avatar_sys_path = api_get_path(SYS_CODE_PATH).$dir.$picture_filename;
}
$result['avatar'] = $avatar;
$result['avatar_sys_path'] = $avatar_sys_path;
$result['avatar_small'] = $avatar_small;
if (isset($user['user_is_online'])) {
$result['user_is_online'] = $user['user_is_online'] == true ? 1 : 0;
}
if (isset($user['user_is_online_in_chat'])) {
$result['user_is_online_in_chat'] = intval($user['user_is_online_in_chat']);
}
if ($add_password) {
$result['password'] = $user['password'];
}
$result['extra_fields'] = isset($user['extra_fields']) ? $user['extra_fields'] : array();
return $result;
}
/**
* Finds all the information about a user. If no paramater is passed you find all the information about the current user.
* @param $user_id (integer): the id of the user
* @return $user_info (array): user_id, lastname, firstname, username, email, ...
* @author Patrick Cool <patrick.cool@UGent.be>
* @version 21 September 2004
*/
function api_get_user_info($user_id = '', $check_if_user_is_online = false, $show_password = false, $add_extra_values = false) {
if (empty($user_id)) {
$_user = Session::read('_user');
return api_format_user($_user);
}
$sql = "SELECT * FROM ".Database :: get_main_table(TABLE_MAIN_USER)." WHERE user_id = '".Database::escape_string($user_id)."'";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
$result_array = Database::fetch_array($result);
if ($check_if_user_is_online) {
$use_status_in_platform = Online::user_is_online($user_id);
$result_array['user_is_online'] = $use_status_in_platform;
$user_online_in_chat = 0;
if ($use_status_in_platform) {
$user_status = UserManager::get_extra_user_data_by_field($user_id, 'user_chat_status', false, true);
if (intval($user_status['user_chat_status']) == 1) {
$user_online_in_chat = 1;
}
}
$result_array['user_is_online_in_chat'] = $user_online_in_chat;
}
$user = api_format_user($result_array, $show_password);
if ($add_extra_values) {
$extra_field_values = new ExtraField('user');
$user['extra_fields'] = $extra_field_values->get_handler_extra_data($user_id);
}
return $user;
}
return false;
}
/**
* Finds all the information about a user from username instead of user id
* @param string $username the username
* @return array $user_info user_id, lastname, firstname, username, email, ...
* @author Yannick Warnier <yannick.warnier@beeznest.com>
*/
function api_get_user_info_from_username($username = '') {
if (empty($username)) { return false; }
$sql = "SELECT * FROM ".Database :: get_main_table(TABLE_MAIN_USER)." WHERE username='".Database::escape_string($username)."'";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
$result_array = Database::fetch_array($result);
return api_format_user($result_array);
}
return false;
}
/**
* @TODO This function should be the real id (integer)
* Returns the current course code (string)
*/
function api_get_course_id() {
return Session::read('_cid');
}
/**
* Returns the current course id (integer)
*/
function api_get_real_course_id() {
return Session::read('_real_cid', 0);
}
/**
* Returns the current course id (integer)
*/
function api_get_course_int_id() {
return Session::read('_real_cid', 0);
}
/**
* Returns the current course directory
*
* This function relies on api_get_course_info()
* @param string The course code - optional (takes it from session if not given)
* @return string The directory where the course is located inside the Chamilo "courses" directory
* @author Yannick Warnier <yannick.warnier@beeznest.com>
*/
function api_get_course_path($course_code = null) {
$info = !empty($course_code) ? api_get_course_info($course_code) : api_get_course_info();
return $info['path'];
}
/**
* Gets a course setting from the current course_setting table. Try always using integer values.
* @param string The name of the setting we want from the table
* @param string Optional: course code
* @return mixed The value of that setting in that table. Return -1 if not found.
*/
function api_get_course_setting($setting_name, $course_code = null) {
$course_info = api_get_course_info($course_code);
if (isset($course_info['settings']) && isset($course_info['settings'][$setting_name])) {
return $course_info['settings'][$setting_name]['value'];
} else {
$table = Database::get_course_table(TABLE_COURSE_SETTING);
$setting_name = Database::escape_string($setting_name);
if (!empty($course_info['real_id']) && !empty($setting_name)) {
$sql = "SELECT value FROM $table WHERE c_id = {$course_info['real_id']} AND variable = '$setting_name'";
$res = Database::query($sql);
if (Database::num_rows($res) > 0) {
$row = Database::fetch_array($res);
return $row['value'];
}
}
}
return -1;
}
/**
* Gets an anonymous user ID
*
* For some tools that need tracking, like the learnpath tool, it is necessary
* to have a usable user-id to enable some kind of tracking, even if not
* perfect. An anonymous ID is taken from the users table by looking for a
* status of "6" (anonymous).
* @return int User ID of the anonymous user, or O if no anonymous user found
*/
function api_get_anonymous_id() {
$table = Database::get_main_table(TABLE_MAIN_USER);
$sql = "SELECT user_id FROM $table WHERE status = 6";
$res = Database::query($sql);
if (Database::num_rows($res) > 0) {
$row = Database::fetch_array($res);
return $row['user_id'];
}
// No anonymous user was found.
return 0;
}
/**
* Returns the cidreq parameter name + current course id taken from
* api_get_course_id() and returns a string like 'cidReq=ABC&id_session=123
* @return string Course & session references to add to a URL
*
* @see Uri.course_params
*/
function api_get_cidreq($add_session_id = true, $add_group_id = true) {
$courseCode = api_get_course_id();
$courseId = api_get_course_int_id();
$url = empty($courseCode) || $courseCode == -1 ? '' : 'cidReq='.htmlspecialchars($courseCode).'&courseId='.$courseId;
if ($add_session_id) {
if (!empty($url)) {
$url .= api_get_session_id() == 0 ? '&id_session=0' : '&id_session='.api_get_session_id();
}
}
if ($add_group_id) {
if (!empty($url)) {
$url .= api_get_group_id() == 0 ? '&gidReq=0' : '&gidReq='.api_get_group_id();
}
}
return $url;
}
/**
* Returns the current course info array.
* Note: this array is only defined if the user is inside a course.
* Array elements:
* ['name']
* ['official_code']
* ['sysCode']
* ['path']
* ['dbName']
* ['dbNameGlu']
* ['titular']
* ['language']
* ['extLink']['url' ]
* ['extLink']['name']
* ['categoryCode']
* ['categoryName']
*
* Now if the course_code is given, the returned array gives info about that
* particular course, not specially the current one.
* @todo Same behaviour as api_get_user_info so that api_get_course_id becomes absolete too.
*/
function api_get_course_info($course_code = null, $add_extra_values = false, $addCourseSettings = false)
{
if (!empty($course_code)) {
$course_code = Database::escape_string($course_code);
$course_table = Database::get_main_table(TABLE_MAIN_COURSE);
$course_cat_table = Database::get_main_table(TABLE_MAIN_CATEGORY);
$sql = "SELECT course.*, course_category.code faCode, course_category.name faName
FROM $course_table
LEFT JOIN $course_cat_table
ON course.category_code = course_category.code
WHERE course.code = '$course_code'";
$result = Database::query($sql);
$_course = array();
if (Database::num_rows($result) > 0) {
$course_data = Database::fetch_array($result);
if ($add_extra_values) {
$extra_field_values = new ExtraField('course');
$course_data['extra_fields'] = $extra_field_values->get_handler_extra_data($course_code);
}
if ($addCourseSettings) {
$course_data['settings'] = CourseManager::getCourseSettings($course_data['id']);
}
$course_data['teacher_list'] = CourseManager::get_teacher_list_from_course_code($course_data['id']);
$course_data['teacher_list_formatted'] = CourseManager::formatUserListToString($course_data['teacher_list'], null, true);
$_course = api_format_course_array($course_data);
}
return $_course;
}
$_course = Session::read('_course');
if ($_course == '-1') {
$_course = array();
}
return $_course;
}
/**
* Returns the current course info array.
* Now if the course_code is given, the returned array gives info about that
* particular course, not specially the current one.
*/
function api_get_course_info_by_id($id = null, $add_extra_values = false) {
if (!empty($id)) {
$id = intval($id);
$course_table = Database::get_main_table(TABLE_MAIN_COURSE);
$course_cat_table = Database::get_main_table(TABLE_MAIN_CATEGORY);
$sql = "SELECT course.*, course_category.code faCode, course_category.name faName
FROM $course_table
LEFT JOIN $course_cat_table
ON course.category_code = course_category.code
WHERE course.id = $id";
$result = Database::query($sql);
$_course = array();
if (Database::num_rows($result) > 0) {
$course_data = Database::fetch_array($result);
if ($add_extra_values) {
$extra_field_values = new ExtraField('course');
$course_data['extra_fields'] = $extra_field_values->get_handler_extra_data($course_data['code']);
}
$_course = api_format_course_array($course_data);
}
return $_course;
}
$_course = Session::read('_course');
if ($_course == '-1') $_course = array();
return $_course;
}
/**
* Sets the course array
* @param array $course_data course info
* @return array
*/
function api_format_course_array($course_data) {
if (empty($course_data)) {
return array();
}
$_course = array();
$_course['id' ] = $course_data['code'];
$_course['real_id' ] = $course_data['id'];
// Added
$_course['code' ] = $course_data['code' ];
$_course['name' ] = $course_data['title' ];
$_course['title' ] = $course_data['title' ];
$_course['official_code'] = $course_data['visual_code' ]; // Use in echo statements.
$_course['visual_code'] = $course_data['visual_code' ];
$_course['sysCode' ] = $course_data['code' ]; // Use as key in db.
$_course['path' ] = $course_data['directory' ]; // Use as key in path.
$_course['directory' ] = $course_data['directory' ];
//@todo should be deprecated
//$_course['dbName' ] = $course_data['db_name' ]; // Use as key in db list.
//$_course['db_name' ] = $course_data['db_name' ];
//$_course['dbNameGlu' ] = $_configuration['table_prefix'] . $course_data['db_name'] . $_configuration['db_glue']; // Use in all queries.
$_course['titular' ] = $course_data['tutor_name' ];
$_course['language' ] = $course_data['course_language'];
$_course['extLink' ]['url' ] = $course_data['department_url' ];
$_course['extLink' ]['name'] = $course_data['department_name'];
$_course['categoryCode' ] = $course_data['faCode' ];
$_course['categoryName' ] = $course_data['faName' ];
$_course['visibility' ] = $course_data['visibility' ];
$_course['subscribe_allowed'] = $course_data['subscribe' ];
$_course['subscribe'] = $course_data['subscribe'];
$_course['unsubscribe'] = $course_data['unsubscribe' ];
$_course['course_language'] = $course_data['course_language'];
$_course['activate_legal'] = isset($course_data['activate_legal']) ? $course_data['activate_legal'] : false;;
$_course['legal'] = $course_data['legal' ];
$_course['show_score'] = $course_data['show_score']; //used in the work tool
$_course['department_name'] = $course_data['department_name'];
$_course['department_url'] = $course_data['department_url' ];
//Course password
$_course['registration_code'] = !empty($course_data['registration_code']) ? sha1($course_data['registration_code']) : null;
$_course['disk_quota'] = $course_data['disk_quota'];
$_course['course_public_url'] = api_get_path(WEB_COURSE_PATH).$course_data['directory'].'/index.php';
$_course['course_web_public_url'] = api_get_path(WEB_PUBLIC_PATH).'courses/'.$course_data['directory'].'/';
$_course['course_sys_data'] = api_get_path(SYS_DATA_PATH).'courses/'.$course_data['directory'].'/';
$_course['user_status_in_course'] = CourseManager::get_user_in_course_status(api_get_user_id(), $_course['code']);
if (file_exists(api_get_path(SYS_COURSE_PATH).$course_data['directory'].'/course-pic85x85.png')) {
$url_image = api_get_path(WEB_COURSE_PATH).$course_data['directory'].'/course-pic85x85.png';
} else {
$url_image = api_get_path(WEB_IMG_PATH).'without_picture.png';
}
$_course['course_image'] = $url_image;
$_course['extra_fields'] = isset($course_data['extra_fields']) ? $course_data['extra_fields'] : array();
$_course['settings'] = isset($course_data['settings']) ? $course_data['settings'] : array();
$_course['teacher_list'] = isset($course_data['teacher_list']) ? $course_data['teacher_list'] : array();
$_course['teacher_list_formatted'] = isset($course_data['teacher_list_formatted']) ? $course_data['teacher_list_formatted'] : array();
return $_course;
}
/* STRING MANAGEMENT */
/**
* Add a parameter to the existing URL. If this parameter already exists,
* just replace it with the new value
* @param string The URL
* @param string param=value string
* @param boolean Whether to filter XSS or not
* @return string The URL with the added parameter
*/
function api_add_url_param($url, $param, $filter_xss = true) {
if (empty($param)) {
return $url;
}
if (strpos($url, '?') !== false) {
if ($param[0] != '&') {
$param = '&'.$param;
}
list (, $query_string) = explode('?', $url);
$param_list1 = explode('&', $param);
$param_list2 = explode('&', $query_string);
$param_list1_keys = $param_list1_vals = array();
foreach ($param_list1 as $key => $enreg) {
list ($param_list1_keys[$key], $param_list1_vals[$key]) = explode('=', $enreg);
}
$param_list1 = array ('keys' => $param_list1_keys, 'vals' => $param_list1_vals);
foreach ($param_list2 as $enreg) {
$enreg = explode('=', $enreg);
$key = array_search($enreg[0], $param_list1['keys']);
if (!is_null($key) && !is_bool($key)) {
$url = str_replace($enreg[0].'='.$enreg[1], $enreg[0].'='.$param_list1['vals'][$key], $url);
$param = str_replace('&'.$enreg[0].'='.$param_list1['vals'][$key], '', $param);
}
}
$url .= $param;
} else {
$url = $url.'?'.$param;
}
if ($filter_xss === true) {
$url = Security::remove_XSS(urldecode($url));
}
return $url;
}
/**
* Returns a difficult to guess password.
* @param int $length, the length of the password
* @return string the generated password
*/
function api_generate_password($length = 8) {
$characters = 'abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789';
if ($length < 2) {
$length = 2;
}
$password = '';
for ($i = 0; $i < $length; $i ++) {
$password .= $characters[rand() % strlen($characters)];
}
return $password;
}
/**
* Checks a password to see wether it is OK to use.
* @param string $password
* @return true if the password is acceptable, false otherwise
* Notes about what a password "OK to use" is:
* 1. The password should be at least 5 characters long.
* 2. Only English letters (uppercase or lowercase, it doesn't matter) and digits are allowed.
* 3. The password should contain at least 3 letters.
* 4. It should contain at least 2 digits.
* 5. It should not contain 3 or more consequent (according to ASCII table) characters.
*/
function api_check_password($password) {
global $app;
$constraints = User::getPasswordConstraints();
$errors = $app['validator']->validateValue($password, $constraints);
return count($errors) > 0 ? false : true;
}
/**
* Clears the user ID from the session if it was the anonymous user. Generally
* used on out-of-tools pages to remove a user ID that could otherwise be used
* in the wrong context.
* This function is to be used in conjunction with the api_set_anonymous()
* function to simulate the user existence in case of an anonymous visit.
* @param bool database check switch - passed to api_is_anonymous()
* @return bool true if succesfully unregistered, false if not anonymous.
*/
function api_clear_anonymous($db_check = false) {
$_user = Session::read('_user');
if (api_is_anonymous($_user['user_id'], $db_check)) {
unset($_user['user_id']);
Session::erase('_uid');
Session::erase('_user');
return true;
}
return false;
}
/**
* Returns the status string corresponding to the status code
* @author Noel Dieschburg
* @param the int status code
*/
function api_get_status_from_code($status_code) {
switch ($status_code) {
case STUDENT:
return get_lang('Student', '');
case TEACHER:
return get_lang('Teacher', '');
case COURSEMANAGER:
return get_lang('Manager', '');
case SESSIONADMIN:
return get_lang('SessionsAdmin', '');
case DRH:
return get_lang('Drh', '');
// "New" roles
case PLATFORM_ADMIN:
return get_lang('Admin');
case SESSION_COURSE_COACH:
return get_lang('SessionCourseCoach');
case SESSION_GENERAL_COACH:
return get_lang('SessionGeneralCoach');
case COURSE_STUDENT:
return get_lang('StudentInCourse');
case SESSION_STUDENT:
return get_lang('StudentInSessionCourse');
case COURSE_TUTOR:
return get_lang('CourseTutor');
}
}
/* FAILURE MANAGEMENT */
/**
* The Failure Management module is here to compensate
* the absence of an 'exception' device in PHP 4.
*/
/**
* $api_failureList - array containing all the failure recorded in order of arrival.
*/
$api_failureList = array();
/**
* Fills a global array called $api_failureList
* This array collects all the failure occuring during the script runs
* The main purpose is allowing to manage the display messages externaly
* from the functions or objects. This strengthens encupsalation principle
*
* @author Hugues Peeters <peeters@ipm.ucl.ac.be>
* @param string $failure_type - the type of failure
* global: array $api_failureList
* @return bolean false to stay consistent with the main script
*/
function api_set_failure($failure_type) {
global $api_failureList;
$api_failureList[] = $failure_type;
return false;
}
/**
* Sets the current user as anonymous if it hasn't been identified yet. This
* function should be used inside a tool only. The function api_clear_anonymous()
* acts in the opposite direction by clearing the anonymous user's data every
* time we get on a course homepage or on a neutral page (index, admin, my space)
* @return bool true if set user as anonymous, false if user was already logged in or anonymous id could not be found
*/
function api_set_anonymous() {
$_user = Session::read('_user');
if (!empty($_user['user_id'])) {
return false;
}
$user_id = api_get_anonymous_id();
if ($user_id == 0) {
return false;
}
Session::erase('_user');
$_user['user_id'] = $user_id;
$_user['is_anonymous'] = true;
Session::write('_user', $_user);
return true;
}
/**
* Gets the last failure stored in $api_failureList;
*
* @author Hugues Peeters <hugues.peeters@claroline.net>
* @param void
* @return string - the last failure stored
*/
function api_get_last_failure() {
global $api_failureList;
return $api_failureList[count($api_failureList) - 1];
}
/**
* Collects and manages failures occuring during script execution
* The main purpose is allowing to manage the display messages externaly
* from functions or objects. This strengthens encupsalation principle
*
* @author Hugues Peeters <hugues.peeters@claroline.net>
* @todo move this code
* @deprecated discourage the use of this class
* @package chamilo.library
*/
class api_failure {
// TODO: $api_failureList to be hidden from global scope and to be renamed according to our coding conventions.
/**
* IMPLEMENTATION NOTE : For now the $api_failureList list is set to the
* global scope, as PHP 4 is unable to manage static variable in class. But
* this feature is awaited in PHP 5. The class is already written to minize
* the change when static class variable will be possible. And the API won't
* change.
*/
public $api_failureList = array();
/**
* Piles the last failure in the failure list
*
* @author Hugues Peeters <peeters@ipm.ucl.ac.be>
* @param string $failure_type - the type of failure
* @global array $api_failureList
* @return bolean false to stay consistent with the main script
*/
static function set_failure($failure_type) {
global $api_failureList;
$api_failureList[] = $failure_type;
return false;
}
/**
* Gets the last failure stored
*
* @author Hugues Peeters <hugues.peeters@claroline.net>
* @param void
* @return string - the last failure stored
*/
static function get_last_failure() {
global $api_failureList;
if (count($api_failureList) == 0) { return ''; }
return $api_failureList[count($api_failureList) - 1];
}
}
/* CONFIGURATION SETTINGS */
/**
* Gets the current Chamilo (not PHP/cookie) session ID
* @return int O if no active session, the session ID otherwise
*/
function api_get_session_id() {
return empty($_SESSION['id_session']) ? 0 : intval($_SESSION['id_session']);
}
/**
* Gets the current Chamilo (not social network) group ID
* @return int O if no active session, the session ID otherwise
*/
function api_get_group_id() {
return empty($_SESSION['_gid']) ? 0 : intval($_SESSION['_gid']);
}
/**
* Gets the current or given session name
* @param int Session ID (optional)
* @return string The session name, or null if unfound
*/
function api_get_session_name($session_id) {
if (empty($session_id)) {
$session_id = api_get_session_id();
if (empty($session_id)) { return null; }
}
$t = Database::get_main_table(TABLE_MAIN_SESSION);
$s = "SELECT name FROM $t WHERE id = ".(int)$session_id;
$r = Database::query($s);
$c = Database::num_rows($r);
if ($c > 0) {
//technically, there can be only one, but anyway we take the first
$rec = Database::fetch_array($r);
return $rec['name'];
}
return null;
}
/**
* Gets the session info by id
* @param int Session ID
* @return array information of the session
*/
function api_get_session_info($session_id, $add_extra_values = false) {
$data = array();
if (!empty($session_id)) {
$session_id = intval($session_id);
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$sql = "SELECT * FROM $tbl_session WHERE id = $session_id";
$result = Database::query($sql);
if (Database::num_rows($result)>0) {
$data = Database::fetch_array($result, 'ASSOC');
if ($add_extra_values) {
$extra_field_values = new ExtraField('session');
$data['extra_fields'] = $extra_field_values->get_handler_extra_data($session_id);
}
}
}
return $data;
}
/**
* @param array $session_info
* @param string $course_code
* @param bool $ignore_visibility_for_admins
* @param bool $check_coach_dates
* @return bool
*/
function api_get_session_date_validation($session_info, $course_code, $ignore_visibility_for_admins = true, $check_coach_dates = true)
{
if (api_is_platform_admin()) {
if ($ignore_visibility_for_admins) {
return true;
}
}
$session_id = $session_info['id'];
$now = time();
$access = false;
if ($session_info) {
// I don't care the field visibility because there are not limit dates.
if (
(empty($session_info['access_start_date']) && empty($session_info['access_end_date'])) ||
($session_info['access_start_date'] == '0000-00-00 00:00:00' && $session_info['access_end_date'] == '0000-00-00 00:00:00')) {
return true;
} else {
$accessStart = true;
// If access_start_date is set
if (!empty($session_info['access_start_date']) && $session_info['access_start_date'] != '0000-00-00 00:00:00') {
if ($now > api_strtotime($session_info['access_start_date'], 'UTC')) {
$access = true;
} else {
$access = false;
$accessStart = false;
}
}
if ($accessStart == true) {
//if access_end_date is set
if (!empty($session_info['access_end_date']) && $session_info['access_end_date'] != '0000-00-00 00:00:00') {
//only if access_end_date said that it was ok
if ($now <= api_strtotime($session_info['access_end_date'], 'UTC')) {
//date still available
$access = true;
} else {
//session ends
$access = false;
}
}
}
}
if ($check_coach_dates) {
//2. If I'm a coach
$is_coach = api_is_coach($session_id, $course_code);
if ($is_coach) {
if (isset($session_info['access_end_date']) && !empty($session_info['access_end_date']) && $session_info['access_end_date'] != '0000-00-00 00:00:00' &&
isset($session_info['coach_access_end_date']) && !empty($session_info['coach_access_end_date']) && $session_info['coach_access_end_date'] != '0000-00-00 00:00:00') {
$end_date_extra_for_coach = api_strtotime($session_info['coach_access_end_date'], 'UTC');
if ($now <= $end_date_extra_for_coach) {
$access = true;
} else {
$access = false;
}
}
//Test start date
if (isset($session_info['access_start_date']) && !empty($session_info['access_start_date']) && $session_info['access_start_date'] != '0000-00-00 00:00:00' &&
isset($session_info['coach_start_date']) && !empty($session_info['coach_start_date']) && $session_info['coach_start_date'] != '0000-00-00 00:00:00') {
$start_date_for_coach = api_strtotime($session_info['coach_start_date'], 'UTC');
if ($now > $start_date_for_coach) {
$access = true;
} else {
$access = false;
}
}
}
}
return $access;
}
}
/**
* Gets the session visibility by session id
* @param int session id
* @return int 0 = session still available, SESSION_VISIBLE_READ_ONLY = 1, SESSION_VISIBLE = 2, SESSION_INVISIBLE = 3
*/
function api_get_session_visibility($session_id, $course_code = null, $ignore_visibility_for_admins = true)
{
if (api_is_platform_admin()) {
if ($ignore_visibility_for_admins) {
return SESSION_AVAILABLE;
}
}
$session_info = api_get_session_info($session_id);
$visibility = SESSION_AVAILABLE;
if (!empty($session_info)) {
$visibility = $session_info['visibility'];
// 1. Checking session date validation
$date_validation = api_get_session_date_validation($session_info, $course_code, $ignore_visibility_for_admins);
if ($date_validation) {
return SessionManager::DEFAULT_VISIBILITY; //visible
} else {
/*
$is_coach = api_is_coach($session_id, $course_code);
if (!$is_coach) {
//Student - check the moved_to variable
$user_status = SessionManager::get_user_status_in_session($session_id, api_get_user_id());
if (isset($user_status['moved_to']) && $user_status['moved_to'] != 0) {
return $visibility;
}
}*/
return $visibility;
}
}
return $visibility;
}
/**
* This function returns a (star) session icon if the session is not null and
* the user is not a student
* @param int Session id
* @param int User status id - if 5 (student), will return empty
* @return string Session icon
*/
function api_get_session_image($session_id, $status_id) {
$session_id = (int)$session_id;
$session_img = '';
if ((int)$status_id != STUDENT) { //check whether is not a student
if ($session_id > 0) {
$session_img = "&nbsp;&nbsp;".Display::return_icon('star.png', get_lang('SessionSpecificResource'), array('align' => 'absmiddle'), ICON_SIZE_SMALL);
}
}
return $session_img;
}
/**
* This function add an additional condition according to the session of the course
* @param int session id
* @param bool optional, true if more than one condition false if the only condition in the query
* @param bool optional, true to accept content with session=0 as well, false for strict session condition
* @return string condition of the session
*/
function api_get_session_condition($session_id, $and = true, $with_base_content = false, $session_field = "session_id") {
$session_id = intval($session_id);
if (empty($session_field)) {
$session_field = "session_id";
}
//condition to show resources by session
$condition_session = '';
$condition_add = $and ? " AND " : " WHERE ";
if ($with_base_content) {
$condition_session = $condition_add." ( $session_field = $session_id OR $session_field = 0) ";
} else {
$condition_session = $condition_add." $session_field = $session_id ";
}
return $condition_session;
}
/**
* Returns the value of a setting from the web-adjustable admin config settings.
*
* WARNING true/false are stored as string, so when comparing you need to check e.g.
* if (api_get_setting('show_navigation_menu') == 'true') //CORRECT
* instead of
* if (api_get_setting('show_navigation_menu') == true) //INCORRECT
* @param string The variable name
* @param string The subkey (sub-variable) if any. Defaults to NULL
* @author René Haentjens
* @author Bart Mollet
*/
function api_get_setting($variable, $key = null) {
$_setting = Session::read('_setting');
if ($variable == 'header_extra_content') {
$filename = api_get_path(SYS_PATH).api_get_home_path().'header_extra_content.txt';
if (file_exists($filename)) {
$value = file_get_contents($filename);
return $value ;
} else {
return '';
}
}
if ($variable == 'footer_extra_content') {
$filename = api_get_path(SYS_PATH).api_get_home_path().'footer_extra_content.txt';
if (file_exists($filename)) {
$value = file_get_contents($filename);
return $value ;
} else {
return '';
}
}
$value = null;
if (is_null($key)) {
$value = ((isset($_setting[$variable]) && $_setting[$variable] != '') ? $_setting[$variable] : null);
} else {
if (isset($_setting[$variable][$key])) {
$value = $_setting[$variable][$key];
}
}
return $value;
}
/**
* Returns the value of a setting from the web-adjustable admin config settings.
**/
function api_get_settings_params($params) {
$table = Database::get_main_table(TABLE_MAIN_SETTINGS_CURRENT);
$result = Database::select('*', $table, array('where' => $params));
return $result;
}
function api_get_settings_params_simple($params) {
$table = Database::get_main_table(TABLE_MAIN_SETTINGS_CURRENT);
$result = Database::select('*', $table, array('where' => $params), 'one');
return $result;
}
/**
* Returns the value of a setting from the web-adjustable admin config settings.
**/
function api_delete_settings_params($params) {
$table = Database::get_main_table(TABLE_MAIN_SETTINGS_CURRENT);
$result = Database::delete($table, $params);
return $result;
}
/**
* Returns an escaped version of $_SERVER['PHP_SELF'] to avoid XSS injection
* @return string Escaped version of $_SERVER['PHP_SELF']
*/
function api_get_self() {
if (isset($_SERVER['REQUEST_URI'])) {
$urlInfo = parse_url($_SERVER['REQUEST_URI']);
return $urlInfo['path'];
}
return null;
//return $_SERVER['REQUEST_URI'];
//return htmlentities($_SERVER['PHP_SELF']);
}
/* USER PERMISSIONS */
/**
* Checks whether current user is a platform administrator
* @param boolean Whether session admins should be considered admins or not
* @return boolean True if the user has platform admin rights,
* false otherwise.
* @see usermanager::is_admin(user_id) for a user-id specific function
*/
function api_is_platform_admin($allow_sessions_admins = false)
{
$security = Session::getSecurity();
if ($security) {
$token = $security->getToken();
if (!empty($token)) {
if ($security->isGranted('ROLE_ADMIN')) {
return true;
}
if ($allow_sessions_admins) {
if ($security->isGranted('ROLE_SESSION_MANAGER')) {
return true;
}
}
}
}
return false;
}
/**
* @return bool
*/
function api_is_question_manager()
{
$security = Session::getSecurity();
$token = $security->getToken();
if (!empty($token)) {
if ($security->isGranted('ROLE_QUESTION_MANAGER')) {
return true;
}
}
return false;
}
/**
* Checks whether the current user is a session administrator
* @return boolean True if current user is a course administrator
*/
function api_is_session_admin()
{
$security = Session::getSecurity();
$token = $security->getToken();
if (!empty($token)) {
if ($security->isGranted('ROLE_SESSION_MANAGER')) {
return true;
}
}
return false;
}
/**
* Checks whether the current user is a human resources manager
* @return boolean True if current user is a human resources manager
*/
function api_is_drh() {
$security = Session::getSecurity();
$token = $security->getToken();
if (!empty($token)) {
if ($security->isGranted('ROLE_RRHH')) {
return true;
}
}
return false;
}
/**
* Checks whether the current user is a student
* @return boolean True if current user is a human resources manager
*/
function api_is_student() {
$security = Session::getSecurity();
$token = $security->getToken();
if (!empty($token)) {
if ($security->isGranted('ROLE_STUDENT')) {
return true;
}
}
return false;
}
/**
* Checks whether the current user is a teacher
* @return boolean True if current user is a human resources manager
*/
function api_is_teacher() {
$security = Session::getSecurity();
$token = $security->getToken();
if (!empty($token)) {
if ($security->isGranted('ROLE_TEACHER')) {
return true;
}
}
return false;
}
/**
* Checks whether the user given as user id is in the admin table.
* @param int User ID. If none provided, will use current user
* @param int URL ID. If provided, also check if the user is active on given URL
* @result bool True if the user is admin, false otherwise
*/
function api_is_platform_admin_by_id($user_id = null, $url = null) {
$user_id = intval($user_id);
if (empty($user_id)) {
$user_id = api_get_user_id();
}
$admin_table = Database::get_main_table(TABLE_MAIN_ADMIN);
$sql = "SELECT * FROM $admin_table WHERE user_id = $user_id";
$res = Database::query($sql);
$is_admin = Database::num_rows($res) === 1;
if (!$is_admin or !isset($url)) {
return $is_admin;
}
// We get here only if $url is set
$url = intval($url);
$url_user_table = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$sql = "SELCT * FROM $url_user_table WHERE access_url_id = $url AND user_id = $user_id";
$res = Database::query($sql);
$is_on_url = Database::num_rows($res) === 1;
return $is_on_url;
}
/**
* Returns the user's numeric status ID from the users table
* @param int User ID. If none provided, will use current user
* @result int User's status (1 for teacher, 5 for student, etc)
*/
function api_get_user_status($user_id = null) {
$user_id = intval($user_id);
if (empty($user_id)) {
$user_id = api_get_user_id();
}
$table = Database::get_main_table(TABLE_MAIN_USER);
$sql = "SELECT status FROM $table WHERE user_id = $user_id ";
$result = Database::query($sql);
$status = null;
if (Database::num_rows($result)) {
$row = Database::fetch_array($result);
$status = $row['status'];
}
return $status;
}
/**
* Checks whether current user is allowed to create courses
* @return boolean True if the user has course creation rights,
* false otherwise.
*/
function api_is_allowed_to_create_course() {
if (api_is_platform_admin()) {
return true;
}
return isset($_SESSION['is_allowedCreateCourse']) ? $_SESSION['is_allowedCreateCourse'] : false;
}
/**
* Checks whether the current user is a course administrator
* @return boolean True if current user is a course administrator
*/
function api_is_course_admin() {
if (api_is_platform_admin()) {
return true;
}
return isset($_SESSION['is_courseAdmin']) ? $_SESSION['is_courseAdmin'] : false;
}
/**
* Checks whether the current user is a course coach
* @return bool True if current user is a course coach
*/
function api_is_course_coach() {
if (api_is_platform_admin()) {
return true;
}
return isset($_SESSION['is_courseCoach']) ? $_SESSION['is_courseCoach'] : null;
}
/**
* Checks whether the current user is a course tutor
* @return bool True if current user is a course tutor
*/
function api_is_course_tutor() {
return isset($_SESSION['is_courseTutor']) ? $_SESSION['is_courseTutor'] : null;
}
/**
* @param bool $user_id
* @return array|bool
*/
function api_get_user_platform_status($user_id = false) {
$status = array();
$user_id = intval($user_id);
if (empty($user_id)) {
$user_id = api_get_user_id();
}
if (empty($user_id)) {
return false;
}
$group_id = api_get_group_id();
$course_id = api_get_course_int_id();
$course_code= api_get_course_id();
$session_id = api_get_session_id();
//Group (in course)
if ($group_id && $course_id) {
$group_status = array();
$is_subscribed = GroupManager::is_subscribed($user_id, $group_id);
if ($is_subscribed) {
$group_status = array('id'=> $group_id , 'status' => 'student');
$is_tutor = GroupManager::is_tutor_of_group($user_id, $group_id);
if ($is_tutor) {
$group_status['status'] = 'tutor';
} else {
$group_status['status'] = 'student';
}
}
$status['group'] = $group_status;
}
//Session
if ($session_id && $course_id) {
$session_status = array();
$session_status = array('id' => $session_id, 'course_id' => $course_id);
$session_user_status = SessionManager::get_user_status_in_course_session($user_id, $course_id, $session_id);
switch ($session_user_status) {
case 0:
$session_status['status'] = 'student';
break;
case 2:
$session_status['status'] = 'coach';
break;
}
$is_general_coach = SessionManager::user_is_general_coach($user_id, $session_id);
if ($is_general_coach) {
$session_status['status'] = 'general_coach';
}
$status['session'] = $session_status;
} elseif($course_id) {
//Course
$course_status = array();
if ($course_id) {
$user_course_status = CourseManager::get_user_in_course_status($user_id, $course_code);
if ($user_course_status) {
$course_status = array('id'=> $course_id);
switch($user_course_status) {
case COURSEMANAGER;
$course_status['status'] = 'teacher';
break;
case STUDENT;
$course_status['status'] = 'student';
//check if tutor
$tutor_course_status = CourseManager::get_tutor_in_course_status($user_id, $course_id);
if ($tutor_course_status) {
$course_status['status'] = 'tutor';
}
break;
}
}
}
$status['course'] = $course_status;
}
return $status;
}
/**
* @param int $user_id
* @param int $courseId
* @param int $session_id
* @return bool
*/
function api_is_course_session_coach($user_id, $courseId, $session_id)
{
$session_table = Database::get_main_table(TABLE_MAIN_SESSION);
$session_rel_course_rel_user_table = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
$user_id = intval($user_id);
$session_id = intval($session_id);
$courseId = Database::escape_string($courseId);
$sql = "SELECT DISTINCT session.id
FROM $session_table session INNER JOIN $session_rel_course_rel_user_table session_rc_ru
ON session.id = session_rc_ru.id_session
WHERE session_rc_ru.id_user = '".$user_id."' AND
session_rc_ru.c_id = '$courseId' AND
session_rc_ru.status = 2 AND
session_rc_ru.id_session = '$session_id'";
$result = Database::query($sql);
return Database::num_rows($result) > 0;
}
/**
* Checks whether the current user is a course or session coach
* @param int - optional, session id
* @param string - optional, course code
* @todo this function is called many times and hits in the DB
* @return boolean True if current user is a course or session coach
*/
function api_is_coach($session_id = 0, $courseId = null) {
if (!empty($session_id)) {
$session_id = intval($session_id);
} else {
$session_id = api_get_session_id();
}
// The student preview was on
if (isset($_SESSION['studentview']) && $_SESSION['studentview'] == "studentview") {
return false;
}
if (!empty($courseId)) {
$courseId = Database::escape_string($courseId);
} else {
$courseId = api_get_course_int_id();
}
$user_id = api_get_user_id();
$session_table = Database::get_main_table(TABLE_MAIN_SESSION);
$session_rel_course_rel_user_table = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
$sessionIsCoach = null;
if (!empty($course_code)) {
$sql = "SELECT DISTINCT id
FROM $session_table INNER JOIN $session_rel_course_rel_user_table session_rc_ru
ON session.id = session_rc_ru.id_session
WHERE session_rc_ru.id_user = '".$user_id."' AND
session_rc_ru.c_id = '$courseId' AND
session_rc_ru.status = 2 AND
session_rc_ru.id_session = '$session_id'";
$result = Database::query($sql);
$sessionIsCoach = Database::store_result($result);
} else {
//Check if at least this user is a coach of one of the courses
$sql = "SELECT DISTINCT session.id
FROM $session_table session INNER JOIN $session_rel_course_rel_user_table session_rc_ru
ON session.id = session_rc_ru.id_session
WHERE session_rc_ru.id_user = '".$user_id."' AND
session_rc_ru.status = 2 AND
session_rc_ru.id_session = '$session_id'";
$result = Database::query($sql);
$sessionIsCoach = Database::store_result($result);
}
//Check if is main coach
if (!empty($session_id)) {
$sql = "SELECT DISTINCT id
FROM $session_table
WHERE session.id_coach = '".$user_id."' AND
id = '$session_id'";
$result = Database::query($sql);
if (!empty($sessionIsCoach)) {
$sessionIsCoach = array_merge($sessionIsCoach , Database::store_result($result));
} else {
$sessionIsCoach = Database::store_result($result);
}
}
$result = count($sessionIsCoach) > 0;
return $result;
}
/**
* This function checks whether a session is assigned into a category
* @param int - session id
* @param string - category name
* @return bool - true if is found, otherwise false
*/
function api_is_session_in_category($session_id, $category_name) {
$session_id = intval($session_id);
$category_name = Database::escape_string($category_name);
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$tbl_session_category = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY);
$sql = "SELECT 1 FROM $tbl_session
WHERE $session_id IN (
SELECT s.id FROM $tbl_session s, $tbl_session_category sc
WHERE s.session_category_id = sc.id AND sc.name LIKE '%$category_name' )";
$rs = Database::query($sql);
if (Database::num_rows($rs) > 0) {
return true;
} else {
return false;
}
}
/**
* Displays the title of a tool.
* Normal use: parameter is a string:
* api_display_tool_title("My Tool")
*
* Optionally, there can be a subtitle below
* the normal title, and / or a supra title above the normal title.
*
* e.g. supra title:
* group
* GROUP PROPERTIES
*
* e.g. subtitle:
* AGENDA
* calender & events tool
*
* @author Hugues Peeters <hugues.peeters@claroline.net>
* @param mixed $title_element - it could either be a string or an array
* containing 'supraTitle', 'mainTitle',
* 'subTitle'
* @return void
*/
function api_display_tool_title($title_element) {
if (is_string($title_element)) {
$tit = $title_element;
unset ($title_element);
$title_element['mainTitle'] = $tit;
}
echo '<h2>';
if (!empty($title_element['supraTitle'])) {
echo '<small>'.$title_element['supraTitle'].'</small><br />';
}
if (!empty($title_element['mainTitle'])) {
echo $title_element['mainTitle'];
}
if (!empty($title_element['subTitle'])) {
echo '<br /><small>'.$title_element['subTitle'].'</small>';
}
echo '</h2>';
}
/**
* Displays options for switching between student view and course manager view
*
* Changes in version 1.2 (Patrick Cool)
* Student view switch now behaves as a real switch. It maintains its current state until the state
* is changed explicitly
*
* Changes in version 1.1 (Patrick Cool)
* student view now works correctly in subfolders of the document tool
* student view works correctly in the new links tool
*
* Example code for using this in your tools:
* //if ($is_courseAdmin && api_get_setting('student_view_enabled') == 'true') {
* // display_tool_view_option($isStudentView);
* //}
* //and in later sections, use api_is_allowed_to_edit()
*
* @author Roan Embrechts
* @author Patrick Cool
* @author Julio Montoya, changes added in Chamilo
* @deprecated see main/template/default/layout/breadcrumb.tpl
* @version 1.2
* @todo rewrite code so it is easier to understand
*/
function api_display_tool_view_option() {
if (api_get_setting('student_view_enabled') != 'true') {
return '';
}
$sourceurl = '';
$is_framed = false;
// Exceptions apply for all multi-frames pages
// The chat is a multiframe bit that doesn't work too well with the student_view, so do not show the link
if (strpos($_SERVER['REQUEST_URI'], 'chat/chat_banner.php') !== false) {
$is_framed = true;
return '';
}
// Uncomment to remove student view link from document view page
if (strpos($_SERVER['REQUEST_URI'], 'newscorm/lp_header.php') !== false) {
if (empty($_GET['lp_id'])) {
return '';
}
$sourceurl = substr($_SERVER['REQUEST_URI'], 0, strpos($_SERVER['REQUEST_URI'], '?'));
$sourceurl = str_replace('newscorm/lp_header.php', 'newscorm/lp_controller.php?'.api_get_cidreq().'&action=view&lp_id='.intval($_GET['lp_id']).'&isStudentView='.($_SESSION['studentview']=='studentview' ? 'false' : 'true'), $sourceurl);
//showinframes doesn't handle student view anyway...
//return '';
$is_framed = true;
}
// Check whether the $_SERVER['REQUEST_URI'] contains already url parameters (thus a questionmark)
if (!$is_framed) {
if (strpos($_SERVER['REQUEST_URI'], '?') === false) {
$sourceurl = api_get_self().'?'.api_get_cidreq();
} else {
$sourceurl = $_SERVER['REQUEST_URI'];
//$sourceurl = str_replace('&', '&amp;', $sourceurl);
}
}
$defaultClass = 'btn btn-default btn-xs';
$output_string = '';
$studentView = Session::read('studentview');
if (!empty($studentView)) {
if ($studentView == 'studentview') {
// We have to remove the isStudentView=true from the $sourceurl
$sourceurl = str_replace('&isStudentView=true', '', $sourceurl);
$sourceurl = str_replace('&isStudentView=false', '', $sourceurl);
$output_string .= '<a class=" btn btn-success" href="'.$sourceurl.'&isStudentView=false" target="_self">'.get_lang('CourseManagerview').'</a>';
} elseif ($studentView == 'teacherview') {
// Switching to teacherview
$sourceurl = str_replace('&isStudentView=true', '', $sourceurl);
$sourceurl = str_replace('&isStudentView=false', '', $sourceurl);
$output_string .= '<a class="'.$defaultClass.'" href="'.$sourceurl.'&isStudentView=true" target="_self">'.get_lang('StudentView').'</a>';
}
} else {
$output_string .= '<a class="'.$defaultClass.'" href="'.$sourceurl.'&isStudentView=true" target="_self">'.get_lang('StudentView').'</a>';
}
return $output_string;
}
/**
* Displays the contents of an array in a messagebox.
* @param array $info_array An array with the messages to show
*/
function api_display_array($info_array) {
$message = '';
if(is_array($info_array)) {
foreach ($info_array as $element) {
$message .= $element.'<br />';
}
}
Display :: display_normal_message($message);
}
/**
* Displays debug info
* @param string $debug_info The message to display
* @author Roan Embrechts
* @version 1.1, March 2004
*/
function api_display_debug_info($debug_info) {
$message = '<i>Debug info</i><br />';
$message .= $debug_info;
Display :: display_normal_message($message);
}
// TODO: This is for the permission section.
/**
* Function that removes the need to directly use is_courseAdmin global in
* tool scripts. It returns true or false depending on the user's rights in
* this particular course.
* Optionally checking for tutor and coach roles here allows us to use the
* student_view feature altogether with these roles as well.
* @param bool Whether to check if the user has the tutor role
* @param bool Whether to check if the user has the coach role
* @param bool Whether to check if the user has the session coach role
* @param bool check the student view or not
*
* @author Roan Embrechts
* @author Patrick Cool
* @version 1.1, February 2004
* @return boolean, true: the user has the rights to edit, false: he does not
*/
function api_is_allowed_to_edit($tutor = false, $coach = false, $session_coach = false, $check_student_view = true) {
$my_session_id = api_get_session_id();
$is_allowed_coach_to_edit = api_is_coach();
$session_visibility = api_get_session_visibility($my_session_id);
// Admins can edit anything.
if (api_is_platform_admin(false)) {
$studentView = Session::read('studentview');
// The student preview was on.
if ($check_student_view && $studentView == "studentview") {
return false;
} else {
return true;
}
}
$is_courseAdmin = api_is_course_admin();
if (!$is_courseAdmin && $tutor) { // If we also want to check if the user is a tutor...
$is_courseAdmin = $is_courseAdmin || api_is_course_tutor();
}
if (!$is_courseAdmin && $coach) { // If we also want to check if the user is a coach...';
// Check if session visibility is read only for coaches.
if ($session_visibility == SESSION_VISIBLE_READ_ONLY) {
$is_allowed_coach_to_edit = false;
}
if (api_get_setting('allow_coach_to_edit_course_session') == 'true') { // Check if coach is allowed to edit a course.
$is_courseAdmin = $is_courseAdmin || $is_allowed_coach_to_edit;
} else {
$is_courseAdmin = $is_courseAdmin;
}
}
if (!$is_courseAdmin && $session_coach) {
$is_courseAdmin = $is_courseAdmin || api_is_coach();
}
// Check if the student_view is enabled, and if so, if it is activated.
if (api_get_setting('student_view_enabled') == 'true') {
$studentViewSession = Session::read('studentview');
if (!empty($my_session_id)) {
// Check if session visibility is read only for coachs
if ($session_visibility == SESSION_VISIBLE_READ_ONLY) {
$is_allowed_coach_to_edit = false;
}
if (api_get_setting('allow_coach_to_edit_course_session') == 'true') { // Check if coach is allowed to edit a course.
$is_allowed = $is_allowed_coach_to_edit;
} else {
$is_allowed = false;
}
if ($check_student_view) {
$is_allowed = $is_allowed && $studentViewSession != 'studentview';
}
} else {
if ($check_student_view) {
$is_allowed = $is_courseAdmin && $studentViewSession != 'studentview';
} else {
$is_allowed = $is_courseAdmin;
}
}
return $is_allowed;
} else {
return $is_courseAdmin;
}
}
/**
* Checks if a student can edit contents in a session depending
* on the session visibility
* @param bool Whether to check if the user has the tutor role
* @param bool Whether to check if the user has the coach role
* @return boolean, true: the user has the rights to edit, false: he does not
*/
function api_is_allowed_to_session_edit($tutor = false, $coach = false) {
if (api_is_allowed_to_edit($tutor, $coach)) {
// If I'm a teacher, I will return true in order to not affect the normal behaviour of Chamilo tools.
return true;
} else {
if (api_get_session_id() == 0) {
// I'm not in a session so i will return true to not affect the normal behaviour of Chamilo tools.
return true;
} else {
// I'm in a session and I'm a student
$session_id = api_get_session_id();
// Get the session visibility
$session_visibility = api_get_session_visibility($session_id); // if 5 the session is still available
switch ($session_visibility) {
case SESSION_VISIBLE_READ_ONLY: // 1
return false;
case SESSION_VISIBLE: // 2
return true;
case SESSION_INVISIBLE: // 3
return false;
case SESSION_AVAILABLE: //4
return true;
}
}
}
}
/**
* Checks whether the user is allowed in a specific tool for a specific action
* @param $tool the tool we are checking if the user has a certain permission
* @param $action the action we are checking (add, edit, delete, move, visibility)
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
* @version 1.0
*/
function api_is_allowed($tool, $action, $task_id = 0) {
$_course = api_get_course_info();
$_user = api_get_user_info();
if (api_is_course_admin()) {
return true;
}
//if (!$_SESSION['total_permissions'][$_course['code']] and $_course)
if (is_array($_course) and count($_course) > 0) {
require_once api_get_path(SYS_CODE_PATH).'permissions/permissions_functions.inc.php';
// Getting the permissions of this user.
if ($task_id == 0) {
$user_permissions = get_permissions('user', $_user['user_id']);
$_SESSION['total_permissions'][$_course['code']] = $user_permissions;
}
// Getting the permissions of the task.
if ($task_id != 0) {
$task_permissions = get_permissions('task', $task_id);
/* !!! */$_SESSION['total_permissions'][$_course['code']] = $task_permissions;
}
//print_r($_SESSION['total_permissions']);
// Getting the permissions of the groups of the user
//$groups_of_user = GroupManager::get_group_ids($_course['db_name'], $_user['user_id']);
//foreach($groups_of_user as $group)
// $this_group_permissions = get_permissions('group', $group);
// Getting the permissions of the courseroles of the user
$user_courserole_permissions = get_roles_permissions('user', $_user['user_id']);
// Getting the permissions of the platformroles of the user
//$user_platformrole_permissions = get_roles_permissions('user', $_user['user_id'], ', platform');
// Getting the permissions of the roles of the groups of the user
//foreach($groups_of_user as $group)
// $this_group_courserole_permissions = get_roles_permissions('group', $group);
// Getting the permissions of the platformroles of the groups of the user
//foreach($groups_of_user as $group)
// $this_group_platformrole_permissions = get_roles_permissions('group', $group, 'platform');
}
// If the permissions are limited, we have to map the extended ones to the limited ones.
if (api_get_setting('permissions') == 'limited') {
if ($action == 'Visibility') {
$action = 'Edit';
}
if ($action == 'Move') {
$action = 'Edit';
}
}
// The session that contains all the permissions already exists for this course
// so there is no need to requery everything.
//my_print_r($_SESSION['total_permissions'][$_course['code']][$tool]);
if (is_array($_SESSION['total_permissions'][$_course['code']][$tool])) {
if (in_array($action, $_SESSION['total_permissions'][$_course['code']][$tool])) {
return true;
} else {
return false;
}
}
}
/**
* Tells whether this user is an anonymous user
* @param int User ID (optional, will take session ID if not provided)
* @param bool Whether to check in the database (true) or simply in the session (false) to see if the current user is the anonymous user
* @return bool true if this user is anonymous, false otherwise
*/
function api_is_anonymous($user_id = null, $db_check = false) {
if (!isset($user_id)) {
$user_id = api_get_user_id();
}
if ($db_check) {
$info = api_get_user_info($user_id);
if ($info['status'] == 6 || $user_id == 0 || empty($info)) {
return true;
}
}
$_user = Session::read('_user');
if (!isset($_user) || (isset($_user['user_id']) && $_user['user_id'] == 0)) {
// In some cases, api_set_anonymous doesn't seem to be triggered in local.inc.php. Make sure it is.
// Occurs in agenda for admin links - YW
/*global $use_anonymous;
if (isset($use_anonymous) && $use_anonymous) {*/
api_set_anonymous();
//}
return true;
}
return isset($_user['is_anonymous']) && $_user['is_anonymous'] === true;
}
/**
* @param bool $printHeaders
* @param string $message
*/
function api_not_allowed($printHeaders = false, $message = null)
{
throw new Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
}
/* WHAT'S NEW
functions for the what's new icons
in the user course list */
/**
* Gets a UNIX timestamp from a database (MySQL) datetime format string
* @param $last_post_datetime standard output date in a sql query
* @return unix timestamp
* @author Toon Van Hoecke <Toon.VanHoecke@UGent.be>
* @version October 2003
* @desc convert sql date to unix timestamp
*/
function api_convert_sql_date($last_post_datetime) {
if (empty($last_post_datetime)) {
return null;
}
list ($last_post_date, $last_post_time) = explode(' ', $last_post_datetime);
list ($year, $month, $day) = explode('-', $last_post_date);
list ($hour, $min, $sec) = explode(':', $last_post_time);
return mktime((int)$hour, (int)$min, (int)$sec, (int)$month, (int)$day, (int)$year);
}
/**
* Gets a database (MySQL) datetime format string from a UNIX timestamp
* @param int UNIX timestamp, as generated by the time() function. Will be generated if parameter not provided
* @return string MySQL datetime format, like '2009-01-30 12:23:34'
*/
function api_get_datetime($time = null) {
if (!isset($time)) { $time = time(); }
return date('Y-m-d H:i:s', $time);
}
/**
* Gets item visibility from the item_property table
*
* Getting the visibility is done by getting the last updated visibility entry,
* using the largest session ID found if session 0 and another was found (meaning
* the only one that is actually from the session, in case there are results from
* session 0 *AND* session n).
* @param array Course properties array (result of api_get_course_info())
* @param string Tool (learnpath, document, etc)
* @param int The item ID in the given tool
* @param int The session ID (optional)
* @return int -1 on error, 0 if invisible, 1 if visible
*/
function api_get_item_visibility($_course, $tool, $id, $session = 0, $user_id = null, $type = null, $group_id = null) {
if (!is_array($_course) || count($_course) == 0 || empty($tool) || empty($id)) { return -1; }
$tool = Database::escape_string($tool);
$id = Database::escape_string($id);
$session = (int) $session;
$TABLE_ITEMPROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY);
$course_id = $_course['real_id'];
$user_condition = null;
if (!empty($user_id)) {
$user_id = intval($user_id);
$user_condition = " AND to_user_id = $user_id ";
}
$type_condition = null;
if (!empty($type)) {
$type = Database::escape_string($type);
$type_condition = " AND lastedit_type = '$type' ";
}
$group_condition = null;
if (!empty($group_id)) {
$group_id = intval($group_id);
$group_condition = " AND to_group_id = '$group_id' ";
}
$sql = "SELECT visibility FROM $TABLE_ITEMPROPERTY
WHERE c_id = $course_id AND
tool = '$tool' AND
ref = $id AND
(id_session = $session OR id_session = 0 OR id_session IS NULL) $user_condition $type_condition $group_condition
ORDER BY id_session DESC, lastedit_date DESC LIMIT 1";
$res = Database::query($sql);
if ($res === false || Database::num_rows($res) == 0) { return -1; }
$row = Database::fetch_array($res);
return $row['visibility'];
}
/**
*
* Updates or adds item properties to the Item_propetry table
* Tool and lastedit_type are language independant strings (langvars->get_lang!)
*
* @param array|\Entity\Course $_course : array with course properties
* @param int $tool : tool id, linked to 'rubrique' of the course tool_list (Warning: language sensitive !!)
* @param int $item_id : id of the item itself, linked to key of every tool ('id', ...), "*" = all items of the tool
* @param string $lastedit_type add or update action (1) message to be translated (in trad4all) : e.g. DocumentAdded, DocumentUpdated;
* (2) "delete"; (3) "visible"; (4) "invisible";
* @param int $user_id : id of the editing/adding user
* @param int $to_group_id : id of the intended group ( 0 = for everybody), only relevant for $type (1)
* @param int $to_user_id : id of the intended user (always has priority over $to_group_id !), only relevant for $type (1)
* @param string $start_visible 0000-00-00 00:00:00 format
* @param string $end_visible 0000-00-00 00:00:00 format
* @param int $session_id
* @return boolean False if update fails.
*
* @author Toon Van Hoecke <Toon.VanHoecke@UGent.be>, Ghent University
* @version January 2005
*
* @desc update the item_properties table (if entry not exists, insert) of the course
*/
function api_item_property_update(
$_course,
$tool,
$item_id,
$lastedit_type,
$user_id,
$to_group_id = 0,
$to_user_id = 0,
$start_visible = 0,
$end_visible = 0,
$session_id = 0
) {
if (is_array($_course)) {
$course_id = $_course['real_id'];
} else {
if ($_course instanceof Course) {
$course_id = $_course->getId();
}
}
if (empty($course_id)) {
return false;
}
// Definition of variables.
$tool = Database::escape_string($tool);
$item_id = Database::escape_string($item_id);
$lastedit_type = Database::escape_string($lastedit_type);
$user_id = Database::escape_string($user_id);
$to_group_id = Database::escape_string($to_group_id);
$to_user_id = Database::escape_string($to_user_id);
$start_visible = $start_visible == 0 ? null : Database::escape_string($start_visible);
$end_visible = $end_visible == 0 ? null : Database::escape_string($end_visible);
$to_filter = '';
$time = api_get_utc_datetime();
if (!empty($session_id)) {
$session_id = intval($session_id);
} else {
$session_id = api_get_session_id();
}
// Definition of tables.
$TABLE_ITEMPROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY);
if ($to_user_id <= 0) {
$to_user_id = 0; // No to_user_id set
}
// Set filters for $to_user_id and $to_group_id, with priority for $to_user_id
$condition_session = '';
if (!empty($session_id)) {
$condition_session = " AND id_session = '$session_id' ";
}
$filter = " c_id = $course_id AND tool='$tool' AND ref='$item_id' $condition_session ";
if ($item_id == '*') {
$filter = " c_id = $course_id AND tool='$tool' AND visibility<>'2' $condition_session"; // For all (not deleted) items of the tool
}
// Check whether $to_user_id and $to_group_id are passed in the function call.
// If both are not passed (both are null) then it is a message for everybody and $to_group_id should be 0 !
if (is_null($to_user_id) && is_null($to_group_id)) {
$to_group_id = 0;
}
if (!is_null($to_user_id)) {
$to_filter = " AND to_user_id='$to_user_id' $condition_session"; // Set filter to intended user.
} else {
if (($to_group_id != 0) && $to_group_id == strval(intval($to_group_id))) {
$to_filter = " AND to_group_id='$to_group_id' $condition_session"; // Set filter to intended group.
}
}
// Update if possible
$set_type = '';
switch ($lastedit_type) {
case 'delete' : // delete = make item only visible for the platform admin.
$visibility = '2';
if (!empty($session_id)) {
// Check whether session id already exist into itemp_properties for updating visibility or add it.
$sql = "SELECT id_session FROM $TABLE_ITEMPROPERTY
WHERE c_id = $course_id AND tool = '$tool' AND ref='$item_id' AND id_session = '$session_id'";
$rs = Database::query($sql);
if (Database::num_rows($rs) > 0) {
$sql = "UPDATE $TABLE_ITEMPROPERTY
SET lastedit_type = '".str_replace('_', '', ucwords($tool))."Deleted',
lastedit_date = '$time',
lastedit_user_id = '$user_id',
visibility = '$visibility',
id_session = '$session_id' $set_type
WHERE $filter";
} else {
$sql = "INSERT INTO $TABLE_ITEMPROPERTY (c_id, tool, ref, insert_date, insert_user_id, lastedit_date, lastedit_type, lastedit_user_id, to_user_id, to_group_id, visibility, start_visible, end_visible, id_session)
VALUES ($course_id, '$tool','$item_id','$time', '$user_id', '$time', '$lastedit_type','$user_id', '$to_user_id', '$to_group_id', '$visibility', '$start_visible','$end_visible', '$session_id')";
}
} else {
$sql = "UPDATE $TABLE_ITEMPROPERTY SET lastedit_type='".str_replace('_', '', ucwords($tool))."Deleted', lastedit_date='$time', lastedit_user_id='$user_id', visibility='$visibility' $set_type
WHERE $filter";
}
break;
case 'visible' : // Change item to visible.
$visibility = '1';
if (!empty($session_id)) {
// Check whether session id already exist into itemp_properties for updating visibility or add it.
$sql = "SELECT id_session FROM $TABLE_ITEMPROPERTY WHERE c_id=$course_id AND tool = '$tool' AND ref='$item_id' AND id_session = '$session_id'";
$rs = Database::query($sql);
if (Database::num_rows($rs) > 0) {
$sql = "UPDATE $TABLE_ITEMPROPERTY
SET lastedit_type='".str_replace('_', '', ucwords($tool))."Visible', lastedit_date='$time', lastedit_user_id='$user_id', visibility='$visibility', id_session = '$session_id' $set_type
WHERE $filter";
} else {
$sql = "INSERT INTO $TABLE_ITEMPROPERTY (c_id, tool, ref, insert_date, insert_user_id, lastedit_date, lastedit_type, lastedit_user_id, to_user_id, to_group_id, visibility, start_visible, end_visible, id_session)
VALUES ($course_id, '$tool', '$item_id', '$time', '$user_id', '$time', '$lastedit_type', '$user_id', '$to_user_id', '$to_group_id', '$visibility', '$start_visible', '$end_visible', '$session_id')";
}
} else {
$sql = "UPDATE $TABLE_ITEMPROPERTY
SET lastedit_type='".str_replace('_', '', ucwords($tool))."Visible', lastedit_date='$time', lastedit_user_id='$user_id', visibility='$visibility' $set_type
WHERE $filter";
}
break;
case 'invisible' : // Change item to invisible.
$visibility = '0';
if (!empty($session_id)) {
// Check whether session id already exist into itemp_properties for updating visibility or add it
$sql = "SELECT id_session FROM $TABLE_ITEMPROPERTY WHERE c_id=$course_id AND tool = '$tool' AND ref='$item_id' AND id_session = '$session_id'";
$rs = Database::query($sql);
if (Database::num_rows($rs) > 0) {
$sql = "UPDATE $TABLE_ITEMPROPERTY
SET lastedit_type='".str_replace('_', '', ucwords($tool))."Invisible', lastedit_date='$time', lastedit_user_id='$user_id', visibility='$visibility', id_session = '$session_id' $set_type
WHERE $filter";
} else {
$sql = "INSERT INTO $TABLE_ITEMPROPERTY (c_id, tool, ref, insert_date, insert_user_id, lastedit_date, lastedit_type, lastedit_user_id, to_user_id, to_group_id, visibility, start_visible, end_visible, id_session)
VALUES ($course_id, '$tool', '$item_id', '$time', '$user_id', '$time', '$lastedit_type', '$user_id', '$to_user_id', '$to_group_id', '$visibility', '$start_visible', '$end_visible', '$session_id')";
}
} else {
$sql = "UPDATE $TABLE_ITEMPROPERTY
SET lastedit_type='".str_replace('_', '', ucwords($tool))."Invisible', lastedit_date='$time', lastedit_user_id='$user_id', visibility='$visibility' $set_type
WHERE $filter";
}
break;
default : // The item will be added or updated.
$set_type = ", lastedit_type='$lastedit_type' ";
$visibility = '1';
$filter .= $to_filter;
$sql = "UPDATE $TABLE_ITEMPROPERTY
SET lastedit_date = '$time', lastedit_user_id='$user_id' $set_type
WHERE $filter";
}
$result = Database::query($sql);
// Insert if no entries are found (can only happen in case of $lastedit_type switch is 'default').
if (Database::affected_rows($result) == 0) {
$sql = "INSERT INTO $TABLE_ITEMPROPERTY (c_id, tool,ref,insert_date,insert_user_id,lastedit_date,lastedit_type, lastedit_user_id, to_user_id, to_group_id, visibility, start_visible, end_visible, id_session)
VALUES ($course_id, '$tool', '$item_id', '$time', '$user_id', '$time', '$lastedit_type', '$user_id', '$to_user_id', '$to_group_id', '$visibility', '$start_visible', '$end_visible', '$session_id')";
$res = Database::query($sql);
if (!$res) {
return false;
}
}
return true;
}
/**
* Gets item property by tool
* @param string course code
* @param string tool name, linked to 'rubrique' of the course tool_list (Warning: language sensitive !!)
* @param int id of the item itself, linked to key of every tool ('id', ...), "*" = all items of the tool
*/
function api_get_item_property_by_tool($tool, $course_code, $session_id = null) {
$course_info = api_get_course_info($course_code);
$tool = Database::escape_string($tool);
// Definition of tables.
$item_property_table = Database::get_course_table(TABLE_ITEM_PROPERTY);
$session_id = intval($session_id);
$session_condition = ' AND id_session = '.$session_id;
$course_id = $course_info['real_id'];
$sql = "SELECT * FROM $item_property_table WHERE c_id = $course_id AND tool = '$tool' $session_condition ";
$rs = Database::query($sql);
$list = array();
if (Database::num_rows($rs) > 0) {
while ($row = Database::fetch_array($rs, 'ASSOC')) {
$list[] = $row;
}
}
return $list;
}
/**
* Gets item property id from tool of a course
* @param string course code
* @param string tool name, linked to 'rubrique' of the course tool_list (Warning: language sensitive !!)
* @param int id of the item itself, linked to key of every tool ('id', ...), "*" = all items of the tool
*/
function api_get_item_property_id($course_code, $tool, $ref) {
$course_info = api_get_course_info($course_code);
$tool = Database::escape_string($tool);
$ref = intval($ref);
// Definition of tables.
$TABLE_ITEMPROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY);
$course_id = $course_info['real_id'];
$sql = "SELECT id FROM $TABLE_ITEMPROPERTY WHERE c_id = $course_id AND tool = '$tool' AND ref = '$ref'";
$rs = Database::query($sql);
$item_property_id = null;
if (Database::num_rows($rs) > 0) {
$row = Database::fetch_array($rs);
$item_property_id = $row['id'];
}
return $item_property_id;
}
/**
* Inserts a record in the track_e_item_property table (No update)
*/
function api_track_item_property_update($tool, $ref, $title, $content, $progress) {
$tbl_stats_item_property = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ITEM_PROPERTY);
$course_id = api_get_real_course_id(); //numeric
$course_code = api_get_course_id(); //alphanumeric
$item_property_id = api_get_item_property_id($course_code, $tool, $ref);
if (!empty($item_property_id)) {
$sql = "INSERT IGNORE INTO $tbl_stats_item_property SET
course_id = '$course_id',
item_property_id = '$item_property_id',
title = '".Database::escape_string($title)."',
content = '".Database::escape_string($content)."',
progress = '".intval($progress)."',
lastedit_date = '".api_get_utc_datetime()."',
lastedit_user_id = '".api_get_user_id()."',
session_id = '".api_get_session_id()."'";
$result = Database::query($sql);
$affected_rows = Database::affected_rows($result);
return $affected_rows;
}
return false;
}
function api_get_track_item_property_history($tool, $ref) {
$tbl_stats_item_property = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ITEM_PROPERTY);
$course_id = api_get_real_course_id(); //numeric
$course_code = api_get_course_id(); //alphanumeric
$item_property_id = api_get_item_property_id($course_code, $tool, $ref);
$sql = "SELECT * FROM $tbl_stats_item_property WHERE item_property_id = $item_property_id AND course_id = $course_id ORDER BY lastedit_date DESC";
$result = Database::query($sql);
$result = Database::store_result($result,'ASSOC');
return $result;
}
/**
* Gets item property data from tool of a course id
* @param int course id
* @param string tool name, linked to 'rubrique' of the course tool_list (Warning: language sensitive !!)
* @param int id of the item itself, linked to key of every tool ('id', ...), "*" = all items of the tool
*/
function api_get_item_property_info($course_id, $tool, $ref, $session_id = 0) {
$course_info = api_get_course_info_by_id($course_id);
if (empty($course_info)) {
return false;
}
$tool = Database::escape_string($tool);
$ref = intval($ref);
$course_id = intval($course_id);
// Definition of tables.
$TABLE_ITEMPROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY);
$course_id = $course_info['real_id'];
$sql = "SELECT * FROM $TABLE_ITEMPROPERTY WHERE c_id = $course_id AND tool = '$tool' AND ref = $ref ";
if (!empty($session_id)) {
$session_id = intval($session_id);
$sql .= "AND id_session = $session_id ";
}
$rs = Database::query($sql);
$row = array();
if (Database::num_rows($rs) > 0) {
$row = Database::fetch_array($rs,'ASSOC');
}
return $row;
}
/* Language Dropdown */
/**
* Displays a combobox so the user can select his/her preferred language.
* @param string The desired name= value for the select
* @return string
*/
function api_get_languages_combo($name = 'language', $chozen=true) {
$ret = '';
// Retrieve a complete list of all the languages.
$language_list = api_get_languages();
if (count($language_list['name']) < 2) {
return $ret;
}
$default = api_get_user_language();
$languages = $language_list['name'];
$folder = $language_list['folder'];
$ret .= '<select name="'.$name.'" id="language_chosen" '.($chozen?'class="chzn-select"':'').' >';
foreach ($languages as $key => $value) {
if ($folder[$key] == $default) {
$selected = ' selected="selected"';
} else {
$selected = '';
}
$ret .= sprintf('<option value=%s" %s>%s</option>', $folder[$key], $selected, $value);
}
$ret .= '</select>';
return $ret;
}
/**
* Displays a form (drop down menu) so the user can select his/her preferred language.
* The form works with or without javascript
* @param boolean Hide form if only one language available (defaults to false = show the box anyway)
* @return void Display the box directly
*/
function api_display_language_form($hide_if_no_choice = false) {
// Retrieve a complete list of all the languages
$language_list = api_get_languages();
if (!empty($language_list) && count($language_list['name']) <= 1 && $hide_if_no_choice) {
return; // Don't show any form
}
$user_selected_language = api_get_language_selected_in_login();
$original_languages = $language_list['name'];
$folder = $language_list['folder']; // This line is probably no longer needed.
$html = '<script>
function jumpMenu(targ, selObj, restore){ // v3.0
eval(targ+".location=\'"+selObj.options[selObj.selectedIndex].value+"\'");
if (restore) selObj.selectedIndex=0;
}
</script>';
$html .= '<form id="lang_form" name="lang_form" method="post" action="'.api_get_self().'">';
$html .= '<select id="language_list" class="form-control" name="language_list" onchange="javascript: jumpMenu(\'parent\',this,0);">';
foreach ($original_languages as $key => $value) {
if ($folder[$key] == $user_selected_language) {
$option_end = ' selected="selected" >';
} else {
$option_end = '>';
}
$html .= '<option value="'.api_get_path(WEB_PUBLIC_PATH).'index?language='.$folder[$key].'"'.$option_end;
$html .= $value.'</option>';
}
$html .= '</select>';
$html .= '<noscript><input type="submit" name="user_select_language" value="'.get_lang('Ok').'" /></noscript>';
$html .= '</form>';
return $html;
}
/**
* Returns a list of all the languages that are made available by the admin.
* @return array An array with all languages. Structure of the array is
* array['name'] = An array with the name of every language
* array['folder'] = An array with the corresponding names of the language-folders in the filesystem
*/
function api_get_languages() {
$language_list = Session::read('_setting.api_get_languages');
if (isset($language_list) && !empty($language_list)) {
return $language_list;
}
$tbl_language = Database::get_main_table(TABLE_MAIN_LANGUAGE);
$sql = "SELECT * FROM $tbl_language WHERE available = '1' ORDER BY original_name ASC";
$result = Database::query($sql);
$language_list = array();
while ($row = Database::fetch_array($result)) {
$language_list['name'][] = $row['original_name'];
//$language_list['folder'][] = $row['dokeos_folder'];
$language_list['folder'][] = $row['original_name'];
}
Session::write('_setting.api_get_languages', $language_list);
return $language_list;
}
/**
* Returns the id (the database id) of a language
* @param string language name (the corresponding name of the language-folder in the filesystem)
* @return int id of the language
*/
function api_get_language_id($language) {
$tbl_language = Database::get_main_table(TABLE_MAIN_LANGUAGE);
if (empty($language)) {
return null;
}
$language = Database::escape_string($language);
$sql = "SELECT id FROM $tbl_language WHERE available='1' AND dokeos_folder = '$language' LIMIT 1";
$result = Database::query($sql);
$row = Database::fetch_array($result);
return $row['id'];
}
/**
* Gets language of the requested type for the current user. Types are :
* user_profil_lang : profile language of current user
* user_select_lang : language selected by user at login
* course_lang : language of the current course
* platform_lang : default platform language
* @param string lang_type
* @param return language of the requested type or false if the language is not available
**/
function api_get_language_from_type($lang_type)
{
$language = false;
switch ($lang_type) {
case 'platform_lang':
$platformLanguage = api_get_setting('platformLanguage');
if (!empty($platformLanguage)) {
$language = $platformLanguage;
}
break;
case 'user_profil_lang':
//$_user = api_get_user_info();
$_user = Session::read('_user');
if (isset($_user['language']) && !empty($_user['language']) ) {
$language = $_user['language'];
}
break;
case 'user_selected_lang':
$language = api_get_language_selected_in_login();
break;
case 'course_lang':
$_course = api_get_course_info();
if (isset($_course['language']) && !empty($_course['language'])) {
$language = $_course['language'];
}
break;
default :
$language = false;
break;
}
return $language;
}
function api_get_language_info($language_id) {
$tbl_admin_languages = Database :: get_main_table(TABLE_MAIN_LANGUAGE);
$sql = 'SELECT * FROM '.$tbl_admin_languages.' WHERE id = "'.intval($language_id).'"';
$rs = Database::query($sql);
$language_info = array();
if (Database::num_rows($rs)) {
$language_info = Database::fetch_array($rs,'ASSOC');
}
return $language_info;
}
/**
* Returns the name of the visual (CSS) theme to be applied on the current page.
* The returned name depends on the platform, course or user -wide settings.
* @return string The visual theme's name, it is the name of a folder inside .../chamilo/main/css/
*/
function api_get_visual_theme() {
static $visual_theme;
if (!isset($visual_theme)) {
// Platform's theme.
$platform_theme = api_get_setting('stylesheets');
$visual_theme = $platform_theme;
if (api_get_setting('user_selected_theme') == 'true') {
$user_info = api_get_user_info();
if (isset($user_info['theme'])) {
$user_theme = $user_info['theme'];
if (!empty($user_theme)) {
// User's theme.
$visual_theme = $user_theme;
}
}
}
$course_id = api_get_course_id();
if (!empty($course_id) && $course_id != -1) {
if (api_get_setting('allow_course_theme') == 'true') {
$course_theme = api_get_course_setting('course_theme');
if (!empty($course_theme) && $course_theme != -1) {
if (!empty($course_theme)) {
// Course's theme.
$visual_theme = $course_theme;
}
}
$allow_lp_theme = api_get_course_setting('allow_learning_path_theme');
if ($allow_lp_theme == 1) {
// These variables come from the file lp_controller.php.
global $lp_theme_css, $lp_theme_config;
// LP's theme.
if (!$lp_theme_config) {
if (!empty($lp_theme_css)) {
$visual_theme = $lp_theme_css;
}
}
}
}
}
if (empty($visual_theme)) {
$visual_theme = 'chamilo';
}
global $lp_theme_log;
if ($lp_theme_log) {
$visual_theme = $platform_theme;
}
}
return $visual_theme;
}
/**
* Returns a list of CSS themes currently available in the CSS folder
* @return array List of themes directories from the css folder
* Note: Directory names (names of themes) in the file system should contain ASCII-characters only.
*/
function api_get_themes() {
$cssdir = api_get_path(SYS_CSS_PATH);
$list_dir = array();
$list_name = array();
if (@is_dir($cssdir)) {
$themes = @scandir($cssdir);
if (is_array($themes)) {
if ($themes !== false) {
sort($themes);
foreach ($themes as & $theme) {
if (substr($theme, 0, 1) == '.') {
continue;
} else {
if (@is_dir($cssdir.$theme)) {
$list_dir[] = $theme;
$list_name[] = ucwords(str_replace('_', ' ', $theme));
}
}
}
}
}
}
return array($list_dir, $list_name);
}
/* WYSIWYG EDITOR
Functions for the WYSIWYG html editor.
Please, try to avoid using the following two functions. The preferable way to put
an editor's instance on a page is through using a FormValidator's class method. */
/**
* Displays the WYSIWYG editor for online editing of html
* @param string $name The name of the form-element
* @param string $content The default content of the html-editor
* @param int $height The height of the form element
* @param int $width The width of the form element
* @param string $attributes (optional) attributes for the form element
* @param array $editor_config (optional) Configuration options for the html-editor
*/
function api_disp_html_area($name, $content = '', $height = '', $width = '100%', $attributes = null, $editor_config = null) {
global $_configuration, $_course, $fck_attribute;
require_once api_get_path(LIBRARY_PATH).'formvalidator/Element/html_editor.php';
$editor = new HTML_QuickForm_html_editor($name, null, $attributes, $editor_config);
$editor->setValue($content);
// The global variable $fck_attribute has been deprecated. It stays here for supporting old external code.
if( $height != '') {
$fck_attribute['Height'] = $height;
}
if( $width != '') {
$fck_attribute['Width'] = $width;
}
echo $editor->toHtml();
}
/**
* Returns generated html for showing the WYSIWYG editor on the page
* @param string $name The name of the form-element
* @param string $content The default content of the html-editor
* @param int $height The height of the form element
* @param int $width The width of the form element
* @param string $attributes (optional) attributes for the form element
* @param array $editor_config (optional) Configuration options for the html-editor
*/
function api_return_html_area($name, $content = '', $height = '', $width = '100%', $attributes = null, $editor_config = null) {
global $_configuration, $_course, $fck_attribute;
require_once api_get_path(LIBRARY_PATH).'formvalidator/Element/html_editor.php';
$editor = new HTML_QuickForm_html_editor($name, null, $attributes, $editor_config);
$editor->setValue($content);
// The global variable $fck_attribute has been deprecated. It stays here for supporting old external code.
if ($height != '') {
$fck_attribute['Height'] = $height;
}
if ($width != '') {
$fck_attribute['Width'] = $width;
}
return $editor->toHtml();
}
/**
* Find the largest sort value in a given user_course_category
* This function is used when we are moving a course to a different category
* and also when a user subscribes to courses (the new course is added at the end of the main category
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
* @param int $user_course_category: the id of the user_course_category
* @return int the value of the highest sort of the user_course_category
*/
function api_max_sort_value($user_course_category, $user_id) {
$tbl_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$sql_max = "SELECT max(sort) as max_sort FROM $tbl_course_user
WHERE user_id='".intval($user_id)."' AND relation_type<>".COURSE_RELATION_TYPE_RRHH." AND user_course_cat='".Database::escape_string($user_course_category)."'";
$result_max = Database::query($sql_max);
if (Database::num_rows($result_max) == 1) {
$row_max = Database::fetch_array($result_max);
return $row_max['max_sort'];
}
return 0;
}
/**
* This function converts the string "true" or "false" to a boolean true or false.
* This function is in the first place written for the Chamilo Config Settings (also named AWACS)
* @param string "true" or "false"
* @return boolean true or false
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
*/
function api_string_2_boolean($string) {
if ($string == 'true') {
return true;
}
if ($string == 'false') {
return false;
}
return false;
}
/**
* Determines the number of plugins installed for a given location
*/
function api_number_of_plugins($location)
{
$_plugins = Session::read('_plugins');
return isset($_plugins[$location]) && is_array($_plugins[$location]) ? count($_plugins[$location]) : 0;
}
/**
* Including the necessary plugins.
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
* @deprecated use AppPlugin::get_all_plugin_contents_by_region function
*/
function api_plugin($location)
{
$_plugins = Session::read('_plugins');
if (isset($_plugins[$location]) && is_array($_plugins[$location])) {
foreach ($_plugins[$location] as $this_plugin) {
include api_get_path(SYS_PLUGIN_PATH)."$this_plugin/index.php";
}
}
return false;
}
/**
* Checks to see wether a certain plugin is installed.
* @return boolean true if the plugin is installed, false otherwise.
*/
function api_is_plugin_installed($plugin_list, $plugin_name) {
if (is_array($plugin_list)) {
foreach ($plugin_list as $plugin_location) {
if (array_search($plugin_name, $plugin_location) !== false) { return true; }
}
}
return false;
}
/**
* Transforms a number of seconds in hh:mm:ss format
* @author Julian Prud'homme
* @param integer the number of seconds
* @return string the formatted time
*/
function api_time_to_hms($seconds) {
// $seconds = -1 means that we have wrong data in the db.
if ($seconds == -1) {
return get_lang('Unknown').Display::return_icon('info2.gif', get_lang('WrongDatasForTimeSpentOnThePlatform'), array('align' => 'absmiddle', 'hspace' => '3px'));
}
// How many hours ?
$hours = floor($seconds / 3600);
// How many minutes ?
$min = floor(($seconds - ($hours * 3600)) / 60);
// How many seconds
$sec = floor($seconds - ($hours * 3600) - ($min * 60));
if ($sec < 10) {
$sec = "0$sec";
}
if ($min < 10) {
$min = "0$min";
}
return "$hours:$min:$sec";
}
/* FILE SYSTEM RELATED FUNCTIONS */
/**
* Returns the permissions to be assigned to every newly created directory by the web-server.
* The returnd value is based on the platform administrator's setting "Administration > Configuration settings > Security > Permissions for new directories".
* @return int Returns the permissions in the format "Owner-Group-Others, Read-Write-Execute", as an integer value.
*/
function api_get_permissions_for_new_directories() {
static $permissions;
if (!isset($permissions)) {
$permissions = trim(api_get_setting('permissions_for_new_directories'));
// The default value 0777 is according to that in the platform administration panel after fresh system installation.
$permissions = octdec(!empty($permissions) ? $permissions : '0777');
}
return $permissions;
}
/**
* Returns the permissions to be assigned to every newly created directory by the web-server.
* The returnd value is based on the platform administrator's setting "Administration > Configuration settings > Security > Permissions for new files".
* @return int Returns the permissions in the format "Owner-Group-Others, Read-Write-Execute", as an integer value.
*/
function api_get_permissions_for_new_files() {
static $permissions;
if (!isset($permissions)) {
$permissions = trim(api_get_setting('permissions_for_new_files'));
// The default value 0666 is according to that in the platform administration panel after fresh system installation.
$permissions = octdec(!empty($permissions) ? $permissions : '0666');
}
return $permissions;
}
/**
* Deletes a file, or a folder and its contents
*
* @author Aidan Lister <aidan@php.net>
* @version 1.0.3
* @param string $dirname Directory to delete
* @param bool Deletes only the content or not
* @return bool Returns TRUE on success, FALSE on failure
* @link http://aidanlister.com/2004/04/recursively-deleting-a-folder-in-php/
* @author Yannick Warnier, adaptation for the Chamilo LMS, April, 2008
* @author Ivan Tcholakov, a sanity check about Directory class creation has been added, September, 2009
*/
function api_rmdirr($dirname, $delete_only_content_in_folder = false) {
$res = true;
// A sanity check.
if (!file_exists($dirname)) {
return false;
}
$php_errormsg = '';
// Simple delete for a file.
if (is_file($dirname) || is_link($dirname)) {
$res = unlink($dirname);
if ($res === false) {
error_log(__FILE__.' line '.__LINE__.': '.((bool)ini_get('track_errors') ? $php_errormsg : 'Error not recorded because track_errors is off in your php.ini'), 0);
}
return $res;
}
// Loop through the folder.
$dir = dir($dirname);
// A sanity check.
$is_object_dir = is_object($dir);
if ($is_object_dir) {
while (false !== $entry = $dir->read()) {
// Skip pointers.
if ($entry == '.' || $entry == '..') {
continue;
}
// Recurse.
api_rmdirr("$dirname/$entry");
}
}
// Clean up.
if ($is_object_dir) {
$dir->close();
}
if ($delete_only_content_in_folder == false) {
$res = rmdir($dirname);
if ($res === false) {
error_log(__FILE__.' line '.__LINE__.': '.((bool)ini_get('track_errors') ? $php_errormsg : 'error not recorded because track_errors is off in your php.ini'), 0);
}
}
return $res;
}
// TODO: This function is to be simplified. File access modes to be implemented.
/**
* function adapted from a php.net comment
* copy recursively a folder
* @param the source folder
* @param the dest folder
* @param an array of excluded file_name (without extension)
* @param copied_files the returned array of copied files
*/
function api_copyr($source, $dest, $exclude = array(), $copied_files = array()) {
if (empty($dest)) { return false; }
// Simple copy for a file
if (is_file($source)) {
$path_info = pathinfo($source);
if (!in_array($path_info['filename'], $exclude)) {
copy($source, $dest);
}
return true;
} elseif (!is_dir($source)) {
//then source is not a dir nor a file, return
return false;
}
// Make destination directory.
if (!is_dir($dest)) {
mkdir($dest, api_get_permissions_for_new_directories());
}
// Loop through the folder.
$dir = dir($source);
while (false !== $entry = $dir->read()) {
// Skip pointers
if ($entry == '.' || $entry == '..') {
continue;
}
// Deep copy directories.
if ($dest !== "$source/$entry") {
$files = api_copyr("$source/$entry", "$dest/$entry", $exclude, $copied_files);
}
}
// Clean up.
$dir->close();
return true;
}
// TODO: Using DIRECTORY_SEPARATOR is not recommended, this is an obsolete approach. Documentation header to be added here.
function api_copy_folder_course_session($pathname, $base_path_document, $session_id, $course_info, $document, $source_course_id) {
$table = Database :: get_course_table(TABLE_DOCUMENT);
$session_id = intval($session_id);
$source_course_id = intval($source_course_id);
// Check whether directory already exists.
if (is_dir($pathname) || empty($pathname)) {
return true;
}
// Ensure that a file with the same name does not already exist.
if (is_file($pathname)) {
trigger_error('api_copy_folder_course_session(): File exists', E_USER_WARNING);
return false;
}
$course_id = $course_info['real_id'];
$folders = explode(DIRECTORY_SEPARATOR,str_replace($base_path_document.DIRECTORY_SEPARATOR,'',$pathname));
$new_pathname = $base_path_document;
$path = '';
foreach ($folders as $folder) {
$new_pathname .= DIRECTORY_SEPARATOR.$folder;
$path .= DIRECTORY_SEPARATOR.$folder;
if (!file_exists($new_pathname)) {
$path = Database::escape_string($path);
$sql = "SELECT * FROM $table WHERE c_id = $source_course_id AND path = '$path' AND filetype = 'folder' AND session_id = '$session_id'";
$rs1 = Database::query($sql);
$num_rows = Database::num_rows($rs1);
if ($num_rows == 0) {
mkdir($new_pathname, api_get_permissions_for_new_directories());
// Insert new folder with destination session_id.
$sql = "INSERT INTO ".$table." SET
c_id = $course_id,
path = '$path',
comment = '".Database::escape_string($document->comment)."',
title = '".Database::escape_string(basename($new_pathname))."' ,
filetype='folder',
size= '0',
session_id = '$session_id'";
Database::query($sql);
$document_id = Database::insert_id();
api_item_property_update($course_info,TOOL_DOCUMENT,$document_id,'FolderCreated',api_get_user_id(),0,0,null,null,$session_id);
}
}
} // en foreach
}
// TODO: chmodr() is a better name. Some corrections are needed. Documentation header to be added here.
function api_chmod_R($path, $filemode) {
if (!is_dir($path)) {
return chmod($path, $filemode);
}
$handler = opendir($path);
while ($file = readdir($handler)) {
if ($file != '.' && $file != '..') {
$fullpath = "$path/$file";
if (!is_dir($fullpath)) {
if (!chmod($fullpath, $filemode)) {
return false;
}
} else {
if (!api_chmod_R($fullpath, $filemode)) {
return false;
}
}
}
}
closedir($handler);
return chmod($path, $filemode);
}
// TODO: Where the following function has been copy/pased from? There is no information about author and license. Style, coding conventions...
/**
* Parse info file format. (e.g: file.info)
*
* Files should use an ini-like format to specify values.
* White-space generally doesn't matter, except inside values.
* e.g.
*
* @verbatim
* key = value
* key = "value"
* key = 'value'
* key = "multi-line
*
* value"
* key = 'multi-line
*
* value'
* key
* =
* 'value'
* @endverbatim
*
* Arrays are created using a GET-like syntax:
*
* @verbatim
* key[] = "numeric array"
* key[index] = "associative array"
* key[index][] = "nested numeric array"
* key[index][index] = "nested associative array"
* @endverbatim
*
* PHP constants are substituted in, but only when used as the entire value:
*
* Comments should start with a semi-colon at the beginning of a line.
*
* This function is NOT for placing arbitrary module-specific settings. Use
* variable_get() and variable_set() for that.
*
* Information stored in the module.info file:
* - name: The real name of the module for display purposes.
* - description: A brief description of the module.
* - dependencies: An array of shortnames of other modules this module depends on.
* - package: The name of the package of modules this module belongs to.
*
* Example of .info file:
* <code>
* @verbatim
* name = Forum
* description = Enables threaded discussions about general topics.
* dependencies[] = taxonomy
* dependencies[] = comment
* package = Core - optional
* version = VERSION
* @endverbatim
* </code>
* @param $filename
* The file we are parsing. Accepts file with relative or absolute path.
* @return
* The info array.
*/
function api_parse_info_file($filename) {
$info = array();
if (!file_exists($filename)) {
return $info;
}
$data = file_get_contents($filename);
if (preg_match_all('
@^\s* # Start at the beginning of a line, ignoring leading whitespace
((?:
[^=;\[\]]| # Key names cannot contain equal signs, semi-colons or square brackets,
\[[^\[\]]*\] # unless they are balanced and not nested
)+?)
\s*=\s* # Key/value pairs are separated by equal signs (ignoring white-space)
(?:
("(?:[^"]|(?<=\\\\)")*")| # Double-quoted string, which may contain slash-escaped quotes/slashes
(\'(?:[^\']|(?<=\\\\)\')*\')| # Single-quoted string, which may contain slash-escaped quotes/slashes
([^\r\n]*?) # Non-quoted string
)\s*$ # Stop at the next end of a line, ignoring trailing whitespace
@msx', $data, $matches, PREG_SET_ORDER)) {
$key = $value1 = $value2 = $value3 = '';
foreach ($matches as $match) {
// Fetch the key and value string.
$i = 0;
foreach (array('key', 'value1', 'value2', 'value3') as $var) {
$$var = isset($match[++$i]) ? $match[$i] : '';
}
$value = stripslashes(substr($value1, 1, -1)) . stripslashes(substr($value2, 1, -1)) . $value3;
// Parse array syntax.
$keys = preg_split('/\]?\[/', rtrim($key, ']'));
$last = array_pop($keys);
$parent = &$info;
// Create nested arrays.
foreach ($keys as $key) {
if ($key == '') {
$key = count($parent);
}
if (!isset($parent[$key]) || !is_array($parent[$key])) {
$parent[$key] = array();
}
$parent = &$parent[$key];
}
// Handle PHP constants.
if (defined($value)) {
$value = constant($value);
}
// Insert actual value.
if ($last == '') {
$last = count($parent);
}
$parent[$last] = $value;
}
}
return $info;
}
/**
* Gets Chamilo version from the configuration files
* @return string A string of type "1.8.4", or an empty string if the version could not be found
*/
function api_get_version() {
global $_configuration;
return (string)$_configuration['system_version'];
}
/**
* Gets the software name (the name/brand of the Chamilo-based customized system)
* @return string
*/
function api_get_software_name() {
return 'Chamilo';
/*global $_configuration;
if (isset($_configuration['software_name']) && !empty($_configuration['software_name'])) {
return $_configuration['software_name'];
} else {
return 'Chamilo';
}*/
}
/**
* Checks whether status given in parameter exists in the platform
* @param mixed the status (can be either int either string)
* @return true if the status exists, else returns false
*/
function api_status_exists($status_asked) {
global $_status_list;
return in_array($status_asked, $_status_list) ? true : isset($_status_list[$status_asked]);
}
/**
* Checks whether status given in parameter exists in the platform. The function
* returns the status ID or false if it does not exist, but given the fact there
* is no "0" status, the return value can be checked against
* if(api_status_key()) to know if it exists.
* @param mixed The status (can be either int or string)
* @return mixed Status ID if exists, false otherwise
*/
function api_status_key($status) {
global $_status_list;
return isset($_status_list[$status]) ? $status : array_search($status, $_status_list);
}
/**
* Gets the status translated list
* @return array the list of status with their translations
*/
function api_get_status_langvars()
{
return array(
COURSEMANAGER => get_lang('Teacher', ''),
SESSIONADMIN => get_lang('SessionsAdmin', ''),
DRH => get_lang('Drh', ''),
STUDENT => get_lang('Student', ''),
ANONYMOUS => get_lang('Anonymous', ''),
QUESTION_MANAGER => get_lang('SessionManager')
);
}
/**
* The function that retrieves all the possible settings for a certain config setting
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
*/
function api_get_settings_options($var) {
$table_settings_options = Database :: get_main_table(TABLE_MAIN_SETTINGS_OPTIONS);
$var = Database::escape_string($var);
$sql = "SELECT * FROM $table_settings_options WHERE variable = '$var' ORDER BY id";
$result = Database::query($sql);
$settings_options_array = array();
while ($row = Database::fetch_array($result, 'ASSOC')) {
//$temp_array = array ('value' => $row['value'], 'display_text' => $row['display_text']);
$settings_options_array[] = $row;
}
return $settings_options_array;
}
function api_set_setting_option($params) {
$table = Database::get_main_table(TABLE_MAIN_SETTINGS_OPTIONS);
if (empty($params['id'])) {
Database::insert($table, $params);
} else {
Database::update($table, $params, array('id = ? '=> $params['id']));
}
}
function api_set_setting_simple($params) {
$table = Database::get_main_table(TABLE_MAIN_SETTINGS_CURRENT);
$url_id = api_get_current_access_url_id();
if (empty($params['id'])) {
$params['access_url'] = $url_id;
Database::insert($table, $params);
} else {
Database::update($table, $params, array('id = ? '=> array($params['id'])));
}
}
function api_delete_setting_option($id) {
$table = Database::get_main_table(TABLE_MAIN_SETTINGS_OPTIONS);
if (!empty($id)) {
Database::delete($table, array('id = ? '=> $id));
}
}
/**
* Sets a platform configuration setting to a given value
* @param string The variable we want to update
* @param string The value we want to record
* @param string The sub-variable if any (in most cases, this will remain null)
* @param string The category if any (in most cases, this will remain null)
* @param int The access_url for which this parameter is valid
*/
function api_set_setting($var, $value, $subvar = null, $cat = null, $access_url = 1) {
if (empty($var)) {
return false;
}
$t_settings = Database::get_main_table(TABLE_MAIN_SETTINGS_CURRENT);
$var = Database::escape_string($var);
$value = Database::escape_string($value);
$access_url = (int)$access_url;
if (empty($access_url)) {
$access_url = 1;
}
$select = "SELECT id FROM $t_settings WHERE variable = '$var' ";
if (!empty($subvar)) {
$subvar = Database::escape_string($subvar);
$select .= " AND subkey = '$subvar'";
}
if (!empty($cat)) {
$cat = Database::escape_string($cat);
$select .= " AND category = '$cat'";
}
if ($access_url > 1) {
$select .= " AND access_url = $access_url";
} else {
$select .= " AND access_url = 1 ";
}
$res = Database::query($select);
if (Database::num_rows($res) > 0) {
// Found item for this access_url.
$row = Database::fetch_array($res);
$update = "UPDATE $t_settings SET selected_value = '$value' WHERE id = ".$row['id'] ;
Database::query($update);
} else {
// Item not found for this access_url, we have to check if it exist with access_url = 1
$select = "SELECT * FROM $t_settings WHERE variable = '$var' AND access_url = 1 ";
// Just in case
if ($access_url == 1) {
if (!empty($subvar)) {
$select .= " AND subkey = '$subvar'";
}
if (!empty($cat)) {
$select .= " AND category = '$cat'";
}
$res = Database::query($select);
if (Database::num_rows($res) > 0) { // We have a setting for access_url 1, but none for the current one, so create one.
$row = Database::fetch_array($res);
$insert = "INSERT INTO $t_settings " .
"(variable,subkey," .
"type,category," .
"selected_value,title," .
"comment,scope," .
"subkeytext,access_url)" .
" VALUES " .
"('".$row['variable']."',".(!empty($row['subkey']) ? "'".$row['subkey']."'" : "NULL")."," .
"'".$row['type']."','".$row['category']."'," .
"'$value','".$row['title']."'," .
"".(!empty($row['comment']) ? "'".$row['comment']."'" : "NULL").",".(!empty($row['scope']) ? "'".$row['scope']."'" : "NULL")."," .
"".(!empty($row['subkeytext'])?"'".$row['subkeytext']."'":"NULL").",$access_url)";
$res = Database::query($insert);
} else { // Such a setting does not exist.
error_log(__FILE__.':'.__LINE__.': Attempting to update setting '.$var.' ('.$subvar.') which does not exist at all', 0);
}
} else {
// Other access url.
if (!empty($subvar)) {
$select .= " AND subkey = '$subvar'";
}
if (!empty($cat)) {
$select .= " AND category = '$cat'";
}
$res = Database::query($select);
if (Database::num_rows($res) > 0) { // We have a setting for access_url 1, but none for the current one, so create one.
$row = Database::fetch_array($res);
if ($row['access_url_changeable'] == 1) {
$insert = "INSERT INTO $t_settings " .
"(variable,subkey," .
"type,category," .
"selected_value,title," .
"comment,scope," .
"subkeytext,access_url, access_url_changeable)" .
" VALUES " .
"('".$row['variable']."',".
(!empty($row['subkey']) ? "'".$row['subkey']."'" : "NULL")."," .
"'".$row['type']."','".$row['category']."'," .
"'$value','".$row['title']."'," .
"".(!empty($row['comment']) ? "'".$row['comment']."'" : "NULL").",".
(!empty($row['scope']) ? "'".$row['scope']."'" : "NULL")."," .
"".(!empty($row['subkeytext']) ? "'".$row['subkeytext']."'" : "NULL").",$access_url,".$row['access_url_changeable'].")";
Database::query($insert);
}
} else { // Such a setting does not exist.
error_log(__FILE__.':'.__LINE__.': Attempting to update setting '.$var.' ('.$subvar.') which does not exist at all. The access_url is: '.$access_url.' ',0);
}
}
}
}
/**
* Sets a whole category of settings to one specific value
* @param string Category
* @param string Value
* @param int Access URL. Optional. Defaults to 1
* @param array Optional array of filters on field type
*/
function api_set_settings_category($category, $value = null, $access_url = 1, $fieldtype = array()) {
if (empty($category)) { return false; }
$category = Database::escape_string($category);
$t_s = Database::get_main_table(TABLE_MAIN_SETTINGS_CURRENT);
$access_url = (int) $access_url;
if (empty($access_url)) { $access_url = 1; }
if (isset($value)) {
$value = Database::escape_string($value);
$sql = "UPDATE $t_s SET selected_value = '$value' WHERE category = '$category' AND access_url = $access_url";
if (is_array($fieldtype) && count($fieldtype)>0) {
$sql .= " AND ( ";
$i = 0;
foreach ($fieldtype as $type){
if ($i > 0) {
$sql .= ' OR ';
}
$type = Database::escape_string($type);
$sql .= " type='".$type."' ";
$i++;
}
$sql .= ")";
}
$res = Database::query($sql);
return $res !== false;
} else {
$sql = "UPDATE $t_s SET selected_value = NULL WHERE category = '$category' AND access_url = $access_url";
if (is_array($fieldtype) && count($fieldtype)>0) {
$sql .= " AND ( ";
$i = 0;
foreach ($fieldtype as $type){
if ($i > 0) {
$sql .= ' OR ';
}
$type = Database::escape_string($type);
$sql .= " type='".$type."' ";
$i++;
}
$sql .= ")";
}
$res = Database::query($sql);
return $res !== false;
}
}
/**
* Gets all available access urls in an array (as in the database)
* @return array An array of database records
*/
function api_get_access_urls($from = 0, $to = 1000000, $order = 'url', $direction = 'ASC')
{
$t_au = Database::get_main_table(TABLE_MAIN_ACCESS_URL);
$from = (int) $from;
$to = (int) $to;
$order = Database::escape_string($order);
$direction = Database::escape_string($direction);
$sql = "SELECT id, url, description, active, created_by, tms FROM $t_au ORDER BY $order $direction LIMIT $to OFFSET $from";
$res = Database::query($sql);
return Database::store_result($res);
}
/**
* Gets the access url info in an array
* @param int id of the access url
* @return array Array with all the info (url, description, active, created_by, tms) from the access_url table
* @author Julio Montoya Armas
*/
function api_get_access_url($id)
{
$id = intval($id);
$table_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL);
$sql = "SELECT id, url, description, active, created_by, tms FROM $table_access_url WHERE id = '$id' ";
$res = Database::query($sql);
$result = Database::fetch_array($res);
return $result;
}
/**
* Gets the current url info
*/
function api_get_current_access_url_info()
{
$userInfo = Session::read('url_info');
return $userInfo;
}
/**
* Adds an access URL into the database
* @param string URL
* @param string Description
* @param int Active (1= active, 0=disabled)
* @return int The new database id, or the existing database id if this url already exists
*/
function api_add_access_url($u, $d = '', $a = 1) {
$t_au = Database::get_main_table(TABLE_MAIN_ACCESS_URL);
$u = Database::escape_string($u);
$d = Database::escape_string($d);
$a = (int) $a;
$sql = "SELECT id FROM $t_au WHERE url LIKE '$u'";
$res = Database::query($sql);
if ($res === false) {
// Problem querying the database - return false.
return false;
}
if (Database::num_rows($res) > 0) {
return Database::result($res, 0, 'id');
}
$ui = api_get_user_id();
$sql = "INSERT INTO $t_au (url,description,active,created_by,tms) VALUES ('$u','$d',$a,$ui,'')";
$res = Database::query($sql);
return ($res === false) ? false : Database::insert_id();
}
/**
* Gets all the current settings for a specific access url
* @param string The category, if any, that we want to get
* @param string Whether we want a simple list (display a catgeory) or a grouped list (group by variable as in settings.php default). Values: 'list' or 'group'
* @param int Access URL's ID. Optional. Uses 1 by default, which is the unique URL
* @return array Array of database results for the current settings of the current access URL
*/
function api_get_settings($cat = null, $ordering = 'list', $access_url = 1, $url_changeable = 0)
{
$t_cs = Database::get_main_table(TABLE_MAIN_SETTINGS_CURRENT);
$access_url = (int) $access_url;
$where_condition = '';
if ($url_changeable == 1) {
$where_condition = " AND access_url_changeable= '1' ";
}
if (empty($access_url) or $access_url == -1) { $access_url = 1; }
$sql = "SELECT * FROM $t_cs WHERE access_url = $access_url $where_condition ";
if (!empty($cat)) {
$cat = Database::escape_string($cat);
$sql .= " AND category='$cat' ";
}
if ($ordering == 'group') {
$sql .= " GROUP BY variable ORDER BY id ASC";
} else {
$sql .= " ORDER BY 1,2 ASC";
}
$result = Database::store_result(Database::query($sql));
return $result;
}
/**
* Gets the distinct settings categories
* @param array Array of strings giving the categories we want to exclude
* @param int Access URL. Optional. Defaults to 1
* @return array A list of categories
*/
function & api_get_settings_categories($exceptions = array(), $access_url = 1) {
$access_url = (int) $access_url;
$t_cs = Database::get_main_table(TABLE_MAIN_SETTINGS_CURRENT);
$list = "'".implode("','",$exceptions)."'";
$sql = "SELECT DISTINCT category FROM $t_cs WHERE category is NOT NULL ";
if ($list != "'',''" and $list != "''" and !empty($list)) {
$sql .= " AND category NOT IN ($list) ";
}
$result = Database::store_result(Database::query($sql));
return $result;
}
/**
* Deletes a setting
* @param string Variable
* @param string Subkey
* @param int Access URL
* @return boolean False on failure, true on success
*/
function api_delete_setting($v, $s = null, $a = 1) {
if (empty($v)) { return false; }
$t_cs = Database::get_main_table(TABLE_MAIN_SETTINGS_CURRENT);
$v = Database::escape_string($v);
$a = (int) $a;
if (empty($a)) { $a = 1; }
if (!empty($s)) {
$s = Database::escape_string($s);
$sql = "DELETE FROM $t_cs WHERE variable = '$v' AND subkey = '$s' AND access_url = $a";
$r = Database::query($sql);
return $r;
}
$sql = "DELETE FROM $t_cs WHERE variable = '$v' AND access_url = $a";
$r = Database::query($sql);
return $r;
}
/**
* Deletes all the settings from one category
* @param string Subkey
* @param int Access URL
* @return boolean False on failure, true on success
*/
function api_delete_category_settings_by_subkey($subkey, $access_url_id = 1) {
if (empty($subkey)) { return false; }
$t_cs = Database::get_main_table(TABLE_MAIN_SETTINGS_CURRENT);
$subkey = Database::escape_string($subkey);
$access_url_id = intval($access_url_id);
$sql = "DELETE FROM $t_cs WHERE subkey = '$subkey' AND access_url = $access_url_id";
$r = Database::query($sql);
return $r;
}
/**
* Sets a platform configuration setting to a given value
* @param string The value we want to record
* @param string The variable name we want to insert
* @param string The subkey for the variable we want to insert
* @param string The type for the variable we want to insert
* @param string The category for the variable we want to insert
* @param string The title
* @param string The comment
* @param string The scope
* @param string The subkey text
* @param int The access_url for which this parameter is valid
* @param int The changeability of this setting for non-master urls
* @return boolean true on success, false on failure
*/
function api_add_setting($val, $var, $sk = null, $type = 'textfield', $c = null, $title = '', $com = '', $sc = null, $skt = null, $a = 1, $v = 0) {
if (empty($var) || !isset($val)) { return false; }
$t_settings = Database::get_main_table(TABLE_MAIN_SETTINGS_CURRENT);
$var = Database::escape_string($var);
$val = Database::escape_string($val);
$a = (int) $a;
if (empty($a)) { $a = 1; }
// Check if this variable doesn't exist already
$select = "SELECT id FROM $t_settings WHERE variable = '$var' ";
if (!empty($sk)) {
$sk = Database::escape_string($sk);
$select .= " AND subkey = '$sk'";
}
if ($a > 1) {
$select .= " AND access_url = $a";
} else {
$select .= " AND access_url = 1 ";
}
$res = Database::query($select);
if (Database::num_rows($res) > 0) { // Found item for this access_url.
$row = Database::fetch_array($res);
return $row['id'];
}
// Item not found for this access_url, we have to check if the whole thing is missing
// (in which case we ignore the insert) or if there *is* a record but just for access_url = 1
$insert = "INSERT INTO $t_settings " .
"(variable,selected_value," .
"type,category," .
"subkey,title," .
"comment,scope," .
"subkeytext,access_url,access_url_changeable)" .
" VALUES ('$var','$val',";
if (isset($type)) {
$type = Database::escape_string($type);
$insert .= "'$type',";
} else {
$insert .= "NULL,";
}
if (isset($c)) { // Category
$c = Database::escape_string($c);
$insert .= "'$c',";
} else {
$insert .= "NULL,";
}
if (isset($sk)) { // Subkey
$sk = Database::escape_string($sk);
$insert .= "'$sk',";
} else {
$insert .= "NULL,";
}
if (isset($title)) { // Title
$title = Database::escape_string($title);
$insert .= "'$title',";
} else {
$insert .= "NULL,";
}
if (isset($com)) { // Comment
$com = Database::escape_string($com);
$insert .= "'$com',";
} else {
$insert .= "NULL,";
}
if (isset($sc)) { // Scope
$sc = Database::escape_string($sc);
$insert .= "'$sc',";
} else {
$insert .= "NULL,";
}
if (isset($skt)) { // Subkey text
$skt = Database::escape_string($skt);
$insert .= "'$skt',";
} else {
$insert .= "NULL,";
}
$insert .= "$a,$v)";
$res = Database::query($insert);
return $res;
}
/**
* Checks wether a user can or can't view the contents of a course.
*
* @param int $userid User id or NULL to get it from $_SESSION
* @param int $cid Course id to check whether the user is allowed.
* @return bool
*/
function api_is_course_visible_for_user($userid = null, $cid = null) {
if ($userid == null) {
$userid = api_get_user_id();
}
if (empty($userid) || strval(intval($userid)) != $userid) {
if (api_is_anonymous()) {
$userid = api_get_anonymous_id();
} else {
return false;
}
}
$cid = Database::escape_string($cid);
$courseInfo = api_get_course_info($cid);
$courseId = $courseInfo['real_id'];
$is_platformAdmin = api_is_platform_admin();
$course_table = Database::get_main_table(TABLE_MAIN_COURSE);
$course_cat_table = Database::get_main_table(TABLE_MAIN_CATEGORY);
$sql = "SELECT
$course_table.category_code,
$course_table.visibility,
$course_table.code,
$course_cat_table.code
FROM $course_table
LEFT JOIN $course_cat_table
ON $course_table.category_code = $course_cat_table.code
WHERE
$course_table.code = '$cid'
LIMIT 1";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
$visibility = Database::fetch_array($result);
$visibility = $visibility['visibility'];
} else {
$visibility = 0;
}
// Shortcut permissions in case the visibility is "open to the world".
if ($visibility === COURSE_VISIBILITY_OPEN_WORLD) {
return true;
}
$tbl_course_user = Database :: get_main_table(TABLE_MAIN_COURSE_USER);
$sql = "SELECT
tutor_id, status, role
FROM $tbl_course_user
WHERE
user_id = '$userid'
AND
relation_type <> '".COURSE_RELATION_TYPE_RRHH."'
AND
course_code = ".$courseId."
LIMIT 1";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
// This user has got a recorded state for this course.
$cuData = Database::fetch_array($result);
$_courseUser['role'] = $cuData['role'];
$is_courseMember = true;
$is_courseTutor = ($cuData['tutor_id' ] == 1);
$is_courseAdmin = ($cuData['status'] == 1);
}
if (!$is_courseAdmin) {
// This user has no status related to this course.
// Is it the session coach or the session admin?
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$tbl_session_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
$tbl_session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
$sql = "SELECT
session.id_coach, session_admin_id, session.id
FROM
$tbl_session as session
INNER JOIN $tbl_session_course
ON session_rel_course.id_session = session.id
AND session_rel_course.c_id = '$courseId'
LIMIT 1";
$result = Database::query($sql);
$row = Database::store_result($result);
if ($row[0]['id_coach'] == $userid) {
$_courseUser['role'] = 'Professor';
$is_courseMember = true;
$is_courseTutor = true;
$is_courseAdmin = false;
$is_courseCoach = true;
$is_sessionAdmin = false;
Session::write('_courseUser',$_courseUser);
}
elseif ($row[0]['session_admin_id'] == $userid) {
$_courseUser['role'] = 'Professor';
$is_courseMember = false;
$is_courseTutor = false;
$is_courseAdmin = false;
$is_courseCoach = false;
$is_sessionAdmin = true;
} else {
// Check if the current user is the course coach.
$sql = "SELECT 1
FROM $tbl_session_course
WHERE session_rel_course.c_id = '$courseId'
AND session_rel_course.id_coach = '$userid'
LIMIT 1";
$result = Database::query($sql);
//if ($row = Database::fetch_array($result)) {
if (Database::num_rows($result) > 0 ) {
$_courseUser['role'] = 'Professor';
$is_courseMember = true;
$is_courseTutor = true;
$is_courseCoach = true;
$is_sessionAdmin = false;
$tbl_user = Database :: get_main_table(TABLE_MAIN_USER);
$sql = "SELECT status FROM $tbl_user
WHERE user_id = $userid LIMIT 1";
$result = Database::query($sql);
if (Database::result($result, 0, 0) == 1) {
$is_courseAdmin = true;
} else {
$is_courseAdmin = false;
}
} else {
// Check if the user is a student is this session.
$sql = "SELECT id
FROM $tbl_session_course_user
WHERE id_user = '$userid'
AND c_id = '$courseId'
LIMIT 1";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
// This user haa got a recorded state for this course.
while ($row = Database::fetch_array($result)) {
$is_courseMember = true;
$is_courseTutor = false;
$is_courseAdmin = false;
$is_sessionAdmin = false;
}
}
}
}
}
switch ($visibility) {
case COURSE_VISIBILITY_OPEN_WORLD:
return true;
case COURSE_VISIBILITY_OPEN_PLATFORM:
return isset($userid);
case COURSE_VISIBILITY_REGISTERED:
case COURSE_VISIBILITY_CLOSED:
return $is_platformAdmin || $is_courseMember || $is_courseAdmin;
}
return false;
}
/**
* Returns whether an element (forum, message, survey ...) belongs to a session or not
* @param String the tool of the element
* @param int the element id in database
* @param int the session_id to compare with element session id
* @return boolean true if the element is in the session, false else
*/
function api_is_element_in_the_session($tool, $element_id, $session_id = null) {
if (empty($session_id)) {
$session_id = api_get_session_id();
}
// Get information to build query depending of the tool.
switch ($tool) {
case TOOL_SURVEY :
$table_tool = Database::get_course_table(TABLE_SURVEY);
$key_field = 'survey_id';
break;
case TOOL_ANNOUNCEMENT :
$table_tool = Database::get_course_table(TABLE_ANNOUNCEMENT);
$key_field = 'id';
break;
case TOOL_AGENDA :
$table_tool = Database::get_course_table(TABLE_AGENDA);
$key_field = 'id';
break;
case TOOL_GROUP :
$table_tool = Database::get_course_table(TABLE_GROUP);
$key_field = 'iid';
break;
default: return false;
}
$course_id = api_get_course_int_id();
$sql = "SELECT session_id FROM $table_tool WHERE c_id = $course_id AND $key_field = ".intval($element_id);
$rs = Database::query($sql);
if ($element_session_id = Database::result($rs, 0, 0)) {
// The element belongs to the session.
if ($element_session_id == intval($session_id) && !empty($session_id)) {
return true;
}
}
return false;
}
/**
* Replaces "forbidden" characters in a filename string.
*
* @author Hugues Peeters <peeters@ipm.ucl.ac.be>
* @author René Haentjens, UGent (RH)
* @author Ivan Tcholakov, JUN-2009. Transliteration functionality has been added.
* @param string $filename The filename string.
* @param string $strict (optional) When it is 'strict', all non-ASCII charaters will be replaced. Additional ASCII replacemets will be done too.
* @return string The cleaned filename.
*/
function api_replace_dangerous_char($filename, $strict = 'loose') {
// Safe replacements for some non-letter characters.
static $search = array("\0", ' ', "\t", "\n", "\r", "\x0B", '/', "\\", '"', "'", '?', '*', '>', '<', '|', ':', '$', '(', ')', '^', '[', ']', '#', '+', '&', '%');
static $replace = array('', '_', '_', '_', '_', '_', '-', '-', '-', '_', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-');
// Encoding detection.
//$encoding = api_detect_encoding($filename);
// Converting html-entities into encoded characters.
///$filename = api_html_entity_decode($filename, ENT_QUOTES, $encoding);
// Transliteration to ASCII letters, they are not dangerous for filesystems.
$filename = api_transliterate($filename, 'x');
// Trimming leading/trailing whitespace.
$filename = trim($filename);
// Trimming any leading/trailing dots.
$filename = trim($filename, '.');
$filename = trim($filename);
// Replacing remaining dangerous non-letter characters.
$filename = str_replace($search, $replace, $filename);
if ($strict == 'strict') {
//$filename = str_replace('-', '_', $filename); // See task #1848.
//$filename = preg_replace('/[^0-9A-Za-z_.\-]/', '', $filename);
//Removing "_" character see BT#3628
$filename = preg_replace('/[^0-9A-Za-z.\-_]/', '', $filename);
}
// Length is to be limited, so the file name to be acceptable by some operating systems.
$extension = (string)strrchr($filename, '.');
$extension_len = strlen($extension);
if ($extension_len > 0 && $extension_len < 250) {
$filename = substr($filename, 0, -$extension_len);
return substr($filename, 0, 250 - $extension_len).$extension;
}
return substr($filename, 0, 250);
}
/**
* Fixes the $_SERVER['REQUEST_URI'] that is empty in IIS6.
* @author Ivan Tcholakov, 28-JUN-2006.
*/
function api_request_uri() {
if (!empty($_SERVER['REQUEST_URI'])) {
return $_SERVER['REQUEST_URI'];
}
$uri = $_SERVER['SCRIPT_NAME'];
if (!empty($_SERVER['QUERY_STRING'])) {
$uri .= '?'.$_SERVER['QUERY_STRING'];
}
$_SERVER['REQUEST_URI'] = $uri;
return $uri;
}
/**
* Creates the "include_path" php-setting, following the rule that
* PEAR packages of Chamilo should be read before other external packages.
* To be used in global.inc.php only.
* @author Ivan Tcholakov, 06-NOV-2008.
*/
function api_create_include_path_setting($includePath) {
$include_path = ini_get('include_path');
if (!empty($include_path)) {
$include_path_array = explode(PATH_SEPARATOR, $include_path);
$dot_found = array_search('.', $include_path_array);
if ($dot_found !== false) {
$result = array();
foreach ($include_path_array as $path) {
$result[] = $path;
if ($path == '.') {
// The path of Chamilo PEAR packages is to be inserted after the current directory path.
$result[] = api_get_path(LIBRARY_PATH).'pear';
}
}
return implode(PATH_SEPARATOR, $result);
}
// Current directory is not listed in the include_path setting, low probability is here.
return $includePath.'/lib/pear'.PATH_SEPARATOR.$include_path;
}
// The include_path setting is empty, low probability is here.
return $includePath.'/lib/pear';
}
/**
* Gets the current access_url id of the Chamilo Platform loaded in the session
* @author Julio Montoya <gugli100@gmail.com>
* @return int access_url_id of the current Chamilo Installation
*/
function api_get_current_access_url_id()
{
$urlId = Session::read('url_id');
if (empty($urlId)) {
return 1;
} else {
return $urlId;
}
}
/**
* Gets the current access_url id of the api_get_path(WEB_PATH) Chamilo Platform
* @author Julio Montoya <gugli100@gmail.com>
* @return int access_url_id of the current Chamilo Installation
*/
function api_get_access_url_id_from_web_path()
{
$access_url_table = Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$path = Database::escape_string(api_get_path(WEB_PATH));
$sql = "SELECT id FROM $access_url_table WHERE url = '".$path."'";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
$access_url_id = Database::result($result, 0, 0);
return $access_url_id;
}
return 1;
}
/**
* Gets the registered urls from a given user id
* @author Julio Montoya <gugli100@gmail.com>
* @return int user id
*/
function api_get_access_url_from_user($user_id) {
$user_id = intval($user_id);
$table_url_rel_user = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$table_url = Database :: get_main_table(TABLE_MAIN_ACCESS_URL);
$sql = "SELECT access_url_id FROM $table_url_rel_user url_rel_user INNER JOIN $table_url u
ON (url_rel_user.access_url_id = u.id)
WHERE user_id = ".Database::escape_string($user_id);
$result = Database::query($sql);
$url_list = array();
while ($row = Database::fetch_array($result, 'ASSOC')) {
$url_list[] = $row['access_url_id'];
}
return $url_list;
}
/**
* Gets the status of a user in a course
* @param int user_id
* @param int course id
* @return int user status
*/
function api_get_status_of_user_in_course ($user_id, $courseId)
{
if (!empty($user_id) && !empty($courseId)) {
$tbl_rel_course_user = Database :: get_main_table(TABLE_MAIN_COURSE_USER);
$user_id = intval($user_id);
$courseId = Database::escape_string($courseId);
$sql = 'SELECT status FROM '.$tbl_rel_course_user.' WHERE user_id='.$user_id.' AND c_id="'.$courseId.'"';
$result = Database::query($sql);
$row_status = Database::fetch_array($result, 'ASSOC');
return $row_status['status'];
} else {
return 0;
}
}
/**
* Checks whether the curent user is in a course or not.
*
* @param string The course code - optional (takes it from session if not given)
* @return boolean
* @author Yannick Warnier <yannick.warnier@beeznest.com>
*/
function api_is_in_course($course_code = null) {
$courseCodeInSession = api_get_course_id();
if (isset($courseCodeInSession)) {
if (!empty($course_code)) {
return $course_code == $courseCodeInSession;
}
return true;
}
return false;
}
/**
* Checks whether the curent user is in a group or not.
*
* @param string The group id - optional (takes it from session if not given)
* @param string The course code - optional (no additional check by course if course code is not given)
* @return boolean
* @author Ivan Tcholakov
*/
function api_is_in_group($group_id = null, $course_code = null)
{
$courseCodeInSession = api_get_course_id();
$groupIdInSession = api_get_group_id();
if (!empty($course_code)) {
if (isset($courseCodeInSession)) {
if ($course_code != $courseCodeInSession) return false;
} else {
return false;
}
}
if (isset($groupIdInSession) && $groupIdInSession != '') {
if (!empty($group_id)) {
return $group_id == $groupIdInSession;
} else {
return true;
}
}
return false;
}
/**
* This function gets the hash in md5 or sha1 (it depends in the platform config) of a given password
* @param string password
* @return string password with the applied hash
*/
function api_get_encrypted_password($password, $salt = '') {
global $_configuration;
$password_encryption = isset($_configuration['password_encryption']) ? $_configuration['password_encryption'] : 'sha1';
switch ($password_encryption) {
case 'sha1':
return empty($salt) ? sha1($password) : sha1($password.$salt);
case 'none':
return $password;
case 'md5':
default:
return empty($salt) ? md5($password) : md5($password.$salt);
}
}
/**
* Checks whether a secret key is valid
* @param string $original_key_secret - secret key from (webservice) client
* @param string $security_key - security key from Chamilo
* @return boolean - true if secret key is valid, false otherwise
*/
function api_is_valid_secret_key($original_key_secret, $security_key) {
return $original_key_secret == sha1($security_key);
}
/**
* Checks whether a user is into course
* @param string $course_id - the course id
* @param string $user_id - the user id
*/
function api_is_user_of_course($course_id, $user_id) {
$tbl_course_rel_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$sql = 'SELECT user_id FROM '.$tbl_course_rel_user.'
WHERE c_id ="'.Database::escape_string($course_id).'" AND
user_id="'.Database::escape_string($user_id).'" AND
relation_type<>'.COURSE_RELATION_TYPE_RRHH.' ';
$result = Database::query($sql);
return Database::num_rows($result) == 1;
}
/**
* Checks whether the server's operating system is Windows (TM).
* @return boolean - true if the operating system is Windows, false otherwise
*/
function api_is_windows_os() {
if (function_exists('php_uname')) {
// php_uname() exists as of PHP 4.0.2, according to the documentation.
// We expect that this function will always work for Chamilo 1.8.x.
$os = php_uname();
}
// The following methods are not needed, but let them stay, just in case.
elseif (isset($_ENV['OS'])) {
// Sometimes $_ENV['OS'] may not be present (bugs?)
$os = $_ENV['OS'];
}
elseif (defined('PHP_OS')) {
// PHP_OS means on which OS PHP was compiled, this is why
// using PHP_OS is the last choice for detection.
$os = PHP_OS;
} else {
return false;
}
return strtolower(substr((string)$os, 0, 3 )) == 'win';
}
/**
* This function informs whether the sent request is XMLHttpRequest
*/
function api_is_xml_http_request() {
return isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest';
}
/**
* This wrapper function has been implemented for avoiding some known problems about the function getimagesize().
* @link http://php.net/manual/en/function.getimagesize.php
* @link http://www.dokeos.com/forum/viewtopic.php?t=12345
* @link http://www.dokeos.com/forum/viewtopic.php?t=16355
*/
function api_getimagesize($path) {
$image = new Image($path);
return $image->get_image_size();
}
/**
* This function resizes an image, with preserving its proportions (or aspect ratio).
* @author Ivan Tcholakov, MAY-2009.
* @param int $image System path or URL of the image
* @param int $target_width Targeted width
* @param int $target_height Targeted height
* @return array Calculated new width and height
*/
function api_resize_image($image, $target_width, $target_height) {
$image_properties = api_getimagesize($image);
return api_calculate_image_size($image_properties['width'], $image_properties['height'], $target_width, $target_height);
}
/**
* This function calculates new image size, with preserving image's proportions (or aspect ratio).
* @author Ivan Tcholakov, MAY-2009.
* @author The initial idea has been taken from code by Patrick Cool, MAY-2004.
* @param int $image_width Initial width
* @param int $image_height Initial height
* @param int $target_width Targeted width
* @param int $target_height Targeted height
* @return array Calculated new width and height
*/
function api_calculate_image_size($image_width, $image_height, $target_width, $target_height) {
// Only maths is here.
$result = array('width' => $image_width, 'height' => $image_height);
if ($image_width <= 0 || $image_height <= 0) {
return $result;
}
$resize_factor_width = $target_width / $image_width;
$resize_factor_height = $target_height / $image_height;
$delta_width = $target_width - $image_width * $resize_factor_height;
$delta_height = $target_height - $image_height * $resize_factor_width;
if ($delta_width > $delta_height) {
$result['width'] = ceil($image_width * $resize_factor_height);
$result['height'] = ceil($image_height * $resize_factor_height);
}
elseif ($delta_width < $delta_height) {
$result['width'] = ceil($image_width * $resize_factor_width);
$result['height'] = ceil($image_height * $resize_factor_width);
}
else {
$result['width'] = ceil($target_width);
$result['height'] = ceil($target_height);
}
return $result;
}
/**
* Returns a list of Chamilo's tools or
* checks whether a given identificator is a valid Chamilo's tool.
* @author Isaac flores paz
* @param string The tool name to filter
* @return mixed Filtered string or array
*/
function api_get_tools_lists($my_tool = null) {
$tools_list = array(
TOOL_DOCUMENT, TOOL_THUMBNAIL, TOOL_HOTPOTATOES,
TOOL_CALENDAR_EVENT, TOOL_LINK, TOOL_COURSE_DESCRIPTION, TOOL_SEARCH,
TOOL_LEARNPATH, TOOL_ANNOUNCEMENT, TOOL_FORUM, TOOL_THREAD, TOOL_POST,
TOOL_DROPBOX, TOOL_QUIZ, TOOL_USER, TOOL_GROUP, TOOL_BLOGS, TOOL_CHAT,
TOOL_CONFERENCE, TOOL_STUDENTPUBLICATION, TOOL_TRACKING, TOOL_HOMEPAGE_LINK,
TOOL_COURSE_SETTING, TOOL_BACKUP, TOOL_COPY_COURSE_CONTENT, TOOL_RECYCLE_COURSE,
TOOL_COURSE_HOMEPAGE, TOOL_COURSE_RIGHTS_OVERVIEW, TOOL_UPLOAD, TOOL_COURSE_MAINTENANCE,
TOOL_VISIO, TOOL_VISIO_CONFERENCE, TOOL_VISIO_CLASSROOM, TOOL_SURVEY, TOOL_WIKI,
TOOL_GLOSSARY, TOOL_GRADEBOOK, TOOL_NOTEBOOK, TOOL_ATTENDANCE, TOOL_COURSE_PROGRESS
);
if (empty($my_tool)) {
return $tools_list;
}
return in_array($my_tool, $tools_list) ? $my_tool : '';
}
function api_get_tool_urls() {
return array(
TOOL_DOCUMENT => api_get_path(WEB_CODE_PATH).'document/document.php',
TOOL_QUIZ => api_get_path(WEB_CODE_PATH).'exercice/exercice.php',
TOOL_ANNOUNCEMENT => api_get_path(WEB_CODE_PATH).'announcements/announcements.php',
TOOL_CALENDAR_EVENT => api_get_path(WEB_CODE_PATH).'calendar/agenda.php',
TOOL_STUDENTPUBLICATION => api_get_path(WEB_CODE_PATH).'work/work.php',
TOOL_LEARNPATH => api_get_path(WEB_CODE_PATH).'newscorm/lp_controller.php'
);
}
/**
* Checks whether we already approved the last version term and condition
* @param int user id
* @return bool true if we pass false otherwise
*/
function api_check_term_condition($user_id) {
if (api_get_setting('allow_terms_conditions') == 'true') {
$t_uf = Database::get_main_table(TABLE_MAIN_USER_FIELD);
$t_ufv = Database::get_main_table(TABLE_MAIN_USER_FIELD_VALUES);
//check if exists terms and conditions
if (LegalManager::count() == 0) {
return true;
}
// Check the last user version_id passed
$sql = "SELECT field_value FROM $t_ufv ufv inner join $t_uf uf on ufv.field_id= uf.id
WHERE field_value <> '' AND field_variable = 'legal_accept' AND user_id = ".intval($user_id);
$res = Database::query($sql);
if (Database::num_rows($res) > 0) {
$rowv = Database::fetch_row($res);
$rowv = $rowv[0];
$user_conditions = explode(':', $rowv);
$version = $user_conditions[0];
$lang_id = $user_conditions[1];
$real_version = LegalManager::get_last_version($lang_id);
return $version >= $real_version;
}
return false;
}
return false;
}
/**
* Gets all information of a tool into course
* @param int The tool id
* @return array
*/
function api_get_tool_information($tool_id) {
$t_tool = Database::get_course_table(TABLE_TOOL_LIST);
$course_id = api_get_course_int_id();
$sql = "SELECT * FROM $t_tool WHERE c_id = $course_id AND id = ".intval($tool_id);
$rs = Database::query($sql);
return Database::fetch_array($rs);
}
/**
* Gets all information of a tool into course
* @param int The tool id
* @return array
*/
function api_get_tool_information_by_name($name) {
$t_tool = Database::get_course_table(TABLE_TOOL_LIST);
$course_id = api_get_course_int_id();
$sql = "SELECT * FROM $t_tool WHERE c_id = $course_id AND name = '".Database::escape_string($name)."' ";
$rs = Database::query($sql);
return Database::fetch_array($rs, 'ASSOC');
}
/* DEPRECATED FUNCTIONS */
/**
* @deprecated: use api_is_allowed_to_edit() instead
*/
function is_allowed_to_edit() {
return api_is_allowed_to_edit();
}
/**
* Function used to protect a "global" admin script.
* The function blocks access when the user has no global platform admin rights.
* Global admins are the admins that are registered in the main.admin table AND the users who have access to the "principal" portal.
* That means that there is a record in the main.access_url_rel_user table with his user id and the access_url_id=1
*
* @author Julio Montoya
*/
function api_is_global_platform_admin($user_id = null) {
$user_id = intval($user_id);
if (empty($user_id)) {
$user_id = api_get_user_id();
}
if (api_is_platform_admin_by_id($user_id)) {
$my_url_list = api_get_access_url_from_user($user_id);
// The admin is registered in the first "main" site with access_url_id = 1
if (in_array(1, $my_url_list)) {
return true;
} else {
return false;
}
}
return false;
}
function api_global_admin_can_edit_admin($admin_id_to_check, $my_user_id = null, $allow_session_admin = false) {
if (empty($my_user_id)) {
$my_user_id = api_get_user_id();
}
$iam_a_global_admin = api_is_global_platform_admin($my_user_id);
$user_is_global_admin = api_is_global_platform_admin($admin_id_to_check);
if ($iam_a_global_admin) {
//global admin can edit everything
return true;
} else {
//If i'm a simple admin
$is_platform_admin = api_is_platform_admin_by_id($my_user_id);
if ($allow_session_admin) {
$is_platform_admin = api_is_platform_admin_by_id($my_user_id) || (api_get_user_status($my_user_id) == SESSIONADMIN);
}
if ($is_platform_admin) {
if ($user_is_global_admin) {
return false;
} else {
return true;
}
} else {
return false;
}
}
}
function api_protect_super_admin($admin_id_to_check, $my_user_id = null, $allow_session_admin = false) {
if (api_global_admin_can_edit_admin($admin_id_to_check, $my_user_id, $allow_session_admin)) {
return true;
} else {
api_not_allowed();
}
}
/**
* Function used to protect a global admin script.
* The function blocks access when the user has no global platform admin rights.
* See also the api_is_global_platform_admin() function wich defines who's a "global" admin
*
* @author Julio Montoya
*/
function api_protect_global_admin_script() {
if (!api_is_global_platform_admin()) {
api_not_allowed();
return false;
}
return true;
}
/**
* Get actived template
* @param string theme type (optional: default)
* @param string path absolute(abs) or relative(rel) (optional:rel)
* @return string actived template path
*/
function api_get_template($path_type = 'rel') {
$path_types = array('rel', 'abs');
$template_path = '';
if (in_array($path_type, $path_types)) {
if ($path_type == 'rel') {
$template_path = api_get_path(SYS_TEMPLATE_PATH);
} else {
$template_path = api_get_path(WEB_TEMPLATE_PATH);
}
}
$actived_theme = 'default';
if (api_get_setting('active_template')) {
$actived_theme = api_get_setting('active_template');
}
$actived_theme_path = $template_path.$actived_theme.DIRECTORY_SEPARATOR;
return $actived_theme_path;
}
/**
* Check browser support for type files
** This function check if the users browser support a file format or return the current browser and major ver when $format=check_browser
* @param string $format
*
* @return bool, or return text array if $format=check_browser
*
* @author Juan Carlos Raña Trabado
*/
function api_browser_support($format="") {
$browser = new Browser();
//print_r($browser);
$current_browser = $browser->getBrowser();
$a_versiontemp = explode('.', $browser->getVersion());
$current_majorver= $a_versiontemp[0];
//native svg support
if ($format=='svg'){
if (($current_browser == 'Internet Explorer' && $current_majorver >= 9) || ($current_browser == 'Firefox' && $current_majorver > 1) || ($current_browser == 'Safari' && $current_majorver >= 4) || ($current_browser == 'Chrome' && $current_majorver >= 1) || ($current_browser == 'Opera' && $current_majorver >= 9)) {
return true;
} else {
return false;
}
} elseif($format=='pdf') {
//native pdf support
if($current_browser == 'Chrome' && $current_majorver >= 6){
return true;
} else {
return false;
}
} elseif($format=='tif' || $format=='tiff'){
//native tif support
if($current_browser == 'Safari' && $current_majorver >= 5){
return true;
} else {
return false;
}
} elseif($format=='ogg' || $format=='ogx'|| $format=='ogv' || $format=='oga'){
//native ogg, ogv,oga support
if (($current_browser == 'Firefox' && $current_majorver >= 3) || ($current_browser == 'Chrome' && $current_majorver >= 3) || ($current_browser == 'Opera' && $current_majorver >= 9)) {
return true;
} else {
return false;
}
} elseif($format=='mpg' || $format=='mpeg'){
//native mpg support
if(($current_browser == 'Safari' && $current_majorver >= 5)){
return true;
} else {
return false;
}
} elseif($format=='mp4') {
//native mp4 support (TODO: Android, iPhone)
if($current_browser == 'Android' || $current_browser == 'iPhone') {
return true;
} else {
return false;
}
} elseif($format=='mov') {
//native mov support( TODO:check iPhone)
if($current_browser == 'Safari' && $current_majorver >= 5 || $current_browser == 'iPhone'){
return true;
} else {
return false;
}
} elseif($format=='avi') {
//native avi support
if($current_browser == 'Safari' && $current_majorver >= 5){
return true;
}
else{
return false;
}
} elseif($format=='wmv') {
//native wmv support
if ($current_browser == 'Firefox' && $current_majorver >= 4){
return true;
} else {
return false;
}
} elseif($format=='webm') {
//native webm support (TODO:check IE9, Chrome9, Android)
if(($current_browser == 'Firefox' && $current_majorver >= 4) || ($current_browser == 'Opera' && $current_majorver >= 9) || ($current_browser == 'Internet Explorer' && $current_majorver >= 9)|| ($current_browser == 'Chrome' && $current_majorver >=9)|| $current_browser == 'Android'){
return true;
}
else{
return false;
}
} elseif($format=='wav') {
//native wav support (only some codecs !)
if (($current_browser == 'Firefox' && $current_majorver >= 4) || ($current_browser == 'Safari' && $current_majorver >= 5) || ($current_browser == 'Opera' && $current_majorver >= 9) || ($current_browser == 'Internet Explorer' && $current_majorver >= 9)|| ($current_browser == 'Chrome' && $current_majorver > 9)|| $current_browser == 'Android' || $current_browser == 'iPhone'){
return true;
}
else{
return false;
}
} elseif($format=='mid' || $format=='kar') {
//native midi support (TODO:check Android)
if($current_browser == 'Opera'&& $current_majorver >= 9 || $current_browser == 'Android'){
return true;
} else {
return false;
}
} elseif($format=='wma') {
//native wma support
if($current_browser == 'Firefox' && $current_majorver >= 4){
return true;
}
else{
return false;
}
} elseif($format=='au') {
//native au support
if($current_browser == 'Safari' && $current_majorver >= 5){
return true;
}
else{
return false;
}
} elseif($format=='mp3') {
//native mp3 support (TODO:check Android, iPhone)
if(($current_browser == 'Safari' && $current_majorver >= 5) || ($current_browser == 'Chrome' && $current_majorver >=6)|| ($current_browser == 'Internet Explorer' && $current_majorver >= 9)|| $current_browser == 'Android' || $current_browser == 'iPhone'){
return true;
} else {
return false;
}
} elseif($format=="check_browser") {
$array_check_browser=array($current_browser, $current_majorver);
return $array_check_browser;
} else {
return false;
}
}
/**
* This function checks if exist path and file browscap.ini
* In order for this to work, your browscap configuration setting in php.ini must point to the correct location of the browscap.ini file on your system
* http://php.net/manual/en/function.get-browser.php
*
* @return bool
*
* @author Juan Carlos Raña Trabado
*/
function api_check_browscap() {
$setting = ini_get('browscap');
if ($setting) {
$browser = get_browser($_SERVER['HTTP_USER_AGENT'], true);
if (strpos($setting, 'browscap.ini') && !empty($browser)) {
return true;
}
}
return false;
}
/**
* Returns the <script> HTML tag
*/
function api_get_js($file) {
return '<script type="text/javascript" src="'.api_get_path(WEB_LIBRARY_JS_PATH).$file.'"></script>'."\n";
}
/**
* Returns the <link> HTML tag
*/
function api_get_css($file, $media = 'screen') {
return '<link href="'.$file.'" rel="stylesheet" media="'.$media.'" type="text/css" />'."\n";
}
function api_get_jqgrid_js() {
return api_get_jquery_libraries_js(array('jqgrid'));
}
function api_get_available_jquery_ui_languages() {
//see http://jqueryui.com/demos/datepicker/#localization
return array(
'af',//Afrikaans
'sq', //Albanian (Gjuha shqipe)
'ar-DZ', //Algerian Arabic
'ar', //Arabic (&#8235;(&#1604;&#1593;&#1585;&#1576;&#1610;
'hy', //Armenian (&#1344;&#1377;&#1397;&#1381;&#1408;&#1381;&#1398;)
'az', //Azerbaijani (Az&#601;rbaycan dili)
'eu', //Basque (Euskara)
'bs', //Bosnian (Bosanski)
'bg', //Bulgarian (&#1073;&#1098;&#1083;&#1075;&#1072;&#1088;&#1089;&#1082;&#1080; &#1077;&#1079;&#1080;&#1082;)
'ca', //Catalan (Catal&agrave;)
'zh-HK', //Chinese Hong Kong (&#32321;&#39636;&#20013;&#25991;)
'zh-CN', //Chinese Simplified (&#31616;&#20307;&#20013;&#25991;)
'zh-TW', //Chinese Traditional (&#32321;&#39636;&#20013;&#25991;)
'hr', //Croatian (Hrvatski jezik)
'cs', //Czech (&#269;e&#353;tina)
'da', //Danish (Dansk)
'nl-BE', //Dutch (Belgium)
'nl', //Dutch (Nederlands)
'en-AU', //English/Australia
'en-NZ', //English/New Zealand
'en-GB', //English/UK
'eo', //Esperanto
'et', //Estonian (eesti keel)
'fo', //Faroese (f&oslash;royskt)
'fa', //Farsi/Persian (&#8235;(&#1601;&#1575;&#1585;&#1587;&#1740;
'fi', //Finnish (suomi)
'fr', //French (Fran&ccedil;ais)
'fr-CH', //French/Swiss (Fran&ccedil;ais de Suisse)
'gl', //Galician
'ge', //Georgian
'de', //German (Deutsch)
'el', //Greek (&#917;&#955;&#955;&#951;&#957;&#953;&#954;&#940;)
'he', //Hebrew (&#8235;(&#1506;&#1489;&#1512;&#1497;&#1514;
'hi', //Hindi (&#2361;&#2367;&#2306;&#2342;&#2368;)
'hu', //Hungarian (Magyar)
'is', //Icelandic (&Otilde;slenska)
'id', //Indonesian (Bahasa Indonesia)
'it', //Italian (Italiano)
'ja', //Japanese (&#26085;&#26412;&#35486;)
'kk', //Kazakhstan (Kazakh)
'km', //Khmer
'ko', //Korean (&#54620;&#44397;&#50612;)
'lv', //Latvian (Latvie&ouml;u Valoda)
'lt', //Lithuanian (lietuviu kalba)
'lb', //Luxembourgish
'mk', //Macedonian
'ml', //Malayalam
'ms', //Malaysian (Bahasa Malaysia)
'no', //Norwegian (Norsk)
'pl', //Polish (Polski)
'pt', //Portuguese (Portugu&ecirc;s)
'pt-BR', //Portuguese/Brazilian (Portugu&ecirc;s)
'rm', //Rhaeto-Romanic (Romansh)
'ro', //Romanian (Rom&acirc;n&#259;)
'ru', //Russian (&#1056;&#1091;&#1089;&#1089;&#1082;&#1080;&#1081;)
'sr', //Serbian (&#1089;&#1088;&#1087;&#1089;&#1082;&#1080; &#1112;&#1077;&#1079;&#1080;&#1082;)
'sr-SR', //Serbian (srpski jezik)
'sk', //Slovak (Slovencina)
'sl', //Slovenian (Slovenski Jezik)
'es', //Spanish (Espa&ntilde;ol)
'sv', //Swedish (Svenska)
'ta', //Tamil (&#2980;&#2990;&#3007;&#2996;&#3021;)
'th', //Thai (&#3616;&#3634;&#3625;&#3634;&#3652;&#3607;&#3618;)
'tj', //Tajikistan
'tr', //Turkish (T&uuml;rk&ccedil;e)
'uk', //Ukranian (&#1059;&#1082;&#1088;&#1072;&#1111;&#1085;&#1089;&#1100;&#1082;&#1072;)
'vi', //Vietnamese (Ti&#7871;ng Vi&#7879;t)
'cy-GB'//Welsh/UK (Cymraeg)
);
}
/**
* Returns the jquery library js and css headers
*
* @param array list of jquery libraries supported jquery-ui, jqgrid
* @param bool add the jquery library
* @return string html tags
*
*/
function api_get_jquery_libraries_js($libraries) {
$js = '';
$js_path = api_get_path(WEB_LIBRARY_JS_PATH);
$isocode = api_get_language_isocode();
if (in_array('jquery-ui-i18n', $libraries)) {
$js .= api_get_js('jquery-ui/jquery-ui-i18n.min.js');
if (!in_array($isocode, api_get_available_jquery_ui_languages())) {
$isocode = 'en';
}
if ($isocode == 'en') {
$isocode = '';
}
$js .= "<script> $(function() { $.datepicker.setDefaults($.datepicker.regional['$isocode']); });</script>";
}
//jqgrid js and css
if (in_array('jqgrid', $libraries)) {
$languaje = 'en';
$platform_isocode = strtolower(api_get_language_isocode());
//languages supported by jqgrid see files in main/inc/lib/javascript/jqgrid/js/i18n
$jqgrid_langs = array('bg', 'bg1251', 'cat','cn','cs','da','de','el','en','es','fa','fi','fr','gl','he','hu','is','it','ja','nl','no','pl','pt-br','pt','ro','ru','sk','sr','sv','tr','ua');
if (in_array($platform_isocode, $jqgrid_langs)) {
$languaje = $platform_isocode;
}
$js .= api_get_css($js_path.'jqgrid/css/ui.jqgrid.css');
$js .= api_get_js('jqgrid/js/i18n/grid.locale-'.$languaje.'.js');
$js .= api_get_js('jqgrid/js/jquery.jqGrid.min.js');
}
//Document multiple upload funcionality
if (in_array('jquery-upload', $libraries)) {
$js .= api_get_js('jquery-upload/jquery.fileupload.js');
$js .= api_get_js('jquery-upload/jquery.fileupload-ui.js');
$js .= api_get_css($js_path.'jquery-upload/jquery.fileupload-ui.css');
}
return $js;
}
/**
* Returns the course's URL
*
* This function relies on api_get_course_info()
* @param string The course code - optional (takes it from session if not given)
* @param int The session id - optional (takes it from session if not given)
* @return mixed The URL of the course or null if something does not work
* @author Julio Montoya <gugli100@gmail.com>
*/
function api_get_course_url($course_code = null, $session_id = null) {
if (empty($course_code)) {
$course_info = api_get_course_info();
} else {
$course_info = api_get_course_info($course_code);
}
if (empty($session_id)) {
$session_url = '?id_session='.api_get_session_id();
} else {
$session_url = '?id_session='.intval($session_id);
}
if (!empty($course_info['path'])) {
return api_get_path(WEB_COURSE_PATH).$course_info['path'].'/index.php'.$session_url;
}
return null;
}
/**
*
* Check if the current portal has the $_configuration['multiple_access_urls'] parameter on
* @return bool true if multi site is enabled
*
* */
function api_get_multiple_access_url() {
global $_configuration;
if (isset($_configuration['multiple_access_urls']) && $_configuration['multiple_access_urls']) {
return true;
}
return false;
}
function api_is_multiple_url_enabled() {
return api_get_multiple_access_url();
}
/**
* Returns a md5 unique id
* @todo add more parameters
*/
function api_get_unique_id() {
$id = md5(time().uniqid().api_get_user_id().api_get_course_id().api_get_session_id());
return $id;
}
function api_get_home_path() {
$home = 'home/';
$access_url_id = api_get_current_access_url_id();
if (api_get_multiple_access_url() && $access_url_id != -1) {
$url_info = api_get_current_access_url_info();
$url = api_remove_trailing_slash(preg_replace('/https?:\/\//i', '', $url_info['url']));
$clean_url = api_replace_dangerous_char($url);
$clean_url = str_replace('/', '-', $clean_url);
$clean_url .= '/';
// if $clean_url == "localhost/" means that the multiple URL was not well configured we don't rename the $home variable
if ($clean_url != 'localhost/') {
//$home = 'home/'.$clean_url;
}
$home = 'home/'.$clean_url;
}
return $home;
}
function api_get_course_table_condition($and = true) {
$course_id = api_get_course_int_id();
$condition = '';
$condition_add = $and ? " AND " : " WHERE ";
if (!empty($course_id)) {
$condition = " $condition_add c_id = $course_id";
}
return $condition;
}
/**
*
* @param int Course id
* @param int tool id: TOOL_QUIZ, TOOL_FORUM, TOOL_STUDENTPUBLICATION, TOOL_LEARNPATH
* @param int the item id (tool id, exercise id, lp id)
*
*/
function api_resource_is_locked_by_gradebook($item_id, $link_type, $course_code = null) {
if (api_is_platform_admin()) {
return false;
}
if (api_get_setting('gradebook_locking_enabled') == 'true') {
if (empty($course_code)) {
$course_code = api_get_course_id();
}
$table = Database::get_main_table(TABLE_MAIN_GRADEBOOK_LINK);
$item_id = intval($item_id);
$link_type = intval($link_type);
$course_code = Database::escape_string($course_code);
$sql = "SELECT locked FROM $table WHERE locked = 1 AND ref_id = $item_id AND type = $link_type AND course_code = '$course_code' ";
$result = Database::query($sql);
if (Database::num_rows($result)) {
return true;
}
}
return false;
}
/**
* Blocks a page if the item was added in a gradebook
*
* @param int exercise id, work id, thread id,
* @param int LINK_EXERCISE, LINK_STUDENTPUBLICATION, LINK_LEARNPATH LINK_FORUM_THREAD, LINK_ATTENDANCE see gradebook/lib/be/linkfactory
* @param string course code
* @return boolean
*/
function api_block_course_item_locked_by_gradebook($item_id, $link_type, $course_code = null) {
if (api_is_platform_admin()) {
return false;
}
if (api_resource_is_locked_by_gradebook($item_id, $link_type, $course_code)) {
$message = Display::return_message(get_lang('ResourceLockedByGradebook'), 'warning');
api_not_allowed(true, $message);
}
}
/**
* Checks the PHP version installed is enough to run Chamilo
* @param string Include path (used to load the error page)
* @return void
*/
function api_check_php_version() {
if (version_compare(phpversion(), REQUIRED_PHP_VERSION, '<')) {
return false;
}
return true;
}
/**
* Checks whether the Archive directory is present and writeable. If not,
* prints a warning message.
*/
function api_check_archive_dir() {
if (is_dir(api_get_path(SYS_ARCHIVE_PATH)) && !is_writable(api_get_path(SYS_ARCHIVE_PATH))) {
$message = Display::return_message(get_lang('ArchivesDirectoryNotWriteableContactAdmin'),'warning');
api_not_allowed(true, $message);
}
}
/**
* Returns an array of global configuration settings which should be ignored
* when printing the configuration settings screens
* @return array Array of strings, each identifying one of the excluded settings
*/
function api_get_locked_settings() {
return array(
'server_type',
'permanently_remove_deleted_files',
'account_valid_duration',
'service_visio',
'service_ppt2lp',
'wcag_anysurfer_public_pages',
'upload_extensions_list_type',
'upload_extensions_blacklist',
'upload_extensions_whitelist',
'upload_extensions_skip',
'upload_extensions_replace_by',
'hide_dltt_markup',
'split_users_upload_directory',
'permissions_for_new_directories',
'permissions_for_new_files',
'platform_charset',
'service_visio',
'ldap_description',
'cas_activate',
'cas_server',
'cas_server_uri',
'cas_port',
'cas_protocol',
'cas_add_user_activate',
'update_user_info_cas_with_ldap',
'languagePriority1',
'languagePriority2',
'languagePriority3',
'languagePriority4',
'login_is_email',
'chamilo_database_version'
);
}
/**
* Checks if the user is corrently logged in. Returns the user ID if he is, or
* false if he isn't. If the user ID is given and is an integer, then the same
* ID is simply returned
* @param integer User ID
* @return mixed Integer User ID is logged in, or false otherwise
*/
function api_user_is_login($user_id = null) {
$user_id = empty($user_id) ? api_get_user_id() : intval($user_id);
return $user_id && !api_is_anonymous();
}
/**
* Guess the real ip for register in the database, even in reverse proxy cases.
* To be recognized, the IP has to be found in either $_SERVER['REMOTE_ADDR'] or
* in $_SERVER['HTTP_X_FORWARDED_FOR'], which is in common use with rproxies.
* @return string the real ip of teh user.
* @author Jorge Frisancho Jibaja <jrfdeft@gmail.com>, USIL - Some changes to allow the use of real IP using reverse proxy
* @version CEV CHANGE 24APR2012
*/
function api_get_real_ip(){
// Guess the IP if behind a reverse proxy
global $debug;
if (PHP_SAPI === 'cli' && !isset($_SERVER['REMOTE_ADDR'])) {
$_SERVER['REMOTE_ADDR'] = 'localhost';
}
$ip = trim($_SERVER['REMOTE_ADDR']);
if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
list($ip1,$ip2) = split(',',$_SERVER['HTTP_X_FORWARDED_FOR']);
$ip = trim($ip1);
}
if (!empty($debug)) error_log('Real IP: '.$ip);
return $ip;
}
/**
* Checks whether an IP is included inside an IP range
* @param string IP address
* @param string IP range
* @return bool True if IP is in the range, false otherwise
* @author claudiu at cnixs dot com on http://www.php.net/manual/fr/ref.network.php#55230
* @author Yannick Warnier for improvements and managment of multiple ranges
* @todo check for IPv6 support
*/
function api_check_ip_in_range($ip,$range) {
if (empty($ip) or empty($range)) {
return false;
}
$ip_ip = ip2long ($ip);
$ranges = array();
// divide range param into array of elements
if (strpos($range,',')!==false) {
$ranges = explode(',',$range);
} else {
$ranges = array($range);
}
foreach ($ranges as $range) {
$range = trim($range);
if (empty($range)) { continue; }
if (strpos($range,'/')===false) {
if (strcmp($ip,$range)===0) {
return true; // there is a direct IP match, return OK
}
continue; //otherwise, get to the next range
}
// the range contains a "/", so analyse completely
list ($net, $mask) = explode("/", $range);
$ip_net = ip2long ($net);
// mask binary magic
$ip_mask = ~((1 << (32 - $mask)) - 1);
$ip_ip_net = $ip_ip & $ip_mask;
if ($ip_ip_net == $ip_net) {
return true;
}
}
return false;
}
/**
* @param $course_visibility
* @return bool
*/
function api_check_user_access_to_legal($course_visibility) {
$course_visibility_list = array(COURSE_VISIBILITY_OPEN_WORLD, COURSE_VISIBILITY_OPEN_PLATFORM);
return in_array($course_visibility, $course_visibility_list) || api_is_drh();
}
/**
* Checks if the global chat is enabled or not
*
* @return bool
*/
function api_is_global_chat_enabled() {
$enabled = !api_is_anonymous() && api_get_setting('allow_global_chat') == 'true' && api_get_setting('allow_social_tool') == 'true';
return $enabled;
}
/**
* This function sets the default visibility for any given content, using the
* default visibility setting of the corresponding tool. For example, if we
* create a new quiz and call this function, if the quiz tool is
* invisible/disabled at course creation, the quiz itself will be set to
* invisible.
* @param array|\Entity\Course $course
* @param int The ID of the item in its own table
* @param string The string identifier of the tool
* @param int The group ID, in case we want to specify it
* @param int The integer course ID, in case we cannot get it from the context
* @todo Fix tool_visible_by_default_at_creation labels
*/
function api_set_default_visibility($course, $item_id, $tool_id, $group_id = null)
{
$original_tool_id = $tool_id;
switch ($tool_id) {
case TOOL_LINK:
$tool_id = 'links';
break;
case TOOL_DOCUMENT:
$tool_id = 'documents';
break;
case TOOL_LEARNPATH:
$tool_id = 'learning';
break;
case TOOL_ANNOUNCEMENT:
$tool_id = 'announcements';
break;
case TOOL_FORUM:
case TOOL_FORUM_CATEGORY:
case TOOL_FORUM_THREAD:
$tool_id = 'forums';
break;
case TOOL_QUIZ:
$tool_id = 'quiz';
break;
}
$setting = api_get_setting('tool_visible_by_default_at_creation');
if (is_array($course)) {
$courseId = $course['real_id'];
} else {
if ($course instanceof Course) {
$courseId = $course->getId();
}
}
if (isset($setting[$tool_id])) {
$visibility = 'invisible';
if ($setting[$tool_id] == 'true') {
$visibility = 'visible';
}
if (empty($group_id)) {
$group_id = api_get_group_id();
}
api_item_property_update($course, $original_tool_id, $item_id, $visibility, api_get_user_id(), $group_id, null, null, null, api_get_session_id());
// Fixes default visibility for tests
switch ($original_tool_id) {
case TOOL_QUIZ:
$objExerciseTmp = new Exercise($courseId);
$objExerciseTmp->read($item_id);
if ($visibility == 'visible') {
$objExerciseTmp->enable();
$objExerciseTmp->save();
} else {
$objExerciseTmp->disable();
$objExerciseTmp->save();
}
break;
}
}
}
function api_get_security_key() {
global $_configuration;
return $_configuration['security_key'];
}
function api_get_datetime_picker_js($htmlHeadXtra) {
$htmlHeadXtra[] = '<script src="'.api_get_path(WEB_LIBRARY_JS_PATH).'datetimepicker/jquery-ui-timepicker-addon.js" type="text/javascript" language="javascript"></script>';
$htmlHeadXtra[] = '<link href="'.api_get_path(WEB_LIBRARY_JS_PATH).'datetimepicker/jquery-ui-timepicker-addon.css" rel="stylesheet" type="text/css" />';
$isocode = api_get_language_isocode();
if ($isocode != 'en') {
$htmlHeadXtra[] = '<script src="'.api_get_path(WEB_LIBRARY_JS_PATH).'datetimepicker/i18n/jquery-ui-timepicker-'.$isocode.'.js" type="text/javascript" language="javascript"></script>';
}
return $htmlHeadXtra;
}
function api_detect_user_roles($user_id, $courseId, $session_id = 0) {
$user_roles = array();
/*$user_info = api_get_user_info($user_id);
$user_roles[] = $user_info['status'];*/
$url_id = api_get_current_access_url_id();
if (api_is_platform_admin_by_id($user_id, $url_id)) {
$user_roles[] = PLATFORM_ADMIN;
}
/*if (api_is_drh()) {
$user_roles[] = DRH;
}*/
if (!empty($session_id)) {
if (SessionManager::user_is_general_coach($user_id, $session_id)) {
$user_roles[] = SESSION_GENERAL_COACH;
}
}
if (!empty($course_code)) {
if (empty($session_id)) {
if (CourseManager::is_course_teacher($user_id, $courseId)) {
$user_roles[] = COURSEMANAGER;
}
if (CourseManager::get_tutor_in_course_status($user_id, $courseId)) {
$user_roles[] = COURSE_TUTOR;
}
if (CourseManager::is_user_subscribed_in_course($user_id, $courseId)) {
$user_roles[] = COURSE_STUDENT;
}
} else {
$user_status_in_session = SessionManager::get_user_status_in_course_session($user_id, $courseId, $session_id);
if (!empty($user_status_in_session)) {
if ($user_status_in_session == 0) {
$user_roles[] = SESSION_STUDENT;
}
if ($user_status_in_session == 2) {
$user_roles[] = SESSION_COURSE_COACH;
}
}
}
}
return $user_roles;
}
/**
* @param $roles
* @return null|string
*
*/
function api_get_roles_to_string($roles)
{
$role_names = array();
if (!empty($roles)) {
foreach ($roles as $role) {
$role_names[] = api_get_status_from_code($role);
}
}
if (!empty($role_names)) {
return implode(', ', $role_names);
}
return null;
}
/**
* @param int $courseId
* @param int $session_id
* @return bool
*/
function api_coach_can_edit_view_results($courseId = null, $session_id = null) {
$user_id = api_get_user_id();
if (empty($courseId)) {
$courseId = api_get_course_int_id();
}
if (empty($session_id)) {
$session_id = api_get_session_id();
}
if (api_is_platform_admin()) {
return true;
}
$roles = api_detect_user_roles($user_id, $courseId, $session_id);
if (in_array(SESSION_COURSE_COACH, $roles)) {
return api_get_setting('session_tutor_reports_visibility') == 'true';
} else {
if (in_array(COURSEMANAGER, $roles)) {
return true;
}
return false;
}
}
/**
* @param string $file
* @return string
*/
function api_get_js_simple($file)
{
return '<script type="text/javascript" src="'.$file.'"></script>'."\n";
}
function api_set_settings_and_plugins()
{
global $_configuration;
$_setting = array();
$_plugins = array();
// access_url == 1 is the default chamilo location
$settings_by_access_list = array();
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != 1) {
$url_info = api_get_current_access_url_info();
if ($url_info['active'] == 1) {
$settings_by_access = api_get_settings(null, 'list', $_configuration['access_url'], 1);
foreach ($settings_by_access as $row) {
if (empty($row['variable'])) {
$row['variable'] = 0;
}
if (empty($row['subkey'])) {
$row['subkey'] = 0;
}
if (empty($row['category'])) {
$row['category'] = 0;
}
$settings_by_access_list[$row['variable']][$row['subkey']][$row['category']] = $row;
}
}
}
$result = api_get_settings(null, 'list', 1);
foreach ($result as & $row) {
if ($access_url_id != 1) {
if ($url_info['active'] == 1) {
$var = empty($row['variable']) ? 0 : $row['variable'];
$subkey = empty($row['subkey']) ? 0 : $row['subkey'];
$category = empty($row['category']) ? 0 : $row['category'];
}
if ($row['access_url_changeable'] == 1 && $url_info['active'] == 1) {
if (isset($settings_by_access_list[$var]) &&
$settings_by_access_list[$var][$subkey][$category]['selected_value'] != '') {
if ($row['subkey'] == null) {
$_setting[$row['variable']] = $settings_by_access_list[$var][$subkey][$category]['selected_value'];
} else {
$_setting[$row['variable']][$row['subkey']] = $settings_by_access_list[$var][$subkey][$category]['selected_value'];
}
} else {
if ($row['subkey'] == null) {
$_setting[$row['variable']] = $row['selected_value'];
} else {
$_setting[$row['variable']][$row['subkey']] = $row['selected_value'];
}
}
} else {
if ($row['subkey'] == null) {
$_setting[$row['variable']] = $row['selected_value'];
} else {
$_setting[$row['variable']][$row['subkey']] = $row['selected_value'];
}
}
} else {
if ($row['subkey'] == null) {
$_setting[$row['variable']] = $row['selected_value'];
} else {
$_setting[$row['variable']][$row['subkey']] = $row['selected_value'];
}
}
}
$result = api_get_settings('Plugins', 'list', $access_url_id);
foreach ($result as & $row) {
$key = & $row['variable'];
if (is_string($_setting[$key])) {
$_setting[$key] = array();
}
$_setting[$key][] = $row['selected_value'];
$_plugins[$key][] = $row['selected_value'];
}
Session::write('_setting', $_setting);
Session::write('_plugins', $_plugins);
}
/**
* Saving latest settings modification datetime
*/
function api_set_setting_last_update() {
api_set_setting('settings_latest_update', api_get_utc_datetime());
}
/**
* Tries to set memory limit, if authorized and new limit is higher than current
* @param string New memory limit
* @return bool True on success, false on failure or current is higher than suggested
* @assert (null) === false
* @assert (-1) === false
* @assert (0) === true
* @assert ('1G') === true
*/
function api_set_memory_limit($mem){
//if ini_set() not available, this function is useless
if (!function_exists('ini_set') || is_null($mem) || $mem == -1) {
return false;
}
$memory_limit = ini_get('memory_limit');
if (api_get_bytes_memory_limit($mem) > api_get_bytes_memory_limit($memory_limit)){
ini_set('memory_limit', $mem);
return true;
}
return false;
}
/**
* Gets memory limit in bytes
* @param string The memory size (128M, 1G, 1000K, etc)
* @return int
* @assert (null) === false
* @assert ('1t') === 1099511627776
* @assert ('1g') === 1073741824
* @assert ('1m') === 1048576
* @assert ('100k') === 102400
*/
function api_get_bytes_memory_limit($mem){
$size = strtolower(substr($mem,-1));
switch ($size) {
case 't':
$mem = intval(substr($mem,-1))*1024*1024*1024*1024;
break;
case 'g':
$mem = intval(substr($mem,0,-1))*1024*1024*1024;
break;
case 'm':
$mem = intval(substr($mem,0,-1))*1024*1024;
break;
case 'k':
$mem = intval(substr($mem,0,-1))*1024;
break;
default:
// we assume it's integer only
$mem = intval($mem);
break;
}
return $mem;
}
/**
* Sends email using the phpmailer class
* Sender name and email can be specified, if not specified
* name and email of the platform admin are used
*
* @author Bert Vanderkimpen ICT&O UGent
*
* @param recipient_name name of recipient
* @param recipient_email email of recipient
* @param message email body
* @param subject email subject
* @return returns true if mail was sent
* @see class.phpmailer.php
* @deprecated use api_mail_html()
*/
function api_mail($recipient_name, $recipient_email, $subject, $message, $sender_name = '', $sender_email = '', $extra_headers = '') {
api_mail_html($recipient_name, $recipient_email, $subject, $message, $sender_name, $sender_email, $extra_headers);
}
/**
* Sends an HTML email using the phpmailer class (and multipart/alternative to downgrade gracefully)
* Sender name and email can be specified, if not specified
* name and email of the platform admin are used
*
* @author Bert Vanderkimpen ICT&O UGent
* @author Yannick Warnier <yannick.warnier@beeznest.com>
*
* @param string name of recipient
* @param string email of recipient
* @param string email subject
* @param string email body
* @param string sender name
* @param string sender e-mail
* @param array extra headers in form $headers = array($name => $value) to allow parsing
* @param array data file (path and filename)
* @param array data to attach a file (optional)
* @param bool True for attaching a embedded file inside content html (optional)
* @return returns true if mail was sent
* @see class.phpmailer.php
*/
function api_mail_html(
$recipient_name,
$recipient_email,
$subject,
$body,
$sender_name = '',
$sender_email = '',
$extra_headers = null,
$data_file = array(),
$embedded_image = false,
$text_body = null
) {
global $app;
$reply_to_mail = $sender_email;
$reply_to_name = $sender_name;
if (isset($extra_headers['reply_to'])) {
$reply_to_mail = $extra_headers['reply_to']['mail'];
$reply_to_name = $extra_headers['reply_to']['name'];
}
// Forcing the conversion.
if (strpos($body, '<html>') === false) {
$htmlBody = str_replace(array("\n\r", "\n", "\r"), '<br />', $body);
$htmlBody = '<html><head></head><body>'.$htmlBody.'</body></html>';
} else {
$htmlBody = $body;
}
if (!empty($text_body)) {
$textBody = $text_body;
} else {
$textBody = $body;
}
try {
$message = \Swift_Message::newInstance()
->setSubject($subject)
->setFrom(array($sender_email => $sender_name))
->setTo(array($recipient_email => $recipient_name))
->setReplyTo(array($reply_to_mail => $reply_to_name))
->setBody($htmlBody, 'text/html')
->addPart($textBody, 'text/plain')
->setEncoder(Swift_Encoding::get8BitEncoding());
if (!empty($data_file)) {
// Attach it to the message
$message->attach(Swift_Attachment::fromPath($data_file['path']))->setFilename($data_file['filename']);
}
$type = $message->getHeaders()->get('Content-Type');
$type->setValue('text/html');
$type->setParameter('charset', 'utf-8');
$app['monolog']->addDebug($message);
$result = $app['mailer']->send($message);
return $result;
} catch (Exception $e) {
//$app['monolog']->addDebug('Email address not valid:' . $e->getMessage());
}
return false;
/*
$mail = new PHPMailer();
$mail->Mailer = $platform_email['SMTP_MAILER'];
$mail->Host = $platform_email['SMTP_HOST'];
$mail->Port = $platform_email['SMTP_PORT'];
$mail->CharSet = $platform_email['SMTP_CHARSET'];
$mail->WordWrap = 200; // Stay far below SMTP protocol 980 chars limit.
if ($platform_email['SMTP_AUTH']) {
$mail->SMTPAuth = 1;
$mail->Username = $platform_email['SMTP_USER'];
$mail->Password = $platform_email['SMTP_PASS'];
}
$mail->Priority = 3; // 5 = low, 1 = high
$mail->AddCustomHeader('Errors-To: '.$platform_email['SMTP_FROM_EMAIL']);
$mail->SMTPKeepAlive = true;
if (($sender_email != '') && ($sender_name != '')) {
$mail->AddReplyTo($sender_email, $sender_name);
}
if (isset($extra_headers['reply_to'])) {
$mail->AddReplyTo($extra_headers['reply_to']['mail'], $extra_headers['reply_to']['name']);
}
// Attachments
// $mail->AddAttachment($path);
// $mail->AddAttachment($path, $filename);
if ($sender_email != '') {
$mail->From = $sender_email;
$mail->Sender = $sender_email;
//$mail->ConfirmReadingTo = $sender_email; // Disposition-Notification
} else {
$mail->From = $platform_email['SMTP_FROM_EMAIL'];
$mail->Sender = $platform_email['SMTP_FROM_EMAIL'];
//$mail->ConfirmReadingTo = $platform_email['SMTP_FROM_EMAIL']; // Disposition-Notification
}
if ($sender_name != '') {
$mail->FromName = $sender_name;
} else {
$mail->FromName = $platform_email['SMTP_FROM_NAME'];
}
$mail->Subject = $subject;
$mail->AltBody = strip_tags(str_replace('<br />',"\n", api_html_entity_decode($message)));
// Send embedded image.
if ($embedded_image) {
// Get all images html inside content.
preg_match_all("/<img\s+.*?src=[\"\']?([^\"\' >]*)[\"\']?[^>]*>/i", $message, $m);
// Prepare new tag images.
$new_images_html = array();
$i = 1;
if (!empty($m[1])) {
foreach ($m[1] as $image_path) {
$real_path = realpath($image_path);
$filename = basename($image_path);
$image_cid = $filename.'_'.$i;
$encoding = 'base64';
$image_type = mime_content_type($real_path);
$mail->AddEmbeddedImage($real_path, $image_cid, $filename, $encoding, $image_type);
$new_images_html[] = '<img src="cid:'.$image_cid.'" />';
$i++;
}
}
// Replace origin image for new embedded image html.
$x = 0;
if (!empty($m[0])) {
foreach ($m[0] as $orig_img) {
$message = str_replace($orig_img, $new_images_html[$x], $message);
$x++;
}
}
}
$message = str_replace(array("\n\r", "\n", "\r"), '<br />', $message);
$mail->Body = '<html><head></head><body>'.$message.'</body></html>';
// Attachment ...
if (!empty($data_file)) {
$mail->AddAttachment($data_file['path'], $data_file['filename']);
}
// Only valid addresses are accepted.
if (is_array($recipient_email)) {
foreach ($recipient_email as $dest) {
if (api_valid_email($dest)) {
$mail->AddAddress($dest, $recipient_name);
//$mail->AddAddress($dest, ($i > 1 ? '' : $recipient_name));
}
}
} else {
if (api_valid_email($recipient_email)) {
$mail->AddAddress($recipient_email, $recipient_name);
} else {
return 0;
}
}
if (is_array($extra_headers) && count($extra_headers) > 0) {
foreach ($extra_headers as $key => $value) {
switch (strtolower($key)) {
case 'reply-to':
//the value here is the result of api_get_user_info()
$sender_email = $value['email'];
$sender_name = $value['complete_name'];
$mail->AddReplyTo($sender_email, $sender_name);
break;
case 'encoding':
case 'content-transfer-encoding':
$mail->Encoding = $value;
break;
case 'charset':
$mail->Charset = $value;
break;
case 'contenttype':
case 'content-type':
$mail->ContentType = $value;
break;
default:
$mail->AddCustomHeader($key.':'.$value);
break;
}
}
} else {
if (!empty($extra_headers)) {
$mail->AddCustomHeader($extra_headers);
}
}
// WordWrap the html body (phpMailer only fixes AltBody) FS#2988
$mail->Body = $mail->WrapText($mail->Body, $mail->WordWrap);
// Send the mail message.
if (!$mail->Send()) {
//echo 'ERROR: mail not sent to '.$recipient_name.' ('.$recipient_email.') because of '.$mail->ErrorInfo.'<br />';
error_log('ERROR: mail not sent to '.$recipient_name.' ('.$recipient_email.') because of '.$mail->ErrorInfo.'<br />');
return 0;
}
// Clear all the addresses.
$mail->ClearAddresses();
return 1;
*/
}
function api_set_login_language($lang) {
global $app;
$valid_languages = array();
if ($app->isInstalled()) {
$valid_languages = api_get_languages();
}
if (isset($lang) && isset($valid_languages)) {
if (in_array($lang, $valid_languages['folder'])) {
$_SESSION['user_language_choice'] = $lang;
}
}
}
function api_get_language_selected_in_login()
{
$language = api_get_setting('platformLanguage');
if (isset($_SESSION['user_language_choice']) && !empty($_SESSION['user_language_choice'])) {
$language = $_SESSION['user_language_choice'];
}
return $language;
}
function api_get_user_language()
{
$user_language = null;
if (!api_is_anonymous()) {
$userInfo = api_get_user_info();
//var_dump($userInfo);exit;
if (isset($userInfo['language'])) {
$user_language = $userInfo['language'];
}
}
// When this is use?
/*
if (isset($_POST['language_list']) && !empty($_POST['language_list'])) {
if (in_array($_GET['language'], $valid_languages)) {
$user_language = str_replace('index.php?language=', '', $_POST['language_list']);
}
}*/
if (isset($_REQUEST['language']) && !empty($_REQUEST['language'])) {
api_set_login_language($_REQUEST['language']);
}
// Last chance we get the platform language
if (empty($user_language)) {
$user_language = api_get_setting('platformLanguage');
}
return $user_language;
}
function api_get_language_interface()
{
$valid_languages = api_get_languages();
$user_language = api_get_user_language();
$courseInfo = api_get_course_info();
$language_interface = 'english';
$languageFromLogin = api_get_language_selected_in_login();
if (!empty($languageFromLogin)) {
$language_interface = $languageFromLogin;
}
if (!empty($valid_languages)) {
// User language or platform lang
//platformLanguage
//if (!empty($user_language)) {
$language_interface = $user_language;
//}
// Course language
if (!empty($courseInfo) && isset($courseInfo['language'])) {
$language_interface = $courseInfo['language'];
}
//error_log('$language_interface: '.$language_interface);
// Lang priorities could be: course_lang, user_profil_lang, user_selected_lang , platform_lang
$language_priority1 = api_get_setting('languagePriority1');
$language_priority2 = api_get_setting('languagePriority2');
$language_priority3 = api_get_setting('languagePriority3');
$language_priority4 = api_get_setting('languagePriority4');
/*error_log('$language_interface1: '.$language_priority1);
error_log('$language_interface2: '.$language_priority2);
error_log('$language_interface3: '.$language_priority3);
error_log('$language_interface4: '.$language_priority4);*/
if (!empty($language_priority4) && api_get_language_from_type($language_priority4) !== false) {
$language_interface = api_get_language_from_type($language_priority4);
}
if (!empty($language_priority3) && api_get_language_from_type($language_priority3) !== false) {
$language_interface = api_get_language_from_type($language_priority3);
}
if (!empty($language_priority2) && api_get_language_from_type($language_priority2) !== false) {
$language_interface = api_get_language_from_type($language_priority2);
}
if (!empty($language_priority1) && api_get_language_from_type($language_priority1) !== false) {
$language_interface = api_get_language_from_type($language_priority1);
}
// If user lang is not valid get the default platform lang
if (empty($language_interface) || !in_array($language_interface, $valid_languages['folder'])) {
$language_interface = api_get_setting('platformLanguage');
}
}
return $language_interface;
}
/**
* Get user roles
* @return array
*/
function api_get_user_roles()
{
$em = Database::getManager();
//var_dump(Session::getSecurity()->getToken()->getRoles());
$roles = $em->getRepository('ChamiloCoreBundle:Role')->findBy(array(), array('name'=>'asc'));
$userRoles = array();
foreach ($roles as $role) {
$userRoles[$role->getId()] = $role->getName();
}
return $userRoles;
// Status
$status = array();
$status[COURSEMANAGER] = get_lang('Teacher');
$status[STUDENT] = get_lang('Learner');
$status[DRH] = get_lang('Drh');
$status[SESSIONADMIN] = get_lang('SessionsAdmin');
$status[QUESTION_MANAGER] = get_lang('QuestionManager');
return $status;
}
/**
* Finds all the information about a user from username instead of user id
* @param $username (string): the username
* @return $user_info (array): user_id, lastname, firstname, username, email, ...
* @author Yannick Warnier <yannick.warnier@beeznest.com>
*/
function api_get_user_info_from_official_code($official_code = '') {
if (empty($official_code)) { return false; }
$sql = "SELECT * FROM ".Database :: get_main_table(TABLE_MAIN_USER)." WHERE official_code ='".Database::escape_string($official_code)."'";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
$result_array = Database::fetch_array($result);
return api_format_user($result_array);
}
return false;
}
/**
*
* @param string $inputId the jquery id example: #password
* @return string
*/
function api_get_password_checker_js($inputId)
{
global $_configuration;
$useStrengthPassChecker = isset($_configuration['allow_strength_pass_checker']) ? $_configuration['allow_strength_pass_checker'] : false;
if ($useStrengthPassChecker == false) {
return null;
}
$verdicts = array(get_lang('Weak'), get_lang('Normal'), get_lang('Medium'), get_lang('Strong'), get_lang('VeryStrong'));
$js = api_get_js('strength/strength.js');
$js .= "<script>
var verdicts = ['".implode("','", $verdicts)."'];
var errorMessages = {
password_to_short : '".get_lang('PasswordIsTooShort')."'
};
$(document).ready(function() {
var options = {
verdicts: verdicts,
onLoad : function () {
//$('#messages').text('Start typing password');
},
onKeyUp: function (evt) {
$(evt.target).pwstrength('outputErrorList');
},
errorMessages : errorMessages,
viewports: {
progress: '#password_progress',
//verdict: undefined,
//errors: undefined
}
};
$('".$inputId."').pwstrength(options);
});
</script>";
return $js;
}
/**
* Gets an array with "easy" passwords
* @return array
*/
function api_get_easy_password_list()
{
$passwordList = array('123', '1234', '123456', 'admin', 'user', 'student', 'teacher');
$file = api_get_path(CONFIGURATION_PATH).'easy_password_list.php';
if (file_exists($file)) {
$passwordList = require_once $file;
}
return $passwordList;
}
function api_is_profile_editable()
{
global $profileIsEditable;
return isset($profileIsEditable) ? $profileIsEditable : false;
}
function api_is_profile_readable()
{
global $profileIsReadable;
return isset($profileIsReadable) ? $profileIsReadable : true;
}
/**
* Function to make an HTTP request through fsockopen (specialised for GET)
* Derived from Jeremy Saintot: http://www.php.net/manual/en/function.fsockopen.php#101872
* @param string IP or hostname
* @param int Target port
* @param string URI (defaults to '/')
* @param array GET data
* @param float Timeout
* @param bool Include HTTP Request headers?
* @param bool Include HTTP Response headers?
*/
function api_http_request($ip, $port = 80, $uri = '/', $getdata = array(), $timeout = 1, $req_hdr = false, $res_hdr = false) {
$verb = 'GET';
$ret = '';
$getdata_str = count($getdata) ? '?' : '';
foreach ($getdata as $k => $v) {
$getdata_str .= urlencode($k) .'='. urlencode($v) . '&';
}
$crlf = "\r\n";
$req = $verb .' '. $uri . $getdata_str .' HTTP/1.1' . $crlf;
$req .= 'Host: '. $ip . $crlf;
$req .= 'User-Agent: Mozilla/5.0 Firefox/3.6.12' . $crlf;
$req .= 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' . $crlf;
$req .= 'Accept-Language: en-us,en;q=0.5' . $crlf;
$req .= 'Accept-Encoding: deflate' . $crlf;
$req .= 'Accept-Charset: utf-8;q=0.7,*;q=0.7' . $crlf;
$req .= $crlf;
if ($req_hdr) {
$ret .= $req;
}
if (($fp = @fsockopen($ip, $port, $errno, $errstr, $timeout)) == false) {
return "Error $errno: $errstr\n";
}
stream_set_timeout($fp, $timeout);
$r = @fwrite($fp, $req);
$line = @fread($fp, 512);
$ret .= $line;
fclose($fp);
if (!$res_hdr) {
$ret = substr($ret, strpos($ret, "\r\n\r\n") + 4);
}
return trim($ret);
}
/**
* @return bool
*
*/
function api_is_allowed_in_course()
{
return Session::read('is_allowed_in_course');
}
function api_is_unoconv_installed()
{
global $_configuration;
if (isset($_configuration['services']['unoconv']['unoconv.binaries'])) {
return true;
}
return false;
}
function api_get_role_name_from_status($status)
{
switch ($status) {
case COURSEMANAGER:
return 'ROLE_TEACHER';
case STUDENT:
return 'ROLE_STUDENT';
}
}