/**
* @param int $id
* @return bool|void
*/
public function delete($id)
{
parent::delete($id);
Event::addEvent(LOG_CAREER_DELETE, LOG_CAREER_ID, $id, api_get_utc_datetime(), api_get_user_id());
}
/**
* Cleans the student's results only for the Exercise tool (Not from the LP)
* The LP results are NOT deleted by default, otherwise put $cleanLpTests = true
* Works with exercises in sessions
* @param bool $cleanLpTests
* @param string $cleanResultBeforeDate
*
* @return int quantity of user's exercises deleted
*/
public function clean_results($cleanLpTests = false, $cleanResultBeforeDate = null)
{
$table_track_e_exercises = Database::get_main_table(TABLE_STATISTIC_TRACK_E_EXERCISES);
$table_track_e_attempt = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ATTEMPT);
$sql_where = ' AND
orig_lp_id = 0 AND
orig_lp_item_id = 0';
// if we want to delete results from LP too
if ($cleanLpTests) {
$sql_where = "";
}
// if we want to delete attempts before date $cleanResultBeforeDate
// $cleanResultBeforeDate must be a valid UTC-0 date yyyy-mm-dd
if (!empty($cleanResultBeforeDate)) {
$cleanResultBeforeDate = Database::escape_string($cleanResultBeforeDate);
if (api_is_valid_date($cleanResultBeforeDate)) {
$sql_where .= " AND exe_date <= '{$cleanResultBeforeDate}' ";
} else {
return 0;
}
}
$sql = "SELECT exe_id\n FROM {$table_track_e_exercises}\n WHERE\n c_id = " . api_get_course_int_id() . " AND\n exe_exo_id = " . $this->id . " AND\n session_id = " . api_get_session_id() . " " . $sql_where;
$result = Database::query($sql);
$exe_list = Database::store_result($result);
// deleting TRACK_E_ATTEMPT table
// check if exe in learning path or not
$i = 0;
if (is_array($exe_list) && count($exe_list) > 0) {
foreach ($exe_list as $item) {
$sql = "DELETE FROM {$table_track_e_attempt}\n WHERE exe_id = '" . $item['exe_id'] . "'";
Database::query($sql);
$i++;
}
}
$session_id = api_get_session_id();
// delete TRACK_E_EXERCISES table
$sql = "DELETE FROM {$table_track_e_exercises}\n WHERE c_id = " . api_get_course_int_id() . "\n AND exe_exo_id = " . $this->id . "\n {$sql_where}\n AND session_id = " . $session_id . "";
Database::query($sql);
Event::addEvent(LOG_EXERCISE_RESULT_DELETE, LOG_EXERCISE_ID, $this->id, null, null, api_get_course_int_id(), $session_id);
return $i;
}
function WSUnsuscribeCoursesFromSession($params)
{
if (!WSHelperVerifyKey($params)) {
return return_error(WS_ERROR_SECRET_KEY);
}
// Initialisation
$tbl_session_rel_course_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$tbl_session_rel_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
$tbl_course = Database::get_main_table(TABLE_MAIN_COURSE);
$coursessessions_params = $params['coursessessions'];
$results = array();
$orig_course_id_value = array();
$orig_session_id_value = array();
foreach ($coursessessions_params as $coursesession_param) {
$original_session_id_value = $coursesession_param['original_session_id_value'];
$original_session_id_name = $coursesession_param['original_session_id_name'];
$original_course_id_name = $coursesession_param['original_course_id_name'];
$original_course_id_values = $coursesession_param['original_course_id_values'];
$orig_session_id_value[] = $original_session_id_value;
$id_session = SessionManager::getSessionIdFromOriginalId($original_session_id_value, $original_session_id_name);
if (empty($id_session)) {
$results[] = 0;
continue;
}
// Get courses list from row_original_course_id_values
$course_list = array();
$courseIdList = [];
foreach ($original_course_id_values as $row_original_course_list) {
$course_code = Database::escape_string($row_original_course_list['course_code']);
// Check whether exits $x_course_code into user_field_values table.
$courseInfo = CourseManager::getCourseInfoFromOriginalId($row_original_course_list['course_code'], $original_course_id_name);
if (empty($courseInfo) || isset($courseInfo) && $courseInfo['visibility'] == 0) {
continue;
// Course_code doesn't exist'
}
$course_list[] = $courseInfo['code'];
$courseIdList[] = $courseInfo['real_id'];
}
if (empty($course_list)) {
$results[] = 0;
continue;
}
$orig_course_id_value[] = implode(',', $course_list);
foreach ($courseIdList as $courseId) {
$courseId = intval($courseId);
Database::query("DELETE FROM {$tbl_session_rel_course}\n WHERE c_id ='{$courseId}' AND session_id='{$id_session}'");
$result = Database::query("DELETE FROM {$tbl_session_rel_course_rel_user} WHERE c_id='{$courseId}' AND session_id = '{$id_session}'");
Event::addEvent(LOG_SESSION_DELETE_COURSE, LOG_COURSE_ID, $courseId, api_get_utc_datetime(), api_get_user_id(), $courseId, $id_session);
$return = Database::affected_rows($result);
}
$nbr_courses = 0;
$sql = "SELECT nbr_courses FROM {$tbl_session} WHERE id = '{$id_session}'";
$res_nbr_courses = Database::query($sql);
$row_nbr_courses = Database::fetch_row($res_nbr_courses);
if (Database::num_rows($res_nbr_courses) > 0) {
$nbr_users = $row_nbr_courses[0] - $return;
}
// Update number of users in the session.
$update_sql = "UPDATE {$tbl_session} SET nbr_courses= {$nbr_courses} WHERE id='{$id_session}' ";
Database::query($update_sql);
$results[] = 1;
continue;
}
$count_results = count($results);
$output = array();
for ($i = 0; $i < $count_results; $i++) {
$output[] = array('original_course_id_values' => $orig_course_id_value[$i], 'original_session_id_value' => $orig_session_id_value[$i], 'result' => $results[$i]);
}
return $output;
}
/**
* Function register_course to create a record in the course table of the main database
* @param array Course details (see code for details)
* @return int Created course ID
* @todo use an array called $params instead of lots of params
* @assert (null) === false
*/
public static function register_course($params)
{
global $error_msg, $firstExpirationDelay;
$title = $params['title'];
$code = $params['code'];
$visual_code = $params['visual_code'];
$directory = $params['directory'];
$tutor_name = isset($params['tutor_name']) ? $params['tutor_name'] : null;
//$description = $params['description'];
$category_code = isset($params['course_category']) ? $params['course_category'] : '';
$course_language = isset($params['course_language']) && !empty($params['course_language']) ? $params['course_language'] : api_get_setting('language.platform_language');
$user_id = empty($params['user_id']) ? api_get_user_id() : intval($params['user_id']);
$department_name = isset($params['department_name']) ? $params['department_name'] : null;
$department_url = isset($params['department_url']) ? $params['department_url'] : null;
$disk_quota = isset($params['disk_quota']) ? $params['disk_quota'] : null;
if (!isset($params['visibility'])) {
$default_course_visibility = api_get_setting('course.courses_default_creation_visibility');
if ($default_course_visibility != '') {
$visibility = $default_course_visibility;
} else {
$visibility = COURSE_VISIBILITY_OPEN_PLATFORM;
}
} else {
$visibility = $params['visibility'];
}
$subscribe = isset($params['subscribe']) ? intval($params['subscribe']) : ($visibility == COURSE_VISIBILITY_OPEN_PLATFORM ? 1 : 0);
$unsubscribe = isset($params['unsubscribe']) ? intval($params['unsubscribe']) : 0;
$expiration_date = isset($params['expiration_date']) ? $params['expiration_date'] : null;
$teachers = isset($params['teachers']) ? $params['teachers'] : null;
$status = isset($params['status']) ? $params['status'] : null;
$TABLECOURSE = Database::get_main_table(TABLE_MAIN_COURSE);
$TABLECOURSUSER = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$ok_to_register_course = true;
// Check whether all the needed parameters are present.
if (empty($code)) {
$error_msg[] = 'courseSysCode is missing';
$ok_to_register_course = false;
}
if (empty($visual_code)) {
$error_msg[] = 'courseScreenCode is missing';
$ok_to_register_course = false;
}
if (empty($directory)) {
$error_msg[] = 'courseRepository is missing';
$ok_to_register_course = false;
}
if (empty($title)) {
$error_msg[] = 'title is missing';
$ok_to_register_course = false;
}
if (empty($expiration_date)) {
$expiration_date = api_get_utc_datetime(time() + $firstExpirationDelay);
} else {
$expiration_date = api_get_utc_datetime($expiration_date);
}
if ($visibility < 0 || $visibility > 4) {
$error_msg[] = 'visibility is invalid';
$ok_to_register_course = false;
}
if (empty($disk_quota)) {
$disk_quota = api_get_setting('document.default_document_quotum');
}
$time = api_get_utc_datetime();
if (stripos($department_url, 'http://') === false && stripos($department_url, 'https://') === false) {
$department_url = 'http://' . $department_url;
}
//just in case
if ($department_url == 'http://') {
$department_url = '';
}
$course_id = 0;
if ($ok_to_register_course) {
// Here we must add 2 fields.
$sql = "INSERT INTO " . $TABLECOURSE . " SET\n code = '" . Database::escape_string($code) . "',\n directory = '" . Database::escape_string($directory) . "',\n course_language = '" . Database::escape_string($course_language) . "',\n title = '" . Database::escape_string($title) . "',\n description = '" . self::lang2db(get_lang('CourseDescription')) . "',\n category_code = '" . Database::escape_string($category_code) . "',\n visibility = '" . $visibility . "',\n show_score = '1',\n disk_quota = '" . intval($disk_quota) . "',\n creation_date = '{$time}',\n expiration_date = '" . $expiration_date . "',\n last_edit = '{$time}',\n last_visit = NULL,\n tutor_name = '" . Database::escape_string($tutor_name) . "',\n department_name = '" . Database::escape_string($department_name) . "',\n department_url = '" . Database::escape_string($department_url) . "',\n subscribe = '" . intval($subscribe) . "',\n unsubscribe = '" . intval($unsubscribe) . "',\n visual_code = '" . Database::escape_string($visual_code) . "'";
Database::query($sql);
$course_id = Database::insert_id();
if ($course_id) {
$sort = api_max_sort_value('0', api_get_user_id());
// Default true
$addTeacher = isset($params['add_user_as_teacher']) ? $params['add_user_as_teacher'] : true;
if ($addTeacher) {
$i_course_sort = CourseManager::userCourseSort($user_id, $code);
if (!empty($user_id)) {
$sql = "INSERT INTO " . $TABLECOURSUSER . " SET\n c_id = '" . $course_id . "',\n user_id = '" . intval($user_id) . "',\n status = '1',\n is_tutor = '0',\n sort = '" . $i_course_sort . "',\n user_course_cat = '0'";
Database::query($sql);
}
}
if (!empty($teachers)) {
if (!is_array($teachers)) {
$teachers = array($teachers);
}
foreach ($teachers as $key) {
//just in case
if ($key == $user_id) {
continue;
}
if (empty($key)) {
continue;
}
$sql = "INSERT INTO " . $TABLECOURSUSER . " SET\n c_id = '" . Database::escape_string($course_id) . "',\n user_id = '" . Database::escape_string($key) . "',\n status = '1',\n is_tutor = '0',\n sort = '" . ($sort + 1) . "',\n user_course_cat = '0'";
Database::query($sql);
}
}
// Adding the course to an URL.
if (api_is_multiple_url_enabled()) {
$url_id = 1;
if (api_get_current_access_url_id() != -1) {
$url_id = api_get_current_access_url_id();
}
UrlManager::add_course_to_url($course_id, $url_id);
} else {
UrlManager::add_course_to_url($course_id, 1);
}
// Add event to the system log.
$user_id = api_get_user_id();
Event::addEvent(LOG_COURSE_CREATE, LOG_COURSE_CODE, $code, api_get_utc_datetime(), $user_id, $course_id);
$send_mail_to_admin = api_get_setting('course.send_email_to_admin_when_create_course');
// @todo Improve code to send to all current portal administrators.
if ($send_mail_to_admin == 'true') {
$siteName = api_get_setting('platform.site_name');
$recipient_email = api_get_setting('admin.administrator_email');
$recipient_name = api_get_person_name(api_get_setting('admin.administrator_name'), api_get_setting('admin.administrator_surname'));
$iname = api_get_setting('platform.institution');
$subject = get_lang('NewCourseCreatedIn') . ' ' . $siteName . ' - ' . $iname;
$message = get_lang('Dear') . ' ' . $recipient_name . ",\n\n" . get_lang('MessageOfNewCourseToAdmin') . ' ' . $siteName . ' - ' . $iname . "\n";
$message .= get_lang('CourseName') . ' ' . $title . "\n";
$message .= get_lang('Category') . ' ' . $category_code . "\n";
$message .= get_lang('Tutor') . ' ' . $tutor_name . "\n";
$message .= get_lang('Language') . ' ' . $course_language;
$userInfo = api_get_user_info($user_id);
$additionalParameters = array('smsType' => SmsPlugin::NEW_COURSE_BEEN_CREATED, 'userId' => $user_id, 'courseName' => $title, 'creatorUsername' => $userInfo['username']);
api_mail_html($recipient_name, $recipient_email, $subject, $message, $siteName, $recipient_email, null, null, null, $additionalParameters);
}
}
}
return $course_id;
}
/**
* @param $exe_id
* @param $user_id
* @param int $courseId
* @param $question_id
* @param int $sessionId
*/
public static function delete_attempt_hotspot($exe_id, $user_id, $courseId, $question_id, $sessionId = null)
{
$table_track_attempt = Database::get_main_table(TABLE_STATISTIC_TRACK_E_HOTSPOT);
$exe_id = intval($exe_id);
$user_id = intval($user_id);
$courseId = intval($courseId);
$question_id = intval($question_id);
if (!isset($sessionId)) {
$sessionId = api_get_session_id();
}
$sql = "DELETE FROM {$table_track_attempt}\n WHERE hotspot_exe_id = {$exe_id} AND\n hotspot_user_id = {$user_id} AND\n c_id = {$courseId} AND\n hotspot_question_id = {$question_id} ";
Database::query($sql);
Event::addEvent(LOG_QUESTION_RESULT_DELETE, LOG_EXERCISE_ATTEMPT_QUESTION_ID, $exe_id . '-' . $question_id, null, null, $courseId, $sessionId);
}
<center>
Are you sure you want to logout?<br/>
<a onclick="load('logout', 'logout', 'none', {})">Yes</a> | <a
onclick="load('home', 'none', 'none', {})">No</a>
</center>
<?php
} else {
$_SESSION['user'] = $_SESSION['real'];
unset($_SESSION['real']);
?>
<script>
window.location = 'main.php';
</script>
<?php
}
} else {
if ($action == 'logout') {
if (isset($_SESSION['user'])) {
Event::addEvent($_SESSION['user']->getName() . ' has logged out.', $_SESSION['user'], 4);
} else {
Event::addEvent('A user\'s session has timed out.', new User(0), 4);
}
session_destroy();
setcookie('user', null, time() - 60 * 60);
?>
<script>
window.location = 'index.php';
</script>
<?php
}
}
/**
* Delete sessions categories
* @author Jhon Hinojosa <*****@*****.**>, from existing code
* @param array id_checked
* @param bool include delete session
* @param bool optional, true if the function is called by a webservice, false otherwise.
* @return void Nothing, or false on error
* The parameters is a array to delete sessions
* */
public static function delete_session_category($id_checked, $delete_session = false, $from_ws = false)
{
$tbl_session_category = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY);
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
if (is_array($id_checked)) {
$id_checked = Database::escape_string(implode(',', $id_checked));
} else {
$id_checked = intval($id_checked);
}
//Setting session_category_id to 0
$sql = "UPDATE {$tbl_session} SET session_category_id = 0\n WHERE session_category_id IN (" . $id_checked . ")";
Database::query($sql);
$sql = "SELECT id FROM {$tbl_session} WHERE session_category_id IN (" . $id_checked . ")";
$result = Database::query($sql);
while ($rows = Database::fetch_array($result)) {
$session_id = $rows['id'];
if ($delete_session) {
if ($from_ws) {
SessionManager::delete($session_id, true);
} else {
SessionManager::delete($session_id);
}
}
}
$sql = "DELETE FROM {$tbl_session_category} WHERE id IN (" . $id_checked . ")";
Database::query($sql);
// Add event to system log
$user_id = api_get_user_id();
Event::addEvent(LOG_SESSION_CATEGORY_DELETE, LOG_SESSION_CATEGORY_ID, $id_checked, api_get_utc_datetime(), $user_id);
return true;
}
$to = $email;
$subject = 'IRIN - New Account';
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1" . "\r\n";
$headers .= "From: IRIN <*****@*****.**>" . "\r\n";
$message = 'A new account has been created with your email address.<br /><br /><b>Login ID:</b> ' . $login . '<br /><b>New Password:</b> ' . $password . '<br /><b>Name:</b> ' . $name;
//mail($to, $subject, $message, $headers);
$mail->setFrom('*****@*****.**', 'IRIN');
$mail->addAddress($to);
$mail->Subject = $subject;
$mail->Body = $message;
if (!$mail->send()) {
throw new MailException($mail->ErrorInfo);
}
echo 'true';
Event::addEvent($name . '\'s account has been created.', $_SESSION['user'], 1);
}
}
}
}
} else {
if ($action == 'switch') {
if (!isset($_SESSION['real'])) {
$_SESSION['real'] = $_SESSION['user'];
}
$_SESSION['user'] = new User($_GET['id']);
?>
<script>
window.location = 'main.php';
</script>
<?php
<?php
} else {
if ($do == 'add') {
$version = $_POST['version'];
?>
<?php
switch ($_POST['ver']) {
case "alpha":
$version .= 'α';
break;
case "beta":
$version .= 'β';
break;
}
Version::create($version);
Event::addEvent('Version ' . $version . ' has been added.', $_SESSION['user'], 1);
}
}
} else {
if ($action == 'current') {
$version = new Version($_GET['id']);
$version->makeCurrent();
Event::addEvent('Version ' . $version->getVersion() . ' is now the current version.', $_SESSION['user'], 2);
?>
<script>
load('version', 'none', 'none');
</script>
<?php
}
}
}
session_start();
require_once '../classes/connection.class.php';
require_once '../classes/event.class.php';
$addeventobj = new Event();
/*echo '<pre>';
print_r($addeventobj);
echo '</pre>';
exit;
*/
$event_id = mysqli_real_escape_string($addeventobj->conxn, $_POST['event_id']);
$event_title = mysqli_real_escape_string($addeventobj->conxn, $_POST['title']);
$event_desc = mysqli_real_escape_string($addeventobj->conxn, $_POST['desc']);
$event_date = mysqli_real_escape_string($addeventobj->conxn, $_POST['date']);
$addeventobj->setEventID($event_id);
$addeventobj->setEventTitle($event_title);
$addeventobj->setEventDesc($event_desc);
$addeventobj->setEventDate($event_date);
//$adduserobj->setError($er);
//$adduserobj->setMessage($msg);
$addeventobj->addEvent();
/*echo '<pre>';
print_r ($adduserobj);
echo '</pre>';
exit;*/
if ($addeventobj) {
header('location:../index.php?page=event&action=view');
$_SESSION['msg'] = $addeventobj->msg = "The event has been added sucessfully";
} else {
echo $_SESSION['msg'] = $addeventobj->msg = "Sorry the event has not been added, please try again later";
}
/**
* @param int $id
* @return bool
*/
public function delete($id)
{
if (parent::delete($id)) {
SessionManager::clear_session_ref_promotion($id);
Event::addEvent(LOG_PROMOTION_DELETE, LOG_PROMOTION_ID, $id, api_get_utc_datetime(), api_get_user_id());
} else {
return false;
}
}
/**
* @param $locked
*/
public function lock_all_items($locked)
{
if (api_get_setting('gradebook.gradebook_locking_enabled') == 'true') {
$this->lock($locked);
$evals_to_lock = $this->get_evaluations();
if (!empty($evals_to_lock)) {
foreach ($evals_to_lock as $item) {
$item->lock($locked);
}
}
$link_to_lock = $this->get_links();
if (!empty($link_to_lock)) {
foreach ($link_to_lock as $item) {
$item->lock($locked);
}
}
$event_type = LOG_GRADEBOOK_UNLOCKED;
if ($locked == 1) {
$event_type = LOG_GRADEBOOK_LOCKED;
}
Event::addEvent($event_type, LOG_GRADEBOOK_ID, $this->id);
}
}
/**
* Updates the group_rel_user table with a given user and group ids
* @author Julio Montoya
* @param int $user_id
* @param int $group_id
* @param int $relation_type
*
* @return bool
**/
public static function update_user_role($user_id, $group_id, $relation_type = GROUP_USER_PERMISSION_READER)
{
if (empty($user_id) || empty($group_id) || empty($relation_type)) {
return false;
}
$em = Database::getManager();
$group_id = intval($group_id);
$user_id = intval($user_id);
$usergroupUser = $em->getRepository('ChamiloCoreBundle:UsergroupRelUser')->findOneBy(['user' => $user_id, 'usergroup' => $group_id]);
if (!$usergroupUser) {
return false;
}
$usergroupUser->setRelationType($relation_type);
$em->merge($usergroupUser);
$em->flush();
Event::addEvent(LOG_GROUP_PORTAL_USER_UPDATE_ROLE, LOG_GROUP_PORTAL_REL_USER_ARRAY, array('user_id' => $user_id, 'group_id' => $group_id, 'relation_type' => $relation_type));
return true;
}
/**
* This function displays a wiki entry
* @author Patrick Cool <*****@*****.**>, Ghent University
* @author Juan Carlos Raña Trabado
* @param string $newtitle
* @return string html code
**/
public function display_wiki_entry($newtitle)
{
$tbl_wiki = $this->tbl_wiki;
$tbl_wiki_conf = $this->tbl_wiki_conf;
$condition_session = $this->condition_session;
$groupfilter = $this->groupfilter;
$page = $this->page;
$session_id = api_get_session_id();
$course_id = api_get_course_int_id();
if ($newtitle) {
$pageMIX = $newtitle;
//display the page after it is created
} else {
$pageMIX = $page;
//display current page
}
$filter = null;
if (isset($_GET['view']) && $_GET['view']) {
$_clean['view'] = (int) Database::escape_string($_GET['view']);
$filter = ' AND w.id="' . $_clean['view'] . '"';
}
//first, check page visibility in the first page version
$sql = 'SELECT * FROM ' . $tbl_wiki . '
WHERE
c_id = ' . $course_id . ' AND
reflink="' . Database::escape_string($pageMIX) . '" AND
' . $groupfilter . $condition_session . '
ORDER BY id ASC';
$result = Database::query($sql);
$row = Database::fetch_array($result);
$KeyVisibility = $row['visibility'];
// second, show the last version
$sql = 'SELECT * FROM ' . $tbl_wiki . ' w , ' . $tbl_wiki_conf . ' wc
WHERE
wc.c_id = ' . $course_id . ' AND
w.c_id = ' . $course_id . ' AND
wc.page_id = w.page_id AND
w.reflink = "' . Database::escape_string($pageMIX) . '" AND
w.session_id = ' . $session_id . ' AND
w.' . $groupfilter . ' ' . $filter . '
ORDER BY id DESC';
$result = Database::query($sql);
$row = Database::fetch_array($result);
// we do not need a while loop since we are always displaying the last version
//log users access to wiki (page_id)
if (!empty($row['page_id'])) {
Event::addEvent(LOG_WIKI_ACCESS, LOG_WIKI_PAGE_ID, $row['page_id']);
}
//update visits
if ($row['id']) {
$sql = 'UPDATE ' . $tbl_wiki . ' SET hits=(hits+1) WHERE c_id = ' . $course_id . ' AND id=' . $row['id'] . '';
Database::query($sql);
}
// if both are empty and we are displaying the index page then we display the default text.
if ($row['content'] == '' and $row['title'] == '' and $page == 'index') {
if (api_is_allowed_to_edit(false, true) || api_is_platform_admin() || GroupManager::is_user_in_group(api_get_user_id(), api_get_group_id())) {
//Table structure for better export to pdf
$default_table_for_content_Start = '<table align="center" border="0"><tr><td align="center">';
$default_table_for_content_End = '</td></tr></table>';
$content = $default_table_for_content_Start . sprintf(get_lang('DefaultContent'), api_get_path(WEB_IMG_PATH)) . $default_table_for_content_End;
$title = get_lang('DefaultTitle');
} else {
return self::setMessage(Display::display_normal_message(get_lang('WikiStandBy'), false, true));
}
} else {
$content = Security::remove_XSS(api_html_entity_decode($row['content']), COURSEMANAGERLOWSECURITY);
$title = api_html_entity_decode($row['title']);
}
//assignment mode: identify page type
$icon_assignment = null;
if ($row['assignment'] == 1) {
$icon_assignment = Display::return_icon('wiki_assignment.png', get_lang('AssignmentDescExtra'), '', ICON_SIZE_SMALL);
} elseif ($row['assignment'] == 2) {
$icon_assignment = Display::return_icon('wiki_work.png', get_lang('AssignmentWork'), '', ICON_SIZE_SMALL);
}
//task mode
$icon_task = null;
if (!empty($row['task'])) {
$icon_task = Display::return_icon('wiki_task.png', get_lang('StandardTask'), '', ICON_SIZE_SMALL);
}
//Show page. Show page to all users if isn't hide page. Mode assignments: if student is the author, can view
if ($KeyVisibility == "1" || api_is_allowed_to_edit(false, true) || api_is_platform_admin() || $row['assignment'] == 2 && $KeyVisibility == "0" && api_get_user_id() == $row['user_id']) {
echo '<div id="wikititle">';
$protect_page = null;
$lock_unlock_protect = null;
// page action: protecting (locking) the page
if (api_is_allowed_to_edit(false, true) || api_is_platform_admin()) {
if (self::check_protect_page() == 1) {
$protect_page = Display::return_icon('lock.png', get_lang('PageLockedExtra'), '', ICON_SIZE_SMALL);
$lock_unlock_protect = 'unlock';
} else {
$protect_page = Display::return_icon('unlock.png', get_lang('PageUnlockedExtra'), '', ICON_SIZE_SMALL);
$lock_unlock_protect = 'lock';
}
}
if ($row['id']) {
echo '<span style="float:right;">';
echo '<a href="index.php?action=showpage&actionpage=' . $lock_unlock_protect . '&title=' . api_htmlentities(urlencode($page)) . '">' . $protect_page . '</a>';
echo '</span>';
}
$visibility_page = null;
$lock_unlock_visibility = null;
//page action: visibility
if (api_is_allowed_to_edit(false, true) || api_is_platform_admin()) {
if (self::check_visibility_page() == 1) {
// TODO: FIX This hides the icon eye closed to users of work they can see yours
//if(($row['assignment']==2 && $KeyVisibility=="0" && (api_get_user_id()==$row['user_id']))==false)
//{
//
// }
$visibility_page = Display::return_icon('visible.png', get_lang('ShowPageExtra'), '', ICON_SIZE_SMALL);
$lock_unlock_visibility = 'invisible';
} else {
$visibility_page = Display::return_icon('invisible.png', get_lang('HidePageExtra'), '', ICON_SIZE_SMALL);
$lock_unlock_visibility = 'visible';
}
}
if ($row['id']) {
echo '<span style="float:right;">';
echo '<a href="index.php?action=showpage&actionpage=' . $lock_unlock_visibility . '&title=' . api_htmlentities(urlencode($page)) . '">' . $visibility_page . '</a>';
echo '</span>';
}
//page action: notification
if (api_is_allowed_to_session_edit()) {
if (self::check_notify_page($page) == 1) {
$notify_page = Display::return_icon('messagebox_info.png', get_lang('NotifyByEmail'), '', ICON_SIZE_SMALL);
$lock_unlock_notify_page = 'unlocknotify';
} else {
$notify_page = Display::return_icon('mail.png', get_lang('CancelNotifyByEmail'), '', ICON_SIZE_SMALL);
$lock_unlock_notify_page = 'locknotify';
}
}
echo '<span style="float:right;">';
echo '<a href="index.php?action=showpage&actionpage=' . $lock_unlock_notify_page . '&title=' . api_htmlentities(urlencode($page)) . '">' . $notify_page . '</a>';
echo '</span>';
//ONly available if row['id'] is set
if ($row['id']) {
//page action: export to pdf
echo '<span style="float:right;">';
echo '<form name="form_export2PDF" method="get" action="' . api_get_path(WEB_CODE_PATH) . 'wiki/index.php?' . api_get_cidreq() . '" >';
echo '<input type="hidden" name="action" value="export_to_pdf">';
echo '<input type="hidden" name="wiki_id" value="' . $row['id'] . '">';
echo '<input type="image" src="' . api_get_path(WEB_IMG_PATH) . 'icons/22/pdf.png" border ="0" title="' . get_lang('ExportToPDF') . '" alt="' . get_lang('ExportToPDF') . '" style=" width:22px; border:none; margin-top: -9px">';
echo '</form>';
echo '</span>';
// Page action: copy last version to doc area
if (api_is_allowed_to_edit(false, true) || api_is_platform_admin()) {
echo '<span style="float:right;">';
echo '<form name="form_export2DOC" method="get" action="' . api_get_path(WEB_CODE_PATH) . 'wiki/index.php?' . api_get_cidreq() . '" >';
echo '<input type=hidden name="action" value="export2doc">';
echo '<input type=hidden name="doc_id" value="' . $row['id'] . '">';
echo '<input type="image" src="' . api_get_path(WEB_IMG_PATH) . 'icons/22/export_to_documents.png" border ="0" title="' . get_lang('ExportToDocArea') . '" alt="' . get_lang('ExportToDocArea') . '" style=" width:22px; border:none; margin-top: -6px">';
echo '</form>';
echo '</span>';
}
if (api_is_unoconv_installed()) {
echo '<span style="float:right;">';
echo '<a href="' . api_get_path(WEB_CODE_PATH) . 'wiki/index.php?action=export_to_doc_file&id=' . $row['id'] . '">' . Display::return_icon('export_doc.png', get_lang('ExportToDoc'), array(), ICON_SIZE_SMALL) . '</a>';
echo '</span>';
}
}
//export to print
?>
<script>
function goprint() {
var a = window.open('','','width=800,height=600');
a.document.open("text/html");
a.document.write(document.getElementById('wikicontent').innerHTML);
a.document.close();
a.print();
}
</script>
<?php
echo '<span style="float:right; cursor: pointer;">';
echo Display::return_icon('printer.png', get_lang('Print'), array('onclick' => "javascript: goprint();"), ICON_SIZE_SMALL);
echo '</span>';
if (empty($title)) {
$title = get_lang('DefaultTitle');
}
if (self::wiki_exist($title)) {
echo $icon_assignment . ' ' . $icon_task . ' ' . api_htmlentities($title);
} else {
echo api_htmlentities($title);
}
echo '</div>';
echo '<div id="wikicontent">' . self::make_wiki_link_clickable(self::detect_external_link(self::detect_anchor_link(self::detect_mail_link(self::detect_ftp_link(self::detect_irc_link(self::detect_news_link($content))))))) . '</div>';
echo '<div id="wikifooter">' . get_lang('Progress') . ': ' . $row['progress'] * 10 . '% ' . get_lang('Rating') . ': ' . $row['score'] . ' ' . get_lang('Words') . ': ' . self::word_count($content) . '</div>';
}
//end filter visibility
}
/**
* Set platform language
* @param Integer The language id
* @return void()
*/
public static function set_platform_language($language_id)
{
if (empty($language_id) or intval($language_id) != $language_id) {
return false;
}
$tbl_admin_languages = Database::get_main_table(TABLE_MAIN_LANGUAGE);
$tbl_settings_current = Database::get_main_table(TABLE_MAIN_SETTINGS_CURRENT);
$sql_update = "SELECT english_name FROM " . $tbl_admin_languages . " WHERE id='" . Database::escape_string($language_id) . "'";
$result = Database::query($sql_update);
$lang = Database::fetch_array($result);
$sql_update_2 = "UPDATE " . $tbl_settings_current . " SET selected_value='" . $lang['english_name'] . "' WHERE variable='platformLanguage'";
$result_2 = Database::query($sql_update_2);
Event::addEvent(LOG_PLATFORM_LANGUAGE_CHANGE, LOG_PLATFORM_LANGUAGE, $lang['english_name']);
return $result_2 !== false;
}
}
}
} else {
if ($action == 'delete') {
if ($do == 'none') {
?>
<a onclick="load('documents', 'delete', 'delete', {id: '<?php
echo $_GET['id'];
?>
'})">Continue?</a> (<b>NOTE:</b> This action cannot be reversed!)
<?php
} else {
if ($do == 'delete') {
$document = new Document($_GET['id']);
$document->delete();
Event::addEvent('Document ' . $document->getPrefix()->getPrefixAbbrev() . $document->getID() . ' has been deleted.', $_SESSION['user'], 3);
?>
<script>
load('documents', 'view', 'none', {});
</script>
<?php
}
}
} else {
if ($action == 'sign') {
$document = new Document($_GET['id']);
$document->sign($_SESSION['user']);
?>
<script>
load('documents', 'view', 'none', {id: '<?php
echo $_GET['id'];
$fp = fopen($homep . $menuf . '_' . $lang . $ext, 'w');
fputs($fp, $home_menu);
home_tabs($homep . $menuf . '_' . $lang . $ext);
fclose($fp);
foreach ($_languages['name'] as $key => $value) {
$lang_name = $_languages['folder'][$key];
if (isset($_POST[$lang_name])) {
$fp = fopen($homep . $menuf . '_' . $lang_name . $ext, 'w');
fputs($fp, $home_menu);
home_tabs($homep . $menuf . '_' . $lang_name . $ext);
fclose($fp);
}
}
}
}
Event::addEvent(LOG_HOMEPAGE_CHANGED, $action, cut($link_name . ':' . $link_url, 254), api_get_utc_datetime(), api_get_user_id());
break;
}
//end of switch($action)
if (empty($errorMsg)) {
header('Location: ' . $selfUrl . '?language=' . $languageGet);
exit;
}
} else {
//if POST[formSent] is not set
switch ($action) {
case 'open_link':
// Previously, filtering of GET['link'] was done here but it left
// a security threat. Filtering has now been moved outside conditions
break;
case 'delete_tabs':
/**
* Delete sessions categories
* @author Jhon Hinojosa <*****@*****.**>, from existing code
* @param array id_checked
* @param bool include delete session
* @param bool optional, true if the function is called by a webservice, false otherwise.
* @return void Nothing, or false on error
* The parameters is a array to delete sessions
**/
public static function delete_session_category($id_checked, $delete_session = false, $from_ws = false)
{
$tbl_session_category = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY);
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
if (is_array($id_checked)) {
$id_checked = Database::escape_string(implode(',', $id_checked));
} else {
$id_checked = intval($id_checked);
}
//Setting session_category_id to 0
$sql = "UPDATE {$tbl_session} SET session_category_id = 0 WHERE session_category_id IN (" . $id_checked . ")";
Database::query($sql);
$sql = "SELECT id FROM {$tbl_session} WHERE session_category_id IN (" . $id_checked . ")";
$result = @Database::query($sql);
while ($rows = Database::fetch_array($result)) {
$session_id = $rows['id'];
if ($delete_session) {
if ($from_ws) {
SessionManager::delete_session($session_id, true);
} else {
SessionManager::delete_session($session_id);
}
}
}
$sql = "DELETE FROM {$tbl_session_category} WHERE id IN (" . $id_checked . ")";
$rs = Database::query($sql);
$result = Database::affected_rows($rs);
// Add event to system log
$user_id = api_get_user_id();
Event::addEvent(LOG_SESSION_CATEGORY_DELETE, LOG_SESSION_CATEGORY_ID, $id_checked, api_get_utc_datetime(), $user_id);
// delete extra session fields where field variable is "PERIODO"
$t_sf = Database::get_main_table(TABLE_MAIN_SESSION_FIELD);
$t_sfv = Database::get_main_table(TABLE_MAIN_SESSION_FIELD_VALUES);
$sql = "SELECT t_sfv.field_id FROM {$t_sfv} t_sfv, {$t_sf} t_sf WHERE t_sfv.session_id = '{$id_checked}' AND t_sf.field_variable = 'PERIODO' ";
$rs_field = Database::query($sql);
$field_id = 0;
if (Database::num_rows($rs_field) > 0) {
$row_field = Database::fetch_row($rs_field);
$field_id = $row_field[0];
$sql_delete_sfv = "DELETE FROM {$t_sfv} WHERE session_id = '{$id_checked}' AND field_id = '{$field_id}'";
$rs_delete_sfv = Database::query($sql_delete_sfv);
}
$sql = "SELECT * FROM {$t_sfv} WHERE field_id = '{$field_id}' ";
$rs_field_id = Database::query($sql);
if (Database::num_rows($rs_field_id) == 0) {
$sql_delete_sf = "DELETE FROM {$t_sf} WHERE id = '{$field_id}'";
$rs_delete_sf = Database::query($sql_delete_sf);
}
return true;
}
switch ($_GET['category']) {
case 'Regions':
handle_regions();
break;
case 'Plugins':
// Displaying the extensions: Plugins.
// This will be available to all the sites (access_urls).
$securityToken = isset($_GET['sec_token']) ? Security::remove_XSS($_GET['sec_token']) : null;
if (isset($_POST['submit_dashboard_plugins']) && Security::check_token($securityToken)) {
Security::clear_token();
$affected_rows = DashboardManager::store_dashboard_plugins($_POST);
if ($affected_rows) {
// add event to system log
$user_id = api_get_user_id();
$category = $_GET['category'];
Event::addEvent(LOG_CONFIGURATION_SETTINGS_CHANGE, LOG_CONFIGURATION_SETTINGS_CATEGORY, $category, api_get_utc_datetime(), $user_id);
Display::display_confirmation_message(get_lang('DashboardPluginsUpdatedSuccessfully'));
}
}
echo '<script>
$(function(){
$("#tabs").tabs();
});
</script>';
echo '<div id="tabs">';
echo '<ul>';
echo '<li><a href="#tabs-1">' . get_lang('Plugins') . '</a></li>';
echo '<li><a href="#tabs-2">' . get_lang('DashboardPlugins') . '</a></li>';
echo '<li><a href="#tabs-3">' . get_lang('ConfigureExtensions') . '</a></li>';
echo '</ul>';
echo '<div id="tabs-1">';
/**
* Updates the group_rel_user table with a given user and group ids
* @author Julio Montoya
* @param int $user_id
* @param int $group_id
* @param int $relation_type
*
* @return bool
**/
public static function update_user_role($user_id, $group_id, $relation_type = GROUP_USER_PERMISSION_READER)
{
$table_group_rel_user = Database::get_main_table(TABLE_MAIN_USER_REL_GROUP);
if (empty($user_id) || empty($group_id) || empty($relation_type)) {
return false;
}
$group_id = intval($group_id);
$user_id = intval($user_id);
$sql = "UPDATE {$table_group_rel_user}\n \t\t\t\tSET relation_type = " . intval($relation_type) . "\n \t\t\t\tWHERE\n user_id = {$user_id} AND\n group_id = {$group_id}\n ";
Database::query($sql);
Event::addEvent(LOG_GROUP_PORTAL_USER_UPDATE_ROLE, LOG_GROUP_PORTAL_REL_USER_ARRAY, array('user_id' => $user_id, 'group_id' => $group_id, 'relation_type' => $relation_type));
return true;
}
$sql = "UPDATE {$user_table} SET active='" . $status . "' WHERE user_id='" . $user_id . "'";
$result = Database::query($sql);
//Send and email if account is active
if ($status == 1) {
$user_info = api_get_user_info($user_id);
$recipient_name = api_get_person_name($user_info['firstname'], $user_info['lastname'], null, PERSON_NAME_EMAIL_ADDRESS);
$emailsubject = '[' . api_get_setting('platform.site_name') . '] ' . get_lang('YourReg') . ' ' . api_get_setting('platform.site_name');
$email_admin = api_get_setting('admin.administrator_email');
$sender_name = api_get_person_name(api_get_setting('admin.administrator_name'), api_get_setting('admin.administrator_surname'), null, PERSON_NAME_EMAIL_ADDRESS);
$emailbody = get_lang('Dear') . " " . stripslashes($recipient_name) . ",\n\n";
$emailbody .= sprintf(get_lang('YourAccountOnXHasJustBeenApprovedByOneOfOurAdministrators'), api_get_setting('platform.site_name')) . "\n";
$emailbody .= sprintf(get_lang('YouCanNowLoginAtXUsingTheLoginAndThePasswordYouHaveProvided'), api_get_path(WEB_PATH)) . ",\n\n";
$emailbody .= get_lang('HaveFun') . "\n\n";
//$emailbody.=get_lang('Problem'). "\n\n". get_lang('SignatureFormula');
$emailbody .= api_get_person_name(api_get_setting('admin.administrator_name'), api_get_setting('admin.administrator_surname')) . "\n" . get_lang('Manager') . " " . api_get_setting('platform.site_name') . "\nT. " . api_get_setting('administratorTelephone') . "\n" . get_lang('Email') . " : " . api_get_setting('emailAdministrator');
$additionalParameters = array('smsType' => SmsPlugin::ACCOUNT_APPROVED_CONNECT, 'userId' => $user_id);
$result = api_mail_html($recipient_name, $user_info['mail'], $emailsubject, $emailbody, $sender_name, $email_admin, null, null, $additionalParameters);
Event::addEvent(LOG_USER_ENABLE, LOG_USER_ID, $user_id);
} else {
Event::addEvent(LOG_USER_DISABLE, LOG_USER_ID, $user_id);
}
echo $status;
}
} else {
echo '-1';
}
break;
default:
echo '';
}
exit;
/**
* function register_course to create a record in the course table of the main database
* @param string $course_sys_code
* @param string $course_screen_code
* @param string $course_repository
* @param string $course_db_name
* @param string $tutor_name
* @param string $category
* @param string $title complete name of course
* @param string $course_language lang for this course
* @param string $uid uid of owner
* @param integer Expiration date in unix time representation
* @param array Optional array of teachers' user ID
* @return int 0
* @todo use an array called $params instead of lots of params
*/
static function register_course($params)
{
global $error_msg, $firstExpirationDelay;
$title = $params['title'];
$code = $params['code'];
$visual_code = $params['visual_code'];
$directory = isset($params['directory']) ? $params['directory'] : null;
$tutor_name = isset($params['tutor_name']) ? $params['tutor_name'] : null;
$category_code = isset($params['category_code']) ? $params['category_code'] : null;
$defaultLanguage = Container::getTranslator()->getLocale();
$course_language = isset($params['course_language']) && !empty($params['course_language']) ? $params['course_language'] : $defaultLanguage;
$user_id = empty($params['user_id']) ? api_get_user_id() : intval($params['user_id']);
$department_name = isset($params['department_name']) ? $params['department_name'] : null;
$department_url = isset($params['department_url']) ? $params['department_url'] : null;
$disk_quota = isset($params['disk_quota']) ? $params['disk_quota'] : null;
if (!isset($params['visibility'])) {
$default_course_visibility = api_get_setting('course.courses_default_creation_visibility');
if (isset($default_course_visibility)) {
$visibility = $default_course_visibility;
} else {
$visibility = COURSE_VISIBILITY_OPEN_PLATFORM;
}
} else {
$visibility = $params['visibility'];
}
$subscribe = isset($params['subscribe']) ? intval($params['subscribe']) : ($visibility == COURSE_VISIBILITY_OPEN_PLATFORM ? 1 : 0);
$unsubscribe = isset($params['unsubscribe']) ? intval($params['unsubscribe']) : 0;
$expiration_date = isset($params['expiration_date']) ? $params['expiration_date'] : null;
$teachers = isset($params['teachers']) ? $params['teachers'] : null;
$status = isset($params['status']) ? $params['status'] : null;
$TABLECOURSE = Database::get_main_table(TABLE_MAIN_COURSE);
$TABLECOURSUSER = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$ok_to_register_course = true;
// Check whether all the needed parameters are present.
if (empty($code)) {
$error_msg[] = 'courseSysCode is missing';
$ok_to_register_course = false;
}
if (empty($visual_code)) {
$error_msg[] = 'courseScreenCode is missing';
$ok_to_register_course = false;
}
if (empty($directory)) {
$error_msg[] = 'courseRepository is missing';
$ok_to_register_course = false;
}
if (empty($title)) {
$error_msg[] = 'title is missing';
$ok_to_register_course = false;
}
if (empty($expiration_date)) {
$expiration_date = api_get_utc_datetime(time() + $firstExpirationDelay);
} else {
$expiration_date = api_get_utc_datetime($expiration_date);
}
if ($visibility < 0 || $visibility > 3) {
$error_msg[] = 'visibility is invalid';
$ok_to_register_course = false;
}
if (empty($disk_quota)) {
$disk_quota = api_get_setting('document.default_document_quotum');
}
$time = api_get_utc_datetime();
if (stripos($department_url, 'http://') === false && stripos($department_url, 'https://') === false) {
$department_url = 'http://' . $department_url;
}
//just in case
if ($department_url == 'http://') {
$department_url = '';
}
$course_id = 0;
if ($ok_to_register_course) {
/** @var Course $course */
$course = self::getCourseManager()->create();
$course->setCode($code)->setDirectory($directory)->setCourseLanguage($course_language)->setTitle($title)->setDescription(get_lang('CourseDescription'))->setCategoryCode($category_code)->setVisibility($visibility)->setShowScore(1)->setDiskQuota($disk_quota)->setCreationDate(new \DateTime())->setExpirationDate(new \DateTime($expiration_date))->setDepartmentName($department_name)->setDepartmentUrl($department_url)->setSubscribe($subscribe)->setUnsubscribe($unsubscribe)->setVisualCode($visual_code);
self::getCourseManager()->save($course, true);
$course_id = $course->getId();
/*// Here we must add 2 fields.
$sql = "INSERT INTO ".$TABLECOURSE . " SET
code = '".Database :: escape_string($code) . "',
directory = '".Database :: escape_string($directory) . "',
course_language = '".Database :: escape_string($course_language) . "',
title = '".Database :: escape_string($title) . "',
description = '".Database::escape_string(get_lang('CourseDescription')) . "',
category_code = '".Database :: escape_string($category_code) . "',
visibility = '".$visibility . "',
show_score = '1',
disk_quota = '".intval($disk_quota) . "',
creation_date = '$time',
expiration_date = '".$expiration_date . "',
last_edit = '$time',
last_visit = NULL,
tutor_name = '".Database :: escape_string($tutor_name) . "',
department_name = '".Database :: escape_string($department_name) . "',
department_url = '".Database :: escape_string($department_url) . "',
subscribe = '".intval($subscribe) . "',
unsubscribe = '".intval($unsubscribe) . "',
visual_code = '".Database :: escape_string($visual_code) . "'";
Database::query($sql);
$course_id = Database::insert_id();*/
//$course->addUsers()
if ($course_id) {
$settingsManager = Container::getCourseSettingsManager();
$schemas = $settingsManager->getSchemas();
$schemas = array_keys($schemas);
/**
* @var string $key
* @var \Sylius\Bundle\SettingsBundle\Schema\SchemaInterface $schema
*/
foreach ($schemas as $schema) {
$settings = $settingsManager->loadSettings($schema);
$settingsManager->setCourse($course);
$settingsManager->saveSettings($schema, $settings);
}
$sort = api_max_sort_value('0', api_get_user_id());
$i_course_sort = CourseManager::userCourseSort($user_id, $code);
if (!empty($user_id)) {
$sql = "INSERT INTO " . $TABLECOURSUSER . " SET\n c_id = '" . Database::escape_string($course_id) . "',\n user_id = '" . intval($user_id) . "',\n status = '1',\n tutor_id = '0',\n sort = '" . $i_course_sort . "',\n user_course_cat = '0'";
Database::query($sql);
}
if (!empty($teachers)) {
if (!is_array($teachers)) {
$teachers = array($teachers);
}
foreach ($teachers as $key) {
//just in case
if ($key == $user_id) {
continue;
}
if (empty($key)) {
continue;
}
$sql = "INSERT INTO " . $TABLECOURSUSER . " SET\n c_id = '" . Database::escape_string($course_id) . "',\n user_id = '" . Database::escape_string($key) . "',\n status = '1',\n role = '',\n tutor_id = '0',\n sort = '" . ($sort + 1) . "',\n user_course_cat = '0'";
Database::query($sql);
}
}
// Adding the course to an URL
if (api_is_multiple_url_enabled()) {
$url_id = 1;
if (api_get_current_access_url_id() != -1) {
$url_id = api_get_current_access_url_id();
}
UrlManager::add_course_to_url($course_id, $url_id);
} else {
UrlManager::add_course_to_url($course_id, 1);
}
// Add event to the system log.
$user_id = api_get_user_id();
Event::addEvent(LOG_COURSE_CREATE, LOG_COURSE_CODE, $code, api_get_utc_datetime(), $user_id, $code);
$send_mail_to_admin = api_get_setting('course.send_email_to_admin_when_create_course');
// @todo Improve code to send to all current portal administrators.
if ($send_mail_to_admin == 'true') {
$siteName = api_get_setting('platform.site_name');
$recipient_email = api_get_setting('platform.administrator_email');
$recipient_name = api_get_person_name(api_get_setting('platform.administrator_name'), api_get_setting('platform.administrator_surname'));
$iname = api_get_setting('platform.institution');
$subject = get_lang('NewCourseCreatedIn') . ' ' . $siteName . ' - ' . $iname;
$body = get_lang('Dear') . ' ' . $recipient_name . ",\n\n" . get_lang('MessageOfNewCourseToAdmin') . ' ' . $siteName . ' - ' . $iname . "\n";
$body .= get_lang('CourseName') . ' ' . $title . "\n";
$body .= get_lang('Category') . ' ' . $category_code . "\n";
$body .= get_lang('Tutor') . ' ' . $tutor_name . "\n";
$body .= get_lang('Language') . ' ' . $course_language;
//api_mail_html($recipient_name, $recipient_email, $subject, $message, $siteName, $recipient_email);
$message = \Swift_Message::newInstance()->setSubject($subject)->setFrom($recipient_email)->setTo($recipient_email)->setBody(Container::getTemplate()->render('ChamiloCoreBundle:Mailer:Course/new_course.html.twig', array('recipient_name' => $recipient_name, 'sitename' => $siteName, 'institution' => $iname, 'course_name' => $title, 'category' => $category_code, 'tutor' => $tutor_name, 'language' => $course_language)));
Container::getMailer()->send($message);
}
}
}
return $course_id;
}
/**
* Delete a course
* This function deletes a whole course-area from the platform. When the
* given course is a virtual course, the database and directory will not be
* deleted.
* When the given course is a real course, also all virtual courses refering
* to the given course will be deleted.
* Considering the fact that we remove all traces of the course in the main
* database, it makes sense to remove all tracking as well (if stats databases exist)
* so that a new course created with this code would not use the remains of an older
* course.
*
* @param string The code of the course to delete
* @todo When deleting a virtual course: unsubscribe users from that virtual
* course from the groups in the real course if they are not subscribed in
* that real course.
* @todo Remove globals
*/
public static function delete_course($code)
{
$table_course = Database::get_main_table(TABLE_MAIN_COURSE);
$table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$table_session_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
$table_session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
$table_course_survey = Database::get_main_table(TABLE_MAIN_SHARED_SURVEY);
$table_course_survey_question = Database::get_main_table(TABLE_MAIN_SHARED_SURVEY_QUESTION);
$table_course_survey_question_option = Database::get_main_table(TABLE_MAIN_SHARED_SURVEY_QUESTION_OPTION);
$table_course_rel_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$table_stats_hotpots = Database::get_main_table(TABLE_STATISTIC_TRACK_E_HOTPOTATOES);
$table_stats_attempt = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ATTEMPT);
$table_stats_exercises = Database::get_main_table(TABLE_STATISTIC_TRACK_E_EXERCISES);
$table_stats_access = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ACCESS);
$table_stats_lastaccess = Database::get_main_table(TABLE_STATISTIC_TRACK_E_LASTACCESS);
$table_stats_course_access = Database::get_main_table(TABLE_STATISTIC_TRACK_E_COURSE_ACCESS);
$table_stats_online = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ONLINE);
$table_stats_default = Database::get_main_table(TABLE_STATISTIC_TRACK_E_DEFAULT);
$table_stats_downloads = Database::get_main_table(TABLE_STATISTIC_TRACK_E_DOWNLOADS);
$table_stats_links = Database::get_main_table(TABLE_STATISTIC_TRACK_E_LINKS);
$table_stats_uploads = Database::get_main_table(TABLE_STATISTIC_TRACK_E_UPLOADS);
$codeFiltered = Database::escape_string($code);
$sql = "SELECT * FROM {$table_course} WHERE code='" . $codeFiltered . "'";
$res = Database::query($sql);
if (Database::num_rows($res) == 0) {
return;
}
$sql = "SELECT * FROM {$table_course}\n WHERE code = '" . $codeFiltered . "'";
$res = Database::query($sql);
$course = Database::fetch_array($res);
$courseId = $course['id'];
$count = 0;
if (api_is_multiple_url_enabled()) {
$url_id = 1;
if (api_get_current_access_url_id() != -1) {
$url_id = api_get_current_access_url_id();
}
UrlManager::delete_url_rel_course($courseId, $url_id);
$count = UrlManager::getCountUrlRelCourse($courseId);
}
if ($count == 0) {
self::create_database_dump($code);
$course_tables = AddCourse::get_course_tables();
// Cleaning c_x tables
if (!empty($courseId)) {
foreach ($course_tables as $table) {
$table = Database::get_course_table($table);
$sql = "DELETE FROM {$table} WHERE c_id = {$courseId} ";
Database::query($sql);
}
}
$course_dir = api_get_path(SYS_COURSE_PATH) . $course['directory'];
$archive_dir = api_get_path(SYS_ARCHIVE_PATH) . $course['directory'] . '_' . time();
if (is_dir($course_dir)) {
rename($course_dir, $archive_dir);
}
// Unsubscribe all users from the course
$sql = "DELETE FROM {$table_course_user} WHERE c_id='" . $courseId . "'";
Database::query($sql);
// Delete the course from the sessions tables
$sql = "DELETE FROM {$table_session_course} WHERE c_id='" . $courseId . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_session_course_user} WHERE c_id='" . $courseId . "'";
Database::query($sql);
// Delete from Course - URL
$sql = "DELETE FROM {$table_course_rel_url} WHERE c_id = '" . $courseId . "'";
Database::query($sql);
$sql = 'SELECT survey_id FROM ' . $table_course_survey . ' WHERE course_code="' . $codeFiltered . '"';
$result_surveys = Database::query($sql);
while ($surveys = Database::fetch_array($result_surveys)) {
$survey_id = $surveys[0];
$sql = 'DELETE FROM ' . $table_course_survey_question . ' WHERE survey_id="' . $survey_id . '"';
Database::query($sql);
$sql = 'DELETE FROM ' . $table_course_survey_question_option . ' WHERE survey_id="' . $survey_id . '"';
Database::query($sql);
$sql = 'DELETE FROM ' . $table_course_survey . ' WHERE survey_id="' . $survey_id . '"';
Database::query($sql);
}
// Cleaning group categories
$groupCategories = GroupManager::get_categories($course['code']);
if (!empty($groupCategories)) {
foreach ($groupCategories as $category) {
GroupManager::delete_category($category['id'], $course['code']);
}
}
// Cleaning groups
$groups = GroupManager::get_groups();
if (!empty($groups)) {
$groupList = array_column($groups, 'id');
GroupManager::delete_groups($groupList);
}
// Delete the course from the stats tables
$sql = "DELETE FROM {$table_stats_hotpots} WHERE c_id = {$courseId}";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_attempt} WHERE c_id = {$courseId}";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_exercises} WHERE c_id = {$courseId}";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_access} WHERE c_id = {$courseId}";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_lastaccess} WHERE c_id = {$courseId}";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_course_access} WHERE c_id = {$courseId}";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_online} WHERE c_id = {$courseId}";
Database::query($sql);
// Do not delete rows from track_e_default as these include course
// creation and other important things that do not take much space
// but give information on the course history
//$sql = "DELETE FROM $table_stats_default WHERE c_id = $courseId";
//Database::query($sql);
$sql = "DELETE FROM {$table_stats_downloads} WHERE c_id = {$courseId}";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_links} WHERE c_id = {$courseId}";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_uploads} WHERE c_id = {$courseId}";
Database::query($sql);
// Delete the course from the database
$sql = "DELETE FROM {$table_course} WHERE code = '" . $codeFiltered . "'";
Database::query($sql);
// delete extra course fields
$extraFieldValues = new ExtraFieldValue('course');
$extraFieldValues->deleteValuesByItem($courseId);
// Add event to system log
$user_id = api_get_user_id();
Event::addEvent(LOG_COURSE_DELETE, LOG_COURSE_CODE, $code, api_get_utc_datetime(), $user_id, $courseId);
}
}
/**
* This function displays a wiki entry
* @author Patrick Cool <*****@*****.**>, Ghent University
* @author Juan Carlos Raña Trabado
* @param string $newtitle
* @return string html code
**/
public function display_wiki_entry($newtitle)
{
$tbl_wiki = $this->tbl_wiki;
$tbl_wiki_conf = $this->tbl_wiki_conf;
$condition_session = $this->condition_session;
$groupfilter = $this->groupfilter;
$page = $this->page;
$session_id = api_get_session_id();
$course_id = api_get_course_int_id();
if ($newtitle) {
$pageMIX = $newtitle;
//display the page after it is created
} else {
$pageMIX = $page;
//display current page
}
$filter = null;
if (isset($_GET['view']) && $_GET['view']) {
$_clean['view'] = Database::escape_string($_GET['view']);
$filter = ' AND w.id="' . $_clean['view'] . '"';
}
// First, check page visibility in the first page version
$sql = 'SELECT * FROM ' . $tbl_wiki . '
WHERE
c_id = ' . $course_id . ' AND
reflink="' . Database::escape_string($pageMIX) . '" AND
' . $groupfilter . $condition_session . '
ORDER BY id ASC';
$result = Database::query($sql);
$row = Database::fetch_array($result, 'ASSOC');
$KeyVisibility = $row['visibility'];
// second, show the last version
$sql = 'SELECT * FROM ' . $tbl_wiki . ' w
INNER JOIN ' . $tbl_wiki_conf . ' wc
ON (wc.page_id = w.page_id AND wc.c_id = w.c_id)
WHERE
w.c_id = ' . $course_id . ' AND
w.reflink = "' . Database::escape_string($pageMIX) . '" AND
w.session_id = ' . $session_id . ' AND
w.' . $groupfilter . ' ' . $filter . '
ORDER BY id DESC';
$result = Database::query($sql);
// we do not need a while loop since we are always displaying the last version
$row = Database::fetch_array($result, 'ASSOC');
//log users access to wiki (page_id)
if (!empty($row['page_id'])) {
Event::addEvent(LOG_WIKI_ACCESS, LOG_WIKI_PAGE_ID, $row['page_id']);
}
//update visits
if ($row['id']) {
$sql = 'UPDATE ' . $tbl_wiki . ' SET hits=(hits+1)
WHERE c_id = ' . $course_id . ' AND id=' . $row['id'] . '';
Database::query($sql);
}
// if both are empty and we are displaying the index page then we display the default text.
if ($row['content'] == '' && $row['title'] == '' && $page == 'index') {
if (api_is_allowed_to_edit(false, true) || api_is_platform_admin() || GroupManager::is_user_in_group(api_get_user_id(), api_get_group_id())) {
//Table structure for better export to pdf
$default_table_for_content_Start = '<table align="center" border="0"><tr><td align="center">';
$default_table_for_content_End = '</td></tr></table>';
$content = $default_table_for_content_Start . sprintf(get_lang('DefaultContent'), api_get_path(WEB_IMG_PATH)) . $default_table_for_content_End;
$title = get_lang('DefaultTitle');
} else {
return self::setMessage(Display::display_normal_message(get_lang('WikiStandBy'), false, true));
}
} else {
$content = Security::remove_XSS($row['content']);
$title = Security::remove_XSS($row['title']);
}
//assignment mode: identify page type
$icon_assignment = null;
if ($row['assignment'] == 1) {
$icon_assignment = Display::return_icon('wiki_assignment.png', get_lang('AssignmentDescExtra'), '', ICON_SIZE_SMALL);
} elseif ($row['assignment'] == 2) {
$icon_assignment = Display::return_icon('wiki_work.png', get_lang('AssignmentWork'), '', ICON_SIZE_SMALL);
}
//task mode
$icon_task = null;
if (!empty($row['task'])) {
$icon_task = Display::return_icon('wiki_task.png', get_lang('StandardTask'), '', ICON_SIZE_SMALL);
}
// Show page. Show page to all users if isn't hide page. Mode assignments: if student is the author, can view
if ($KeyVisibility == "1" || api_is_allowed_to_edit(false, true) || api_is_platform_admin() || $row['assignment'] == 2 && $KeyVisibility == "0" && api_get_user_id() == $row['user_id']) {
$actionsLeft = '';
// menu edit page
$editLink = '<a href="index.php?' . api_get_cidreq() . '&action=edit&title=' . api_htmlentities(urlencode($page)) . '"' . self::is_active_navigation_tab('edit') . '>' . Display::return_icon('edit.png', get_lang('EditThisPage'), '', ICON_SIZE_MEDIUM) . '</a>';
if (api_is_allowed_to_edit(false, true)) {
$actionsLeft .= $editLink;
} else {
if ((api_is_allowed_in_course() || GroupManager::is_user_in_group(api_get_user_id(), api_get_group_id())) && $page != 'index') {
$actionsLeft .= $editLink;
} else {
$actionsLeft .= '';
}
}
$actionsRight = '';
$protect_page = null;
$lock_unlock_protect = null;
// page action: protecting (locking) the page
if (api_is_allowed_to_edit(false, true) || api_is_platform_admin()) {
if (self::check_protect_page() == 1) {
$protect_page = Display::return_icon('lock.png', get_lang('PageLockedExtra'), '', ICON_SIZE_MEDIUM);
$lock_unlock_protect = 'unlock';
} else {
$protect_page = Display::return_icon('unlock.png', get_lang('PageUnlockedExtra'), '', ICON_SIZE_MEDIUM);
$lock_unlock_protect = 'lock';
}
}
if ($row['id']) {
$actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=showpage&actionpage=' . $lock_unlock_protect . '&title=' . api_htmlentities(urlencode($page)) . '">' . $protect_page . '</a>';
}
$visibility_page = null;
$lock_unlock_visibility = null;
//page action: visibility
if (api_is_allowed_to_edit(false, true) || api_is_platform_admin()) {
if (self::check_visibility_page() == 1) {
$visibility_page = Display::return_icon('visible.png', get_lang('ShowPageExtra'), '', ICON_SIZE_MEDIUM);
$lock_unlock_visibility = 'invisible';
} else {
$visibility_page = Display::return_icon('invisible.png', get_lang('HidePageExtra'), '', ICON_SIZE_MEDIUM);
$lock_unlock_visibility = 'visible';
}
}
if ($row['id']) {
$actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=showpage&actionpage=' . $lock_unlock_visibility . '&title=' . api_htmlentities(urlencode($page)) . '">' . $visibility_page . '</a>';
}
//page action: notification
if (api_is_allowed_to_session_edit()) {
if (self::check_notify_page($page) == 1) {
$notify_page = Display::return_icon('messagebox_info.png', get_lang('NotifyByEmail'), '', ICON_SIZE_MEDIUM);
$lock_unlock_notify_page = 'unlocknotify';
} else {
$notify_page = Display::return_icon('mail.png', get_lang('CancelNotifyByEmail'), '', ICON_SIZE_MEDIUM);
$lock_unlock_notify_page = 'locknotify';
}
}
// Only available if row['id'] is set
if ($row['id']) {
if (api_is_allowed_to_session_edit(false, true) && api_is_allowed_to_edit() || GroupManager::is_user_in_group(api_get_user_id(), api_get_group_id())) {
// menu discuss page
$actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=discuss&title=' . api_htmlentities(urlencode($page)) . '" ' . self::is_active_navigation_tab('discuss') . '>' . Display::return_icon('discuss.png', get_lang('DiscussThisPage'), '', ICON_SIZE_MEDIUM) . '</a>';
}
//menu history
$actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=history&title=' . api_htmlentities(urlencode($page)) . '" ' . self::is_active_navigation_tab('history') . '>' . Display::return_icon('history.png', get_lang('ShowPageHistory'), '', ICON_SIZE_MEDIUM) . '</a>';
//menu linkspages
$actionsRight .= '<a href="index.php?' . api_get_cidreq() . 'action=links&title=' . api_htmlentities(urlencode($page)) . '" ' . self::is_active_navigation_tab('links') . '>' . Display::return_icon('what_link_here.png', get_lang('LinksPages'), '', ICON_SIZE_MEDIUM) . '</a>';
//menu delete wikipage
if (api_is_allowed_to_edit(false, true) || api_is_platform_admin()) {
$actionsRight .= '<a href="index.php?action=delete&' . api_get_cidreq() . '&title=' . api_htmlentities(urlencode($page)) . '"' . self::is_active_navigation_tab('delete') . '>' . Display::return_icon('delete.png', get_lang('DeleteThisPage'), '', ICON_SIZE_MEDIUM) . '</a>';
}
$actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=showpage&actionpage=' . $lock_unlock_notify_page . '&title=' . api_htmlentities(urlencode($page)) . '">' . $notify_page . '</a>';
// Page action: copy last version to doc area
if (api_is_allowed_to_edit(false, true) || api_is_platform_admin()) {
$actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=export2doc&wiki_id=' . $row['id'] . '">' . Display::return_icon('export_to_documents.png', get_lang('ExportToDocArea'), '', ICON_SIZE_MEDIUM) . '</a>';
}
$actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=export_to_pdf&wiki_id=' . $row['id'] . '">' . Display::return_icon('pdf.png', get_lang('ExportToPDF'), '', ICON_SIZE_MEDIUM) . '</a>';
$unoconv = api_get_configuration_value('unoconv.binaries');
if ($unoconv) {
$actionsRight .= '<a href="' . api_get_path(WEB_CODE_PATH) . 'wiki/index.php?action=export_to_doc_file&id=' . $row['id'] . '&' . api_get_cidreq() . '">' . Display::return_icon('export_doc.png', get_lang('ExportToDoc'), array(), ICON_SIZE_MEDIUM) . '</a>';
}
//export to print
?>
<script>
function goprint() {
var a = window.open('','','width=800,height=600');
a.document.open("text/html");
a.document.write(document.getElementById('wikicontent').innerHTML);
a.document.close();
a.print();
}
</script>
<?php
$actionsRight .= Display::url(Display::return_icon('printer.png', get_lang('Print'), '', ICON_SIZE_MEDIUM), '#', array('onclick' => "javascript: goprint();"));
}
echo Display::toolbarAction('toolbar-wikistudent', array(0 => $actionsLeft, 1 => $actionsRight));
if (empty($title)) {
$pageTitle = get_lang('DefaultTitle');
}
if (self::wiki_exist($title)) {
$pageTitle = $icon_assignment . ' ' . $icon_task . ' ' . api_htmlentities($title);
} else {
$pageTitle = api_htmlentities($title);
}
$pageWiki = self::make_wiki_link_clickable(self::detect_external_link(self::detect_anchor_link(self::detect_mail_link(self::detect_ftp_link(self::detect_irc_link(self::detect_news_link($content)))))));
$footerWiki = '<div id="wikifooter">' . get_lang('Progress') . ': ' . $row['progress'] * 10 . '% ' . get_lang('Rating') . ': ' . $row['score'] . ' ' . get_lang('Words') . ': ' . self::word_count($content) . '</div>';
echo Display::panel($pageWiki, $pageTitle, $footerWiki);
}
//end filter visibility
}
</table>
</form>
<div id="loading" class="alert alert-info" role="alert" style="display: none">
</div>
<?php
} else {
if ($do == 'add') {
extract($_POST);
Year::create($year, $era);
if ($era == 1) {
$dis = $year . ' UFY';
} else {
$dis = $year . ' IRY';
}
Event::addEvent('Year ' . $dis . ' has been added.', $_SESSION['user'], 1);
}
}
} else {
if ($action == 'current') {
$year = new Year($_GET['id']);
$year->makeCurrent();
Event::addEvent('Year ' . $year->getFullYear() . ' is now the current year.', $_SESSION['user'], 2);
?>
<script>
load('irclockup', 'none', 'none');
</script>
<?php
}
}
}
<td><?php
echo $user->getClearance()->getClearanceName();
?>
</td>
</tr>
<tr>
<th><label for="merits">Merits</label></th>
<td><input type="number" id="merits" name="merits" value="<?php
echo $user->getMerits();
?>
" required /></td>
</tr>
<tr>
<td colspan=2><button id="edit" name="edit" class="btn btn-primary" type="button" onclick="editMerits()">Edit</button></td>
</tr>
</table>
</form>
<div id="loading" class="alert alert-info" role="alert" style="display: none">
</div>
<?php
} else {
if ($do == 'edit') {
extract($_POST);
$user->changeMerits($merits);
Event::addEvent($user->getName() . '\'s merits have been modified.', $_SESSION['user'], 2);
}
}
}
}
}
/**
* Disables or enables a user
* @param int user_id
* @param int Enable or disable
* @return void
* @assert (-1,0) === false
* @assert (1,1) === true
*/
private static function change_active_state($user_id, $active)
{
if (strval(intval($user_id)) != $user_id) {
return false;
}
if ($user_id < 1) {
return false;
}
$user_id = intval($user_id);
$table_user = Database::get_main_table(TABLE_MAIN_USER);
$sql = "UPDATE {$table_user} SET active = '{$active}' WHERE id = {$user_id}";
$r = Database::query($sql);
$ev = LOG_USER_DISABLE;
if ($active == 1) {
$ev = LOG_USER_ENABLE;
}
if ($r !== false) {
Event::addEvent($ev, LOG_USER_ID, $user_id);
}
return $r;
}
/**
* Wrapper for the templates
*
* @author Patrick Cool <*****@*****.**>, Ghent University, Belgium
* @author Julio Montoya.
* @version August 2008
* @since Dokeos 1.8.6
*/
function handle_templates()
{
/* Drive-by fix to avoid undefined var warnings, without repeating
* isset() combos all over the place. */
$action = isset($_GET['action']) ? $_GET['action'] : "invalid";
if ($action != 'add') {
echo '<div class="actions" style="margin-left: 1px;">';
echo '<a href="settings.php?category=Templates&action=add">' . Display::return_icon('new_template.png', get_lang('AddTemplate'), '', ICON_SIZE_MEDIUM) . '</a>';
echo '</div>';
}
if ($action == 'add' || $action == 'edit' && is_numeric($_GET['id'])) {
add_edit_template();
// Add event to the system log.
$user_id = api_get_user_id();
$category = $_GET['category'];
Event::addEvent(LOG_CONFIGURATION_SETTINGS_CHANGE, LOG_CONFIGURATION_SETTINGS_CATEGORY, $category, api_get_utc_datetime(), $user_id);
} else {
if ($action == 'delete' && is_numeric($_GET['id'])) {
delete_template($_GET['id']);
// Add event to the system log
$user_id = api_get_user_id();
$category = $_GET['category'];
Event::addEvent(LOG_CONFIGURATION_SETTINGS_CHANGE, LOG_CONFIGURATION_SETTINGS_CATEGORY, $category, api_get_utc_datetime(), $user_id);
}
display_templates();
}
}
$controller->logout($redirect);
}
/* Table definitions */
/* Constants and CONFIGURATION parameters */
/** @todo these configuration settings should move to the Chamilo config settings. */
/** Defines wether or not anonymous visitors can see a list of the courses on the Chamilo homepage that are open to the world. */
$_setting['display_courses_to_anonymous_users'] = 'true';
/* LOGIN */
/**
* Registers in the track_e_default table (view in important activities in admin
* interface) a possible attempted break in, sending auth data through get.
* @todo This piece of code should probably move to local.inc.php where the actual login / logout procedure is handled. The real use of this code block should be seriously considered as well. This form should just use a security token and get done with it.
*/
if (isset($_GET['submitAuth']) && $_GET['submitAuth'] == 1) {
$i = api_get_anonymous_id();
Event::addEvent(LOG_ATTEMPTED_FORCED_LOGIN, 'tried_hacking_get', $_SERVER['REMOTE_ADDR'] . (empty($_POST['login']) ? '' : '/' . $_POST['login']), null, $i);
echo 'Attempted breakin - sysadmins notified.';
session_destroy();
die;
}
// Delete session neccesary for legal terms
if (api_get_setting('allow_terms_conditions') == 'true') {
Session::erase('term_and_condition');
}
//If we are not logged in and customapages activated
if (!api_get_user_id() && CustomPages::enabled()) {
if (Request::get('loggedout')) {
CustomPages::display(CustomPages::LOGGED_OUT);
} else {
CustomPages::display(CustomPages::INDEX_UNLOGGED);
}
<td style="vertical-align: middle"><?php
echo $code->getPurpose();
?>
</td>
<td style="vertical-align: middle"><?php
echo $code->getDate();
?>
</td>
</tr>
<?php
}
?>
</table>
<?php
} else {
if ($action == 'generate') {
/*$rand = rand(100, 999);
$date = date('mdy');
$name = strtoupper($_SESSION['user']->getName()[0] . $_SESSION['user']->getName()[1]);
$abbrev = '';
foreach (explode(' ', $_SESSION['user']->getAdmin()->getAdminRank()) as $word) {
$abbrev .= strtoupper($word[0]);
}*/
$code = CodeGen::generateCode($_SESSION['user']);
CodeGen::add($code, $_SESSION['user'], $_POST['purpose']);
Event::addEvent($_SESSION['user']->getName() . ' has generated an approval code.', $_SESSION['user'], 1);
echo $code;
}
}
