public function delete($id)
{
parent::delete($id);
event_system(LOG_CAREER_DELETE, LOG_CAREER_ID, $id, api_get_utc_datetime(), api_get_user_id());
}
/**
* Updates the group_rel_user table with a given user and group ids
* @author Julio Montoya
* @param int $user_id
* @param int $group_id
* @param int $relation_type
*
* @return bool
**/
public static function update_user_role($user_id, $group_id, $relation_type = GROUP_USER_PERMISSION_READER)
{
$table_group_rel_user = Database::get_main_table(TABLE_MAIN_USER_REL_GROUP);
if (empty($user_id) || empty($group_id) || empty($relation_type)) {
return false;
}
$group_id = intval($group_id);
$user_id = intval($user_id);
$sql = "UPDATE {$table_group_rel_user}\n \t\t\t\tSET relation_type = " . intval($relation_type) . "\n \t\t\t\tWHERE\n user_id = {$user_id} AND\n group_id = {$group_id}\n ";
Database::query($sql);
event_system(LOG_GROUP_PORTAL_USER_UPDATE_ROLE, LOG_GROUP_PORTAL_REL_USER_ARRAY, array('user_id' => $user_id, 'group_id' => $group_id, 'relation_type' => $relation_type));
return true;
}
/**
* Updates a transaction using the given query parameters
* @param array Query parameters
* @return bool The result of the transaction row update
*/
static function update_transaction($params)
{
//return false;
$table = Database::get_main_table(TABLE_BRANCH_TRANSACTION);
if (empty($params['id'])) {
error_log('No transaction id provided during update_transaction');
return false;
}
$params['time_update'] = api_get_utc_datetime();
error_log("Transaction updated #{$params['id']} with status_id = {$params['status_id']}");
//Failed - do something else
if ($params['status_id'] == MigrationCustom::TRANSACTION_STATUS_FAILED) {
//event_system($event_type, $event_value_type, $event_value, $datetime = null, $user_id = null, $course_code = null) {
event_system('transaction_error', 'transaction_id', $params['id'], $params['time_update']);
}
return Database::update($table, $params, array('id = ?' => $params['id']));
}
/**
* Delete sessions categories
* @author Jhon Hinojosa <*****@*****.**>, from existing code
* @param array id_checked
* @param bool include delete session
* @param bool optional, true if the function is called by a webservice, false otherwise.
* @return void Nothing, or false on error
* The parameters is a array to delete sessions
* */
public static function delete_session_category($id_checked, $delete_session = false, $from_ws = false)
{
$tbl_session_category = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY);
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
if (is_array($id_checked)) {
$id_checked = Database::escape_string(implode(',', $id_checked));
} else {
$id_checked = intval($id_checked);
}
//Setting session_category_id to 0
$sql = "UPDATE $tbl_session SET session_category_id = 0
WHERE session_category_id IN (" . $id_checked . ")";
Database::query($sql);
$sql = "SELECT id FROM $tbl_session WHERE session_category_id IN (" . $id_checked . ")";
$result = Database::query($sql);
while ($rows = Database::fetch_array($result)) {
$session_id = $rows['id'];
if ($delete_session) {
if ($from_ws) {
SessionManager::delete_session($session_id, true);
} else {
SessionManager::delete_session($session_id);
}
}
}
$sql = "DELETE FROM $tbl_session_category WHERE id IN (" . $id_checked . ")";
Database::query($sql);
// Add event to system log
$user_id = api_get_user_id();
event_system(
LOG_SESSION_CATEGORY_DELETE,
LOG_SESSION_CATEGORY_ID,
$id_checked,
api_get_utc_datetime(),
$user_id
);
return true;
}
switch ($_GET['category']) {
case 'Regions':
handle_regions();
break;
case 'Plugins':
// Displaying the extensions: Plugins.
// This will be available to all the sites (access_urls).
$securityToken = isset($_GET['sec_token']) ? Security::remove_XSS($_GET['sec_token']) : null;
if (isset($_POST['submit_dashboard_plugins']) && Security::check_token($securityToken)) {
Security::clear_token();
$affected_rows = DashboardManager::store_dashboard_plugins($_POST);
if ($affected_rows) {
// add event to system log
$user_id = api_get_user_id();
$category = $_GET['category'];
event_system(LOG_CONFIGURATION_SETTINGS_CHANGE, LOG_CONFIGURATION_SETTINGS_CATEGORY, $category, api_get_utc_datetime(), $user_id);
Display::display_confirmation_message(get_lang('DashboardPluginsHaveBeenUpdatedSucesslly'));
}
}
echo '<script>
$(function(){
$("#tabs").tabs();
});
</script>';
echo '<div id="tabs">';
echo '<ul>';
echo '<li><a href="#tabs-1">' . get_lang('Plugins') . '</a></li>';
echo '<li><a href="#tabs-2">' . get_lang('DashboardPlugins') . '</a></li>';
echo '<li><a href="#tabs-3">' . get_lang('ConfigureExtensions') . '</a></li>';
echo '</ul>';
echo '<div id="tabs-1">';
public function delete($id)
{
if (parent::delete($id)) {
SessionManager::clear_session_ref_promotion($id);
event_system(LOG_PROMOTION_DELETE, LOG_PROMOTION_ID, $id, api_get_utc_datetime(), api_get_user_id());
} else {
return false;
}
}
$sessionAction = new SessionAction();
$selectedDocuments = $sessionAction->get();
if (removeTrailingSlash($sessionAction->getFolder()) == getParentPath($_POST['original_path']) && sizeof($selectedDocuments)) {
if (($key = array_search(basename($_POST['original_path']), $selectedDocuments)) !== false) {
$selectedDocuments[$key] = $_POST['name'];
$sessionAction->set($selectedDocuments);
}
} elseif (removeTrailingSlash($sessionAction->getFolder()) == removeTrailingSlash($_POST['original_path'])) {
$sessionAction->setFolder($_POST['original_path']);
}
$path = addTrailingSlash(getParentPath($_POST['original_path'])) . $_POST['name'];
if (is_file($path)) {
include_once CLASS_FILE;
$file = new file($path);
$fileInfo = $file->getFileInfo();
$fileInfo['mtime'] = date(DATE_TIME_FORMAT, $fileInfo['mtime']);
} else {
include_once CLASS_MANAGER;
$manager = new manager($path, false);
$fileInfo = $manager->getFolderInfo();
$fileInfo['mtime'] = date(DATE_TIME_FORMAT, $fileInfo['mtime']);
}
event_system(LOG_MY_FOLDER_CHANGE, LOG_MY_FOLDER_PATH, $_POST['original_path']);
event_system(LOG_MY_FOLDER_CHANGE, LOG_MY_FOLDER_NEW_PATH, $path);
}
echo "{";
echo "error:'" . $error . "' ";
foreach ($fileInfo as $k => $v) {
echo "," . $k . ":'" . $v . "' ";
}
echo "}";
/**
* Disables or enables a user
*
* @param int user_id
* @param int Enable or disable
* @return void
* @assert (-1,0) === false
* @assert (1,1) === true
*/
public static function change_active_state($user_id, $active, $send_email_if_activated = false)
{
$user_id = intval($user_id);
$active = intval($active);
$table_user = Database::get_main_table(TABLE_MAIN_USER);
$sql = "UPDATE {$table_user} SET active = '{$active}' WHERE user_id = '{$user_id}';";
Database::query($sql);
$log_event = LOG_USER_DEACTIVATED;
if ($active == 1) {
$log_event = LOG_USER_ACTIVATED;
if ($send_email_if_activated) {
$user_info = api_get_user_info($user_id);
$recipient_name = api_get_person_name($user_info['firstname'], $user_info['lastname'], null, PERSON_NAME_EMAIL_ADDRESS);
$emailsubject = '[' . api_get_setting('siteName') . '] ' . get_lang('YourReg') . ' ' . api_get_setting('siteName');
$emailbody = get_lang('Dear') . " " . stripslashes($recipient_name) . ",\n\n";
$emailbody .= sprintf(get_lang('YourAccountOnXHasJustBeenApprovedByOneOfOurAdministrators'), api_get_setting('siteName')) . "\n";
$emailbody .= sprintf(get_lang('YouCanNowLoginAtXUsingTheLoginAndThePasswordYouHaveProvided'), api_get_path(WEB_PATH)) . ",\n\n";
$emailbody .= get_lang('HaveFun') . "\n\n";
$emailbody .= get_lang('Problem') . "\n\n" . get_lang('Formula');
$emailbody .= api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname')) . "\n" . get_lang('Manager') . " " . api_get_setting('siteName') . "\nT. " . api_get_setting('administratorTelephone') . "\n" . get_lang('Email') . " : " . api_get_setting('emailAdministrator');
MessageManager::send_message_simple($user_id, $emailsubject, $emailbody);
}
}
$user_info = api_get_user_info($user_id);
event_system($log_event, LOG_USER_ID, $user_id, api_get_utc_datetime(), api_get_user_id());
event_system($log_event, LOG_USER_OBJECT, $user_info, api_get_utc_datetime(), api_get_user_id());
}
/**
* function register_course to create a record in the course table of the main database
* @param string $course_sys_code
* @param string $course_screen_code
* @param string $course_repository
* @param string $course_db_name
* @param string $tutor_name
* @param string $category
* @param string $title complete name of course
* @param string $course_language lang for this course
* @param string $uid uid of owner
* @param integer Expiration date in unix time representation
* @param array Optional array of teachers' user ID
* @return int 0
* @todo use an array called $params instead of lots of params
*/
static function register_course($params)
{
global $error_msg, $firstExpirationDelay;
$title = $params['title'];
$code = $params['code'];
$visual_code = $params['visual_code'];
$directory = isset($params['directory']) ? $params['directory'] : null;
$tutor_name = isset($params['tutor_name']) ? $params['tutor_name'] : null;
//$description = $params['description'];
$category_code = isset($params['category_code']) ? $params['category_code'] : null;
$course_language = isset($params['course_language']) && !empty($params['course_language']) ? $params['course_language'] : api_get_setting('platformLanguage');
$user_id = empty($params['user_id']) ? api_get_user_id() : intval($params['user_id']);
$department_name = isset($params['department_name']) ? $params['department_name'] : null;
$department_url = isset($params['department_url']) ? $params['department_url'] : null;
$disk_quota = isset($params['disk_quota']) ? $params['disk_quota'] : null;
if (!isset($params['visibility'])) {
$default_course_visibility = api_get_setting('courses_default_creation_visibility');
if (isset($default_course_visibility)) {
$visibility = $default_course_visibility;
} else {
$visibility = COURSE_VISIBILITY_OPEN_PLATFORM;
}
} else {
$visibility = $params['visibility'];
}
$subscribe = isset($params['subscribe']) ? intval($params['subscribe']) : ($visibility == COURSE_VISIBILITY_OPEN_PLATFORM ? 1 : 0);
$unsubscribe = isset($params['unsubscribe']) ? intval($params['unsubscribe']) : 0;
$expiration_date = isset($params['expiration_date']) ? $params['expiration_date'] : null;
$teachers = isset($params['teachers']) ? $params['teachers'] : null;
$status = isset($params['status']) ? $params['status'] : null;
$TABLECOURSE = Database::get_main_table(TABLE_MAIN_COURSE);
$TABLECOURSUSER = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$ok_to_register_course = true;
// Check whether all the needed parameters are present.
if (empty($code)) {
$error_msg[] = 'courseSysCode is missing';
$ok_to_register_course = false;
}
if (empty($visual_code)) {
$error_msg[] = 'courseScreenCode is missing';
$ok_to_register_course = false;
}
if (empty($directory)) {
$error_msg[] = 'courseRepository is missing';
$ok_to_register_course = false;
}
if (empty($title)) {
$error_msg[] = 'title is missing';
$ok_to_register_course = false;
}
if (empty($expiration_date)) {
$expiration_date = api_get_utc_datetime(time() + $firstExpirationDelay);
} else {
$expiration_date = api_get_utc_datetime($expiration_date);
}
if ($visibility < 0 || $visibility > 3) {
$error_msg[] = 'visibility is invalid';
$ok_to_register_course = false;
}
if (empty($disk_quota)) {
$disk_quota = api_get_setting('default_document_quotum');
}
$time = api_get_utc_datetime();
if (stripos($department_url, 'http://') === false && stripos($department_url, 'https://') === false) {
$department_url = 'http://' . $department_url;
}
//just in case
if ($department_url == 'http://') {
$department_url = '';
}
$course_id = 0;
if ($ok_to_register_course) {
// Here we must add 2 fields.
$sql = "INSERT INTO " . $TABLECOURSE . " SET\n code = '" . Database::escape_string($code) . "',\n directory = '" . Database::escape_string($directory) . "',\n course_language = '" . Database::escape_string($course_language) . "',\n title = '" . Database::escape_string($title) . "',\n description = '" . Database::escape_string(get_lang('CourseDescription')) . "',\n category_code = '" . Database::escape_string($category_code) . "',\n visibility = '" . $visibility . "',\n show_score = '1',\n disk_quota = '" . intval($disk_quota) . "',\n creation_date = '{$time}',\n expiration_date = '" . $expiration_date . "',\n last_edit = '{$time}',\n last_visit = NULL,\n tutor_name = '" . Database::escape_string($tutor_name) . "',\n department_name = '" . Database::escape_string($department_name) . "',\n department_url = '" . Database::escape_string($department_url) . "',\n subscribe = '" . intval($subscribe) . "',\n unsubscribe = '" . intval($unsubscribe) . "',\n visual_code = '" . Database::escape_string($visual_code) . "'";
Database::query($sql);
$course_id = Database::insert_id();
if ($course_id) {
$sort = api_max_sort_value('0', api_get_user_id());
$i_course_sort = CourseManager::userCourseSort($user_id, $code);
if (!empty($user_id)) {
$sql = "INSERT INTO " . $TABLECOURSUSER . " SET\n c_id = '" . Database::escape_string($course_id) . "',\n user_id = '" . intval($user_id) . "',\n status = '1',\n role = '" . Database::escape_string(get_lang('Professor')) . "',\n tutor_id = '0',\n sort = '" . $i_course_sort . "',\n user_course_cat = '0'";
Database::query($sql);
}
if (!empty($teachers)) {
if (!is_array($teachers)) {
$teachers = array($teachers);
}
foreach ($teachers as $key) {
//just in case
if ($key == $user_id) {
continue;
}
if (empty($key)) {
continue;
}
$sql = "INSERT INTO " . $TABLECOURSUSER . " SET\n course_code = '" . Database::escape_string($code) . "',\n user_id = '" . Database::escape_string($key) . "',\n status = '1',\n role = '',\n tutor_id = '0',\n sort = '" . ($sort + 1) . "',\n user_course_cat = '0'";
Database::query($sql);
}
}
// Adding the course to an URL
if (api_is_multiple_url_enabled()) {
$url_id = 1;
if (api_get_current_access_url_id() != -1) {
$url_id = api_get_current_access_url_id();
}
UrlManager::add_course_to_url($course_id, $url_id);
} else {
UrlManager::add_course_to_url($course_id, 1);
}
// Add event to the system log.
$user_id = api_get_user_id();
event_system(LOG_COURSE_CREATE, LOG_COURSE_CODE, $code, api_get_utc_datetime(), $user_id, $code);
$send_mail_to_admin = api_get_setting('send_email_to_admin_when_create_course');
// @todo Improve code to send to all current portal administrators.
if ($send_mail_to_admin == 'true') {
$siteName = api_get_setting('siteName');
$recipient_email = api_get_setting('emailAdministrator');
$recipient_name = api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'));
$iname = api_get_setting('Institution');
$subject = get_lang('NewCourseCreatedIn') . ' ' . $siteName . ' - ' . $iname;
$message = get_lang('Dear') . ' ' . $recipient_name . ",\n\n" . get_lang('MessageOfNewCourseToAdmin') . ' ' . $siteName . ' - ' . $iname . "\n";
$message .= get_lang('CourseName') . ' ' . $title . "\n";
$message .= get_lang('Category') . ' ' . $category_code . "\n";
$message .= get_lang('Tutor') . ' ' . $tutor_name . "\n";
$message .= get_lang('Language') . ' ' . $course_language;
@api_mail_html($recipient_name, $recipient_email, $subject, $message, $siteName, $recipient_email);
}
}
}
return $course_id;
}
if ($current_session_id == 0) {
$chamiloFolder = '/shared_folder/sf_user_' . api_get_user_id() . $chamiloFolder;
} else {
$chamiloFolder = '/shared_folder_session_' . $current_session_id . '/sf_user_' . api_get_user_id() . $chamiloFolder;
}
}
}
$doc_id = add_document($_course, $chamiloFolder, 'file', $chamiloFileSize, $chamiloFile);
//get Chamilo
$current_session_id = api_get_session_id();
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', api_get_user_id(), api_get_group_id(), null, null, null, $current_session_id);
//get Chamilo
}
// end bridge
$obj->close();
foreach ($tem as $k => $v) {
$info .= sprintf(", %s:'%s'", $k, $v);
}
$info .= sprintf(", url:'%s'", getFileUrl($path));
$info .= sprintf(", tipedit:'%s'", TIP_DOC_RENAME);
// Log to TRACK_E_DEFAULT
event_system(LOG_MY_FOLDER_UPLOAD, LOG_MY_FOLDER_PATH, $fullPath);
} else {
$error = ERR_FILE_NOT_AVAILABLE;
}
}
}
}
echo "error:'" . $error . "'";
echo $info;
echo "}";
/**
* Delete a course
* This function deletes a whole course-area from the platform. When the
* given course is a virtual course, the database and directory will not be
* deleted.
* When the given course is a real course, also all virtual courses refering
* to the given course will be deleted.
* Considering the fact that we remove all traces of the course in the main
* database, it makes sense to remove all tracking as well (if stats databases exist)
* so that a new course created with this code would not use the remains of an older
* course.
*
* @param string The code of the course to delete
* @todo When deleting a virtual course: unsubscribe users from that virtual
* course from the groups in the real course if they are not subscribed in
* that real course.
* @todo Remove globals
*/
public static function delete_course($code)
{
$table_course = Database::get_main_table(TABLE_MAIN_COURSE);
$table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
//$table_course_class = Database::get_main_table(TABLE_MAIN_COURSE_CLASS);
$table_session_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
$table_session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
$table_course_survey = Database::get_main_table(TABLE_MAIN_SHARED_SURVEY);
$table_course_survey_question = Database::get_main_table(TABLE_MAIN_SHARED_SURVEY_QUESTION);
$table_course_survey_question_option = Database::get_main_table(TABLE_MAIN_SHARED_SURVEY_QUESTION_OPTION);
$table_course_rel_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$table_stats_hotpots = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_HOTPOTATOES);
$table_stats_attempt = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_ATTEMPT);
$table_stats_exercises = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_EXERCICES);
$table_stats_access = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_ACCESS);
$table_stats_lastaccess = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_LASTACCESS);
$table_stats_course_access = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_COURSE_ACCESS);
$table_stats_online = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_ONLINE);
$table_stats_default = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_DEFAULT);
$table_stats_downloads = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_DOWNLOADS);
$table_stats_links = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_LINKS);
$table_stats_uploads = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_UPLOADS);
$codeFiltered = Database::escape_string($code);
$sql = "SELECT * FROM {$table_course} WHERE code='" . $codeFiltered . "'";
$res = Database::query($sql);
if (Database::num_rows($res) == 0) {
return;
}
$count = 0;
if (api_is_multiple_url_enabled()) {
require_once api_get_path(LIBRARY_PATH) . 'urlmanager.lib.php';
$url_id = 1;
if (api_get_current_access_url_id() != -1) {
$url_id = api_get_current_access_url_id();
}
UrlManager::delete_url_rel_course($code, $url_id);
$count = UrlManager::getcountUrlRelCourse($code);
}
if ($count == 0) {
self::create_database_dump($code);
if (!self::is_virtual_course_from_system_code($code)) {
// If this is not a virtual course, look for virtual courses that depend on this one, if any
$virtual_courses = self::get_virtual_courses_linked_to_real_course($code);
foreach ($virtual_courses as $index => $virtual_course) {
// Unsubscribe all classes from the virtual course
/*$sql = "DELETE FROM $table_course_class WHERE course_code='".$virtual_course['code']."'";
Database::query($sql);*/
// Unsubscribe all users from the virtual course
$sql = "DELETE FROM {$table_course_user} WHERE course_code='" . $virtual_course['code'] . "'";
Database::query($sql);
// Delete the course from the sessions tables
$sql = "DELETE FROM {$table_session_course} WHERE course_code='" . $virtual_course['code'] . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_session_course_user} WHERE course_code='" . $virtual_course['code'] . "'";
Database::query($sql);
// Delete the course from the survey tables
$sql = "DELETE FROM {$table_course_survey} WHERE course_code='" . $virtual_course['code'] . "'";
Database::query($sql);
/*$sql = "DELETE FROM $table_course_survey_user WHERE db_name='".$virtual_course['db_name']."'";
Database::query($sql);
$sql = "DELETE FROM $table_course_survey_reminder WHERE db_name='".$virtual_course['db_name']."'";
Database::query($sql);*/
// Delete the course from the stats tables
$sql = "DELETE FROM {$table_stats_hotpots} WHERE exe_cours_id = '" . $virtual_course['code'] . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_attempt} WHERE course_code = '" . $virtual_course['code'] . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_exercises} WHERE exe_cours_id = '" . $virtual_course['code'] . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_access} WHERE access_cours_code = '" . $virtual_course['code'] . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_lastaccess} WHERE access_cours_code = '" . $virtual_course['code'] . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_course_access} WHERE course_code = '" . $virtual_course['code'] . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_online} WHERE course = '" . $virtual_course['code'] . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_default} WHERE default_cours_code = '" . $virtual_course['code'] . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_downloads} WHERE down_cours_id = '" . $virtual_course['code'] . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_links} WHERE links_cours_id = '" . $virtual_course['code'] . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_uploads} WHERE upload_cours_id = '" . $virtual_course['code'] . "'";
Database::query($sql);
// Delete the course from the course table
$sql = "DELETE FROM {$table_course} WHERE code='" . $virtual_course['code'] . "'";
Database::query($sql);
}
$sql = "SELECT * FROM {$table_course} WHERE code='" . $codeFiltered . "'";
$res = Database::query($sql);
$course = Database::fetch_array($res);
$course_tables = get_course_tables();
//Cleaning c_x tables
if (!empty($course['id'])) {
foreach ($course_tables as $table) {
$table = Database::get_course_table($table);
$sql = "DELETE FROM {$table} WHERE c_id = {$course['id']} ";
Database::query($sql);
}
}
$course_dir = api_get_path(SYS_COURSE_PATH) . $course['directory'];
$archive_dir = api_get_path(SYS_ARCHIVE_PATH) . $course['directory'] . '_' . time();
if (is_dir($course_dir)) {
rename($course_dir, $archive_dir);
}
}
// Unsubscribe all classes from the course
/*$sql = "DELETE FROM $table_course_class WHERE course_code='".$code."'";
Database::query($sql);*/
// Unsubscribe all users from the course
$sql = "DELETE FROM {$table_course_user} WHERE course_code='" . $codeFiltered . "'";
Database::query($sql);
// Delete the course from the sessions tables
$sql = "DELETE FROM {$table_session_course} WHERE course_code='" . $codeFiltered . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_session_course_user} WHERE course_code='" . $codeFiltered . "'";
Database::query($sql);
// Delete from Course - URL
$sql = "DELETE FROM {$table_course_rel_url} WHERE course_code = '" . $codeFiltered . "'";
Database::query($sql);
$sql = 'SELECT survey_id FROM ' . $table_course_survey . ' WHERE course_code="' . $codeFiltered . '"';
$result_surveys = Database::query($sql);
while ($surveys = Database::fetch_array($result_surveys)) {
$survey_id = $surveys[0];
$sql = 'DELETE FROM ' . $table_course_survey_question . ' WHERE survey_id="' . $survey_id . '"';
Database::query($sql);
$sql = 'DELETE FROM ' . $table_course_survey_question_option . ' WHERE survey_id="' . $survey_id . '"';
Database::query($sql);
$sql = 'DELETE FROM ' . $table_course_survey . ' WHERE survey_id="' . $survey_id . '"';
Database::query($sql);
}
// Delete the course from the stats tables
$sql = "DELETE FROM {$table_stats_hotpots} WHERE exe_cours_id = '" . $codeFiltered . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_attempt} WHERE course_code = '" . $codeFiltered . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_exercises} WHERE exe_cours_id = '" . $codeFiltered . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_access} WHERE access_cours_code = '" . $codeFiltered . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_lastaccess} WHERE access_cours_code = '" . $codeFiltered . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_course_access} WHERE course_code = '" . $codeFiltered . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_online} WHERE course = '" . $codeFiltered . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_default} WHERE default_cours_code = '" . $codeFiltered . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_downloads} WHERE down_cours_id = '" . $codeFiltered . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_links} WHERE links_cours_id = '" . $codeFiltered . "'";
Database::query($sql);
$sql = "DELETE FROM {$table_stats_uploads} WHERE upload_cours_id = '" . $codeFiltered . "'";
Database::query($sql);
// Delete the course from the database
$sql = "DELETE FROM {$table_course} WHERE code='" . $codeFiltered . "'";
Database::query($sql);
// delete extra course fields
$t_cf = Database::get_main_table(TABLE_MAIN_COURSE_FIELD);
$t_cfv = Database::get_main_table(TABLE_MAIN_COURSE_FIELD_VALUES);
$sql = "SELECT distinct field_id FROM {$t_cfv} WHERE course_code = '{$codeFiltered}'";
$res_field_ids = Database::query($sql);
$field_ids = array();
while ($row_field_id = Database::fetch_row($res_field_ids)) {
$field_ids[] = $row_field_id[0];
}
// Delete from table_course_field_value from a given course_code
$sql_course_field_value = "DELETE FROM {$t_cfv} WHERE course_code = '{$codeFiltered}'";
Database::query($sql_course_field_value);
$sql = "SELECT distinct field_id FROM {$t_cfv}";
$res_field_all_ids = Database::query($sql);
$field_all_ids = array();
while ($row_field_all_id = Database::fetch_row($res_field_all_ids)) {
$field_all_ids[] = $row_field_all_id[0];
}
if (is_array($field_ids) && count($field_ids) > 0) {
foreach ($field_ids as $field_id) {
// check if field id is used into table field value
if (is_array($field_all_ids)) {
if (in_array($field_id, $field_all_ids)) {
continue;
} else {
$sql_course_field = "DELETE FROM {$t_cf} WHERE id = '{$field_id}'";
Database::query($sql_course_field);
}
}
}
}
// Add event to system log
$user_id = api_get_user_id();
event_system(LOG_COURSE_DELETE, LOG_COURSE_CODE, $code, api_get_utc_datetime(), $user_id, $code);
}
}
$controller->logout();
}
/* Table definitions */
/* Constants and CONFIGURATION parameters */
/** @todo these configuration settings should move to the Chamilo config settings. */
/** Defines wether or not anonymous visitors can see a list of the courses on the Chamilo homepage that are open to the world. */
$_setting['display_courses_to_anonymous_users'] = 'true';
/* LOGIN */
/**
* Registers in the track_e_default table (view in important activities in admin
* interface) a possible attempted break in, sending auth data through get.
* @todo This piece of code should probably move to local.inc.php where the actual login / logout procedure is handled. The real use of this code block should be seriously considered as well. This form should just use a security token and get done with it.
*/
if (isset($_GET['submitAuth']) && $_GET['submitAuth'] == 1) {
$i = api_get_anonymous_id();
event_system(LOG_ATTEMPTED_FORCED_LOGIN, 'tried_hacking_get', $_SERVER['REMOTE_ADDR'] . (empty($_POST['login']) ? '' : '/' . $_POST['login']), null, $i);
echo 'Attempted breakin - sysadmins notified.';
session_destroy();
die;
}
// Delete session neccesary for legal terms
if (api_get_setting('allow_terms_conditions') == 'true') {
unset($_SESSION['term_and_condition']);
}
//If we are not logged in and customapages activated
if (!api_get_user_id() && CustomPages::enabled()) {
if (Request::get('loggedout')) {
CustomPages::display(CustomPages::LOGGED_OUT);
} else {
CustomPages::display(CustomPages::INDEX_UNLOGGED);
}
/**
* This function displays a wiki entry
* @author Patrick Cool <*****@*****.**>, Ghent University
* @author Juan Carlos Raña Trabado
* @param string $newtitle
* @return string html code
**/
public function display_wiki_entry($newtitle)
{
$tbl_wiki = $this->tbl_wiki;
$tbl_wiki_conf = $this->tbl_wiki_conf;
$condition_session = $this->condition_session;
$groupfilter = $this->groupfilter;
$page = $this->page;
$session_id = api_get_session_id();
$course_id = api_get_course_int_id();
if ($newtitle) {
$pageMIX = $newtitle; //display the page after it is created
} else {
$pageMIX = $page;//display current page
}
$filter = null;
if (isset($_GET['view']) && $_GET['view']) {
$_clean['view'] = Database::escape_string($_GET['view']);
$filter =' AND w.id="'.$_clean['view'].'"';
}
//first, check page visibility in the first page version
$sql = 'SELECT * FROM '.$tbl_wiki.'
WHERE
c_id = '.$course_id.' AND
reflink="'.Database::escape_string($pageMIX).'" AND
'.$groupfilter.$condition_session.'
ORDER BY id ASC';
$result=Database::query($sql);
$row = Database::fetch_array($result);
$KeyVisibility=$row['visibility'];
// second, show the last version
$sql = 'SELECT * FROM '.$tbl_wiki.' w INNER JOIN '.$tbl_wiki_conf.' wc
ON (wc.page_id = w.page_id AND wc.c_id = w.c_id)
WHERE
w.c_id = '.$course_id.' AND
w.reflink = "'.Database::escape_string($pageMIX).'" AND
w.session_id = '.$session_id.' AND
w.'.$groupfilter.' '.$filter.'
ORDER BY id DESC';
$result = Database::query($sql);
$row = Database::fetch_array($result); // we do not need a while loop since we are always displaying the last version
//log users access to wiki (page_id)
if (!empty($row['page_id'])) {
event_system(LOG_WIKI_ACCESS, LOG_WIKI_PAGE_ID, $row['page_id']);
}
//update visits
if ($row['id']) {
$sql='UPDATE '.$tbl_wiki.' SET hits=(hits+1) WHERE c_id = '.$course_id.' AND id='.$row['id'].'';
Database::query($sql);
}
// if both are empty and we are displaying the index page then we display the default text.
if ($row['content']=='' AND $row['title']=='' AND $page=='index') {
if (api_is_allowed_to_edit(false,true) || api_is_platform_admin() || GroupManager::is_user_in_group(api_get_user_id(), api_get_group_id())) {
//Table structure for better export to pdf
$default_table_for_content_Start='<table align="center" border="0"><tr><td align="center">';
$default_table_for_content_End='</td></tr></table>';
$content = $default_table_for_content_Start.sprintf(get_lang('DefaultContent'),api_get_path(WEB_IMG_PATH)).$default_table_for_content_End;
$title=get_lang('DefaultTitle');
} else {
return self::setMessage(Display::display_normal_message(get_lang('WikiStandBy'), false, true));
}
} else {
$content = Security::remove_XSS($row['content']);
$title = Security::remove_XSS($row['title']);
}
//assignment mode: identify page type
$icon_assignment = null;
if ($row['assignment']==1) {
$icon_assignment = Display::return_icon('wiki_assignment.png', get_lang('AssignmentDescExtra'),'',ICON_SIZE_SMALL);
} elseif($row['assignment']==2) {
$icon_assignment = Display::return_icon('wiki_work.png', get_lang('AssignmentWork'),'',ICON_SIZE_SMALL);
}
//task mode
$icon_task = null;
if (!empty($row['task'])) {
$icon_task=Display::return_icon('wiki_task.png', get_lang('StandardTask'),'',ICON_SIZE_SMALL);
}
//Show page. Show page to all users if isn't hide page. Mode assignments: if student is the author, can view
if ($KeyVisibility == "1" ||
api_is_allowed_to_edit(false,true) ||
api_is_platform_admin() ||
($row['assignment']==2 && $KeyVisibility=="0" && (api_get_user_id()==$row['user_id']))
) {
echo '<div id="wikititle">';
$protect_page = null;
$lock_unlock_protect = null;
// page action: protecting (locking) the page
if (api_is_allowed_to_edit(false,true) || api_is_platform_admin()) {
if (self::check_protect_page()==1) {
$protect_page = Display::return_icon('lock.png', get_lang('PageLockedExtra'),'',ICON_SIZE_SMALL);
$lock_unlock_protect='unlock';
} else {
$protect_page = Display::return_icon('unlock.png', get_lang('PageUnlockedExtra'),'',ICON_SIZE_SMALL);
$lock_unlock_protect='lock';
}
}
if ($row['id']) {
echo '<span style="float:right;">';
echo '<a href="index.php?action=showpage&actionpage='.$lock_unlock_protect.'&title='.api_htmlentities(urlencode($page)).'">'.$protect_page.'</a>';
echo '</span>';
}
$visibility_page = null;
$lock_unlock_visibility = null;
//page action: visibility
if (api_is_allowed_to_edit(false,true) || api_is_platform_admin()) {
if (self::check_visibility_page() == 1) {
$visibility_page= Display::return_icon('visible.png', get_lang('ShowPageExtra'),'', ICON_SIZE_SMALL);
$lock_unlock_visibility='invisible';
} else {
$visibility_page= Display::return_icon('invisible.png', get_lang('HidePageExtra'),'', ICON_SIZE_SMALL);
$lock_unlock_visibility='visible';
}
}
if ($row['id']) {
echo '<span style="float:right;">';
echo '<a href="index.php?action=showpage&actionpage='.$lock_unlock_visibility.'&title='.api_htmlentities(urlencode($page)).'">'.$visibility_page.'</a>';
echo '</span>';
}
//page action: notification
if (api_is_allowed_to_session_edit()) {
if (self::check_notify_page($page)==1) {
$notify_page= Display::return_icon('messagebox_info.png', get_lang('NotifyByEmail'),'',ICON_SIZE_SMALL);
$lock_unlock_notify_page='unlocknotify';
} else {
$notify_page= Display::return_icon('mail.png', get_lang('CancelNotifyByEmail'),'',ICON_SIZE_SMALL);
$lock_unlock_notify_page='locknotify';
}
}
echo '<span style="float:right;">';
echo '<a href="index.php?action=showpage&actionpage='.$lock_unlock_notify_page.'&title='.api_htmlentities(urlencode($page)).'">'.$notify_page.'</a>';
echo '</span>';
//ONly available if row['id'] is set
if ($row['id']) {
//page action: export to pdf
echo '<span style="float:right;">';
echo '<form name="form_export2PDF" method="get" action="'.api_get_path(WEB_CODE_PATH).'wiki/index.php?'.api_get_cidreq().'" >';
echo '<input type="hidden" name="action" value="export_to_pdf">';
echo '<input type="hidden" name="wiki_id" value="'.$row['id'].'">';
echo '<input type="image" src="'.api_get_path(WEB_IMG_PATH).'icons/22/pdf.png" border ="0" title="'.get_lang('ExportToPDF').'" alt="'.get_lang('ExportToPDF').'" style=" width:22px; border:none; margin-top: -9px">';
echo '</form>';
echo '</span>';
// Page action: copy last version to doc area
if (api_is_allowed_to_edit(false,true) || api_is_platform_admin()) {
echo '<span style="float:right;">';
echo '<form name="form_export2DOC" method="get" action="'.api_get_path(WEB_CODE_PATH).'wiki/index.php?'.api_get_cidreq().'" >';
echo '<input type=hidden name="action" value="export2doc">';
echo '<input type=hidden name="doc_id" value="'.$row['id'].'">';
echo '<input type="image" src="'.api_get_path(WEB_IMG_PATH).'icons/22/export_to_documents.png" border ="0" title="'.get_lang('ExportToDocArea').'" alt="'.get_lang('ExportToDocArea').'" style=" width:22px; border:none; margin-top: -6px">';
echo '</form>';
echo '</span>';
}
if (api_is_unoconv_installed()) {
echo '<span style="float:right;">';
echo '<a href="'.api_get_path(WEB_CODE_PATH).'wiki/index.php?action=export_to_doc_file&id='.$row['id'].'">'.
Display::return_icon('export_doc.png', get_lang('ExportToDoc'), array(), ICON_SIZE_SMALL).'</a>';
echo '</span>';
}
}
//export to print
?>
<script>
function goprint() {
var a = window.open('','','width=800,height=600');
a.document.open("text/html");
a.document.write(document.getElementById('wikicontent').innerHTML);
a.document.close();
a.print();
}
</script>
<?php
echo '<span style="float:right; cursor: pointer;">';
echo Display::return_icon('printer.png', get_lang('Print'),array('onclick' => "javascript: goprint();"),ICON_SIZE_SMALL);
echo '</span>';
if (empty($title)) {
$title=get_lang('DefaultTitle');
}
if (self::wiki_exist($title)) {
echo $icon_assignment.' '.$icon_task.' '.api_htmlentities($title);
} else {
echo api_htmlentities($title);
}
echo '</div>';
echo '<div id="wikicontent">'. self::make_wiki_link_clickable(
self::detect_external_link(
self::detect_anchor_link(
self::detect_mail_link(
self::detect_ftp_link(
self::detect_irc_link(
self::detect_news_link($content)
)
)
)
)
)
).'</div>';
echo '<div id="wikifooter">'.get_lang('Progress').': '.($row['progress']*10).'% '.get_lang('Rating').': '.$row['score'].' '.get_lang('Words').': '.self::word_count($content).'</div>';
} //end filter visibility
}
/**
* Creates a new extra field
* @param string Field's internal variable name
* @param int Field's type
* @param string Field's language var name
* @param string Field's default value
* @param string Optional comma-separated list of options to provide for select and radio
* @return int new user id - if the new user creation succeeds, false otherwise
*/
public static function create_extra_field($fieldvarname, $fieldtype, $fieldtitle, $fielddefault, $fieldoptions = '')
{
// database table definition
$table_field = Database::get_main_table(TABLE_MAIN_USER_FIELD);
$table_field_options = Database::get_main_table(TABLE_MAIN_USER_FIELD_OPTIONS);
// First check wether the login already exists
if (self::is_extra_field_available($fieldvarname)) {
return api_set_failure('login-pass already taken');
}
$sql = "SELECT MAX(field_order) FROM $table_field";
$res = Database::query($sql);
$order = 0;
if (Database::num_rows($res) > 0) {
$row = Database::fetch_array($res);
$order = $row[0] + 1;
}
$time = time();
$sql = "INSERT INTO $table_field
SET field_type = '".Database::escape_string($fieldtype)."',
field_variable = '".Database::escape_string($fieldvarname)."',
field_display_text = '".Database::escape_string($fieldtitle)."',
field_default_value = '".Database::escape_string($fielddefault)."',
field_order = '$order',
tms = FROM_UNIXTIME($time)";
$result = Database::query($sql);
if ($result) {
//echo "id returned";
$return = Database::insert_id();
event_system(LOG_USER_FIELD_CREATE, LOG_USER_FIELD_VARIABLE, Database::escape_string($fieldvarname));
} else {
//echo "false - failed" ;
return false;
}
if (!empty($fieldoptions) && in_array($fieldtype, array(self::USER_FIELD_TYPE_RADIO, self::USER_FIELD_TYPE_SELECT, self::USER_FIELD_TYPE_SELECT_MULTIPLE, self::USER_FIELD_TYPE_DOUBLE_SELECT))) {
if ($fieldtype == self::USER_FIELD_TYPE_DOUBLE_SELECT) {
$twolist = explode('|', $fieldoptions);
$counter = 0;
foreach ($twolist as $individual_list) {
$splitted_individual_list = explode(';', $individual_list);
foreach ($splitted_individual_list as $individual_list_option) {
//echo 'counter:'.$counter;
if ($counter == 0) {
$list[] = $individual_list_option;
} else {
$list[] = str_repeat('*', $counter).$individual_list_option;
}
}
$counter++;
}
} else {
$list = explode(';', $fieldoptions);
}
foreach ($list as $option) {
$option = Database::escape_string($option);
$sql = "SELECT * FROM $table_field_options WHERE field_id = $return AND option_value = '".$option."'";
$res = Database::query($sql);
if (Database::num_rows($res) > 0) {
//the option already exists, do nothing
} else {
$sql = "SELECT MAX(option_order) FROM $table_field_options WHERE field_id = $return";
$res = Database::query($sql);
$max = 1;
if (Database::num_rows($res) > 0) {
$row = Database::fetch_array($res);
$max = $row[0] + 1;
}
$time = time();
$sql = "INSERT INTO $table_field_options (field_id,option_value,option_display_text,option_order,tms)
VALUES ($return,'$option','$option',$max,FROM_UNIXTIME($time))";
$res = Database::query($sql);
if ($res === false) {
$return = false;
}
}
}
}
return $return;
}
<?php
/* For licensing terms, see /license.txt */
/**
* @author Logan Cai (cailongqun [at] yahoo [dot] com [dot] cn)
* @link www.phpletter.com
* @since 22/April/2007
*
*/
require_once '../../../../../../inc/global.inc.php';
require_once api_get_path(LIBRARY_PATH) . 'fckeditor/editor/plugins/ajaxfilemanager/inc/config.php';
$error = "";
$info = '';
if (CONFIG_SYS_VIEW_ONLY || !CONFIG_OPTIONS_COPY) {
$error = SYS_DISABLED;
} elseif (!isset($_POST['selectedDoc']) || !is_array($_POST['selectedDoc']) || sizeof($_POST['selectedDoc']) < 1) {
$error = ERR_NOT_DOC_SELECTED_FOR_COPY;
} elseif (empty($_POST['currentFolderPath']) || !isUnderRoot($_POST['currentFolderPath'])) {
$error = ERR_FOLDER_PATH_NOT_ALLOWED;
} else {
require_once CLASS_SESSION_ACTION;
$sessionAction = new SessionAction();
$sessionAction->setAction($_POST['action_value']);
$sessionAction->setFolder($_POST['currentFolderPath']);
$sessionAction->set($_POST['selectedDoc']);
$info = ',num:' . sizeof($_POST['selectedDoc']);
foreach ($_POST['selectedDoc'] as $doc) {
event_system(LOG_MY_FOLDER_COPY, LOG_MY_FOLDER_PATH, $doc);
}
}
echo "{error:'" . $error . "'\n" . $info . "}";
$sql = "UPDATE {$user_table} SET active='" . $status . "' WHERE user_id='" . $user_id . "'";
$result = Database::query($sql);
//Send and email if account is active
if ($status == 1) {
$user_info = api_get_user_info($user_id);
$recipient_name = api_get_person_name($user_info['firstname'], $user_info['lastname'], null, PERSON_NAME_EMAIL_ADDRESS);
$emailsubject = '[' . api_get_setting('siteName') . '] ' . get_lang('YourReg') . ' ' . api_get_setting('siteName');
$email_admin = api_get_setting('emailAdministrator');
$sender_name = api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'), null, PERSON_NAME_EMAIL_ADDRESS);
$emailbody = get_lang('Dear') . " " . stripslashes($recipient_name) . ",\n\n";
$emailbody .= sprintf(get_lang('YourAccountOnXHasJustBeenApprovedByOneOfOurAdministrators'), api_get_setting('siteName')) . "\n";
$emailbody .= sprintf(get_lang('YouCanNowLoginAtXUsingTheLoginAndThePasswordYouHaveProvided'), api_get_path(WEB_PATH)) . ",\n\n";
$emailbody .= get_lang('HaveFun') . "\n\n";
//$emailbody.=get_lang('Problem'). "\n\n". get_lang('SignatureFormula');
$emailbody .= api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname')) . "\n" . get_lang('Manager') . " " . api_get_setting('siteName') . "\nT. " . api_get_setting('administratorTelephone') . "\n" . get_lang('Email') . " : " . api_get_setting('emailAdministrator');
$additionalParameters = array('smsType' => ClockworksmsPlugin::ACCOUNT_APPROVED_CONNECT, 'userId' => $user_id);
$result = api_mail($recipient_name, $user_info['mail'], $emailsubject, $emailbody, $sender_name, $email_admin, '', $additionalParameters);
event_system(LOG_USER_ENABLE, LOG_USER_ID, $user_id);
} else {
event_system(LOG_USER_DISABLE, LOG_USER_ID, $user_id);
}
echo $status;
}
} else {
echo '-1';
}
break;
default:
echo '';
}
exit;
/**
* Set platform language
* @param Integer The language id
* @return void()
*/
public static function set_platform_language($language_id)
{
if (empty($language_id) or intval($language_id) != $language_id) {
return false;
}
$tbl_admin_languages = Database::get_main_table(TABLE_MAIN_LANGUAGE);
$tbl_settings_current = Database::get_main_table(TABLE_MAIN_SETTINGS_CURRENT);
$sql_update = "SELECT english_name FROM " . $tbl_admin_languages . " WHERE id='" . Database::escape_string($language_id) . "'";
$result = Database::query($sql_update);
$lang = Database::fetch_array($result);
$sql_update_2 = "UPDATE " . $tbl_settings_current . " SET selected_value='" . $lang['english_name'] . "' WHERE variable='platformLanguage'";
$result_2 = Database::query($sql_update_2);
event_system(LOG_PLATFORM_LANGUAGE_CHANGE, LOG_PLATFORM_LANGUAGE, $lang['english_name']);
return $result_2 !== false;
}
/**
* Cleans the student's results only for the Exercise tool (Not from the LP)
* The LP results are NOT deleted by default, otherwise put $cleanLpTests = true
* Works with exercises in sessions
* @param bool $cleanLpTests
* @param string $cleanResultBeforeDate
*
* @return int quantity of user's exercises deleted
*/
public function clean_results($cleanLpTests = false, $cleanResultBeforeDate = null)
{
$table_track_e_exercises = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_EXERCICES);
$table_track_e_attempt = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_ATTEMPT);
$sql_where = ' AND
orig_lp_id = 0 AND
orig_lp_item_id = 0';
// if we want to delete results from LP too
if ($cleanLpTests) {
$sql_where = "";
}
// if we want to delete attempts before date $cleanResultBeforeDate
// $cleanResultBeforeDate must be a valid UTC-0 date yyyy-mm-dd
if (!empty($cleanResultBeforeDate)) {
$cleanResultBeforeDate = Database::escape_string($cleanResultBeforeDate);
if (api_is_valid_date($cleanResultBeforeDate)) {
$sql_where .= " AND exe_date <= '{$cleanResultBeforeDate}' ";
} else {
return 0;
}
}
$sql = "SELECT exe_id\n FROM {$table_track_e_exercises}\n WHERE\n exe_cours_id = '" . api_get_course_id() . "' AND\n exe_exo_id = " . $this->id . " AND\n session_id = " . api_get_session_id() . " " . $sql_where;
$result = Database::query($sql);
$exe_list = Database::store_result($result);
// deleting TRACK_E_ATTEMPT table
// check if exe in learning path or not
$i = 0;
if (is_array($exe_list) && count($exe_list) > 0) {
foreach ($exe_list as $item) {
$sql = "DELETE FROM {$table_track_e_attempt} WHERE exe_id = '" . $item['exe_id'] . "'";
Database::query($sql);
$i++;
}
}
$session_id = api_get_session_id();
// delete TRACK_E_EXERCICES table
$sql = "DELETE FROM {$table_track_e_exercises}\n WHERE exe_cours_id = '" . api_get_course_id() . "'\n AND exe_exo_id = " . $this->id . "\n {$sql_where}\n AND session_id = " . $session_id . "";
Database::query($sql);
event_system(LOG_EXERCISE_RESULT_DELETE, LOG_EXERCISE_ID, $this->id, null, null, api_get_course_id(), $session_id);
return $i;
}
include_once CLASS_FILE;
$file = new file();
//check if all files are allowed to cut or copy
foreach ($selectedDocuments as $doc) {
if (file_exists($doc) && isUnderRoot($doc)) {
if (array_search(getRealPath($doc), $allDocs) === false || CONFIG_OVERWRITTEN) {
if (CONFIG_OVERWRITTEN) {
$file->delete($doc);
}
if ($file->copyTo($doc, $_GET['current_folder_path'])) {
$finalPath = $destFolderPath . basename($doc);
$objFile = new file($finalPath);
$tem = $objFile->getFileInfo();
$obj = new manager($finalPath, false);
$fileType = $obj->getFileType($finalPath, is_dir($finalPath) ? true : false);
event_system(LOG_MY_FOLDER_PASTE, LOG_MY_FOLDER_PATH, $finalPath);
foreach ($fileType as $k => $v) {
$tem[$k] = $v;
}
/* foreach ($folderInfo as $k=>$v)
{
$tem['i_' . $k] = $v;
}
if($folderInfo['type'] == 'folder' && empty($folderInfo['subdir']) && empty($folderInfo['file']))
{
$tem['cssClass'] = 'folderEmpty';
} */
$tem['final_path'] = $finalPath;
$tem['path'] = backslashToSlash($finalPath);
$tem['type'] = is_dir($finalPath) ? 'folder' : 'file';
$tem['size'] = @transformFileSize($tem['size']);
/**
* @param int $exe_id
* @param int $user_id
* @param string $course_code
* @param int $question_id
* @todo add session_id for 10
*/
function delete_attempt_hotspot($exe_id, $user_id, $course_code, $session_id = 0, $question_id)
{
$table_track_attempt = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_HOTSPOT);
$exe_id = intval($exe_id);
$user_id = intval($user_id);
$course_code = Database::escape_string($course_code);
$session_id = intval($session_id);
$question_id = intval($question_id);
$sql = "DELETE FROM {$table_track_attempt}\n WHERE hotspot_exe_id = {$exe_id} AND hotspot_user_id = {$user_id} AND hotspot_course_code = '{$course_code}' AND hotspot_question_id = {$question_id} ";
Database::query($sql);
event_system(LOG_QUESTION_RESULT_DELETE, LOG_EXERCISE_ATTEMPT_QUESTION_ID, $exe_id . '-' . $question_id, null, null, $course_code, $session_id);
}
//get Ajaxfilemanager
$chamiloPath = substr($fullPath, strlen($mainPath) - strlen($fullPath) - 1);
//find base_work_dir
$course_dir = $_course['path'] . "/document";
//get Chamilo
$sys_course_path = api_get_path(SYS_COURSE_PATH);
//get Chamilo
$base_work_dir = $sys_course_path . $course_dir;
// sample c:/xampp/htdocs/chamilo2009beta/courses/JUAN2009/document
//delete file
if (!$is_allowed_to_edit && DocumentManager::check_readonly($_course, api_get_user_id(), $chamiloPath)) {
$error = get_lang('CantDeleteReadonlyFiles');
//From Chamilo to Ajaxfilemanager
} else {
$deleted = DocumentManager::delete_document($_course, $chamiloPath, $base_work_dir);
//deleted by Chamilo
//$file->delete($doc); // disabled deleted by ajaxfilemanager
}
} else {
$file->delete($doc);
//deleted by ajaxfilemanager
event_system(LOG_USER_PERSONAL_DOC_DELETED, 'document_path', $doc);
event_system(LOG_MY_FOLDER_DELETE, LOG_MY_FOLDER_PATH, $doc);
}
//////end bridge to Chamilo
}
}
}
}
}
echo "{error:'" . $error . "'}";
/**
* Wrapper for the templates
*
* @author Patrick Cool <*****@*****.**>, Ghent University, Belgium
* @author Julio Montoya.
* @version August 2008
* @since Dokeos 1.8.6
*/
function handle_templates()
{
$action = isset($_GET['action']) ? $_GET['action'] : null;
if ($action != 'add') {
echo '<div class="actions" style="margin-left: 1px;">';
echo '<a href="settings.php?category=Templates&action=add">' . Display::return_icon('new_template.png', get_lang('AddTemplate'), '', ICON_SIZE_MEDIUM) . '</a>';
echo '</div>';
}
if ($action == 'add' || $action == 'edit' && is_numeric($_GET['id'])) {
add_edit_template();
// Add event to the system log.
$user_id = api_get_user_id();
$category = $_GET['category'];
event_system(LOG_CONFIGURATION_SETTINGS_CHANGE, LOG_CONFIGURATION_SETTINGS_CATEGORY, $category, api_get_utc_datetime(), $user_id);
} else {
if ($action == 'delete' && is_numeric($_GET['id'])) {
delete_template($_GET['id']);
// Add event to the system log
$user_id = api_get_user_id();
$category = $_GET['category'];
event_system(LOG_CONFIGURATION_SETTINGS_CHANGE, LOG_CONFIGURATION_SETTINGS_CATEGORY, $category, api_get_utc_datetime(), $user_id);
}
display_templates();
}
}
function lock_all_items($locked)
{
if (api_get_setting('gradebook_locking_enabled') == 'true') {
$this->lock($locked);
$evals_to_lock = $this->get_evaluations();
if (!empty($evals_to_lock)) {
foreach ($evals_to_lock as $item) {
$item->lock($locked);
}
}
$link_to_lock = $this->get_links();
if (!empty($link_to_lock)) {
foreach ($link_to_lock as $item) {
$item->lock($locked);
}
}
$event_type = LOG_GRADEBOOK_UNLOCKED;
if ($locked == 1) {
$event_type = LOG_GRADEBOOK_LOCKED;
}
event_system($event_type, LOG_GRADEBOOK_ID, $this->id);
}
}
$fpo = fopen($homePath . $menuf . $ext, 'w');
fputs($fpo, $home_menu);
fclose($fpo);
}
}
} else {
$errorMsg = get_lang('HomePageFilesNotWritable');
}
} else {
//File does not exist
$fp = fopen($homePath . $menuf . '_' . $lang . $ext, 'w');
fputs($fp, $home_menu);
fclose($fp);
}
}
event_system(LOG_HOMEPAGE_CHANGED, $action, Text::cut($link_name . ':' . $link_url, 254), api_get_utc_datetime(), api_get_user_id());
break;
}
//end of switch($action)
if (empty($errorMsg)) {
header('Location: ' . api_get_self());
exit;
}
} else {
//if POST[formSent] is not set
switch ($action) {
case 'open_link':
// Previously, filtering of GET['link'] was done here but it left
// a security threat. Filtering has now been moved outside conditions
break;
case 'delete_tabs':
/**
* Delete sessions categories
* @author Jhon Hinojosa <*****@*****.**>, from existing code
* @param array id_checked
* @param bool include delete session
* @param bool optional, true if the function is called by a webservice, false otherwise.
* @return void Nothing, or false on error
* The parameters is a array to delete sessions
**/
public static function delete_session_category($id_checked, $delete_session = false, $from_ws = false)
{
$tbl_session_category = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY);
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
if (is_array($id_checked)) {
$id_checked = Database::escape_string(implode(',', $id_checked));
} else {
$id_checked = intval($id_checked);
}
//Setting session_category_id to 0
$sql = "UPDATE {$tbl_session} SET session_category_id = 0 WHERE session_category_id IN (" . $id_checked . ")";
Database::query($sql);
$sql = "SELECT id FROM {$tbl_session} WHERE session_category_id IN (" . $id_checked . ")";
$result = @Database::query($sql);
while ($rows = Database::fetch_array($result)) {
$session_id = $rows['id'];
if ($delete_session) {
if ($from_ws) {
SessionManager::delete_session($session_id, true);
} else {
SessionManager::delete_session($session_id);
}
}
}
$sql = "DELETE FROM {$tbl_session_category} WHERE id IN (" . $id_checked . ")";
$rs = Database::query($sql);
$result = Database::affected_rows($rs);
// Add event to system log
$user_id = api_get_user_id();
event_system(LOG_SESSION_CATEGORY_DELETE, LOG_SESSION_CATEGORY_ID, $id_checked, api_get_utc_datetime(), $user_id);
// delete extra session fields where field variable is "PERIODO"
$t_sf = Database::get_main_table(TABLE_MAIN_SESSION_FIELD);
$t_sfv = Database::get_main_table(TABLE_MAIN_SESSION_FIELD_VALUES);
$sql = "SELECT t_sfv.field_id FROM {$t_sfv} t_sfv, {$t_sf} t_sf WHERE t_sfv.session_id = '{$id_checked}' AND t_sf.field_variable = 'PERIODO' ";
$rs_field = Database::query($sql);
$field_id = 0;
if (Database::num_rows($rs_field) > 0) {
$row_field = Database::fetch_row($rs_field);
$field_id = $row_field[0];
$sql_delete_sfv = "DELETE FROM {$t_sfv} WHERE session_id = '{$id_checked}' AND field_id = '{$field_id}'";
$rs_delete_sfv = Database::query($sql_delete_sfv);
}
$sql = "SELECT * FROM {$t_sfv} WHERE field_id = '{$field_id}' ";
$rs_field_id = Database::query($sql);
if (Database::num_rows($rs_field_id) == 0) {
$sql_delete_sf = "DELETE FROM {$t_sf} WHERE id = '{$field_id}'";
$rs_delete_sf = Database::query($sql_delete_sf);
}
return true;
}
//Chamilo improve security
if (CONFIG_SYS_VIEW_ONLY || !CONFIG_OPTIONS_NEWFOLDER) {
$error = SYS_DISABLED;
} elseif (empty($_POST['new_folder'])) {
$error = ERR_FOLDER_NAME_EMPTY;
} elseif (!preg_match("/^[a-zA-Z0-9_\\- ]+\$/", $_POST['new_folder'])) {
$error = ERR_FOLDER_FORMAT;
} elseif (empty($_POST['currentFolderPath']) || !isUnderRoot($_POST['currentFolderPath'])) {
$error = ERR_FOLDER_PATH_NOT_ALLOWED;
} elseif (file_exists(addTrailingSlash($_POST['currentFolderPath']) . $_POST['new_folder'])) {
$error = ERR_FOLDER_EXISTS;
} else {
include_once CLASS_FILE;
$file = new file();
if ($file->mkdir(addTrailingSlash($_POST['currentFolderPath']) . $_POST['new_folder'], 0775)) {
event_system(LOG_MY_FOLDER_CREATE, LOG_MY_FOLDER_PATH, $_POST['currentFolderPath'] . $_POST['new_folder']);
include_once CLASS_MANAGER;
$manager = new manager(addTrailingSlash($_POST['currentFolderPath']) . $_POST['new_folder'], false);
$pathInfo = $manager->getFolderInfo(addTrailingSlash($_POST['currentFolderPath']) . $_POST['new_folder']);
//bridge to Chamilo
if (!empty($_course['path'])) {
//only inside courses
$mainPath = '../../../../../../../courses/' . $_course['path'] . '/document/';
//get Chamilo
$fullPath = $_POST['currentFolderPath'] . $_POST['new_folder'];
//get Ajaxfilemanager
$chamiloPath = substr($fullPath, strlen($mainPath) - strlen($fullPath) - 1);
$_POST['new_folder'] = str_replace('_', ' ', $_POST['new_folder']);
//Restore for interaction with Chamilo. Because fix long names. See: ajaxfilemanager/inc/class.manager.php
$chamiloFile = $_POST['new_folder'];
//get Ajaxfilemanager