<?php // In the top frame, we use cookies for session. define('COOKIE_SESSION', true); require_once "../../config.php"; require_once $CFG->dirroot . "/pdo.php"; require_once $CFG->dirroot . "/lib/lms_lib.php"; use Tsugi\UI\CrudForm; header('Content-Type: text/html; charset=utf-8'); session_start(); if (!(isset($_SESSION['id']) || isAdmin())) { die('Must be logged in or admin'); } $tablename = "{$CFG->dbprefix}lti_key"; $current = getCurrentFileUrl(__FILE__); $from_location = "keys.php"; $allow_delete = true; $allow_edit = true; $where_clause = ''; $query_fields = array(); if (isAdmin()) { $fields = array("key_id", "key_key", "secret", "created_at", "updated_at", "user_id"); } else { $fields = array("key_id", "key_key", "secret", "created_at", "updated_at"); $where_clause .= "user_id = :UID"; $query_fields[":UID"] = $_SESSION['id']; } // Handle the post data $row = CrudForm::handleUpdate($tablename, $fields, $where_clause, $query_fields, $allow_edit, $allow_delete); if ($row === CrudForm::CRUD_FAIL || $row === CrudForm::CRUD_SUCCESS) { header("Location: " . $from_location);
require_once "../pdo.php"; require_once $CFG->dirroot . '/lib/lms_lib.php'; require_once 'tp_messages.php'; use Tsugi\Util\LTI; use Tsugi\Util\Net; session_start(); header('Content-Type: text/html; charset=utf-8'); if (!isset($_SESSION['lti2post'])) { die_with_error_log("Missing LTI 2.0 post data"); } error_log("Session in lti2 " . session_id()); if (!isset($_SESSION['id'])) { if (isset($_REQUEST['login_done'])) { die_with_error_log("LTI 2 login failed."); } $_SESSION['login_return'] = addSession(getCurrentFileUrl(__FILE__) . "?login_done=true"); header("Location: " . getLoginUrl()); return; } // See if this person is allowed to register a tool $row = $PDOX->rowDie("SELECT request_id, user_id, admin, state, lti\n FROM {$CFG->dbprefix}key_request\n WHERE user_id = :UID LIMIT 1", array(":UID" => $_SESSION['id'])); if ($row === false) { $_SESSION['error'] = 'You have not requested a key for this service.'; header('Location: ' . $CFG->wwwroot); return; } if ($row['state'] == 0) { $_SESSION['error'] = 'Your key has not yet been approved. ' . $row['admin']; header('Location: ' . $CFG->wwwroot); return; }
header("Location: index.php"); return; } $version = $_POST['lti'] + 0; if ($version != 1 && $version != 2) { $_SESSION['error'] = _m("LTI Version muse be 1 or 2"); header("Location: index.php"); return; } $stmt = $PDOX->queryDie("INSERT INTO {$CFG->dbprefix}key_request\n (user_id, title, notes, state, lti, created_at, updated_at)\n VALUES ( :UID, :TITLE, :NOTES, 0, :LTI, NOW(), NOW() )", array(":UID" => $_SESSION['id'], ":TITLE" => $_POST['title'], ":NOTES" => $_POST['notes'], ":LTI" => $version)); if (!isAdmin() && $CFG->owneremail && $CFG->OFFLINE === false) { $user_id = $_SESSION['id']; $token = computeMailCheck($user_id); $to = $CFG->owneremail; $subject = "Key Request from " . $_SESSION['displayname'] . ' (' . $_SESSION['email'] . ' )'; $message = "Key Request from " . $_SESSION['displayname'] . ' (' . $_SESSION['email'] . ' )\\n' . "\nNotes\n" . $_POST['notes'] . "\n\n" . "Link: " . getCurrentFileUrl(__FILE__) . "\n"; $retval = mailSend($to, $subject, $message, $user_id, $token); } $_SESSION['success'] = "Record inserted"; header("Location: index.php"); return; } $query_parms = false; $searchfields = array("request_id", "title", "notes", "state", "admin", "created_at", "updated_at"); $sql = "SELECT request_id, title, notes, state, admin, R.created_at, R.updated_at, email, displayname\n FROM {$CFG->dbprefix}key_request as R\n JOIN {$CFG->dbprefix}lti_user AS U ON R.user_id = U.user_id "; if (!isAdmin()) { $sql .= "\nWHERE R.user_id = :UID"; $query_parms = array(":UID" => $_SESSION['id']); } $newsql = Table::pagedQuery($sql, $query_parms, $searchfields); // echo("<pre>\n$newsql\n</pre>\n");