if (!defined('AURACMS_admin')) {
Header("Location: ../index.php");
exit;
}
$script_include[] = $JS_SCRIPT;
$admin = '';
if (!cek_login()) {
$admin .= '<h4 class="bg">Access Denied !!!!!!</h4>';
} else {
global $koneksi_db, $PHP_SELF, $theme, $error;
if ($_GET['aksi'] == "") {
$admin .= '<div class="panel panel-info">
<div class="panel-heading"><b>Edit Password</b></div>';
if (isset($_POST["submit"])) {
$user = text_filter($_POST['user']);
$password0 = md5($_POST["password0"]);
$password1 = $_POST["password1"];
$password2 = $_POST["password2"];
$hasil = $koneksi_db->sql_query("SELECT password FROM useraura WHERE user='******'");
while ($data = $koneksi_db->sql_fetchrow($hasil)) {
$password = $data['password'];
}
$error = '';
if (!$password0) {
$error .= "Error: Please enter your Old Password!<br />";
}
if (!$password1) {
$error .= "Error: Please enter new password!<br />";
}
if (!$password2) {
$files = $_FILES['gambar']['name'];
$tmp_files = $_FILES['gambar']['tmp_name'];
$namagambar = md5(rand(1, 100) . $files) . '.jpg';
$tempnews = 'mod/photo/images/temp/';
$uploaddir = $tempnews . $namagambar;
$uploads = move_uploaded_file($tmp_files, $uploaddir);
if (file_exists($uploaddir)) {
@chmod($uploaddir, 0644);
}
$tnews = 'mod/photo/images/thumb/';
$gnews = 'mod/photo/images/normal/';
$small = $tnews . $namagambar;
$nsmall = $gnews . $namagambar;
create_thumbnail($uploaddir, $nsmall, $new_width = 520, $new_height = 'auto', $quality = 100);
$judul = text_filter($_POST['judul']);
$kategori = text_filter($_POST['kategori']);
$namafile_name = $_FILES['gambar']['name'];
$gambar = $_POST['gambarlama'];
$desc = $_POST['desc'];
unlink($uploaddir);
unlink($tnews . $gambar);
unlink($gnews . $gambar);
$hasil = $koneksi_db->sql_query("UPDATE photo SET judul='{$judul}',ket='{$desc}',kategori='{$kategori}', gambar='{$namagambar}' WHERE id='{$id}'");
if ($hasil) {
$admin .= '<div class="alert alert-success fade in">
<button data-dismiss="alert" class="close close-sm" type="button">
<i class="icon-remove"></i>
</button>
<strong>Wall Done !</strong> <br>Photo berhasil di Edit.
</div>';
$style_include[] = '<meta http-equiv="refresh" content="1; url=?pilih=photo&mod=yes" />';
/**
* Edit a document based on $_POST and $_GET parameters 'dir' and 'path'
*
* @param array $_course array
* @return void
*/
function edit_document($_course)
{
global $_configuration;
$dir = isset($_GET['dir']) ? $_GET['dir'] : $_POST['dir'];
// please do not modify this dirname formatting
if (strstr($dir, '..')) {
$dir = '/';
}
if ($dir[0] == '.') {
$dir = substr($dir, 1);
}
if ($dir[0] != '/') {
$dir = '/' . $dir;
}
if ($dir[strlen($dir) - 1] != '/') {
$dir .= '/';
}
$filepath = api_get_path('SYS_COURSE_PATH') . $_course['path'] . '/document' . $dir;
if (!is_dir($filepath)) {
$filepath = api_get_path('SYS_COURSE_PATH') . $_course['path'] . '/document/';
$dir = '/';
}
$table_doc = Database::get_course_table(TABLE_DOCUMENT);
if (isset($_POST['path']) && !empty($_POST['path'])) {
$sql = "SELECT path\n\t\t\t\t\t\tFROM " . $table_doc . "\n\t\t\t\t\t\tWHERE id = " . Database::escape_string($_POST['path']);
$res = Database::query($sql, __FILE__, __LINE__);
$row = Database::fetch_array($res);
$content = stripslashes($_POST['content_lp']);
$file = $filepath . $row['path'];
if ($fp = @fopen($file, 'w')) {
$content = text_filter($content);
$content = str_replace(api_get_path('WEB_COURSE_PATH'), $_configuration['url_append'] . '/courses/', $content);
// change the path of mp3 to absolute
// first regexp deals with ../../../ urls
$content = preg_replace("|(flashvars=\"file=)(\\.+/)+|", "\$1" . api_get_path(REL_COURSE_PATH) . $_course['path'] . '/document/', $content);
//second regexp deals with audio/ urls
$content = preg_replace("|(flashvars=\"file=)([^/]+)/|", "\$1" . api_get_path(REL_COURSE_PATH) . $_course['path'] . '/document/$2/', $content);
fputs($fp, $content);
fclose($fp);
}
}
}
}
$admin .= '
</select>*/
$admin .= '<br />
<label>Keterangan</label><br /><textarea rows="10" cols="40" name="url">' . $url . '</textarea><br />
<input type="submit" name="submit" value="Buat">
</form> ';
$admin .= '</div>';
}
if ($_GET['aksi'] == "edittopic") {
$id = int_filter($_GET['id']);
$admin .= '<div class="border">';
$admin .= '<b>Edit Topik Baru dengan Id = ' . $id . '</b>';
$admin .= '</div>';
if (isset($_POST['submit'])) {
$menu = text_filter($_POST['menu']);
$url = $_POST['url'];
$seftitle = AuraCMSSEO($menu);
$parentid = $_POST['parentid'];
$parentid = '0';
$total = $koneksi_db->sql_query("SELECT * FROM topik WHERE topik = '" . $_POST['menu'] . "' and id != '" . $id . "'");
$jumlah = $koneksi_db->sql_numrows($total);
$error = '';
if ($jumlah) {
$error .= "Error: Duplicate Title of Topic {$judul}!<br />";
}
if (!$menu) {
$error .= "Error: Please enter Title of Topic!<br />";
}
if (!$url) {
$error .= "Error: Please enter Description of Topic!<br />";
public static function listLinksAndCategories($course_id, $session_id, $categoryId, $show = 'none', $token = null)
{
$tbl_link = Database::get_course_table(TABLE_LINK);
$_user = api_get_user_info();
$categoryId = intval($categoryId);
/* Action Links */
echo '<div class="actions">';
if (api_is_allowed_to_edit(null, true)) {
echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&action=addlink&category_id=' . $categoryId . '">' . Display::return_icon('new_link.png', get_lang('LinkAdd'), '', ICON_SIZE_MEDIUM) . '</a>';
echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&action=addcategory&category_id=' . $categoryId . '">' . Display::return_icon('new_folder.png', get_lang('CategoryAdd'), '', ICON_SIZE_MEDIUM) . '</a>';
}
$categories = Link::getLinkCategories($course_id, $session_id);
$count = count($categories);
if (!empty($count)) {
echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&action=list&show=none">';
echo Display::return_icon('view_remove.png', get_lang('shownone'), '', ICON_SIZE_MEDIUM) . '</a>';
echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&action=list&show=all">';
echo Display::return_icon('view_tree.png', get_lang('showall'), '', ICON_SIZE_MEDIUM) . '</a>';
}
echo '</div>';
// Displaying the links which have no category (thus category = 0 or NULL),
// if none present this will not be displayed
$sql = "SELECT * FROM {$tbl_link}\n WHERE c_id = {$course_id} AND category_id=0 OR category_id IS NULL";
$result = Database::query($sql);
$count = Database::num_rows($result);
if ($count !== 0) {
echo '<table class="data_table">';
echo '<tr><th style="font-weight: bold; text-align:left;padding-left: 10px;">' . get_lang('General') . '</th></tr>';
echo '</table>';
self::showlinksofcategory(0);
}
$i = 0;
$view = '0';
$counter = 0;
foreach ($categories as $myrow) {
// Student don't see invisible categories.
if (!api_is_allowed_to_edit(null, true)) {
if ($myrow['visibility'] == 0) {
continue;
}
}
// Validation when belongs to a session
$showChildren = $categoryId == $myrow['id'] || $show == 'all';
$session_img = api_get_session_image($myrow['session_id'], $_user['status']);
$myrow['description'] = text_filter($myrow['description']);
$strVisibility = '';
$visibilityClass = null;
if ($myrow['visibility'] == '1') {
$strVisibility = '<a href="link.php?' . api_get_cidreq() . '&sec_token=' . $token . '&action=invisible&id=' . $myrow['id'] . '&scope=' . TOOL_LINK_CATEGORY . '" title="' . get_lang('Hide') . '">' . Display::return_icon('visible.png', get_lang('Hide'), array(), ICON_SIZE_SMALL) . '</a>';
} elseif ($myrow['visibility'] == '0') {
$visibilityClass = 'invisible';
$strVisibility = ' <a href="link.php?' . api_get_cidreq() . '&sec_token=' . $token . '&action=visible&id=' . $myrow['id'] . '&scope=' . TOOL_LINK_CATEGORY . '" title="' . get_lang('Show') . '">' . Display::return_icon('invisible.png', get_lang('Show'), array(), ICON_SIZE_SMALL) . '</a>';
}
echo '<tr>';
echo '<table class="data_table">';
echo '<tr>';
echo '<th width="81%" style="font-weight: bold; text-align:left;padding-left: 5px;">';
if ($showChildren) {
echo '<a class="' . $visibilityClass . '" href="' . api_get_self() . '?' . api_get_cidreq() . '&category_id=">';
echo Display::return_icon('view_remove.png');
} else {
echo '<a class="' . $visibilityClass . '" href="' . api_get_self() . '?' . api_get_cidreq() . '&category_id=' . $myrow['id'] . '">';
echo Display::return_icon('view_tree.png');
}
echo ' ' . Security::remove_XSS($myrow['category_title']) . '</a>
<br /> ' . $myrow['description'];
echo '</th>';
if (api_is_allowed_to_edit(null, true)) {
if ($session_id == $myrow['session_id']) {
echo '<th>';
echo $strVisibility;
Link::showCategoryAdminTools($myrow, $counter, count($categories));
echo '</th>';
} else {
echo '<th>' . get_lang('EditionNotAvailableFromSession');
}
}
echo '</tr>';
echo '</table>';
if ($showChildren) {
echo Link::showlinksofcategory($myrow['id']);
}
echo '</tr>';
echo '</th>';
echo '</tr>';
echo '</table>';
echo '</tr>';
$counter++;
/*
if ($myrow['visibility'] == '1') {
if (isset($urlview[$i]) && $urlview[$i] == '1') {
$newurlview = $urlview;
$newurlview[$i] = '0';
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&urlview='.Security::remove_XSS($newurlview).'">';
echo '<img src="../img/icons/22/view_remove.png" /> '.Security::remove_XSS($myrow['category_title']).'</a>
<br /> '.$myrow['description'];
echo '</th>';
if (api_is_allowed_to_edit(null, true)) {
if ($session_id == $myrow['session_id']) {
echo '<th>';
echo $strVisibility;
Link::showcategoryadmintools($myrow['id']);
echo '</th>';
} else {
echo '<th>'.get_lang('EditionNotAvailableFromSession');
}
}
echo '</tr>';
echo '</table>';
echo Link::showlinksofcategory($myrow['id']);
echo '</tr>';
} else {
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&urlview=';
echo is_array($view) ? implode('', $view) : $view;
echo '"><img src="../img/icons/22/view_tree.png" /> '.
Security::remove_XSS($myrow['category_title']).$session_img;
echo'</a><br /> ';
echo $myrow['description'];
if (api_is_allowed_to_edit(null, true)) {
if ($session_id == $myrow['session_id']) {
echo '<th style="text-align:center;">';
echo $strVisibility;
Link::showcategoryadmintools($myrow['id']);
echo '</th>';
}
}
echo '</th>';
echo '</tr>';
echo '</table>';
echo '</tr>';
}
} else {
// NO VISIBLE
if (api_is_allowed_to_edit(null, true)) {
if (isset($urlview[$i]) && $urlview[$i] == '1') {
$newurlview = $urlview;
$newurlview[$i] = '0';
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&urlview='.Security::remove_XSS($newurlview).'">';
echo '<img src="../img/icons/22/view_remove_na.png" /> '.Security::remove_XSS($myrow['category_title']).'</a><br /> '.$myrow['description'];
echo '</th>';
if (api_is_allowed_to_edit(null, true)) {
if ($session_id == $myrow['session_id']) {
echo '<th>'; echo $strVisibility; Link::showcategoryadmintools($myrow['id']); echo '</th>';
} else {
echo '<th>'.get_lang('EditionNotAvailableFromSession');
}
}
echo '</tr>';
echo '</table>';
echo Link::showlinksofcategory($myrow['id']);
echo '</tr>';
} else {
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&urlview=';
echo is_array($view) ? implode('', $view) : $view;
echo '"><img src="../img/icons/22/view_tree_na.png" /> '.Security::remove_XSS($myrow['category_title']).$session_img;
echo'</a><br /> ';
echo $myrow['description'];
if (api_is_allowed_to_edit(null, true)) {
if ($session_id == $myrow['session_id']) {
echo '<th style="text-align:center;">';
echo $strVisibility;
Link::showcategoryadmintools($myrow['id']);
echo '</th>';
}
}
echo '</th>';
echo '</tr>';
echo '</table>';
echo '</tr>';
}
}*/
//}
// Displaying the link of the category
}
echo '</table>';
}
$admin .= "\n</select><br />\n<label>Isi keterangan</label><br /><textarea name='message' cols='40' rows='20' id='textarea1'>{$konten}</textarea><br />\n<label>Dokumen</label><br /><input type='file' name='dokumen' size='53'><br />\n<input type='submit' value='Kirim' name='submit'>\n</form></div>";
}
if ($_GET['aksi'] == "editnews") {
$id = int_filter($_GET['id']);
$topik = int_filter($_GET['topik']);
$admin .= '<div class="border">';
$admin .= '<b>Edit Download Dengan Id =' . $id . '</b>';
$admin .= '</div>';
if (isset($_POST['submit'])) {
define("GIS_GIF", 1);
define("GIS_JPG", 2);
define("GIS_PNG", 3);
define("GIS_SWF", 4);
include "includes/hft_image.php";
$judul = text_filter($_POST['judul']);
$konten = text_filter($_POST['message']);
$dokumen_name = $_FILES['dokumen']['name'];
$error = '';
if (!$judul) {
$error .= "Error: Please enter Title of Download!<br />";
}
//if (!$konten) $error .= "Error: Please enter Content of Download!<br />";
if ($error) {
$admin .= '<div class="error">' . $error . '</div>';
} else {
if (!empty($dokumen_name)) {
$dokumen = $_FILES['dokumen']['name'];
$type_dokumen = $_FILES['dokumen']['type'];
$tmp_dokumen = $_FILES['dokumen']['tmp_name'];
$tempdokumen = 'mod/download/dokumen/';
$namadokumen = $dokumen;
function kirim_mail($email, $smail, $subject, $message, $id = "", $pr = "")
{
$email = text_filter($email);
$smail = text_filter($smail);
$subject = text_filter($subject);
$id = intval($id);
$pr = !$pr ? "3" : "" . intval($pr) . "";
$mheader = "MIME-Version: 1.0\n" . "Content-Type: text/html; charset=utf-8\n" . "Reply-To: \"{$smail}\" <{$smail}>\n" . "From: \"{$smail}\" <{$smail}>\n" . "Return-Path: <{$smail}>\n" . "X-Priority: {$pr}\n" . "X-Mailer: Teamworks v2.3 Mailer\n";
@mail($email, $subject, $message, $mheader);
}
/**
* returns the question description
*
* @author Olivier Brouckaert
* @return string - question description
*/
function selectDescription()
{
$this->description = text_filter($this->description);
return $this->description;
}
<td style="padding-right:5px;padding-bottom:5px;"></td>
<td style="padding-left:5px;padding-bottom:5px;"></td>
<td style="padding-left:5px;padding-bottom:5px;"><input type="submit" name="submit" value="Submit" class="button"></td>
</tr>
</table>
</form>
</div>';
}
##########################
# EDIT ONGKIR
##########################
if ($_GET['aksi'] == 'edit_ongkir') {
$idk = int_filter($_GET['idk']);
if (isset($_POST['submit'])) {
$kota = text_filter($_POST['kota']);
$ongkir = text_filter($_POST['ongkir']);
$error = '';
if (!$kota) {
$error .= "Error: Silahkan isi kota tujuan!<br />";
}
if (!$ongkir) {
$error .= "Error: Silahkan isi harga pengiriman!<br />";
}
if ($error) {
$tengah .= '<div class="error">' . $error . '</div>';
} else {
$hasil = $koneksi_db->sql_query("UPDATE ongkir SET kota='{$kota}',ongkir='{$ongkir}' WHERE idk='{$idk}'");
if ($hasil) {
$tengah .= '<div class="sukses">Ongkos Kirim berhasil di update</div>';
$style_include[] = '<meta http-equiv="refresh" content="1; url=?pilih=ongkir&mod=yes" />';
} else {
/**
* Edit a document based on $_POST and $_GET parameters 'dir' and 'path'
* @param array $_course array
* @return void
*/
public function edit_document($_course)
{
$course_id = api_get_course_int_id();
global $_configuration;
$dir = isset($_GET['dir']) ? $_GET['dir'] : $_POST['dir'];
// Please, do not modify this dirname formatting.
if (strstr($dir, '..')) {
$dir = '/';
}
if ($dir[0] == '.') {
$dir = substr($dir, 1);
}
if ($dir[0] != '/') {
$dir = '/' . $dir;
}
if ($dir[strlen($dir) - 1] != '/') {
$dir .= '/';
}
$filepath = api_get_path(SYS_COURSE_PATH) . $_course['path'] . '/document' . $dir;
if (!is_dir($filepath)) {
$filepath = api_get_path(SYS_COURSE_PATH) . $_course['path'] . '/document/';
$dir = '/';
}
$table_doc = Database::get_course_table(TABLE_DOCUMENT);
if (isset($_POST['path']) && !empty($_POST['path'])) {
$document_id = intval($_POST['path']);
$sql = "SELECT path FROM " . $table_doc . " WHERE c_id = {$course_id} AND id = " . $document_id;
$res = Database::query($sql);
$row = Database::fetch_array($res);
$content = stripslashes($_POST['content_lp']);
$file = $filepath . $row['path'];
if ($fp = @fopen($file, 'w')) {
$content = text_filter($content);
$content = str_replace(api_get_path(WEB_COURSE_PATH), $_configuration['url_append'] . '/courses/', $content);
// Change the path of mp3 to absolute.
// The first regexp deals with ../../../ urls.
$content = preg_replace("|(flashvars=\"file=)(\\.+/)+|", "\$1" . api_get_path(REL_COURSE_PATH) . $_course['path'] . '/document/', $content);
// The second regexp deals with audio/ urls.
$content = preg_replace("|(flashvars=\"file=)([^/]+)/|", "\$1" . api_get_path(REL_COURSE_PATH) . $_course['path'] . '/document/$2/', $content);
fputs($fp, $content);
fclose($fp);
$sql_update = "UPDATE " . $table_doc . " SET title='" . Database::escape_string($_POST['title']) . "' WHERE c_id = " . $course_id . " AND id = " . $document_id;
Database::query($sql_update);
}
}
}
##########################
# EDIT PRODUK
##########################
if ($_GET['aksi'] == 'edit_produk') {
$id = int_filter($_GET['id']);
if (isset($_POST['submit'])) {
define("GIS_GIF", 1);
define("GIS_JPG", 2);
define("GIS_PNG", 3);
define("GIS_SWF", 4);
include "includes/hft_image.php";
$judul = text_filter($_POST['judul']);
$kategori = text_filter($_POST['kategori']);
$desc = $_POST['desc'];
$gambar = $_FILES['gambar']['name'];
$gambar_lama = text_filter($_POST['gambar_lama']);
$gambartambahan = $_FILES['gambartambahan']['name'];
$tgl = $_POST['tgl'];
$client = $_POST['client'];
$kota = $_POST['kota'];
$jenis = $_POST['jenis'];
$error = '';
if (!$judul) {
$error .= "Error: Silahkan Isi Nama Produknya!<br />";
}
if (!$desc) {
$error .= "Error: Silahkan Isi Keterangannya!<br />";
}
if ($error) {
$tengah .= '<div class="error">' . $error . '</div>';
} else {
</tr>
</table>
</form>
</div>';
}
##########################
# EDIT BANK
##########################
if ($_GET['aksi'] == 'edit_bank') {
$id = int_filter($_GET['id']);
if (isset($_POST['submit'])) {
$bank = text_filter($_POST['bank']);
$nama = text_filter($_POST['nama']);
$rekening = $_POST['rekening'];
$logo = $_FILES['logo']['name'];
$logo_lama = text_filter($_POST['gambar_logo']);
$error = '';
if (!$bank) {
$error .= "Error: Silahkan Isi Nama Bank Anda!<br />";
}
if (!$nama) {
$error .= "Error: Silahkan Isi Nama Akun Bank Anda!<br />";
}
if (!$rekening) {
$error .= "Error: Silahkan Isi Nomor Rekening Bank Anda!<br />";
}
if ($error) {
$tengah .= '<div class="error">' . $error . '</div>';
}
$hasil = $koneksi_db->sql_query("UPDATE bank SET bank='{$bank}',nama='{$nama}',rekening='{$rekening}' WHERE id='{$id}'");
if ($hasil) {
/**
* This function exports the given item
* @param integer Id from learnpath_items table
* @param integer Item id
* @param string Itm type
* @param boolean Shall the SCORM communications features be added? (true). Default: false.
* @return void (outputs a zip file)
* @todo Try using the SCORM communications addition (adding a button and several javascript calls to the SCORM API) elsewhere than just in the export feature, so it doesn't look like an incoherent feature
*/
function exportitem($id, $item_id, $item_type, $add_scorm_communications = false) {
$course_id = api_get_course_int_id();
global $circle1_files, $expdir, $_course, $_SESSION, $GLOBALS;
global $timeNoSecFormat, $dateFormatLong, $language_interface, $langPubl, $langDone, $langThisCourseDescriptionIsEmpty, $lg_course_description, $lg_introduction_text, $_cid, $langHotPotatoesFinished, $lg_author, $lg_date, $lg_groups, $lg_users, $lg_ass, $lg_dropbox, $test, $langQuestion;
$libp = api_get_path(SYS_CODE_PAH);
include_once $libp.'exercice/exercise.class.php';
include_once $libp.'question.class.php';
include_once $libp.'answer.class.php';
include_once $libp.'exercise.lib.php';
$langLasting = '';//avoid code parser warning
include_once $libp.'lang/english/announcements.inc.php'; //this line is here only for $langPubl in announcements
include_once $libp.'lang/'.$language_interface.'/announcements.inc.php'; //this line is here only for $langPubl in announcements
include_once $libp.'lang/english/agenda.inc.php'; //this line is here only for $langLasting
include_once $libp.'lang/'.$language_interface.'/agenda.inc.php'; //this line is here only for $langLasting
include_once $libp.'lang/english/course_description.inc.php'; //this line is here only for $langThisCourseDescriptionIsEmpty
include_once $libp.'lang/'.$language_interface.'/course_description.inc.php'; // -||-
include_once $libp.'lang/english/resourcelinker.inc.php';
include_once $libp.'lang/'.$language_interface.'/resourcelinker.inc.php';
include_once $libp.'lang/english/learnpath.inc.php';
include_once $libp.'lang/'.$language_interface.'/learnpath.inc.php';
include_once $libp.'lang/english/exercice.inc.php';
include_once $libp.'lang/'.$language_interface.'/exercice.inc.php';
include_once '../resourcelinker/resourcelinker.inc.php';
$LPname = display_addedresource_link_in_learnpath($item_type, $item_id, '', $id, 'builder', 'nolink');
$expcontent = "<!--
This is an exported file from Chamilo Learning Path belonging to a Scorm compliant content package.
Do not modify or replace individually.
Export module author : Denes Nagy <*****@*****.**>
-->
";
// Files needed for communicating with the scos.
$scocomfiles = "<script type='text/javascript' src='../js/APIWrapper.js'></script>"."<script type='text/javascript' src='../js/SCOFunctions.js'></script>";
$expcontent .= '<html><head><link rel="stylesheet" href="../css/default.css" type="text/css" media="screen,projection" />'.$scocomfiles.'</head><body>';
$donebutton .= "<script type='text/javascript'>
/* <![CDATA[ */
loadPage();
var studentName = '!';
var lmsStudentName = doLMSGetValue( 'cmi.core.student_name' );
if ( lmsStudentName != '' )
{
studentName = ' ' + lmsStudentName + '!';
}
/* ]]> */
</script>
<br /><br />
<form><input type=\"hidden\" name=\"SQMSESSID\" value=\"36812c2dea7d8d6e708d5e6a2f09b0b9\" />
<table cols='3' width='100%' align='center'>
<tr>
<td align='middle'><input type = 'button' value = ' ".$langDone." ' onclick = \"javascript: doQuit('completed');\" id='button2' name='button2'></td>
</tr>
</table>
</form>";
/**
* Switch between the different element types, namely:
* - Agenda
* - Ad_Valvas
* - Course_description
* - Document
* - Introduction_text
* - HotPotatoes
* - Exercise
* - Post
* - Forum ]
* - Thread ]
* - Dropbox ]
* - Assignments ] These elements are all replaced by a simple message in the exported document.
* - Groups ]
* - Users ]
* - Link _self
* - Link _blank
*/
switch ($item_type) {
// AGENDA BEGIN
case 'Agenda':
// 1. Get agenda event data from the database table.
$TABLEAGENDA = Database :: get_course_table(TABLE_AGENDA);
$sql = "SELECT * FROM ".$TABLEAGENDA." where c_id = $course_id AND (id=$item_id)";
$result = Database::query($sql);
// 2. Prepare table output.
$expcontent .= "<table class=\"data_table\" >";
$barreMois = '';
// 3. For each event corresponding to this agenda, do the following:
while ($myrow = Database::fetch_array($result)) {
$start_date_local = api_get_local_time($myrow['start_date'], null, date_default_timezone_get());
//3.1 Make the blue month bar appear only once.
if ($barreMois != api_format_date($start_date_local, "%m")) {
// 3.1.1 Update the check value for the month bar.
$barreMois = api_format_date($start_date_local, "%m");
// 3.1.2 Display the month bar.
$expcontent .= "<tr><td id=\"title\" colspan=\"2\" class=\"month\" valign=\"top\">".api_format_date($start_date_local, "%B %Y")."</td></tr>";
}
// 3.2 Display the agenda items (of this month): the date, hour and title.
$db_date = (int) api_format_date($start_date_local, "%d");
if ($_GET['day'] != $db_date) {
// 3.2.1.a If the day given in the URL (might not be set) is different from this element's day, use style 'data'.
$expcontent .= "<tr><td class=\"data\" colspan='2'>";
} else {
// 3.2.1.b Else (same day) use style 'datanow'.
$expcontent .= "<tr><td class=\"datanow\" colspan='2'>";
}
// 3.2.2 Mark an anchor for this date.
$expcontent .= "<a name=\"".$db_date."\"></a>"; // anchoring
// 3.2.3 Write the date and time of this event to the export string.
$expcontent .= api_format_date($start_date_local);
// 3.2.4 If a duration is set, write it, otherwise ignore.
if ($myrow['duration'] == '') {
$expcontent .= "<br />";
} else {
$expcontent .= " / ".$langLasting." ".$myrow['duration']."<br />"; //langLasting comes from lang/x/agenda.inc.php
}
// 3.2.5 Write the title.
$expcontent .= $myrow['title'];
$expcontent .= "</td></tr>";
// 3.2.6 Prepare the content of the agenda item.
$content = $myrow['content'];
// 3.2.7 Make clickable???
$content = make_clickable($content);
$content = text_filter($content);
// 3.2.8 Write the prepared content to the export string.
$expcontent .= "<tr><td class=\"text\" colspan='2'>";
$expcontent .= $content;
$expcontent .= "</td></tr>";
// Displaying the agenda item of this month: the added resources.
// This part is not included into LP export.
/*if (check_added_resources("Agenda", $myrow['id'])) {
$content.= "<tr><td colspan='2'>";
$content.= "<i>".get_lang('AddedResources')."</i><br />";
display_added_resources("Agenda", $myrow['id']);
$content.= "</td></tr>";
}*/
}
// 4. Finish the export string.
$expcontent .= "<tr></table>";
break;
// ANNOUNCEMENT BEGIN
case 'Ad_Valvas':
// 1. Get the announcement data from the database
$tbl_announcement = Database::get_course_table(TABLE_ANNOUNCEMENT);
$sql = "SELECT * FROM $tbl_announcement WHERE c_id = $course_id AND id='$item_id'";
$result = Database::query($sql);
// 2. Initialise export string
$expcontent .= "<table class=\"data_table\">";
// 3. For each announcement matching the query
while ($myrow = Database::fetch_array($result)) {
// 3.1 Get the __ field data.
$content = $myrow[1];
//$content = nl2br($content);
// 3.2 Prepare the data for export.
$content = make_clickable($content);
$content = text_filter($content);
// 3.3 Get a UNIX(?<-mktime) Timestamp of the end_date for this announcement.
$last_post_datetime = $myrow['end_date']; // post time format datetime of database layer (MySQL is assumed)
list ($last_post_date, $last_post_time) = split(' ', $last_post_datetime);
list ($year, $month, $day) = explode('-', $last_post_date);
list ($hour, $min) = explode(':', $last_post_time);
$announceDate = mktime($hour, $min, 0, $month, $day, $year);
// 3.4 Compare the end date to the last login date of the user (mark it in red if he has not already read it).
if ($announceDate > $_SESSION['user_last_login_datetime']) {
$colorBecauseNew = " color=\"red\" ";
} else {
$colorBecauseNew = ' ';
}
// 3.5 Write this content to the export string (formatted HTML array).
$expcontent .= "<tr>\n"."<td class=\"cell_header\">\n"."<font ".$colorBecauseNew.">".$langPubl." : ".api_convert_and_format_date($last_post_datetime, null, date_default_timezone_get())."</font>\n"."</td>\n"."</tr>\n"."<tr>\n"."<td>\n".$content."</td>\n"."</tr>\n";
} // while loop
// 4 Finish the export string.
$expcontent .= "</table>";
break;
// Course_description BEGIN
case 'Course_description':
// 1. Get course description data from database.
$tbl_course_description = Database :: get_course_table(TABLE_COURSE_DESCRIPTION);
$result = Database::query("SELECT id, title, content FROM ".$tbl_course_description." WHERE c_id = $course_id ORDER BY id");
// 2. Check this element.
if (Database::num_rows($result)) {
// 2.a This course has one (or more) description in the database.
$expcontent .= "<hr noshade=\"noshade\" size=\"1\" />";
// 2.a.1 For each description available for this course.
while ($row = Database::fetch_array($result)) {
// 2.a.1.1 Write title to export string.
$expcontent .= "<h4>".$row['title']."</h4>";
// 2.a.1.2 Prepare content.
$content = make_clickable(nl2br($row['content']));
$content = text_filter($content);
// 2.a.1.3 Write content to the export string.
$expcontent .= $content;
}
} else {
// 2.b This course has no description available.
$expcontent .= "<br /><h4>$langThisCourseDescriptionIsEmpty</h4>";
}
break;
// DOCUMENT BEGIN
case 'Document':
// 1. Get the document data from the database.
$tbl_document = Database::get_course_table(TABLE_DOCUMENT);
$sql_query = "SELECT * FROM $tbl_document WHERE c_id = $course_id AND id=$item_id";
$sql_result = Database::query($sql_query);
$myrow = Database::fetch_array($sql_result);
// 2. Get the origin path of the document to treat it internally.
$orig = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document'.$myrow['path'];
// 3. Make some kind of strange transformation to get the destination filepath ???
$pathname = explode('/', $myrow['path']);
$last = count($pathname) - 1;
$filename = 'data/'.$filename.$pathname[$last];
$copyneeded = true;
// Html files do not need to be copied as the ok button is inserted into them,
// so don't copy directly.
$extension = explode('.', $pathname[$last]);
// This old condition was WRONG for names like design.html.old. Instead, we now get the extension
// by using preg_match to match case-insensitive (probably faster than 4 conditions).
//if (($extension[1]=='htm') or ($extension[1]=='html') or ($extension[1]=='HTM') or ($extension[1]=='HTML')) {
// 4. Check the file extension.
if (preg_match('/.*(\.htm(l)?)$/i', $pathname[$last])) {
// 4.a If this file ends with ".htm(l)", we consider it's an HTML file.
// src tag check begin
// We now check if there is any src attribute in htm(l) files, if yes, we have to also export
// the target file (swf, mp3, video,...) of that src tag.
// In case of absolute links (http://) this is not neccessary, but makes no error.
// However still missing : relative links case with subdirs -> the necessary dirs are not created in the exported package.
// 4.a.1 Get the file contents into $file.
$file = file_get_contents($orig);
// 4.a.2 Get all the src links in this file.
//preg_match_all("|((?i)src=\".*\" )|U",$file,$match);
$match = GetSRCTags($orig);
// 4.a.3 For each src tag found, do the following:
for ($i = 0; $i < count($match); $i ++) {
// 4.a.3.1 Get the tag (split from the key).
list ($key, $srctag) = each($match);
$src = $srctag;
// 4.a.3.2 Check the link kind (web or absolute/relative).
if (stristr($src, 'http') === false) {
// 4.a.3.2.a Do something only if relative (otherwise the user will be able to see it too anyway).
// 4.a.3.2.a.1 Get a proper URL and remove all './'
$src = urldecode($src); //mp3
//$src=str_replace('./','',$src);
$src = preg_replace('/^\.\//', '', $src);
// 4.a.3.2.a.2 Remove the player link from the URL (only use the mp3 file).
$src = str_replace('mp3player.swf?son=', '', $src); //mp3
// 4.a.3.2.a.3 Remove funny link parts.
$src = str_replace('?0', '', $src); //mp3
// The previous lines are used when creating docs with Chamilo Document tool's htmlarea
// Rows marked by 'mp3' are needed because the mp3 plugin inserts the swf-mp3 links in a very strange way
// and we can decode them with those 3 lines, hoping this will not cause errors in case of other htmls,
// created by any other software.
// 4.a.3.2.a.4 Prepare source and destination paths.
$source = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document'.dirname($myrow['path']).'/'.$src;
$dest = $expdir.'/data/'.$src;
//CopyNCreate($source,$dest);
rcopy($source, $dest);
} //else...?
}
// src tag check end
// sco communication insertion begin
// 4.a.4 If we want to add SCORM actions and a "Done" button, do the following:
if ($add_scorm_communications === true) {
if ($bodyclose = strpos($file, '</body>')) {
$file = substr_replace($file, $scocomfiles.$donebutton, $bodyclose, 7);
} elseif ($htmlclose = strpos($file, '</html>')) {
$file = substr_replace($file, $scocomfiles.$donebutton, $htmlclose, 7);
$file .= '</html>';
} else {
$file .= $scocomfiles.$donebutton;
}
} //sco communication insertion end
// 4.a.5 Replace the file's name by adding the element's ID before htm.
// This will not work with uppercase HTML though. Maybe use the preg_replace syntax proposed...
$filename = str_replace('.htm', $id.'.htm', $filename);
//$filename=preg_replace('/.*(\.htm(l)?)$/i',$id.$1,$filename);
// 4.a.6 Export these contents to a file and set the circle1_files array for later reuse.
exporttofile($filename, $LPname, $id, $file);
// The file has been copied, so ask not to copy it again.
$copyneeded = false;
} //if (htm(l) files) end
// 5. If we still need to copy the file (e.g. it was not an HTML file), then copy and set circle1_files for later reuse.
if ($copyneeded) {
copy($orig, $expdir.'/'.$filename);
$circle1_files[0][] = $filename;
$circle1_files[1][] = $LPname;
$circle1_files[2][] = $id;
}
//echo $orig;
return;
// Introduction_text BEGIN
case 'Introduction_text':
// 1 Get the introduction text data from the database.
$TBL_INTRO = Database :: get_course_tool_intro_table();
// Modified by Ivan Tcholakov, 15-SEP-2008.
//$result = Database::query("SELECT * FROM ".$TBL_INTRO." WHERE id=1");
$result = Database::query("SELECT * FROM ".$TBL_INTRO." WHERE c_id = $course_id AND id='course_homepage'");
//
$myrow = Database::fetch_array($result);
$intro = $myrow['intro_text'];
// 2 Write introduction text to the export string.
$expcontent .= '<br />'.$intro;
break;
// HotPotatoes BEGIN
case 'HotPotatoes':
// 1. Get HotPotatoes data from the document table.
$tbl_document = Database::get_course_table(TABLE_DOCUMENT);
$result = Database::query("SELECT * FROM $tbl_document WHERE c_id = $course_id AND id=$item_id");
$myrow = Database::fetch_array($result);
// 2. Get the document path.
$testfile = api_get_path(SYS_COURSE_PATH).$_course['path']."/document".urldecode($myrow['path']);
// 3. Get the document contents into a string.
$content = file_get_contents($testfile);
// 4. Get the document filename (just the file, no path) - would probably be better to use PHP native function.
$pathname = explode('/', $myrow['path']);
$last = count($pathname) - 1;
$filename = 'data/'.$filename.$pathname[$last];
// 4beta - get all linked files and copy them (procedure copied from documents type).
// Get all the src links in this file.
$match = GetSRCTags($testfile);
// For each src tag found, do the following:
foreach ($match as $src) {
//Check the link kind (web or absolute/relative)
if (stristr($src, 'http') === false) {
// Do something only if relative (otherwise the user will be able to see it too anyway).
// Get a proper URL and remove all './'
$src = urldecode($src); //mp3
$src = str_replace('./', '', $src);
// Remove the player link from the URL (only use the mp3 file).
$src = str_replace('mp3player.swf?son=', '', $src); //mp3
// Remove funny link parts.
$src = str_replace('?0', '', $src); //mp3
// The previous lines are used when creating docs with Chamilo Document tool's htmlarea.
// Rows marked by 'mp3' are needed because the mp3 plugin inserts the swf-mp3 links in a very strange way
// and we can decode them with those 3 lines, hoping this will not cause errors in case of other htmls,
// created by any other software.
// Prepare source and destination paths.
$source = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document'.dirname($myrow['path']).'/'.$src;
$dest = $expdir.'/data/'.$src;
//CopyNCreate($source,$dest);
rcopy($source, $dest);
} //else...?
}
// 5. Prepare the special "close window" for this test.
$closewindow = "<html><head><link rel='stylesheet' type='text/css' href='../css/default.css'></head><body>"."<br /><div class='message'>$langHotPotatoesFinished</div></body></html>";
// Finish is the function of HP to save scores, we insert our scorm function calls to its beginning
// 'Score' is the variable that tracks the score in HP tests.
// 6.
$mit = "function Finish(){";
$js_content = "var SaveScoreVariable = 0; // This variable is included by Chamilo LP export\n"."function mySaveScore() // This function is included by Chamilo LP export\n"."{\n"." if (SaveScoreVariable==0)\n"." {\n"." SaveScoreVariable = 1;\n".
//the following function are implemented in SCOFunctions.js
" exitPageStatus = true;\n"." computeTime();\n"." doLMSSetValue( 'cmi.core.score.raw', Score );\n"." doLMSSetValue( 'cmi.core.lesson_status', 'completed' );\n"." doLMSCommit();\n"." doLMSFinish();\n".
// " document.write('".$closewindow."');\n".
//if you insert the previous row, the test does not appear correctly !!!!
" }\n"."}\n"."function Finish(){\n"." mySaveScore();";
$start = "<script type='text/javascript'> loadPage(); </script>";
// 7. Replace the current MIT function call by our set of functions. In clear, transform HP to SCORM.
$content = str_replace($mit, $js_content, $content);
// 8. Finally, add the API loading calls (although that might have been done first).
$content = str_replace("</script>", "</script>".$scocomfiles.$start, $content);
// 9. Change the filename to add the database ID and export to a new file,
// setting the circle1_files array for later reuse.
$filename = str_replace('.htm', $id.'.htm', $filename);
exporttofile($filename, $LPname, $id, $content);
return;
// Chamilo test BEGIN
case 'Exercise':
//1 Use the export_exercise() function to do the job of constructing the question's HTML table
$expcontent .= export_exercise($item_id);
break;
// POST BEGIN
case 'Post':
// 1. Get the forum post data from the database.
$tbl_posts =Database::get_course_table(TABLE_FORUM_POST);
$tbl_posts_text =Database::get_course_table(TOOL_FORUM_POST_TEXT_TABLE);
$result = Database::query("SELECT * FROM $tbl_posts where c_id = $course_id AND post_id=$item_id");
$myrow = Database::fetch_array($result);
// Grabbing the title of the post.
$sql_titel = "SELECT * FROM $tbl_posts_text WHERE c_id = $course_id AND post_id=".$myrow['post_id'];
$result_titel = Database::query($sql_titel);
$myrow_titel = Database::fetch_array($result_titel);
$posternom = $myrow['nom'];
$posterprenom = $myrow['prenom'];
$posttime = $myrow['post_time'];
$posttext = $myrow_titel['post_text'];
$posttitle = $myrow_titel['post_title'];
$posttext = str_replace('"', "'", $posttext);
//2 Export contents as an HTML table
$expcontent .= "<table border='0' cellpadding='3' cellspacing='1' width='100%'>
<tr>
<td colspan='2' bgcolor='#e6e6e6'><b>$posttitle</b><br />$posttext</td>
</tr>
<tr>
<td colspan='2'></td>
</tr>
<tr>
<td bgcolor='#cccccc' align='left'>$lg_author : $posterprenom $posternom</td>
<td align='right' bgcolor='#cccccc'>$lg_date : $posttime</td>
</tr>
<tr><td colspan='2' height='10'></td></tr>
</table>";
break;
// NOT IMPLEMENTED ITEMS BEGIN
case 'Forum':
case 'Thread':
case 'Dropbox':
case 'Assignments':
case 'Groups':
case 'Users':
// 1. Instead of building something, put an info message.
$langItemMissing1 = "There was a ";
$langItemMissing2 = "page (step) here in the original Chamilo Learning Path.";
$expcontent .= "<div class='message'>$langItemMissing1 $item_type $langItemMissing2</div>";
break;
// Link BEGIN
case 'Link _self':
case 'Link _blank':
// 1. Get the link data from the database.
$TABLETOOLLINK = Database :: get_course_link_table();
$result = Database::query("SELECT * FROM $TABLETOOLLINK WHERE c_id = $course_id AND id=$item_id");
$myrow = Database::fetch_array($result);
$thelink = $myrow['url'];
// 2. Check the link type (open in blank page or in current page).
if ($item_type == 'Link _blank')
{
$target = '_blank';
}
// 3. Write the link to the export string.
$expcontent .= "<a href='$thelink?SQMSESSID=36812c2dea7d8d6e708d5e6a2f09b0b9' target='".$target."'>$LPname</a>";
// 4. Change the element type for later changes (this is lost, however, so useless here).
$item_type = 'Link'; // To put this to the filename.
//$LPname="<a href='$thelink?SQMSESSID=36812c2dea7d8d6e708d5e6a2f09b0b9' target=".$target.">$LPname</a>";
// I am still not sure about Link export : to export them as files or they can appear in the TOC at once ?
// To enable the second possibility, unrem the row $LPname=...
break;
}
// Now we add the Done button and the initialize function : loadpage()
// not in the case of Documents, HotP
if ($item_type != 'Exercise' and ($add_scorm_communications === true)) {
$expcontent .= $donebutton;
}
// End the export string with valid HTML tags.
$expcontent .= "</body></html>";
// Prepare new file name.
$filename = $item_type.$id.".htm";
// Write the export content to the new file.
exporttofile('data/'.$filename, $LPname, $id, $expcontent);
}
foreach ($resultcategories as $myrow) {
// Validation when belongs to a session
$session_img = api_get_session_image($myrow['session_id'], $_user['status']);
//if (!isset($urlview)) {
if ($urlview == '') {
// No $view set in the url, thus for each category link it should be all zeros except it's own
makedefaultviewcode($i);
} else {
$view = $urlview;
$view[$i] = '1';
}
// If the $urlview has a 1 for this categorie, this means it is expanded and should be desplayed as a
// - instead of a +, the category is no longer clickable and all the links of this category are displayed
$myrow['description'] = text_filter($myrow['description']);
$strVisibility = '';
if ($myrow['visibility'] == '1') {
$strVisibility = '<a href="link.php?' . api_get_cidreq() . '&sec_token='.$token.'&action=invisible&id=' . $myrow['id'] . '&scope=' . TOOL_LINK_CATEGORY . '" title="' . get_lang('Hide') . '">' .
Display :: return_icon('visible.png', get_lang('Hide'), array (), ICON_SIZE_SMALL) . '</a>';
} elseif ($myrow['visibility'] == '0') {
$strVisibility = ' <a href="link.php?' . api_get_cidreq() . '&sec_token='.$token.'&action=visible&id=' . $myrow['id'] . '&scope=' . TOOL_LINK_CATEGORY . '" title="' . get_lang('Show') . '">' .
Display :: return_icon('invisible.png', get_lang('Show'), array (), ICON_SIZE_SMALL) . '</a>';
}
if ($myrow['visibility'] == '1') {
if (isset($urlview[$i]) && $urlview[$i] == '1') {
$newurlview = $urlview;
$newurlview[$i] = '0';
echo '<tr>';
/**
* Teamworks v2.3
* http://www.teamworks.co.id
* December 03, 2007 07:29:56 AM
* Author: Teamworks Creative - reky@teamworks.co.id - +6285732037068 - pin 25b7edd4
*/
if (!defined('AURACMS_CONTENT')) {
Header("Location: ../index.php");
exit;
}
global $koneksi_db, $email_master, $judul_situs, $alamatkantor;
$index_hal = 1;
if (isset($_POST['submit'])) {
$nama = text_filter($_POST['nama']);
$email = text_filter($_POST['email']);
$pesan = nl2br(text_filter($_POST['pesan'], 2));
$error = '';
if (!is_valid_email($email)) {
$error .= "Error: E-Mail address invalid!<br />";
}
$gfx_check = $_POST['gfx_check'];
if (!$nama) {
$error .= "Error: Please enter your name!<br />";
}
if (!$pesan) {
$error .= "Error: Please enter a message!<br />";
}
// $code = substr(hexdec(md5("".date("F j")."".$_POST['random_num']."".$sitekey."")), 2, 6);
if ($gfx_check != $_SESSION['Var_session'] or !isset($_SESSION['Var_session'])) {
$error .= "Security Code Invalid <br />";
}
if ($hasil) {
$admin .= '<div class="sukses">Mata Pelajaran berhasil dihapus! .</div>';
$style_include[] = '<meta http-equiv="refresh" content="1; url=admin.php?pilih=mapel&mod=yes" />';
}
}
if ($_GET['aksi'] == 'edit') {
$id = int_filter($_GET['id']);
if (isset($_POST['submit'])) {
define("GIS_GIF", 1);
define("GIS_JPG", 2);
define("GIS_PNG", 3);
define("GIS_SWF", 4);
include "includes/hft_image.php";
$mapel = $_POST['mapel'];
$icon = $_FILES['icon']['name'];
$icon_lama = text_filter($_POST['icon_lama']);
$error = '';
if (!$mapel) {
$error .= "Error: Silahkan Isi Nama mapel<br />";
}
if (!$tunjangan) {
$tunjangan = '0';
}
if ($koneksi_db->sql_numrows($koneksi_db->sql_query("SELECT mapel FROM mapel WHERE mapel='{$mapel}' and id<>'{$id}'")) > 0) {
$error .= "Error: mapel " . $mapel . " sudah terdaftar , silahkan ulangi.<br />";
}
if ($error) {
$tengah .= '<div class="error">' . $error . '</div>';
} else {
if (!empty($icon)) {
$files = $_FILES['icon']['name'];
$admin .= '<div class="error">komentar telah di Un Publish</div>';
header("location:?pilih=news&mod=yes&aksi=listkomentar");
exit;
}
if ($_GET['aksi'] == "tambahsubgambar") {
$id = int_filter($_GET['id']);
$admin .= '<div class="border">';
$admin .= '<b>Tambah Sub Gambar Id =' . $id . '</b>';
$admin .= '</div>';
if (isset($_POST['submit'])) {
define("GIS_GIF", 1);
define("GIS_JPG", 2);
define("GIS_PNG", 3);
define("GIS_SWF", 4);
include "includes/hft_image.php";
$judul = text_filter($_POST['subjudul']);
$namafile_name = $_FILES['gambar']['name'];
$error = '';
//if (!$subnamafile_name) $error .= "Error: Please enter Sub Gambar , Judul : $judul2<br />";
//if ($jumlah) $error .= "Error: Duplicate Title of News $judul!<br />";
if (!$judul) {
$error .= "Error: Please enter Title of Sub!<br />";
}
if (!$namafile_name) {
$error .= "Error: Please enter File!<br />";
}
//if (!$konten) $error .= "Error: Please enter Content of News!<br />";
if ($error) {
$admin .= '<div class="error">' . $error . '</div>';
} else {
if (!empty($namafile_name)) {
header("location:admin.php?pilih=bukuoperasional&mod=yes&aksi=laporanbukuoperasional");
exit;
} else {
header("location:admin.php?pilih=bukuoperasional&mod=yes");
exit;
}
}
////////////////////////////////////////////////////////////////////////////////
if ($_GET['aksi'] == "addsekolah") {
$admin .= '<div class="border">';
$admin .= '<b>Buat Sekolah Baru ' . $LevelAkses . '</b><br>
<b>catatan :</b> Anda dapat melakukan editing atau Hapus data pada halaman ini.
';
$admin .= '</div>';
if (isset($_POST['submit'])) {
$sekolah = text_filter($_POST['sekolah']);
$error = '';
if (!$sekolah) {
$error .= "Error: sekolah harus diisi !<br />";
}
if ($error) {
$admin .= '<div class="error">' . $error . '</div>';
} else {
$hasil = $koneksi_db->sql_query("INSERT INTO sekolah (sekolah,user,tgl1) VALUES ('{$sekolah}','{$user}','{$tglskrg}')");
$admin .= '<div class="sukses"><b>sekolah Berhasil di Buat.</b></div>';
unset($sekolah);
}
}
$sekolah = !isset($sekolah) ? '' : $sekolah;
$admin .= '<div class="border">';
$admin .= '
<?php
<span class="help-block"></span>
</div>
</div>';
$admin .= '<div class="form-group">
<label class="col-sm-2 control-label"></label>
<div class="col-sm-10"><input type="submit" name="submit" value="Simpan" class="btn btn-success" /></div>
</div>';
$admin .= '</form></div></section>';
}
if ($_GET['aksi'] == 'edit') {
if (isset($_POST['submit'])) {
$id = int_filter($_GET['id']);
$level = $_POST['level'];
$tipe = $_POST['tipe'];
$email = text_filter($_POST['email']);
$nama = text_filter($_POST['nama']);
//if (!is_valid_email($email)) $error .= "Error, E-Mail address invalid!<br />";
if ($koneksi_db->sql_numrows($koneksi_db->sql_query("SELECT email FROM useraura WHERE email='{$email}' and UserId!='{$id}'")) > 0) {
$error .= "Error: Email " . $email . " sudah terdaftar , silahkan ulangi.<br />";
}
if ($error) {
$admin .= '<div class="alert alert-warning fade in">
<button data-dismiss="alert" class="close close-sm" type="button">
<i class="icon-remove"></i>
</button>
<strong>Error !</strong> <br>' . $error . '.
</div>';
} else {
$up = mysql_query("UPDATE `useraura` SET `level`='{$level}',`tipe`='{$tipe}',`email`='{$email}',`nama`='{$nama}' WHERE `UserId`='{$id}'");
$admin .= '<div class="alert alert-success fade in">
<button data-dismiss="alert" class="close close-sm" type="button">
$admin ='<h4 class="page-header">Pengaturan</h4>';
######################################
# Edit Password Admin
######################################
if($_GET['aksi']==""){
$admin .='<ol class="breadcrumb">
<li><a href="?pilih=settingwebsite&mod=yes">Pengaturan</a></li>
<li class="active">Password</li>
</ol>';
if (isset($_POST["submit"])) {
$user = text_filter($_POST['user']);
$email = text_filter($_POST['email']);
$password0 = md5($_POST["password0"]);
$password1 = $_POST["password1"];
$password2 = $_POST["password2"];
$hasil = $koneksi_db->sql_query( "SELECT password,email FROM psbcalon_useraura WHERE user='******'" );
while ($data = $koneksi_db->sql_fetchrow($hasil)) {
$password=$data['password'];
$email0=$data['email'];
}
$error = '';
if (!$password0) $error .= "Error: Please enter your Old Password!<br />";
if (!$password1) $error .= "Error: Please enter new password!<br />";
if (!$password2) $error .= "Error: Please retype your your new password!<br />";
checkemail($email);
if ($password0 != $password) $error .= "Invalid old pasword, silahkan ulangi lagi.<br />";
<td style="padding-left:5px;padding-bottom:5px;"></td>
<td style="padding-left:5px;padding-bottom:5px;"><input type="submit" name="submit" value="Submit"></td>
</tr>
</table>
</form>
</div>';
}
##########################
# EDIT YM
##########################
if ($_GET['aksi'] == 'edit_ym') {
global $koneksi_db;
$id = int_filter($_GET['id']);
if (isset($_POST['submit'])) {
$nama = text_filter($_POST['nama']);
$akun = text_filter($_POST['akun']);
$error = '';
if (!$nama) {
$error .= "Error: Nama YM tidak boleh kosong!<br />";
}
if (!$akun) {
$error .= "Error: Akun YM tidak boleh kosong!<br />";
}
if ($error) {
$tengah .= '<div class="error">' . $error . '</div>';
} else {
$hasil = $koneksi_db->sql_query("UPDATE ym SET nama='{$nama}', akun='{$akun}' WHERE id='{$id}'");
if ($hasil) {
$tengah .= '<div class="sukses">Yahoo Messenger Berhasil diedit</div>';
$style_include[] = '<meta http-equiv="refresh" content="1; url=?pilih=ym&mod=yes" />';
} else {
$data = mysql_fetch_array(mysql_query("SELECT judul FROM artikel WHERE id='{$id}' AND publikasi=1"));
$judul_artikel = $data['judul'];
$tengah .= '<div class="left_message"><p>Anda ing memberitahu teman Anda tentang artikel ini yang berjudul : <b>' . $judul_artikel . '</b></p></div>';
if (isset($_POST['submit'])) {
$yemail = text_filter($_POST['yemail']);
$femail = text_filter($_POST['femail']);
$pesan = text_filter($_POST['pesan']);
$error = '';
if (!is_valid_email($yemail)) {
$error .= "your email invalid, Please use the standard format (admin@domain.com)<br />";
}
if (!is_valid_email($femail)) {
$error .= "Friend email invalid, Please use the standard format (admin@domain.com)<br />";
}
$yname = text_filter($_POST['yname']);
$fname = text_filter($_POST['fname']);
if (!$fname) {
$error .= "Error: Please enter your Frind's Name!<br />";
}
if (!$yname) {
$error .= "Error: Please enter your Name!<br />";
}
$gfx_check = intval($_POST['gfx_check']);
if ($_POST['gfx_check'] != $_SESSION['Var_session'] or !isset($_SESSION['Var_session'])) {
$error .= "Error: Security Code Invalid <br />";
}
if ($error) {
$tengah .= '<div class="error">' . $error . '</div>';
} else {
$subject = "Ada artikel bagus di {$url_situs}";
$full_pesan = "Hallo,\n\nBerikut ini ada artikel yang bagus untuk dibaca,\n<br />Artikel dengan judul : {$judul_artikel}, silahkan klik aja <a href='{$url_situs}/?pilih=news&mod=yes&aksi=lihat&id={$id}'>{$url_situs}/?pilih=news&mod=yes&aksi=lihat&id={$id}</a>.\n<br />\n<br />\n{$pesan}\n<br />\n<br />Terima kasih.";
$judul_situs = 'Konfirmasi Pembayaran | ' . $judul_situs . '';
$tengah .= '<h4 class="bg">Konfirmasi Pembayaran</h4>';
#######################
# SUBMIT TESTIMONI
#######################
if (isset($_POST['submit'])) {
$nama = text_filter($_POST['nama']);
$email = text_filter($_POST['email']);
$telepon = text_filter($_POST['telepon']);
$banktujuan = text_filter($_POST['banktujuan']);
$bankpengirim = text_filter($_POST['bankpengirim']);
$namapengirim = text_filter($_POST['namapengirim']);
$jumlah = text_filter($_POST['jumlah']);
$catatan = text_filter($_POST['catatan']);
$tgl = text_filter($_POST['tgl']);
$status = text_filter($_POST['status']);
$error = '';
$gfx_check = $_POST['gfx_check'];
if (!is_valid_email($email)) {
$error .= "Error: Isi E-Mail Anda dengan benar!<br />";
}
if (!$nama) {
$error .= "Error: Silahkan isi nama Anda!<br />";
}
if (!$telepon) {
$error .= "Error: Silahkan isi nomor telepon / HP Anda!<br />";
}
if (!$bankpengirim) {
$error .= "Error: Silahkan isi bank pengirim!<br />";
}
if (!$namapengirim) {
function kirim_mail($email, $smail, $subject, $message, $id = "", $pr = "")
{
$email = text_filter($email);
$smail = text_filter($smail);
$subject = text_filter($subject);
$id = intval($id);
$pr = !$pr ? "3" : "" . intval($pr) . "";
$mheader = "MIME-Version: 1.0\n" . "Content-type: text/plain; charset=iso-8859-1\n" . "Reply-To: \"{$smail}\" <{$smail}>\n" . "From: \"{$smail}\" <{$smail}>\n" . "Return-Path: <{$smail}>\n" . "X-Priority: {$pr}\n" . "X-Mailer: PHP's mail() Function\n";
@mail($email, $subject, $message, $mheader);
}
}
}
##########################
# CHECKOUT
##########################
if ($_GET['aksi'] == 'checkout') {
if (is_array(@$_SESSION['product_id']) && count(@$_SESSION['product_id']) >= 1) {
if (isset($_POST['submit'])) {
$nama = text_filter($_POST['nama']);
$email = text_filter($_POST['email']);
$alamat = text_filter($_POST['alamat']);
$keterangan = text_filter($_POST['keterangan']);
$kota = text_filter($_POST['kota']);
$provinsi = text_filter($_POST['provinsi']);
$kodepos = text_filter($_POST['kodepos']);
$telp = text_filter($_POST['telp']);
$keadmin = '<strong> ' . $judul_situs . ' - Pemesanan</strong><br /><br />
Berikut Pemesanan dari ' . $nama;
$keadmin .= '<table border="0" cellspacing="0" cellpadding="0">
<tr><td>Nama </td><td style="padding:3px 5px 3px 5px;">:</td><td>' . $nama . '</td></tr>
<tr><td>Alamat </td><td style="padding:3px 5px 3px 5px;">:</td><td>' . $alamat . '</td></tr>
<tr><td>Keterangan </td><td style="padding:3px 5px 3px 5px;">:</td><td>' . $keterangan . '</td></tr>
<tr><td>Kota </td><td style="padding:3px 5px 3px 5px;">:</td><td>' . $kota . '</td></tr>
<tr><td>Provinsi </td><td style="padding:3px 5px 3px 5px;">:</td><td>' . $provinsi . '</td></tr>
<tr><td>Kodepos </td><td style="padding:3px 5px 3px 5px;">:</td><td>' . $kodepos . '</td></tr>
<tr><td>No. Telp </td><td style="padding:3px 5px 3px 5px;">:</td><td>' . $telp . '</td></tr>
<tr><td>Email </td><td style="padding:3px 5px 3px 5px;">:</td><td>' . $email . '</td></tr>
</table><br /><br />';
$keuser = '' . $pesancheckout . '<br /><br />';
$keuser .= 'Berikut Data Pesanan Anda di ' . $judul_situs . '';
$keuser .= '<br /><br />';
<td>Propinsi</td>
<td><input type="text" name="propinsi" value="' . $propinsi . '" size="30" class="form-control"></td>
</tr>
<tr>
<td>Negara</td>
<td><input type="text" name="negara" value="' . $negara . '" size="30" class="form-control"></td>
</tr>
<tr>
<td>Telepon</td>
<td><input type="text" name="telepon" value="' . $telepon . '" size="30" class="form-control"></td>
</tr>
<tr>
<td>Handphone</td>
<td><input type="text" name="handphone" value="' . $handphone . '" size="30" class="form-control"></td>
</tr>
<tr>
<td>Pendidikan Terakhir</td>
<td><select name="pendidikan_terakhir" class="form-control">';
$hasil = $koneksi_db->sql_query("SELECT * FROM hrd_pendidikan ORDER BY id");
$admin .= '<option value="-">== Pendidikan Terakhir ==</option>';
while ($datas = $koneksi_db->sql_fetchrow($hasil)) {
$pilihan = $datas['id'] == $pendidikan_terakhir ? "selected" : '';
$admin .= '<option value="' . $datas['id'] . '" ' . $pilihan . '>' . $datas['nama'] . '</option>';
}
$admin .= '</select></td>
</tr>
<tr>
<td>Foto</td>
<td><input type="file" name="foto" size="53"><p class="help-block">Extensi foto harus JPG</p></td>
</tr>';
if (!$fotolama) {
$tengah .= '</td></tr>';
}
$tengah .= '</table>';
} else {
$tengah .= '<div class="error">data Kosong !</div>';
}
}
#######################
# SUBMIT TESTIMONI
#######################
if (isset($_POST['submit'])) {
$tgl = date('Y-m-d H:i:s');
$nama = text_filter($_POST['nama']);
$email = text_filter($_POST['email']);
$website = text_filter($_POST['website']);
$testimonial = nl2br(text_filter($_POST['testimonial'], 2));
$error = '';
$gfx_check = $_POST['gfx_check'];
if (!$website) {
$error .= "Error: Please enter your website!<br />";
}
if (!$testimonial) {
$error .= "Error: Please enter a testimonial!<br />";
}
// $code = substr(hexdec(md5("".date("F j")."".$_POST['random_num']."".$sitekey."")), 2, 6);
if ($gfx_check != $_SESSION['Var_session'] or !isset($_SESSION['Var_session'])) {
$error .= "Security Code Invalid <br />";
}
if (cek_posted('contact')) {
$error .= 'Anda Telah Memposting Testimonial, Tunggu beberapa Saat';
}
function mail_send($email, $smail, $subject, $message, $id = "", $pr = "")
{
$email = text_filter($email);
$smail = text_filter($smail);
$subject = text_filter($subject);
$id = intval($id);
$pr = !$pr ? "3" : "" . intval($pr) . "";
$message = !$id ? "" . $message . "" : "" . $message . "<br /><br />IP: " . getenv("REMOTE_ADDR") . "<br />User agent: " . getenv("HTTP_USER_AGENT") . "";
$mheader = "MIME-Version: 1.0\n" . "Content-Type: text/html; charset=utf-8\n" . "Reply-To: \"{$smail}\" <{$smail}>\n" . "From: \"{$smail}\" <{$smail}>\n" . "Return-Path: <{$smail}>\n" . "X-Priority: {$pr}\n" . "X-Mailer: Teamworks v2.3 Mailer\n";
@mail($email, $subject, $message, $mheader);
}
//=============================
// EDIT BERITA
//=============================
if ($_GET['aksi'] == "editnews") {
$id = int_filter($_GET['id']);
$topik = int_filter($_GET['topik']);
$admin .= '<h4 class="border">Edit Berita Dengan ID =' . $id . '</h4>';
if (isset($_POST['submit'])) {
define("GIS_GIF", 1);
define("GIS_JPG", 2);
define("GIS_PNG", 3);
define("GIS_SWF", 4);
include "includes/hft_image.php";
$judul = text_filter($_POST['judul']);
$caption = text_filter($_POST['caption']);
$konten = text_filter($_POST['konten']);
$namafile_name = $_FILES['gambar']['name'];
$total = $koneksi_db->sql_query("SELECT * FROM artikel WHERE judul = '" . $_POST['judul'] . "' and id != '" . $id . "'");
$jumlah = $koneksi_db->sql_numrows($total);
$error = '';
if ($jumlah) {
$error .= "Error: Duplicate Title of News {$judul}!<br />";
}
if (!$judul) {
$error .= "Error: Please enter Title of News!<br />";
}
if (!$konten) {
$error .= "Error: Please enter Content of News!<br />";
}
if ($error) {
$admin .= '<div class="error">' . $error . '</div>';
