/** * Update User Configuration * * @param string $username * @param string $password0 * @param string $password1 * @param string $email * @param string $language * @param optional string $firstname * @param optional string $lastname * * @author Nikita Rousseau */ public function updateUserConfig($username, $password0, $password1, $email, $language, $firstname = '', $lastname = '') { $form = array('username' => $username, 'password0' => $password0, 'password1' => $password1, 'email' => $email, 'language' => $language); $errors = array(); // array to hold validation errors $data = array(); // array to pass back data $dbh = Core_DBH::getDBH(); // Get Database Handle // Get languages $languages = parse_ini_file(CONF_LANG_INI); $languages = array_flip(array_values($languages)); // validate the variables ====================================================== $v = new Valitron\Validator($form); $rules = ['required' => [['username'], ['password0'], ['password1'], ['email'], ['language']], 'alphaNum' => [['username']], 'lengthMin' => [['username', 4], ['password0', 8]], 'equals' => [['password0', 'password1']], 'email' => [['email']], 'in' => [['language', $languages]]]; $labels = array('username' => 'Username', 'password0' => 'Password', 'password1' => 'Confirmation Password', 'email' => 'Email', 'language' => 'Language'); $v->rules($rules); $v->labels($labels); $v->validate(); $errors = $v->errors(); // Apply the form ============================================================== if (empty($errors)) { // Database update $db_data['username'] = $form['username']; $db_data['password'] = Core_AuthService::getHash($form['password0']); $db_data['email'] = $form['email']; $db_data['lang'] = $form['language']; if (!empty($firstname)) { $db_data['firstname'] = $firstname; } if (!empty($lastname)) { $db_data['lastname'] = $lastname; } $authService = Core_AuthService::getAuthService(); $uid = Core_AuthService::getSessionInfo('ID'); foreach ($db_data as $key => $value) { $sth = $dbh->prepare("\tUPDATE " . DB_PREFIX . "user\n\t\t\t\t\t\t\t\t\t\tSET " . $key . " = :" . $key . "\n\t\t\t\t\t\t\t\t\t\tWHERE user_id = '" . $uid . "';"); $sth->bindParam(':' . $key, $value); $sth->execute(); } // Reload Session $authService->rmSessionInfo(); $authService->setSessionInfo($uid, $db_data['username'], $db_data['firstname'], $db_data['lastname'], $db_data['lang'], BGP_USER_TEMPLATE); $authService->setSessionPerms(); $this->rmCookie('LANG'); } // return a response =========================================================== // response if there are errors if (!empty($errors)) { // if there are items in our errors array, return those errors $data['success'] = false; $data['errors'] = $errors; $data['msgType'] = 'warning'; $data['msg'] = T_('Bad Settings!'); } else { $data['success'] = true; } // return all our data to an AJAX call return $data; }
function validate($array, $rules) { require_once $_SERVER['DOCUMENT_ROOT'] . '/vendor/autoload.php'; $v = new Valitron\Validator($array); // Input array from $_POST/$_GET/Custom array $v->rules($rules); $v->labels(array('fname' => 'First Name', 'lname' => 'Last Name', 'phone' => 'Phone Number', 'email' => 'Email address', 'dob' => 'Date of Birth', 'streetAddress' => 'Street Address')); if (!$v->validate()) { foreach ($v->errors() as $field => $messages) { echo implode(', ', $messages) . ". "; } die; } }
$success = true; } $member_id = $user_id; ///////////////////////////////////////////////////////////////////// #/ Process Post if (isset($_POST['email_add'])) { #/ Check Attempts include_once '../includes/check_attempts.php'; //if(check_attempts(7)==false){ //update_attempt_counts(); redirect_me($seo_tag); //} ##/ Validate Fields include_once '../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); $rules = ['required' => [['email_add'], ['screen_name'], ['first_name'], ['last_name'], ['identify_by'], ['country_code'], ['state'], ['zip'], ['city'], ['address_ln_1']], 'lengthMin' => [['screen_name', 5]], 'lengthMax' => [['email_add', 150], ['screen_name', 50], ['first_name', 65], ['middle_name', 20], ['last_name', 50], ['company_name', 100], ['identify_by', 50], ['country_code', 2], ['state', 50], ['zip', 20], ['city', 200], ['address_ln_1', 200], ['address_ln_2', 150], ['phone_number', 20]], 'email' => [['email_add']], 'slug' => [['screen_name']]]; $form_v->labels(array('email_add' => 'Email Address', 'identify_by' => 'Identification', 'country_code' => 'Country')); $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $fv_errors); die(); #- #/ Check if Email Add exists if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { $chk_user = mysql_exec("SELECT email_add FROM users WHERE email_add='{$_POST['email_add']}' and id!='{$user_id}'", 'single'); if (!empty($chk_user)) { $fv_errors[] = array('This Email Address is already used, please try a different one!'); } } #/ Check if screen_name Add exists if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { $chk_user = mysql_exec("SELECT screen_name FROM users WHERE screen_name='{$_POST['screen_name']}' and id!='{$user_id}'", 'single');
include_once '../../includes/check_attempts.php'; #/* if (check_attempts(5, 'CUSA_ADMIN_MSG_GLOBAL') == false) { update_attempt_counts(); redirect_me("{$consts['DOC_ROOT_ADMIN']}logout", true); } #*/ ##/ Validate Fields include_once '../../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); if ($au_id <= 0 || array_key_exists('update_acc_info', $_POST) && $_POST['update_acc_info'] == '1') { $rules = ['required' => [['first_name'], ['last_name'], ['email_add'], ['new_pass']], 'lengthMax' => [['first_name', 60], ['last_name', 60], ['email_add', 100], ['new_pass', 20]], 'lengthMin' => [['new_pass', 7]], 'email' => [['email_add']]]; } else { $rules = ['required' => [['first_name'], ['last_name'], ['email_add']], 'lengthMax' => [['first_name', 60], ['last_name', 60], ['email_add', 100]], 'email' => [['email_add']]]; } $form_v->labels(array('new_pass' => 'Password')); $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $fv_errors); die(); #- ##/ Check if Email Add exists if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { $chk_user = mysql_exec("SELECT email_add FROM admin_users WHERE email_add='{$_POST['email_add']}' and id!='{$au_id}'", 'single'); if (!empty($chk_user)) { $fv_errors[] = array('This Email Address / Login ID is already used, please try a different Login Id!'); } } #- if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { $is_active = (int) @$_POST['is_active'];
Database::get()->query("UPDATE course SET glossary_expand = ?d, glossary_index = ?d WHERE id = ?d" , $expand_glossary, (isset($_POST['index']) ? 1 : 0), $course_id); invalidate_glossary_cache(); $tool_content .= "<div class='alert alert-success'>$langQuotaSuccess</div>"; } if (isset($_POST['submit'])) { if (!isset($_POST['token']) || !validate_csrf_token($_POST['token'])) csrf_token_error(); $v = new Valitron\Validator($_POST); $v->rule('required', array('term', 'definition')); $v->rule('url', array('url')); $v->rule('urlActive', array('url')); $v->labels(array( 'term' => "$langTheField $langGlossaryTerm", 'definition' => "$langTheField $langGlossaryDefinition", 'url' => "$langTheField $langGlossaryUrl" )); if($v->validate()) { if (!isset($_POST['category_id']) || getDirectReference($_POST['category_id']) == 0) { $category_id = NULL; } else { $category_id = intval(getDirectReference($_POST['category_id'])); } if (isset($_POST['url'])) { $url = trim($_POST['url']); if (!empty($url)) { $url = canonicalize_url($url); } } else {
<span class='help-block'>".Session::getError('new_section_title')."</span> </div> </td> <td class='center'> <input class='btn btn-primary' type='submit' name='new_section_submit' value='$langAdd'> </td> </tr>"; } $tool_content .= " </table> </fieldset></form>"; } elseif (isset($_POST['new_section_submit'])) { $v = new Valitron\Validator($_POST); $v->rule('required', array('new_section_title')); $v->labels(array( 'new_section_title' => "$langTheField $langTitle" )); if($v->validate()) { if (isset($_POST['csid'])) { Database::get()->query("UPDATE ebook_section SET public_id = ?s, title = ?s WHERE ebook_id = ?d AND id = ?d" , $_POST['new_section_id'], $_POST['new_section_title'], $ebook_id, $_POST['csid']); } else { Database::get()->query("INSERT INTO ebook_section SET ebook_id = ?d, public_id = ?s, title = ?s" , $ebook_id, $_POST['new_section_id'], $_POST['new_section_title']); } } else { Session::flashPost()->Messages($langFormErrors)->Errors($v->errors());
$param2 = '?' . $param2 . '&'; } else { $param2 = '?'; } $misc_id = (int) getgpcvar("misc_id", "G"); $back_page = "site_misc_data.php"; $cur_page = cur_page(); ///////////////////////////////////////////////////////////////// if (isset($_POST['title'])) { $misc_id = (int) getgpcvar("misc_id", "P"); //die('x'); ##/ Validate Fields include_once '../../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); $rules = ['required' => [['title'], ['m_value'], ['m_cat']], 'lengthMax' => [['title', 250], ['m_cat', 70]]]; $form_v->labels(array('title' => 'Name / Title', 'm_value' => 'Value', 'm_cat' => 'Category')); $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $fv_errors); die(); #- if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { $content_type = @$_POST['content_type']; if ($content_type == 'html') { $m_value = rem_risky_tags($_POST_ori['m_value']); } else { if ($content_type == 'plain') { $m_value = $_POST['m_value']; } } //var_dump($content_type, $m_value); die();
if (!is_array($POST_1) || count($POST_1) <= 0 || !array_key_exists('email_add', $POST_1)) { $fv_errors[] = array('Unable to process your request at this moment! Please try again later.'); } #/ Check & match User Info in DB if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { $chk_user = mysql_exec("SELECT email_add, id FROM users WHERE email_add='{$POST_1['email_add']}'", 'single'); if (empty($chk_user) || !isset($chk_user['id'])) { $fv_errors[] = array('Unable to process your request at this moment! Please try again later.'); } } if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { ##/ Validate Fields include_once '../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); $rules = ['required' => [['screen_name'], ['identify_by'], ['address_ln_1'], ['city'], ['country_code'], ['state'], ['zip']], 'lengthMin' => [['screen_name', 5]], 'lengthMax' => [['screen_name', 50], ['identify_by', 50], ['address_ln_1', 200], ['address_ln_2', 150], ['phone_number', 20], ['city', 200], ['country_code', 2], ['state', 50], ['zip', 20]]]; $form_v->labels(array('identify_by' => 'Identification', 'country_code' => 'Country')); $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $fv_errors); die(); } #- #/ Check if Screen Name Already exists if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { $chk_scr = mysql_exec("SELECT screen_name FROM users WHERE screen_name='{$_POST['screen_name']}'", 'single'); if (!empty($chk_scr)) { $fv_errors[] = array('This Screen Name is already used, please try a different one!'); } } ##/ Process //var_dump("<pre>", $fv_errors, $POST_1, $chk_user); die();
if ($user_select <= 0) { $back_page = "user_payments.php"; } else { $back_page = urldecode($bkr); $param2 = ''; } $cur_page = cur_page(); ///////////////////////////////////////////////////////////////// if ($user_select > 0) { if (isset($_POST['user_select'])) { $user_select = (int) getgpcvar("user_select", "P"); ##/ Validate Fields include_once '../../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); $rules = ['required' => [['invoice'], ['amount'], ['paid_on'], ['payment_status'], ['gateway_name']], 'lengthMax' => [['invoice', 30], ['transaction_id', 150], ['gateway_name', 50], ['gateway_payer_id', 100], ['gateway_msg', 500], ['payment_status', 30]], 'numeric' => [['amount']]]; $form_v->labels(array('paid_on' => 'Payment Date', 'gateway_name' => 'Payment Gateway')); $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $fv_errors); //die(); #- #/ Check if Email Add exists if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { $chk_user = mysql_exec("SELECT invoice FROM user_payments WHERE invoice='{$_POST['invoice']}'", 'single'); if (!empty($chk_user)) { $fv_errors[] = array('This Invoice is already used, please try a different one!'); } } if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { $_POST['amount'] = (double) @$_POST['amount']; if ($up_id > 0) {
} ////////////////////##-- ///////////////////////////////////////////////////////////////////// #/ Process Post if (isset($_POST['email_add'])) { #/ Check Attempts include_once '../includes/check_attempts.php'; if (check_attempts(3) == false) { update_attempt_counts(); redirect_me($seo_tag); } ##/ Validate Fields include_once '../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); $rules = ['required' => [['email_add'], ['pass_w']], 'lengthMax' => [['email_add', 150], ['pass_w', 20]], 'email' => [['email_add']]]; $form_v->labels(array('email_add' => 'Email Address', 'pass_w' => 'Password')); $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $fv_errors); die(); #- ##/ Find User Info if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { include_once '../includes/func_enc.php'; $pass_w = @md5_encrypt($_POST['pass_w']); #/ Match User $sql_1 = "SELECT *, US.id as user_id\n FROM users US\n LEFT JOIN user_info UI ON US.id = UI.user_id\n WHERE email_add='{$_POST['email_add']}' AND pass_w='{$pass_w}'"; //die($sql_1); $chk_usr = @mysql_exec($sql_1, 'single'); if (empty($chk_usr) || !is_array($chk_usr)) { $fv_errors[] = array("Unable to <b>Authenticate</b> your given info! Please try again.<br />- If you dont have an Account setup here yet, please <b>Register</b> for an Account instead.");
/* ]]> */ </script> hContent; $passUrl = $urlServer . 'main/profile/password.php'; $passLocation = 'Location: ' . $passUrl; if (isset($_POST['submit'])) { if (!isset($_POST['token']) || !validate_csrf_token($_POST['token'])) csrf_token_error(); $v = new Valitron\Validator($_POST); $v->rule('required', array('password_form', 'password_form1', 'old_pass')); $v->rule('equals', 'password_form', 'password_form1'); $v->rule('lengthMin', 'password_form', get_config('min_password_len')); $v->labels(array( 'old_pass' => "$langTheField $langOldPass", 'password_form' => "$langTheField $langNewPass1", 'password_form1' => "$langTheField $langNewPass2" )); if($v->validate()) { // all checks ok. Change password! $myrow = Database::get()->querySingle("SELECT password FROM user WHERE id= ?d", $_SESSION['uid']); $hasher = new PasswordHash(8, false); $new_pass = $hasher->HashPassword($_REQUEST['password_form']); if ($hasher->CheckPassword($_REQUEST['old_pass'], $myrow->password)) { Database::get()->query("UPDATE user SET password = ?s WHERE id = ?d", $new_pass, $_SESSION['uid']); Log::record(0, 0, LOG_PROFILE, array('uid' => $_SESSION['uid'], 'pass_change' => 1)); Session::Messages($langPassChanged, 'alert-success');
function submit_grades($grades_id, $grades, $email = false) { global $tool_content, $langGrades, $langWorkWrongInput, $course_id, $course_code, $langFormErrors, $langTheField, $m; $assignment = Database::get()->querySingle("SELECT * FROM assignment WHERE id = ?d", $grades_id); $errors = []; foreach ($grades as $key => $grade) { $v = new Valitron\Validator($grade); $v->addRule('emptyOrNumeric', function($field, $value, array $params) { if(is_numeric($value) || empty($value)) return true; }); $v->rule('emptyOrNumeric', array('grade')); $v->rule('min', array('grade'), 0); $v->rule('max', array('grade'), $assignment->max_grade); $v->labels(array( 'grade' => "$langTheField $m[grade]" )); if(!$v->validate()) { $valitron_errors = $v->errors(); $errors["grade.$key"] = $valitron_errors['grade']; } } if(empty($errors)) { foreach ($grades as $sid => $grade) { $sid = intval($sid); $val = Database::get()->querySingle("SELECT grade from assignment_submit WHERE id = ?d", $sid)->grade; $grade = is_numeric($grade['grade']) ? $grade['grade'] : null; if ($val !== $grade) { if (Database::get()->query("UPDATE assignment_submit SET grade = ?f, grade_submission_date = NOW(), grade_submission_ip = ?s WHERE id = ?d", $grade, $_SERVER['REMOTE_ADDR'], $sid)->affectedRows > 0) { Log::record($course_id, MODULE_ID_ASSIGN, LOG_MODIFY, array('id' => $sid, 'title' => $assignment->title, 'grade' => $grade)); //update gradebook if needed if ($assignment->group_submissions) { $group_id = Database::get()->querySingle("SELECT group_id FROM assignment_submit WHERE id = ?d", $sid)->group_id; $user_ids = Database::get()->queryArray("SELECT user_id FROM group_members WHERE group_id = ?d", $group_id); foreach ($user_ids as $user_id) { update_gradebook_book($user_id, $assignment->id, $grade/$assignment->max_grade, GRADEBOOK_ACTIVITY_ASSIGNMENT); } } else { $quserid = Database::get()->querySingle("SELECT uid FROM assignment_submit WHERE id = ?d", $sid)->uid; update_gradebook_book($quserid, $assignment->id, $grade/$assignment->max_grade, GRADEBOOK_ACTIVITY_ASSIGNMENT); } if ($email) { grade_email_notify($grades_id, $sid, $grade, ''); } Session::Messages($langGrades, 'alert-success'); } } } Session::Messages($langGrades, 'alert-success'); } else { Session::flashPost()->Messages($langFormErrors)->Errors($errors); } redirect_to_home_page("modules/work/index.php?course=$course_code&id=$grades_id"); }
//die('x'); //var_dump($_GET, $url_comp); die(); ///////////////////////////////////////////////////////////////////// #/ Process Post if (isset($_POST['email_add']) && $resend == true) { #/ Check Attempts include_once '../includes/check_attempts.php'; if (check_attempts(3) == false) { update_attempt_counts(); redirect_me($seo_tag); } ##/ Validate Fields include_once '../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); $rules = ['required' => [['email_add'], ['vercode']], 'lengthMax' => [['email_add', 150], ['vercode', 10]], 'email' => [['email_add']]]; $form_v->labels(array('email_add' => 'Email Address', 'secret_question_id' => 'Secret Question', 'vercode' => 'Verification Code')); $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $fv_errors); die(); #- #/ Check Captcha Code if (empty($_SESSION['cap_code']) || empty($_POST['vercode']) || $_SESSION['cap_code'] != $_POST['vercode']) { $fv_errors[] = array('The Verification Code you entered does not match the one given in the image! Please try again.'); } ##/ Find User Info if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { //$_POST['secret_question_id'] = (int)@$_POST['secret_question_id']; $sql_1 = "SELECT * FROM users US\n LEFT JOIN user_info UI ON US.id = UI.user_id\n WHERE US.email_add='{$_POST['email_add']}'\n "; //AND UI.secret_question_id='{$_POST['secret_question_id']}' AND secret_answer='{$_POST['secret_answer']}' $qa_res = mysql_exec($sql_1, 'single');
include_once '../includes/check_attempts.php'; #/* if (check_attempts(2) == false) { if ($_SESSION["au_wrongtry"] >= 4) { redirect_me('logout'); } //additional security update_attempt_counts(); redirect_me($seo_tag); } #*/ ##/ Validate Fields include_once '../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); $rules = ['required' => [['pass_curr'], ['pass_w'], ['c_pass_w'], ['secret_question_id'], ['secret_answer'], ['vercode']], 'lengthMin' => [['pass_curr', 5], ['pass_w', 7], ['c_pass_w', 7]], 'lengthMax' => [['pass_curr', 20], ['pass_w', 20], ['c_pass_w', 20], ['secret_answer', 190], ['vercode', 10]], 'equals' => [['c_pass_w', 'pass_w']]]; $form_v->labels(array('pass_curr' => 'Current Password', 'pass_w' => 'Password', 'c_pass_w' => 'Confirm Password', 'secret_question_id' => 'Secret Question', 'vercode' => 'Verification Code')); $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $fv_errors); die(); #- #/ Check Captcha Code if (empty($_SESSION['cap_code']) || empty($_POST['vercode']) || $_SESSION['cap_code'] != $_POST['vercode']) { $fv_errors[] = array('The Verification Code you entered does not match the one given in the image! Please try again.'); } #/ Check & match current password if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { $_POST['secret_question_id'] = (int) @$_POST['secret_question_id']; $pass_curr = @$_POST['pass_curr']; $pass_curr_w = @md5_encrypt($pass_curr); $sql_p1 = "SELECT u.*\n FROM users u\n LEFT JOIN user_info ui ON u.id = ui.user_id\n\n WHERE u.id='{$user_id}'\n AND u.pass_w='{$pass_curr_w}'\n AND u.email_add='{$user_info['email_add']}'\n AND ui.secret_question_id='{$_POST['secret_question_id']}' AND ui.secret_answer='{$_POST['secret_answer']}'\n ";
* Contact address: GUnet Asynchronous eLearning Group, * Network Operations Center, University of Athens, * Panepistimiopolis Ilissia, 15784, Athens, Greece * e-mail: info@openeclass.org * ======================================================================== */ /** * @file exercise_admin.inc.php * @brief Create new exercise or modify an existing one */ require_once 'modules/search/indexer.class.php'; // the exercise form has been submitted if (isset($_POST['submitExercise'])) { $v = new Valitron\Validator($_POST); $v->rule('required', array('exerciseTitle')); $v->rule('numeric', array('exerciseTimeConstraint', 'exerciseAttemptsAllowed')); $v->labels(array('exerciseTitle' => "{$langTheField} {$langExerciseName}", 'exerciseTimeConstraint' => "{$langTheField} {$langExerciseConstrain}", 'exerciseAttemptsAllowed' => "{$langTheField} {$langExerciseAttemptsAllowed}")); if ($v->validate()) { $exerciseTitle = trim($exerciseTitle); $exerciseDescription = purify($exerciseDescription); $randomQuestions = isset($_POST['questionDrawn']) ? intval($_POST['questionDrawn']) : 0; $objExercise->updateTitle($exerciseTitle); $objExercise->updateDescription($exerciseDescription); $objExercise->updateType($exerciseType); $startDateTime_obj = DateTime::createFromFormat('d-m-Y H:i', $exerciseStartDate); $objExercise->updateStartDate($startDateTime_obj->format('Y-m-d H:i:s')); $endDateTime_obj = DateTime::createFromFormat('d-m-Y H:i', $exerciseEndDate); $objExercise->updateEndDate($endDateTime_obj->format('Y-m-d H:i:s')); $objExercise->updateTempSave($exerciseTempSave); $objExercise->updateTimeConstraint($exerciseTimeConstraint); $objExercise->updateAttemptsAllowed($exerciseAttemptsAllowed); $objExercise->setRandom($randomQuestions);
} function hideFillInChoices(){ $('#fillInBlanksOptions').addClass('hide'); } function updateFillInBlanksAnswerTypeValue(){ $('input[name=answerType]#fill_in_blanks_selector').val($(this).val()); } }); </script> "; // the question form has been submitted if (isset($_POST['submitQuestion'])) { $v = new Valitron\Validator($_POST); $v->rule('required', array('questionName')); $v->labels(array( 'questionName' => "$langTheField $langQuestion" )); if($v->validate()) { $questionName = trim($questionName); $questionDescription = purify($questionDescription); // no name given if (empty($questionName)) { $msgErr = $langGiveQuestion; } if (isset($_GET['modifyQuestion'])) { $objQuestion->read($_GET['modifyQuestion']); } $objQuestion->updateTitle($questionName); $objQuestion->updateDescription($questionDescription); $objQuestion->updateType($answerType); $objQuestion->updateDifficulty($difficulty);
$param2 = '?'; } $u_id = (int) getgpcvar("u_id", "G"); $read_only = (int) getgpcvar("ro", "G"); //$read_only = 1; //testing $back_page = "users.php"; $cur_page = cur_page(); ///////////////////////////////////////////////////////////////// if ($read_only <= 0) { if (isset($_POST['first_name'])) { $u_id = (int) getgpcvar("u_id", "P"); ##/ Validate Fields include_once '../../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); $rules = ['required' => [['package_id'], ['email_add'], ['first_name'], ['last_name'], ['screen_name']], 'lengthMin' => [['screen_name', 5]], 'lengthMax' => [['email_add', 120], ['first_name', 50], ['middle_name', 20], ['last_name', 50], ['company_name', 100], ['screen_name', 50], ['address_ln_1', 200], ['city', 180], ['country_code', 2], ['state', 50], ['zip', 20]], 'email' => [['email_add']], 'slug' => [['screen_name']]]; $form_v->labels(array('package_id' => 'Membership Package', 'email_add' => 'Email Address', 'country_code' => 'Country')); $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $fv_errors); die(); #- #/ Check if Email Add exists if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { $chk_user = mysql_exec("SELECT email_add FROM users WHERE email_add='{$_POST['email_add']}' and id!='{$u_id}'", 'single'); if (!empty($chk_user)) { $fv_errors[] = array('This Email Address is already used, please try a different one!'); } } #/ Check if screen_name Add exists if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { $chk_user = mysql_exec("SELECT screen_name FROM users WHERE screen_name='{$_POST['screen_name']}' and id!='{$u_id}'", 'single');
$self_managed = (int) @$_POST['self_managed']; ##/ Validate Fields include_once '../../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); if ($content_type == 'pdf') { $rules = ['required' => [['title'], ['seo_tag']], 'lengthMax' => [['title', 60], ['seo_tag', 30]], 'slug' => [['seo_tag']]]; } else { if ($content_type == 'html') { if ($self_managed == '1') { $rules = ['required' => [['title'], ['seo_tag'], ['page_heading']], 'lengthMax' => [['title', 60], ['seo_tag', 30], ['page_heading', 150]], 'slug' => [['seo_tag']]]; } else { $rules = ['required' => [['title'], ['seo_tag'], ['page_heading'], ['pg_content']], 'lengthMax' => [['title', 60], ['seo_tag', 30], ['page_heading', 150]], 'slug' => [['seo_tag']]]; } } } $form_v->labels(array('page_heading' => 'Top Heading', 'pg_content' => 'HTML Content')); $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $_FILES, $fv_errors); die(); #- ##/ Check if seo_tag is unique if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { //$chk_user = mysql_exec("SELECT seo_tag FROM site_pages WHERE seo_tag='{$_POST['seo_tag']}' and id!='{$sp_id}'", 'single'); $chk_user = mysql_exec("SELECT seo_tag FROM seo_tags WHERE seo_tag='{$_POST['seo_tag']}' and id!='{$seo_tag_id}'", 'single'); if (!empty($chk_user)) { $fv_errors[] = array('The SEO TAG you entered already exists! Please try a different one.'); } } #- if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) {
* Contact address: GUnet Asynchronous eLearning Group, * Network Operations Center, University of Athens, * Panepistimiopolis Ilissia, 15784, Athens, Greece * e-mail: info@openeclass.org * ======================================================================== */ $require_current_course = TRUE; $require_editor = true; include '../../include/baseTheme.php'; if (isset($_POST['submitCat'])) { $v = new Valitron\Validator($_POST); $v->rule('required', array('questionCatName')); $v->labels(array( 'questionCatName' => "$langTheField $langTitle" )); if($v->validate()) { $q_cat_name = $_POST['questionCatName']; if(isset($_GET['modifyCat'])) { $q_cat_id = $_GET['modifyCat']; Database::get()->query("UPDATE exercise_question_cats SET question_cat_name = ?s " . "WHERE question_cat_id = ?d", $q_cat_name, $q_cat_id); Session::Messages($langEditCatSuccess, 'alert-success'); } else { $PollActive = 1; $q_cat_id = Database::get()->query("INSERT INTO exercise_question_cats (question_cat_name, course_id) VALUES (?s, ?d)", $q_cat_name, $course_id)->lastInsertID; Session::Messages($langNewCatSuccess, 'alert-success'); }
$IPs = explode(',', $value); //matches IPv4/6 and IPv4/6 CIDR ranges foreach ($IPs as $ip){ $valid = isIPv4($ip) || isIPv4cidr($ip) || isIPv6($ip) || isIPv6cidr($ip); if (!$valid) return false; } return true; }, $langIPInvalid); $v->rule('required', array('exerciseTitle')); $v->rule('numeric', array('exerciseTimeConstraint', 'exerciseAttemptsAllowed')); $v->rule('date', array('exerciseEndDate', 'exerciseStartDate')); $v->rule('ipORcidr', array('exerciseIPLock')); $v->labels(array( 'exerciseTitle' => "$langTheField $langExerciseName", 'exerciseTimeConstraint' => "$langTheField $langExerciseConstrain", 'exerciseAttemptsAllowed' => "$langTheField $langExerciseAttemptsAllowed", 'exerciseEndDate' => "$langTheField $langEnd", 'exerciseStartDate' => "$langTheField $langStart", 'exerciseIPLock' => "$langTheField IPs" )); if($v->validate()) { $exerciseTitle = trim($exerciseTitle); $exerciseDescription = purify($exerciseDescription); $randomQuestions = (isset($_POST['questionDrawn'])) ? intval($_POST['questionDrawn']) : 0; $objExercise->updateTitle($exerciseTitle); $objExercise->updateDescription($exerciseDescription); $objExercise->updateType($exerciseType); $objExercise->updateIPLock($_POST['exerciseIPLock']); $objExercise->updatePasswordLock($_POST['exercisePasswordLock']); if (isset($exerciseStartDate) and !empty($exerciseStartDate)) { $startDateTime_obj = DateTime::createFromFormat('d-m-Y H:i', $exerciseStartDate); } else {
//UPDATE/INSERT DB: new activity from exersices, assignments, learning paths elseif(isset($_GET['addCourseActivity'])) { $id = $_GET['addCourseActivity']; $type = intval($_GET['type']); add_attendance_activity($attendance_id, $id, $type); Session::Messages("$langGradebookSucInsert","alert-success"); redirect_to_home_page("modules/attendance/index.php?course=$course_code&attendance_id=$attendance_id"); $display = FALSE; } //UPDATE/INSERT DB: add or edit activity to attendance module (edit concerns and course activities like lps) elseif(isset($_POST['submitAttendanceActivity'])) { $v = new Valitron\Validator($_POST); $v->rule('date', array('date')); $v->labels(array( 'date' => "$langTheField $langGradebookActivityDate2" )); if($v->validate()) { $actTitle = isset($_POST['actTitle']) ? trim($_POST['actTitle']) : ""; $actDesc = purify($_POST['actDesc']); $auto = isset($_POST['auto']) ? $_POST['auto'] : ""; $actDate = !empty($_POST['date']) ? $_POST['date'] : null; $visible = isset($_POST['visible']) ? 1 : 0; if ($_POST['id']) { //update $id = $_POST['id']; Database::get()->query("UPDATE attendance_activities SET `title` = ?s, date = ?t, description = ?s, `auto` = ?d WHERE id = ?d", $actTitle, $actDate, $actDesc, $auto, $id); Session::Messages("$langGradebookEdit", "alert-success"); redirect_to_home_page("modules/attendance/index.php?course=$course_code&attendance_id=$attendance_id");
$pid = intval($_GET['pid']); redirect_to_home_page("modules/questionnaire/admin.php?course={$course_code}&pid={$pid}&modifyPoll=yes"); } else { redirect_to_home_page("modules/questionnaire/admin.php?course={$course_code}&newPoll=yes"); } } } if (isset($_POST['submitQuestion'])) { $v = new Valitron\Validator($_POST); $v->rule('required', array('questionName')); if (isset($_POST['questionScale'])) { $v->rule('required', array('questionScale')); } $v->rule('numeric', array('questionScale')); $v->rule('min', array('questionScale'), 1); $v->labels(array('questionName' => "{$langTheField} {$langQuestion}", 'questionScale' => "{$langTheField} {$langScale}")); if ($v->validate()) { $question_text = $_POST['questionName']; $qtype = $_POST['answerType']; $pid = intval($_GET['pid']); if (isset($_GET['modifyQuestion'])) { $pqid = intval($_GET['modifyQuestion']); $poll = Database::get()->querySingle("SELECT * FROM poll_question WHERE pid = ?d and pqid = ?d", $pid, $pqid); if (!$poll) { redirect_to_home_page("modules/questionnaire/index.php?course={$course_code}"); } Database::get()->query("UPDATE poll_question SET question_text = ?s, qtype = ?d\r\n WHERE pqid = ?d AND pid = ?d", $question_text, $qtype, $pqid, $pid); } else { $max_position = Database::get()->querySingle("SELECT MAX(q_position) AS position FROM poll_question WHERE pid = ?d", $pid)->position; $query_columns = "pid, question_text, qtype, q_position"; $query_values = "?d, ?s, ?d, ?d";
<?php } ?> </table> </div> <?php } } if (!($row = $db->query("SELECT * FROM personalDetails WHERE personID = '" . $_SESSION['logon_id'] . "'")->fetch_assoc())) { require 'logout.php'; } require_once $_SERVER['DOCUMENT_ROOT'] . '/vendor/autoload.php'; // Validate library $v = new Valitron\Validator($row); $v->rules(['required' => [['email'], ['firstName'], ['lastName'], ['DOB'], ['phone'], ['streetAddress'], ['suburb'], ['city'], ['postCode'], ['NZQA']]]); $v->labels(array('fname' => 'First Name', 'lname' => 'Last Name', 'phone' => 'Phone Number', 'email' => 'Email address', 'dob' => 'Date of Birth', 'streetAddress' => 'Street Address')); if (!$v->validate()) { echo " <h3><img src='images/warn.png' style='width:25px;height:25px;vertical-align:middle'/> Before you enrol, you'll need to complete the following information:<br>"; foreach ($v->errors() as $key => $val) { echo $key . "<br>"; } echo "<br>\n\t\t\t Please visit the <a href='portal.php?page=personal'>Personal Details</a> page to fill this in</h3>"; die; } $db->close(); ?> <!-- Check if filled in all information before this point --> <div style="text-align:left;margin:0 auto;"> <h2>Apply to enrol</h2> <form id="enrolqualForm" action="#" method="post" onsubmit="return false" style="width:100%; max-width:300px;min-width:200px;margin:0 auto; "> <div class="select" style="margin-bottom:2%;padding:10px;padding-top:4.7px;padding-bottom:30px;background-color:#fff;border:1px #ccc solid;">
$message = "$langGroupAdded"; } else { Session::flashPost()->Messages($langFormErrors)->Errors($v->errors()); redirect_to_home_page("modules/group/group_creation.php?course=$course_code"); } } elseif (isset($_POST['creation'])) { $v = new Valitron\Validator($_POST); $v->rule('required', array('group_quantity')); $v->rule('numeric', array('group_quantity')); $v->rule('min', array('group_quantity'), 1); $v->rule('required', array('group_max')); $v->rule('numeric', array('group_max')); $v->rule('min', array('group_max'), 1); $v->labels(array( 'group_quantity' => "$langTheField $langNewGroups", 'group_max' => "$langTheField $langNewGroupMembers" )); if($v->validate()) { $group_quantity = intval($_POST['group_quantity']); if (preg_match('/^[0-9]/', $_POST['group_max'])) { $group_max = intval($_POST['group_max']); } else { $group_max = 0; } $group_num = Database::get()->querySingle("SELECT COUNT(*) AS count FROM `group` WHERE course_id = ?d", $course_id)->count; // Create a hidden category for group forums $req = Database::get()->querySingle("SELECT id FROM forum_category WHERE cat_order = -1 AND course_id = ?d", $course_id); if ($req) {
* ======================================================================== */ $require_current_course = TRUE; $require_editor = true; include '../../include/baseTheme.php'; $toolName = $langGradeScales; $pageName = $langGradeScales; $navigation[] = array("url" => "index.php?course=$course_code", "name" => $langWorks); if (isset($_POST['submitScale'])) { $v = new Valitron\Validator($_POST); $v->rule('required', array('title')); $v->labels(array( 'title' => "$langTheField $m[title]", 'max_grade' => "$langTheField $m[max_grade]" )); $scale_id = isset($_POST['grading_scale_id']) ? $_POST['grading_scale_id'] : 0; if($v->validate()) { $title = $_POST['title']; $scales = array(); foreach ($_POST['scale_item_name'] as $key => $item_name) { $scales[$key]['scale_item_name'] = $item_name; $scales[$key]['scale_item_value'] = $_POST['scale_item_value'][$key]; } $serialized_scales = serialize($scales); if ($scale_id) { Database::get()->query("UPDATE grading_scale SET title = ?s, scales = ?s, course_id = ?d WHERE id = ?d", $title, $serialized_scales, $course_id, $_POST['grading_scale_id']); update_assignments_max_grade($scale_id); } else { Database::get()->query("INSERT INTO grading_scale (title, scales, course_id) VALUES (?s, ?s, ?d)", $title, $serialized_scales, $course_id);
array('title' => $langEditCourseProgram, 'url' => "edit.php?course=$course_code", 'icon' => 'fa-plus-circle', 'level' => 'primary-label', 'button-class' => 'btn-success'))) . "</div>"; processActions(); if (isset($_POST['saveCourseDescription'])) { if (!isset($_POST['token']) || !validate_csrf_token($_POST['token'])) csrf_token_error(); $v = new Valitron\Validator($_POST); $v->rule('required', array('editTitle')); //$v->rule('numeric', array('editId')); $v->labels(array( 'editTitle' => "$langTheField $langTitle" )); if($v->validate()) { if (isset($_POST['editId'])) { updateCourseDescription(getDirectReference($_POST['editId']), $_POST['editTitle'], $_POST['editComments'], $_POST['editType']); } else { updateCourseDescription(null, $_POST['editTitle'], $_POST['editComments'], $_POST['editType']); } Session::Messages($langCourseUnitAdded,"alert-success"); redirect_to_home_page("modules/course_description/index.php"); } else { Session::flashPost()->Messages($langFormErrors)->Errors($v->errors()); $edit_id = isset($_POST['editId']) ? "&id=" . urlencode(getIndirectReference(getDirectReference($_POST['editId']))) : ""; redirect_to_home_page("modules/course_description/edit.php?course=$course_code$edit_id"); }
* be useful (without any warranty), under the terms of the GNU (General * Public License) as published by the Free Software Foundation. * The full license can be read in "/info/license/license_gpl.txt". * * Contact address: GUnet Asynchronous eLearning Group, * Network Operations Center, University of Athens, * Panepistimiopolis Ilissia, 15784, Athens, Greece * e-mail: info@openeclass.org * ======================================================================== */ $require_current_course = TRUE; $require_editor = true; include '../../include/baseTheme.php'; if (isset($_POST['submitCat'])) { $v = new Valitron\Validator($_POST); $v->rule('required', array('questionCatName')); $v->labels(array('questionCatName' => "{$langTheField} {$langTitle}")); if ($v->validate()) { $q_cat_name = $_POST['questionCatName']; if (isset($_GET['modifyCat'])) { $q_cat_id = $_GET['modifyCat']; Database::get()->query("UPDATE exercise_question_cats SET question_cat_name = ?s " . "WHERE question_cat_id = ?d", $q_cat_name, $q_cat_id); Session::Messages($langEditCatSuccess, 'alert-success'); } else { $PollActive = 1; $q_cat_id = Database::get()->query("INSERT INTO exercise_question_cats\n (question_cat_name, course_id)\n VALUES (?s, ?d)", $q_cat_name, $course_id)->lastInsertID; Session::Messages($langNewCatSuccess, 'alert-success'); } redirect_to_home_page("modules/exercise/question_categories.php?course={$course_code}"); } else { Session::flashPost()->Messages($langFormErrors)->Errors($v->errors()); if (isset($_GET['modifyCat'])) {
function edit_assignment($id) { global $tool_content, $langBackAssignment, $langEditSuccess, $m, $langTheField, $langEditError, $course_code, $works_url, $course_id, $uid, $workPath, $langFormErrors; $v = new Valitron\Validator($_POST); $v->rule('required', array('title', 'max_grade')); $v->rule('numeric', array('max_grade')); $v->labels(array('title' => "{$langTheField} {$m['title']}", 'max_grade' => "{$langTheField} {$m['max_grade']}")); if ($v->validate()) { $row = Database::get()->querySingle("SELECT * FROM assignment WHERE id = ?d", $id); $title = $_POST['title']; $desc = purify($_POST['desc']); $deadline = trim($_POST['WorkEnd']) == FALSE ? '0000-00-00 00:00' : date('Y-m-d H:i', strtotime($_POST['WorkEnd'])); $late_submission = isset($_POST['late_submission']) && trim($_POST['WorkEnd']) != FALSE ? 1 : 0; $group_submissions = $_POST['group_submissions']; $max_grade = filter_input(INPUT_POST, 'max_grade', FILTER_VALIDATE_FLOAT); $assign_to_specific = filter_input(INPUT_POST, 'assign_to_specific', FILTER_VALIDATE_INT); $assigned_to = filter_input(INPUT_POST, 'ingroup', FILTER_VALIDATE_INT, FILTER_REQUIRE_ARRAY); $auto_judge = filter_input(INPUT_POST, 'auto_judge', FILTER_VALIDATE_INT); $auto_judge_scenarios = serialize($_POST['auto_judge_scenarios']); $lang = filter_input(INPUT_POST, 'lang'); if ($assign_to_specific == 1 && empty($assigned_to)) { $assign_to_specific = 0; } if (!isset($_POST['comments'])) { $comments = ''; } else { $comments = purify($_POST['comments']); } if (!isset($_FILES) || !$_FILES['userfile']['size']) { $_FILES['userfile']['name'] = ''; $_FILES['userfile']['tmp_name'] = ''; $filename = $row->file_path; $file_name = $row->file_name; } else { validateUploadedFile($_FILES['userfile']['name'], 2); if (preg_match('/\\.(ade|adp|bas|bat|chm|cmd|com|cpl|crt|exe|hlp|hta|' . 'inf|ins|isp|jse|lnk|mdb|mde|msc|msi|msp|mst|pcd|pif|reg|scr|sct|shs|' . 'shb|url|vbe|vbs|wsc|wsf|wsh)$/', $_FILES['userfile']['name'])) { $tool_content .= "<p class=\"caution\">{$langUnwantedFiletype}: {$_FILES['userfile']['name']}<br />"; $tool_content .= "<a href=\"{$_SERVER['SCRIPT_NAME']}?course={$course_code}&id={$id}\">{$langBack}</a></p><br />"; return; } $local_name = uid_to_name($uid); $am = Database::get()->querySingle("SELECT am FROM user WHERE id = ?d", $uid)->am; if (!empty($am)) { $local_name .= $am; } $local_name = greek_to_latin($local_name); $local_name = replace_dangerous_char($local_name); $secret = $row->secret_directory; $ext = get_file_extension($_FILES['userfile']['name']); $filename = "{$secret}/{$local_name}" . (empty($ext) ? '' : '.' . $ext); if (move_uploaded_file($_FILES['userfile']['tmp_name'], "{$workPath}/admin_files/{$filename}")) { @chmod("{$workPath}/admin_files/{$filename}", 0644); $file_name = $_FILES['userfile']['name']; } } Database::get()->query("UPDATE assignment SET title = ?s, description = ?s, deadline = ?t, late_submission = ?d, comments = ?s,\n group_submissions = ?d, max_grade = ?d, assign_to_specific = ?d, file_path = ?s, file_name = ?s,\n auto_judge = ?d, auto_judge_scenarios = ?s, lang = ?s WHERE course_id = ?d AND id = ?d", $title, $desc, $deadline, $late_submission, $comments, $group_submissions, $max_grade, $assign_to_specific, $filename, $file_name, $auto_judge, $auto_judge_scenarios, $lang, $course_id, $id); Database::get()->query("DELETE FROM assignment_to_specific WHERE assignment_id = ?d", $id); if ($assign_to_specific && !empty($assigned_to)) { if ($group_submissions == 1) { $column = 'group_id'; $other_column = 'user_id'; } else { $column = 'user_id'; $other_column = 'group_id'; } foreach ($assigned_to as $assignee_id) { Database::get()->query("INSERT INTO assignment_to_specific ({$column}, {$other_column}, assignment_id) VALUES (?d, ?d, ?d)", $assignee_id, 0, $id); } } Log::record($course_id, MODULE_ID_ASSIGN, LOG_MODIFY, array('id' => $id, 'title' => $title, 'description' => $desc, 'deadline' => $deadline, 'group' => $group_submissions)); \Session::Messages($langEditSuccess, 'alert-success'); redirect_to_home_page("modules/work/index.php?course={$course_code}"); } else { // $new_or_modify = isset($_GET['NewExercise']) ? "&NewExercise=Yes" : "&exerciseId=$_GET[exerciseId]&modifyExercise=yes"; Session::flashPost()->Messages($langFormErrors)->Errors($v->errors()); redirect_to_home_page("modules/work/index.php?course={$course_code}&id={$id}&choice=edit"); } }
if (!empty($param2)) { $param2 = '?' . $param2 . '&'; } else { $param2 = '?'; } $conf_id = (int) getgpcvar("conf_id", "G"); $back_page = "system_config.php"; $cur_page = cur_page(); ///////////////////////////////////////////////////////////////// if (isset($_POST['title'])) { $conf_id = (int) getgpcvar("conf_id", "P"); ##/ Validate Fields include_once '../../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); $rules = ['required' => [['title'], ['c_value']], 'lengthMax' => [['title', 100], ['c_value', 50]]]; $form_v->labels(array('title' => 'Title', 'c_value' => 'Value')); $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $fv_errors); die(); #- if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { if ($conf_id > 0) { ###/ Updating Database #/ system_config $sql_tb1 = "UPDATE system_config SET title='{$_POST['title']}', c_value='{$_POST['c_value']}'\n WHERE id='{$conf_id}'"; mysql_exec($sql_tb1, 'save'); #- $_SESSION["CUSA_ADMIN_MSG_GLOBAL"] = array(true, 'The Site data has been successfully Updated'); redirect_me("{$consts['DOC_ROOT_ADMIN']}{$cur_page}{$param2}&conf_id={$conf_id}", true); ////////////////-------
$type = intval($_GET['type']); add_gradebook_activity($gradebook_id, $id, $type); Session::Messages("$langGradebookSucInsert","alert-success"); redirect_to_home_page("modules/gradebook/index.php?course=$course_code&gradebook_id=" . getIndirectReference($gradebook_id)); $display = FALSE; } //UPDATE/INSERT DB: add or edit activity to gradebook module (edit concerns and course activities like lps) elseif(isset($_POST['submitGradebookActivity'])) { $v = new Valitron\Validator($_POST); $v->rule('numeric', array('weight')); $v->rule('min', array('weight'), 0); $v->rule('max', array('weight'), weightleft($gradebook_id, getDirectReference($_POST['id']))); $v->rule('date', array('date')); $v->labels(array( 'weight' => "$langTheField $langGradebookActivityWeight", 'date' => "$langTheField $langGradebookActivityDate2" )); if($v->validate()) { if (!isset($_POST['token']) || !validate_csrf_token($_POST['token'])) csrf_token_error(); $actTitle = isset($_POST['actTitle']) ? trim($_POST['actTitle']) : ''; $actDesc = purify($_POST['actDesc']); $auto = isset($_POST['auto']) ? 1 : 0; $weight = $_POST['weight']; $type = $_POST['activity_type']; $actDate = !empty($_POST['date']) ? $_POST['date'] : NULL; $visible = isset($_POST['visible']) ? 1 : 0; if ($_POST['id']) { //update $id = getDirectReference($_POST['id']); Database::get()->query("UPDATE gradebook_activities SET `title` = ?s, date = ?t, description = ?s,