$course['exemplary_content'] = empty($course['exemplary_content']) ? false : true; $course['teachers'] = $course_teachers; //$course['user_id'] = $teacher_id; $course['wanted_code'] = $course['visual_code']; $course['gradebook_model_id'] = isset($course['gradebook_model_id']) ? $course['gradebook_model_id'] : null; // Fixing category code $course['course_category'] = $course['category_code']; $course_info = CourseManager::create_course($course); header('Location: course_list.php'.($course_info===false?'?action=show_msg&warn='.api_get_last_failure():'')); exit; }*/ // Display the form. $content = $form->return_form(); //echo $content; $em = Container::getEntityManager(); $request = Container::getRequest(); $course = new Course(); $builder = Container::getFormFactory()->createBuilder(new CourseType(), $course); $form = $builder->getForm(); $form->handleRequest($request); if ($form->isValid()) { $course = $form->getData(); $em->persist($course); $em->flush(); Container::addFlash(get_lang('Updated')); $url = Container::getRouter()->generate('main', array('name' => 'admin/course_list.php')); header('Location: ' . $url); exit; } echo Container::getTemplate()->render('ChamiloCoreBundle:Legacy:form.html.twig', array('form' => $form->createView(), 'url' => api_get_self()));
/** * Checks whether the user given as user id is in the admin table. * @param int User ID. If none provided, will use current user * @param int URL ID. If provided, also check if the user is active on given URL * @result bool True if the user is admin, false otherwise */ function api_is_platform_admin_by_id($user_id = null, $url = null) { $user_id = intval($user_id); if (!Container::getSecurity()->isGranted('IS_AUTHENTICATED_FULLY')) { return false; } if (empty($user_id)) { $user = Container::getSecurity()->getToken()->getUser(); } else { $user = Container::getEntityManager()->getRepository('ChamiloUserBundle:User')->find($user_id); } $admin = Container::getEntityManager()->getRepository('ChamiloUserBundle:Group')->findOneBy(array('name' => 'admins')); $is_admin = $user->getGroups()->contains($admin); /* $admin_table = Database::get_main_table(TABLE_MAIN_ADMIN); $sql = "SELECT * FROM $admin_table WHERE user_id = $user_id"; $res = Database::query($sql); $is_admin = Database::num_rows($res) === 1;*/ if (!$is_admin or !isset($url)) { return $is_admin; } $portal = Container::getEntityManager()->getRepository('ChamiloCoreBundle:AccessUrl')->find($url); return $user->getPortals()->contains($portal); /* // We get here only if $url is set $url = intval($url); $url_user_table = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER); $sql = "SELCT * FROM $url_user_table WHERE access_url_id = $url AND user_id = $user_id"; $res = Database::query($sql); $is_on_url = Database::num_rows($res) === 1; return $is_on_url;*/ }
/** * Checks whether the user given as user id is in the admin table. * @param int $user_id. If none provided, will use current user * @param int $url URL ID. If provided, also check if the user is active on given URL * @result bool True if the user is admin, false otherwise */ function api_is_platform_admin_by_id($user_id = null, $url = null) { $user_id = intval($user_id); if (empty($user_id)) { $user_id = api_get_user_id(); } $em = Container::getEntityManager(); $user = $em->getRepository('ChamiloUserBundle:User')->find($user_id); $is_admin = $user->hasRole('ROLE_ADMIN'); if (!$is_admin or !isset($url)) { return $is_admin; } // We get here only if $url is set $url = intval($url); $url_user_table = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER); $sql = "SELECT * FROM {$url_user_table}\n WHERE access_url_id = {$url} AND user_id = {$user_id}"; $res = Database::query($sql); $is_on_url = Database::num_rows($res) === 1; return $is_on_url; }
/** * Get the users to display on the current page (fill the sortable-table) * @param int offset of first user to recover * @param int Number of users to get * @param int Column to sort on * @param string Order (ASC,DESC) * @param bool * @see SortableTable#get_table_data($from) */ function get_user_data($from, $number_of_items, $column, $direction, $get_count = false) { $user_table = Database::get_main_table(TABLE_MAIN_USER); $admin_table = Database::get_main_table(TABLE_MAIN_ADMIN); $select = "SELECT\n u.user_id\t\t\t\tAS col0,\n u.official_code\t\tAS col2,\n\t\t\t\t " . (api_is_western_name_order() ? "u.firstname \t\t\tAS col3,\n u.lastname \t\t\tAS col4," : "u.lastname \t\t\tAS col3,\n u.firstname \t\t\tAS col4,") . "\n u.username\t\t\t\tAS col5,\n u.email\t\t\t\tAS col6,\n u.status\t\t\t\tAS col7,\n u.active\t\t\t\tAS col8,\n u.user_id\t\t\t\tAS col9,\n u.registration_date AS col10,\n u.expiration_date AS exp,\n u.password\n "; if ($get_count) { $select = "SELECT count(u.user_id) as total_rows"; } $sql = "{$select} FROM {$user_table} u "; // adding the filter to see the user's only of the current access_url if ((api_is_platform_admin() || api_is_session_admin()) && api_get_multiple_access_url()) { $access_url_rel_user_table = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER); $sql .= " INNER JOIN {$access_url_rel_user_table} url_rel_user ON (u.user_id=url_rel_user.user_id)"; } if (isset($_GET['keyword_extra_data'])) { $keyword_extra_data = Database::escape_string($_GET['keyword_extra_data']); if (!empty($keyword_extra_data)) { $extra_info = UserManager::get_extra_field_information_by_name($keyword_extra_data); $field_id = $extra_info['id']; $sql .= " INNER JOIN user_field_values ufv ON u.user_id=ufv.user_id AND ufv.field_id={$field_id} "; } } if (isset($_GET['keyword'])) { $keyword = Database::escape_string(trim($_GET['keyword'])); $sql .= " WHERE (u.firstname LIKE '%" . $keyword . "%' OR u.lastname LIKE '%" . $keyword . "%' OR concat(u.firstname,' ',u.lastname) LIKE '%" . $keyword . "%' OR concat(u.lastname,' ',u.firstname) LIKE '%" . $keyword . "%' OR u.username LIKE '%" . $keyword . "%' OR u.official_code LIKE '%" . $keyword . "%' OR u.email LIKE '%" . $keyword . "%' )"; } elseif (isset($_GET['keyword_firstname'])) { $keyword_firstname = Database::escape_string($_GET['keyword_firstname']); $keyword_lastname = Database::escape_string($_GET['keyword_lastname']); $keyword_email = Database::escape_string($_GET['keyword_email']); $keyword_officialcode = Database::escape_string($_GET['keyword_officialcode']); $keyword_username = Database::escape_string($_GET['keyword_username']); $keyword_status = Database::escape_string($_GET['keyword_status']); $query_admin_table = ''; $and_conditions = array(); if ($keyword_status == SESSIONADMIN) { $keyword_status = '%'; $query_admin_table = " , {$admin_table} a "; $and_conditions[] = ' a.user_id = u.user_id '; } if (isset($_GET['keyword_extra_data'])) { if (!empty($_GET['keyword_extra_data']) && !empty($_GET['keyword_extra_data_text'])) { $keyword_extra_data_text = Database::escape_string($_GET['keyword_extra_data_text']); $and_conditions[] = " ufv.field_value LIKE '%" . trim($keyword_extra_data_text) . "%' "; } } $keyword_active = isset($_GET['keyword_active']); $keyword_inactive = isset($_GET['keyword_inactive']); $sql .= $query_admin_table . " WHERE ( "; if (!empty($keyword_firstname)) { $and_conditions[] = "u.firstname LIKE '%" . $keyword_firstname . "%' "; } if (!empty($keyword_lastname)) { $and_conditions[] = "u.lastname LIKE '%" . $keyword_lastname . "%' "; } if (!empty($keyword_username)) { $and_conditions[] = "u.username LIKE '%" . $keyword_username . "%' "; } if (!empty($keyword_email)) { $and_conditions[] = "u.email LIKE '%" . $keyword_email . "%' "; } if (!empty($keyword_officialcode)) { $and_conditions[] = "u.official_code LIKE '%" . $keyword_officialcode . "%' "; } if (!empty($keyword_status)) { $and_conditions[] = "u.status LIKE '" . $keyword_status . "' "; } if ($keyword_active && !$keyword_inactive) { $and_conditions[] = " u.active='1' "; } elseif ($keyword_inactive && !$keyword_active) { $and_conditions[] = " u.active='0' "; } if (!empty($and_conditions)) { $sql .= implode(' AND ', $and_conditions); } $sql .= " ) "; } // adding the filter to see the user's only of the current access_url if ((api_is_platform_admin() || api_is_session_admin()) && api_get_multiple_access_url()) { $sql .= " AND url_rel_user.access_url_id=" . api_get_current_access_url_id(); } $checkPassStrength = isset($_GET['check_easy_passwords']) && $_GET['check_easy_passwords'] == 1 ? true : false; if ($checkPassStrength) { $easyPasswordList = api_get_easy_password_list(); $easyPasswordList = array_map('api_get_encrypted_password', $easyPasswordList); $easyPasswordList = array_map(array('Database', 'escape_string'), $easyPasswordList); $easyPassword = implode("' OR password LIKE '", $easyPasswordList); $sql .= "AND password LIKE '{$easyPassword}' "; } if (!in_array($direction, array('ASC', 'DESC'))) { $direction = 'ASC'; } $column = intval($column); $from = intval($from); $number_of_items = intval($number_of_items); // Returns counts and exits function. if ($get_count) { $res = Database::query($sql); $user = Database::fetch_array($res); return $user['total_rows']; } $sql .= " ORDER BY col{$column} {$direction} "; $sql .= " LIMIT {$from},{$number_of_items}"; $res = Database::query($sql); $users = array(); $t = time(); $adminList = Container::getEntityManager()->getRepository('ChamiloUserBundle:Group')->getAdmins(); $adminListArray = array(); foreach ($adminList as $admin) { $adminListArray[] = $admin->getId(); } $statusName = api_get_status_langvars(); while ($user = Database::fetch_row($res)) { $userId = $user[0]; $userInfo = api_get_user_info($userId); $userEntity = Container::getEntityManager()->getRepository('ChamiloUserBundle:User')->find($userId); $image_path = UserManager::get_user_picture_path_by_id($userId, 'web', false, true); $user_profile = UserManager::get_picture_user($userId, $image_path['file'], 22, USER_IMAGE_SIZE_SMALL, ' width="22" height="22" '); if (!api_is_anonymous()) { $photo = '<center><a href="' . $userInfo['profile_url'] . '" title="' . get_lang('Info') . '"> <img src="' . $user_profile['file'] . '" ' . $user_profile['style'] . ' alt="' . $userInfo['complete_name'] . '" title="' . $userInfo['complete_name'] . '" /></a></center>'; } else { $photo = '<center><img src="' . $user_profile['file'] . '" ' . $user_profile['style'] . ' alt="' . $userInfo['complete_name'] . '" title="' . $userInfo['complete_name'] . '" /></center>'; } if ($user[7] == 1 && $user[10] != '0000-00-00 00:00:00') { // check expiration date $expiration_time = api_convert_sql_date($user[10]); // if expiration date is passed, store a special value for active field if ($expiration_time < $t) { $user[7] = '-1'; } } $current_user_status_label = $user[7]; $user_is_anonymous = false; if ($current_user_status_label == $statusName[ANONYMOUS]) { $user_is_anonymous = true; } //$userEntity->getGroups()->containsKey() // forget about the expiration date field $users[] = array($userId, $photo, $user[1], Display::url($user[2], $userInfo['profile_url']), Display::url($user[3], $userInfo['profile_url']), $user[4], $user[5], $user[6], $user[7], api_get_local_time($user[9]), $userId, 'is_admin' => in_array($userId, $adminListArray), 'is_anonymous' => $user_is_anonymous, 'groups' => $userEntity->getGroups()); } return $users; }