/**
* @param string $name
* @param Request $request
* @return Response
*/
public function classicAction($name, Request $request)
{
// get.
$_GET = $request->query->all();
// post.
$_POST = $request->request->all();
$rootDir = $this->get('kernel')->getRealRootDir();
//$_REQUEST = $request->request->all();
$mainPath = $rootDir . 'main/';
$fileToLoad = $mainPath . $name;
// Setting legacy values inside the container
/** @var Connection $dbConnection */
$dbConnection = $this->container->get('database_connection');
$em = $this->get('kernel')->getContainer()->get('doctrine.orm.entity_manager');
$database = new \Database($dbConnection, array());
$database->setConnection($dbConnection);
$database->setManager($em);
Container::$container = $this->container;
Container::$dataDir = $this->container->get('kernel')->getDataDir();
Container::$courseDir = $this->container->get('kernel')->getDataDir();
//Container::$configDir = $this->container->get('kernel')->getConfigDir();
$this->container->get('twig')->addGlobal('api_get_cidreq', api_get_cidreq());
//$breadcrumb = $this->container->get('chamilo_core.block.breadcrumb');
if (is_file($fileToLoad) && \Security::check_abs_path($fileToLoad, $mainPath)) {
// Files inside /main need this variables to be set
$is_allowed_in_course = api_is_allowed_in_course();
$is_courseAdmin = api_is_course_admin();
$is_platformAdmin = api_is_platform_admin();
$toolNameFromFile = basename(dirname($fileToLoad));
$charset = 'UTF-8';
// Default values
$_course = api_get_course_info();
$_user = api_get_user_info();
$debug = $this->container->get('kernel')->getEnvironment() == 'dev' ? true : false;
// Loading file
ob_start();
require_once $fileToLoad;
$out = ob_get_contents();
ob_end_clean();
// No browser cache when executing an exercise.
if ($name == 'exercice/exercise_submit.php') {
$responseHeaders = array('cache-control' => 'no-store, no-cache, must-revalidate');
}
$js = isset($htmlHeadXtra) ? $htmlHeadXtra : array();
// $interbreadcrumb is loaded in the require_once file.
$interbreadcrumb = isset($interbreadcrumb) ? $interbreadcrumb : null;
$template = Container::$legacyTemplate;
$defaultLayout = 'layout_one_col.html.twig';
if (!empty($template)) {
$defaultLayout = $template;
}
return $this->render('ChamiloCoreBundle::' . $defaultLayout, array('legacy_breadcrumb' => $interbreadcrumb, 'content' => $out, 'js' => $js));
} else {
// Found does not exist
throw new NotFoundHttpException();
}
}
* @author Thomas Depraetere, Hugues Peeters, Christophe Gesche: initial versions
* @author Bert Vanderkimpen, improved self-unsubscribe for cvs
* @author Patrick Cool, show group comment under the group name
* @author Roan Embrechts, initial self-unsubscribe code, code cleaning, virtual course support
* @author Bart Mollet, code cleaning, use of Display-library, list of courseAdmin-tools, use of GroupManager
* @package chamilo.group
*/
//require_once '../inc/global.inc.php';
$this_section = SECTION_COURSES;
$current_course_tool = TOOL_GROUP;
// Notice for unauthorized people.
api_protect_course_script(true);
$nameTools = get_lang('GroupOverview');
$courseId = api_get_course_int_id();
$courseInfo = api_get_course_info();
$is_allowed_in_course = api_is_allowed_in_course();
$keyword = isset($_GET['keyword']) ? $_GET['keyword'] : null;
if (isset($_GET['action'])) {
switch ($_GET['action']) {
case 'export_all':
$data = GroupManager::exportCategoriesAndGroupsToArray(null, true);
Export::arrayToCsv($data);
exit;
break;
case 'export_pdf':
$content = GroupManager::getOverview($courseId, $keyword);
$pdf = new PDF();
$extra = '<div style="text-align:center"><h2>' . get_lang('GroupList') . '</h2></div>';
$extra .= '<strong>' . get_lang('Course') . ': </strong>' . $courseInfo['title'] . ' (' . $courseInfo['code'] . ')';
$content = $extra . $content;
$pdf->content_to_pdf($content, null, null, api_get_course_id());
/**
* Function used to protect a course script.
* The function blocks access when
* - there is no $_SESSION["_course"] defined; or
* - $is_allowed_in_course is set to false (this depends on the course
* visibility and user status).
*
* This is only the first proposal, test and improve!
* @param boolean Option to print headers when displaying error message. Default: false
* @param boolean Whether session admins should be allowed or not.
* @return boolean True if the user has access to the current course or is out of a course context, false otherwise
* @todo replace global variable
* @author Roan Embrechts
*/
function api_protect_course_script($print_headers = false, $allow_session_admins = false, $allow_drh = false)
{
$is_allowed_in_course = api_is_allowed_in_course();
$is_visible = false;
$course_info = api_get_course_info();
if (empty($course_info)) {
api_not_allowed($print_headers);
return false;
}
if (api_is_drh()) {
return true;
}
if (api_is_platform_admin($allow_session_admins)) {
return true;
}
if (isset($course_info) && isset($course_info['visibility'])) {
switch ($course_info['visibility']) {
default:
case COURSE_VISIBILITY_CLOSED:
// Completely closed: the course is only accessible to the teachers. - 0
if (api_get_user_id() && !api_is_anonymous() && $is_allowed_in_course) {
$is_visible = true;
}
break;
case COURSE_VISIBILITY_REGISTERED:
// Private - access authorized to course members only - 1
if (api_get_user_id() && !api_is_anonymous() && $is_allowed_in_course) {
$is_visible = true;
}
break;
case COURSE_VISIBILITY_OPEN_PLATFORM:
// Open - access allowed for users registered on the platform - 2
if (api_get_user_id() && !api_is_anonymous() && $is_allowed_in_course) {
$is_visible = true;
}
break;
case COURSE_VISIBILITY_OPEN_WORLD:
//Open - access allowed for the whole world - 3
$is_visible = true;
break;
case COURSE_VISIBILITY_HIDDEN:
//Completely closed: the course is only accessible to the teachers. - 0
if (api_is_platform_admin()) {
$is_visible = true;
}
break;
}
//If password is set and user is not registered to the course then the course is not visible
if ($is_allowed_in_course == false & isset($course_info['registration_code']) && !empty($course_info['registration_code'])) {
$is_visible = false;
}
}
//Check session visibility
$session_id = api_get_session_id();
if (!empty($session_id)) {
//$is_allowed_in_course was set in local.inc.php
if (!$is_allowed_in_course) {
$is_visible = false;
}
}
if (!$is_visible) {
api_not_allowed($print_headers);
return false;
}
return true;
}
/**
* Return true if the documentpath have visibility=1 as
* item_property (you should use the is_visible_by_id)
*
* @param string $document_path the relative complete path of the document
* @param array $course the _course array info of the document's course
* @param int
* @param string
* @return bool
*/
public static function is_visible($doc_path, $course, $session_id = 0, $file_type = 'file')
{
$docTable = Database::get_course_table(TABLE_DOCUMENT);
$propTable = Database::get_course_table(TABLE_ITEM_PROPERTY);
$course_id = $course['real_id'];
//note the extra / at the end of doc_path to match every path in the document table that is part of the document path
$session_id = intval($session_id);
$condition = "AND d.session_id IN ('{$session_id}', '0') ";
// The " d.filetype='file' " let the user see a file even if the folder is hidden see #2198
/*
When using hotpotatoes files, a new html files are generated
in the hotpotatoes folder to display the test.
The genuine html file is copied to math4.htm(user_id).t.html
Images files are not copied, and keep same name.
To check the html file visibility, we don't have to check file math4.htm(user_id).t.html but file math4.htm
In this case, we have to remove (user_id).t.html to check the visibility of the file
For images, we just check the path of the image file.
Exemple of hotpotatoes folder :
A.jpg
maths4-consigne.jpg
maths4.htm
maths4.htm1.t.html
maths4.htm52.t.html
maths4.htm654.t.html
omega.jpg
theta.jpg
*/
if (strpos($doc_path, 'HotPotatoes_files') && preg_match("/\\.t\\.html\$/", $doc_path)) {
$doc_path = substr($doc_path, 0, strlen($doc_path) - 7 - strlen(api_get_user_id()));
}
if (!in_array($file_type, array('file', 'folder'))) {
$file_type = 'file';
}
$sql = "SELECT visibility\n FROM {$docTable} d\n INNER JOIN {$propTable} ip\n ON (d.id = ip.ref AND d.c_id = {$course_id} AND ip.c_id = {$course_id})\n \t\tWHERE\n \t\t ip.tool = '" . TOOL_DOCUMENT . "' {$condition} AND\n \t\t\tfiletype = '{$file_type}' AND\n \t\t\tlocate(concat(path,'/'), '" . Database::escape_string($doc_path . '/') . "')=1\n ";
$result = Database::query($sql);
$is_visible = false;
if (Database::num_rows($result) > 0) {
$row = Database::fetch_array($result, 'ASSOC');
if ($row['visibility'] == 1) {
$is_visible = api_is_allowed_in_course() || api_is_platform_admin();
}
}
/* improved protection of documents viewable directly through the url:
incorporates the same protections of the course at the url of
documents:
access allowed for the whole world Open, access allowed for
users registered on the platform Private access, document accessible
only to course members (see the Users list), Completely closed;
the document is only accessible to the course admin and
teaching assistants.*/
//return $_SESSION ['is_allowed_in_course'] || api_is_platform_admin();
return $is_visible;
}
/**
* This function displays a wiki entry
* @author Patrick Cool <*****@*****.**>, Ghent University
* @author Juan Carlos RaƱa Trabado
* @param string $newtitle
* @return string html code
**/
public function display_wiki_entry($newtitle)
{
$tbl_wiki = $this->tbl_wiki;
$tbl_wiki_conf = $this->tbl_wiki_conf;
$condition_session = $this->condition_session;
$groupfilter = $this->groupfilter;
$page = $this->page;
$session_id = api_get_session_id();
$course_id = api_get_course_int_id();
if ($newtitle) {
$pageMIX = $newtitle;
//display the page after it is created
} else {
$pageMIX = $page;
//display current page
}
$filter = null;
if (isset($_GET['view']) && $_GET['view']) {
$_clean['view'] = Database::escape_string($_GET['view']);
$filter = ' AND w.id="' . $_clean['view'] . '"';
}
// First, check page visibility in the first page version
$sql = 'SELECT * FROM ' . $tbl_wiki . '
WHERE
c_id = ' . $course_id . ' AND
reflink="' . Database::escape_string($pageMIX) . '" AND
' . $groupfilter . $condition_session . '
ORDER BY id ASC';
$result = Database::query($sql);
$row = Database::fetch_array($result, 'ASSOC');
$KeyVisibility = $row['visibility'];
// second, show the last version
$sql = 'SELECT * FROM ' . $tbl_wiki . ' w
INNER JOIN ' . $tbl_wiki_conf . ' wc
ON (wc.page_id = w.page_id AND wc.c_id = w.c_id)
WHERE
w.c_id = ' . $course_id . ' AND
w.reflink = "' . Database::escape_string($pageMIX) . '" AND
w.session_id = ' . $session_id . ' AND
w.' . $groupfilter . ' ' . $filter . '
ORDER BY id DESC';
$result = Database::query($sql);
// we do not need a while loop since we are always displaying the last version
$row = Database::fetch_array($result, 'ASSOC');
//log users access to wiki (page_id)
if (!empty($row['page_id'])) {
Event::addEvent(LOG_WIKI_ACCESS, LOG_WIKI_PAGE_ID, $row['page_id']);
}
//update visits
if ($row['id']) {
$sql = 'UPDATE ' . $tbl_wiki . ' SET hits=(hits+1)
WHERE c_id = ' . $course_id . ' AND id=' . $row['id'] . '';
Database::query($sql);
}
// if both are empty and we are displaying the index page then we display the default text.
if ($row['content'] == '' && $row['title'] == '' && $page == 'index') {
if (api_is_allowed_to_edit(false, true) || api_is_platform_admin() || GroupManager::is_user_in_group(api_get_user_id(), api_get_group_id())) {
//Table structure for better export to pdf
$default_table_for_content_Start = '<table align="center" border="0"><tr><td align="center">';
$default_table_for_content_End = '</td></tr></table>';
$content = $default_table_for_content_Start . sprintf(get_lang('DefaultContent'), api_get_path(WEB_IMG_PATH)) . $default_table_for_content_End;
$title = get_lang('DefaultTitle');
} else {
return self::setMessage(Display::display_normal_message(get_lang('WikiStandBy'), false, true));
}
} else {
$content = Security::remove_XSS($row['content']);
$title = Security::remove_XSS($row['title']);
}
//assignment mode: identify page type
$icon_assignment = null;
if ($row['assignment'] == 1) {
$icon_assignment = Display::return_icon('wiki_assignment.png', get_lang('AssignmentDescExtra'), '', ICON_SIZE_SMALL);
} elseif ($row['assignment'] == 2) {
$icon_assignment = Display::return_icon('wiki_work.png', get_lang('AssignmentWork'), '', ICON_SIZE_SMALL);
}
//task mode
$icon_task = null;
if (!empty($row['task'])) {
$icon_task = Display::return_icon('wiki_task.png', get_lang('StandardTask'), '', ICON_SIZE_SMALL);
}
// Show page. Show page to all users if isn't hide page. Mode assignments: if student is the author, can view
if ($KeyVisibility == "1" || api_is_allowed_to_edit(false, true) || api_is_platform_admin() || $row['assignment'] == 2 && $KeyVisibility == "0" && api_get_user_id() == $row['user_id']) {
$actionsLeft = '';
// menu edit page
$editLink = '<a href="index.php?' . api_get_cidreq() . '&action=edit&title=' . api_htmlentities(urlencode($page)) . '"' . self::is_active_navigation_tab('edit') . '>' . Display::return_icon('edit.png', get_lang('EditThisPage'), '', ICON_SIZE_MEDIUM) . '</a>';
if (api_is_allowed_to_edit(false, true)) {
$actionsLeft .= $editLink;
} else {
if ((api_is_allowed_in_course() || GroupManager::is_user_in_group(api_get_user_id(), api_get_group_id())) && $page != 'index') {
$actionsLeft .= $editLink;
} else {
$actionsLeft .= '';
}
}
$actionsRight = '';
$protect_page = null;
$lock_unlock_protect = null;
// page action: protecting (locking) the page
if (api_is_allowed_to_edit(false, true) || api_is_platform_admin()) {
if (self::check_protect_page() == 1) {
$protect_page = Display::return_icon('lock.png', get_lang('PageLockedExtra'), '', ICON_SIZE_MEDIUM);
$lock_unlock_protect = 'unlock';
} else {
$protect_page = Display::return_icon('unlock.png', get_lang('PageUnlockedExtra'), '', ICON_SIZE_MEDIUM);
$lock_unlock_protect = 'lock';
}
}
if ($row['id']) {
$actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=showpage&actionpage=' . $lock_unlock_protect . '&title=' . api_htmlentities(urlencode($page)) . '">' . $protect_page . '</a>';
}
$visibility_page = null;
$lock_unlock_visibility = null;
//page action: visibility
if (api_is_allowed_to_edit(false, true) || api_is_platform_admin()) {
if (self::check_visibility_page() == 1) {
$visibility_page = Display::return_icon('visible.png', get_lang('ShowPageExtra'), '', ICON_SIZE_MEDIUM);
$lock_unlock_visibility = 'invisible';
} else {
$visibility_page = Display::return_icon('invisible.png', get_lang('HidePageExtra'), '', ICON_SIZE_MEDIUM);
$lock_unlock_visibility = 'visible';
}
}
if ($row['id']) {
$actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=showpage&actionpage=' . $lock_unlock_visibility . '&title=' . api_htmlentities(urlencode($page)) . '">' . $visibility_page . '</a>';
}
//page action: notification
if (api_is_allowed_to_session_edit()) {
if (self::check_notify_page($page) == 1) {
$notify_page = Display::return_icon('messagebox_info.png', get_lang('NotifyByEmail'), '', ICON_SIZE_MEDIUM);
$lock_unlock_notify_page = 'unlocknotify';
} else {
$notify_page = Display::return_icon('mail.png', get_lang('CancelNotifyByEmail'), '', ICON_SIZE_MEDIUM);
$lock_unlock_notify_page = 'locknotify';
}
}
// Only available if row['id'] is set
if ($row['id']) {
if (api_is_allowed_to_session_edit(false, true) && api_is_allowed_to_edit() || GroupManager::is_user_in_group(api_get_user_id(), api_get_group_id())) {
// menu discuss page
$actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=discuss&title=' . api_htmlentities(urlencode($page)) . '" ' . self::is_active_navigation_tab('discuss') . '>' . Display::return_icon('discuss.png', get_lang('DiscussThisPage'), '', ICON_SIZE_MEDIUM) . '</a>';
}
//menu history
$actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=history&title=' . api_htmlentities(urlencode($page)) . '" ' . self::is_active_navigation_tab('history') . '>' . Display::return_icon('history.png', get_lang('ShowPageHistory'), '', ICON_SIZE_MEDIUM) . '</a>';
//menu linkspages
$actionsRight .= '<a href="index.php?' . api_get_cidreq() . 'action=links&title=' . api_htmlentities(urlencode($page)) . '" ' . self::is_active_navigation_tab('links') . '>' . Display::return_icon('what_link_here.png', get_lang('LinksPages'), '', ICON_SIZE_MEDIUM) . '</a>';
//menu delete wikipage
if (api_is_allowed_to_edit(false, true) || api_is_platform_admin()) {
$actionsRight .= '<a href="index.php?action=delete&' . api_get_cidreq() . '&title=' . api_htmlentities(urlencode($page)) . '"' . self::is_active_navigation_tab('delete') . '>' . Display::return_icon('delete.png', get_lang('DeleteThisPage'), '', ICON_SIZE_MEDIUM) . '</a>';
}
$actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=showpage&actionpage=' . $lock_unlock_notify_page . '&title=' . api_htmlentities(urlencode($page)) . '">' . $notify_page . '</a>';
// Page action: copy last version to doc area
if (api_is_allowed_to_edit(false, true) || api_is_platform_admin()) {
$actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=export2doc&wiki_id=' . $row['id'] . '">' . Display::return_icon('export_to_documents.png', get_lang('ExportToDocArea'), '', ICON_SIZE_MEDIUM) . '</a>';
}
$actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=export_to_pdf&wiki_id=' . $row['id'] . '">' . Display::return_icon('pdf.png', get_lang('ExportToPDF'), '', ICON_SIZE_MEDIUM) . '</a>';
$unoconv = api_get_configuration_value('unoconv.binaries');
if ($unoconv) {
$actionsRight .= '<a href="' . api_get_path(WEB_CODE_PATH) . 'wiki/index.php?action=export_to_doc_file&id=' . $row['id'] . '&' . api_get_cidreq() . '">' . Display::return_icon('export_doc.png', get_lang('ExportToDoc'), array(), ICON_SIZE_MEDIUM) . '</a>';
}
//export to print
?>
<script>
function goprint() {
var a = window.open('','','width=800,height=600');
a.document.open("text/html");
a.document.write(document.getElementById('wikicontent').innerHTML);
a.document.close();
a.print();
}
</script>
<?php
$actionsRight .= Display::url(Display::return_icon('printer.png', get_lang('Print'), '', ICON_SIZE_MEDIUM), '#', array('onclick' => "javascript: goprint();"));
}
echo Display::toolbarAction('toolbar-wikistudent', array(0 => $actionsLeft, 1 => $actionsRight));
if (empty($title)) {
$pageTitle = get_lang('DefaultTitle');
}
if (self::wiki_exist($title)) {
$pageTitle = $icon_assignment . ' ' . $icon_task . ' ' . api_htmlentities($title);
} else {
$pageTitle = api_htmlentities($title);
}
$pageWiki = self::make_wiki_link_clickable(self::detect_external_link(self::detect_anchor_link(self::detect_mail_link(self::detect_ftp_link(self::detect_irc_link(self::detect_news_link($content)))))));
$footerWiki = '<div id="wikifooter">' . get_lang('Progress') . ': ' . $row['progress'] * 10 . '% ' . get_lang('Rating') . ': ' . $row['score'] . ' ' . get_lang('Words') . ': ' . self::word_count($content) . '</div>';
echo Display::panel($pageWiki, $pageTitle, $footerWiki);
}
//end filter visibility
}
