/**
* Common tasks for all actions
*
* @param String $action Called action
* @param Array $args Possible arguments
*/
public function before_filter(&$action, &$args)
{
parent::before_filter($action, $args);
if (!$GLOBALS['perm']->have_perm('admin')) {
throw new AccessDeniedException();
}
Navigation::activateItem('/browse/my_courses/list');
// we are defintely not in an lecture or institute
closeObject();
//delete all temporary permission changes
if (is_array($_SESSION)) {
foreach (array_keys($_SESSION) as $key) {
if (strpos($key, 'seminar_change_view_') !== false) {
unset($_SESSION[$key]);
}
}
}
$this->insts = Institute::getMyInstitutes($GLOBALS['user']->id);
if (empty($this->insts) && !$GLOBALS['perm']->have_perm('root')) {
PageLayout::postMessage(MessageBox::error(_('Sie wurden noch keiner Einrichtung zugeordnet')));
}
if (!$GLOBALS['user']->cfg->MY_INSTITUTES_DEFAULT) {
$GLOBALS['user']->cfg->store('MY_INSTITUTES_DEFAULT', $this->insts[0]['Institut_id']);
}
// Semester selection
if ($GLOBALS['user']->cfg->MY_COURSES_SELECTED_CYCLE) {
$this->semester = Semester::find($GLOBALS['user']->cfg->MY_COURSES_SELECTED_CYCLE);
}
if (Request::submitted("search") || Request::get("reset-search")) {
$GLOBALS['user']->cfg->store('ADMIN_COURSES_SEARCHTEXT', Request::get("search"));
}
if (Request::submitted("teacher_filter")) {
$GLOBALS['user']->cfg->store('ADMIN_COURSES_TEACHERFILTER', Request::option("teacher_filter"));
}
PageLayout::setHelpKeyword("Basis.Veranstaltungen");
PageLayout::setTitle(_("Verwaltung von Veranstaltungen und Einrichtungen"));
Sidebar::Get()->setTitle(_('Veranstaltungsadministration'));
PageLayout::addSqueezePackage('raumzeit');
// Add admission functions.
PageLayout::addSqueezePackage('admission');
}
<?php
# Lifter002: TEST
# Lifter007: TEST
/**
* admin_search_form.inc.php - Suche fuer die Verwaltungsseiten von Stud.IP.
*
* @author Stefan Suchi <*****@*****.**>
* @author Ralf Stockmann <*****@*****.**>
* @author Cornelis Kater <*****@*****.**>
* @copyright 2001
* @license GPL2 or any later version
*/
if (!Institute::findCurrent()) {
$template = $GLOBALS['template_factory']->open('admin/institute_search.php');
$template->set_layout('layouts/base.php');
$template->institutes = Institute::getMyInstitutes($GLOBALS['user']->id);
echo $template->render();
page_close();
die;
}
/**
* Zeigt die Grunddaten an. Man beachte, dass eventuell zuvor eine andere
* Action wie Set ausgeführt wurde, von der hierher weitergeleitet worden ist.
* Wichtige Daten dazu wurden dann über $this->flash übertragen.
*
* @param md5 $course_id
*/
public function view_action($course_id = null)
{
global $user, $perm, $_fullname_sql;
$deputies_enabled = get_config('DEPUTIES_ENABLE');
//damit QuickSearch funktioniert:
Request::set('new_doz_parameter', $this->flash['new_doz_parameter']);
if ($deputies_enabled) {
Request::set('new_dep_parameter', $this->flash['new_dep_parameter']);
}
Request::set('new_tut_parameter', $this->flash['new_tut_parameter']);
$this->course_id = Request::option('cid', $course_id);
Navigation::activateItem('/course/admin/details');
//Berechtigungscheck:
if (!$perm->have_studip_perm("tutor", $this->course_id)) {
throw new AccessDeniedException(_("Sie haben keine Berechtigung diese " . "Veranstaltung zu verändern."));
}
//Kopf initialisieren:
PageLayout::setHelpKeyword("Basis.VeranstaltungenVerwaltenGrunddaten");
PageLayout::setTitle(_("Verwaltung der Grunddaten"));
if ($this->course_id) {
PageLayout::setTitle(Course::find($this->course_id)->getFullname() . " - " . PageLayout::getTitle());
}
//Daten sammeln:
$sem = Seminar::getInstance($this->course_id);
$data = $sem->getData();
//Erster Reiter des Akkordions: Grundeinstellungen
$this->attributes = array();
$this->attributes[] = array('title' => _("Name der Veranstaltung"), 'name' => "course_name", 'must' => true, 'type' => 'text', 'value' => $data['name'], 'locked' => LockRules::Check($this->course_id, 'Name'));
$this->attributes[] = array('title' => _("Untertitel der Veranstaltung"), 'name' => "course_subtitle", 'type' => 'text', 'value' => $data['subtitle'], 'locked' => LockRules::Check($this->course_id, 'Untertitel'));
$sem_types = array();
if ($perm->have_perm("admin")) {
foreach (SemClass::getClasses() as $sc) {
foreach ($sc->getSemTypes() as $st) {
if (!$sc['course_creation_forbidden']) {
$sem_types[$st['id']] = $st['name'] . ' (' . $sc['name'] . ')';
}
}
}
} else {
$sc = $sem->getSemClass();
foreach ($sc->getSemTypes() as $st) {
$sem_types[$st['id']] = $st['name'] . ' (' . $sc['name'] . ')';
}
}
if (!isset($sem_types[$data['status']])) {
$sem_types[$data['status']] = $sem->getSemType()->offsetGet('name');
}
$this->attributes[] = array('title' => _("Typ der Veranstaltung"), 'name' => "course_status", 'must' => true, 'type' => 'select', 'value' => $data['status'], 'locked' => LockRules::Check($this->course_id, 'status'), 'choices' => array_map('htmlReady', $sem_types));
$this->attributes[] = array('title' => _("Art der Veranstaltung"), 'name' => "course_form", 'type' => 'text', 'value' => $data['form'], 'locked' => LockRules::Check($this->course_id, 'art'));
$this->attributes[] = array('title' => _("Veranstaltungs-Nummer"), 'name' => "course_seminar_number", 'type' => 'text', 'value' => $data['seminar_number'], 'locked' => LockRules::Check($this->course_id, 'VeranstaltungsNummer'));
$this->attributes[] = array('title' => _("ECTS-Punkte"), 'name' => "course_ects", 'type' => 'text', 'value' => $data['ects'], 'locked' => LockRules::Check($this->course_id, 'ects'));
$this->attributes[] = array('title' => _("max. Teilnehmerzahl"), 'name' => "course_admission_turnout", 'must' => false, 'type' => 'number', 'value' => $data['admission_turnout'], 'locked' => LockRules::Check($this->course_id, 'admission_turnout'), 'min' => '0');
$this->attributes[] = array('title' => _("Beschreibung"), 'name' => "course_description", 'type' => 'textarea', 'value' => $data['description'], 'locked' => LockRules::Check($this->course_id, 'Beschreibung'));
//Zweiter Reiter: Institute
$this->institutional = array();
$institute = Institute::getMyInstitutes();
$choices = array();
foreach ($institute as $inst) {
//$choices[$inst['Institut_id']] = $inst['Name'];
$choices[$inst['Institut_id']] = ($inst['is_fak'] ? "<span style=\"font-weight: bold\">" : " ") . htmlReady($inst['Name']) . ($inst['is_fak'] ? "</span>" : "");
}
$this->institutional[] = array('title' => _("Heimat-Einrichtung"), 'name' => "course_institut_id", 'must' => true, 'type' => 'select', 'value' => $data['institut_id'], 'choices' => $choices, 'locked' => LockRules::Check($this->course_id, 'Institut_id'));
$institute = Institute::getInstitutes();
$choices = array();
foreach ($institute as $inst) {
$choices[$inst['Institut_id']] = ($inst['is_fak'] ? "<span style=\"font-weight: bold\">" : " ") . htmlReady($inst['Name']) . ($inst['is_fak'] ? "</span>" : "");
}
$sem_institutes = $sem->getInstitutes();
$inst = array_flip($sem_institutes);
unset($inst[$sem->institut_id]);
$inst = array_flip($inst);
$this->institutional[] = array('title' => _("beteiligte Einrichtungen"), 'name' => "related_institutes[]", 'type' => 'multiselect', 'value' => $inst, 'choices' => $choices, 'locked' => LockRules::Check($this->course_id, 'seminar_inst'));
$this->dozent_is_locked = LockRules::Check($this->course_id, 'dozent');
$this->tutor_is_locked = LockRules::Check($this->course_id, 'tutor');
//Dritter Reiter: Personal
$this->dozenten = $sem->getMembers('dozent');
$instUsers = new SimpleCollection(InstituteMember::findByInstituteAndStatus($sem->getInstitutId(), 'dozent'));
$this->lecturersOfInstitute = $instUsers->pluck('user_id');
if (SeminarCategories::getByTypeId($sem->status)->only_inst_user) {
$search_template = "user_inst_not_already_in_sem";
} else {
$search_template = "user_not_already_in_sem";
}
$this->dozentUserSearch = new PermissionSearch($search_template, sprintf(_("%s suchen"), get_title_for_status('dozent', 1, $sem->status)), "user_id", array('permission' => 'dozent', 'seminar_id' => $this->course_id, 'sem_perm' => 'dozent', 'institute' => $sem_institutes));
$this->dozenten_title = get_title_for_status('dozent', 1, $sem->status);
$this->deputies_enabled = $deputies_enabled;
if ($this->deputies_enabled) {
$this->deputies = getDeputies($this->course_id);
$this->deputySearch = new PermissionSearch("user_not_already_in_sem_or_deputy", sprintf(_("%s suchen"), get_title_for_status('deputy', 1, $sem->status)), "user_id", array('permission' => getValidDeputyPerms(), 'seminar_id' => $this->course_id));
$this->deputy_title = get_title_for_status('deputy', 1, $sem->status);
}
$this->tutoren = $sem->getMembers('tutor');
$this->tutorUserSearch = new PermissionSearch($search_template, sprintf(_("%s suchen"), get_title_for_status('tutor', 1, $sem->status)), "user_id", array('permission' => array('dozent', 'tutor'), 'seminar_id' => $this->course_id, 'sem_perm' => array('dozent', 'tutor'), 'institute' => $sem_institutes));
$this->tutor_title = get_title_for_status('tutor', 1, $sem->status);
$instUsers = new SimpleCollection(InstituteMember::findByInstituteAndStatus($sem->getInstitutId(), 'tutor'));
$this->tutorsOfInstitute = $instUsers->pluck('user_id');
unset($instUsers);
//Vierter Reiter: Beschreibungen (darunter Datenfelder)
$this->descriptions[] = array('title' => _("Teilnehmde"), 'name' => "course_participants", 'type' => 'textarea', 'value' => $data['participants'], 'locked' => LockRules::Check($this->course_id, 'teilnehmer'));
$this->descriptions[] = array('title' => _("Voraussetzungen"), 'name' => "course_requirements", 'type' => 'textarea', 'value' => $data['requirements'], 'locked' => LockRules::Check($this->course_id, 'voraussetzungen'));
$this->descriptions[] = array('title' => _("Lernorganisation"), 'name' => "course_orga", 'type' => 'textarea', 'value' => $data['orga'], 'locked' => LockRules::Check($this->course_id, 'lernorga'));
$this->descriptions[] = array('title' => _("Leistungsnachweis"), 'name' => "course_leistungsnachweis", 'type' => 'textarea', 'value' => $data['leistungsnachweis'], 'locked' => LockRules::Check($this->course_id, 'leistungsnachweis'));
$this->descriptions[] = array('title' => _("Ort") . "<br><span style=\"font-size: 0.8em\"><b>" . _("Achtung:") . " </b>" . _("Diese Ortsangabe wird nur angezeigt, wenn keine " . "Angaben aus Zeiten oder Sitzungsterminen gemacht werden können.") . "</span>", 'name' => "course_location", 'type' => 'textarea', 'value' => $data['location'], 'locked' => LockRules::Check($this->course_id, 'Ort'));
$datenfelder = DataFieldEntry::getDataFieldEntries($this->course_id, 'sem', $data["status"]);
if ($datenfelder) {
foreach ($datenfelder as $datenfeld) {
if ($datenfeld->isVisible()) {
$locked = !$datenfeld->isEditable() || LockRules::Check($this->course_id, $datenfeld->getID());
$this->descriptions[] = array('title' => $datenfeld->getName(), 'must' => $datenfeld->isRequired(), 'name' => "datafield_" . $datenfeld->getID(), 'type' => "datafield", 'html_value' => $datenfeld->getHTML("datafields"), 'display_value' => $datenfeld->getDisplayValue(), 'locked' => $locked, 'description' => !$datenfeld->isEditable() ? "Diese Felder werden zentral durch die zuständigen Administratoren erfasst." : $datenfeld->getDescription());
}
}
}
$this->descriptions[] = array('title' => _("Sonstiges"), 'name' => "course_misc", 'type' => 'textarea', 'value' => $data['misc'], 'locked' => LockRules::Check($this->course_id, 'Sonstiges'));
$this->perm_dozent = $perm->have_studip_perm("dozent", $this->course_id);
$this->mkstring = $data['mkdate'] ? date("d.m.Y, G:i", $data['mkdate']) : _("unbekannt");
$this->chstring = $data['chdate'] ? date("d.m.Y, G:i", $data['chdate']) : _("unbekannt");
$lockdata = LockRules::getObjectRule($this->course_id);
if ($lockdata['description'] && LockRules::CheckLockRulePermission($this->course_id, $lockdata['permission'])) {
$this->flash['msg'] = array_merge((array) $this->flash['msg'], array(array("info", formatLinks($lockdata['description']))));
}
$this->flash->discard();
//schmeißt ab jetzt unnötige Variablen aus der Session.
$sidebar = Sidebar::get();
$sidebar->setImage("sidebar/admin-sidebar.png");
$widget = new ActionsWidget();
$widget->addLink(_('Bild ändern'), $this->url_for('course/avatar/update', $course_id), Icon::create('edit', 'clickable'));
if ($this->deputies_enabled) {
if (isDeputy($user->id, $this->course_id)) {
$newstatus = 'dozent';
$text = _('Lehrende werden');
} else {
if (in_array($user->id, array_keys($this->dozenten)) && sizeof($this->dozenten) > 1) {
$newstatus = 'deputy';
$text = _('Vertretung werden');
}
}
$widget->addLink($text, $this->url_for('course/basicdata/switchdeputy', $this->course_id, $newstatus), Icon::create('persons', 'clickable'));
}
$sidebar->addWidget($widget);
// Entry list for admin upwards.
if ($perm->have_studip_perm("admin", $this->course_id)) {
$list = new SelectorWidget();
$list->setUrl("?#admin_top_links");
$list->setSelectParameterName("cid");
foreach (AdminCourseFilter::get()->getCoursesForAdminWidget() as $seminar) {
$list->addElement(new SelectElement($seminar['Seminar_id'], $seminar['Name']), 'select-' . $seminar['Seminar_id']);
}
$list->setSelection($this->course_id);
$sidebar->addWidget($list);
}
}
/**
* Provides a dialog to move or copy selected users to another course.
*/
public function select_course_action()
{
if (Request::submitted('submit')) {
CSRFProtection::verifyUnsafeRequest();
$this->flash['users_to_send'] = Request::getArray('users');
$this->flash['target_course'] = Request::option('course_id');
$this->flash['move'] = Request::int('move');
$this->redirect('course/members/send_to_course');
} else {
global $perm;
if ($perm->have_perm('root')) {
$parameters = array('semtypes' => studygroup_sem_types() ?: array(), 'exclude' => array($GLOBALS['SessSemName'][1]));
} else {
if ($perm->have_perm('admin')) {
$parameters = array('semtypes' => studygroup_sem_types() ?: array(), 'institutes' => array_map(function ($i) {
return $i['Institut_id'];
}, Institute::getMyInstitutes()), 'exclude' => array($GLOBALS['SessSemName'][1]));
} else {
$parameters = array('userid' => $GLOBALS['user']->id, 'semtypes' => studygroup_sem_types() ?: array(), 'exclude' => array($GLOBALS['SessSemName'][1]));
}
}
$coursesearch = MyCoursesSearch::get('Seminar_id', $GLOBALS['perm']->get_perm(), $parameters);
$this->search = QuickSearch::get('course_id', $coursesearch)->setInputStyle('width:100%')->withButton()->render();
$this->course_id = Request::option('course_id');
$this->course_id_parameter = Request::get('course_id_parameter');
if (!empty($this->flash['users']) || Request::getArray('users')) {
$users = $this->flash['users'] ?: Request::getArray('users');
// create a usable array
foreach ($this->flash['users'] as $user => $val) {
if ($val) {
$this->users[] = $user;
}
}
if (Request::isXhr()) {
$this->response->add_header('X-Title', _('Zielveranstaltung auswählen'));
}
} else {
if (Request::isXhr()) {
$this->response->add_header('X-Dialog-Close', '1');
$this->render_nothing();
} else {
$this->redirect('course/members/index');
}
}
}
}
/**
* Fetches available institutes for the current user.
*/
public function institutes_action()
{
CSRFProtection::verifyUnsafeRequest();
$this->myInstitutes = Institute::getMyInstitutes();
$this->selectedInstitutes = array();
foreach (Request::getArray('institutes') as $institute) {
$this->selectedInstitutes[$institute] = new Institute($institute);
}
Config::get()->AJAX_AUTOCOMPLETE_DISABLED = false;
$this->instSearch = QuickSearch::get("institute_id", new StandardSearch("Institut_id"))->withOutButton()->render();
}
/**
* Searchs for studip areas using given search term
*
* @param string $term search term
* @return array area data
*/
function search_area($term)
{
global $perm;
$result = array();
if (strlen($term) < 3) {
PageLayout::postMessage(MessageBox::error(_('Der Suchbegriff muss mindestens drei Zeichen lang sein.')));
return $result;
} elseif ($term == '__THIS_SEMESTER__') {
$nr = 0;
$current_semester = Semester::findCurrent();
$query = "SELECT seminare.Name AS sem_name, seminare.Seminar_id, seminare.visible\n FROM seminar_user LEFT JOIN seminare USING (Seminar_id)\n WHERE seminar_user.user_id = :user_id AND seminar_user.status IN('tutor', 'dozent')\n AND seminare.start_time <= :start\n AND (:start <= (seminare.start_time + seminare.duration_time)\n OR seminare.duration_time = -1)";
if (get_config('DEPUTIES_ENABLE')) {
$query .= " UNION SELECT CONCAT(seminare.Name, ' [" . _("Vertretung") . "]') AS sem_name, seminare.Seminar_id,\n seminare.visible\n FROM deputies JOIN seminare ON (deputies.range_id=seminare.Seminar_id)\n WHERE deputies.user_id = :user_id\n AND seminare.start_time <= :start\n AND (:start <= (seminare.start_time + seminare.duration_time)\n OR seminare.duration_time = -1)";
}
$query .= " ORDER BY sem_name ASC";
$statement = DBManager::get()->prepare($query);
$statement->bindValue(':user_id', $GLOBALS['auth']->auth['uid']);
$statement->bindValue(':start', $current_semester["beginn"]);
$statement->execute();
$seminars = $statement->fetchAll(PDO::FETCH_ASSOC);
foreach ($seminars as $key => $sem) {
$tmp_result[$sem['Seminar_id']] = array('name' => $sem['sem_name'], 'type' => 'sem');
}
$term = '';
} elseif ($term == '__MY_INSTITUTES__') {
$term = '';
if ($perm->have_perm('root')) {
$tmp_result['studip'] = array('name' => 'Stud.IP', 'type' => 'global');
}
$inst_list = Institute::getMyInstitutes();
if (count($inst_list)) {
foreach ($inst_list as $data) {
$tmp_result[$data['Institut_id']] = array('name' => $data['Name'], 'type' => $data['is_fak'] ? 'fak' : 'inst');
}
}
} else {
$tmp_result = search_range($term, true);
// add users
if (stripos(get_fullname(), $term) !== false) {
$tmp_result[$GLOBALS['auth']->auth['uid']] = array('name' => get_fullname(), 'type' => 'user');
}
if (isDeputyEditAboutActivated()) {
$query = "SELECT DISTINCT a.user_id " . "FROM deputies d " . "JOIN auth_user_md5 a ON (d.range_id = a.user_id) " . "JOIN user_info u ON (a.user_id=u.user_id) " . "WHERE d.user_id = ? " . "AND CONCAT(u.title_front, ' ', a.Vorname, ' ', a.Nachname, ', ', u.title_rear) LIKE CONCAT('%',?,'%')";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($GLOBALS['auth']->auth['uid'], $term));
while ($data = $statement->fetch(PDO::FETCH_ASSOC)) {
$tmp_result[$data['user_id']] = array('name' => get_fullname($data['user_id']), 'type' => 'user');
}
}
}
// workaround: apply search term (ignored by search_range below admin)
if (count($tmp_result) and !$GLOBALS['perm']->have_perm('admin') and $term) {
foreach ($tmp_result as $id => $data) {
if (stripos($data['name'], $term) === false) {
unset($tmp_result[$id]);
}
}
}
// prepare result
if (count($tmp_result)) {
foreach ($tmp_result as $id => $data) {
$result[$data['type'] == 'fak' ? 'inst' : $data['type']][$id] = $data['name'];
}
} elseif ($term) {
PageLayout::postMessage(MessageBox::error(_('Zu diesem Suchbegriff wurden keine Bereiche gefunden.')));
}
return $result;
}
