function show_edit_form($id, $sid, $assign)
{
global $m, $langGradeOk, $tool_content, $course_code;
$sub = Database::get()->querySingle("SELECT * FROM assignment_submit WHERE id = ?d", $sid);
if (count($sub) > 0) {
$uid_2_name = display_user($sub->uid);
if (!empty($sub->group_id)) {
$group_submission = "({$m['groupsubmit']} " . "<a href='../group/group_space.php?course={$course_code}&group_id={$sub->group_id}'>" . "{$m['ofgroup']} " . gid_to_name($sub->group_id) . "</a>)";
} else {
$group_submission = '';
}
$tool_content .= "\n <form method='post' action='index.php?course={$course_code}'>\n <input type='hidden' name='assignment' value='{$id}'>\n <input type='hidden' name='submission' value='{$sid}'>\n <fieldset>\n <legend>{$m['addgradecomments']}</legend>\n <table width='99%' class='tbl'>\n <tr>\n <th class='left' width='180'>{$m['username']}:</th>\n <td>{$uid_2_name} " . q($group_submission) . "</td>\n </tr>\n <tr>\n <th class='left'>{$m['sub_date']}:</th>\n <td>" . q($sub->submission_date) . "</td></tr>\n <tr>\n <th class='left'>{$m['filename']}:</th>\n <td><a href='index.php?course={$course_code}&get={$sub->id}'>" . q($sub->file_name) . "</a></td>\n </tr>\n <tr>\n <th class='left'>{$m['grade']}:</th>\n <td><input type='text' name='grade' maxlength='3' size='3' value='" . q($sub->grade) . "'></td></tr>\n <tr>\n <th class='left'>{$m['gradecomments']}:</th>\n <td><textarea cols='60' rows='3' name='comments'>" . q($sub->grade_comments) . "</textarea></td>\n </tr>\n <tr>\n <th><label for='email_button'>{$m['email_users']}:</label></th>\n <td><input type='checkbox' value='1' id='email_button' name='email'></td>\n </tr>\n <tr>\n <th class='left'> </th>\n <td><input class='btn btn-primary' type='submit' name='grade_comments' value='{$langGradeOk}'></td>\n </tr>\n </table>\n </fieldset>\n </form><br>";
} else {
Session::Messages($m['WorkNoSubmission'], 'alert-danger');
redirect_to_home_page('modules/work/index.php?course=' . $course_code . '&id=' . $id);
}
}
$activeUsers = Database::get()->queryArray("SELECT uid as userID FROM attendance_users WHERE attendance_id = ?d", $attendance_id);
if ($activeUsers) {
foreach ($activeUsers as $result) {
$userInp = intval(@$_POST[$result->userID]);
//get the record from the teacher (input name is the user id)
// //check if there is record for the user for this activity
$checkForBook = Database::get()->querySingle("SELECT COUNT(id) as count, id FROM attendance_book WHERE attendance_activity_id = ?d AND uid = ?d", $actID, $result->userID);
if ($checkForBook->count) {
//update
Database::get()->query("UPDATE attendance_book SET attend = ?d WHERE id = ?d ", $userInp, $checkForBook->id);
} else {
//insert
Database::get()->query("INSERT INTO attendance_book SET uid = ?d, attendance_activity_id = ?d, attend = ?d, comments = ?s", $result->userID, $actID, $userInp, '');
}
}
Session::Messages($langAttendanceEdit, "alert-success");
redirect_to_home_page("modules/attendance/index.php");
}
}
//display the form and the list
$result = Database::get()->querySingle("SELECT * FROM attendance_activities WHERE id = ?d", $actID);
$tool_content .= "<div class='alert alert-info'>" . $result->title . "</div>";
//show all the students
$resultUsers = Database::get()->queryArray("SELECT attendance_users.id as recID, attendance_users.uid as userID, user.surname as surname, user.givenname as name, user.am as am, course_user.reg_date as reg_date FROM attendance_users, user, course_user WHERE attendance_id = ?d AND attendance_users.uid = user.id AND `user`.id = `course_user`.`user_id` AND `course_user`.`course_id` = ?d ", $attendance_id, $course_id);
if ($resultUsers) {
//table to display the users
$tool_content .= "\n <form method='post' action='{$_SERVER['SCRIPT_NAME']}?course={$course_code}&ins=" . $actID . "'>\n <table id='users_table{$course_id}' class='table-default custom_list_order'>\n <thead>\n <tr>\n <th width='1'>{$langID}</th>\n <th><div align='left' width='100'>{$langName} {$langSurname}</div></th>\n <th class='center' width='80'>{$langRegistrationDateShort}</th>\n <th class='center'>{$langAttendanceAbsences}</th>\n <th class='center'>{$langActions}</th>\n </tr>\n </thead>\n <tbody>";
$cnt = 0;
foreach ($resultUsers as $resultUser) {
$cnt++;
$tool_content .= "\n <tr>\n <td>{$cnt}</td>\n <td> " . display_user($resultUser->userID) . " ({$langAm}: {$resultUser->am})</td>\n <td>" . nice_format($resultUser->reg_date) . "</td>\n <td>" . userAttendTotal($attendance_id, $resultUser->userID) . "/" . $attendance_limit . "</td>\n <td class='center'>\n <input class='form-control' type='checkbox' value='1' name='" . $resultUser->userID . "'";
}
}
Indexer::queueAsync(Indexer::REQUEST_REMOVEBYTOPIC, Indexer::RESOURCE_FORUMPOST, $topic_id);
$number_of_topics = get_total_topics($forum_id);
$num_topics = $number_of_topics - 1;
if ($number_of_topics < 0) {
$num_topics = 0;
}
Database::get()->query("DELETE FROM forum_topic WHERE id = ?d AND forum_id = ?d", $topic_id, $forum_id);
Indexer::queueAsync(Indexer::REQUEST_REMOVE, Indexer::RESOURCE_FORUMTOPIC, $topic_id);
Database::get()->query("UPDATE forum SET num_topics = ?d,
num_posts = num_posts-$number_of_posts
WHERE id = ?d
AND course_id = ?d", $num_topics, $forum_id, $course_id);
Database::get()->query("DELETE FROM forum_notify WHERE topic_id = ?d AND course_id = ?d", $topic_id, $course_id);
Session::Messages($langDeletedMessage, 'alert-success');
redirect_to_home_page("modules/forum/viewforum.php?course=$course_code&forum=$forum_id");
}
// modify topic notification
if (isset($_GET['topicnotify'])) {
if (isset($_GET['topic_id'])) {
$topic_id = intval($_GET['topic_id']);
}
$rows = Database::get()->querySingle("SELECT COUNT(*) AS count FROM forum_notify
WHERE user_id = ?d AND topic_id = ?d AND course_id = ?d", $uid, $topic_id, $course_id);
if ($rows->count > 0) {
Database::get()->query("UPDATE forum_notify SET notify_sent = ?d
WHERE user_id = ?d AND topic_id = ?d AND course_id = ?d", $_GET['topicnotify'], $uid, $topic_id, $course_id);
} else {
Database::get()->query("INSERT INTO forum_notify SET user_id = ?d,
} elseif (isset($_GET['modifyCat']) || isset($_GET['newCat'])) {
$pageName = isset($_GET['newCat']) ? $langNewCat : $langEditCat;
$navigation = array(array("url" => "index.php?course={$course_code}", "name" => $langExercices), array("url" => "question_categories.php?course={$course_code}", "name" => $langQuestionCats));
$form_action_url = "{$_SERVER['SCRIPT_NAME']}?course={$course_code}";
$form_action_url .= isset($_GET['modifyCat']) ? "&modifyCat=" . intval($_GET['modifyCat']) : "&newCat=yes";
if (isset($_GET['modifyCat'])) {
$q_cat = Database::get()->querySingle("SELECT * FROM exercise_question_cats WHERE question_cat_id = ?d", $_GET['modifyCat']);
}
$questionCatName = Session::has('questionCatName') ? Session::get('questionCatName') : (isset($q_cat) ? $q_cat->question_cat_name : '');
$tool_content .= action_bar(array(array('title' => $langBack, 'level' => 'primary-label', 'icon' => 'fa-reply', 'url' => "question_categories.php?course={$course_code}")));
$tool_content .= "\n <div class='form-wrapper'>\n <form class='form-horizontal' role='form' action='{$form_action_url}' method='post'>\n <div class='form-group " . (Session::getError('questionCatName') ? "has-error" : "") . "'>\n <label for='questionCatName' class='col-sm-2 control-label'>{$langTitle}:</label>\n <div class='col-sm-10'>\n <input name='questionCatName' type='text' class='form-control' id='questionCatName' placeholder='{$langTitle}' value='{$questionCatName}'>\n <span class='help-block'>" . Session::getError('questionCatName') . "</span>\n </div>\n </div>\n <div class='form-group'>\n <div class='col-sm-10 col-sm-offset-2'>\n <input class='btn btn-primary' name='submitCat' type='submit' value='{$langSubmit}'>\n <a href='question_categories.php?course={$course_code}' class='btn btn-default'>{$langCancel}</a>\n </div>\n </div> \n </form>\n </div>";
} elseif (isset($_GET['deleteCat'])) {
$q_cat_id = $_GET['deleteCat'];
if (Database::get()->query("DELETE FROM exercise_question_cats WHERE question_cat_id = ?d AND course_id = ?d", $q_cat_id, $course_id)->affectedRows > 0) {
Database::get()->query("UPDATE exercise_question SET category = ?d WHERE category = ?d AND course_id = ?d", 0, $q_cat_id, $course_id);
Session::Messages($langDelCatSuccess, 'alert-success');
}
redirect_to_home_page("modules/exercise/question_categories.php?course={$course_code}");
} else {
$pageName = $langQuestionCats;
$navigation[] = array("url" => "index.php?course={$course_code}", "name" => $langExercices);
$tool_content .= action_bar(array(array('title' => $langNewCat, 'level' => 'primary-label', 'icon' => 'fa-plus-circle', 'url' => "question_categories.php?course={$course_code}&newCat=yes", 'button-class' => 'btn-success'), array('title' => $langBack, 'level' => 'primary', 'icon' => 'fa-reply', 'url' => "index.php?course={$course_code}")));
$q_cats = Database::get()->queryArray("SELECT * FROM exercise_question_cats WHERE course_id = ?d", $course_id);
if (count($q_cats) > 0) {
$tool_content .= "\n <div class='table-responsive'>\n <table class='table-default'>\n <tbody>\n <tr>\n <th>{$langTitle}</th>\n <th class='text-center'>" . icon('fa-gears') . "</th>\n </tr> \n ";
foreach ($q_cats as $q_cat) {
$action_button = action_button(array(array('title' => $langEdit, 'url' => "question_categories.php?course={$course_code}&modifyCat={$q_cat->question_cat_id}", 'icon' => 'fa-edit'), array('title' => $langDelete, 'url' => "question_categories.php?course={$course_code}&deleteCat={$q_cat->question_cat_id}", 'icon' => 'fa-times', 'confirm' => $langQuestionCatDelConfirrm, 'class' => 'delete')));
$tool_content .= "\n <tr>\n <td>{$q_cat->question_cat_name}</td>\n <td class='option-btn-cell'>{$action_button}</td>\n </tr>";
}
$tool_content .= " \n </tbody>\n </table>\n </div>";
} else {
// Disable modules admin page
$require_admin = true;
require_once '../../include/baseTheme.php';
$navigation[] = array('url' => 'index.php', 'name' => $langAdmin);
$pageName = $langDisableModules;
if (isset($_POST['submit'])) {
Database::get()->query('DELETE FROM module_disable');
if (isset($_POST['moduleDisable'])) {
$optArray = implode(', ', array_fill(0, count($_POST['moduleDisable']), '(?d)'));
Database::get()->query('INSERT INTO module_disable (module_id) VALUES ' . $optArray,
array_keys($_POST['moduleDisable']));
}
Session::Messages($langWikiEditionSucceed, 'alert-success');
redirect_to_home_page('modules/admin/modules.php');
} else {
$disabled = array();
foreach (Database::get()->queryArray('SELECT module_id FROM module_disable') as $item) {
$disabled[] = $item->module_id;
}
$tool_content .= action_bar(array(
array('title' => $langBack,
'url' => $urlAppend . 'modules/admin/index.php',
'icon' => 'fa-reply',
'level' => 'primary-label')), false) .
"<div class='alert alert-warning'>$langDisableModulesHelp</div>
<div class='form-wrapper'>
<form class='form-horizontal' role='form' action='modules.php' method='post'>";
}
// indexing was previously on, but now set to off, need to empty it
if (get_config('enable_indexing') && !$enable_indexing) {
require_once 'modules/search/indexer.class.php';
Indexer::deleteAll();
}
// update table `config`
foreach ($config_vars as $varname => $what) {
set_config($varname, $GLOBALS[$varname]);
}
// Display result message
Session::flash('scheduleIndexing', $scheduleIndexing);
Session::Messages($langFileUpdatedSuccess, 'alert-success');
redirect_to_home_page('modules/admin/eclassconf.php');
} // end of if($submit)
else {
// Display config.php edit form
$head_content .= "
<script>
$(function() {
$('body').scrollspy({ target: '#affixedSideNav' });
});
</script>
";
// Display link to index.php
$tool_content .= action_bar(array(
array('title' => $langBack,
$recursion = array('unit' => $_POST['frequencyperiod'], 'repeat' => $_POST['frequencynumber'], 'end' => $_POST['enddate']);
}
$ev = add_event($event_title, $content, $startdate, $duration, $recursion);
foreach($ev['event'] as $id) {
$agdx->store($id);
}
}
Session::Messages($langStoredOK, 'alert-success');
redirect_to_home_page("modules/agenda/index.php?course=$course_code");
} elseif (isset($_GET['delete']) && $_GET['delete'] == 'yes') {
$resp = (isset($_GET['rep']) && $_GET['rep'] == 'yes')? delete_recursive_event($id):delete_event($id);
$agdx->remove($id);
$msgresp = ($resp['success'])? $langDeleteOK : $langDeleteError.": ".$resp['message'];
$alerttype = ($resp['success'])? 'alert-success' : 'alert-error';
Session::Messages($msgresp, $alerttype);
redirect_to_home_page("modules/agenda/index.php?course=$course_code");
}
$is_recursive_event = false;
if (isset($_GET['addEvent']) or isset($_GET['edit'])) {
$pageName = $langAddEvent;
$tool_content .= action_bar(array(
array('title' => $langBack,
'url' => "$_SERVER[SCRIPT_NAME]?course=$course_code",
'icon' => 'fa-reply',
'level' => 'primary-label',
'show' => $is_editor)));
$navigation[] = array("url" => $_SERVER['SCRIPT_NAME'] . "?course=$course_code", "name" => $langAgenda);
$applytogroup = '';
if (isset($id) && $id) {
}
if (isset($_GET['mod_pw'])) {
header('Location: ' . bbb_join_moderator($_GET['meeting_id'], $_GET['mod_pw'], $_GET['att_pw'], $_SESSION['surname'], $_SESSION['givenname']));
} else {
# Get session capacity
$c = Database::get()->querySingle("SELECT sessionUsers FROM bbb_session where meeting_id=?s", $_GET['meeting_id']);
$sess = Database::get()->querySingle("SELECT * FROM bbb_session WHERE meeting_id=?s", $_GET['meeting_id']);
$serv = Database::get()->querySingle("SELECT * FROM bbb_servers WHERE id=?d", $sess->running_at);
if ($c->sessionUsers > 0 && $c->sessionUsers < get_meeting_users($serv->server_key, $serv->api_url, $_GET['meeting_id'], $sess->mod_pw)) {
$tool_content .= "<p class='noteit'><b>{$langNote}</b>:<br />{$langBBBMaxUsersJoinError}</p>";
break;
} else {
header('Location: ' . bbb_join_user($_GET['meeting_id'], $_GET['att_pw'], $_SESSION['surname'], $_SESSION['givenname']));
}
}
break;
case 'import_video':
publish_video_recordings($course_code, $_GET['id']);
break;
}
} elseif (isset($_POST['new_bbb_session'])) {
$startDate_obj = DateTime::createFromFormat('d-m-Y H:i', $_POST['start_session']);
$start = $startDate_obj->format('Y-m-d H:i:s');
add_bbb_session($course_id, $_POST['title'], $_POST['desc'], $start, $_POST['type'], $_POST['status'], isset($_POST['notifyUsers']) ? '1' : '0', $_POST['minutes_before'], $_POST['external_users'], $_POST['record'], $_POST['sessionUsers']);
Session::Messages($langBBBAddSuccessful, 'alert-success');
redirect_to_home_page("modules/bbb/index.php?course={$course_code}");
} else {
bbb_session_details();
}
add_units_navigation(TRUE);
draw($tool_content, 2, null, $head_content);
$actDate = !empty($_POST['date']) ? $_POST['date'] : null;
$visible = isset($_POST['visible']) ? 1 : 0;
if ($_POST['id']) {
//update
$id = $_POST['id'];
Database::get()->query("UPDATE attendance_activities SET `title` = ?s, date = ?t,
description = ?s, `auto` = ?d
WHERE id = ?d", $actTitle, $actDate, $actDesc, $auto, $id);
Session::Messages("$langGradebookEdit", "alert-success");
redirect_to_home_page("modules/attendance/index.php?course=$course_code&attendance_id=$attendance_id");
} else {
//insert
$insertAct = Database::get()->query("INSERT INTO attendance_activities SET attendance_id = ?d, title = ?s,
`date` = ?t, description = ?s",
$attendance_id, $actTitle, $actDate, $actDesc);
Session::Messages("$langGradebookSucInsert","alert-success");
redirect_to_home_page("modules/attendance/index.php?course=$course_code&attendance_id=$attendance_id");
}
} else {
Session::flashPost()->Messages($langFormErrors)->Errors($v->errors());
$new_or_edit = $_POST['id'] ? "&modify=".getIndirectReference($_POST['id']) : "&addActivity=1";
redirect_to_home_page("modules/attendance/index.php?course=$course_code&attendance_id=".$attendance_id.$new_or_edit);
}
}
elseif (isset($_GET['delete'])) {
delete_attendance_activity($attendance_id, getDirectReference($_GET['delete']));
redirect_to_home_page("modules/attendance/index.php?course=$course_code&attendance_id=$attendance_id");
// delete attendance
} elseif (isset($_GET['delete_at'])) {
</div>";
if ($comments_enabled) {
if ($post->getCommenting() == 1) {
commenting_add_js(); //add js files needed for comments
$comm = new Commenting('blogpost', $post->getId());
if ($blog_type == 'course_blog') {
$tool_content .= $comm->put($course_code, $is_editor, $uid, true);
} elseif ($blog_type == 'perso_blog') {
$tool_content .= $comm->put(NULL, $is_blog_editor, $uid, true);
}
}
}
} else {
Session::Messages($langBlogPostNotFound);
redirect_to_home_page("modules/blog/index.php?$url_params");
}
}
//show all blog posts
if ($action == "showBlog") {
if ($blog_type == 'course_blog') {
$allow_to_create = $blog->permCreate($is_editor, $stud_allow_create, $uid);
} elseif ($blog_type == 'perso_blog') {
$allow_to_create = $is_blog_editor;
}
$tool_content .= action_bar(array(
array('title' => $langBlogAddPost,
'url' => "$_SERVER[SCRIPT_NAME]?$url_params&action=createPost",
<div class='col-sm-offset-3 col-sm-9'>
<input class='btn btn-primary' type='submit' name='changePass' value='$langModify'>
<a class='btn btn-default' href='{$urlServer}modules/admin/edituser.php?u=" . urlencode($_REQUEST['userid']) . "'>$langCancel</a>
</div>
</fieldset>
". generate_csrf_token_form_field() ."
</form>
</div>";
} else {
$userid = intval($_POST['userid']);
if (!isset($_POST['token']) || !validate_csrf_token($_POST['token'])) csrf_token_error();
if (empty($_POST['password_form']) || empty($_POST['password_form1'])) {
Session::Messages($langFieldsMissing);
redirect_to_home_page("modules/admin/password.php?userid=" . urlencode($userid));
}
if ($_POST['password_form1'] !== $_POST['password_form']) {
Session::Messages($langPassTwo);
redirect_to_home_page("modules/admin/password.php?userid=" . urlencode($userid));
}
// All checks ok. Change password!
$hasher = new PasswordHash(8, false);
$new_pass = $hasher->HashPassword($_POST['password_form']);
Database::get()->query("UPDATE `user` SET `password` = ?s WHERE `id` = ?d", $new_pass, $userid);
Session::Messages($langPassChanged);
redirect_to_home_page("modules/admin/edituser.php?u=" . urlencode($userid));
}
draw($tool_content, 3, null, $head_content);
*
* @abstract This component is the core of eclass. Each and every file that
* requires output to the user's browser must include this file and use
* the draw method to output the UI to the user's browser.
*
* An exception of this scenario is when the user uses the personalised
* interface. In that case function drawPerso needs to be called.
*
*/
$navigation = array();
$sectionName = '';
$pageName = '';
$toolName = '';
require_once 'init.php';
if (isset($toolContent_ErrorExists)) {
Session::Messages($toolContent_ErrorExists);
if (!$uid) {
$next = str_replace($urlAppend, '/', $_SERVER['REQUEST_URI']);
header("Location:" . $urlServer . "main/login_form.php?next=" . urlencode($next));
} else {
header("Location:" . $urlServer . "index.php");
}
exit;
}
require_once 'template/template.inc.php';
require_once 'tools.php';
/**
* Function draw
*
* This method processes all data to render the display. It is executed by
* each tool. Is in charge of generating the interface and parse it to the user's browser.
$hits3 = array();
foreach ($hits2 as $hit2) {
if (in_array($hit2->pkid, $subscribed)) {
$hits3[] = $hit2;
}
}
$hits = array_merge($hits1, $hits3);
// eponymous user can also search for his subscribed courses
}
} else {
$hits = $hits1;
// anonymous can only access with visible 1 or 2
}
// exit if not results
if (count($hits) <= 0) {
Session::Messages($langNoResult);
redirect_to_home_page('modules/search/search.php');
}
//////// PRINT RESULTS ////////
$tool_content .= action_bar(array(array('title' => $langNewSearch, 'url' => "search.php", 'icon' => 'fa-plus-circle', 'level' => 'primary-label', 'button-class' => 'btn-success')));
$tool_content .= "\n <div class='alert alert-info'>{$langDoSearch}: <label>" . count($hits) . " {$langResults2}</label></div>\n <table class='table-default'>\n <tr> \n <th class='text-left'>" . $langCourse . " ({$langCode})</th>\n <th class='text-left'>{$langTeacher}</th>\n <th class='text-left'>{$langKeywords}</th>\n </tr>";
foreach ($hits as $hit) {
$course = Database::get()->querySingle("SELECT code, title, public_code, prof_names, keywords FROM course WHERE id = ?d", $hit->pkid);
// search in-course: Commented out @ 2014-11-24 because too costly to run 11 index sub-queries for each hit result
$urlParam = '';
//if (isset($_POST['search_terms']) && search_in_course($_POST['search_terms'], $hit->pkid, $anonymous)) {
// $urlParam = '?from_search=' . urlencode($_POST['search_terms']);
//}
$tool_content .= "<tr><td>\n <a href='../../courses/" . q($course->code) . "/" . $urlParam . "'>" . q($course->title) . "\n </a> (" . q($course->public_code) . ")</td>\n <td>" . q($course->prof_names) . "</td>\n <td>" . q($course->keywords) . "</td></tr>";
}
$tool_content .= "</table>";
initialize_group_id();
initialize_group_info($group_id);
$toolName = $langGroups;
$pageName = $group_name;
$navigation[] = array('url' => 'index.php?course=' . $course_code, 'name' => $langGroups);
if (isset($_GET['selfReg'])) {
if (!$is_member and $status != USER_GUEST and ($max_members == 0 or $member_count < $max_members)) {
$id = Database::get()->query("INSERT INTO group_members SET user_id = ?d, group_id = ?d, description = ''", $uid, $group_id);
$group = gid_to_name($group_id);
Log::record($course_id, MODULE_ID_GROUPS, LOG_MODIFY, array('id' => $id,
'uid' => $uid,
'name' => $group));
Session::Messages($langGroupNowMember, 'alert-success');
redirect_to_home_page("modules/group/group_space.php?course=$course_code&group_id=$group_id");
} else {
$tool_content .= "<div class='alert alert-danger'>$langForbidden</div>";
draw($tool_content, 2);
exit;
}
}
if (!$is_member and !$is_editor) {
$tool_content .= "<div class='alert alert-danger'>$langForbidden</div>";
draw($tool_content, 2);
exit;
}
if (isset($_GET['group_as'])) {
$group_id = $_GET['group_id'];
function error($message)
{
global $urlServer;
Session::Messages($message, 'alert-danger');
session_write_close();
header("Location: {$urlServer}");
exit;
}
*/
include '../../include/init.php';
if (isset($_GET['course'])) {
$code = $_GET['course'];
$course_id = course_code_to_id($code);
} else {
$code = '';
$course_id = false;
}
if ($course_id === false) {
header("HTTP/1.0 404 Not Found");
echo '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head>', '<title>404 Not Found</title></head><body>', '<h1>Not Found</h1><p>The requested course "', htmlspecialchars($code), '" does not exist.</p></body></html>';
exit;
}
if (!visible_module(MODULE_ID_BLOG)) {
Session::Messages($langCheckPublicTools, 'alert-danger');
session_write_close();
$errorMessagePath = "../../";
if (!$uid) {
$next = str_replace($urlAppend, '/', $_SERVER['REQUEST_URI']);
header("Location:" . $urlSecure . "login_form.php?next=" . urlencode($next));
} else {
header("Location:" . $urlServer . "index.php");
}
exit;
}
$title = htmlspecialchars(Database::get()->querySingle("SELECT title FROM course WHERE id = ?d", $course_id)->title, ENT_NOQUOTES);
$lastbuilddateobj = Database::get()->querySingle("SELECT DATE_FORMAT(`time`,'%a, %d %b %Y %T +0300') AS dateformat\r\n FROM blog_post WHERE course_id = ?d\r\n ORDER BY `time` DESC", $course_id);
if (is_object($lastbuilddateobj)) {
$lastbuilddate = $lastbuilddateobj->dateformat;
}
//delete page
//delete page
case "delete":
if ($wiki_title != "__MainPage__" and $is_editor) {
//only a teacher can delete a page
if ($wikiStore->pageExists($wikiId, $wiki_title)) {
$wikiPage->loadPage($wiki_title);
if ($wikiPage->delete()) {
Session::Messages($langWikiPageDeleted, 'alert-success');
redirect_to_home_page("modules/wiki/page.php?course={$course_code}&wikiId={$wikiId}&action=show");
} else {
Session::Messages($langWikiDeletePageError, 'alert-danger');
redirect_to_home_page("modules/wiki/page.php?course={$course_code}&action=show&title=" . rawurlencode($wiki_title) . "&wikiId={$wikiId}");
}
} else {
Session::Messages($langWikiPageNotFound);
redirect_to_home_page("modules/wiki/page.php?course={$course_code}&wikiId={$wikiId}&action=show");
}
}
break;
// page preview
// page preview
case "preview":
if (!isset($content)) {
$content = '';
}
$tool_content .= claro_disp_wiki_preview($wikiRenderer, $wiki_title, $content);
$tool_content .= claro_disp_wiki_preview_buttons($wikiId, $wiki_title, $content, $changelog);
break;
// view page
// view page
</div>
</form>
</div>";
} else {
if (isset($_SESSION['uid']) and $_GET['u'] == $_SESSION['uid']) {
$q = Database::get()->query("DELETE from course_user
WHERE course_id = ?d
AND user_id = ?d", $cid, $_GET['u']);
if ($q->affectedRows > 0) {
Log::record($cid, MODULE_ID_USERS, LOG_DELETE, array('uid' => $_GET['u'],
'right' => 0));
$code = course_id_to_code($cid);
// clear session access to lesson
unset($_SESSION['dbname']);
unset($_SESSION['cid_tmp']);
unset($_SESSION['courses'][$code]);
Session::Messages($langCoursDelSuccess, 'alert-success');
redirect_to_home_page('main/portfolio.php');
} else {
$tool_content .= "<div class='alert alert-danger'>$langCoursError</div>";
}
}
$tool_content .= "<br><br><div align=right><a href='../index.php' class=mainpage>$langBack</a></div>";
}
if (isset($_SESSION['uid'])) {
draw($tool_content, 1);
} else {
draw($tool_content, 0);
}
draw($tool_content, 2);
exit();
}
if(!$objExercise->selectScore() && !$is_editor) {
redirect_to_home_page("modules/exercise/index.php?course=$course_code");
}
}
if (isset($_SESSION['objExercise'][$exerciseId])) {
$objExercise = $_SESSION['objExercise'][$exerciseId];
}
if ($is_editor && isset($_GET['purgeAttempID'])) {
$eurid = $_GET['purgeAttempID'];
$objExercise->purgeAttempt($eurid);
Session::Messages($langPurgeExerciseResultsSuccess);
redirect_to_home_page("modules/exercise/results.php?course=$course_code&exerciseId=$exerciseId");
}
$exerciseTitle = $objExercise->selectTitle();
$exerciseDescription = $objExercise->selectDescription();
$exerciseDescription_temp = nl2br(make_clickable($exerciseDescription));
$tool_content .= "
<div class='table-responsive'>
<table class='table-default'>
<tr>
<th>" . q_math($exerciseTitle) . "</th>
</tr>";
if($exerciseDescription_temp) {
$tool_content .= "
<tr>
$q = Database::get()->query('UPDATE user_department
SET department = ?d WHERE user = ?d AND department = ?d',
$dest_dep, $u, $old_dep);
if ($q and $q->affectedRows) {
$success_mgs[] = sprintf($langUserMoved, $line);
$count++;
} else {
$error_mgs[] = sprintf($langUserMoveError, $line);
}
}
}
$line = strtok("\n");
}
}
if (isset($success_mgs)) Session::Messages($success_mgs, 'alert-success');
if (isset($error_mgs)) Session::Messages($error_mgs, 'alert-danger');
redirect_to_home_page('modules/admin/multiedituser.php');
} else {
$usernames = '';
if (isset($_POST['dellall_submit']) or isset($_POST['activate_submit']) or isset($_POST['move_submit'])) {
// get the incoming values
$search = isset($_POST['search']) ? $_POST['search'] : '';
$c = isset($_POST['c']) ? intval($_POST['c']) : '';
$lname = isset($_POST['lname']) ? $_POST['lname'] : '';
$fname = isset($_POST['fname']) ? $_POST['fname'] : '';
$uname = isset($_POST['uname']) ? canonicalize_whitespace($_POST['uname']) : '';
$am = isset($_POST['am']) ? $_POST['am'] : '';
$verified_mail = isset($_POST['verified_mail']) ? intval($_POST['verified_mail']) : 3;
$user_type = isset($_POST['user_type']) ? $_POST['user_type'] : '';
$extra_messages = "config/{$language_codes[$language]}.inc.php";
if (file_exists($extra_messages)) {
include $extra_messages;
} else {
$extra_messages = false;
}
require "{$webDir}/lang/{$language}/messages.inc.php";
if ($extra_messages) {
include $extra_messages;
}
if (!isset($_SESSION['csrf_token']) || empty($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = generate_csrf_token();
}
if ($upgrade_begin = get_config('upgrade_begin')) {
if (!defined('UPGRADE')) {
Session::Messages(sprintf($langUpgradeInProgress, format_time_duration(time() - $upgrade_begin)), 'alert-warning');
if (!isset($guest_allowed) or !$guest_allowed) {
redirect_to_home_page();
}
}
}
// check if we are admin or power user or manageuser_user
if (isset($_SESSION['is_admin']) and $_SESSION['is_admin']) {
$is_admin = true;
$is_power_user = true;
$is_usermanage_user = true;
$is_departmentmanage_user = true;
} elseif (isset($_SESSION['is_power_user']) and $_SESSION['is_power_user']) {
$is_power_user = true;
$is_usermanage_user = true;
$is_departmentmanage_user = true;
while ($line !== false) {
// strip comments
$line = preg_replace('/#.*/', '', trim($line));
if (!empty($line)) {
// fetch uid
$u = usernameToUid($line);
// for real uids not equal to admin
if ($u !== false && $u > 1) {
// full deletion
$success = deleteUser($u, true);
// progress report
if ($success === true) {
Session::Messages("{$langUserWithId} {$line} {$langWasDeleted}", 'alert-success');
redirect_to_home_page('modules/admin/multideluser.php');
} else {
Session::Messages("{$langErrorDelete}: {$line}", 'alert-danger');
redirect_to_home_page('modules/admin/multideluser.php');
}
}
}
}
redirect_to_home_page('modules/admin/multideluser.php');
} else {
$usernames = '';
if (isset($_POST['dellall_submit'])) {
// get the incoming values
$search = isset($_POST['search']) ? $_POST['search'] : '';
$c = isset($_POST['c']) ? intval($_POST['c']) : '';
$lname = isset($_POST['lname']) ? $_POST['lname'] : '';
$fname = isset($_POST['fname']) ? $_POST['fname'] : '';
$uname = isset($_POST['uname']) ? canonicalize_whitespace($_POST['uname']) : '';
// --------------------------------
// notify users
// --------------------------------
$subject_notify = "{$logo} - {$langNewForumNotify}";
$category_id = forum_category($forum_id);
$cat_name = category_name($category_id);
$c = course_code_to_title($course_code);
$name = uid_to_name($uid);
$title = course_id_to_title($course_id);
$forum_message = "-------- {$langBodyMessage} ({$langSender}: {$name})\n{$message}--------";
$plain_forum_message = q(html2text($forum_message));
$body_topic_notify = "{$langBodyForumNotify} {$langInForums} '" . q($forum_name) . "' \n {$langInCat} '" . q($cat_name) . "' {$langTo} {$langCourseS} '{$c}' <br /><br />" . q($forum_message) . "<br />\n <br />{$gunet}<br /><a href='{$urlServer}courses/{$course_code}'>{$urlServer}courses/{$course_code}</a>";
$plain_body_topic_notify = "{$langBodyForumNotify} {$langInForums} '" . q($forum_name) . "' {$langInCat} '" . q($cat_name) . "' {$langTo} {$langCourseS} '{$c}' \n\n{$plain_forum_message} \n\n{$gunet}\n<a href='{$urlServer}courses/{$course_code}'>{$urlServer}courses/{$course_code}</a>";
$linkhere = " <a href='{$urlServer}main/profile/emailunsubscribe.php?cid={$course_id}'>{$langHere}</a>.";
$unsubscribe = "<br /><br />{$langNote}: " . sprintf($langLinkUnsubscribe, $title);
$plain_body_topic_notify .= $unsubscribe . $linkhere;
$body_topic_notify .= $unsubscribe . $linkhere;
$sql = Database::get()->queryArray("SELECT DISTINCT user_id FROM forum_notify\n\t\t\tWHERE (forum_id = ?d OR cat_id = ?d)\n\t\t\tAND notify_sent = 1 AND course_id = ?d AND user_id != ?d", $forum_id, $category_id, $course_id, $uid);
foreach ($sql as $r) {
if (get_user_email_notification($r->user_id, $course_id)) {
$emailaddr = uid_to_email($r->user_id);
send_mail_multipart('', '', '', $emailaddr, $subject_notify, $plain_body_topic_notify, $body_topic_notify, $charset);
}
}
// end of notification
Session::Messages($langStored, 'alert-success');
redirect_to_home_page("modules/forum/viewforum.php?course={$course_code}&forum={$forum_id}");
} else {
$tool_content .= "\n <div class='form-wrapper'>\n <form class='form-horizontal' role='form' action='{$_SERVER['SCRIPT_NAME']}?course={$course_code}&topic={$topic}&forum={$forum_id}' method='post'>\n <fieldset>\n <div class='form-group'>\n <label for='subject' class='col-sm-2 control-label'>{$langSubject}:</label>\n <div class='col-sm-10'>\n <input type='text' name='subject' id='subject' class='form-control' maxlength='100'>\n </div>\n </div> \n <div class='form-group'>\n <label for='message' class='col-sm-2 control-label'>{$langBodyMessage}:</label>\n <div class='col-sm-10'>\n " . rich_text_editor('message', 14, 50, '') . "\n </div>\n </div>\n <div class='form-group'>\n <div class='col-sm-10 col-sm-offset-2'>\n <input class='btn btn-primary' type='submit' name='submit' value='{$langSubmit}'>\n <a class='btn btn-default' href='viewforum.php?course={$course_code}&forum={$forum_id}'>{$langCancel}</a>\n </div>\n </div> \n\t</fieldset>\n\t</form>\n </div>";
}
draw($tool_content, 2, null, $head_content);
//Session::set_flashdata($message, $class);
redirect_to_home_page("modules/exercise/question_pool.php?course={$course_code}" . (isset($fromExercise) ? "&fromExercise={$fromExercise}" : "") . "&exerciseId={$exerciseId}");
} elseif (isset($_GET['recup']) && isset($fromExercise)) {
$recup = intval($_GET['recup']);
// construction of the Question object
$objQuestionTmp = new Question();
// if the question exists
if ($objQuestionTmp->read($recup)) {
// adds the exercise ID into the list of exercises for the current question
$objQuestionTmp->addToList($fromExercise);
}
// destruction of the Question object
unset($objQuestionTmp);
// adds the question ID into the list of questions for the current exercise
$objExercise->addToList($recup);
Session::Messages($langQuestionReused, 'alert-success');
redirect_to_home_page("modules/exercise/question_pool.php?course={$course_code}" . (isset($fromExercise) ? "&fromExercise={$fromExercise}" : "") . "&exerciseId={$exerciseId}");
}
if (isset($fromExercise)) {
$action_bar_options[] = array('title' => $langGoBackToEx, 'url' => "admin.php?course={$course_code}&exerciseId={$fromExercise}", 'icon' => 'fa-reply', 'level' => 'primary-label');
} else {
$action_bar_options = array(array('title' => $langNewQu, 'url' => "admin.php?course={$course_code}&newQuestion=yes", 'icon' => 'fa-plus-circle', 'level' => 'primary-label', 'button-class' => 'btn-success'), array('title' => $langImportQTI, 'url' => "admin.php?course={$course_code}&importIMSQTI=yes", 'icon' => 'fa-download', 'level' => 'primary-label', 'button-class' => 'btn-success'), array('title' => $langExportQTI, 'url' => "question_pool.php?" . $_SERVER['QUERY_STRING'] . "&exportIMSQTI=yes", 'icon' => 'fa-upload', 'level' => 'primary-label', 'button-class' => 'btn-success'));
}
$tool_content .= action_bar($action_bar_options);
if (isset($fromExercise)) {
$result = Database::get()->queryArray("SELECT id, title FROM `exercise` WHERE course_id = ?d AND id <> ?d ORDER BY id", $course_id, $fromExercise);
} else {
$result = Database::get()->queryArray("SELECT id, title FROM `exercise` WHERE course_id = ?d ORDER BY id", $course_id);
}
$exercise_options = "<option value = '0'>-- {$langAllExercises} --</option>\n\n <option value = '-1' " . (isset($exerciseId) && $exerciseId == -1 ? "selected='selected'" : "") . ">-- {$langOrphanQuestions} --</option>\n";
foreach ($result as $row) {
view_type = ?s,
start_date = ?t,
finish_date = ?t,
keywords = '',
created = " . DBHelper::timeAfter() . ",
glossary_expand = 0,
glossary_index = 1,
description = ?s",
$code, $language, $title, $_POST['formvisible'],
intval($course_license), $prof_names, $code, $doc_quota * 1024 * 1024,
$video_quota * 1024 * 1024, $group_quota * 1024 * 1024,
$dropbox_quota * 1024 * 1024, $password, $view_type,
$_POST['start_date'], $_POST['finish_date'], $description);
$new_course_id = $result->lastInsertID;
if (!$new_course_id) {
Session::Messages($langGeneralError);
redirect_to_home_page('modules/create_course/create_course.php');
}
//===================course format and start and finish date===============
if ($view_type == "weekly") {
//get the last inserted id as the course id
$course_id = $new_course_id;
$begin = new DateTime($_POST['start_date']);
//check if there is no end date
if ($_POST['finish_date'] == "" || $_POST['finish_date'] == '0000-00-00') {
$end = new DateTime($begin->format("Y-m-d"));
$end->add(new DateInterval('P26W'));
title = ?s,
file_id = ?d"
, $sid, $qssid, $qtitle, $file_id);
}
}
}
if (isset($_POST['oldssid'])) {
$oldssids = array();
foreach ($_POST['oldssid'] as $key => $oldssid) {
$oldssids[] = intval($oldssid);
}
if (count($oldssids)) {
Database::get()->query('DELETE FROM ebook_subsection WHERE id IN (' . implode(', ', $oldssids) . ')');
}
}
Session::Messages($langEBookSectionsModified, 'alert-success');
redirect_to_home_page('modules/ebook/edit.php?course=' . $course_code . '&id=' . $ebook_id);
} else {
$info = Database::get()->querySingle("SELECT * FROM `ebook` WHERE course_id = ?d AND id = ?d", $course_id, $ebook_id);
if (!$info) {
$tool_content .= "<div class='alert alert-warning'>$langNoEBook</div>";
} else {
$pageName = $langEBookEdit;
$basedir = $webDir . '/courses/' . $course_code . '/ebook/' . $ebook_id;
$k = 0;
list($paths, $files, $file_ids, $id_map) = find_html_files();
$sections = Database::get()->queryArray("SELECT id, public_id, title FROM ebook_section
WHERE ebook_id = ?d
ORDER BY CONVERT(public_id, UNSIGNED), public_id", $info->id);
$action_message = "<div class='alert alert-danger'>{$langFileNotFound}</div>";
}
}
// Visibility commands
if (isset($_GET['mkVisibl']) || isset($_GET['mkInvisibl'])) {
if (isset($_GET['mkVisibl'])) {
$newVisibilityStatus = 1;
$visibilityPath = $_GET['mkVisibl'];
} else {
$newVisibilityStatus = 0;
$visibilityPath = $_GET['mkInvisibl'];
}
Database::get()->query("UPDATE document SET visible=?d\n WHERE {$group_sql} AND\n path = ?s", $newVisibilityStatus, $visibilityPath);
$r = Database::get()->querySingle("SELECT id FROM document WHERE {$group_sql} AND path = ?s", $visibilityPath);
Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_DOCUMENT, $r->id);
Session::Messages($langViMod, 'alert-success');
redirect_to_home_page("modules/document/index.php?course={$course_code}");
}
// Public accessibility commands
if (isset($_GET['public']) || isset($_GET['limited'])) {
$new_public_status = intval(isset($_GET['public']));
$path = isset($_GET['public']) ? $_GET['public'] : $_GET['limited'];
Database::get()->query("UPDATE document SET public = ?d\n WHERE {$group_sql} AND\n path = ?s", $new_public_status, $path);
$r = Database::get()->querySingle("SELECT id FROM document WHERE {$group_sql} AND path = ?s", $path);
Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_DOCUMENT, $r->id);
$action_message = "<div class='alert alert-success'>{$langViMod}</div>";
}
}
// teacher only
// Common for teachers and students
// define current directory
if (isset($_POST['submit'])) {
if (empty($_POST['password_form']) or empty($_POST['password_form1']) or empty($_POST['old_pass'])) {
Session::Messages($langFieldsMissing);
header($passLocation);
exit;
}
if (count($error_messages = acceptable_password($_POST['password_form'], $_POST['password_form1'])) > 0) {
Session::Messages($langPassTwo);
header($passLocation);
exit;
}
// all checks ok. Change password!
$myrow = Database::get()->querySingle("SELECT password FROM user WHERE id= ?d", $_SESSION['uid']);
$hasher = new PasswordHash(8, false);
$new_pass = $hasher->HashPassword($_REQUEST['password_form']);
if ($hasher->CheckPassword($_REQUEST['old_pass'], $myrow->password)) {
Database::get()->query("UPDATE user SET password = ?s\n WHERE id = ?d", $new_pass, $_SESSION['uid']);
Log::record(0, 0, LOG_PROFILE, array('uid' => $_SESSION['uid'], 'pass_change' => 1));
Session::Messages($langPassChanged, 'alert-success');
redirect_to_home_page('main/profile/display_profile.php');
exit;
} else {
Session::Messages($langPassOldWrong);
redirect_to_home_page('main/profile/profile.php');
}
}
$tool_content .= action_bar(array(array('title' => $langBack, 'url' => 'display_profile.php', 'icon' => 'fa-reply', 'level' => 'primary-label')));
if (!isset($_POST['changePass'])) {
$tool_content .= "<div class='form-wrapper'>\n <form class='form-horizontal' role='form' method='post' action='{$passUrl}'>\n <fieldset>\n <div class='form-group'>\n <label for='old_pass' class='col-sm-2 control-label'>{$langOldPass}: </label>\n <div class='col-sm-8'>\n\t <input type='password' class='form-control' id='old_pass' name='old_pass' value='' autocomplete='off'>\n </div>\n </div>\n <div class='form-group'>\n <label for='password_form' class='col-sm-2 control-label'>{$langNewPass1}: </label>\n <div class='col-sm-8'>\n\t <input type='password' class='form-control' id='password_form' name='password_form' value='' autocomplete='off'>\n </div>\n <div class='col-sm-2 text-center padding-thin'>\n <span id='result'></span>\n </div>\n </div>\n <div class='form-group'>\n <label for='password_form1' class='col-sm-2 control-label'>{$langNewPass2}: </label>\n <div class='col-sm-8'>\n <input type='password' class='form-control' id='password_form1' name='password_form1' value='' autocomplete='off'>\n </div>\n </div>\n <div class='form-group'>\n <div class='col-sm-offset-2 col-sm-8'>\n <input type='submit' class='btn btn-primary' name='submit' value='{$langModify}'>\n <a href='display_profile.php' class='btn btn-default'>{$langCancel}</a>\n </div>\n </div>\n </fieldset>\n</form></div>";
}
draw($tool_content, 1, null, $head_content);
* Contact address: GUnet Asynchronous eLearning Group,
* Network Operations Center, University of Athens,
* Panepistimiopolis Ilissia, 15784, Athens, Greece
* e-mail: info@openeclass.org
* ======================================================================== */
$require_current_course = true;
$require_editor = true;
require_once '../../include/baseTheme.php';
require_once 'modules/questionnaire/functions.php';
if (!isset($_GET['pid'])) {
redirect_to_home_page();
} else {
$pid = intval($_GET['pid']);
}
if (!$is_editor) {
Session::Messages($langPollResultsAccess);
redirect_to_home_page('modules/questionnaire/index.php?course=' . $course_code);
}
if (isset($_GET['enc']) and $_GET['enc'] == '1253') {
$charset = 'Windows-1253';
} else {
$charset = 'UTF-8';
}
$full = isset($_GET['full']) && $_GET['full'];
$crlf = "\r\n";
if (!isset($_GET['pid'])) {
redirect_to_home_page();
} else {
$pid = intval($_GET['pid']);
}
header("Content-Type: text/csv; charset={$charset}");
course_id = ?d,
`order` = ?d"
, $_POST['term'], $_POST['definition'], $url, purify($_POST['notes']), $category_id, $course_id, findorder($course_id));
$log_action = LOG_INSERT;
$success_message = $langGlossaryAdded;
}
$id = $q->lastInsertID;
Log::record($course_id, MODULE_ID_GLOSSARY, $log_action, array('id' => $id,
'term' => $_POST['term'],
'definition' => $_POST['definition'],
'url' => $url,
'notes' => purify($_POST['notes'])));
if ($q and $q->affectedRows) {
invalidate_glossary_cache();
Session::Messages($success_message, 'alert-success');
}
redirect_to_home_page("modules/glossary/index.php?course=$course_code");
} else {
$new_or_modify = isset($_POST['id']) ? "&edit=$_POST[id]" : "&add=1";
Session::flashPost()->Messages($langFormErrors)->Errors($v->errors());
redirect_to_home_page("modules/glossary/index.php?course=$course_code$new_or_modify");
}
}
if (isset($_GET['delete'])) {
$id = getDirectReference($_GET['delete']);
$term = Database::get()->querySingle("SELECT term FROM glossary WHERE ID = ?d", $id)->term;
$q = Database::get()->query("DELETE FROM glossary WHERE id = ?d AND course_id = ?d", $id, $course_id);
invalidate_glossary_cache();
Log::record($course_id, MODULE_ID_GLOSSARY, LOG_DELETE, array('id' => $id,
