$extraContentForm = new FormValidator('block_extra_data', 'post', '#', null, array('id' => 'block-extra-data', 'class' => ''), FormValidator::LAYOUT_BOX_NO_LABEL);
$extraContentFormRenderer = $extraContentForm->getDefaultRenderer();
if ($extraContentForm->validate()) {
$extraData = $extraContentForm->getSubmitValues();
$extraData = array_map(['Security', 'remove_XSS'], $extraData);
if (!empty($extraData['block'])) {
if (!is_dir($adminExtraContentDir)) {
mkdir($adminExtraContentDir, api_get_permissions_for_new_directories(), true);
}
if (!is_writable($adminExtraContentDir)) {
die;
}
$fullFilePath = $adminExtraContentDir . $extraData['block'];
$fullFilePath .= "_extra.html";
file_put_contents($fullFilePath, $extraData['extra_content']);
Header::location(api_get_self());
}
}
$extraContentForm->addTextarea('extra_content', null, ['id' => 'extra_content']);
$extraContentFormRenderer->setElementTemplate('<div class="form-group">{element}</div>', 'extra_content');
$extraContentForm->addElement('hidden', 'block', null, array('id' => 'extra-block'));
$extraContentForm->addButtonExport(get_lang('Save'), 'submit_extra_content');
$tpl->assign('extraDataForm', $extraContentForm->returnForm());
}
// The template contains the call to the AJAX version checker
$admin_template = $tpl->get_template('admin/settings_index.tpl');
$content = $tpl->fetch($admin_template);
$tpl->assign('content', $content);
$tpl->assign('message', $message);
$tpl->display_one_col_template();
// Note: version checking mechanism has now been moved to main/inc/ajax/admin.ajax.php
/* For license terms, see /license.txt */
/**
* List page for Paypal Payout for the Buy Courses plugin
* @package chamilo.plugin.buycourses
*/
/**
* Initialization
*/
$cidReset = true;
require_once '../../../main/inc/global.inc.php';
$htmlHeadXtra[] = '<link rel="stylesheet" href="../resources/css/style.css" type="text/css">';
api_protect_admin_script(true);
$plugin = BuyCoursesPlugin::create();
$paypalEnable = $plugin->get('paypal_enable');
$commissionsEnable = $plugin->get('commissions_enable');
if ($paypalEnable !== "true" && $commissionsEnable !== "true") {
api_not_allowed(true);
}
$payouts = $plugin->getPayouts();
$payoutList = [];
foreach ($payouts as $payout) {
$payoutList[] = ['id' => $payout['id'], 'reference' => $payout['sale_reference'], 'date' => api_format_date($payout['date'], DATE_TIME_FORMAT_LONG_24H), 'currency' => $payout['iso_code'], 'price' => $payout['item_price'], 'commission' => $payout['commission'], 'paypal_account' => $payout['paypal_account']];
}
$templateName = $plugin->get_lang('PaypalPayoutCommissions');
$template = new Template($templateName);
$template->assign('payout_list', $payoutList);
$content = $template->fetch('buycourses/view/paypal_payout.tpl');
$template->assign('header', $templateName);
$template->assign('content', $content);
$template->display_one_col_template();
/**
* Displays message "You are not allowed here..." and exits the entire script.
* @param bool $print_headers Whether or not to print headers (default = false -> does not print them)
* @param string $message
*/
function api_not_allowed($print_headers = false, $message = null)
{
$message = get_lang('NotAllowed');
throw new Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException($message);
if (api_get_setting('sso_authentication') === 'true') {
global $osso;
if ($osso) {
$osso->logout();
}
}
$home_url = api_get_path(WEB_PATH);
$user_id = api_get_user_id();
$course = api_get_course_id();
global $this_section;
if (CustomPages::enabled() && !isset($user_id)) {
if (empty($user_id)) {
// Why the CustomPages::enabled() need to be to set the request_uri
$_SESSION['request_uri'] = $_SERVER['REQUEST_URI'];
}
CustomPages::display(CustomPages::INDEX_UNLOGGED);
}
$origin = isset($_GET['origin']) ? $_GET['origin'] : '';
$msg = null;
if (isset($message)) {
$msg = $message;
} else {
$msg = Display::return_message(get_lang('NotAllowedClickBack') . '<br/><br/><a href="' . $home_url . '">' . get_lang('ReturnToCourseHomepage') . '</a>', 'error', false);
}
$msg = Display::div($msg, array('align' => 'center'));
$show_headers = 0;
if ($print_headers && $origin != 'learnpath') {
$show_headers = 1;
}
$tpl = new Template(null, $show_headers, $show_headers);
$tpl->assign('hide_login_link', 1);
$tpl->assign('content', $msg);
if ($user_id != 0 && !api_is_anonymous() && (!isset($course) || $course == -1) && empty($_GET['cidReq'])) {
// if the access is not authorized and there is some login information
// but the cidReq is not found, assume we are missing course data and send the user
// to the user_portal
$tpl->display_one_col_template();
exit;
}
if (!empty($_SERVER['REQUEST_URI']) && (!empty($_GET['cidReq']) || $this_section == SECTION_MYPROFILE || $this_section == SECTION_PLATFORM_ADMIN)) {
$courseCode = api_get_course_id();
// Only display form and return to the previous URL if there was a course ID included
if ($user_id != 0 && !api_is_anonymous()) {
//if there is a user ID, then the user is not allowed but the session is still there. Say so and exit
$tpl->assign('content', $msg);
$tpl->display_one_col_template();
exit;
}
if (!is_null($courseCode)) {
api_set_firstpage_parameter($courseCode);
}
// If the user has no user ID, then his session has expired
$action = api_get_self() . '?' . Security::remove_XSS($_SERVER['QUERY_STRING']);
$action = str_replace('&', '&', $action);
$form = new FormValidator('formLogin', 'post', $action, null, array(), FormValidator::LAYOUT_BOX_NO_LABEL);
$form->addElement('text', 'login', null, array('placeholder' => get_lang('UserName'), 'class' => 'autocapitalize_off'));
$form->addElement('password', 'password', null, array('placeholder' => get_lang('Password')));
$form->addButton('submitAuth', get_lang('LoginEnter'), '', 'primary');
// see same text in auth/gotocourse.php and main_api.lib.php function api_not_allowed (above)
$content = Display::return_message(get_lang('NotAllowed'), 'error', false);
if (!empty($courseCode)) {
$content .= '<h4>' . get_lang('LoginToGoToThisCourse') . '</h4>';
}
if (api_is_cas_activated()) {
$content .= Display::return_message(sprintf(get_lang('YouHaveAnInstitutionalAccount'), api_get_setting("Institution")), '', false);
$content .= Display::div("<br/><a href='" . get_cas_direct_URL(api_get_course_id()) . "'>" . sprintf(get_lang('LoginWithYourAccount'), api_get_setting("Institution")) . "</a><br/><br/>", array('align' => 'center'));
$content .= Display::return_message(get_lang('YouDontHaveAnInstitutionAccount'));
$content .= "<p style='text-align:center'><a href='#' onclick='\$(this).parent().next().toggle()'>" . get_lang('LoginWithExternalAccount') . "</a></p>";
$content .= "<div style='display:none;'>";
}
$content .= '<div class="well_login">';
$content .= $form->return_form();
$content .= '</div>';
if (api_is_cas_activated()) {
$content .= "</div>";
}
if (!empty($courseCode)) {
$content .= '<hr/><p style="text-align:center"><a href="' . $home_url . '">' . get_lang('ReturnToCourseHomepage') . '</a></p>';
} else {
$content .= '<hr/><p style="text-align:center"><a href="' . $home_url . '">' . get_lang('CampusHomepage') . '</a></p>';
}
$tpl->setLoginBodyClass();
$tpl->assign('content', $content);
$tpl->display_one_col_template();
exit;
}
if ($user_id != 0 && !api_is_anonymous()) {
$tpl->display_one_col_template();
exit;
}
$msg = null;
// The session is over and we were not in a course,
// or we try to get directly to a private course without being logged
if (!is_null(api_get_course_int_id())) {
api_set_firstpage_parameter(api_get_course_id());
$tpl->setLoginBodyClass();
$action = api_get_self() . '?' . Security::remove_XSS($_SERVER['QUERY_STRING']);
$action = str_replace('&', '&', $action);
$form = new FormValidator('formLogin', 'post', $action, null, array('class' => 'form-stacked'));
$form->addElement('text', 'login', null, array('placeholder' => get_lang('UserName'), 'class' => 'col-md-3 autocapitalize_off'));
//new
$form->addElement('password', 'password', null, array('placeholder' => get_lang('Password'), 'class' => 'col-md-3'));
//new
$form->addButtonNext(get_lang('LoginEnter'), 'submitAuth');
// see same text in auth/gotocourse.php and main_api.lib.php function api_not_allowed (bellow)
$msg = Display::return_message(get_lang('NotAllowed'), 'error', false);
$msg .= '<h4>' . get_lang('LoginToGoToThisCourse') . '</h4>';
if (api_is_cas_activated()) {
$msg .= Display::return_message(sprintf(get_lang('YouHaveAnInstitutionalAccount'), api_get_setting("Institution")), '', false);
$msg .= Display::div("<br/><a href='" . get_cas_direct_URL(api_get_course_int_id()) . "'>" . getCASLogoHTML() . " " . sprintf(get_lang('LoginWithYourAccount'), api_get_setting("Institution")) . "</a><br/><br/>", array('align' => 'center'));
$msg .= Display::return_message(get_lang('YouDontHaveAnInstitutionAccount'));
$msg .= "<p style='text-align:center'><a href='#' onclick='\$(this).parent().next().toggle()'>" . get_lang('LoginWithExternalAccount') . "</a></p>";
$msg .= "<div style='display:none;'>";
}
$msg .= '<div class="well">';
$msg .= $form->return_form();
$msg .= '</div>';
if (api_is_cas_activated()) {
$msg .= "</div>";
}
$msg .= '<hr/><p style="text-align:center"><a href="' . $home_url . '">' . get_lang('ReturnToCourseHomepage') . '</a></p>';
} else {
// we were not in a course, return to home page
$msg = Display::return_message(get_lang('NotAllowed') . '<br/><br/><a href="' . $home_url . '">' . get_lang('ReturnToCourseHomepage') . '</a><br />', 'error', false);
}
$tpl->assign('content', $msg);
$tpl->display_one_col_template();
exit;
}
<?php
/* For license terms, see /license.txt */
/**
* Index of the Buy Courses plugin courses list
* @package chamilo.plugin.buycourses
*/
/**
*
*/
$plugin = BuyCoursesPlugin::create();
$guess_enable = $plugin->get('unregistered_users_enable');
if ($guess_enable == "true" || isset($_SESSION['_user'])) {
$isAdmin = api_is_platform_admin();
$title = $plugin->get_lang('CourseListOnSale');
$templateName = $plugin->get_lang('BuyCourses');
$tpl = new Template($templateName);
$tpl->assign('isAdmin', $isAdmin);
$tpl->assign('title', $title);
$tpl->assign('BuySessions', $plugin->get_lang('BuySessions'));
$tpl->assign('BuyCourses', $templateName);
$tpl->assign('ConfigurationOfSessionsAndPrices', $plugin->get_lang('ConfigurationOfSessionsAndPrices'));
$tpl->assign('ConfigurationOfCoursesAndPrices', $plugin->get_lang('ConfigurationOfCoursesAndPrices'));
$tpl->assign('ConfigurationOfPayments', $plugin->get_lang('ConfigurationOfPayments'));
$tpl->assign('OrdersPendingOfPayment', $plugin->get_lang('OrdersPendingOfPayment'));
$listing_tpl = 'buycourses/view/index.tpl';
$content = $tpl->fetch($listing_tpl);
$tpl->assign('content', $content);
// If the user is NOT an administrator, redirect it to course/session buy list
$isAdmin ? $tpl->display_one_col_template() : header('Location: src/list.php');
}
/**
* Render a template using data. Adds a few common parameters to data.
*
* @see /main/template/default/course_description/
* @param string $template
* @param array $data
*/
protected function render($template_name, $data)
{
$data = (object) $data;
$data->www = \Chamilo::url();
$data->messages = isset($data->messages) ? $data->messages : array();
$javascript = $this->javascript();
if ($javascript) {
$data->javascript = $javascript;
}
$tpl = new Template();
foreach ($data as $key => $value) {
$tpl->assign($key, $value);
}
$template = $tpl->get_template($template_name);
$content = $tpl->fetch($template);
$tpl->assign('content', $content);
$tpl->display_one_col_template();
}
default:
break;
}
}
$meetings = $bbb->getCourseMeetings();
if (!empty($meetings)) {
$meetings = array_reverse($meetings);
}
$users_online = $bbb->getUsersOnlineInCurrentRoom();
$status = $bbb->isServerRunning();
$meeting_exists = $bbb->meetingExists(api_get_course_id().'-'.api_get_session_id());
$show_join_button = false;
if ($meeting_exists || $teacher) {
$show_join_button = true;
}
$tpl->assign('allow_to_edit', $teacher);
$tpl->assign('meetings', $meetings);
$conferenceUrl = api_get_path(WEB_PLUGIN_PATH).'bbb/start.php?launch=1&'.api_get_cidreq();
$tpl->assign('conference_url', $conferenceUrl);
$tpl->assign('users_online', $users_online);
$tpl->assign('bbb_status', $status);
$tpl->assign('show_join_button', $show_join_button);
//$tpl->assign('actions', $actions);
$tpl->assign('message', $message);
$listing_tpl = 'bbb/listing.tpl';
$content = $tpl->fetch($listing_tpl);
$tpl->assign('content', $content);$tpl->display_one_col_template();
