$cwdir = getcwd();
if (isset($_FILES['user_file'])) {
$allowed_extensions = array('odp', 'sxi', 'ppt', 'pps', 'sxd', 'pptx');
if (in_array(strtolower(pathinfo($_FILES['user_file']['name'], PATHINFO_EXTENSION)), $allowed_extensions)) {
require_once api_get_path(SYS_CODE_PATH) . 'newscorm/lp_upload.php';
if (isset($o_ppt) && $first_item_id != 0) {
if (api_get_setting('search.search_enabled') == 'true') {
require_once api_get_path(LIBRARY_PATH) . 'specific_fields_manager.lib.php';
$specific_fields = get_specific_field_list();
foreach ($specific_fields as $specific_field) {
$values = explode(',', trim($_POST[$specific_field['code']]));
if (!empty($values)) {
foreach ($values as $value) {
$value = trim($value);
if (!empty($value)) {
add_specific_field_value($specific_field['id'], api_get_course_id(), TOOL_LEARNPATH, $o_ppt->lp_id, $value);
}
}
}
}
}
header('Location: ../newscorm/lp_controller.php?' . api_get_cidreq() . '&lp_id=' . $o_ppt->lp_id . '&action=view_item&id=' . $first_item_id);
exit;
} else {
if (!empty($o_ppt->error)) {
$errorMessage = $o_ppt->error;
} else {
$errorMessage = get_lang('OogieUnknownError');
}
}
} else {
}
if ($_FILES['lp_preview_image']['size'] > 0) {
$_SESSION['oLP']->upload_image($_FILES['lp_preview_image']);
}
if (api_get_setting('search_enabled') === 'true') {
require_once api_get_path(LIBRARY_PATH) . 'specific_fields_manager.lib.php';
$specific_fields = get_specific_field_list();
foreach ($specific_fields as $specific_field) {
$_SESSION['oLP']->set_terms_by_prefix($_REQUEST[$specific_field['code']], $specific_field['code']);
$new_values = explode(',', trim($_REQUEST[$specific_field['code']]));
if (!empty($new_values)) {
array_walk($new_values, 'trim');
delete_all_specific_field_value(api_get_course_id(), $specific_field['id'], TOOL_LEARNPATH, $_SESSION['oLP']->lp_id);
foreach ($new_values as $value) {
if (!empty($value)) {
add_specific_field_value($specific_field['id'], api_get_course_id(), TOOL_LEARNPATH, $_SESSION['oLP']->lp_id, $value);
}
}
}
}
}
require 'lp_list.php';
}
break;
case 'add_sub_item':
//add an item inside a chapter
if (!api_is_allowed_to_edit()) {
api_not_allowed(true);
}
if ($debug > 0) {
error_log('New LP - add sub item action triggered', 0);
/**
* @param int $id
* @param array $values
*/
public static function editLink($id, $values = array())
{
$tbl_link = Database::get_course_table(TABLE_LINK);
$_course = api_get_course_info();
$course_id = $_course['real_id'];
$values['url'] = trim($values['url']);
$values['title'] = trim($values['title']);
$values['description'] = trim($values['description']);
$values['target'] = empty($values['target']) ? '_self' : $values['target'];
$values['on_homepage'] = isset($values['on_homepage']) ? $values['on_homepage'] : '';
$categoryId = intval($values['category_id']);
// We ensure URL to be absolute.
if (strpos($values['url'], '://') === false) {
$values['url'] = 'http://' . $_POST['url'];
}
// If the title is empty, we use the URL as title.
if ($values['title'] == '') {
$values['title'] = $values['url'];
}
// If the URL is invalid, an error occurs.
if (!api_valid_url($values['url'], true)) {
Display::addFlash(Display::return_message(get_lang('GiveURL'), 'error'));
return false;
}
// Finding the old category_id.
$sql = "SELECT * FROM " . $tbl_link . "\n WHERE c_id = {$course_id} AND id='" . $id . "'";
$result = Database::query($sql);
$row = Database::fetch_array($result);
$category_id = $row['category_id'];
if ($category_id != $values['category_id']) {
$sql = "SELECT MAX(display_order)\n FROM " . $tbl_link . "\n WHERE\n c_id = {$course_id} AND\n category_id='" . intval($values['category_id']) . "'";
$result = Database::query($sql);
list($max_display_order) = Database::fetch_row($result);
$max_display_order++;
} else {
$max_display_order = $row['display_order'];
}
$params = ['url' => $values['url'], 'title' => $values['title'], 'description' => $values['description'], 'category_id' => $values['category_id'], 'display_order' => $max_display_order, 'on_homepage' => $values['on_homepage'], 'target' => $values['target'], 'category_id' => $values['category_id']];
Database::update($tbl_link, $params, ['c_id = ? AND id = ?' => [$course_id, $id]]);
// Update search enchine and its values table if enabled.
if (api_get_setting('search_enabled') == 'true') {
$course_int_id = api_get_course_int_id();
$course_id = api_get_course_id();
$link_title = Database::escape_string($values['title']);
$link_description = Database::escape_string($values['description']);
// Actually, it consists on delete terms from db, insert new ones, create a new search engine document, and remove the old one.
// Get search_did.
$tbl_se_ref = Database::get_main_table(TABLE_MAIN_SEARCH_ENGINE_REF);
$sql = 'SELECT * FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=%s LIMIT 1';
$sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_LINK, $id);
$res = Database::query($sql);
if (Database::num_rows($res) > 0) {
require_once api_get_path(LIBRARY_PATH) . 'search/ChamiloIndexer.class.php';
require_once api_get_path(LIBRARY_PATH) . 'search/IndexableChunk.class.php';
require_once api_get_path(LIBRARY_PATH) . 'specific_fields_manager.lib.php';
$se_ref = Database::fetch_array($res);
$specific_fields = get_specific_field_list();
$ic_slide = new IndexableChunk();
$all_specific_terms = '';
foreach ($specific_fields as $specific_field) {
delete_all_specific_field_value($course_id, $specific_field['id'], TOOL_LINK, $id);
if (isset($_REQUEST[$specific_field['code']])) {
$sterms = trim($_REQUEST[$specific_field['code']]);
if (!empty($sterms)) {
$all_specific_terms .= ' ' . $sterms;
$sterms = explode(',', $sterms);
foreach ($sterms as $sterm) {
$ic_slide->addTerm(trim($sterm), $specific_field['code']);
add_specific_field_value($specific_field['id'], $course_id, TOOL_LINK, $id, $sterm);
}
}
}
}
// Build the chunk to index.
$ic_slide->addValue("title", $link_title);
$ic_slide->addCourseId($course_id);
$ic_slide->addToolId(TOOL_LINK);
$xapian_data = array(SE_COURSE_ID => $course_id, SE_TOOL_ID => TOOL_LINK, SE_DATA => array('link_id' => (int) $id), SE_USER => (int) api_get_user_id());
$ic_slide->xapian_data = serialize($xapian_data);
$link_description = $all_specific_terms . ' ' . $link_description;
$ic_slide->addValue('content', $link_description);
// Add category name if set.
if (isset($categoryId) && $categoryId > 0) {
$table_link_category = Database::get_course_table(TABLE_LINK_CATEGORY);
$sql_cat = 'SELECT * FROM %s WHERE id=%d and c_id = %d LIMIT 1';
$sql_cat = sprintf($sql_cat, $table_link_category, $categoryId, $course_int_id);
$result = Database::query($sql_cat);
if (Database::num_rows($result) == 1) {
$row = Database::fetch_array($result);
$ic_slide->addValue('category', $row['category_title']);
}
}
$di = new ChamiloIndexer();
isset($_POST['language']) ? $lang = Database::escape_string($_POST['language']) : ($lang = 'english');
$di->connectDb(null, null, $lang);
$di->remove_document((int) $se_ref['search_did']);
$di->addChunk($ic_slide);
// Index and return search engine document id.
$did = $di->index();
if ($did) {
// Save it to db.
$sql = 'DELETE FROM %s
WHERE course_code=\'%s\'
AND tool_id=\'%s\'
AND ref_id_high_level=\'%s\'';
$sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_LINK, $id);
Database::query($sql);
$sql = 'INSERT INTO %s (c_id, id, course_code, tool_id, ref_id_high_level, search_did)
VALUES (NULL , \'%s\', \'%s\', %s, %s)';
$sql = sprintf($sql, $tbl_se_ref, $course_int_id, $course_id, TOOL_LINK, $id, $did);
Database::query($sql);
}
}
}
// "WHAT'S NEW" notification: update table last_toolEdit.
api_item_property_update($_course, TOOL_LINK, $id, 'LinkUpdated', api_get_user_id());
Display::addFlash(Display::return_message(get_lang('LinkModded')));
}
/**
* Index a given document.
* @param int Document ID inside its corresponding course
* @param string Course code
* @param int Session ID (not used yet)
* @param string Language of document's content (defaults to course language)
* @param array Array of specific fields (['code'=>'value',...])
* @param string What to do if the file already exists (default or overwrite)
* @param bool When set to true, this runs the indexer without actually saving anything to any database
* @return bool Returns true on presumed success, false on failure
*/
public static function index_document($docid, $course_code, $session_id = 0, $lang = 'english', $specific_fields_values = array(), $if_exists = '', $simulation = false)
{
if (api_get_setting('search.search_enabled') !== 'true') {
return false;
}
if (empty($docid) or $docid != intval($docid)) {
return false;
}
if (empty($session_id)) {
$session_id = api_get_session_id();
}
$course_info = api_get_course_info($course_code);
$course_dir = $course_info['path'] . '/document';
$sys_course_path = api_get_path(SYS_COURSE_PATH);
$base_work_dir = $sys_course_path . $course_dir;
$course_id = $course_info['real_id'];
$table_document = Database::get_course_table(TABLE_DOCUMENT);
$qry = "SELECT path, title FROM {$table_document} WHERE c_id = {$course_id} AND id = '{$docid}' LIMIT 1";
$result = Database::query($qry);
if (Database::num_rows($result) == 1) {
$row = Database::fetch_array($result);
$doc_path = api_get_path(SYS_COURSE_PATH) . $course_dir . $row['path'];
//TODO: mime_content_type is deprecated, fileinfo php extension is enabled by default as of PHP 5.3.0
// now versions of PHP on Debian testing(5.2.6-5) and Ubuntu(5.2.6-2ubuntu) are lower, so wait for a while
$doc_mime = mime_content_type($doc_path);
$allowed_mime_types = self::file_get_mime_type(true);
// mime_content_type does not detect correctly some formats that are going to be supported for index, so an extensions array is used for the moment
if (empty($doc_mime)) {
$allowed_extensions = array('doc', 'docx', 'ppt', 'pptx', 'pps', 'ppsx', 'xls', 'xlsx', 'odt', 'odp', 'ods', 'pdf', 'txt', 'rtf', 'msg', 'csv', 'html', 'htm');
$extensions = preg_split("/[\\/\\.]/", $doc_path);
$doc_ext = strtolower($extensions[count($extensions) - 1]);
if (in_array($doc_ext, $allowed_extensions)) {
switch ($doc_ext) {
case 'ppt':
case 'pps':
$doc_mime = 'application/vnd.ms-powerpoint';
break;
case 'xls':
$doc_mime = 'application/vnd.ms-excel';
break;
}
}
}
//@todo move this nightmare in a search controller or something like that!!! J.M
if (in_array($doc_mime, $allowed_mime_types)) {
$file_title = $row['title'];
$file_content = self::get_text_content($doc_path, $doc_mime);
$course_code = Database::escape_string($course_code);
require_once api_get_path(LIBRARY_PATH) . 'search/ChamiloIndexer.class.php';
require_once api_get_path(LIBRARY_PATH) . 'search/IndexableChunk.class.php';
$ic_slide = new IndexableChunk();
$ic_slide->addValue('title', $file_title);
$ic_slide->addCourseId($course_code);
$ic_slide->addToolId(TOOL_DOCUMENT);
$xapian_data = array(SE_COURSE_ID => $course_code, SE_TOOL_ID => TOOL_DOCUMENT, SE_DATA => array('doc_id' => $docid), SE_USER => api_get_user_id());
$ic_slide->xapian_data = serialize($xapian_data);
$di = new ChamiloIndexer();
$return = $di->connectDb(null, null, $lang);
require_once api_get_path(LIBRARY_PATH) . 'specific_fields_manager.lib.php';
$specific_fields = get_specific_field_list();
// process different depending on what to do if file exists
/**
* @TODO Find a way to really verify if the file had been
* overwriten. Now all work is done at
* handle_uploaded_document() and it's difficult to verify it
*/
if (!empty($if_exists) && $if_exists == 'overwrite') {
// Overwrite the file on search engine
// Actually, it consists on a delete of terms from db,
// insert new ones, create a new search engine document,
// and remove the old one
// Get search_did
$tbl_se_ref = Database::get_main_table(TABLE_MAIN_SEARCH_ENGINE_REF);
$sql = 'SELECT * FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=%s LIMIT 1';
$sql = sprintf($sql, $tbl_se_ref, $course_code, TOOL_DOCUMENT, $docid);
$res = Database::query($sql);
if (Database::num_rows($res) > 0) {
$se_ref = Database::fetch_array($res);
if (!$simulation) {
$di->remove_document($se_ref['search_did']);
}
$all_specific_terms = '';
foreach ($specific_fields as $specific_field) {
if (!$simulation) {
delete_all_specific_field_value($course_code, $specific_field['id'], TOOL_DOCUMENT, $docid);
}
// Update search engine
if (isset($specific_fields_values[$specific_field['code']])) {
$sterms = trim($specific_fields_values[$specific_field['code']]);
} else {
//if the specific field is not defined, force an empty one
$sterms = '';
}
$all_specific_terms .= ' ' . $sterms;
$sterms = explode(',', $sterms);
foreach ($sterms as $sterm) {
$sterm = trim($sterm);
if (!empty($sterm)) {
$ic_slide->addTerm($sterm, $specific_field['code']);
// updated the last param here from $value to $sterm without being sure - see commit15464
if (!$simulation) {
add_specific_field_value($specific_field['id'], $course_code, TOOL_DOCUMENT, $docid, $sterm);
}
}
}
}
// Add terms also to content to make terms findable by probabilistic search
$file_content = $all_specific_terms . ' ' . $file_content;
if (!$simulation) {
$ic_slide->addValue('content', $file_content);
$di->addChunk($ic_slide);
// Index and return a new search engine document id
$did = $di->index();
if ($did) {
// update the search_did on db
$tbl_se_ref = Database::get_main_table(TABLE_MAIN_SEARCH_ENGINE_REF);
$sql = 'UPDATE %s SET search_did=%d WHERE id=%d LIMIT 1';
$sql = sprintf($sql, $tbl_se_ref, (int) $did, (int) $se_ref['id']);
Database::query($sql);
}
}
}
} else {
// Add all terms
$all_specific_terms = '';
foreach ($specific_fields as $specific_field) {
if (isset($specific_fields_values[$specific_field['code']])) {
$sterms = trim($specific_fields_values[$specific_field['code']]);
} else {
//if the specific field is not defined, force an empty one
$sterms = '';
}
$all_specific_terms .= ' ' . $sterms;
if (!empty($sterms)) {
$sterms = explode(',', $sterms);
foreach ($sterms as $sterm) {
if (!$simulation) {
$ic_slide->addTerm(trim($sterm), $specific_field['code']);
add_specific_field_value($specific_field['id'], $course_code, TOOL_DOCUMENT, $docid, $sterm);
}
}
}
}
// Add terms also to content to make terms findable by probabilistic search
$file_content = $all_specific_terms . ' ' . $file_content;
if (!$simulation) {
$ic_slide->addValue('content', $file_content);
$di->addChunk($ic_slide);
// Index and return search engine document id
$did = $di->index();
if ($did) {
// Save it to db
$tbl_se_ref = Database::get_main_table(TABLE_MAIN_SEARCH_ENGINE_REF);
$sql = 'INSERT INTO %s (id, course_code, tool_id, ref_id_high_level, search_did)
VALUES (NULL , \'%s\', \'%s\', %s, %s)';
$sql = sprintf($sql, $tbl_se_ref, $course_code, TOOL_DOCUMENT, $docid, $did);
Database::query($sql);
} else {
return false;
}
}
}
} else {
return false;
}
}
return true;
}
function search_engine_edit()
{
// update search enchine and its values table if enabled
if (api_get_setting('search.search_enabled') == 'true' && extension_loaded('xapian')) {
$course_id = api_get_course_id();
// actually, it consists on delete terms from db,
// insert new ones, create a new search engine document, and remove the old one
// get search_did
$tbl_se_ref = Database::get_main_table(TABLE_MAIN_SEARCH_ENGINE_REF);
$sql = 'SELECT * FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=%s LIMIT 1';
$sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_QUIZ, $this->id);
$res = Database::query($sql);
if (Database::num_rows($res) > 0) {
require_once api_get_path(LIBRARY_PATH) . 'search/ChamiloIndexer.class.php';
require_once api_get_path(LIBRARY_PATH) . 'search/IndexableChunk.class.php';
require_once api_get_path(LIBRARY_PATH) . 'specific_fields_manager.lib.php';
$se_ref = Database::fetch_array($res);
$specific_fields = get_specific_field_list();
$ic_slide = new IndexableChunk();
$all_specific_terms = '';
foreach ($specific_fields as $specific_field) {
delete_all_specific_field_value($course_id, $specific_field['id'], TOOL_QUIZ, $this->id);
if (isset($_REQUEST[$specific_field['code']])) {
$sterms = trim($_REQUEST[$specific_field['code']]);
$all_specific_terms .= ' ' . $sterms;
$sterms = explode(',', $sterms);
foreach ($sterms as $sterm) {
$ic_slide->addTerm(trim($sterm), $specific_field['code']);
add_specific_field_value($specific_field['id'], $course_id, TOOL_QUIZ, $this->id, $sterm);
}
}
}
// build the chunk to index
$ic_slide->addValue("title", $this->exercise);
$ic_slide->addCourseId($course_id);
$ic_slide->addToolId(TOOL_QUIZ);
$xapian_data = array(SE_COURSE_ID => $course_id, SE_TOOL_ID => TOOL_QUIZ, SE_DATA => array('type' => SE_DOCTYPE_EXERCISE_EXERCISE, 'exercise_id' => (int) $this->id), SE_USER => (int) api_get_user_id());
$ic_slide->xapian_data = serialize($xapian_data);
$exercise_description = $all_specific_terms . ' ' . $this->description;
$ic_slide->addValue("content", $exercise_description);
$di = new ChamiloIndexer();
isset($_POST['language']) ? $lang = Database::escape_string($_POST['language']) : ($lang = 'english');
$di->connectDb(NULL, NULL, $lang);
$di->remove_document((int) $se_ref['search_did']);
$di->addChunk($ic_slide);
//index and return search engine document id
$did = $di->index();
if ($did) {
// save it to db
$sql = 'DELETE FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=\'%s\'';
$sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_QUIZ, $this->id);
Database::query($sql);
$sql = 'INSERT INTO %s (id, course_code, tool_id, ref_id_high_level, search_did)
VALUES (NULL , \'%s\', \'%s\', %s, %s)';
$sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_QUIZ, $this->id, $did);
Database::query($sql);
}
} else {
$this->search_engine_save();
}
}
}
function search_engine_edit()
{
// update search enchine and its values table if enabled
if (api_get_setting('search.search_enabled') == 'true' && extension_loaded('xapian')) {
$em = Database::getManager();
$course = $em->find('ChamiloCoreBundle:Course', api_get_course_int_id());
// actually, it consists on delete terms from db,
// insert new ones, create a new search engine document, and remove the old one
// get search_did
$se_ref = $em->getRepository('ChamiloCoreBundle:SearchEngineRef')->findOneBy(['course' => $course, 'toolId' => TOOL_QUIZ, 'refIdHighLevel' => $this->id]);
if ($se_ref) {
require_once api_get_path(LIBRARY_PATH) . 'search/ChamiloIndexer.class.php';
require_once api_get_path(LIBRARY_PATH) . 'search/IndexableChunk.class.php';
require_once api_get_path(LIBRARY_PATH) . 'specific_fields_manager.lib.php';
$specific_fields = get_specific_field_list();
$ic_slide = new IndexableChunk();
$all_specific_terms = '';
foreach ($specific_fields as $specific_field) {
delete_all_specific_field_value($course->getCode(), $specific_field['id'], TOOL_QUIZ, $this->id);
if (isset($_REQUEST[$specific_field['code']])) {
$sterms = trim($_REQUEST[$specific_field['code']]);
$all_specific_terms .= ' ' . $sterms;
$sterms = explode(',', $sterms);
foreach ($sterms as $sterm) {
$ic_slide->addTerm(trim($sterm), $specific_field['code']);
add_specific_field_value($specific_field['id'], $course->getCode(), TOOL_QUIZ, $this->id, $sterm);
}
}
}
// build the chunk to index
$ic_slide->addValue("title", $this->exercise);
$ic_slide->addCourseId($course->getCode());
$ic_slide->addToolId(TOOL_QUIZ);
$xapian_data = array(SE_COURSE_ID => $course->getCode(), SE_TOOL_ID => TOOL_QUIZ, SE_DATA => array('type' => SE_DOCTYPE_EXERCISE_EXERCISE, 'exercise_id' => (int) $this->id), SE_USER => (int) api_get_user_id());
$ic_slide->xapian_data = serialize($xapian_data);
$exercise_description = $all_specific_terms . ' ' . $this->description;
$ic_slide->addValue("content", $exercise_description);
$di = new ChamiloIndexer();
isset($_POST['language']) ? $lang = Database::escape_string($_POST['language']) : ($lang = 'english');
$di->connectDb(NULL, NULL, $lang);
$di->remove_document($se_ref->getSearchDid());
$di->addChunk($ic_slide);
//index and return search engine document id
$did = $di->index();
if ($did) {
// save it to db
$em->createQuery('
delete from ChamiloCoreBundle:SearchEngineRef ser
where ser.course = ?1 and ser.toolId = ?2 and ser.refIdHighLevel = ?3
')->execute([1 => $course, 2 => TOOL_QUIZ, 3 => $this->id]);
$searchEngineRef = new \Chamilo\CoreBundle\Entity\SearchEngineRef();
$searchEngineRef->setCourse($course)->setToolId(TOOL_QUIZ)->setRefIdHighLevel($this->id)->setSearchDid($did);
$em->persist($searchEngineRef);
$em->flush();
}
} else {
$this->search_engine_save();
}
}
}
/**
* Used to edit a link or a category
* @todo Rewrite the whole links tool because it is becoming completely cluttered,
* code does not follow the coding conventions, does not use html_quickform, ...
* Some features were patched in.
* @author Patrick Cool <*****@*****.**>, Ghent University
* @todo replace the globals with the appropriate $_POST or $_GET values
*/
function editlinkcategory($type)
{
global $catlinkstatus;
global $id;
global $submit_link;
global $submit_category;
global $_user;
global $_course;
global $nameTools;
global $urllink;
global $title;
global $description;
global $category;
global $selectcategory;
global $description;
global $category_title;
global $onhomepage;
global $target_link;
$tbl_link = Database::get_course_table(TABLE_LINK);
$tbl_categories = Database::get_course_table(TABLE_LINK_CATEGORY);
$course_id = api_get_course_int_id();
if ($type == 'link') {
// This is used to populate the link-form with the info found in the database.
if (!empty($_GET['id'])) {
$sql = "SELECT * FROM " . $tbl_link . "\n WHERE c_id = {$course_id} AND id='" . intval($_GET['id']) . "'";
$result = Database::query($sql);
if ($myrow = Database::fetch_array($result)) {
$urllink = $myrow['url'];
$title = $myrow['title'];
$description = $myrow['description'];
$category = $myrow['category_id'];
if ($myrow['on_homepage'] != 0) {
$onhomepage = 'checked';
}
$target_link = $myrow['target'];
}
}
// This is used to put the modified info of the link-form into the database.
if ($_POST['submitLink']) {
// Ivan, 13-OCT-2010: It is a litle bit messy code below, just in case I added some extra-security checks here.
$_POST['urllink'] = trim($_POST['urllink']);
$_POST['title'] = trim(Security::remove_XSS($_POST['title']));
$_POST['description'] = trim(Security::remove_XSS($_POST['description']));
$_POST['selectcategory'] = intval($_POST['selectcategory']);
$_POST['id'] = intval($_POST['id']);
// We ensure URL to be absolute.
if (strpos($_POST['urllink'], '://') === false) {
$_POST['urllink'] = 'http://' . $_POST['urllink'];
}
// If the title is empty, we use the URL as title.
if ($_POST['title'] == '') {
$_POST['title'] = $_POST['urllink'];
}
// If the URL is invalid, an error occurs.
if (!api_valid_url($urllink, true)) {
// A check against an absolute URL.
$msgErr = get_lang('GiveURL');
Display::display_error_message(get_lang('GiveURL'));
return false;
}
$onhomepage = Security::remove_XSS($_POST['onhomepage']);
$target = Database::escape_string($_POST['target_link']);
if (empty($mytarget)) {
$mytarget = '_self';
}
$mytarget = ", target='" . $target . "'";
// Finding the old category_id.
$sql = "SELECT * FROM " . $tbl_link . "\n WHERE c_id = {$course_id} AND id='" . intval($_POST['id']) . "'";
$result = Database::query($sql);
$row = Database::fetch_array($result);
$category_id = $row['category_id'];
if ($category_id != $_POST['selectcategory']) {
$sql = "SELECT MAX(display_order)\n FROM " . $tbl_link . "\n WHERE c_id = {$course_id}\n AND category_id='" . intval($_POST['selectcategory']) . "'";
$result = Database::query($sql);
list($max_display_order) = Database::fetch_row($result);
$max_display_order++;
} else {
$max_display_order = $row['display_order'];
}
$sql = "UPDATE " . $tbl_link . " SET " . "url='" . Database::escape_string($_POST['urllink']) . "', " . "title='" . Database::escape_string($_POST['title']) . "', " . "description='" . Database::escape_string($_POST['description']) . "', " . "category_id='" . Database::escape_string($_POST['selectcategory']) . "', " . "display_order='" . $max_display_order . "', " . "on_homepage= '" . Database::escape_string($onhomepage) . "' {$mytarget} " . " WHERE c_id = {$course_id} AND id='" . intval($_POST['id']) . "'";
Database::query($sql);
// Update search enchine and its values table if enabled.
if (api_get_setting('search_enabled') == 'true') {
$link_id = intval($_POST['id']);
$course_int_id = api_get_course_int_id();
$course_id = api_get_course_id();
$link_url = Database::escape_string($_POST['urllink']);
$link_title = Database::escape_string($_POST['title']);
$link_description = Database::escape_string($_POST['description']);
// Actually, it consists on delete terms from db, insert new ones, create a new search engine document, and remove the old one.
// Get search_did.
$tbl_se_ref = Database::get_main_table(TABLE_MAIN_SEARCH_ENGINE_REF);
$sql = 'SELECT * FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=%s LIMIT 1';
$sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_LINK, $link_id);
$res = Database::query($sql);
if (Database::num_rows($res) > 0) {
require_once api_get_path(LIBRARY_PATH) . 'search/ChamiloIndexer.class.php';
require_once api_get_path(LIBRARY_PATH) . 'search/IndexableChunk.class.php';
require_once api_get_path(LIBRARY_PATH) . 'specific_fields_manager.lib.php';
$se_ref = Database::fetch_array($res);
$specific_fields = get_specific_field_list();
$ic_slide = new IndexableChunk();
$all_specific_terms = '';
foreach ($specific_fields as $specific_field) {
delete_all_specific_field_value($course_id, $specific_field['id'], TOOL_LINK, $link_id);
if (isset($_REQUEST[$specific_field['code']])) {
$sterms = trim($_REQUEST[$specific_field['code']]);
if (!empty($sterms)) {
$all_specific_terms .= ' ' . $sterms;
$sterms = explode(',', $sterms);
foreach ($sterms as $sterm) {
$ic_slide->addTerm(trim($sterm), $specific_field['code']);
add_specific_field_value($specific_field['id'], $course_id, TOOL_LINK, $link_id, $sterm);
}
}
}
}
// Build the chunk to index.
$ic_slide->addValue("title", $link_title);
$ic_slide->addCourseId($course_id);
$ic_slide->addToolId(TOOL_LINK);
$xapian_data = array(SE_COURSE_ID => $course_id, SE_TOOL_ID => TOOL_LINK, SE_DATA => array('link_id' => (int) $link_id), SE_USER => (int) api_get_user_id());
$ic_slide->xapian_data = serialize($xapian_data);
$link_description = $all_specific_terms . ' ' . $link_description;
$ic_slide->addValue('content', $link_description);
// Add category name if set.
if (isset($_POST['selectcategory']) && $selectcategory > 0) {
$table_link_category = Database::get_course_table(TABLE_LINK_CATEGORY);
$sql_cat = 'SELECT * FROM %s WHERE id=%d and c_id = %d LIMIT 1';
$sql_cat = sprintf($sql_cat, $table_link_category, (int) $selectcategory, $course_int_id);
$result = Database::query($sql_cat);
if (Database::num_rows($result) == 1) {
$row = Database::fetch_array($result);
$ic_slide->addValue('category', $row['category_title']);
}
}
$di = new ChamiloIndexer();
isset($_POST['language']) ? $lang = Database::escape_string($_POST['language']) : ($lang = 'english');
$di->connectDb(null, null, $lang);
$di->remove_document((int) $se_ref['search_did']);
$di->addChunk($ic_slide);
// Index and return search engine document id.
$did = $di->index();
if ($did) {
// Save it to db.
$sql = 'DELETE FROM %s
WHERE course_code=\'%s\'
AND tool_id=\'%s\'
AND ref_id_high_level=\'%s\'';
$sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_LINK, $link_id);
Database::query($sql);
$sql = 'INSERT INTO %s (c_id, id, course_code, tool_id, ref_id_high_level, search_did)
VALUES (NULL , \'%s\', \'%s\', %s, %s)';
$sql = sprintf($sql, $tbl_se_ref, $course_int_id, $course_id, TOOL_LINK, $link_id, $did);
Database::query($sql);
}
}
}
// "WHAT'S NEW" notification: update table last_toolEdit.
api_item_property_update($_course, TOOL_LINK, $_POST['id'], 'LinkUpdated', $_user['user_id']);
Display::display_confirmation_message(get_lang('LinkModded'));
}
}
if ($type == 'category') {
// This is used to populate the category-form with the info found in the database.
if (!$submit_category) {
$sql = "SELECT * FROM " . $tbl_categories . "\n WHERE c_id = {$course_id} AND id='" . intval($_GET['id']) . "'";
$result = Database::query($sql);
if ($myrow = Database::fetch_array($result)) {
$category_title = $myrow['category_title'];
$description = $myrow['description'];
}
}
// This is used to put the modified info of the category-form into the database.
if ($submit_category) {
$sql = "UPDATE " . $tbl_categories . "\n SET category_title='" . Database::escape_string($_POST['category_title']) . "',\n description='" . Database::escape_string($_POST['description']) . "'\n WHERE c_id = {$course_id} AND id='" . Database::escape_string($_POST['id']) . "'";
Database::query($sql);
Display::display_confirmation_message(get_lang('CategoryModded'));
}
}
return true;
// On errors before this statement, exit from this function by returning false value.
}