/**
* @param int $userId
*/
function preventMultipleLogin($userId)
{
$table = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ONLINE);
$userId = intval($userId);
if (api_get_settings('prevent_multiple_simultaneous_login') === 'true') {
if (!empty($userId) && !api_is_anonymous()) {
$isFirstLogin = Session::read('first_user_login');
if (empty($isFirstLogin)) {
$sql = "SELECT login_id FROM {$table}\n WHERE login_user_id = " . $userId . " LIMIT 1";
$result = Database::query($sql);
$loginData = array();
if (Database::num_rows($result)) {
$loginData = Database::fetch_array($result);
}
$userIsReallyOnline = user_is_online($userId);
// Trying double login.
if (!empty($loginData) && $userIsReallyOnline == true) {
session_regenerate_id();
Session::destroy();
header('Location: ' . api_get_path(WEB_PATH) . 'index.php?loginFailed=1&error=multiple_connection_not_allowed');
exit;
} else {
// First time
Session::write('first_user_login', 1);
}
}
}
}
}
/**
* True if portfolios are enabled. False otherwise.
*
* @return boolean
*/
public static function is_enabled()
{
if (api_is_anonymous()) {
return false;
}
$user_id = api_get_user_id();
if (empty($user_id)) {
return false;
}
$portfolios = self::all();
if (count($portfolios) == 0) {
return false;
}
return true;
}
/**
*
* @return string
*/
public function indexAction(Application $app, $id)
{
$actions = null;
if (api_is_platform_admin()) {
$actions = '<a href="' . api_get_path(WEB_PATH) . 'main/admin/system_announcements.php">' . \Display::return_icon('edit.png', get_lang('EditSystemAnnouncement'), array(), 32) . '</a>';
}
if (api_is_anonymous()) {
$visibility = \SystemAnnouncementManager::VISIBLE_GUEST;
} else {
$visibility = api_is_allowed_to_create_course() ? \SystemAnnouncementManager::VISIBLE_TEACHER : \SystemAnnouncementManager::VISIBLE_STUDENT;
}
$content = \SystemAnnouncementManager::display_announcements_slider($visibility, $id);
$app['template']->assign('content', $content);
$app['template']->assign('actions', $actions);
$response = $app['template']->renderLayout('layout_1_col.tpl');
return new Response($response, 200, array());
}
private function get_announcements($username, $course_code, $announcement_id = 0)
{
$session_id = api_get_session_id();
$condition_session = api_get_session_condition($session_id);
$announcement_id = $announcement_id == 0 ? "" : "AND announcement.id=" . $announcement_id;
$user_id = UserManager::get_user_id_from_username($username);
//$listOfCourses = CourseManager::get_course_information_by_id($course_id);
$course_info = CourseManager::get_course_information($course_code);
$course_db = $course_info['db_name'];
$tbl_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY, $course_db);
$tbl_announcement = Database::get_course_table(TABLE_ANNOUNCEMENT, $course_db);
$maximum = '12';
$group_memberships = GroupManager::get_group_ids($course_info['real_id'], $user_id);
if (api_get_group_id() == 0) {
$cond_user_id = " AND ( ip.to_user_id='" . $user_id . "'" . "OR ip.to_group_id IN (0, " . implode(", ", $group_memberships) . ")) ";
} else {
$cond_user_id = " AND ( ip.to_user_id='" . $user_id . "'" . "OR ip.to_group_id IN (0, " . api_get_group_id() . ")) ";
}
// the user is member of several groups => display personal announcements AND his group announcements AND the general announcements
if (is_array($group_memberships) && count($group_memberships) > 0) {
$sql = "SELECT\n announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id\n FROM {$tbl_announcement} announcement, {$tbl_item_property} ip\n WHERE announcement.id = ip.ref\n AND ip.tool='announcement'\n AND ip.visibility='1'\n {$announcement_id}\n {$cond_user_id}\n {$condition_session}\n GROUP BY ip.ref\n ORDER BY display_order DESC\n LIMIT 0,{$maximum}";
} else {
// the user is not member of any group
// this is an identified user => show the general announcements AND his personal announcements
if ($user_id) {
if (api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous()) {
$cond_user_id = " AND (ip.lastedit_user_id = '" . api_get_user_id() . "' OR ( ip.to_user_id='" . $user_id . "' OR ip.to_group_id='0')) ";
} else {
$cond_user_id = " AND ( ip.to_user_id='" . $user_id . "' OR ip.to_group_id='0') ";
}
$sql = "SELECT\n announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id\n FROM {$tbl_announcement} announcement, {$tbl_item_property} ip\n WHERE announcement.id = ip.ref\n AND ip.tool='announcement'\n AND ip.visibility='1'\n {$announcement_id}\n {$cond_user_id}\n {$condition_session}\n GROUP BY ip.ref\n ORDER BY display_order DESC\n LIMIT 0,{$maximum}";
} else {
if (api_get_course_setting('allow_user_edit_announcement')) {
$cond_user_id = " AND (ip.lastedit_user_id = '" . api_get_user_id() . "' OR ip.to_group_id='0') ";
} else {
$cond_user_id = " AND ip.to_group_id='0' ";
}
// the user is not identiefied => show only the general announcements
$sql = "SELECT\n announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id\n FROM {$tbl_announcement} announcement, {$tbl_item_property} ip\n WHERE announcement.id = ip.ref\n AND ip.tool='announcement'\n AND ip.visibility='1'\n AND ip.to_group_id='0'\n {$announcement_id}\n {$condition_session}\n GROUP BY ip.ref\n ORDER BY display_order DESC\n LIMIT 0,{$maximum}";
}
}
$result = Database::query($sql);
return $result;
}
<?php
// Show the CAS button to login using CAS
require_once api_get_path(SYS_PATH) . 'main/auth/cas/authcas.php';
$_template['show_message'] = false;
if (api_is_anonymous()) {
$_template['cas_activated'] = api_is_cas_activated();
$_template['cas_configured'] = cas_configured();
$_template['show_message'] = true;
// the default title
$button_label = "Connexion via CAS";
if (!empty($plugin_info['settings']['add_cas_login_button_cas_button_label'])) {
$button_label = api_htmlentities($plugin_info['settings']['add_cas_login_button_cas_button_label']);
}
// the comm
$comm_label = api_htmlentities($plugin_info['settings']['add_cas_login_button_cas_button_comment']);
// URL of the image
$url_label = $plugin_info['settings']['add_cas_login_button_cas_image_url'];
$_template['button_label'] = $button_label;
$_template['comm_label'] = $comm_label;
$_template['url_label'] = $url_label;
}
static function display_notes()
{
global $_user;
if (!$_GET['direction']) {
$sort_direction = 'ASC';
$link_sort_direction = 'DESC';
} elseif ($_GET['direction'] == 'ASC') {
$sort_direction = 'ASC';
$link_sort_direction = 'DESC';
} else {
$sort_direction = 'DESC';
$link_sort_direction = 'ASC';
}
// action links
echo '<div class="actions">';
if (!api_is_anonymous()) {
if (api_get_session_id() == 0)
echo '<a href="index.php?' . api_get_cidreq() . '&action=addnote">' . Display::return_icon('new_note.png', get_lang('NoteAddNew'), '', '32') . '</a>';
elseif (api_is_allowed_to_session_edit(false, true)) {
echo '<a href="index.php?' . api_get_cidreq() . '&action=addnote">' . Display::return_icon('new_note.png', get_lang('NoteAddNew'), '', '32') . '</a>';
}
} else {
echo '<a href="javascript:void(0)">' . Display::return_icon('new_note.png', get_lang('NoteAddNew'), '', '32') . '</a>';
}
echo '<a href="index.php?' . api_get_cidreq() . '&action=changeview&view=creation_date&direction=' . $link_sort_direction . '">' . Display::return_icon('notes_order_by_date_new.png', get_lang('OrderByCreationDate'), '', '32') . '</a>';
echo '<a href="index.php?' . api_get_cidreq() . '&action=changeview&view=update_date&direction=' . $link_sort_direction . '">' . Display::return_icon('notes_order_by_date_mod.png', get_lang('OrderByModificationDate'), '', '32') . '</a>';
echo '<a href="index.php?' . api_get_cidreq() . '&action=changeview&view=title&direction=' . $link_sort_direction . '">' . Display::return_icon('notes_order_by_title.png', get_lang('OrderByTitle'), '', '32') . '</a>';
echo '</div>';
if (!in_array($_SESSION['notebook_view'], array('creation_date', 'update_date', 'title'))) {
$_SESSION['notebook_view'] = 'creation_date';
}
// Database table definition
$t_notebook = Database :: get_course_table(TABLE_NOTEBOOK);
$order_by = "";
if ($_SESSION['notebook_view'] == 'creation_date' || $_SESSION['notebook_view'] == 'update_date') {
$order_by = " ORDER BY " . $_SESSION['notebook_view'] . " $sort_direction ";
} else {
$order_by = " ORDER BY " . $_SESSION['notebook_view'] . " $sort_direction ";
}
//condition for the session
$session_id = api_get_session_id();
$condition_session = api_get_session_condition($session_id);
$cond_extra = ($_SESSION['notebook_view'] == 'update_date') ? " AND update_date <> '0000-00-00 00:00:00'" : " ";
$course_id = api_get_course_int_id();
$sql = "SELECT * FROM $t_notebook WHERE c_id = $course_id AND user_id = '" . api_get_user_id() . "' $condition_session $cond_extra $order_by";
$result = Database::query($sql);
while ($row = Database::fetch_array($result)) {
//validacion when belongs to a session
$session_img = api_get_session_image($row['session_id'], $_user['status']);
$creation_date = api_get_local_time($row['creation_date'], null, date_default_timezone_get());
$update_date = api_get_local_time($row['update_date'], null, date_default_timezone_get());
echo '<div class="sectiontitle">';
echo '<span style="float: right;"> (' . get_lang('CreationDate') . ': ' . date_to_str_ago($creation_date) . ' <span class="dropbox_date">' . $creation_date . '</span>';
if ($row['update_date'] <> $row['creation_date']) {
echo ', ' . get_lang('UpdateDate') . ': ' . date_to_str_ago($update_date) . ' <span class="dropbox_date">' . $update_date . '</span>';
}
echo ')</span>';
echo $row['title'] . $session_img;
echo '</div>';
echo '<div class="sectioncomment">' . $row['description'] . '</div>';
echo '<div>';
echo '<a href="' . api_get_self() . '?action=editnote&notebook_id=' . $row['notebook_id'] . '">' . Display::return_icon('edit.png', get_lang('Edit'), '', ICON_SIZE_SMALL) . '</a>';
echo '<a href="' . api_get_self() . '?action=deletenote&notebook_id=' . $row['notebook_id'] . '" onclick="return confirmation(\'' . $row['title'] . '\');">' . Display::return_icon('delete.png', get_lang('Delete'), '', ICON_SIZE_SMALL) . '</a>';
echo '</div>';
}
}
$my_file_comment = Database::escape_string($_REQUEST['file_comment']);
store_edited_agenda_item($my_id_attach, $my_file_comment);
display_agenda_items();
} else {
$id = (int) $_GET['id'];
show_add_form($id);
}
} else {
display_agenda_items();
}
break;
case "delete":
$id = (int) $_GET['id'];
if (!(api_is_course_coach() && !api_is_element_in_the_session(TOOL_AGENDA, $id))) {
// a coach can only delete an element belonging to his session
if (api_is_allowed_to_edit() && !api_is_anonymous()) {
if (!empty($id)) {
$res_del = delete_agenda_item($id);
if ($res_del) {
Display::display_normal_message(get_lang("AgendaDeleteSuccess"));
}
}
}
}
display_agenda_items();
break;
case "showhide":
$id = (int) $_GET['id'];
if (!(api_is_course_coach() && !api_is_element_in_the_session(TOOL_AGENDA, $id))) {
// a coach can only delete an element belonging to his session
showhide_agenda_item($id);
} else {
echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&forum=' . Security::remove_XSS($my_forum) . '&action=delete&content=thread&id=' . $row['thread_id'] . $origin_string . "\" onclick=\"javascript:if(!confirm('" . addslashes(api_htmlentities(get_lang('DeleteCompleteThread'), ENT_QUOTES)) . "')) return false;\">" . Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL) . '</a>';
}
display_visible_invisible_icon('thread', $row['thread_id'], $row['visibility'], array('forum' => $my_forum, 'origin' => $origin, 'gidReq' => $groupId));
display_lock_unlock_icon('thread', $row['thread_id'], $row['locked'], array('forum' => $my_forum, 'origin' => $origin, 'gidReq' => api_get_group_id()));
echo '<a href="viewforum.php?' . api_get_cidreq() . '&forum=' . Security::remove_XSS($my_forum) . '&action=move&thread=' . $row['thread_id'] . $origin_string . '">' . Display::return_icon('move.png', get_lang('MoveThread'), array(), ICON_SIZE_SMALL) . '</a>';
}
}
$iconnotify = 'send_mail.gif';
if (is_array(isset($_SESSION['forum_notification']['thread']) ? $_SESSION['forum_notification']['thread'] : null)) {
if (in_array($row['thread_id'], $_SESSION['forum_notification']['thread'])) {
$iconnotify = 'send_mail_checked.gif';
}
}
$icon_liststd = 'user.png';
if (!api_is_anonymous() && api_is_allowed_to_session_edit(false, true)) {
echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&forum=' . Security::remove_XSS($my_forum) . '&origin=' . $origin . '&action=notify&content=thread&id=' . $row['thread_id'] . '">' . Display::return_icon($iconnotify, get_lang('NotifyMe')) . '</a>';
}
if (api_is_allowed_to_edit(null, true) && $origin != 'learnpath') {
echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&forum=' . Security::remove_XSS($my_forum) . '&origin=' . $origin . '&action=liststd&content=thread&id=' . $row['thread_id'] . '">' . Display::return_icon($icon_liststd, get_lang('StudentList'), array(), ICON_SIZE_SMALL) . '</a>';
}
echo '</td></tr>';
}
$counter++;
}
}
echo '</table>';
echo isset($table_list) ? $table_list : '';
/* FOOTER */
if ($origin != 'learnpath') {
Display::display_footer();
echo '</td>';
echo '<td class="td_actions">';
if (api_is_allowed_to_edit(false, true) && !($forum['session_id'] == 0 && intval(isset($_SESSION['id_session']) ? $_SESSION['id_session'] : null) != 0)) {
echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&forumcategory=' . Security::remove_XSS($_GET['forumcategory']) . '&action=edit&content=forum&id=' . $forum['forum_id'] . '">' . Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL) . '</a>';
echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&forumcategory=' . Security::remove_XSS($_GET['forumcategory']) . '&action=delete&content=forum&id=' . $forum['forum_id'] . "\" onclick=\"javascript:if(!confirm('" . addslashes(api_htmlentities(get_lang('DeleteForum'), ENT_QUOTES)) . "')) return false;\">" . Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL) . '</a>';
display_visible_invisible_icon('forum', $forum['forum_id'], $forum['visibility'], array('forumcategory' => $_GET['forumcategory']));
display_lock_unlock_icon('forum', $forum['forum_id'], $forum['locked'], array('forumcategory' => $_GET['forumcategory']));
display_up_down_icon('forum', $forum['forum_id'], $forums_in_category);
}
$iconnotify = 'send_mail.gif';
if (is_array(isset($_SESSION['forum_notification']['forum']) ? $_SESSION['forum_notification']['forum'] : null)) {
if (in_array($forum['forum_id'], $_SESSION['forum_notification']['forum'])) {
$iconnotify = 'send_mail_checked.gif';
}
}
if (!api_is_anonymous()) {
echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&forumcategory=' . Security::remove_XSS($_GET['forumcategory']) . '&action=notify&content=forum&id=' . $forum['forum_id'] . '">' . Display::return_icon($iconnotify, get_lang('NotifyMe')) . '</a>';
}
echo '</td></tr>';
}
}
}
if (count($forum_list) == 0) {
echo '<tr><td>' . get_lang('NoForumInThisCategory') . '</td></tr>';
}
echo '</table>';
}
/* FOOTER */
if ($origin != 'learnpath') {
Display::display_footer();
}
/**
* Get the users to display on the current page.
*/
function get_user_data($from, $number_of_items, $column, $direction)
{
global $origin;
global $course_info;
global $is_western_name_order;
global $session_id;
$a_users = array();
// limit
$limit = 'LIMIT ' . intval($from) . ',' . intval($number_of_items);
if (!in_array($direction, array('ASC', 'DESC'))) {
$direction = 'ASC';
}
switch ($column) {
case 2:
//official code
$order_by = 'ORDER BY user.official_code ' . $direction;
break;
case 3:
if ($is_western_name_order) {
$order_by = 'ORDER BY user.firstname ' . $direction . ', user.lastname ' . $direction;
} else {
$order_by = 'ORDER BY user.lastname ' . $direction . ', user.firstname ' . $direction;
}
break;
case 4:
if ($is_western_name_order) {
$order_by = 'ORDER BY user.lastname ' . $direction . ', user.firstname ' . $direction;
} else {
$order_by = 'ORDER BY user.firstname ' . $direction . ', user.lastname ' . $direction;
}
break;
case 5:
//username
$order_by = 'ORDER BY user.username ' . $direction;
break;
default:
if ($is_western_name_order) {
$order_by = 'ORDER BY user.lastname ' . $direction . ', user.firstname ' . $direction;
} else {
$order_by = 'ORDER BY user.firstname ' . $direction . ', user.lastname ' . $direction;
}
break;
}
$session_id = api_get_session_id();
$course_code = api_get_course_id();
$keyword = isset($_REQUEST['keyword']) ? $_REQUEST['keyword'] : null;
$a_course_users = CourseManager::get_user_list_from_course_code($course_code, $session_id, $limit, $order_by, null, $keyword);
foreach ($a_course_users as $user_id => $o_course_user) {
$groups_name = GroupManager::get_user_group_name($user_id);
$temp = array();
if (api_is_allowed_to_edit(null, true)) {
//if (api_get_setting('allow_user_course_subscription_by_course_admin') == 'true') {
$temp[] = $user_id;
//}
$image_path = UserManager::get_user_picture_path_by_id($user_id, 'web', false, true);
$user_profile = UserManager::get_picture_user($user_id, $image_path['file'], 22, USER_IMAGE_SIZE_SMALL, ' width="22" height="22" ');
if (!api_is_anonymous()) {
$photo = '<a href="userInfo.php?' . api_get_cidreq() . '&origin=' . $origin . '&uInfo=' . $user_id . '" title="' . get_lang('Info') . '" ><img src="' . $user_profile['file'] . '" ' . $user_profile['style'] . ' alt="' . api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']) . '" title="' . api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']) . '" /></a>';
} else {
$photo = '<img src="' . $user_profile['file'] . '" ' . $user_profile['style'] . ' alt="' . api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']) . '" title="' . api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']) . '" />';
}
$temp[] = $photo;
$temp[] = $o_course_user['official_code'];
if ($is_western_name_order) {
$temp[] = $o_course_user['firstname'];
$temp[] = $o_course_user['lastname'];
} else {
$temp[] = $o_course_user['lastname'];
$temp[] = $o_course_user['firstname'];
}
$temp[] = $o_course_user['username'];
$temp[] = isset($o_course_user['role']) ? $o_course_user['role'] : null;
//Description
$temp[] = implode(', ', $groups_name);
//Group
// Status
$default_status = '-';
if (isset($o_course_user['status_rel']) && $o_course_user['status_rel'] == 1 || isset($o_course_user['status_session']) && $o_course_user['status_session'] == 2) {
$default_status = get_lang('CourseManager');
} elseif (isset($o_course_user['tutor_id']) && $o_course_user['tutor_id'] == 1) {
$default_status = get_lang('Tutor');
}
$temp[] = $default_status;
//Active
$temp[] = $o_course_user['active'];
//User id for actions
$temp[] = $user_id;
} else {
$image_path = UserManager::get_user_picture_path_by_id($user_id, 'web', false, true);
$image_repository = $image_path['dir'];
$existing_image = $image_path['file'];
if (!api_is_anonymous()) {
$photo = '<a href="userInfo.php?' . api_get_cidreq() . '&origin=' . $origin . '&uInfo=' . $user_id . '" title="' . get_lang('Info') . '" ><img src="' . $image_repository . $existing_image . '" alt="' . api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']) . '" width="22" height="22" title="' . api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']) . '" /></a>';
} else {
$photo = '<img src="' . $image_repository . $existing_image . '" alt="' . api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']) . '" width="22" height="22" title="' . api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']) . '" />';
}
$temp[] = $user_id;
$temp[] = $photo;
$temp[] = $o_course_user['official_code'];
if ($is_western_name_order) {
$temp[] = $o_course_user['firstname'];
$temp[] = $o_course_user['lastname'];
} else {
$temp[] = $o_course_user['lastname'];
$temp[] = $o_course_user['firstname'];
}
$temp[] = $o_course_user['username'];
$temp[] = $o_course_user['role'];
$temp[] = implode(', ', $groups_name);
//Group
if ($course_info['unsubscribe'] == 1) {
//User id for actions
$temp[] = $user_id;
}
//$temp[] = $o_course_user['official_code'];
}
$a_users[$user_id] = $temp;
}
return $a_users;
}
/**
* Return a link to go to the course, validating the visibility of the
* course and the user status
* @param int User ID
* @param array Course details array
* @param array List of courses to which the user is subscribed (if not provided, will be generated)
* @return mixed 'enter' for a link to go to the course or 'register' for a link to subscribe, or false if no access
*/
static function get_access_link_by_user($uid, $course, $user_courses = array())
{
if (empty($uid) or empty($course)) {
return false;
}
if (empty($user_courses)) {
// get the array of courses to which the user is subscribed
$user_courses = CourseManager::get_courses_list_by_user_id($uid);
foreach ($user_courses as $k => $v) {
$user_courses[$k] = $v['real_id'];
}
}
if (!isset($course['real_id']) && empty($course['real_id'])) {
$course = api_get_course_info($course['code']);
}
if ($course['visibility'] == COURSE_VISIBILITY_HIDDEN) {
return array();
}
$is_admin = api_is_platform_admin_by_id($uid);
$options = array();
// Register button
if (!api_is_anonymous($uid) && ($course['visibility'] == COURSE_VISIBILITY_OPEN_WORLD || $course['visibility'] == COURSE_VISIBILITY_OPEN_PLATFORM) && $course['subscribe'] == SUBSCRIBE_ALLOWED && (!in_array($course['real_id'], $user_courses) || empty($user_courses))) {
$options[] = 'register';
}
// Go To Course button (only if admin, if course public or if student already subscribed)
if ($is_admin || $course['visibility'] == COURSE_VISIBILITY_OPEN_WORLD && empty($course['registration_code']) || api_user_is_login($uid) && $course['visibility'] == COURSE_VISIBILITY_OPEN_PLATFORM && empty($course['registration_code']) || in_array($course['real_id'], $user_courses) && $course['visibility'] != COURSE_VISIBILITY_CLOSED) {
$options[] = 'enter';
}
if ($is_admin || $course['visibility'] == COURSE_VISIBILITY_OPEN_WORLD && empty($course['registration_code']) || api_user_is_login($uid) && $course['visibility'] == COURSE_VISIBILITY_OPEN_PLATFORM && empty($course['registration_code']) || in_array($course['real_id'], $user_courses) && $course['visibility'] != COURSE_VISIBILITY_CLOSED) {
$options[] = 'enter';
}
if ($course['visibility'] != COURSE_VISIBILITY_HIDDEN && empty($course['registration_code']) && $course['unsubscribe'] == UNSUBSCRIBE_ALLOWED && api_user_is_login($uid) && in_array($course['real_id'], $user_courses)) {
$options[] = 'unsubscribe';
}
return $options;
}
/**
* Check whether the user type should be exclude.
* Such as invited or anonymous users
* @param boolean $checkDB Optional. Whether check the user status
* @param int $userId Options. The user id
*
* @return boolean
*/
function api_is_excluded_user_type($checkDB = false, $userId = 0)
{
if ($checkDB) {
$userId = empty($userId) ? api_get_user_id() : intval($userId);
if ($userId == 0) {
return true;
}
$userInfo = api_get_user_info($userId);
switch ($userInfo['status']) {
case INVITEE:
//no break;
//no break;
case ANONYMOUS:
return true;
default:
return false;
}
}
$isInvited = api_is_invitee();
$isAnonymous = api_is_anonymous();
if ($isInvited || $isAnonymous) {
return true;
}
return false;
}
/**
* @param string $message
* @param array $_course
* @param int $group_id
* @param int $session_id
* @param bool $preview
*/
function saveMessage($message, $userId, $_course, $session_id, $group_id, $preview = true)
{
$userInfo = api_get_user_info($userId);
$fullName = $userInfo['complete_name'];
$isMaster = (bool) api_is_course_admin();
$document_path = api_get_path(SYS_COURSE_PATH) . $_course['path'] . '/document';
if (!empty($group_id)) {
$group_info = GroupManager::get_group_properties($group_id);
$basepath_chat = $group_info['directory'] . '/chat_files';
} else {
$basepath_chat = '/chat_files';
}
$chat_path = $document_path . $basepath_chat . '/';
if (!is_dir($chat_path)) {
if (is_file($chat_path)) {
@unlink($chat_path);
}
}
$date_now = date('Y-m-d');
$message = trim($message);
$timeNow = date('d/m/y H:i:s');
if (!empty($group_id)) {
$basename_chat = 'messages-' . $date_now . '_gid-' . $group_id;
} elseif (!empty($session_id)) {
$basename_chat = 'messages-' . $date_now . '_sid-' . $session_id;
} else {
$basename_chat = 'messages-' . $date_now;
}
if (!api_is_anonymous()) {
if (!empty($message)) {
Emojione\Emojione::$imagePathPNG = api_get_path(WEB_LIBRARY_PATH) . 'javascript/emojione/png/';
Emojione\Emojione::$ascii = true;
// Parsing emojis
$message = Emojione\Emojione::toImage($message);
// Parsing text to understand markdown (code highlight)
$message = MarkdownExtra::defaultTransform($message);
// Security XSS
$message = Security::remove_XSS($message);
if ($preview == true) {
return $message;
}
if (!file_exists($chat_path . $basename_chat . '.log.html')) {
$doc_id = add_document($_course, $basepath_chat . '/' . $basename_chat . '.log.html', 'file', 0, $basename_chat . '.log.html');
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', $userId, $group_id, null, null, null, $session_id);
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'invisible', $userId, $group_id, null, null, null, $session_id);
item_property_update_on_folder($_course, $basepath_chat, $userId);
} else {
$doc_id = DocumentManager::get_document_id($_course, $basepath_chat . '/' . $basename_chat . '.log.html');
}
$fp = fopen($chat_path . $basename_chat . '.log.html', 'a');
$userPhoto = Usermanager::getUserPicture($userId, USER_IMAGE_SIZE_MEDIUM);
$filePhoto = '<img class="chat-image" src="' . $userPhoto . '"/>';
if ($isMaster) {
fputs($fp, '<div class="message-teacher"><div class="content-message"><div class="chat-message-block-name">' . $fullName . '</div><div class="chat-message-block-content">' . $message . '</div><div class="message-date">' . $timeNow . '</div></div><div class="icon-message"></div>' . $filePhoto . '</div>' . "\n");
} else {
fputs($fp, '<div class="message-student">' . $filePhoto . '<div class="icon-message"></div><div class="content-message"><div class="chat-message-block-name">' . $fullName . '</div><div class="chat-message-block-content">' . $message . '</div><div class="message-date">' . $timeNow . '</div></div></div>' . "\n");
}
fclose($fp);
$chat_size = filesize($chat_path . $basename_chat . '.log.html');
update_existing_document($_course, $doc_id, $chat_size);
item_property_update_on_folder($_course, $basepath_chat, $userId);
}
}
}
} else {
require 'downloadfolder.inc.php';
}
// Launch event
Event::event_download($document_data['url']);
exit;
}
break;
case 'export_to_pdf':
if (api_get_setting('students_export2pdf') == 'true' || api_is_allowed_to_edit() || api_is_platform_admin()) {
DocumentManager::export_to_pdf($document_id, $course_code);
}
break;
case 'copytomyfiles':
// Copy a file to general my files user's
if (api_get_setting('social.allow_social_tool') == 'true' && api_get_setting('document.users_copy_files') == 'true' && api_get_user_id() != 0 && !api_is_anonymous()) {
// Get the document data from the ID
$document_info = DocumentManager::get_document_data_by_id($document_id, api_get_course_id(), true, $sessionId);
if ($sessionId != 0 && !$document_info) {
/* If there is a session defined and asking for the document
from the session didn't work, try it from the course
(out of a session context)*/
$document_info = DocumentManager::get_document_data_by_id($document_id, api_get_course_id(), 0);
}
$parent_id = $document_info['parent_id'];
$my_path = UserManager::getUserPathById(api_get_user_id(), 'system');
$user_folder = $my_path . 'my_files/';
$my_path = null;
if (!file_exists($user_folder)) {
$perm = api_get_permissions_for_new_directories();
@mkdir($user_folder, $perm, true);
<?php
// Show the CAS button to logout to your CAS session
global $_user;
$_template['show_message'] = false;
if (!api_is_anonymous() && api_get_setting('cas_activate') == 'true' && $_user['auth_source'] == CAS_AUTH_SOURCE) {
$_template['show_message'] = true;
// the default title
$logout_label = "Deconnexion de CAS";
if (!empty($plugin_info['settings']['add_cas_logout_button_cas_logout_label'])) {
$logout_label = api_htmlentities($plugin_info['settings']['add_cas_logout_button_cas_logout_label']);
}
// the comm
$logout_comment = api_htmlentities($plugin_info['settings']['add_cas_logout_button_cas_logout_comment']);
// URL of the image
$logout_image_url = $plugin_info['settings']['add_cas_logout_button_cas_logout_image_url'];
$_template['logout_label'] = $logout_label;
$_template['logout_comment'] = $logout_comment;
$_template['logout_image_url'] = $logout_image_url;
}
/**
* @param int $filter
* @param string $view
* @return string
*/
public function displayActions($view, $filter = 0)
{
$courseInfo = api_get_course_info();
$actionsLeft = '';
$actionsLeft .= "<a href='" . api_get_path(WEB_CODE_PATH) . "calendar/agenda_js.php?type={$this->type}'>" . Display::return_icon('calendar.png', get_lang('Calendar'), '', ICON_SIZE_MEDIUM) . "</a>";
$courseCondition = '';
if (!empty($courseInfo)) {
$courseCondition = api_get_cidreq();
}
$actionsLeft .= "<a href='" . api_get_path(WEB_CODE_PATH) . "calendar/agenda_list.php?type={$this->type}&" . $courseCondition . "'>" . Display::return_icon('week.png', get_lang('AgendaList'), '', ICON_SIZE_MEDIUM) . "</a>";
$form = '';
if (api_is_allowed_to_edit(false, true) || api_get_course_setting('allow_user_edit_agenda') && !api_is_anonymous() && api_is_allowed_to_session_edit(false, true) || GroupManager::user_has_access(api_get_user_id(), api_get_group_id(), GroupManager::GROUP_TOOL_CALENDAR) && GroupManager::is_tutor_of_group(api_get_user_id(), api_get_group_id())) {
$actionsLeft .= Display::url(Display::return_icon('new_event.png', get_lang('AgendaAdd'), '', ICON_SIZE_MEDIUM), api_get_path(WEB_CODE_PATH) . "calendar/agenda.php?" . api_get_cidreq() . "&action=add&type=" . $this->type);
$actionsLeft .= Display::url(Display::return_icon('import_calendar.png', get_lang('ICalFileImport'), '', ICON_SIZE_MEDIUM), api_get_path(WEB_CODE_PATH) . "calendar/agenda.php?" . api_get_cidreq() . "&action=importical&type=" . $this->type);
if ($this->type == 'course') {
if (!isset($_GET['action'])) {
$form = new FormValidator('form-search', 'post', '', '', array(), FormValidator::LAYOUT_INLINE);
$attributes = array('multiple' => false, 'id' => 'select_form_id_search');
$selectedValues = $this->parseAgendaFilter($filter);
$this->showToForm($form, $selectedValues, $attributes);
$form = $form->returnForm();
}
}
}
if (api_is_platform_admin() || api_is_teacher() || api_is_student_boss() || api_is_drh() || api_is_session_admin() || api_is_coach()) {
if ($this->type == 'personal') {
$form = null;
if (!isset($_GET['action'])) {
$form = new FormValidator('form-search', 'get', api_get_self() . '?type=personal&', '', array(), FormValidator::LAYOUT_INLINE);
$sessions = SessionManager::get_sessions_by_user(api_get_user_id());
$form->addHidden('type', 'personal');
$sessions = array_column($sessions, 'session_name', 'session_id');
$sessions = ['0' => get_lang('SelectAnOption')] + $sessions;
$form->addSelect('session_id', get_lang('Session'), $sessions, ['id' => 'session_id', 'onchange' => 'submit();']);
//$form->addButtonFilter(get_lang('Filter'));
//$renderer = $form->defaultRenderer();
//$renderer->setCustomElementTemplate('<div class="col-md-6">{element}</div>');
$form->addButtonReset(get_lang('Reset'));
$form = $form->returnForm();
}
}
}
$actionsRight = '';
if ($view == 'calendar') {
$actionsRight .= $form;
}
$toolbar = Display::toolbarAction('toolbar-agenda', array(0 => $actionsLeft, 1 => $actionsRight), 2, false);
return $toolbar;
}
/**
* Create a html hyperlink depending on if it's a folder or a file
*
* @param array $document_data
* @param int $show_as_icon - if it is true, only a clickable icon will be shown
* @param int $visibility (1/0)
* @param int $show_as_icon - if it is true, only a clickable icon will be shown
* @return string url
*/
public static function create_document_link($document_data, $show_as_icon = false, $counter = null, $visibility)
{
global $dbl_click_id;
$course_info = api_get_course_info();
$www = api_get_path(WEB_COURSE_PATH) . $course_info['path'] . '/document';
$webOdflist = DocumentManager::get_web_odf_extension_list();
// Get the title or the basename depending on what we're using
if ($document_data['title'] != '') {
$title = $document_data['title'];
} else {
$title = basename($document_data['path']);
}
$filetype = $document_data['filetype'];
$size = $filetype == 'folder' ? get_total_folder_size($document_data['path'], api_is_allowed_to_edit(null, true)) : $document_data['size'];
$path = $document_data['path'];
$url_path = urlencode($document_data['path']);
// Add class="invisible" on invisible files
$visibility_class = $visibility == false ? ' class="muted"' : '';
$forcedownload_link = null;
$forcedownload_icon = null;
$prevent_multiple_click = null;
if (!$show_as_icon) {
// Build download link (icon)
$forcedownload_link = $filetype == 'folder' ? api_get_self() . '?' . api_get_cidreq() . '&action=downloadfolder&id=' . $document_data['id'] : api_get_self() . '?' . api_get_cidreq() . '&action=download&id=' . $document_data['id'];
// Folder download or file download?
$forcedownload_icon = $filetype == 'folder' ? 'save_pack.png' : 'save.png';
// Prevent multiple clicks on zipped folder download
$prevent_multiple_click = $filetype == 'folder' ? " onclick=\"javascript: if(typeof clic_{$dbl_click_id} == 'undefined' || !clic_{$dbl_click_id}) { clic_{$dbl_click_id}=true; window.setTimeout('clic_" . $dbl_click_id++ . "=false;',10000); } else { return false; }\"" : '';
}
$target = '_self';
$is_browser_viewable_file = false;
if ($filetype == 'file') {
// Check the extension
$ext = explode('.', $path);
$ext = strtolower($ext[sizeof($ext) - 1]);
// HTML-files an some other types are shown in a frameset by default.
$is_browser_viewable_file = self::is_browser_viewable($ext);
if ($is_browser_viewable_file) {
if ($ext == 'pdf' || in_array($ext, $webOdflist)) {
$url = api_get_self() . '?' . api_get_cidreq() . '&action=download&id=' . $document_data['id'];
} else {
$url = 'showinframes.php?' . api_get_cidreq() . '&id=' . $document_data['id'];
}
} else {
// url-encode for problematic characters (we may not call them dangerous characters...)
$path = str_replace('%2F', '/', $url_path) . '?' . api_get_cidreq();
$url = $www . $path;
}
/*$path = str_replace('%2F', '/', $url_path); //yox view hack otherwise the image can't be well read
$url = $www . $path;*/
} else {
$url = api_get_self() . '?' . api_get_cidreq() . '&id=' . $document_data['id'];
}
// The little download icon
$tooltip_title = $title;
$tooltip_title_alt = $tooltip_title;
if ($path == '/shared_folder') {
$tooltip_title_alt = get_lang('UserFolders');
} elseif (strstr($path, 'shared_folder_session_')) {
$tooltip_title_alt = get_lang('UserFolders') . ' (' . api_get_session_name(api_get_session_id()) . ')';
} elseif (strstr($tooltip_title, 'sf_user_')) {
$userinfo = api_get_user_info(substr($tooltip_title, 8));
$tooltip_title_alt = get_lang('UserFolder') . ' ' . $userinfo['complete_name'];
} elseif ($path == '/chat_files') {
$tooltip_title_alt = get_lang('ChatFiles');
} elseif ($path == '/learning_path') {
$tooltip_title_alt = get_lang('LearningPaths');
} elseif ($path == '/video') {
$tooltip_title_alt = get_lang('Video');
} elseif ($path == '/audio') {
$tooltip_title_alt = get_lang('Audio');
} elseif ($path == '/flash') {
$tooltip_title_alt = get_lang('Flash');
} elseif ($path == '/images') {
$tooltip_title_alt = get_lang('Images');
} elseif ($path == '/images/gallery') {
$tooltip_title_alt = get_lang('DefaultCourseImages');
}
$current_session_id = api_get_session_id();
$copy_to_myfiles = $open_in_new_window_link = null;
$curdirpath = isset($_GET['curdirpath']) ? Security::remove_XSS($_GET['curdirpath']) : null;
$send_to = null;
$checkExtension = $path;
if (!$show_as_icon) {
if ($filetype == 'folder') {
if (api_is_allowed_to_edit() || api_is_platform_admin() || api_get_setting('students_download_folders') == 'true') {
//filter when I am into shared folder, I can show for donwload only my shared folder
if (DocumentManager::is_shared_folder($curdirpath, $current_session_id)) {
if (preg_match('/shared_folder\\/sf_user_' . api_get_user_id() . '$/', urldecode($forcedownload_link)) || preg_match('/shared_folder_session_' . $current_session_id . '\\/sf_user_' . api_get_user_id() . '$/', urldecode($forcedownload_link)) || api_is_allowed_to_edit() || api_is_platform_admin()) {
$force_download_html = $size == 0 ? '' : '<a href="' . $forcedownload_link . '" style="float:right"' . $prevent_multiple_click . '>' . Display::return_icon($forcedownload_icon, get_lang('Download'), array(), ICON_SIZE_SMALL) . '</a>';
}
} elseif (!preg_match('/shared_folder/', urldecode($forcedownload_link)) || api_is_allowed_to_edit() || api_is_platform_admin()) {
$force_download_html = $size == 0 ? '' : '<a href="' . $forcedownload_link . '" style="float:right"' . $prevent_multiple_click . '>' . Display::return_icon($forcedownload_icon, get_lang('Download'), array(), ICON_SIZE_SMALL) . '</a>';
}
}
} else {
$force_download_html = $size == 0 ? '' : '<a href="' . $forcedownload_link . '" style="float:right"' . $prevent_multiple_click . '>' . Display::return_icon($forcedownload_icon, get_lang('Download'), array(), ICON_SIZE_SMALL) . '</a>';
}
// Copy files to users myfiles
if (api_get_setting('social.allow_social_tool') == 'true' && api_get_setting('document.users_copy_files') == 'true' && !api_is_anonymous()) {
$copy_myfiles_link = $filetype == 'file' ? api_get_self() . '?' . api_get_cidreq() . '&action=copytomyfiles&id=' . $document_data['id'] : api_get_self() . '?' . api_get_cidreq();
if ($filetype == 'file') {
$copy_to_myfiles = '<a href="' . $copy_myfiles_link . '" style="float:right"' . $prevent_multiple_click . '>' . Display::return_icon('briefcase.png', get_lang('CopyToMyFiles'), array(), ICON_SIZE_SMALL) . ' </a>';
}
if ($filetype == 'file') {
$send_to = Portfolio::share('document', $document_data['id'], array('style' => 'float:right;'));
}
}
$pdf_icon = '';
$extension = pathinfo($path, PATHINFO_EXTENSION);
if (!api_is_allowed_to_edit() && api_get_setting('students_export2pdf') == 'true' && $filetype == 'file' && in_array($extension, array('html', 'htm'))) {
$pdf_icon = ' <a style="float:right".' . $prevent_multiple_click . ' href="' . api_get_self() . '?' . api_get_cidreq() . '&action=export_to_pdf&id=' . $document_data['id'] . '">' . Display::return_icon('pdf.png', get_lang('Export2PDF'), array(), ICON_SIZE_SMALL) . '</a> ';
}
if ($is_browser_viewable_file) {
$open_in_new_window_link = '<a href="' . $www . str_replace('%2F', '/', $url_path) . '?' . api_get_cidreq() . '" style="float:right"' . $prevent_multiple_click . ' target="_blank">' . Display::return_icon('open_in_new_window.png', get_lang('OpenInANewWindow'), array(), ICON_SIZE_SMALL) . ' </a>';
}
if ($filetype == 'file') {
// Sound preview with jplayer
if (preg_match('/mp3$/i', urldecode($checkExtension)) || preg_match('/wav$/i', urldecode($checkExtension)) && !preg_match('/_chnano_.wav$/i', urldecode($url)) || preg_match('/ogg$/i', urldecode($checkExtension))) {
return '<span style="float:left" ' . $visibility_class . '>' . $title . '</span>' . $force_download_html . $send_to . $copy_to_myfiles . $open_in_new_window_link . $pdf_icon;
} elseif (preg_match('/swf$/i', urldecode($checkExtension)) || preg_match('/png$/i', urldecode($checkExtension)) || preg_match('/gif$/i', urldecode($checkExtension)) || preg_match('/jpg$/i', urldecode($checkExtension)) || preg_match('/jpeg$/i', urldecode($checkExtension)) || preg_match('/bmp$/i', urldecode($checkExtension)) || preg_match('/svg$/i', urldecode($checkExtension)) || preg_match('/wav$/i', urldecode($checkExtension)) && preg_match('/_chnano_.wav$/i', urldecode($checkExtension)) && api_get_setting('document.enable_nanogong') == 'true') {
// Simpler version of showinframesmin.php with no headers
$url = 'show_content.php?' . api_get_cidreq() . '&id=' . $document_data['id'];
$class = 'ajax';
if ($visibility == false) {
$class = "ajax invisible";
}
return Display::url($title, $url, ['class' => $class, 'title' => $tooltip_title_alt, 'data-title' => $title, 'style' => 'float: left;']) . $force_download_html . $send_to . $copy_to_myfiles . $open_in_new_window_link . $pdf_icon;
} else {
// For PDF Download the file.
$pdfPreview = null;
if ($ext != 'pdf' && !in_array($ext, $webOdflist)) {
$url = 'showinframes.php?' . api_get_cidreq() . '&id=' . $document_data['id'];
} else {
$pdfPreview = Display::url(Display::return_icon('preview.gif', get_lang('Preview')), api_get_path(WEB_CODE_PATH) . 'document/showinframes.php?' . api_get_cidreq() . '&id=' . $document_data['id'], array('style' => 'float:right'));
}
// No plugin just the old and good showinframes.php page
return '<a href="' . $url . '" title="' . $tooltip_title_alt . '" style="float:left" ' . $visibility_class . ' >' . $title . '</a>' . $pdfPreview . $force_download_html . $send_to . $copy_to_myfiles . $open_in_new_window_link . $pdf_icon;
}
} else {
return '<a href="' . $url . '" title="' . $tooltip_title_alt . '" ' . $visibility_class . ' style="float:left">' . $title . '</a>' . $force_download_html . $send_to . $copy_to_myfiles . $open_in_new_window_link . $pdf_icon;
}
// end copy files to users myfiles
} else {
// Icon column
if (preg_match('/shared_folder/', urldecode($checkExtension)) && preg_match('/shared_folder$/', urldecode($checkExtension)) == false && preg_match('/shared_folder_session_' . $current_session_id . '$/', urldecode($url)) == false) {
if ($filetype == 'file') {
//Sound preview with jplayer
if (preg_match('/mp3$/i', urldecode($checkExtension)) || preg_match('/wav$/i', urldecode($checkExtension)) && !preg_match('/_chnano_.wav$/i', urldecode($url)) || preg_match('/ogg$/i', urldecode($checkExtension))) {
$sound_preview = DocumentManager::generate_media_preview($counter);
return $sound_preview;
} elseif (preg_match('/swf$/i', urldecode($checkExtension)) || preg_match('/png$/i', urldecode($checkExtension)) || preg_match('/gif$/i', urldecode($checkExtension)) || preg_match('/jpg$/i', urldecode($checkExtension)) || preg_match('/jpeg$/i', urldecode($checkExtension)) || preg_match('/bmp$/i', urldecode($checkExtension)) || preg_match('/svg$/i', urldecode($checkExtension)) || preg_match('/wav$/i', urldecode($checkExtension)) && preg_match('/_chnano_.wav$/i', urldecode($checkExtension)) && api_get_setting('document.enable_nanogong') == 'true') {
$url = 'showinframes.php?' . api_get_cidreq() . '&id=' . $document_data['id'];
return '<a href="' . $url . '" title="' . $tooltip_title_alt . '" ' . $visibility_class . ' style="float:left">' . DocumentManager::build_document_icon_tag($filetype, $path) . Display::return_icon('shared.png', get_lang('ResourceShared'), array()) . '</a>';
} else {
return '<a href="' . $url . '" title="' . $tooltip_title_alt . '" ' . $visibility_class . ' style="float:left">' . DocumentManager::build_document_icon_tag($filetype, $path) . Display::return_icon('shared.png', get_lang('ResourceShared'), array()) . '</a>';
}
} else {
return '<a href="' . $url . '" title="' . $tooltip_title_alt . '" target="' . $target . '"' . $visibility_class . ' style="float:left">' . DocumentManager::build_document_icon_tag($filetype, $path) . Display::return_icon('shared.png', get_lang('ResourceShared'), array()) . '</a>';
}
} else {
if ($filetype == 'file') {
// Sound preview with jplayer
if (preg_match('/mp3$/i', urldecode($checkExtension)) || preg_match('/wav$/i', urldecode($checkExtension)) && !preg_match('/_chnano_.wav$/i', urldecode($url)) || preg_match('/ogg$/i', urldecode($checkExtension))) {
$sound_preview = DocumentManager::generate_media_preview($counter);
return $sound_preview;
} elseif (preg_match('/html$/i', urldecode($checkExtension)) || preg_match('/htm$/i', urldecode($checkExtension)) || preg_match('/swf$/i', urldecode($checkExtension)) || preg_match('/png$/i', urldecode($checkExtension)) || preg_match('/gif$/i', urldecode($checkExtension)) || preg_match('/jpg$/i', urldecode($checkExtension)) || preg_match('/jpeg$/i', urldecode($checkExtension)) || preg_match('/bmp$/i', urldecode($checkExtension)) || preg_match('/svg$/i', urldecode($checkExtension)) || preg_match('/wav$/i', urldecode($checkExtension)) && preg_match('/_chnano_.wav$/i', urldecode($checkExtension)) && api_get_setting('document.enable_nanogong') == 'true') {
$url = 'showinframes.php?' . api_get_cidreq() . '&id=' . $document_data['id'];
//without preview
return '<a href="' . $url . '" title="' . $tooltip_title_alt . '" ' . $visibility_class . ' style="float:left">' . DocumentManager::build_document_icon_tag($filetype, $path) . '</a>';
} else {
return '<a href="' . $url . '" title="' . $tooltip_title_alt . '" ' . $visibility_class . ' style="float:left">' . DocumentManager::build_document_icon_tag($filetype, $path) . '</a>';
}
} else {
return '<a href="' . $url . '" title="' . $tooltip_title_alt . '" target="' . $target . '"' . $visibility_class . ' style="float:left">' . DocumentManager::build_document_icon_tag($filetype, $path) . '</a>';
}
}
}
}
/**
*
* Get agenda events
* @param int start tms
* @param int end tms
* @param int course id *integer* not the course code
* @param int user id
*
*/
public function get_events($start, $end, $course_id = null, $group_id = null, $user_id = 0)
{
switch ($this->type) {
case 'admin':
$this->get_platform_events($start, $end);
break;
case 'course':
$session_id = api_get_session_id();
$course_info = api_get_course_info_by_id($course_id);
$this->get_course_events($start, $end, $course_info, $group_id, $session_id, $user_id);
break;
case 'personal':
default:
//Getting personal events
$this->get_personal_events($start, $end);
//Getting platform/admin events
$this->get_platform_events($start, $end);
//Getting course events
$my_course_list = array();
if (!api_is_anonymous()) {
$session_list = SessionManager::get_sessions_by_user(api_get_user_id());
$my_course_list = CourseManager::get_courses_list_by_user_id(api_get_user_id(), true);
}
if (!empty($session_list)) {
foreach ($session_list as $session_item) {
$my_courses = $session_item['courses'];
$my_session_id = $session_item['session_id'];
if (!empty($my_courses)) {
foreach ($my_courses as $course_item) {
$course_info = api_get_course_info_by_id($course_item['id']);
$this->get_course_events($start, $end, $course_info, 0, $my_session_id);
}
}
}
}
if (!empty($my_course_list)) {
foreach ($my_course_list as $course_info_item) {
if (isset($course_id) && !empty($course_id)) {
if ($course_info_item['real_id'] == $course_id) {
$this->get_course_events($start, $end, $course_info_item);
}
} else {
$this->get_course_events($start, $end, $course_info_item);
}
}
}
break;
}
if (!empty($this->events)) {
return json_encode($this->events);
}
return '';
}
$group_properties = GroupManager::get_group_properties($group_id);
$interbreadcrumb[] = array("url" => api_get_path(WEB_CODE_PATH) . "group/group.php?" . api_get_cidreq(), "name" => get_lang('Groups'));
$interbreadcrumb[] = array("url" => api_get_path(WEB_CODE_PATH) . "group/group_space.php?" . api_get_cidreq(), "name" => get_lang('GroupSpace') . ' ' . $group_properties['name']);
}
if (empty($_GET['origin']) or $_GET['origin'] !== 'learnpath') {
//we are not in the learning path
Display::display_header($nameTools, get_lang('Announcements'));
}
// Tool introduction
if (empty($_GET['origin']) || $_GET['origin'] !== 'learnpath') {
Display::display_introduction_section(TOOL_ANNOUNCEMENT);
}
// Actions
$show_actions = false;
$actionsLeft = '';
if ((api_is_allowed_to_edit(false, true) || api_get_course_setting('announcement.allow_user_edit_announcement') && !api_is_anonymous()) && (empty($_GET['origin']) || $_GET['origin'] !== 'learnpath')) {
if (in_array($action, array('add', 'modify', 'view'))) {
$actionsLeft .= "<a href='" . api_get_self() . "?" . api_get_cidreq() . "&origin=" . $origin . "'>" . Display::return_icon('back.png', get_lang('Back'), '', ICON_SIZE_MEDIUM) . "</a>";
} else {
$actionsLeft .= "<a href='" . api_get_self() . "?" . api_get_cidreq() . "&action=add&origin=" . $origin . "'>" . Display::return_icon('new_announce.png', get_lang('AddAnnouncement'), '', ICON_SIZE_MEDIUM) . "</a>";
}
$show_actions = true;
} else {
if (in_array($action, array('view'))) {
$actionsLeft .= "<a href='" . api_get_self() . "?" . api_get_cidreq() . "&origin=" . $origin . "'>" . Display::return_icon('back.png', get_lang('Back'), '', ICON_SIZE_MEDIUM) . "</a>";
echo '</div>';
}
}
if (api_is_allowed_to_edit() && $announcement_number > 1) {
if (api_get_group_id() == 0) {
if (!isset($_GET['action'])) {
/**
* This function tackles the XSS injections.
* Filtering for XSS is very easily done by using the htmlentities() function.
* This kind of filtering prevents JavaScript snippets to be understood as such.
* @param string The variable to filter for XSS, this params can be a string or an array (example : array(x,y))
* @param int The user status,constant allowed (STUDENT, COURSEMANAGER, ANONYMOUS, COURSEMANAGERLOWSECURITY)
* @param bool $filter_terms
* @return mixed Filtered string or array
*/
public static function remove_XSS($var, $user_status = null, $filter_terms = false)
{
if ($filter_terms) {
$var = self::filter_terms($var);
}
if (empty($user_status)) {
if (api_is_anonymous()) {
$user_status = ANONYMOUS;
} else {
if (api_is_allowed_to_edit()) {
$user_status = COURSEMANAGER;
} else {
$user_status = STUDENT;
}
}
}
if ($user_status == COURSEMANAGERLOWSECURITY) {
return $var;
// No filtering.
}
static $purifier = array();
if (!isset($purifier[$user_status])) {
$cache_dir = api_get_path(SYS_ARCHIVE_PATH) . 'Serializer';
if (!file_exists($cache_dir)) {
mkdir($cache_dir, 0777);
}
$config = HTMLPurifier_Config::createDefault();
$config->set('Cache.SerializerPath', $cache_dir);
$config->set('Core.Encoding', api_get_system_encoding());
$config->set('HTML.Doctype', 'XHTML 1.0 Transitional');
$config->set('HTML.MaxImgLength', '2560');
$config->set('HTML.TidyLevel', 'light');
$config->set('Core.ConvertDocumentToFragment', false);
$config->set('Core.RemoveProcessingInstructions', true);
if (api_get_setting('enable_iframe_inclusion') == 'true') {
$config->set('Filter.Custom', array(new HTMLPurifier_Filter_AllowIframes()));
}
// Shows _target attribute in anchors
$config->set('Attr.AllowedFrameTargets', array('_blank', '_top', '_self', '_parent'));
if ($user_status == STUDENT) {
global $allowed_html_student;
$config->set('HTML.SafeEmbed', true);
$config->set('HTML.SafeObject', true);
$config->set('Filter.YouTube', true);
$config->set('HTML.FlashAllowFullScreen', true);
$config->set('HTML.Allowed', $allowed_html_student);
} elseif ($user_status == COURSEMANAGER) {
global $allowed_html_teacher;
$config->set('HTML.SafeEmbed', true);
$config->set('HTML.SafeObject', true);
$config->set('Filter.YouTube', true);
$config->set('HTML.FlashAllowFullScreen', true);
$config->set('HTML.Allowed', $allowed_html_teacher);
} else {
global $allowed_html_anonymous;
$config->set('HTML.Allowed', $allowed_html_anonymous);
}
// We need it for example for the flv player (ids of surrounding div-tags have to be preserved).
$config->set('Attr.EnableID', true);
$config->set('CSS.AllowImportant', true);
// We need for the flv player the css definition display: none;
$config->set('CSS.AllowTricky', true);
$config->set('CSS.Proprietary', true);
// Allow uri scheme.
$config->set('URI.AllowedSchemes', array('http' => true, 'https' => true, 'mailto' => true, 'ftp' => true, 'nntp' => true, 'news' => true, 'data' => true));
$purifier[$user_status] = new HTMLPurifier($config);
}
if (is_array($var)) {
return $purifier[$user_status]->purifyArray($var);
} else {
return $purifier[$user_status]->purify($var);
}
}
if (empty($course_info)) {
api_not_allowed();
}
$course_id = $course_info['real_id'];
$surveyCode = isset($_GET['scode']) ? Database::escape_string($_GET['scode']) : '';
if ($surveyCode != "") {
// Firstly we check if this survey is ready for anonymous use:
$sql = "SELECT anonymous FROM $table_survey
WHERE c_id = $course_id AND code ='".$surveyCode."'";
$resultAnonymous = Database::query($sql);
$rowAnonymous = Database::fetch_array($resultAnonymous, 'ASSOC');
// If is anonymous and is not allowed to take the survey to anonymous users, forbid access:
if (!isset($rowAnonymous['anonymous']) || ($rowAnonymous['anonymous'] == 0 && api_is_anonymous()) || count($rowAnonymous) == 0) {
api_not_allowed(true);
}
// If is anonymous and it is allowed to take the survey as anonymous, mark survey as anonymous.
}
// Header
Display :: display_header(get_lang('ToolSurvey'));
// First we check if the needed parameters are present
if ((!isset($_GET['course']) || !isset($_GET['invitationcode'])) && !isset($_GET['user_id'])) {
Display :: display_error_message(get_lang('SurveyParametersMissingUseCopyPaste'), false);
Display :: display_footer();
exit;
}
/**
* Display list of courses in a category.
* (for anonymous users)
*
* @version 1.1
* @author Patrick Cool <*****@*****.**>, Ghent University - refactoring and code cleaning
* @author Julio Montoya <*****@*****.**>, Beeznest template modifs
* @assert () !== 0
*/
public function return_courses_in_categories()
{
$result = '';
$stok = Security::get_token();
// Initialization.
$user_identified = api_get_user_id() > 0 && !api_is_anonymous();
$web_course_path = api_get_path(WEB_COURSE_PATH);
$category = Database::escape_string($_GET['category']);
$setting_show_also_closed_courses = api_get_setting('show_closed_courses') == 'true';
// Database table definitions.
$main_course_table = Database::get_main_table(TABLE_MAIN_COURSE);
$main_category_table = Database::get_main_table(TABLE_MAIN_CATEGORY);
// Get list of courses in category $category.
$sql_get_course_list = "SELECT * FROM {$main_course_table} cours\n WHERE category_code = '" . Database::escape_string($_GET['category']) . "'\n ORDER BY title, UPPER(visual_code)";
// Showing only the courses of the current access_url_id.
if (api_is_multiple_url_enabled()) {
$url_access_id = api_get_current_access_url_id();
if ($url_access_id != -1) {
$tbl_url_rel_course = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$sql_get_course_list = "SELECT * FROM {$main_course_table} as course INNER JOIN {$tbl_url_rel_course} as url_rel_course\n ON (url_rel_course.c_id = course.id)\n WHERE access_url_id = {$url_access_id} AND category_code = '" . Database::escape_string($_GET['category']) . "' ORDER BY title, UPPER(visual_code)";
}
}
// Removed: AND cours.visibility='".COURSE_VISIBILITY_OPEN_WORLD."'
$sql_result_courses = Database::query($sql_get_course_list);
while ($course_result = Database::fetch_array($sql_result_courses)) {
$course_list[] = $course_result;
}
$platform_visible_courses = '';
// $setting_show_also_closed_courses
if ($user_identified) {
if ($setting_show_also_closed_courses) {
$platform_visible_courses = '';
} else {
$platform_visible_courses = " AND (t3.visibility='" . COURSE_VISIBILITY_OPEN_WORLD . "' OR t3.visibility='" . COURSE_VISIBILITY_OPEN_PLATFORM . "' )";
}
} else {
if ($setting_show_also_closed_courses) {
$platform_visible_courses = '';
} else {
$platform_visible_courses = " AND (t3.visibility='" . COURSE_VISIBILITY_OPEN_WORLD . "' )";
}
}
$sqlGetSubCatList = "\n SELECT t1.name,t1.code,t1.parent_id,t1.children_count,COUNT(DISTINCT t3.code) AS nbCourse\n FROM {$main_category_table} t1\n LEFT JOIN {$main_category_table} t2 ON t1.code=t2.parent_id\n LEFT JOIN {$main_course_table} t3 ON (t3.category_code=t1.code {$platform_visible_courses})\n WHERE t1.parent_id " . (empty($category) ? "IS NULL" : "='{$category}'") . "\n GROUP BY t1.name,t1.code,t1.parent_id,t1.children_count ORDER BY t1.tree_pos, t1.name";
// Showing only the category of courses of the current access_url_id
if (api_is_multiple_url_enabled()) {
$url_access_id = api_get_current_access_url_id();
if ($url_access_id != -1) {
$tbl_url_rel_course = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$sqlGetSubCatList = "\n SELECT t1.name,t1.code,t1.parent_id,t1.children_count,COUNT(DISTINCT t3.code) AS nbCourse\n FROM {$main_category_table} t1\n LEFT JOIN {$main_category_table} t2 ON t1.code=t2.parent_id\n LEFT JOIN {$main_course_table} t3 ON (t3.category_code=t1.code {$platform_visible_courses})\n INNER JOIN {$tbl_url_rel_course} as url_rel_course\n ON (url_rel_course.c_id = t3.id)\n WHERE access_url_id = {$url_access_id} AND t1.parent_id " . (empty($category) ? "IS NULL" : "='{$category}'") . "\n GROUP BY t1.name,t1.code,t1.parent_id,t1.children_count ORDER BY t1.tree_pos, t1.name";
}
}
$resCats = Database::query($sqlGetSubCatList);
$thereIsSubCat = false;
if (Database::num_rows($resCats) > 0) {
$htmlListCat = Display::page_header(get_lang('CatList'));
$htmlListCat .= '<ul>';
while ($catLine = Database::fetch_array($resCats)) {
if ($catLine['code'] != $category) {
$category_has_open_courses = $this->category_has_open_courses($catLine['code']);
if ($category_has_open_courses) {
// The category contains courses accessible to anonymous visitors.
$htmlListCat .= '<li>';
$htmlListCat .= '<a href="' . api_get_self() . '?category=' . $catLine['code'] . '">' . $catLine['name'] . '</a>';
if (api_get_setting('show_number_of_courses') == 'true') {
$htmlListCat .= ' (' . $catLine['nbCourse'] . ' ' . get_lang('Courses') . ')';
}
$htmlListCat .= "</li>";
$thereIsSubCat = true;
} elseif ($catLine['children_count'] > 0) {
// The category has children, subcategories.
$htmlListCat .= '<li>';
$htmlListCat .= '<a href="' . api_get_self() . '?category=' . $catLine['code'] . '">' . $catLine['name'] . '</a>';
$htmlListCat .= "</li>";
$thereIsSubCat = true;
} elseif (api_get_setting('show_empty_course_categories') == 'true') {
$htmlListCat .= '<li>';
$htmlListCat .= $catLine['name'];
$htmlListCat .= "</li>";
$thereIsSubCat = true;
}
// Else don't set thereIsSubCat to true to avoid printing things if not requested.
} else {
$htmlTitre = '<p>';
if (api_get_setting('show_back_link_on_top_of_tree') == 'true') {
$htmlTitre .= '<a href="' . api_get_self() . '"><< ' . get_lang('BackToHomePage') . '</a>';
}
if (!is_null($catLine['parent_id']) || api_get_setting('show_back_link_on_top_of_tree') != 'true' && !is_null($catLine['code'])) {
$htmlTitre .= '<a href="' . api_get_self() . '?category=' . $catLine['parent_id'] . '"><< ' . get_lang('Up') . '</a>';
}
$htmlTitre .= "</p>";
if ($category != "" && !is_null($catLine['code'])) {
$htmlTitre .= '<h3>' . $catLine['name'] . "</h3>";
} else {
$htmlTitre .= '<h3>' . get_lang('Categories') . "</h3>";
}
}
}
$htmlListCat .= "</ul>";
}
$result .= $htmlTitre;
if ($thereIsSubCat) {
$result .= $htmlListCat;
}
while ($categoryName = Database::fetch_array($resCats)) {
$result .= '<h3>' . $categoryName['name'] . "</h3>\n";
}
$numrows = Database::num_rows($sql_result_courses);
$courses_list_string = '';
$courses_shown = 0;
if ($numrows > 0) {
$courses_list_string .= Display::page_header(get_lang('CourseList'));
$courses_list_string .= "<ul>";
if (api_get_user_id()) {
$courses_of_user = $this->get_courses_of_user(api_get_user_id());
}
foreach ($course_list as $course) {
// $setting_show_also_closed_courses
if (!$setting_show_also_closed_courses) {
// If we do not show the closed courses
// we only show the courses that are open to the world (to everybody)
// and the courses that are open to the platform (if the current user is a registered user.
if ($user_identified && $course['visibility'] == COURSE_VISIBILITY_OPEN_PLATFORM || $course['visibility'] == COURSE_VISIBILITY_OPEN_WORLD) {
$courses_shown++;
$courses_list_string .= "<li>\n";
$courses_list_string .= '<a href="' . $web_course_path . $course['directory'] . '/">' . $course['title'] . '</a><br />';
$course_details = array();
if (api_get_setting('display_coursecode_in_courselist') == 'true') {
$course_details[] = $course['visual_code'];
}
if (api_get_setting('display_teacher_in_courselist') == 'true') {
$course_details[] = $course['tutor_name'];
}
if (api_get_setting('show_different_course_language') == 'true' && $course['course_language'] != api_get_setting('platformLanguage')) {
$course_details[] = $course['course_language'];
}
$courses_list_string .= implode(' - ', $course_details);
$courses_list_string .= "</li>\n";
}
} else {
// We DO show the closed courses.
// The course is accessible if (link to the course homepage):
// 1. the course is open to the world (doesn't matter if the user is logged in or not): $course['visibility'] == COURSE_VISIBILITY_OPEN_WORLD);
// 2. the user is logged in and the course is open to the world or open to the platform: ($user_identified && $course['visibility'] == COURSE_VISIBILITY_OPEN_PLATFORM);
// 3. the user is logged in and the user is subscribed to the course and the course visibility is not COURSE_VISIBILITY_CLOSED;
// 4. the user is logged in and the user is course admin of te course (regardless of the course visibility setting);
// 5. the user is the platform admin api_is_platform_admin().
//
$courses_shown++;
$courses_list_string .= "<li>\n";
if ($course['visibility'] == COURSE_VISIBILITY_OPEN_WORLD || $user_identified && $course['visibility'] == COURSE_VISIBILITY_OPEN_PLATFORM || $user_identified && key_exists($course['code'], $courses_of_user) && $course['visibility'] != COURSE_VISIBILITY_CLOSED || $courses_of_user[$course['code']]['status'] == '1' || api_is_platform_admin()) {
$courses_list_string .= '<a href="' . $web_course_path . $course['directory'] . '/">';
}
$courses_list_string .= $course['title'];
if ($course['visibility'] == COURSE_VISIBILITY_OPEN_WORLD || $user_identified && $course['visibility'] == COURSE_VISIBILITY_OPEN_PLATFORM || $user_identified && key_exists($course['code'], $courses_of_user) && $course['visibility'] != COURSE_VISIBILITY_CLOSED || $courses_of_user[$course['code']]['status'] == '1' || api_is_platform_admin()) {
$courses_list_string .= '</a><br />';
}
$course_details = array();
if (api_get_setting('display_coursecode_in_courselist') == 'true') {
$course_details[] = $course['visual_code'];
}
// if (api_get_setting('display_coursecode_in_courselist') == 'true' && api_get_setting('display_teacher_in_courselist') == 'true') {
// $courses_list_string .= ' - ';
// }
if (api_get_setting('display_teacher_in_courselist') == 'true') {
$course_details[] = $course['tutor_name'];
}
if (api_get_setting('show_different_course_language') == 'true' && $course['course_language'] != api_get_setting('platformLanguage')) {
$course_details[] = $course['course_language'];
}
if (api_get_setting('show_different_course_language') == 'true' && $course['course_language'] != api_get_setting('platformLanguage')) {
$course_details[] = $course['course_language'];
}
$courses_list_string .= implode(' - ', $course_details);
// We display a subscription link if:
// 1. it is allowed to register for the course and if the course is not already in the courselist of the user and if the user is identiefied
// 2.
if ($user_identified && !key_exists($course['code'], $courses_of_user)) {
if ($course['subscribe'] == '1') {
$courses_list_string .= '<form action="main/auth/courses.php?action=subscribe&category=' . Security::remove_XSS($_GET['category']) . '" method="post">';
$courses_list_string .= '<input type="hidden" name="sec_token" value="' . $stok . '">';
$courses_list_string .= '<input type="hidden" name="subscribe" value="' . $course['code'] . '" />';
$courses_list_string .= '<input type="image" name="unsub" src="main/img/enroll.gif" alt="' . get_lang('Subscribe') . '" />' . get_lang('Subscribe') . '</form>';
} else {
$courses_list_string .= '<br />' . get_lang('SubscribingNotAllowed');
}
}
$courses_list_string .= "</li>";
}
//end else
}
// end foreach
$courses_list_string .= "</ul>";
}
if ($courses_shown > 0) {
// Only display the list of courses and categories if there was more than
// 0 courses visible to the world (we're in the anonymous list here).
$result .= $courses_list_string;
}
if ($category != '') {
$result .= '<p><a href="' . api_get_self() . '"> ' . Display::return_icon('back.png', get_lang('BackToHomePage')) . get_lang('BackToHomePage') . '</a></p>';
}
return $result;
}
/**
* Search courses that match the search term.
* Search is done on the code, title and tutor fields.
*
* @param string $search_term
* @return array
*/
function retrieve_courses($search_term)
{
if (empty($search_term)) {
return array();
}
$search_term = Database::escape_string($search_term);
$course_table = Database::get_main_table(TABLE_MAIN_COURSE);
if (api_is_anonymous()) {
$course_fiter = 'visibility = ' . COURSE_VISIBILITY_OPEN_WORLD;
} else {
$course_fiter = 'visibility = ' . COURSE_VISIBILITY_OPEN_WORLD . ' OR ';
$course_fiter .= 'visibility = ' . COURSE_VISIBILITY_OPEN_PLATFORM . ' OR ';
$course_fiter .= '(visibility = ' . COURSE_VISIBILITY_REGISTERED . ' AND subscribe = 1)';
}
$sql = <<<EOT
SELECT * FROM {$course_table}
WHERE ({$course_fiter}) AND (code LIKE '%{$search_term}%' OR visual_code LIKE '%{$search_term}%' OR title LIKE '%{$search_term}%' OR tutor_name LIKE '%{$search_term}%')
ORDER BY title, visual_code ASC
EOT;
$result = array();
$resultset = Database::query($sql);
while ($row = Database::fetch_array($resultset)) {
$code = $row['code'];
$result[$code] = array('code' => $code, 'directory' => $row['directory'], 'visual_code' => $row['visual_code'], 'title' => $row['title'], 'tutor' => $row['tutor_name'], 'subscribe' => $row['subscribe'], 'unsubscribe' => $row['unsubscribe']);
}
return $result;
}
/**
* Get the users to display on the current page (fill the sortable-table)
* @param int offset of first user to recover
* @param int Number of users to get
* @param int Column to sort on
* @param string Order (ASC,DESC)
* @see SortableTable#get_table_data($from)
*/
function get_user_data($from, $number_of_items, $column, $direction)
{
$user_table = Database :: get_main_table(TABLE_MAIN_USER);
if (api_is_western_name_order()) {
$col34 = "u.firstname AS col3,
u.lastname AS col4,";
} else {
$col34 = "u.lastname AS col3,
u.firstname AS col4,";
}
$sql = "SELECT
u.user_id AS col0,
u.official_code AS col2,
$col34
u.username AS col5,
u.email AS col6,
u.status AS col7,
u.active AS col8,
u.user_id AS col9,
u.expiration_date AS exp
FROM $user_table u ";
if (isset($_GET['keyword'])) {
$keyword = Database::escape_string(trim($_GET['keyword']));
$sql .= " WHERE (u.firstname LIKE '%$keyword%' OR
u.lastname LIKE '%$keyword%' OR
concat(u.firstname,' ',u.lastname) LIKE '%$keyword%' OR
concat(u.lastname,' ',u.firstname) LIKE '%$keyword%' OR
u.username LIKE '%$keyword%' OR
u.official_code LIKE '%$keyword%'
OR u.email LIKE '%$keyword%' )";
}
if (!in_array($direction, array('ASC', 'DESC'))) {
$direction = 'ASC';
}
$column = intval($column);
$from = intval($from);
$number_of_items = intval($number_of_items);
$sql .= " ORDER BY col$column $direction ";
$sql .= " LIMIT $from,$number_of_items";
$res = Database::query($sql);
$users = array();
$webPath = api_get_path(WEB_PATH);
$selfPath = api_get_self();
while ($user = Database::fetch_row($res)) {
$image_path = UserManager::get_user_picture_path_by_id($user[0], 'web', false, true);
$user_profile = UserManager::get_picture_user($user[0], $image_path['file'], 22, USER_IMAGE_SIZE_SMALL, ' width="22" height="22" ');
if (!api_is_anonymous()) {
$photo = '<center><a href="' . $webPath . 'whoisonline.php?origin=user_list&id=' . $user[0] . '" title="' . get_lang('Info') . '"><img src="' . $user_profile['file'] . '" ' . $user_profile['style'] . ' alt="' . api_get_person_name($user[2], $user[3]) . '" title="' . api_get_person_name($user[2], $user[3]) . '" /></a></center>';
} else {
$photo = '<center><img src="' . $user_profile['file'] . '" ' . $user_profile['style'] . ' alt="' . api_get_person_name($user[2], $user[3]) . '" title="' . api_get_person_name($user[2], $user[3]) . '" /></center>';
}
$user_id = $user[0];
$button = '<a href="' . $selfPath . '?user_request=' . $user[0] . '">' . Display::return_icon('view_more_stats.gif', get_lang('Info')) . '</a>';
$button = '<a href="javascript:void(0)" onclick="load_course_list(\'div_' . $user_id . '\',' . $user_id . ')">
<img onclick="load_course_list(\'div_' . $user_id . '\',' . $user_id . ')" src="' . $webPath . 'img/view_more_stats.gif" title="' . get_lang('Courses') . '" alt="' . get_lang('Courses') . '"/>
</a> ';
$users[] = array($photo, $user[1], $user[2], $user[3], $user[4], $user[5], $button);
}
return $users;
}
$social_right_content .= '<div class="span9">' . UserManager::get_search_form($query) . '</div>';
}
}
$social_right_content .= SocialManager::display_user_list($user_list);
}
}
if (isset($_GET['id'])) {
if (api_get_setting('allow_social_tool') == 'true') {
header("Location: " . api_get_path(WEB_CODE_PATH) . "social/profile.php?u=" . intval($_GET['id']));
exit;
} else {
SocialManager::display_individual_user($_GET['id']);
}
}
} else {
api_not_allowed();
exit;
}
$app['title'] = get_lang('UsersOnLineList');
$tpl = $app['template'];
if (api_get_setting('allow_social_tool') == 'true' && !api_is_anonymous()) {
$tpl->setHelp('Groups');
$tpl->assign('social_left_content', $social_left_content);
$tpl->assign('social_right_content', $social_right_content);
$social_layout = $tpl->get_template('layout/social_layout.tpl');
$tpl->display($social_layout);
} else {
$tpl->assign('header', get_lang('UsersOnLineList'));
$tpl->assign('content', $social_right_content);
$tpl->display_one_col_template();
}
/**
* Returns the timezone to be converted to/from, based on user or admin preferences
*
* @return string The timezone chosen
*/
function _api_get_timezone()
{
return date_default_timezone_get();
$userId = api_get_user_id();
// First, get the default timezone of the server
$to_timezone = date_default_timezone_get();
// Second, see if a timezone has been chosen for the platform
/*$timezone_value = api_get_setting('timezone_value', 'timezones');
if ($timezone_value != null) {
$to_timezone = $timezone_value;
}*/
// If allowed by the administrator
$use_users_timezone = api_get_setting('use_users_timezone', 'timezones');
if ($use_users_timezone == 'true' && !empty($userId) && !api_is_anonymous()) {
$userInfo = api_get_user_info();
$extraFields = $userInfo['extra_fields'];
// Get the timezone based on user preference, if it exists
// $timezone_user = UserManager::get_extra_user_data_by_field($userId, 'timezone');
if (isset($extraFields['extra_timezone']) && $extraFields['extra_timezone'] != null) {
$to_timezone = $extraFields['extra_timezone'];
}
}
return $to_timezone;
}
/**
* Declare and define the template variable that will be used to load
* javascript libraries in the header.
*/
public function set_js_files()
{
global $disable_js_and_css_files, $htmlHeadXtra;
//JS files
$js_files = array(
'modernizr.js',
'jquery.min.js',
'chosen/chosen.jquery.min.js',
'thickbox.js',
'bootstrap/bootstrap.js',
'mediaelement/mediaelement-and-player.min.js'
);
if (api_is_global_chat_enabled()) {
//Do not include the global chat in LP
if ($this->show_learnpath == false && $this->show_footer == true && $this->hide_global_chat == false) {
$js_files[] = 'chat/js/chat.js';
}
}
if (api_get_setting('accessibility_font_resize') == 'true') {
$js_files[] = 'fontresize.js';
}
if (api_get_setting('include_asciimathml_script') == 'true') {
$js_files[] = 'asciimath/ASCIIMathML.js';
}
$js_file_to_string = null;
foreach ($js_files as $js_file) {
$js_file_to_string .= api_get_js($js_file);
}
//Loading email_editor js
if (!api_is_anonymous() && api_get_setting('allow_email_editor') == 'true') {
$js_file_to_string .= $this->fetch('default/mail_editor/email_link.js.tpl');
}
if (!$disable_js_and_css_files) {
$this->assign('js_file_to_string', $js_file_to_string);
//Adding jquery ui by default
$extra_headers = api_get_jquery_ui_js();
//$extra_headers = '';
if (isset($htmlHeadXtra) && $htmlHeadXtra) {
foreach ($htmlHeadXtra as & $this_html_head) {
$extra_headers .= $this_html_head."\n";
}
}
$this->assign('extra_headers', $extra_headers);
}
}
/**
* @param bool|true $setLoginForm
*/
public function setLoginForm($setLoginForm = true)
{
global $loginFailed;
$userId = api_get_user_id();
if (!$userId || api_is_anonymous($userId)) {
// Only display if the user isn't logged in.
$this->assign('login_language_form', api_display_language_form(true));
if ($setLoginForm) {
$this->assign('login_form', $this->displayLoginForm());
if ($loginFailed) {
$this->assign('login_failed', $this::handleLoginFailed());
}
}
}
}
$res = SocialManager::sendWallMessage(api_get_user_id(), $friendId, $messageContent, $messageId, MESSAGE_STATUS_WALL);
$url = api_get_path(WEB_CODE_PATH) . 'social/profile.php';
$url .= empty($_SERVER['QUERY_STRING']) ? '' : '?' . Security::remove_XSS($_SERVER['QUERY_STRING']);
header('Location: ' . $url);
exit;
} else {
if (isset($_GET['messageId'])) {
$messageId = Security::remove_XSS($_GET['messageId']);
$status = SocialManager::deleteMessage($messageId);
header('Location: ' . api_get_path(WEB_CODE_PATH) . 'social/profile.php');
exit;
} else {
if (isset($_GET['u'])) {
//I'm your friend? I can see your profile?
$user_id = intval($_GET['u']);
if (api_is_anonymous($user_id, true)) {
api_not_allowed(true);
}
// It's me!
if (api_get_user_id() != $user_id) {
$user_info = api_get_user_info($user_id);
$show_full_profile = false;
if (!$user_info) {
// user does no exist !!
api_not_allowed(true);
} else {
//checking the relationship between me and my friend
$my_status = SocialManager::get_relation_between_contacts(api_get_user_id(), $user_id);
if (in_array($my_status, array(USER_RELATION_TYPE_PARENT, USER_RELATION_TYPE_FRIEND, USER_RELATION_TYPE_GOODFRIEND))) {
$show_full_profile = true;
}
/**
*
* @global bool $is_platformAdmin
* @global bool $is_allowedCreateCourse
* @global object $_user
* @global int $_cid
* @global array $_course
* @global int $_real_cid
* @global type $_courseUser
* @global type $is_courseAdmin
* @global type $is_courseTutor
* @global type $is_courseCoach
* @global type $is_courseMember
* @global type $is_sessionAdmin
* @global type $is_allowed_in_course
*
* @param type $course_id
* @param type $reset
*/
static function init_course($course_id, $reset)
{
global $_configuration;
global $is_platformAdmin;
global $is_allowedCreateCourse;
global $_user;
global $_cid;
global $_course;
global $_real_cid;
global $is_courseAdmin;
//course teacher
global $is_courseTutor;
//course teacher - some rights
global $is_courseCoach;
//course coach
global $is_courseMember;
//course student
global $is_sessionAdmin;
global $is_allowed_in_course;
if ($reset) {
// Course session data refresh requested or empty data
if ($course_id) {
$course_table = Database::get_main_table(TABLE_MAIN_COURSE);
$course_cat_table = Database::get_main_table(TABLE_MAIN_CATEGORY);
$sql = "SELECT course.*, course_category.code faCode, course_category.name faName\n FROM {$course_table}\n LEFT JOIN {$course_cat_table}\n ON course.category_code = course_category.code\n WHERE course.code = '{$course_id}'";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
$course_data = Database::fetch_array($result);
//@TODO real_cid should be cid, for working with numeric course id
$_real_cid = $course_data['id'];
$_cid = $course_data['code'];
$_course = array();
$_course['real_id'] = $course_data['id'];
$_course['id'] = $course_data['code'];
//auto-assigned integer
$_course['code'] = $course_data['code'];
$_course['name'] = $course_data['title'];
$_course['title'] = $course_data['title'];
$_course['official_code'] = $course_data['visual_code'];
// use in echo
$_course['sysCode'] = $course_data['code'];
// use as key in db
$_course['path'] = $course_data['directory'];
// use as key in path
$_course['titular'] = $course_data['tutor_name'];
// this should be deprecated and use the table course_rel_user
$_course['language'] = $course_data['course_language'];
$_course['extLink']['url'] = $course_data['department_url'];
$_course['extLink']['name'] = $course_data['department_name'];
$_course['categoryCode'] = $course_data['faCode'];
$_course['categoryName'] = $course_data['faName'];
$_course['visibility'] = $course_data['visibility'];
$_course['subscribe_allowed'] = $course_data['subscribe'];
$_course['unsubscribe'] = $course_data['unsubscribe'];
$_course['activate_legal'] = $course_data['activate_legal'];
$_course['show_score'] = $course_data['show_score'];
//used in the work tool
Session::write('_cid', $_cid);
Session::write('_course', $_course);
//@TODO real_cid should be cid, for working with numeric course id
Session::write('_real_cid', $_real_cid);
// if a session id has been given in url, we store the session
// Database Table Definitions
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
if (!empty($_GET['id_session'])) {
$_SESSION['id_session'] = intval($_GET['id_session']);
$sql = 'SELECT name FROM ' . $tbl_session . ' WHERE id="' . intval($_SESSION['id_session']) . '"';
$rs = Database::query($sql);
list($_SESSION['session_name']) = Database::fetch_array($rs);
} else {
Session::erase('session_name');
Session::erase('id_session');
}
if (!isset($_SESSION['login_as'])) {
//Course login
if (isset($_user['user_id'])) {
Event::event_course_login(api_get_course_int_id(), $_user['user_id'], api_get_session_id());
}
}
} else {
//exit("WARNING UNDEFINED CID !! ");
header('location:' . api_get_path(WEB_PATH));
}
} else {
Session::erase('_cid');
Session::erase('_real_cid');
Session::erase('_course');
if (!empty($_SESSION)) {
foreach ($_SESSION as $key => $session_item) {
if (strpos($key, 'lp_autolaunch_') === false) {
continue;
} else {
if (isset($_SESSION[$key])) {
Session::erase($key);
}
}
}
}
//Deleting session info
if (api_get_session_id()) {
Session::erase('id_session');
Session::erase('session_name');
}
}
} else {
// Continue with the previous values
if (empty($_SESSION['_course']) or empty($_SESSION['_cid'])) {
//no previous values...
$_cid = -1;
//set default values that will be caracteristic of being unset
$_course = -1;
} else {
$_cid = $_SESSION['_cid'];
$_course = $_SESSION['_course'];
// these lines are usefull for tracking. Indeed we can have lost the id_session and not the cid.
// Moreover, if we want to track a course with another session it can be usefull
if (!empty($_GET['id_session'])) {
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$sql = 'SELECT name FROM ' . $tbl_session . ' WHERE id="' . intval($_SESSION['id_session']) . '"';
$rs = Database::query($sql);
list($_SESSION['session_name']) = Database::fetch_array($rs);
$_SESSION['id_session'] = intval($_GET['id_session']);
}
if (!isset($_SESSION['login_as'])) {
$save_course_access = true;
//The value $_dont_save_user_course_access should be added before the call of global.inc.php see the main/inc/chat.ajax.php file
//Disables the updates in the TRACK_E_COURSE_ACCESS table
if (isset($_dont_save_user_course_access) && $_dont_save_user_course_access == true) {
$save_course_access = false;
}
if ($save_course_access) {
$course_tracking_table = Database::get_main_table(TABLE_STATISTIC_TRACK_E_COURSE_ACCESS);
/*
* When $_configuration['session_lifetime'] is too big 100 hours (in order to let users take exercises with no problems)
* the function Tracking::get_time_spent_on_the_course() returns big values (200h) due the condition:
* login_course_date > now() - INTERVAL $session_lifetime SECOND
*
*/
/*
if (isset($_configuration['session_lifetime'])) {
$session_lifetime = $_configuration['session_lifetime'];
} else {
$session_lifetime = 3600; // 1 hour
} */
$session_lifetime = 3600;
// 1 hour
$time = api_get_utc_datetime();
if (isset($_user['user_id']) && !empty($_user['user_id'])) {
//We select the last record for the current course in the course tracking table
//But only if the login date is < than now + max_life_time
$sql = "SELECT course_access_id FROM {$course_tracking_table}\n WHERE\n user_id = " . intval($_user['user_id']) . " AND\n c_id = '" . api_get_course_int_id() . "' AND\n session_id = " . api_get_session_id() . " AND\n login_course_date > now() - INTERVAL {$session_lifetime} SECOND\n ORDER BY login_course_date DESC LIMIT 0,1";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
$i_course_access_id = Database::result($result, 0, 0);
//We update the course tracking table
$sql = "UPDATE {$course_tracking_table}\n SET logout_course_date = '{$time}', counter = counter+1\n WHERE course_access_id = " . intval($i_course_access_id) . " AND session_id = " . api_get_session_id();
Database::query($sql);
} else {
$sql = "INSERT INTO {$course_tracking_table} (c_id, user_id, login_course_date, logout_course_date, counter, session_id)" . "VALUES('" . api_get_course_int_id() . "', '" . $_user['user_id'] . "', '{$time}', '{$time}', '1','" . api_get_session_id() . "')";
Database::query($sql);
}
}
}
}
}
}
/* COURSE / USER REL. INIT */
$session_id = api_get_session_id();
$user_id = isset($_user['user_id']) ? $_user['user_id'] : null;
//Course permissions
$is_courseAdmin = false;
//course teacher
$is_courseTutor = false;
//course teacher - some rights
$is_courseMember = false;
//course student
//Course - User permissions
$is_sessionAdmin = false;
if ($reset) {
if (isset($user_id) && $user_id && isset($_cid) && $_cid) {
//Check if user is subscribed in a course
$course_user_table = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$sql = "SELECT * FROM {$course_user_table}\n WHERE\n user_id = '" . $user_id . "' AND\n relation_type <> " . COURSE_RELATION_TYPE_RRHH . " AND\n course_code = '{$course_id}'";
$result = Database::query($sql);
$cuData = null;
if (Database::num_rows($result) > 0) {
// this user have a recorded state for this course
$cuData = Database::fetch_array($result, 'ASSOC');
$is_courseAdmin = (bool) $cuData['status'] == 1;
$is_courseTutor = (bool) $cuData['is_tutor'] == 1;
$is_courseMember = true;
// Checking if the user filled the course legal agreement
if ($_course['activate_legal'] == 1 && !api_is_platform_admin()) {
$user_is_subscribed = CourseManager::is_user_accepted_legal($user_id, $_course['id'], $session_id);
if (!$user_is_subscribed) {
$url = api_get_path(WEB_CODE_PATH) . 'course_info/legal.php?course_code=' . $_course['code'] . '&session_id=' . $session_id;
header('Location: ' . $url);
exit;
}
}
}
//We are in a session course? Check session permissions
if (!empty($session_id)) {
//I'm not the teacher of the course
if ($is_courseAdmin == false) {
// this user has no status related to this course
// The user is subscribed in a session? The user is a Session coach a Session admin ?
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$tbl_session_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
$tbl_session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
//Session coach, session admin, course coach admin
$sql = "SELECT session.id_coach, session_admin_id, session_rcru.user_id\n FROM {$tbl_session} session, {$tbl_session_course_user} session_rcru\n WHERE\n session_rcru.session_id = session.id AND\n session_rcru.c_id = '{$_real_cid}' AND\n session_rcru.user_id = '{$user_id}' AND\n session_rcru.session_id = {$session_id} AND\n session_rcru.status = 2";
$result = Database::query($sql);
$row = Database::store_result($result);
//I'm a session admin?
if (isset($row) && isset($row[0]) && $row[0]['session_admin_id'] == $user_id) {
$is_courseMember = false;
$is_courseTutor = false;
$is_courseAdmin = false;
$is_courseCoach = false;
$is_sessionAdmin = true;
} else {
//Im a coach or a student?
$sql = "SELECT user_id, status\n FROM " . $tbl_session_course_user . "\n WHERE\n c_id = '{$_cid}' AND\n user_id = '" . $user_id . "' AND\n session_id = '" . $session_id . "'\n LIMIT 1";
$result = Database::query($sql);
if (Database::num_rows($result)) {
$row = Database::fetch_array($result, 'ASSOC');
$session_course_status = $row['status'];
switch ($session_course_status) {
case '2':
// coach - teacher
$is_courseMember = true;
$is_courseTutor = true;
$is_courseCoach = true;
$is_sessionAdmin = false;
if (api_get_setting('extend_rights_for_coach') == 'true') {
$is_courseAdmin = true;
} else {
$is_courseAdmin = false;
}
break;
case '0':
//student
$is_courseMember = true;
$is_courseTutor = false;
$is_courseAdmin = false;
$is_sessionAdmin = false;
break;
default:
//unregister user
$is_courseMember = false;
$is_courseTutor = false;
$is_courseAdmin = false;
$is_sessionAdmin = false;
break;
}
} else {
//unregister user
$is_courseMember = false;
$is_courseTutor = false;
$is_courseAdmin = false;
$is_sessionAdmin = false;
}
}
}
//If I'm the admin platform i'm a teacher of the course
if ($is_platformAdmin) {
$is_courseAdmin = true;
}
}
} else {
// keys missing => not anymore in the course - user relation
// course
$is_courseMember = false;
$is_courseAdmin = false;
$is_courseTutor = false;
$is_courseCoach = false;
$is_sessionAdmin = false;
}
//Checking the course access
$is_allowed_in_course = false;
if (isset($_course)) {
switch ($_course['visibility']) {
case COURSE_VISIBILITY_OPEN_WORLD:
//3
$is_allowed_in_course = true;
break;
case COURSE_VISIBILITY_OPEN_PLATFORM:
//2
if (isset($user_id) && !api_is_anonymous($user_id)) {
$is_allowed_in_course = true;
}
break;
case COURSE_VISIBILITY_REGISTERED:
//1
if ($is_platformAdmin || $is_courseMember) {
$is_allowed_in_course = true;
}
break;
case COURSE_VISIBILITY_CLOSED:
//0
if ($is_platformAdmin || $is_courseAdmin) {
$is_allowed_in_course = true;
}
break;
case COURSE_VISIBILITY_HIDDEN:
//4
if ($is_platformAdmin) {
$is_allowed_in_course = true;
}
break;
}
}
// check the session visibility
if ($is_allowed_in_course == true) {
//if I'm in a session
if ($session_id != 0) {
if (!$is_platformAdmin) {
// admin and session coach are *not* affected to the invisible session mode
// the coach is not affected because he can log in some days after the end date of a session
$session_visibility = api_get_session_visibility($session_id);
switch ($session_visibility) {
case SESSION_INVISIBLE:
$is_allowed_in_course = false;
break;
}
//checking date
}
}
}
// save the states
Session::write('is_courseAdmin', $is_courseAdmin);
Session::write('is_courseMember', $is_courseMember);
Session::write('is_courseTutor', $is_courseTutor);
Session::write('is_courseCoach', $is_courseCoach);
Session::write('is_allowed_in_course', $is_allowed_in_course);
Session::write('is_sessionAdmin', $is_sessionAdmin);
} else {
// continue with the previous values
$is_courseAdmin = $_SESSION['is_courseAdmin'];
$is_courseTutor = $_SESSION['is_courseTutor'];
$is_courseCoach = $_SESSION['is_courseCoach'];
$is_courseMember = $_SESSION['is_courseMember'];
$is_allowed_in_course = $_SESSION['is_allowed_in_course'];
}
}
