$documentPath = api_get_path(SYS_COURSE_PATH) . $_course['path'] . "/document";
$origin = isset($origin) ? $origin : null;
$path = isset($_GET['path']) ? Security::remove_XSS($_GET['path']) : null;
/* Constants and variables */
$is_allowedToEdit = api_is_allowed_to_edit(null, true) || api_is_drh() || api_is_student_boss();
$is_tutor = api_is_allowed_to_edit(true);
$TBL_QUESTIONS = Database::get_course_table(TABLE_QUIZ_QUESTION);
$TBL_TRACK_EXERCISES = Database::get_main_table(TABLE_STATISTIC_TRACK_E_EXERCISES);
$TBL_TRACK_ATTEMPT = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ATTEMPT);
$TBL_TRACK_ATTEMPT_RECORDING = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ATTEMPT_RECORDING);
$TBL_LP_ITEM_VIEW = Database::get_course_table(TABLE_LP_ITEM_VIEW);
$allowCoachFeedbackExercises = api_get_setting('exercise.allow_coach_feedback_exercises') === 'true';
$course_id = api_get_course_int_id();
$exercise_id = isset($_REQUEST['exerciseId']) ? intval($_REQUEST['exerciseId']) : null;
$filter_user = isset($_REQUEST['filter_by_user']) ? intval($_REQUEST['filter_by_user']) : null;
$locked = api_resource_is_locked_by_gradebook($exercise_id, LINK_EXERCISE);
if (empty($exercise_id)) {
api_not_allowed(true);
}
if (!$is_allowedToEdit && !$allowCoachFeedbackExercises) {
api_not_allowed(true);
}
if (!empty($exercise_id)) {
$parameters['exerciseId'] = $exercise_id;
}
if (!empty($_GET['path'])) {
$parameters['path'] = Security::remove_XSS($_GET['path']);
}
if (!empty($_REQUEST['export_report']) && $_REQUEST['export_report'] == '1') {
if (api_is_platform_admin() || api_is_course_admin() || api_is_course_tutor() || api_is_course_coach()) {
$loadExtraData = false;
/**
* check if an attendance is locked
* @param int $attendance_id
* @param bool
*/
public static function is_locked_attendance($attendance_id)
{
//use gradebook lock
$result = api_resource_is_locked_by_gradebook($attendance_id, LINK_ATTENDANCE);
return $result;
}
$last_post = api_convert_and_format_date($last_post_row['post_date']).' '.get_lang('By').' '.Display::tag('span', $name, array("title"=>api_htmlentities($last_post_info_username, ENT_QUOTES)));
}*/
echo '<td>' . $last_post . '</td>';
echo '<td class="td_actions">';
// Get attachment id.
if (isset($row['post_id'])) {
$attachment_list = get_attachment($row['post_id']);
}
$id_attach = !empty($attachment_list) ? $attachment_list['id'] : '';
$sql_post_id = "SELECT post_id FROM {$table_posts} WHERE c_id = {$course_id} AND post_title='" . Database::escape_string($row['thread_title']) . "'";
$result_post_id = Database::query($sql_post_id);
$row_post_id = Database::fetch_array($result_post_id);
if ($origin != 'learnpath') {
if (api_is_allowed_to_edit(false, true) && !(api_is_course_coach() && $current_forum['session_id'] != $_SESSION['id_session'])) {
echo '<a href="' . $forumUrl . 'editpost.php?' . api_get_cidreq() . '&forum=' . Security::remove_XSS($my_forum) . '&thread=' . Security::remove_XSS($row['thread_id']) . '&post=' . $row_post_id['post_id'] . '&id_attach=' . $id_attach . '">' . Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL) . '</a>';
if (api_resource_is_locked_by_gradebook($row['thread_id'], LINK_FORUM_THREAD)) {
echo Display::return_icon('delete_na.png', get_lang('ResourceLockedByGradebook'), array(), ICON_SIZE_SMALL);
} else {
echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&forum=' . Security::remove_XSS($my_forum) . '&action=delete&content=thread&id=' . $row['thread_id'] . $origin_string . "\" onclick=\"javascript:if(!confirm('" . addslashes(api_htmlentities(get_lang('DeleteCompleteThread'), ENT_QUOTES)) . "')) return false;\">" . Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL) . '</a>';
}
display_visible_invisible_icon('thread', $row['thread_id'], $row['visibility'], array('forum' => $my_forum, 'origin' => $origin, 'gidReq' => $groupId));
display_lock_unlock_icon('thread', $row['thread_id'], $row['locked'], array('forum' => $my_forum, 'origin' => $origin, 'gidReq' => api_get_group_id()));
echo '<a href="viewforum.php?' . api_get_cidreq() . '&forum=' . Security::remove_XSS($my_forum) . '&action=move&thread=' . $row['thread_id'] . $origin_string . '">' . Display::return_icon('move.png', get_lang('MoveThread'), array(), ICON_SIZE_SMALL) . '</a>';
}
}
$iconnotify = 'send_mail.gif';
if (is_array(isset($_SESSION['forum_notification']['thread']) ? $_SESSION['forum_notification']['thread'] : null)) {
if (in_array($row['thread_id'], $_SESSION['forum_notification']['thread'])) {
$iconnotify = 'send_mail_checked.gif';
}
}
/**
* Gets the exam'data results
* @todo this function should be moved in a library + no global calls
* @param int $from
* @param int $number_of_items
* @param int $column
* @param string $direction
* @param int $exercise_id
* @param null $extra_where_conditions
* @param bool $get_count
* @return array
*/
public static function get_exam_results_data($from, $number_of_items, $column, $direction, $exercise_id, $extra_where_conditions = null, $get_count = false)
{
//@todo replace all this globals
global $documentPath, $filter;
$course_id = api_get_course_int_id();
$sessionId = api_get_session_id();
$is_allowedToEdit = api_is_allowed_to_edit(null, true) || api_is_allowed_to_edit(true) || api_is_drh() || api_is_student_boss();
$TBL_USER = Database::get_main_table(TABLE_MAIN_USER);
$TBL_EXERCICES = Database::get_course_table(TABLE_QUIZ_TEST);
$TBL_GROUP_REL_USER = Database::get_course_table(TABLE_GROUP_USER);
$TBL_GROUP = Database::get_course_table(TABLE_GROUP);
$TBL_TRACK_EXERCICES = Database::get_main_table(TABLE_STATISTIC_TRACK_E_EXERCISES);
$TBL_TRACK_HOTPOTATOES = Database::get_main_table(TABLE_STATISTIC_TRACK_E_HOTPOTATOES);
$TBL_TRACK_ATTEMPT_RECORDING = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ATTEMPT_RECORDING);
$session_id_and = ' AND te.session_id = ' . $sessionId . ' ';
$exercise_id = intval($exercise_id);
$exercise_where = '';
if (!empty($exercise_id)) {
$exercise_where .= ' AND te.exe_exo_id = ' . $exercise_id . ' ';
}
$hotpotatoe_where = '';
if (!empty($_GET['path'])) {
$hotpotatoe_path = Database::escape_string($_GET['path']);
$hotpotatoe_where .= ' AND exe_name = "' . $hotpotatoe_path . '" ';
}
// sql for chamilo-type tests for teacher / tutor view
$sql_inner_join_tbl_track_exercices = "\n (\n SELECT DISTINCT ttte.*, if(tr.exe_id,1, 0) as revised\n FROM {$TBL_TRACK_EXERCICES} ttte LEFT JOIN {$TBL_TRACK_ATTEMPT_RECORDING} tr\n ON (ttte.exe_id = tr.exe_id)\n WHERE\n c_id = {$course_id} AND\n exe_exo_id = {$exercise_id} AND\n ttte.session_id = " . $sessionId . "\n )";
if ($is_allowedToEdit) {
//@todo fix to work with COURSE_RELATION_TYPE_RRHH in both queries
// Hack in order to filter groups
$sql_inner_join_tbl_user = '';
if (strpos($extra_where_conditions, 'group_id')) {
$sql_inner_join_tbl_user = "******" . $course_id . ")\n INNER JOIN {$TBL_GROUP} g\n ON (gru.group_id = g.id AND g.c_id=" . $course_id . ")\n )";
}
if (strpos($extra_where_conditions, 'group_all')) {
$extra_where_conditions = str_replace("AND ( group_id = 'group_all' )", '', $extra_where_conditions);
$extra_where_conditions = str_replace("AND group_id = 'group_all'", '', $extra_where_conditions);
$extra_where_conditions = str_replace("group_id = 'group_all' AND", '', $extra_where_conditions);
$sql_inner_join_tbl_user = "******";
$sql_inner_join_tbl_user = null;
}
if (strpos($extra_where_conditions, 'group_none')) {
$extra_where_conditions = str_replace("AND ( group_id = 'group_none' )", "AND ( group_id is null )", $extra_where_conditions);
$extra_where_conditions = str_replace("AND group_id = 'group_none'", "AND ( group_id is null )", $extra_where_conditions);
$sql_inner_join_tbl_user = "******" . $course_id . " )\n LEFT OUTER JOIN {$TBL_GROUP} g\n ON (gru.group_id = g.id AND g.c_id = " . $course_id . ")\n )";
}
// All
$is_empty_sql_inner_join_tbl_user = false;
if (empty($sql_inner_join_tbl_user)) {
$is_empty_sql_inner_join_tbl_user = true;
$sql_inner_join_tbl_user = "******" . api_get_users_status_ignored_in_reports('string') . ")\n )";
}
$sqlFromOption = " , {$TBL_GROUP_REL_USER} AS gru ";
$sqlWhereOption = " AND gru.c_id = " . $course_id . " AND gru.user_id = user.user_id ";
$first_and_last_name = api_is_western_name_order() ? "firstname, lastname" : "lastname, firstname";
if ($get_count) {
$sql_select = "SELECT count(te.exe_id) ";
} else {
$sql_select = "SELECT DISTINCT\n user_id,\n {$first_and_last_name},\n official_code,\n ce.title,\n username,\n te.exe_result,\n te.exe_weighting,\n te.exe_date,\n te.exe_id,\n email as exemail,\n te.start_date,\n steps_counter,\n exe_user_id,\n te.exe_duration,\n propagate_neg,\n revised,\n group_name,\n group_id,\n orig_lp_id,\n te.user_ip";
}
$sql = " {$sql_select}\n FROM {$TBL_EXERCICES} AS ce\n INNER JOIN {$sql_inner_join_tbl_track_exercices} AS te\n ON (te.exe_exo_id = ce.id)\n INNER JOIN {$sql_inner_join_tbl_user} AS user\n ON (user.user_id = exe_user_id)\n WHERE\n te.status != 'incomplete' AND\n te.c_id = " . $course_id . " {$session_id_and} AND\n ce.active <>-1 AND ce.c_id = " . $course_id . "\n {$exercise_where}\n {$extra_where_conditions}\n ";
// sql for hotpotatoes tests for teacher / tutor view
if ($get_count) {
$hpsql_select = "SELECT count(username)";
} else {
$hpsql_select = "SELECT\n {$first_and_last_name} ,\n username,\n official_code,\n tth.exe_name,\n tth.exe_result ,\n tth.exe_weighting,\n tth.exe_date";
}
$hpsql = " {$hpsql_select}\n FROM\n {$TBL_TRACK_HOTPOTATOES} tth,\n {$TBL_USER} user\n {$sqlFromOption}\n WHERE\n user.user_id=tth.exe_user_id\n AND tth.c_id = " . $course_id . "\n {$hotpotatoe_where}\n {$sqlWhereOption}\n AND user.status NOT IN(" . api_get_users_status_ignored_in_reports('string') . ")\n ORDER BY\n tth.c_id ASC,\n tth.exe_date DESC";
}
if ($get_count) {
$resx = Database::query($sql);
$rowx = Database::fetch_row($resx, 'ASSOC');
return $rowx[0];
}
$teacher_list = CourseManager::getTeacherListFromCourse(api_get_course_int_id());
$teacher_id_list = array();
if (!empty($teacher_list)) {
foreach ($teacher_list as $teacher) {
$teacher_id_list[] = $teacher['user_id'];
}
}
$list_info = array();
// Simple exercises
if (empty($hotpotatoe_where)) {
$column = !empty($column) ? Database::escape_string($column) : null;
$from = intval($from);
$number_of_items = intval($number_of_items);
if (!empty($column)) {
$sql .= " ORDER BY {$column} {$direction} ";
}
$sql .= " LIMIT {$from}, {$number_of_items}";
$results = array();
$resx = Database::query($sql);
while ($rowx = Database::fetch_array($resx, 'ASSOC')) {
$results[] = $rowx;
}
$group_list = GroupManager::get_group_list();
$clean_group_list = array();
if (!empty($group_list)) {
foreach ($group_list as $group) {
$clean_group_list[$group['id']] = $group['name'];
}
}
$lp_list_obj = new LearnpathList(api_get_user_id());
$lp_list = $lp_list_obj->get_flat_list();
if (is_array($results)) {
$users_array_id = array();
$from_gradebook = false;
if (isset($_GET['gradebook']) && $_GET['gradebook'] == 'view') {
$from_gradebook = true;
}
$sizeof = count($results);
$user_list_id = array();
$locked = api_resource_is_locked_by_gradebook($exercise_id, LINK_EXERCISE);
// Looping results
for ($i = 0; $i < $sizeof; $i++) {
$revised = $results[$i]['revised'];
if ($from_gradebook && $is_allowedToEdit) {
if (in_array($results[$i]['username'] . $results[$i]['firstname'] . $results[$i]['lastname'], $users_array_id)) {
continue;
}
$users_array_id[] = $results[$i]['username'] . $results[$i]['firstname'] . $results[$i]['lastname'];
}
$lp_obj = isset($results[$i]['orig_lp_id']) && isset($lp_list[$results[$i]['orig_lp_id']]) ? $lp_list[$results[$i]['orig_lp_id']] : null;
$lp_name = null;
if ($lp_obj) {
$url = api_get_path(WEB_CODE_PATH) . 'newscorm/lp_controller.php?' . api_get_cidreq() . '&action=view&lp_id=' . $results[$i]['orig_lp_id'];
$lp_name = Display::url($lp_obj['lp_name'], $url, array('target' => '_blank'));
}
//Add all groups by user
$group_name_list = null;
if ($is_empty_sql_inner_join_tbl_user) {
$group_list = GroupManager::get_group_ids(api_get_course_int_id(), $results[$i]['user_id']);
foreach ($group_list as $id) {
$group_name_list .= $clean_group_list[$id] . '<br/>';
}
$results[$i]['group_name'] = $group_name_list;
}
$results[$i]['exe_duration'] = !empty($results[$i]['exe_duration']) ? round($results[$i]['exe_duration'] / 60) : 0;
$user_list_id[] = $results[$i]['exe_user_id'];
$id = $results[$i]['exe_id'];
$dt = api_convert_and_format_date($results[$i]['exe_weighting']);
// we filter the results if we have the permission to
if (isset($results[$i]['results_disabled'])) {
$result_disabled = intval($results[$i]['results_disabled']);
} else {
$result_disabled = 0;
}
if ($result_disabled == 0) {
$my_res = $results[$i]['exe_result'];
$my_total = $results[$i]['exe_weighting'];
$results[$i]['start_date'] = api_get_local_time($results[$i]['start_date']);
$results[$i]['exe_date'] = api_get_local_time($results[$i]['exe_date']);
if (!$results[$i]['propagate_neg'] && $my_res < 0) {
$my_res = 0;
}
$score = self::show_score($my_res, $my_total);
$actions = '';
if ($is_allowedToEdit) {
if (isset($teacher_id_list)) {
if (in_array($results[$i]['exe_user_id'], $teacher_id_list)) {
$actions .= Display::return_icon('teachers.gif', get_lang('Teacher'));
}
}
if ($revised) {
$actions .= "<a href='exercise_show.php?" . api_get_cidreq() . "&action=edit&id={$id}'>" . Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL);
$actions .= ' ';
} else {
$actions .= "<a href='exercise_show.php?" . api_get_cidreq() . "&action=qualify&id={$id}'>" . Display::return_icon('quiz.gif', get_lang('Qualify'));
$actions .= ' ';
}
$actions .= "</a>";
if ($filter == 2) {
$actions .= ' <a href="exercise_history.php?' . api_get_cidreq() . '&exe_id=' . $id . '">' . Display::return_icon('history.gif', get_lang('ViewHistoryChange')) . '</a>';
}
//Admin can always delete the attempt
if (($locked == false || api_is_platform_admin()) && !api_is_student_boss()) {
$ip = TrackingUserLog::get_ip_from_user_event($results[$i]['exe_user_id'], date('Y-m-d h:i:s'), false);
$actions .= '<a href="http://www.whatsmyip.org/ip-geo-location/?ip=' . $ip . '" target="_blank">';
$actions .= Display::return_icon('info.png', $ip, ['title' => $ip]);
$actions .= '</a>';
$delete_link = '<a href="exercise_report.php?' . api_get_cidreq() . '&filter_by_user='******'filter_by_user']) . '&filter=' . $filter . '&exerciseId=' . $exercise_id . '&delete=delete&did=' . $id . '"
onclick="javascript:if(!confirm(\'' . sprintf(get_lang('DeleteAttempt'), $results[$i]['username'], $dt) . '\')) return false;">' . Display::return_icon('delete.png', get_lang('Delete')) . '</a>';
$delete_link = utf8_encode($delete_link);
if (api_is_drh() && !api_is_platform_admin()) {
$delete_link = null;
}
$actions .= $delete_link . ' ';
}
} else {
$attempt_url = api_get_path(WEB_CODE_PATH) . 'exercice/result.php?' . api_get_cidreq() . '&id=' . $results[$i]['exe_id'] . '&id_session=' . $sessionId;
$attempt_link = Display::url(get_lang('Show'), $attempt_url, ['class' => 'ajax btn btn-default', 'data-title' => get_lang('Show')]);
$actions .= $attempt_link;
}
if ($revised) {
$revised = Display::label(get_lang('Validated'), 'success');
} else {
$revised = Display::label(get_lang('NotValidated'), 'info');
}
if ($is_allowedToEdit) {
$results[$i]['status'] = $revised;
$results[$i]['score'] = $score;
$results[$i]['lp'] = $lp_name;
$results[$i]['actions'] = $actions;
$list_info[] = $results[$i];
} else {
$results[$i]['status'] = $revised;
$results[$i]['score'] = $score;
$results[$i]['actions'] = $actions;
$list_info[] = $results[$i];
}
}
}
}
} else {
$hpresults = StatsUtils::getManyResultsXCol($hpsql, 6);
// Print HotPotatoes test results.
if (is_array($hpresults)) {
for ($i = 0; $i < sizeof($hpresults); $i++) {
$hp_title = GetQuizName($hpresults[$i][3], $documentPath);
if ($hp_title == '') {
$hp_title = basename($hpresults[$i][3]);
}
$hp_date = api_get_local_time($hpresults[$i][6], null, date_default_timezone_get());
$hp_result = round($hpresults[$i][4] / ($hpresults[$i][5] != 0 ? $hpresults[$i][5] : 1) * 100, 2) . '% (' . $hpresults[$i][4] . ' / ' . $hpresults[$i][5] . ')';
if ($is_allowedToEdit) {
$list_info[] = array($hpresults[$i][0], $hpresults[$i][1], $hpresults[$i][2], '', $hp_title, '-', $hp_date, $hp_result, '-');
} else {
$list_info[] = array($hp_title, '-', $hp_date, $hp_result, '-');
}
}
}
}
return $list_info;
}
/**
* Reads exercise information from the data base
*
* @author Olivier Brouckaert
* @param integer $id - exercise Id
*
* @return boolean - true if exercise exists, otherwise false
*/
public function read($id)
{
$TBL_EXERCISES = Database::get_course_table(TABLE_QUIZ_TEST);
$table_lp_item = Database::get_course_table(TABLE_LP_ITEM);
$id = intval($id);
if (empty($this->course_id)) {
return false;
}
$sql = "SELECT * FROM {$TBL_EXERCISES} WHERE c_id = " . $this->course_id . " AND id = " . $id;
$result = Database::query($sql);
// if the exercise has been found
if ($object = Database::fetch_object($result)) {
$this->id = $id;
$this->exercise = $object->title;
$this->name = $object->title;
$this->title = $object->title;
$this->description = $object->description;
$this->sound = $object->sound;
$this->type = $object->type;
if (empty($this->type)) {
$this->type = ONE_PER_PAGE;
}
$this->random = $object->random;
$this->random_answers = $object->random_answers;
$this->active = $object->active;
$this->results_disabled = $object->results_disabled;
$this->attempts = $object->max_attempt;
$this->feedback_type = $object->feedback_type;
$this->propagate_neg = $object->propagate_neg;
$this->randomByCat = $object->random_by_category;
$this->text_when_finished = $object->text_when_finished;
$this->display_category_name = $object->display_category_name;
$this->pass_percentage = $object->pass_percentage;
$this->sessionId = $object->session_id;
$this->is_gradebook_locked = api_resource_is_locked_by_gradebook($id, LINK_EXERCISE);
$this->review_answers = isset($object->review_answers) && $object->review_answers == 1 ? true : false;
$sql = "SELECT lp_id, max_score\n FROM {$table_lp_item}\n WHERE c_id = {$this->course_id} AND\n item_type = '" . TOOL_QUIZ . "' AND\n path = '" . $id . "'";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
$this->exercise_was_added_in_lp = true;
$this->lpList = Database::store_result($result, 'ASSOC');
}
$this->force_edit_exercise_in_lp = api_get_configuration_value('force_edit_exercise_in_lp');
if ($this->exercise_was_added_in_lp) {
$this->edit_exercise_in_lp = $this->force_edit_exercise_in_lp == true;
} else {
$this->edit_exercise_in_lp = true;
}
if ($object->end_time != '0000-00-00 00:00:00') {
$this->end_time = $object->end_time;
}
if ($object->start_time != '0000-00-00 00:00:00') {
$this->start_time = $object->start_time;
}
//control time
$this->expired_time = $object->expired_time;
//Checking if question_order is correctly set
$this->questionList = $this->selectQuestionList(true);
//overload questions list with recorded questions list
//load questions only for exercises of type 'one question per page'
//this is needed only is there is no questions
/*
// @todo not sure were in the code this is used somebody mess with the exercise tool
// @todo don't know who add that config and why $_configuration['live_exercise_tracking']
global $_configuration, $questionList;
if ($this->type == ONE_PER_PAGE && $_SERVER['REQUEST_METHOD'] != 'POST' && defined('QUESTION_LIST_ALREADY_LOGGED') &&
isset($_configuration['live_exercise_tracking']) && $_configuration['live_exercise_tracking']) {
$this->questionList = $questionList;
}*/
return true;
}
return false;
}
/**
* Blocks a page if the item was added in a gradebook
*
* @param int exercise id, work id, thread id,
* @param int LINK_EXERCISE, LINK_STUDENTPUBLICATION, LINK_LEARNPATH LINK_FORUM_THREAD, LINK_ATTENDANCE
* see gradebook/lib/be/linkfactory
* @param string course code
* @return boolean
*/
function api_block_course_item_locked_by_gradebook($item_id, $link_type, $course_code = null)
{
if (api_is_platform_admin()) {
return false;
}
if (api_resource_is_locked_by_gradebook($item_id, $link_type, $course_code)) {
$message = Display::return_message(get_lang('ResourceLockedByGradebook'), 'warning');
api_not_allowed(true, $message);
}
}
function return_lock_unlock_icon($content, $id, $current_lock_status, $additional_url_parameters = '')
{
$html = '';
$id = intval($id);
//check if the forum is blocked due
if ($content == 'thread') {
if (api_resource_is_locked_by_gradebook($id, LINK_FORUM_THREAD)) {
$html .= Display::return_icon('lock_na.png', get_lang('ResourceLockedByGradebook'), array(), ICON_SIZE_SMALL);
return $html;
}
}
if ($current_lock_status == '1') {
$html .= '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&';
if (is_array($additional_url_parameters)) {
foreach ($additional_url_parameters as $key => $value) {
$html .= $key . '=' . $value . '&';
}
}
$html .= 'action=unlock&content=' . $content . '&id=' . $id . '">' . Display::return_icon('lock.png', get_lang('Unlock'), array(), ICON_SIZE_SMALL) . '</a>';
}
if ($current_lock_status == '0') {
$html .= '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&';
if (is_array($additional_url_parameters)) {
foreach ($additional_url_parameters as $key => $value) {
$html .= $key . '=' . $value . '&';
}
}
$html .= 'action=lock&content=' . $content . '&id=' . $id . '">' . Display::return_icon('unlock.png', get_lang('Lock'), array(), ICON_SIZE_SMALL) . '</a>';
}
return $html;
}
// Are we in a lp ?
$origin = '';
if (isset($_GET['origin'])) {
$origin = Security::remove_XSS($_GET['origin']);
}
//delete attachment file
if (isset($_GET['action']) && $_GET['action'] == 'delete_attach' && isset($_GET['id_attach'])) {
delete_attachment(0, $_GET['id_attach']);
}
$rows = get_posts($_GET['thread']);
$rows = calculate_children($rows);
$count = 0;
$clean_forum_id = intval($_GET['forum']);
$clean_thread_id = intval($_GET['thread']);
$group_id = api_get_group_id();
$locked = api_resource_is_locked_by_gradebook($clean_thread_id, LINK_FORUM_THREAD);
foreach ($rows as $post) {
// The style depends on the status of the message: approved or not.
if ($post['visible'] == '0') {
$titleclass = 'forum_message_post_title_2_be_approved';
$messageclass = 'forum_message_post_text_2_be_approved';
$leftclass = 'forum_message_left_2_be_approved';
} else {
$titleclass = 'forum_message_post_title';
$messageclass = 'forum_message_post_text';
$leftclass = 'forum_message_left';
}
$indent = $post['indent_cnt'] * '20';
echo "<div style=\"margin-left: " . $indent . "px;\">";
echo "<table width=\"100%\" class=\"post\" cellspacing=\"5\" border=\"0\">";
echo "<tr>";
$link_info = is_resource_in_course_gradebook(api_get_course_id(), 3, $delete_dir_id, api_get_session_id());
$link_id = $link_info['id'];
if ($link_info !== false) {
remove_resource_from_course_gradebook($link_id);
}
Display::display_confirmation_message(get_lang('DirDeleted') . ': ' . $work_to_delete['title']);
} else {
Display::display_warning_message(get_lang('ResourceLockedByGradebook'));
}
}
/* DELETE WORK COMMAND */
if ($action == 'delete' && $item_id) {
$file_deleted = false;
$is_author = user_is_author($item_id);
$work_data = get_work_data_by_id($item_id);
$locked = api_resource_is_locked_by_gradebook($work_data['parent_id'], LINK_STUDENTPUBLICATION);
if ($is_allowed_to_edit && $locked == false || ($locked == false and $is_author && api_get_course_setting('student_delete_own_publication') == 1 && $work_data['qualificator_id'] == 0)) {
//we found the current user is the author
$queryString1 = "SELECT url, contains_file FROM " . $work_table . " WHERE c_id = {$course_id} AND id = {$item_id}";
$result1 = Database::query($queryString1);
$row = Database::fetch_array($result1);
if (Database::num_rows($result1) > 0) {
$queryString2 = "UPDATE " . $work_table . " SET active = 2 WHERE c_id = {$course_id} AND id = {$item_id}";
$queryString3 = "DELETE FROM " . $TSTDPUBASG . " WHERE c_id = {$course_id} AND publication_id = {$item_id}";
Database::query($queryString2);
Database::query($queryString3);
api_item_property_update($_course, 'work', $item_id, 'DocumentDeleted', $user_id);
$work = $row['url'];
if ($row['contains_file'] == 1) {
if (!empty($work)) {
if (api_get_setting('permanently_remove_deleted_files') == 'true') {
$script = 'work_list_all.php';
}
if (!empty($error_message)) {
Session::write('error_message', $error_message);
}
header('Location: ' . api_get_path(WEB_CODE_PATH) . 'work/' . $script . '?' . api_get_cidreq() . '&id=' . $work_id);
exit;
} else {
// Bad token or can't add works
$error_message = Display::return_message(get_lang('IsNotPosibleSaveTheDocument'), 'error');
}
}
$htmlHeadXtra[] = to_javascript_work();
Display::display_header(null);
if (!empty($work_id)) {
echo $validationStatus['message'];
if ($is_allowed_to_edit) {
if (api_resource_is_locked_by_gradebook($work_id, LINK_STUDENTPUBLICATION)) {
echo Display::display_warning_message(get_lang('ResourceLockedByGradebook'));
} else {
$form->display();
}
} elseif ($student_can_edit_in_session && $validationStatus['has_ended'] == false) {
$form->display();
} else {
Display::display_error_message(get_lang('ActionNotAllowed'));
}
} else {
Display::display_error_message(get_lang('ActionNotAllowed'));
}
Display::display_footer();
/**
* @param int $item_id
* @param array course info
* @return bool
*/
function deleteWorkItem($item_id, $courseInfo)
{
$work_table = Database :: get_course_table(TABLE_STUDENT_PUBLICATION);
$TSTDPUBASG = Database :: get_course_table(TABLE_STUDENT_PUBLICATION_ASSIGNMENT);
$currentCourseRepositorySys = api_get_path(SYS_COURSE_PATH).$courseInfo['path'].'/';
$is_allowed_to_edit = api_is_allowed_to_edit();
$file_deleted = false;
$item_id = intval($item_id);
$is_author = user_is_author($item_id);
$work_data = get_work_data_by_id($item_id);
$locked = api_resource_is_locked_by_gradebook($work_data['parent_id'], LINK_STUDENTPUBLICATION);
$course_id = $courseInfo['real_id'];
if (($is_allowed_to_edit && $locked == false) ||
(
$locked == false &&
$is_author &&
api_get_course_setting('student_delete_own_publication') == 1 &&
$work_data['qualificator_id'] == 0
)
) {
// We found the current user is the author
$sql = "SELECT url, contains_file FROM $work_table
WHERE c_id = $course_id AND id = $item_id";
$result = Database::query($sql);
$row = Database::fetch_array($result);
if (Database::num_rows($result) > 0) {
$sql = "UPDATE $work_table SET active = 2
WHERE c_id = $course_id AND id = $item_id";
Database::query($sql);
$sql = "DELETE FROM $TSTDPUBASG
WHERE c_id = $course_id AND publication_id = $item_id";
Database::query($sql);
api_item_property_update(
$courseInfo,
'work',
$item_id,
'DocumentDeleted',
api_get_user_id()
);
$work = $row['url'];
if ($row['contains_file'] == 1) {
if (!empty($work)) {
if (api_get_setting('permanently_remove_deleted_files') == 'true') {
my_delete($currentCourseRepositorySys.'/'.$work);
$file_deleted = true;
} else {
$extension = pathinfo($work, PATHINFO_EXTENSION);
$new_dir = $work.'_DELETED_'.$item_id.'.'.$extension;
if (file_exists($currentCourseRepositorySys.'/'.$work)) {
rename($currentCourseRepositorySys.'/'.$work, $currentCourseRepositorySys.'/'.$new_dir);
$file_deleted = true;
}
}
}
} else {
$file_deleted = true;
}
}
}
return $file_deleted;
}
require_once 'work.lib.php';
// Section (for the tabs)
$this_section = SECTION_COURSES;
if (!api_is_allowed_to_edit()) {
api_not_allowed(true);
}
$courseInfo = api_get_course_info();
$sessionId = api_get_session_id();
$groupId = api_get_group_id();
$workId = isset($_GET['id']) ? intval($_GET['id']) : null;
$workData = get_work_data_by_id($workId);
$homework = get_work_assignment_by_id($workId);
$locked = api_resource_is_locked_by_gradebook($workId, LINK_STUDENTPUBLICATION);
if (api_is_platform_admin() == false && $locked == true) {
api_not_allowed(true);
}
$htmlHeadXtra[] = to_javascript_work();
$interbreadcrumb[] = array(
'url' => api_get_path(WEB_CODE_PATH) . 'work/work.php?' . api_get_cidreq(),
'name' => get_lang('StudentPublications')
);
$interbreadcrumb[] = array('url' => '#', 'name' => get_lang('Edit'));
$form = new FormValidator(
'edit_dir',
'post',
/**
* @param int $start
* @param int $limit
* @param int $column
* @param string $direction
* @param int $work_id
* @param array $where_condition
* @param int $studentId
* @return array
*/
function get_work_user_list($start, $limit, $column, $direction, $work_id, $where_condition, $studentId = null)
{
$work_table = Database::get_course_table(TABLE_STUDENT_PUBLICATION);
$iprop_table = Database::get_course_table(TABLE_ITEM_PROPERTY);
$user_table = Database::get_main_table(TABLE_MAIN_USER);
$session_id = api_get_session_id();
$course_id = api_get_course_int_id();
$group_id = api_get_group_id();
$course_info = api_get_course_info(api_get_course_id());
$work_id = intval($work_id);
$column = empty($column) ?: Database::escape_string($column);
$start = intval($start);
$limit = intval($limit);
if (!in_array($direction, array('asc', 'desc'))) {
$direction = 'desc';
}
$work_data = get_work_data_by_id($work_id);
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
$condition_session = api_get_session_condition($session_id);
$locked = api_resource_is_locked_by_gradebook($work_id, LINK_STUDENTPUBLICATION);
if (!empty($work_data)) {
if (!empty($group_id)) {
$extra_conditions = " work.post_group_id = '" . intval($group_id) . "' ";
// set to select only messages posted by the user's group
} else {
$extra_conditions = " work.post_group_id = '0' ";
}
if ($is_allowed_to_edit) {
$extra_conditions .= ' AND work.active IN (0, 1) ';
} else {
if (isset($course_info['show_score']) && $course_info['show_score'] == 1) {
$extra_conditions .= " AND (u.user_id = " . api_get_user_id() . " AND work.active IN (0, 1) OR work.active = 1) ";
} else {
$extra_conditions .= ' AND work.active = 1 ';
}
}
$extra_conditions .= " AND parent_id = " . $work_id . " ";
$select = 'DISTINCT u.user_id, work.id as id, title as title, description, url, sent_date, contains_file, has_properties, view_properties,
qualification, weight, allow_text_assignment, u.firstname, u.lastname, u.username, parent_id, accepted, qualificator_id';
$user_condition = "INNER JOIN {$user_table} u ON (work.user_id = u.user_id) ";
$work_condition = "{$iprop_table} prop INNER JOIN {$work_table} work ON (prop.ref = work.id AND prop.c_id = {$course_id} AND work.c_id = {$course_id} ) ";
$work_assignment = get_work_assignment_by_id($work_id);
if (!empty($studentId)) {
$where_condition .= " AND u.user_id = " . intval($studentId);
}
$sql = "SELECT {$select}\n FROM {$work_condition} {$user_condition}\n WHERE {$extra_conditions} {$where_condition} {$condition_session} ";
$sql .= " ORDER BY {$column} {$direction} ";
$sql .= " LIMIT {$start}, {$limit}";
$result = Database::query($sql);
$works = array();
while ($work = Database::fetch_array($result, 'ASSOC')) {
$item_id = $work['id'];
// Get the author ID for that document from the item_property table
$is_author = false;
$can_read = false;
$owner_id = $work['user_id'];
/* Because a bug found when saving items using the api_item_property_update()
the field $item_property_data['insert_user_id'] is not reliable. */
// $item_property_data = api_get_item_property_info(api_get_course_int_id(), 'work', $item_id, api_get_session_id());
//if (!$is_allowed_to_edit && $item_property_data['insert_user_id'] == api_get_user_id()) {
if (!$is_allowed_to_edit && $owner_id == api_get_user_id()) {
$is_author = true;
}
if ($course_info['show_score'] == 0) {
$can_read = true;
}
if ($work['accepted'] == '0') {
$class = 'invisible';
} else {
$class = '';
}
$qualification_exists = false;
if (!empty($work_data['qualification']) && intval($work_data['qualification']) > 0) {
$qualification_exists = true;
}
$qualification_string = '';
if ($qualification_exists) {
if ($work['qualification'] == '') {
$qualification_string = Display::label('-');
} else {
$qualification_string = Display::label($work['qualification'], 'info');
}
}
$add_string = '';
$time_expires = api_strtotime($work_assignment['expires_on'], 'UTC');
if (!empty($work_assignment['expires_on']) && $work_assignment['expires_on'] != '0000-00-00 00:00:00' && $time_expires && $time_expires < api_strtotime($work['sent_date'], 'UTC')) {
$add_string = Display::label(get_lang('Expired'), 'important');
}
if ($can_read && $work['accepted'] == '1' || $is_author && in_array($work['accepted'], array('1', '0')) || $is_allowed_to_edit) {
// Firstname, lastname, username
$work['firstname'] = Display::div($work['firstname'], array('class' => $class));
$work['lastname'] = Display::div($work['lastname'], array('class' => $class));
if (strlen($work['title']) > 30) {
$short_title = substr($work['title'], 0, 27) . '...';
$work['title'] = Display::span($short_title, array('class' => $class, 'title' => $work['title']));
} else {
$work['title'] = Display::div($work['title'], array('class' => $class));
}
// Type.
$work['type'] = build_document_icon_tag('file', $work['file']);
// File name.
$link_to_download = null;
if ($work['contains_file']) {
$link_to_download = '<a href="download.php?id=' . $item_id . '">' . Display::return_icon('save.png', get_lang('Save'), array(), ICON_SIZE_SMALL) . '</a> ';
} else {
//$link_to_download = '<a href="view.php?id='.$item_id.'">'.Display::return_icon('save_na.png', get_lang('Save'),array(), ICON_SIZE_SMALL).'</a> ';
}
$send_to = Portfolio::share('work', $work['id'], array('style' => 'white-space:nowrap;'));
$work['qualification'] = $qualification_string;
// Date.
$work_date = api_convert_and_format_date($work['sent_date']);
$work['sent_date'] = date_to_str_ago(api_get_local_time($work['sent_date'])) . ' ' . $add_string . '<br />' . $work_date;
// Actions.
$url = api_get_path(WEB_CODE_PATH) . 'work/';
$action = '';
if ($is_allowed_to_edit) {
$action .= '<a href="' . $url . 'view.php?' . api_get_cidreq() . '&id=' . $item_id . '" title="' . get_lang('View') . '">' . Display::return_icon('default.png', get_lang('View'), array(), ICON_SIZE_SMALL) . '</a> ';
if ($locked) {
if ($qualification_exists) {
$action .= Display::return_icon('rate_work_na.png', get_lang('CorrectAndRate'), array(), ICON_SIZE_SMALL);
} else {
$action .= Display::return_icon('edit_na.png', get_lang('Comment'), array(), ICON_SIZE_SMALL);
}
} else {
if ($qualification_exists) {
$action .= '<a href="' . $url . 'edit.php?' . api_get_cidreq() . '&item_id=' . $item_id . '&id=' . $work['parent_id'] . '" title="' . get_lang('Modify') . '" >' . Display::return_icon('rate_work.png', get_lang('CorrectAndRate'), array(), ICON_SIZE_SMALL) . '</a>';
} else {
$action .= '<a href="' . $url . 'edit.php?' . api_get_cidreq() . '&item_id=' . $item_id . '&id=' . $work['parent_id'] . '&gradebook=' . Security::remove_XSS($_GET['gradebook']) . '" title="' . get_lang('Modify') . '">' . Display::return_icon('edit.png', get_lang('Comment'), array(), ICON_SIZE_SMALL) . '</a>';
}
}
if ($work['contains_file']) {
if ($locked) {
$action .= Display::return_icon('move_na.png', get_lang('Move'), array(), ICON_SIZE_SMALL);
} else {
$action .= '<a href="' . $url . 'work.php?' . api_get_cidreq() . '&action=move&item_id=' . $item_id . '" title="' . get_lang('Move') . '">' . Display::return_icon('move.png', get_lang('Move'), array(), ICON_SIZE_SMALL) . '</a>';
}
}
if ($work['accepted'] == '1') {
$action .= '<a href="' . $url . 'work.php?' . api_get_cidreq() . '&action=make_invisible&item_id=' . $item_id . '&' . $sort_params . '" title="' . get_lang('Invisible') . '" >' . Display::return_icon('visible.png', get_lang('Invisible'), array(), ICON_SIZE_SMALL) . '</a>';
} else {
$action .= '<a href="' . $url . 'work.php?' . api_get_cidreq() . '&action=make_visible&item_id=' . $item_id . '&' . $sort_params . '" title="' . get_lang('Visible') . '" >' . Display::return_icon('invisible.png', get_lang('Visible'), array(), ICON_SIZE_SMALL) . '</a> ';
}
if ($locked) {
$action .= Display::return_icon('delete_na.png', get_lang('Delete'), '', ICON_SIZE_SMALL);
} else {
$action .= '<a href="' . $url . 'work.php?' . api_get_cidreq() . '&action=delete&item_id=' . $item_id . '" onclick="javascript:if(!confirm(' . "'" . addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES)) . "'" . ')) return false;" title="' . get_lang('Delete') . '" >' . Display::return_icon('delete.png', get_lang('Delete'), '', ICON_SIZE_SMALL) . '</a>';
}
} elseif ($is_author && (empty($work['qualificator_id']) || $work['qualificator_id'] == 0)) {
$action .= '<a href="' . $url . 'view.php?' . api_get_cidreq() . '&id=' . $item_id . '" title="' . get_lang('View') . '">' . Display::return_icon('default.png', get_lang('View'), array(), ICON_SIZE_SMALL) . '</a>';
if (api_get_course_setting('student_delete_own_publication') == 1) {
if (api_is_allowed_to_session_edit(false, true)) {
$action .= '<a href="' . $url . 'edit.php?' . api_get_cidreq() . '&item_id=' . $item_id . '&id=' . $work['parent_id'] . '&gradebook=' . Security::remove_XSS($_GET['gradebook']) . '" title="' . get_lang('Modify') . '">' . Display::return_icon('edit.png', get_lang('Comment'), array(), ICON_SIZE_SMALL) . '</a>';
}
$action .= ' <a href="' . $url . 'work.php?' . api_get_cidreq() . '&action=delete&item_id=' . $item_id . '" onclick="javascript:if(!confirm(' . "'" . addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES)) . "'" . ')) return false;" title="' . get_lang('Delete') . '" >' . Display::return_icon('delete.png', get_lang('Delete'), '', ICON_SIZE_SMALL) . '</a>';
} else {
$action .= Display::return_icon('edit_na.png', get_lang('Modify'), array(), ICON_SIZE_SMALL);
}
} else {
$action .= '<a href="' . $url . 'view.php?' . api_get_cidreq() . '&id=' . $item_id . '" title="' . get_lang('View') . '">' . Display::return_icon('default.png', get_lang('View'), array(), ICON_SIZE_SMALL) . '</a>';
$action .= Display::return_icon('edit_na.png', get_lang('Modify'), array(), ICON_SIZE_SMALL);
}
// Status.
if (empty($work['qualificator_id'])) {
$qualificator_id = Display::label(get_lang('NotRevised'), 'warning');
} else {
$qualificator_id = Display::label(get_lang('Revised'), 'success');
}
$work['qualificator_id'] = $qualificator_id;
$work['actions'] = $send_to . $link_to_download . $action;
$works[] = $work;
}
}
return $works;
}
}
if (isset($_GET['post']) && $_GET['post'] == $post['post_id'] || ($counter == 1 and !isset($_GET['post']))) {
$thread_structure .= '<strong>' . prepare4display($post['post_title']) . '</strong></div>';
$prev_next_array[] = $post['post_id'];
} else {
if ($post['visible'] == '0') {
$class = ' class="invisible"';
} else {
$class = '';
}
$count_loop = $count == 0 ? '&id=1' : '';
$thread_structure .= "<a href=\"viewthread.php?" . api_get_cidreq() . "&forum=" . $forumId . "&thread=" . $threadId . "&post=" . $post['post_id'] . "&origin={$origin}{$count_loop}\"" . "{$class}>" . prepare4display($post['post_title']) . "</a></div>";
$prev_next_array[] = $post['post_id'];
}
$count++;
}
$locked = api_resource_is_locked_by_gradebook($threadId, LINK_FORUM_THREAD);
/* NAVIGATION CONTROLS */
$current_id = array_search($display_post_id, $prev_next_array);
$max = count($prev_next_array);
$next_id = $current_id + 1;
$prev_id = $current_id - 1;
// Text
$first_message = get_lang('FirstMessage');
$last_message = get_lang('LastMessage');
$next_message = get_lang('NextMessage');
$prev_message = get_lang('PrevMessage');
// Images
$first_img = Display::return_icon('action_first.png', get_lang('FirstMessage'), array('style' => 'vertical-align: middle;'));
$last_img = Display::return_icon('action_last.png', get_lang('LastMessage'), array('style' => 'vertical-align: middle;'));
$prev_img = Display::return_icon('action_prev.png', get_lang('PrevMessage'), array('style' => 'vertical-align: middle;'));
$next_img = Display::return_icon('action_next.png', get_lang('NextMessage'), array('style' => 'vertical-align: middle;'));
