<?php
// In the top frame, we use cookies for session.
define('COOKIE_SESSION', true);
require_once "../../config.php";
require_once $CFG->dirroot . "/pdo.php";
require_once $CFG->dirroot . "/lib/lms_lib.php";
use Tsugi\UI\CrudForm;
header('Content-Type: text/html; charset=utf-8');
session_start();
if (!(isset($_SESSION['id']) || isAdmin())) {
die('Must be logged in or admin');
}
$tablename = "{$CFG->dbprefix}lti_key";
$current = getCurrentFileUrl(__FILE__);
$from_location = "keys.php";
$allow_delete = true;
$allow_edit = true;
$where_clause = '';
$query_fields = array();
if (isAdmin()) {
$fields = array("key_id", "key_key", "secret", "created_at", "updated_at", "user_id");
} else {
$fields = array("key_id", "key_key", "secret", "created_at", "updated_at");
$where_clause .= "user_id = :UID";
$query_fields[":UID"] = $_SESSION['id'];
}
// Handle the post data
$row = CrudForm::handleUpdate($tablename, $fields, $where_clause, $query_fields, $allow_edit, $allow_delete);
if ($row === CrudForm::CRUD_FAIL || $row === CrudForm::CRUD_SUCCESS) {
header("Location: " . $from_location);
require_once "../pdo.php";
require_once $CFG->dirroot . '/lib/lms_lib.php';
require_once 'tp_messages.php';
use Tsugi\Util\LTI;
use Tsugi\Util\Net;
session_start();
header('Content-Type: text/html; charset=utf-8');
if (!isset($_SESSION['lti2post'])) {
die_with_error_log("Missing LTI 2.0 post data");
}
error_log("Session in lti2 " . session_id());
if (!isset($_SESSION['id'])) {
if (isset($_REQUEST['login_done'])) {
die_with_error_log("LTI 2 login failed.");
}
$_SESSION['login_return'] = addSession(getCurrentFileUrl(__FILE__) . "?login_done=true");
header("Location: " . getLoginUrl());
return;
}
// See if this person is allowed to register a tool
$row = $PDOX->rowDie("SELECT request_id, user_id, admin, state, lti\n FROM {$CFG->dbprefix}key_request\n WHERE user_id = :UID LIMIT 1", array(":UID" => $_SESSION['id']));
if ($row === false) {
$_SESSION['error'] = 'You have not requested a key for this service.';
header('Location: ' . $CFG->wwwroot);
return;
}
if ($row['state'] == 0) {
$_SESSION['error'] = 'Your key has not yet been approved. ' . $row['admin'];
header('Location: ' . $CFG->wwwroot);
return;
}
header("Location: index.php");
return;
}
$version = $_POST['lti'] + 0;
if ($version != 1 && $version != 2) {
$_SESSION['error'] = _m("LTI Version muse be 1 or 2");
header("Location: index.php");
return;
}
$stmt = $PDOX->queryDie("INSERT INTO {$CFG->dbprefix}key_request\n (user_id, title, notes, state, lti, created_at, updated_at)\n VALUES ( :UID, :TITLE, :NOTES, 0, :LTI, NOW(), NOW() )", array(":UID" => $_SESSION['id'], ":TITLE" => $_POST['title'], ":NOTES" => $_POST['notes'], ":LTI" => $version));
if (!isAdmin() && $CFG->owneremail && $CFG->OFFLINE === false) {
$user_id = $_SESSION['id'];
$token = computeMailCheck($user_id);
$to = $CFG->owneremail;
$subject = "Key Request from " . $_SESSION['displayname'] . ' (' . $_SESSION['email'] . ' )';
$message = "Key Request from " . $_SESSION['displayname'] . ' (' . $_SESSION['email'] . ' )\\n' . "\nNotes\n" . $_POST['notes'] . "\n\n" . "Link: " . getCurrentFileUrl(__FILE__) . "\n";
$retval = mailSend($to, $subject, $message, $user_id, $token);
}
$_SESSION['success'] = "Record inserted";
header("Location: index.php");
return;
}
$query_parms = false;
$searchfields = array("request_id", "title", "notes", "state", "admin", "created_at", "updated_at");
$sql = "SELECT request_id, title, notes, state, admin, R.created_at, R.updated_at, email, displayname\n FROM {$CFG->dbprefix}key_request as R\n JOIN {$CFG->dbprefix}lti_user AS U ON R.user_id = U.user_id ";
if (!isAdmin()) {
$sql .= "\nWHERE R.user_id = :UID";
$query_parms = array(":UID" => $_SESSION['id']);
}
$newsql = Table::pagedQuery($sql, $query_parms, $searchfields);
// echo("<pre>\n$newsql\n</pre>\n");
