/**
* @brief Process resource actions
* @global type $tool_content
* @global type $id
* @global type $langResourceCourseUnitDeleted
* @global type $langResourceUnitModified
* @global type $course_id
* @global type $course_code
* @return string
*/
function process_actions()
{
global $tool_content, $id, $langResourceCourseUnitDeleted, $langResourceUnitModified, $course_id, $course_code, $webDir;
// update index and refresh course metadata
require_once 'modules/search/indexer.class.php';
require_once 'modules/course_metadata/CourseXML.php';
if (isset($_REQUEST['edit'])) {
$res_id = intval($_GET['edit']);
if ($id = check_admin_unit_resource($res_id)) {
return edit_res($res_id);
}
} elseif (isset($_REQUEST['edit_res_submit'])) {
// edit resource
$res_id = intval($_REQUEST['resource_id']);
if ($id = check_admin_unit_resource($res_id)) {
@($restitle = $_REQUEST['restitle']);
$rescomments = purify($_REQUEST['rescomments']);
$result = Database::get()->query("UPDATE course_weekly_view_activities SET\n title = ?s,\n comments = ?s\n WHERE course_weekly_view_id = ?d AND id = ?d", $restitle, $rescomments, $id, $res_id);
Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_UNITRESOURCE, $res_id);
Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_COURSE, $course_id);
CourseXMLElement::refreshCourse($course_id, $course_code);
}
$tool_content .= "<div class='alert alert-success'>{$langResourceUnitModified}</div>";
} elseif (isset($_REQUEST['del'])) {
// delete resource from course unit
$res_id = intval($_GET['del']);
if ($id = check_admin_unit_resource($res_id)) {
Database::get()->query("DELETE FROM course_weekly_view_activities WHERE id = ?d", $res_id);
Indexer::queueAsync(Indexer::REQUEST_REMOVE, Indexer::RESOURCE_UNITRESOURCE, $res_id);
Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_COURSE, $course_id);
CourseXMLElement::refreshCourse($course_id, $course_code);
$tool_content .= "<div class='alert alert-success'>{$langResourceCourseUnitDeleted}</div>";
}
} elseif (isset($_REQUEST['vis'])) {
// modify visibility in text resources only
$res_id = intval($_REQUEST['vis']);
if ($id = check_admin_unit_resource($res_id)) {
$vis = Database::get()->querySingle("SELECT `visible` FROM course_weekly_view_activities WHERE id = ?d", $res_id)->visible;
$newvis = $vis == 1 ? 0 : 1;
Database::get()->query("UPDATE course_weekly_view_activities SET visible = '{$newvis}' WHERE id = ?d", $res_id);
Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_UNITRESOURCE, $res_id);
Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_COURSE, $course_id);
CourseXMLElement::refreshCourse($course_id, $course_code);
}
} elseif (isset($_REQUEST['down'])) {
// change order down
$res_id = intval($_REQUEST['down']);
if ($id = check_admin_unit_resource($res_id)) {
move_order('course_weekly_view_activities', 'id', $res_id, 'order', 'down', "course_weekly_view_id={$id}");
}
} elseif (isset($_REQUEST['up'])) {
// change order up
$res_id = intval($_REQUEST['up']);
if ($id = check_admin_unit_resource($res_id)) {
move_order('course_weekly_view_activities', 'id', $res_id, 'order', 'up', "course_weekly_view_id={$id}");
}
}
return '';
}
public static function renderViewRows($rows, Apartment $model)
{
if (!$rows) {
return '';
}
foreach ($rows as $row) {
if (!$model->canShowInView($row['field'])) {
continue;
}
if ($row['standard_type'] != FormDesigner::STANDARD_TYPE_NEW && file_exists(ROOT_PATH . '/protected/views/common/apartments/fields/' . $row['field'] . '.php')) {
//
Yii::app()->controller->renderPartial('//../views/common/apartments/fields/' . $row['field'], array('data' => $model));
continue;
}
if ($row->type == FormDesigner::TYPE_REFERENCE) {
$sql = "SELECT title_" . Yii::app()->language . " FROM {{apartment_reference_values}} WHERE id=" . $model->{$row}['field'];
$value = CHtml::encode(Yii::app()->db->createCommand($sql)->queryScalar());
} else {
$value = is_string($model->{$row}['field']) ? CHtml::encode($model->{$row}['field']) : '???';
if ($row->type == FormDesigner::TYPE_TEXT_AREA_WS) {
$value = purify($model->{$row}['field']);
}
}
if ($row->type == FormDesigner::TYPE_INT && $row->measure_unit) {
$value .= ' ' . CHtml::encode($row->measure_unit);
}
if ($value) {
if ($row['standard_type'] > 0) {
echo '<dt>' . CHtml::encode($model->getAttributeLabel($row['field'])) . ':</dt>';
} else {
echo '<dt>' . CHtml::encode($row['label_' . Yii::app()->language]) . ':</dt>';
}
if ($row->field == 'phone') {
if (issetModule('tariffPlans') && issetModule('paidservices') && $model->owner_id != Yii::app()->user->id) {
if (Yii::app()->user->isGuest) {
$defaultTariffInfo = TariffPlans::getFullTariffInfoById(TariffPlans::DEFAULT_TARIFF_PLAN_ID);
if (!$defaultTariffInfo['showPhones']) {
echo '<dd>' . Yii::t('module_tariffPlans', 'Please <a href="{n}">login</a> to view', Yii::app()->controller->createUrl('/site/login')) . '</dd>';
} else {
echo '<dd><span id="owner-phone">' . CHtml::link(tc('Show phone'), 'javascript: void(0);', array('onclick' => 'generatePhone();')) . '</span>' . '</dd>';
}
} else {
if (TariffPlans::checkAllowShowPhone()) {
echo '<dd>' . $value . '</dd>';
} else {
echo '<dd>' . Yii::t('module_tariffPlans', 'Please <a href="{n}">change the tariff plan</a> to view', Yii::app()->controller->createUrl('/tariffPlans/main/index')) . '</dd>';
}
}
} else {
echo '<dd><span id="owner-phone">' . CHtml::link(tc('Show phone'), 'javascript: void(0);', array('onclick' => 'generatePhone();')) . '</span>' . '</dd>';
}
} else {
echo '<dd>' . $value . '</dd>';
}
}
}
}
/**
* All comments are run through here before they're saved
*
* @param string
*/
function _process_post($content)
{
// We cant use the dom because any dom parser is going to throw away
// the code inside the code tags, this will currently break for nested
// code tags and code with [[> in it
$content = str_replace('<code>', '<pre class="prettyprint linenums"><![CDATA[', $content);
$content = str_replace('</code>', ']]></pre>', $content);
_format_lists($content);
_format_pinkies($content);
$content = purify($content);
return $content;
}
public function printPoster($file)
{
$file = purify($file);
if (file_exists('pics/' . $file . '.jpg')) {
return 'pics/' . $file . '.jpg';
} else {
if (file_exists('/pics/' . $file . '.gif')) {
return 'pics/' . $file . '.gif';
} else {
if (file_exists('/pics/' . $file . '.png')) {
return 'pics/' . $file . '.png';
} else {
if (file_exists('/pics/' . $file . '.bmp')) {
return 'pics/' . $file . '.bmp';
} else {
return 'includes/img/unavailable.jpg';
}
}
}
}
}
/**
* Purify HTML code using HTMLPurifier
*
* @param string|array $html : The html to purify
* @return string|array
*/
function purify($html)
{
if (empty($html) || trim((string) $html) === '') {
log_message('error', 'htmlpurifier_pi::purify : The html you sent to the HTML Purifier is empty...I wonder how is that possible...');
return FALSE;
}
if (is_array($html)) {
foreach ($html as $key => $value) {
$html[$key] = purify($value);
}
return $html;
} else {
require_once APPPATH . 'plugins/htmlpurifier/HTMLPurifier.standalone.php';
$allowed_tags = 'p,em,i,strong,b,a[href],ul,ol,li,code,pre,blockquote';
$config = HTMLPurifier_Config::createDefault();
$config->set('HTML.Doctype', 'XHTML 1.0 Strict');
$config->set('HTML.Allowed', $allowed_tags);
$config->set('HTML.TidyLevel', 'heavy');
$config->set('AutoFormat.Linkify', 'true');
$htmlpurifier = new HTMLPurifier($config);
return $htmlpurifier->purify($html);
}
}
function purify($dirty_html)
{
if (is_array($dirty_html)) {
foreach ($dirty_html as $key => $val) {
$dirty_html[$key] = purify($val);
}
return $dirty_html;
}
if (trim($dirty_html) === '') {
return $dirty_html;
}
$config = HTMLPurifier_Config::createDefault();
$config->set('HTML.Doctype', 'XHTML 1.0 Strict');
$config->set('AutoFormat.Linkify', true);
$config->set('CSS.Trusted', true);
$config->set('CSS.AllowTricky', true);
$config->set('Filter.YouTube', true);
$config->set('HTML.SafeObject', true);
$config->set('Output.FlashCompat', true);
$config->set('Output.Newline', '<br />');
$def = $config->getHTMLDefinition(true);
$def->addElement('spoiler', 'Block', 'Flow', 'Common', array());
return HTMLPurifier($dirty_html, $config);
}
$new_position = isset($_GET['moveUp']) ? $position - 1 : $position + 1;
$trade_position_pqid = Database::get()->querySingle("SELECT pqid FROM `poll_question`\r\n\t\t\t\t WHERE pid = ?d AND q_position = ?d", $pid, $new_position)->pqid;
Database::get()->query("UPDATE poll_question SET q_position = ?d WHERE pid = ?d AND pqid= ?d", $new_position, $pid, $pqid);
Database::get()->query("UPDATE poll_question SET q_position = ?d WHERE pid = ?d AND pqid = ?d", $position, $pid, $trade_position_pqid);
redirect_to_home_page("modules/questionnaire/admin.php?course={$course_code}&pid={$pid}");
}
if (isset($_POST['submitPoll'])) {
$v = new Valitron\Validator($_POST);
$v->rule('required', array('PollName'));
$v->labels(array('PollName' => "{$langTheField} {$langTitle}"));
if ($v->validate()) {
$PollName = $_POST['PollName'];
$PollStart = date('Y-m-d H:i', strtotime($_POST['PollStart']));
$PollEnd = date('Y-m-d H:i', strtotime($_POST['PollEnd']));
$PollDescription = purify($_POST['PollDescription']);
$PollEndMessage = purify($_POST['PollEndMessage']);
$PollAnonymized = isset($_POST['PollAnonymized']) ? $_POST['PollAnonymized'] : 0;
if (isset($_GET['pid'])) {
$pid = intval($_GET['pid']);
Database::get()->query("UPDATE poll SET name = ?s,\r\n start_date = ?t, end_date = ?t, description = ?s, end_message = ?s, anonymized = ?d WHERE course_id = ?d AND pid = ?d", $PollName, $PollStart, $PollEnd, $PollDescription, $PollEndMessage, $PollAnonymized, $course_id, $pid);
Session::Messages($langPollEdited, 'alert-success');
} else {
$PollActive = 1;
$pid = Database::get()->query("INSERT INTO poll\r\n (course_id, creator_id, name, creation_date, start_date, end_date, active, description, end_message, anonymized)\r\n VALUES (?d, ?d, ?s, NOW(), ?t, ?t, ?d, ?s, ?s, ?d)", $course_id, $uid, $PollName, $PollStart, $PollEnd, $PollActive, $PollDescription, $PollEndMessage, $PollAnonymized)->lastInsertID;
Session::Messages($langPollCreated, 'alert-success');
}
redirect_to_home_page("modules/questionnaire/admin.php?course={$course_code}&pid={$pid}");
} else {
// Errors
Session::flashPost()->Messages($langFormErrors)->Errors($v->errors());
if (isset($_GET['pid'])) {
format='txt',
date = NOW(),
date_modified = NOW()", $course_id, $subsystem, $chat_filename, $saveIn);
$fchat = fopen($fileChatName, 'a');
fwrite($fchat, $timeNow." ---- ".$langSaveMessage . " ---- !@#$ systemMsgSave\n");
fclose($fchat);
} else {
}
@unlink($exportFileChat);
redirect_to_home_page("modules/conference/messageList.php?course=$course_code");
}
// add new line
if (isset($_POST['chatLine']) and trim($_POST['chatLine']) != '') {
if (!isset($_POST['token']) || !validate_csrf_token($_POST['token'])) csrf_token_error();
$chatLine = purify($_POST['chatLine']);
$fchat = fopen($fileChatName, 'a');
if ($is_editor) {
$nick = "<b>".q($nick)."</b>";
}
fwrite($fchat, $timeNow . ' - ' . $nick . ' : ' . stripslashes($chatLine) . " !@#$ $uid \n");
fclose($fchat);
redirect_to_home_page("modules/conference/messageList.php?course=$course_code");
}
?>
<!DOCTYPE html>
<html>
<head>
<base target="_parent">
<meta http-equiv="refresh" content="30; url=<?php echo $_SERVER['SCRIPT_NAME']; ?>" />
<title>Chat messages</title>
$dates = array();
if (isset($_POST['startdate_active']) and isset($_POST['startdate'])) {
$start_sql = 'begin = ?s';
$date_started = DateTime::createFromFormat("d-m-Y H:i", $_POST['startdate']);
$dates[] = $date_started->format("Y-m-d H:i:s");
} else {
$start_sql = 'begin = NULL';
}
if (isset($_POST['enddate_active']) and isset($_POST['enddate'])) {
$end_sql = 'end = ?s';
$date_ended = DateTime::createFromFormat("d-m-Y H:i", $_POST['enddate']);
$dates[] = $date_ended->format("Y-m-d H:i:s");
} else {
$end_sql = 'end = NULL';
}
$newContent = purify($newContent);
if (isset($_POST['id'])) {
// modify announcement
$id = $_POST['id'];
Database::get()->query("UPDATE admin_announcement
SET title = ?s, body = ?s, lang = ?s,
`date` = " . DBHelper::timeAfter() . ", $start_sql, $end_sql
WHERE id = ?d", $title, $newContent, $lang_admin_ann, $dates, $id);
$message = $langAdminAnnModify;
} else {
// add new announcement
// order
$orderMax = Database::get()->querySingle("SELECT MAX(`order`) as max FROM admin_announcement")->max;
$order = $orderMax + 1;
Database::get()->query("INSERT INTO admin_announcement
SET title = ?s,
url = ?s,
notes = ?s,
category_id = ?d,
datestamp = NOW(),
course_id = ?d,
`order` = ?d"
, $_POST['term'], $_POST['definition'], $url, purify($_POST['notes']), $category_id, $course_id, findorder($course_id));
$log_action = LOG_INSERT;
$success_message = $langGlossaryAdded;
}
$id = $q->lastInsertID;
Log::record($course_id, MODULE_ID_GLOSSARY, $log_action, array('id' => $id,
'term' => $_POST['term'],
'definition' => $_POST['definition'],
'url' => $url,
'notes' => purify($_POST['notes'])));
if ($q and $q->affectedRows) {
invalidate_glossary_cache();
Session::Messages($success_message, 'alert-success');
}
redirect_to_home_page("modules/glossary/index.php?course=$course_code");
} else {
$new_or_modify = isset($_POST['id']) ? "&edit=$_POST[id]" : "&add=1";
Session::flashPost()->Messages($langFormErrors)->Errors($v->errors());
redirect_to_home_page("modules/glossary/index.php?course=$course_code$new_or_modify");
}
}
if (isset($_GET['delete'])) {
$id = getDirectReference($_GET['delete']);
/** Walks recursively through an array and trims whitespace.
* Compresses multiple spaces into 1
* @param array $data
*/
function purifyArray(array &$data)
{
foreach ($data as $key => &$value) {
trim($key);
if (is_array($value)) {
purify($value);
} else {
$value = trim(preg_replace('/\\s+/', ' ', $value));
}
}
}
function getLink()
{
return "<a href=\"" . $this->getUrl() . "\">" . purify($this->getName()) . "</a>";
}
$av = new AutoValidator("frm-register", $_POST);
if ($av->validate()) {
if (isset($_POST['question']) && $_POST['question'] == "10") {
$email = db_escape(purify(trim(Charset::Utf8ToDB($_POST['email']))));
$creds = LoginUtils::HashToCredentials(db_escape($_POST['hash']));
$username = db_escape(purify(trim(Charset::Utf8ToDB($creds['username']))));
$password = db_escape(purify(trim(Charset::Utf8ToDB($creds['password']))));
// Username libero?
if (!DB::FindOne("SELECT 1 FROM users WHERE user = \"{$username}\"")) {
// Legacy: Un timestamp sarebbe stato meglio, ma non dobbiamo fare nulla con questo dato, quindi va bene cosi'
$data = date("d/m/Y G:i");
$description = "Normal User";
$md5 = LoginUtils::Md5FromCredentials($username, $password);
// Tutto a posto
exequery(sprintf('INSERT INTO users (user, mail, ip, os_browser, date, description, permission, verified, md5, last_login_timestamp, last_login_ip, newsletter)
VALUES ("%s", "%s", "%s", "%s", "%s", "%s", %s, %s, "%s", %s, "%s", %s)', $username, $email, get_ip(), db_escape(purify($_SERVER["HTTP_USER_AGENT"])), $data, $description, User::PERMISSION_USER, 1, $md5, time(), get_ip(), 1));
// Logga l'utente
$currentUser = UserFactory::CreateFromCredentials($username, $password);
if ($currentUser->isLogged()) {
$response->setSuccess(true);
// Logga
Log::Info(sprintf("%s si e' registrato", $currentUser['username']));
$_SESSION['login_hash'] = $currentUser['md5'];
setcookie('login_hash', $currentUser['md5'], time() + 60 * 60 * 24 * 7, '/');
} else {
// Questo non dovrebbe succedere
$response->setError("E' successo un imprevisto durante la registrazione. Per favore segnala questo incidente ad un amministratore.");
}
} else {
$response->setError("L'username e' stato gia' preso. Scegline un'altro.");
}
if (isset($_POST['submitBlogPost']) && $_POST['submitBlogPost'] == $langAdd) {
if ($blog->permCreate($is_editor, $stud_allow_create, $uid)) {
$post = new BlogPost();
if ($post->create($_POST['blogPostTitle'], purify($_POST['newContent']), $uid, $course_id)) {
Session::Messages($langBlogPostSaveSucc, 'alert-success');
} else {
Session::Messages($langBlogPostSaveFail);
}
} else {
Session::Messages($langBlogPostNotAllowedCreate);
}
} elseif (isset($_POST['submitBlogPost']) && $_POST['submitBlogPost'] == $langModifBlogPost) {
$post = new BlogPost();
if ($post->loadFromDB($_POST['pId'])) {
if ($post->permEdit($is_editor, $stud_allow_create, $uid)) {
if ($post->edit($_POST['blogPostTitle'], purify($_POST['newContent']))) {
Session::Messages($langBlogPostSaveSucc, 'alert-success');
} else {
Session::Messages($langBlogPostSaveFail);
}
} else {
Session::Messages($langBlogPostNotAllowedEdit);
}
} else {
Session::Messages($langBlogPostNotFound);
}
}
redirect_to_home_page("modules/blog/index.php?course={$course_code}");
}
if (isset($message) && $message) {
$tool_content .= $message . "<br/>";
function updateFillInBlanksAnswerTypeValue(){
$('input[name=answerType]#fill_in_blanks_selector').val($(this).val());
}
});
</script>
";
// the question form has been submitted
if (isset($_POST['submitQuestion'])) {
$v = new Valitron\Validator($_POST);
$v->rule('required', array('questionName'));
$v->labels(array(
'questionName' => "$langTheField $langQuestion"
));
if($v->validate()) {
$questionName = trim($questionName);
$questionDescription = purify($questionDescription);
// no name given
if (empty($questionName)) {
$msgErr = $langGiveQuestion;
}
if (isset($_GET['modifyQuestion'])) {
$objQuestion->read($_GET['modifyQuestion']);
}
$objQuestion->updateTitle($questionName);
$objQuestion->updateDescription($questionDescription);
$objQuestion->updateType($answerType);
$objQuestion->updateDifficulty($difficulty);
$objQuestion->updateCategory($category);
//If grade field set (only in Free text questions)
if (isset($questionGrade)) {
*/
$require_current_course = TRUE;
$require_login = true;
$require_editor = true;
require_once '../../include/baseTheme.php';
require_once 'modules/units/functions.php';
require_once 'include/lib/fileUploadLib.inc.php';
$pageName = $langEditCourseProgram;
$navigation[] = array('url' => 'index.php?course=' . $course_code, 'name' => $langCourseProgram);
$course = Database::get()->querySingle('SELECT description, home_layout, course_image FROM course WHERE id = ?d', $course_id);
if (isset($_GET['delete_image'])) {
Database::get()->query("UPDATE course SET course_image = NULL WHERE id = ?d", $course_id);
unlink("{$webDir}/courses/{$course_code}/image/{$course->course_image}");
redirect_to_home_page('modules/course_home/editdesc.php');
} elseif (isset($_POST['submit'])) {
$db_vars = array(purify($_POST['description']), $_POST['layout']);
$extra_sql = '';
if (isset($_FILES['course_image']) && is_uploaded_file($_FILES['course_image']['tmp_name'])) {
$file_name = $_FILES['course_image']['name'];
validateUploadedFile($file_name, 2);
$i = 0;
while (is_file("{$webDir}/courses/{$course_code}/image/{$file_name}")) {
$i++;
$name = pathinfo($file_name, PATHINFO_FILENAME);
$ext = get_file_extension($file_name);
$file_name = "{$name}-{$i}.{$ext}";
}
move_uploaded_file($_FILES['course_image']['tmp_name'], "{$webDir}/courses/{$course_code}/image/{$file_name}");
$extra_sql = ", course_image = ?s";
array_push($db_vars, $file_name);
}
$startDate_obj = DateTime::createFromFormat('Y-m-d', $announce->start_display);
$startdate = $startDate_obj->format('d-m-Y');
$showFrom = q($startdate);
}
if ($announce->stop_display != '0000-00-00') {
$endDate_obj = DateTime::createFromFormat('Y-m-d', $announce->stop_display);
$enddate = $endDate_obj->format('d-m-Y');
$showUntil = q($enddate);
}
}
}
/* submit */
if (isset($_POST['submitAnnouncement'])) {
// modify announcement
$antitle = $_POST['antitle'];
$newContent = purify($_POST['newContent']);
$send_mail = isset($_POST['recipients']) && count($_POST['recipients']) > 0;
if (isset($_POST['startdate']) && !empty($_POST['startdate'])) {
$startDate_obj = DateTime::createFromFormat('d-m-Y', $_POST['startdate']);
$start_display = $startDate_obj->format('Y-m-d');
} else {
$start_display = "0000-00-00";
}
if (isset($_POST['enddate']) && !empty($_POST['enddate'])) {
$endDate_obj = DateTime::createFromFormat('d-m-Y', $_POST['enddate']);
$stop_display = $endDate_obj->format('Y-m-d');
} else {
$stop_display = "0000-00-00";
}
if (!empty($_POST['id'])) {
$id = intval($_POST['id']);
function edit_assignment($id)
{
global $tool_content, $langBackAssignment, $langEditSuccess, $m, $langTheField, $langEditError, $course_code, $works_url, $course_id, $uid, $workPath, $langFormErrors;
$v = new Valitron\Validator($_POST);
$v->rule('required', array('title', 'max_grade'));
$v->rule('numeric', array('max_grade'));
$v->labels(array('title' => "{$langTheField} {$m['title']}", 'max_grade' => "{$langTheField} {$m['max_grade']}"));
if ($v->validate()) {
$row = Database::get()->querySingle("SELECT * FROM assignment WHERE id = ?d", $id);
$title = $_POST['title'];
$desc = purify($_POST['desc']);
$deadline = trim($_POST['WorkEnd']) == FALSE ? '0000-00-00 00:00' : date('Y-m-d H:i', strtotime($_POST['WorkEnd']));
$late_submission = isset($_POST['late_submission']) && trim($_POST['WorkEnd']) != FALSE ? 1 : 0;
$group_submissions = $_POST['group_submissions'];
$max_grade = filter_input(INPUT_POST, 'max_grade', FILTER_VALIDATE_FLOAT);
$assign_to_specific = filter_input(INPUT_POST, 'assign_to_specific', FILTER_VALIDATE_INT);
$assigned_to = filter_input(INPUT_POST, 'ingroup', FILTER_VALIDATE_INT, FILTER_REQUIRE_ARRAY);
$auto_judge = filter_input(INPUT_POST, 'auto_judge', FILTER_VALIDATE_INT);
$auto_judge_scenarios = serialize($_POST['auto_judge_scenarios']);
$lang = filter_input(INPUT_POST, 'lang');
if ($assign_to_specific == 1 && empty($assigned_to)) {
$assign_to_specific = 0;
}
if (!isset($_POST['comments'])) {
$comments = '';
} else {
$comments = purify($_POST['comments']);
}
if (!isset($_FILES) || !$_FILES['userfile']['size']) {
$_FILES['userfile']['name'] = '';
$_FILES['userfile']['tmp_name'] = '';
$filename = $row->file_path;
$file_name = $row->file_name;
} else {
validateUploadedFile($_FILES['userfile']['name'], 2);
if (preg_match('/\\.(ade|adp|bas|bat|chm|cmd|com|cpl|crt|exe|hlp|hta|' . 'inf|ins|isp|jse|lnk|mdb|mde|msc|msi|msp|mst|pcd|pif|reg|scr|sct|shs|' . 'shb|url|vbe|vbs|wsc|wsf|wsh)$/', $_FILES['userfile']['name'])) {
$tool_content .= "<p class=\"caution\">{$langUnwantedFiletype}: {$_FILES['userfile']['name']}<br />";
$tool_content .= "<a href=\"{$_SERVER['SCRIPT_NAME']}?course={$course_code}&id={$id}\">{$langBack}</a></p><br />";
return;
}
$local_name = uid_to_name($uid);
$am = Database::get()->querySingle("SELECT am FROM user WHERE id = ?d", $uid)->am;
if (!empty($am)) {
$local_name .= $am;
}
$local_name = greek_to_latin($local_name);
$local_name = replace_dangerous_char($local_name);
$secret = $row->secret_directory;
$ext = get_file_extension($_FILES['userfile']['name']);
$filename = "{$secret}/{$local_name}" . (empty($ext) ? '' : '.' . $ext);
if (move_uploaded_file($_FILES['userfile']['tmp_name'], "{$workPath}/admin_files/{$filename}")) {
@chmod("{$workPath}/admin_files/{$filename}", 0644);
$file_name = $_FILES['userfile']['name'];
}
}
Database::get()->query("UPDATE assignment SET title = ?s, description = ?s, deadline = ?t, late_submission = ?d, comments = ?s,\n group_submissions = ?d, max_grade = ?d, assign_to_specific = ?d, file_path = ?s, file_name = ?s,\n auto_judge = ?d, auto_judge_scenarios = ?s, lang = ?s WHERE course_id = ?d AND id = ?d", $title, $desc, $deadline, $late_submission, $comments, $group_submissions, $max_grade, $assign_to_specific, $filename, $file_name, $auto_judge, $auto_judge_scenarios, $lang, $course_id, $id);
Database::get()->query("DELETE FROM assignment_to_specific WHERE assignment_id = ?d", $id);
if ($assign_to_specific && !empty($assigned_to)) {
if ($group_submissions == 1) {
$column = 'group_id';
$other_column = 'user_id';
} else {
$column = 'user_id';
$other_column = 'group_id';
}
foreach ($assigned_to as $assignee_id) {
Database::get()->query("INSERT INTO assignment_to_specific ({$column}, {$other_column}, assignment_id) VALUES (?d, ?d, ?d)", $assignee_id, 0, $id);
}
}
Log::record($course_id, MODULE_ID_ASSIGN, LOG_MODIFY, array('id' => $id, 'title' => $title, 'description' => $desc, 'deadline' => $deadline, 'group' => $group_submissions));
\Session::Messages($langEditSuccess, 'alert-success');
redirect_to_home_page("modules/work/index.php?course={$course_code}");
} else {
// $new_or_modify = isset($_GET['NewExercise']) ? "&NewExercise=Yes" : "&exerciseId=$_GET[exerciseId]&modifyExercise=yes";
Session::flashPost()->Messages($langFormErrors)->Errors($v->errors());
redirect_to_home_page("modules/work/index.php?course={$course_code}&id={$id}&choice=edit");
}
}
if ($is_editor) {
$agdx = new AgendaIndexer();
// modify visibility
if (isset($_GET['mkInvisibl']) and $_GET['mkInvisibl'] == true) {
Database::get()->query("UPDATE agenda SET visible = 0 WHERE course_id = ?d AND id = ?d", $course_id, $id);
$agdx->store($id);
redirect_to_home_page("modules/agenda/index.php?course=$course_code&v=1");
} elseif (isset($_GET['mkVisibl']) and ( $_GET['mkVisibl'] == true)) {
Database::get()->query("UPDATE agenda SET visible = 1 WHERE course_id = ?d AND id = ?d", $course_id, $id);
$agdx->store($id);
redirect_to_home_page("modules/agenda/index.php?course=$course_code&v=1");
}
if (isset($_POST['event_title'])) {
register_posted_variables(array('startdate' => true, 'event_title' => true, 'content' => true, 'duration' => true));
$content = purify($content);
if (isset($_POST['id']) and !empty($_POST['id'])) { // update event
$id = $_POST['id'];
$recursion = null;
if (!empty($_POST['frequencyperiod']) && intval($_POST['frequencynumber']) > 0 && !empty($_POST['enddate'])) {
$recursion = array('unit' => $_POST['frequencyperiod'], 'repeat' => $_POST['frequencynumber'], 'end' => $_POST['enddate']);
}
if(isset($_POST['rep']) && $_POST['rep'] == 'yes'){
$resp = update_recursive_event($id, $event_title, $startdate, $duration, $content, $recursion);
} else {
$resp = update_event($id, $event_title, $startdate, $duration, $content, $recursion);
}
$agdx->store($id);
} else { // add new event
$recursion = null;
if (!empty($_POST['frequencyperiod']) && intval($_POST['frequencynumber']) > 0 && !empty($_POST['enddate'])) {
$course_license = 0;
break;
}
}
if (ctype_alnum($_POST['view_type'])) {
$view_type = $_POST['view_type'];
}
if (empty($_POST['start_date'])) {
$_POST['start_date'] = '0000-00-00';
}
if (empty($_POST['finish_date'])) {
$_POST['finish_date'] = '0000-00-00';
}
$description = purify($_POST['description']);
$result = Database::get()->query("INSERT INTO course SET
code = ?s,
lang = ?s,
title = ?s,
visible = ?d,
course_license = ?d,
prof_names = ?s,
public_code = ?s,
doc_quota = ?f,
video_quota = ?f,
group_quota = ?f,
dropbox_quota = ?f,
password = ?s,
view_type = ?s,
start_date = ?t,
}
} else {
// a bad answer can't have a positive weighting
$weighting[$i] = 0 - abs($weighting[$i]);
}
// checks if field is empty
//if(empty($reponse[$i])) {
// '0' might be a valid answer
if (!isset($reponse[$i]) || $reponse[$i] === null) {
$msgErr = $langGiveAnswers;
// clears answers already recorded into the Answer object
$objAnswer->cancel();
break;
} else {
// adds the answer into the object
$objAnswer->createAnswer($reponse[$i], $goodAnswer, purify($comment[$i]), $weighting[$i], $i);
}
}
// end for()
if (empty($msgErr)) {
if (!$nbrGoodAnswers) {
$msgErr = $answerType == TRUE_FALSE ? $langChooseGoodAnswer : $langChooseGoodAnswers;
// clears answers already recorded into the Answer object
$objAnswer->cancel();
} else {
// saves the answers into the data base
$objAnswer->save();
// sets the total weighting of the question
$objQuestion->updateWeighting($questionWeighting);
$objQuestion->save($exerciseId);
$editQuestion = $questionId;
/**
* Update existing event and logs the action
* @param int $eventid id in table personal_calendar
* @param string $title event title
* @param string $start event datetime
* @param text $content event details
* @param boolean $recursivelly specifies if the update should be applied to all events of the group of recursive events or to the specific one
*/
function update_event($eventid, $title, $start, $duration, $content, $recursion, $recursivelly = false){
global $uid, $langNotValidInput, $course_id;
if (!preg_match('/[0-9]+(:[0-9]+){0,2}/', $duration)) {
$duration = '0:00';
}
if($recursivelly && !is_null($recursion)){
$oldrec = get_event_recursion($eventid, $course_id);
$p = "P".$recursion['repeat'].$recursion['unit'];
$e = DateTime::createFromFormat('d-m-Y', $recursion['end'])->format('Y-m-d');
if($oldrec->recursion_period != $p || $oldrec->recursion_end != $e){
delete_recursive_event($eventid);
return add_event($title, $content, $start, $duration, $recursion);
}
}
if(!is_null($recursion) && !is_recursive($eventid))
{
delete_event($eventid);
return add_event($title, $content, $start, $duration, $recursion);
}
$d1 = DateTime::createFromFormat('d-m-Y H:i', $start);
$d2 = DateTime::createFromFormat('d-m-Y H:i:s', $start);
$title = trim($title);
if(empty($title) || !(($d1 && $d1->format('d-m-Y H:i') == $start) || ($d2 && $d2->format('d-m-Y H:i:s') == $start)))
{
return array('success'=>false, 'message'=>$langNotValidInput);
} else {
$start = $d1->format('Y-m-d H:i');
}
$where_clause = ($recursivelly)? "WHERE source_event_id = ?d AND course_id = ?d":"WHERE id = ?d AND course_id = ?d";
$startdatetimeformatted = ($recursivelly)? $d1->format('H:i'):$d1->format('Y-m-d H:i');
$start_date_update_clause = ($recursivelly)? "start = CONCAT(date_format(start, '%Y-%m-%d '),?t), ":"start = ?t, ";
Database::get()->query("UPDATE agenda SET "
. "title = ?s, "
. $start_date_update_clause
. "duration = ?t, "
. "content = ?s "
. $where_clause,
$title, $startdatetimeformatted, $duration, purify($content), $eventid, $course_id);
Log::record($course_id, MODULE_ID_AGENDA, LOG_MODIFY, array('user_id' => $uid, 'id' => $eventid,
'title' => $title,
'recursivelly' => $recursivelly,
'content' => ellipsize_html(canonicalize_whitespace(strip_tags($content)), 50, '+')));
return array('success'=>true, 'message'=>'', 'event'=>$eventid);
}
/**
* @param string $code
* @param string $title
* @param string $prof
* @param string $lang
* @param string $type - can be null
* @param int $vis
* @param string $desc
* @param mixed $faculty - can be null
*/
function course_details_form($code, $title, $prof, $lang, $type, $vis, $desc, $faculty) {
global $langInfo1, $langInfo2, $langCourseCode, $langLanguage, $langTitle,
$langCourseDescription, $langFaculty, $langCourseVis,
$langTeacher, $langUsersWillAdd,
$langOk, $langAll, $langsTeachers, $langMultiRegType,
$langNone, $langOldValue, $treeObj, $langBack, $course_code;
list($tree_js, $tree_html) = $treeObj->buildCourseNodePicker();
if ($type) {
if (isset($GLOBALS['lang' . $type])) {
$type_label = ' (' . $GLOBALS['lang' . $type] . ')';
} else {
$type_label = ' (' . $type . ')';
}
} else {
$type_label = '';
}
if (is_array($faculty)) {
foreach ($faculty as $entry) {
$old_faculty_names[] = q(Hierarchy::unserializeLangField($entry['name']));
}
$old_faculty = implode('<br>', $old_faculty_names);
} else {
$old_faculty = q(Hierarchy::unserializeLangField($faculty) . $type_label);
}
$formAction = $_SERVER['SCRIPT_NAME'];
if (isset($GLOBALS['course_code'])) {
$formAction .= '?course=' . $GLOBALS['course_code'];
}
return action_bar(array(
array('title' => $langBack,
'url' => "index.php?course=$course_code",
'icon' => 'fa-reply',
'level' => 'primary-label'))) . "
<div class='alert alert-info'>$langInfo1 <br> $langInfo2</div>
<div class='row'>
<div class='col-md-12'>
<div class='form-wrapper' >
<form class='form-horizontal' role='form' action='$formAction' method='post' onsubmit='return validateNodePickerForm();' >
<div class='form-group'>
<label for='course_code' class='col-sm-3 control-label'>$langCourseCode:</label>
<div class='col-sm-9'>
<input type='text' class='form-control' id='course_code' name='course_code' value='" . q($code) . "'>
</div>
</div>
<div class='form-group'>
<label for='course_code' class='col-sm-3 control-label'>$langLanguage:</label>
<div class='col-sm-9'>
" . lang_select_options('course_lang') . "
</div>
</div>
<div class='form-group'>
<label for='course_title' class='col-sm-3 control-label'>$langTitle:</label>
<div class='col-sm-9'>
<input class='form-control' type='text' id='course_title' name='course_title' value='" . q($title) . "' />
</div>
</div>
<div class='form-group'>
<label class='col-sm-3 control-label'>$langCourseDescription:</label>
<div class='col-sm-9'>
" . rich_text_editor('course_desc', 10, 40, purify($desc)) . "
</div>
</div>
<div class='form-group'>
<label class='col-sm-3 control-label'>$langFaculty:</label>
<div class='col-sm-9'>
" . $tree_html . "<br>$langOldValue: <i>$old_faculty</i>
</div>
</div>
<div class='form-group'>
<label class='col-sm-3 control-label'>$langCourseVis:</label>
<div class='col-sm-9'>
" . visibility_select($vis) . "
</div>
</div>
<div class='form-group'>
<label for='course_prof' class='col-sm-3 control-label'>$langTeacher:</label>
<div class='col-sm-9'>
<input class='form-control' type='text' id='course_prof' name='course_prof' value='" . q($prof) . "' size='50' />
</div>
</div>
<div class='form-group'>
<label class='col-sm-3 control-label'>$langUsersWillAdd:</label>
<div class='col-sm-9'>
<input type='radio' name='add_users' value='all' id='add_users_all' checked='checked'>
$langAll<br>
<input type='radio' name='add_users' value='prof' id='add_users_prof'>
$langsTeachers<br>
<input type='radio' name='add_users' value='none' id='add_users_none'>
$langNone
</div>
</div>
<div class='form-group'>
<label class='col-sm-3 control-label'>$langMultiRegType:</label>
<div class='col-sm-9'>
<input type='checkbox' name='create_users' value='1' id='create_users' checked='checked'>
</div>
</div>
<div class='form-group'>
<div class='col-sm-offset-3 col-sm-9'>
<input class='btn btn-primary' type='submit' name='create_restored_course' value='$langOk' />
<input type='hidden' name='restoreThis' value='" . q($_POST['restoreThis']) . "' />
</div>
</div>
" . generate_csrf_token_form_field() . "
</form>
</div>
</div>
</div>
";
}
function updateCourseDescription($cdId, $title, $comments, $type) {
global $course_id, $course_code;
$type = (isset($type)) ? intval($type) : null;
if ($cdId !== null) {
Database::get()->query("UPDATE course_description SET
title = ?s,
comments = ?s,
type = ?d,
update_dt = NOW()
WHERE id = ?d", $title, $comments, $type, intval($cdId));
} else {
$res = Database::get()->querySingle("SELECT MAX(`order`) AS max FROM course_description WHERE course_id = ?d", $course_id);
$maxorder = ($res->max !== false) ? intval($res->max) + 1 : 1;
Database::get()->query("INSERT INTO course_description SET
course_id = ?d,
title = ?s,
comments = ?s,
type = ?d,
`order` = ?d,
update_dt = NOW()", $course_id, $title, purify($comments), $type, $maxorder);
}
CourseXMLElement::refreshCourse($course_id, $course_code);
}
$tool_content .= "<div class='alert alert-danger'>{$langErrorPost}</div>";
draw($tool_content, 2);
exit;
}
if (!isset($_POST['submit'])) {
$dynbar = array(array('title' => $langBack, 'url' => "viewforum.php?course={$course_code}&forum={$forum_id}", 'icon' => 'fa-reply', 'level' => 'primary-label'));
$tool_content .= action_bar($dynbar);
}
if (isset($_POST['submit'])) {
$subject = trim($_POST['subject']);
$message = trim($_POST['message']);
if (empty($message) or empty($subject)) {
header("Location: viewforum.php?course={$course_code}&forum={$forum_id}&empty=true");
exit;
}
$message = purify($message);
$poster_ip = $_SERVER['REMOTE_ADDR'];
$time = date("Y-m-d H:i:s");
$topic_id = Database::get()->query("INSERT INTO forum_topic (title, poster_id, forum_id, topic_time) VALUES (?s, ?d, ?d, ?t)", $subject, $uid, $forum_id, $time)->lastInsertID;
Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_FORUMTOPIC, $topic_id);
$post_id = Database::get()->query("INSERT INTO forum_post (topic_id, post_text, poster_id, post_time, poster_ip) VALUES (?d, ?s, ?d, ?t, ?s)", $topic_id, $message, $uid, $time, $poster_ip)->lastInsertID;
Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_FORUMPOST, $post_id);
$forum_user_stats = Database::get()->querySingle("SELECT COUNT(*) as c FROM forum_post \n INNER JOIN forum_topic ON forum_post.topic_id = forum_topic.id\n INNER JOIN forum ON forum.id = forum_topic.forum_id\n WHERE forum_post.poster_id = ?d AND forum.course_id = ?d", $uid, $course_id);
Database::get()->query("DELETE FROM forum_user_stats WHERE user_id = ?d AND course_id = ?d", $uid, $course_id);
Database::get()->query("INSERT INTO forum_user_stats (user_id, num_posts, course_id) VALUES (?d,?d,?d)", $uid, $forum_user_stats->c, $course_id);
Database::get()->query("UPDATE forum_topic\n SET last_post_id = ?d\n WHERE id = ?d\n AND forum_id = ?d", $post_id, $topic_id, $forum_id);
Database::get()->query("UPDATE forum\n SET num_topics = num_topics+1,\n num_posts = num_posts+1,\n last_post_id = ?d\n\t\tWHERE id = ?d", $post_id, $forum_id);
$topic = $topic_id;
$total_forum = get_total_topics($forum_id);
$total_topic = get_total_posts($topic) - 1;
// subtract 1 because we want the number of replies, not the number of posts.
} elseif (isset($_POST['submitBlogPost']) && $_POST['submitBlogPost'] == $langModifBlogPost) {
$post = new BlogPost();
if ($post->loadFromDB($_POST['pId'])) {
//different criteria regarding creating posts for different blog types
if ($blog_type == 'course_blog') {
$allow_to_edit = $post->permEdit($is_editor, $stud_allow_create, $uid);
} elseif ($blog_type == 'perso_blog') {
$allow_to_edit = $is_blog_editor;
}
if ($allow_to_edit) {
if (isset($_POST['commenting'])) {
$commenting = intval($_POST['commenting']);
} else {
$commenting = NULL;
}
if ($post->edit($_POST['blogPostTitle'], purify($_POST['newContent']), $commenting)) {
Session::Messages($langBlogPostSaveSucc, 'alert-success');
} else {
Session::Messages($langBlogPostSaveFail);
}
} else {
Session::Messages($langBlogPostNotAllowedEdit);
}
} else {
Session::Messages($langBlogPostNotFound);
}
}
redirect_to_home_page("modules/blog/index.php?$url_params");
}
if (isset($message) && $message) {
$file_date = date("Y\\-m\\-d G\\:i\\:s");
$file_format = get_file_extension($fileName);
$file_creator = "{$_SESSION['givenname']} {$_SESSION['surname']}";
$q = Database::get()->query("INSERT INTO document SET\n course_id = ?d,\n subsystem = ?d,\n subsystem_id = ?d,\n path = ?s,\n extra_path = '',\n filename = ?s,\n visible = 1,\n comment = '',\n category = 0,\n title = ?s,\n creator = ?s,\n date = ?s,\n date_modified = ?s,\n subject = '',\n description = '',\n author = ?s,\n format = ?s,\n language = ?s,\n copyrighted = 0,\n editable = 1", $course_id, $subsystem, $subsystem_id, $file_path, $fileName, $_POST['file_title'], $file_creator, $file_date, $file_date, $file_creator, $file_format, $language);
}
if ($q) {
if (!isset($id)) {
$id = $q->lastInsertID;
$log_action = LOG_INSERT;
} else {
$log_action = LOG_MODIFY;
}
Log::record($course_id, MODULE_ID_DOCS, $log_action, array('id' => $id, 'filepath' => $file_path, 'filename' => $fileName, 'title' => $_POST['file_title']));
$action_message .= "<div class='alert alert-success'>{$langDownloadEnd}</div><br />";
$title = $_POST['file_title'] ? $_POST['file_title'] : $fileName;
file_put_contents($basedir . $file_path, '<!DOCTYPE html><head><meta charset="utf-8">' . '<title>' . q($title) . '</title><body>' . purify($_POST['file_content']) . "</body></html>\n");
Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_DOCUMENT, $id);
}
$curDirPath = dirname($file_path);
}
}
/* * ************************************
MOVE FILE OR DIRECTORY
* ************************************ */
/* -------------------------------------
MOVE FILE OR DIRECTORY : STEP 2
-------------------------------------- */
if (isset($_POST['moveTo'])) {
$moveTo = $_POST['moveTo'];
$source = $_POST['source'];
$sourceXml = $source . '.xml';
add_attendance_activity($attendance_id, $id, $type);
Session::Messages("$langGradebookSucInsert","alert-success");
redirect_to_home_page("modules/attendance/index.php?course=$course_code&attendance_id=$attendance_id");
$display = FALSE;
}
//UPDATE/INSERT DB: add or edit activity to attendance module (edit concerns and course activities like lps)
elseif(isset($_POST['submitAttendanceActivity'])) {
$v = new Valitron\Validator($_POST);
$v->rule('date', array('date'));
$v->labels(array(
'date' => "$langTheField $langGradebookActivityDate2"
));
if($v->validate()) {
$actTitle = isset($_POST['actTitle']) ? trim($_POST['actTitle']) : "";
$actDesc = purify($_POST['actDesc']);
$auto = isset($_POST['auto']) ? $_POST['auto'] : "";
$actDate = !empty($_POST['date']) ? $_POST['date'] : null;
$visible = isset($_POST['visible']) ? 1 : 0;
if ($_POST['id']) {
//update
$id = $_POST['id'];
Database::get()->query("UPDATE attendance_activities SET `title` = ?s, date = ?t,
description = ?s, `auto` = ?d
WHERE id = ?d", $actTitle, $actDate, $actDesc, $auto, $id);
Session::Messages("$langGradebookEdit", "alert-success");
redirect_to_home_page("modules/attendance/index.php?course=$course_code&attendance_id=$attendance_id");
} else {
//insert
$insertAct = Database::get()->query("INSERT INTO attendance_activities SET attendance_id = ?d, title = ?s,
`date` = ?t, description = ?s",
/**
* Update existing admin event and logs the action
* @param int $eventid id in table note
* @param string $title note title
* @param text $content note body
* @param int $visibility_level min user level to show this event to
*/
public static function update_admin_event($eventid, $title, $start, $duration, $content, $visibility_level)
{
global $uid, $is_admin, $langNotValidInput, $langNotAllowed;
if (!is_admin) {
return array('success' => false, 'message' => $langNotAllowed);
}
$d1 = DateTime::createFromFormat('Y-m-d H:i', $start);
$d2 = DateTime::createFromFormat('Y-m-d H:i:s', $start);
$title = trim($title);
if (empty($title) || !($d1 && $d1->format('Y-m-d H:i') == $start || $d2 && $d2->format('Y-m-d H:i:s') == $start)) {
return array('success' => false, 'message' => $langNotValidInput);
}
Database::get()->query("UPDATE admin_calendar SET " . "title = ?s, " . "start = ?t, " . "duration = ?t, " . "content = ?s, " . "visibility_level = ?d " . "WHERE id = ?d", $title, $start, $duration, purify($content), $visibility_level, $eventid);
Log::record(0, MODULE_ID_ADMINCALENDAR, LOG_MODIFY, array('user_id' => $uid, 'id' => $eventid, 'title' => $title, 'content' => ellipsize_html(canonicalize_whitespace(strip_tags($content)), 50, '+')));
return array('success' => true, 'message' => '', 'event' => $eventid);
}
/**
* @brief insert text in database
* @global type $comments
* @global type $course_code
* @global type $course_id
* @param type $id
*/
function insert_text($id) {
global $comments, $course_code, $course_id;
if(!empty($comments)){
$order = Database::get()->querySingle("SELECT MAX(`order`) AS maxorder FROM unit_resources WHERE unit_id = ?d", $id)->maxorder;
$order++;
$comments = purify($comments);
$q = Database::get()->query("INSERT INTO unit_resources SET unit_id = ?d, type='text', title='',
comments = ?s, visible=1, `order` = ?d, `date`= " . DBHelper::timeAfter() . ", res_id = 0", $id, $comments, $order);
$uresId = $q->lastInsertID;
Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_UNITRESOURCE, $uresId);
Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_COURSE, $course_id);
CourseXMLElement::refreshCourse($course_id, $course_code);
}
header('Location: index.php?course=' . $course_code . '&id=' . $id);
exit;
}