/**
  * Look for all rangeIDs for my permissions
  * @param  object  Perm &$permObj  PHP-LIB-Perm-Object
  * @param  object  User &$userObj  PHP-LIB-User-Object
  * @param  string  $rangeID   RangeID of actual page
  */
 function getValidRangeIDs(&$permObj, &$userObj, $rangeID)
 {
     $range_ids = array();
     $username = get_username($userObj->id);
     $range_ids += array($username => array("name" => _("Profil")));
     /* is root ------------------------------------------------------------ */
     if ($permObj->have_perm("root")) {
         $range_ids += array("studip" => array("name" => _("Stud.IP-System")));
         if (($adminRange = $this->getRangename($rangeID)) && $rangeID != $userObj->id) {
             $range_ids += array($rangeID => array("name" => $adminRange));
         }
     } else {
         if ($permObj->have_perm("admin")) {
             if (($adminRange = $this->getRangename($rangeID)) && $rangeID != $userObj->id) {
                 $range_ids += array($rangeID => array("name" => $adminRange));
             }
         } else {
             if ($permObj->have_perm("dozent") || $permObj->have_perm("tutor")) {
                 if ($ranges = search_range("")) {
                     $range_ids += $ranges;
                 }
             } else {
                 if ($permObj->have_perm("autor")) {
                 }
             }
         }
     }
     /* --------------------------------------------------------- end: autor */
     return $range_ids;
 }
Exemple #2
0
<?php

include "../config.php";
include "../functions.php";
include "../private_functions.php";
if (isset($_GET['keyword']) && $_GET['coorx'] && $_GET['coory'] && $_GET['range']) {
    $dbh = db_connect($MY_HOST, $MY_DB_PORT, $MY_DB, $DB_USER, $DB_PW);
    $num = 10;
    if (isset($_GET['count']) && is_numeric($_GET['count'])) {
        $num = $_GET['count'];
    }
    $res = search_range($dbh, $_GET['keyword'], $_GET['coorx'], $_GET['coory'], $_GET['range'], $num);
    close_db_connection($dbh);
    echo json_encode($res);
} else {
    echo json_encode(array("status" => -1));
}
Exemple #3
0
 /**
  *
  * @access public
  * @param  string   $search_str
  * @return array
  */
 function search_range($search_str)
 {
     return search_range($search_str, true);
 }
Exemple #4
0
<?php 
$num_results = 0;
if (isset($_POST['keyword'])) {
    $coorX = $_POST['coorX'];
    $coorY = $_POST['coorY'];
    $locRange = $_POST['range'];
    $numHashTag = $_POST['numHashTag'];
    $keyword = $_POST['keyword'];
    error_log("Key:" . $keyword . ", location:" . strval($coorX) . "," . strval($coorY) . "," . strval($locRange) . ", No hashtag:" . strval($numHashTag));
    $include_range = $_POST['includeLoc'];
    if (!isset($_POST['includeLoc'])) {
        error_log("A regular search on keyworld (" . $_POST['keyword'] . ")");
        $resp = search($dbh, $_POST['keyword'], 100);
    } else {
        error_log("Should call another search function!");
        $resp = search_range($dbh, $keyword, $coorX, $coorY, $locRange, 100);
    }
    if ($resp['status'] == 1) {
        $posts = $resp['posts'];
        for ($i = 0; $i < count($posts); $i++) {
            html_post($dbh, $posts[$i]);
            $num_results++;
        }
        if ($num_results == 0) {
            echo '<p>There appears to be no posts here</p>';
        }
    } else {
        echo "There was  an error with your search";
    }
}
?>
 function index_action()
 {
     if (!$GLOBALS['perm']->have_perm("admin")) {
         throw new AccessDeniedException(_("Sie sind nicht berechtigt, dieses Plugin zu benutzen."));
     }
     $db = DBManager::get();
     if (Request::submitted('do_search_source')) {
         $result = search_range(Request::quoted('search_source'));
         if (is_array($result)) {
             $result = array_filter($result, function ($r) {
                 return $r["type"] == "sem";
             });
             if (count($result)) {
                 PageLayout::postMessage(MessageBox::success(sprintf(_("Ihre Sucher ergab %s Treffer."), count($result))));
                 $show_source_result = true;
             }
         } else {
             PageLayout::postMessage(MessageBox::info(_("Ihre Suche ergab keine Treffer.")));
         }
     }
     if (Request::submitted('do_choose_source')) {
         $source_id = Request::option('search_source_result');
         $copy_count = 5;
         Request::set('to_copy', null);
     } else {
         if (Request::submitted('source_id')) {
             $source_id = Request::option('source_id');
             $copy_count = Request::int('copy_count');
             if ($copy_count < 1) {
                 $copy_count = 1;
             }
         }
     }
     if ($source_id) {
         $source = Seminar::getInstance($source_id);
         $source_name = $source->getName() . ' (' . $source->getStartSemesterName() . ')';
         $copy_type = Request::int('copy_type', $source->status);
         if (SeminarCategories::getByTypeId($copy_type)->course_creation_forbidden) {
             $copy_type = 0;
         }
         if (SeminarCategories::getByTypeId($source->status)->only_inst_user) {
             $search_template = "user_inst";
         } else {
             $search_template = "user";
         }
         $bet_inst = $db->query("SELECT institut_id FROM seminar_inst WHERE seminar_id=" . $db->quote($source_id))->fetchAll(PDO::FETCH_COLUMN);
         $source_dozenten = array_keys($source->getMembers('dozent'));
         if ($copy_count) {
             $r = Request::getArray('to_copy');
             $delete_lecturer = Request::getArray('delete_lecturer');
             $add_lecturer = count(Request::getArray('add_lecturer')) ? (int) key(Request::getArray('add_lecturer')) : null;
             for ($i = 0; $i < $copy_count; $i++) {
                 $to_copy['nr'][$i] = isset($r['nr'][$i]) ? $r['nr'][$i] : $source->getNumber();
                 $to_copy['name'][$i] = isset($r['name'][$i]) ? $r['name'][$i] : $source->getName();
                 $to_copy['participants'][$i] = isset($r['participants'][$i]) ? 1 : 0;
                 $to_copy['lecturers'][$i] = $r['lecturers'][$i];
                 if (empty($to_copy['lecturers'][$i])) {
                     $to_copy['lecturers'][$i] = $source_dozenten;
                 } else {
                     if (isset($delete_lecturer[$i]) && count($to_copy['lecturers'][$i]) > 1) {
                         $to_delete = array_search(key($delete_lecturer[$i]), $to_copy['lecturers'][$i]);
                         if ($to_delete !== false) {
                             unset($to_copy['lecturers'][$i][$to_delete]);
                         }
                     }
                 }
                 if ($add_lecturer === $i && Request::option('add_doz_' . $add_lecturer)) {
                     $to_copy['lecturers'][$i][] = Request::option('add_doz_' . $add_lecturer);
                 }
                 $to_copy['search_lecturer'][$i] = new PermissionSearch($search_template, sprintf(_("%s auswählen"), get_title_for_status('dozent', 1, $source->status)), "user_id", array('permission' => 'dozent', 'exclude_user' => $to_copy['lecturers'][$i], 'institute' => $bet_inst));
             }
         }
         if (Request::submitted('do_copy') && count($to_copy)) {
             $copied = array();
             $lecturer_insert = $db->prepare("INSERT INTO seminar_user (seminar_id,user_id,status,position,gruppe,comment,visible,mkdate) VALUES (?,?,'dozent',?,?,'','yes',UNIX_TIMESTAMP())");
             $copy_seminar_inst = $db->prepare("INSERT INTO seminar_inst (seminar_id,institut_id) SELECT ?,institut_id FROM seminar_inst WHERE seminar_id=?");
             $copy_seminar_sem_tree = $db->prepare("INSERT INTO seminar_sem_tree (seminar_id,sem_tree_id) SELECT ?,sem_tree_id FROM seminar_sem_tree WHERE seminar_id=?");
             $copy_seminar_user = $db->prepare("INSERT IGNORE INTO seminar_user (seminar_id,user_id,status,gruppe, mkdate,comment,position) SELECT ?,user_id,status,gruppe,UNIX_TIMESTAMP(),'',0 FROM seminar_user WHERE status IN ('user','autor','tutor') AND seminar_id=?");
             $copy_seminar_userdomains = $db->prepare("INSERT INTO seminar_userdomains (seminar_id,userdomain_id) SELECT ?,userdomain_id FROM seminar_userdomains WHERE seminar_id=?");
             $copy_statusgruppen = $db->prepare("INSERT INTO statusgruppen (statusgruppe_id,name,range_id,position,size,selfassign,mkdate) SELECT MD5(CONCAT(statusgruppe_id, ?)),name,?,position,size,selfassign,UNIX_TIMESTAMP() FROM statusgruppen WHERE range_id=?");
             $copy_statusgruppe_user = $db->prepare("INSERT INTO statusgruppe_user (statusgruppe_id,user_id,position) SELECT MD5(CONCAT(statusgruppe_user.statusgruppe_id, ?)),user_id,statusgruppe_user.position FROM statusgruppen INNER JOIN statusgruppe_user USING(statusgruppe_id) WHERE range_id=?");
             for ($i = 0; $i < $copy_count; $i++) {
                 $new_sem = Course::build($source->toArray());
                 $new_sem->setId($new_sem->getNewId());
                 $new_sem_id = $new_sem->id;
                 $new_sem->status = Request::int('copy_type', 1);
                 $new_sem->name = $to_copy['name'][$i];
                 $new_sem->veranstaltungsnummer = $to_copy['nr'][$i];
                 $new_sem->store();
                 if (!$new_sem->isNew()) {
                     log_event("SEM_CREATE", $new_sem_id);
                     $gruppe = (int) select_group($new_sem->start_time);
                     $position = 1;
                     foreach ($to_copy['lecturers'][$i] as $lecturer) {
                         $lecturer_insert->execute(array($new_sem_id, $lecturer, $position, $gruppe));
                     }
                     $copy_seminar_inst->execute(array($new_sem_id, $source_id));
                     $copy_seminar_sem_tree->execute(array($new_sem_id, $source_id));
                     $copy_seminar_userdomains->execute(array($new_sem_id, $source_id));
                     if ($to_copy['participants'][$i]) {
                         $copy_seminar_user->execute(array($new_sem_id, $source_id));
                         $copy_statusgruppen->execute(array($new_sem_id, $new_sem_id, $source_id));
                         $copy_statusgruppe_user->execute(array($new_sem_id, $source_id));
                     }
                     $copied[] = $new_sem;
                 }
             }
             PageLayout::postMessage(MessageBox::success(sprintf(_("Es wurden %s Kopien erstellt."), count($copied))));
             $source_id = null;
         }
     }
     PageLayout::setTitle(_("Veranstaltungs-Vervielfältiger"));
     $template_factory = new Flexi_TemplateFactory(dirname(__FILE__) . "/templates");
     $template = $template_factory->open('index.php');
     $template->set_layout($GLOBALS['template_factory']->open('layouts/base.php'));
     echo $template->render(compact('source_id', 'source_name', 'show_source_result', 'result', 'copy_count', 'copy_type', 'to_copy', 'copied'));
 }
Exemple #6
0
<?
if ($msg) {
    echo "<tr><td class='blank' colspan=3>&nbsp;";
    parse_msg($msg);
    echo "</td></tr>";
}
if ($question) {
    echo $question;
}

    //Ordner die fehlen, anlegen: Allgemeiner, wenn nicht da, Ordner zu Terminen, die keinen Ordner haben
    if ($rechte){
        if ($folder_system_data['mode']){
            $module_check = new Modules();
            $my_sem = $my_inst = array();
            foreach(search_range('%') as $key => $value){
                if ($module_check->getStatus('documents', $key, $value['type']) && $key != $SessSemName[1]){
                    if ($value['type'] == 'sem'){
                        $my_sem[$key] = $value['name'];
                    } else {
                        $my_inst[$key] = $value['name'];
                    }
                }
            }
            asort($my_sem, SORT_STRING);
            asort($my_inst, SORT_STRING);
            $button_name = $folder_system_data["mode"] == 'move' ? _('verschieben') : _('kopieren');
            echo '<form action="'.URLHelper::getLink('').'" method="post">';
            echo CSRFProtection::tokenTag();
            echo "\n" . '<tr><td class="blank" colspan="3" width="100%" style="font-size:80%;">';
            echo "\n" . '<div style="margin-left:25px;">';
Exemple #7
0
 /**
  * Searchs for studip areas using given search term
  *
  * @param string $term search term
  * @return array area data
  */
 function search_area($term)
 {
     global $perm;
     $result = array();
     if (strlen($term) < 3) {
         PageLayout::postMessage(MessageBox::error(_('Der Suchbegriff muss mindestens drei Zeichen lang sein.')));
         return $result;
     } elseif ($term == '__THIS_SEMESTER__') {
         $nr = 0;
         $current_semester = Semester::findCurrent();
         $query = "SELECT seminare.Name AS sem_name, seminare.Seminar_id, seminare.visible\n                      FROM seminar_user LEFT JOIN seminare  USING (Seminar_id)\n                      WHERE seminar_user.user_id = :user_id AND seminar_user.status IN('tutor', 'dozent')\n                      AND seminare.start_time <= :start\n                      AND (:start <= (seminare.start_time + seminare.duration_time)\n                      OR seminare.duration_time = -1)";
         if (get_config('DEPUTIES_ENABLE')) {
             $query .= " UNION SELECT CONCAT(seminare.Name, ' [" . _("Vertretung") . "]') AS sem_name, seminare.Seminar_id,\n                            seminare.visible\n                            FROM deputies JOIN seminare ON (deputies.range_id=seminare.Seminar_id)\n                            WHERE deputies.user_id = :user_id\n                            AND seminare.start_time <= :start\n                            AND (:start <= (seminare.start_time + seminare.duration_time)\n                            OR seminare.duration_time = -1)";
         }
         $query .= " ORDER BY sem_name ASC";
         $statement = DBManager::get()->prepare($query);
         $statement->bindValue(':user_id', $GLOBALS['auth']->auth['uid']);
         $statement->bindValue(':start', $current_semester["beginn"]);
         $statement->execute();
         $seminars = $statement->fetchAll(PDO::FETCH_ASSOC);
         foreach ($seminars as $key => $sem) {
             $tmp_result[$sem['Seminar_id']] = array('name' => $sem['sem_name'], 'type' => 'sem');
         }
         $term = '';
     } elseif ($term == '__MY_INSTITUTES__') {
         $term = '';
         if ($perm->have_perm('root')) {
             $tmp_result['studip'] = array('name' => 'Stud.IP', 'type' => 'global');
         }
         $inst_list = Institute::getMyInstitutes();
         if (count($inst_list)) {
             foreach ($inst_list as $data) {
                 $tmp_result[$data['Institut_id']] = array('name' => $data['Name'], 'type' => $data['is_fak'] ? 'fak' : 'inst');
             }
         }
     } else {
         $tmp_result = search_range($term, true);
         // add users
         if (stripos(get_fullname(), $term) !== false) {
             $tmp_result[$GLOBALS['auth']->auth['uid']] = array('name' => get_fullname(), 'type' => 'user');
         }
         if (isDeputyEditAboutActivated()) {
             $query = "SELECT DISTINCT a.user_id " . "FROM deputies d " . "JOIN auth_user_md5 a ON (d.range_id = a.user_id) " . "JOIN user_info u ON (a.user_id=u.user_id) " . "WHERE d.user_id = ? " . "AND CONCAT(u.title_front, ' ', a.Vorname, ' ', a.Nachname, ', ', u.title_rear) LIKE CONCAT('%',?,'%')";
             $statement = DBManager::get()->prepare($query);
             $statement->execute(array($GLOBALS['auth']->auth['uid'], $term));
             while ($data = $statement->fetch(PDO::FETCH_ASSOC)) {
                 $tmp_result[$data['user_id']] = array('name' => get_fullname($data['user_id']), 'type' => 'user');
             }
         }
     }
     // workaround: apply search term (ignored by search_range below admin)
     if (count($tmp_result) and !$GLOBALS['perm']->have_perm('admin') and $term) {
         foreach ($tmp_result as $id => $data) {
             if (stripos($data['name'], $term) === false) {
                 unset($tmp_result[$id]);
             }
         }
     }
     // prepare result
     if (count($tmp_result)) {
         foreach ($tmp_result as $id => $data) {
             $result[$data['type'] == 'fak' ? 'inst' : $data['type']][$id] = $data['name'];
         }
     } elseif ($term) {
         PageLayout::postMessage(MessageBox::error(_('Zu diesem Suchbegriff wurden keine Bereiche gefunden.')));
     }
     return $result;
 }