print_error('nomanualenrol', 'local_ltiprovider');
}
// Transform to utf8 all the post and get data
$textlib = textlib_get_instance();
foreach ($_POST as $key => $value) {
$_POST[$key] = $textlib->convert($value, $tool->encoding);
}
foreach ($_GET as $key => $value) {
$_GET[$key] = $textlib->convert($value, $tool->encoding);
}
// We need an username without extended chars
// Later accounts add the ConsumerKey - we silently upgrade old accounts
// Might want a flag for this -- Chuck
$username = '******' . md5($context->getConsumerKey() . '::' . $context->getUserKey());
$dbuser = $DB->get_record('user', array('username' => $username));
if (!$dbuser) {
$old_username = '******' . md5($context->getUserKey());
$dbuser = $DB->get_record('user', array('username' => $old_username));
if ($dbuser) {
// Probably should log this
$DB->set_field('user', 'username', $username, array('id' => $dbuser->id));
}
$dbuser = $DB->get_record('user', array('username' => $username));
}
// Check if the user exists
$dbuser = $DB->get_record('user', array('username' => $username));
$self = $context->addSession($_SERVER['PHP_SELF']);
if (strpos($self, '?') > 0) {
$selfp = $self . '&';
} else {
$selfp = $self . '?';
}
$action = $_REQUEST['action'];
$message = false;
$title = false;
$description = false;
$idvalue = false;
// print_r($_REQUEST);
// AuthZ WHERE clause terms
$authzsql = "course_key=" . "'" . mysql_real_escape_string($context->getCourseKey()) . "'";
if (!$context->isInstructor()) {
$authzsql = $authzsql . "AND user_key=" . "'" . mysql_real_escape_string($context->getUserKey()) . "'";
}
if ($action == 'delete') {
$idvalue = $_REQUEST['id'];
if ($idvalue) {
$sql = 'DELETE FROM ads WHERE id=' . "'" . mysql_real_escape_string($idvalue) . "' AND " . $authzsql;
$result = mysql_query($sql);
$retval = mysql_affected_rows();
if ($retval != 1) {
$message = "Error, unable to delete ad.";
$action = 'main';
} else {
$message = "Deleted record id=" . $idvalue;
$action = 'main';
}
}
