print_error('nomanualenrol', 'local_ltiprovider'); } // Transform to utf8 all the post and get data $textlib = textlib_get_instance(); foreach ($_POST as $key => $value) { $_POST[$key] = $textlib->convert($value, $tool->encoding); } foreach ($_GET as $key => $value) { $_GET[$key] = $textlib->convert($value, $tool->encoding); } // We need an username without extended chars // Later accounts add the ConsumerKey - we silently upgrade old accounts // Might want a flag for this -- Chuck $username = '******' . md5($context->getConsumerKey() . '::' . $context->getUserKey()); $dbuser = $DB->get_record('user', array('username' => $username)); if (!$dbuser) { $old_username = '******' . md5($context->getUserKey()); $dbuser = $DB->get_record('user', array('username' => $old_username)); if ($dbuser) { // Probably should log this $DB->set_field('user', 'username', $username, array('id' => $dbuser->id)); } $dbuser = $DB->get_record('user', array('username' => $username)); } // Check if the user exists $dbuser = $DB->get_record('user', array('username' => $username));
$self = $context->addSession($_SERVER['PHP_SELF']); if (strpos($self, '?') > 0) { $selfp = $self . '&'; } else { $selfp = $self . '?'; } $action = $_REQUEST['action']; $message = false; $title = false; $description = false; $idvalue = false; // print_r($_REQUEST); // AuthZ WHERE clause terms $authzsql = "course_key=" . "'" . mysql_real_escape_string($context->getCourseKey()) . "'"; if (!$context->isInstructor()) { $authzsql = $authzsql . "AND user_key=" . "'" . mysql_real_escape_string($context->getUserKey()) . "'"; } if ($action == 'delete') { $idvalue = $_REQUEST['id']; if ($idvalue) { $sql = 'DELETE FROM ads WHERE id=' . "'" . mysql_real_escape_string($idvalue) . "' AND " . $authzsql; $result = mysql_query($sql); $retval = mysql_affected_rows(); if ($retval != 1) { $message = "Error, unable to delete ad."; $action = 'main'; } else { $message = "Deleted record id=" . $idvalue; $action = 'main'; } }