function editnote_submit(Pieform $form, array $values) { global $SESSION, $artefact, $goto; db_begin(); $artefact->set('title', $values['title']); $artefact->set('description', $values['description']); $artefact->set('tags', $values['tags']); $artefact->set('allowcomments', (int) $values['allowcomments']); if (isset($values['perms'])) { $artefact->set('rolepermissions', $values['perms']); $artefact->set('dirty', true); } if (get_config('licensemetadata')) { $artefact->set('license', $values['license']); $artefact->set('licensor', $values['licensor']); $artefact->set('licensorurl', $values['licensorurl']); } $artefact->commit(); // Attachments $old = $artefact->attachment_id_list(); $new = is_array($values['filebrowser']) ? $values['filebrowser'] : array(); if (!empty($new) || !empty($old)) { foreach ($old as $o) { if (!in_array($o, $new)) { try { $artefact->detach($o); } catch (ArtefactNotFoundException $e) { } } } foreach ($new as $n) { if (!in_array($n, $old)) { try { $artefact->attach($n); } catch (ArtefactNotFoundException $e) { } } } } // need to update the block_instances where this artefact is used - so they have // the correct configuration artefactids if ($blocks = get_column('view_artefact', 'block', 'artefact', $artefact->get('id'))) { require_once get_config('docroot') . 'blocktype/lib.php'; foreach ($blocks as $block) { $bi = new BlockInstance($block); $configdata = $bi->get('configdata'); $configdata['artefactids'] = $new; $bi->set('configdata', $configdata); $bi->commit(); } } db_commit(); $result = array('error' => false, 'message' => get_string('noteupdated', 'artefact.internal'), 'goto' => $goto); if ($form->submitted_by_js()) { // Redirect back to the note page from within the iframe $SESSION->add_ok_msg($result['message']); $form->json_reply(PIEFORM_OK, $result, false); } $form->reply(PIEFORM_OK, $result); }
public function process() { db_begin(); $data = $this->get('data'); $filename = get_config('dataroot') . $data['filename']; $this->trace('Loading import from ' . $filename); $this->snapshot('begin'); $options = LIBXML_COMPACT | LIBXML_NONET; if (!($this->xml = simplexml_load_file($filename, 'SimpleXMLElement', $options))) { // TODO: bail out in a much nicer way... throw new ImportException($this, "FATAL: XML file is not well formed! Please consult Mahara's error log for more information"); } $this->namespaces = array_flip($this->xml->getDocNamespaces()); $this->registerXpathNamespaces($this->xml); $this->trace("Document loaded, entries: " . count($this->xml->entry)); $this->snapshot('loaded XML'); $this->ensure_document_valid(); $this->create_strategy_listing(); $this->snapshot('created strategy listing'); $this->strategy_listing_to_load_mapping(); $this->snapshot('converted strategy listing to load mapping'); $this->import_from_load_mapping(); $this->snapshot('imported data based on load mapping'); $this->import_completed(); db_commit(); }
function create_registered_user($profilefields = array()) { global $registration, $SESSION, $USER; require_once get_config('libroot') . 'user.php'; db_begin(); // Move the user record to the usr table from the registration table $registrationid = $registration->id; unset($registration->id); unset($registration->expiry); if ($expirytime = get_config('defaultaccountlifetime')) { $registration->expiry = db_format_timestamp(time() + $expirytime); } $registration->lastlogin = db_format_timestamp(time()); $authinstance = get_record('auth_instance', 'institution', $registration->institution, 'authname', 'internal'); if (false == $authinstance) { throw new ConfigException('No internal auth instance for institution'); } $user = new User(); $user->active = 1; $user->authinstance = $authinstance->id; $user->firstname = $registration->firstname; $user->lastname = $registration->lastname; $user->email = $registration->email; $user->username = get_new_username($user->firstname . $user->lastname); $user->passwordchange = 1; $user->salt = substr(md5(rand(1000000, 9999999)), 2, 8); create_user($user, $profilefields); // If the institution is 'mahara' then don't do anything if ($registration->institution != 'mahara') { $institutions = get_records_select_array('institution', "name != 'mahara'"); // If there is only one available, join it without requiring approval if (count($institutions) == 1) { $user->join_institution($registration->institution); } else { $user->add_institution_request($registration->institution); } } if (!empty($registration->lang) && $registration->lang != 'default') { set_account_preference($user->id, 'lang', $registration->lang); } // Delete the old registration record delete_records('usr_registration', 'id', $registrationid); db_commit(); // Log the user in and send them to the homepage $USER = new LiveUser(); $USER->reanimate($user->id, $authinstance->id); // A special greeting for special people if (in_array($user->username, array('waawaamilk', 'Mjollnir`', 'Ned', 'richardm', 'fmarier', 'naveg'))) { $SESSION->add_ok_msg('MAMA!!! Maharababy happy to see you :D :D!'); } else { if ($user->username == 'htaccess') { $SESSION->add_ok_msg('Welcome B-Quack, htaccess!'); } else { $SESSION->add_ok_msg(get_string('registrationcomplete', 'mahara', get_config('sitename'))); } } $SESSION->set('resetusername', true); redirect(); }
function editgroup_submit(Pieform $form, $values) { global $USER, $SESSION, $group_data; db_begin(); $now = db_format_timestamp(time()); list($grouptype, $jointype) = explode('.', $values['grouptype']); $values['public'] = isset($values['public']) ? $values['public'] : 0; $values['usersautoadded'] = isset($values['usersautoadded']) ? $values['usersautoadded'] : 0; update_record('group', (object) array('id' => $values['id'], 'name' => $values['name'], 'description' => $values['description'], 'grouptype' => $grouptype, 'category' => empty($values['category']) ? null : intval($values['category']), 'jointype' => $jointype, 'mtime' => $now, 'usersautoadded' => intval($values['usersautoadded']), 'public' => intval($values['public']), 'viewnotify' => intval($values['viewnotify'])), 'id'); // When jointype changes from invite/request to anything else, // remove all open invitations/requests, --- // Except for when jointype changes from request to open. Then // we can just add group membership for everyone with an open // request. if ($group_data->jointype == 'invite' && $jointype != 'invite') { delete_records('group_member_invite', 'group', $group_data->id); } else { if ($group_data->jointype == 'request') { if ($jointype == 'open') { $userids = get_column_sql(' SELECT u.id FROM {usr} u JOIN {group_member_request} r ON u.id = r.member WHERE r.group = ? AND u.deleted = 0', array($group_data->id)); if ($userids) { foreach ($userids as $uid) { group_add_user($group_data->id, $uid); } } } else { if ($jointype != 'request') { delete_records('group_member_request', 'group', $group_data->id); } } } } // When group type changes from course to standard, make sure that tutors // are demoted to members. if ($group_data->grouptype == 'course' && $grouptype != 'course') { set_field('group_member', 'role', 'member', 'group', $values['id'], 'role', 'tutor'); } // When a group changes from public -> private or vice versa, set the // appropriate access permissions on the group homepage view. if ($group_data->public != $values['public']) { $homepageid = get_field('view', 'id', 'type', 'grouphomepage', 'group', $group_data->id); if ($group_data->public && !$values['public']) { delete_records('view_access', 'view', $homepageid, 'accesstype', 'public'); insert_record('view_access', (object) array('view' => $homepageid, 'accesstype' => 'loggedin')); } else { if (!$group_data->public && $values['public']) { delete_records('view_access', 'view', $homepageid, 'accesstype', 'loggedin'); insert_record('view_access', (object) array('view' => $homepageid, 'accesstype' => 'public')); } } } $SESSION->add_ok_msg(get_string('groupsaved', 'group')); db_commit(); redirect('/group/view.php?id=' . $values['id']); }
/** * Sets the specified account settings to the current user. * A table with | Setting label | value | is expected. * * @Given /^I set the following account settings values:$/ * @param TableNode $table */ public function i_set_account_settings(TableNode $table) { global $USER; $prefs = array(); foreach ($table->getHash() as $accountpref) { $prefs[$accountpref['field']] = $accountpref['value']; } // Validate the settings if (isset($prefs['urlid']) && get_config('cleanurls') && $prefs['urlid'] != $USER->get('urlid')) { if (strlen($prefs['urlid']) < 3) { throw new Exception("Invalid urlid: " . get_string('rule.minlength.minlength', 'pieforms', 3)); } else { if (record_exists('usr', 'urlid', $prefs['urlid'])) { throw new Exception("Invalid urlid: " . get_string('urlalreadytaken', 'account')); } } } if (get_config('allowmobileuploads')) { foreach ($prefs['mobileuploadtoken'] as $k => $text) { if (strlen($text) > 0 && !preg_match('/^[a-zA-Z0-9 !@#$%^&*()\\-_=+\\[{\\]};:\'",<\\.>\\/?]{6,}$/', $text)) { throw new Exception("Invalid mobileuploadtoken: " . get_string('badmobileuploadtoken', 'account')); } } } // Update user's account settings db_begin(); // use this as looping through values is not safe. $expectedprefs = expected_account_preferences(); if (isset($prefs['maildisabled']) && $prefs['maildisabled'] == 0 && get_account_preference($USER->get('id'), 'maildisabled') == 1) { // Reset the sent and bounce counts otherwise mail will be disabled // on the next send attempt $u = new StdClass(); $u->email = $USER->get('email'); $u->id = $USER->get('id'); update_bounce_count($u, true); update_send_count($u, true); } // Remember the user's language & theme prefs, so we can reload the page if they change them $oldlang = $USER->get_account_preference('lang'); $oldtheme = $USER->get_account_preference('theme'); $oldgroupsideblockmaxgroups = $USER->get_account_preference('groupsideblockmaxgroups'); $oldgroupsideblocksortby = $USER->get_account_preference('groupsideblocksortby'); if (get_config('allowmobileuploads') && isset($prefs['mobileuploadtoken'])) { // Make sure the mobile token is formatted / saved correctly $prefs['mobileuploadtoken'] = array_filter($prefs['mobileuploadtoken']); $new_token_pref = '|' . join('|', $prefs['mobileuploadtoken']) . '|'; $USER->set_account_preference('mobileuploadtoken', $new_token_pref); unset($prefs['mobileuploadtoken']); } // Set user account preferences foreach ($expectedprefs as $eprefkey => $epref) { if (isset($prefs[$eprefkey]) && $prefs[$eprefkey] !== get_account_preference($USER->get('id'), $eprefkey)) { $USER->set_account_preference($eprefkey, $prefs[$eprefkey]); } } db_commit(); }
function delete_all_notifications_submit() { global $USER, $SESSION; $userid = $USER->get('id'); $type = param_variable('type', 'all'); $typesql = ''; if ($type != 'all') { // Treat as comma-separated list of activity type names $types = explode(',', preg_replace('/[^a-z,]+/', '', $type)); if ($types) { $typesql = ' at.name IN (' . join(',', array_map('db_quote', $types)) . ')'; if (in_array('adminmessages', $types)) { $typesql = '(' . $typesql . ' OR at.admin = 1)'; } $typesql = ' AND ' . $typesql; } } $from = "\n FROM {notification_internal_activity} a\n JOIN {activity_type} at ON a.type = at.id\n WHERE a.usr = ? {$typesql}"; $values = array($userid); db_begin(); $count = 0; $records = get_records_sql_array('SELECT a.id ' . $from, $values); if ($records) { $count = sizeof($records); $ids = array(); foreach ($records as $row) { $ids[] = $row->id; } // Remove parent pointers to messages we're about to delete execute_sql(' UPDATE {notification_internal_activity} SET parent = NULL WHERE parent IN ( ' . join(',', array_map('db_quote', $ids)) . ' )'); // delete execute_sql(' DELETE FROM {notification_internal_activity} WHERE id IN ( ' . join(',', array_map('db_quote', $ids)) . ' )'); // The update_unread_delete db trigger on notification_internal_activity // will update the unread column on the usr table. } db_commit(); $SESSION->add_ok_msg(get_string('deletednotifications1', 'activity', $count)); safe_require('module', 'multirecipientnotification'); if (PluginModuleMultirecipientnotification::is_active()) { redirect(get_config('wwwroot') . 'module/multirecipientnotification/inbox.php?type=' . $type); } else { redirect(get_config('wwwroot') . 'account/activity/index.php?type=' . $type); } }
public static function deleteuser($event, $user) { db_begin(); // Before deleting the user's notifications, remove parent pointers to the // messages we're about to delete. The temporary table in this query is // required by MySQL execute_sql("\n UPDATE {notification_internal_activity}\n SET parent = NULL\n WHERE parent IN (\n SELECT id FROM (\n SELECT id FROM {notification_internal_activity} WHERE usr = ?\n ) AS temp\n )", array($user['id'])); delete_records('notification_internal_activity', 'usr', $user['id']); // Delete system messages from this user where the url points to their // missing profile. They're mostly friend requests, which are now useless. delete_records_select('notification_internal_activity', '"from" = ? AND type = (SELECT id FROM {activity_type} WHERE name = ?) AND url = ?', array($user['id'], 'maharamessage', get_config('wwwroot') . 'user/view.php?id=' . $user['id'])); db_commit(); }
function delete_tag_submit(Pieform $form, $values) { global $SESSION, $USER, $tag; if (!($userid = $USER->get('id'))) { redirect(get_config('wwwroot') . 'edittags.php?tag=' . urlencode($tag)); } db_begin(); execute_sql("DELETE FROM {view_tag} WHERE tag = ? AND view IN (SELECT id FROM {view} WHERE \"owner\" = ?)", array($tag, $userid)); execute_sql("DELETE FROM {artefact_tag} WHERE tag = ? AND artefact IN (SELECT id FROM {artefact} WHERE \"owner\" = ?)", array($tag, $userid)); db_commit(); $SESSION->add_ok_msg(get_string('tagdeletedsuccessfully')); redirect(get_config('wwwroot') . 'tags.php'); }
function create_registered_user($profilefields = array()) { global $registration, $SESSION, $USER; require_once get_config('libroot') . 'user.php'; db_begin(); // Move the user record to the usr table from the registration table $registrationid = $registration->id; unset($registration->id); unset($registration->expiry); if ($expirytime = get_config('defaultaccountlifetime')) { $registration->expiry = db_format_timestamp(time() + $expirytime); } $registration->lastlogin = db_format_timestamp(time()); $authinstance = get_record('auth_instance', 'institution', $registration->institution, 'authname', 'internal'); if (false == $authinstance) { // TODO: Specify exception throw new Exception('No internal auth instance for institution'); } $user = new User(); $user->username = $registration->username; $user->password = $registration->password; $user->salt = $registration->salt; $user->passwordchange = 0; $user->active = 1; $user->authinstance = $authinstance->id; $user->firstname = $registration->firstname; $user->lastname = $registration->lastname; $user->email = $registration->email; create_user($user, $profilefields); $user->add_institution_request($registration->institution); if (!empty($registration->lang) && $registration->lang != 'default') { set_account_preference($user->id, 'lang', $registration->lang); } // Delete the old registration record delete_records('usr_registration', 'id', $registrationid); db_commit(); // Log the user in and send them to the homepage $USER = new LiveUser(); $USER->reanimate($user->id, $authinstance->id); // A special greeting for special people if (in_array($user->username, array('waawaamilk', 'Mjollnir`', 'Ned', 'richardm', 'fmarier'))) { $SESSION->add_ok_msg('MAMA!!! Maharababy happy to see you :D :D!'); } else { if ($user->username == 'htaccess') { $SESSION->add_ok_msg('Welcome B-Quack, htaccess!'); } else { $SESSION->add_ok_msg(get_string('registrationcomplete', 'mahara', get_config('sitename'))); } } redirect(); }
function editgroup_submit(Pieform $form, $values) { global $USER; global $SESSION; db_begin(); $now = db_format_timestamp(time()); list($grouptype, $jointype) = explode('.', $values['grouptype']); $values['public'] = isset($values['public']) ? $values['public'] : 0; $values['usersautoadded'] = isset($values['usersautoadded']) ? $values['usersautoadded'] : 0; update_record('group', (object) array('id' => $values['id'], 'name' => $values['name'], 'description' => $values['description'], 'grouptype' => $grouptype, 'jointype' => $jointype, 'mtime' => $now, 'usersautoadded' => intval($values['usersautoadded']), 'public' => intval($values['public'])), 'id'); $SESSION->add_ok_msg(get_string('groupsaved', 'group')); db_commit(); redirect('/group/view.php?id=' . $values['id']); }
function addmembers_submit(Pieform $form, $values) { global $SESSION, $group, $USER; if (empty($values['users'])) { redirect(get_config('wwwroot') . 'group/inviteusers.php?id=' . GROUP); } db_begin(); foreach ($values['users'] as $userid) { group_invite_user($group, $userid, $USER->get('id'), 'member', true); } db_commit(); $SESSION->add_ok_msg(get_string('invitationssent', 'group', count($values['users']))); redirect(get_config('wwwroot') . 'group/members.php?id=' . GROUP); }
function edit_comment_submit(Pieform $form, $values) { global $viewid, $comment, $SESSION, $goto; db_begin(); $comment->set('description', $values['message']); $comment->set('private', 1 - (int) $values['ispublic']); $comment->commit(); require_once 'activity.php'; $data = (object) array('commentid' => $comment->get('id'), 'viewid' => $viewid); activity_occurred('feedback', $data, 'artefact', 'comment'); db_commit(); $SESSION->add_ok_msg(get_string('commentupdated', 'artefact.comment')); redirect($goto); }
function addmembers_submit(Pieform $form, $values) { global $SESSION; if (empty($values['users'])) { redirect(get_config('wwwroot') . 'group/addmembers.php?id=' . GROUP); } db_begin(); foreach ($values['users'] as $userid) { group_add_user(GROUP, $userid); } db_commit(); $SESSION->add_ok_msg(get_string('newmembersadded', 'group', count($values['users']))); redirect(get_config('wwwroot') . 'group/members.php?id=' . GROUP); }
function license_submit(Pieform $form, $values) { global $SESSION; $data = new StdClass(); foreach (array('name', 'displayname', 'shortname', 'icon') as $f) { $data->{$f} = trim($values[$f]); } db_begin(); delete_records('artefact_license', 'name', $data->name); insert_record('artefact_license', $data); db_commit(); $SESSION->add_ok_msg(get_string('licensesaved', 'admin')); redirect('/admin/site/licenses.php'); }
function adminusers_submit(Pieform $form, $values) { global $SESSION; db_begin(); execute_sql('UPDATE {usr} SET admin = 0 WHERE admin = 1'); execute_sql('UPDATE {usr} SET admin = 1 WHERE id IN (' . join(',', array_map('intval', $values['users'])) . ')'); activity_add_admin_defaults($values['users']); db_commit(); $SESSION->add_ok_msg(get_string('adminusersupdated', 'admin')); redirect('/admin/users/admins.php'); }
/** * Link form callback - link the accounts. * * @param \Pieform $form Pieform instance. * @param array $values Submitted values. */ public function loginlink_submit(\Pieform $form, $values) { global $USER, $SESSION; if ($this->authinstance === null || empty($this->oidcusername)) { // User is not logged in. They should never reach here, but as a failsafe... redirect('/'); } db_begin(); delete_records('auth_remote_user', 'authinstance', $this->authinstance, 'localusr', $USER->id); insert_record('auth_remote_user', (object) array('authinstance' => $this->authinstance, 'remoteusername' => $this->oidcusername, 'localusr' => $USER->id)); db_commit(); $SESSION->set('auth_oidc_linkdata', null); @session_write_close(); redirect('/'); }
function submitview_submit(Pieform $form, $values) { global $SESSION, $USER, $viewid, $groupid, $group; db_begin(); update_record('view', array('submittedgroup' => $groupid, 'submittedtime' => db_format_timestamp(time())), array('id' => $viewid)); $roles = get_column('grouptype_roles', 'role', 'grouptype', $group->grouptype, 'see_submitted_views', 1); foreach ($roles as $role) { $accessrecord = (object) array('view' => $viewid, 'group' => $groupid, 'role' => $role, 'visible' => 0, 'allowcomments' => 1, 'approvecomments' => 0); ensure_record_exists('view_access', $accessrecord, $accessrecord); } ArtefactType::update_locked($USER->get('id')); activity_occurred('groupmessage', array('subject' => get_string('viewsubmitted', 'view'), 'message' => get_string('viewsubmitted', 'view'), 'submittedview' => $viewid, 'viewowner' => $USER->get('id'), 'group' => $groupid, 'roles' => $roles, 'strings' => (object) array('urltext' => (object) array('key' => 'view')))); db_commit(); $SESSION->add_ok_msg(get_string('viewsubmitted', 'view')); redirect('/' . returnto()); }
function staffusers_submit(Pieform $form, $values) { global $SESSION; db_begin(); execute_sql('UPDATE {usr} SET staff = 0 WHERE staff = 1'); if ($values['users']) { execute_sql('UPDATE {usr} SET staff = 1 WHERE id IN (' . join(',', $values['users']) . ')'); } db_commit(); $SESSION->add_ok_msg(get_string('staffusersupdated', 'admin')); redirect('/admin/users/staff.php'); }
function import_submit(Pieform $form, $values) { global $SESSION; $date = time(); $nicedate = date('Y/m/d h:i:s', $date); $uploaddir = get_config('dataroot') . 'import/test-' . $date . '/'; $filename = $uploaddir . $values['file']['name']; check_dir_exists($uploaddir); move_uploaded_file($values['file']['tmp_name'], $filename); if ($values['file']['type'] == 'application/zip') { // Unzip here $command = sprintf('%s %s %s %s', escapeshellcmd(get_config('pathtounzip')), escapeshellarg($filename), get_config('unzipdirarg'), escapeshellarg($uploaddir)); $output = array(); exec($command, $output, $returnvar); if ($returnvar != 0) { $SESSION->add_error_msg('Unable to unzip the file'); redirect('/import/'); } $filename = $uploaddir . 'leap2a.xml'; if (!is_file($filename)) { $SESSION->add_error_msg('No leap2a.xml file detected - please check your export file again'); redirect('/import/'); } } // Create dummy user $user = (object) array('username' => 'import_' . $date, 'password' => 'import1', 'firstname' => 'Imported', 'lastname' => 'User (' . $nicedate . ')', 'email' => '*****@*****.**'); $userid = create_user($user); // And we're good to go echo '<pre>'; $filename = substr($filename, strlen(get_config('dataroot'))); require_once dirname(dirname(__FILE__)) . '/import/lib.php'; safe_require('import', 'leap'); db_begin(); $importer = PluginImport::create_importer(null, (object) array('token' => '', 'usr' => $userid, 'queue' => (int) (!PluginImport::import_immediately_allowed()), 'ready' => 0, 'expirytime' => db_format_timestamp(time() + 60 * 60 * 24), 'format' => 'leap', 'data' => array('filename' => $filename), 'loglevel' => PluginImportLeap::LOG_LEVEL_VERBOSE, 'logtargets' => LOG_TARGET_STDOUT, 'profile' => true)); $importer->process(); // Now done, delete the temporary e-mail address if there's a new one // A bit sucky, presumes only one email in the import $email = artefact_instance_from_id(get_field('artefact', 'id', 'title', '*****@*****.**', 'artefacttype', 'email', 'owner', $userid)); $email->delete(); execute_sql('UPDATE {artefact_internal_profile_email} SET principal = 1 WHERE "owner" = ?', array($userid)); db_commit(); echo "\n\n"; echo 'Done. You can <a href="' . get_config('wwwroot') . '/admin/users/changeuser.php?id=' . $userid . '">change to this user</a> to inspect the result, '; echo 'or <a href="' . get_config('wwwroot') . 'import/">try importing again</a>'; echo '</pre>'; exit; }
function editgoalsandskills_submit(Pieform $form, array $values) { global $SESSION, $artefact, $USER; require_once 'embeddedimage.php'; $newdescription = EmbeddedImage::prepare_embedded_images($values['description'], $values['artefacttype'], $USER->get('id')); db_begin(); $artefact->set('title', get_string($values['artefacttype'], 'artefact.resume')); $artefact->set('description', $newdescription); $artefact->commit(); // Attachments $old = $artefact->attachment_id_list(); $new = is_array($values['filebrowser']) ? $values['filebrowser'] : array(); // only allow the attaching of files that exist and are editable by user foreach ($new as $key => $fileid) { $file = artefact_instance_from_id($fileid); if (!$file instanceof ArtefactTypeFile || !$USER->can_publish_artefact($file)) { unset($new[$key]); } } if (!empty($new) || !empty($old)) { foreach ($old as $o) { if (!in_array($o, $new)) { try { $artefact->detach($o); } catch (ArtefactNotFoundException $e) { } } } foreach ($new as $n) { if (!in_array($n, $old)) { try { $artefact->attach($n); } catch (ArtefactNotFoundException $e) { } } } } db_commit(); $result = array('error' => false, 'message' => get_string('goalandskillsaved', 'artefact.resume'), 'goto' => get_config('wwwroot') . 'artefact/resume/goalsandskills.php'); if ($form->submitted_by_js()) { // Redirect back to the resume goals and skills page from within the iframe $SESSION->add_ok_msg($result['message']); $form->json_reply(PIEFORM_OK, $result, false); } $form->reply(PIEFORM_OK, $result); }
function set_version($version, $date) { db_begin(); $res = db_query("TRUNCATE TABLE database_startpoint"); if (!$res) { // db error echo "DB-ERROR-5: " . db_error() . "\n"; db_rollback(); return false; } $res = db_query("INSERT INTO database_startpoint (db_version, db_start_date) VALUES ('{$version}', '{$date}')"); if (!$res) { // db error echo "DB-ERROR-5: " . db_error() . "\n"; db_rollback(); return false; } echo "GForge Database Version: {$version} ({$date})\n"; db_commit(); }
function edit_comment_submit(Pieform $form, $values) { global $viewid, $comment, $SESSION, $goto, $USER; require_once 'embeddedimage.php'; db_begin(); $comment->set('rating', valid_rating($values['rating'])); require_once get_config('libroot') . 'view.php'; $view = new View($viewid); $owner = $view->get('owner'); $group = $comment->get('group'); $newdescription = EmbeddedImage::prepare_embedded_images($values['message'], 'comment', $comment->get('id'), $group); $comment->set('description', $newdescription); $approvecomments = $view->get('approvecomments'); if (!empty($group) && ($approvecomments || !$approvecomments && $view->user_comments_allowed($USER) == 'private') && $values['ispublic'] && !$USER->can_edit_view($view)) { $comment->set('requestpublic', 'author'); } else { if (($approvecomments || !$approvecomments && $view->user_comments_allowed($USER) == 'private') && $values['ispublic'] && (!empty($owner) && $owner != $comment->get('author'))) { $comment->set('requestpublic', 'author'); } else { $comment->set('private', 1 - (int) $values['ispublic']); $comment->set('requestpublic', null); } } $comment->commit(); require_once 'activity.php'; $data = (object) array('commentid' => $comment->get('id'), 'viewid' => $viewid); activity_occurred('feedback', $data, 'artefact', 'comment'); if ($comment->get('requestpublic') == 'author') { if (!empty($owner)) { edit_comment_notify($view, $comment->get('author'), $owner); } else { if (!empty($group)) { $group_admins = group_get_admin_ids($group); // TODO: need to notify the group admins bug #1197197 } } } db_commit(); $SESSION->add_ok_msg(get_string('commentupdated', 'artefact.comment')); redirect($goto); }
function staffusers_submit(Pieform $form, $values) { global $SESSION, $USER; $inst = $values['institution']; if (empty($inst) || !$USER->can_edit_institution($inst)) { $SESSION->add_error_msg(get_string('notadminforinstitution', 'admin')); redirect('/admin/users/institutionstaff.php'); } db_begin(); execute_sql('UPDATE {usr_institution} SET staff = 0 WHERE staff = 1 AND institution = ' . db_quote($inst)); if ($values['users']) { execute_sql('UPDATE {usr_institution} SET staff = 1 WHERE usr IN (' . join(',', array_map('intval', $values['users'])) . ') AND institution = ' . db_quote($inst)); } db_commit(); $SESSION->add_ok_msg(get_string('staffusersupdated', 'admin')); redirect('/admin/users/institutionstaff.php?institution=' . $inst); }
function groupadminsform_submit(Pieform $form, $values) { global $SESSION, $group, $admins; $newadmins = array_diff($values['admins'], $admins); $demoted = array_diff($admins, $values['admins']); db_begin(); if ($demoted) { $demoted = join(',', array_map('intval', $demoted)); execute_sql("\n UPDATE {group_member}\n SET role = 'member'\n WHERE role = 'admin' AND \"group\" = ?\n AND member IN ({$demoted})", array($group->id)); } $dbnow = db_format_timestamp(time()); foreach ($newadmins as $id) { if (record_exists('group_member', 'group', $group->id, 'member', $id)) { execute_sql("\n UPDATE {group_member}\n SET role = 'admin'\n WHERE \"group\" = ? AND member = ?", array($group->id, $id)); } else { insert_record('group_member', (object) array('group' => $group->id, 'member' => $id, 'role' => 'admin', 'ctime' => $dbnow, 'mtime' => $dbnow)); } } db_commit(); $SESSION->add_ok_msg(get_string('groupadminsupdated', 'admin')); redirect(get_config('wwwroot') . 'admin/groups/groups.php'); }
function groupadminsform_submit(Pieform $form, $values) { global $SESSION, $group, $admins; $newadmins = array_diff($values['admins'], $admins); $demoted = array_diff($admins, $values['admins']); db_begin(); if ($demoted) { $demoted = join(',', array_map('intval', $demoted)); execute_sql("\n UPDATE {group_member}\n SET role = 'member'\n WHERE role = 'admin' AND \"group\" = ?\n AND member IN ({$demoted})", array($group->id)); } $dbnow = db_format_timestamp(time()); foreach ($newadmins as $id) { if (group_user_access($group->id, $id)) { group_change_role($group->id, $id, 'admin'); } else { group_add_user($group->id, $id, 'admin'); } } db_commit(); $SESSION->add_ok_msg(get_string('groupadminsupdated', 'admin')); redirect(get_config('wwwroot') . 'admin/groups/groups.php'); }
function adminusers_submit(Pieform $form, $values) { global $SESSION, $USER; $inst = $values['institution']; if (empty($inst) || !$USER->can_edit_institution($inst)) { $SESSION->add_error_msg(get_string('notadminforinstitution', 'admin')); redirect('/admin/users/institutionadmins.php'); } db_begin(); execute_sql('UPDATE {usr_institution} SET admin = 0 WHERE admin = 1 AND institution = ' . db_quote($inst)); if ($values['users']) { execute_sql('UPDATE {usr_institution} SET admin = 1 WHERE usr IN (' . join(',', $values['users']) . ') AND institution = ' . db_quote($inst)); } require_once 'activity.php'; activity_add_admin_defaults($values['users']); db_commit(); $SESSION->add_ok_msg(get_string('adminusersupdated', 'admin')); redirect('/admin/users/institutionadmins.php?institution=' . $inst); }
/** * Add the users to the system. Make sure that they have to change their * password on next login also. */ function uploadcsv_submit(Pieform $form, $values) { global $SESSION, $CSVDATA, $FORMAT; $formatkeylookup = array_flip($FORMAT); $authinstance = (int) $values['authinstance']; $authobj = get_record('auth_instance', 'id', $authinstance); $institution = new Institution($authobj->institution); $maxusers = $institution->maxuseraccounts; if (!empty($maxusers)) { $members = count_records_sql(' SELECT COUNT(*) FROM {usr} u INNER JOIN {usr_institution} i ON u.id = i.usr WHERE i.institution = ? AND u.deleted = 0', array($institution->name)); if ($members + count($CSVDATA) > $maxusers) { $SESSION->add_error_msg(get_string('uploadcsvfailedusersexceedmaxallowed', 'admin')); redirect('/admin/users/uploadcsv.php'); } } log_info('Inserting users from the CSV file'); db_begin(); $addedusers = array(); foreach ($CSVDATA as $record) { log_debug('adding user ' . $record[$formatkeylookup['username']]); $user = new StdClass(); $user->authinstance = $authinstance; $user->username = $record[$formatkeylookup['username']]; $user->firstname = $record[$formatkeylookup['firstname']]; $user->lastname = $record[$formatkeylookup['lastname']]; $user->password = $record[$formatkeylookup['password']]; $user->email = $record[$formatkeylookup['email']]; if (isset($formatkeylookup['studentid'])) { $user->studentid = $record[$formatkeylookup['studentid']]; } if (isset($formatkeylookup['preferredname'])) { $user->preferredname = $record[$formatkeylookup['preferredname']]; } $user->passwordchange = (int) $values['forcepasswordchange']; $profilefields = new StdClass(); foreach ($FORMAT as $field) { if ($field == 'username' || $field == 'password') { continue; } $profilefields->{$field} = $record[$formatkeylookup[$field]]; } $user->id = create_user($user, $profilefields, $institution, $authobj); if ($values['emailusers']) { $addedusers[] = $user; } } db_commit(); // Only send e-mail to users after we're sure they have been inserted // successfully $straccountcreatedtext = $values['forcepasswordchange'] ? 'accountcreatedchangepasswordtext' : 'accountcreatedtext'; $straccountcreatedhtml = $values['forcepasswordchange'] ? 'accountcreatedchangepasswordhtml' : 'accountcreatedhtml'; if ($values['emailusers'] && $addedusers) { foreach ($addedusers as $user) { $failedusers = array(); try { email_user($user, null, get_string('accountcreated', 'mahara', get_config('sitename')), get_string($straccountcreatedtext, 'mahara', $user->firstname, get_config('sitename'), $user->username, $user->password, get_config('wwwroot'), get_config('sitename')), get_string($straccountcreatedhtml, 'mahara', $user->firstname, get_config('wwwroot'), get_config('sitename'), $user->username, $user->password, get_config('wwwroot'), get_config('wwwroot'), get_config('sitename'))); } catch (EmailException $e) { log_info($e->getMessage()); $failedusers[] = $user; } } if ($failedusers) { $message = get_string('uploadcsvsomeuserscouldnotbeemailed', 'admin') . "\n<ul>\n"; foreach ($failedusers as $user) { $message .= '<li>' . full_name($user) . ' <' . hsc($user->email) . "></li>\n"; } $message .= "</ul>\n"; $SESSION->add_info_msg($message, false); } } log_info('Inserted ' . count($CSVDATA) . ' records'); $SESSION->add_ok_msg(get_string('uploadcsvusersaddedsuccessfully', 'admin')); redirect('/admin/users/uploadcsv.php'); }
function editpost_submit(Pieform $form, $values) { global $USER, $SESSION, $blogpost, $blog; require_once 'embeddedimage.php'; db_begin(); $postobj = new ArtefactTypeBlogPost($blogpost, null); $postobj->set('title', $values['title']); $postobj->set('description', $values['description']); $postobj->set('tags', $values['tags']); if (get_config('licensemetadata')) { $postobj->set('license', $values['license']); $postobj->set('licensor', $values['licensor']); $postobj->set('licensorurl', $values['licensorurl']); } $postobj->set('published', !$values['draft']); $postobj->set('allowcomments', (int) $values['allowcomments']); if (!$blogpost) { $postobj->set('parent', $blog); $blogobj = new ArtefactTypeBlog($blog); if ($blogobj->get('institution')) { $postobj->set('institution', $blogobj->get('institution')); } else { if ($blogobj->get('group')) { $postobj->set('group', $blogobj->get('group')); } else { $postobj->set('owner', $USER->id); } } } $postobj->commit(); $blogpost = $postobj->get('id'); // Need to wait until post is saved in case we are a new blogpost before we can sort out embedded images as we need an id $postobj->set('description', EmbeddedImage::prepare_embedded_images($values['description'], 'blogpost', $postobj->get('id'))); // Attachments $old = $postobj->attachment_id_list(); // $new = is_array($values['filebrowser']['selected']) ? $values['filebrowser']['selected'] : array(); $new = is_array($values['filebrowser']) ? $values['filebrowser'] : array(); // only allow the attaching of files that exist and are editable by user foreach ($new as $key => $fileid) { $file = artefact_instance_from_id($fileid); if (!$file instanceof ArtefactTypeFile || !$USER->can_publish_artefact($file)) { unset($new[$key]); } } if (!empty($new) || !empty($old)) { foreach ($old as $o) { if (!in_array($o, $new)) { try { $postobj->detach($o); } catch (ArtefactNotFoundException $e) { } } } foreach ($new as $n) { if (!in_array($n, $old)) { try { $postobj->attach($n); } catch (ArtefactNotFoundException $e) { } } } } db_commit(); $result = array('error' => false, 'message' => get_string('blogpostsaved', 'artefact.blog'), 'goto' => get_config('wwwroot') . 'artefact/blog/view/index.php?id=' . $blog); if ($form->submitted_by_js()) { // Redirect back to the blog page from within the iframe $SESSION->add_ok_msg($result['message']); $form->json_reply(PIEFORM_OK, $result, false); } $form->reply(PIEFORM_OK, $result); }
// Check if unzip is available // This is required for extracting leap2a zip file if (!is_executable(get_config('pathtounzip'))) { die_info(get_string('unzipnotinstalled', 'admin')); } $action = param_integer('action', PRINTUPLOADFORM_ACT); switch ($action) { case PRINTUPLOADFORM_ACT: default: print_upload_form(); break; case PRINTIMPORTITEMSFORM_ACT: print_import_items_form(); break; case DOIMPORT_ACT: db_begin(); if (isset($_POST['import_submit'])) { save_decisions(); // Do import and print the results do_import(); } else { if (isset($_POST['cancel_import_submit'])) { cancel_import(); } } db_commit(); break; } function print_upload_form() { $form = pieform(array('name' => 'import', 'method' => 'post', 'plugintype ' => 'core', 'pluginname' => 'import', 'elements' => array('leap2afile' => array('type' => 'file', 'title' => get_string('uploadleap2afile', 'admin'), 'rules' => array('required' => true)), 'submit' => array('type' => 'submit', 'value' => get_string('Import', 'import')))));
/** * create - use this function to create a new entry in the database. * * @param string The filename of this document. Can be a URL. * @param string The filetype of this document. If filename is URL, this should be 'URL'; * @param string The contents of this document (should be addslashes()'d before entry). * @param int The doc_group id of the doc_groups table. * @param string The title of this document. * @param int The language id of the supported_languages table. * @param string The description of this document. * @return boolean success. */ function create($filename, $filetype, $data, $doc_group, $title, $language_id, $description) { if (strlen($title) < 5) { $this->setError(_('Title Must Be At Least 5 Characters')); return false; } if (strlen($description) < 10) { $this->setError(_('Document Description Must Be At Least 10 Characters')); return false; } /* $perm =& $this->Group->getPermission( session_get_user() ); if (!$perm || !is_object($perm) || !$perm->isDocEditor()) { $this->setPermissionDeniedError(); return false; } */ $user_id = session_loggedin() ? user_getid() : 100; $doc_initstatus = '3'; // If Editor - uploaded Documents are ACTIVE if (session_loggedin()) { $perm =& $this->Group->getPermission(session_get_user()); if ($perm && is_object($perm) && $perm->isDocEditor()) { $doc_initstatus = '1'; } } // If $filetype is "text/plain", $body convert UTF-8 encoding. if (strcasecmp($filetype, "text/plain") === 0 && function_exists('mb_convert_encoding') && function_exists('mb_detect_encoding')) { $data = mb_convert_encoding($data, 'UTF-8', mb_detect_encoding($data)); } $data1 = $data; // key words for in-document search $kw = new Parsedata($this->engine_path); $kwords = $kw->get_parse_data(stripslashes($data1), htmlspecialchars($title1), htmlspecialchars($description), $filetype); // $kwords = ""; $filesize = strlen($data); $sql = "INSERT INTO doc_data (group_id,title,description,createdate,doc_group,\n\t\t\tstateid,language_id,filename,filetype,filesize,data,data_words,created_by)\n\t\t\tVALUES ('" . $this->Group->getId() . "',\n\t\t\t'" . htmlspecialchars($title) . "',\n\t\t\t'" . htmlspecialchars($description) . "',\n\t\t\t'" . time() . "',\n\t\t\t'{$doc_group}',\n\t\t\t'{$doc_initstatus}',\n\t\t\t'{$language_id}',\n\t\t\t'{$filename}',\n\t\t\t'{$filetype}',\n\t\t\t'{$filesize}',\n\t\t\t'" . base64_encode(stripslashes($data)) . "',\n\t\t\t'{$kwords}',\n\t\t\t'{$user_id}')"; db_begin(); $result = db_query($sql); if (!$result) { $this->setError('Error Adding Document: ' . db_error()); db_rollback(); return false; } $docid = db_insertid($result, 'doc_data', 'docid'); if (!$this->fetchData($docid)) { db_rollback(); return false; } $this->sendNotice(true); db_commit(); return true; }