}
// Update user image.
$image = false;
if (!empty($ltirequest->info['user_image'])) {
$image = $ltirequest->info['user_image'];
} else {
if (!empty($ltirequest->info['custom_user_image'])) {
$image = $ltirequest->info['custom_user_image'];
}
}
// Check if there is an image to process.
if ($image) {
\enrol_lti\helper::update_user_profile_image($user->id, $image);
}
// Check if we are an instructor.
$isinstructor = $ltirequest->isInstructor();
if ($context->contextlevel == CONTEXT_COURSE) {
$courseid = $context->instanceid;
$urltogo = new moodle_url('/course/view.php', array('id' => $courseid));
// May still be set from previous session, so unset it.
unset($SESSION->forcepagelayout);
} else {
if ($context->contextlevel == CONTEXT_MODULE) {
$cmid = $context->instanceid;
$cm = get_coursemodule_from_id(false, $context->instanceid, 0, false, MUST_EXIST);
$urltogo = new moodle_url('/mod/' . $cm->modname . '/view.php', array('id' => $cm->id));
// If we are a student in the course module context we do not want to display blocks.
if (!$isinstructor) {
// Force the page layout.
$SESSION->forcepagelayout = 'embedded';
} else {
// Start of the ad code
$self = $context->addSession($_SERVER['PHP_SELF']);
if (strpos($self, '?') > 0) {
$selfp = $self . '&';
} else {
$selfp = $self . '?';
}
$action = $_REQUEST['action'];
$message = false;
$title = false;
$description = false;
$idvalue = false;
// print_r($_REQUEST);
// AuthZ WHERE clause terms
$authzsql = "course_key=" . "'" . mysql_real_escape_string($context->getCourseKey()) . "'";
if (!$context->isInstructor()) {
$authzsql = $authzsql . "AND user_key=" . "'" . mysql_real_escape_string($context->getUserKey()) . "'";
}
if ($action == 'delete') {
$idvalue = $_REQUEST['id'];
if ($idvalue) {
$sql = 'DELETE FROM ads WHERE id=' . "'" . mysql_real_escape_string($idvalue) . "' AND " . $authzsql;
$result = mysql_query($sql);
$retval = mysql_affected_rows();
if ($retval != 1) {
$message = "Error, unable to delete ad.";
$action = 'main';
} else {
$message = "Deleted record id=" . $idvalue;
$action = 'main';
}
<?php
include '/home/bkinney/includes/lti_mysqli.php';
include "../ims-blti/blti.php";
$secret = array("table" => "tokens", "key_column" => "consumer_key", "secret_column" => "secret", "context_column" => "context");
$context = new BLTI($secret, true, false);
//do this elsewhere
//print_r($context->info);
$instructor = false;
session_start();
if ($context->valid) {
$instructor = $_SESSION['isInstructor'] = $context->isInstructor();
$contextid = $_SESSION['contextid'] = $context->info['context_id'];
$uid = $_SERVER['uid'] = $context->info['lis_person_sourcedid'];
} else {
$instructor = $_SESSION['isInstructor'];
$uid = $_SESSION['uid'];
$contextid = $_SESSION['contextid'];
}
if (!empty($_FILES["postemfile"])) {
$instructor = true;
$data = '<table class="stickyHeader" ><thead>';
$handle = fopen($_FILES["postemfile"]["tmp_name"], "r");
$cols = fgetcsv($handle, 10000, ",");
//just the first row
$data .= "<tr><th>" . implode("</th><th>", $cols) . "</th></tr>";
$data .= "</thead><tbody>";
while (($cols = fgetcsv($handle, 10000, ",")) !== FALSE) {
$clean = array_map(htmlspecialchars, $cols);
$data .= "<tr><td>" . implode("</td><td>", $clean) . "</td></tr>";
}
$data .= "</tbody></table>";
//use whatever I've already got from previous trips
$api = new CanvasAPI($_SESSION['token'], $domain);
$valid = $api->ready;
$tokenstatus = "found in session" . $api->status . "," . $api->is_valid_token();
} else {
if (!$_SESSION['temptoken']) {
/*new plan, use an admin token unless I've set the shared flag*/
if ($isAdmin && !$shared) {
//only an admin can create an admin token, and only if we're not sharing
if ($domain == "udel.instructure.com") {
setcookie('tokenquery', 'none', 0, '/');
} else {
setcookie('tokenquery', "insert into tokens (domain, context, token) values ('" . $domain . "', '" . $domain . "', '%s') on duplicate key update token=values(token)", 0, '/');
}
} else {
if ($context->isInstructor()) {
//only instructors can create context tokens, but an admin can be an instructor
setcookie('tokenquery', "insert into tokens (domain, context, token) values ('" . $domain . "', '" . $context_id . "', '%s') on duplicate key update token=values(token)", 0, '/');
}
}
//search for the appropriate token
if (!$link) {
include "/home/bkinney/includes/lti_mysqli.php";
}
if ($shared) {
$query = sprintf("select token from tokens where context='%s' and domain='%s'", $context_id, $domain);
//echo $query;
} else {
$query = sprintf("select token from tokens where context='%s' and domain='%s'", $domain, $domain);
}
//echo $query;
<?php
include '/home/bkinney/includes/lti_mysqli.php';
include "../ims-blti/blti.php";
$secret = array("table" => "tokens", "key_column" => "consumer_key", "secret_column" => "secret", "context_column" => "context");
$context = new BLTI($secret, true, false);
//do this elsewhere
//print_r($context);
$instructor = false;
if ($context->valid) {
$instructor = $context->isInstructor();
}
if (!empty($_FILES["postemfile"])) {
$instructor = true;
$data = file_get_contents($_FILES["postemfile"]["tmp_name"]);
$query = sprintf("insert into files (context_id,postem) values('%s','%s') on duplicate key update postem=values(postem)", $_POST['context_id'], mysqli_real_escape_string($link, $data));
//echo $query;
$response = mysqli_query($link, $query);
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<style>
body,td,th {
font-family: Verdana, Geneva, sans-serif;
}
h1,h2,h3,h4 {
color:#2e6e9e;
