if ($isSpecialCourse) {
if (isset($_GET['autoreg'])) {
$autoRegistration = Security::remove_XSS($_GET['autoreg']);
if ($autoRegistration == 1) {
if (CourseManager::subscribe_user($user_id, $course_code, STUDENT)) {
Session::write('is_allowed_in_course', true);
}
}
}
}
if (isset($_GET['action']) && $_GET['action'] == 'subscribe') {
if (Security::check_token('get')) {
Security::clear_token();
$auth = new Auth();
$msg = $auth->subscribe_user($course_code);
if (CourseManager::is_user_subscribed_in_course($user_id, $course_code)) {
Session::write('is_allowed_in_course', true);
}
if (!empty($msg)) {
$show_message .= Display::return_message(get_lang($msg['message']), 'info', false);
}
}
}
/* Is the user allowed here? */
api_protect_course_script(true);
/* STATISTICS */
if (!isset($coursesAlreadyVisited[$course_code])) {
Event::accessCourse();
$coursesAlreadyVisited[$course_code] = 1;
Session::write('coursesAlreadyVisited', $coursesAlreadyVisited);
}
$user_data['expiration_date']['Y'] = date('Y');
} else {
$user_data['radio_expiration_date'] = 1;
$user_data['expiration_date'] = array();
$user_data['expiration_date']['d'] = substr($expiration_date, 8, 2);
$user_data['expiration_date']['F'] = substr($expiration_date, 5, 2);
$user_data['expiration_date']['Y'] = substr($expiration_date, 0, 4);
$user_data['expiration_date']['H'] = substr($expiration_date, 11, 2);
$user_data['expiration_date']['i'] = substr($expiration_date, 14, 2);
}
$form->setDefaults($user_data);
$error_drh = false;
// Validate form
if ($form->validate()) {
$user = $form->getSubmitValues(1);
$is_user_subscribed_in_course = CourseManager::is_user_subscribed_in_course($user['user_id']);
if ($user['status'] == DRH && $is_user_subscribed_in_course) {
$error_drh = true;
} else {
$userInfo = api_get_user_info($user_id);
$picture_element = $form->getElement('picture');
$picture = $picture_element->getValue();
$picture_uri = $user_data['picture_uri'];
if (isset($user['delete_picture']) && $user['delete_picture']) {
$picture_uri = UserManager::delete_user_picture($user_id);
} elseif (!empty($picture['name'])) {
$picture_uri = UserManager::update_user_picture($user_id, $_FILES['picture']['name'], $_FILES['picture']['tmp_name']);
}
$lastname = $user['lastname'];
$firstname = $user['firstname'];
$password = $user['password'];
// inactive students
$last_connection_date = Tracking::get_last_connection_date($student_id, true, true);
if ($last_connection_date !== false) {
if (time() - 3600 * 24 * 7 > $last_connection_date) {
$nb_inactive_students++;
}
} else {
$nb_inactive_students++;
}
$total_time_spent += Tracking::get_time_spent_on_the_platform($student_id);
$total_courses += Tracking::count_course_per_student($student_id);
$avg_student_progress = 0;
$avg_student_score = 0;
$nb_courses_student = 0;
foreach ($courses as $courseId) {
if (CourseManager::is_user_subscribed_in_course($student_id, $courseId, true)) {
$nb_courses_student++;
$nb_posts += Tracking::count_student_messages($student_id, $courseId);
$nb_assignments += Tracking::count_student_assignments($student_id, $courseId);
$avg_student_progress += Tracking::get_avg_student_progress($student_id, $courseId);
$myavg_temp = Tracking::get_avg_student_score($student_id, $courseId);
if (is_numeric($myavg_temp)) {
$avg_student_score += $myavg_temp;
}
if ($nb_posts !== null && $nb_assignments !== null && $avg_student_progress !== null && $avg_student_score !== null) {
//if one of these scores is null, it means that we had a problem connecting to the right database, so don't count it in
$nb_courses_student++;
}
}
}
// average progress of the student
/**
* Direct course link see #5299
*
* You can send to your students an URL like this
* http://chamilodev.beeznest.com/main/auth/inscription.php?c=ABC&e=3
* Where "c" is the course code and "e" is the exercise Id, after a successful
* registration the user will be sent to the course or exercise
*
*/
public static function redirectToCourse($form_data)
{
$course_code_redirect = Session::read('course_redirect');
$_user = api_get_user_info();
$user_id = api_get_user_id();
if (!empty($course_code_redirect)) {
$course_info = api_get_course_info($course_code_redirect);
if (!empty($course_info)) {
if (in_array($course_info['visibility'], array(COURSE_VISIBILITY_OPEN_PLATFORM, COURSE_VISIBILITY_OPEN_WORLD))) {
if (CourseManager::is_user_subscribed_in_course($user_id, $course_info['code'])) {
$form_data['action'] = $course_info['course_public_url'];
$form_data['message'] = sprintf(get_lang('YouHaveBeenRegisteredToCourseX'), $course_info['title']);
$form_data['button'] = Display::button('next', get_lang('GoToCourse', null, $_user['language']), array('class' => 'btn btn-primary btn-large'));
$exercise_redirect = intval(Session::read('exercise_redirect'));
// Specify the course id as the current context does not
// hold a global $_course array
$objExercise = new Exercise($course_info['real_id']);
$result = $objExercise->read($exercise_redirect);
if (!empty($exercise_redirect) && !empty($result)) {
$form_data['action'] = api_get_path(WEB_CODE_PATH) . 'exercice/overview.php?exerciseId=' . $exercise_redirect . '&cidReq=' . $course_info['code'];
$form_data['message'] .= '<br />' . get_lang('YouCanAccessTheExercise');
$form_data['button'] = Display::button('next', get_lang('Go', null, $_user['language']), array('class' => 'btn btn-primary btn-large'));
}
if (!empty($form_data['action'])) {
header('Location: ' . $form_data['action']);
exit;
}
}
}
}
}
return $form_data;
}
CourseManager::save_user_legal($user_id, $course_code, $session_id);
if (api_check_user_access_to_legal($course_info['visibility'])) {
Session::write($variable, true);
}
if ($pluginLegal) {
header('Location:' . $url);
exit;
}
}
}
$user_pass_open_course = false;
if (api_check_user_access_to_legal($course_info['visibility']) && Session::read($variable)) {
$user_pass_open_course = true;
}
if (empty($session_id)) {
if (CourseManager::is_user_subscribed_in_course($user_id, $course_code) || api_check_user_access_to_legal($course_info['visibility'])) {
$user_accepted_legal = CourseManager::is_user_accepted_legal($user_id, $course_code);
if ($user_accepted_legal || $user_pass_open_course) {
//Redirect to course home
header('Location: ' . $url);
exit;
}
} else {
api_not_allowed();
}
} else {
if (api_is_platform_admin()) {
header('Location: ' . $url);
}
$userStatus = SessionManager::get_user_status_in_session($user_id, $course_code, $session_id);
if (isset($userStatus) || api_check_user_access_to_legal($course_info['visibility'])) {
/**
* Helper functions definition
*/
public static function get_logged_user_course_html($my_course, $count)
{
global $nosession, $nbDigestEntries, $orderKey, $digest, $thisCourseSysCode;
if (!$nosession) {
global $now, $date_start, $date_end;
}
//initialise
$result = '';
// Table definitions
$main_user_table = Database :: get_main_table(TABLE_MAIN_USER);
$tbl_session = Database :: get_main_table(TABLE_MAIN_SESSION);
$course_code = $my_course['code'];
$course_visual_code = $my_course['course_info']['official_code'];
$course_title = $my_course['course_info']['title'];
$course_info = Database :: get_course_info($course_code);
$course_id = $course_info['real_id'];
$course_access_settings = CourseManager :: get_access_settings($course_code);
$course_visibility = $course_access_settings['visibility'];
$user_in_course_status = CourseManager :: get_user_in_course_status(api_get_user_id(), $course_code);
//function logic - act on the data
$is_virtual_course = CourseManager :: is_virtual_course_from_system_code($course_code);
if ($is_virtual_course) {
// If the current user is also subscribed in the real course to which this
// virtual course is linked, we don't need to display the virtual course entry in
// the course list - it is combined with the real course entry.
$target_course_code = CourseManager :: get_target_of_linked_course($course_code);
$is_subscribed_in_target_course = CourseManager :: is_user_subscribed_in_course(api_get_user_id(), $target_course_code);
if ($is_subscribed_in_target_course) {
return; //do not display this course entry
}
}
$s_htlm_status_icon = Display::return_icon('course.gif', get_lang('Course'));
//display course entry
$result .= '<div id="div_'.$count.'">';
//$result .= '<h3><img src="../img/nolines_plus.gif" id="btn_'.$count.'" onclick="toogle_course(this,\''.$course_id.'\' )">';
$result .= $s_htlm_status_icon;
//show a hyperlink to the course, unless the course is closed and user is not course admin
if ($course_visibility != COURSE_VISIBILITY_HIDDEN && ($course_visibility != COURSE_VISIBILITY_CLOSED || $user_in_course_status == COURSEMANAGER)) {
//$result .= '<a href="javascript:void(0)" id="ln_'.$count.'" onclick=toogle_course(this,\''.$course_id.'\');> '.$course_title.'</a>';
$result .= $course_title;
} else {
$result .= $course_title." "." ".get_lang('CourseClosed')."";
}
$result .= '</h3>';
//$current_course_settings = CourseManager :: get_access_settings($my_course['k']);
// display the what's new icons
/*if ($nbDigestEntries > 0) {
reset($digest);
$result .= '<ul>';
while (list ($key2) = each($digest[$thisCourseSysCode])) {
$result .= '<li>';
if ($orderKey[1] == 'keyTools') {
$result .= "<a href=\"$toolsList[$key2] [\"path\"] $thisCourseSysCode \">";
$result .= "$toolsList[$key2][\"name\"]</a>";
} else {
$result .= api_convert_and_format_date($key2, DATE_FORMAT_LONG, date_default_timezone_get());
}
$result .= '</li>';
$result .= '<ul>';
reset($digest[$thisCourseSysCode][$key2]);
while (list ($key3, $dataFromCourse) = each($digest[$thisCourseSysCode][$key2])) {
$result .= '<li>';
if ($orderKey[2] == 'keyTools') {
$result .= "<a href=\"$toolsList[$key3] [\"path\"] $thisCourseSysCode \">";
$result .= "$toolsList[$key3][\"name\"]</a>";
} else {
$result .= api_convert_and_format_date($key3, DATE_FORMAT_LONG, date_default_timezone_get());
}
$result .= '<ul compact="compact">';
reset($digest[$thisCourseSysCode][$key2][$key3]);
while (list ($key4, $dataFromCourse) = each($digest[$thisCourseSysCode][$key2][$key3])) {
$result .= '<li>';
$result .= htmlspecialchars(substr(strip_tags($dataFromCourse), 0, CONFVAL_NB_CHAR_FROM_CONTENT));
$result .= '</li>';
}
$result .= '</ul>';
$result .= '</li>';
}
$result .= '</ul>';
$result .= '</li>';
}
$result .= '</ul>';
}*/
$result .= '</li>';
$result .= '</div>';
if (!$nosession) {
$session = '';
$active = false;
if (!empty($my_course['session_name'])) {
// Request for the name of the general coach
$sql = 'SELECT lastname, firstname
FROM '.$tbl_session.' ts LEFT JOIN '.$main_user_table.' tu
ON ts.id_coach = tu.user_id
WHERE ts.id='.(int) $my_course['id_session'].' LIMIT 1';
$rs = Database::query($sql);
$sessioncoach = Database::store_result($rs);
$sessioncoach = $sessioncoach[0];
$session = array();
$session['title'] = $my_course['session_name'];
if ($my_course['date_start'] == '0000-00-00') {
$session['dates'] = get_lang('WithoutTimeLimits');
if (api_get_setting('show_session_coach') === 'true') {
$session['coach'] = get_lang('GeneralCoach').': '.api_get_person_name($sessioncoach['firstname'], $sessioncoach['lastname']);
}
$active = true;
} else {
$session ['dates'] = ' - '.get_lang('From').' '.$my_course['date_start'].' '.get_lang('To').' '.$my_course['date_end'];
if (api_get_setting('show_session_coach') === 'true') {
$session['coach'] = get_lang('GeneralCoach').': '.api_get_person_name($sessioncoach['firstname'], $sessioncoach['lastname']);
}
$active = ($date_start <= $now && $date_end >= $now) ? true : false;
}
}
$my_course['id_session'] = isset($my_course['id_session']) ? $my_course['id_session'] : 0;
$output = array($my_course['user_course_cat'], $result, $my_course['id_session'], $session, 'active' => $active);
} else {
$output = array($my_course['user_course_cat'], $result);
}
//$my_course['creation_date'];
return $output;
}
/*
* Direct course link see #5299
*
* You can send to your students an URL like this
* http://chamilodev.beeznest.com/main/auth/inscription.php?c=ABC&e=3
* Where "c" is the course code and "e" is the exercise Id, after a successful
* registration the user will be sent to the course or exercise
*
*/
$course_code_redirect = Session::read('course_redirect');
if (!empty($course_code_redirect)) {
$course_info = api_get_course_info($course_code_redirect);
if (!empty($course_info)) {
if (in_array($course_info['visibility'], array(COURSE_VISIBILITY_OPEN_PLATFORM, COURSE_VISIBILITY_OPEN_WORLD))) {
$user_id = api_get_user_id();
if (CourseManager::is_user_subscribed_in_course($user_id, $course_info['code'])) {
$form_data['action'] = $course_info['course_public_url'];
$form_data['message'] = sprintf(get_lang('YouHaveBeenRegisteredToCourseX'), $course_info['title']);
$form_data['button'] = Display::button('next', get_lang('GoToCourse', null, $_user['language']), array('class' => 'btn btn-primary btn-large'));
$exercise_redirect = intval(Session::read('exercise_redirect'));
// Specifiy course ID as the current context does not
// hold a global $_course array
$objExercise = new Exercise($course_info['real_id']);
$result = $objExercise->read($exercise_redirect);
if (!empty($exercise_redirect) && !empty($result)) {
$form_data['action'] = api_get_path(WEB_CODE_PATH) . 'exercice/overview.php?exerciseId=' . $exercise_redirect . '&cidReq=' . $course_info['code'];
$form_data['message'] .= '<br />' . get_lang('YouCanAccessTheExercise');
$form_data['button'] = Display::button('next', get_lang('Go', null, $_user['language']), array('class' => 'btn btn-primary btn-large'));
}
if (!empty($form_data['action'])) {
header('Location: ' . $form_data['action']);
$user_ids[] = $user['user_id'];
}
CourseManager::unsubscribe_user($user_ids, $course_code, $session_id);
}
}
foreach ($clean_users as $userId) {
$userInfo = api_get_user_info($userId);
CourseManager::subscribe_user($userId, $course_code, STUDENT, $session_id);
if (empty($session_id)) {
//just to make sure
if (CourseManager::is_user_subscribed_in_course($userId, $course_code)) {
$user_to_show[] = $userInfo['complete_name'];
}
} else {
//just to make sure
if (CourseManager::is_user_subscribed_in_course($userId, $course_code, true, $session_id)) {
$user_to_show[] = $userInfo['complete_name'];
}
}
}
} else {
$message = get_lang('CheckUsersWithId');
$type = 'warning';
foreach ($invalid_users as $invalid_user) {
$user_to_show[] = $invalid_user;
}
}
}
}
}
Display::display_header();
// IMPORTANT to avoid caching of documents
header('Expires: Wed, 01 Jan 1990 00:00:00 GMT');
header('Cache-Control: public');
header('Pragma: no-cache');
$course_id = intval($_REQUEST['course_id']);
$user_id = api_get_user_id();
$course_info = api_get_course_info_by_id($course_id);
$doc_url = $_REQUEST['file'];
$session_id = api_get_session_id();
if (empty($course_id)) {
$course_id = api_get_course_int_id();
}
if (empty($course_id) || empty($doc_url)) {
api_not_allowed();
}
$is_user_is_subscribed = CourseManager::is_user_subscribed_in_course($user_id, $course_id, true, $session_id);
if (!api_is_allowed_to_edit() && !$is_user_is_subscribed) {
api_not_allowed();
}
//change the '&' that got rewritten to '///' by mod_rewrite back to '&'
$doc_url = str_replace('///', '&', $doc_url);
//still a space present? it must be a '+' (that got replaced by mod_rewrite)
$doc_url = str_replace(' ', '+', $doc_url);
$doc_url = str_replace('/..', '', $doc_url);
//echo $doc_url;
$full_file_name = api_get_path(SYS_COURSE_PATH) . $course_info['path'] . '/upload/calendar/' . $doc_url;
//if the rewrite rule asks for a directory, we redirect to the document explorer
if (is_dir($full_file_name)) {
//remove last slash if present
//$doc_url = ($doc_url{strlen($doc_url)-1}=='/')?substr($doc_url,0,strlen($doc_url)-1):$doc_url;
//mod_rewrite can change /some/path/ to /some/path// in some cases, so clean them all off (René)
/**
* @return boolean indicating if user with user_id=$user_id is a course member
* @todo check if this function is still necessary. There might be a library function for this.
*/
function isCourseMember($user_id)
{
$_course = api_get_course_info();
$course_code = $_course['code'];
$is_course_member = CourseManager::is_user_subscribed_in_course($user_id, $course_code, true);
return $is_course_member;
}
$is_courseTutor = false;
$is_courseCoach = false;
$is_sessionAdmin = false;
}
// Checking the course access
$is_allowed_in_course = false;
if (isset($_course) && isset($_course['visibility'])) {
switch ($_course['visibility']) {
case COURSE_VISIBILITY_OPEN_WORLD:
//3
$is_allowed_in_course = true;
break;
case COURSE_VISIBILITY_OPEN_PLATFORM:
//2
$courseCode = $_course['code'];
$isUserSubscribedInCourse = CourseManager::is_user_subscribed_in_course($user_id, $courseCode, $session_id);
if (isset($user_id) && $isUserSubscribedInCourse === true && !api_is_anonymous($user_id)) {
$is_allowed_in_course = true;
}
break;
case COURSE_VISIBILITY_REGISTERED:
//1
if ($is_platformAdmin || $is_courseMember) {
$is_allowed_in_course = true;
}
break;
case COURSE_VISIBILITY_CLOSED:
//0
if ($is_platformAdmin || $is_courseAdmin) {
$is_allowed_in_course = true;
}
/**
* @return boolean indicating if user with user_id=$user_id is a course member
* @todo check if this function is still necessary. There might be a library function for this.
*/
function isCourseMember($user_id)
{
$courseId = api_get_course_int_id();
return CourseManager::is_user_subscribed_in_course($user_id, $courseId, true);
}
// including some libraries that are also used in the documents tool
require_once api_get_path(SYS_CODE_PATH) . 'document/document.inc.php';
// we use a function build_document_icon_tag
require_once api_get_path(LIBRARY_PATH) . 'document.lib.php';
/* Virtual course support */
$user_id = api_get_user_id();
$course_code = api_get_course_id();
$course_info = api_get_course_info($course_code);
$session_id = api_get_session_id();
$action = isset($_GET['action']) ? $_GET['action'] : null;
$view = isset($_GET['view']) ? Security::remove_XSS($_GET['view']) : null;
$postAction = isset($_POST['action']) ? $_POST['action'] : null;
if (empty($session_id)) {
$is_course_member = CourseManager::is_user_subscribed_in_course($user_id, $course_info['real_id'], false);
} else {
$is_course_member = CourseManager::is_user_subscribed_in_course($user_id, $course_info['real_id'], true, $session_id);
}
/* Object Initialisation */
// we need this here because the javascript to re-upload the file needs an array
// off all the documents that have already been sent.
// @todo consider moving the javascripts in a function that displays the javascripts
// only when it is needed.
if ($action == 'add') {
$dropbox_person = new Dropbox_Person($_user['user_id'], $is_courseAdmin, $is_courseTutor);
}
/* Create javascript and htmlHeaders */
$javascript = "<script type=\"text/javascript\">\n\tfunction confirmsend ()\n\t{\n\t\tif (confirm(\"" . get_lang('MailingConfirmSend', '') . "\")){\n\t\t\treturn true;\n\t\t} else {\n\t\t\treturn false;\n\t\t}\n\t\treturn true;\n\t}\n\n\tfunction confirmation (name)\n\t{\n\t\tif (confirm(\"" . get_lang('ConfirmDelete', '') . " : \"+ name )){\n\t\t\treturn true;\n\t\t} else {\n\t\t\treturn false;\n\t\t}\n\t\treturn true;\n\t}\n\n\tfunction checkForm (frm)\n\t{\n\t\tif (frm.elements['recipients[]'].selectedIndex < 0){\n\t\t\talert(\"" . get_lang('NoUserSelected', '') . "\");\n\t\t\treturn false;\n\t\t} else if (frm.file.value == '') {\n\t\t\talert(\"" . get_lang('NoFileSpecified', '') . "\");\n\t\t\treturn false;\n\t\t} else {\n\t\t\treturn true;\n\t\t}\n\t}\n\t";
if (dropbox_cnf('allowOverwrite')) {
//sentArray keeps list of all files still available in the sent files list
//of the user.
//This is used to show or hide the overwrite file-radio button of the upload form
function get_users($from, $limit, $column, $direction)
{
$active = isset($_GET['active']) ? $_GET['active'] : 1;
$keyword = isset($_GET['keyword']) ? Security::remove_XSS($_GET['keyword']) : null;
$sleepingDays = isset($_GET['sleeping_days']) ? intval($_GET['sleeping_days']) : null;
$lastConnectionDate = null;
if (!empty($sleepingDays)) {
$lastConnectionDate = api_get_utc_datetime(strtotime($sleepingDays . ' days ago'));
}
$is_western_name_order = api_is_western_name_order();
$coach_id = api_get_user_id();
$drhLoaded = false;
if (api_is_drh()) {
$column = 'u.user_id';
if (api_drh_can_access_all_session_content()) {
$students = SessionManager::getAllUsersFromCoursesFromAllSessionFromStatus('drh_all', api_get_user_id(), false, $from, $limit, $column, $direction, $keyword, $active, $lastConnectionDate, null, null, api_is_student_boss() ? null : STUDENT);
$drhLoaded = true;
}
}
if ($drhLoaded == false) {
$students = UserManager::getUsersFollowedByUser(api_get_user_id(), api_is_student_boss() ? null : STUDENT, false, false, false, $from, $limit, $column, $direction, $active, $lastConnectionDate, api_is_student_boss() ? STUDENT_BOSS : COURSEMANAGER, $keyword);
}
$all_datas = array();
foreach ($students as $student_data) {
$student_id = $student_data['user_id'];
if (isset($_GET['id_session'])) {
$courses = Tracking::get_course_list_in_session_from_student($student_id, $_GET['id_session']);
}
$avg_time_spent = $avg_student_score = $avg_student_progress = $total_assignments = $total_messages = 0;
$nb_courses_student = 0;
if (!empty($courses)) {
foreach ($courses as $course_code) {
$courseInfo = api_get_course_info($course_code);
$courseId = $courseInfo['real_id'];
if (CourseManager::is_user_subscribed_in_course($student_id, $course_code, true)) {
$avg_time_spent += Tracking::get_time_spent_on_the_course($student_id, $courseId, $_GET['id_session']);
$my_average = Tracking::get_avg_student_score($student_id, $course_code);
if (is_numeric($my_average)) {
$avg_student_score += $my_average;
}
$avg_student_progress += Tracking::get_avg_student_progress($student_id, $course_code);
$total_assignments += Tracking::count_student_assignments($student_id, $course_code);
$total_messages += Tracking::count_student_messages($student_id, $course_code);
$nb_courses_student++;
}
}
}
if ($nb_courses_student > 0) {
$avg_time_spent = $avg_time_spent / $nb_courses_student;
$avg_student_score = $avg_student_score / $nb_courses_student;
$avg_student_progress = $avg_student_progress / $nb_courses_student;
} else {
$avg_time_spent = null;
$avg_student_score = null;
$avg_student_progress = null;
}
$row = array();
if ($is_western_name_order) {
$row[] = $student_data['firstname'];
$row[] = $student_data['lastname'];
} else {
$row[] = $student_data['lastname'];
$row[] = $student_data['firstname'];
}
$string_date = Tracking::get_last_connection_date($student_id, true);
$first_date = Tracking::get_first_connection_date($student_id);
$row[] = $first_date;
$row[] = $string_date;
if (isset($_GET['id_coach']) && intval($_GET['id_coach']) != 0) {
$detailsLink = '<a href="myStudents.php?student=' . $student_id . '&id_coach=' . $coach_id . '&id_session=' . $_GET['id_session'] . '">
<img src="' . api_get_path(WEB_IMG_PATH) . '2rightarrow.gif" border="0" /></a>';
} else {
$detailsLink = '<a href="myStudents.php?student=' . $student_id . '">
<img src="' . api_get_path(WEB_IMG_PATH) . '2rightarrow.gif" border="0" /></a>';
}
$row[] = $detailsLink;
$all_datas[] = $row;
}
return $all_datas;
}
/**
* @param int $user_id
* @param int $courseId
* @param int $session_id
* @return array
*/
function api_detect_user_roles($user_id, $courseId, $session_id = 0)
{
$user_roles = array();
/*$user_info = api_get_user_info($user_id);
$user_roles[] = $user_info['status'];*/
$courseInfo = api_get_course_info_by_id($courseId);
$course_code = $courseInfo['code'];
$url_id = api_get_current_access_url_id();
if (api_is_platform_admin_by_id($user_id, $url_id)) {
$user_roles[] = PLATFORM_ADMIN;
}
/*if (api_is_drh()) {
$user_roles[] = DRH;
}*/
if (!empty($session_id)) {
if (SessionManager::user_is_general_coach($user_id, $session_id)) {
$user_roles[] = SESSION_GENERAL_COACH;
}
}
if (!empty($course_code)) {
if (empty($session_id)) {
if (CourseManager::is_course_teacher($user_id, $course_code)) {
$user_roles[] = COURSEMANAGER;
}
if (CourseManager::get_tutor_in_course_status($user_id, $course_code)) {
$user_roles[] = COURSE_TUTOR;
}
if (CourseManager::is_user_subscribed_in_course($user_id, $course_code)) {
$user_roles[] = COURSE_STUDENT;
}
} else {
$user_status_in_session = SessionManager::get_user_status_in_course_session($user_id, $courseId, $session_id);
if (!empty($user_status_in_session)) {
if ($user_status_in_session == 0) {
$user_roles[] = SESSION_STUDENT;
}
if ($user_status_in_session == 2) {
$user_roles[] = SESSION_COURSE_COACH;
}
}
/*if (api_is_course_session_coach($user_id, $course_code, $session_id)) {
$user_roles[] = SESSION_COURSE_COACH;
}*/
}
}
return $user_roles;
}
}
if (!empty($content)) {
echo $content;
}
if (!empty($search_term)) {
echo "<p><strong>" . get_lang('SearchResultsFor') . " " . Security::remove_XSS($_POST['search_term']) . "</strong><br />";
}
$ajax_url = api_get_path(WEB_AJAX_PATH) . 'course.ajax.php?a=add_course_vote';
$user_id = api_get_user_id();
if (!empty($browse_courses_in_category)) {
foreach ($browse_courses_in_category as $course) {
$course_hidden = $course['visibility'] == COURSE_VISIBILITY_HIDDEN;
if ($course_hidden) {
continue;
}
$user_registerd_in_course = CourseManager::is_user_subscribed_in_course($user_id, $course['code']);
$user_registerd_in_course_as_teacher = CourseManager::is_course_teacher($user_id, $course['code']);
$user_registerd_in_course_as_student = $user_registerd_in_course && !$user_registerd_in_course_as_teacher;
$course_public = $course['visibility'] == COURSE_VISIBILITY_OPEN_WORLD;
$course_open = $course['visibility'] == COURSE_VISIBILITY_OPEN_PLATFORM;
$course_private = $course['visibility'] == COURSE_VISIBILITY_REGISTERED;
$course_closed = $course['visibility'] == COURSE_VISIBILITY_CLOSED;
$course_subscribe_allowed = $course['subscribe'] == 1;
$course_unsubscribe_allowed = $course['unsubscribe'] == 1;
$count_connections = $course['count_connections'];
$creation_date = substr($course['creation_date'], 0, 10);
$icon_title = null;
$html = null;
// display the course bloc
$html .= '<div class="col-md-3"><div class="items-course">';
// display thumbnail
static function get_document_preview($course_info, $lp_id = false, $target = '', $session_id = 0, $add_move_button = false, $filter_by_folder = null, $overwrite_url = null)
{
if (empty($course_info['real_id']) || empty($course_info['code']) || !is_array($course_info)) {
return '';
}
$user_id = api_get_user_id();
$user_in_course = false;
if (api_is_platform_admin()) {
$user_in_course = true;
}
if (!$user_in_course) {
if (CourseManager::is_course_teacher($user_id, $course_info['real_id'])) {
$user_in_course = true;
}
}
//condition for the session
$session_id = intval($session_id);
if (!$user_in_course) {
if (empty($session_id)) {
if (CourseManager::is_user_subscribed_in_course($user_id, $course_info['real_id'])) {
$user_in_course = true;
}
//Check if course is open then we can consider that the student is regitered to the course
if (isset($course_info) && in_array($course_info['visibility'], array(2, 3))) {
$user_in_course = true;
}
} else {
$user_status = SessionManager::get_user_status_in_course_session($user_id, $course_info['real_id'], $session_id);
//is true if is an student, course session teacher or coach
if (in_array($user_status, array('0', '2', '6'))) {
$user_in_course = true;
}
}
}
$tbl_doc = Database::get_course_table(TABLE_DOCUMENT);
$tbl_item_prop = Database::get_course_table(TABLE_ITEM_PROPERTY);
$path = '/';
$path = Database::escape_string(str_replace('_', '\\_', $path));
$added_slash = $path == '/' ? '' : '/';
//$condition_session = " AND (id_session = '$session_id' OR (id_session = '0' AND insert_date <= (SELECT creation_date FROM $tbl_course WHERE code = '".$course_info['code']."' )))";
$condition_session = " AND (id_session = '{$session_id}' OR id_session = '0' )";
$add_folder_filter = null;
if (!empty($filter_by_folder)) {
$add_folder_filter = " AND docs.path LIKE '" . Database::escape_string($filter_by_folder) . "%'";
}
$sql_doc = "SELECT last.visibility, docs.*\n\t\t\t\t\tFROM {$tbl_item_prop} AS last, {$tbl_doc} AS docs\n \t WHERE docs.id = last.ref AND\n docs.path LIKE '" . $path . $added_slash . "%' AND\n docs.path NOT LIKE '%_DELETED_%' AND\n last.tool = '" . TOOL_DOCUMENT . "' {$condition_session} AND\n last.visibility = '1' AND\n docs.c_id = {$course_info['real_id']} AND\n last.c_id = {$course_info['real_id']}\n {$add_folder_filter}\n ORDER BY docs.title ASC";
$res_doc = Database::query($sql_doc);
$resources = Database::store_result($res_doc, 'ASSOC');
$resources_sorted = array();
$return = '';
if ($lp_id) {
$return .= '<div class="lp_resource_element">';
$return .= Display::return_icon('new_doc.gif', '', array(), ICON_SIZE_SMALL);
$return .= Display::url(get_lang('NewDocument'), api_get_self() . '?' . api_get_cidreq() . '&action=add_item&type=' . TOOL_DOCUMENT . '&lp_id=' . $_SESSION['oLP']->lp_id);
$return .= '</div>';
} else {
$return .= Display::div(Display::url(Display::return_icon('close.png', get_lang('Close'), array(), ICON_SIZE_SMALL), ' javascript:void(0);', array('id' => 'close_div_' . $course_info['real_id'] . '_' . $session_id, 'class' => 'close_div')), array('style' => 'position:absolute;right:10px'));
}
// If you want to debug it, I advise you to do "echo" on the eval statements.
if (!empty($resources) && $user_in_course) {
foreach ($resources as $resource) {
$is_visible = self::is_visible_by_id($resource['id'], $course_info, $session_id, api_get_user_id());
if (!$is_visible) {
continue;
}
$resource_paths = explode('/', $resource['path']);
array_shift($resource_paths);
$path_to_eval = $last_path = '';
$is_file = false;
if ($resource['filetype'] == 'file') {
foreach ($resource_paths as $key => $resource_path) {
if ($key != count($resource_paths) - 1) {
// It's a folder.
$path_to_eval .= "['{$resource_path}']['files']";
}
$is_file = true;
}
} else {
foreach ($resource_paths as $key => $resource_path) {
if ($key != count($resource_paths) - 1) {
// It's a folder.
$path_to_eval .= "['{$resource_path}']['files']";
}
}
}
$last_path = $resource_path;
//$data = json_encode(array('title'=>$resource['title'], 'path'=>$last_path));
//@todo not sure if it's a good thing using base64_encode. I tried with json_encode but i received the same error
//Some testing is needed in order to prove the performance
//Also change the explode to value from "/" to "|@j@|" it fixes #3780
$data = base64_encode($resource['title'] . '|@j@|' . $last_path);
if ($is_file) {
//for backward compatibility
if (empty($resource['title'])) {
$resource['title'] = basename($resource['path']);
}
eval('$resources_sorted' . $path_to_eval . '[' . $resource['id'] . '] = "' . $data . '" ; ');
} else {
eval('$resources_sorted' . $path_to_eval . '["' . $last_path . '"]["id"]=' . $resource['id'] . ';');
eval('$resources_sorted' . $path_to_eval . '["' . $last_path . '"]["title"]= "' . api_htmlentities($resource['title']) . '";');
}
}
}
$label = get_lang('Documents');
$new_array[$label] = array('id' => 0, 'files' => $resources_sorted);
$write_result = self::write_resources_tree($course_info, $session_id, $new_array, 0, $lp_id, $target, $add_move_button, $overwrite_url);
$return .= $write_result;
$img_path = api_get_path(WEB_IMG_PATH);
if ($lp_id == false) {
$return .= "<script>\n \t\t \t\$('.doc_folder').mouseover(function() {\n \t\t\t\t\tvar my_id = this.id.split('_')[2];\n \t\t\t\t\t\$('#res_'+my_id).show();\n \t\t\t\t});\n\n \t\t\t\t\$('.close_div').click(function() {\n \t\t\t\t\tvar course_id = this.id.split('_')[2];\n \t\t\t\t\tvar session_id = this.id.split('_')[3];\n \t\t\t\t\t\$('#document_result_'+course_id+'_'+session_id).hide();\n \t\t\t\t\t\$('.lp_resource').remove();\n \t\t\t\t});\n \t\t\t\t</script>";
} else {
//For LPs
$return .= "<script>\n\n \t\tfunction testResources(id, img) {\n\t \t\tif (document.getElementById(id).style.display=='block'){\n\t \t\t\tdocument.getElementById(id).style.display='none';\n var id = id.split('_')[1];\n\t \t\t\tdocument.getElementById('img_'+id).src='" . $img_path . "nolines_plus.gif';\n\t \t\t} else {\n\t \t\t\tdocument.getElementById(id).style.display='block';\n var id = id.split('_')[1];\n \t\t\t\tdocument.getElementById('img_'+id).src='" . $img_path . "nolines_minus.gif';\n \t\t\t}\n \t\t}\n \t\t</script>";
}
if (!$user_in_course) {
$return = '';
}
return $return;
}
/**
* @param array $course_info
* @param bool $lp_id
* @param string $target
* @param int $session_id
* @param bool $add_move_button
* @param string $filter_by_folder
* @param string $overwrite_url
* @param bool $showInvisibleFiles
* @param bool $showOnlyFolders
* @param int $folderId
* @return string
*/
public static function get_document_preview($course_info, $lp_id = false, $target = '', $session_id = 0, $add_move_button = false, $filter_by_folder = null, $overwrite_url = null, $showInvisibleFiles = false, $showOnlyFolders = false, $folderId = false)
{
if (empty($course_info['real_id']) || empty($course_info['code']) || !is_array($course_info)) {
return '';
}
$overwrite_url = Security::remove_XSS($overwrite_url);
$user_id = api_get_user_id();
$user_in_course = false;
if (api_is_platform_admin()) {
$user_in_course = true;
}
if (!$user_in_course) {
if (CourseManager::is_course_teacher($user_id, $course_info['code'])) {
$user_in_course = true;
}
}
// Condition for the session
$session_id = intval($session_id);
if (!$user_in_course) {
if (empty($session_id)) {
if (CourseManager::is_user_subscribed_in_course($user_id, $course_info['code'])) {
$user_in_course = true;
}
// Check if course is open then we can consider that the student is registered to the course
if (isset($course_info) && in_array($course_info['visibility'], array(2, 3))) {
$user_in_course = true;
}
} else {
$user_status = SessionManager::get_user_status_in_course_session($user_id, $course_info['real_id'], $session_id);
//is true if is an student, course session teacher or coach
if (in_array($user_status, array('0', '2', '6'))) {
$user_in_course = true;
}
}
}
$tbl_doc = Database::get_course_table(TABLE_DOCUMENT);
$tbl_item_prop = Database::get_course_table(TABLE_ITEM_PROPERTY);
$condition_session = " AND (last.session_id = '{$session_id}' OR last.session_id = '0' OR last.session_id IS NULL)";
$add_folder_filter = null;
if (!empty($filter_by_folder)) {
$add_folder_filter = " AND docs.path LIKE '" . Database::escape_string($filter_by_folder) . "%'";
}
// If we are in LP display hidden folder https://support.chamilo.org/issues/6679
$lp_visibility_condition = null;
if ($lp_id) {
// $lp_visibility_condition = " OR filetype='folder'";
if ($showInvisibleFiles) {
$lp_visibility_condition .= ' OR last.visibility = 0';
}
}
$showOnlyFoldersCondition = null;
if ($showOnlyFolders) {
//$showOnlyFoldersCondition = " AND docs.filetype = 'folder' ";
}
$folderCondition = " AND docs.path LIKE '/%' ";
if (!api_is_allowed_to_edit()) {
$protectedFolders = self::getProtectedFolderFromStudent();
foreach ($protectedFolders as $folder) {
$folderCondition .= " AND docs.path NOT LIKE '{$folder}' ";
}
}
$parentData = [];
if ($folderId !== false) {
$parentData = self::get_document_data_by_id($folderId, $course_info['code']);
if (!empty($parentData)) {
$cleanedPath = $parentData['path'];
$num = substr_count($cleanedPath, '/');
$notLikeCondition = null;
for ($i = 1; $i <= $num; $i++) {
$repeat = str_repeat('/%', $i + 1);
$notLikeCondition .= " AND docs.path NOT LIKE '" . Database::escape_string($cleanedPath . $repeat) . "' ";
}
$folderCondition = " AND\n docs.id <> {$folderId} AND\n docs.path LIKE '" . $cleanedPath . "/%'\n {$notLikeCondition}\n ";
} else {
$folderCondition = " AND\n docs.filetype = 'file' ";
}
}
$levelCondition = null;
if ($folderId === false) {
$levelCondition = " AND docs.path NOT LIKE'/%/%'";
}
$sql = "SELECT last.visibility, docs.*\n FROM {$tbl_item_prop} AS last INNER JOIN {$tbl_doc} AS docs\n ON (docs.id = last.ref AND docs.c_id = last.c_id)\n WHERE\n docs.path NOT LIKE '%_DELETED_%' AND\n last.tool = '" . TOOL_DOCUMENT . "' {$condition_session} AND\n (last.visibility = '1' {$lp_visibility_condition}) AND\n last.visibility <> 2 AND\n docs.c_id = {$course_info['real_id']} AND\n last.c_id = {$course_info['real_id']}\n {$showOnlyFoldersCondition}\n {$folderCondition}\n {$levelCondition}\n {$add_folder_filter}\n ORDER BY docs.filetype DESC, docs.title ASC";
$res_doc = Database::query($sql);
$resources = Database::store_result($res_doc, 'ASSOC');
$return = '';
if ($lp_id) {
$learnPath = learnpath::getCurrentLpFromSession();
if ($folderId === false) {
$return .= '<div class="lp_resource_element">';
$return .= Display::return_icon('new_doc.gif', '', array(), ICON_SIZE_SMALL);
$return .= Display::url(get_lang('NewDocument'), api_get_self() . '?' . api_get_cidreq() . '&action=add_item&type=' . TOOL_DOCUMENT . '&lp_id=' . $learnPath->lp_id);
$return .= '</div>';
}
} else {
$return .= Display::div(Display::url(Display::return_icon('close.png', get_lang('Close'), array(), ICON_SIZE_SMALL), ' javascript:void(0);', array('id' => 'close_div_' . $course_info['real_id'] . '_' . $session_id, 'class' => 'close_div')), array('style' => 'position:absolute;right:10px'));
}
// If you want to debug it, I advise you to do "echo" on the eval statements.
$newResources = array();
if (!empty($resources) && $user_in_course) {
foreach ($resources as $resource) {
$is_visible = self::is_visible_by_id($resource['id'], $course_info, $session_id, api_get_user_id());
if (!$is_visible) {
continue;
}
$newResources[] = $resource;
}
}
$label = get_lang('Documents');
$documents = [];
if ($folderId === false) {
$documents[$label] = array('id' => 0, 'files' => $newResources);
} else {
if (!empty($parentData)) {
$documents[$parentData['title']] = array('id' => intval($folderId), 'files' => $newResources);
}
}
$write_result = self::write_resources_tree($course_info, $session_id, $documents, $lp_id, $target, $add_move_button, $overwrite_url, $folderId);
$return .= $write_result;
$img_path = api_get_path(WEB_IMG_PATH);
if ($lp_id == false) {
$url = api_get_path(WEB_AJAX_PATH) . 'lp.ajax.php?a=get_documents&url=' . $overwrite_url . '&lp_id=' . $lp_id . '&cidReq=' . $course_info['code'];
$return .= "<script>\n \$('.doc_folder').click(function() {\n var realId = this.id;\n var my_id = this.id.split('_')[2];\n var tempId = 'temp_'+my_id;\n \$('#res_'+my_id).show();\n\n var tempDiv = \$('#'+realId).find('#'+tempId);\n if (tempDiv.length == 0) {\n \$.ajax({\n async: false,\n type: 'GET',\n url: '" . $url . "',\n data: 'folder_id='+my_id,\n success: function(data) {\n \$('#'+realId).append('<div id='+tempId+'>'+data+'</div>');\n }\n });\n }\n });\n\n \$('.close_div').click(function() {\n var course_id = this.id.split('_')[2];\n var session_id = this.id.split('_')[3];\n \$('#document_result_'+course_id+'_'+session_id).hide();\n \$('.lp_resource').remove();\n \$('.document_preview_container').html('');\n });\n\n </script>";
} else {
//For LPs
$url = api_get_path(WEB_AJAX_PATH) . 'lp.ajax.php?a=get_documents&lp_id=' . $lp_id . '&' . api_get_cidreq();
$return .= "<script>\n\n function testResources(id, img) {\n var numericId = id.split('_')[1];\n var parentId = 'doc_id_'+numericId;\n var tempId = 'temp_'+numericId;\n var image = \$('#'+img);\n\n if (image.hasClass('open')) {\n image.removeClass('open');\n image.attr('src', '" . $img_path . "nolines_plus.gif');\n \$('#'+id).show();\n \$('#'+tempId).hide();\n } else {\n image.addClass('open');\n image.attr('src', '" . $img_path . "nolines_minus.gif');\n \$('#'+id).hide();\n \$('#'+tempId).show();\n\n var tempDiv = \$('#'+parentId).find('#'+tempId);\n if (tempDiv.length == 0) {\n \$.ajax({\n type: 'GET',\n async: false,\n url: '" . $url . "',\n data: 'folder_id='+numericId,\n success: function(data) {\n tempDiv = \$('#doc_id_'+numericId).append('<div id='+tempId+'>'+data+'</div>');\n }\n });\n }\n }\n }\n </script>";
}
if (!$user_in_course) {
$return = '';
}
return $return;
}
// we use a function build_document_icon_tag
require_once api_get_path(LIBRARY_PATH) . 'fileDisplay.lib.php';
// the function choose_image is used
require_once api_get_path(LIBRARY_PATH) . 'document.lib.php';
/* Virtual course support */
$user_id = api_get_user_id();
$course_code = api_get_course_id();
$course_info = api_get_course_info($course_code);
$session_id = api_get_session_id();
$action = isset($_GET['action']) ? $_GET['action'] : null;
$view = isset($_GET['view']) ? Security::remove_XSS($_GET['view']) : null;
$postAction = isset($_POST['action']) ? $_POST['action'] : null;
if (empty($session_id)) {
$is_course_member = CourseManager::is_user_subscribed_in_course($user_id, $course_code, false);
} else {
$is_course_member = CourseManager::is_user_subscribed_in_course($user_id, $course_code, true, $session_id);
}
/* Object Initialisation */
// we need this here because the javascript to re-upload the file needs an array
// off all the documents that have already been sent.
// @todo consider moving the javascripts in a function that displays the javascripts
// only when it is needed.
if ($action == 'add') {
$dropbox_person = new Dropbox_Person($_user['user_id'], $is_courseAdmin, $is_courseTutor);
}
/* Create javascript and htmlHeaders */
$javascript = "<script type=\"text/javascript\">\n\tfunction confirmsend ()\n\t{\n\t\tif (confirm(\"" . get_lang('MailingConfirmSend', '') . "\")){\n\t\t\treturn true;\n\t\t} else {\n\t\t\treturn false;\n\t\t}\n\t\treturn true;\n\t}\n\n\tfunction confirmation (name)\n\t{\n\t\tif (confirm(\"" . get_lang('ConfirmDelete', '') . " : \"+ name )){\n\t\t\treturn true;\n\t\t} else {\n\t\t\treturn false;\n\t\t}\n\t\treturn true;\n\t}\n\n\tfunction checkForm (frm)\n\t{\n\t\tif (frm.elements['recipients[]'].selectedIndex < 0){\n\t\t\talert(\"" . get_lang('NoUserSelected', '') . "\");\n\t\t\treturn false;\n\t\t} else if (frm.file.value == '') {\n\t\t\talert(\"" . get_lang('NoFileSpecified', '') . "\");\n\t\t\treturn false;\n\t\t} else {\n\t\t\treturn true;\n\t\t}\n\t}\n\t";
if (dropbox_cnf('allowOverwrite')) {
//sentArray keeps list of all files still available in the sent files list
//of the user.
//This is used to show or hide the overwrite file-radio button of the upload form
/**
* Web service to tell if a given user is subscribed to the course
* @param array $params Array of parameters (course and user_id)
* @return bool|null|soap_fault A simple boolean (true if user is subscribed, false otherwise)
*/
function WSUserSubscribedInCourse($params)
{
global $debug;
if ($debug) {
error_log('WSUserSubscribedInCourse');
}
if ($debug) {
error_log('Params ' . print_r($params, 1));
}
if (!WSHelperVerifyKey($params)) {
return return_error(WS_ERROR_SECRET_KEY);
}
$courseCode = $params['course'];
//Course code
$userId = $params['user_id'];
//chamilo user id
return CourseManager::is_user_subscribed_in_course($userId, $courseCode);
}
define('TOOL_INTERACTION', 'toolinteraction');
define('TOOL_COURSE_PLUGIN', 'toolcourseplugin');
//all plugins that can be enabled in courses
define('TOOL_ADMIN', 'tooladmin');
define('TOOL_ADMIN_PLATFORM', 'tooladminplatform');
define('TOOL_DRH', 'tool_drh');
define('TOOL_STUDENT_VIEW', 'toolstudentview');
define('TOOL_ADMIN_VISIBLE', 'tooladminvisible');
$user_id = api_get_user_id();
$course_code = api_get_course_id();
$courseId = api_get_course_int_id();
$sessionId = api_get_session_id();
$show_message = '';
if (api_is_invitee()) {
$isInASession = $sessionId > 0;
$isSubscribed = CourseManager::is_user_subscribed_in_course($user_id, $course_code, $isInASession, $sessionId);
if (!$isSubscribed) {
api_not_allowed(true);
}
}
//Deleting group session
Session::erase('toolgroup');
Session::erase('_gid');
$isSpecialCourse = CourseManager::isSpecialCourse($courseId);
if ($isSpecialCourse) {
if (isset($_GET['autoreg'])) {
$autoRegistration = Security::remove_XSS($_GET['autoreg']);
if ($autoRegistration == 1) {
if (CourseManager::subscribe_user($user_id, $course_code, STUDENT)) {
Session::write('is_allowed_in_course', true);
}