/** * constructor * @path the path to a folder * @calculateSubdir force to get the subdirectories information */ function __construct($path = null, $calculateSubdir = true) { $this->calculateSubdir = $calculateSubdir; if (defined('CONFIG_SYS_FOLDER_SHOWN_ON_TOP')) { $this->forceFolderOnTop = CONFIG_SYS_FOLDER_SHOWN_ON_TOP; } if (!is_null($path)) { $this->currentFolderPath = $path; } elseif (isset($_GET[$this->folderPathIndex]) && file_exists(base64_decode($_GET[$this->folderPathIndex])) && !is_file(base64_decode($_GET[$this->folderPathIndex]))) { $this->currentFolderPath = api_htmlentities(Security::remove_XSS($_GET[$this->folderPathIndex])); } elseif (isset($_SESSION[$this->lastVisitedFolderPathIndex]) && file_exists($_SESSION[$this->lastVisitedFolderPathIndex]) && !is_file($_SESSION[$this->lastVisitedFolderPathIndex])) { $this->currentFolderPath = $_SESSION[$this->lastVisitedFolderPathIndex]; } else { $this->currentFolderPath = CONFIG_SYS_DEFAULT_PATH; } $this->currentFolderPath = isUnderRoot($this->getCurrentFolderPath()) ? backslashToSlash(addTrailingSlash($this->getCurrentFolderPath())) : $this->currentFolderPath; $this->currentFolderPath = base64_encode($this->currentFolderPath); if ($this->calculateSubdir) { // keep track of this folder path in session $_SESSION[$this->lastVisitedFolderPathIndex] = $this->currentFolderPath; } if (is_dir($this->getCurrentFolderPath())) { $file = new file($this->getCurrentFolderPath()); $folderInfo = $file->getFileInfo(); if (sizeof($folderInfo)) { //for Chamilo in a name folder, replace num user by user names if (preg_match('/sf_user_/', basename($this->getCurrentFolderPath()))) { $userinfo = api_get_user_info(substr(basename($this->getCurrentFolderPath()), 8)); $this->currentFolderInfo['name'] = $userinfo['complete_name']; } else { $this->currentFolderInfo['name'] = str_replace('_', ' ', basename($this->getCurrentFolderPath())); //for Chamilo. Prevent long directory name } if (preg_match('/shared_folder/', basename($this->getCurrentFolderPath()))) { $this->currentFolderInfo['name'] = get_lang('UserFolders'); } if (preg_match('/shared_folder_session_/', basename($this->getCurrentFolderPath()))) { $session = explode('_', basename($this->getCurrentFolderPath())); $session = strtolower($session[sizeof($session) - 1]); $this->currentFolderInfo['name'] = get_lang('UserFolders') . ' (' . api_get_session_name($session) . ')*'; } //end Chamilo $this->currentFolderInfo['subdir'] = 0; $this->currentFolderInfo['file'] = 0; $this->currentFolderInfo['ctime'] = $folderInfo['ctime']; $this->currentFolderInfo['mtime'] = $folderInfo['mtime']; $this->currentFolderInfo['is_readable'] = $folderInfo['is_readable']; $this->currentFolderInfo['is_writable'] = $folderInfo['is_writable']; $this->currentFolderInfo['path'] = $this->getCurrentFolderPath(); $this->currentFolderInfo['path_base64'] = base64_encode($this->getCurrentFolderPath()); $this->currentFolderInfo['friendly_path'] = transformFilePath($this->getCurrentFolderPath()); $this->currentFolderInfo['type'] = 'folder'; $this->currentFolderInfo['cssClass'] = 'folder'; //$this->currentFolderInfo['flag'] = $folderInfo['flag']; } } if ($calculateSubdir && !file_exists($this->getCurrentFolderPath())) { die(ERR_FOLDER_NOT_FOUND . $this->getCurrentFolderPath()); } }
/** * Read file and returns an array filled up with its' content. * * @return array of objects */ protected function read() { $result = array(); $path = $this->path; if (!is_readable($path)) { return array(); } $items = \Import::csv_reader($path); foreach ($items as $item) { $item = (object) $item; $title = isset($item->title) ? trim($item->title) : ''; $content = isset($item->content) ? trim($item->content) : ''; $type = isset($item->type) ? trim($item->type) : ''; $title = \Security::remove_XSS($title); $content = \Security::remove_XSS($content); $type = \Security::remove_XSS($type); $is_blank_line = empty($title) && empty($content) && empty($type); if ($is_blank_line) { continue; } $type = CourseDescriptionType::repository()->find_one_by_name($type); $type_id = $type ? $type->id : 0; $description = CourseDescription::create(); $description->title = $title; $description->content = $content; $description->description_type = $type_id; $result[] = $description; } return $result; }
/** * Read file and returns an array filled up with its' content. * * @return array of objects */ protected function read() { $result = array(); $path = $this->path; if (!is_readable($path)) { return array(); } $items = \Import::csv_reader($path); foreach ($items as $item) { $item = (object) $item; $title = isset($item->title) ? trim($item->title) : ''; $description = isset($item->description) ? trim($item->description) : ''; $name = \Security::remove_XSS($name); $description = \Security::remove_XSS($description); $is_blank_line = empty($name) && empty($description); if ($is_blank_line) { continue; } $item = new Notebook(); $item->title = $title; $item->description = $description; $result[] = $item; } return $result; }
/** * @package chamilo.survey * @author Arnaud Ligot <*****@*****.**> * @version $Id: $ * * A small peace of code to enable user to access images included into survey * which are accessible by non authenticated users. This file is included * by document/download.php */ function check_download_survey($course, $invitation, $doc_url) { require_once 'survey.lib.php'; // Getting all the course information $_course = CourseManager::get_course_information($course); $course_id = $_course['real_id']; // Database table definitions $table_survey = Database::get_course_table(TABLE_SURVEY); $table_survey_question = Database::get_course_table(TABLE_SURVEY_QUESTION); $table_survey_question_option = Database::get_course_table(TABLE_SURVEY_QUESTION_OPTION); $table_survey_invitation = Database::get_course_table(TABLE_SURVEY_INVITATION); // Now we check if the invitationcode is valid $sql = "SELECT * FROM {$table_survey_invitation} WHERE c_id = {$course_id} AND invitation_code = '" . Database::escape_string($invitation) . "'"; $result = Database::query($sql); if (Database::num_rows($result) < 1) { Display::display_error_message(get_lang('WrongInvitationCode'), false); Display::display_footer(); exit; } $survey_invitation = Database::fetch_assoc($result); // Now we check if the user already filled the survey if ($survey_invitation['answered'] == 1) { Display::display_error_message(get_lang('YouAlreadyFilledThisSurvey'), false); Display::display_footer(); exit; } // Very basic security check: check if a text field from a survey/answer/option contains the name of the document requested // Fetch survey ID // If this is the case there will be a language choice $sql = "SELECT * FROM {$table_survey} WHERE c_id = {$course_id} AND code='" . Database::escape_string($survey_invitation['survey_code']) . "'"; $result = Database::query($sql); if (Database::num_rows($result) > 1) { if ($_POST['language']) { $survey_invitation['survey_id'] = $_POST['language']; } else { echo '<form id="language" name="language" method="POST" action="' . api_get_self() . '?course=' . Security::remove_XSS($_GET['course']) . '&invitationcode=' . Security::remove_XSS($_GET['invitationcode']) . '">'; echo ' <select name="language">'; while ($row = Database::fetch_assoc($result)) { echo '<option value="' . $row['survey_id'] . '">' . $row['lang'] . '</option>'; } echo '</select>'; echo ' <input type="submit" name="Submit" value="' . get_lang('Ok') . '" />'; echo '</form>'; display::display_footer(); exit; } } else { $row = Database::fetch_assoc($result); $survey_invitation['survey_id'] = $row['survey_id']; } $sql = "SELECT count(*) FROM {$table_survey} WHERE c_id = {$course_id} AND survey_id = " . $survey_invitation['survey_id'] . "\n\t\t\t\t\t\t\t\tand (\n\t\t\t\t\t\t\t\t\ttitle LIKE '%{$doc_url}%'\n\t\t\t\t\t\t\t\t\tor subtitle LIKE '%{$doc_url}%'\n\t\t\t\t\t\t\t\t\tor intro LIKE '%{$doc_url}%'\n\t\t\t\t\t\t\t\t\tor surveythanks LIKE '%{$doc_url}%'\n\t\t\t\t\t\t\t\t)\n\t\tunion select count(*) from {$table_survey_question} where c_id = {$course_id} AND survey_id = " . $survey_invitation['survey_id'] . "\n\t\t\t\t\t\t\t\tand (\n\t\t\t\t\t\t\t\t\tsurvey_question LIKE '%{$doc_url}%'\n\t\t\t\t\t\t\t\t\tor survey_question_comment LIKE '%{$doc_url}%'\n\t\t\t\t\t\t\t\t)\n\t\tunion select count(*) from {$table_survey_question_option} where c_id = {$course_id} AND survey_id = " . $survey_invitation['survey_id'] . "\n\t\t\t\t\t\t\t\tand (\n\t\t\t\t\t\t\t\t\toption_text LIKE '%{$doc_url}%'\n\t\t\t\t\t\t\t\t)"; $result = Database::query($sql); if (Database::num_rows($result) == 0) { Display::display_error_message(get_lang('WrongInvitationCode'), false); Display::display_footer(); exit; } return $_course; }
/** * Filter for sortable table to display edit icons for class */ function modify_filter($class_id) { $class_id = Security::remove_XSS($class_id); $result = '<a href="class_information.php?id=' . $class_id . '">' . Display::return_icon('synthese_view.gif', get_lang('Info')) . '</a>'; $result .= ' <a href="class_edit.php?idclass=' . $class_id . '">' . Display::return_icon('edit.png', get_lang('Edit')) . '</a>'; $result .= ' <a href="subscribe_user2class.php?idclass=' . $class_id . '">' . Display::return_icon('add_multiple_users.gif', get_lang('AddUsersToAClass')) . '</a>'; $result .= ' <a href="class_list.php?action=delete_class&class_id=' . $class_id . '" onclick="javascript: if(!confirm(' . "'" . addslashes(get_lang("ConfirmYourChoice")) . "'" . ')) return false;">' . Display::return_icon('delete.png', get_lang('Delete')) . '</a>'; return $result; }
protected function build_simple_search() { if (isset($_GET['search']) && !empty($_GET['search'])) { $this->setDefaults(array('keyword' => Security::remove_XSS($_GET['search']))); } $renderer =& $this->defaultRenderer(); $renderer->setCustomElementTemplate('<span>{element}</span> '); $this->addElement('text', 'keyword', ''); $this->addButtonSearch(get_lang('Search'), 'submit'); }
/** * Refreshes the chat windows (usually called every x seconds through AJAX) * @return void (prints JSON array of chat windows) */ public function heartbeat() { $to_user_id = api_get_user_id(); $minutes = 60; $now = time() - $minutes * 60; $now = api_get_utc_datetime($now); //OR sent > '$now' $sql = "SELECT * FROM " . $this->table . "\n WHERE to_user = '******' AND ( recd = 0 ) ORDER BY id ASC"; $result = Database::query($sql); $chat_list = array(); while ($chat = Database::fetch_array($result, 'ASSOC')) { $chat_list[$chat['from_user']]['items'][] = $chat; } $items = array(); foreach ($chat_list as $from_user_id => $rows) { $rows = $rows['items']; $user_info = api_get_user_info($from_user_id, true); //Cleaning tsChatBoxes unset($_SESSION['tsChatBoxes'][$from_user_id]); foreach ($rows as $chat) { $chat['message'] = Security::remove_XSS($chat['message']); $item = array('s' => '0', 'f' => $from_user_id, 'm' => $chat['message'], 'username' => $user_info['complete_name'], 'id' => $chat['id']); $items[$from_user_id]['items'][] = $item; $items[$from_user_id]['user_info']['user_name'] = $user_info['complete_name']; $items[$from_user_id]['user_info']['online'] = $user_info['user_is_online']; $_SESSION['openChatBoxes'][$from_user_id] = api_strtotime($chat['sent'], 'UTC'); } $_SESSION['chatHistory'][$from_user_id]['items'][] = $item; $_SESSION['chatHistory'][$from_user_id]['user_info']['user_name'] = $user_info['complete_name']; $_SESSION['chatHistory'][$from_user_id]['user_info']['online'] = $user_info['user_is_online']; } if (!empty($_SESSION['openChatBoxes'])) { foreach ($_SESSION['openChatBoxes'] as $user_id => $time) { if (!isset($_SESSION['tsChatBoxes'][$user_id])) { $now = time() - $time; $time = api_convert_and_format_date($time, DATE_TIME_FORMAT_SHORT_TIME_FIRST); $message = sprintf(get_lang('SentAtX'), $time); if ($now > 180) { $item = array('s' => '2', 'f' => $user_id, 'm' => $message); if (isset($_SESSION['chatHistory'][$user_id])) { $_SESSION['chatHistory'][$user_id]['items'][] = $item; } $_SESSION['tsChatBoxes'][$user_id] = 1; } } } } //print_r($_SESSION['chatHistory']); $sql = "UPDATE " . $this->table . " SET recd = 1 WHERE to_user = '******' AND recd = 0"; Database::query($sql); if ($items != '') { //$items = substr($items, 0, -1); } echo json_encode(array('items' => $items)); }
/** * Get all data of course description by session id, * first you must set session_id property with the object CourseDescription * @return array */ public function get_description_data() { $tbl_course_description = Database::get_course_table(TABLE_COURSE_DESCRIPTION); $condition_session = api_get_session_condition($this->session_id, true, true); $course_id = api_get_course_int_id(); $sql = "SELECT * FROM {$tbl_course_description}\n\t\t WHERE c_id = {$course_id} {$condition_session}\n\t\t ORDER BY id "; $rs = Database::query($sql); $data = array(); while ($description = Database::fetch_array($rs)) { $data['descriptions'][$description['id']] = Security::remove_XSS($description, STUDENT); } return $data; }
/** * Get all data of course description by session id, * first you must set session_id property with the object CourseDescription * @return array */ public function get_description_data() { $tbl_course_description = Database::get_course_table(TABLE_COURSE_DESCRIPTION); $condition_session = api_get_session_condition($this->session_id, true, true); $course_id = api_get_course_int_id(); $sql = "SELECT * FROM {$tbl_course_description} WHERE c_id = {$course_id} {$condition_session} ORDER BY id "; $rs = Database::query($sql); $data = array(); while ($description = Database::fetch_array($rs)) { $data['descriptions'][$description['id']] = Security::remove_XSS($description, STUDENT); //reload titles to ensure we have the last version (after edition) //$data['default_description_titles'][$description['id']] = Security::remove_XSS($description['title'], STUDENT); } return $data; }
/** * Shows statistics about the time of last visit to each course. */ static function print_course_last_visit() { $access_url_rel_course_table = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE); $current_url_id = api_get_current_access_url_id(); $columns[0] = 'c_id'; $columns[1] = 'access_date'; $sql_order[SORT_ASC] = 'ASC'; $sql_order[SORT_DESC] = 'DESC'; $per_page = isset($_GET['per_page']) ? intval($_GET['per_page']) : 10; $page_nr = isset($_GET['page_nr']) ? intval($_GET['page_nr']) : 1; $column = isset($_GET['column']) ? intval($_GET['column']) : 0; $date_diff = isset($_GET['date_diff']) ? intval($_GET['date_diff']) : 60; if (!in_array($_GET['direction'], array(SORT_ASC, SORT_DESC))) { $direction = SORT_ASC; } else { $direction = isset($_GET['direction']) ? $_GET['direction'] : SORT_ASC; } $form = new FormValidator('courselastvisit', 'get'); $form->addElement('hidden', 'report', 'courselastvisit'); $form->add_textfield('date_diff', get_lang('Days'), true); $form->addRule('date_diff', 'InvalidNumber', 'numeric'); $form->addElement('style_submit_button', 'submit', get_lang('Search'), 'class="search"'); if (!isset($_GET['date_diff'])) { $defaults['date_diff'] = 60; } else { $defaults['date_diff'] = Security::remove_XSS($_GET['date_diff']); } $form->setDefaults($defaults); $form->display(); $values = $form->exportValues(); $date_diff = $values['date_diff']; $table = Database::get_main_table(TABLE_STATISTIC_TRACK_E_LASTACCESS); $tableCourse = Database::get_main_table(TABLE_MAIN_COURSE); if (api_is_multiple_url_enabled()) { $sql = "SELECT access_date, c.code FROM {$table} s , {$access_url_rel_course_table} u, {$tableCourse} c\n WHERE c.id = u.c_id AND c.id = s.c_id AND access_url_id='" . $current_url_id . "' " . "GROUP BY access_cours_code " . "HAVING s.c_id <> '' " . "AND DATEDIFF( '" . date('Y-m-d h:i:s') . "' , access_date ) <= " . $date_diff; } else { $sql = "SELECT access_date, c.code FROM {$table} , {$tableCourse} c\n WHERE c_id = c.id\n GROUP BY c_id\n HAVING c_id <> ''AND\n DATEDIFF( '" . date('Y-m-d h:i:s') . "' , access_date ) <= " . $date_diff; } $res = Database::query($sql); $number_of_courses = Database::num_rows($res); $sql .= ' ORDER BY ' . $columns[$column] . ' ' . $sql_order[$direction]; $from = ($page_nr - 1) * $per_page; $sql .= ' LIMIT ' . $from . ',' . $per_page; echo '<p>' . get_lang('LastAccess') . ' >= ' . $date_diff . ' ' . get_lang('Days') . '</p>'; $res = Database::query($sql); if (Database::num_rows($res) > 0) { $courses = array(); while ($obj = Database::fetch_object($res)) { $course = array(); $course[] = '<a href="' . api_get_path(WEB_PATH) . 'courses/' . $obj->code . '">' . $obj->code . ' <a>'; //Allow sort by date hiding the numerical date $course[] = '<span style="display:none;">' . $obj->access_date . '</span>' . api_convert_and_format_date($obj->access_date); $courses[] = $course; } $parameters['date_diff'] = $date_diff; $parameters['report'] = 'courselastvisit'; $table_header[] = array(get_lang("CourseCode"), true); $table_header[] = array(get_lang("LastAccess"), true); Display::display_sortable_table($table_header, $courses, array('column' => $column, 'direction' => $direction), array(), $parameters); } else { echo get_lang('NoSearchResults'); } }
if (!empty($production_list) || !empty($file_list) || $count_pending_invitations > 0) { //Pending invitations if (!isset($_GET['u']) || isset($_GET['u']) && $_GET['u'] == api_get_user_id()) { if ($count_pending_invitations > 0) { $invitations = '<div><h3>' . get_lang('PendingInvitations') . '</h3></div>'; for ($i = 0; $i < $count_pending_invitations; $i++) { $user_invitation_id = $pending_invitations[$i]['user_sender_id']; $invitations .= '<div id="dpending_' . $user_invitation_id . '" class="friend_invitations">'; $invitations .= '<div style="float:left;width:60px;" >'; $invitations .= '<img style="margin-bottom:5px;"' . ' src="' . $list_get_path_web[$i]['dir'] . '/' . $list_get_path_web[$i]['file'] . '"' . ' width="60px">'; $invitations .= '</div>'; $invitations .= '<div style="padding-left:70px;">'; $user_invitation_info = api_get_user_info($user_invitation_id); $invitations .= '<a href="' . api_get_path(WEB_PATH) . 'main/social/profile.php' . '?u=' . $user_invitation_id . '">' . api_get_person_name($user_invitation_info['firstname'], $user_invitation_info['lastname']) . '</a>'; $invitations .= '<br />'; $invitations .= Security::remove_XSS(cut($pending_invitations[$i]['content'], 50), STUDENT, true); $invitations .= '<br />'; $invitations .= '<a id="btn_accepted_' . $user_invitation_id . '"' . ' class="btn btn-default" onclick="register_friend(this)" href="javascript:void(0)">' . get_lang('SocialAddToFriends') . '</a>'; $invitations .= '<div id="id_response"></div>'; $invitations .= '</div>'; $invitations .= '</div>'; } $socialRightInformation .= SocialManager::social_wrapper_div($invitations, 4); } } // Productions $production_list = UserManager::build_production_list($user_id); $product_content = ''; if (!empty($production_list)) { $product_content .= '<div><h3>' . get_lang('MyProductions') . '</h3></div>'; $product_content .= $production_list;
if (isset($_POST['group_members']) && count($_POST['group_members']) > $max_member && $max_member != GroupManager::MEMBER_PER_GROUP_NO_LIMIT) { Display::addFlash(Display::return_message(get_lang('GroupTooMuchMembers'), 'warning')); header('Location: group.php?' . api_get_cidreq(true, false)); } else { Display::addFlash(Display::return_message(get_lang('GroupSettingsModified'), 'success')); header('Location: group.php?' . api_get_cidreq(true, false) . '&category=' . $cat['id']); } exit; } $action = isset($_GET['action']) ? $_GET['action'] : null; switch ($action) { case 'empty': if (api_is_allowed_to_edit(false, true)) { GroupManager::unsubscribe_all_users($group_id); Display::display_confirmation_message(get_lang('GroupEmptied')); } break; } $defaults = $current_group; $defaults['group_members'] = $selected_users; $action = isset($_GET['action']) ? $_GET['action'] : ''; $defaults['action'] = $action; if (!empty($_GET['keyword']) && !empty($_GET['submit'])) { $keyword_name = Security::remove_XSS($_GET['keyword']); echo '<br/>' . get_lang('SearchResultsFor') . ' <span style="font-style: italic ;"> ' . $keyword_name . ' </span><br>'; } Display::display_header($nameTools, 'Group'); $form->setDefaults($defaults); echo GroupManager::getSettingBar('member'); $form->display(); Display::display_footer();
/** * Checks and cleans a URL. * * A number of characters are removed from the URL. If the URL is for displaying * (the default behaviour) ampersands are also replaced. The 'clean_url' filter * is applied to the returned cleaned URL. * * @since wordpress 2.8.0 * @uses wp_kses_bad_protocol() To only permit protocols in the URL set * via $protocols or the common ones set in the function. * * @param string $url The URL to be cleaned. * @param array $protocols Optional. An array of acceptable protocols. * Defaults to 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn' if not set. * @param string $_context Private. Use esc_url_raw() for database usage. * @return string The cleaned $url after the 'clean_url' filter is applied. */ function esc_url($url, $protocols = null, $_context = 'display') { //$original_url = $url; if ('' == $url) { return $url; } $url = preg_replace('|[^a-z0-9-~+_.?#=!&;,/:%@$\\|*\'()\\x80-\\xff]|i', '', $url); $strip = array('%0d', '%0a', '%0D', '%0A'); $url = _deep_replace($strip, $url); $url = str_replace(';//', '://', $url); /* If the URL doesn't appear to contain a scheme, we * presume it needs http:// appended (unless a relative * link starting with /, # or ? or a php file). */ if (strpos($url, ':') === false && !in_array($url[0], array('/', '#', '?')) && !preg_match('/^[a-z0-9-]+?\\.php/i', $url)) { $url = 'http://' . $url; } return Security::remove_XSS($url); /*// Replace ampersands and single quotes only when displaying. if ( 'display' == $_context ) { $url = wp_kses_normalize_entities( $url ); $url = str_replace( '&', '&', $url ); $url = str_replace( "'", ''', $url ); } if ( '/' === $url[0] ) { $good_protocol_url = $url; } else { if ( ! is_array( $protocols ) ) $protocols = wp_allowed_protocols(); $good_protocol_url = wp_kses_bad_protocol( $url, $protocols ); if ( strtolower( $good_protocol_url ) != strtolower( $url ) ) return ''; } /** * Filter a string cleaned and escaped for output as a URL. * * @since 2.3.0 * * @param string $good_protocol_url The cleaned URL to be returned. * @param string $original_url The URL prior to cleaning. * @param string $_context If 'display', replace ampersands and single quotes only. */ //return apply_filters( 'clean_url', $good_protocol_url, $original_url, $_context );98 }
$actionsRight = Display::url(Display::return_icon('printer.png', get_lang('Print'), array(), 32), 'javascript: void(0);', array('onclick' => 'javascript: window.print();')); $actionsRight .= Display::url(Display::return_icon('export_csv.png', get_lang('ExportAsCSV'), array(), 32), api_get_self() . '?export=csv'); } $toolbar = Display::toolbarAction('toolbar-session', $content = array(0 => $actionsLeft, 1 => $actionsRight)); echo $toolbar; echo Display::page_header(get_lang('YourSessionsList')); } else { $a_sessions = Tracking::get_sessions_coached_by_user($id_coach); } $form = new FormValidator('search_course', 'get', api_get_path(WEB_CODE_PATH) . 'mySpace/session.php'); $form->addElement('text', 'keyword', get_lang('Keyword')); $form->addButtonSearch(get_lang('Search')); $keyword = ''; if ($form->validate()) { $keyword = $form->getSubmitValue('keyword'); } $form->setDefaults(array('keyword' => $keyword)); $url = api_get_path(WEB_AJAX_PATH) . 'model.ajax.php?a=get_sessions_tracking&keyword=' . Security::remove_XSS($keyword); $columns = array(get_lang('Title'), get_lang('Date'), get_lang('NbCoursesPerSession'), get_lang('NbStudentPerSession'), get_lang('Details')); // Column config $columnModel = array(array('name' => 'name', 'index' => 'name', 'width' => '255', 'align' => 'left'), array('name' => 'date', 'index' => 'date', 'width' => '150', 'align' => 'left', 'sortable' => 'false'), array('name' => 'course_per_session', 'index' => 'course_per_session', 'width' => '150', 'sortable' => 'false'), array('name' => 'student_per_session', 'index' => 'student_per_session', 'width' => '100', 'sortable' => 'false'), array('name' => 'details', 'index' => 'details', 'width' => '100', 'sortable' => 'false')); $extraParams = array('autowidth' => 'true', 'height' => 'auto'); $js = '<script> $(function() { ' . Display::grid_js('session_tracking', $url, $columns, $columnModel, $extraParams, array(), null, true) . ' }); </script>'; echo $js; $form->display(); echo Display::grid_html('session_tracking'); Display::display_footer();
<?php /* For licensing terms, see /license.txt */ //require_once '../inc/global.inc.php'; $type = $_REQUEST['type']; $src = Security::remove_XSS($_REQUEST['src']); if (empty($type) || empty($src)) { api_not_allowed(); } switch ($type) { case 'youtube': $src = 'http://www.youtube.com/embed/' . $src; $iframe = '<iframe class="youtube-player" type="text/html" width="640" height="385" src="' . $src . '" frameborder="0"></iframe>'; break; case 'vimeo': $src = 'http://player.vimeo.com/video/' . $src; $iframe = '<iframe src="' . $src . '" width="640" height="385" frameborder="0" webkitAllowFullScreen mozallowfullscreen allowFullScreen></iframe>'; break; } ?> <!doctype html> <html> <head> <meta charset="utf-8"> <title></title> </head> <body> <div id="content" style="width: 700px ;margin-left:auto; margin-right:auto;"> <br /> <?php echo $iframe;
/** * Show the mini calender of the given month */ function display_myminimonthcalendar($agendaitems, $month, $year, $monthName) { global $DaysShort, $course_path; //Handle leap year $numberofdays = array(0, 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31); if ($year % 400 == 0 or $year % 4 == 0 and $year % 100 != 0) { $numberofdays[2] = 29; } //Get the first day of the month $dayone = getdate(mktime(0, 0, 0, $month, 1, $year)); //Start the week on monday $startdayofweek = $dayone['wday'] != 0 ? $dayone['wday'] - 1 : 6; $g_cc = isset($_GET['courseCode']) ? $_GET['courseCode'] : ''; $backwardsURL = api_get_self() . "?coursePath=" . Security::remove_XSS($course_path) . "&courseCode=" . Security::remove_XSS($g_cc) . "&month=" . ($month == 1 ? 12 : $month - 1) . "&year=" . ($month == 1 ? $year - 1 : $year); $forewardsURL = api_get_self() . "?coursePath=" . Security::remove_XSS($course_path) . "&courseCode=" . Security::remove_XSS($g_cc) . "&month=" . ($month == 12 ? 1 : $month + 1) . "&year=" . ($month == 12 ? $year + 1 : $year); echo "<table class=\"data_table\">", "<tr>", "<th width=\"10%\"><a href=\"", $backwardsURL, "\">" . Display::return_icon('action_prev.png', get_lang('Previous')) . "</a></th>"; echo "<th width=\"80%\" colspan=\"5\">", $monthName, " ", $year, "</th>", "<th width=\"10%\"><a href=\"", $forewardsURL, "\">" . Display::return_icon('action_next.png', get_lang('Next')) . "</a></th>", "</tr>"; echo "<tr>"; for ($ii = 1; $ii < 8; $ii++) { echo "<td class=\"weekdays\">", $DaysShort[$ii % 7], "</td>"; } echo "</tr>"; $curday = -1; $today = getdate(); while ($curday <= $numberofdays[$month]) { echo "<tr>"; for ($ii = 0; $ii < 7; $ii++) { if ($curday == -1 && $ii == $startdayofweek) { $curday = 1; } if ($curday > 0 && $curday <= $numberofdays[$month]) { $bgcolor = $ii < 5 ? $class = 'class="days_week"' : ($class = 'class="days_weekend"'); $dayheader = "{$curday}"; if ($curday == $today['mday'] && $year == $today['year'] && $month == $today['mon']) { $dayheader = "{$curday}"; $class = "class=\"days_today\""; } echo "<td " . $class . ">"; if (!empty($agendaitems[$curday])) { echo "<a href=\"" . api_get_self() . "?action=view&view=day&day=" . $curday . "&month=" . $month . "&year=" . $year . "\">" . $dayheader . "</a>"; } else { echo $dayheader; } // "a".$dayheader." <span class=\"agendaitem\">".$agendaitems[$curday]."</span>"; echo "</td>"; $curday++; } else { echo "<td> </td>"; } } echo "</tr>"; } echo "</table>"; }
$cleanUrl = str_replace('/', '-', $url); $adminExtraContentDir = api_get_path(SYS_PATH) . "home/{$cleanUrl}/admin/"; } } // Displaying the header $message = ''; if (api_is_platform_admin()) { if (is_dir(api_get_path(SYS_ARCHIVE_PATH)) && !is_writable(api_get_path(SYS_ARCHIVE_PATH))) { $message = Display::return_message(get_lang('ArchivesDirectoryNotWriteableContactAdmin'), 'warning'); } /* ACTION HANDLING */ if (!empty($_POST['Register'])) { api_register_campus(!$_POST['donotlistcampus']); $message = Display::return_message(get_lang('VersionCheckEnabled'), 'confirmation'); } $keyword_url = Security::remove_XSS(empty($_GET['keyword']) ? '' : $_GET['keyword']); } if (isset($_GET['msg']) && isset($_GET['type'])) { if (in_array($_GET['msg'], array('ArchiveDirCleanupSucceeded', 'ArchiveDirCleanupFailed'))) { switch ($_GET['type']) { case 'error': $message = Display::return_message(get_lang($_GET['msg']), 'error'); break; case 'confirmation': $message = Display::return_message(get_lang($_GET['msg']), 'confirm'); } } } $blocks = array(); // Instantiate Hook Event for Admin Block $hook = HookAdminBlock::create();
$data = api_get_settings_params($params); if (!empty($data)) { foreach ($data as $item) { $params = array('id' => $item['id'], 'access_url_changeable' => $_GET['changeable']); api_set_setting_simple($params); } } echo '1'; } } break; case 'version': echo version_check(); break; case 'get_extra_content': $blockName = isset($_POST['block']) ? Security::remove_XSS($_POST['block']) : null; if (empty($blockName)) { die; } if (api_is_multiple_url_enabled()) { $accessUrlId = api_get_current_access_url_id(); if ($accessUrlId == -1) { die; } $urlInfo = api_get_access_url($accessUrlId); $url = api_remove_trailing_slash(preg_replace('/https?:\\/\\//i', '', $urlInfo['url'])); $cleanUrl = str_replace('/', '-', $url); $newUrlDir = api_get_path(SYS_APP_PATH) . "home/{$cleanUrl}/admin/"; } else { $newUrlDir = api_get_path(SYS_APP_PATH) . "home/admin/"; }
//prevent the browser to follow the link return false; }); }); </script>'; $this_section = SECTION_SOCIAL; $interbreadcrumb[] = array('url' => 'home.php', 'name' => get_lang('Social')); $interbreadcrumb[] = array('url' => 'groups.php', 'name' => get_lang('Groups')); $interbreadcrumb[] = array('url' => '#', 'name' => get_lang('Thread')); $social_right_content = '<div class="breadcrumb"> <a href="groups.php?id=' . $group_id . '">' . Security::remove_XSS( $group_info['name'], STUDENT, true ) . '</a> <span class="divider">/</span> <a href="groups.php?id=' . $group_id . '#tabs_2">' . get_lang( 'Discussions' ) . '</a> </div> '; $social_avatar_block = SocialManager::show_social_avatar_block( 'member_list', $group_id ); $social_menu_block = SocialManager::show_social_menu('member_list', $group_id); if (!empty($show_message)) {
$user_list = CourseManager::get_user_list_from_course_code(api_get_course_id(), api_get_session_id()); if (!empty($user_list)) { foreach ($user_list as $user_info) { if ($user_info['status'] == INVITEE) { continue; } Category::register_user_certificate($cat_id, $user_info['user_id']); } } break; case 'delete_all_certificates': Category::deleteAllCertificates($cat_id); break; } $course_code = api_get_course_id(); $interbreadcrumb[] = array('url' => Security::remove_XSS($_SESSION['gradebook_dest']) . '?', 'name' => get_lang('Gradebook')); $interbreadcrumb[] = array('url' => '#', 'name' => get_lang('GradebookListOfStudentsCertificates')); $this_section = SECTION_COURSES; Display::display_header(''); if (isset($_GET['action']) && $_GET['action'] == 'delete') { $check = Security::check_token('get'); if ($check) { $certificate = new Certificate($_GET['certificate_id']); $result = $certificate->delete(true); Security::clear_token(); if ($result == true) { Display::display_confirmation_message(get_lang('CertificateRemoved')); } else { Display::display_error_message(get_lang('CertificateNotRemoved')); } }
/** * Handles a given Excel spreadsheets as in the template provided */ function lp_upload_quiz_action_handling() { global $debug; $_course = api_get_course_info(); $courseId = $_course['real_id']; if (!isset($_POST['submit_upload_quiz'])) { return; } // Get the extension of the document. $path_info = pathinfo($_FILES['user_upload_quiz']['name']); // Check if the document is an Excel document if ($path_info['extension'] != 'xls') { return; } // Read the Excel document $data = new Spreadsheet_Excel_Reader(); // Set output Encoding. $data->setOutputEncoding(api_get_system_encoding()); // Reading the xls document. $data->read($_FILES['user_upload_quiz']['tmp_name']); $correctScore = isset($_POST['correct_score']) ? $_POST['correct_score'] : null; $incorrectScore = isset($_POST['incorrect_score']) ? $_POST['incorrect_score'] : null; $useCustomScore = isset($_POST['user_custom_score']) ? true : false; $propagateNegative = 0; if ($useCustomScore && !empty($incorrectScore)) { if ($incorrectScore < 0) { $propagateNegative = 1; } } // Variables $quiz_index = 0; $question_title_index = array(); $question_name_index_init = array(); $question_name_index_end = array(); $score_index = array(); $feedback_true_index = array(); $feedback_false_index = array(); $number_questions = 0; $question_description_index = array(); // Reading all the first column items sequentially to create breakpoints for ($i = 1; $i <= $data->sheets[0]['numRows']; $i++) { if ($data->sheets[0]['cells'][$i][1] == 'Quiz' && $i == 1) { $quiz_index = $i; // Quiz title position, only occurs once } elseif ($data->sheets[0]['cells'][$i][1] == 'Question') { $question_title_index[] = $i; // Question title position line $question_name_index_init[] = $i + 1; // Questions name 1st position line $number_questions++; } elseif ($data->sheets[0]['cells'][$i][1] == 'Score') { $question_name_index_end[] = $i - 1; // Question name position $score_index[] = $i; // Question score position } elseif ($data->sheets[0]['cells'][$i][1] == 'FeedbackTrue') { $feedback_true_index[] = $i; // FeedbackTrue position (line) } elseif ($data->sheets[0]['cells'][$i][1] == 'FeedbackFalse') { $feedback_false_index[] = $i; // FeedbackFalse position (line) } elseif ($data->sheets[0]['cells'][$i][1] == 'EnrichQuestion') { $question_description_index[] = $i; } } // Variables $quiz = array(); $question = array(); $new_answer = array(); $score_list = array(); $feedback_true_list = array(); $feedback_false_list = array(); $question_description = array(); // Getting questions. $k = $z = $q = $l = $m = 0; for ($i = 1; $i <= $data->sheets[0]['numRows']; $i++) { if (is_array($data->sheets[0]['cells'][$i])) { $column_data = $data->sheets[0]['cells'][$i]; // Fill all column with data to have a full array for ($x = 1; $x <= $data->sheets[0]['numCols']; $x++) { if (empty($column_data[$x])) { $data->sheets[0]['cells'][$i][$x] = ''; } } // Array filled with data $column_data = $data->sheets[0]['cells'][$i]; } else { $column_data = ''; } // Fill quiz data if ($quiz_index == $i) { // The title always in the first position $quiz = $column_data; } elseif (in_array($i, $question_title_index)) { //a complete line where 1st column is 'Question' $question[$k] = $column_data; $k++; } elseif (in_array($i, $score_index)) { //a complete line where 1st column is 'Score' $score_list[$z] = $column_data; $z++; } elseif (in_array($i, $feedback_true_index)) { //a complete line where 1st column is 'FeedbackTrue' $feedback_true_list[$q] = $column_data; $q++; } elseif (in_array($i, $feedback_false_index)) { //a complete line where 1st column is 'FeedbackFalse' for wrong answers $feedback_false_list[$l] = $column_data; $l++; } elseif (in_array($i, $question_description_index)) { //a complete line where 1st column is 'EnrichQuestion' $question_description[$m] = $column_data; $m++; } } // Get answers for ($i = 0; $i < count($question_name_index_init); $i++) { for ($j = $question_name_index_init[$i]; $j <= $question_name_index_end[$i]; $j++) { if (is_array($data->sheets[0]['cells'][$j])) { $column_data = $data->sheets[0]['cells'][$j]; // Fill all column with data for ($x = 1; $x <= $data->sheets[0]['numCols']; $x++) { if (empty($column_data[$x])) { $data->sheets[0]['cells'][$j][$x] = ''; } } $column_data = $data->sheets[0]['cells'][$j]; // Array filled of data if (is_array($data->sheets[0]['cells'][$j]) && count($data->sheets[0]['cells'][$j]) > 0) { $new_answer[$i][$j] = $data->sheets[0]['cells'][$j]; } } } } // Quiz title. $quiz_title = $quiz[2]; if ($quiz_title != '') { // Variables $type = 2; $random = $active = $results = $max_attempt = $expired_time = 0; // Make sure feedback is enabled (3 to disable), otherwise the fields // added to the XLS are not shown, which is confusing $feedback = 0; // Quiz object $exercise = new Exercise(); // $quiz_id = $exercise->createExercise($quiz_title, $expired_time, $type, $random, $active, $results, $max_attempt, $feedback, $propagateNegative); if ($quiz_id) { // insert into the item_property table api_item_property_update($_course, TOOL_QUIZ, $quiz_id, 'QuizAdded', api_get_user_id()); // Import questions. for ($i = 0; $i < $number_questions; $i++) { // Question name $question_title = $question[$i][2]; $question_description_text = "<p></p>"; if (isset($question_description[$i][2])) { // Question description. $question_description_text = "<p>" . $question_description[$i][2] . "</p>"; } // Unique answers are the only question types available for now // through xls-format import $question_id = null; $detectQuestionType = detectQuestionType($new_answer[$i], $score_list); /** @var Question $answer */ switch ($detectQuestionType) { case FREE_ANSWER: $answer = new FreeAnswer(); break; case GLOBAL_MULTIPLE_ANSWER: $answer = new GlobalMultipleAnswer(); break; case MULTIPLE_ANSWER: $answer = new MultipleAnswer(); break; case UNIQUE_ANSWER: default: $answer = new UniqueAnswer(); break; } if ($question_title != '') { $question_id = $answer->create_question($quiz_id, $question_title, $question_description_text, 0, $answer->type); } $total = 0; if (is_array($new_answer[$i]) && !empty($question_id)) { $id = 1; $answers_data = $new_answer[$i]; $globalScore = null; $objAnswer = new Answer($question_id, $courseId); $globalScore = $score_list[$i][3]; // Calculate the number of correct answers to divide the // score between them when importing from CSV $numberRightAnswers = 0; foreach ($answers_data as $answer_data) { if (strtolower($answer_data[3]) == 'x') { $numberRightAnswers++; } } foreach ($answers_data as $answer_data) { $answerValue = $answer_data[2]; $correct = 0; $score = 0; if (strtolower($answer_data[3]) == 'x') { $correct = 1; $score = $score_list[$i][3]; $comment = $feedback_true_list[$i][2]; } else { $comment = $feedback_false_list[$i][2]; $floatVal = (double) $answer_data[3]; if (is_numeric($floatVal)) { $score = $answer_data[3]; } } if ($useCustomScore) { if ($correct) { $score = $correctScore; } else { $score = $incorrectScore; } } // Fixing scores: switch ($detectQuestionType) { case GLOBAL_MULTIPLE_ANSWER: $score /= $numberRightAnswers; break; case UNIQUE_ANSWER: break; case MULTIPLE_ANSWER: if (!$correct) { //$total = $total - $score; } break; } $objAnswer->createAnswer($answerValue, $correct, $comment, $score, $id); $total += $score; $id++; } $objAnswer->save(); $questionObj = Question::read($question_id, $courseId); switch ($detectQuestionType) { case GLOBAL_MULTIPLE_ANSWER: $questionObj->updateWeighting($globalScore); break; case UNIQUE_ANSWER: case MULTIPLE_ANSWER: default: $questionObj->updateWeighting($total); break; } $questionObj->save(); } else { if ($detectQuestionType === FREE_ANSWER) { $questionObj = Question::read($question_id, $courseId); $globalScore = $score_list[$i][3]; $questionObj->updateWeighting($globalScore); $questionObj->save(); } } } } if (isset($_SESSION['lpobject'])) { if ($debug > 0) { error_log('New LP - SESSION[lpobject] is defined', 0); } $oLP = unserialize($_SESSION['lpobject']); if (is_object($oLP)) { if ($debug > 0) { error_log('New LP - oLP is object', 0); } if (empty($oLP->cc) or $oLP->cc != api_get_course_id()) { if ($debug > 0) { error_log('New LP - Course has changed, discard lp object', 0); } $oLP = null; Session::erase('oLP'); Session::erase('lpobject'); } else { $_SESSION['oLP'] = $oLP; } } } if (isset($_SESSION['oLP']) && isset($_GET['lp_id'])) { $previous = $_SESSION['oLP']->select_previous_item_id(); $parent = 0; // Add a Quiz as Lp Item $_SESSION['oLP']->add_item($parent, $previous, TOOL_QUIZ, $quiz_id, $quiz_title, ''); // Redirect to home page for add more content header('location: ../newscorm/lp_controller.php?' . api_get_cidreq() . '&action=add_item&type=step&lp_id=' . Security::remove_XSS($_GET['lp_id'])); exit; } else { // header('location: exercise.php?' . api_get_cidreq()); echo '<script>window.location.href = "' . api_get_path(WEB_CODE_PATH) . 'exercice/admin.php?' . api_get_cidReq() . '&exerciseId=' . $quiz_id . '&session_id=' . api_get_session_id() . '"</script>'; } } }
if (!$is_allowedToEdit) { header('Location: ' . $urlMainExercise . 'exercice.php?cidReq=' . Security::remove_XSS($_GET['cidReq'])); exit; } $interbreadcrumb[] = array('url' => 'exercise_report.php', 'name' => get_lang('Exercices')); $interbreadcrumb[] = array('url' => 'exercise_report.php' . '?filter=2', 'name' => get_lang('StudentScore')); $interbreadcrumb[] = array('url' => 'exercise_history.php' . '?exe_id=' . intval($_GET['exe_id']), 'name' => get_lang('Details')); $TBL_USER = Database::get_main_table(TABLE_MAIN_USER); $TBL_EXERCICES = Database::get_course_table(TABLE_QUIZ_TEST); $TBL_EXERCICES_QUESTION = Database::get_course_table(TABLE_QUIZ_QUESTION); $TBL_TRACK_EXERCICES = Database::get_main_table(TABLE_STATISTIC_TRACK_E_EXERCICES); $TBL_TRACK_ATTEMPT_RECORDING = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ATTEMPT_RECORDING); Display::display_header($nameTools, get_lang('Exercise')); if (isset($_GET['message'])) { if (in_array($_GET['message'], array('ExerciseEdited'))) { $my_message_history = Security::remove_XSS($_GET['message']); Display::display_confirmation_message(get_lang($my_message_history)); } } echo '<div class="actions">'; echo '<a href="exercise_report.php?' . api_get_cidreq() . '&filter=2">' . Display::return_icon('back.png', get_lang('BackToResultList'), '', ICON_SIZE_MEDIUM) . '</a>'; echo '</div>'; ?> <table class="data_table"> <tr class="row_odd"> <th><?php echo get_lang('Question'); ?> </th> <th width="50px"><?php
$form->addElement('text', $specific_field['code'], $specific_field['name']); $filter = array('c_id' => "'" . api_get_course_int_id() . "'", 'field_id' => $specific_field['id'], 'ref_id' => $_SESSION['oLP']->lp_id, 'tool_id' => '\'' . TOOL_LEARNPATH . '\''); $values = get_specific_field_values_list($filter, array('value')); if (!empty($values)) { $arr_str_values = array(); foreach ($values as $value) { $arr_str_values[] = $value['value']; } $defaults[$specific_field['code']] = implode(', ', $arr_str_values); } } } $defaults['lp_encoding'] = Security::remove_XSS($_SESSION['oLP']->encoding); $defaults['lp_name'] = Security::remove_XSS($_SESSION['oLP']->get_name()); $defaults['lp_author'] = Security::remove_XSS($_SESSION['oLP']->get_author()); $defaults['hide_toc_frame'] = Security::remove_XSS($_SESSION['oLP']->get_hide_toc_frame()); $defaults['category_id'] = intval($_SESSION['oLP']->get_category_id()); $expired_on = $_SESSION['oLP']->expired_on; $publicated_on = $_SESSION['oLP']->publicated_on; // Prerequisites $form->addElement('html', '<div class="control-group"><label class="control-label">' . get_lang('LearnpathPrerequisites') . '</label> <div class="controls">' . $_SESSION['oLP']->display_lp_prerequisites_list() . ' <span class="help-block">' . get_lang('LpPrerequisiteDescription') . '</span></div></div>'); $options = array('0' => get_lang('Unlimited')); for ($i = 1; $i <= 10; $i++) { $options[$i] = $i; } $form->addElement('select', 'max_attempts', get_lang('MaxAttempts'), $options); //Start date $form->addElement('checkbox', 'activate_start_date_check', null, get_lang('EnableStartTime'), array('onclick' => 'activate_start_date()')); $display_date = 'none'; if ($publicated_on != '0000-00-00 00:00:00' && !empty($publicated_on)) {
/** * @param string $helpInput */ public function set_help($helpInput = null) { if (!empty($helpInput)) { $help = $helpInput; } else { $help = $this->help; } $content = ''; if (api_get_setting('enable_help_link') == 'true') { if (!empty($help)) { $help = Security::remove_XSS($help); $content = '<li class="help">'; $content .= Display::url( Display::return_icon('help.large.png', get_lang('Help')), api_get_path(WEB_CODE_PATH).'help/help.php?open='.$help.'&height=400&width=600', array('class' => 'ajax')); $content .= '</li>'; } } $this->assign('help_content', $content); }
/** * Check if a document width the choosen filename allready exists */ function document_exists($filename) { global $filepath; $filename = addslashes(trim($filename)); $filename = Security::remove_XSS($filename); $filename = api_replace_dangerous_char($filename); $filename = FileManager::disable_dangerous_file($filename); return !file_exists($filepath . $filename . '.html'); }
if (isset($_GET['add'])) { header('Location: add_users_to_session.php?id_session=' . $id_session . '&add=true'); exit; } else { header('Location: resume_session.php?id_session=' . $id_session); exit; } } // display the dokeos header Display::display_header($tool_name); if ($add_type == 'multiple') { $link_add_type_unique = '<a href="' . api_get_self() . '?id_session=' . $id_session . '&add=' . Security::remove_XSS($_GET['add']) . '&add_type=unique">' . Display::return_icon('single.gif') . get_lang('SessionAddTypeUnique') . '</a>'; $link_add_type_multiple = Display::return_icon('multiple.gif') . get_lang('SessionAddTypeMultiple') . ' '; } else { $link_add_type_unique = Display::return_icon('single.gif') . get_lang('SessionAddTypeUnique') . ' '; $link_add_type_multiple = '<a href="' . api_get_self() . '?id_session=' . $id_session . '&add=' . Security::remove_XSS($_GET['add']) . '&add_type=multiple">' . Display::return_icon('multiple.gif') . get_lang('SessionAddTypeMultiple') . '</a>'; } // the form header $session_info = SessionManager::fetch($id_session); echo '<div class="actions">'; echo $link_add_type_unique . $link_add_type_multiple; echo '</div>'; /*$sql = 'SELECT COUNT(1) FROM '.$tbl_course; $rs = Database::query($sql); $count_courses = Database::result($rs, 0, 0);*/ $ajax_search = $add_type == 'unique' ? true : false; $nosessionCourses = $sessionCourses = array(); if ($ajax_search) { $sql = "SELECT code, title, visual_code, id_session\n\t\t\tFROM {$tbl_course} course\n\t\t\tINNER JOIN {$tbl_session_rel_course} session_rel_course\n\t\t\t\tON course.id = session_rel_course.c_id\n\t\t\t\tAND session_rel_course.id_session = " . intval($id_session) . "\n\t\t\tORDER BY " . (sizeof($courses) ? "(course.code IN(" . implode(',', $courses) . ")) DESC," : "") . " title"; if (api_is_multiple_url_enabled()) { $tbl_course_rel_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
} // LOAD DATA & DISPLAY TABLE - $is_platform_admin = api_is_platform_admin(); $is_course_admin = api_is_allowed_to_edit(); //load data for category, evaluation and links if (!isset($_GET['selectcat']) || empty($_GET['selectcat'])) { $category = 0; } else { $category = Security::remove_XSS($_GET['selectcat']); } // search form $simple_search_form = new UserForm(UserForm::TYPE_SIMPLE_SEARCH, null, 'simple_search_form', null, api_get_self() . '?selectcat=' . $selectcat); $values = $simple_search_form->exportValues(); $keyword = ''; if (isset($_GET['search']) && !empty($_GET['search'])) { $keyword = Security::remove_XSS($_GET['search']); } if ($simple_search_form->validate() && empty($keyword)) { $keyword = $values['keyword']; } if (!empty($keyword)) { $cats = Category::load($category); $allcat = array(); if (isset($_GET['selectcat']) && $_GET['selectcat'] == 0 && isset($_GET['search'])) { $allcat = $cats[0]->get_subcategories(null); $allcat_info = Category::find_category($keyword, $allcat); $alleval = array(); $alllink = array(); } else { $alleval = Evaluation::find_evaluations($keyword, $cats[0]->get_id()); $alllink = LinkFactory::find_links($keyword, $cats[0]->get_id());
* @author Julio Montoya switchable fill in blank option added * * @todo split more code up in functions, move functions to library? */ use ChamiloSession as Session; $debug = false; ////require_once '../inc/global.inc.php'; $this_section = SECTION_COURSES; /* ACCESS RIGHTS */ api_protect_course_script(true); if ($debug) { error_log('Entering exercise_result.php: ' . print_r($_POST, 1)); } // general parameters passed via POST/GET if (empty($origin)) { $origin = Security::remove_XSS($_REQUEST['origin']); } /** @var Exercise $objExercise */ if (empty($objExercise)) { $objExercise = Session::read('objExercise'); } if (empty($remind_list)) { $remind_list = isset($_REQUEST['remind_list']) ? $_REQUEST['remind_list'] : null; } $exe_id = isset($_REQUEST['exe_id']) ? intval($_REQUEST['exe_id']) : 0; if (empty($objExercise)) { // Redirect to the exercise overview // Check if the exe_id exists $objExercise = new Exercise(); $exercise_stat_info = $objExercise->get_stat_track_exercise_info_by_exe_id($exe_id); if (!empty($exercise_stat_info) && isset($exercise_stat_info['exe_exo_id'])) {
/** * @param string $uniqueId * @param int $userId * @param int $courseId * @param int $sessionId */ public function sendMailLink($uniqueId, $userId, $courseId, $sessionId) { $courseInfo = api_get_course_info_by_id($courseId); $courseCode = $courseInfo['code']; $url = api_get_path(WEB_CODE_PATH) . 'course_info/legal.php?web_agreement_link=' . $uniqueId . '&course_code=' . Security::remove_XSS($courseCode) . '&session_id=' . $sessionId; $courseUrl = Display::url($url, $url); $sessionInfo = api_get_session_info($sessionId); $sesstionTitle = null; if (!empty($sessionInfo)) { $sesstionTitle = ' (' . $sessionInfo['name'] . ')'; } $courseTitle = $courseInfo['title'] . $sesstionTitle; $subject = $this->get_lang("MailAgreement"); $message = sprintf($this->get_lang("MailAgreementWasSentWithClickX"), $courseTitle, $courseUrl); MessageManager::send_message_simple($userId, $subject, $message); }
$tool_name = get_lang('ModifySessionCourse'); api_display_tool_title($tool_name); ?> <div class="session-course-edit"> <form method="post" action="<?php echo api_get_self(); ?> ?id_session=<?php echo $id_session; ?> &course_code=<?php echo urlencode($course_code); ?> &page=<?php echo Security::remove_XSS($_GET['page']); ?> " style="margin:0px;"> <input type="hidden" name="formSent" value="1"> <div class="row"> <div class="col-md-12"> <div class="title"></div> <?php if (!empty($errorMsg)) { Display::display_normal_message($errorMsg); } ?> </div> </div> <div class="row">