private function get_announcements($username, $course_code, $announcement_id = 0)
{
$session_id = api_get_session_id();
$condition_session = api_get_session_condition($session_id);
$announcement_id = $announcement_id == 0 ? "" : "AND announcement.id=" . $announcement_id;
$user_id = UserManager::get_user_id_from_username($username);
//$listOfCourses = CourseManager::get_course_information_by_id($course_id);
$course_info = CourseManager::get_course_information($course_code);
$course_db = $course_info['db_name'];
$tbl_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY, $course_db);
$tbl_announcement = Database::get_course_table(TABLE_ANNOUNCEMENT, $course_db);
$maximum = '12';
$group_memberships = GroupManager::get_group_ids($course_info['real_id'], $user_id);
if (api_get_group_id() == 0) {
$cond_user_id = " AND ( ip.to_user_id='" . $user_id . "'" . "OR ip.to_group_id IN (0, " . implode(", ", $group_memberships) . ")) ";
} else {
$cond_user_id = " AND ( ip.to_user_id='" . $user_id . "'" . "OR ip.to_group_id IN (0, " . api_get_group_id() . ")) ";
}
// the user is member of several groups => display personal announcements AND his group announcements AND the general announcements
if (is_array($group_memberships) && count($group_memberships) > 0) {
$sql = "SELECT\n announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id\n FROM {$tbl_announcement} announcement, {$tbl_item_property} ip\n WHERE announcement.id = ip.ref\n AND ip.tool='announcement'\n AND ip.visibility='1'\n {$announcement_id}\n {$cond_user_id}\n {$condition_session}\n GROUP BY ip.ref\n ORDER BY display_order DESC\n LIMIT 0,{$maximum}";
} else {
// the user is not member of any group
// this is an identified user => show the general announcements AND his personal announcements
if ($user_id) {
if (api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous()) {
$cond_user_id = " AND (ip.lastedit_user_id = '" . api_get_user_id() . "' OR ( ip.to_user_id='" . $user_id . "' OR ip.to_group_id='0')) ";
} else {
$cond_user_id = " AND ( ip.to_user_id='" . $user_id . "' OR ip.to_group_id='0') ";
}
$sql = "SELECT\n announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id\n FROM {$tbl_announcement} announcement, {$tbl_item_property} ip\n WHERE announcement.id = ip.ref\n AND ip.tool='announcement'\n AND ip.visibility='1'\n {$announcement_id}\n {$cond_user_id}\n {$condition_session}\n GROUP BY ip.ref\n ORDER BY display_order DESC\n LIMIT 0,{$maximum}";
} else {
if (api_get_course_setting('allow_user_edit_announcement')) {
$cond_user_id = " AND (ip.lastedit_user_id = '" . api_get_user_id() . "' OR ip.to_group_id='0') ";
} else {
$cond_user_id = " AND ip.to_group_id='0' ";
}
// the user is not identiefied => show only the general announcements
$sql = "SELECT\n announcement.*, ip.visibility, ip.to_group_id, ip.insert_user_id\n FROM {$tbl_announcement} announcement, {$tbl_item_property} ip\n WHERE announcement.id = ip.ref\n AND ip.tool='announcement'\n AND ip.visibility='1'\n AND ip.to_group_id='0'\n {$announcement_id}\n {$condition_session}\n GROUP BY ip.ref\n ORDER BY display_order DESC\n LIMIT 0,{$maximum}";
}
}
$result = Database::query($sql);
return $result;
}
/**
* Returns either all course users or all session users depending on whether
* session is turned on or not
*
* @return array
*/
public function all_users()
{
$course_code = $this->course('code');
if (empty($this->session_id)) {
$group_id = api_get_group_id();
if (empty($group_id)) {
$user_list = CourseManager::get_user_list_from_course_code($course_code);
} else {
$user_list = GroupManager::get_users($group_id);
$new_user_list = array();
foreach ($user_list as $user) {
$new_user_list[] = array('user_id' => $user);
}
$user_list = $new_user_list;
}
} else {
$user_list = CourseManager::get_user_list_from_course_code($course_code, $this->session_id);
}
return $user_list;
}
);
});
function setFocus() {
$("#document_title").focus();
}
$(window).load(function () {
setFocus();
});
</script>';
require_once api_get_path(SYS_CODE_PATH) . 'document/document.inc.php';
//I'm in the certification module?
$is_certificate_mode = false;
$_course = api_get_course_info();
$groupId = api_get_group_id();
if (isset($_REQUEST['certificate']) && $_REQUEST['certificate'] == 'true') {
$is_certificate_mode = true;
}
if ($is_certificate_mode) {
$nameTools = get_lang('CreateCertificate');
} else {
$nameTools = get_lang('CreateDocument');
}
/* Constants and variables */
$doc_table = Database::get_course_table(TABLE_DOCUMENT);
$course_id = api_get_course_int_id();
$document_data = DocumentManager::get_document_data_by_id($_REQUEST['id'], api_get_course_id(), true);
if (empty($document_data)) {
if (api_is_in_group()) {
$group_properties = GroupManager::get_group_properties($groupId);
$attachment_list = get_attachment($row['post_id']);
}
$id_attach = !empty($attachment_list) ? $attachment_list['id'] : '';
$sql_post_id = "SELECT post_id FROM {$table_posts} WHERE c_id = {$course_id} AND post_title='" . Database::escape_string($row['thread_title']) . "'";
$result_post_id = Database::query($sql_post_id);
$row_post_id = Database::fetch_array($result_post_id);
if ($origin != 'learnpath') {
if (api_is_allowed_to_edit(false, true) && !(api_is_course_coach() && $current_forum['session_id'] != $_SESSION['id_session'])) {
echo '<a href="' . $forumUrl . 'editpost.php?' . api_get_cidreq() . '&forum=' . Security::remove_XSS($my_forum) . '&thread=' . Security::remove_XSS($row['thread_id']) . '&post=' . $row_post_id['post_id'] . '&id_attach=' . $id_attach . '">' . Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL) . '</a>';
if (api_resource_is_locked_by_gradebook($row['thread_id'], LINK_FORUM_THREAD)) {
echo Display::return_icon('delete_na.png', get_lang('ResourceLockedByGradebook'), array(), ICON_SIZE_SMALL);
} else {
echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&forum=' . Security::remove_XSS($my_forum) . '&action=delete&content=thread&id=' . $row['thread_id'] . $origin_string . "\" onclick=\"javascript:if(!confirm('" . addslashes(api_htmlentities(get_lang('DeleteCompleteThread'), ENT_QUOTES)) . "')) return false;\">" . Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL) . '</a>';
}
display_visible_invisible_icon('thread', $row['thread_id'], $row['visibility'], array('forum' => $my_forum, 'origin' => $origin, 'gidReq' => $groupId));
display_lock_unlock_icon('thread', $row['thread_id'], $row['locked'], array('forum' => $my_forum, 'origin' => $origin, 'gidReq' => api_get_group_id()));
echo '<a href="viewforum.php?' . api_get_cidreq() . '&forum=' . Security::remove_XSS($my_forum) . '&action=move&thread=' . $row['thread_id'] . $origin_string . '">' . Display::return_icon('move.png', get_lang('MoveThread'), array(), ICON_SIZE_SMALL) . '</a>';
}
}
$iconnotify = 'send_mail.gif';
if (is_array(isset($_SESSION['forum_notification']['thread']) ? $_SESSION['forum_notification']['thread'] : null)) {
if (in_array($row['thread_id'], $_SESSION['forum_notification']['thread'])) {
$iconnotify = 'send_mail_checked.gif';
}
}
$icon_liststd = 'user.png';
if (!api_is_anonymous() && api_is_allowed_to_session_edit(false, true)) {
echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&forum=' . Security::remove_XSS($my_forum) . '&origin=' . $origin . '&action=notify&content=thread&id=' . $row['thread_id'] . '">' . Display::return_icon($iconnotify, get_lang('NotifyMe')) . '</a>';
}
if (api_is_allowed_to_edit(null, true) && $origin != 'learnpath') {
echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&forum=' . Security::remove_XSS($my_forum) . '&origin=' . $origin . '&action=liststd&content=thread&id=' . $row['thread_id'] . '">' . Display::return_icon($icon_liststd, get_lang('StudentList'), array(), ICON_SIZE_SMALL) . '</a>';
*/
require_once '../inc/global.inc.php';
//exit;
$document_id = $_GET['id'];
$courseCode = api_get_course_id();
if ($document_id) {
$document_data = DocumentManager::get_document_data_by_id($document_id, $courseCode);
if (empty($document_data)) {
api_not_allowed();
}
} else {
api_not_allowed();
}
//Check user visibility
//$is_visible = DocumentManager::is_visible_by_id($document_id, $course_info, api_get_session_id(), api_get_user_id());
$is_visible = DocumentManager::check_visibility_tree($document_id, api_get_course_id(), api_get_session_id(), api_get_user_id(), api_get_group_id());
if (!api_is_allowed_to_edit() && !$is_visible) {
api_not_allowed(true);
}
$header_file = $document_data['path'];
$pathinfo = pathinfo($header_file);
$show_web_odf = false;
$web_odf_supported_files = DocumentManager::get_web_odf_extension_list();
if (in_array(strtolower($pathinfo['extension']), $web_odf_supported_files)) {
$show_web_odf = true;
}
$file_url_web = api_get_path(WEB_COURSE_PATH) . $_course['path'] . '/document' . $header_file;
if ($show_web_odf) {
//$htmlHeadXtra[] = api_get_js('webodf/webodf.js');
$htmlHeadXtra[] = api_get_js('wodotexteditor/wodotexteditor.js');
$htmlHeadXtra[] = api_get_js('wodotexteditor/localfileeditor.js');
// Tool introduction
if (empty($_GET['origin']) || $_GET['origin'] !== 'learnpath') {
Display::display_introduction_section(TOOL_ANNOUNCEMENT);
}
// Actions
$show_actions = false;
$actionsLeft = '';
if ((api_is_allowed_to_edit(false, true) || api_get_course_setting('announcement.allow_user_edit_announcement') && !api_is_anonymous()) && (empty($_GET['origin']) || $_GET['origin'] !== 'learnpath')) {
if (in_array($action, array('add', 'modify', 'view'))) {
$actionsLeft .= "<a href='" . api_get_self() . "?" . api_get_cidreq() . "&origin=" . $origin . "'>" . Display::return_icon('back.png', get_lang('Back'), '', ICON_SIZE_MEDIUM) . "</a>";
} else {
$actionsLeft .= "<a href='" . api_get_self() . "?" . api_get_cidreq() . "&action=add&origin=" . $origin . "'>" . Display::return_icon('new_announce.png', get_lang('AddAnnouncement'), '', ICON_SIZE_MEDIUM) . "</a>";
}
$show_actions = true;
} else {
if (in_array($action, array('view'))) {
$actionsLeft .= "<a href='" . api_get_self() . "?" . api_get_cidreq() . "&origin=" . $origin . "'>" . Display::return_icon('back.png', get_lang('Back'), '', ICON_SIZE_MEDIUM) . "</a>";
echo '</div>';
}
}
if (api_is_allowed_to_edit() && $announcement_number > 1) {
if (api_get_group_id() == 0) {
if (!isset($_GET['action'])) {
$actionsLeft .= "<a href=\"" . api_get_self() . "?" . api_get_cidreq() . "&action=delete_all\" onclick=\"javascript:if(!confirm('" . get_lang("ConfirmYourChoice") . "')) return false;\">" . Display::return_icon('delete_announce.png', get_lang('AnnouncementDeleteAll'), '', ICON_SIZE_MEDIUM) . "</a>";
}
}
}
if ($show_actions) {
echo Display::toolbarAction('toolbar', array($actionsLeft, $searchFormToString), 2, false);
}
echo $content;
/**
* Show the search widget
*
* The form will post to index.php by default, you can pass a value to
* $action to use a custom action.
* IMPORTANT: you have to call search_widget_prepare() before calling this
* function or otherwise the form will not behave correctly.
*
* @param string $action Just in case your action is not
* index.php
*/
function search_widget_show($action = 'index.php')
{
require_once api_get_path(LIBRARY_PATH) . 'search/ChamiloQuery.php';
// TODO: load images dinamically when they're avalaible from specific field ui to add
$groupId = api_get_group_id();
$sf_terms = array();
$specific_fields = get_specific_field_list();
$url_params = array();
if (($cid = api_get_course_id()) != -1) {
// with cid
// get search engine terms
$course_filter = chamilo_get_boolean_query(XAPIAN_PREFIX_COURSEID . $cid);
$dkterms = chamilo_query_simple_query('', 0, 1000, array($course_filter));
//prepare specific fields names (and also get possible URL param names)
foreach ($specific_fields as $specific_field) {
$temp = array();
if (is_array($dkterms) && count($dkterms) > 0) {
foreach ($dkterms[1] as $obj) {
$temp = array_merge($obj['sf-' . $specific_field['code']], $temp);
}
}
$sf_terms[$specific_field['code']] = $temp;
$url_params[] = 'sf_' . $specific_field['code'];
unset($temp);
}
} else {
// without cid
// prepare specific fields names (and also get possible URL param names)
foreach ($specific_fields as $specific_field) {
//get Xapian terms for a specific term prefix, in ISO, apparently
$sf_terms[$specific_field['code']] = xapian_get_all_terms(1000, $specific_field['code']);
$url_params[] = 'sf_' . $specific_field['code'];
}
}
echo '<h2>' . get_lang('Search') . '</h2>';
// Tool introduction
// TODO: Settings for the online editor to be checked (insert an image for example). Probably this is a special case here.
if (api_get_course_id() !== -1) {
if (!empty($groupId)) {
Display::display_introduction_section(TOOL_SEARCH . $groupId);
} else {
Display::display_introduction_section(TOOL_SEARCH);
}
}
$op = 'or';
if (!empty($_REQUEST['operator']) && in_array($op, array('or', 'and'))) {
$op = $_REQUEST['operator'];
}
//check if URL params are defined (to see if we show the thesaurus or not)
$show_thesaurus = false;
foreach ($url_params as $param) {
if (isset($_REQUEST[$param]) && is_array($_REQUEST[$param])) {
$thesaurus_decided = FALSE;
foreach ($_REQUEST[$param] as $term) {
if (!empty($term)) {
$show_thesaurus = true;
$thesaurus_decided = TRUE;
break;
}
}
if ($thesaurus_decided) {
break;
}
}
}
// create the form
// TODO: use FormValidator
display_search_form($action, $show_thesaurus, $sf_terms, $op);
}
/**
* Uploads a document
*
* @param array $files the $_FILES variable
* @param string $path
* @param string $title
* @param string $comment
* @param int $unzip unzip or not the file
* @param string $if_exists overwrite, rename or warn (default)
* @param bool $index_document index document (search xapian module)
* @param bool $show_output print html messages
* @return array|bool
*/
public static function upload_document($files, $path, $title = null, $comment = null, $unzip = 0, $if_exists = null, $index_document = false, $show_output = false, $fileKey = 'file')
{
$course_info = api_get_course_info();
$sessionId = api_get_session_id();
$course_dir = $course_info['path'] . '/document';
$sys_course_path = api_get_path(SYS_COURSE_PATH);
$base_work_dir = $sys_course_path . $course_dir;
if (isset($files[$fileKey])) {
$upload_ok = process_uploaded_file($files[$fileKey], $show_output);
if ($upload_ok) {
// File got on the server without problems, now process it
$new_path = handle_uploaded_document($course_info, $files[$fileKey], $base_work_dir, $path, api_get_user_id(), api_get_group_id(), null, $unzip, $if_exists, $show_output, false, null, $sessionId);
if ($new_path) {
$documentId = DocumentManager::get_document_id($course_info, $new_path, $sessionId);
if (!empty($documentId)) {
$table_document = Database::get_course_table(TABLE_DOCUMENT);
$params = array();
/*if ($if_exists == 'rename') {
// Remove prefix
$suffix = DocumentManager::getDocumentSuffix(
$course_info,
$sessionId,
api_get_group_id()
);
$new_path = basename($new_path);
$new_path = str_replace($suffix, '', $new_path);
error_log('renamed');
error_log($new_path);
$params['title'] = get_document_title($new_path);
} else {
if (!empty($title)) {
$params['title'] = get_document_title($title);
} else {
$params['title'] = get_document_title($files['file']['name']);
}
}*/
if (!empty($comment)) {
$params['comment'] = trim($comment);
}
Database::update($table_document, $params, array('id = ? AND c_id = ? ' => array($documentId, $course_info['real_id'])));
}
// Showing message when sending zip files
if ($new_path === true && $unzip == 1 && $show_output) {
Display::display_confirmation_message(get_lang('UplUploadSucceeded') . '<br />', false);
}
if ($index_document) {
self::index_document($documentId, $course_info['code'], null, $_POST['language'], $_REQUEST, $if_exists);
}
if (!empty($documentId) && is_numeric($documentId)) {
$documentData = self::get_document_data_by_id($documentId, $course_info['code'], false, $sessionId);
return $documentData;
}
}
}
}
return false;
}
/**
* @param string $tool Possible values:
* GroupManager::GROUP_TOOL_*
*
*/
function api_protect_course_group($tool, $showHeader = true)
{
$userId = api_get_user_id();
$groupId = api_get_group_id();
if (!empty($groupId)) {
$allow = GroupManager::user_has_access($userId, $groupId, $tool);
if (!$allow) {
api_not_allowed($showHeader);
}
}
}
/**
* @return array user list in chat
*/
function users_list_in_chat()
{
$list_users_in_chat = array();
$tbl_chat_connected = Database::get_course_table(TABLE_CHAT_CONNECTED);
$course_id = api_get_course_int_id();
$session_id = api_get_session_id();
$group_id = api_get_group_id();
if (!empty($group_id)) {
$extra_condition = " WHERE to_group_id = '{$group_id}'";
} else {
$extra_condition = api_get_session_condition($session_id, false);
}
$extra_condition .= " AND c_id = {$course_id} ";
$sql = 'SELECT user_id, last_connection FROM ' . $tbl_chat_connected . $extra_condition;
$result = Database::query($sql);
while ($row = Database::fetch_array($result, 'ASSOC')) {
$list_users_in_chat[] = $row;
}
return $list_users_in_chat;
}
if ($current_group['work_state'] == GroupManager::TOOL_PUBLIC) {
// Link to the works area of this group
$actions_array[] = array('url' => api_get_path(WEB_CODE_PATH) . 'work/work.php?' . api_get_cidreq(), 'content' => Display::return_icon('work.png', get_lang('GroupWork'), array(), ICON_SIZE_MEDIUM));
}
if ($current_group['announcements_state'] == GroupManager::TOOL_PUBLIC) {
// Link to a group-specific part of announcements
$actions_array[] = array('url' => api_get_path(WEB_CODE_PATH) . 'announcements/announcements.php?' . api_get_cidreq(), 'content' => Display::return_icon('announce.png', get_lang('GroupAnnouncements'), array(), ICON_SIZE_MEDIUM));
}
if ($current_group['wiki_state'] == GroupManager::TOOL_PUBLIC) {
// Link to the wiki area of this group
$actions_array[] = array('url' => api_get_path(WEB_CODE_PATH) . 'wiki/index.php?' . api_get_cidreq() . '&action=show&title=index&session_id=' . api_get_session_id() . '&group_id=' . $current_group['id'], 'content' => Display::return_icon('wiki.png', get_lang('GroupWiki'), array(), 32));
}
if ($current_group['chat_state'] == GroupManager::TOOL_PUBLIC) {
// Link to the chat area of this group
if (api_get_course_setting('allow_open_chat_window')) {
$actions_array[] = array('url' => "javascript: void(0);\" onclick=\"window.open('../chat/chat.php?" . api_get_cidreq() . "&toolgroup=" . $current_group['id'] . "','window_chat_group_" . api_get_course_id() . "_" . api_get_group_id() . "','height=380, width=625, left=2, top=2, toolbar=no, menubar=no, scrollbars=yes, resizable=yes, location=no, directories=no, status=no') \"", 'content' => Display::return_icon('chat.png', get_lang('Chat'), array(), 32));
} else {
$actions_array[] = array('url' => api_get_path(WEB_CODE_PATH) . "chat/chat.php?" . api_get_cidreq() . "&toolgroup=" . $current_group['id'], 'content' => Display::return_icon('chat.png', get_lang('Chat'), array(), 32));
}
}
if (!empty($actions_array)) {
echo Display::actions($actions_array);
}
}
/*
* List all the tutors of the current group
*/
$tutors = GroupManager::get_subscribed_tutors($current_group['id']);
$tutor_info = '';
if (count($tutors) == 0) {
$tutor_info = get_lang('GroupNoneMasc');
$lib_path = api_get_path(LIBRARY_PATH);
/* Libraries */
require_once $lib_path . 'document.lib.php';
api_protect_course_script(true);
$htmlHeadXtra[] = api_get_jqgrid_js();
$course_info = api_get_course_info();
$course_dir = $course_info['path'] . '/document';
$sys_course_path = api_get_path(SYS_COURSE_PATH);
$base_work_dir = $sys_course_path . $course_dir;
$http_www = api_get_path(WEB_COURSE_PATH) . $_course['path'] . '/document';
$dbl_click_id = 0;
// Used for avoiding double-click
/* Constants and variables */
$session_id = api_get_session_id();
$course_code = api_get_course_id();
$to_group_id = api_get_group_id();
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
$group_member_with_upload_rights = false;
// If the group id is set, we show them group documents
$group_properties = array();
$group_properties['directory'] = null;
// For sessions we should check the parameters of visibility
if (api_get_session_id() != 0) {
$group_member_with_upload_rights = $group_member_with_upload_rights && api_is_allowed_to_session_edit(false, true);
}
//Actions
$document_id = intval($_REQUEST['id']);
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : null;
switch ($action) {
case 'download':
$document_data = DocumentManager::get_document_data_by_id($document_id, api_get_course_id());
/**
* Check if a document width the chosen filename already exists
*/
function document_exists($filename)
{
global $dir;
$cleanName = api_replace_dangerous_char($filename);
// No "dangerous" files
$cleanName = disable_dangerous_file($cleanName);
return !DocumentManager::documentExists($dir . $cleanName . '.html', api_get_course_info(), api_get_session_id(), api_get_group_id());
}
$tool_name = get_lang('ToolWiki');
/* ACCESS */
api_protect_course_script();
api_block_anonymous_users();
api_protect_course_group(GroupManager::GROUP_TOOL_WIKI);
/* TRACKING */
Event::event_access_tool(TOOL_WIKI);
if ($groupId) {
$group_properties = GroupManager::get_group_properties($groupId);
$interbreadcrumb[] = array("url" => api_get_path(WEB_CODE_PATH) . "group/group.php?" . api_get_cidreq(), "name" => get_lang('Groups'));
$interbreadcrumb[] = array("url" => api_get_path(WEB_CODE_PATH) . "group/group_space.php?" . api_get_cidreq(), "name" => get_lang('GroupSpace') . ' ' . Security::remove_XSS($group_properties['name']));
//ensure this tool in groups whe it's private or deactivated
if ($group_properties['wiki_state'] == 0) {
api_not_allowed();
} elseif ($group_properties['wiki_state'] == 2) {
if (!api_is_allowed_to_edit(false, true) and !GroupManager::is_user_in_group(api_get_user_id(), api_get_group_id())) {
api_not_allowed();
}
}
}
$is_allowed_to_edit = api_is_allowed_to_edit(false, true);
// The page we are dealing with
$page = isset($_GET['title']) ? $_GET['title'] : 'index';
$action = isset($_GET['action']) ? Security::remove_XSS($_GET['action']) : 'showpage';
$view = isset($_GET['view']) ? Security::remove_XSS($_GET['view']) : null;
$wiki->page = $page;
$wiki->action = $action;
// Setting wiki data
if (!empty($view)) {
$wiki->setWikiData($view);
}
if ($origin != 'learnpath') {
echo '<div class="actions">';
echo '<span style="float:right;">' . search_link() . '</span>';
echo '<a href="viewthread.php?' . api_get_cidreq() . '&forum=' . Security::remove_XSS($_GET['forum']) . '&gradebook=' . $gradebook . '&thread=' . Security::remove_XSS($_GET['thread']) . '&origin=' . $origin . '">' . Display::return_icon('back.png', get_lang('BackToThread'), '', ICON_SIZE_MEDIUM) . '</a>';
echo '</div>';
} else {
echo '<div style="height:15px"> </div>';
}
/*New display forum div*/
echo '<div class="forum_title">';
echo '<h1><a href="viewforum.php?&origin=' . $origin . '&forum=' . $current_forum['forum_id'] . '" ' . class_visible_invisible($current_forum['visibility']) . '>' . prepare4display($current_forum['forum_title']) . '</a></h1>';
echo '<p class="forum_description">' . prepare4display($current_forum['forum_comment']) . '</p>';
echo '</div>';
/* End new display forum */
// The form for the reply
$my_action = isset($_GET['action']) ? Security::remove_XSS($_GET['action']) : '';
$my_post = isset($_GET['post']) ? Security::remove_XSS($_GET['post']) : '';
$my_elements = isset($_SESSION['formelements']) ? $_SESSION['formelements'] : '';
$values = show_add_post_form($current_forum, $forum_setting, $my_action, $my_post, $my_elements);
if (!empty($values) and isset($_POST['SubmitPost'])) {
$result = store_reply($current_forum, $values);
//@todo split the show_add_post_form function
$url = 'viewthread.php?forum=' . $current_thread['forum_id'] . '&gradebook=' . $gradebook . '&thread=' . intval($_GET['thread']) . '&gidReq=' . api_get_group_id() . '&origin=' . $origin . '&msg=' . $result['msg'] . '&type=' . $result['type'];
echo '
<script>
window.location = "' . $url . '";
</script>';
}
if (isset($origin) && $origin != 'learnpath') {
Display::display_footer();
}
/**
* @param int $filter
* @param string $view
* @return string
*/
public function displayActions($view, $filter = 0)
{
$courseInfo = api_get_course_info();
$actionsLeft = '';
$actionsLeft .= "<a href='" . api_get_path(WEB_CODE_PATH) . "calendar/agenda_js.php?type={$this->type}'>" . Display::return_icon('calendar.png', get_lang('Calendar'), '', ICON_SIZE_MEDIUM) . "</a>";
$courseCondition = '';
if (!empty($courseInfo)) {
$courseCondition = api_get_cidreq();
}
$actionsLeft .= "<a href='" . api_get_path(WEB_CODE_PATH) . "calendar/agenda_list.php?type={$this->type}&" . $courseCondition . "'>" . Display::return_icon('week.png', get_lang('AgendaList'), '', ICON_SIZE_MEDIUM) . "</a>";
$form = '';
if (api_is_allowed_to_edit(false, true) || api_get_course_setting('allow_user_edit_agenda') && !api_is_anonymous() && api_is_allowed_to_session_edit(false, true) || GroupManager::user_has_access(api_get_user_id(), api_get_group_id(), GroupManager::GROUP_TOOL_CALENDAR) && GroupManager::is_tutor_of_group(api_get_user_id(), api_get_group_id())) {
$actionsLeft .= Display::url(Display::return_icon('new_event.png', get_lang('AgendaAdd'), '', ICON_SIZE_MEDIUM), api_get_path(WEB_CODE_PATH) . "calendar/agenda.php?" . api_get_cidreq() . "&action=add&type=" . $this->type);
$actionsLeft .= Display::url(Display::return_icon('import_calendar.png', get_lang('ICalFileImport'), '', ICON_SIZE_MEDIUM), api_get_path(WEB_CODE_PATH) . "calendar/agenda.php?" . api_get_cidreq() . "&action=importical&type=" . $this->type);
if ($this->type == 'course') {
if (!isset($_GET['action'])) {
$form = new FormValidator('form-search', 'post', '', '', array(), FormValidator::LAYOUT_INLINE);
$attributes = array('multiple' => false, 'id' => 'select_form_id_search');
$selectedValues = $this->parseAgendaFilter($filter);
$this->showToForm($form, $selectedValues, $attributes);
$form = $form->returnForm();
}
}
}
if (api_is_platform_admin() || api_is_teacher() || api_is_student_boss() || api_is_drh() || api_is_session_admin() || api_is_coach()) {
if ($this->type == 'personal') {
$form = null;
if (!isset($_GET['action'])) {
$form = new FormValidator('form-search', 'get', api_get_self() . '?type=personal&', '', array(), FormValidator::LAYOUT_INLINE);
$sessions = SessionManager::get_sessions_by_user(api_get_user_id());
$form->addHidden('type', 'personal');
$sessions = array_column($sessions, 'session_name', 'session_id');
$sessions = ['0' => get_lang('SelectAnOption')] + $sessions;
$form->addSelect('session_id', get_lang('Session'), $sessions, ['id' => 'session_id', 'onchange' => 'submit();']);
//$form->addButtonFilter(get_lang('Filter'));
//$renderer = $form->defaultRenderer();
//$renderer->setCustomElementTemplate('<div class="col-md-6">{element}</div>');
$form->addButtonReset(get_lang('Reset'));
$form = $form->returnForm();
}
}
}
$actionsRight = '';
if ($view == 'calendar') {
$actionsRight .= $form;
}
$toolbar = Display::toolbarAction('toolbar-agenda', array(0 => $actionsLeft, 1 => $actionsRight), 2, false);
return $toolbar;
}
<?php
/* For licensing terms, see /license.txt */
/**
* Responses to AJAX calls for the document upload
*/
$action = $_REQUEST['a'];
switch ($action) {
case 'upload_file':
api_protect_course_script(true);
//User access same as upload.php
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
// This needs cleaning!
if (api_get_group_id()) {
if ($is_allowed_to_edit || GroupManager::is_user_in_group(api_get_user_id(), api_get_group_id())) {
// Only courseadmin or group members allowed
} else {
exit;
}
} elseif ($is_allowed_to_edit || is_my_shared_folder(api_get_user_id(), $_POST['curdirpath'], api_get_session_id())) {
} else {
// No course admin and no group member...
exit;
}
if (!empty($_FILES)) {
$file = $_FILES['file'];
$result = DocumentManager::upload_document($_FILES, $_POST['curdirpath'], $file['name'], null, 0, 'overwrite', false, false);
$json = array();
$json['name'] = Display::url(api_htmlentities($file['name']), api_htmlentities($result['url']), array('target' => '_blank'));
$json['type'] = api_htmlentities($file['type']);
$json['size'] = Text::format_file_size($file['size']);
/**
* This function stores a new thread. This is done through an entry in the forum_thread table AND
* in the forum_post table because. The threads are also stored in the item_property table. (forum posts are not (yet))
*
* @param array $current_forum
* @param array $values
* @param array $courseInfo
* @param bool $showMessage
* @return void HTML
*
* @author Patrick Cool <*****@*****.**>, Ghent University
* @version february 2006, dokeos 1.8
*/
function store_thread($current_forum, $values, $courseInfo = array(), $showMessage = true)
{
$courseInfo = empty($courseInfo) ? api_get_course_info() : $courseInfo;
$_user = api_get_user_info();
$course_id = $courseInfo['real_id'];
$courseCode = $courseInfo['code'];
$table_threads = Database::get_course_table(TABLE_FORUM_THREAD);
$table_posts = Database::get_course_table(TABLE_FORUM_POST);
$upload_ok = 1;
$has_attachment = false;
if (!empty($_FILES['user_upload']['name'])) {
$upload_ok = process_uploaded_file($_FILES['user_upload']);
$has_attachment = true;
}
if ($upload_ok) {
$post_date = api_get_utc_datetime();
if ($current_forum['approval_direct_post'] == '1' && !api_is_allowed_to_edit(null, true)) {
$visible = 0;
// The post has not been approved yet.
} else {
$visible = 1;
}
$clean_post_title = $values['post_title'];
// We first store an entry in the forum_thread table because the thread_id is used in the forum_post table.
$last_thread_id = Database::insert($table_threads, ['c_id' => $course_id, 'thread_title' => $clean_post_title, 'forum_id' => $values['forum_id'], 'thread_poster_id' => $_user['user_id'], 'thread_poster_name' => stripslashes(isset($values['poster_name']) ? $values['poster_name'] : ''), 'thread_date' => $post_date, 'thread_sticky' => isset($values['thread_sticky']) ? $values['thread_sticky'] : '', 'thread_title_qualify' => isset($values['calification_notebook_title']) ? $values['calification_notebook_title'] : '', 'thread_qualify_max' => isset($values['numeric_calification']) ? $values['numeric_calification'] : '', 'thread_weight' => isset($values['weight_calification']) ? $values['weight_calification'] : '', 'thread_peer_qualify' => isset($values['thread_peer_qualify']) ? $values['thread_peer_qualify'] : '', 'session_id' => api_get_session_id(), 'lp_item_id' => isset($values['lp_item_id']) ? intval($values['lp_item_id']) : 0]);
// Add option gradebook qualify.
if (isset($values['thread_qualify_gradebook']) && 1 == $values['thread_qualify_gradebook']) {
// Add function gradebook.
$resourcetype = 5;
$resourceid = $last_thread_id;
$resourcename = stripslashes($values['calification_notebook_title']);
$maxqualify = $values['numeric_calification'];
$weigthqualify = $values['weight_calification'];
$resourcedescription = '';
GradebookUtils::add_resource_to_course_gradebook($values['category_id'], $courseCode, $resourcetype, $resourceid, $resourcename, $weigthqualify, $maxqualify, $resourcedescription, 0, api_get_session_id());
}
if ($last_thread_id) {
$sql = "UPDATE {$table_threads} SET thread_id = {$last_thread_id}\n WHERE iid = {$last_thread_id}";
Database::query($sql);
api_item_property_update($courseInfo, TOOL_FORUM_THREAD, $last_thread_id, 'ForumThreadAdded', api_get_user_id(), api_get_group_id(), null, null, null, api_get_session_id());
// If the forum properties tell that the posts have to be approved
// we have to put the whole thread invisible,
// because otherwise the students will see the thread and not the post
// in the thread.
// We also have to change $visible because the post itself has to be
// visible in this case (otherwise the teacher would have
// to make the thread visible AND the post.
// Default behaviour
api_set_default_visibility($last_thread_id, TOOL_FORUM_THREAD, api_get_group_id(), $courseInfo);
if ($visible == 0) {
api_item_property_update($courseInfo, TOOL_FORUM_THREAD, $last_thread_id, 'invisible', api_get_user_id(), api_get_group_id());
$visible = 1;
}
}
// We now store the content in the table_post table.
$params = ['c_id' => $course_id, 'post_title' => $clean_post_title, 'post_text' => $values['post_text'], 'thread_id' => $last_thread_id, 'forum_id' => $values['forum_id'], 'poster_id' => $_user['user_id'], 'poster_name' => isset($values['poster_name']) ? $values['poster_name'] : '', 'post_date' => $post_date, 'post_notification' => isset($values['post_notification']) ? $values['post_notification'] : '', 'post_parent_id' => 0, 'visible' => $visible];
$last_post_id = Database::insert($table_posts, $params);
if ($last_post_id) {
$sql = "UPDATE {$table_posts} SET post_id = {$last_post_id}\n WHERE iid = {$last_post_id}";
Database::query($sql);
}
// Update attached files
if (!empty($_POST['file_ids']) && is_array($_POST['file_ids'])) {
foreach ($_POST['file_ids'] as $key => $id) {
editAttachedFile(array('comment' => $_POST['file_comments'][$key], 'post_id' => $last_post_id), $id);
}
}
// Now we have to update the thread table to fill the thread_last_post
// field (so that we know when the thread has been updated for the last time).
$sql = "UPDATE {$table_threads}\n SET thread_last_post = '" . Database::escape_string($last_post_id) . "'\n WHERE\n c_id = {$course_id} AND\n thread_id='" . Database::escape_string($last_thread_id) . "'";
$result = Database::query($sql);
$message = get_lang('NewThreadStored');
// Storing the attachments if any.
if ($has_attachment) {
// Try to add an extension to the file if it hasn't one.
$new_file_name = add_ext_on_mime(stripslashes($_FILES['user_upload']['name']), $_FILES['user_upload']['type']);
if (!filter_extension($new_file_name)) {
if ($showMessage) {
Display::display_error_message(get_lang('UplUnableToSaveFileFilteredExtension'));
}
} else {
if ($result) {
add_forum_attachment_file(isset($values['file_comment']) ? $values['file_comment'] : null, $last_post_id);
}
}
} else {
$message .= '<br />';
}
if ($current_forum['approval_direct_post'] == '1' && !api_is_allowed_to_edit(null, true)) {
$message .= get_lang('MessageHasToBeApproved') . '<br />';
$message .= get_lang('ReturnTo') . ' <a href="viewforum.php?' . api_get_cidreq() . '&forum=' . $values['forum_id'] . '">' . get_lang('Forum') . '</a><br />';
} else {
$message .= get_lang('ReturnTo') . ' <a href="viewforum.php?' . api_get_cidreq() . '&forum=' . $values['forum_id'] . '">' . get_lang('Forum') . '</a><br />';
$message .= get_lang('ReturnTo') . ' <a href="viewthread.php?' . api_get_cidreq() . '&forum=' . $values['forum_id'] . '&thread=' . $last_thread_id . '">' . get_lang('Message') . '</a>';
}
$reply_info['new_post_id'] = $last_post_id;
$my_post_notification = isset($values['post_notification']) ? $values['post_notification'] : null;
if ($my_post_notification == 1) {
set_notification('thread', $last_thread_id, true);
}
send_notification_mails($last_thread_id, $reply_info);
Session::erase('formelements');
Session::erase('origin');
Session::erase('breadcrumbs');
Session::erase('addedresource');
Session::erase('addedresourceid');
if ($showMessage) {
Display::display_confirmation_message($message, false);
}
} else {
if ($showMessage) {
Display::display_error_message(get_lang('UplNoFileUploaded'));
}
}
}
}
/* Header */
Event::event_access_tool(TOOL_DOCUMENT);
$display_dir = $dir;
if (isset($group)) {
$display_dir = explode('/', $dir);
unset($display_dir[0]);
unset($display_dir[1]);
$display_dir = implode('/', $display_dir);
}
// Interbreadcrumb for the current directory root path
$counter = 0;
if (isset($document_data['parents'])) {
foreach ($document_data['parents'] as $document_sub_data) {
//fixing double group folder in breadcrumb
if (api_get_group_id()) {
if ($counter == 0) {
$counter++;
continue;
}
}
$interbreadcrumb[] = array('url' => $document_sub_data['document_url'], 'name' => $document_sub_data['title']);
$counter++;
}
}
//make some vars
$wamiuserid = api_get_user_id();
Display::display_header($nameTools, 'Doc');
echo '<div class="actions">';
echo '<a href="document.php?id=' . $document_id . '">' . Display::return_icon('back.png', get_lang('BackTo') . ' ' . get_lang('DocumentsOverview'), '', ICON_SIZE_MEDIUM) . '</a>';
echo '</div>';
/**
* Email message
* @param int $receiverUserId
*
* @return string
*/
public function message($receiverUserId)
{
$content = $this->announcement('content');
$session_id = $this->session_id;
$content = AnnouncementManager::parse_content($receiverUserId, $content, $this->course('code'), $session_id);
$user_email = $this->sender('mail');
//$course_param = api_get_cidreq();
// Build the link by hand because api_get_cidreq() doesn't accept course params
$course_param = 'cidReq=' . api_get_course_id() . '&id_session=' . $session_id . '&gidReq=' . api_get_group_id();
$course_name = $this->course('title');
$result = "<div>{$content}</div>";
// Adding attachment
$attachment = $this->attachment();
if (!empty($attachment)) {
$result .= '<br />';
$result .= Display::url($attachment['filename'], api_get_path(WEB_CODE_PATH) . 'announcements/download.php?file=' . basename($attachment['path']) . '&' . $course_param) . '<br />';
}
$result .= '<hr />';
$sender_name = api_get_person_name($this->sender('firstName'), $this->sender('lastName'), PERSON_NAME_EMAIL_ADDRESS);
$result .= '<a href="mailto:' . $user_email . '">' . $sender_name . '</a><br/>';
$result .= '<a href="' . api_get_path(WEB_CODE_PATH) . 'announcements/announcements.php?' . $course_param . '">' . $course_name . '</a><br/>';
return $result;
}
";
var lang_failled_to_submit="<?php
echo get_lang('NanogongFailledToSubmit');
?>
";
var lang_submitted="<?php
echo get_lang('NanogongSubmitted');
?>
";
// user and group id
var nano_user_id="<?php
echo api_get_user_id();
?>
";
var nano_group_id="<?php
echo api_get_group_id();
?>
";
var nano_session_id="<?php
echo api_get_session_id();
?>
";
//path, url and filename
var filename = document.getElementById("audio_title").value+"_chnano_.wav";//adding name file, tag and extension
var filename = filename.replace(/\s/g, "_");//replace spaces by _
var filename = encodeURIComponent(filename);
var filepath="<?php
echo urlencode($filepath);
?>
";
var dir="<?php
<?php
/* For licensing terms, see /license.txt */
$language_file = 'survey';
//require_once '../inc/global.inc.php';
if (!api_is_allowed_to_edit(false, true)) {
api_not_allowed(true);
}
$survey_id = isset($_REQUEST['survey_id']) ? intval($_REQUEST['survey_id']) : null;
if (empty($survey_id)) {
api_not_allowed(true);
}
$survey_data = survey_manager::get_survey($survey_id);
$interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH) . 'survey/survey_list.php', 'name' => get_lang('SurveyList'));
$interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH) . 'survey/survey.php?survey_id=' . $survey_id, 'name' => strip_tags($survey_data['title']));
Display::display_header(get_lang('Survey'), 'Survey');
if (!survey_manager::survey_generation_hash_available()) {
api_not_allowed(true);
}
$link = survey_manager::generate_survey_link($survey_id, api_get_course_int_id(), api_get_session_id(), api_get_group_id());
echo '<div class="row">';
echo '<div class="span12" style="text-align:center">';
echo Display::url(get_lang('GenerateSurveyAccessLink'), $link, array('class' => 'btn btn-primary btn-large'));
echo '</div>';
echo '<div class="span12">';
echo get_lang('GenerateSurveyAccessLinkExplanation');
echo '<pre>';
echo $link;
echo '</pre>';
echo '</div>';
echo '</div>';
$course = api_get_course_info();
$documentPath = api_get_path(SYS_COURSE_PATH) . $course['path'] . "/document";
if (api_is_allowed_to_edit()) {
$columns = array('firstname', 'lastname', 'username', 'group_name', 'exe_date', 'score', 'actions');
} else {
$columns = array('exe_date', 'score', 'actions');
}
$result = ExerciseLib::get_exam_results_hotpotatoes_data($start, $limit, $sidx, $sord, $hotpot_path, $whereCondition);
break;
case 'get_work_student_list_overview':
if (!(api_is_allowed_to_edit() || api_is_coach())) {
return array();
}
require_once api_get_path(SYS_CODE_PATH) . 'work/work.lib.php';
$columns = array('student', 'works');
$result = getWorkUserListData($workId, api_get_course_id(), api_get_session_id(), api_get_group_id(), $start, $limit, $sidx, $sord);
break;
case 'get_hotpotatoes_exercise_results':
$course = api_get_course_info();
$documentPath = api_get_path(SYS_COURSE_PATH) . $course['path'] . "/document";
if (api_is_allowed_to_edit(null, true) || api_is_drh()) {
$columns = array('firstname', 'lastname', 'username', 'group_name', 'exe_date', 'score', 'actions');
} else {
$columns = array('exe_date', 'score', 'actions');
}
$result = ExerciseLib::get_exam_results_hotpotatoes_data($start, $limit, $sidx, $sord, $hotpot_path, $whereCondition);
break;
case 'get_sessions_tracking':
if (api_is_drh()) {
$sessions = SessionManager::get_sessions_followed_by_drh(api_get_user_id(), $start, $limit, false, false, false, null, $keyword, $description);
} else {
echo api_get_system_encoding();
?>
" />
<?php
echo '<title>' . get_lang('Chat') . ' - ' . $mycourseid . ' - ' . api_get_setting('siteName') . '</title>';
// If it is a group chat then the breadcrumbs.
if ($_SESSION['_gid'] or $_GET['group_id']) {
if (isset($_SESSION['_gid'])) {
$_clean['group_id'] = (int) $_SESSION['_gid'];
}
if (isset($_GET['group_id'])) {
$_clean['group_id'] = (int) Database::escape_string($_GET['group_id']);
}
$group_properties = GroupManager::get_group_properties($_clean['group_id']);
$interbreadcrumb[] = array('url' => '../group/group.php', 'name' => get_lang('Groups'));
$interbreadcrumb[] = array('url' => '../group/group_space.php?gidReq=' . api_get_group_id(), 'name' => get_lang('GroupSpace') . ' ' . $group_properties['name']);
$noPHP_SELF = true;
$shortBanner = false;
$add_group_to_title = ' (' . $group_properties['name'] . ')';
$groupfilter = 'group_id="' . $_clean['group_id'] . '"';
// Ensure this tool in groups whe it's private or deactivated
/*if ($group_properties['chat_state'] == 0) {
echo api_not_allowed();
} elseif ($group_properties['chat_state'] == 2) {
if (!api_is_allowed_to_edit(false,true) and !GroupManager :: is_user_in_group($_user['user_id'], $_SESSION['_gid'])) {
echo api_not_allowed();
}
}*/
} else {
$groupfilter = 'group_id=0';
}
/* INIT SECTION */
$language_file = array('document');
//require_once '../inc/global.inc.php';
$_SESSION['whereami'] = 'document/createpaint';
$this_section = SECTION_COURSES;
require_once 'document.inc.php';
$nameTools = get_lang('PhotoRetouching');
api_protect_course_script();
api_block_anonymous_users();
if (api_get_setting('enabled_support_paint') == 'false') {
api_not_allowed(true);
}
$document_data = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id(), true);
if (empty($document_data)) {
if (api_is_in_group()) {
$group_properties = GroupManager::get_group_properties(api_get_group_id());
$document_id = DocumentManager::get_document_id(api_get_course_info(), $group_properties['directory']);
$document_data = DocumentManager::get_document_data_by_id($document_id, api_get_course_id());
}
}
$document_id = $document_data['id'];
$dir = $document_data['path'];
//$dir = isset($_GET['dir']) ? Security::remove_XSS($_GET['dir']) : Security::remove_XSS($_POST['dir']);
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
//path for pixlr save
$_SESSION['paint_dir'] = Security::remove_XSS($dir);
if ($_SESSION['paint_dir'] == '/') {
$_SESSION['paint_dir'] = '';
}
$_SESSION['paint_file'] = get_lang('NewImage');
// Please, do not modify this dirname formatting
<?php
/* For licensing terms, see /license.txt */
/**
* Responses to AJAX calls
*/
$_dont_save_user_course_access = true;
require_once '../global.inc.php';
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : null;
if (api_is_anonymous()) {
exit;
}
// Course Chat
if ($action == 'preview') {
require_once api_get_path(SYS_CODE_PATH) . 'chat/chat_functions.lib.php';
echo saveMessage($_REQUEST['message'], api_get_user_id(), api_get_course_info(), api_get_session_id(), api_get_group_id(), true);
}
if (api_get_setting('allow_global_chat') == 'false') {
exit;
}
$to_user_id = isset($_REQUEST['to']) ? $_REQUEST['to'] : null;
$message = isset($_REQUEST['message']) ? $_REQUEST['message'] : null;
if (!isset($_SESSION['chatHistory'])) {
$_SESSION['chatHistory'] = array();
}
if (!isset($_SESSION['openChatBoxes'])) {
$_SESSION['openChatBoxes'] = array();
}
$chat = new Chat();
if (chat::disableChat()) {
exit;
/**
* Check if a document width the chosen filename already exists
*/
function document_exists($filename)
{
global $dir;
// Clean up the name, only ASCII characters should stay. (and strict)
$cleanName = replace_dangerous_char($filename, 'strict');
// No "dangerous" files
$cleanName = disable_dangerous_file($cleanName);
return !DocumentManager::documentExists($dir . $cleanName . '.html', api_get_course_info(), api_get_session_id(), api_get_group_id());
/*$filename = addslashes(trim($filename));
$filename = Security::remove_XSS($filename);
$filename = replace_dangerous_char($filename);
$filename = disable_dangerous_file($filename);
return !file_exists($filepath.$filename.'.html');*/
}
/**
* @param array $params
*/
static function show_form($params = array())
{
$form = new FormValidator('add_event', 'POST', api_get_self() . '?' . api_get_cidreq(), null, array('enctype' => 'multipart/form-data'));
$id = isset($params['id']) ? $params['id'] : null;
if ($id) {
$form_title = get_lang('ModifyCalendarItem');
$button = get_lang('ModifyEvent');
} else {
$form_title = get_lang('AddCalendarItem');
$button = get_lang('AgendaAdd');
}
$form->addElement('header', $form_title);
$form->addElement('hidden', 'id', $id);
$form->addElement('hidden', 'action', $params['action']);
$form->addElement('hidden', 'id_attach', $params['id_attach']);
$form->addElement('text', 'title', get_lang('ItemTitle'));
$group_id = api_get_group_id();
if (isset($group_id) && !empty($group_id)) {
$form->addElement('hidden', 'selected_form[0]', "GROUP:'.{$group_id}.'");
$form->addElement('hidden', 'to', 'true');
} else {
self::show_to_form($form, $to);
}
$form->addElement('text', 'start_date', get_lang('StartDate'));
$form->addElement('text', 'end_date', get_lang('EndDate'));
if (empty($id)) {
$form->addElement('advanced_settings', '<a href="javascript://" onclick="return plus_repeated_event();"><span id="plus2">
<img style="vertical-align:middle;" src="../img/div_show.gif" alt="" /> ' . get_lang('RepeatEvent') . '</span>
</a>');
$form->addElement('html', '<div style="display:block">');
$form->addElement('checkbox', 'repeat', null, get_lang('RepeatEvent'));
$repeat_events = array('daily' => get_lang('RepeatDaily'), 'weekly' => get_lang('RepeatWeekly'), 'monthlyByDate' => get_lang('RepeatMonthlyByDate'), 'yearly' => get_lang('RepeatYearly'));
$form->addElement('select', 'repeat_type', get_lang('RepeatType'), $repeat_events);
$form->addElement('text', 'repeat_end_day', get_lang('RepeatEnd'));
$form->addElement('html', '</div>');
if (!api_is_allowed_to_edit(null, true)) {
$toolbar = 'AgendaStudent';
} else {
$toolbar = 'Agenda';
}
//$form->addElement('html_editor', 'content', get_lang('Description'), null, array('ToolbarSet' => $toolbar, 'Width' => '100%', 'Height' => '200'));
$form->addElement('file', 'user_upload', get_lang('AddAnAttachment'));
$form->addElement('text', 'file_comment', get_lang('Comment'));
}
$form->addElement('button', 'submit', $button);
$form->display();
}
/**
* @param array $values
* @param array $file $_FILES['uploaded_file']
* @param bool $deleteFile
*/
public function save($values, $file = array(), $deleteFile = false)
{
$table = Database::get_main_table('session_rel_course_legal');
$courseId = $values['c_id'];
$sessionId = $values['session_id'];
$conditions = array('c_id' => $courseId, 'session_id' => $sessionId);
$course = api_get_course_info_by_id($courseId);
$legalData = $this->getData($courseId, $sessionId);
$coursePath = api_get_path(SYS_COURSE_PATH) . $course['directory'] . '/courselegal';
$uploadResult = $coursePath . '/' . $legalData['filename'];
if (!is_dir($coursePath)) {
mkdir($coursePath, api_get_permissions_for_new_directories());
}
$uploadOk = process_uploaded_file($file, false);
$fileName = null;
if ($uploadOk) {
$uploadResult = handle_uploaded_document($course, $file, $coursePath, '/', api_get_user_id(), api_get_group_id(), null, false, false, false, true);
if ($uploadResult) {
$fileName = basename($uploadResult);
// Delete old one if exists.
if ($legalData) {
if (!empty($legalData['filename'])) {
$fileToDelete = $coursePath . '/' . $legalData['filename'];
if (file_exists($fileToDelete)) {
unlink($fileToDelete);
}
}
}
}
}
$conditions['content'] = $values['content'];
$conditions['filename'] = $fileName;
if (empty($legalData)) {
$id = Database::insert($table, $conditions);
} else {
$id = $legalData['id'];
$updateParams = array('content' => $values['content']);
if (!empty($fileName)) {
$updateParams['filename'] = $fileName;
}
Database::update($table, $updateParams, array('id = ? ' => $id));
}
if ($deleteFile) {
Database::update($table, array('filename' => ''), array('id = ? ' => $id));
if (!empty($legalData['filename'])) {
$fileToDelete = $coursePath . '/' . $legalData['filename'];
if (file_exists($fileToDelete)) {
unlink($fileToDelete);
}
}
}
if (isset($values['remove_previous_agreements']) && !empty($values['remove_previous_agreements'])) {
$this->removePreviousAgreements($courseId, $sessionId);
}
$warnUsers = isset($values['warn_users_by_email']) ? $values['warn_users_by_email'] : null;
switch ($warnUsers) {
case '1':
// Nothing
break;
case '2':
// Send mail
$this->warnUsersByEmail($courseId, $sessionId);
break;
case '3':
// Send mail + attachment if exists.
if (!empty($legalData['filename'])) {
$this->warnUsersByEmail($courseId, $sessionId, $uploadResult);
}
break;
}
}
Display::display_header($nameTools, 'Doc');
if (isset($msgError)) {
Display::display_error_message($msgError);
}
if (isset($info_message)) {
Display::display_confirmation_message($info_message);
if (isset($_POST['origin'])) {
$slide_id = $_POST['origin_opt'];
$call_from_tool = $_POST['origin'];
}
}
// Owner
$document_info = api_get_item_property_info(api_get_course_int_id(), 'document', $document_id);
$owner_id = $document_info['insert_user_id'];
$last_edit_date = $document_info['lastedit_date'];
if ($owner_id == api_get_user_id() || api_is_platform_admin() || $is_allowed_to_edit || GroupManager::is_user_in_group(api_get_user_id(), api_get_group_id())) {
$action = api_get_self() . '?id=' . $document_data['id'];
$form = new FormValidator('formEdit', 'post', $action, null, array('class' => 'form-horizontal'));
// Form title
$form->addElement('header', $nameTools);
$form->addElement('hidden', 'filename');
$form->addElement('hidden', 'extension');
$form->addElement('hidden', 'file_path');
$form->addElement('hidden', 'commentPath');
$form->addElement('hidden', 'showedit');
$form->addElement('hidden', 'origin');
$form->addElement('hidden', 'origin_opt');
$form->add_textfield('title', get_lang('Title'));
$defaults['title'] = $document_data['title'];
$form->addElement('hidden', 'formSent');
$defaults['formSent'] = 1;
