cpf_validate_format_valitron($v); if (!$v->validate()) { Session::flashPost()->Messages($langFormErrors)->Errors($v->errors()); } else { // register user $depid = intval(isset($_POST['department']) ? $_POST['department'] : 0); $verified_mail = intval($_POST['verified_mail_form']); $all_set = register_posted_variables(array( 'auth_form' => true, 'uname_form' => true, 'surname_form' => true, 'givenname_form' => true, 'email_form' => true, 'language_form' => true, 'am_form' => false, 'phone_form' => false, 'password' => true, 'pstatus' => true, 'rid' => false, 'submit' => true)); if ($auth_form == 1) { // eclass authentication validateNode(intval($depid), isDepartmentAdmin()); $hasher = new PasswordHash(8, false); $password_encrypted = $hasher->HashPassword($_POST['password']); } else { $password_encrypted = $auth_ids[$_POST['auth_form']]; } $uid = Database::get()->query("INSERT INTO user
if (isset($_POST['create_restored_course'])) { if (!isset($_POST['token']) || !validate_csrf_token($_POST['token'])) csrf_token_error(); $currentCourseCode = $course_code; $restoreThis = $webDir . '/courses/tmpUnzipping/' . $uid . '/' . safe_filename(); mkdir($restoreThis, 0755, true); archiveTables($course_id, $course_code, $restoreThis); recurse_copy($webDir . '/courses/' . $course_code, $restoreThis . '/html'); register_posted_variables(array( 'course_code' => true, 'course_lang' => true, 'course_title' => true, 'course_desc' => true, 'course_vis' => true, 'course_prof' => true), 'all'); create_restored_course($tool_content, $restoreThis, $course_code, $course_lang, $course_title, $course_desc, $course_vis, $course_prof); $course_code = $currentCourseCode; // revert course code to the correct value } else { $desc = Database::get()->querySingle("SELECT description FROM course WHERE id = ?d", $course_id)->description; $old_deps = array(); Database::get()->queryFunc("SELECT department FROM course_department WHERE course = ?d", function ($dep) use ($treeObj, &$old_deps) { $old_deps[] = array('name' => $treeObj->getFullPath($dep->department)); }, $course_id); $tool_content = course_details_form($public_code, $currentCourseName, $titulaires, $currentCourseLanguage, null, $visible, $desc, $old_deps);
$dbPassForm = $helpdeskmail = $faxForm = $postaddressForm = ''; $eclass_stud_reg = 2; $eclass_prof_reg = 1; } else { register_posted_variables(array( 'lang' => true, 'dbHostForm' => true, 'dbUsernameForm' => true, 'dbNameForm' => true, 'dbPassForm' => true, 'dbMyAdmin' => true, 'urlForm' => true, 'nameForm' => true, 'loginForm' => true, 'passForm' => true, 'campusForm' => true, 'helpdeskForm' => true, 'helpdeskmail' => true, 'faxForm' => true, 'postaddressForm' => true, 'eclass_stud_reg' => true, 'eclass_prof_reg' => true, 'emailForm' => true, 'lang' => true, 'institutionForm' => true, 'institutionUrlForm' => true)); } function hidden_vars($names) { $out = ''; foreach ($names as $name) {
$('input[name=l_radio]').change(function () { if ($('#cc_license').is(":checked")) { showCCFields(); } else { hideCCFields(); } }).change(); }); /* ]]> */ </script> hContent; register_posted_variables(array('title' => true, 'password' => true, 'prof_names' => true)); if (empty($prof_names)) { $prof_names = "$_SESSION[givenname] $_SESSION[surname]"; } // departments and validation $allow_only_defaults = get_config('restrict_teacher_owndep') && !$is_admin; $allowables = array(); if ($allow_only_defaults) { // Method: getDepartmentIdsAllowedForCourseCreation // fetches only specific tree nodes, not their sub-children //$user->getDepartmentIdsAllowedForCourseCreation($uid); // the code below searches for the allow_course flag in the user's department subtrees $userdeps = $user->getDepartmentIds($uid); $subs = $tree->buildSubtreesFull($userdeps); foreach ($subs as $node) {
draw($tool_content, 0); exit; } if ($prof and !$eclass_prof_reg) { $tool_content .= "<div class='alert alert-danger'>{$langForbidden}</div>"; draw($tool_content, 0); exit; } if (!$prof and $eclass_stud_reg != 1) { $tool_content .= "<div class='alert alert-danger'>{$langForbidden}</div>"; draw($tool_content, 0); exit; } $am_required = !$prof && get_config('am_required'); $errors = array(); $all_set = register_posted_variables(array('usercomment' => true, 'givenname' => true, 'surname' => true, 'username' => true, 'userphone' => $prof, 'usermail' => true, 'am' => $am_required, 'department' => true, 'captcha_code' => false)); if (!$all_set) { $errors[] = $langFieldsMissing; } if (!email_seems_valid($usermail)) { $errors[] = $langEmailWrong; $all_set = false; } else { $usermail = mb_strtolower(trim($usermail)); } // check if the username is already in use $username = canonicalize_whitespace($username); if (user_exists($username)) { $errors[] = $langUserFree; $all_set = false; }
} if ($is_editor) { $agdx = new AgendaIndexer(); // modify visibility if (isset($_GET['mkInvisibl']) and $_GET['mkInvisibl'] == true) { Database::get()->query("UPDATE agenda SET visible = 0 WHERE course_id = ?d AND id = ?d", $course_id, $id); $agdx->store($id); redirect_to_home_page("modules/agenda/index.php?course=$course_code&v=1"); } elseif (isset($_GET['mkVisibl']) and ( $_GET['mkVisibl'] == true)) { Database::get()->query("UPDATE agenda SET visible = 1 WHERE course_id = ?d AND id = ?d", $course_id, $id); $agdx->store($id); redirect_to_home_page("modules/agenda/index.php?course=$course_code&v=1"); } if (isset($_POST['event_title'])) { register_posted_variables(array('startdate' => true, 'event_title' => true, 'content' => true, 'duration' => true)); $content = purify($content); if (isset($_POST['id']) and !empty($_POST['id'])) { // update event $id = $_POST['id']; $recursion = null; if (!empty($_POST['frequencyperiod']) && intval($_POST['frequencynumber']) > 0 && !empty($_POST['enddate'])) { $recursion = array('unit' => $_POST['frequencyperiod'], 'repeat' => $_POST['frequencynumber'], 'end' => $_POST['enddate']); } if(isset($_POST['rep']) && $_POST['rep'] == 'yes'){ $resp = update_recursive_event($id, $event_title, $startdate, $duration, $content, $recursion); } else { $resp = update_event($id, $event_title, $startdate, $duration, $content, $recursion); } $agdx->store($id); } else { // add new event $recursion = null;
$_POST['restoreThis'] = null; // satisfy course_details_form() if (isset($_POST['create_restored_course'])) { $tool_content = "posted"; $currentCourseCode = $course_code; $success = doArchive($course_id, $course_code); if ($success !== 0) { $retArr = unpack_zip_inner($webDir . "/courses/archive/{$course_code}/{$course_code}-" . date('Ymd') . ".zip"); $restoreEntry = null; foreach ($retArr as $entry) { if ($entry['course'] === $course_code) { $restoreEntry = $entry; } } if ($restoreEntry !== null) { $_POST['restoreThis'] = $restoreEntry['path']; // assign the real value to the variable, but no real essence here register_posted_variables(array('restoreThis' => true, 'course_code' => true, 'course_lang' => true, 'course_title' => true, 'course_desc' => true, 'course_vis' => true, 'course_prof' => true), 'all', 'autounquote'); create_restored_course($tool_content, $restoreThis, $course_code, $course_lang, $course_title, $course_vis, $course_prof); $tool_content .= "</p><br /><center><p><a href='index.php?course={$currentCourseCode}'>{$langBack}</a></p></center>"; $course_code = $currentCourseCode; // revert course code to the correct value } } } else { $tool_content = course_details_form($public_code, $currentCourseName, $titulaires, $currentCourseLanguage, null, $visible, '', null); } load_js('jstree'); list($js, $html) = $treeObj->buildCourseNodePicker(); $head_content .= $js; draw($tool_content, 2, null, $head_content);
Log::record($course_id, MODULE_ID_USERS, LOG_INSERT, array('uid' => $uid_to_add, 'right' => '+5')); if ($result) { $tool_content .= "<div class='alert alert-success'>{$langTheU} {$langAdded}</div>"; // notify user via email $email = uid_to_email($uid_to_add); if (!empty($email) and email_seems_valid($email)) { $emailsubject = "{$langYourReg} " . course_id_to_title($course_id); $emailbody = "{$langNotifyRegUser1} '" . course_id_to_title($course_id) . "' {$langNotifyRegUser2} {$langFormula} \n{$gunet}"; send_mail('', '', '', $email, $emailsubject, $emailbody, $charset); } } else { $tool_content .= "<div class='alert alert-warning'>{$langAddError}</div>"; } $tool_content .= "<br /><p><a href='{$_SERVER['SCRIPT_NAME']}?course={$course_code}'>{$langAddBack}</a></p><br />\n"; } else { register_posted_variables(array('search_surname' => true, 'search_givenname' => true, 'search_username' => true, 'search_am' => true), 'any'); $tool_content .= action_bar(array(array('title' => $langBack, 'url' => "index.php?course={$course_code}", 'icon' => 'fa-reply', 'level' => 'primary-label'))); $tool_content .= "<div class='alert alert-info'>{$langAskUser}</div>\n <div class='form-wrapper'>\n <form class='form-horizontal' role='form' method='post' action='{$_SERVER['SCRIPT_NAME']}?course={$course_code}'> \n <fieldset>\n <div class='form-group'>\n <label for='surname' class='col-sm-2 control-label'>{$langSurname}:</label>\n <div class='col-sm-10'>\n <input class='form-control' id='surname' type='text' name='search_surname' value='" . q($search_surname) . "' placeholder='{$langSurname}'></div>\n </div>\n <div class='form-group'>\n <label for='name' class='col-sm-2 control-label'>{$langName}:</label>\n <div class='col-sm-10'>\n <input class='form-control' id='name' type='text' name='search_givenname' value='" . q($search_givenname) . "' placeholder='{$langName}'></div>\n </div>\n <div class='form-group'>\n <label for='username' class='col-sm-2 control-label'>{$langUsername}:</label>\n <div class='col-sm-10'>\n <input class='form-control' id='username' type='text' name='search_username' value='" . q($search_username) . "' placeholder='{$langUsername}'></div>\n </div>\n <div class='form-group'>\n <label for='am' class='col-sm-2 control-label'>{$langAm}:</label>\n <div class='col-sm-10'>\n <input class='form-control' id='am' type='text' name='search_am' value='" . q($search_am) . "' placeholder='{$langAm}'></div>\n </div>\n <div class='col-sm-offset-2 col-sm-10'>\n <input class='btn btn-primary' type='submit' name='search' value='{$langSearch}'>\n <a class='btn btn-default' href='index.php?course={$course_code}'>{$langCancel}</a>\n </div>\n </fieldset>\n </form>\n </div>"; $search = array(); $values = array(); foreach (array('surname', 'givenname', 'username', 'am') as $term) { $tvar = 'search_' . $term; if (!empty($GLOBALS[$tvar])) { $search[] = "u.{$term} LIKE ?s"; $values[] = $GLOBALS[$tvar] . '%'; } } $query = join(' AND ', $search); if (!empty($query)) { Database::get()->query("CREATE TEMPORARY TABLE lala AS\n SELECT user_id FROM course_user WHERE course_id = ?d", $course_id); $result = Database::get()->queryArray("SELECT u.id, u.surname, u.givenname, u.username, u.am FROM\n user u LEFT JOIN lala c ON u.id = c.user_id WHERE\n c.user_id IS NULL AND {$query}", $values);
$require_admin = TRUE; require_once '../../include/baseTheme.php'; require_once 'modules/auth/auth.inc.php'; $toolName = $langAuthChangeUser; $navigation[] = array('url' => 'index.php', 'name' => $langAdmin); $navigation[] = array('url' => 'auth.php', 'name' => $langUserAuthentication); if (isset($_GET['auth'])) { $auth = $_GET['auth']; $_SESSION['auth_temp'] = $auth; } if (!isset($auth)) { $auth = $_SESSION['auth_temp']; } $tool_content .= action_bar(array(array('title' => $langBack, 'url' => "auth.php", 'icon' => 'fa-reply', 'level' => 'primary-label'))); $auth_change = isset($_REQUEST['auth_change']) ? intval($_REQUEST['auth_change']) : false; register_posted_variables(array('submit' => true)); if ($submit && $auth && $auth_change) { if (Database::get()->query("UPDATE user SET password=?s WHERE password=?s AND id != 1", $auth_ids[$auth_change], $auth_ids[$auth])->affectedRows >= 1) { $tool_content .= "<div class='alert alert-success'>{$langAuthChangeYes}</div"; draw($tool_content, 3); } } $auth_methods = get_auth_active_methods(); foreach ($auth_methods as $key => $value) { // remove current auth method if ($auth == $value or $value == 1) { // cannot change to eclass native method unset($auth_methods[$key]); } } foreach ($auth_methods as $value) {
/** * @brief add / edit video category * @global type $course_id * @global type $langCategoryAdded * @global type $langCategoryModded * @global type $categoryname * @global type $description */ function submit_video_category() { global $langCategoryAdded, $langCategoryModded, $categoryname, $description, $course_id; register_posted_variables(array('categoryname' => true, 'description' => true), 'all', 'trim'); $description = purify($description); if (isset($_POST['id'])) { Database::get()->query("UPDATE `video_category` SET name = ?s, description = ?s WHERE id = ?d", $categoryname, $description, $_POST['id']); $catlinkstatus = $langCategoryModded; } else { Database::get()->query("INSERT INTO `video_category` SET name = ?s, description = ?s, course_id = ?d", $categoryname, $description, $course_id); $catlinkstatus = $langCategoryAdded; } }
$head_content .= "pwStrengthGood: '" . js_escape($langPwStrengthGood) . "', "; $head_content .= "pwStrengthStrong: '" . js_escape($langPwStrengthStrong) . "'"; $head_content .= <<<hContent }; \$(document).ready(function() { \$('#password').keyup(function() { \$('#result').html(checkStrength(\$('#password').val())) }); }); /* ]]> */ </script> hContent; $reqtype = ''; $all_set = register_posted_variables(array('auth' => true, 'uname' => true, 'surname_form' => true, 'givenname_form' => true, 'email_form' => true, 'verified_mail_form' => false, 'language' => true, 'department' => true, 'am' => false, 'phone' => false, 'password' => true, 'pstatus' => true, 'rid' => false, 'submit' => true)); $submit = isset($_POST['submit']) ? $_POST['submit'] : ''; if (isset($_GET['id'])) { $tool_content .= action_bar(array(array('title' => $langBack, 'url' => "../admin/index.php", 'icon' => 'fa-reply', 'level' => 'primary-label'), array('title' => $langBackRequests, 'url' => "../admin/listreq.php{$reqtype}", 'icon' => 'fa-reply', 'level' => 'primary'), array('title' => $langRejectRequest, 'url' => "listreq.php?id={$_GET['id']}&close=2", 'icon' => 'fa-ban', 'level' => 'primary'), array('title' => $langClose, 'url' => "listreq.php?id={$_GET['id']}&close=1", 'icon' => 'fa-close', 'level' => 'primary'))); } else { if (isset($rid) and $rid) { $backlink = "{$_SERVER['SCRIPT_NAME']}?id={$rid}"; } else { $backlink = $_SERVER['SCRIPT_NAME']; } $tool_content .= action_bar(array(array('title' => $langBack, 'url' => "../admin/index.php", 'icon' => 'fa-reply', 'level' => 'primary-label'), array('title' => $langBackRequests, 'url' => "../admin/listreq.php{$reqtype}", 'icon' => 'fa-reply', 'level' => 'primary', 'show' => isset($submit) and $success))); } if ($submit) { // register user $depid = intval(isset($_POST['department']) ? $_POST['department'] : 0); $proflanguage = $session->validate_language_code(@$_POST['language']);
if (get_config("display_captcha")) { $tool_content .= "<div class='form-group'> \n <div class='col-sm-offset-2 col-sm-10'><img id='captcha' src='{$urlAppend}include/securimage/securimage_show.php' alt='CAPTCHA Image' /></div><br>\n <label for='Captcha' class='col-sm-2 control-label'>{$langCaptcha}:</label>\n <div class='col-sm-10'><input type='text' name='captcha_code' maxlength='6'/></div>\n </div>"; } $tool_content .= "<div class='col-sm-offset-2 col-sm-10'>\n <input class='btn btn-primary' type='submit' name='submit' value='" . q($langRegistration) . "' />\n </div>\n </fieldset>\n </form>\n </div>"; } else { if (get_config('email_required')) { $email_arr_value = true; } else { $email_arr_value = false; } if (get_config('am_required')) { $am_arr_value = true; } else { $am_arr_value = false; } $missing = register_posted_variables(array('uname' => true, 'surname_form' => true, 'givenname_form' => true, 'password' => true, 'password1' => true, 'email' => $email_arr_value, 'phone' => false, 'am' => $am_arr_value)); if (!isset($_POST['department'])) { $departments = array(); $missing = false; } else { $departments = $_POST['department']; } $registration_errors = array(); // check if there are empty fields if (!$missing) { $registration_errors[] = $langFieldsMissing; } else { $uname = canonicalize_whitespace($uname); // check if the username is already in use $username_check = Database::get()->querySingle("SELECT username FROM user WHERE username = ?s", $uname); if ($username_check) {
$wiki->setACL($wikiACL); $wiki->setGroupId($id); $wikiId = $wiki->save(); $mainPageContent = $langWikiMainPageContent; $wikiPage = new WikiPage($wikiId); $wikiPage->create($uid, '__MainPage__', $mainPageContent, '', date("Y-m-d H:i:s"), true); /* * ************************************ */ Log::record($course_id, MODULE_ID_GROUPS, LOG_INSERT, array('id' => $id, 'name' => "{$langGroup} {$group_num}", 'max_members' => $group_max, 'secret_directory' => $secretDirectory)); } if ($group_quantity == 1) { $message = "{$group_quantity} {$langGroupAdded}"; } else { $message = "{$group_quantity} {$langGroupsAdded}"; } } elseif (isset($_POST['properties'])) { register_posted_variables(array('self_reg' => true, 'multi_reg' => true, 'private_forum' => true, 'has_forum' => true, 'documents' => true, 'wiki' => true), 'all'); Database::get()->query("UPDATE group_properties SET\n self_registration = ?d,\n multiple_registration = ?d,\n private_forum = ?d,\n forum = ?d,\n documents = ?d,\n wiki = ?d WHERE course_id = ?d", $self_reg, $multi_reg, $private_forum, $has_forum, $documents, $wiki, $course_id); $message = $langGroupPropertiesModified; } elseif (isset($_REQUEST['delete_all'])) { /* * ************Delete All Group Wikis********** */ $sql = "SELECT id " . "FROM wiki_properties " . "WHERE group_id " . "IN (SELECT id FROM `group` WHERE course_id = ?d)"; $results = Database::get()->queryArray($sql, $course_id); if (is_array($results)) { foreach ($results as $result) { $wikiStore = new WikiStore(); $wikiStore->deleteWiki($result->id); } } /* * ******************************************** */ /* * ************Delete All Group Forums********** */ $results = Database::get()->queryArray("SELECT `forum_id` FROM `group` WHERE `course_id` = ?d AND `forum_id` <> 0 AND `forum_id` IS NOT NULL", $course_id);
/** /* * Mass change user's mail verification status * @author Kapetanakis Giannis <*****@*****.**> * @abstract This component massively changes user's verification status. * */ $require_admin = TRUE; require_once '../../include/baseTheme.php'; $toolName = $langMailVerification; $navigation[] = array('url' => 'index.php', 'name' => $langAdmin); $tool_content .= action_bar(array(array('title' => $langBack, 'url' => "{$_SERVER['PHP_SELF']}", 'icon' => 'fa-reply', 'level' => 'primary-label'))); $mr = get_config('email_required') ? $m['yes'] : $m['no']; $mv = get_config('email_verification_required') ? $m['yes'] : $m['no']; $mm = get_config('dont_mail_unverified_mails') ? $m['yes'] : $m['no']; register_posted_variables(array('submit' => true, 'submit0' => true, 'submit1' => true, 'submit2' => true, 'old_mail_ver' => true, 'new_mail_ver' => true)); $mail_ver_data[0] = $langMailVerificationPendingU; $mail_ver_data[1] = $langMailVerificationYesU; $mail_ver_data[2] = $langMailVerificationNoU; if (!empty($submit) && (isset($old_mail_ver) && isset($new_mail_ver))) { if ($old_mail_ver != $new_mail_ver) { $old_mail_ver = intval($old_mail_ver); $new_mail_ver = intval($new_mail_ver); $count = Database::get()->query("UPDATE `user` set verified_mail=?s WHERE verified_mail=?s AND user_id!=1", $new_mail_ver, $old_mail_ver)->affectedRows; if ($count > 0) { $user = $count == 1 ? $langOfUser : $langUsersS; $tool_content .= "<div class='alert alert-success'>{$langMailVerificationChanged} {$m['from']} «{$mail_ver_data[$old_mail_ver]}» {$m['in']} «{$mail_ver_data[$new_mail_ver]}» {$m['in']} {$count} {$user}</div>"; } else { $tool_content .= "<div class='alert alert-danger'>{$langMailVerificationChangedNoAdmin}</div>"; } } else {
'givenname' => true, 'surname' => true, 'username' => true, 'userphone' => $prof, 'usermail' => true, 'am' => $am_required, 'department' => true, 'captcha_code' => false, 'provider' => false, 'provider_name' => false, 'provider_id' => false); //add custom profile fields required variables augment_registered_posted_variables_arr($var_arr); $all_set = register_posted_variables($var_arr); if (!$all_set) { $errors[] = $langFieldsMissing; } if (!email_seems_valid($usermail)) { $errors[] = $langEmailWrong; $all_set = false; } else { $usermail = mb_strtolower(trim($usermail)); } // check if the username is already in use $username = canonicalize_whitespace($username); if (user_exists($username)) {
require_once 'videolinkindexer.class.php'; require_once 'exerciseindexer.class.php'; require_once 'forumindexer.class.php'; require_once 'forumtopicindexer.class.php'; require_once 'forumpostindexer.class.php'; require_once 'documentindexer.class.php'; require_once 'unitindexer.class.php'; require_once 'unitresourceindexer.class.php'; $pageName = $langSearch; if (!get_config('enable_search')) { $tool_content .= "<div class='alert alert-info'>{$langSearchDisabled}</div>"; draw($tool_content, 2); exit; } $found = false; register_posted_variables(array('announcements' => true, 'agenda' => true, 'course_units' => true, 'documents' => true, 'exercises' => true, 'forums' => true, 'links' => true, 'video' => true), 'all'); if (isset($_GET['all'])) { $all = intval($_GET['all']); $announcements = $agenda = $course_units = $documents = $exercises = $forums = $links = $video = 1; } if (isset($_REQUEST['search_terms'])) { $search_terms = addslashes($_REQUEST['search_terms']); } if (empty($search_terms)) { // display form $tool_content .= "\n <form method='post' action='{$_SERVER['SCRIPT_NAME']}'>\n <fieldset>\n <legend>{$langSearchCriteria}</legend>\n <table width='100%' class='tbl'>\n <tr>\n <th class='left' width='120'>{$langOR}</th>\n <td colspan='2'><input name='search_terms' type='text' size='80'/></td>\n </tr>\n <tr>\n <th width='30%' class='left' valign='top' rowspan='4'>{$langSearchIn}</th>\n <td width='35%'><input type='checkbox' name='announcements' checked='checked' />{$langAnnouncements}</td>\n <td width='35%'><input type='checkbox' name='agenda' checked='checked' />{$langAgenda}</td>\n </tr>\n <tr>\n <td><input type='checkbox' name='course_units' checked='checked' />{$langCourseUnits}</td>\n <td><input type='checkbox' name='documents' checked='checked' />{$langDoc}</td>\n </tr>\n <tr>\n <td><input type='checkbox' name='forums' checked='checked' />{$langForums}</td>\n <td><input type='checkbox' name='exercises' checked='checked' />{$langExercices}</td>\n </tr>\n <tr>\n <td><input type='checkbox' name='video' checked='checked' />{$langVideo}</td>\n <td><input type='checkbox' name='links' checked='checked' />{$langLinks}</td>\n </tr>\n <tr>\n <th> </th>\n <td colspan='2' class='right'><input class='btn btn-primary' type='submit' name='submit' value='{$langDoSearch}' /></td>\n </tr>\n </table>\n </fieldset>\n </form>"; } else { // ResourceIndexers require course_id inside the input data array (POST, but we do not want to pass it through the form) $_POST['course_id'] = $course_id; // Search Terms might come from GET, but we want to pass it alltogether with POST in ResourceIndexers $_POST['search_terms'] = $search_terms;
$var_arr = array('am_form' => get_config('am_required') and $myrow->status != 1, 'desc_form' => false, 'phone_form' => false, 'email_form' => get_config('email_required'), 'surname_form' => !$is_admin, 'givenname_form' => true, 'username_form' => true, 'email_public' => false, 'phone_public' => false, 'am_public' => false); //add custom profile fields required variables augment_registered_posted_variables_arr($var_arr); $all_ok = register_posted_variables($var_arr, 'all'); $departments = null; if (!get_config('restrict_owndep')) { if (!isset($_POST['department']) and !$is_admin) { $all_ok = false; } else { $departments = $_POST['department']; } } $email_public = valid_access($email_public); $phone_public = valid_access($phone_public); $am_public = valid_access($am_public); // upload user picture if (isset($_FILES['userimage']) && is_uploaded_file($_FILES['userimage']['tmp_name'])) {
} else { $is_valid = true; if (isset($_SESSION['was_validated']['auth_user_info'])) { $auth_user_info = $_SESSION['was_validated']['auth_user_info']; } } // ----------------------------------------- // registration // ----------------------------------------- if ($is_valid) { $ext_info = !isset($auth_user_info); $ext_mail = !(isset($auth_user_info['email']) && $auth_user_info['email']); if (isset($_POST['p']) and $_POST['p'] == 1) { $ok = register_posted_variables(array('submit' => false, 'uname' => true, 'email' => $email_required && $ext_mail, 'surname_form' => $ext_info, 'givenname_form' => $ext_info, 'am' => $am_required, 'department' => true, 'usercomment' => $comment_required, 'userphone' => $phone_required), 'all'); } else { $ok = register_posted_variables(array('submit' => false, 'email' => $email_required && $ext_mail, 'surname_form' => $ext_info, 'givenname_form' => $ext_info, 'am' => $am_required, 'department' => true, 'userphone' => $phone_required), 'all'); } if (!$ok and $submit) { $tool_content .= "<div class='alert alert-danger'>{$langFieldsMissing}</div>"; } $depid = intval($department); if (isset($auth_user_info)) { $givenname_form = $auth_user_info['firstname']; $surname_form = $auth_user_info['lastname']; if (!$email and !empty($auth_user_info['email'])) { $email = $auth_user_info['email']; } } if (!empty($email) and !email_seems_valid($email)) { $ok = NULL; $tool_content .= "<div class='alert alert-danger'>{$langEmailWrong}</div>";
require_once '../../include/baseTheme.php'; require_once 'include/sendMail.inc.php'; require_once 'include/phpass/PasswordHash.php'; require_once 'include/lib/pwgen.inc.php'; require_once 'include/lib/user.class.php'; require_once 'include/lib/hierarchy.class.php'; require_once 'hierarchy_validations.php'; $tree = new Hierarchy(); $user = new User(); load_js('jstree'); $pageName = $langMultiRegUser; $navigation[] = array('url' => 'index.php', 'name' => $langAdmin); $error = ''; $acceptable_fields = array('first', 'last', 'email', 'id', 'phone', 'username', 'password'); if (isset($_POST['submit'])) { register_posted_variables(array('email_public' => true, 'am_public' => true, 'phone_public' => true), 'all', 'intval'); $send_mail = isset($_POST['send_mail']) && $_POST['send_mail']; $unparsed_lines = ''; $new_users_info = array(); $newstatus = $_POST['type'] == 'prof' ? 1 : 5; $departments = isset($_POST['facid']) ? $_POST['facid'] : array(); $am = $_POST['am']; $fields = preg_split('/[ \\t,]+/', $_POST['fields'], -1, PREG_SPLIT_NO_EMPTY); foreach ($fields as $field) { if (!in_array($field, $acceptable_fields)) { $tool_content = "<div class='alert alert-danger'>{$langMultiRegFieldError} <b>" . q($field) . "</b></div>"; draw($tool_content, 3, 'admin'); exit; } } // validation for departments
* Panepistimiopolis Ilissia, 15784, Athens, Greece * e-mail: info@openeclass.org * ======================================================================== */ $require_current_course = FALSE; require_once '../../include/baseTheme.php'; require_once 'indexer.class.php'; require_once 'courseindexer.class.php'; $pageName = $langSearch; // exit if search is disabled if (!get_config('enable_search')) { $tool_content .= "<div class='alert alert-info'>{$langSearchDisabled}</div>"; draw($tool_content, 0); exit; } // exit if no POST data if (!register_posted_variables(array('search_terms' => false, 'search_terms_title' => false, 'search_terms_keywords' => false, 'search_terms_instructor' => false, 'search_terms_coursecode' => false, 'search_terms_description' => false), 'any')) { $tool_content .= CourseIndexer::getDetailedSearchForm(); draw($tool_content, 0); exit; } // search in the index $idx = new Indexer(); $hits1 = $idx->searchRaw(CourseIndexer::buildQuery($_POST)); // courses with visible 1 or 2 // Additional Access Rights $anonymous = false; if (isset($uid) and $uid) { $anonymous = true; $hits2 = $idx->searchRaw(CourseIndexer::buildQuery($_POST, false)); // courses with visible 0 or 3 if ($uid == 0) {
$message = ''; // Once modifications have been done, the user validates and arrives here if (isset($_POST['modify'])) { $v = new Valitron\Validator($_POST); $v->rule('required', array('name')); $v->rule('required', array('maxStudent')); $v->rule('numeric', array('maxStudent')); $v->rule('min', array('maxStudent'), 1); $v->labels(array( 'name' => "$langTheField $langNewGroups", 'maxStudent' => "$langTheField $langMax $langGroupPlacesThis" )); if($v->validate()) { // Update main group settings register_posted_variables(array('name' => true, 'description' => true), 'all'); register_posted_variables(array('maxStudent' => true), 'all'); $student_members = $member_count - count($tutors); if ($maxStudent != 0 and $student_members > $maxStudent) { $maxStudent = $student_members; $message .= "<div class='alert alert-warning'>$langGroupMembersUnchanged</div>"; } $category_id = intval($_POST['selectcategory']); Database::get()->query("UPDATE `group` SET name = ?s, description = ?s, max_members = ?d, category_id = ?d WHERE id = ?d", $name, $description, $maxStudent, $category_id, $group_id); Database::get()->query("UPDATE forum SET name = ?s WHERE id = (SELECT forum_id FROM `group` WHERE id = ?d)
$am_arr_value = false; } $var_arr = array('uname' => true, 'surname_form' => true, 'givenname_form' => true, 'password' => true, 'password1' => true, 'email' => $email_arr_value, 'phone' => false, 'am' => $am_arr_value); //add custom profile fields required variables augment_registered_posted_variables_arr($var_arr); $missing = register_posted_variables($var_arr); if (!isset($_POST['department'])) { $departments = array(); $missing = false; } else { $departments = $_POST['department']; } $registration_errors = array(); // check if there are empty fields if (!$missing) { $registration_errors[] = $langFieldsMissing; } else { $uname = canonicalize_whitespace($uname); // check if the username is already in use
/** * @brief Enter the modified info submitted from the category form into the database * @global type $course_id * @global type $langCategoryAdded * @global type $langCategoryModded * @global type $categoryname * @global type $description */ function submit_category() { global $course_id, $langCategoryAdded, $langCategoryModded, $categoryname, $description; register_posted_variables(array('categoryname' => true, 'description' => true), 'all', 'trim'); $set_sql = "SET name = ?s, description = ?s"; $terms = array($categoryname, purify($description)); if (isset($_POST['id'])) { $id = getDirectReference($_POST['id']); Database::get()->query("UPDATE `link_category` $set_sql WHERE course_id = ?d AND id = ?d", $terms, $course_id, $id); $log_type = LOG_MODIFY; } else { $order = Database::get()->querySingle("SELECT MAX(`order`) as maxorder FROM `link_category` WHERE course_id = ?d", $course_id)->maxorder; $order++; $id = Database::get()->query("INSERT INTO `link_category` $set_sql, course_id = ?d, `order` = ?d", $terms, $course_id, $order)->lastInsertID; $log_type = LOG_INSERT; } $txt_description = ellipsize(canonicalize_whitespace(strip_tags($description)), 50, '+'); Log::record($course_id, MODULE_ID_LINKS, $log_type, array('id' => $id, 'category' => $categoryname, 'description' => $txt_description)); }
'enable_search' => true, 'enable_common_docs' => true, 'enable_social_sharing_links' => true, 'login_fail_check' => true, 'login_fail_threshold' => true, 'login_fail_deny_interval' => true, 'login_fail_forgive_interval' => true, 'actions_expire_interval' => true, 'log_expire_interval' => true, 'log_purge_interval' => true, 'course_metadata' => true, 'opencourses_enable' => true, 'mydocs_student_enable' => true, 'mydocs_teacher_enable' => true); register_posted_variables($config_vars, 'all', 'intval'); if (isset($_POST['mydocs_student_quota'])) { set_config('mydocs_student_quota', floatval($_POST['mydocs_student_quota'])); } if (isset($_POST['mydocs_teacher_quota'])) { set_config('mydocs_teacher_quota', floatval($_POST['mydocs_teacher_quota'])); } if (!in_array($_POST['course_guest'], array('on', 'off', 'link'))) { set_config('course_guest', 'off'); } else { set_config('course_guest', $_POST['course_guest']); } if ($GLOBALS['opencourses_enable'] == 1) {
@unlink($image_path . '_' . IMAGESIZE_SMALL . '.jpg'); Database::get()->query("UPDATE user SET has_icon = 0 WHERE id = ?d", $uid); Log::record(0, 0, LOG_PROFILE, array('uid' => intval($_SESSION['uid']), 'deleteimage' => 1)); exit; } if (isset($_POST['submit'])) { // First process language changes if (!file_exists($webDir . '/courses/userimg/')) { mkdir($webDir . '/courses/userimg/', 0775); touch($webDir . "courses/userimg/index.php"); } $subscribe = (isset($_POST['subscribe']) and $_POST['subscribe'] == 'yes') ? '1' : '0'; $old_language = $language; $langcode = $language = $_SESSION['langswitch'] = $_POST['userLanguage']; Database::get()->query("UPDATE user SET lang = ?s WHERE id = ?d", $langcode, $uid); $all_ok = register_posted_variables(array('am_form' => get_config('am_required') and $myrow->status != 1, 'desc_form' => false, 'phone_form' => false, 'email_form' => get_config('email_required'), 'surname_form' => !$is_admin, 'givenname_form' => true, 'username_form' => true, 'email_public' => false, 'phone_public' => false, 'am_public' => false), 'all'); $departments = null; if (!get_config('restrict_owndep')) { if (!isset($_POST['department']) and !$is_admin) { $all_ok = false; } else { $departments = $_POST['department']; } } $email_public = valid_access($email_public); $phone_public = valid_access($phone_public); $am_public = valid_access($am_public); // upload user picture if (isset($_FILES['userimage']) && is_uploaded_file($_FILES['userimage']['tmp_name'])) { validateUploadedFile($_FILES['userimage']['name'], 1); $type = $_FILES['userimage']['type'];
$navigation[] = array('url' => 'auth.php', 'name' => $langUserAuthentication); $debugCAS = true; if (isset($_REQUEST['auth']) && is_numeric($_REQUEST['auth'])) { $auth = intval($_REQUEST['auth']); // $auth gets the integer value of the auth method if it is set } else { $auth = false; } register_posted_variables(array('imaphost' => true, 'pop3host' => true, 'ldaphost' => true, 'ldap_base' => true, 'ldapbind_dn' => true, 'ldapbind_pw' => true, 'ldap_login_attr' => true, 'ldap_login_attr2' => true, 'ldap_id_attr' => true, 'dbhost' => true, 'dbtype' => true, 'dbname' => true, 'dbuser' => true, 'dbpass' => true, 'dbtable' => true, 'dbfielduser' => true, 'dbfieldpass' => true, 'dbpassencr' => true, 'shibemail' => true, 'shibuname' => true, 'shibcn' => true, 'checkseparator' => true, 'submit' => true, 'auth_instructions' => true, 'auth_title' => true, 'hybridauth_id_key' => true, 'hybridauth_secret' => true, 'hybridauth_instructions' => true, 'test_username' => true), 'all'); $test_password = isset($_POST['test_password']) ? $_POST['test_password'] : ''; if ($auth == 7) { if ($submit) { $_SESSION['cas_do'] = true; // $_POST is lost after we come back from CAS foreach (array('cas_host', 'cas_port', 'cas_context', 'cas_cachain', 'casusermailattr', 'casuserfirstattr', 'casuserlastattr',
function submit_category() { global $course_id, $langCategoryAdded, $langCategoryModded, $categoryname, $description, $langFormErrors, $course_code; register_posted_variables(array('categoryname' => true, 'description' => true), 'all', 'trim'); $set_sql = "SET name = ?s, description = ?s"; $terms = array($categoryname, purify($description)); $v = new Valitron\Validator($_POST); $v->rule('required', array('categoryname')); if($v->validate()) { if (isset($_POST['id'])) { $id = getDirectReference($_POST['id']); Database::get()->query("UPDATE `group_category` $set_sql WHERE course_id = ?d AND id = ?d", $terms, $course_id, $id); $log_type = LOG_MODIFY; } else { $id = Database::get()->query("INSERT INTO `group_category` $set_sql, course_id = ?d", $terms, $course_id)->lastInsertID; $log_type = LOG_INSERT; } $txt_description = ellipsize(canonicalize_whitespace(strip_tags($description)), 50, '+'); Log::record($course_id, MODULE_ID_LINKS, $log_type, array('id' => $id, 'category' => $categoryname, 'description' => $txt_description)); } else { Session::flashPost()->Messages($langFormErrors)->Errors($v->errors()); redirect_to_home_page("modules/group/group_category.php?course=$course_code&addcategory=1"); } }