function __construct($templateName, $to, $subject, $params = null, $from = null, $replyto = null)
{
$this->templateLocation = gcr::emailTemplateDir;
$this->templateName = $templateName;
if ($params) {
$this->params = $params;
} else {
$this->params = array();
}
if (is_array($to)) {
$this->to = implode(",", $to);
} else {
$this->to = $to;
}
$this->subject = $subject;
if ($from) {
$this->from = $from;
} else {
$this->from = gcr::gcEschoolNotification;
}
$this->replyto = $replyto;
$this->bcc = "*****@*****.**";
// include handy html segments which get used by numerous emails we send.
$this->params['header_image'] = '<p><a href="http://' . gcr::frontPageDomain . '"><img style="border:none" src="' . GcrInstitutionTable::getHome()->getUrl() . '/images/gc3_logo.jpg" alt="" /></a></p>';
$this->params['powered_by_GC'] = '<p><a href="http://' . gcr::frontPageDomain . '"><img src="' . GcrInstitutionTable::getHome()->getUrl() . '/images/poweredbyGC.png" alt="" /></a></p>';
$this->params['contact'] = '<p><strong>Global Classroom Support</strong><br /><a href="mailto:support@globalclassroom.us" target="_blank">support@globalclassroom.us</a><br />(866) 535-3772</p>';
}
protected function initialize()
{
$this->apps = array();
$job_data = $this->process->getJobData();
$short_names = explode(';', $job_data);
foreach ($short_names as $short_name) {
$app = GcrInstitutionTable::getApp($short_name);
if ($app) {
$this->apps[] = $app;
}
}
}
public static function userHasRole($user)
{
$user_obj = $user->getObject();
$mhr_user = $user->getUserOnInstitution();
if ($mhr_user && $user_obj) {
if ($mhr_user->getApp()->isHome() || $mhr_user->getObject()->admin == 1) {
$home_user = GcrInstitutionTable::getHome()->selectFromMhrTable('usr', 'username', $mhr_user->getObject()->username, true);
if ($home_user) {
return $home_user->staff == 1 || $home_user->admin == 1;
}
}
}
return false;
}
public static function userHasRole($user)
{
$user_obj = $user->getObject();
$app = $user->getApp();
$flag = false;
$mhr_user = $user->getUserOnInstitution();
if ($mhr_user && $user_obj) {
if ($app->isHome() || $mhr_user->getObject()->staff == 1) {
$home = GcrInstitutionTable::getHome();
$home_user_obj = $home->selectFromMhrTable('usr', 'username', $user_obj->username, true);
if ($home_user_obj) {
$home_user = new GcrMhrUser($home_user_obj, $home);
$mhr_usr_institution = $home_user->getMhrUsrInstitutionRecords($home->getMhrInstitution());
if ($mhr_usr_institution) {
$flag = $mhr_usr_institution->staff == 1;
}
}
}
}
return $flag;
}
global $USER;
$app = gcr::getApp();
if ($app->isMoodle()) {
$institution = $app->getInstitution();
$current_user = $app->getCurrentUser()->getUserOnInstitution($institution);
} else {
$current_user = $app->getCurrentUser();
}
$role_manager = $current_user->getRoleManager();
$fullname = ucfirst($current_user->getFullnameString());
$groups = $current_user->getUserGroups();
?>
<div id="sb-profile" class="sideblock">
<div class="sideblock-header">
<h3 style="height:<?php
print GcrInstitutionTable::getSideblockProfileHeaderHeight($fullname, 15, 20, 20);
?>
px">
<span id="gc-profile-header-fullname">
<a href="<?php
print $app->getAppUrl();
?>
user/view.php?id=<?php
print $current_user->getObject()->id;
?>
">
<?php
print wordwrap($fullname, 15, "<br />\n", true);
?>
</a>
</span>
//
// Information about this file is available on the Mahara wiki:
// http://wiki.mahara.org/System_Administrator's_Guide/Installing_Mahara#Create_Mahara's_config.php
//
$cfg = new StdClass();
if (!defined('GC_SYMFONY_LOADED')) {
require_once '/var/www/globalclassroom4/lib/model/gcr_model/gcr.class.php';
}
if (isset($argv[2])) {
$shortname = $argv[2];
if ((defined('GC_SYMFONY_LOADED') && GC_SYMFONY_LOADED) == false) {
gcr::loadSymfony();
define('GC_SYMFONY_LOADED', true);
}
$institution = Doctrine::getTable('GcrInstitution')->findOneByShortName($shortname);
GcrInstitutionTable::constructCurrentInstitution($institution);
$cfg->dbtype = 'postgres8';
$cfg->dbhost = gcr::DBHostName;
$cfg->dbport = gcr::DBPort;
$cfg->dbname = gcr::DBName;
$cfg->dataroot = gcr::moodledataDir . $shortname;
$cfg->dbuser = '******' . $shortname . 'admin';
$cfg->dbpass = $CFG->current_app->getAdminPassword();
$cfg->dbprefix = gcr::maharaPrefix;
$cfg->wwwroot = $CFG->current_app->getAppUrl();
define('GC_CRON_RUNNING', true);
} else {
if (gcr::initialize()) {
global $CFG;
if (!$CFG->current_app->isMahara()) {
// the url is bad because it points to the Mahara folder on a moodle short_name
/**
* The CSV file is parsed here so validation errors can be returned to the
* user. The data from a successful parsing is stored in the <var>$CVSDATA</var>
* array so it can be accessed by the submit function
*
* @param Pieform $form The form to validate
* @param array $values The values submitted
*/
function uploadcsv_validate(Pieform $form, $values)
{
global $CSVDATA, $ALLOWEDKEYS, $FORMAT, $USER, $INSTITUTIONNAME, $UPDATES;
// Don't even start attempting to parse if there are previous errors
if ($form->has_errors()) {
return;
}
if ($values['file']['size'] == 0) {
$form->set_error('file', $form->i18n('rule', 'required', 'required', array()));
return;
}
if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) {
$maxquotaenabled = get_config_plugin('artefact', 'file', 'maxquotaenabled');
$maxquota = get_config_plugin('artefact', 'file', 'maxquota');
if ($maxquotaenabled && $values['quota'] > $maxquota) {
$form->set_error('quota', get_string('maxquotaexceededform', 'artefact.file', display_size($maxquota)));
}
}
require_once 'csvfile.php';
$authinstance = (int) $values['authinstance'];
$institution = get_field('auth_instance', 'institution', 'id', $authinstance);
if (!$USER->can_edit_institution($institution)) {
$form->set_error('authinstance', get_string('notadminforinstitution', 'admin'));
return;
}
//OVERWRITE 2: add
$authname = get_field('auth_instance', 'authname', 'id', $authinstance);
if ($authname != 'internal') {
$form->set_error('authinstance', get_string('notadminforinstitution', 'admin'));
return;
}
//END OVERWRITE 2
$authobj = AuthFactory::create($authinstance);
$csvusers = new CsvFile($values['file']['tmp_name']);
$csvusers->set('allowedkeys', $ALLOWEDKEYS);
// Now we know all of the field names are valid, we need to make
// sure that the required fields are included
$mandatoryfields = array('username', 'email', 'firstname', 'lastname');
if (!$values['updateusers']) {
$mandatoryfields[] = 'password';
}
$csvusers->set('mandatoryfields', $mandatoryfields);
$csvdata = $csvusers->get_data();
if (!empty($csvdata->errors['file'])) {
$form->set_error('file', $csvdata->errors['file']);
return;
}
$csverrors = new CSVErrors();
$formatkeylookup = array_flip($csvdata->format);
// First pass validates usernames & passwords in the file, and builds
// up a list indexed by username.
$emails = array();
if (isset($formatkeylookup['remoteuser'])) {
$remoteusers = array();
}
$maxcsvlines = get_config('maxusercsvlines');
if ($maxcsvlines && $maxcsvlines < count($csvdata->data)) {
$form->set_error('file', get_string('uploadcsverrortoomanyusers', 'admin', get_string('nusers', 'mahara', $maxcsvlines)));
return;
}
foreach ($csvdata->data as $key => $line) {
// If headers exists, increment i = key + 2 for actual line number
$i = $csvusers->get('headerExists') ? $key + 2 : $key + 1;
// Trim non-breaking spaces -- they get left in place by File_CSV
foreach ($line as &$field) {
$field = preg_replace('/^(\\s|\\xc2\\xa0)*(.*?)(\\s|\\xc2\\xa0)*$/', '$2', $field);
}
if (count($line) != count($csvdata->format)) {
$csverrors->add($i, get_string('uploadcsverrorwrongnumberoffields', 'admin', $i));
continue;
}
// We have a line with the correct number of fields, but should validate these fields
// Note: This validation should really be methods on each profile class, that way
// it can be used in the profile screen as well.
$username = $line[$formatkeylookup['username']];
$password = isset($formatkeylookup['password']) ? $line[$formatkeylookup['password']] : null;
$email = $line[$formatkeylookup['email']];
if (isset($remoteusers)) {
$remoteuser = strlen($line[$formatkeylookup['remoteuser']]) ? $line[$formatkeylookup['remoteuser']] : null;
}
if (method_exists($authobj, 'is_username_valid_admin')) {
if (!$authobj->is_username_valid_admin($username)) {
$csverrors->add($i, get_string('uploadcsverrorinvalidusername', 'admin', $i));
}
} else {
if (method_exists($authobj, 'is_username_valid')) {
if (!$authobj->is_username_valid($username)) {
$csverrors->add($i, get_string('uploadcsverrorinvalidusername', 'admin', $i));
}
}
}
if (!$values['updateusers']) {
// Note: only checks for valid form are done here, none of the checks
// like whether the password is too easy. The user is going to have to
// change their password on first login anyway.
if (method_exists($authobj, 'is_password_valid') && !$authobj->is_password_valid($password)) {
$csverrors->add($i, get_string('uploadcsverrorinvalidpassword', 'admin', $i));
}
}
// OVERWRITE 3: replacement, changed from:
//if (isset($emails[$email])) {
// // Duplicate email within this file.
// $csverrors->add($i, get_string('uploadcsverroremailaddresstaken', 'admin', $i, $email));
//}
//else if (!PHPMailer::ValidateAddress($email)) {
// $csverrors->add($i, get_string('uploadcsverrorinvalidemail', 'admin', $i, $email));
//}
//else if (!$values['updateusers']) {
// // The email address must be new
// if (record_exists('usr', 'email', $email) || record_exists('artefact_internal_profile_email', 'email', $email, 'verified', 1)) {
// $csverrors->add($i, get_string('uploadcsverroremailaddresstaken', 'admin', $i, $email));
// }
//}
//$emails[$email] = 1;
// TO:
if (isset($emails[strtolower($email)])) {
// Duplicate email within this file.
$csverrors->add($i, get_string('uploadcsverroremailaddresstaken', 'admin', $i, $email));
} else {
if (!PHPMailer::ValidateAddress($email)) {
$csverrors->add($i, get_string('uploadcsverrorinvalidemail', 'admin', $i, $email));
} else {
if (!$values['updateusers']) {
// The email address must be new
if (GcrInstitutionTable::isEmailAddressUsed($email)) {
$csverrors->add($i, get_string('uploadcsverroremailaddresstaken', 'admin', $i, $email));
}
}
}
}
$emails[strtolower($email)] = 1;
// END OVERWRITE 3
if (isset($remoteusers) && $remoteuser) {
if (isset($remoteusers[$remoteuser])) {
$csverrors->add($i, get_string('uploadcsverrorduplicateremoteuser', 'admin', $i, $remoteuser));
} else {
if (!$values['updateusers']) {
if ($remoteuserowner = get_record_sql('
SELECT u.username
FROM {auth_remote_user} aru JOIN {usr} u ON aru.localusr = u.id
WHERE aru.remoteusername = ? AND aru.authinstance = ?', array($remoteuser, $authinstance))) {
$csverrors->add($i, get_string('uploadcsverrorremoteusertaken', 'admin', $i, $remoteuser, $remoteuserowner->username));
}
}
}
$remoteusers[$remoteuser] = true;
}
// If we didn't even get a username, we can't check for duplicates, so move on.
if (strlen($username) < 1) {
continue;
}
if (isset($usernames[strtolower($username)])) {
// Duplicate username within this file.
$csverrors->add($i, get_string('uploadcsverroruseralreadyexists', 'admin', $i, $username));
} else {
if (!$values['updateusers'] && record_exists_select('usr', 'LOWER(username) = ?', strtolower($username))) {
$csverrors->add($i, get_string('uploadcsverroruseralreadyexists', 'admin', $i, $username));
}
$usernames[strtolower($username)] = array('username' => $username, 'password' => $password, 'email' => $email, 'lineno' => $i, 'raw' => $line);
if (!empty($remoteuser) && !empty($remoteusers[$remoteuser])) {
$usernames[strtolower($username)]['remoteuser'] = $remoteuser;
}
}
}
// If the admin is trying to overwrite existing users, identified by username,
// this second pass performs some additional checks
if ($values['updateusers']) {
foreach ($usernames as $lowerusername => $data) {
$line = $data['lineno'];
$username = $data['username'];
$password = $data['password'];
$email = $data['email'];
// If the user already exists, they must already be in this institution.
$userinstitutions = get_records_sql_assoc("\n SELECT COALESCE(ui.institution, 'mahara') AS institution, u.id\n FROM {usr} u LEFT JOIN {usr_institution} ui ON u.id = ui.usr\n WHERE LOWER(u.username) = ?", array($lowerusername));
if ($userinstitutions) {
if (!isset($userinstitutions[$institution])) {
if ($institution == 'mahara') {
$institutiondisplay = array();
foreach ($userinstitutions as $i) {
$institutiondisplay[] = $INSTITUTIONNAME[$i->institution];
}
$institutiondisplay = join(', ', $institutiondisplay);
$message = get_string('uploadcsverroruserinaninstitution', 'admin', $line, $username, $institutiondisplay);
} else {
$message = get_string('uploadcsverrorusernotininstitution', 'admin', $line, $username, $INSTITUTIONNAME[$institution]);
}
$csverrors->add($line, $message);
} else {
// Remember that this user is being updated
$UPDATES[$username] = 1;
}
} else {
// New user, check the password
if (method_exists($authobj, 'is_password_valid') && !$authobj->is_password_valid($password)) {
$csverrors->add($line, get_string('uploadcsverrorinvalidpassword', 'admin', $line));
}
}
// Check if the email already exists and if it's owned by this user. This query can return more
// than one row when there are duplicate emails already on the site. If that happens, things are
// already a bit out of hand, and we'll just allow an update if this user is one of the users who
// owns the email.
$emailowned = get_records_sql_assoc('
SELECT LOWER(u.username) AS lowerusername, ae.principal FROM {usr} u
LEFT JOIN {artefact_internal_profile_email} ae ON u.id = ae.owner AND ae.verified = 1 AND ae.email = ?
WHERE ae.owner IS NOT NULL OR u.email = ?', array($email, $email));
// If the email is owned by someone else, it could still be okay provided
// that other user's email is also being changed in this csv file.
if ($emailowned && !isset($emailowned[$lowerusername])) {
foreach ($emailowned as $e) {
// Only primary emails can be set in uploadcsv, so it's an error when someone else
// owns the email as a secondary.
if (!$e->principal) {
$csverrors->add($line, get_string('uploadcsverroremailaddresstaken', 'admin', $line, $email));
break;
}
// It's also an error if the email owner is not being updated in this file
if (!isset($usernames[$e->lowerusername])) {
$csverrors->add($line, get_string('uploadcsverroremailaddresstaken', 'admin', $line, $email));
break;
}
// If the other user is being updated in this file, but isn't changing their
// email address, it's ok, we've already notified duplicate emails within the file.
}
}
if (isset($remoteusers) && !empty($data['remoteuser'])) {
$remoteuser = $data['remoteuser'];
$remoteuserowner = get_field_sql('
SELECT LOWER(u.username)
FROM {usr} u JOIN {auth_remote_user} aru ON u.id = aru.localusr
WHERE aru.remoteusername = ? AND aru.authinstance = ?', array($remoteuser, $authinstance));
if ($remoteuserowner && $remoteuserowner != $lowerusername && !isset($usernames[$remoteuserowner])) {
// The remote username is owned by some other user who is not being updated in this file
$csverrors->add($line, get_string('uploadcsverrorremoteusertaken', 'admin', $line, $remoteuser, $remoteuserowner));
}
}
}
}
if ($errors = $csverrors->process()) {
$form->set_error('file', clean_html($errors), false);
return;
}
$FORMAT = $csvdata->format;
$CSVDATA = $csvdata->data;
}
<td>
<?php
echo $newInstitutionForm['phone2_2']->render();
?>
</td>
</tr>
<tr><td colspan="3"> </td></tr>
<tr>
<td> </td>
<td> </td>
<td>
<a href="" id="lightboxlinkeschool" rel="lightbox2" class="lbOn">
<input type="button" class="button" value="Create your Platform" />
</a>
</td>
</tr>
</table>
<div id="lightbox2" name="lightbox2" class="leightbox">
<h1>Creating Your Trial</h1>
<p>We are attempting to create your trial Stratus Platform using the information you supplied. This process may take a few minutes to complete. You will be redirected when your Platform is ready. Thank you for creating your Platform with Global Classroom.</p>
<div id="loader">
<img src="<?php
print GcrInstitutionTable::getHome()->getUrl();
?>
/lib/leightbox/loader.gif" />
</div>
</div>
</form>
protected function validateEschoolShortName($shortName)
{
global $CFG;
$shortNameValid = true;
if (!GcrEschoolTable::isShortNameValid($shortName)) {
$this->formErrors['short_nameSize'] = 'eClassroom URL must be 2-32 alphanumeric characters (1st character must be a letter).';
$shortNameValid = false;
}
if (GcrEschoolTable::isShortNameUsed($shortName)) {
$app = GcrInstitutionTable::getApp($shortName);
if (!$CFG->current_app->hasPrivilege('GCUser') || $app->isMahara()) {
$this->formErrors['short_nameUsed'] = 'eClassroom URL is already in use.';
$shortNameValid = false;
}
}
if (GcrEschoolTable::isShortNameReserved($shortName)) {
$this->formErrors['short_nameReserved'] = 'eClassroom URL is a reserved word.';
$shortNameValid = false;
}
return $shortNameValid;
}
public static function refreshUrl($mdl_mediaelementjs)
{
$url = $mdl_mediaelementjs->externalurl;
if (strpos($url, 'institution/getUserStorageFile?')) {
$file_param = self::FILE_GET_PARAMETER . '=';
$str_start = strpos($url, $file_param);
if ($str_start) {
$short_name = GcrEschoolTable::parseShortNameFromUrl($url);
$app = GcrInstitutionTable::getApp($short_name);
$institution = $app->getInstitution();
$short_name = $institution->getShortName();
$str_start += strlen($file_param);
$str_end = strpos($url, '&', $str_start);
$filename = substr($url, $str_start, $str_end - $str_start);
$filename = urldecode($filename);
$str_start = strpos($url, '&app=');
if ($str_start) {
$str_start += strlen('&app=');
$str_end = strpos($url, '&', $str_start);
$short_name_user_app = substr($url, $str_start, $str_end - $str_start);
$user_app = GcrInstitutionTable::getApp($short_name_user_app);
if ($user_app) {
$short_name = $short_name_user_app;
}
}
$params = array(self::FILE_GET_PARAMETER => $filename, 'course_id' => $mdl_mediaelementjs->course, 'app' => $short_name);
$mdl_mediaelementjs->externalurl = GcrStorageAccessS3::generateStaticUrl($filename, $params, $app);
}
}
return $mdl_mediaelementjs;
}
public function getApp()
{
return GcrInstitutionTable::getApp($this->app_id);
}
protected function verifyPurchaseTypeEschoolId($short_name)
{
global $CFG;
if ($app = GcrInstitutionTable::getApp($short_name)) {
$institution = $app->getInstitution();
$current_institution = $CFG->current_app->getInstitution();
if ($institution->getShortName() == $current_institution->getShortName()) {
return true;
}
}
$CFG->current_app->gcError('Purchase type ' . $form['purchase_type'] . ': ID ' . $form['purchase_type_id'] . ': Purchase Type Eschool Not Found.', 'purchasetypeeschoolnotfound');
}
public function refreshSessionTimeout($ts = false)
{
if (!$ts) {
$ts = time();
}
$db_time = GcrInstitutionTable::getDbFormatTimestamp($ts);
$this->app->updateMhrTable('usr', array('lastaccess' => $db_time), array('id' => $this->obj->id));
}
public function getInstitution()
{
return GcrInstitutionTable::getInstitution($this->user_institution_id);
}
public function setupAdminAutoLogin()
{
$token = GcrInstitutionTable::generateAutoLoginRecord($this->short_name, 'gc4' . $this->short_name . 'admin', $this->admin_password);
return $this->getAppUrl() . '/login/index.php?token=' . $token;
}
public function executeGetUserData(sfWebRequest $request)
{
$this->authorizeUser();
$params = $request->getGetParameters();
$sOrder = intval($params['iSortCol_0']);
if ($params['bSortable_' . $sOrder] != "true") {
$sOrder = 0;
}
$search_string = false;
if (isset($params['sSearch']) && strlen($params['sSearch']) > 2) {
$search_string = $params['sSearch'];
$s = '%' . strtolower($search_string) . '%';
$sql_params = array($s, $s, $s, $s);
}
$aaData = array();
$mhr_users = array();
$totalDisplayRecords = 0;
if ($search_string) {
foreach (GcrInstitutionTable::getInstitutions() as $institution) {
$institution_name = '<a href="' . $institution->getAppUrl() . '" target="_blank">' . $institution->getFullName() . '</a>';
$sql = 'select * from ' . $institution->getShortName() . '.mhr_usr ' . 'where deleted < 1 and id > 1 and (lower(firstname) like ? or lower(lastname) like ? or lower(email) like ? or lower(username) like ?)';
$mhr_users = $institution->gcQuery($sql, $sql_params);
if ($mhr_users && count($mhr_users) > 0) {
foreach ($mhr_users as $mhr_user) {
$fullname = trim($mhr_user->lastname) . ', ' . trim($mhr_user->firstname);
$fullname_url = '<a href="' . $institution->getAppUrl() . 'user/view?id=' . $mhr_user->id . '" target="_blank">' . trim($mhr_user->lastname) . ', ' . trim($mhr_user->firstname) . '</a>';
$username = trim($mhr_user->username);
$username_url = '<a href="/account/view?eschool=' . $institution->getShortName() . '&user='******'" target="_blank">' . $username . '</a>';
$email = trim($mhr_user->email);
$user_data = array($fullname_url, $username_url, $email, $institution_name, $mhr_user->lastaccess);
switch ($sOrder) {
case 1:
$key = $username;
break;
case 2:
$key = $email;
break;
case 3:
$key = $institution_name;
break;
case 4:
$key = $mhr_user->lastaccess;
break;
default:
$key = $fullname;
}
$aaData[strtolower($key)] = $user_data;
}
}
}
$totalDisplayRecords = count($aaData);
ksort($aaData);
$aaData = array_values($aaData);
if ($params['sSortDir_0'] == 'desc') {
$aaData = array_reverse($aaData);
}
if (isset($params['iDisplayStart']) && $params['iDisplayLength'] != '-1') {
$aaData = array_slice($aaData, $params['iDisplayStart'], $params['iDisplayLength']);
}
}
$this->getResponse()->setHttpHeader('Content-type', 'application/json');
$output = array("sEcho" => intval($params['sEcho']), "iTotalRecords" => count($aaData), "iTotalDisplayRecords" => $totalDisplayRecords, "aaData" => $aaData);
return $this->renderText(json_encode($output));
}
protected function authorizeAccountAccess()
{
global $CFG;
$CFG->current_app->requireLogin();
$this->current_user = $CFG->current_app->getCurrentUser();
$this->gc_admin = false;
if (!isset($this->owner)) {
$this->owner = $CFG->current_app->hasPrivilege('Owner');
}
// Check for homeadmin access to accounting where the schema can be set as
// a parameter
if ($CFG->current_app->isHome() && $CFG->current_app->isMoodle()) {
if (!$CFG->current_app->hasPrivilege('GCUser')) {
$CFG->current_app->gcError('Non-privileged attempted access to startadmin accounting page', 'gcpageaccessdenied');
}
$this->gc_admin = true;
$short_name = $this->request->getParameter('eschool');
if ($short_name) {
$this->app = GcrInstitutionTable::getInstitution($short_name, true);
}
} else {
$CFG->current_app->requireMahara();
}
// Only allow access to current_app for normal access to accounting (not startadmin)
if (!isset($this->app) || !$this->app) {
$this->app = $CFG->current_app->getInstitution();
}
// Check for owner privilege level. If so, we allow a user parameter to see
// other users' accounts on the platform
if ($this->owner) {
$user_id = $this->request->getParameter('user');
if ($user_id) {
$this->user = $this->app->getUserById($user_id);
} else {
// We set the owner as $this->user for gcUsers who
// are administering the platform.
$this->user = $this->app->getOwnerUser();
}
}
// Default to showing current user's account.
if (!$this->user) {
$this->user = $this->current_user;
}
}
public static function getInstructorProfileHtml(GcrMdlUser $mdl_user)
{
global $CFG;
$html = '<span class="gc_user_profile">';
$img = '<img class="gc_user_profile_img" src="' . $mdl_user->getProfileIcon() . '" />';
$mhr_user = $mdl_user->getUserOnInstitution();
if ($mhr_user && $mhr_user->getApp()->getShortName() == $CFG->current_app->getShortName()) {
$html .= '<a class="gc_user_profile_link" href="' . $mhr_user->getHyperlinkToProfile() . '">' . $img . ' <span class="gc_user_profile_fullname">' . GcrInstitutionTable::formatStringSize($mhr_user->getFullnameString(), 22) . '</span></a>';
} else {
$html .= $img . ' ' . $mdl_user->getFullnameString();
}
$html .= '</span>';
return $html;
}
public function assignSeller()
{
$app = $this->getPurchaseTypeApp();
$this->seller_id = 0;
$this->seller_institution_id = $app->getInstitution()->getShortName();
if ($this->isCourse()) {
if ($course = $app->getCourse($this->purchase_type_id)) {
if ($mhr_user = $course->getSeller()) {
$this->seller_id = $mhr_user->getObject()->id;
$this->seller_institution_id = $mhr_user->getApp()->getShortName();
$this->save();
}
}
} else {
if ($this->isEschool()) {
$this->seller_institution_id = GcrInstitutionTable::getHome()->getShortName();
}
}
$this->save();
}
<?php
require_once dirname(__FILE__) . '/../config/ProjectConfiguration.class.php';
$configuration = ProjectConfiguration::getApplicationConfiguration('frontend', 'prod', false);
sfContext::createInstance($configuration);
$databaseManager = new sfDatabaseManager($configuration);
$databaseManager->loadConfiguration();
if (!($conn = Doctrine_Manager::getInstance()->getCurrentConnection())) {
echo "Could not connect to Database.";
die;
}
GcrTrialTable::executeTrialCron();
GcrInstitutionTable::executeAccountingCron();
public function executeExecuteSqlStatement(sfWebRequest $request)
{
global $CFG;
$this->checkAuthorization();
$this->forward404Unless($request->isMethod(sfRequest::POST));
$form = $request->getPostParameters();
if ($form['schema'] == '1' || $form['schema'] == '2') {
if ($form['schema'] == '1') {
$schemaList = Doctrine::getTable('GcrEschool')->findAll();
} else {
$schemaList = Doctrine::getTable('GcrInstitution')->findAll();
}
} else {
if ($app = GcrInstitutionTable::getApp($form['schema'])) {
$schemaList = array($app);
}
}
$admin_operation = new GcrAdminOperation($schemaList);
$admin_operation->executeSqlStatement($form['sqlStatementStart'], $form['sqlStatementEnd']);
$_SESSION['adminEschoolActionMessage'] = $admin_operation->getMessage();
$this->redirect($CFG->current_app->getUrl() . '/admin/eschool');
}
function adduser_validate(Pieform $form, $values)
{
global $USER, $TRANSPORTER;
$authobj = AuthFactory::create($values['authinstance']);
$institution = $authobj->institution;
// Institutional admins can only set their own institutions' authinstances
if (!$USER->get('admin') && !$USER->is_institutional_admin($authobj->institution)) {
$form->set_error('authinstance', get_string('notadminforinstitution', 'admin'));
return;
}
// OVERWRITE 3: insert
if ($authobj->authname != 'internal') {
$form->set_error('authinstance', 'Must be internal');
return;
}
// END OVERWRITE 3
$institution = new Institution($authobj->institution);
// Don't exceed max user accounts for the institution
if ($institution->isFull()) {
$institution->send_admin_institution_is_full_message();
$form->set_error('authinstance', get_string('institutionmaxusersexceeded', 'admin'));
return;
}
$username = $values['username'];
$firstname = sanitize_firstname($values['firstname']);
$lastname = sanitize_lastname($values['lastname']);
$email = sanitize_email($values['email']);
$password = $values['password'];
if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) {
$maxquotaenabled = get_config_plugin('artefact', 'file', 'maxquotaenabled');
$maxquota = get_config_plugin('artefact', 'file', 'maxquota');
if ($maxquotaenabled && $values['quota'] > $maxquota) {
$form->set_error('quota', get_string('maxquotaexceededform', 'artefact.file', display_size($maxquota)));
}
}
if (method_exists($authobj, 'is_username_valid_admin')) {
if (!$authobj->is_username_valid_admin($username)) {
$form->set_error('username', get_string('usernameinvalidadminform', 'auth.internal'));
}
} else {
if (method_exists($authobj, 'is_username_valid')) {
if (!$authobj->is_username_valid($username)) {
$form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
}
}
}
if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($username))) {
$form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
}
if (method_exists($authobj, 'is_password_valid') && !$authobj->is_password_valid($password)) {
$form->set_error('password', get_string('passwordinvalidform', 'auth.' . $authobj->type));
}
if (isset($_POST['createmethod']) && $_POST['createmethod'] == 'leap2a') {
$form->set_error('firstname', null);
$form->set_error('lastname', null);
$form->set_error('email', null);
if (!$values['leap2afile'] && ($_FILES['leap2afile']['error'] == UPLOAD_ERR_INI_SIZE || $_FILES['leap2afile']['error'] == UPLOAD_ERR_FORM_SIZE)) {
$form->reply(PIEFORM_ERR, array('message' => get_string('uploadedfiletoobig'), 'goto' => '/admin/users/add.php'));
$form->set_error('leap2afile', get_string('uploadedfiletoobig'));
return;
} else {
if (!$values['leap2afile']) {
$form->set_error('leap2afile', $form->i18n('rule', 'required', 'required'));
return;
}
}
if ($values['leap2afile']['type'] == 'application/octet-stream') {
require_once 'file.php';
$mimetype = file_mime_type($values['leap2afile']['tmp_name']);
} else {
$mimetype = trim($values['leap2afile']['type'], '"');
}
$date = time();
$niceuser = preg_replace('/[^a-zA-Z0-9_-]/', '-', $values['username']);
safe_require('import', 'leap');
$fakeimportrecord = (object) array('data' => array('importfile' => $values['leap2afile']['tmp_name'], 'importfilename' => $values['leap2afile']['name'], 'importid' => $niceuser . '-' . $date, 'mimetype' => $mimetype));
$TRANSPORTER = new LocalImporterTransport($fakeimportrecord);
try {
$TRANSPORTER->extract_file();
PluginImportLeap::validate_transported_data($TRANSPORTER);
} catch (Exception $e) {
$form->set_error('leap2afile', $e->getMessage());
}
} else {
if (!$form->get_error('firstname') && empty($firstname)) {
$form->set_error('firstname', $form->i18n('rule', 'required', 'required'));
}
if (!$form->get_error('lastname') && empty($lastname)) {
$form->set_error('lastname', $form->i18n('rule', 'required', 'required'));
}
if (!$form->get_error('email')) {
if (!$form->get_error('email') && empty($email)) {
$form->set_error('email', get_string('invalidemailaddress', 'artefact.internal'));
}
// OVERWRITE 4: replacement, changed from:
//if (record_exists('usr', 'email', $email)
// || record_exists('artefact_internal_profile_email', 'email', $email)) {
// $form->set_error('email', get_string('emailalreadytaken', 'auth.internal'));
//}
// TO:
if (GcrInstitutionTable::isEmailAddressUsed($email)) {
$form->set_error('email', get_string('emailalreadytaken', 'auth.internal'));
}
// END OVERWRITE 4
}
}
}
public static function initialize()
{
$url = explode('.', $_SERVER['HTTP_HOST']);
if ($url[0] . '.' . $url[1] != self::rootDomainName) {
// Repair problem where fast CGI is sending *.globalclassroom.us as
// the $_SERVER['SERVER_NAME']
$_SERVER['SERVER_NAME'] = str_replace('*', $url[0], $_SERVER['SERVER_NAME']);
// redirect all http:// to https://
if (empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off' || $_SERVER['SERVER_PORT'] != 443) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
die;
}
if ((defined('GC_SYMFONY_LOADED') && GC_SYMFONY_LOADED) == false) {
self::loadSymfony();
define('GC_SYMFONY_LOADED', true);
}
global $CFG;
if ($institution = Doctrine::getTable('GcrInstitution')->findOneByShortName($url[0])) {
if (isset($CFG)) {
GcrInstitutionTable::constructCurrentInstitution($institution);
} else {
define('INTERNAL', 1);
define('PUBLIC', 1);
global $USER, $db, $THEME, $SESSION;
require '/var/www/globalclassroom4/web/portal/init.php';
}
} else {
if ($eschool = Doctrine::getTable('GcrEschool')->findOneByShortName($url[0])) {
if (isset($CFG)) {
GcrEschoolTable::constructCurrentEschool($eschool);
} else {
require_once '/var/www/globalclassroom4/web/stratus/config.php';
}
} else {
// redirect to front page if the short_name doesn't exist
header('Location: https://' . self::frontPageDomain . '/notfound');
die;
}
}
return true;
}
return false;
}
<?php
require_once '../config.php';
global $CFG;
$url = $CFG->current_app->getUrl();
if (isset($_GET['eschool']) && isset($_GET['course'])) {
if (isset($_COOKIE['gc_platform'])) {
$institution = GcrInstitutionTable::getInstitution($_COOKIE['gc_platform']);
} else {
$institution = $CFG->current_app;
}
$eschool = GcrEschoolTable::getEschool($_GET['eschool']);
$course = $eschool->getCourse($_GET['course']);
if ($course) {
$url = $eschool->getAppUrl() . '/course/view.php?id=' . $course->getObject()->id . '&transfer=' . $institution->getShortName();
}
}
redirect($url);
<th>Description</th>
<th nowrap style="width: auto;"> </th>
</tr>
</thead>
<tbody>
<?php
foreach ($ctlg_courses_list as $course_list) {
$mdl_course = $course_list->getObject();
$course_list_item = new GcrCourseListItem($course_list);
$eschool = $course_list->getApp();
$id = 'gcr_course_' . $eschool->getShortName() . '_' . $mdl_course->id;
$img_src = $course_list_item->getCourseIconUrl();
$mdl_user = $course_list_item->getInstructor();
$summary = $course_list_item->getSummary();
$enrol_count = $course_list_item->getActiveUserCount();
$shortsummary = GcrInstitutionTable::formatStringSize($summary, 250, 21);
if ($mdl_user) {
$teacher_text = GcrEschoolTable::getInstructorProfileHtml($mdl_user);
} else {
$teacher_text = 'None';
}
$fullname = $mdl_course->fullname;
$cost = $course_list->getCost();
$cost_text = '';
//if ($cost) {
//$cost_text = 'Price: ' . GcrPurchaseTable::gc_format_money($cost);
$cost_text = GcrPurchaseTable::gc_format_money($cost);
//}
$enrollment_status = false;
$current_user = $CFG->current_app->getCurrentUser();
if ($current_user->getRoleManager()->hasPrivilege('Student')) {
<h2>Verification</h2>
<p>
An email has been sent to <?php
print $application->getContactObject()->getEmail();
?>
from <?php
print gcr::gcEschoolNotification;
?>
. Please click the link in this message
to verify the email address for your new Stratus Platform.
</p>
<p>
If you would like to us to resend the verification email, click
<a href="<?php
print GcrInstitutionTable::getHome()->getUrl() . '/institution/sendVerificationEmail?id=' . $application->getId();
?>
">here</a>.
</p>
function edituser_site_validate(Pieform $form, $values)
{
global $USER, $SESSION;
if (!($user = get_record('usr', 'id', $values['id']))) {
return false;
}
if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) {
$maxquotaenabled = get_config_plugin('artefact', 'file', 'maxquotaenabled');
$maxquota = get_config_plugin('artefact', 'file', 'maxquota');
if ($maxquotaenabled && $values['quota'] > $maxquota) {
$form->set_error('quota', get_string('maxquotaexceededform', 'artefact.file', display_size($maxquota)));
$SESSION->add_error_msg(get_string('maxquotaexceeded', 'artefact.file', display_size($maxquota)));
}
}
$userobj = new User();
$userobj = $userobj->find_by_id($user->id);
if (isset($values['username']) && !empty($values['username']) && $values['username'] != $userobj->username) {
if (!isset($values['authinstance'])) {
$authobj = AuthFactory::create($userobj->authinstance);
} else {
$authobj = AuthFactory::create($values['authinstance']);
}
if (method_exists($authobj, 'change_username')) {
if (method_exists($authobj, 'is_username_valid_admin')) {
if (!$authobj->is_username_valid_admin($values['username'])) {
$form->set_error('username', get_string('usernameinvalidadminform', 'auth.internal'));
}
} else {
if (method_exists($authobj, 'is_username_valid')) {
if (!$authobj->is_username_valid($values['username'])) {
$form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
}
}
}
if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($values['username']))) {
$form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
}
} else {
$form->set_error('username', get_string('usernamechangenotallowed', 'admin'));
}
}
// OVERWRITE 3: insert
if (isset($values['email']) && !empty($values['email']) && $values['email'] != $userobj->email) {
$email = sanitize_email($values['email']);
if ($email == '') {
$form->set_error('email', get_string('invalidemailaddress', 'artefact.internal'));
} else {
$values['email'] = $email;
}
if (GcrInstitutionTable::isEmailAddressUsed($email)) {
$form->set_error('email', get_string('emailalreadytaken', 'auth.internal'));
}
}
// END OVERWITE 3
// Check that the external username isn't already in use by someone else
if (isset($values['authinstance']) && isset($values['remoteusername'])) {
// there are 4 cases for changes on the page
// 1) ai and remoteuser have changed
// 2) just ai has changed
// 3) just remoteuser has changed
// 4) the ai changes and the remoteuser is wiped - this is a delete of the old ai-remoteuser
// determine the current remoteuser
$current_remotename = get_field('auth_remote_user', 'remoteusername', 'authinstance', $user->authinstance, 'localusr', $user->id);
if (!$current_remotename) {
$current_remotename = $user->username;
}
// what should the new remoteuser be
$new_remoteuser = get_field('auth_remote_user', 'remoteusername', 'authinstance', $values['authinstance'], 'localusr', $user->id);
if (!$new_remoteuser) {
$new_remoteuser = $user->username;
}
if (strlen(trim($values['remoteusername'])) > 0) {
// value changed on page - use it
if ($values['remoteusername'] != $current_remotename) {
$new_remoteuser = $values['remoteusername'];
}
}
// what really counts is who owns the target remoteuser slot
$target_owner = get_field('auth_remote_user', 'localusr', 'authinstance', $values['authinstance'], 'remoteusername', $new_remoteuser);
// target remoteuser is owned by someone else
if ($target_owner && $target_owner != $user->id) {
$usedbyuser = get_field('usr', 'username', 'id', $target_owner);
$SESSION->add_error_msg(get_string('duplicateremoteusername', 'auth', $usedbyuser));
$form->set_error('remoteusername', get_string('duplicateremoteusernameformerror', 'auth'));
}
}
}
$url = false;
// Check Authentication
if (!$CFG->current_app->isMahara() && !$CFG->current_app->isHome()) {
$CFG->current_app->gcError('Attempt to access go-to-platform from outside start schema', 'gcdatabaseerror');
}
$current_user = $CFG->current_app->getCurrentUser();
$role_manager = $current_user->getRoleManager();
if (!$role_manager->hasPrivilege('GCStaff')) {
$CFG->current_app->gcError('Unprivileged attempt to access go-to-platform', 'gcdatabaseerror');
}
if (isset($_POST['platform_selector'])) {
$id = $_POST['platform_selector'];
} else {
$id = $_GET['id'];
}
$app = GcrInstitutionTable::getApp($id);
if (!$app) {
$CFG->current_app->gcError('Schema with shortname ' . $id . ' does not exist,', 'gcdatabaseerror');
}
if ($app->isMoodle()) {
$institution = $app->getInstitution();
} else {
$institution = $app;
}
$current_user_obj = $current_user->getObject();
$mhr_user_obj = $institution->getMhrUserByUsername($current_user_obj->username);
// if the user's account doesn't exist on the institution (check for email address)
if (!$mhr_user_obj) {
$admin = 0;
if ($role_manager->hasPrivilege('GCUser')) {
// we only give site admin privilege to those on home who are
foreach ($ctlg_courses_list as $course_list) {
$mdl_course = $course_list->getObject();
$course_list_item = new GcrCourseListItem($course_list);
$eschool = $course_list->getApp();
$id = 'gcr_course_' . $eschool->getShortName() . '_' . $mdl_course->id;
$img_src = $course_list_item->getCourseIconUrl();
$mdl_user = $course_list_item->getInstructor();
$summary = $course_list_item->getSummary();
$enrol_count = $course_list_item->getActiveUserCount();
$shortsummary = GcrInstitutionTable::formatStringSize($summary, 250, 21);
if ($mdl_user) {
$teacher_text = GcrEschoolTable::getInstructorProfileHtml($mdl_user);
} else {
$teacher_text = 'None';
}
$fullname = GcrInstitutionTable::formatStringSize($mdl_course->fullname, 60, 30);
$cost = $course_list->getCost();
$cost_text = '';
//if ($cost) {
//$cost_text = 'Price: ' . GcrPurchaseTable::gc_format_money($cost);
$cost_text = GcrPurchaseTable::gc_format_money($cost);
//}
$enrollment_status = false;
$current_user = $CFG->current_app->getCurrentUser();
if ($current_user->getRoleManager()->hasPrivilege('Student')) {
$mdl_roles = $course_list->getRoleAssignments($current_user);
$enrollment_status = $mdl_roles && count($mdl_roles > 0);
}
?>
<tr>
<td width="20%"><?php
<input type="text" name="edit_commission_rate" id="edit_commission_rate" value="" />
</fieldset>
</form>
</div>
<div style="display:none" id="create-dialog-form" title="Create New Commission">
<p class="validateTips">Select the platform where users exist, and the catalog where those users may purchase courses at the specified commission rate, paid to the selected platform.</p>
<form id="createCommissionForm" name="createCommissionForm" action="<?php
print GcrEschoolTable::getHome()->getUrl() . '/homeadmin/createCommission';
?>
" method="POST">
<fieldset>
<label for="institution">Platform: </label>
<select id="institution" name="institution" style="width:95%">
<?php
foreach (GcrInstitutionTable::getInstitutions() as $institution) {
print "<option value={$institution->getShortName()}>{$institution->getFullName()} ({$institution->getShortName()})</option>";
}
?>
</select>
<label for="institution">Catalog: </label>
<select id="eschool" name="eschool" style="width:95%">
<?php
foreach (GcrEschoolTable::getEschools() as $eschool) {
print "<option value={$eschool->getShortName()}>{$eschool->getFullName()} ({$eschool->getShortName()})</option>";
}
?>
</select>
<label for="commission_rate">Commission Rate %: </label>
<input type="text" name="commission_rate" id="commission_rate" value="" />
</fieldset>
