function image_zap($image_id)
{
$filename = db_getOne("SELECT filename FROM image WHERE id=?", $image_id);
db_do("DELETE FROM image WHERE id=?", $image_id);
db_commit();
unlink(image_path($filename));
}
/**
* Show invoicing settings panel
*
* @param void
* @return null
*/
function index()
{
require_once INVOICING_MODULE_PATH . '/models/InvoicePdfGenerator.class.php';
$paper_formats = array(PAPER_FORMAT_A4, PAPER_FORMAT_A3, PAPER_FORMAT_A5, PAPER_FORMAT_LETTER, PAPER_FORMAT_LEGAL);
$paper_orientations = array(PAPER_ORIENTATION_PORTRAIT, PAPER_ORIENTATION_LANDSCAPE);
$pdf_settings_data = $this->request->post('pdf_settings');
if (!is_array($pdf_settings_data)) {
$pdf_settings_data = array('paper_format' => ConfigOptions::getValue('invoicing_pdf_paper_format'), 'paper_orientation' => ConfigOptions::getValue('invoicing_pdf_paper_orientation'), 'header_text_color' => ConfigOptions::getValue('invoicing_pdf_header_text_color'), 'page_text_color' => ConfigOptions::getValue('invoicing_pdf_page_text_color'), 'border_color' => ConfigOptions::getValue('invoicing_pdf_border_color'), 'background_color' => ConfigOptions::getValue('invoicing_pdf_background_color'));
}
// if
if ($this->request->isSubmitted()) {
db_begin_work();
ConfigOptions::setValue('invoicing_pdf_paper_format', array_var($pdf_settings_data, 'paper_format', 'A4'));
ConfigOptions::setValue('invoicing_pdf_paper_orientation', array_var($pdf_settings_data, 'paper_orientation', 'Portrait'));
ConfigOptions::setValue('invoicing_pdf_header_text_color', array_var($pdf_settings_data, 'header_text_color', '000000'));
ConfigOptions::setValue('invoicing_pdf_page_text_color', array_var($pdf_settings_data, 'page_text_color', '000000'));
ConfigOptions::setValue('invoicing_pdf_border_color', array_var($pdf_settings_data, 'border_color', '000000'));
ConfigOptions::setValue('invoicing_pdf_background_color', array_var($pdf_settings_data, 'background_color', 'FFFFFF'));
db_commit();
flash_success('Successfully modified PDF settings');
$this->redirectTo('admin_invoicing_pdf');
}
// if
$this->smarty->assign(array('paper_formats' => $paper_formats, 'paper_orientations' => $paper_orientations, 'pdf_settings_data' => $pdf_settings_data));
}
function __construct($pagepath = null)
{
$this->P = person_if_signed_on();
// "pwb_" prefix means passwordbox
$this->action = get_http_var('pwb_action');
$this->pw1 = get_http_var('pw1', null);
$this->pw2 = get_http_var('pw2', null);
$this->err = null;
$this->info = null;
if (is_null($pagepath)) {
// no specific page - use the _current_ one.
$foo = crack_url($_SERVER['REQUEST_URI']);
$this->pagepath = $foo['path'];
} else {
// use the one supplied.
$this->pagepath = $pagepath;
}
if (is_null($this->P)) {
return;
}
if ($this->action == 'set_password') {
if (is_null($this->pw1) || is_null($this->pw2)) {
$this->err = "Please type your new password twice";
} elseif (strlen($this->pw1) < 5 || strlen($this->pw2) < 5) {
$this->err = "Your password must be at least 5 characters long";
} elseif ($this->pw1 != $this->pw2) {
$this->err = "Please type the same password twice";
} else {
// all looks good. do it.
$this->P->password($this->pw1);
db_commit();
$this->info = 'Password changed';
}
}
}
/**
* Sets the specified account settings to the current user.
* A table with | Setting label | value | is expected.
*
* @Given /^I set the following account settings values:$/
* @param TableNode $table
*/
public function i_set_account_settings(TableNode $table)
{
global $USER;
$prefs = array();
foreach ($table->getHash() as $accountpref) {
$prefs[$accountpref['field']] = $accountpref['value'];
}
// Validate the settings
if (isset($prefs['urlid']) && get_config('cleanurls') && $prefs['urlid'] != $USER->get('urlid')) {
if (strlen($prefs['urlid']) < 3) {
throw new Exception("Invalid urlid: " . get_string('rule.minlength.minlength', 'pieforms', 3));
} else {
if (record_exists('usr', 'urlid', $prefs['urlid'])) {
throw new Exception("Invalid urlid: " . get_string('urlalreadytaken', 'account'));
}
}
}
if (get_config('allowmobileuploads')) {
foreach ($prefs['mobileuploadtoken'] as $k => $text) {
if (strlen($text) > 0 && !preg_match('/^[a-zA-Z0-9 !@#$%^&*()\\-_=+\\[{\\]};:\'",<\\.>\\/?]{6,}$/', $text)) {
throw new Exception("Invalid mobileuploadtoken: " . get_string('badmobileuploadtoken', 'account'));
}
}
}
// Update user's account settings
db_begin();
// use this as looping through values is not safe.
$expectedprefs = expected_account_preferences();
if (isset($prefs['maildisabled']) && $prefs['maildisabled'] == 0 && get_account_preference($USER->get('id'), 'maildisabled') == 1) {
// Reset the sent and bounce counts otherwise mail will be disabled
// on the next send attempt
$u = new StdClass();
$u->email = $USER->get('email');
$u->id = $USER->get('id');
update_bounce_count($u, true);
update_send_count($u, true);
}
// Remember the user's language & theme prefs, so we can reload the page if they change them
$oldlang = $USER->get_account_preference('lang');
$oldtheme = $USER->get_account_preference('theme');
$oldgroupsideblockmaxgroups = $USER->get_account_preference('groupsideblockmaxgroups');
$oldgroupsideblocksortby = $USER->get_account_preference('groupsideblocksortby');
if (get_config('allowmobileuploads') && isset($prefs['mobileuploadtoken'])) {
// Make sure the mobile token is formatted / saved correctly
$prefs['mobileuploadtoken'] = array_filter($prefs['mobileuploadtoken']);
$new_token_pref = '|' . join('|', $prefs['mobileuploadtoken']) . '|';
$USER->set_account_preference('mobileuploadtoken', $new_token_pref);
unset($prefs['mobileuploadtoken']);
}
// Set user account preferences
foreach ($expectedprefs as $eprefkey => $epref) {
if (isset($prefs[$eprefkey]) && $prefs[$eprefkey] !== get_account_preference($USER->get('id'), $eprefkey)) {
$USER->set_account_preference($eprefkey, $prefs[$eprefkey]);
}
}
db_commit();
}
function name($name = null)
{
if (!is_null($name)) {
db_query('update person set name = ? where id = ?', array($name, $this->id));
db_commit();
$this->name = $name;
} elseif (is_null($this->name)) {
err(_("Person has no name in name() function"));
// try calling name_or_blank or has_name
}
return $this->name;
}
function delete_tag_submit(Pieform $form, $values)
{
global $SESSION, $USER, $tag;
if (!($userid = $USER->get('id'))) {
redirect(get_config('wwwroot') . 'edittags.php?tag=' . urlencode($tag));
}
db_begin();
execute_sql("DELETE FROM {view_tag} WHERE tag = ? AND view IN (SELECT id FROM {view} WHERE \"owner\" = ?)", array($tag, $userid));
execute_sql("DELETE FROM {artefact_tag} WHERE tag = ? AND artefact IN (SELECT id FROM {artefact} WHERE \"owner\" = ?)", array($tag, $userid));
db_commit();
$SESSION->add_ok_msg(get_string('tagdeletedsuccessfully'));
redirect(get_config('wwwroot') . 'tags.php');
}
public static function deleteuser($event, $user)
{
db_begin();
// Before deleting the user's notifications, remove parent pointers to the
// messages we're about to delete. The temporary table in this query is
// required by MySQL
execute_sql("\n UPDATE {notification_internal_activity}\n SET parent = NULL\n WHERE parent IN (\n SELECT id FROM (\n SELECT id FROM {notification_internal_activity} WHERE usr = ?\n ) AS temp\n )", array($user['id']));
delete_records('notification_internal_activity', 'usr', $user['id']);
// Delete system messages from this user where the url points to their
// missing profile. They're mostly friend requests, which are now useless.
delete_records_select('notification_internal_activity', '"from" = ? AND type = (SELECT id FROM {activity_type} WHERE name = ?) AND url = ?', array($user['id'], 'maharamessage', get_config('wwwroot') . 'user/view.php?id=' . $user['id']));
db_commit();
}
function edit_comment_submit(Pieform $form, $values)
{
global $viewid, $comment, $SESSION, $goto;
db_begin();
$comment->set('description', $values['message']);
$comment->set('private', 1 - (int) $values['ispublic']);
$comment->commit();
require_once 'activity.php';
$data = (object) array('commentid' => $comment->get('id'), 'viewid' => $viewid);
activity_occurred('feedback', $data, 'artefact', 'comment');
db_commit();
$SESSION->add_ok_msg(get_string('commentupdated', 'artefact.comment'));
redirect($goto);
}
function addmembers_submit(Pieform $form, $values)
{
global $SESSION, $group, $USER;
if (empty($values['users'])) {
redirect(get_config('wwwroot') . 'group/inviteusers.php?id=' . GROUP);
}
db_begin();
foreach ($values['users'] as $userid) {
group_invite_user($group, $userid, $USER->get('id'), 'member', true);
}
db_commit();
$SESSION->add_ok_msg(get_string('invitationssent', 'group', count($values['users'])));
redirect(get_config('wwwroot') . 'group/members.php?id=' . GROUP);
}
function editgroup_submit(Pieform $form, $values)
{
global $USER;
global $SESSION;
db_begin();
$now = db_format_timestamp(time());
list($grouptype, $jointype) = explode('.', $values['grouptype']);
$values['public'] = isset($values['public']) ? $values['public'] : 0;
$values['usersautoadded'] = isset($values['usersautoadded']) ? $values['usersautoadded'] : 0;
update_record('group', (object) array('id' => $values['id'], 'name' => $values['name'], 'description' => $values['description'], 'grouptype' => $grouptype, 'jointype' => $jointype, 'mtime' => $now, 'usersautoadded' => intval($values['usersautoadded']), 'public' => intval($values['public'])), 'id');
$SESSION->add_ok_msg(get_string('groupsaved', 'group'));
db_commit();
redirect('/group/view.php?id=' . $values['id']);
}
function addmembers_submit(Pieform $form, $values)
{
global $SESSION;
if (empty($values['users'])) {
redirect(get_config('wwwroot') . 'group/addmembers.php?id=' . GROUP);
}
db_begin();
foreach ($values['users'] as $userid) {
group_add_user(GROUP, $userid);
}
db_commit();
$SESSION->add_ok_msg(get_string('newmembersadded', 'group', count($values['users'])));
redirect(get_config('wwwroot') . 'group/members.php?id=' . GROUP);
}
function license_submit(Pieform $form, $values)
{
global $SESSION;
$data = new StdClass();
foreach (array('name', 'displayname', 'shortname', 'icon') as $f) {
$data->{$f} = trim($values[$f]);
}
db_begin();
delete_records('artefact_license', 'name', $data->name);
insert_record('artefact_license', $data);
db_commit();
$SESSION->add_ok_msg(get_string('licensesaved', 'admin'));
redirect('/admin/site/licenses.php');
}
/**
* Link form callback - link the accounts.
*
* @param \Pieform $form Pieform instance.
* @param array $values Submitted values.
*/
public function loginlink_submit(\Pieform $form, $values)
{
global $USER, $SESSION;
if ($this->authinstance === null || empty($this->oidcusername)) {
// User is not logged in. They should never reach here, but as a failsafe...
redirect('/');
}
db_begin();
delete_records('auth_remote_user', 'authinstance', $this->authinstance, 'localusr', $USER->id);
insert_record('auth_remote_user', (object) array('authinstance' => $this->authinstance, 'remoteusername' => $this->oidcusername, 'localusr' => $USER->id));
db_commit();
$SESSION->set('auth_oidc_linkdata', null);
@session_write_close();
redirect('/');
}
function adminusers_submit(Pieform $form, $values)
{
global $SESSION;
db_begin();
execute_sql('UPDATE {usr}
SET admin = 0
WHERE admin = 1');
execute_sql('UPDATE {usr}
SET admin = 1
WHERE id IN (' . join(',', array_map('intval', $values['users'])) . ')');
activity_add_admin_defaults($values['users']);
db_commit();
$SESSION->add_ok_msg(get_string('adminusersupdated', 'admin'));
redirect('/admin/users/admins.php');
}
function submitview_submit(Pieform $form, $values)
{
global $SESSION, $USER, $viewid, $groupid, $group;
db_begin();
update_record('view', array('submittedgroup' => $groupid, 'submittedtime' => db_format_timestamp(time())), array('id' => $viewid));
$roles = get_column('grouptype_roles', 'role', 'grouptype', $group->grouptype, 'see_submitted_views', 1);
foreach ($roles as $role) {
$accessrecord = (object) array('view' => $viewid, 'group' => $groupid, 'role' => $role, 'visible' => 0, 'allowcomments' => 1, 'approvecomments' => 0);
ensure_record_exists('view_access', $accessrecord, $accessrecord);
}
ArtefactType::update_locked($USER->get('id'));
activity_occurred('groupmessage', array('subject' => get_string('viewsubmitted', 'view'), 'message' => get_string('viewsubmitted', 'view'), 'submittedview' => $viewid, 'viewowner' => $USER->get('id'), 'group' => $groupid, 'roles' => $roles, 'strings' => (object) array('urltext' => (object) array('key' => 'view'))));
db_commit();
$SESSION->add_ok_msg(get_string('viewsubmitted', 'view'));
redirect('/' . returnto());
}
function staffusers_submit(Pieform $form, $values)
{
global $SESSION;
db_begin();
execute_sql('UPDATE {usr}
SET staff = 0
WHERE staff = 1');
if ($values['users']) {
execute_sql('UPDATE {usr}
SET staff = 1
WHERE id IN (' . join(',', $values['users']) . ')');
}
db_commit();
$SESSION->add_ok_msg(get_string('staffusersupdated', 'admin'));
redirect('/admin/users/staff.php');
}
function import_submit(Pieform $form, $values)
{
global $SESSION;
$date = time();
$nicedate = date('Y/m/d h:i:s', $date);
$uploaddir = get_config('dataroot') . 'import/test-' . $date . '/';
$filename = $uploaddir . $values['file']['name'];
check_dir_exists($uploaddir);
move_uploaded_file($values['file']['tmp_name'], $filename);
if ($values['file']['type'] == 'application/zip') {
// Unzip here
$command = sprintf('%s %s %s %s', escapeshellcmd(get_config('pathtounzip')), escapeshellarg($filename), get_config('unzipdirarg'), escapeshellarg($uploaddir));
$output = array();
exec($command, $output, $returnvar);
if ($returnvar != 0) {
$SESSION->add_error_msg('Unable to unzip the file');
redirect('/import/');
}
$filename = $uploaddir . 'leap2a.xml';
if (!is_file($filename)) {
$SESSION->add_error_msg('No leap2a.xml file detected - please check your export file again');
redirect('/import/');
}
}
// Create dummy user
$user = (object) array('username' => 'import_' . $date, 'password' => 'import1', 'firstname' => 'Imported', 'lastname' => 'User (' . $nicedate . ')', 'email' => '*****@*****.**');
$userid = create_user($user);
// And we're good to go
echo '<pre>';
$filename = substr($filename, strlen(get_config('dataroot')));
require_once dirname(dirname(__FILE__)) . '/import/lib.php';
safe_require('import', 'leap');
db_begin();
$importer = PluginImport::create_importer(null, (object) array('token' => '', 'usr' => $userid, 'queue' => (int) (!PluginImport::import_immediately_allowed()), 'ready' => 0, 'expirytime' => db_format_timestamp(time() + 60 * 60 * 24), 'format' => 'leap', 'data' => array('filename' => $filename), 'loglevel' => PluginImportLeap::LOG_LEVEL_VERBOSE, 'logtargets' => LOG_TARGET_STDOUT, 'profile' => true));
$importer->process();
// Now done, delete the temporary e-mail address if there's a new one
// A bit sucky, presumes only one email in the import
$email = artefact_instance_from_id(get_field('artefact', 'id', 'title', '*****@*****.**', 'artefacttype', 'email', 'owner', $userid));
$email->delete();
execute_sql('UPDATE {artefact_internal_profile_email} SET principal = 1 WHERE "owner" = ?', array($userid));
db_commit();
echo "\n\n";
echo 'Done. You can <a href="' . get_config('wwwroot') . '/admin/users/changeuser.php?id=' . $userid . '">change to this user</a> to inspect the result, ';
echo 'or <a href="' . get_config('wwwroot') . 'import/">try importing again</a>';
echo '</pre>';
exit;
}
/**
* Delete all items for a invoice
*
* @param Invoice $invoice
* @return null
*/
function deleteByInvoice($invoice)
{
db_begin_work();
$execute = db_execute('DELETE FROM ' . TABLE_PREFIX . 'invoice_time_records WHERE invoice_id = ?', $invoice->getId());
if ($execute && !is_error($execute)) {
$delete = InvoiceItems::delete(array('invoice_id = ?', $invoice->getId()));
if ($delete && !is_error($delete)) {
db_commit();
} else {
db_rollback();
}
// if
return $delete;
} else {
db_rollback();
return $execute;
}
// if
}
function staffusers_submit(Pieform $form, $values)
{
global $SESSION, $USER;
$inst = $values['institution'];
if (empty($inst) || !$USER->can_edit_institution($inst)) {
$SESSION->add_error_msg(get_string('notadminforinstitution', 'admin'));
redirect('/admin/users/institutionstaff.php');
}
db_begin();
execute_sql('UPDATE {usr_institution}
SET staff = 0
WHERE staff = 1 AND institution = ' . db_quote($inst));
if ($values['users']) {
execute_sql('UPDATE {usr_institution}
SET staff = 1
WHERE usr IN (' . join(',', array_map('intval', $values['users'])) . ') AND institution = ' . db_quote($inst));
}
db_commit();
$SESSION->add_ok_msg(get_string('staffusersupdated', 'admin'));
redirect('/admin/users/institutionstaff.php?institution=' . $inst);
}
/**
* Set $currency as default
*
* @param Currency $currency
* @return boolean
*/
function setDefault($currency)
{
if ($currency->getIsDefault()) {
return true;
}
// if
db_begin_work();
$currency->setIsDefault(true);
$update = $currency->save();
if ($update && !is_error($update)) {
$update = db_execute('UPDATE ' . TABLE_PREFIX . 'currencies SET is_default = ? WHERE id != ?', false, $currency->getId());
cache_remove_by_pattern(TABLE_PREFIX . 'currencies_id_*');
if ($update && !is_error($update)) {
db_commit();
return true;
}
// if
}
// if
db_rollback();
return $update;
}
function groupadminsform_submit(Pieform $form, $values)
{
global $SESSION, $group, $admins;
$newadmins = array_diff($values['admins'], $admins);
$demoted = array_diff($admins, $values['admins']);
db_begin();
if ($demoted) {
$demoted = join(',', array_map('intval', $demoted));
execute_sql("\n UPDATE {group_member}\n SET role = 'member'\n WHERE role = 'admin' AND \"group\" = ?\n AND member IN ({$demoted})", array($group->id));
}
$dbnow = db_format_timestamp(time());
foreach ($newadmins as $id) {
if (group_user_access($group->id, $id)) {
group_change_role($group->id, $id, 'admin');
} else {
group_add_user($group->id, $id, 'admin');
}
}
db_commit();
$SESSION->add_ok_msg(get_string('groupadminsupdated', 'admin'));
redirect(get_config('wwwroot') . 'admin/groups/groups.php');
}
function groupadminsform_submit(Pieform $form, $values)
{
global $SESSION, $group, $admins;
$newadmins = array_diff($values['admins'], $admins);
$demoted = array_diff($admins, $values['admins']);
db_begin();
if ($demoted) {
$demoted = join(',', array_map('intval', $demoted));
execute_sql("\n UPDATE {group_member}\n SET role = 'member'\n WHERE role = 'admin' AND \"group\" = ?\n AND member IN ({$demoted})", array($group->id));
}
$dbnow = db_format_timestamp(time());
foreach ($newadmins as $id) {
if (record_exists('group_member', 'group', $group->id, 'member', $id)) {
execute_sql("\n UPDATE {group_member}\n SET role = 'admin'\n WHERE \"group\" = ? AND member = ?", array($group->id, $id));
} else {
insert_record('group_member', (object) array('group' => $group->id, 'member' => $id, 'role' => 'admin', 'ctime' => $dbnow, 'mtime' => $dbnow));
}
}
db_commit();
$SESSION->add_ok_msg(get_string('groupadminsupdated', 'admin'));
redirect(get_config('wwwroot') . 'admin/groups/groups.php');
}
function adminusers_submit(Pieform $form, $values)
{
global $SESSION, $USER;
$inst = $values['institution'];
if (empty($inst) || !$USER->can_edit_institution($inst)) {
$SESSION->add_error_msg(get_string('notadminforinstitution', 'admin'));
redirect('/admin/users/institutionadmins.php');
}
db_begin();
execute_sql('UPDATE {usr_institution}
SET admin = 0
WHERE admin = 1 AND institution = ' . db_quote($inst));
if ($values['users']) {
execute_sql('UPDATE {usr_institution}
SET admin = 1
WHERE usr IN (' . join(',', $values['users']) . ') AND institution = ' . db_quote($inst));
}
require_once 'activity.php';
activity_add_admin_defaults($values['users']);
db_commit();
$SESSION->add_ok_msg(get_string('adminusersupdated', 'admin'));
redirect('/admin/users/institutionadmins.php?institution=' . $inst);
}
/**
* Add the users to the system. Make sure that they have to change their
* password on next login also.
*/
function uploadcsv_submit(Pieform $form, $values)
{
global $SESSION, $CSVDATA, $FORMAT;
$formatkeylookup = array_flip($FORMAT);
$authinstance = (int) $values['authinstance'];
$authobj = get_record('auth_instance', 'id', $authinstance);
$institution = new Institution($authobj->institution);
$maxusers = $institution->maxuseraccounts;
if (!empty($maxusers)) {
$members = count_records_sql('
SELECT COUNT(*) FROM {usr} u INNER JOIN {usr_institution} i ON u.id = i.usr
WHERE i.institution = ? AND u.deleted = 0', array($institution->name));
if ($members + count($CSVDATA) > $maxusers) {
$SESSION->add_error_msg(get_string('uploadcsvfailedusersexceedmaxallowed', 'admin'));
redirect('/admin/users/uploadcsv.php');
}
}
log_info('Inserting users from the CSV file');
db_begin();
$addedusers = array();
foreach ($CSVDATA as $record) {
log_debug('adding user ' . $record[$formatkeylookup['username']]);
$user = new StdClass();
$user->authinstance = $authinstance;
$user->username = $record[$formatkeylookup['username']];
$user->firstname = $record[$formatkeylookup['firstname']];
$user->lastname = $record[$formatkeylookup['lastname']];
$user->password = $record[$formatkeylookup['password']];
$user->email = $record[$formatkeylookup['email']];
if (isset($formatkeylookup['studentid'])) {
$user->studentid = $record[$formatkeylookup['studentid']];
}
if (isset($formatkeylookup['preferredname'])) {
$user->preferredname = $record[$formatkeylookup['preferredname']];
}
$user->passwordchange = (int) $values['forcepasswordchange'];
$profilefields = new StdClass();
foreach ($FORMAT as $field) {
if ($field == 'username' || $field == 'password') {
continue;
}
$profilefields->{$field} = $record[$formatkeylookup[$field]];
}
$user->id = create_user($user, $profilefields, $institution, $authobj);
if ($values['emailusers']) {
$addedusers[] = $user;
}
}
db_commit();
// Only send e-mail to users after we're sure they have been inserted
// successfully
$straccountcreatedtext = $values['forcepasswordchange'] ? 'accountcreatedchangepasswordtext' : 'accountcreatedtext';
$straccountcreatedhtml = $values['forcepasswordchange'] ? 'accountcreatedchangepasswordhtml' : 'accountcreatedhtml';
if ($values['emailusers'] && $addedusers) {
foreach ($addedusers as $user) {
$failedusers = array();
try {
email_user($user, null, get_string('accountcreated', 'mahara', get_config('sitename')), get_string($straccountcreatedtext, 'mahara', $user->firstname, get_config('sitename'), $user->username, $user->password, get_config('wwwroot'), get_config('sitename')), get_string($straccountcreatedhtml, 'mahara', $user->firstname, get_config('wwwroot'), get_config('sitename'), $user->username, $user->password, get_config('wwwroot'), get_config('wwwroot'), get_config('sitename')));
} catch (EmailException $e) {
log_info($e->getMessage());
$failedusers[] = $user;
}
}
if ($failedusers) {
$message = get_string('uploadcsvsomeuserscouldnotbeemailed', 'admin') . "\n<ul>\n";
foreach ($failedusers as $user) {
$message .= '<li>' . full_name($user) . ' <' . hsc($user->email) . "></li>\n";
}
$message .= "</ul>\n";
$SESSION->add_info_msg($message, false);
}
}
log_info('Inserted ' . count($CSVDATA) . ' records');
$SESSION->add_ok_msg(get_string('uploadcsvusersaddedsuccessfully', 'admin'));
redirect('/admin/users/uploadcsv.php');
}
function newsDelete($post)
{
db_do("DELETE FROM news WHERE id=?", $post['id']);
db_commit();
?>
<div class="action_summary">Deleted '<?php
echo $post['title'];
?>
'</div>
<?php
}
break;
case PRINTIMPORTITEMSFORM_ACT:
print_import_items_form();
break;
case DOIMPORT_ACT:
db_begin();
if (isset($_POST['import_submit'])) {
save_decisions();
// Do import and print the results
do_import();
} else {
if (isset($_POST['cancel_import_submit'])) {
cancel_import();
}
}
db_commit();
break;
}
function print_upload_form()
{
$form = pieform(array('name' => 'import', 'method' => 'post', 'plugintype ' => 'core', 'pluginname' => 'import', 'elements' => array('leap2afile' => array('type' => 'file', 'title' => get_string('uploadleap2afile', 'admin'), 'rules' => array('required' => true)), 'submit' => array('type' => 'submit', 'value' => get_string('Import', 'import')))));
$smarty = smarty();
$smarty->assign('PAGEHEADING', get_string('importyourportfolio', 'import'));
$smarty->assign('pagedescription', get_string('importportfoliodescription', 'import'));
$smarty->assign('form', $form);
$smarty->display('form.tpl');
}
function import_validate(Pieform $form, $values)
{
global $USER, $TRANSPORTER;
if (!isset($values['leap2afile'])) {
function editgoalsandskills_submit(Pieform $form, array $values)
{
global $SESSION, $artefact, $USER;
require_once 'embeddedimage.php';
$newdescription = EmbeddedImage::prepare_embedded_images($values['description'], $values['artefacttype'], $USER->get('id'));
db_begin();
$artefact->set('title', get_string($values['artefacttype'], 'artefact.resume'));
$artefact->set('description', $newdescription);
$artefact->commit();
// Attachments
$old = $artefact->attachment_id_list();
$new = is_array($values['filebrowser']) ? $values['filebrowser'] : array();
// only allow the attaching of files that exist and are editable by user
foreach ($new as $key => $fileid) {
$file = artefact_instance_from_id($fileid);
if (!$file instanceof ArtefactTypeFile || !$USER->can_publish_artefact($file)) {
unset($new[$key]);
}
}
if (!empty($new) || !empty($old)) {
foreach ($old as $o) {
if (!in_array($o, $new)) {
try {
$artefact->detach($o);
} catch (ArtefactNotFoundException $e) {
}
}
}
foreach ($new as $n) {
if (!in_array($n, $old)) {
try {
$artefact->attach($n);
} catch (ArtefactNotFoundException $e) {
}
}
}
}
db_commit();
$result = array('error' => false, 'message' => get_string('goalandskillsaved', 'artefact.resume'), 'goto' => get_config('wwwroot') . 'artefact/resume/goalsandskills.php');
if ($form->submitted_by_js()) {
// Redirect back to the resume goals and skills page from within the iframe
$SESSION->add_ok_msg($result['message']);
$form->json_reply(PIEFORM_OK, $result, false);
}
$form->reply(PIEFORM_OK, $result);
}
/**
* create - use this function to create a new entry in the database.
*
* @param string The filename of this document. Can be a URL.
* @param string The filetype of this document. If filename is URL, this should be 'URL';
* @param string The contents of this document (should be addslashes()'d before entry).
* @param int The doc_group id of the doc_groups table.
* @param string The title of this document.
* @param int The language id of the supported_languages table.
* @param string The description of this document.
* @return boolean success.
*/
function create($filename, $filetype, $data, $doc_group, $title, $language_id, $description)
{
if (strlen($title) < 5) {
$this->setError(_('Title Must Be At Least 5 Characters'));
return false;
}
if (strlen($description) < 10) {
$this->setError(_('Document Description Must Be At Least 10 Characters'));
return false;
}
/*
$perm =& $this->Group->getPermission( session_get_user() );
if (!$perm || !is_object($perm) || !$perm->isDocEditor()) {
$this->setPermissionDeniedError();
return false;
}
*/
$user_id = session_loggedin() ? user_getid() : 100;
$doc_initstatus = '3';
// If Editor - uploaded Documents are ACTIVE
if (session_loggedin()) {
$perm =& $this->Group->getPermission(session_get_user());
if ($perm && is_object($perm) && $perm->isDocEditor()) {
$doc_initstatus = '1';
}
}
// If $filetype is "text/plain", $body convert UTF-8 encoding.
if (strcasecmp($filetype, "text/plain") === 0 && function_exists('mb_convert_encoding') && function_exists('mb_detect_encoding')) {
$data = mb_convert_encoding($data, 'UTF-8', mb_detect_encoding($data));
}
$data1 = $data;
// key words for in-document search
$kw = new Parsedata($this->engine_path);
$kwords = $kw->get_parse_data(stripslashes($data1), htmlspecialchars($title1), htmlspecialchars($description), $filetype);
// $kwords = "";
$filesize = strlen($data);
$sql = "INSERT INTO doc_data (group_id,title,description,createdate,doc_group,\n\t\t\tstateid,language_id,filename,filetype,filesize,data,data_words,created_by)\n\t\t\tVALUES ('" . $this->Group->getId() . "',\n\t\t\t'" . htmlspecialchars($title) . "',\n\t\t\t'" . htmlspecialchars($description) . "',\n\t\t\t'" . time() . "',\n\t\t\t'{$doc_group}',\n\t\t\t'{$doc_initstatus}',\n\t\t\t'{$language_id}',\n\t\t\t'{$filename}',\n\t\t\t'{$filetype}',\n\t\t\t'{$filesize}',\n\t\t\t'" . base64_encode(stripslashes($data)) . "',\n\t\t\t'{$kwords}',\n\t\t\t'{$user_id}')";
db_begin();
$result = db_query($sql);
if (!$result) {
$this->setError('Error Adding Document: ' . db_error());
db_rollback();
return false;
}
$docid = db_insertid($result, 'doc_data', 'docid');
if (!$this->fetchData($docid)) {
db_rollback();
return false;
}
$this->sendNotice(true);
db_commit();
return true;
}
function editpost_submit(Pieform $form, $values)
{
global $USER, $SESSION, $blogpost, $blog;
require_once 'embeddedimage.php';
db_begin();
$postobj = new ArtefactTypeBlogPost($blogpost, null);
$postobj->set('title', $values['title']);
$postobj->set('description', $values['description']);
$postobj->set('tags', $values['tags']);
if (get_config('licensemetadata')) {
$postobj->set('license', $values['license']);
$postobj->set('licensor', $values['licensor']);
$postobj->set('licensorurl', $values['licensorurl']);
}
$postobj->set('published', !$values['draft']);
$postobj->set('allowcomments', (int) $values['allowcomments']);
if (!$blogpost) {
$postobj->set('parent', $blog);
$blogobj = new ArtefactTypeBlog($blog);
if ($blogobj->get('institution')) {
$postobj->set('institution', $blogobj->get('institution'));
} else {
if ($blogobj->get('group')) {
$postobj->set('group', $blogobj->get('group'));
} else {
$postobj->set('owner', $USER->id);
}
}
}
$postobj->commit();
$blogpost = $postobj->get('id');
// Need to wait until post is saved in case we are a new blogpost before we can sort out embedded images as we need an id
$postobj->set('description', EmbeddedImage::prepare_embedded_images($values['description'], 'blogpost', $postobj->get('id')));
// Attachments
$old = $postobj->attachment_id_list();
// $new = is_array($values['filebrowser']['selected']) ? $values['filebrowser']['selected'] : array();
$new = is_array($values['filebrowser']) ? $values['filebrowser'] : array();
// only allow the attaching of files that exist and are editable by user
foreach ($new as $key => $fileid) {
$file = artefact_instance_from_id($fileid);
if (!$file instanceof ArtefactTypeFile || !$USER->can_publish_artefact($file)) {
unset($new[$key]);
}
}
if (!empty($new) || !empty($old)) {
foreach ($old as $o) {
if (!in_array($o, $new)) {
try {
$postobj->detach($o);
} catch (ArtefactNotFoundException $e) {
}
}
}
foreach ($new as $n) {
if (!in_array($n, $old)) {
try {
$postobj->attach($n);
} catch (ArtefactNotFoundException $e) {
}
}
}
}
db_commit();
$result = array('error' => false, 'message' => get_string('blogpostsaved', 'artefact.blog'), 'goto' => get_config('wwwroot') . 'artefact/blog/view/index.php?id=' . $blog);
if ($form->submitted_by_js()) {
// Redirect back to the blog page from within the iframe
$SESSION->add_ok_msg($result['message']);
$form->json_reply(PIEFORM_OK, $result, false);
}
$form->reply(PIEFORM_OK, $result);
}
/**
* Makes a literal copy of a list of collections for this user.
*
* @param array $templateids A list of collectionids to copy.
*/
public function copy_collections($templateids, $checkviewaccess = true)
{
if (!$templateids) {
// Nothing to do
return;
}
if (!is_array($templateids)) {
throw new SystemException('User->copy_collections: templateids must be a list of templates to copy for the user');
}
require_once get_config('libroot') . 'collection.php';
$collections = array();
$results = get_records_select_array('collection', 'id IN (' . implode(', ', db_array_to_ph($templateids)) . ')', $templateids, '', 'id, name');
foreach ($results as $result) {
$collections[$result->id] = $result;
}
db_begin();
foreach ($templateids as $tid) {
Collection::create_from_template(array('owner' => $this->get('id'), 'title' => $collections[$tid]->name), $tid, $this->get('id'), $checkviewaccess);
}
db_commit();
}