/**
* Add (or edit) a template. This function displays the form and also takes
* care of uploading the image and storing the information in the database
*
* @author Patrick Cool <*****@*****.**>, Ghent University, Belgium
* @version August 2008
* @since Dokeos 1.8.6
*/
function add_edit_template()
{
// Initialize the object.
$id = isset($_GET['id']) ? '&id=' . Security::remove_XSS($_GET['id']) : '';
$form = new FormValidator('template', 'post', 'settings.php?category=Templates&action=' . Security::remove_XSS($_GET['action']) . $id);
// Setting the form elements: the header.
if ($_GET['action'] == 'add') {
$title = get_lang('AddTemplate');
} else {
$title = get_lang('EditTemplate');
}
$form->addElement('header', '', $title);
// Setting the form elements: the title of the template.
$form->addText('title', get_lang('Title'), false);
// Setting the form elements: the content of the template (wysiwyg editor).
$form->addHtmlEditor('template_text', get_lang('Text'), false, false, array('ToolbarSet' => 'AdminTemplates', 'Width' => '100%', 'Height' => '400'));
// Setting the form elements: the form to upload an image to be used with the template.
$form->addElement('file', 'template_image', get_lang('Image'), '');
// Setting the form elements: a little bit information about the template image.
$form->addElement('static', 'file_comment', '', get_lang('TemplateImageComment100x70'));
// Getting all the information of the template when editing a template.
if ($_GET['action'] == 'edit') {
// Database table definition.
$table_system_template = Database::get_main_table('system_template');
$sql = "SELECT * FROM {$table_system_template} WHERE id = " . intval($_GET['id']) . "";
$result = Database::query($sql);
$row = Database::fetch_array($result);
$defaults['template_id'] = intval($_GET['id']);
$defaults['template_text'] = $row['content'];
// Forcing get_lang().
$defaults['title'] = get_lang($row['title']);
// Adding an extra field: a hidden field with the id of the template we are editing.
$form->addElement('hidden', 'template_id');
// Adding an extra field: a preview of the image that is currently used.
if (!empty($row['image'])) {
$form->addElement('static', 'template_image_preview', '', '<img src="' . api_get_path(WEB_APP_PATH) . 'home/default_platform_document/template_thumb/' . $row['image'] . '" alt="' . get_lang('TemplatePreview') . '"/>');
} else {
$form->addElement('static', 'template_image_preview', '', '<img src="' . api_get_path(WEB_APP_PATH) . 'home/default_platform_document/template_thumb/noimage.gif" alt="' . get_lang('NoTemplatePreview') . '"/>');
}
// Setting the information of the template that we are editing.
$form->setDefaults($defaults);
}
// Setting the form elements: the submit button.
$form->addButtonSave(get_lang('Ok'), 'submit');
// Setting the rules: the required fields.
$form->addRule('template_image', get_lang('ThisFieldIsRequired'), 'required');
$form->addRule('title', get_lang('ThisFieldIsRequired'), 'required');
$form->addRule('template_text', get_lang('ThisFieldIsRequired'), 'required');
// if the form validates (complies to all rules) we save the information, else we display the form again (with error message if needed)
if ($form->validate()) {
$check = Security::check_token('post');
if ($check) {
// Exporting the values.
$values = $form->exportValues();
// Upload the file.
if (!empty($_FILES['template_image']['name'])) {
$upload_ok = process_uploaded_file($_FILES['template_image']);
if ($upload_ok) {
// Try to add an extension to the file if it hasn't one.
$new_file_name = add_ext_on_mime(stripslashes($_FILES['template_image']['name']), $_FILES['template_image']['type']);
// The upload directory.
$upload_dir = api_get_path(SYS_APP_PATH) . 'home/default_platform_document/template_thumb/';
// Create the directory if it does not exist.
if (!is_dir($upload_dir)) {
mkdir($upload_dir, api_get_permissions_for_new_directories());
}
// Resize the preview image to max default and upload.
$temp = new Image($_FILES['template_image']['tmp_name']);
$picture_info = $temp->get_image_info();
$max_width_for_picture = 100;
if ($picture_info['width'] > $max_width_for_picture) {
$temp->resize($max_width_for_picture);
}
$temp->send_image($upload_dir . $new_file_name);
}
}
// Store the information in the database (as insert or as update).
$table_system_template = Database::get_main_table('system_template');
if ($_GET['action'] == 'add') {
$content_template = Security::remove_XSS($values['template_text'], COURSEMANAGERLOWSECURITY);
$params = ['title' => $values['title'], 'content' => $content_template, 'image' => $new_file_name];
Database::insert($table_system_template, $params);
// Display a feedback message.
Display::display_confirmation_message(get_lang('TemplateAdded'));
echo '<a href="settings.php?category=Templates&action=add">' . Display::return_icon('new_template.png', get_lang('AddTemplate'), '', ICON_SIZE_MEDIUM) . '</a>';
} else {
$content_template = '<head>{CSS}<style type="text/css">.text{font-weight: normal;}</style></head><body>' . Database::escape_string($values['template_text']) . '</body>';
$sql = "UPDATE {$table_system_template} set title = '" . Database::escape_string($values['title']) . "', content = '" . $content_template . "'";
if (!empty($new_file_name)) {
$sql .= ", image = '" . Database::escape_string($new_file_name) . "'";
}
$sql .= " WHERE id = " . intval($_GET['id']) . "";
Database::query($sql);
// Display a feedback message.
Display::display_confirmation_message(get_lang('TemplateEdited'));
}
}
Security::clear_token();
display_templates();
} else {
$token = Security::get_token();
$form->addElement('hidden', 'sec_token');
$form->setConstants(array('sec_token' => $token));
// Display the form.
$form->display();
}
}
/**
* Add (or edit) a template. This function displays the form and also takes care of uploading the image and storing the information in the database
*
* @author Patrick Cool <*****@*****.**>, Ghent University, Belgium
* @version August 2008
* @since Dokeos 1.8.6
*/
function add_edit_template()
{
// initiate the object
$form = new FormValidator('template', 'post', 'settings.php?category=Templates&action=' . $_GET['action'] . '&id=' . $_GET['id']);
// settting the form elements: the header
if ($_GET['action'] == 'add') {
$title = get_lang('AddTemplate');
} else {
$title = get_lang('EditTemplate');
}
$form->addElement('header', '', $title);
// settting the form elements: the title of the template
$form->add_textfield('title', get_lang('Title'), false);
// settting the form elements: the content of the template (wysiwyg editor)
$form->addElement('html_editor', 'template_text', get_lang('Text'));
// settting the form elements: the form to upload an image to be used with the template
$form->addElement('file', 'template_image', get_lang('Image'), '');
// settting the form elements: a little bit information about the template image
$form->addElement('static', 'file_comment', '', get_lang('TemplateImageComment100x70'));
// getting all the information of the template when editing a template
if ($_GET['action'] == 'edit') {
// Database table definition
$table_system_template = Database::get_main_table('system_template');
$sql = "SELECT * FROM {$table_system_template} WHERE id = '" . Database::escape_string($_GET['id']) . "'";
$result = api_sql_query($sql, __FILE__, __LINE__);
$row = Database::fetch_array($result);
$defaults['template_id'] = $_GET['id'];
$defaults['template_text'] = $row['content'];
$defaults['title'] = $row['title'];
// adding an extra field: a hidden field with the id of the template we are editing
$form->addElement('hidden', 'template_id');
// adding an extrra field: a preview of the image that is currently used
if (!empty($row['image'])) {
$form->addElement('static', 'template_image_preview', '', '<img src="' . api_get_path(WEB_PATH) . 'home/default_platform_document/' . $row['image'] . '" alt="' . get_lang('TemplatePreview') . '"/>');
} else {
$form->addElement('static', 'template_image_preview', '', '<img src="' . api_get_path(WEB_PATH) . 'home/default_platform_document/noimage.gif" alt="' . get_lang('NoTemplatePreview') . '"/>');
}
// setting the information of the template that we are editing
$form->setDefaults($defaults);
}
// settting the form elements: the submit button
$form->addElement('style_submit_button', 'submit', get_lang('Ok'), 'class="save"');
// setting the rules: the required fields
$form->addRule('title', '<div class="required">' . get_lang('ThisFieldIsRequired'), 'required');
$form->addRule('template_text', '<div class="required">' . get_lang('ThisFieldIsRequired'), 'required');
// if the form validates (complies to all rules) we save the information, else we display the form again (with error message if needed)
if ($form->validate()) {
// exporting the values
$values = $form->exportValues();
// upload the file
if (!empty($_FILES['template_image']['name'])) {
include_once api_get_path(LIBRARY_PATH) . 'fileUpload.lib.php';
$upload_ok = process_uploaded_file($_FILES['template_image']);
if ($upload_ok) {
// Try to add an extension to the file if it hasn't one
$new_file_name = add_ext_on_mime(stripslashes($_FILES['template_image']['name']), $_FILES['template_image']['type']);
// upload dir
$upload_dir = api_get_path(SYS_PATH) . 'home/default_platform_document/';
// create dir if not exists
if (!is_dir($upload_dir)) {
$perm = api_get_setting('permissions_for_new_directories');
$perm = octdec(!empty($perm) ? $perm : '0770');
$res = @mkdir($upload_dir, $perm);
}
// resize image to max default and upload
require_once api_get_path(LIBRARY_PATH) . 'image.lib.php';
$temp = new image($_FILES['template_image']['tmp_name']);
$picture_infos = @getimagesize($_FILES['template_image']['tmp_name']);
$max_width_for_picture = 100;
if ($picture_infos[0] > $max_width_for_picture) {
$thumbwidth = $max_width_for_picture;
if (empty($thumbwidth) or $thumbwidth == 0) {
$thumbwidth = $max_width_for_picture;
}
$new_height = round($thumbwidth / $picture_infos[0] * $picture_infos[1]);
$temp->resize($thumbwidth, $new_height, 0);
}
$type = $picture_infos[2];
switch (!empty($type)) {
case 2:
$temp->send_image('JPG', $upload_dir . $new_file_name);
break;
case 3:
$temp->send_image('PNG', $upload_dir . $new_file_name);
break;
case 1:
$temp->send_image('GIF', $upload_dir . $new_file_name);
break;
}
}
}
// store the information in the database (as insert or as update)
$table_system_template = Database::get_main_table('system_template');
if ($_GET['action'] == 'add') {
$sql = "INSERT INTO {$table_system_template} (title, content, image) VALUES ('" . Database::escape_string($values['title']) . "','" . Database::escape_string($values['template_text']) . "','" . Database::escape_string($new_file_name) . "')";
$result = api_sql_query($sql, __FILE__, __LINE__);
// display a feedback message
Display::display_confirmation_message('TemplateAdded');
echo '<a href="settings.php?category=Templates&action=add">' . Display::return_icon('add_template.gif', get_lang('AddTemplate')) . get_lang('AddTemplate') . '</a>';
} else {
$sql = "UPDATE {$table_system_template} set title = '" . Database::escape_string($values['title']) . "',\n\t\t\t\t\t\t\t\t\t\t\t \t\t content = '" . Database::escape_string($values['template_text']) . "'";
if (!empty($new_file_name)) {
$sql .= ", image = '" . Database::escape_string($new_file_name) . "'";
}
$sql .= " WHERE id='" . Database::escape_string($_GET['id']) . "'";
$result = api_sql_query($sql, __FILE__, __LINE__);
// display a feedback message
Display::display_confirmation_message('TemplateEdited');
}
display_templates();
} else {
// display the form
$form->display();
}
}
