$user_accepted_legal = CourseManager::is_user_accepted_legal($user_id, $course_code); if ($user_accepted_legal || $user_pass_open_course) { //Redirect to course home header('Location: ' . $url); exit; } } else { api_not_allowed(); } } else { if (api_is_platform_admin()) { header('Location: ' . $url); } $userStatus = SessionManager::get_user_status_in_session($user_id, $course_code, $session_id); if (isset($userStatus) || api_check_user_access_to_legal($course_info['visibility'])) { $user_accepted_legal = CourseManager::is_user_accepted_legal($user_id, $course_code, $session_id); if ($user_accepted_legal || $user_pass_open_course) { // Redirect to course session home. header('Location: ' . $url); exit; } } else { api_not_allowed(); } } Display::display_header(); echo $pluginMessage; if ($hideForm == false) { $form->display(); } Display::display_footer();
$is_courseCoach = false; //course coach $is_courseAdmin = false; $is_courseTutor = false; $is_courseMember = false; if (isset($uidReset) && $uidReset || isset($cidReset) && $cidReset) { if (isset($_cid) && $_cid) { $my_user_id = isset($user_id) ? intval($user_id) : 0; $variable = 'accept_legal_' . $my_user_id . '_' . $_course['real_id'] . '_' . $session_id; $user_pass_open_course = false; if (api_check_user_access_to_legal($_course['visibility']) && Session::read($variable)) { $user_pass_open_course = true; } //Checking if the user filled the course legal agreement if ($_course['activate_legal'] == 1 && !api_is_platform_admin() && !api_is_anonymous()) { $user_is_subscribed = CourseManager::is_user_accepted_legal($user_id, $_course['id'], $session_id) || $user_pass_open_course; if (!$user_is_subscribed) { $url = api_get_path(WEB_CODE_PATH) . 'course_info/legal.php?course_code=' . $_course['code'] . '&session_id=' . $session_id; header('Location: ' . $url); exit; } } } if (isset($user_id) && $user_id && isset($_real_cid) && $_real_cid) { //Check if user is subscribed in a course $course_user_table = Database::get_main_table(TABLE_MAIN_COURSE_USER); $sql = "SELECT * FROM {$course_user_table}\n WHERE\n user_id = '" . $user_id . "' AND\n relation_type <> " . COURSE_RELATION_TYPE_RRHH . " AND\n c_id = '{$_real_cid}'"; $result = Database::query($sql); $cuData = null; if (Database::num_rows($result) > 0) { // this user have a recorded state for this course
/** * * @global bool $is_platformAdmin * @global bool $is_allowedCreateCourse * @global object $_user * @global int $_cid * @global array $_course * @global int $_real_cid * @global type $_courseUser * @global type $is_courseAdmin * @global type $is_courseTutor * @global type $is_courseCoach * @global type $is_courseMember * @global type $is_sessionAdmin * @global type $is_allowed_in_course * * @param type $course_id * @param type $reset */ static function init_course($course_id, $reset) { global $_configuration; global $is_platformAdmin; global $is_allowedCreateCourse; global $_user; global $_cid; global $_course; global $_real_cid; global $is_courseAdmin; //course teacher global $is_courseTutor; //course teacher - some rights global $is_courseCoach; //course coach global $is_courseMember; //course student global $is_sessionAdmin; global $is_allowed_in_course; if ($reset) { // Course session data refresh requested or empty data if ($course_id) { $course_table = Database::get_main_table(TABLE_MAIN_COURSE); $course_cat_table = Database::get_main_table(TABLE_MAIN_CATEGORY); $sql = "SELECT course.*, course_category.code faCode, course_category.name faName\n FROM {$course_table}\n LEFT JOIN {$course_cat_table}\n ON course.category_code = course_category.code\n WHERE course.code = '{$course_id}'"; $result = Database::query($sql); if (Database::num_rows($result) > 0) { $course_data = Database::fetch_array($result); //@TODO real_cid should be cid, for working with numeric course id $_real_cid = $course_data['id']; $_cid = $course_data['code']; $_course = array(); $_course['real_id'] = $course_data['id']; $_course['id'] = $course_data['code']; //auto-assigned integer $_course['code'] = $course_data['code']; $_course['name'] = $course_data['title']; $_course['title'] = $course_data['title']; $_course['official_code'] = $course_data['visual_code']; // use in echo $_course['sysCode'] = $course_data['code']; // use as key in db $_course['path'] = $course_data['directory']; // use as key in path $_course['titular'] = $course_data['tutor_name']; // this should be deprecated and use the table course_rel_user $_course['language'] = $course_data['course_language']; $_course['extLink']['url'] = $course_data['department_url']; $_course['extLink']['name'] = $course_data['department_name']; $_course['categoryCode'] = $course_data['faCode']; $_course['categoryName'] = $course_data['faName']; $_course['visibility'] = $course_data['visibility']; $_course['subscribe_allowed'] = $course_data['subscribe']; $_course['unsubscribe'] = $course_data['unsubscribe']; $_course['activate_legal'] = $course_data['activate_legal']; $_course['show_score'] = $course_data['show_score']; //used in the work tool Session::write('_cid', $_cid); Session::write('_course', $_course); //@TODO real_cid should be cid, for working with numeric course id Session::write('_real_cid', $_real_cid); // if a session id has been given in url, we store the session // Database Table Definitions $tbl_session = Database::get_main_table(TABLE_MAIN_SESSION); if (!empty($_GET['id_session'])) { $_SESSION['id_session'] = intval($_GET['id_session']); $sql = 'SELECT name FROM ' . $tbl_session . ' WHERE id="' . intval($_SESSION['id_session']) . '"'; $rs = Database::query($sql); list($_SESSION['session_name']) = Database::fetch_array($rs); } else { Session::erase('session_name'); Session::erase('id_session'); } if (!isset($_SESSION['login_as'])) { //Course login if (isset($_user['user_id'])) { Event::event_course_login(api_get_course_int_id(), $_user['user_id'], api_get_session_id()); } } } else { //exit("WARNING UNDEFINED CID !! "); header('location:' . api_get_path(WEB_PATH)); } } else { Session::erase('_cid'); Session::erase('_real_cid'); Session::erase('_course'); if (!empty($_SESSION)) { foreach ($_SESSION as $key => $session_item) { if (strpos($key, 'lp_autolaunch_') === false) { continue; } else { if (isset($_SESSION[$key])) { Session::erase($key); } } } } //Deleting session info if (api_get_session_id()) { Session::erase('id_session'); Session::erase('session_name'); } } } else { // Continue with the previous values if (empty($_SESSION['_course']) or empty($_SESSION['_cid'])) { //no previous values... $_cid = -1; //set default values that will be caracteristic of being unset $_course = -1; } else { $_cid = $_SESSION['_cid']; $_course = $_SESSION['_course']; // these lines are usefull for tracking. Indeed we can have lost the id_session and not the cid. // Moreover, if we want to track a course with another session it can be usefull if (!empty($_GET['id_session'])) { $tbl_session = Database::get_main_table(TABLE_MAIN_SESSION); $sql = 'SELECT name FROM ' . $tbl_session . ' WHERE id="' . intval($_SESSION['id_session']) . '"'; $rs = Database::query($sql); list($_SESSION['session_name']) = Database::fetch_array($rs); $_SESSION['id_session'] = intval($_GET['id_session']); } if (!isset($_SESSION['login_as'])) { $save_course_access = true; //The value $_dont_save_user_course_access should be added before the call of global.inc.php see the main/inc/chat.ajax.php file //Disables the updates in the TRACK_E_COURSE_ACCESS table if (isset($_dont_save_user_course_access) && $_dont_save_user_course_access == true) { $save_course_access = false; } if ($save_course_access) { $course_tracking_table = Database::get_main_table(TABLE_STATISTIC_TRACK_E_COURSE_ACCESS); /* * When $_configuration['session_lifetime'] is too big 100 hours (in order to let users take exercises with no problems) * the function Tracking::get_time_spent_on_the_course() returns big values (200h) due the condition: * login_course_date > now() - INTERVAL $session_lifetime SECOND * */ /* if (isset($_configuration['session_lifetime'])) { $session_lifetime = $_configuration['session_lifetime']; } else { $session_lifetime = 3600; // 1 hour } */ $session_lifetime = 3600; // 1 hour $time = api_get_utc_datetime(); if (isset($_user['user_id']) && !empty($_user['user_id'])) { //We select the last record for the current course in the course tracking table //But only if the login date is < than now + max_life_time $sql = "SELECT course_access_id FROM {$course_tracking_table}\n WHERE\n user_id = " . intval($_user['user_id']) . " AND\n c_id = '" . api_get_course_int_id() . "' AND\n session_id = " . api_get_session_id() . " AND\n login_course_date > now() - INTERVAL {$session_lifetime} SECOND\n ORDER BY login_course_date DESC LIMIT 0,1"; $result = Database::query($sql); if (Database::num_rows($result) > 0) { $i_course_access_id = Database::result($result, 0, 0); //We update the course tracking table $sql = "UPDATE {$course_tracking_table}\n SET logout_course_date = '{$time}', counter = counter+1\n WHERE course_access_id = " . intval($i_course_access_id) . " AND session_id = " . api_get_session_id(); Database::query($sql); } else { $sql = "INSERT INTO {$course_tracking_table} (c_id, user_id, login_course_date, logout_course_date, counter, session_id)" . "VALUES('" . api_get_course_int_id() . "', '" . $_user['user_id'] . "', '{$time}', '{$time}', '1','" . api_get_session_id() . "')"; Database::query($sql); } } } } } } /* COURSE / USER REL. INIT */ $session_id = api_get_session_id(); $user_id = isset($_user['user_id']) ? $_user['user_id'] : null; //Course permissions $is_courseAdmin = false; //course teacher $is_courseTutor = false; //course teacher - some rights $is_courseMember = false; //course student //Course - User permissions $is_sessionAdmin = false; if ($reset) { if (isset($user_id) && $user_id && isset($_cid) && $_cid) { //Check if user is subscribed in a course $course_user_table = Database::get_main_table(TABLE_MAIN_COURSE_USER); $sql = "SELECT * FROM {$course_user_table}\n WHERE\n user_id = '" . $user_id . "' AND\n relation_type <> " . COURSE_RELATION_TYPE_RRHH . " AND\n course_code = '{$course_id}'"; $result = Database::query($sql); $cuData = null; if (Database::num_rows($result) > 0) { // this user have a recorded state for this course $cuData = Database::fetch_array($result, 'ASSOC'); $is_courseAdmin = (bool) $cuData['status'] == 1; $is_courseTutor = (bool) $cuData['is_tutor'] == 1; $is_courseMember = true; // Checking if the user filled the course legal agreement if ($_course['activate_legal'] == 1 && !api_is_platform_admin()) { $user_is_subscribed = CourseManager::is_user_accepted_legal($user_id, $_course['id'], $session_id); if (!$user_is_subscribed) { $url = api_get_path(WEB_CODE_PATH) . 'course_info/legal.php?course_code=' . $_course['code'] . '&session_id=' . $session_id; header('Location: ' . $url); exit; } } } //We are in a session course? Check session permissions if (!empty($session_id)) { //I'm not the teacher of the course if ($is_courseAdmin == false) { // this user has no status related to this course // The user is subscribed in a session? The user is a Session coach a Session admin ? $tbl_session = Database::get_main_table(TABLE_MAIN_SESSION); $tbl_session_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE); $tbl_session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER); //Session coach, session admin, course coach admin $sql = "SELECT session.id_coach, session_admin_id, session_rcru.user_id\n FROM {$tbl_session} session, {$tbl_session_course_user} session_rcru\n WHERE\n session_rcru.session_id = session.id AND\n session_rcru.c_id = '{$_real_cid}' AND\n session_rcru.user_id = '{$user_id}' AND\n session_rcru.session_id = {$session_id} AND\n session_rcru.status = 2"; $result = Database::query($sql); $row = Database::store_result($result); //I'm a session admin? if (isset($row) && isset($row[0]) && $row[0]['session_admin_id'] == $user_id) { $is_courseMember = false; $is_courseTutor = false; $is_courseAdmin = false; $is_courseCoach = false; $is_sessionAdmin = true; } else { //Im a coach or a student? $sql = "SELECT user_id, status\n FROM " . $tbl_session_course_user . "\n WHERE\n c_id = '{$_cid}' AND\n user_id = '" . $user_id . "' AND\n session_id = '" . $session_id . "'\n LIMIT 1"; $result = Database::query($sql); if (Database::num_rows($result)) { $row = Database::fetch_array($result, 'ASSOC'); $session_course_status = $row['status']; switch ($session_course_status) { case '2': // coach - teacher $is_courseMember = true; $is_courseTutor = true; $is_courseCoach = true; $is_sessionAdmin = false; if (api_get_setting('extend_rights_for_coach') == 'true') { $is_courseAdmin = true; } else { $is_courseAdmin = false; } break; case '0': //student $is_courseMember = true; $is_courseTutor = false; $is_courseAdmin = false; $is_sessionAdmin = false; break; default: //unregister user $is_courseMember = false; $is_courseTutor = false; $is_courseAdmin = false; $is_sessionAdmin = false; break; } } else { //unregister user $is_courseMember = false; $is_courseTutor = false; $is_courseAdmin = false; $is_sessionAdmin = false; } } } //If I'm the admin platform i'm a teacher of the course if ($is_platformAdmin) { $is_courseAdmin = true; } } } else { // keys missing => not anymore in the course - user relation // course $is_courseMember = false; $is_courseAdmin = false; $is_courseTutor = false; $is_courseCoach = false; $is_sessionAdmin = false; } //Checking the course access $is_allowed_in_course = false; if (isset($_course)) { switch ($_course['visibility']) { case COURSE_VISIBILITY_OPEN_WORLD: //3 $is_allowed_in_course = true; break; case COURSE_VISIBILITY_OPEN_PLATFORM: //2 if (isset($user_id) && !api_is_anonymous($user_id)) { $is_allowed_in_course = true; } break; case COURSE_VISIBILITY_REGISTERED: //1 if ($is_platformAdmin || $is_courseMember) { $is_allowed_in_course = true; } break; case COURSE_VISIBILITY_CLOSED: //0 if ($is_platformAdmin || $is_courseAdmin) { $is_allowed_in_course = true; } break; case COURSE_VISIBILITY_HIDDEN: //4 if ($is_platformAdmin) { $is_allowed_in_course = true; } break; } } // check the session visibility if ($is_allowed_in_course == true) { //if I'm in a session if ($session_id != 0) { if (!$is_platformAdmin) { // admin and session coach are *not* affected to the invisible session mode // the coach is not affected because he can log in some days after the end date of a session $session_visibility = api_get_session_visibility($session_id); switch ($session_visibility) { case SESSION_INVISIBLE: $is_allowed_in_course = false; break; } //checking date } } } // save the states Session::write('is_courseAdmin', $is_courseAdmin); Session::write('is_courseMember', $is_courseMember); Session::write('is_courseTutor', $is_courseTutor); Session::write('is_courseCoach', $is_courseCoach); Session::write('is_allowed_in_course', $is_allowed_in_course); Session::write('is_sessionAdmin', $is_sessionAdmin); } else { // continue with the previous values $is_courseAdmin = $_SESSION['is_courseAdmin']; $is_courseTutor = $_SESSION['is_courseTutor']; $is_courseCoach = $_SESSION['is_courseCoach']; $is_courseMember = $_SESSION['is_courseMember']; $is_allowed_in_course = $_SESSION['is_allowed_in_course']; } }
$is_courseAdmin = false; $is_courseTutor = false; $is_courseCoach = false; $is_sessionAdmin = false; if ($courseReset) { if (isset($courseId) && $courseId && $courseId != -1) { $courseInfo = api_get_course_info(); $userId = isset($userId) ? intval($userId) : 0; $variable = 'accept_legal_' . $userId . '_' . $courseInfo['real_id'] . '_' . $sessionId; $user_pass_open_course = false; if (api_check_user_access_to_legal($courseInfo['visibility']) && Session::read($variable)) { $user_pass_open_course = true; } //Checking if the user filled the course legal agreement if ($courseInfo['activate_legal'] == 1 && !api_is_platform_admin()) { $user_is_subscribed = CourseManager::is_user_accepted_legal($userId, $courseInfo, $sessionId) || $user_pass_open_course; if (!$user_is_subscribed) { $url = api_get_path(WEB_CODE_PATH) . 'course_info/legal.php?course_code=' . $courseInfo['code'] . '&session_id=' . $sessionId; header('Location: ' . $url); exit; } } //Check if user is subscribed in a course $course_user_table = Database::get_main_table(TABLE_MAIN_COURSE_USER); $sql = "SELECT * FROM {$course_user_table} WHERE user_id = '" . $userId . "' AND\n relation_type <> " . COURSE_RELATION_TYPE_RRHH . " AND c_id = " . api_get_course_int_id(); $result = Database::query($sql); $cuData = null; if (Database::num_rows($result) > 0) { // this user have a recorded state for this course $cuData = Database::fetch_array($result, 'ASSOC'); $is_courseAdmin = (bool) ($cuData['status'] == 1);